Compare commits

..

106 Commits

Author SHA1 Message Date
87246181a9 update 2026-03-07 07:25:57 +00:00
1bb61a0acc fix(ci): inject public Supabase env into app and Docker build stages 2026-03-07 07:20:02 +00:00
5c6be8a056 Merge pull request 'fix(deploy): use image-only production compose and correct script sync' (#44) from fix/cl9-prod-compose-and-deploy-sync into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/44
2026-03-06 18:38:02 +00:00
2edf19fac3 fix(deploy): use image-only production compose and correct script sync 2026-03-06 18:37:14 +00:00
c696869909 Merge pull request 'fix(ci): correct rsync deploy path and define smoke check base URL' (#43) from fix/cl9-jenkins-rsync-and-smoke-check-paths into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/43
2026-03-06 18:22:38 +00:00
0e2dd1bfc7 fix(ci): correct rsync deploy path and define smoke check base URL 2026-03-06 18:21:13 +00:00
99f020f560 Merge pull request 'update deploy stage and smoke check for scripts' (#42) from fix/cl9-move-deployment-scripts into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/42
2026-03-06 17:56:59 +00:00
4d241545d2 update deploy stage and smoke check for scripts 2026-03-06 17:56:46 +00:00
2e8849332b Merge pull request 'fix(ci): add default deploy environment variables for bash-safe pipeline' (#41) from fix/cl9-jenkins-env-defaults into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/41
2026-03-06 16:10:05 +00:00
d30a7d37b5 fix(ci): add default deploy environment variables for bash-safe pipeline 2026-03-06 16:08:50 +00:00
6a09053ac3 Merge pull request 'fix(ci): run pipeline shell steps using bash to support pipefail' (#40) from fix/cl9-jenkins-bash-shell into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/40
2026-03-06 16:00:48 +00:00
ab27e57e66 fix(ci): run pipeline shell steps using bash to support pipefail 2026-03-06 15:53:52 +00:00
cd4ba09404 Merge pull request 'fix(ci): add default deploy credential and host variables to Jenkins pipeline' (#39) from fix/cl9-jenkins-credential-default into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/39
2026-03-06 15:45:01 +00:00
13b778a4e4 fix(ci): add default deploy credential and host variables to Jenkins pipeline 2026-03-06 15:42:18 +00:00
69c051052d Merge pull request 'swapped runner to node:20-bookworm-slim' (#38) from fix/update-runner into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/38
2026-03-06 14:13:39 +00:00
d1982f1618 swapped runner to node:20-bookworm-slim 2026-03-06 14:13:26 +00:00
d2b57c03b3 Merge pull request 'changed image to node:20-bookworm-slim' (#37) from fix/update-docker-file-for-image into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/37
2026-03-06 14:11:32 +00:00
5990ad9423 changed image to node:20-bookworm-slim 2026-03-06 14:11:13 +00:00
8391ef1004 Merge pull request 'commented out preflight' (#36) from fix/edit-jenkinfile into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/36
2026-03-06 14:03:03 +00:00
348e26de14 commented out preflight 2026-03-06 14:02:52 +00:00
54d920bc09 Merge pull request 'build fix check for docker' (#35) from fix/jenkins-check-for-docker into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/35
2026-03-06 13:58:53 +00:00
91744bf71f build fix check for docker 2026-03-06 13:58:41 +00:00
c4626e32f3 Merge pull request 'fix(ci): require docker-capable Jenkins agent with preflight checks' (#34) from feature/cl9-jenkins-docker-agent into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/34
2026-03-06 13:44:20 +00:00
4a334b8812 fix(ci): require docker-capable Jenkins agent with preflight checks 2026-03-06 13:41:14 +00:00
d525cf2589 Merge pull request 'fix types and linting' (#33) from fix/build-errors-for-linting-and-dynamic-server-with-types- into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/33
2026-03-06 13:25:45 +00:00
e16b9fb8f9 fix types and linting 2026-03-06 13:25:32 +00:00
d37e682138 Merge pull request 'comment out lint for deploy' (#32) from fix/comment-lint-out into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/32
2026-03-06 11:20:46 +00:00
c0d3eb84bd comment out lint for deploy 2026-03-06 11:20:35 +00:00
c42709194c Merge pull request 'feat(deploy): harden production proxy and cron configuration' (#31) from feature/cl9-production-hardening into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/31
2026-03-06 10:31:17 +00:00
63590a975e feat(deploy): harden production proxy and cron configuration 2026-03-06 10:24:32 +00:00
e0f7636ea6 Merge pull request 'feat(deploy): add Jenkins production deployment pipeline' (#30) from feature/cl9-jenkins-cicd-pipeline into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/30
2026-03-06 10:19:39 +00:00
403c6dd0a0 feat(deploy): add Jenkins production deployment pipeline 2026-03-06 10:18:11 +00:00
a3030703ce Merge pull request 'feature/cl9-production-runtime-foundation' (#29) from feature/cl9-production-runtime-foundation into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/29
2026-03-06 09:56:54 +00:00
820b676bd8 chore(deploy): move runtime to chainguard node images 2026-03-06 09:53:15 +00:00
cf1cd39c54 chore(deploy): switch to patched bookworm slim runtime base 2026-03-06 09:52:04 +00:00
4a60c7ec39 chore(deploy): harden docker base image patch level 2026-03-06 09:50:44 +00:00
b8d2693c67 feat(deploy): add production runtime foundation 2026-03-06 09:48:36 +00:00
f4ff058a8f Merge pull request 'feat(ui): add collapsible plesk instances panel with summary view' (#28) from feature/ui-collapse-instances-panel into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/28
2026-03-06 06:50:55 +00:00
7378b09302 feat(ui): add collapsible plesk instances panel with summary view 2026-03-06 06:48:44 +00:00
ad9b6ef7d2 Merge pull request 'feat(ui): collapse connect instance panel when instances exist' (#27) from feature/ui-collapse-connect-panel into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/27
2026-03-05 18:31:15 +00:00
fa97ae0400 feat(ui): collapse connect instance panel when instances exist 2026-03-05 18:29:33 +00:00
d0a0a81a31 Merge pull request 'feat(ui): add dashboard health and autosync overview widget' (#26) from feature/cl8-5-dashboard-overview into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/26
2026-03-05 18:14:55 +00:00
627a34728e feat(ui): add dashboard health and autosync overview widget 2026-03-05 18:14:25 +00:00
826e7da895 Merge pull request 'feature/cl8-instance-health' (#25) from feature/cl8-instance-health into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/25
2026-03-05 18:04:40 +00:00
8d86378341 feat(ui): show instance health badges and health panel 2026-03-05 18:03:38 +00:00
fb385b59c4 feat(api): add cron and manual health check endpoints 2026-03-05 18:03:26 +00:00
9411f292a8 feat(worker): add health check runner 2026-03-05 18:02:57 +00:00
953b62ef6e feat(db): add instance health monitoring fields 2026-03-05 18:02:32 +00:00
464dccedea docs: add cline super prompt for safe AI development 2026-03-05 17:48:38 +00:00
699454f183 Merge pull request 'feat(ui): add activity log page backed by actions_log' (#24) from feature/activity-log-page into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/24
2026-03-05 17:47:59 +00:00
03dfa6a5ae feat(ui): add activity log page backed by actions_log 2026-03-05 17:42:03 +00:00
4f2e0c8192 Merge pull request 'feat(worker): add autosync scheduler, endpoint, locking and UI controls' (#23) from feature/cl6-auto-sync-worker into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/23
2026-03-05 17:37:15 +00:00
5e5fb3221a feat(worker): add autosync scheduler, endpoint, locking and UI controls 2026-03-05 17:33:14 +00:00
34aa17a74a Merge pull request 'feat(logging): add best-effort requested/succeeded/failed action logs' (#22) from feature/cl5-action-logging into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/22
2026-03-05 17:19:05 +00:00
c943d2cbf6 feat(logging): add best-effort requested/succeeded/failed action logs 2026-03-05 17:13:18 +00:00
c11fcd01a4 Merge pull request 'feat(ui): polish domains list subscription/status display' (#21) from feature/ui-domains-polish into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/21
2026-03-05 17:07:48 +00:00
710227a49a feat(ui): polish domains list subscription/status display 2026-03-05 17:06:29 +00:00
b72176b276 Merge pull request 'fix(actions): use plesk bin site for suspend/unsuspend domain state' (#20) from fix/domain-actions-use-site-cli into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/20
2026-03-05 17:03:55 +00:00
81b0617390 fix(actions): use plesk bin site for suspend/unsuspend domain state 2026-03-05 16:59:40 +00:00
757e8953be Merge pull request 'fix(plesk): use subscription --unsuspend for unsuspend action' (#19) from fix/plesk-unsuspend-command into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/19
2026-03-05 16:04:42 +00:00
c528392682 fix(plesk): use subscription --unsuspend for unsuspend action 2026-03-05 16:04:11 +00:00
a678713d1d Merge pull request 'fix(actions): unsuspend using canonical subscription identifier + refresh status' (#18) from fix/unsuspend-verify-and-refresh into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/18
2026-03-05 14:27:56 +00:00
033d816d42 fix(actions): unsuspend using canonical subscription identifier + refresh status 2026-03-05 14:26:58 +00:00
a22fc2c4d2 Merge pull request 'fix(actions): send and use subscription_id for domain suspend/unsuspend' (#17) from fix/actions-use-subscription-id into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/17
2026-03-05 14:20:34 +00:00
825bf8dc84 fix(actions): send and use subscription_id for domain suspend/unsuspend 2026-03-05 14:20:07 +00:00
2c52d89dc9 Merge pull request 'fix(linking): link subdomains to parent subscription via suffix match' (#16) from fix/subdomain-inherit-subscription into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/16
2026-03-05 14:14:52 +00:00
cc7e30092d fix(linking): link subdomains to parent subscription via suffix match 2026-03-05 14:14:20 +00:00
ce8b04285a Merge pull request 'fix(actions): refresh subscription status after suspend/unsuspend' (#15) from fix/action-refresh-status into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/15
2026-03-05 14:10:56 +00:00
ed31598a1d fix(actions): refresh subscription status after suspend/unsuspend 2026-03-05 14:10:27 +00:00
a49448c04b Merge pull request 'fix(sync): link domains to subscriptions and add backfill endpoint' (#14) from fix/link-domains-to-subscriptions into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/14
2026-03-05 14:09:56 +00:00
dceccecf0c fix(sync): link domains to subscriptions and add backfill endpoint 2026-03-05 14:03:03 +00:00
8e5d9865ac Merge pull request 'fix(domains): correctly match subscriptions to domains for status' (#13) from fix/cl4-domain-status-merge into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/13
2026-03-05 13:46:31 +00:00
ee9b90e3d1 fix(domains): correctly match subscriptions to domains for status 2026-03-05 13:46:03 +00:00
ea671336d3 Merge pull request 'fix(domains): prevent status enrichment from filtering domains' (#12) from hotfix/domains-list-server-join-empty into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/12
2026-03-05 13:36:34 +00:00
0d914f5973 fix(domains): prevent status enrichment from filtering domains 2026-03-05 13:36:08 +00:00
fbeb089b9e Merge pull request 'fix(ui): show subscription status on domains list' (#11) from feature/cl4-domain-status-from-subscription into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/11
2026-03-05 13:23:15 +00:00
269c9e47c9 Merge pull request 'fix(sync): robustly map domain rows to subscription status' (#10) from feature/cl4-fix-domain-status-ui into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/10
2026-03-05 13:23:07 +00:00
c9e3fe1dbc fix(ui): show subscription status on domains list 2026-03-05 13:22:33 +00:00
78d3f104de fix(sync): robustly map domain rows to subscription status 2026-03-05 13:14:26 +00:00
e4465d9549 docs: add system architecture documentation 2026-03-05 13:06:29 +00:00
698090853c docs: add ai project context for development agents 2026-03-05 13:06:29 +00:00
e9c65f8096 Merge pull request 'feat/cl4-subscription-status-cli' (#9) from feat/cl4-subscription-status-cli into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/9
2026-03-05 12:57:15 +00:00
84a1396265 feat(ui): show subscription status in dashboard 2026-03-05 12:42:56 +00:00
fec7c682f0 feat(sync): ingest subscription status during sync 2026-03-05 12:42:51 +00:00
5adc9f0923 feat(plesk): parse subscription status from CLI 2026-03-05 12:42:44 +00:00
d87808af23 feat(db): add subscription status fields 2026-03-05 12:42:34 +00:00
57005859c3 Merge pull request 'Dashboard: make domains clickable links opening in new tab' (#8) from feature/domain-links into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/8
2026-03-05 11:56:14 +00:00
b221ad45fa Dashboard: make domains clickable links opening in new tab 2026-03-05 11:53:29 +00:00
9ec1259403 Merge pull request 'feature/domain-actions' (#7) from feature/domain-actions into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/7
2026-03-05 11:44:16 +00:00
84165f47ff Dashboard: make domains table span full width 2026-03-05 10:44:15 +00:00
067e0d9080 CL3.8 domain actions: suspend/unsuspend subscription from domains table 2026-03-05 10:38:05 +00:00
e90b34e6ca Merge pull request 'Parse Plesk subscription status via CLI; domains inherit; UI badges' (#6) from feature/plesk-status-parsing into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/6
2026-03-05 10:22:59 +00:00
f2ad5c9d7d Merge branch 'master' into feature/plesk-status-parsing 2026-03-05 10:22:52 +00:00
3bc2cf09c3 Parse Plesk subscription status via CLI; domains inherit; UI badges 2026-03-05 10:22:18 +00:00
e619c12c35 Merge pull request 'Use Plesk CLI subscription info to populate status; domains inherit status; UI badges' (#5) from feature/subscription-status into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/5
2026-03-05 10:20:01 +00:00
a64de5aba3 Use Plesk CLI subscription info to populate status; domains inherit status; UI badges 2026-03-05 10:17:28 +00:00
b80b3797fe Merge pull request 'fix/subscription-status' (#4) from fix/subscription-status into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/4
2026-03-05 10:12:43 +00:00
fa43428153 Fix subscription status via CLI; derive domain status + badges 2026-03-05 10:10:17 +00:00
37a70cafdd checkpoint before subscription/domain status fix 2026-03-05 10:07:28 +00:00
878ef7555d Merge pull request 'fix/domain-status-from-subscription' (#3) from fix/domain-status-from-subscription into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/3
2026-03-05 10:03:52 +00:00
3599ccbb39 Derive domain status from subscription status and add backfill 2026-03-05 10:01:08 +00:00
09d66ea601 checkpoint before domain status = subscription status 2026-03-05 09:58:50 +00:00
698bd85c7d Merge pull request 'feature/domain-health-dashboard' (#2) from feature/domain-health-dashboard into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/2
2026-03-05 09:53:46 +00:00
736cee870c Refine domain table name cell styling 2026-03-05 09:44:01 +00:00
0b7a95947f CL3.6b instance overview and CL3.7 domain status badges 2026-03-05 09:41:46 +00:00
0dba5d2ebf Merge pull request 'fixed sync' (#1) from cl3.6a-domains-ui into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/1
2026-03-05 09:35:43 +00:00
41 changed files with 4827 additions and 353 deletions

13
.dockerignore Normal file
View File

@@ -0,0 +1,13 @@
node_modules
.next
.git
*.log
logs
.env
.env.*
!.env.example
.env.local
.env.*.local
.vscode
.idea
.DS_Store

View File

@@ -1,13 +1,22 @@
NEXT_PUBLIC_SUPABASE_URL=
NEXT_PUBLIC_SUPABASE_ANON_KEY=
SUPABASE_SERVICE_ROLE_KEY=
NODE_ENV=production
NEXT_PUBLIC_APP_URL=http://localhost:3000
JOB_SECRET=
ENCRYPTION_KEY=
NEXT_PUBLIC_SUPABASE_URL=
NEXT_PUBLIC_SUPABASE_ANON_KEY=
SUPABASE_URL=
SUPABASE_ANON_KEY=
SUPABASE_SERVICE_ROLE_KEY=
PLESK_CRED_ENC_KEY=
STRIPE_SECRET_KEY=
STRIPE_WEBHOOK_SECRET=
CRON_SHARED_SECRET=
# Existing runtime keys used by current codebase
JOB_SECRET=
CRON_SECRET=
ENCRYPTION_KEY=
STRIPE_PRICE_ID=

View File

@@ -1,3 +1,6 @@
{
"extends": ["next/core-web-vitals", "next/typescript"]
"extends": ["next/core-web-vitals", "next/typescript"],
"rules": {
"@typescript-eslint/no-explicit-any": "off"
}
}

37
Dockerfile Normal file
View File

@@ -0,0 +1,37 @@
FROM node:20-bookworm-slim AS deps
WORKDIR /app
COPY package.json package-lock.json ./
RUN npm ci
FROM node:20-bookworm-slim AS builder
WORKDIR /app
ARG NEXT_PUBLIC_SUPABASE_URL
ARG NEXT_PUBLIC_SUPABASE_ANON_KEY
ENV NEXT_PUBLIC_SUPABASE_URL=$NEXT_PUBLIC_SUPABASE_URL
ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=$NEXT_PUBLIC_SUPABASE_ANON_KEY
COPY --from=deps /app/node_modules ./node_modules
COPY . .
RUN npm run build
FROM node:20-bookworm-slim AS prod-deps
WORKDIR /app
COPY package.json package-lock.json ./
RUN npm ci --omit=dev
FROM node:20-bookworm-slim AS runner
WORKDIR /app
ENV NODE_ENV=production
COPY --from=prod-deps /app/node_modules ./node_modules
COPY --from=builder /app/package.json ./package.json
COPY --from=builder /app/next.config.mjs ./next.config.mjs
COPY --from=builder /app/.next ./.next
EXPOSE 3000
CMD ["node", "node_modules/next/dist/bin/next", "start", "-H", "0.0.0.0", "-p", "3000"]

134
Jenkinsfile vendored Normal file
View File

@@ -0,0 +1,134 @@
pipeline {
// Build + deploy stages require Docker CLI/daemon access on the Jenkins node.
// Ensure this label maps to an agent with Docker installed and usable.
//update
agent any
environment {
REGISTRY_IMAGE = "plesk-agency-portal"
IMAGE_LATEST = "${REGISTRY_IMAGE}:latest"
IMAGE_BUILD = "${REGISTRY_IMAGE}:build-${BUILD_NUMBER}"
DEPLOY_SSH_CREDENTIAL_ID = "${env.DEPLOY_SSH_CREDENTIAL_ID ?: 'plesk-agency-deploy-key'}"
APP_HOST = "${env.APP_HOST ?: '192.168.68.89'}"
APP_USER = "${env.APP_USER ?: 'deploy'}"
DEPLOY_PATH = "${env.DEPLOY_PATH ?: '/opt/plesk-agency-portal'}"
APP_BASE_URL = "${env.APP_BASE_URL ?: 'http://192.168.68.89:3000'}"
}
stages {
// stage('Preflight') {
// steps {
// sh '''
// set -euo pipefail
// if ! command -v docker >/dev/null 2>&1; then
// echo "Docker CLI is not available on this Jenkins agent."
// echo "Run this pipeline on a Docker-capable node or install Docker on the current agent."
// exit 1
// fi
// if ! docker version >/dev/null 2>&1; then
// echo "Docker is installed but not usable by Jenkins (daemon/socket/permissions issue)."
// exit 1
// fi
// '''
// }
// }
stage('Checkout') {
steps {
checkout scm
}
}
stage('Install dependencies') {
steps {
sh 'npm ci'
}
}
// stage('Lint') {
// steps {
// script {
// def hasLint = sh(script: "node -e \"const fs=require('fs');const p=require('./package.json');process.exit(p?.scripts?.lint?0:1)\"", returnStatus: true)
// if (hasLint == 0) {
// sh 'npm run lint'
// } else {
// echo 'No lint script configured; skipping lint stage.'
// }
// }
// }
// }
stage('Build application') {
steps {
withCredentials([
string(credentialsId: 'supabase-public-url', variable: 'NEXT_PUBLIC_SUPABASE_URL'),
string(credentialsId: 'supabase-public-anon-key', variable: 'NEXT_PUBLIC_SUPABASE_ANON_KEY')
]) {
sh 'npm run build'
}
}
}
stage('Build Docker image') {
steps {
withCredentials([
string(credentialsId: 'supabase-public-url', variable: 'NEXT_PUBLIC_SUPABASE_URL'),
string(credentialsId: 'supabase-public-anon-key', variable: 'NEXT_PUBLIC_SUPABASE_ANON_KEY')
]) {
sh 'docker build --build-arg NEXT_PUBLIC_SUPABASE_URL="$NEXT_PUBLIC_SUPABASE_URL" --build-arg NEXT_PUBLIC_SUPABASE_ANON_KEY="$NEXT_PUBLIC_SUPABASE_ANON_KEY" -t ${IMAGE_LATEST} -t ${IMAGE_BUILD} .'
}
}
}
stage('Deploy') {
steps {
withCredentials([sshUserPrivateKey(
credentialsId: "${env.DEPLOY_SSH_CREDENTIAL_ID}",
keyFileVariable: 'SSH_KEY'
)]) {
sh '''
bash -eo pipefail << 'EOF'
set -euo pipefail
ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" "mkdir -p $DEPLOY_PATH/scripts"
rsync -az \
-e "ssh -i $SSH_KEY" \
docker-compose.prod.yml \
"$APP_USER@$APP_HOST:$DEPLOY_PATH/"
rsync -az \
-e "ssh -i $SSH_KEY" \
scripts/ \
"$APP_USER@$APP_HOST:$DEPLOY_PATH/scripts/"
docker save ${IMAGE_LATEST} ${IMAGE_BUILD} \
| ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" 'docker load'
ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" \
"cd $DEPLOY_PATH && chmod +x ./scripts/deploy-prod.sh ./scripts/smoke-check.sh ./scripts/rollback-prod.sh"
ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" \
"cd $DEPLOY_PATH && ./scripts/deploy-prod.sh"
EOF
'''
}
}
}
stage('Smoke check') {
steps {
sh '''
bash -eo pipefail << EOF
set -euo pipefail
chmod +x scripts/smoke-check.sh
scripts/smoke-check.sh "${APP_BASE_URL}"
EOF
'''
}
}
}
}

View File

@@ -63,7 +63,9 @@ values ('<agency_uuid>', '<auth_user_uuid>', 'owner');
- `POST /api/plesk/instances` — create + validate Plesk connection
- `POST /api/plesk/instances/:id/sync` — pull/sync subscriptions + domains from one Plesk instance
- `POST /api/plesk/instances/:id/autosync` — update auto-sync enabled/frequency for one Plesk instance
- `POST /api/jobs/plesk-sync-all` — background sync job for all connected instances (requires `X-JOB-SECRET`)
- `POST /api/cron/autosync` — scheduled auto-sync tick (requires `X-CRON-SECRET`)
- `POST /api/plesk/subscriptions/:id/action` — suspend or unsuspend
- `POST /api/stripe/checkout` — create Stripe Checkout session
- `POST /api/stripe/portal` — create Stripe Customer Portal session
@@ -74,6 +76,7 @@ values ('<agency_uuid>', '<auth_user_uuid>', 'owner');
- Set a strong `ENCRYPTION_KEY`; it encrypts stored Plesk auth secrets.
- Set a strong `PLESK_CRED_ENC_KEY` (32-byte base64 or 64-char hex) for Plesk credential encryption.
- Set `JOB_SECRET` for internal cron-triggered job auth.
- Set `CRON_SECRET` for `/api/cron/autosync` auth.
- `/api/stripe/webhook` is excluded from auth middleware for Stripe signature verification.
- Current implementation is intentionally MVP-focused; add stronger validation, retries, idempotency keys, and richer error observability for production.
@@ -97,3 +100,37 @@ Notes:
- Job uses DB lock (`job_locks`) to avoid overlapping runs.
- Job processes at most 10 connected instances per run.
- Instances synced in the last 3 minutes are skipped.
## 6) Auto Sync Worker (CL6)
New scheduler fields live on `plesk_instances`:
- `auto_sync_enabled`
- `auto_sync_frequency_minutes`
- `last_auto_sync_at`
- `next_auto_sync_at`
- `auto_sync_lock_until`
- `auto_sync_lock_token`
Endpoint for periodic worker ticks:
```bash
curl -sS -X POST http://localhost:3000/api/cron/autosync \
-H "X-CRON-SECRET: <CRON_SECRET>"
```
Recommended system cron (every 5 minutes):
```cron
*/5 * * * * curl -sS -X POST https://<your-host>/api/cron/autosync -H "X-CRON-SECRET: ${CRON_SECRET}"
```
Or schedule the same call from Jenkins.
Worker safety behavior:
- processes at most 5 instances per tick
- concurrency limited to 2 at a time
- per-instance lock lease 15 minutes
- per-instance timeout guard 14 minutes
- per-instance failures are isolated and logged to `actions_log`

View File

@@ -0,0 +1,38 @@
import { NextResponse } from "next/server";
import { env } from "@/lib/env";
import { runAutoSyncTick } from "@/lib/plesk/auto-sync";
import { createSupabaseAdminClient } from "@/lib/supabase/admin";
export async function POST(req: Request) {
const startedAt = Date.now();
try {
const secret = req.headers.get("x-cron-secret");
if (!env.cronSharedSecret || !secret || secret !== env.cronSharedSecret) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const supabase = createSupabaseAdminClient() as any;
const summary = await runAutoSyncTick(supabase);
return NextResponse.json({
...summary,
duration_ms: Date.now() - startedAt,
});
} catch (error) {
console.error("[autosync cron] failed", error);
return NextResponse.json(
{
error: "Auto-sync job failed",
instances_considered: 0,
locks_acquired: 0,
succeeded: 0,
failed: 0,
duration_ms: Date.now() - startedAt,
},
{ status: 500 },
);
}
}

View File

@@ -0,0 +1,38 @@
import { NextResponse } from "next/server";
import { env } from "@/lib/env";
import { runHealthCheckTick } from "@/lib/plesk/health";
import { createSupabaseAdminClient } from "@/lib/supabase/admin";
export async function POST(req: Request) {
const startedAt = Date.now();
try {
const secret = req.headers.get("x-cron-secret");
if (!env.cronSharedSecret || !secret || secret !== env.cronSharedSecret) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const supabase = createSupabaseAdminClient() as any;
const summary = await runHealthCheckTick(supabase);
return NextResponse.json({
...summary,
duration_ms: Date.now() - startedAt,
});
} catch (error) {
console.error("[health cron] failed", error);
return NextResponse.json(
{
error: "Health check job failed",
checked: 0,
ok: 0,
degraded: 0,
failed: 0,
duration_ms: Date.now() - startedAt,
},
{ status: 500 },
);
}
}

13
app/api/health/route.ts Normal file
View File

@@ -0,0 +1,13 @@
import { NextResponse } from "next/server";
export async function GET() {
return NextResponse.json(
{
ok: true,
service: "plesk-agency-portal",
timestamp: new Date().toISOString(),
environment: process.env.NODE_ENV ?? "development",
},
{ status: 200 },
);
}

View File

@@ -0,0 +1,304 @@
import { NextResponse } from "next/server";
import { z } from "zod";
import { assertAgencyAdmin, getRouteAgencyContextOrThrow } from "@/lib/agency";
import { assertRateLimit } from "@/lib/api/rate-limit";
import { assertSameOrigin } from "@/lib/api/security";
import {
parseSubscriptionStatusDetailsFromInfo,
pleskCliCall,
} from "@/lib/plesk/client";
import { createSupabaseRouteClient } from "@/lib/supabase/route";
const actionSchema = z.object({
action: z.enum(["suspend", "unsuspend"]),
subscription_id: z.string().uuid().optional(),
});
const LOG_EXCERPT_LIMIT = 500;
const DOMAIN_ACTION_EVENTS = {
suspend: {
requested: "domain_suspend_requested",
succeeded: "domain_suspend_succeeded",
failed: "domain_suspend_failed",
},
unsuspend: {
requested: "domain_unsuspend_requested",
succeeded: "domain_unsuspend_succeeded",
failed: "domain_unsuspend_failed",
},
} as const;
function excerpt(value: string | null | undefined) {
if (!value) return null;
const trimmed = value.trim();
if (!trimmed) return null;
return trimmed.length > LOG_EXCERPT_LIMIT
? `${trimmed.slice(0, LOG_EXCERPT_LIMIT)}`
: trimmed;
}
async function insertActionLogBestEffort(
supabase: any,
payload: Record<string, unknown>,
) {
try {
const { error } = await supabase.from("actions_log").insert(payload);
if (error) {
console.error("[actions_log] insert failed", error.message);
}
} catch (error) {
console.error("[actions_log] insert threw", error);
}
}
export async function POST(
req: Request,
{ params }: { params: { id: string } },
) {
const supabase = createSupabaseRouteClient() as any;
let context: Awaited<ReturnType<typeof getRouteAgencyContextOrThrow>> | null =
null;
let domain: { id: string; subscription_id: string | null } | null = null;
let subscription: {
id: string;
plesk_subscription_id: string;
plesk_instance_id: string;
} | null = null;
let requestedAction: "suspend" | "unsuspend" | null = null;
const startedAt = Date.now();
try {
assertSameOrigin(req);
context = await getRouteAgencyContextOrThrow();
assertAgencyAdmin(context);
assertRateLimit(`plesk-domain-action:${context.userId}`, 10, 60_000);
const payload = actionSchema.parse(await req.json());
const { action } = payload;
requestedAction = action;
const { data: domainRow, error: domainError } = await supabase
.from("plesk_domains")
.select("id, agency_id, plesk_instance_id, subscription_id")
.eq("id", params.id)
.eq("agency_id", context.agencyId)
.single();
if (domainError || !domainRow) {
throw new Error("Domain not found");
}
const resolvedSubscriptionId =
payload.subscription_id ??
(domainRow.subscription_id ? String(domainRow.subscription_id) : null);
domain = {
id: String(domainRow.id),
subscription_id: resolvedSubscriptionId,
};
if (!resolvedSubscriptionId) {
throw new Error("Domain is not linked to a subscription");
}
const { data: subscriptionRow, error: subscriptionError } = await supabase
.from("plesk_subscriptions")
.select("id, plesk_subscription_id, plesk_instance_id")
.eq("id", resolvedSubscriptionId)
.eq("agency_id", context.agencyId)
.single();
if (subscriptionError || !subscriptionRow) {
throw new Error("Subscription not found");
}
subscription = {
id: String(subscriptionRow.id),
plesk_subscription_id: String(subscriptionRow.plesk_subscription_id),
plesk_instance_id: String(subscriptionRow.plesk_instance_id),
};
const { data: instance, error: instanceError } = await supabase
.from("plesk_instances")
.select("id, base_url, auth_type, encrypted_secret")
.eq("id", subscriptionRow.plesk_instance_id)
.eq("agency_id", context.agencyId)
.single();
if (instanceError || !instance) {
throw new Error("Plesk instance not found");
}
const connection = {
baseUrl: instance.base_url,
authType: instance.auth_type,
encryptedSecret: instance.encrypted_secret,
} as const;
const domainIdentifier = subscription.plesk_subscription_id;
const siteArgs =
action === "suspend"
? ["--suspend", domainIdentifier]
: ["--on", domainIdentifier];
await insertActionLogBestEffort(supabase, {
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_domain",
target_id: domain.id,
action: DOMAIN_ACTION_EVENTS[action].requested,
status: "pending",
metadata: {
domain_id: domain.id,
subscription_id: subscription.id,
plesk_instance_id: subscription.plesk_instance_id,
plesk_subscription_id: subscription.plesk_subscription_id,
cli_command: "site",
cli_args: siteArgs,
},
});
const siteResult = await pleskCliCall(connection, "site", siteArgs);
const fallbackStatus = action === "suspend" ? "suspended" : "active";
let refreshedStatus = fallbackStatus;
let refreshedStatusRaw: string | null = null;
let refreshErrorMessage: string | null = null;
try {
const infoResult = await pleskCliCall(connection, "subscription", [
"--info",
domainIdentifier,
]);
const parsed = parseSubscriptionStatusDetailsFromInfo(
infoResult.stdout ?? "",
);
refreshedStatus = parsed.status;
refreshedStatusRaw = parsed.statusRaw;
if (
action === "unsuspend" &&
refreshedStatus === "suspended" &&
(refreshedStatusRaw ?? "").toLowerCase().includes("subscriber")
) {
throw new Error(
"Domain remains suspended because its subscriber/customer account is suspended.",
);
}
} catch (refreshError) {
refreshErrorMessage =
refreshError instanceof Error
? refreshError.message.slice(0, 1000)
: "subscription_status_refresh_failed";
await insertActionLogBestEffort(supabase, {
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_subscription",
target_id: subscription.id,
action: "subscription_status_refresh_failed",
status: "failed",
error_message: refreshErrorMessage,
metadata: {
subscription_id: subscription.id,
plesk_subscription_id: subscription.plesk_subscription_id,
plesk_instance_id: subscription.plesk_instance_id,
source: "domain_action",
domain_id: domain.id,
},
});
}
await supabase
.from("plesk_subscriptions")
.update({
status: refreshedStatus,
status_raw: refreshedStatusRaw,
last_status_sync_at: new Date().toISOString(),
})
.eq("id", subscription.id)
.eq("agency_id", context.agencyId);
await supabase
.from("plesk_domains")
.update({ status: refreshedStatus })
.eq("agency_id", context.agencyId)
.eq("subscription_id", subscription.id);
await insertActionLogBestEffort(supabase, {
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_domain",
target_id: domain.id,
action: DOMAIN_ACTION_EVENTS[action].succeeded,
status: "success",
metadata: {
duration_ms: Date.now() - startedAt,
domain_id: domain.id,
subscription_id: subscription.id,
plesk_instance_id: subscription.plesk_instance_id,
plesk_subscription_id: subscription.plesk_subscription_id,
cli_command: "site",
cli_args: siteArgs,
cli_exit_code: siteResult.code,
cli_stdout_excerpt: excerpt(siteResult.stdout),
cli_stderr_excerpt: excerpt(siteResult.stderr),
refreshed_status: refreshedStatus,
refresh_error: refreshErrorMessage,
},
});
return NextResponse.json({ ok: true });
} catch (error) {
if (context && domain) {
const message =
error instanceof Error ? error.message : "Domain action failed";
if (requestedAction) {
await insertActionLogBestEffort(supabase, {
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_domain",
target_id: domain.id,
action: DOMAIN_ACTION_EVENTS[requestedAction].failed,
status: "failed",
error_message: message,
metadata: {
duration_ms: Date.now() - startedAt,
domain_id: domain.id,
subscription_id: subscription?.id ?? domain.subscription_id,
plesk_instance_id: subscription?.plesk_instance_id ?? null,
plesk_subscription_id: subscription?.plesk_subscription_id ?? null,
},
});
} else {
await insertActionLogBestEffort(supabase, {
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_domain",
target_id: domain.id,
action: "domain_action_failed",
status: "failed",
error_message: message,
metadata: {
duration_ms: Date.now() - startedAt,
domain_id: domain.id,
subscription_id: subscription?.id ?? domain.subscription_id,
plesk_instance_id: subscription?.plesk_instance_id ?? null,
plesk_subscription_id: subscription?.plesk_subscription_id ?? null,
},
});
}
}
return NextResponse.json(
{
error: error instanceof Error ? error.message : "Domain action failed",
},
{ status: 400 },
);
}
}

View File

@@ -0,0 +1,87 @@
import { NextResponse } from "next/server";
import { z } from "zod";
import { assertAgencyAdmin, getRouteAgencyContextOrThrow } from "@/lib/agency";
import { assertRateLimit } from "@/lib/api/rate-limit";
import { assertSameOrigin } from "@/lib/api/security";
import { createSupabaseRouteClient } from "@/lib/supabase/route";
const autosyncSchema = z.object({
auto_sync_enabled: z.boolean(),
auto_sync_frequency_minutes: z.number().int().min(5).max(10080).optional(),
});
export async function POST(
req: Request,
{ params }: { params: { id: string } },
) {
try {
assertSameOrigin(req);
const context = await getRouteAgencyContextOrThrow();
assertAgencyAdmin(context);
assertRateLimit(`plesk-autosync-settings:${context.userId}`, 20, 60_000);
const input = autosyncSchema.parse(await req.json());
const frequency = input.auto_sync_frequency_minutes ?? 60;
const nowIso = new Date().toISOString();
const nextAtIso = new Date(
Date.now() + frequency * 60 * 1000,
).toISOString();
const supabase = createSupabaseRouteClient() as any;
const updates = {
auto_sync_enabled: input.auto_sync_enabled,
auto_sync_frequency_minutes: frequency,
next_auto_sync_at: input.auto_sync_enabled ? nextAtIso : null,
auto_sync_lock_until: null,
auto_sync_lock_token: null,
last_auto_sync_at: input.auto_sync_enabled ? undefined : null,
} as Record<string, unknown>;
const { data: instance, error } = await supabase
.from("plesk_instances")
.update(updates)
.eq("id", params.id)
.eq("agency_id", context.agencyId)
.select(
"id, auto_sync_enabled, auto_sync_frequency_minutes, last_auto_sync_at, next_auto_sync_at, auto_sync_lock_until",
)
.single();
if (error || !instance) {
throw new Error(error?.message ?? "Plesk instance not found");
}
try {
await supabase.from("actions_log").insert({
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_instance",
target_id: params.id,
action: "autosync_settings_updated",
status: "success",
metadata: {
auto_sync_enabled: input.auto_sync_enabled,
auto_sync_frequency_minutes: frequency,
updated_at: nowIso,
},
});
} catch {
// best effort logging
}
return NextResponse.json({ instance });
} catch (error) {
return NextResponse.json(
{
error:
error instanceof Error
? error.message
: "Failed to update auto-sync settings",
},
{ status: 400 },
);
}
}

View File

@@ -0,0 +1,51 @@
import { NextResponse } from "next/server";
import { assertAgencyAdmin, getRouteAgencyContextOrThrow } from "@/lib/agency";
import { assertRateLimit } from "@/lib/api/rate-limit";
import { assertSameOrigin } from "@/lib/api/security";
import { backfillDomainSubscriptionLinks } from "@/lib/plesk/sync";
import { createSupabaseRouteClient } from "@/lib/supabase/route";
export async function POST(
req: Request,
{ params }: { params: { id: string } },
) {
try {
assertSameOrigin(req);
const context = await getRouteAgencyContextOrThrow();
assertAgencyAdmin(context);
assertRateLimit(`plesk-backfill-links:${context.userId}`, 5, 60_000);
const supabase = createSupabaseRouteClient() as any;
const { data: instance, error: instanceError } = await supabase
.from("plesk_instances")
.select("id")
.eq("id", params.id)
.eq("agency_id", context.agencyId)
.single();
if (instanceError || !instance) {
throw new Error("Plesk instance not found");
}
const result = await backfillDomainSubscriptionLinks(supabase, {
agencyId: context.agencyId,
instanceId: params.id,
actorUserId: context.userId,
});
return NextResponse.json({ ok: true, ...result });
} catch (error) {
return NextResponse.json(
{
error:
error instanceof Error
? error.message
: "Backfill domain links failed",
},
{ status: 400 },
);
}
}

View File

@@ -0,0 +1,73 @@
import { NextResponse } from "next/server";
import { assertAgencyAdmin, getRouteAgencyContextOrThrow } from "@/lib/agency";
import { assertRateLimit } from "@/lib/api/rate-limit";
import { assertSameOrigin } from "@/lib/api/security";
import { runInstanceHealthCheck } from "@/lib/plesk/health";
import { createSupabaseRouteClient } from "@/lib/supabase/route";
export async function POST(
req: Request,
{ params }: { params: { id: string } },
) {
try {
assertSameOrigin(req);
const context = await getRouteAgencyContextOrThrow();
assertAgencyAdmin(context);
assertRateLimit(`plesk-health-check:${context.userId}`, 20, 60_000);
const supabase = createSupabaseRouteClient() as any;
const { data: instance, error: instanceError } = await supabase
.from("plesk_instances")
.select(
"id, agency_id, base_url, auth_type, encrypted_secret, health_enabled, health_check_frequency_minutes, health_next_check_at, health_lock_until",
)
.eq("id", params.id)
.eq("agency_id", context.agencyId)
.single();
if (instanceError || !instance) {
throw new Error("Plesk instance not found");
}
const result = await runInstanceHealthCheck(supabase, instance, {
actorUserId: context.userId,
force: true,
source: "manual",
});
if (!result.checked) {
return NextResponse.json(
{ error: "Health check is already running for this instance" },
{ status: 409 },
);
}
const { data: updated } = await supabase
.from("plesk_instances")
.select(
"id, health_enabled, health_status, health_last_checked_at, health_last_ok_at, health_last_error, health_last_latency_ms, health_check_frequency_minutes, health_next_check_at",
)
.eq("id", params.id)
.eq("agency_id", context.agencyId)
.single();
return NextResponse.json({
ok: true,
result,
instance: updated,
});
} catch (error) {
return NextResponse.json(
{
error:
error instanceof Error
? error.message
: "Health check execution failed",
},
{ status: 400 },
);
}
}

View File

@@ -5,6 +5,8 @@ import { assertAgencyAdmin, getRouteAgencyContextOrThrow } from "@/lib/agency";
import { assertRateLimit } from "@/lib/api/rate-limit";
import { assertSameOrigin } from "@/lib/api/security";
import {
parseSubscriptionStatusDetailsFromInfo,
pleskCliCall,
suspendPleskSubscription,
unsuspendPleskSubscription,
} from "@/lib/plesk/client";
@@ -14,6 +16,44 @@ const actionSchema = z.object({
action: z.enum(["suspend", "unsuspend"]),
});
const LOG_EXCERPT_LIMIT = 500;
const SUBSCRIPTION_ACTION_EVENTS = {
suspend: {
requested: "subscription_suspend_requested",
succeeded: "subscription_suspend_succeeded",
failed: "subscription_suspend_failed",
},
unsuspend: {
requested: "subscription_unsuspend_requested",
succeeded: "subscription_unsuspend_succeeded",
failed: "subscription_unsuspend_failed",
},
} as const;
function excerpt(value: string | null | undefined) {
if (!value) return null;
const trimmed = value.trim();
if (!trimmed) return null;
return trimmed.length > LOG_EXCERPT_LIMIT
? `${trimmed.slice(0, LOG_EXCERPT_LIMIT)}`
: trimmed;
}
async function insertActionLogBestEffort(
supabase: any,
payload: Record<string, unknown>,
) {
try {
const { error } = await supabase.from("actions_log").insert(payload);
if (error) {
console.error("[actions_log] insert failed", error.message);
}
} catch (error) {
console.error("[actions_log] insert threw", error);
}
}
export async function POST(
req: Request,
{ params }: { params: { id: string } },
@@ -27,6 +67,7 @@ export async function POST(
plesk_subscription_id: string;
plesk_instance_id: string;
} | null = null;
const startedAt = Date.now();
try {
assertSameOrigin(req);
@@ -68,58 +109,153 @@ export async function POST(
encryptedSecret: instance.encrypted_secret,
} as const;
if (payload.action === "suspend") {
await suspendPleskSubscription(
connection,
subscription.plesk_subscription_id,
);
} else {
await unsuspendPleskSubscription(
connection,
subscription.plesk_subscription_id,
);
}
const cliArgs =
payload.action === "suspend"
? ["--webspace-off", subscription.plesk_subscription_id]
: ["--unsuspend", subscription.plesk_subscription_id];
const newStatus = payload.action === "suspend" ? "suspended" : "active";
const { error: updateError } = await supabase
.from("plesk_subscriptions")
.update({ status: newStatus })
.eq("id", subscription.id);
await supabase.from("actions_log").insert({
await insertActionLogBestEffort(supabase, {
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_subscription",
target_id: subscription.id,
action: payload.action,
action: SUBSCRIPTION_ACTION_EVENTS[payload.action].requested,
status: "pending",
metadata: {
subscription_id: subscription.id,
plesk_instance_id: subscription.plesk_instance_id,
plesk_subscription_id: subscription.plesk_subscription_id,
cli_command: "subscription",
cli_args: cliArgs,
},
});
const actionCliResult =
payload.action === "suspend"
? await suspendPleskSubscription(
connection,
subscription.plesk_subscription_id,
)
: await unsuspendPleskSubscription(
connection,
subscription.plesk_subscription_id,
);
const fallbackStatus =
payload.action === "suspend" ? "suspended" : "active";
let refreshedStatus = fallbackStatus;
let refreshedStatusRaw: string | null = null;
let refreshErrorMessage: string | null = null;
try {
const infoResult = await pleskCliCall(connection, "subscription", [
"--info",
subscription.plesk_subscription_id,
]);
const parsed = parseSubscriptionStatusDetailsFromInfo(
infoResult.stdout ?? "",
);
refreshedStatus = parsed.status;
refreshedStatusRaw = parsed.statusRaw;
} catch (refreshError) {
refreshErrorMessage =
refreshError instanceof Error
? refreshError.message.slice(0, 1000)
: "subscription_status_refresh_failed";
await insertActionLogBestEffort(supabase, {
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_subscription",
target_id: subscription.id,
action: "subscription_status_refresh_failed",
status: "failed",
error_message: refreshErrorMessage,
metadata: {
subscription_id: subscription.id,
plesk_subscription_id: subscription.plesk_subscription_id,
plesk_instance_id: subscription.plesk_instance_id,
},
});
}
const { error: updateError } = await supabase
.from("plesk_subscriptions")
.update({
status: refreshedStatus,
status_raw: refreshedStatusRaw,
last_status_sync_at: new Date().toISOString(),
})
.eq("id", subscription.id);
await supabase
.from("plesk_domains")
.update({ status: refreshedStatus })
.eq("agency_id", context.agencyId)
.eq("subscription_id", subscription.id);
await insertActionLogBestEffort(supabase, {
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_subscription",
target_id: subscription.id,
action: SUBSCRIPTION_ACTION_EVENTS[payload.action].succeeded,
status: "success",
metadata: {
duration_ms: Date.now() - startedAt,
cli_command: "subscription",
cli_args: cliArgs,
plesk_subscription_id: subscription.plesk_subscription_id,
refreshed_status: refreshedStatus,
refresh_error: refreshErrorMessage,
cli_exit_code: actionCliResult.code,
cli_stdout_excerpt: excerpt(actionCliResult.stdout),
cli_stderr_excerpt: excerpt(actionCliResult.stderr),
db_status_update_error: updateError?.message ?? null,
},
});
return NextResponse.json({
ok: true,
status: newStatus,
status: refreshedStatus,
dbStatusUpdated: !updateError,
refreshError: refreshErrorMessage,
});
} catch (error) {
if (supabase && context && subscription) {
const message =
error instanceof Error ? error.message : "Subscription action failed";
await supabase.from("actions_log").insert({
if (requestedAction) {
await insertActionLogBestEffort(supabase, {
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_subscription",
target_id: subscription.id,
action: requestedAction ?? "subscription_action",
action: SUBSCRIPTION_ACTION_EVENTS[requestedAction].failed,
status: "failed",
error_message: message,
metadata: {
duration_ms: Date.now() - startedAt,
plesk_subscription_id: subscription.plesk_subscription_id,
plesk_instance_id: subscription.plesk_instance_id,
},
});
} else {
await insertActionLogBestEffort(supabase, {
agency_id: context.agencyId,
actor_user_id: context.userId,
target_type: "plesk_subscription",
target_id: subscription.id,
action: "subscription_action_failed",
status: "failed",
error_message: message,
metadata: {
duration_ms: Date.now() - startedAt,
plesk_subscription_id: subscription.plesk_subscription_id,
plesk_instance_id: subscription.plesk_instance_id,
},
});
}
}
return NextResponse.json(

View File

@@ -15,7 +15,7 @@ export async function POST() {
}
const stripe = getStripeClient();
const supabase = createSupabaseRouteClient();
const supabase = createSupabaseRouteClient() as any;
const { data: billing, error: billingError } = await supabase
.from("billing_accounts")
@@ -42,7 +42,10 @@ export async function POST() {
};
if (billing?.id) {
await supabase.from("billing_accounts").update(upsertPayload).eq("id", billing.id);
await supabase
.from("billing_accounts")
.update(upsertPayload)
.eq("id", billing.id);
} else {
await supabase.from("billing_accounts").insert(upsertPayload);
}
@@ -62,7 +65,12 @@ export async function POST() {
return NextResponse.json({ url: session.url });
} catch (error) {
return NextResponse.json(
{ error: error instanceof Error ? error.message : "Failed to create checkout session" },
{
error:
error instanceof Error
? error.message
: "Failed to create checkout session",
},
{ status: 400 },
);
}

View File

@@ -10,7 +10,7 @@ export async function POST() {
const context = await getRouteAgencyContextOrThrow();
assertAgencyAdmin(context);
const supabase = createSupabaseRouteClient();
const supabase = createSupabaseRouteClient() as any;
const stripe = getStripeClient();
const { data: billing, error } = await supabase
@@ -32,7 +32,12 @@ export async function POST() {
return NextResponse.json({ url: session.url });
} catch (error) {
return NextResponse.json(
{ error: error instanceof Error ? error.message : "Failed to open billing portal" },
{
error:
error instanceof Error
? error.message
: "Failed to open billing portal",
},
{ status: 400 },
);
}

View File

@@ -19,7 +19,7 @@ async function upsertBillingByCustomer(
current_period_end?: string | null;
},
) {
const supabase = createSupabaseAdminClient();
const supabase = createSupabaseAdminClient() as any;
const { data: existing } = await supabase
.from("billing_accounts")
@@ -28,22 +28,33 @@ async function upsertBillingByCustomer(
.maybeSingle();
if (existing?.id) {
await supabase.from("billing_accounts").update(updates).eq("id", existing.id);
await supabase
.from("billing_accounts")
.update(updates)
.eq("id", existing.id);
}
}
async function handleCheckoutSessionCompleted(session: Stripe.Checkout.Session) {
const agencyId = typeof session.metadata?.agency_id === "string" ? session.metadata.agency_id : null;
const customerId = typeof session.customer === "string" ? session.customer : null;
async function handleCheckoutSessionCompleted(
session: Stripe.Checkout.Session,
) {
const agencyId =
typeof session.metadata?.agency_id === "string"
? session.metadata.agency_id
: null;
const customerId =
typeof session.customer === "string" ? session.customer : null;
if (!agencyId || !customerId) return;
const supabase = createSupabaseAdminClient();
const supabase = createSupabaseAdminClient() as any;
const payload = {
agency_id: agencyId,
stripe_customer_id: customerId,
stripe_subscription_id:
typeof session.subscription === "string" ? (session.subscription as string) : null,
typeof session.subscription === "string"
? (session.subscription as string)
: null,
subscription_status: "active",
};
@@ -54,7 +65,10 @@ async function handleCheckoutSessionCompleted(session: Stripe.Checkout.Session)
.maybeSingle();
if (existing?.id) {
await supabase.from("billing_accounts").update(payload).eq("id", existing.id);
await supabase
.from("billing_accounts")
.update(payload)
.eq("id", existing.id);
} else {
await supabase.from("billing_accounts").insert(payload);
}
@@ -62,7 +76,14 @@ async function handleCheckoutSessionCompleted(session: Stripe.Checkout.Session)
async function handleSubscriptionUpdated(subscription: Stripe.Subscription) {
const customerId =
typeof subscription.customer === "string" ? subscription.customer : subscription.customer?.id;
typeof subscription.customer === "string"
? subscription.customer
: subscription.customer?.id;
const currentPeriodEnd =
"current_period_end" in subscription
? (subscription as { current_period_end?: number | null })
.current_period_end
: null;
if (!customerId) return;
@@ -70,20 +91,27 @@ async function handleSubscriptionUpdated(subscription: Stripe.Subscription) {
stripe_subscription_id: subscription.id,
plan_id: subscription.items.data[0]?.price.id ?? null,
subscription_status: subscription.status,
current_period_end: toIsoOrNull(subscription.current_period_end),
current_period_end: toIsoOrNull(currentPeriodEnd),
});
}
async function handleSubscriptionDeleted(subscription: Stripe.Subscription) {
const customerId =
typeof subscription.customer === "string" ? subscription.customer : subscription.customer?.id;
typeof subscription.customer === "string"
? subscription.customer
: subscription.customer?.id;
const currentPeriodEnd =
"current_period_end" in subscription
? (subscription as { current_period_end?: number | null })
.current_period_end
: null;
if (!customerId) return;
await upsertBillingByCustomer(customerId, {
stripe_subscription_id: subscription.id,
subscription_status: "canceled",
current_period_end: toIsoOrNull(subscription.current_period_end),
current_period_end: toIsoOrNull(currentPeriodEnd),
});
}
@@ -95,22 +123,35 @@ export async function POST(req: Request) {
const signature = req.headers.get("stripe-signature");
if (!signature) {
return NextResponse.json({ error: "Missing stripe-signature header" }, { status: 400 });
return NextResponse.json(
{ error: "Missing stripe-signature header" },
{ status: 400 },
);
}
const stripe = getStripeClient();
const body = await req.text();
const event = stripe.webhooks.constructEvent(body, signature, env.stripeWebhookSecret);
const event = stripe.webhooks.constructEvent(
body,
signature,
env.stripeWebhookSecret,
);
switch (event.type) {
case "checkout.session.completed":
await handleCheckoutSessionCompleted(event.data.object as Stripe.Checkout.Session);
await handleCheckoutSessionCompleted(
event.data.object as Stripe.Checkout.Session,
);
break;
case "customer.subscription.updated":
await handleSubscriptionUpdated(event.data.object as Stripe.Subscription);
await handleSubscriptionUpdated(
event.data.object as Stripe.Subscription,
);
break;
case "customer.subscription.deleted":
await handleSubscriptionDeleted(event.data.object as Stripe.Subscription);
await handleSubscriptionDeleted(
event.data.object as Stripe.Subscription,
);
break;
default:
break;
@@ -119,7 +160,10 @@ export async function POST(req: Request) {
return NextResponse.json({ received: true });
} catch (error) {
return NextResponse.json(
{ error: error instanceof Error ? error.message : "Webhook handling failed" },
{
error:
error instanceof Error ? error.message : "Webhook handling failed",
},
{ status: 400 },
);
}

View File

@@ -2,12 +2,18 @@ import { createRouteHandlerClient } from "@supabase/auth-helpers-nextjs";
import { NextResponse } from "next/server";
import { cookies } from "next/headers";
import { env } from "@/lib/env";
import type { Database } from "@/lib/types";
export async function GET(request: Request) {
const requestUrl = new URL(request.url);
const code = requestUrl.searchParams.get("code");
const next = requestUrl.searchParams.get("next") ?? "/dashboard";
const nextParam = requestUrl.searchParams.get("next");
const next =
nextParam && nextParam.startsWith("/") && !nextParam.startsWith("//")
? nextParam
: "/dashboard";
const redirectOrigin = env.appOrigin || requestUrl.origin;
if (code) {
const supabase = createRouteHandlerClient<Database>({ cookies });
@@ -15,18 +21,16 @@ export async function GET(request: Request) {
if (error) {
console.error(error);
return NextResponse.redirect(
new URL(`/login?authError=1`, requestUrl.origin),
new URL(`/login?authError=1`, redirectOrigin),
);
}
const {
data: { user },
} = await supabase.auth.getUser();
if (!user) {
return NextResponse.redirect(
new URL(`/login?noUser=1`, requestUrl.origin),
);
return NextResponse.redirect(new URL(`/login?noUser=1`, redirectOrigin));
}
}
return NextResponse.redirect(new URL(next, requestUrl.origin));
return NextResponse.redirect(new URL(next, redirectOrigin));
}

View File

@@ -0,0 +1,301 @@
import Link from "next/link";
import { getServerAgencyContextOrRedirect } from "@/lib/agency";
import { createSupabaseServerClient } from "@/lib/supabase/server";
import { formatDateTime } from "@/lib/dates";
export const dynamic = "force-dynamic";
const PAGE_SIZE = 50;
type SearchParams = {
page?: string;
instance?: string;
action?: string;
status?: string;
};
function getSingleParam(value: string | string[] | undefined) {
if (!value) return "";
return Array.isArray(value) ? (value[0] ?? "") : value;
}
function buildQueryString(next: Record<string, string | number | undefined>) {
const params = new URLSearchParams();
for (const [key, value] of Object.entries(next)) {
if (value == null) continue;
const normalized = String(value);
if (!normalized) continue;
params.set(key, normalized);
}
return params.toString();
}
export default async function ActivityPage({
searchParams,
}: {
searchParams?: SearchParams;
}) {
const context = await getServerAgencyContextOrRedirect();
const supabase = createSupabaseServerClient() as any;
const selectedInstance = getSingleParam(searchParams?.instance);
const selectedAction = getSingleParam(searchParams?.action);
const selectedStatus = getSingleParam(searchParams?.status);
const page = Math.max(
Number(getSingleParam(searchParams?.page) || "1") || 1,
1,
);
const { data: instances } = await supabase
.from("plesk_instances")
.select("id, name, base_url")
.eq("agency_id", context.agencyId)
.order("name", { ascending: true });
let baseQuery = supabase
.from("actions_log")
.select(
"id, created_at, target_type, target_id, action, status, error_message, metadata",
{ count: "exact" },
)
.eq("agency_id", context.agencyId)
.order("created_at", { ascending: false });
if (selectedAction) {
baseQuery = baseQuery.eq("action", selectedAction);
}
if (selectedStatus) {
baseQuery = baseQuery.eq("status", selectedStatus);
}
if (selectedInstance) {
baseQuery = baseQuery.or(
`target_id.eq.${selectedInstance},metadata->>plesk_instance_id.eq.${selectedInstance}`,
);
}
const from = (page - 1) * PAGE_SIZE;
const to = from + PAGE_SIZE - 1;
const { data: logs, count } = await baseQuery.range(from, to);
const { data: recentForActions } = await supabase
.from("actions_log")
.select("action")
.eq("agency_id", context.agencyId)
.order("created_at", { ascending: false })
.limit(200);
const actionOptions: string[] = Array.from(
new Set<string>(
(recentForActions ?? []).map((entry: any) => String(entry.action)),
),
).sort((a, b) => a.localeCompare(b));
const instanceNameById = new Map<string, string>(
(instances ?? []).map((instance: any) => [
String(instance.id),
String(instance.name ?? instance.base_url ?? instance.id),
]),
);
const total = count ?? 0;
const hasPrev = page > 1;
const hasNext = to + 1 < total;
return (
<main className="mx-auto w-full max-w-6xl space-y-4 px-6 py-8">
<div className="flex items-center justify-between">
<div>
<h1 className="text-2xl font-bold text-slate-900">Activity Log</h1>
<p className="text-sm text-slate-600">
Recent actions for your agency
</p>
</div>
<Link href="/dashboard" className="text-sm text-brand-700 underline">
Back to dashboard
</Link>
</div>
<form className="grid gap-2 rounded-xl border border-slate-200 bg-white p-4 md:grid-cols-4">
<div>
<label className="text-xs font-medium text-slate-600">Instance</label>
<select
name="instance"
defaultValue={selectedInstance}
className="mt-1 w-full rounded border border-slate-300 px-2 py-1.5 text-sm"
>
<option value="">All instances</option>
{(instances ?? []).map((instance: any) => (
<option key={String(instance.id)} value={String(instance.id)}>
{String(instance.name ?? instance.base_url ?? instance.id)}
</option>
))}
</select>
</div>
<div>
<label className="text-xs font-medium text-slate-600">Action</label>
<select
name="action"
defaultValue={selectedAction}
className="mt-1 w-full rounded border border-slate-300 px-2 py-1.5 text-sm"
>
<option value="">All actions</option>
{actionOptions.map((action) => (
<option key={action} value={action}>
{action}
</option>
))}
</select>
</div>
<div>
<label className="text-xs font-medium text-slate-600">Status</label>
<select
name="status"
defaultValue={selectedStatus}
className="mt-1 w-full rounded border border-slate-300 px-2 py-1.5 text-sm"
>
<option value="">All statuses</option>
<option value="pending">Pending</option>
<option value="success">Success</option>
<option value="failed">Failed</option>
</select>
</div>
<div className="flex items-end gap-2">
<button className="rounded border px-3 py-1.5 text-sm">Apply</button>
<Link
href="/dashboard/activity"
className="rounded border px-3 py-1.5 text-sm"
>
Reset
</Link>
</div>
</form>
<div className="overflow-x-auto rounded-xl border border-slate-200 bg-white">
<table className="min-w-full text-left text-sm">
<thead>
<tr className="border-b border-slate-200 text-xs uppercase text-slate-500">
<th className="px-3 py-2">Time</th>
<th className="px-3 py-2">Instance</th>
<th className="px-3 py-2">Action</th>
<th className="px-3 py-2">Target</th>
<th className="px-3 py-2">Status</th>
<th className="px-3 py-2">Message</th>
<th className="px-3 py-2">Details</th>
</tr>
</thead>
<tbody>
{(logs ?? []).length === 0 ? (
<tr>
<td className="px-3 py-4 text-slate-500" colSpan={7}>
No activity found.
</td>
</tr>
) : (
(logs ?? []).map((row: any) => {
const metadata =
row?.metadata && typeof row.metadata === "object"
? (row.metadata as Record<string, unknown>)
: null;
const instanceId =
(metadata?.plesk_instance_id as string | undefined) ??
(row.target_type === "plesk_instance"
? (row.target_id as string | null)
: null);
return (
<tr
key={row.id}
className="border-b border-slate-100 align-top"
>
<td className="px-3 py-2">
{formatDateTime(row.created_at)}
</td>
<td className="px-3 py-2">
{instanceId
? (instanceNameById.get(instanceId) ?? instanceId)
: "-"}
</td>
<td className="px-3 py-2">{row.action ?? "-"}</td>
<td className="px-3 py-2">
{row.target_type ?? "-"}
{row.target_id ? ` (${row.target_id})` : ""}
</td>
<td className="px-3 py-2">{row.status ?? "-"}</td>
<td className="px-3 py-2">{row.error_message ?? "-"}</td>
<td className="px-3 py-2">
{metadata ? (
<details>
<summary className="cursor-pointer text-xs text-brand-700">
View
</summary>
<pre className="mt-1 max-w-[460px] overflow-auto rounded bg-slate-50 p-2 text-[11px] text-slate-700">
{JSON.stringify(metadata, null, 2)}
</pre>
</details>
) : (
"-"
)}
</td>
</tr>
);
})
)}
</tbody>
</table>
</div>
<div className="flex items-center justify-between text-sm">
<p className="text-slate-500">
Showing {Math.min(total, from + 1)} - {Math.min(total, to + 1)} of{" "}
{total}
</p>
<div className="flex gap-2">
{hasPrev ? (
<Link
href={`/dashboard/activity?${buildQueryString({
page: page - 1,
instance: selectedInstance,
action: selectedAction,
status: selectedStatus,
})}`}
className="rounded border px-3 py-1.5"
>
Previous
</Link>
) : (
<span className="rounded border px-3 py-1.5 text-slate-400">
Previous
</span>
)}
{hasNext ? (
<Link
href={`/dashboard/activity?${buildQueryString({
page: page + 1,
instance: selectedInstance,
action: selectedAction,
status: selectedStatus,
})}`}
className="rounded border px-3 py-1.5"
>
Next
</Link>
) : (
<span className="rounded border px-3 py-1.5 text-slate-400">
Next
</span>
)}
</div>
</div>
</main>
);
}

View File

@@ -1,9 +1,12 @@
import { SignOutButton } from "@/components/auth/sign-out-button";
import { DashboardControls } from "@/components/dashboard/dashboard-controls";
import { getServerAgencyContextOrRedirect } from "@/lib/agency";
import { formatDateTime } from "@/lib/dates";
import type { Database } from "@/lib/types";
import { createSupabaseServerClient } from "@/lib/supabase/server";
import type { PostgrestError } from "@supabase/supabase-js";
import Link from "next/link";
export const dynamic = "force-dynamic";
type AgencySummary = Pick<
Database["public"]["Tables"]["agencies"]["Row"],
@@ -17,6 +20,98 @@ type ActionLogSummary = Pick<
Database["public"]["Tables"]["actions_log"]["Row"],
"target_id" | "status" | "action" | "created_at" | "error_message"
>;
type AutosyncLatestLogSummary = Pick<
Database["public"]["Tables"]["actions_log"]["Row"],
"created_at"
>;
type HealthLogSummary = Pick<
Database["public"]["Tables"]["actions_log"]["Row"],
| "id"
| "target_id"
| "status"
| "action"
| "created_at"
| "error_message"
| "metadata"
>;
const RELATIVE_TIME_FORMATTER = new Intl.RelativeTimeFormat("en", {
numeric: "auto",
});
function getLatestTimestamp(values: Array<string | null | undefined>) {
let latestIso: string | null = null;
let latestMs = Number.NEGATIVE_INFINITY;
for (const value of values) {
if (!value) continue;
const parsed = new Date(value).getTime();
if (Number.isNaN(parsed)) continue;
if (parsed > latestMs) {
latestMs = parsed;
latestIso = value;
}
}
return latestIso;
}
function formatRelativeTime(value?: string | null) {
if (!value) return null;
const targetMs = new Date(value).getTime();
if (Number.isNaN(targetMs)) return null;
const deltaSeconds = Math.round((targetMs - Date.now()) / 1000);
const absSeconds = Math.abs(deltaSeconds);
if (absSeconds < 60) {
return RELATIVE_TIME_FORMATTER.format(deltaSeconds, "second");
}
const deltaMinutes = Math.round(deltaSeconds / 60);
if (Math.abs(deltaMinutes) < 60) {
return RELATIVE_TIME_FORMATTER.format(deltaMinutes, "minute");
}
const deltaHours = Math.round(deltaMinutes / 60);
if (Math.abs(deltaHours) < 24) {
return RELATIVE_TIME_FORMATTER.format(deltaHours, "hour");
}
const deltaDays = Math.round(deltaHours / 24);
if (Math.abs(deltaDays) < 30) {
return RELATIVE_TIME_FORMATTER.format(deltaDays, "day");
}
const deltaMonths = Math.round(deltaDays / 30);
if (Math.abs(deltaMonths) < 12) {
return RELATIVE_TIME_FORMATTER.format(deltaMonths, "month");
}
const deltaYears = Math.round(deltaMonths / 12);
return RELATIVE_TIME_FORMATTER.format(deltaYears, "year");
}
function normalizeDomainLike(value: string) {
return value.trim().toLowerCase().replace(/\.$/, "");
}
function findBestSuffixStatusMatch(
normalizedDomain: string,
candidates: Array<{ normalizedName: string; status: string | null }>,
) {
let best: { normalizedName: string; status: string | null } | null = null;
for (const candidate of candidates) {
if (!normalizedDomain.endsWith(`.${candidate.normalizedName}`)) continue;
if (!best || candidate.normalizedName.length > best.normalizedName.length) {
best = candidate;
}
}
return best?.status ?? null;
}
export default async function DashboardPage() {
const context = await getServerAgencyContextOrRedirect();
@@ -29,6 +124,8 @@ export default async function DashboardPage() {
{ data: domains },
{ data: billing },
{ data: autoSyncLogs },
{ data: latestAutoSyncLog },
{ data: healthLogs },
] = (await Promise.all([
supabase
.from("agencies")
@@ -38,7 +135,7 @@ export default async function DashboardPage() {
supabase
.from("plesk_instances")
.select(
"id, name, base_url, auth_type, status, error_message, last_connected_at, last_sync_at, last_sync_status, last_sync_error, last_sync_subscriptions, last_sync_domains",
"id, name, base_url, auth_type, status, error_message, last_connected_at, last_sync_at, last_sync_status, last_sync_error, last_sync_subscriptions, last_sync_domains, auto_sync_enabled, auto_sync_frequency_minutes, last_auto_sync_at, next_auto_sync_at, auto_sync_lock_until, health_enabled, health_status, health_last_checked_at, health_last_ok_at, health_last_error, health_last_latency_ms, health_check_frequency_minutes, health_next_check_at, health_lock_until",
)
.eq("agency_id", context.agencyId)
.order("created_at", { ascending: false }),
@@ -51,7 +148,7 @@ export default async function DashboardPage() {
supabase
.from("plesk_domains")
.select(
"id, plesk_instance_id, domain_name, status, hosting_type, source_created_at, aliases_count, updated_at",
"id, plesk_instance_id, subscription_id, external_subscription_id, status, domain_name, hosting_type, source_created_at, aliases_count, updated_at",
)
.eq("agency_id", context.agencyId)
.order("updated_at", { ascending: false })
@@ -69,6 +166,31 @@ export default async function DashboardPage() {
.eq("action", "plesk_sync_auto")
.order("created_at", { ascending: false })
.limit(200),
supabase
.from("actions_log")
.select("created_at")
.eq("agency_id", context.agencyId)
.eq("target_type", "plesk_instance")
.eq("action", "autosync_completed")
.eq("status", "success")
.order("created_at", { ascending: false })
.limit(1)
.maybeSingle(),
supabase
.from("actions_log")
.select(
"id, target_id, status, action, created_at, error_message, metadata",
)
.eq("agency_id", context.agencyId)
.eq("target_type", "plesk_instance")
.in("action", [
"health_check_started",
"health_check_ok",
"health_check_degraded",
"health_check_failed",
])
.order("created_at", { ascending: false })
.limit(400),
])) as [
{ data: AgencySummary | null },
{
@@ -85,6 +207,20 @@ export default async function DashboardPage() {
last_sync_error: string | null;
last_sync_subscriptions: number;
last_sync_domains: number;
auto_sync_enabled: boolean;
auto_sync_frequency_minutes: number;
last_auto_sync_at: string | null;
next_auto_sync_at: string | null;
auto_sync_lock_until: string | null;
health_enabled: boolean;
health_status: "ok" | "degraded" | "down" | "unknown";
health_last_checked_at: string | null;
health_last_ok_at: string | null;
health_last_error: string | null;
health_last_latency_ms: number | null;
health_check_frequency_minutes: number;
health_next_check_at: string | null;
health_lock_until: string | null;
}> | null;
error: { message: string } | null;
},
@@ -101,6 +237,8 @@ export default async function DashboardPage() {
data: Array<{
id: string;
plesk_instance_id: string;
subscription_id: string | null;
external_subscription_id: string | null;
domain_name: string;
status: string | null;
hosting_type: string | null;
@@ -111,8 +249,86 @@ export default async function DashboardPage() {
},
{ data: BillingSummary | null },
{ data: ActionLogSummary[] | null },
{ data: AutosyncLatestLogSummary | null },
{ data: HealthLogSummary[] | null },
];
const domainInstanceIds = Array.from(
new Set((domains ?? []).map((domain) => domain.plesk_instance_id)),
);
const { data: domainSubscriptions } =
domainInstanceIds.length > 0
? await supabase
.from("plesk_subscriptions")
.select("id, plesk_instance_id, plesk_subscription_id, name, status")
.eq("agency_id", context.agencyId)
.in("plesk_instance_id", domainInstanceIds)
: { data: [] };
const subscriptionStatusById = new Map<string, string | null>(
(domainSubscriptions ?? []).map((subscription: any) => [
String(subscription.id),
subscription?.status ? String(subscription.status) : null,
]),
);
const subscriptionDisplayNameById = new Map<string, string>(
(domainSubscriptions ?? [])
.filter((subscription: any) => subscription?.id)
.map((subscription: any) => [
String(subscription.id),
String(
subscription?.name ||
subscription?.plesk_subscription_id ||
subscription?.id,
),
]),
);
const subscriptionStatusByExternalId = new Map<string, string | null>(
(domainSubscriptions ?? [])
.filter((subscription: any) =>
Boolean(
subscription?.plesk_instance_id &&
subscription?.plesk_subscription_id,
),
)
.map((subscription: any) => [
`${String(subscription.plesk_instance_id)}:${String(subscription.plesk_subscription_id)}`,
subscription?.status ? String(subscription.status) : null,
]),
);
const subscriptionStatusByInstanceAndName = new Map<string, string | null>(
(domainSubscriptions ?? [])
.filter((subscription: any) =>
Boolean(subscription?.plesk_instance_id && subscription?.name),
)
.map((subscription: any) => [
`${String(subscription.plesk_instance_id)}:${normalizeDomainLike(String(subscription.name))}`,
subscription?.status ? String(subscription.status) : null,
]),
);
const subscriptionStatusNameCandidatesByInstance = new Map<
string,
Array<{ normalizedName: string; status: string | null }>
>();
for (const subscription of domainSubscriptions ?? []) {
if (!subscription?.plesk_instance_id || !subscription?.name) continue;
const instanceId = String(subscription.plesk_instance_id);
const existing =
subscriptionStatusNameCandidatesByInstance.get(instanceId) ?? [];
existing.push({
normalizedName: normalizeDomainLike(String(subscription.name)),
status: subscription?.status ? String(subscription.status) : null,
});
subscriptionStatusNameCandidatesByInstance.set(instanceId, existing);
}
const autoSyncByInstance = new Map<
string,
{ status: string; created_at: string; error_message: string | null }
@@ -127,6 +343,67 @@ export default async function DashboardPage() {
});
}
const healthEventsByInstance = new Map<
string,
Array<{
id: string;
action: string;
status: string;
created_at: string;
error_message: string | null;
metadata: unknown;
}>
>();
for (const log of healthLogs ?? []) {
if (!log.target_id) continue;
const existing = healthEventsByInstance.get(log.target_id) ?? [];
if (existing.length >= 10) continue;
existing.push({
id: log.id,
action: log.action,
status: log.status,
created_at: log.created_at,
error_message: log.error_message,
metadata: log.metadata,
});
healthEventsByInstance.set(log.target_id, existing);
}
const healthCounts = { ok: 0, degraded: 0, down: 0, unknown: 0 };
for (const instance of instances ?? []) {
const status = (instance.health_status ?? "unknown") as
| "ok"
| "degraded"
| "down"
| "unknown";
if (status === "ok") healthCounts.ok += 1;
else if (status === "degraded") healthCounts.degraded += 1;
else if (status === "down") healthCounts.down += 1;
else healthCounts.unknown += 1;
}
const latestHealthCheckAt = getLatestTimestamp(
(instances ?? []).map((instance) => instance.health_last_checked_at),
);
const autoSyncEnabledCount = (instances ?? []).filter(
(instance) => instance.auto_sync_enabled,
).length;
const latestAutoSyncFromInstances = getLatestTimestamp(
(instances ?? []).map((instance) => instance.last_auto_sync_at),
);
const latestAutoSyncAt =
latestAutoSyncFromInstances ?? latestAutoSyncLog?.created_at ?? null;
const downInstanceNames = (instances ?? [])
.filter((instance) => instance.health_status === "down")
.slice(0, 3)
.map((instance) => instance.name || instance.base_url);
return (
<main className="mx-auto flex w-full max-w-6xl flex-col gap-6 px-6 py-8">
<header className="flex items-center justify-between">
@@ -136,9 +413,100 @@ export default async function DashboardPage() {
</h1>
<p className="text-sm text-slate-600">Role: {context.role}</p>
</div>
<div className="flex items-center gap-3">
<Link
href="/dashboard/activity"
className="text-sm text-brand-700 underline"
>
Activity
</Link>
<SignOutButton />
</div>
</header>
<section className="rounded-xl border border-slate-200 bg-white p-4">
<div className="space-y-3 text-sm text-slate-700">
<div>
<p className="text-xs font-semibold uppercase tracking-wide text-slate-500">
Instance Health
</p>
<div className="mt-1 flex flex-wrap gap-2">
<span className="rounded bg-emerald-100 px-2 py-0.5 text-xs font-medium text-emerald-700">
Ok: {healthCounts.ok}
</span>
<span className="rounded bg-amber-100 px-2 py-0.5 text-xs font-medium text-amber-700">
Degraded: {healthCounts.degraded}
</span>
<span className="rounded bg-rose-100 px-2 py-0.5 text-xs font-medium text-rose-700">
Down: {healthCounts.down}
</span>
<span className="rounded bg-slate-100 px-2 py-0.5 text-xs font-medium text-slate-700">
Unknown: {healthCounts.unknown}
</span>
</div>
</div>
{healthCounts.down > 0 ? (
<div className="rounded border border-rose-200 bg-rose-50 px-3 py-2 text-xs text-rose-700">
{healthCounts.down} instance{healthCounts.down === 1 ? "" : "s"}{" "}
down
{downInstanceNames.length > 0
? `: ${downInstanceNames.join(", ")}${healthCounts.down > downInstanceNames.length ? ", …" : ""}`
: ""}
</div>
) : null}
<div className="flex flex-wrap gap-3">
<p>
<span className="font-medium text-slate-900">
Last Health Check:
</span>{" "}
<span
title={
latestHealthCheckAt
? formatDateTime(latestHealthCheckAt)
: undefined
}
>
{formatRelativeTime(latestHealthCheckAt) ?? "Never"}
</span>
</p>
<p>
<span className="font-medium text-slate-900">Auto Sync:</span>{" "}
Enabled on {autoSyncEnabledCount} instance
{autoSyncEnabledCount === 1 ? "" : "s"}
</p>
<p>
<span className="font-medium text-slate-900">Last run:</span>{" "}
<span
title={
latestAutoSyncAt
? formatDateTime(latestAutoSyncAt)
: undefined
}
>
{formatRelativeTime(latestAutoSyncAt) ?? "Not yet run"}
</span>
</p>
</div>
<div className="flex flex-wrap gap-2 pt-1">
<Link
href="/dashboard#instances-panel"
className="rounded border border-slate-300 px-3 py-1.5 text-xs font-medium text-slate-700"
>
Instances
</Link>
<Link
href="/dashboard/activity"
className="rounded border border-slate-300 px-3 py-1.5 text-xs font-medium text-slate-700"
>
Activity
</Link>
</div>
</div>
</section>
<section className="grid gap-4 md:grid-cols-3">
<div className="rounded-xl border border-slate-200 bg-white p-4">
<p className="text-sm text-slate-500">Plesk Instances</p>
@@ -164,12 +532,49 @@ export default async function DashboardPage() {
Instances query failed: {instancesError.message}
</div>
) : null}
<section id="instances-panel">
<DashboardControls
instances={instances ?? []}
subscriptions={subscriptions ?? []}
domains={domains ?? []}
domains={(domains ?? []).map((domain) => {
const joinedStatusByLocalId = domain.subscription_id
? subscriptionStatusById.get(domain.subscription_id)
: null;
const joinedStatusByExternalId = domain.external_subscription_id
? subscriptionStatusByExternalId.get(
`${domain.plesk_instance_id}:${domain.external_subscription_id}`,
)
: null;
const joinedStatusByName = subscriptionStatusByInstanceAndName.get(
`${domain.plesk_instance_id}:${normalizeDomainLike(domain.domain_name)}`,
);
const joinedStatusBySuffix = findBestSuffixStatusMatch(
normalizeDomainLike(domain.domain_name),
subscriptionStatusNameCandidatesByInstance.get(
domain.plesk_instance_id,
) ?? [],
);
const joinedStatus =
joinedStatusByLocalId ??
joinedStatusByExternalId ??
joinedStatusByName ??
joinedStatusBySuffix;
return {
...domain,
status: joinedStatus ?? "unknown",
subscription_name: domain.subscription_id
? (subscriptionDisplayNameById.get(domain.subscription_id) ??
null)
: null,
};
})}
autoSyncByInstance={Object.fromEntries(autoSyncByInstance.entries())}
healthEventsByInstance={Object.fromEntries(
healthEventsByInstance.entries(),
)}
/>
</section>
</main>
);
}

View File

@@ -1,6 +1,6 @@
"use client";
import { useState } from "react";
import { useEffect, useState } from "react";
import type { ChangeEvent } from "react";
import type { FormEvent } from "react";
import { formatDateTime } from "@/lib/dates";
@@ -18,6 +18,20 @@ type Instance = {
last_sync_error: string | null;
last_sync_subscriptions: number;
last_sync_domains: number;
auto_sync_enabled: boolean;
auto_sync_frequency_minutes: number;
last_auto_sync_at: string | null;
next_auto_sync_at: string | null;
auto_sync_lock_until: string | null;
health_enabled: boolean;
health_status: "ok" | "degraded" | "down" | "unknown";
health_last_checked_at: string | null;
health_last_ok_at: string | null;
health_last_error: string | null;
health_last_latency_ms: number | null;
health_check_frequency_minutes: number;
health_next_check_at: string | null;
health_lock_until: string | null;
};
type Subscription = {
@@ -31,6 +45,8 @@ type Subscription = {
type Domain = {
id: string;
plesk_instance_id: string;
subscription_id: string | null;
subscription_name?: string | null;
domain_name: string;
status: string | null;
hosting_type: string | null;
@@ -47,14 +63,129 @@ type Props = {
string,
{ status: string; created_at: string; error_message: string | null }
>;
healthEventsByInstance: Record<
string,
Array<{
id: string;
action: string;
status: string;
created_at: string;
error_message: string | null;
metadata: unknown;
}>
>;
};
function getHealthBadge(status: string | null) {
const normalized = (status ?? "unknown").toLowerCase();
if (normalized === "ok") {
return { label: "OK", className: "bg-emerald-100 text-emerald-700" };
}
if (normalized === "degraded") {
return { label: "Degraded", className: "bg-amber-100 text-amber-700" };
}
if (normalized === "down") {
return { label: "Down", className: "bg-rose-100 text-rose-700" };
}
return { label: "Unknown", className: "bg-slate-100 text-slate-600" };
}
function mapHealthResult(action: string) {
if (action === "health_check_ok") return "ok";
if (action === "health_check_degraded") return "degraded";
if (action === "health_check_failed") return "failed";
return "started";
}
function getDomainStatusBadge(status: string | null) {
const normalized = (status ?? "unknown").toLowerCase();
if (normalized.includes("suspend") || normalized.includes("disabled")) {
return "bg-rose-100 text-rose-700";
}
if (normalized.includes("expired")) {
return "bg-amber-100 text-amber-700";
}
if (normalized.includes("active") || normalized.includes("enabled")) {
return "bg-emerald-100 text-emerald-700";
}
if (normalized.includes("ok")) {
return "bg-emerald-100 text-emerald-700";
}
return "bg-slate-100 text-slate-600";
}
function formatDomainStatusLabel(status: string | null) {
const normalized = (status ?? "unknown").toLowerCase();
if (normalized.includes("suspend")) return "Suspended";
if (normalized.includes("disabled")) return "Disabled";
if (normalized.includes("expired")) return "Expired";
if (
normalized.includes("active") ||
normalized.includes("ok") ||
normalized.includes("enabled")
) {
return "Active";
}
return "Unknown";
}
function isDomainSuspended(status: string | null) {
const normalized = (status ?? "unknown").toLowerCase();
return normalized.includes("suspend") || normalized.includes("disabled");
}
function isDomainActive(status: string | null) {
const normalized = (status ?? "unknown").toLowerCase();
return (
normalized.includes("active") ||
normalized.includes("ok") ||
normalized.includes("enabled")
);
}
function getDomainHref(domainName: string) {
const normalized = domainName.trim();
if (/^https?:\/\//i.test(normalized)) return normalized;
return `https://${normalized}`;
}
function getLatestTimestamp(values: Array<string | null | undefined>) {
let latest: string | null = null;
let latestMs = Number.NEGATIVE_INFINITY;
for (const value of values) {
if (!value) continue;
const ms = new Date(value).getTime();
if (Number.isNaN(ms)) continue;
if (ms > latestMs) {
latestMs = ms;
latest = value;
}
}
return latest;
}
export function DashboardControls({
instances,
subscriptions,
domains,
autoSyncByInstance,
healthEventsByInstance,
}: Props) {
const hasInstances = instances.length > 0;
const autoSyncFrequencyOptions = [15, 30, 60, 180, 360, 1440];
const [instanceName, setInstanceName] = useState("");
const [baseUrl, setBaseUrl] = useState("");
const [authType, setAuthType] = useState<"api_key" | "basic">("api_key");
@@ -69,6 +200,72 @@ export function DashboardControls({
const [domainStatus, setDomainStatus] = useState("all");
const [message, setMessage] = useState<string | null>(null);
const [loading, setLoading] = useState(false);
const [isConnectPanelOpen, setIsConnectPanelOpen] = useState(!hasInstances);
const [isInstancesPanelOpen, setIsInstancesPanelOpen] = useState(true);
useEffect(() => {
if (!hasInstances) {
setIsConnectPanelOpen(true);
return;
}
const savedState = window.localStorage.getItem(
"dashboard_connect_panel_open",
);
if (savedState === "true") {
setIsConnectPanelOpen(true);
return;
}
if (savedState === "false") {
setIsConnectPanelOpen(false);
return;
}
setIsConnectPanelOpen(false);
}, [hasInstances]);
useEffect(() => {
if (!hasInstances) return;
window.localStorage.setItem(
"dashboard_connect_panel_open",
isConnectPanelOpen ? "true" : "false",
);
}, [hasInstances, isConnectPanelOpen]);
useEffect(() => {
if (!hasInstances) {
setIsInstancesPanelOpen(true);
return;
}
const savedState = window.localStorage.getItem(
"dashboard_instances_panel_open",
);
if (savedState === "true") {
setIsInstancesPanelOpen(true);
return;
}
if (savedState === "false") {
setIsInstancesPanelOpen(false);
return;
}
setIsInstancesPanelOpen(true);
}, [hasInstances]);
useEffect(() => {
if (!hasInstances) return;
window.localStorage.setItem(
"dashboard_instances_panel_open",
isInstancesPanelOpen ? "true" : "false",
);
}, [hasInstances, isInstancesPanelOpen]);
const healthCounts = instances.reduce(
(acc, instance) => {
@@ -98,6 +295,30 @@ export function DashboardControls({
return statusMatches && searchMatches;
});
const instanceHealthSummary = instances.reduce(
(acc, instance) => {
const status = (instance.health_status ?? "unknown").toLowerCase();
if (status === "ok") acc.ok += 1;
else if (status === "degraded") acc.degraded += 1;
else if (status === "down") acc.down += 1;
else acc.unknown += 1;
return acc;
},
{ ok: 0, degraded: 0, down: 0, unknown: 0 },
);
const autoSyncEnabledCount = instances.filter(
(instance) => instance.auto_sync_enabled,
).length;
const latestInstanceSyncAt = getLatestTimestamp(
instances.map((instance) => instance.last_sync_at),
);
const latestInstanceHealthCheckAt = getLatestTimestamp(
instances.map((instance) => instance.health_last_checked_at),
);
async function runRequest(url: string, body?: unknown) {
const response = await fetch(url, {
method: "POST",
@@ -178,6 +399,41 @@ export function DashboardControls({
}
}
async function onRunHealthCheck(instanceId: string) {
setLoading(true);
setMessage(null);
try {
await runRequest(`/api/plesk/instances/${instanceId}/health`);
setMessage("Health check completed.");
window.location.reload();
} catch (error) {
setMessage(
error instanceof Error ? error.message : "Health check failed",
);
} finally {
setLoading(false);
}
}
async function onUpdateAutoSync(
instanceId: string,
input: { auto_sync_enabled: boolean; auto_sync_frequency_minutes: number },
) {
setLoading(true);
setMessage(null);
try {
await runRequest(`/api/plesk/instances/${instanceId}/autosync`, input);
setMessage("Auto-sync settings updated.");
window.location.reload();
} catch (error) {
setMessage(
error instanceof Error ? error.message : "Auto-sync update failed",
);
} finally {
setLoading(false);
}
}
async function onSubscriptionAction() {
if (!actionSubId) return;
setLoading(true);
@@ -195,6 +451,35 @@ export function DashboardControls({
}
}
async function onDomainAction(
domain: Domain,
action: "suspend" | "unsuspend",
) {
if (!domain.subscription_id) {
setMessage(
"Domain is not linked to a subscription yet. Run Sync Now (or backfill links) and try again.",
);
return;
}
setLoading(true);
setMessage(null);
try {
await runRequest(`/api/plesk/domains/${domain.id}/action`, {
action,
subscription_id: domain.subscription_id,
});
setMessage("Domain action completed.");
window.location.reload();
} catch (error) {
setMessage(
error instanceof Error ? error.message : "Domain action failed",
);
} finally {
setLoading(false);
}
}
async function onCheckout() {
setLoading(true);
try {
@@ -239,11 +524,32 @@ export function DashboardControls({
</div>
<div className="grid gap-4 lg:grid-cols-2">
<form
onSubmit={onCreateInstance}
className="space-y-3 rounded-xl border border-slate-200 bg-white p-4"
<div className="rounded-xl border border-slate-200 bg-white p-4">
<div className="flex items-center justify-between gap-3">
<h2 className="text-lg font-semibold">
{hasInstances
? "Connect another Plesk instance"
: "Connect Plesk Instance"}
</h2>
{hasInstances ? (
<button
type="button"
onClick={() => setIsConnectPanelOpen((open) => !open)}
className="rounded border border-slate-300 px-3 py-1.5 text-xs font-medium text-slate-700"
>
<h2 className="text-lg font-semibold">Connect Plesk Instance</h2>
{isConnectPanelOpen ? "Hide" : "Add instance"}
</button>
) : null}
</div>
{!isConnectPanelOpen && hasInstances ? (
<p className="mt-2 text-sm text-slate-500">
Add another server when needed.
</p>
) : null}
{isConnectPanelOpen ? (
<form onSubmit={onCreateInstance} className="mt-3 space-y-3">
<input
required
value={instanceName}
@@ -312,10 +618,49 @@ export function DashboardControls({
Save & Validate
</button>
</form>
) : null}
</div>
<div className="space-y-3 rounded-xl border border-slate-200 bg-white p-4">
<div className="flex items-center justify-between gap-3">
<h2 className="text-lg font-semibold">Plesk Instances</h2>
{hasInstances ? (
<button
type="button"
onClick={() => setIsInstancesPanelOpen((open) => !open)}
className="rounded border border-slate-300 px-3 py-1.5 text-xs font-medium text-slate-700"
>
{isInstancesPanelOpen ? "Hide" : "Show"}
</button>
) : null}
</div>
{!isInstancesPanelOpen && hasInstances ? (
<div className="rounded border border-slate-200 bg-slate-50 px-3 py-2 text-xs text-slate-700">
<p className="font-medium text-slate-900">
{instances.length} instance{instances.length === 1 ? "" : "s"}
</p>
<p className="mt-1">
Health OK: {instanceHealthSummary.ok}, Degraded:{" "}
{instanceHealthSummary.degraded}, Down:{" "}
{instanceHealthSummary.down}, Unknown:{" "}
{instanceHealthSummary.unknown}
</p>
<p className="mt-1">
Auto-sync enabled on {autoSyncEnabledCount} instance
{autoSyncEnabledCount === 1 ? "" : "s"}
</p>
<p className="mt-1">
Last sync: {formatDateTime(latestInstanceSyncAt)}
</p>
<p className="mt-1">
Last health check: {formatDateTime(latestInstanceHealthCheckAt)}
</p>
</div>
) : null}
{isInstancesPanelOpen ? (
<>
<div className="space-y-2">
{instances.length === 0 ? (
<p className="text-sm text-slate-500">
@@ -327,17 +672,23 @@ export function DashboardControls({
key={instance.id}
className="rounded border border-slate-200 p-3"
>
{(() => {
const health = getHealthBadge(instance.health_status);
return (
<div className="flex items-start justify-between gap-2">
<div>
{autoSyncByInstance[instance.id] ? (
<span
className={`inline-flex rounded px-2 py-0.5 text-[11px] font-medium ${
autoSyncByInstance[instance.id].status === "success"
autoSyncByInstance[instance.id].status ===
"success"
? "bg-emerald-100 text-emerald-700"
: "bg-rose-100 text-rose-700"
}`}
>
Auto-sync {autoSyncByInstance[instance.id].status}
Auto-sync{" "}
{autoSyncByInstance[instance.id].status}
</span>
) : null}
<p className="text-sm font-semibold text-slate-900">
@@ -348,17 +699,59 @@ export function DashboardControls({
</p>
<p className="mt-1 text-xs text-slate-600">
Status:{" "}
<span className="font-medium">{instance.status}</span>
<span className="font-medium">
{instance.status}
</span>
</p>
<p className="text-xs text-slate-500">
Last sync: {formatDateTime(instance.last_sync_at)}
{instance.last_sync_status
? ` (${instance.last_sync_status})`
: ""}
Health:{" "}
<span
title={
instance.health_last_error ?? undefined
}
className={`inline-flex rounded px-2 py-0.5 text-[11px] font-medium ${health.className}`}
>
{health.label}
</span>
</p>
<p className="text-xs text-slate-500">
Last counts: {instance.last_sync_subscriptions ?? 0}{" "}
subscriptions, {instance.last_sync_domains ?? 0} domains
Health last checked:{" "}
{formatDateTime(
instance.health_last_checked_at,
)}
</p>
<p className="text-xs text-slate-500">
Health latency:{" "}
{instance.health_last_latency_ms != null
? `${instance.health_last_latency_ms} ms`
: "—"}
</p>
<p className="text-xs text-slate-500">
Subscriptions:{" "}
{instance.last_sync_subscriptions ?? 0}
</p>
<p className="text-xs text-slate-500">
Domains: {instance.last_sync_domains ?? 0}
</p>
<p className="text-xs text-slate-500">
Last sync status:{" "}
<span
className={`inline-flex rounded px-2 py-0.5 text-[11px] font-medium ${
instance.last_sync_status === "success"
? "bg-emerald-100 text-emerald-700"
: instance.last_sync_status ===
"failed" ||
instance.last_sync_status === "error"
? "bg-rose-100 text-rose-700"
: "bg-slate-100 text-slate-600"
}`}
>
{instance.last_sync_status ?? "unknown"}
</span>
</p>
<p className="text-xs text-slate-500">
Last sync time:{" "}
{formatDateTime(instance.last_sync_at)}
</p>
<p className="text-xs text-slate-500">
Last connected:{" "}
@@ -366,6 +759,33 @@ export function DashboardControls({
? formatDateTime(instance.last_connected_at)
: "never"}
</p>
<p className="text-xs text-slate-500">
Auto-sync:{" "}
{instance.auto_sync_enabled
? "Enabled"
: "Disabled"}
</p>
<p className="text-xs text-slate-500">
Auto-sync frequency:{" "}
{instance.auto_sync_frequency_minutes ?? 60} min
</p>
<p className="text-xs text-slate-500">
Last auto-sync:{" "}
{formatDateTime(instance.last_auto_sync_at)}
</p>
<p className="text-xs text-slate-500">
Next auto-sync:{" "}
{formatDateTime(instance.next_auto_sync_at)}
</p>
<p className="text-xs text-slate-500">
Lock status:{" "}
{instance.auto_sync_lock_until &&
new Date(
instance.auto_sync_lock_until,
).getTime() > Date.now()
? "Sync in progress"
: "Idle"}
</p>
{autoSyncByInstance[instance.id] ? (
<p className="text-xs text-slate-500">
Last auto-sync:{" "}
@@ -384,14 +804,68 @@ export function DashboardControls({
Last sync error: {instance.last_sync_error}
</p>
) : null}
{autoSyncByInstance[instance.id]?.error_message ? (
{autoSyncByInstance[instance.id]
?.error_message ? (
<p className="mt-1 text-xs text-rose-600">
Auto-sync error:{" "}
{autoSyncByInstance[instance.id].error_message}
{
autoSyncByInstance[instance.id]
.error_message
}
</p>
) : null}
{instance.health_last_error ? (
<p
className="mt-1 text-xs text-rose-600"
title={instance.health_last_error}
>
Health error: {instance.health_last_error}
</p>
) : null}
</div>
<div className="flex flex-col gap-2">
<div className="flex items-center gap-2">
<label className="text-xs text-slate-600">
Auto-sync
</label>
<input
type="checkbox"
checked={instance.auto_sync_enabled}
onChange={(
e: ChangeEvent<HTMLInputElement>,
) =>
onUpdateAutoSync(instance.id, {
auto_sync_enabled: e.target.checked,
auto_sync_frequency_minutes:
instance.auto_sync_frequency_minutes ??
60,
})
}
disabled={loading}
/>
</div>
<select
value={String(
instance.auto_sync_frequency_minutes ?? 60,
)}
onChange={(e: ChangeEvent<HTMLSelectElement>) =>
onUpdateAutoSync(instance.id, {
auto_sync_enabled:
instance.auto_sync_enabled,
auto_sync_frequency_minutes: Number(
e.target.value,
),
})
}
disabled={loading}
className="rounded border px-2 py-1 text-xs"
>
{autoSyncFrequencyOptions.map((minutes) => (
<option key={minutes} value={minutes}>
Every {minutes} min
</option>
))}
</select>
<button
onClick={() => onTestConnection(instance.id)}
disabled={loading}
@@ -399,6 +873,13 @@ export function DashboardControls({
>
Test Connection
</button>
<button
onClick={() => onRunHealthCheck(instance.id)}
disabled={loading}
className="rounded border px-3 py-1.5 text-xs"
>
Run Health Check
</button>
<button
onClick={() => onSync(instance.id)}
disabled={loading}
@@ -408,13 +889,119 @@ export function DashboardControls({
</button>
</div>
</div>
);
})()}
<div className="mt-3 rounded border border-slate-100 bg-slate-50 p-3">
<p className="text-xs font-semibold uppercase tracking-wide text-slate-600">
Health Panel
</p>
<div className="mt-2 grid gap-1 text-xs text-slate-600 sm:grid-cols-2">
<p>
Current Status:{" "}
<span className="font-medium">
{getHealthBadge(instance.health_status).label}
</span>
</p>
<p>
Last Checked:{" "}
<span className="font-medium">
{formatDateTime(instance.health_last_checked_at)}
</span>
</p>
<p>
Last Successful Check:{" "}
<span className="font-medium">
{formatDateTime(instance.health_last_ok_at)}
</span>
</p>
<p>
Latency:{" "}
<span className="font-medium">
{instance.health_last_latency_ms != null
? `${instance.health_last_latency_ms} ms`
: "—"}
</span>
</p>
<p className="sm:col-span-2">
Last Error:{" "}
<span className="font-medium">
{instance.health_last_error ?? "—"}
</span>
</p>
</div>
<div className="mt-3 overflow-x-auto">
<table className="min-w-full text-left text-xs">
<thead>
<tr className="border-b border-slate-200 text-slate-500">
<th className="px-2 py-1">Time</th>
<th className="px-2 py-1">Event</th>
<th className="px-2 py-1">Result</th>
<th className="px-2 py-1">Message</th>
</tr>
</thead>
<tbody>
{(healthEventsByInstance[instance.id] ?? [])
.length === 0 ? (
<tr>
<td
className="px-2 py-2 text-slate-500"
colSpan={4}
>
No health events yet.
</td>
</tr>
) : (
(healthEventsByInstance[instance.id] ?? []).map(
(event) => (
<tr
key={event.id}
className="border-b border-slate-100 align-top"
>
<td className="px-2 py-1">
{formatDateTime(event.created_at)}
</td>
<td className="px-2 py-1">
{event.action}
</td>
<td className="px-2 py-1">
{mapHealthResult(event.action)}
</td>
<td className="px-2 py-1">
{event.error_message ?? "—"}
{event.metadata ? (
<details>
<summary className="cursor-pointer text-[11px] text-brand-700">
metadata
</summary>
<pre className="mt-1 max-w-[440px] overflow-auto rounded bg-white p-2 text-[10px] text-slate-700">
{JSON.stringify(
event.metadata,
null,
2,
)}
</pre>
</details>
) : null}
</td>
</tr>
),
)
)}
</tbody>
</table>
</div>
</div>
</div>
))
)}
</div>
<div className="space-y-2">
<label className="text-sm font-medium">Subscription Action</label>
<label className="text-sm font-medium">
Subscription Action
</label>
<select
value={actionSubId}
onChange={(e: ChangeEvent<HTMLSelectElement>) =>
@@ -464,10 +1051,14 @@ export function DashboardControls({
</button>
</div>
{message ? <p className="text-sm text-slate-600">{message}</p> : null}
{message ? (
<p className="text-sm text-slate-600">{message}</p>
) : null}
</>
) : null}
</div>
<div className="space-y-3 rounded-xl border border-slate-200 bg-white p-4">
<div className="space-y-3 rounded-xl border border-slate-200 bg-white p-4 lg:col-span-2">
<div className="flex flex-wrap items-end gap-2">
<div className="flex-1 min-w-[220px]">
<label className="text-sm font-medium">Search domains</label>
@@ -504,17 +1095,18 @@ export function DashboardControls({
<thead>
<tr className="border-b border-slate-200 text-xs uppercase text-slate-500">
<th className="px-2 py-2">Domain</th>
<th className="px-2 py-2">Status</th>
<th className="px-2 py-2">Subscription Status</th>
<th className="px-2 py-2">Hosting</th>
<th className="px-2 py-2">Created</th>
<th className="px-2 py-2">Aliases</th>
<th className="px-2 py-2">Last seen</th>
<th className="px-2 py-2">Actions</th>
</tr>
</thead>
<tbody>
{filteredDomains.length === 0 ? (
<tr>
<td className="px-2 py-3 text-slate-500" colSpan={6}>
<td className="px-2 py-3 text-slate-500" colSpan={7}>
No domains found.
</td>
</tr>
@@ -522,10 +1114,36 @@ export function DashboardControls({
filteredDomains.map((domain) => (
<tr key={domain.id} className="border-b border-slate-100">
<td className="px-2 py-2 font-medium text-slate-900">
<a
href={getDomainHref(domain.domain_name)}
target="_blank"
rel="noopener noreferrer"
className="underline decoration-slate-300 underline-offset-2 hover:text-brand-700"
>
{domain.domain_name}
</a>
{domain.subscription_id ? (
<p
className="text-xs font-normal text-slate-500"
title={`Subscription UUID: ${domain.subscription_id}`}
>
Subscription: {domain.subscription_name ?? "Linked"}
</p>
) : (
<p
className="text-xs font-normal text-amber-700"
title="Run sync to link this domain to a subscription"
>
Subscription: Unlinked
</p>
)}
</td>
<td className="px-2 py-2">
{domain.status ?? "unknown"}
<span
className={`inline-flex rounded px-2 py-0.5 text-xs font-medium ${getDomainStatusBadge(domain.status)}`}
>
{formatDomainStatusLabel(domain.status)}
</span>
</td>
<td className="px-2 py-2">
{domain.hosting_type ?? "unknown"}
@@ -537,6 +1155,42 @@ export function DashboardControls({
<td className="px-2 py-2">
{formatDateTime(domain.updated_at)}
</td>
<td className="px-2 py-2">
<div className="flex gap-2">
<button
onClick={() => onDomainAction(domain, "suspend")}
disabled={
loading ||
!domain.subscription_id ||
isDomainSuspended(domain.status)
}
title={
!domain.subscription_id
? "Not linked to a subscription yet — run sync"
: undefined
}
className="rounded border border-rose-300 px-2 py-1 text-xs text-rose-700 disabled:cursor-not-allowed disabled:opacity-60"
>
Suspend
</button>
<button
onClick={() => onDomainAction(domain, "unsuspend")}
disabled={
loading ||
!domain.subscription_id ||
isDomainActive(domain.status)
}
title={
!domain.subscription_id
? "Not linked to a subscription yet — run sync"
: undefined
}
className="rounded border border-emerald-300 px-2 py-1 text-xs text-emerald-700 disabled:cursor-not-allowed disabled:opacity-60"
>
Unsuspend
</button>
</div>
</td>
</tr>
))
)}

21
docker-compose.prod.yml Normal file
View File

@@ -0,0 +1,21 @@
services:
web:
container_name: plesk-agency-portal
image: ${APP_IMAGE:-plesk-agency-portal:latest}
restart: unless-stopped
env_file:
- .env
ports:
- "3000:3000"
healthcheck:
test:
[
"CMD",
"node",
"-e",
"fetch('http://127.0.0.1:3000/api/health').then((r)=>{if(!r.ok)process.exit(1)}).catch(()=>process.exit(1))",
]
interval: 30s
timeout: 5s
retries: 3
start_period: 20s

230
docs/ai-project-context.md Normal file
View File

@@ -0,0 +1,230 @@
# Project: Plesk Agency Portal
This project is a multi-tenant SaaS platform that allows agencies to manage multiple Plesk servers from a single dashboard.
The application synchronizes subscriptions and domains from Plesk instances and allows administrators to manage hosting accounts.
---
# Technology Stack
Frontend
- Next.js (App Router)
- React
- TypeScript
Backend
- Next.js API routes
- Node runtime
Database
- Supabase Postgres
Authentication
- Supabase Auth (magic link)
External Integrations
- Plesk REST API
- Plesk CLI
- Stripe (future billing integration)
Development Tools
- Git
- Docker (for some services)
- Jenkins (future CI/CD)
---
# Core Database Tables
agencies
agency_members
plesk_instances
plesk_subscriptions
plesk_domains
actions_log
billing_accounts
---
# Multi-Tenant Model
Each user belongs to an agency.
Agency relationships:
user
→ agency_members
→ agencies
→ plesk_instances
→ plesk_subscriptions
→ plesk_domains
Row Level Security in Supabase ensures users can only access rows belonging to their agency.
Never bypass or remove RLS policies.
---
# Plesk Integration
The system integrates with Plesk using both:
Plesk REST API
Plesk CLI
Common CLI commands used:
subscription --info
subscription --suspend
subscription --unsuspend
CLI output must always be parsed defensively because formatting can vary between Plesk versions.
---
# Sync System
The platform supports manual synchronization of Plesk instances.
During sync the system:
1. Connects to a Plesk instance
2. Retrieves subscriptions and domains
3. Updates records in Supabase
4. Updates the dashboard
Future development will include background sync workers.
---
# Dashboard Features
Current features include:
Connecting Plesk instances
Testing connections
Manual sync
Listing domains and subscriptions
Suspending subscriptions
Unsuspending subscriptions
---
# Logging
Operational actions are written to:
actions_log
Examples include:
instance_connected
sync_started
sync_completed
subscription_suspended
subscription_unsuspended
Logging should never block primary workflows.
---
# Development Rules
When implementing features:
Search the repository before modifying code.
Extend existing architecture rather than rewriting systems.
Avoid introducing breaking database schema changes.
Prefer small modular functions.
Keep API routes thin.
Place integration logic inside lib folders.
---
# Git Workflow
Default branch:
master
All work must be done on feature branches.
Example:
git checkout master
git pull
git checkout -b feature/<feature-name>
Never commit directly to master.
---
# Error Handling
External integrations must always fail gracefully.
If a single subscription fails during sync, the rest of the sync must continue.
All failures should be logged.
---
# UI Safety
Dashboard components must:
Handle null values safely
Avoid crashing if API responses change
Use status badges instead of raw text for statuses
---
# Future Roadmap
Upcoming development milestones include:
CL4 Subscription status ingestion via CLI
CL5 Action logging and retry queue
CL6 Automatic sync worker
CL7 Stripe billing enforcement
CL8 Instance health monitoring
CL9 Observability and audit improvements
---
# AI Agent Instructions
Before modifying code:
Search the repository for related implementations.
Avoid rewriting working systems.
Implement minimal safe modifications.
Always verify that existing features continue working.
If unsure about a change, prefer logging rather than failing.

202
docs/cline-super-prompt.md Normal file
View File

@@ -0,0 +1,202 @@
# Cline Development Super Prompt
You are acting as a senior software engineer working on this repository.
Before making any modifications you must understand the project structure and current implementation.
Always read:
`docs/ai-project-context.md`
before implementing tasks.
---
## Working Method
When given a task follow this process.
Step 1
Search the repository for relevant code.
Step 2
Identify the correct extension point for the feature.
Step 3
Design the minimal safe implementation.
Step 4
Modify only the required files.
Step 5
Verify existing functionality remains intact.
Never rewrite large parts of the system unless explicitly instructed.
---
## Repository Exploration Rules
Before editing files:
Search for related implementations.
Look for:
- plesk integration
- sync logic
- API routes
- database queries
- dashboard components
Use existing patterns instead of creating new ones.
---
## Database Rules
The project uses Supabase Postgres.
Never introduce breaking schema changes.
All schema updates must be done using safe migrations.
Never remove columns that may contain production data.
Always assume the database already contains data.
---
## Multi-Tenant Security
This system is multi-tenant.
Users belong to agencies.
All queries must respect agency boundaries.
Never bypass Supabase Row Level Security.
Never expose data across agencies.
---
## Plesk Integration Safety
The platform interacts with Plesk servers using both REST API and CLI commands.
CLI output can vary between Plesk versions.
Always parse CLI output defensively.
Never assume fixed output formatting.
External integration failures must not crash the application.
---
## Sync Pipeline Rules
The sync system is critical to the platform.
Never break existing sync behaviour.
If one subscription fails during sync:
Continue processing the rest.
Log the failure.
Do not abort the entire sync job.
---
## Logging Requirements
Operational events should be written to:
`actions_log`
Examples include:
- instance_connected
- sync_started
- sync_completed
- subscription_suspended
- subscription_unsuspended
Logging errors must never break primary workflows.
---
## UI Safety
Frontend components must:
Handle missing or null data safely.
Avoid crashing when API responses change.
Display statuses using badges instead of raw text.
---
## Git Workflow
The repository uses:
`master` as the default branch.
All development must occur in feature branches.
Example workflow:
```bash
git checkout master
git pull
git checkout -b feature/<feature-name>
```
Commit frequently with clear commit messages.
Never commit directly to master.
---
## Implementation Guidelines
Prefer small modular changes.
Avoid large refactors unless requested.
Keep API routes lightweight.
Place integration logic inside lib folders.
Reuse existing utilities where possible.
---
## Error Handling
External services can fail.
Always implement safe error handling.
Prefer returning partial results over failing the entire operation.
Log unexpected behaviour.
---
## Expected Output
When implementing tasks you should:
Modify only the required files.
Maintain existing architecture.
Add clear commit messages.
Ensure the application remains stable.

View File

@@ -0,0 +1,157 @@
# Production Deployment Runtime Foundation
This project can be deployed in a dedicated Proxmox container using Docker Compose. The files added here establish a minimal production runtime baseline without changing application business logic or Supabase security boundaries.
## Dockerfile purpose
The `Dockerfile` uses a multi-stage build on Node 20:
- installs dependencies
- runs `next build`
- prepares a lean runtime image with production dependencies
- runs the app with `next start` on port `3000`
This keeps the runtime image small and focused on serving the built Next.js app.
## docker-compose.prod.yml purpose
`docker-compose.prod.yml` defines one service:
- service name: `web`
- container name: `plesk-agency-portal`
- restart policy: `unless-stopped`
- environment from `.env`
- port mapping `3000:3000`
- health check against `/api/health`
## External Supabase requirement
Supabase remains external to this application container. The app container must only connect to Supabase via environment variables. No local Supabase container is included in this production compose file.
## Health endpoint usage
`GET /api/health` provides a fast, dependency-light runtime check for container orchestration and uptime checks.
Example:
```bash
curl -s http://localhost:3000/api/health
```
Expected response shape:
- `ok: true`
- `service: "plesk-agency-portal"`
- `timestamp`
- `environment`
## Production environment expectations
Before deploying, set production-safe values in `.env` (using `.env.example` as the template), including:
- app URL and `NODE_ENV`
- Supabase public and server credentials
- Plesk credential encryption key
- Stripe secrets
- cron/job shared secrets
Keep secrets out of source control.
## Reverse proxy assumptions (Nginx Proxy Manager)
This app is expected to run behind a reverse proxy in production.
- TLS is terminated at the proxy.
- Proxy forwards standard host/protocol headers (`Host`, `X-Forwarded-Proto`, `X-Forwarded-Host`).
- Public origin is configured explicitly with `NEXT_PUBLIC_APP_URL`.
To keep callback behavior stable behind proxy layers, auth redirect responses use the configured application origin from environment configuration rather than relying only on request host detection.
## Callback URL expectations
- `NEXT_PUBLIC_APP_URL` must be set to the public HTTPS URL used by users.
- Supabase auth redirect/callback configuration must allow:
- `<NEXT_PUBLIC_APP_URL>/auth/callback`
The callback route also validates the `next` parameter as an internal path to prevent unsafe external redirects.
## Cron protection expectations
Operational cron endpoints are protected with a shared secret.
- Required header: `x-cron-secret`
- Server secret source: `CRON_SHARED_SECRET`
- Backward compatibility fallback: `CRON_SECRET`
For new production setups, set `CRON_SHARED_SECRET` and use that value for all cron callers.
## Jenkins pipeline flow
The repository includes a declarative `Jenkinsfile` with the following stages:
1. **Checkout**
2. **Install dependencies** (`npm ci`)
3. **Lint** (runs only when `package.json` contains a `lint` script)
4. **Build application** (`npm run build`)
5. **Build Docker image** (tags `latest` and `build-${BUILD_NUMBER}`)
6. **Deploy** over SSH to the app host
7. **Smoke check** against `/api/health`
## Required Jenkins configuration
Configure these values in Jenkins job/folder/global environment or credentials-backed environment variables:
- `DEPLOY_SSH_HOST` - remote app host
- `DEPLOY_SSH_USER` - SSH user on remote host
- `DEPLOY_SSH_CREDENTIAL_ID` - Jenkins SSH Agent credential ID
- `DEPLOY_PATH` - remote deployment path (for example `/opt/plesk-agency-portal`)
- `APP_BASE_URL` - externally reachable app URL used by smoke check
The pipeline assumes Jenkins credentials are managed outside this repository.
Jenkins runtime requirements:
- The pipeline must run on a Jenkins agent with the `docker` label.
- That agent must have Docker CLI installed and permission to access Docker daemon/socket.
- `rsync` and `ssh` must also be available on the Jenkins agent.
If Docker is missing or inaccessible, the pipeline now fails early in a dedicated preflight stage with an explicit message.
## Deploy flow
Deployment is intentionally simple and bash-based:
1. Jenkins builds Docker image tags locally.
2. Jenkins syncs deployment files (`docker-compose.prod.yml`, deploy/smoke/rollback scripts) to the remote deploy path.
3. Jenkins streams Docker images to the remote host (`docker save | ssh docker load`).
4. Jenkins runs `scripts/deploy-prod.sh` remotely.
5. Script applies the selected image tag via:
```bash
APP_IMAGE=<tag> docker compose -f docker-compose.prod.yml up -d --no-build
```
6. Script prints `docker compose ps` status.
## Rollback flow
Rollback uses `scripts/rollback-prod.sh` with a previously built image tag:
```bash
DEPLOY_PATH=/opt/plesk-agency-portal \
APP_BASE_URL=https://your-app.example.com \
scripts/rollback-prod.sh plesk-agency-portal:build-123
```
Rollback redeploys that image with compose, then immediately reruns smoke checks.
## Smoke check behavior
`scripts/smoke-check.sh`:
- accepts a base URL argument
- requests `${BASE_URL}/api/health`
- fails on non-200 responses
- fails on invalid JSON or missing expected fields (`ok: true`, `service` string)
This gives a quick post-deploy validation gate for both deploy and rollback operations.

179
docs/system-architecture.md Normal file
View File

@@ -0,0 +1,179 @@
# System Architecture
This document describes the architecture of the Plesk Agency Portal SaaS platform.
The platform allows agencies to connect multiple Plesk servers and manage hosting subscriptions from a single dashboard.
---
# High Level Components
The system consists of the following components:
Frontend Dashboard
Backend API
Supabase Database
Plesk Servers
Future Worker Services
Future Billing Integration
At a high level, users interact with the Frontend Dashboard, which sends authenticated requests to the Backend API (Next.js API routes). The backend reads and writes persistent state in Supabase, and executes remote operations against connected Plesk servers via API/CLI integrations. Future worker services will run asynchronous sync and retry workflows, while future billing integration will enforce plan limits and subscription state.
---
# Frontend
The frontend is a Next.js application using the App Router.
Responsibilities include:
User authentication
Dashboard interface
Displaying domains and subscriptions
Triggering sync operations
Sending management actions (suspend / unsuspend)
The frontend communicates with backend API routes.
---
# Backend
The backend uses Next.js API routes.
Responsibilities include:
Handling authenticated requests
Connecting to Supabase
Executing Plesk API and CLI commands
Processing sync operations
Writing operational logs
Business logic should be implemented in reusable modules inside the lib directory.
---
# Database
Supabase Postgres is used for persistent storage.
Key tables include:
agencies
agency_members
plesk_instances
plesk_subscriptions
plesk_domains
actions_log
billing_accounts
Relationship overview:
- `agencies` is the tenant root.
- `agency_members` associates users to agencies and roles.
- `plesk_instances` stores connected remote Plesk endpoints per agency.
- `plesk_subscriptions` stores subscription-level records linked to instances.
- `plesk_domains` stores domain-level records linked to subscriptions/instances.
- `actions_log` stores operational/audit events.
- `billing_accounts` stores plan/subscription billing state per agency.
The multi-tenant model is enforced using Supabase Row Level Security policies so users can only read/write rows that belong to their agency.
---
# Plesk Integration
The platform communicates with remote Plesk servers.
Integration methods:
Plesk REST API
Plesk CLI commands
Typical operations include:
Listing subscriptions
Retrieving domain data
Suspending subscriptions
Unsuspending subscriptions
CLI parsing must be defensive due to formatting differences between Plesk versions.
---
# Sync System
The system supports synchronization of Plesk servers.
Manual sync is triggered from the dashboard.
During sync:
The backend connects to a Plesk instance
Subscription and domain data are retrieved
Records are updated in Supabase
The dashboard displays updated data
Future development will add automated background sync workers.
---
# Logging System
Operational actions are recorded in the actions_log table.
Examples:
instance_connected
sync_started
sync_completed
subscription_suspended
subscription_unsuspended
Logging supports debugging and auditability.
---
# Future Worker Architecture
Future versions of the system will include background workers for:
Automatic instance synchronization
Retry queues
Monitoring tasks
Workers may run as:
Cron jobs
Queue processors
Dedicated worker services
---
# Billing Architecture (Future)
Stripe will be integrated for SaaS billing.
Billing responsibilities will include:
Agency subscription plans
Usage limits
Payment handling
Billing enforcement will eventually control:
Number of connected Plesk instances
Number of managed domains
---
# Development Philosophy
The system prioritizes:
Stability
Security
Multi-tenant isolation
Safe integrations with external systems
Developers should extend existing systems rather than rewriting them.

View File

@@ -3,6 +3,18 @@ const requiredEnvs = [
"NEXT_PUBLIC_SUPABASE_ANON_KEY",
] as const;
const configuredAppUrl = process.env.NEXT_PUBLIC_APP_URL?.trim();
function getAppOrigin() {
if (!configuredAppUrl) return "http://localhost:3000";
try {
return new URL(configuredAppUrl).origin;
} catch {
return "http://localhost:3000";
}
}
for (const key of requiredEnvs) {
if (!process.env[key]) {
// Keep as runtime warning for smoother local setup.
@@ -12,8 +24,12 @@ for (const key of requiredEnvs) {
}
export const env = {
appUrl: process.env.NEXT_PUBLIC_APP_URL ?? "http://localhost:3000",
appUrl: configuredAppUrl ?? "http://localhost:3000",
appOrigin: getAppOrigin(),
jobSecret: process.env.JOB_SECRET ?? "",
cronSecret: process.env.CRON_SECRET ?? "",
cronSharedSecret:
process.env.CRON_SHARED_SECRET ?? process.env.CRON_SECRET ?? "",
encryptionKey: process.env.ENCRYPTION_KEY ?? "",
pleskCredEncKey: process.env.PLESK_CRED_ENC_KEY ?? "",
stripeSecretKey: process.env.STRIPE_SECRET_KEY ?? "",

232
lib/plesk/auto-sync.ts Normal file
View File

@@ -0,0 +1,232 @@
import { randomUUID } from "crypto";
import { syncPleskInstance } from "@/lib/plesk/sync";
type SupabaseLike = any;
type AutoSyncInstance = {
id: string;
agency_id: string;
base_url: string;
auth_type: "api_key" | "basic";
encrypted_secret: string;
last_connected_at: string | null;
auto_sync_enabled: boolean;
auto_sync_frequency_minutes: number | null;
next_auto_sync_at: string | null;
auto_sync_lock_until: string | null;
};
type AutoSyncSummary = {
instances_considered: number;
locks_acquired: number;
succeeded: number;
failed: number;
duration_ms: number;
};
const MAX_INSTANCES_PER_TICK = 5;
const MAX_CONCURRENCY = 2;
const LOCK_LEASE_SECONDS = 15 * 60;
const INSTANCE_TIMEOUT_MS = 14 * 60 * 1000;
function isDue(instance: AutoSyncInstance, now: number) {
if (!instance.next_auto_sync_at) return true;
const dueAt = new Date(instance.next_auto_sync_at).getTime();
return Number.isFinite(dueAt) && dueAt <= now;
}
function isUnlocked(instance: AutoSyncInstance, now: number) {
if (!instance.auto_sync_lock_until) return true;
const lockUntil = new Date(instance.auto_sync_lock_until).getTime();
return !Number.isFinite(lockUntil) || lockUntil <= now;
}
async function insertActionLogBestEffort(
supabase: SupabaseLike,
payload: Record<string, unknown>,
) {
try {
const { error } = await supabase.from("actions_log").insert(payload);
if (error) {
console.error("[autosync] actions_log insert failed", error.message);
}
} catch (error) {
console.error("[autosync] actions_log insert threw", error);
}
}
async function withTimeout<T>(
promise: Promise<T>,
timeoutMs: number,
): Promise<T> {
let timeout: ReturnType<typeof setTimeout> | null = null;
const timeoutPromise = new Promise<never>((_, reject) => {
timeout = setTimeout(() => {
reject(new Error("Auto-sync timed out"));
}, timeoutMs);
});
try {
return await Promise.race([promise, timeoutPromise]);
} finally {
if (timeout) clearTimeout(timeout);
}
}
export async function runAutoSyncTick(
supabase: SupabaseLike,
): Promise<AutoSyncSummary> {
const startedAt = Date.now();
const now = Date.now();
const { data: rows, error } = await supabase
.from("plesk_instances")
.select(
"id, agency_id, base_url, auth_type, encrypted_secret, last_connected_at, auto_sync_enabled, auto_sync_frequency_minutes, next_auto_sync_at, auto_sync_lock_until",
)
.eq("status", "connected")
.eq("auto_sync_enabled", true)
.order("next_auto_sync_at", { ascending: true, nullsFirst: true })
.limit(50);
if (error) {
throw new Error(error.message);
}
const eligible = ((rows ?? []) as AutoSyncInstance[])
.filter((instance) => isDue(instance, now) && isUnlocked(instance, now))
.slice(0, MAX_INSTANCES_PER_TICK);
let locksAcquired = 0;
let succeeded = 0;
let failed = 0;
const queue = [...eligible];
async function processInstance(instance: AutoSyncInstance) {
const lockToken = randomUUID();
const { data: lockAcquired, error: lockError } = await supabase.rpc(
"acquire_instance_auto_sync_lock",
{
p_instance_id: instance.id,
p_lock_token: lockToken,
p_ttl_seconds: LOCK_LEASE_SECONDS,
},
);
if (lockError || !lockAcquired) return;
locksAcquired += 1;
const perInstanceStartedAt = Date.now();
const frequencyMinutes = Math.max(
instance.auto_sync_frequency_minutes ?? 60,
5,
);
await insertActionLogBestEffort(supabase, {
agency_id: instance.agency_id,
actor_user_id: null,
target_type: "plesk_instance",
target_id: instance.id,
action: "autosync_started",
status: "pending",
metadata: {
instance_id: instance.id,
lock_token: lockToken,
frequency_minutes: frequencyMinutes,
},
});
try {
await withTimeout(
syncPleskInstance(supabase, instance, null, "autosync"),
INSTANCE_TIMEOUT_MS,
);
succeeded += 1;
await insertActionLogBestEffort(supabase, {
agency_id: instance.agency_id,
actor_user_id: null,
target_type: "plesk_instance",
target_id: instance.id,
action: "autosync_completed",
status: "success",
metadata: {
instance_id: instance.id,
lock_token: lockToken,
duration_ms: Date.now() - perInstanceStartedAt,
},
});
} catch (syncError) {
failed += 1;
const errorMessage =
syncError instanceof Error
? syncError.message.slice(0, 500)
: "autosync_failed";
await insertActionLogBestEffort(supabase, {
agency_id: instance.agency_id,
actor_user_id: null,
target_type: "plesk_instance",
target_id: instance.id,
action: "autosync_failed",
status: "failed",
error_message: errorMessage,
metadata: {
instance_id: instance.id,
lock_token: lockToken,
duration_ms: Date.now() - perInstanceStartedAt,
error_summary: errorMessage,
},
});
} finally {
const nowIso = new Date().toISOString();
const nextAutoSyncAtIso = new Date(
Date.now() + frequencyMinutes * 60 * 1000,
).toISOString();
const { error: scheduleError } = await supabase
.from("plesk_instances")
.update({
last_auto_sync_at: nowIso,
next_auto_sync_at: nextAutoSyncAtIso,
auto_sync_lock_until: null,
auto_sync_lock_token: null,
})
.eq("id", instance.id)
.eq("auto_sync_lock_token", lockToken);
if (scheduleError) {
console.error(
"[autosync] schedule update failed",
scheduleError.message,
);
}
}
}
const workers = Array.from(
{ length: Math.min(MAX_CONCURRENCY, queue.length) },
async () => {
while (queue.length > 0) {
const instance = queue.shift();
if (!instance) break;
await processInstance(instance);
}
},
);
await Promise.all(workers);
return {
instances_considered: eligible.length,
locks_acquired: locksAcquired,
succeeded,
failed,
duration_ms: Date.now() - startedAt,
};
}

View File

@@ -9,12 +9,15 @@ export type PleskConnection = {
};
export type PleskSubscription = {
plesk_subscription_id?: string;
id?: string | number;
guid?: string;
subscription_id?: string | number;
external_id?: string;
name?: string;
status?: string;
status_raw?: string | null;
status_sync_error?: string | null;
owner_login?: string;
owner?: { login?: string };
plan_name?: string;
@@ -137,51 +140,95 @@ export async function testPleskConnection(connection: PleskConnection) {
}
export async function listPleskSubscriptions(connection: PleskConnection) {
try {
const all: PleskSubscription[] = [];
const listResult = await pleskCliCall(connection, "subscription", ["--list"]);
for (let page = 1; page <= 20; page += 1) {
const payload = await pleskRequest<PleskSubscription[]>(
connection,
`/api/v2/subscriptions?page=${page}&per_page=100`,
);
const rows = Array.isArray(payload) ? payload : [];
all.push(...rows);
if (rows.length < 100) break;
}
return all;
} catch {
const cli = await pleskRequest<PleskCliResult>(
connection,
"/api/v2/cli/subscription/call",
{
method: "POST",
body: JSON.stringify({ params: ["--list"] }),
},
);
const stdout = cli?.stdout ?? "";
if (!stdout.trim()) {
return [];
}
return stdout
const subscriptionNames = (listResult.stdout ?? "")
.split(/\r?\n/)
.map((line) => line.trim())
.filter(Boolean)
.map((line) => {
const columns = line.split(/\s+/);
const externalId = columns[0] ?? line;
return {
id: externalId,
subscription_id: externalId,
external_id: externalId,
name: columns.slice(1).join(" ") || externalId,
status: null,
};
.filter(Boolean);
const subscriptions: PleskSubscription[] = [];
for (const subscriptionName of subscriptionNames.slice(0, 500)) {
let status: "active" | "suspended" | "disabled" | "expired" | "unknown" =
"unknown";
let statusRaw: string | null = null;
let statusSyncError: string | null = null;
try {
const infoResult = await pleskCliCall(connection, "subscription", [
"--info",
subscriptionName,
]);
const parsed = parseSubscriptionStatusDetailsFromInfo(
infoResult.stdout ?? "",
);
status = parsed.status;
statusRaw = parsed.statusRaw;
} catch (error) {
status = "unknown";
statusSyncError =
error instanceof Error
? error.message.slice(0, 1000)
: "status_sync_failed";
}
subscriptions.push({
plesk_subscription_id: subscriptionName,
subscription_id: subscriptionName,
name: subscriptionName,
status,
status_raw: statusRaw,
status_sync_error: statusSyncError,
});
}
return subscriptions;
}
export function parseSubscriptionStatusDetailsFromInfo(stdout: string): {
status: "active" | "suspended" | "disabled" | "expired" | "unknown";
statusRaw: string | null;
} {
const line = stdout
.split(/\r?\n/)
.map((entry) => entry.trim())
.find((entry) => /^domain\s+status\s*:/i.test(entry));
if (!line) {
return { status: "unknown", statusRaw: null };
}
const value = line.replace(/^domain\s+status\s*:/i, "").trim();
const normalized = value.toLowerCase();
if (normalized.includes("expired")) {
return { status: "expired", statusRaw: value };
}
if (normalized.includes("disabled")) {
return { status: "disabled", statusRaw: value };
}
if (normalized.includes("suspend")) {
return { status: "suspended", statusRaw: value };
}
if (
normalized.includes("ok") ||
normalized.includes("active") ||
normalized.includes("enabled")
) {
return { status: "active", statusRaw: value };
}
return { status: "unknown", statusRaw: value };
}
export function parseSubscriptionStatusFromInfo(
stdout: string,
): "active" | "suspended" | "disabled" | "expired" | "unknown" {
return parseSubscriptionStatusDetailsFromInfo(stdout).status;
}
export async function pleskCliCall(
@@ -242,7 +289,7 @@ export async function unsuspendPleskSubscription(
subscriptionName: string,
) {
return pleskCliCall(connection, "subscription", [
"--webspace-on",
"--unsuspend",
subscriptionName,
]);
}

345
lib/plesk/health.ts Normal file
View File

@@ -0,0 +1,345 @@
import { randomUUID } from "crypto";
import { testPleskConnection } from "@/lib/plesk/client";
type SupabaseLike = any;
type HealthStatus = "ok" | "degraded" | "down" | "unknown";
type HealthInstance = {
id: string;
agency_id: string;
base_url: string;
auth_type: "api_key" | "basic";
encrypted_secret: string;
health_enabled: boolean;
health_check_frequency_minutes: number | null;
health_next_check_at: string | null;
health_lock_until: string | null;
};
type HealthCheckResult = {
status: Exclude<HealthStatus, "unknown">;
latency_ms: number;
error_message: string | null;
};
type RunSingleHealthCheckResult = {
checked: boolean;
status?: Exclude<HealthStatus, "unknown">;
latency_ms?: number;
error_message?: string | null;
};
export type HealthTickSummary = {
checked: number;
ok: number;
degraded: number;
failed: number;
duration_ms: number;
};
const MAX_INSTANCES_PER_TICK = 10;
const MAX_CONCURRENCY = 3;
const LOCK_LEASE_SECONDS = 5 * 60;
const HEALTH_TIMEOUT_MS = 15_000;
const DEGRADED_LATENCY_THRESHOLD_MS = 2_500;
function isDue(instance: HealthInstance, now: number) {
if (!instance.health_next_check_at) return true;
const dueAt = new Date(instance.health_next_check_at).getTime();
return Number.isFinite(dueAt) && dueAt <= now;
}
function isUnlocked(instance: HealthInstance, now: number) {
if (!instance.health_lock_until) return true;
const lockUntil = new Date(instance.health_lock_until).getTime();
return !Number.isFinite(lockUntil) || lockUntil <= now;
}
async function insertActionLogBestEffort(
supabase: SupabaseLike,
payload: Record<string, unknown>,
) {
try {
const { error } = await supabase.from("actions_log").insert(payload);
if (error) {
console.error("[health] actions_log insert failed", error.message);
}
} catch (error) {
console.error("[health] actions_log insert threw", error);
}
}
async function withTimeout<T>(
promise: Promise<T>,
timeoutMs: number,
): Promise<T> {
let timeout: ReturnType<typeof setTimeout> | null = null;
const timeoutPromise = new Promise<never>((_, reject) => {
timeout = setTimeout(() => {
reject(new Error("Health check timed out"));
}, timeoutMs);
});
try {
return await Promise.race([promise, timeoutPromise]);
} finally {
if (timeout) clearTimeout(timeout);
}
}
async function checkPleskInstanceHealth(
instance: Pick<HealthInstance, "base_url" | "auth_type" | "encrypted_secret">,
): Promise<HealthCheckResult> {
const startedAt = Date.now();
try {
await withTimeout(
testPleskConnection({
baseUrl: instance.base_url,
authType: instance.auth_type,
encryptedSecret: instance.encrypted_secret,
}),
HEALTH_TIMEOUT_MS,
);
const latencyMs = Date.now() - startedAt;
const status: "ok" | "degraded" =
latencyMs > DEGRADED_LATENCY_THRESHOLD_MS ? "degraded" : "ok";
return {
status,
latency_ms: latencyMs,
error_message: null,
};
} catch (error) {
return {
status: "down",
latency_ms: Date.now() - startedAt,
error_message:
error instanceof Error
? error.message.slice(0, 1000)
: "health_check_failed",
};
}
}
export async function runInstanceHealthCheck(
supabase: SupabaseLike,
instance: HealthInstance,
input?: {
actorUserId?: string | null;
force?: boolean;
source?: "cron" | "manual";
},
): Promise<RunSingleHealthCheckResult> {
const lockToken = randomUUID();
const actorUserId = input?.actorUserId ?? null;
const source = input?.source ?? "cron";
const { data: lockAcquired, error: lockError } = await supabase.rpc(
"acquire_instance_health_lock",
{
p_instance_id: instance.id,
p_lock_token: lockToken,
p_ttl_seconds: LOCK_LEASE_SECONDS,
p_force: Boolean(input?.force),
},
);
if (lockError || !lockAcquired) {
return { checked: false };
}
const startedAt = Date.now();
const nowIso = new Date().toISOString();
const frequencyMinutes = Math.max(
instance.health_check_frequency_minutes ?? 30,
5,
);
const nextCheckAtIso = new Date(
Date.now() + frequencyMinutes * 60 * 1000,
).toISOString();
await insertActionLogBestEffort(supabase, {
agency_id: instance.agency_id,
actor_user_id: actorUserId,
target_type: "plesk_instance",
target_id: instance.id,
action: "health_check_started",
status: "pending",
metadata: {
instance_id: instance.id,
lock_token: lockToken,
source,
},
});
try {
const result = await checkPleskInstanceHealth(instance);
const updates: Record<string, unknown> = {
health_status: result.status,
health_last_checked_at: nowIso,
health_last_latency_ms: result.latency_ms,
health_last_error: result.error_message,
health_next_check_at: nextCheckAtIso,
health_lock_until: null,
health_lock_token: null,
};
if (result.status === "ok") {
updates.health_last_ok_at = nowIso;
}
const { error: updateError } = await supabase
.from("plesk_instances")
.update(updates)
.eq("id", instance.id)
.eq("health_lock_token", lockToken);
if (updateError) {
throw new Error(updateError.message);
}
const action =
result.status === "ok"
? "health_check_ok"
: result.status === "degraded"
? "health_check_degraded"
: "health_check_failed";
await insertActionLogBestEffort(supabase, {
agency_id: instance.agency_id,
actor_user_id: actorUserId,
target_type: "plesk_instance",
target_id: instance.id,
action,
status: result.status === "down" ? "failed" : "success",
error_message: result.error_message,
metadata: {
instance_id: instance.id,
lock_token: lockToken,
source,
latency_ms: result.latency_ms,
duration_ms: Date.now() - startedAt,
},
});
return {
checked: true,
status: result.status,
latency_ms: result.latency_ms,
error_message: result.error_message,
};
} catch (error) {
const errorMessage =
error instanceof Error
? error.message.slice(0, 1000)
: "health_check_failed";
await supabase
.from("plesk_instances")
.update({
health_status: "down",
health_last_checked_at: nowIso,
health_last_error: errorMessage,
health_next_check_at: nextCheckAtIso,
})
.eq("id", instance.id);
await insertActionLogBestEffort(supabase, {
agency_id: instance.agency_id,
actor_user_id: actorUserId,
target_type: "plesk_instance",
target_id: instance.id,
action: "health_check_failed",
status: "failed",
error_message: errorMessage,
metadata: {
instance_id: instance.id,
lock_token: lockToken,
source,
duration_ms: Date.now() - startedAt,
},
});
return {
checked: true,
status: "down",
latency_ms: Date.now() - startedAt,
error_message: errorMessage,
};
} finally {
await supabase.rpc("release_instance_health_lock", {
p_instance_id: instance.id,
p_lock_token: lockToken,
});
}
}
export async function runHealthCheckTick(
supabase: SupabaseLike,
): Promise<HealthTickSummary> {
const startedAt = Date.now();
const now = Date.now();
const { data: rows, error } = await supabase
.from("plesk_instances")
.select(
"id, agency_id, base_url, auth_type, encrypted_secret, health_enabled, health_check_frequency_minutes, health_next_check_at, health_lock_until",
)
.eq("health_enabled", true)
.order("health_next_check_at", { ascending: true, nullsFirst: true })
.limit(50);
if (error) {
throw new Error(error.message);
}
const eligible = ((rows ?? []) as HealthInstance[])
.filter((instance) => isDue(instance, now) && isUnlocked(instance, now))
.slice(0, MAX_INSTANCES_PER_TICK);
let checked = 0;
let ok = 0;
let degraded = 0;
let failed = 0;
const queue = [...eligible];
const workers = Array.from(
{ length: Math.min(MAX_CONCURRENCY, queue.length) },
async () => {
while (queue.length > 0) {
const instance = queue.shift();
if (!instance) break;
const result = await runInstanceHealthCheck(supabase, instance, {
actorUserId: null,
force: false,
source: "cron",
});
if (!result.checked || !result.status) continue;
checked += 1;
if (result.status === "ok") ok += 1;
else if (result.status === "degraded") degraded += 1;
else failed += 1;
}
},
);
await Promise.all(workers);
return {
checked,
ok,
degraded,
failed,
duration_ms: Date.now() - startedAt,
};
}

View File

@@ -22,8 +22,34 @@ type InstanceRow = Pick<
| "last_connected_at"
>;
type LocalSubscriptionLookupRow = {
id: string;
plesk_subscription_id: string;
name: string | null;
status: string | null;
};
const MIN_INTERVAL_MS = 3 * 60 * 1000;
function normalizeDomainLike(value: string) {
return value.trim().toLowerCase().replace(/\.$/, "");
}
function findBestSuffixSubscriptionMatch<
T extends { normalizedName: string; id: string; status: string | null },
>(normalizedDomain: string, candidates: T[]) {
let best: T | undefined;
for (const candidate of candidates) {
if (!normalizedDomain.endsWith(`.${candidate.normalizedName}`)) continue;
if (!best || candidate.normalizedName.length > best.normalizedName.length) {
best = candidate;
}
}
return best;
}
export async function syncPleskInstance(
supabase: SupabaseLike,
instance: InstanceRow,
@@ -32,6 +58,31 @@ export async function syncPleskInstance(
): Promise<SyncResult> {
const startedAtIso = new Date().toISOString();
const logStatusSyncEvent = async (
eventAction:
| "subscription_status_sync_started"
| "subscription_status_sync_completed"
| "subscription_status_sync_failed",
metadata?: Record<string, unknown>,
status: "success" | "failed" = "success",
errorMessage?: string | null,
) => {
try {
await supabase.from("actions_log").insert({
agency_id: instance.agency_id,
actor_user_id: actorUserId ?? null,
target_type: "plesk_instance",
target_id: instance.id,
action: eventAction,
status,
error_message: errorMessage ?? null,
metadata: metadata ?? {},
});
} catch {
// Logging should never block sync flow.
}
};
await supabase
.from("plesk_instances")
.update({
@@ -67,6 +118,10 @@ export async function syncPleskInstance(
}
try {
await logStatusSyncEvent("subscription_status_sync_started", {
started_at: startedAtIso,
});
const [subscriptionsRaw, domainsRaw] = await Promise.all([
listPleskSubscriptions({
baseUrl: instance.base_url,
@@ -82,14 +137,21 @@ export async function syncPleskInstance(
const subscriptionsForUpsert = subscriptionsRaw
.map((item: any) => {
const sourceId = item?.id ?? item?.guid ?? item?.subscription_id;
const sourceId =
item?.plesk_subscription_id ??
item?.name ??
item?.id ??
item?.guid ??
item?.subscription_id;
if (!sourceId) return null;
return {
agency_id: instance.agency_id,
plesk_instance_id: instance.id,
plesk_subscription_id: String(sourceId),
name: item?.name ? String(item.name) : null,
status: item?.status ? String(item.status) : null,
name: item?.name ? String(item.name) : String(sourceId),
status: item?.status ? String(item.status) : "unknown",
status_raw: item?.status_raw ? String(item.status_raw) : null,
last_status_sync_at: startedAtIso,
owner_login: item?.owner_login
? String(item.owner_login)
: item?.owner?.login
@@ -104,6 +166,10 @@ export async function syncPleskInstance(
})
.filter(Boolean) as Array<Record<string, unknown>>;
const subscriptionStatusSyncFailures = subscriptionsRaw.filter(
(item: any) => Boolean(item?.status_sync_error),
);
if (subscriptionsForUpsert.length > 0) {
const { error } = await supabase
.from("plesk_subscriptions")
@@ -113,12 +179,127 @@ export async function syncPleskInstance(
if (error) throw new Error(error.message);
}
const { data: localSubscriptions, error: localSubscriptionsError } =
await supabase
.from("plesk_subscriptions")
.select("id, plesk_subscription_id, name, status")
.eq("agency_id", instance.agency_id)
.eq("plesk_instance_id", instance.id);
if (localSubscriptionsError) {
throw new Error(localSubscriptionsError.message);
}
const subscriptionsIndexed = ((localSubscriptions ?? []) as Array<any>)
.filter((row): row is LocalSubscriptionLookupRow =>
Boolean(row?.plesk_subscription_id && row?.id),
)
.map((row) => ({
id: String(row.id),
pleskSubscriptionId: String(row.plesk_subscription_id),
status: row?.status ? String(row.status) : null,
name: row?.name ? String(row.name) : null,
}));
const subscriptionByExternalId = new Map<
string,
{
id: string;
pleskSubscriptionId: string;
status: string | null;
name: string | null;
}
>(subscriptionsIndexed.map((row) => [row.pleskSubscriptionId, row]));
const subscriptionByLocalId = new Map<
string,
{
id: string;
pleskSubscriptionId: string;
status: string | null;
name: string | null;
}
>(subscriptionsIndexed.map((row) => [row.id, row]));
const subscriptionByName = new Map<
string,
{
id: string;
pleskSubscriptionId: string;
status: string | null;
name: string | null;
}
>(
subscriptionsIndexed
.filter((row) => row.name)
.map((row) => [normalizeDomainLike(String(row.name)), row]),
);
const subscriptionNameCandidates: Array<{
id: string;
pleskSubscriptionId: string;
status: string | null;
normalizedName: string;
}> = subscriptionsIndexed
.filter((row) => row.name)
.map((row) => ({
id: row.id,
pleskSubscriptionId: row.pleskSubscriptionId,
status: row.status,
normalizedName: normalizeDomainLike(String(row.name)),
}));
const domainsForUpsert = domainsRaw
.map((item: any) => {
const domainId = item?.id ?? item?.guid ?? item?.name;
const domainName = item?.name ?? item?.domain_name ?? item?.domain;
const externalSubscriptionId =
const normalizedDomainName = domainName
? normalizeDomainLike(String(domainName))
: null;
const subExternalId =
item?.subscription?.id ?? item?.subscription_id ?? item?.webspace_id;
const rawExternalSubscriptionId = subExternalId
? String(subExternalId)
: null;
const subscriptionNameHint =
item?.subscription?.name ??
item?.subscription_name ??
item?.webspace_name ??
item?.webspace ??
null;
const localSubscriptionByExternal = rawExternalSubscriptionId
? subscriptionByExternalId.get(rawExternalSubscriptionId)
: undefined;
const localSubscriptionByLocalId = rawExternalSubscriptionId
? subscriptionByLocalId.get(rawExternalSubscriptionId)
: undefined;
const localSubscriptionByName = subscriptionNameHint
? subscriptionByName.get(
normalizeDomainLike(String(subscriptionNameHint)),
)
: undefined;
const localSubscriptionByDomainName = normalizedDomainName
? subscriptionByName.get(normalizedDomainName)
: undefined;
const localSubscriptionBySuffix = normalizedDomainName
? findBestSuffixSubscriptionMatch(
normalizedDomainName,
subscriptionNameCandidates,
)
: undefined;
const localSubscription =
localSubscriptionByExternal ??
localSubscriptionByLocalId ??
localSubscriptionByName ??
localSubscriptionByDomainName ??
localSubscriptionBySuffix;
const externalSubscriptionId = localSubscription
? localSubscription.pleskSubscriptionId
: subscriptionNameHint
? String(subscriptionNameHint)
: rawExternalSubscriptionId;
const rawCreated = item?.created_at ?? item?.created;
const sourceCreatedAt = rawCreated
? new Date(String(rawCreated)).toISOString()
@@ -135,24 +316,22 @@ export async function syncPleskInstance(
return {
agency_id: instance.agency_id,
plesk_instance_id: instance.id,
subscription_id: null,
external_subscription_id: externalSubscriptionId
? String(externalSubscriptionId)
: null,
subscription_id: localSubscription?.id ?? null,
external_subscription_id: externalSubscriptionId,
plesk_domain_id: String(domainId),
domain_name: String(domainName),
status: item?.status ? String(item.status) : null,
hosting_type: item?.hosting_type
? String(item.hosting_type)
: item?.hosting?.type
? String(item.hosting.type)
: null,
status: localSubscription?.status ?? "unknown",
hosting_type: item?.hosting_type ? String(item.hosting_type) : null,
source_created_at: sourceCreatedAt,
aliases_count: aliasesCount,
};
})
.filter(Boolean) as Array<Record<string, unknown>>;
const unlinkedDomains = domainsForUpsert.filter(
(domain) => !domain.subscription_id,
);
if (domainsForUpsert.length > 0) {
const { error } = await supabase
.from("plesk_domains")
@@ -187,9 +366,47 @@ export async function syncPleskInstance(
metadata: {
subscriptions_seen: subscriptionsRaw.length,
domains_seen: domainsRaw.length,
unlinked_domains: unlinkedDomains.length,
unlinked_domain_samples: unlinkedDomains
.slice(0, 25)
.map((domain) => String(domain.domain_name ?? "unknown")),
},
});
await logStatusSyncEvent("subscription_status_sync_completed", {
synced_subscriptions: subscriptionsRaw.length,
failed_subscriptions: subscriptionStatusSyncFailures.length,
failed_subscription_ids: subscriptionStatusSyncFailures
.slice(0, 50)
.map((item: any) =>
String(
item?.plesk_subscription_id ?? item?.subscription_id ?? "unknown",
),
),
completed_at: new Date().toISOString(),
});
if (subscriptionStatusSyncFailures.length > 0) {
await logStatusSyncEvent(
"subscription_status_sync_failed",
{
failed_subscriptions: subscriptionStatusSyncFailures.length,
sample_errors: subscriptionStatusSyncFailures
.slice(0, 20)
.map((item: any) => ({
subscription: String(
item?.plesk_subscription_id ??
item?.subscription_id ??
"unknown",
),
error: String(item?.status_sync_error ?? "status_sync_failed"),
})),
},
"failed",
`${subscriptionStatusSyncFailures.length} subscription status sync failures`,
);
}
return {
instanceId: instance.id,
agencyId: instance.agency_id,
@@ -201,6 +418,15 @@ export async function syncPleskInstance(
const message =
error instanceof Error ? error.message.slice(0, 1000) : "Sync failed";
await logStatusSyncEvent(
"subscription_status_sync_failed",
{
failed_at: new Date().toISOString(),
},
"failed",
message,
);
await supabase
.from("plesk_instances")
.update({
@@ -216,3 +442,146 @@ export async function syncPleskInstance(
throw error;
}
}
export async function backfillDomainSubscriptionLinks(
supabase: SupabaseLike,
input: {
agencyId: string;
instanceId: string;
actorUserId?: string | null;
},
) {
const { agencyId, instanceId, actorUserId } = input;
const { data: subscriptions, error: subscriptionsError } = await supabase
.from("plesk_subscriptions")
.select("id, plesk_subscription_id, name, status")
.eq("agency_id", agencyId)
.eq("plesk_instance_id", instanceId);
if (subscriptionsError) {
throw new Error(subscriptionsError.message);
}
const { data: domains, error: domainsError } = await supabase
.from("plesk_domains")
.select("id, domain_name, external_subscription_id, subscription_id")
.eq("agency_id", agencyId)
.eq("plesk_instance_id", instanceId)
.is("subscription_id", null);
if (domainsError) {
throw new Error(domainsError.message);
}
const subscriptionByExternalId = new Map<
string,
{ id: string; status: string }
>(
(subscriptions ?? [])
.filter((subscription: any) => subscription?.plesk_subscription_id)
.map((subscription: any) => [
String(subscription.plesk_subscription_id),
{
id: String(subscription.id),
status: subscription?.status
? String(subscription.status)
: "unknown",
},
]),
);
const subscriptionByName = new Map<string, { id: string; status: string }>(
(subscriptions ?? [])
.filter((subscription: any) => subscription?.name)
.map((subscription: any) => [
normalizeDomainLike(String(subscription.name)),
{
id: String(subscription.id),
status: subscription?.status
? String(subscription.status)
: "unknown",
},
]),
);
const subscriptionNameCandidates: Array<{
id: string;
status: string;
normalizedName: string;
}> = (subscriptions ?? [])
.filter((subscription: any) => subscription?.name)
.map((subscription: any) => ({
id: String(subscription.id),
status: subscription?.status ? String(subscription.status) : "unknown",
normalizedName: normalizeDomainLike(String(subscription.name)),
}));
let linkedCount = 0;
const failures: Array<{ domain_id: string; error: string }> = [];
for (const domain of domains ?? []) {
const matchByExternal = domain?.external_subscription_id
? subscriptionByExternalId.get(String(domain.external_subscription_id))
: undefined;
const matchByDomainName = domain?.domain_name
? subscriptionByName.get(normalizeDomainLike(String(domain.domain_name)))
: undefined;
const normalizedDomainName = domain?.domain_name
? normalizeDomainLike(String(domain.domain_name))
: null;
const matchBySuffix = normalizedDomainName
? findBestSuffixSubscriptionMatch(
normalizedDomainName,
subscriptionNameCandidates,
)
: undefined;
const linkedSubscription =
matchByExternal ?? matchByDomainName ?? matchBySuffix;
if (!linkedSubscription) continue;
const { error: updateError } = await supabase
.from("plesk_domains")
.update({
subscription_id: linkedSubscription.id,
status: linkedSubscription.status,
})
.eq("id", domain.id)
.eq("agency_id", agencyId);
if (updateError) {
failures.push({
domain_id: String(domain.id),
error: updateError.message,
});
continue;
}
linkedCount += 1;
}
await supabase.from("actions_log").insert({
agency_id: agencyId,
actor_user_id: actorUserId ?? null,
target_type: "plesk_instance",
target_id: instanceId,
action: "domain_subscription_backfill",
status: failures.length > 0 ? "failed" : "success",
error_message:
failures.length > 0
? `${failures.length} domain links failed during backfill`
: null,
metadata: {
attempted: (domains ?? []).length,
linked: linkedCount,
failures: failures.slice(0, 25),
},
});
return {
attempted: (domains ?? []).length,
linked: linkedCount,
failed: failures.length,
};
}

View File

@@ -11,7 +11,7 @@ export function getStripeClient() {
if (!stripeClient) {
stripeClient = new Stripe(env.stripeSecretKey, {
apiVersion: "2025-02-24.acacia",
apiVersion: "2025-08-27.basil",
});
}

View File

@@ -83,6 +83,22 @@ export type Database = {
last_sync_error: string | null;
last_sync_subscriptions: number;
last_sync_domains: number;
auto_sync_enabled: boolean;
auto_sync_frequency_minutes: number;
last_auto_sync_at: string | null;
next_auto_sync_at: string | null;
auto_sync_lock_until: string | null;
auto_sync_lock_token: string | null;
health_enabled: boolean;
health_status: "ok" | "degraded" | "down" | "unknown";
health_last_checked_at: string | null;
health_last_ok_at: string | null;
health_last_error: string | null;
health_last_latency_ms: number | null;
health_check_frequency_minutes: number;
health_next_check_at: string | null;
health_lock_until: string | null;
health_lock_token: string | null;
created_at: string;
};
Insert: {
@@ -101,6 +117,22 @@ export type Database = {
last_sync_error?: string | null;
last_sync_subscriptions?: number;
last_sync_domains?: number;
auto_sync_enabled?: boolean;
auto_sync_frequency_minutes?: number;
last_auto_sync_at?: string | null;
next_auto_sync_at?: string | null;
auto_sync_lock_until?: string | null;
auto_sync_lock_token?: string | null;
health_enabled?: boolean;
health_status?: "ok" | "degraded" | "down" | "unknown";
health_last_checked_at?: string | null;
health_last_ok_at?: string | null;
health_last_error?: string | null;
health_last_latency_ms?: number | null;
health_check_frequency_minutes?: number;
health_next_check_at?: string | null;
health_lock_until?: string | null;
health_lock_token?: string | null;
created_at?: string;
};
Update: {
@@ -119,6 +151,22 @@ export type Database = {
last_sync_error?: string | null;
last_sync_subscriptions?: number;
last_sync_domains?: number;
auto_sync_enabled?: boolean;
auto_sync_frequency_minutes?: number;
last_auto_sync_at?: string | null;
next_auto_sync_at?: string | null;
auto_sync_lock_until?: string | null;
auto_sync_lock_token?: string | null;
health_enabled?: boolean;
health_status?: "ok" | "degraded" | "down" | "unknown";
health_last_checked_at?: string | null;
health_last_ok_at?: string | null;
health_last_error?: string | null;
health_last_latency_ms?: number | null;
health_check_frequency_minutes?: number;
health_next_check_at?: string | null;
health_lock_until?: string | null;
health_lock_token?: string | null;
created_at?: string;
};
};

19
scripts/deploy-prod.sh Executable file
View File

@@ -0,0 +1,19 @@
#!/usr/bin/env bash
set -euo pipefail
DEPLOY_PATH="${DEPLOY_PATH:-/opt/plesk-agency-portal}"
APP_IMAGE="${APP_IMAGE:-plesk-agency-portal:latest}"
mkdir -p "${DEPLOY_PATH}"
if [ ! -f "${DEPLOY_PATH}/docker-compose.prod.yml" ]; then
echo "Missing docker-compose.prod.yml in ${DEPLOY_PATH}" >&2
exit 1
fi
cd "${DEPLOY_PATH}"
APP_IMAGE="${APP_IMAGE}" docker compose -f docker-compose.prod.yml up -d
docker compose -f docker-compose.prod.yml ps

30
scripts/rollback-prod.sh Executable file
View File

@@ -0,0 +1,30 @@
#!/usr/bin/env bash
set -euo pipefail
PREVIOUS_IMAGE_TAG="${1:-}"
DEPLOY_PATH="${DEPLOY_PATH:-/opt/plesk-agency-portal}"
APP_BASE_URL="${APP_BASE_URL:-}"
if [ -z "${PREVIOUS_IMAGE_TAG}" ]; then
echo "Usage: $0 <previous-image-tag>" >&2
exit 1
fi
if [ -z "${APP_BASE_URL}" ]; then
echo "APP_BASE_URL is required" >&2
exit 1
fi
if [ ! -f "${DEPLOY_PATH}/docker-compose.prod.yml" ]; then
echo "Missing docker-compose.prod.yml in ${DEPLOY_PATH}" >&2
exit 1
fi
cd "${DEPLOY_PATH}"
APP_IMAGE="${PREVIOUS_IMAGE_TAG}" docker compose -f docker-compose.prod.yml up -d --no-build
"${DEPLOY_PATH}/smoke-check.sh" "${APP_BASE_URL}"
docker compose -f docker-compose.prod.yml ps

27
scripts/smoke-check.sh Executable file
View File

@@ -0,0 +1,27 @@
#!/usr/bin/env bash
set -euo pipefail
BASE_URL="${1:-}"
if [ -z "${BASE_URL}" ]; then
echo "Usage: $0 <base-url>" >&2
exit 1
fi
URL="${BASE_URL%/}/api/health"
TMP_FILE="$(mktemp)"
trap 'rm -f "${TMP_FILE}"' EXIT
HTTP_CODE=$(curl -sS -o "${TMP_FILE}" -w "%{http_code}" "${URL}")
if [ "${HTTP_CODE}" != "200" ]; then
echo "Smoke check failed: ${URL} returned ${HTTP_CODE}" >&2
cat "${TMP_FILE}" >&2 || true
exit 1
fi
node -e "const fs=require('fs');const d=JSON.parse(fs.readFileSync(process.argv[1],'utf8'));if(d?.ok!==true||typeof d?.service!=='string'){process.exit(1)}" "${TMP_FILE}"
echo "Smoke check passed: ${URL}"

View File

@@ -0,0 +1,10 @@
-- One-time backfill: align existing domain status with linked subscription status
update public.plesk_domains d
set status = coalesce(s.status, 'unknown')
from public.plesk_subscriptions s
where d.subscription_id = s.id
and d.agency_id = s.agency_id;
update public.plesk_subscriptions
set status = 'unknown'
where status is null;

View File

@@ -0,0 +1,78 @@
-- CL8: instance health monitoring fields + lock helpers
alter table public.plesk_instances
add column if not exists health_enabled boolean not null default true,
add column if not exists health_status text not null default 'unknown',
add column if not exists health_last_checked_at timestamptz,
add column if not exists health_last_ok_at timestamptz,
add column if not exists health_last_error text,
add column if not exists health_last_latency_ms integer,
add column if not exists health_check_frequency_minutes integer not null default 30,
add column if not exists health_next_check_at timestamptz,
add column if not exists health_lock_until timestamptz,
add column if not exists health_lock_token text;
alter table public.plesk_instances
drop constraint if exists plesk_instances_health_status_check;
alter table public.plesk_instances
add constraint plesk_instances_health_status_check
check (health_status in ('ok', 'degraded', 'down', 'unknown'));
alter table public.plesk_instances
drop constraint if exists plesk_instances_health_check_frequency_minutes_check;
alter table public.plesk_instances
add constraint plesk_instances_health_check_frequency_minutes_check
check (health_check_frequency_minutes between 5 and 10080);
create index if not exists idx_plesk_instances_health_due
on public.plesk_instances (health_enabled, health_next_check_at);
create or replace function public.acquire_instance_health_lock(
p_instance_id uuid,
p_lock_token text,
p_ttl_seconds integer default 300,
p_force boolean default false
)
returns boolean
language plpgsql
security definer
set search_path = public
as $$
declare
v_acquired boolean := false;
begin
update public.plesk_instances
set
health_lock_until = now() + make_interval(secs => p_ttl_seconds),
health_lock_token = p_lock_token
where id = p_instance_id
and health_enabled = true
and (
p_force = true
or health_next_check_at is null
or health_next_check_at <= now()
)
and (health_lock_until is null or health_lock_until < now());
get diagnostics v_acquired = row_count;
return v_acquired;
end;
$$;
create or replace function public.release_instance_health_lock(
p_instance_id uuid,
p_lock_token text
)
returns void
language sql
security definer
set search_path = public
as $$
update public.plesk_instances
set health_lock_until = null,
health_lock_token = null
where id = p_instance_id
and health_lock_token = p_lock_token;
$$;

View File

@@ -0,0 +1,8 @@
alter table public.plesk_subscriptions
add column if not exists status text default 'unknown',
add column if not exists status_raw text,
add column if not exists last_status_sync_at timestamptz;
update public.plesk_subscriptions
set status = 'unknown'
where status is null;

View File

@@ -0,0 +1,62 @@
-- CL6: auto-sync worker scheduling fields + per-instance lock helpers
alter table public.plesk_instances
add column if not exists auto_sync_enabled boolean not null default false,
add column if not exists auto_sync_frequency_minutes integer not null default 60,
add column if not exists last_auto_sync_at timestamptz,
add column if not exists next_auto_sync_at timestamptz,
add column if not exists auto_sync_lock_until timestamptz,
add column if not exists auto_sync_lock_token text;
alter table public.plesk_instances
drop constraint if exists plesk_instances_auto_sync_frequency_minutes_check;
alter table public.plesk_instances
add constraint plesk_instances_auto_sync_frequency_minutes_check
check (auto_sync_frequency_minutes between 5 and 10080);
create index if not exists idx_plesk_instances_auto_sync_due
on public.plesk_instances (auto_sync_enabled, next_auto_sync_at);
create or replace function public.acquire_instance_auto_sync_lock(
p_instance_id uuid,
p_lock_token text,
p_ttl_seconds integer default 900
)
returns boolean
language plpgsql
security definer
set search_path = public
as $$
declare
v_acquired boolean := false;
begin
update public.plesk_instances
set
auto_sync_lock_until = now() + make_interval(secs => p_ttl_seconds),
auto_sync_lock_token = p_lock_token
where id = p_instance_id
and auto_sync_enabled = true
and (next_auto_sync_at is null or next_auto_sync_at <= now())
and (auto_sync_lock_until is null or auto_sync_lock_until < now());
get diagnostics v_acquired = row_count;
return v_acquired;
end;
$$;
create or replace function public.release_instance_auto_sync_lock(
p_instance_id uuid,
p_lock_token text
)
returns void
language sql
security definer
set search_path = public
as $$
update public.plesk_instances
set auto_sync_lock_until = null,
auto_sync_lock_token = null
where id = p_instance_id
and auto_sync_lock_token = p_lock_token;
$$;

File diff suppressed because one or more lines are too long