Merge d159d4b0dd into 4168f43e3e

Move legacy header logo omission from API file modifier to plg install
step to avoid breaking rollback (ie upon `unraid-api stop`) due to web
component upgrade.

Tested on 7.1.4 & 7.2.0-beta.0.16

Testing & Reproduction procedure:

1. Install connect plugin
2. Run `unraid-api stop` on server
3. Refresh page. Before Unraid 7.2, Plugin versions prior to this will
display a duplicated logo that blocks the nav menu. Now, it will not.
Plugin uninstall behavior remains unchanged.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* The plugin installation process now updates the header logo by
removing the old logo from the interface during installation.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

.claude/settings.local.json

@@ -0,0 +1,18 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(rg:*)",
+      "Bash(find:*)",
+      "Bash(pnpm codegen:*)",
+      "Bash(pnpm dev:*)",
+      "Bash(pnpm build:*)",
+      "Bash(pnpm test:*)",
+      "Bash(grep:*)",
+      "Bash(pnpm type-check:*)",
+      "Bash(pnpm lint:*)",
+      "Bash(pnpm --filter ./api lint)",
+      "Bash(mv:*)"
+    ]
+  },
+  "enableAllProjectMcpServers": false
+}

.cursor/rules/api-rules.mdc

@@ -0,0 +1,13 @@
+---
+description: 
+globs: api/**/*,api/*
+alwaysApply: false
+---
+
+* pnpm ONLY
+* always run scripts from api/package.json unless requested
+* prefer adding new files to the nest repo located at api/src/unraid-api/ instead of the legacy code
+* Test suite is VITEST, do not use jest
+pnpm --filter ./api test
+* Prefer to not mock simple dependencies
+

.cursor/rules/default.mdc

@@ -0,0 +1,8 @@
+---
+description: 
+globs: 
+alwaysApply: true
+---
+Never add comments unless they are needed for clarity of function
+
+Be CONCISE, keep replies shorter than a paragraph if at all passible.

.cursor/rules/no-comments.mdc

@@ -0,0 +1,6 @@
+---
+description: 
+globs: 
+alwaysApply: true
+---
+Never add comments for obvious things, and avoid commenting when starting and ending code blocks

.cursor/rules/web-graphql.mdc

@@ -0,0 +1,9 @@
+---
+description: 
+globs: web/**/*
+alwaysApply: false
+---
+* Always run `pnpm codegen` for GraphQL code generation in the web directory
+* GraphQL queries must be placed in `.query.ts` files
+* GraphQL mutations must be placed in `.mutation.ts` files
+* All GraphQL under `web/` and follow this naming convention

.cursor/rules/web-testing-rules.mdc

@@ -0,0 +1,240 @@
+---
+description: 
+globs: **/*.test.ts,**/__test__/components/**/*.ts,**/__test__/store/**/*.ts,**/__test__/mocks/**/*.ts
+alwaysApply: false
+---
+
+## Vue Component Testing Best Practices
+- This is a Nuxt.js app but we are testing with vitest outside of the Nuxt environment
+- Nuxt is currently set to auto import so some vue files may need compute or ref imported
+- Use pnpm when running termical commands and stay within the web directory.
+- The directory for tests is located under `web/__test__` when running test just run `pnpm test`
+
+### Setup
+- Use `mount` from Vue Test Utils for component testing
+- Stub complex child components that aren't the focus of the test
+- Mock external dependencies and services
+
+```typescript
+import { mount } from '@vue/test-utils';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { createTestingPinia } from '@pinia/testing'
+import { useSomeStore } from '@/stores/myStore'
+import YourComponent from '~/components/YourComponent.vue';
+
+// Mock dependencies
+vi.mock('~/helpers/someHelper', () => ({
+  SOME_CONSTANT: 'mocked-value',
+}));
+
+describe('YourComponent', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+  
+  it('renders correctly', () => {
+    const wrapper = mount(YourComponent, {
+      global: {
+        plugins: [createTestingPinia()],
+        stubs: {
+          // Stub child components when needed
+          ChildComponent: true,
+        },
+      },
+    });
+
+    const store = useSomeStore() // uses the testing pinia!
+    // state can be directly manipulated
+    store.name = 'my new name'
+
+    // actions are stubbed by default, meaning they don't execute their code by default.
+    // See below to customize this behavior.
+    store.someAction()
+
+    expect(store.someAction).toHaveBeenCalledTimes(1)
+    
+    // Assertions on components
+    expect(wrapper.text()).toContain('Expected content');
+  });
+});
+```
+
+### Testing Patterns
+- Test component behavior and output, not implementation details
+- Verify that the expected elements are rendered
+- Test component interactions (clicks, inputs, etc.)
+- Check for expected prop handling and event emissions
+- Use `createTestingPinia()` for mocking stores in components
+
+### Finding Elements
+- Use semantic queries like `find('button')` or `find('[data-test="id"]')` but prefer not to use data test ID's
+- Find components with `findComponent(ComponentName)`
+- Use `findAll` to check for multiple elements
+
+### Assertions
+- Assert on rendered text content with `wrapper.text()`
+- Assert on element attributes with `element.attributes()`
+- Verify element existence with `expect(element.exists()).toBe(true)`
+- Check component state through rendered output
+
+### Component Interaction
+- Trigger events with `await element.trigger('click')`
+- Set input values with `await input.setValue('value')`
+- Test emitted events with `wrapper.emitted()`
+
+### Mocking
+- Mock external services and API calls
+- Prefer not using mocks whenever possible
+- Use `vi.mock()` for module-level mocks
+- Specify return values for component methods with `vi.spyOn()`
+- Reset mocks between tests with `vi.clearAllMocks()`
+- Frequently used mocks are stored under `web/test/mocks`
+
+### Async Testing
+- Use `await nextTick()` for DOM updates
+- Use `flushPromises()` for more complex promise chains
+- Always await async operations before making assertions
+
+## Store Testing with Pinia
+
+### Basic Setup
+- When testing Store files use `createPinia` and `setActivePinia`
+
+```typescript
+import { createPinia, setActivePinia } from 'pinia';
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+import { useYourStore } from '~/store/your-store';
+
+// Mock declarations must be at top level due to hoisting
+const mockDependencyFn = vi.fn();
+
+// Module mocks must use factory functions
+vi.mock('~/store/dependency', () => ({
+  useDependencyStore: () => ({
+    someMethod: mockDependencyFn,
+    someProperty: 'mockValue'
+  })
+}));
+
+describe('Your Store', () => {
+  let store: ReturnType<typeof useYourStore>;
+
+  beforeEach(() => {
+    setActivePinia(createPinia());
+    store = useYourStore();
+    vi.clearAllMocks();
+  });
+
+  afterEach(() => {
+    vi.resetAllMocks();
+  });
+
+  it('tests some action', () => {
+    store.someAction();
+    expect(mockDependencyFn).toHaveBeenCalled();
+  });
+});
+```
+
+### Important Guidelines
+1. **Store Initialization**
+   - Use `createPinia()` instead of `createTestingPinia()` for most cases
+   - Only use `createTestingPinia` if you specifically need its testing features
+   - Let stores initialize with their natural default state instead of forcing initial state
+   - Do not mock the store we're actually testing in the test file. That's why we're using `createPinia()`
+
+2. **Vue Reactivity**
+   - Ensure Vue reactivity imports are added to original store files as they may be missing because Nuxt auto import was turned on
+   - Don't rely on Nuxt auto-imports in tests
+
+   ```typescript
+   // Required in store files, even with Nuxt auto-imports
+   import { computed, ref, watchEffect } from 'vue';
+   ```
+
+3. **Mocking Best Practices**
+   - Place all mock declarations at the top level
+   - Use factory functions for module mocks to avoid hoisting issues
+   
+   ```typescript
+   // ❌ Wrong - will cause hoisting issues
+   const mockFn = vi.fn();
+   vi.mock('module', () => ({ method: mockFn }));
+
+   // ✅ Correct - using factory function
+   vi.mock('module', () => {
+     const mockFn = vi.fn();
+     return { method: mockFn };
+   });
+   ```
+
+4. **Testing Actions**
+   - Test action side effects and state changes
+   - Verify actions are called with correct parameters
+   - Mock external dependencies appropriately
+   
+   ```typescript
+   it('should handle action correctly', () => {
+     store.yourAction();
+     expect(mockDependencyFn).toHaveBeenCalledWith(
+       expectedArg1,
+       expectedArg2
+     );
+     expect(store.someState).toBe(expectedValue);
+   });
+   ```
+
+5. **Common Pitfalls**
+   - Don't mix mock declarations and module mocks incorrectly
+   - Avoid relying on Nuxt's auto-imports in test environment
+   - Clear mocks between tests to ensure isolation
+   - Remember that `vi.mock()` calls are hoisted
+
+### Testing State & Getters
+- Test computed properties by accessing them directly
+- Verify state changes after actions
+- Test getter dependencies are properly mocked
+
+```typescript
+it('computes derived state correctly', () => {
+  store.setState('new value');
+  expect(store.computedValue).toBe('expected result');
+});
+```
+
+### Testing Complex Interactions
+- Test store interactions with other stores
+- Verify proper error handling
+- Test async operations completely
+
+```typescript
+it('handles async operations', async () => {
+  const promise = store.asyncAction();
+  expect(store.status).toBe('loading');
+  await promise;
+  expect(store.status).toBe('success');
+});
+```
+
+### Testing Actions
+- Verify actions are called with the right parameters
+- Test action side effects if not stubbed
+- Override specific action implementations when needed
+
+```typescript
+// Test action calls
+store.yourAction(params);
+expect(store.yourAction).toHaveBeenCalledWith(params);
+
+// Test with real implementation
+const pinia = createTestingPinia({
+  createSpy: vi.fn,
+  stubActions: false,
+});
+```
+
+### Testing State & Getters
+- Set initial state for focused testing
+- Test computed properties by accessing them directly
+- Verify state changes by updating the store
+

.github/codeql/README.md

@@ -0,0 +1,49 @@
+# CodeQL Security Analysis for Unraid API
+
+This directory contains custom CodeQL queries and configurations for security analysis of the Unraid API codebase.
+
+## Overview
+
+The analysis is configured to run:
+- On all pushes to the main branch
+- On all pull requests
+- Weekly via scheduled runs
+
+## Custom Queries
+
+The following custom queries are implemented:
+
+1. **API Authorization Bypass Detection**  
+   Identifies API handlers that may not properly check authorization before performing operations.
+
+2. **GraphQL Injection Detection**  
+   Detects potential injection vulnerabilities in GraphQL queries and operations.
+
+3. **Hardcoded Secrets Detection**  
+   Finds potential hardcoded secrets or credentials in the codebase.
+
+4. **Insecure Cryptographic Implementations**  
+   Identifies usage of weak cryptographic algorithms or insecure random number generation.
+
+5. **Path Traversal Vulnerability Detection**  
+   Detects potential path traversal vulnerabilities in file system operations.
+
+## Configuration
+
+The CodeQL analysis is configured in:
+- `.github/workflows/codeql-analysis.yml` - Workflow configuration
+- `.github/codeql/codeql-config.yml` - CodeQL engine configuration
+
+## Running Locally
+
+To run these queries locally:
+
+1. Install the CodeQL CLI: https://github.com/github/codeql-cli-binaries/releases
+2. Create a CodeQL database:
+   ```
+   codeql database create <db-name> --language=javascript --source-root=.
+   ```
+3. Run a query:
+   ```
+   codeql query run .github/codeql/custom-queries/javascript/api-auth-bypass.ql --database=<db-name>
+   ``` 

.github/codeql/codeql-config.yml

@@ -0,0 +1,16 @@
+name: "Unraid API CodeQL Configuration"
+
+disable-default-queries: false
+
+queries:
+  - name: Extended Security Queries
+    uses: security-extended
+  - name: Custom Unraid API Queries
+    uses: ./.github/codeql/custom-queries
+
+query-filters:
+  - exclude:
+      problem.severity:
+        - warning
+        - recommendation
+      tags contain: security 

.github/codeql/custom-queries/javascript/api-auth-bypass.ql

@@ -0,0 +1,45 @@
+/**
+ * @name Potential API Authorization Bypass
+ * @description Functions that process API requests without verifying authorization may lead to security vulnerabilities.
+ * @kind problem
+ * @problem.severity error
+ * @precision medium
+ * @id js/api-auth-bypass
+ * @tags security
+ *       external/cwe/cwe-285
+ */
+
+import javascript
+
+/**
+ * Identifies functions that appear to handle API requests
+ */
+predicate isApiHandler(Function f) {
+  exists(f.getAParameter()) and
+  (
+    f.getName().regexpMatch("(?i).*(api|handler|controller|resolver|endpoint).*") or
+    exists(CallExpr call |
+      call.getCalleeName().regexpMatch("(?i).*(get|post|put|delete|patch).*") and
+      call.getArgument(1) = f
+    )
+  )
+}
+
+/**
+ * Identifies expressions that appear to perform authorization checks
+ */
+predicate isAuthCheck(DataFlow::Node node) {
+  exists(CallExpr call |
+    call.getCalleeName().regexpMatch("(?i).*(authorize|authenticate|isAuth|checkAuth|verifyAuth|hasPermission|isAdmin|canAccess).*") and
+    call.flow().getASuccessor*() = node
+  )
+}
+
+from Function apiHandler
+where
+  isApiHandler(apiHandler) and
+  not exists(DataFlow::Node authCheck | 
+    isAuthCheck(authCheck) and
+    authCheck.getEnclosingExpr().getEnclosingFunction() = apiHandler
+  )
+select apiHandler, "API handler function may not perform proper authorization checks." 

.github/codeql/custom-queries/javascript/graphql-injection.ql

@@ -0,0 +1,77 @@
+/**
+ * @name Potential GraphQL Injection
+ * @description User-controlled input used directly in GraphQL queries may lead to injection vulnerabilities.
+ * @kind path-problem
+ * @problem.severity error
+ * @precision high
+ * @id js/graphql-injection
+ * @tags security
+ *       external/cwe/cwe-943
+ */
+
+import javascript
+import DataFlow::PathGraph
+
+class GraphQLQueryExecution extends DataFlow::CallNode {
+  GraphQLQueryExecution() {
+    exists(string name |
+      name = this.getCalleeName() and
+      (
+        name = "execute" or 
+        name = "executeQuery" or
+        name = "query" or
+        name.regexpMatch("(?i).*graphql.*query.*")
+      )
+    )
+  }
+
+  DataFlow::Node getQuery() {
+    result = this.getArgument(0)
+  }
+}
+
+class UserControlledInput extends DataFlow::Node {
+  UserControlledInput() {
+    exists(DataFlow::ParameterNode param | 
+      param.getName().regexpMatch("(?i).*(query|request|input|args|variables|params).*") and
+      this = param
+    )
+    or
+    exists(DataFlow::PropRead prop |
+      prop.getPropertyName().regexpMatch("(?i).*(query|request|input|args|variables|params).*") and
+      this = prop
+    )
+  }
+}
+
+/**
+ * Holds if `node` is a string concatenation.
+ */
+predicate isStringConcatenation(DataFlow::Node node) {
+  exists(BinaryExpr concat |
+    concat.getOperator() = "+" and
+    concat.flow() = node
+  )
+}
+
+class GraphQLInjectionConfig extends TaintTracking::Configuration {
+  GraphQLInjectionConfig() { this = "GraphQLInjectionConfig" }
+
+  override predicate isSource(DataFlow::Node source) {
+    source instanceof UserControlledInput
+  }
+
+  override predicate isSink(DataFlow::Node sink) {
+    exists(GraphQLQueryExecution exec | sink = exec.getQuery())
+  }
+
+  override predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
+    // Add any GraphQL-specific taint steps if needed
+    isStringConcatenation(succ) and
+    succ.(DataFlow::BinaryExprNode).getAnOperand() = pred
+  }
+}
+
+from GraphQLInjectionConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
+where config.hasFlowPath(source, sink)
+select sink.getNode(), source, sink, "GraphQL query may contain user-controlled input from $@.", source.getNode(), "user input" 

.github/codeql/custom-queries/javascript/hardcoded-secrets.ql

@@ -0,0 +1,53 @@
+/**
+ * @name Hardcoded Secrets
+ * @description Hardcoded secrets or credentials in source code can lead to security vulnerabilities.
+ * @kind problem
+ * @problem.severity error
+ * @precision medium
+ * @id js/hardcoded-secrets
+ * @tags security
+ *       external/cwe/cwe-798
+ */
+
+import javascript
+
+/**
+ * Identifies variable declarations or assignments that may contain secrets
+ */
+predicate isSensitiveAssignment(DataFlow::Node node) {
+  exists(DataFlow::PropWrite propWrite |
+    propWrite.getPropertyName().regexpMatch("(?i).*(secret|key|password|token|credential|auth).*") and
+    propWrite.getRhs() = node
+  )
+  or
+  exists(VariableDeclarator decl |
+    decl.getName().regexpMatch("(?i).*(secret|key|password|token|credential|auth).*") and
+    decl.getInit().flow() = node
+  )
+}
+
+/**
+ * Identifies literals that look like secrets
+ */
+predicate isSecretLiteral(StringLiteral literal) {
+  // Match alphanumeric strings of moderate length that may be secrets
+  literal.getValue().regexpMatch("[A-Za-z0-9_\\-]{8,}") and
+  
+  not (
+    // Skip likely non-sensitive literals
+    literal.getValue().regexpMatch("(?i)^(true|false|null|undefined|localhost|development|production|staging)$") or
+    // Skip URLs without credentials
+    literal.getValue().regexpMatch("^https?://[^:@/]+")
+  )
+}
+
+from DataFlow::Node source
+where
+  isSensitiveAssignment(source) and
+  (
+    exists(StringLiteral literal | 
+      literal.flow() = source and 
+      isSecretLiteral(literal)
+    )
+  )
+select source, "This assignment may contain a hardcoded secret or credential." 

.github/codeql/custom-queries/javascript/insecure-crypto.ql

@@ -0,0 +1,90 @@
+/**
+ * @name Insecure Cryptographic Implementation
+ * @description Usage of weak cryptographic algorithms or improper implementations can lead to security vulnerabilities.
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @id js/insecure-crypto
+ * @tags security
+ *       external/cwe/cwe-327
+ */
+
+import javascript
+
+/**
+ * Identifies calls to crypto functions with insecure algorithms
+ */
+predicate isInsecureCryptoCall(CallExpr call) {
+  // Node.js crypto module uses
+  exists(string methodName |
+    methodName = call.getCalleeName() and
+    (
+      // Detect MD5 usage
+      methodName.regexpMatch("(?i).*md5.*") or
+      methodName.regexpMatch("(?i).*sha1.*") or
+      
+      // Insecure crypto constructors
+      (
+        methodName = "createHash" or
+        methodName = "createCipheriv" or
+        methodName = "createDecipher"
+      ) and
+      (
+        exists(StringLiteral algo | 
+          algo = call.getArgument(0) and
+          (
+            algo.getValue().regexpMatch("(?i).*(md5|md4|md2|sha1|des|rc4|blowfish).*") or
+            algo.getValue().regexpMatch("(?i).*(ecb).*") // ECB mode
+          )
+        )
+      )
+    )
+  )
+  or
+  // Browser crypto API uses
+  exists(MethodCallExpr mce, string propertyName |
+    propertyName = mce.getMethodName() and
+    (
+      propertyName = "subtle" and
+      exists(MethodCallExpr subtleCall | 
+        subtleCall.getReceiver() = mce and 
+        subtleCall.getMethodName() = "encrypt" and
+        exists(ObjectExpr obj | 
+          obj = subtleCall.getArgument(0) and
+          exists(Property p | 
+            p = obj.getAProperty() and
+            p.getName() = "name" and
+            exists(StringLiteral algo | 
+              algo = p.getInit() and
+              algo.getValue().regexpMatch("(?i).*(rc4|des|aes-cbc).*")
+            )
+          )
+        )
+      )
+    )
+  )
+}
+
+/**
+ * Identifies usage of Math.random() for security-sensitive operations
+ */
+predicate isInsecureRandomCall(CallExpr call) {
+  exists(PropertyAccess prop | 
+    prop.getPropertyName() = "random" and
+    prop.getBase().toString() = "Math" and
+    call.getCallee() = prop
+  )
+}
+
+from Expr insecureExpr, string message
+where
+  (
+    insecureExpr instanceof CallExpr and
+    isInsecureCryptoCall(insecureExpr) and
+    message = "Using potentially insecure cryptographic algorithm or mode."
+  ) or (
+    insecureExpr instanceof CallExpr and
+    isInsecureRandomCall(insecureExpr) and
+    message = "Using Math.random() for security-sensitive operation. Consider using crypto.getRandomValues() instead."
+  )
+select insecureExpr, message 

.github/codeql/custom-queries/javascript/path-traversal.ql

@@ -0,0 +1,130 @@
+/**
+ * @name Path Traversal Vulnerability
+ * @description User-controlled inputs used in file operations may allow for path traversal attacks.
+ * @kind path-problem
+ * @problem.severity error
+ * @precision high
+ * @id js/path-traversal
+ * @tags security
+ *       external/cwe/cwe-22
+ */
+
+import javascript
+import DataFlow::PathGraph
+
+/**
+ * Identifies sources of user-controlled input
+ */
+class UserInput extends DataFlow::Node {
+  UserInput() {
+    // HTTP request parameters
+    exists(DataFlow::ParameterNode param |
+      param.getName().regexpMatch("(?i).*(req|request|param|query|body|user|input).*") and
+      this = param
+    )
+    or
+    // Access to common request properties
+    exists(DataFlow::PropRead prop |
+      (
+        prop.getPropertyName() = "query" or
+        prop.getPropertyName() = "body" or
+        prop.getPropertyName() = "params" or
+        prop.getPropertyName() = "files"
+      ) and
+      this = prop
+    )
+  }
+}
+
+/**
+ * Identifies fs module imports
+ */
+class FileSystemAccess extends DataFlow::CallNode {
+  FileSystemAccess() {
+    // Node.js fs module functions
+    exists(string name |
+      name = this.getCalleeName() and
+      (
+        name = "readFile" or
+        name = "readFileSync" or
+        name = "writeFile" or
+        name = "writeFileSync" or
+        name = "appendFile" or
+        name = "appendFileSync" or
+        name = "createReadStream" or
+        name = "createWriteStream" or
+        name = "openSync" or
+        name = "open"
+      )
+    )
+    or
+    // File system operations via require('fs')
+    exists(DataFlow::SourceNode fsModule, string methodName |
+      (fsModule.getAPropertyRead("promises") or fsModule).flowsTo(this.getReceiver()) and
+      methodName = this.getMethodName() and
+      (
+        methodName = "readFile" or
+        methodName = "writeFile" or
+        methodName = "appendFile" or
+        methodName = "readdir" or
+        methodName = "stat"
+      )
+    )
+  }
+
+  DataFlow::Node getPathArgument() {
+    result = this.getArgument(0)
+  }
+}
+
+/**
+ * Identifies sanitization of file paths
+ */
+predicate isPathSanitized(DataFlow::Node node) {
+  // Check for path normalization or validation
+  exists(DataFlow::CallNode call |
+    (
+      call.getCalleeName() = "resolve" or
+      call.getCalleeName() = "normalize" or
+      call.getCalleeName() = "isAbsolute" or
+      call.getCalleeName() = "relative" or
+      call.getCalleeName().regexpMatch("(?i).*(sanitize|validate|check).*path.*")
+    ) and
+    call.flowsTo(node)
+  )
+  or
+  // Check for path traversal mitigation patterns
+  exists(DataFlow::CallNode call |
+    call.getCalleeName() = "replace" and
+    exists(StringLiteral regex |
+      regex = call.getArgument(0).(DataFlow::RegExpCreationNode).getSource().getAChildExpr() and
+      regex.getValue().regexpMatch("(\\.\\./|\\.\\.\\\\)")
+    ) and
+    call.flowsTo(node)
+  )
+}
+
+/**
+ * Configuration for tracking flow from user input to file system operations
+ */
+class PathTraversalConfig extends TaintTracking::Configuration {
+  PathTraversalConfig() { this = "PathTraversalConfig" }
+
+  override predicate isSource(DataFlow::Node source) {
+    source instanceof UserInput
+  }
+
+  override predicate isSink(DataFlow::Node sink) {
+    exists(FileSystemAccess fileAccess |
+      sink = fileAccess.getPathArgument()
+    )
+  }
+
+  override predicate isSanitizer(DataFlow::Node node) {
+    isPathSanitized(node)
+  }
+}
+
+from PathTraversalConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
+where config.hasFlowPath(source, sink)
+select sink.getNode(), source, sink, "File system operation depends on a user-controlled value $@.", source.getNode(), "user input" 

.github/workflows/build-plugin.yml

@@ -0,0 +1,183 @@
+name: Build Plugin Component
+
+on:
+  workflow_call:
+    inputs:
+      RELEASE_CREATED:
+        type: string
+        required: true
+        description: "Whether a release was created"
+      RELEASE_TAG:
+        type: string
+        required: false
+        description: "Name of the tag when a release is created"
+      TAG:
+        type: string
+        required: false
+        description: "Tag for the build (e.g. PR number or version)"
+      BUCKET_PATH:
+        type: string
+        required: true
+        description: "Path in the bucket where artifacts should be stored"
+      BASE_URL:
+        type: string
+        required: true
+        description: "Base URL for the plugin builds"
+      BUILD_NUMBER:
+        type: string
+        required: true
+        description: "Build number for the plugin builds"
+    secrets:
+      CF_ACCESS_KEY_ID:
+        required: true
+      CF_SECRET_ACCESS_KEY:
+        required: true
+      CF_BUCKET_PREVIEW:
+        required: true
+      CF_ENDPOINT:
+        required: true
+jobs:
+  build-plugin:
+    name: Build and Deploy Plugin
+    defaults:
+      run:
+        working-directory: plugin
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Install Node
+        uses: actions/setup-node@v4
+        with:
+          node-version-file: ".nvmrc"
+
+      - uses: pnpm/action-setup@v4
+        name: Install pnpm
+        with:
+          run_install: false
+
+      - name: Get pnpm store directory
+        id: pnpm-cache
+        shell: bash
+        run: |
+          echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
+
+      - name: Get API Version
+        id: vars
+        run: |
+          GIT_SHA=$(git rev-parse --short HEAD)
+          IS_TAGGED=$(git describe --tags --abbrev=0 --exact-match || echo '')
+          PACKAGE_LOCK_VERSION=$(jq -r '.version' package.json)
+          API_VERSION=$([[ -n "$IS_TAGGED" ]] && echo "$PACKAGE_LOCK_VERSION" || echo "${PACKAGE_LOCK_VERSION}+${GIT_SHA}")
+          echo "API_VERSION=${API_VERSION}" >> $GITHUB_OUTPUT
+
+      - uses: actions/cache@v4
+        name: Setup pnpm cache
+        with:
+          path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
+          key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-store-
+
+      - name: Install dependencies
+        run: |
+          cd ${{ github.workspace }}
+          pnpm install --frozen-lockfile --filter @unraid/connect-plugin
+
+      - name: Download Unraid UI Components
+        uses: actions/download-artifact@v4
+        with:
+          name: unraid-wc-ui
+          path: ${{ github.workspace }}/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/unraid-components/uui
+          merge-multiple: true
+      - name: Download Unraid Web Components
+        uses: actions/download-artifact@v4
+        with:
+          pattern: unraid-wc-rich
+          path: ${{ github.workspace }}/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/unraid-components/nuxt
+          merge-multiple: true
+      - name: Download Unraid API
+        uses: actions/download-artifact@v4
+        with:
+          name: unraid-api
+          path: ${{ github.workspace }}/plugin/api/
+      - name: Extract Unraid API
+        run: |
+          mkdir -p ${{ github.workspace }}/plugin/source/dynamix.unraid.net/usr/local/unraid-api
+          tar -xzf ${{ github.workspace }}/plugin/api/unraid-api.tgz -C ${{ github.workspace }}/plugin/source/dynamix.unraid.net/usr/local/unraid-api
+      - name: Build Plugin and TXZ Based on Event and Tag
+        id: build-plugin
+        run: |
+          cd ${{ github.workspace }}/plugin
+          pnpm run build:txz --tag="${{ inputs.TAG }}" --base-url="${{ inputs.BASE_URL }}" --api-version="${{ steps.vars.outputs.API_VERSION }}" --build-number="${{ inputs.BUILD_NUMBER }}"
+          pnpm run build:plugin --tag="${{ inputs.TAG }}" --base-url="${{ inputs.BASE_URL }}" --api-version="${{ steps.vars.outputs.API_VERSION }}" --build-number="${{ inputs.BUILD_NUMBER }}"
+
+      - name: Ensure Plugin Files Exist
+        run: |
+          ls -al ./deploy
+          if [ ! -f ./deploy/*.plg ]; then
+            echo "Error: .plg file not found in plugin/deploy/"
+            exit 1
+          fi
+
+          if [ ! -f ./deploy/*.txz ]; then
+            echo "Error: .txz file not found in plugin/deploy/"
+            exit 1
+          fi
+
+      - name: Upload to GHA
+        uses: actions/upload-artifact@v4
+        with:
+          name: unraid-plugin-${{ github.run_id }}-${{ inputs.RELEASE_TAG }}
+          path: plugin/deploy/
+
+      - name: Upload Release Assets
+        if: inputs.RELEASE_CREATED == 'true'
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+          RELEASE_TAG: ${{ inputs.RELEASE_TAG }}
+        run: |
+          # For each file in release directory
+          for file in deploy/*; do
+            echo "Uploading $file to release..."
+            gh release upload "${RELEASE_TAG}" "$file" --clobber
+          done  
+
+      - name: Workflow Dispatch and wait
+        if: inputs.RELEASE_CREATED == 'true'
+        uses: the-actions-org/workflow-dispatch@v4.0.0
+        with:
+          workflow: release-production.yml
+          inputs: '{ "version": "${{ steps.vars.outputs.API_VERSION }}" }'
+          token: ${{ secrets.WORKFLOW_TRIGGER_PAT }}
+
+      - name: Upload to Cloudflare
+        if: inputs.RELEASE_CREATED == 'false'
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.CF_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: auto
+        run: |
+          # Sync the deploy directory to the Cloudflare bucket with explicit content encoding and public-read ACL
+          aws s3 sync deploy/ s3://${{ secrets.CF_BUCKET_PREVIEW }}/${{ inputs.BUCKET_PATH }} \
+            --endpoint-url ${{ secrets.CF_ENDPOINT }} \
+            --checksum-algorithm CRC32 \
+            --no-guess-mime-type \
+            --content-encoding none \
+            --acl public-read
+
+      - name: Comment URL
+        if: github.event_name == 'pull_request'
+        uses: thollander/actions-comment-pull-request@v3
+        with:
+          comment-tag: prlink
+          mode: recreate
+          message: |
+            This plugin has been deployed to Cloudflare R2 and is available for testing.
+            Download it at this URL:
+            ```
+            ${{ inputs.BASE_URL }}/tag/${{ inputs.TAG }}/dynamix.unraid.net.plg
+            ```

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,40 @@
+name: "CodeQL Security Analysis"
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+  schedule:
+    - cron: '0 0 * * 0'  # Run weekly on Sundays
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript', 'typescript' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        config-file: ./.github/codeql/codeql-config.yml
+        queries: +security-and-quality
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3 

.github/workflows/deploy-storybook.yml

@@ -0,0 +1,76 @@
+name: Deploy Storybook to Cloudflare Workers
+permissions:
+  contents: read
+  pull-requests: write
+  issues: write
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'unraid-ui/**'
+  pull_request:
+    paths:
+      - 'unraid-ui/**'
+  workflow_dispatch:
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    name: Deploy Storybook
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - uses: pnpm/action-setup@v4
+        name: Install pnpm
+        with:
+          run_install: false
+
+      - name: Cache APT Packages
+        uses: awalsh128/cache-apt-pkgs-action@v1.5.1
+        with:
+          packages: bash procps python3 libvirt-dev jq zstd git build-essential libvirt-daemon-system
+          version: 1.0
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Build Storybook
+        run: |
+          cd unraid-ui
+          pnpm build-storybook
+
+      - name: Deploy to Cloudflare Workers (Staging)
+        id: deploy_staging
+        if: github.event_name == 'pull_request'
+        uses: cloudflare/wrangler-action@v3
+        with:
+          apiToken: ${{ secrets.CLOUDFLARE_DEPLOY_TOKEN }}
+          command: deploy --env staging
+          workingDirectory: unraid-ui
+
+      - name: Deploy to Cloudflare Workers (Production)
+        if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+        uses: cloudflare/wrangler-action@v3
+        with:
+          apiToken: ${{ secrets.CLOUDFLARE_DEPLOY_TOKEN }}
+          command: deploy
+          workingDirectory: unraid-ui
+
+      - name: Comment PR with deployment URL
+        if: github.event_name == 'pull_request'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: `🚀 Storybook has been deployed to staging: ${{ steps.deploy_staging.outputs['deployment-url'] }}`
+            }) 

.github/workflows/main.yml

@@ -13,7 +13,6 @@ concurrency:
 jobs:
   release-please:
     name: Release Please
-    # Only run release-please on pushes to main
     runs-on: ubuntu-latest
     permissions:
       contents: write
@@ -21,6 +20,7 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v4
+        # Only run release-please on pushes to main
         if: github.event_name == 'push' && github.ref == 'refs/heads/main'
 
       - id: release
@@ -45,9 +45,9 @@ jobs:
           node-version-file: ".nvmrc"
 
       - name: Cache APT Packages
-        uses: awalsh128/cache-apt-pkgs-action@v1.4.3
+        uses: awalsh128/cache-apt-pkgs-action@v1.5.1
         with:
-          packages: bash procps python3 libvirt-dev jq zstd git build-essential
+          packages: bash procps python3 libvirt-dev jq zstd git build-essential libvirt-daemon-system
           version: 1.0
 
       - name: Install pnpm
@@ -75,12 +75,89 @@ jobs:
       - name: Lint
         run: pnpm run lint
 
-      - name: Test
-        run: pnpm run coverage
+      - name: Type Check
+        run: pnpm run type-check
+
+      - name: Setup libvirt
+        run: |
+          # Create required groups (if they don't already exist)
+          sudo groupadd -f libvirt
+          sudo groupadd -f kvm
+
+          # Create libvirt user if not present, and add it to the kvm group
+          sudo useradd -m -s /bin/bash -g libvirt libvirt || true
+          sudo usermod -aG kvm libvirt || true
+
+          # Set up libvirt directories and permissions
+          sudo mkdir -p /var/run/libvirt /var/log/libvirt /etc/libvirt
+          sudo chown root:libvirt /var/run/libvirt /var/log/libvirt
+          sudo chmod g+w /var/run/libvirt /var/log/libvirt
+
+          # Configure libvirt by appending required settings
+          sudo tee -a /etc/libvirt/libvirtd.conf > /dev/null <<EOF
+          unix_sock_group = "libvirt"
+          unix_sock_rw_perms = "0770"
+          auth_unix_rw = "none"
+          EOF
+
+          # Add the current user to libvirt and kvm groups (note: this change won't apply to the current session)
+          sudo usermod -aG libvirt,kvm $USER
+
+          sudo mkdir -p /var/run/libvirt
+          sudo chown root:libvirt /var/run/libvirt
+          sudo chmod 775 /var/run/libvirt
+
+
+          # Start libvirtd in the background
+          sudo /usr/sbin/libvirtd --daemon
+
+          # Wait a bit longer for libvirtd to start
+          sleep 5
+
+          # Verify libvirt is running using sudo to bypass group membership delays
+          sudo virsh list --all || true
+
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: latest
+
+      - name: Run Tests Concurrently
+        run: |
+          set -e
+
+          # Run all tests in parallel with labeled output
+          echo "🚀 Starting API coverage tests..."
+          pnpm run coverage > api-test.log 2>&1 &
+          API_PID=$!
+
+          echo "🚀 Starting Connect plugin tests..."
+          (cd ../packages/unraid-api-plugin-connect && pnpm test) > connect-test.log 2>&1 &
+          CONNECT_PID=$!
+
+          echo "🚀 Starting Shared package tests..."
+          (cd ../packages/unraid-shared && pnpm test) > shared-test.log 2>&1 &
+          SHARED_PID=$!
+
+          # Wait for all processes and capture exit codes
+          wait $API_PID && echo "✅ API tests completed" || { echo "❌ API tests failed"; API_EXIT=1; }
+          wait $CONNECT_PID && echo "✅ Connect tests completed" || { echo "❌ Connect tests failed"; CONNECT_EXIT=1; }
+          wait $SHARED_PID && echo "✅ Shared tests completed" || { echo "❌ Shared tests failed"; SHARED_EXIT=1; }
+
+          # Display all outputs
+          echo "📋 API Test Results:" && cat api-test.log
+          echo "📋 Connect Plugin Test Results:" && cat connect-test.log  
+          echo "📋 Shared Package Test Results:" && cat shared-test.log
+
+          # Exit with error if any test failed
+          if [[ ${API_EXIT:-0} -eq 1 || ${CONNECT_EXIT:-0} -eq 1 || ${SHARED_EXIT:-0} -eq 1 ]]; then
+            exit 1
+          fi
 
   build-api:
     name: Build API
     runs-on: ubuntu-latest
+    outputs:
+      build_number: ${{ steps.buildnumber.outputs.build_number }}
     defaults:
       run:
         working-directory: api
@@ -113,7 +190,7 @@ jobs:
             ${{ runner.os }}-pnpm-store-
 
       - name: Cache APT Packages
-        uses: awalsh128/cache-apt-pkgs-action@v1.4.3
+        uses: awalsh128/cache-apt-pkgs-action@v1.5.1
         with:
           packages: bash procps python3 libvirt-dev jq zstd git build-essential
           version: 1.0
@@ -123,12 +200,6 @@ jobs:
           cd ${{ github.workspace }}
           pnpm install --frozen-lockfile
 
-      - name: Lint
-        run: pnpm run lint
-
-      - name: Type Check
-        run: pnpm run type-check
-
       - name: Build
         run: pnpm run build
 
@@ -140,11 +211,19 @@ jobs:
           PACKAGE_LOCK_VERSION=$(jq -r '.version' package.json)
           API_VERSION=$([[ -n "$IS_TAGGED" ]] && echo "$PACKAGE_LOCK_VERSION" || echo "${PACKAGE_LOCK_VERSION}+${GIT_SHA}")
           export API_VERSION
+          echo "API_VERSION=${API_VERSION}" >> $GITHUB_ENV
+          echo "PACKAGE_LOCK_VERSION=${PACKAGE_LOCK_VERSION}" >> $GITHUB_OUTPUT
+
+      - name: Generate build number
+        id: buildnumber
+        uses: onyxmueller/build-tag-number@v1
+        with:
+          token: ${{secrets.github_token}}
+          prefix: ${{steps.vars.outputs.PACKAGE_LOCK_VERSION}}
 
       - name: Build
         run: |
           pnpm run build:release
-
           tar -czf deploy/unraid-api.tgz -C deploy/pack/ .
 
       - name: Upload tgz to Github artifacts
@@ -152,11 +231,6 @@ jobs:
         with:
           name: unraid-api
           path: ${{ github.workspace }}/api/deploy/unraid-api.tgz
-      - name: Upload PNPM Store to Github artifacts
-        uses: actions/upload-artifact@v4
-        with:
-          name: packed-pnpm-store
-          path: ${{ github.workspace }}/api/deploy/packed-pnpm-store.txz
 
   build-unraid-ui-webcomponents:
     name: Build Unraid UI Library (Webcomponent Version)
@@ -193,7 +267,7 @@ jobs:
             ${{ runner.os }}-pnpm-store-
 
       - name: Cache APT Packages
-        uses: awalsh128/cache-apt-pkgs-action@v1.4.3
+        uses: awalsh128/cache-apt-pkgs-action@v1.5.1
         with:
           packages: bash procps python3 libvirt-dev jq zstd git build-essential
           version: 1.0
@@ -203,6 +277,9 @@ jobs:
           cd ${{ github.workspace }}
           pnpm install --frozen-lockfile --filter @unraid/ui
 
+      - name: Lint
+        run: pnpm run lint
+
       - name: Build
         run: pnpm run build:wc
 
@@ -284,7 +361,7 @@ jobs:
           name: unraid-wc-rich
           path: web/.nuxt/nuxt-custom-elements/dist/unraid-components
 
-  build-plugin:
+  build-plugin-staging-pr:
     name: Build and Deploy Plugin
     needs:
       - release-please
@@ -292,176 +369,38 @@ jobs:
       - build-web
       - build-unraid-ui-webcomponents
       - test-api
-    defaults:
-      run:
-        working-directory: plugin
-    runs-on: ubuntu-latest
-    steps:
-      - name: Set Timezone
-        uses: szenius/set-timezone@v2.0
-        with:
-          timezoneLinux: "America/Los_Angeles"
-      - name: Checkout repo
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
+    uses: ./.github/workflows/build-plugin.yml
+    with:
+      RELEASE_CREATED: false
+      TAG: ${{ github.event.pull_request.number && format('PR{0}', github.event.pull_request.number) || '' }}
+      BUCKET_PATH: ${{ github.event.pull_request.number && format('unraid-api/tag/PR{0}', github.event.pull_request.number) || 'unraid-api' }}
+      BASE_URL: "https://preview.dl.unraid.net/unraid-api"
+      BUILD_NUMBER: ${{ needs.build-api.outputs.build_number }}
+    secrets:
+      CF_ACCESS_KEY_ID: ${{ secrets.CF_ACCESS_KEY_ID }}
+      CF_SECRET_ACCESS_KEY: ${{ secrets.CF_SECRET_ACCESS_KEY }}
+      CF_BUCKET_PREVIEW: ${{ secrets.CF_BUCKET_PREVIEW }}
+      CF_ENDPOINT: ${{ secrets.CF_ENDPOINT }}
 
-      - name: Install Node
-        uses: actions/setup-node@v4
-        with:
-          node-version-file: ".nvmrc"
-
-      - uses: pnpm/action-setup@v4
-        name: Install pnpm
-        with:
-          run_install: false
-
-      - name: Get pnpm store directory
-        id: pnpm-cache
-        shell: bash
-        run: |
-          echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
-      
-      - name: Get API Version
-        id: vars
-        run: |
-          GIT_SHA=$(git rev-parse --short HEAD)
-          IS_TAGGED=$(git describe --tags --abbrev=0 --exact-match || echo '')
-          PACKAGE_LOCK_VERSION=$(jq -r '.version' package.json)
-          API_VERSION=$([[ -n "$IS_TAGGED" ]] && echo "$PACKAGE_LOCK_VERSION" || echo "${PACKAGE_LOCK_VERSION}+${GIT_SHA}")
-          echo "API_VERSION=${API_VERSION}" >> $GITHUB_OUTPUT
-
-      - uses: actions/cache@v4
-        name: Setup pnpm cache
-        with:
-          path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
-          key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
-          restore-keys: |
-            ${{ runner.os }}-pnpm-store-
-
-      - name: Install dependencies
-        run: |
-          cd ${{ github.workspace }}
-          pnpm install --frozen-lockfile --filter @unraid/connect-plugin
-
-      - name: Download Unraid UI Components
-        uses: actions/download-artifact@v4
-        with:
-          name: unraid-wc-ui
-          path: ${{ github.workspace }}/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/unraid-components/uui
-          merge-multiple: true
-      - name: Download Unraid Web Components
-        uses: actions/download-artifact@v4
-        with:
-          pattern: unraid-wc-rich
-          path: ${{ github.workspace }}/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/unraid-components/nuxt
-          merge-multiple: true
-      - name: Download Unraid API
-        uses: actions/download-artifact@v4
-        with:
-          name: unraid-api
-          path: ${{ github.workspace }}/plugin/api/
-      - name: Download PNPM Store
-        uses: actions/download-artifact@v4
-        with:
-          name: packed-pnpm-store
-          path: ${{ github.workspace }}/plugin/
-      - name: Extract Unraid API
-        run: |
-          mkdir -p ${{ github.workspace }}/plugin/source/dynamix.unraid.net/usr/local/unraid-api
-          tar -xzf ${{ github.workspace }}/plugin/api/unraid-api.tgz -C ${{ github.workspace }}/plugin/source/dynamix.unraid.net/usr/local/unraid-api
-      - name: Build Plugin and TXZ Based on Event and Tag
-        id: build-plugin
-        run: |
-          cd ${{ github.workspace }}/plugin
-          ls -al
-          pnpm run build:txz
-
-          if [ -n "${{ github.event.pull_request.number }}" ]; then
-            TAG="PR${{ github.event.pull_request.number }}"
-            BUCKET_PATH="unraid-api/tag/${TAG}"
-          else
-            TAG=""
-            BUCKET_PATH="unraid-api"
-          fi
-
-          # On release, build both prod and preview plugins
-          if [ "${{ needs.release-please.outputs.releases_created }}" == 'true' ]; then
-            BASE_URL="https://stable.dl.unraid.net/unraid-api"
-            pnpm run build:plugin --tag="${TAG}" --base-url="${BASE_URL}"
-            cp -r ./deploy ./deploy-prod
-          fi
-
-          BASE_URL="https://preview.dl.unraid.net/unraid-api"
-          echo "BUCKET_PATH=${BUCKET_PATH}" >> $GITHUB_OUTPUT
-          echo "TAG=${TAG}" >> $GITHUB_OUTPUT
-          pnpm run build:plugin --tag="${TAG}" --base-url="${BASE_URL}"
-      - name: Ensure Plugin Files Exist
-        run: |
-          ls -al ./deploy
-          if [ ! -f ./deploy/*.plg ]; then
-            echo "Error: .plg file not found in plugin/deploy/"
-            exit 1
-          fi
-
-          if [ ! -f ./deploy/*.txz ]; then
-            echo "Error: .txz file not found in plugin/deploy/"
-            exit 1
-          fi
-      - name: Ensure Production Plugin Files Exist
-        if: needs.release-please.outputs.releases_created == 'true'
-        run: |
-          ls -al ./deploy-prod
-          if [ ! -f ./deploy-prod/*.plg ]; then
-            echo "Error: .plg file not found in plugin/deploy-prod/"
-            exit 1
-          fi
-
-          if [ ! -f ./deploy-prod/*.txz ]; then
-            echo "Error: .txz file not found in plugin/deploy-prod/"
-            exit 1
-          fi
-      - name: Upload to GHA
-        uses: actions/upload-artifact@v4
-        with:
-          name: unraid-plugin
-          path: plugin/deploy/
-      - name: Upload to Cloudflare
-        if: github.event_name == 'pull_request' || startsWith(github.ref, 'refs/heads/main')
-        env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.CF_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: auto
-        run: |
-          # Sync the deploy directory to the Cloudflare bucket with explicit content encoding and public-read ACL
-          aws s3 sync deploy/ s3://${{ secrets.CF_BUCKET_PREVIEW }}/${{ steps.build-plugin.outputs.BUCKET_PATH }} \
-            --endpoint-url ${{ secrets.CF_ENDPOINT }} \
-            --checksum-algorithm CRC32 \
-            --no-guess-mime-type \
-            --content-encoding none \
-            --acl public-read
-
-      - name: Upload Release Assets
-        if: needs.release-please.outputs.releases_created == 'true'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          release_name=$(gh release list --repo ${{ github.repository }} --json name,isDraft --jq '.[] | select(.isDraft == true) | .name' | head -n 1)
-          # For each file in release directory
-          for file in deploy-prod/*; do
-            echo "Uploading $file to release..."
-            gh release upload "${release_name}" "$file" --clobber
-          done
-
-      - name: Comment URL
-        if: github.event_name == 'pull_request'
-        uses: thollander/actions-comment-pull-request@v3
-        with:
-          comment-tag: prlink
-          mode: recreate
-          message: |
-            This plugin has been deployed to Cloudflare R2 and is available for testing.
-            Download it at this URL:
-            ```
-            https://preview.dl.unraid.net/unraid-api/tag/${{ steps.build-plugin.outputs.tag }}/dynamix.unraid.net.plg
-            ```
+  build-plugin-production:
+    if: ${{ needs.release-please.outputs.releases_created == 'true' }}
+    name: Build and Deploy Production Plugin
+    needs:
+      - release-please
+      - build-api
+      - build-web
+      - build-unraid-ui-webcomponents
+      - test-api
+    uses: ./.github/workflows/build-plugin.yml
+    with:
+      RELEASE_CREATED: true
+      RELEASE_TAG: ${{ needs.release-please.outputs.tag_name }}
+      TAG: ""
+      BUCKET_PATH: unraid-api
+      BASE_URL: "https://stable.dl.unraid.net/unraid-api"
+      BUILD_NUMBER: ${{ needs.build-api.outputs.build_number }}
+    secrets:
+      CF_ACCESS_KEY_ID: ${{ secrets.CF_ACCESS_KEY_ID }}
+      CF_SECRET_ACCESS_KEY: ${{ secrets.CF_SECRET_ACCESS_KEY }}
+      CF_BUCKET_PREVIEW: ${{ secrets.CF_BUCKET_PREVIEW }}
+      CF_ENDPOINT: ${{ secrets.CF_ENDPOINT }}

.github/workflows/push-staging-pr-on-close.yml

@@ -4,43 +4,68 @@ on:
   pull_request:
     types:
       - closed
+  workflow_dispatch:
+    inputs:
+      pr_number:
+        description: "PR number to test with"
+        required: true
+        type: string
+      pr_merged:
+        description: "Simulate merged PR"
+        required: true
+        type: boolean
+        default: true
 
 jobs:
   push-staging:
-    if: github.event.pull_request.merged == true
+    if: (github.event_name == 'pull_request' && github.event.pull_request.merged == true) || (github.event_name == 'workflow_dispatch' && inputs.pr_merged == true)
     runs-on: ubuntu-latest
     permissions:
       contents: read
+      actions: read
     steps:
       - name: Set Timezone
         uses: szenius/set-timezone@v2.0
         with:
           timezoneLinux: "America/Los_Angeles"
-      - name: Checkout repo
-        uses: actions/checkout@v4
-        with:
-          ref: refs/pull/${{ github.event.pull_request.base.ref }}/merge
+
+      - name: Set PR number
+        id: pr_number
+        run: |
+          if [ "${{ github.event_name }}" == "pull_request" ]; then
+            echo "pr_number=${{ github.event.pull_request.number }}" >> $GITHUB_OUTPUT
+          else
+            echo "pr_number=${{ inputs.pr_number }}" >> $GITHUB_OUTPUT
+          fi
 
       - name: Download artifact
-        uses: actions/download-artifact@v4
+        uses: dawidd6/action-download-artifact@v11
         with:
-          name: connect-files
+          name_is_regexp: true
+          name: unraid-plugin-.*
           path: connect-files
+          pr: ${{ steps.pr_number.outputs.pr_number }}
+          workflow_conclusion: success
+          workflow_search: true
+          search_artifacts: true
 
       - name: Update Downloaded Staging Plugin to New Date
         run: |
-          if [ ! -f "connect-files/plugins/dynamix.unraid.net.pr.plg" ]; then
-            echo "ERROR: dynamix.unraid.net.pr.plg not found"
+          # Find the .plg file in the downloaded artifact
+          plgfile=$(find connect-files -name "*.plg" -type f | head -1)
+          if [ ! -f "$plgfile" ]; then
+            echo "ERROR: .plg file not found in connect-files/"
+            ls -la connect-files/
             exit 1
           fi
 
-          plgfile="connect-files/plugins/dynamix.unraid.net.pr.plg"
+          echo "Found plugin file: $plgfile"
           version=$(date +"%Y.%m.%d.%H%M")
           sed -i -E "s#(<!ENTITY version \").*(\">)#\1${version}\2#g" "${plgfile}" || exit 1
                 
           # Change the plugin url to point to staging
           url="https://preview.dl.unraid.net/unraid-api/dynamix.unraid.net.plg"
-          sed -i -E "s#(<!ENTITY pluginURL \").*(\">)#\1${url}\2#g" "${plgfile}" || exit 1
+          sed -i -E "s#(<!ENTITY plugin_url \").*?(\">)#\1${url}\2#g" "${plgfile}" || exit 1
           cat "${plgfile}"
           mkdir -p pr-release
           mv "${plgfile}" pr-release/dynamix.unraid.net.plg
@@ -54,4 +79,4 @@ jobs:
           AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_SECRET_ACCESS_KEY }}
           AWS_REGION: "auto"
           SOURCE_DIR: pr-release
-          DEST_DIR: unraid-api/pr/${{ github.event.pull_request.number }}
+          DEST_DIR: unraid-api/tag/PR${{ steps.pr_number.outputs.pr_number }}

.github/workflows/release-production.yml

@@ -1,17 +1,14 @@
-name: Publish Release to Digital Ocean
+name: Publish Release
 
 on:
-  release:
-    types: [published]
   workflow_dispatch:
     inputs:
       version:
-        description: 'Tag to update'
+        description: 'Tag to release - will replace active release'
         required: true
 
-
 jobs:
-  publish-to-digital-ocean:
+  publish:
     runs-on: ubuntu-latest
 
     steps:
@@ -33,7 +30,11 @@ jobs:
           prerelease: false
       - uses: actions/setup-node@v4
         with:
-          node-version: '22.x'
+          node-version: '22.17.0'
+      - run: |
+          cat << 'EOF' > release-notes.txt
+          ${{ steps.release-info.outputs.body }}
+          EOF
       - run: npm install html-escaper@2 xml2js
       - name: Update Plugin Changelog
         uses: actions/github-script@v7
@@ -41,7 +42,8 @@ jobs:
           script: |
             const fs = require('fs');
             const { escape } = require('html-escaper');
-            const releaseNotes = escape(`${{ steps.release-info.outputs.body }}`);
+
+            const releaseNotes = escape(fs.readFileSync('release-notes.txt', 'utf8'));
             
             if (!releaseNotes) {
               console.error('No release notes found');
@@ -92,6 +94,9 @@ jobs:
               process.exit(1);
             });
 
+      - name: Cleanup Inline Scripts
+        run: |
+          rm -rf node_modules/
       - name: Upload Release Files to DO Spaces
         env:
           AWS_ACCESS_KEY_ID: ${{ secrets.DO_ACCESS_KEY }}

.github/workflows/test-libvirt.yml

@@ -28,10 +28,10 @@ jobs:
 
       - uses: actions/setup-python@v5
         with:
-          python-version: "3.13"
+          python-version: "3.13.5"
 
       - name: Cache APT Packages
-        uses: awalsh128/cache-apt-pkgs-action@v1.4.3
+        uses: awalsh128/cache-apt-pkgs-action@v1.5.1
         with:
           packages: libvirt-dev
           version: 1.0

.gitignore

@@ -105,4 +105,7 @@ result-*
 web/scripts/.sync-webgui-repo-*
 
 # Activation code data
-plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/data/activation-data.php
+plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/data/activation-data.php
+
+# Config file that changes between versions
+api/dev/Unraid.net/myservers.cfg

.husky/_/pre-commit

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+if [ "$SKIP_SIMPLE_GIT_HOOKS" = "1" ]; then
+    echo "[INFO] SKIP_SIMPLE_GIT_HOOKS is set to 1, skipping hook."
+    exit 0
+fi
+
+if [ -f "$SIMPLE_GIT_HOOKS_RC" ]; then
+    . "$SIMPLE_GIT_HOOKS_RC"
+fi
+
+pnpm lint-staged

.nvmrc

@@ -1 +1 @@
-22
+22.17.0

.rclone-version

@@ -0,0 +1 @@
+1.69.1 

.release-please-manifest.json

@@ -1 +1 @@
-{".":"4.6.1"}
+{".":"4.9.2"}

.vscode/settings.json

@@ -1,15 +1,14 @@
 {
-    "files.associations": {
-      "*.page": "php"
-    },
-    "editor.codeActionsOnSave": {
-      "source.fixAll": "never",
-      "source.fixAll.eslint": "explicit"
-    },
-    "i18n-ally.localesPaths": [
-      "locales"
-    ],
-    "i18n-ally.keystyle": "flat",
-    "eslint.experimental.useFlatConfig": true
-  }
-  
+  "files.associations": {
+    "*.page": "php"
+  },
+  "editor.codeActionsOnSave": {
+    "source.fixAll": "never",
+    "source.fixAll.eslint": "explicit"
+  },
+  "i18n-ally.localesPaths": ["locales"],
+  "i18n-ally.keystyle": "flat",
+  "eslint.experimental.useFlatConfig": true,
+  "typescript.preferences.importModuleSpecifier": "non-relative",
+  "javascript.preferences.importModuleSpecifier": "non-relative"
+}

CLAUDE.md

@@ -0,0 +1,137 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+This is the Unraid API monorepo containing multiple packages that provide API functionality for Unraid servers. It uses pnpm workspaces with the following structure:
+
+- `/api` - Core NestJS API server with GraphQL
+- `/web` - Nuxt.js frontend application
+- `/unraid-ui` - Vue 3 component library
+- `/plugin` - Unraid plugin package (.plg)
+- `/packages` - Shared packages and API plugins
+
+## Essential Commands
+
+### Development
+
+```bash
+pnpm install              # Install all dependencies
+pnpm dev                  # Run all dev servers concurrently
+pnpm build                # Build all packages
+pnpm build:watch          # Watch mode with local plugin build
+```
+
+### Testing & Code Quality
+
+```bash
+pnpm test                 # Run all tests
+pnpm lint                 # Run linting
+pnpm lint:fix             # Fix linting issues
+pnpm type-check           # TypeScript type checking
+```
+
+### API Development
+
+```bash
+cd api && pnpm dev        # Run API server (http://localhost:3001)
+cd api && pnpm test:watch # Run tests in watch mode
+cd api && pnpm codegen    # Generate GraphQL types
+```
+
+### Deployment
+
+```bash
+pnpm unraid:deploy <SERVER_IP>  # Deploy all to Unraid server
+```
+
+## Architecture Notes
+
+### API Structure (NestJS)
+
+- Modules: `auth`, `config`, `plugins`, `emhttp`, `monitoring`
+- GraphQL API with Apollo Server at `/graphql`
+- Redux store for state management in `src/store/`
+- Plugin system for extending functionality
+- Entry points: `src/index.ts` (server), `src/cli.ts` (CLI)
+
+### Key Patterns
+
+- TypeScript imports use `.js` extensions (ESM compatibility)
+- NestJS dependency injection with decorators
+- GraphQL schema-first approach with code generation
+- API plugins follow specific structure (see `api/docs/developer/api-plugins.md`)
+
+### Authentication
+
+- API key authentication via headers
+- Cookie-based session management
+- Keys stored in `/boot/config/plugins/unraid-api/`
+
+### Development Workflow
+
+1. Work Intent required before starting development
+2. Fork from `main` branch
+3. Reference Work Intent in PR
+4. No direct pushes to main
+
+### Debug Mode
+
+```bash
+LOG_LEVEL=debug unraid-api start --debug
+```
+
+Enables GraphQL playground at `http://tower.local/graphql`
+
+## Coding Guidelines
+
+### General Rules
+
+- Never add comments unless they are needed for clarity of function
+- Never add comments for obvious things, and avoid commenting when starting and ending code blocks
+- Be CONCISE, keep replies shorter than a paragraph if at all possible
+
+### API Development Rules (`api/**/*`)
+
+- Use pnpm ONLY for package management
+- Always run scripts from api/package.json unless requested
+- Prefer adding new files to the NestJS repo located at `api/src/unraid-api/` instead of the legacy code
+- Test suite is VITEST, do not use jest
+- Run tests with: `pnpm --filter ./api test`
+- Prefer to not mock simple dependencies
+
+### Web Development Rules (`web/**/*`)
+
+- Always run `pnpm codegen` for GraphQL code generation in the web directory
+- GraphQL queries must be placed in `.query.ts` files
+- GraphQL mutations must be placed in `.mutation.ts` files
+- All GraphQL under `web/` must follow this naming convention
+
+### Testing Guidelines
+
+#### Vue Component Testing
+
+- This is a Nuxt.js app but we are testing with vitest outside of the Nuxt environment
+- Nuxt is currently set to auto import so some vue files may need compute or ref imported
+- Use pnpm when running terminal commands and stay within the web directory
+- Tests are located under `web/__test__`, run with `pnpm test`
+- Use `mount` from Vue Test Utils for component testing
+- Stub complex child components that aren't the focus of the test
+- Mock external dependencies and services
+- Test component behavior and output, not implementation details
+- Use `createTestingPinia()` for mocking stores in components
+- Find elements with semantic queries like `find('button')` rather than data-test IDs
+- Use `await nextTick()` for DOM updates
+- Always await async operations before making assertions
+
+#### Store Testing with Pinia
+
+- Use `createPinia()` and `setActivePinia` when testing Store files
+- Only use `createTestingPinia` if you specifically need its testing features
+- Let stores initialize with their natural default state
+- Don't mock the store being tested
+- Ensure Vue reactivity imports are added to store files (computed, ref, watchEffect)
+- Place all mock declarations at the top level
+- Use factory functions for module mocks to avoid hoisting issues
+- Clear mocks between tests to ensure isolation

api/.env.development

@@ -9,6 +9,12 @@ PATHS_MY_SERVERS_CONFIG=./dev/Unraid.net/myservers.cfg # My servers config file
 PATHS_MY_SERVERS_FB=./dev/Unraid.net/fb_keepalive # My servers flashbackup timekeeper file
 PATHS_KEYFILE_BASE=./dev/Unraid.net # Keyfile location
 PATHS_MACHINE_ID=./dev/data/machine-id
+PATHS_PARITY_CHECKS=./dev/states/parity-checks.log
+PATHS_CONFIG_MODULES=./dev/configs
+PATHS_ACTIVATION_BASE=./dev/activation
+PATHS_PASSWD=./dev/passwd
+PATHS_RCLONE_SOCKET=./dev/rclone-socket
+PATHS_LOG_BASE=./dev/log # Where we store logs
 ENVIRONMENT="development"
 NODE_ENV="development"
 PORT="3001"
@@ -20,4 +26,4 @@ BYPASS_PERMISSION_CHECKS=false
 BYPASS_CORS_CHECKS=true
 CHOKIDAR_USEPOLLING=true
 LOG_TRANSPORT=console
-LOG_LEVEL=trace
+LOG_LEVEL=trace

api/.env.production

@@ -2,3 +2,4 @@ ENVIRONMENT="production"
 NODE_ENV="production"
 PORT="/var/run/unraid-api.sock"
 MOTHERSHIP_GRAPHQL_LINK="https://mothership.unraid.net/ws"
+PATHS_CONFIG_MODULES="/boot/config/plugins/dynamix.my.servers/configs"

api/.env.staging

@@ -2,3 +2,4 @@ ENVIRONMENT="staging"
 NODE_ENV="production"
 PORT="/var/run/unraid-api.sock"
 MOTHERSHIP_GRAPHQL_LINK="https://staging.mothership.unraid.net/ws"
+PATHS_CONFIG_MODULES="/boot/config/plugins/dynamix.my.servers/configs"

api/.env.test

@@ -9,5 +9,9 @@ PATHS_MY_SERVERS_CONFIG=./dev/Unraid.net/myservers.cfg # My servers config file
 PATHS_MY_SERVERS_FB=./dev/Unraid.net/fb_keepalive # My servers flashbackup timekeeper file
 PATHS_KEYFILE_BASE=./dev/Unraid.net # Keyfile location
 PATHS_MACHINE_ID=./dev/data/machine-id
+PATHS_PARITY_CHECKS=./dev/states/parity-checks.log
+PATHS_CONFIG_MODULES=./dev/configs
+PATHS_ACTIVATION_BASE=./dev/activation
+PATHS_PASSWD=./dev/passwd
 PORT=5000
-NODE_ENV="test"
+NODE_ENV="test"

api/.vscode/settings.json

@@ -3,5 +3,7 @@
     "eslint.options": {
         "flags": ["unstable_ts_config"],
         "overrideConfigFile": ".eslintrc.ts"
-    }
+    },
+    "typescript.preferences.importModuleSpecifier": "non-relative",
+    "javascript.preferences.importModuleSpecifier": "non-relative"
 }

api/CHANGELOG.md

@@ -1,5 +1,181 @@
 # Changelog
 
+## [4.9.2](https://github.com/unraid/api/compare/v4.9.1...v4.9.2) (2025-07-09)
+
+
+### Bug Fixes
+
+* invalid configs no longer crash API ([#1491](https://github.com/unraid/api/issues/1491)) ([6bf3f77](https://github.com/unraid/api/commit/6bf3f776380edeff5133517e6aca223556e30144))
+* invalid state for unraid plugin ([#1492](https://github.com/unraid/api/issues/1492)) ([39b8f45](https://github.com/unraid/api/commit/39b8f453da23793ef51f8e7f7196370aada8c5aa))
+* release note escaping ([5b6bcb6](https://github.com/unraid/api/commit/5b6bcb6043a5269bff4dc28714d787a5a3f07e22))
+
+## [4.9.1](https://github.com/unraid/api/compare/v4.9.0...v4.9.1) (2025-07-08)
+
+
+### Bug Fixes
+
+* **HeaderOsVersion:** adjust top margin for header component ([#1485](https://github.com/unraid/api/issues/1485)) ([862b54d](https://github.com/unraid/api/commit/862b54de8cd793606f1d29e76c19d4a0e1ae172f))
+* sign out doesn't work ([#1486](https://github.com/unraid/api/issues/1486)) ([f3671c3](https://github.com/unraid/api/commit/f3671c3e0750b79be1f19655a07a0e9932289b3f))
+
+## [4.9.0](https://github.com/unraid/api/compare/v4.8.0...v4.9.0) (2025-07-08)
+
+
+### Features
+
+* add graphql resource for API plugins ([#1420](https://github.com/unraid/api/issues/1420)) ([642a220](https://github.com/unraid/api/commit/642a220c3a796829505d8449dc774968c9d5c222))
+* add management page for API keys ([#1408](https://github.com/unraid/api/issues/1408)) ([0788756](https://github.com/unraid/api/commit/0788756b918a8e99be51f34bf6f96bbe5b67395a))
+* add rclone ([#1362](https://github.com/unraid/api/issues/1362)) ([5517e75](https://github.com/unraid/api/commit/5517e7506b05c7bef5012bb9f8d2103e91061997))
+* API key management ([#1407](https://github.com/unraid/api/issues/1407)) ([d37dc3b](https://github.com/unraid/api/commit/d37dc3bce28bad1c893ae7eff96ca5ffd9177648))
+* api plugin management via CLI ([#1416](https://github.com/unraid/api/issues/1416)) ([3dcbfbe](https://github.com/unraid/api/commit/3dcbfbe48973b8047f0c6c560068808d86ac6970))
+* build out docker components  ([#1427](https://github.com/unraid/api/issues/1427)) ([711cc9a](https://github.com/unraid/api/commit/711cc9ac926958bcf2996455b023ad265b041530))
+* docker and info resolver issues ([#1423](https://github.com/unraid/api/issues/1423)) ([9901039](https://github.com/unraid/api/commit/9901039a3863de06b520e23cb2573b610716c673))
+* fix shading in UPC to be less severe ([#1438](https://github.com/unraid/api/issues/1438)) ([b7c2407](https://github.com/unraid/api/commit/b7c240784052276fc60e064bd7d64dd6e801ae90))
+* info resolver cleanup ([#1425](https://github.com/unraid/api/issues/1425)) ([1b279bb](https://github.com/unraid/api/commit/1b279bbab3a51e7d032e7e3c9898feac8bfdbafa))
+* initial codeql setup ([#1390](https://github.com/unraid/api/issues/1390)) ([2ade7eb](https://github.com/unraid/api/commit/2ade7eb52792ef481aaf711dc07029629ea107d9))
+* initialize claude code in codebse ([#1418](https://github.com/unraid/api/issues/1418)) ([b6c4ee6](https://github.com/unraid/api/commit/b6c4ee6eb4b9ebb6d6e59a341e1f51b253578752))
+* move api key fetching to use api key service ([#1439](https://github.com/unraid/api/issues/1439)) ([86bea56](https://github.com/unraid/api/commit/86bea5627270a2a18c5b7db36dd59061ab61e753))
+* move to cron v4 ([#1428](https://github.com/unraid/api/issues/1428)) ([b8035c2](https://github.com/unraid/api/commit/b8035c207a6e387c7af3346593a872664f6c867b))
+* move to iframe for changelog ([#1388](https://github.com/unraid/api/issues/1388)) ([fcd6fbc](https://github.com/unraid/api/commit/fcd6fbcdd48e7f224b3bd8799a668d9e01967f0c))
+* native slackware package ([#1381](https://github.com/unraid/api/issues/1381)) ([4f63b4c](https://github.com/unraid/api/commit/4f63b4cf3bb9391785f07a38defe54ec39071caa))
+* send active unraid theme to docs ([#1400](https://github.com/unraid/api/issues/1400)) ([f71943b](https://github.com/unraid/api/commit/f71943b62b30119e17766e56534962630f52a591))
+* slightly better watch mode ([#1398](https://github.com/unraid/api/issues/1398)) ([881f1e0](https://github.com/unraid/api/commit/881f1e09607d1e4a8606f8d048636ba09d8fcac1))
+* upgrade nuxt-custom-elements ([#1461](https://github.com/unraid/api/issues/1461)) ([345e83b](https://github.com/unraid/api/commit/345e83bfb0904381d784fc77b3dcd3ad7e53d898))
+* use bigint instead of long ([#1403](https://github.com/unraid/api/issues/1403)) ([574d572](https://github.com/unraid/api/commit/574d572d6567c652057b29776694e86267316ca7))
+
+
+### Bug Fixes
+
+* activation indicator removed ([5edfd82](https://github.com/unraid/api/commit/5edfd823b862cfc1f864565021f12334fe9317c6))
+* alignment of settings on ManagementAccess settings page ([#1421](https://github.com/unraid/api/issues/1421)) ([70c790f](https://github.com/unraid/api/commit/70c790ff89075a785d7f0623bbf3c34a3806bbdc))
+* allow rclone to fail to initialize ([#1453](https://github.com/unraid/api/issues/1453)) ([7c6f02a](https://github.com/unraid/api/commit/7c6f02a5cb474fb285db294ec6f80d1c2c57e142))
+* always download 7.1 versioned files for patching ([edc0d15](https://github.com/unraid/api/commit/edc0d1578b89c3b3e56e637de07137e069656fa8))
+* api `pnpm type-check` ([#1442](https://github.com/unraid/api/issues/1442)) ([3122bdb](https://github.com/unraid/api/commit/3122bdb953eec58469fd9cf6f468e75621781040))
+* **api:** connect config `email` validation ([#1454](https://github.com/unraid/api/issues/1454)) ([b9a1b9b](https://github.com/unraid/api/commit/b9a1b9b08746b6d4cb2128d029a3dab7cdd47677))
+* backport unraid/webgui[#2269](https://github.com/unraid/api/issues/2269) rc.nginx update ([#1436](https://github.com/unraid/api/issues/1436)) ([a7ef06e](https://github.com/unraid/api/commit/a7ef06ea252545cef084e21cea741a8ec866e7cc))
+* bigint ([e54d27a](https://github.com/unraid/api/commit/e54d27aede1b1e784971468777c5e65cde66f2ac))
+* config migration from `myservers.cfg` ([#1440](https://github.com/unraid/api/issues/1440)) ([c4c9984](https://github.com/unraid/api/commit/c4c99843c7104414120bffc5dd5ed78ab6c8ba02))
+* **connect:** fatal race-condition in websocket disposal ([#1462](https://github.com/unraid/api/issues/1462)) ([0ec0de9](https://github.com/unraid/api/commit/0ec0de982f017b61a145c7a4176718b484834f41))
+* **connect:** mothership connection ([#1464](https://github.com/unraid/api/issues/1464)) ([7be8bc8](https://github.com/unraid/api/commit/7be8bc84d3831f9cea7ff62d0964612ad366a976))
+* console hidden ([9b85e00](https://github.com/unraid/api/commit/9b85e009b833706294a841a54498e45a8e0204ed))
+* debounce is too long ([#1426](https://github.com/unraid/api/issues/1426)) ([f12d231](https://github.com/unraid/api/commit/f12d231e6376d0f253cee67b7ed690c432c63ec5))
+* delete legacy connect keys and ensure description ([22fe91c](https://github.com/unraid/api/commit/22fe91cd561e88aa24e8f8cfa5a6143e7644e4e0))
+* **deps:** pin dependencies ([#1465](https://github.com/unraid/api/issues/1465)) ([ba75a40](https://github.com/unraid/api/commit/ba75a409a4d3e820308b78fd5a5380021d3757b0))
+* **deps:** pin dependencies ([#1470](https://github.com/unraid/api/issues/1470)) ([412b329](https://github.com/unraid/api/commit/412b32996d9c8352c25309cc0d549a57468d0fb5))
+* **deps:** storybook v9 ([#1476](https://github.com/unraid/api/issues/1476)) ([45bb49b](https://github.com/unraid/api/commit/45bb49bcd60a9753be492203111e489fd37c1a5f))
+* **deps:** update all non-major dependencies ([#1366](https://github.com/unraid/api/issues/1366)) ([291ee47](https://github.com/unraid/api/commit/291ee475fb9ef44f6da7b76a9eb11b7dd29a5d13))
+* **deps:** update all non-major dependencies ([#1379](https://github.com/unraid/api/issues/1379)) ([8f70326](https://github.com/unraid/api/commit/8f70326d0fe3e4c3bcd3e8e4e6566766f1c05eb7))
+* **deps:** update all non-major dependencies ([#1389](https://github.com/unraid/api/issues/1389)) ([cb43f95](https://github.com/unraid/api/commit/cb43f95233590888a8e20a130e62cadc176c6793))
+* **deps:** update all non-major dependencies ([#1399](https://github.com/unraid/api/issues/1399)) ([68df344](https://github.com/unraid/api/commit/68df344a4b412227cffa96867f086177b251f028))
+* **deps:** update dependency @types/diff to v8 ([#1393](https://github.com/unraid/api/issues/1393)) ([00da27d](https://github.com/unraid/api/commit/00da27d04f2ee2ca8b8b9cdcc6ea3c490c02a3a4))
+* **deps:** update dependency cache-manager to v7 ([#1413](https://github.com/unraid/api/issues/1413)) ([9492c2a](https://github.com/unraid/api/commit/9492c2ae6a0086d14e73d280c55746206b73a7b0))
+* **deps:** update dependency commander to v14 ([#1394](https://github.com/unraid/api/issues/1394)) ([106ea09](https://github.com/unraid/api/commit/106ea093996f2d0c71c1511bc009ecc9a6be91ec))
+* **deps:** update dependency diff to v8 ([#1386](https://github.com/unraid/api/issues/1386)) ([e580f64](https://github.com/unraid/api/commit/e580f646a52b8bda605132cf44ec58137e08dd42))
+* **deps:** update dependency dotenv to v17 ([#1474](https://github.com/unraid/api/issues/1474)) ([d613bfa](https://github.com/unraid/api/commit/d613bfa0410e7ef8451fc8ea20e57a7db67f7994))
+* **deps:** update dependency lucide-vue-next to ^0.509.0 ([#1383](https://github.com/unraid/api/issues/1383)) ([469333a](https://github.com/unraid/api/commit/469333acd4a0cbeecc9e9cbadb2884289d83aee3))
+* **deps:** update dependency marked to v16 ([#1444](https://github.com/unraid/api/issues/1444)) ([453a5b2](https://github.com/unraid/api/commit/453a5b2c9591f755ce07548a9996d7a6cf0925c4))
+* **deps:** update dependency shadcn-vue to v2 ([#1302](https://github.com/unraid/api/issues/1302)) ([26ecf77](https://github.com/unraid/api/commit/26ecf779e675d0bc533d61e045325ab062effcbf))
+* **deps:** update dependency vue-sonner to v2 ([#1401](https://github.com/unraid/api/issues/1401)) ([53ca414](https://github.com/unraid/api/commit/53ca41404f13c057c340dcf9010af72c3365e499))
+* disable file changes on Unraid 7.2 ([#1382](https://github.com/unraid/api/issues/1382)) ([02de89d](https://github.com/unraid/api/commit/02de89d1309f67e4b6d4f8de5f66815ee4d2464c))
+* do not start API with doinst.sh ([7d88b33](https://github.com/unraid/api/commit/7d88b3393cbd8ab1e93a86dfa1b7b74cc97255cc))
+* do not uninstall fully on 7.2 ([#1484](https://github.com/unraid/api/issues/1484)) ([2263881](https://github.com/unraid/api/commit/22638811a9fdb524420b1347ac49cfaa51bbecb5))
+* drop console with terser ([a87d455](https://github.com/unraid/api/commit/a87d455bace04aab9d7fa0e63cb61d26ef9b3b72))
+* error logs from `cloud` query when connect is not installed ([#1450](https://github.com/unraid/api/issues/1450)) ([719f460](https://github.com/unraid/api/commit/719f460016d769255582742d7d71ca97d132022b))
+* flash backup integration with Unraid Connect config ([#1448](https://github.com/unraid/api/issues/1448)) ([038c582](https://github.com/unraid/api/commit/038c582aed5f5efaea3583372778b9baa318e1ea))
+* header padding regression ([#1477](https://github.com/unraid/api/issues/1477)) ([e791cc6](https://github.com/unraid/api/commit/e791cc680de9c40378043348ddca70902da6d250))
+* incorrect state merging in redux store ([#1437](https://github.com/unraid/api/issues/1437)) ([17b7428](https://github.com/unraid/api/commit/17b74287796e6feb75466033e279dc3bcf57f1e6))
+* lanip copy button not present ([#1459](https://github.com/unraid/api/issues/1459)) ([a280786](https://github.com/unraid/api/commit/a2807864acef742e454d87bb093ee91806e527e5))
+* move to bigint scalar ([b625227](https://github.com/unraid/api/commit/b625227913e80e4731a13b54b525ec7385918c51))
+* node_modules dir removed on plugin update ([#1406](https://github.com/unraid/api/issues/1406)) ([7b005cb](https://github.com/unraid/api/commit/7b005cbbf682a1336641f5fc85022e9d651569d0))
+* omit Connect actions in UPC when plugin is not installed ([#1417](https://github.com/unraid/api/issues/1417)) ([8c8a527](https://github.com/unraid/api/commit/8c8a5276b49833c08bca133e374e1e66273b41aa))
+* parsing of `ssoEnabled` in state.php ([#1455](https://github.com/unraid/api/issues/1455)) ([f542c8e](https://github.com/unraid/api/commit/f542c8e0bd9596d9d3abf75b58b97d95fb033215))
+* pin ranges ([#1460](https://github.com/unraid/api/issues/1460)) ([f88400e](https://github.com/unraid/api/commit/f88400eea820ac80c867fdb63cd503ed91493146))
+* pr plugin promotion workflow ([#1456](https://github.com/unraid/api/issues/1456)) ([13bd9bb](https://github.com/unraid/api/commit/13bd9bb5670bb96b158068114d62572d88c7cae9))
+* proper fallback if missing paths config modules ([7067e9e](https://github.com/unraid/api/commit/7067e9e3dd3966309013b52c90090cc82de4e4fb))
+* rc.unraid-api now cleans up older dependencies ([#1404](https://github.com/unraid/api/issues/1404)) ([83076bb](https://github.com/unraid/api/commit/83076bb94088095de8b1a332a50bbef91421f0c1))
+* remote access lifecycle during boot & shutdown ([#1422](https://github.com/unraid/api/issues/1422)) ([7bc583b](https://github.com/unraid/api/commit/7bc583b18621c8140232772ca36c6d9b8d8a9cd7))
+* sign out correctly on error ([#1452](https://github.com/unraid/api/issues/1452)) ([d08fc94](https://github.com/unraid/api/commit/d08fc94afb94e386907da44402ee5a24cfb3d00a))
+* simplify usb listing ([#1402](https://github.com/unraid/api/issues/1402)) ([5355115](https://github.com/unraid/api/commit/5355115af2f4122af9afa3f63ed8f830b33cbf5c))
+* theme issues when sent from graph ([#1424](https://github.com/unraid/api/issues/1424)) ([75ad838](https://github.com/unraid/api/commit/75ad8381bd4f4045ab1d3aa84e08ecddfba27617))
+* **ui:** notifications positioning regression ([#1445](https://github.com/unraid/api/issues/1445)) ([f73e5e0](https://github.com/unraid/api/commit/f73e5e0058fcc3bedebfbe7380ffcb44aea981b8))
+* use some instead of every for connect detection ([9ce2fee](https://github.com/unraid/api/commit/9ce2fee380c4db1395f5d4df7f16ae6c57d1a748))
+
+
+### Reverts
+
+* revert package.json dependency updates from commit 711cc9a for api and packages/* ([94420e4](https://github.com/unraid/api/commit/94420e4d45735b8def3915b5789c15c1c3121f1e))
+
+## [4.8.0](https://github.com/unraid/api/compare/v4.7.0...v4.8.0) (2025-05-01)
+
+
+### Features
+
+* move activation code logic into the API ([#1369](https://github.com/unraid/api/issues/1369)) ([39e83b2](https://github.com/unraid/api/commit/39e83b2aa156586ab4da362137194280fccefe7c))
+
+
+### Bug Fixes
+
+* 400 error when submitting connect settings ([831050f](https://github.com/unraid/api/commit/831050f4e8c3af4cbcc123a3a609025f250f0824))
+
+## [4.7.0](https://github.com/unraid/api/compare/v4.6.6...v4.7.0) (2025-04-24)
+
+
+### Features
+
+* add basic docker network listing ([#1317](https://github.com/unraid/api/issues/1317)) ([c4fdff8](https://github.com/unraid/api/commit/c4fdff8149eb2812707605b3a98eabc795d18c5e))
+* add permission documentation by using a custom decorator ([#1355](https://github.com/unraid/api/issues/1355)) ([45ecab6](https://github.com/unraid/api/commit/45ecab6914e2e4dd48438352eb9a5084a6a4b996))
+* basic vm controls ([#1293](https://github.com/unraid/api/issues/1293)) ([bc3ca92](https://github.com/unraid/api/commit/bc3ca92fb02387bc019bb001809df96974737b50))
+* code first graphql ([#1347](https://github.com/unraid/api/issues/1347)) ([f5724ab](https://github.com/unraid/api/commit/f5724abffbcb8c8a4885c487df4119787fd1d541))
+
+
+### Bug Fixes
+
+* container names always null ([#1335](https://github.com/unraid/api/issues/1335)) ([8a5b238](https://github.com/unraid/api/commit/8a5b23856c006827229812e558f7d1af92be80e0))
+* **deps:** update all non-major dependencies ([#1337](https://github.com/unraid/api/issues/1337)) ([2345732](https://github.com/unraid/api/commit/234573264cfed1409a767927ff95f132be393ea9))
+* hide reboot notice for patch releases ([#1341](https://github.com/unraid/api/issues/1341)) ([4b57439](https://github.com/unraid/api/commit/4b5743906a172f84bb46011fe2c3e0c8f64059a2))
+* move docker mutations to the mutations resolver ([#1333](https://github.com/unraid/api/issues/1333)) ([1bbe7d2](https://github.com/unraid/api/commit/1bbe7d27b0e87b5ffcd57ac9cc28e64b046055be))
+* PR build issue ([457d338](https://github.com/unraid/api/commit/457d338150774ddc14cde6562e226a6a565aca48))
+* remove some unused fields from the report object ([#1342](https://github.com/unraid/api/issues/1342)) ([cd323ac](https://github.com/unraid/api/commit/cd323acd4905a558786b029ff5a30371c4512956))
+* sso unreliable if API outputs more than raw json ([#1353](https://github.com/unraid/api/issues/1353)) ([e65775f](https://github.com/unraid/api/commit/e65775f8782714d1cc29c8f2801244b5a4043409))
+* vms now can detect starting of libvirt and start local hypervisor ([#1356](https://github.com/unraid/api/issues/1356)) ([ad0f4c8](https://github.com/unraid/api/commit/ad0f4c8b55c7f7e94fbae2108f17715b1373a3ef))
+
+## [4.6.6](https://github.com/unraid/api/compare/v4.6.5...v4.6.6) (2025-04-03)
+
+
+### Bug Fixes
+
+* issue with invalid builds for prod and tagging ([7e89cd2](https://github.com/unraid/api/commit/7e89cd2a3e06a4abc8164f2f4985ad9f6cc9388d))
+
+## [4.6.5](https://github.com/unraid/api/compare/v4.6.4...v4.6.5) (2025-04-03)
+
+
+### Bug Fixes
+
+* unique artifact ID ([0f682b5](https://github.com/unraid/api/commit/0f682b5f23f4319a1ad8f0e8f2b5e5ae0a2293db))
+
+## [4.6.4](https://github.com/unraid/api/compare/v4.6.3...v4.6.4) (2025-04-03)
+
+
+### Bug Fixes
+
+* cleanup build pipeline ([#1326](https://github.com/unraid/api/issues/1326)) ([60f16bd](https://github.com/unraid/api/commit/60f16bde416993771fce2ad5861a671504af4b7d))
+* remove unneeded workflow secret pass ([4bb00dd](https://github.com/unraid/api/commit/4bb00dd981384083cec40d804209ec2ca18d7aae))
+
+## [4.6.3](https://github.com/unraid/api/compare/v4.6.2...v4.6.3) (2025-04-03)
+
+
+### Bug Fixes
+
+* copy dynamix.unraid.net ([662d5f6](https://github.com/unraid/api/commit/662d5f64c94586e35bfdaae2df0716c3754b2c45))
+* make backup of txz ([37e72f9](https://github.com/unraid/api/commit/37e72f9729f6ab385ed1070fbdca6028688fbd92))
+* ordering in build script ([a562f77](https://github.com/unraid/api/commit/a562f7716380bde4a1ae0d6960eff51c37b9291c))
+
+## [4.6.2](https://github.com/unraid/api/compare/v4.6.1...v4.6.2) (2025-04-03)
+
+
+### Bug Fixes
+
+* build issue ([99d8b31](https://github.com/unraid/api/commit/99d8b31fa8bef13ae6c7dcf74593bc2999a676ed))
+
 ## [4.6.1](https://github.com/unraid/api/compare/v4.6.0...v4.6.1) (2025-04-03)
 
 

api/Dockerfile

@@ -1,7 +1,7 @@
 ###########################################################
 # Development/Build Image
 ###########################################################
-FROM node:22-bookworm-slim AS development
+FROM node:22.17.0-bookworm-slim AS development
 
 # Install build tools and dependencies
 RUN apt-get update -y && apt-get install -y \

api/codegen.ts

@@ -1,17 +1,13 @@
 import type { CodegenConfig } from '@graphql-codegen/cli';
 
-
-
-
-
 const config: CodegenConfig = {
     overwrite: true,
     emitLegacyCommonJSImports: false,
     verbose: true,
     config: {
         namingConvention: {
-            typeNames: './fix-array-type.cjs',
-            enumValues: 'change-case#upperCase',
+            enumValues: 'change-case-all#upperCase',
+            transformUnderscore: true,
             useTypeImports: true,
         },
         scalars: {
@@ -31,6 +27,7 @@ const config: CodegenConfig = {
         },
     },
     generates: {
+        // Generate Types for Mothership GraphQL Client
         'src/graphql/generated/client/': {
             documents: './src/graphql/mothership/*.ts',
             schema: {
@@ -50,40 +47,6 @@ const config: CodegenConfig = {
             },
             plugins: [{ add: { content: '/* eslint-disable */' } }],
         },
-        // Generate Types for the API Server
-        'src/graphql/generated/api/types.ts': {
-            schema: ['./src/graphql/types.ts', './src/graphql/schema/types/**/*.graphql'],
-            plugins: [
-                'typescript',
-                'typescript-resolvers',
-                { add: { content: '/* eslint-disable */\n/* @ts-nocheck */' } },
-            ],
-            config: {
-                contextType: '@app/graphql/schema/utils.js#Context',
-                useIndexSignature: true,
-            },
-        },
-        // Generate Operations for any built-in API Server Operations (e.g., report.ts)
-        'src/graphql/generated/api/operations.ts': {
-            documents: './src/graphql/client/api/*.ts',
-            schema: ['./src/graphql/types.ts', './src/graphql/schema/types/**/*.graphql'],
-            preset: 'import-types',
-            presetConfig: {
-                typesPath: '@app/graphql/generated/api/types.js',
-            },
-            plugins: [
-                'typescript-validation-schema',
-                'typescript-operations',
-                'typed-document-node',
-                { add: { content: '/* eslint-disable */' } },
-            ],
-            config: {
-                importFrom: '@app/graphql/generated/api/types.js',
-                strictScalars: true,
-                schema: 'zod',
-                withObjectType: true,
-            },
-        },
         'src/graphql/generated/client/validators.ts': {
             schema: {
                 [process.env.MOTHERSHIP_GRAPHQL_LINK as string]: {
@@ -102,4 +65,4 @@ const config: CodegenConfig = {
     },
 };
 
-export default config;
+export default config;

api/dev/Unraid.net/myservers.cfg

@@ -1,5 +1,5 @@
 [api]
-version="4.1.3"
+version="4.4.1"
 extraOrigins="https://google.com,https://test.com"
 [local]
 sandbox="yes"

api/dev/Unraid.net/myservers.example.cfg

@@ -0,0 +1,20 @@
+[api]
+version="4.4.1"
+extraOrigins="https://google.com,https://test.com"
+[local]
+sandbox="yes"
+[remote]
+wanaccess="yes"
+wanport="8443"
+upnpEnabled="no"
+apikey="_______________________BIG_API_KEY_HERE_________________________"
+localApiKey="_______________________LOCAL_API_KEY_HERE_________________________"
+email="test@example.com"
+username="zspearmint"
+avatar="https://via.placeholder.com/200"
+regWizTime="1611175408732_0951-1653-3509-FBA155FA23C0"
+accesstoken=""
+idtoken=""
+refreshtoken=""
+dynamicRemoteAccessType="DISABLED"
+ssoSubIds=""

api/dev/activation/activation_code_12345.activationcode

@@ -0,0 +1,13 @@
+{
+  "code": "EXAMPLE_CODE_123",
+  "partnerName": "MyPartner Inc.",
+  "partnerUrl": "https://partner.example.com",
+  "serverName": "MyAwesomeServer",
+  "sysModel": "CustomBuild v1.0",
+  "comment": "This is a test activation code for development.",
+  "header": "#336699",
+  "headermetacolor": "#FFFFFF",
+  "background": "#F0F0F0",
+  "showBannerGradient": "yes",
+  "theme": "black"
+}

api/dev/activation/applied.txt

@@ -0,0 +1 @@
+true

api/dev/activation/assets/logo.svg

@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="442" height="221">
+	<defs>
+		<linearGradient id="gradient_0" gradientUnits="userSpaceOnUse" x1="608.84924" y1="48.058002" x2="447.47684" y2="388.15295">
+			<stop offset="0" stop-color="#ECC02F"/>
+			<stop offset="1" stop-color="#B8436B"/>
+		</linearGradient>
+	</defs>
+	<path fill="url(#gradient_0)" transform="scale(0.431641 0.431641)" d="M126.543 236.139C141.269 184.983 170.747 148.08 228.938 144.823C240.378 144.182 259.66 144.749 271.333 145.215C299.585 144.391 350.558 142.667 377.842 145.685C414.099 149.696 443.185 175.429 472.192 195.251L586.561 274.337C636.114 308.874 627.234 309.151 685.21 309.042L778.304 309.082C799.091 309.099 813.482 308.867 828.82 292.529C857.893 261.561 843.003 209.317 800.506 200.17C790.505 198.018 779.334 199.535 769.11 199.523L702.658 199.488C690.005 186.062 675.199 151.817 658.182 145.215L739.199 145.198C765.636 145.196 796.164 142.886 821.565 150.344C923.889 180.389 922.324 331.136 816.611 357.807C802.524 361.361 788.425 361.034 774.035 361.031L663.497 361.009C623.773 360.859 603.599 349.313 572.35 327.596L430.421 229.848C415.731 219.804 401.419 209.118 386.451 199.488C377.579 199.501 368.42 200.01 359.582 199.488L272.561 199.497C258.582 199.485 235.352 198.06 222.607 200.981C192.741 207.825 177.956 234.361 180.015 263.294C177.545 260.392 178.63 254.678 178.838 251.164C179.877 233.569 187.409 224.968 197.345 212.22C184.786 202.853 156.933 193.749 149.447 186.645C143.454 196.583 136.881 205.628 132.955 216.732C130.766 222.921 130.678 230.967 127.506 236.625L126.543 236.139Z"/>
+	<path fill="#308DAF" transform="scale(0.431641 0.431641)" d="M149.447 186.645C156.933 193.749 184.786 202.853 197.345 212.22C187.409 224.968 179.877 233.569 178.838 251.164C178.63 254.678 177.545 260.392 180.015 263.294C192.489 309.751 221.563 309.078 263.512 309.07L322.096 309.048C333.708 325.984 348.958 344.904 361.795 361.006L232.654 361.03C176.801 360.579 130.605 315.939 126.498 260.613C125.893 252.473 126.453 244.293 126.543 236.139L127.506 236.625C130.678 230.967 130.766 222.921 132.955 216.732C136.881 205.628 143.454 196.583 149.447 186.645Z"/>
+	<defs>
+		<linearGradient id="gradient_1" gradientUnits="userSpaceOnUse" x1="620.42566" y1="140.57172" x2="611.08759" y2="282.2207">
+			<stop offset="0" stop-color="#F5A22C"/>
+			<stop offset="1" stop-color="#E17543"/>
+		</linearGradient>
+	</defs>
+	<path fill="url(#gradient_1)" transform="scale(0.431641 0.431641)" d="M570.215 137.504C646.214 133.055 670.623 188.789 707.064 241.977L726.71 270.658C729.065 274.1 737.591 284.13 737.576 287.916L674.645 287.916C674.5 287.132 659.251 264.134 658.182 263.294C658.133 262.92 623.915 212.832 620.593 208.697C602.652 186.369 565.856 181.796 545.393 203.424C542.002 207.007 539.705 211.779 535.713 214.764C534.409 212.586 496.093 187.105 490.641 183.32C508.306 154.99 539.004 142.872 570.215 137.504Z"/>
+	<path fill="#308DAF" transform="scale(0.431641 0.431641)" d="M286.656 221.485L350.512 221.485C354.248 227.374 358.556 232.986 362.565 238.698L379.9 263.82C397.44 289.065 410.994 321.185 447.698 317.317C464.599 315.536 476.472 305.449 486.751 292.741C494.293 298.818 530.089 320.341 533.124 324.28C532.441 328.231 526.229 334.319 522.861 336.255C521.587 339.958 509.164 348.519 505.635 350.88C463.781 378.879 411.472 377.537 373.808 343.464C365.331 335.795 359.734 326.969 353.351 317.641L336.798 293.614C320.035 269.591 302.915 245.863 286.656 221.485Z"/>
+</svg>

api/dev/configs/api.json

@@ -0,0 +1,10 @@
+{
+  "version": "4.8.0",
+  "extraOrigins": [
+    "https://google.com",
+    "https://test.com"
+  ],
+  "sandbox": true,
+  "ssoSubIds": [],
+  "plugins": ["unraid-api-plugin-connect"]
+}

api/dev/configs/connect.json

@@ -0,0 +1,16 @@
+{
+  "wanaccess": false,
+  "wanport": 0,
+  "upnpEnabled": false,
+  "apikey": "",
+  "localApiKey": "",
+  "email": "",
+  "username": "",
+  "avatar": "",
+  "regWizTime": "",
+  "accesstoken": "",
+  "idtoken": "",
+  "refreshtoken": "",
+  "dynamicRemoteAccessType": "DISABLED",
+  "ssoSubIds": []
+}

api/dev/dynamix/dynamix.cfg

@@ -1,36 +1,42 @@
 [display]
-date="%c"
-time="%I:%M %p"
-number=".,"
-scale="-1"
-tabs="1"
-users="Tasks:3"
-resize="0"
-wwn="0"
-total="1"
-usage="0"
-banner="image"
-dashapps="icons"
-theme="white"
-text="1"
-unit="C"
-warning="70"
-critical="90"
-hot="45"
-max="55"
-sysinfo="/Tools/SystemProfiler"
+date=%c
+time=%I:%M %p
+number=.,
+scale=-1
+tabs=1
+users=Tasks:3
+resize=0
+wwn=0
+total=1
+usage=0
+banner=image
+dashapps=icons
+theme=black
+text=1
+unit=C
+warning=70
+critical=90
+hot=45
+max=55
+sysinfo=/Tools/SystemProfiler
+header=336699
+headermetacolor=FFFFFF
+background=F0F0F0
+showBannerGradient=yes
+
 [notify]
-entity="1"
-normal="1"
-warning="1"
-alert="1"
-unraid="1"
-plugin="1"
-docker_notify="1"
-report="1"
-display="0"
-date="d-m-Y"
-time="H:i"
-position="top-right"
-path="./dev/notifications"
-system="*/1 * * * *"
+entity=1
+normal=1
+warning=1
+alert=1
+unraid=1
+plugin=1
+docker_notify=1
+report=1
+display=0
+date=d-m-Y
+time=H:i
+position=top-right
+path=./dev/notifications
+system=*/1 * * * *
+

api/dev/ident.cfg

@@ -0,0 +1,36 @@
+# Generated settings:
+NAME="Unraid"
+timeZone="America/New_York"
+COMMENT="Media server"
+SECURITY="user"
+WORKGROUP="WORKGROUP"
+DOMAIN=""
+DOMAIN_SHORT=""
+hideDotFiles="no"
+enableFruit="yes"
+USE_NETBIOS="no"
+localMaster="yes"
+serverMultiChannel="no"
+USE_WSD="yes"
+WSD_OPT=""
+WSD2_OPT=""
+USE_NTP="yes"
+NTP_SERVER1="time1.google.com"
+NTP_SERVER2="time2.google.com"
+NTP_SERVER3="time3.google.com"
+NTP_SERVER4="time4.google.com"
+DOMAIN_LOGIN="Administrator"
+DOMAIN_PASSWD=""
+SYS_MODEL="Custom"
+SYS_ARRAY_SLOTS="24"
+USE_SSL="yes"
+PORT="80"
+PORTSSL="8443"
+LOCAL_TLD="local"
+BIND_MGT="no"
+USE_TELNET="no"
+PORTTELNET="23"
+USE_SSH="yes"
+PORTSSH="22"
+USE_UPNP="yes"
+START_PAGE="Main"

api/dev/keys/b5b4aa3d-8e40-4c92-bc40-d50182071886.json

@@ -6,6 +6,6 @@
   "name": "Connect",
   "permissions": [],
   "roles": [
-    "connect"
+    "CONNECT"
   ]
 }

api/dev/states/myservers.cfg

@@ -20,5 +20,5 @@ dynamicRemoteAccessType="DISABLED"
 ssoSubIds=""
 allowedOrigins="/var/run/unraid-notifications.sock, /var/run/unraid-php.sock, /var/run/unraid-cli.sock, http://localhost:8080, https://localhost:4443, https://tower.local:4443, https://192.168.1.150:4443, https://tower:4443, https://192-168-1-150.thisisfourtyrandomcharacters012345678900.myunraid.net:4443, https://85-121-123-122.thisisfourtyrandomcharacters012345678900.myunraid.net:8443, https://10-252-0-1.hash.myunraid.net:4443, https://10-252-1-1.hash.myunraid.net:4443, https://10-253-3-1.hash.myunraid.net:4443, https://10-253-4-1.hash.myunraid.net:4443, https://10-253-5-1.hash.myunraid.net:4443, https://10-100-0-1.hash.myunraid.net:4443, https://10-100-0-2.hash.myunraid.net:4443, https://10-123-1-2.hash.myunraid.net:4443, https://221-123-121-112.hash.myunraid.net:4443, https://google.com, https://test.com, https://connect.myunraid.net, https://connect-staging.myunraid.net, https://dev-my.myunraid.net:4000, https://studio.apollographql.com"
 [connectionStatus]
-minigraph="ERROR_RETRYING"
+minigraph="PRE_INIT"
 upnpStatus=""

api/dev/states/var.ini

@@ -102,6 +102,7 @@ regTm="1833409182"
 regTm2="0"
 regExp=""
 regGen="0"
+regState="ENOKEYFILE"
 sbName="/boot/config/super.dat"
 sbVersion="2.9.13"
 sbUpdated="1596079143"

api/dev/webGui/images/UN-logotype-gradient.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 222.36 39.04"><defs><linearGradient id="header-logo" x1="47.53" y1="79.1" x2="170.71" y2="-44.08" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#e32929"/><stop offset="1" stop-color="#ff8d30"/></linearGradient></defs><title>unraid.net</title><path d="M146.7,29.47H135l-3,9h-6.49L138.93,0h8l13.41,38.49h-7.09L142.62,6.93l-5.83,16.88h8ZM29.69,0V25.4c0,8.91-5.77,13.64-14.9,13.64S0,34.31,0,25.4V0H6.54V25.4c0,5.17,3.19,7.92,8.25,7.92s8.36-2.75,8.36-7.92V0ZM50.86,12v26.5H44.31V0h6.11l17,26.5V0H74V38.49H67.9ZM171.29,0h6.54V38.49h-6.54Zm51.07,24.69c0,9-5.88,13.8-15.17,13.8H192.67V0H207.3c9.18,0,15.06,4.78,15.06,13.8ZM215.82,13.8c0-5.28-3.3-8.14-8.52-8.14h-8.08V32.77h8c5.33,0,8.63-2.8,8.63-8.08ZM108.31,23.92c4.34-1.6,6.93-5.28,6.93-11.55C115.24,3.68,110.18,0,102.48,0H88.84V38.49h6.55V5.66h6.87c3.8,0,6.21,1.82,6.21,6.71s-2.41,6.76-6.21,6.76H98.88l9.21,19.36h7.53Z" fill="url(#header-logo)"/></svg>

api/docs/developer/api-plugins.md

@@ -0,0 +1,124 @@
+# Working with API plugins
+
+Under the hood, API plugins (i.e. plugins to the `@unraid/api` project) are represented
+as npm `peerDependencies`. This is npm's intended package plugin mechanism, and given that
+peer dependencies are installed by default as of npm v7, it supports bi-directional plugin functionality,
+where the API provides dependencies for the plugin while the plugin provides functionality to the API.
+
+## Private Workspace plugins
+
+### Adding a local workspace package as an API plugin
+
+The challenge with local workspace plugins is that they aren't available via npm during production.
+To solve this, we vendor them during the build process. Here's the complete process:
+
+#### 1. Configure the build system
+
+Add your workspace package to the vendoring configuration in `api/scripts/build.ts`:
+
+```typescript
+const WORKSPACE_PACKAGES_TO_VENDOR = {
+    '@unraid/shared': 'packages/unraid-shared',
+    'unraid-api-plugin-connect': 'packages/unraid-api-plugin-connect',
+    'your-plugin-name': 'packages/your-plugin-path', // Add your plugin here
+} as const;
+```
+
+#### 2. Configure Vite
+
+Add your workspace package to the Vite configuration in `api/vite.config.ts`:
+
+```typescript
+const workspaceDependencies = {
+    '@unraid/shared': 'packages/unraid-shared',
+    'unraid-api-plugin-connect': 'packages/unraid-api-plugin-connect',
+    'your-plugin-name': 'packages/your-plugin-path', // Add your plugin here
+};
+```
+
+This ensures the package is:
+- Excluded from Vite's optimization during development
+- Marked as external during the build process
+- Properly handled in SSR mode
+
+#### 3. Configure the API package.json
+
+Add your workspace package as a peer dependency in `api/package.json`:
+
+```json
+{
+    "peerDependencies": {
+        "unraid-api-plugin-connect": "workspace:*",
+        "your-plugin-name": "workspace:*"
+    },
+    "peerDependenciesMeta": {
+        "unraid-api-plugin-connect": {
+            "optional": true
+        },
+        "your-plugin-name": {
+            "optional": true
+        }
+    }
+}
+```
+
+By marking the workspace dependency "optional", npm will not attempt to install it during development.
+The "workspace:*" identifier will be invalid during build-time and run-time, but won't cause problems
+because the package gets vendored instead.
+
+#### 4. Plugin package setup
+
+Your workspace plugin package should:
+
+1. **Export types and main entry**: Set up proper `main`, `types`, and `exports` fields:
+```json
+{
+    "name": "your-plugin-name",
+    "main": "dist/index.js",
+    "types": "dist/index.d.ts",
+    "type": "module",
+    "exports": {
+        ".": {
+            "types": "./dist/index.d.ts",
+            "import": "./dist/index.js"
+        }
+    },
+    "files": ["dist"]
+}
+```
+
+2. **Use peer dependencies**: Declare shared dependencies as peer dependencies to avoid duplication:
+```json
+{
+    "peerDependencies": {
+        "@nestjs/common": "^11.0.11",
+        "@nestjs/core": "^11.0.11",
+        "graphql": "^16.9.0"
+    }
+}
+```
+
+3. **Include build script**: Add a build script that compiles TypeScript:
+```json
+{
+    "scripts": {
+        "build": "tsc",
+        "prepare": "npm run build"
+    }
+}
+```
+
+#### 5. Build process
+
+During production builds:
+
+1. The build script (`api/scripts/build.ts`) will automatically pack and install your workspace package as a tarball
+2. This happens after `npm install --omit=dev` in the pack directory
+3. The vendored package becomes a regular node_modules dependency in the final build
+
+#### 6. Development vs Production
+
+- **Development**: Vite resolves workspace packages directly from their source
+- **Production**: Packages are vendored as tarballs in `node_modules`
+
+This approach ensures that workspace plugins work seamlessly in both development and production environments.

api/ecosystem.config.json

@@ -11,7 +11,7 @@
             "max_restarts": 10,
             "min_uptime": 10000,
             "watch": false,
-            "interpreter": "/usr/local/node/bin/node",
+            "interpreter": "/usr/local/bin/node",
             "ignore_watch": ["node_modules", "src", ".env.*", "myservers.cfg"],
             "log_file": "/var/log/graphql-api.log",
             "kill_timeout": 10000

api/fix-array-type.cjs

@@ -1,18 +0,0 @@
-/**
- * This function wraps constant case, that turns any string into CONSTANT_CASE
- * However, this function has a bug that, if you pass _ to it it will return an empty
- * string. This small module fixes that
- *
- * @param {string*} str
- * @return {string}
- */
-function FixArrayType(str) {
-    if (str === 'Array') {
-        return 'ArrayType';
-    }
-
-    // If result is an empty string, just return the original string
-    return str;
-}
-
-module.exports = FixArrayType;

api/justfile

@@ -14,3 +14,7 @@ default:
 
 alias b := build
 alias d := deploy
+
+sync-env server:
+    rsync -avz --progress --stats -e ssh .env* root@{{server}}:/usr/local/unraid-api
+    ssh root@{{server}} 'cp /usr/local/unraid-api/.env.staging /usr/local/unraid-api/.env'

api/legacy/README.md

@@ -0,0 +1,3 @@
+# Legacy Assets
+
+This folder will store legacy types / functionality that may be useful but is not currently a part of the API

api/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@unraid/api",
-    "version": "4.6.1",
+    "version": "4.9.2",
     "main": "src/cli/index.ts",
     "type": "module",
     "corepack": {
@@ -10,18 +10,19 @@
     "author": "Lime Technology, Inc. <unraid.net>",
     "license": "GPL-2.0-or-later",
     "engines": {
-        "pnpm": ">=8.0.0"
+        "pnpm": "10.13.1"
     },
     "scripts": {
         "// Development": "",
         "start": "node dist/main.js",
         "dev": "vite",
+        "dev:debug": "NODE_OPTIONS='--inspect-brk=9229 --enable-source-maps' vite",
         "command": "pnpm run build && clear && ./dist/cli.js",
         "command:raw": "./dist/cli.js",
         "// Build and Deploy": "",
         "build": "vite build --mode=production",
         "postbuild": "chmod +x dist/main.js && chmod +x dist/cli.js",
-        "build:watch": "nodemon --watch src --ext ts,js,json --exec 'tsx ./scripts/build.ts'",
+        "build:watch": "WATCH_MODE=true nodemon --watch src --ext ts,js,json --exec 'tsx ./scripts/build.ts'",
         "build:docker": "./scripts/dc.sh run --rm builder",
         "build:release": "tsx ./scripts/build.ts",
         "preunraid:deploy": "pnpm build",
@@ -43,166 +44,189 @@
         "container:start": "pnpm run container:stop && ./scripts/dc.sh run --rm --service-ports dev",
         "container:stop": "./scripts/dc.sh stop dev",
         "container:test": "./scripts/dc.sh run --rm builder pnpm run test",
-        "container:enter": "./scripts/dc.sh exec dev /bin/bash"
+        "container:enter": "./scripts/dc.sh exec dev /bin/bash",
+        "// Migration Scripts": "",
+        "migration:codefirst": "tsx ./src/unraid-api/graph/migration-script.ts"
     },
     "bin": {
         "unraid-api": "dist/cli.js"
     },
     "dependencies": {
-        "@apollo/client": "^3.11.8",
-        "@apollo/server": "^4.11.2",
-        "@as-integrations/fastify": "^2.1.1",
-        "@fastify/cookie": "^11.0.2",
-        "@fastify/helmet": "^13.0.1",
-        "@graphql-codegen/client-preset": "^4.5.0",
-        "@graphql-tools/load-files": "^7.0.0",
-        "@graphql-tools/merge": "^9.0.8",
-        "@graphql-tools/schema": "^10.0.7",
-        "@graphql-tools/utils": "^10.5.5",
-        "@jsonforms/core": "^3.5.1",
-        "@nestjs/apollo": "^13.0.3",
-        "@nestjs/common": "^11.0.11",
-        "@nestjs/core": "^11.0.11",
-        "@nestjs/graphql": "^13.0.3",
-        "@nestjs/passport": "^11.0.0",
-        "@nestjs/platform-fastify": "^11.0.11",
-        "@nestjs/schedule": "^5.0.0",
-        "@nestjs/throttler": "^6.2.1",
-        "@reduxjs/toolkit": "^2.3.0",
-        "@runonflux/nat-upnp": "^1.0.2",
-        "@types/diff": "^7.0.1",
-        "@unraid/libvirt": "^1.1.3",
-        "accesscontrol": "^2.2.1",
-        "bycontract": "^2.0.11",
-        "bytes": "^3.1.2",
-        "cacheable-lookup": "^7.0.0",
-        "camelcase-keys": "^9.1.3",
-        "casbin": "^5.32.0",
-        "change-case": "^5.4.4",
-        "chokidar": "^4.0.1",
-        "cli-table": "^0.3.11",
-        "command-exists": "^1.2.9",
-        "convert": "^5.8.0",
-        "cookie": "^1.0.2",
-        "cron": "3.5.0",
-        "cross-fetch": "^4.0.0",
-        "diff": "^7.0.0",
-        "docker-event-emitter": "^0.3.0",
-        "dockerode": "^3.3.5",
-        "dotenv": "^16.4.5",
-        "execa": "^9.5.1",
-        "exit-hook": "^4.0.0",
-        "fastify": "^5.2.1",
-        "filenamify": "^6.0.0",
-        "fs-extra": "^11.2.0",
-        "glob": "^11.0.1",
-        "global-agent": "^3.0.0",
-        "got": "^14.4.6",
-        "graphql": "^16.9.0",
-        "graphql-fields": "^2.0.3",
-        "graphql-scalars": "^1.23.0",
-        "graphql-subscriptions": "^3.0.0",
-        "graphql-tag": "^2.12.6",
-        "graphql-type-json": "^0.3.2",
-        "graphql-type-uuid": "^0.2.0",
-        "graphql-ws": "^6.0.0",
-        "ini": "^5.0.0",
-        "ip": "^2.0.1",
-        "jose": "^6.0.0",
-        "lodash-es": "^4.17.21",
-        "multi-ini": "^2.3.2",
-        "mustache": "^4.2.0",
-        "nest-authz": "^2.14.0",
-        "nest-commander": "^3.15.0",
-        "nestjs-pino": "^4.1.0",
-        "node-cache": "^5.1.2",
-        "node-window-polyfill": "^1.0.2",
-        "p-retry": "^6.2.0",
-        "passport-custom": "^1.1.1",
-        "passport-http-header-strategy": "^1.1.0",
-        "path-type": "^6.0.0",
-        "pino": "^9.5.0",
-        "pino-http": "^10.3.0",
-        "pino-pretty": "^13.0.0",
-        "pm2": "^6.0.0",
+        "@apollo/client": "3.13.8",
+        "@apollo/server": "4.12.2",
+        "@as-integrations/fastify": "2.1.1",
+        "@fastify/cookie": "11.0.2",
+        "@fastify/helmet": "13.0.1",
+        "@graphql-codegen/client-preset": "4.8.3",
+        "@graphql-tools/load-files": "7.0.1",
+        "@graphql-tools/merge": "9.0.24",
+        "@graphql-tools/schema": "10.0.23",
+        "@graphql-tools/utils": "10.8.6",
+        "@jsonforms/core": "3.6.0",
+        "@nestjs/apollo": "13.1.0",
+        "@nestjs/cache-manager": "3.0.1",
+        "@nestjs/common": "11.1.3",
+        "@nestjs/config": "4.0.2",
+        "@nestjs/core": "11.1.3",
+        "@nestjs/event-emitter": "3.0.1",
+        "@nestjs/graphql": "13.1.0",
+        "@nestjs/passport": "11.0.5",
+        "@nestjs/platform-fastify": "11.1.3",
+        "@nestjs/schedule": "6.0.0",
+        "@nestjs/throttler": "6.4.0",
+        "@reduxjs/toolkit": "2.8.2",
+        "@runonflux/nat-upnp": "1.0.2",
+        "@types/diff": "8.0.0",
+        "@unraid/libvirt": "2.1.0",
+        "@unraid/shared": "workspace:*",
+        "accesscontrol": "2.2.1",
+        "bycontract": "2.0.11",
+        "bytes": "3.1.2",
+        "cache-manager": "7.0.1",
+        "cacheable-lookup": "7.0.0",
+        "camelcase-keys": "9.1.3",
+        "casbin": "5.38.0",
+        "change-case": "5.4.4",
+        "chokidar": "4.0.3",
+        "class-transformer": "0.5.1",
+        "class-validator": "0.14.2",
+        "cli-table": "0.3.11",
+        "command-exists": "1.2.9",
+        "convert": "5.12.0",
+        "cookie": "1.0.2",
+        "cron": "4.3.1",
+        "cross-fetch": "4.1.0",
+        "diff": "8.0.2",
+        "dockerode": "4.0.7",
+        "dotenv": "17.1.0",
+        "execa": "9.6.0",
+        "exit-hook": "4.0.0",
+        "fastify": "5.4.0",
+        "filenamify": "6.0.0",
+        "fs-extra": "11.3.0",
+        "glob": "11.0.3",
+        "global-agent": "3.0.0",
+        "got": "14.4.7",
+        "graphql": "16.11.0",
+        "graphql-fields": "2.0.3",
+        "graphql-scalars": "1.24.2",
+        "graphql-subscriptions": "3.0.0",
+        "graphql-tag": "2.12.6",
+        "graphql-ws": "6.0.5",
+        "ini": "5.0.0",
+        "ip": "2.0.1",
+        "jose": "6.0.11",
+        "json-bigint-patch": "0.0.8",
+        "lodash-es": "4.17.21",
+        "multi-ini": "2.3.2",
+        "mustache": "4.2.0",
+        "nest-authz": "2.17.0",
+        "nest-commander": "3.17.0",
+        "nestjs-pino": "4.4.0",
+        "node-cache": "5.1.2",
+        "node-window-polyfill": "1.0.4",
+        "p-retry": "6.2.1",
+        "passport-custom": "1.1.1",
+        "passport-http-header-strategy": "1.1.0",
+        "path-type": "6.0.0",
+        "pino": "9.7.0",
+        "pino-http": "10.5.0",
+        "pino-pretty": "13.0.0",
+        "pm2": "6.0.8",
         "reflect-metadata": "^0.1.14",
-        "request": "^2.88.2",
-        "rxjs": "^7.8.2",
-        "semver": "^7.6.3",
-        "strftime": "^0.10.3",
-        "systeminformation": "^5.25.11",
-        "uuid": "^11.0.2",
-        "ws": "^8.18.0",
-        "zen-observable-ts": "^1.1.0",
-        "zod": "^3.23.8"
+        "request": "2.88.2",
+        "rxjs": "7.8.2",
+        "semver": "7.7.2",
+        "strftime": "0.10.3",
+        "systeminformation": "5.27.7",
+        "uuid": "11.1.0",
+        "ws": "8.18.3",
+        "zen-observable-ts": "1.1.0",
+        "zod": "3.25.76"
+    },
+    "peerDependencies": {
+        "unraid-api-plugin-connect": "workspace:*"
+    },
+    "peerDependenciesMeta": {
+        "unraid-api-plugin-connect": {
+            "optional": true
+        }
     },
     "devDependencies": {
-        "@eslint/js": "^9.21.0",
-        "@graphql-codegen/add": "^5.0.3",
-        "@graphql-codegen/cli": "^5.0.3",
-        "@graphql-codegen/fragment-matcher": "^5.0.2",
-        "@graphql-codegen/import-types-preset": "^3.0.0",
-        "@graphql-codegen/typed-document-node": "^5.0.11",
-        "@graphql-codegen/typescript": "^4.1.1",
-        "@graphql-codegen/typescript-operations": "^4.3.1",
-        "@graphql-codegen/typescript-resolvers": "4.5.0",
-        "@graphql-typed-document-node/core": "^3.2.0",
-        "@ianvs/prettier-plugin-sort-imports": "^4.4.0",
-        "@nestjs/testing": "^11.0.11",
-        "@originjs/vite-plugin-commonjs": "^1.0.3",
-        "@rollup/plugin-node-resolve": "^16.0.0",
-        "@swc/core": "^1.10.1",
-        "@types/async-exit-hook": "^2.0.2",
-        "@types/bytes": "^3.1.4",
-        "@types/cli-table": "^0.3.4",
-        "@types/command-exists": "^1.2.3",
-        "@types/cors": "^2.8.17",
-        "@types/dockerode": "^3.3.31",
-        "@types/graphql-fields": "^1.3.9",
-        "@types/graphql-type-uuid": "^0.2.6",
-        "@types/ini": "^4.1.1",
-        "@types/ip": "^1.1.3",
-        "@types/lodash": "^4.17.13",
-        "@types/mustache": "^4.2.5",
-        "@types/node": "^22.13.4",
-        "@types/pify": "^6.0.0",
-        "@types/semver": "^7.5.8",
-        "@types/sendmail": "^1.4.7",
-        "@types/stoppable": "^1.1.3",
-        "@types/strftime": "^0.9.8",
-        "@types/uuid": "^10.0.0",
-        "@types/ws": "^8.5.13",
-        "@types/wtfnode": "^0.7.3",
-        "@vitest/coverage-v8": "^3.0.5",
-        "@vitest/ui": "^3.0.5",
+        "@eslint/js": "9.30.1",
+        "@graphql-codegen/add": "5.0.3",
+        "@graphql-codegen/cli": "5.0.7",
+        "@graphql-codegen/fragment-matcher": "5.1.0",
+        "@graphql-codegen/import-types-preset": "3.0.1",
+        "@graphql-codegen/typed-document-node": "5.1.2",
+        "@graphql-codegen/typescript": "4.1.6",
+        "@graphql-codegen/typescript-operations": "4.6.1",
+        "@graphql-codegen/typescript-resolvers": "4.5.1",
+        "@graphql-typed-document-node/core": "3.2.0",
+        "@ianvs/prettier-plugin-sort-imports": "4.4.2",
+        "@nestjs/testing": "11.1.3",
+        "@originjs/vite-plugin-commonjs": "1.0.3",
+        "@rollup/plugin-node-resolve": "16.0.1",
+        "@swc/core": "1.12.11",
+        "@types/async-exit-hook": "2.0.2",
+        "@types/bytes": "3.1.5",
+        "@types/cli-table": "0.3.4",
+        "@types/command-exists": "1.2.3",
+        "@types/cors": "2.8.19",
+        "@types/dockerode": "3.3.42",
+        "@types/graphql-fields": "1.3.9",
+        "@types/graphql-type-uuid": "0.2.6",
+        "@types/ini": "4.1.1",
+        "@types/ip": "1.1.3",
+        "@types/lodash": "4.17.20",
+        "@types/lodash-es": "4.17.12",
+        "@types/mustache": "4.2.6",
+        "@types/node": "22.16.2",
+        "@types/pify": "6.1.0",
+        "@types/semver": "7.7.0",
+        "@types/sendmail": "1.4.7",
+        "@types/stoppable": "1.1.3",
+        "@types/strftime": "0.9.8",
+        "@types/uuid": "10.0.0",
+        "@types/ws": "8.18.1",
+        "@types/wtfnode": "0.7.3",
+        "@vitest/coverage-v8": "3.2.4",
+        "@vitest/ui": "3.2.4",
         "cz-conventional-changelog": "3.3.0",
-        "eslint": "^9.20.1",
-        "eslint-plugin-import": "^2.31.0",
-        "eslint-plugin-n": "^17.0.0",
-        "eslint-plugin-no-relative-import-paths": "^1.6.1",
-        "eslint-plugin-prettier": "^5.2.3",
-        "graphql-codegen-typescript-validation-schema": "^0.17.0",
-        "jiti": "^2.4.0",
-        "nodemon": "^3.1.7",
-        "prettier": "^3.5.2",
-        "rollup-plugin-node-externals": "^8.0.0",
-        "standard-version": "^9.5.0",
-        "tsx": "^4.19.2",
-        "type-fest": "^4.37.0",
-        "typescript": "^5.6.3",
-        "typescript-eslint": "^8.13.0",
-        "unplugin-swc": "^1.5.1",
-        "vite": "^6.0.0",
-        "vite-plugin-node": "^4.0.0",
-        "vite-tsconfig-paths": "^5.1.0",
-        "vitest": "^3.0.5",
-        "zx": "^8.3.2"
+        "eslint": "9.30.1",
+        "eslint-plugin-import": "2.32.0",
+        "eslint-plugin-n": "17.21.0",
+        "eslint-plugin-no-relative-import-paths": "1.6.1",
+        "eslint-plugin-prettier": "5.5.1",
+        "graphql-codegen-typescript-validation-schema": "0.17.1",
+        "jiti": "2.4.2",
+        "nodemon": "3.1.10",
+        "prettier": "3.6.2",
+        "rollup-plugin-node-externals": "8.0.1",
+        "commit-and-tag-version": "9.6.0",
+        "tsx": "4.20.3",
+        "type-fest": "4.41.0",
+        "typescript": "5.8.3",
+        "typescript-eslint": "8.36.0",
+        "unplugin-swc": "1.5.5",
+        "vite": "7.0.3",
+        "vite-plugin-node": "7.0.0",
+        "vite-tsconfig-paths": "5.1.4",
+        "vitest": "3.2.4",
+        "zx": "8.6.2"
     },
     "overrides": {
         "eslint": {
-            "jiti": "2"
+            "jiti": "2.4.2"
+        },
+        "@as-integrations/fastify": {
+            "fastify": "$fastify"
+        },
+        "nest-authz": {
+            "@nestjs/common": "$@nestjs/common",
+            "@nestjs/core": "$@nestjs/core"
         }
     },
     "private": true,
-    "packageManager": "pnpm@10.7.1"
+    "packageManager": "pnpm@10.13.1"
 }

api/scripts/build.ts

@@ -1,11 +1,59 @@
 #!/usr/bin/env zx
-import { mkdir, readFile, rm, writeFile } from 'fs/promises';
+import { mkdir, readFile, writeFile } from 'fs/promises';
+import { existsSync } from 'node:fs';
+import { basename, join, resolve } from 'node:path';
 import { exit } from 'process';
 
+import type { PackageJson } from 'type-fest';
 import { $, cd } from 'zx';
 
 import { getDeploymentVersion } from './get-deployment-version.js';
 
+type ApiPackageJson = PackageJson & {
+    version: string;
+    peerDependencies: Record<string, string>;
+    dependencies?: Record<string, string>;
+};
+
+/**
+ * Map of workspace packages to vendor into production builds.
+ * Key: package name, Value: path from monorepo root to the package directory
+ */
+const WORKSPACE_PACKAGES_TO_VENDOR = {
+    '@unraid/shared': 'packages/unraid-shared',
+    'unraid-api-plugin-connect': 'packages/unraid-api-plugin-connect',
+} as const;
+
+/**
+ * Packs a workspace package and installs it as a tarball dependency.
+ */
+const packAndInstallWorkspacePackage = async (pkgName: string, pkgPath: string, tempDir: string) => {
+    const [fullPkgPath, fullTempDir] = [resolve(pkgPath), resolve(tempDir)];
+    if (!existsSync(fullPkgPath)) {
+        console.warn(`Workspace package ${pkgName} not found at ${fullPkgPath}. Skipping.`);
+        return;
+    }
+    console.log(`Building and packing workspace package ${pkgName}...`);
+    // Pack the package to a tarball
+    const packedResult = await $`pnpm --filter ${pkgName} pack --pack-destination ${fullTempDir}`;
+    const tarballPath = packedResult.lines().at(-1)!;
+    const tarballName = basename(tarballPath);
+
+    // Install the tarball
+    const tarballPattern = join(fullTempDir, tarballName);
+    await $`npm install ${tarballPattern}`;
+};
+
+/**------------------------------------------------------------------------
+ *                             Build Script
+ *
+ * Builds & vendors the API for deployment to an Unraid server.
+ *
+ * Places artifacts in the `deploy/` folder:
+ * - release/ contains source code & assets
+ * - node-modules-archive/ contains tarball of node_modules
+ *------------------------------------------------------------------------**/
+
 try {
     // Create release and pack directories
     await mkdir('./deploy/release', { recursive: true });
@@ -19,13 +67,26 @@ try {
 
     // Get package details
     const packageJson = await readFile('./package.json', 'utf-8');
-    const parsedPackageJson = JSON.parse(packageJson);
-
+    const parsedPackageJson = JSON.parse(packageJson) as ApiPackageJson;
     const deploymentVersion = await getDeploymentVersion(process.env, parsedPackageJson.version);
 
     // Update the package.json version to the deployment version
     parsedPackageJson.version = deploymentVersion;
-    // omit dev dependencies from release build
+
+    /**---------------------------------------------
+     * Handle workspace runtime dependencies
+     *--------------------------------------------*/
+    const workspaceDeps = Object.keys(WORKSPACE_PACKAGES_TO_VENDOR);
+    if (workspaceDeps.length > 0) {
+        console.log(`Stripping workspace deps from package.json: ${workspaceDeps.join(', ')}`);
+        workspaceDeps.forEach((dep) => {
+            if (parsedPackageJson.dependencies?.[dep]) {
+                delete parsedPackageJson.dependencies[dep];
+            }
+        });
+    }
+
+    // omit dev dependencies from vendored dependencies in release build
     parsedPackageJson.devDependencies = {};
 
     // Create a temporary directory for packaging
@@ -38,18 +99,32 @@ try {
     // Change to the pack directory and install dependencies
     cd('./deploy/pack');
 
-    console.log('Building production pnpm store...');
+    console.log('Building production node_modules...');
     $.verbose = true;
-    await $`pnpm install --prod --ignore-workspace --store-dir=../.pnpm-store`;
+    await $`npm install --omit=dev`;
 
-    await $`rm -rf node_modules`; // Don't include node_modules in final package
-    
-    const sudoCheck = await $`command -v sudo`.nothrow();
-    const SUDO = sudoCheck.exitCode === 0 ? 'sudo' : '';
-    await $`${SUDO} chown -R 0:0 ../.pnpm-store`;
+    await writeFile('package.json', JSON.stringify(parsedPackageJson, null, 4));
 
-    await $`XZ_OPT=-5 tar -cJf ../packed-pnpm-store.txz ../.pnpm-store`;
-    await $`${SUDO} rm -rf ../.pnpm-store`;
+    /** After npm install, vendor workspace packages via pack/install */
+    if (workspaceDeps.length > 0) {
+        console.log('Vendoring workspace packages...');
+        const tempDir = './packages';
+        await mkdir(tempDir, { recursive: true });
+
+        for (const dep of workspaceDeps) {
+            const pkgPath =
+                WORKSPACE_PACKAGES_TO_VENDOR[dep as keyof typeof WORKSPACE_PACKAGES_TO_VENDOR];
+            // The extra '../../../' prefix adjusts for the fact that we're in the pack directory.
+            // this way, pkgPath can be defined relative to the monorepo root.
+            await packAndInstallWorkspacePackage(dep, join('../../../', pkgPath), tempDir);
+        }
+    }
+
+    // Clean the release directory
+    await $`rm -rf ../release/*`;
+
+    // Copy other files to release directory
+    await $`cp -r ./* ../release/`;
 
     // chmod the cli
     await $`chmod +x ./dist/cli.js`;

api/scripts/deploy-dev.sh

@@ -29,7 +29,7 @@ fi
 destination_directory="/usr/local/unraid-api"
 
 # Replace the value inside the rsync command with the user's input
-rsync_command="rsync -avz --progress --stats -e ssh \"$source_directory\" \"root@${server_name}:$destination_directory\""
+rsync_command="rsync -avz --delete --progress --stats -e ssh \"$source_directory\" \"root@${server_name}:$destination_directory\""
 
 echo "Executing the following command:"
 echo "$rsync_command"

api/src/__test__/common/allowed-origins.test.ts

@@ -9,36 +9,37 @@ import { expect, test } from 'vitest';
 
 test('Returns allowed origins', async () => {
     // Load state files into store
-    await store.dispatch(loadStateFiles());
-    await store.dispatch(loadConfigFile());
+    await store.dispatch(loadStateFiles()).unwrap();
+    await store.dispatch(loadConfigFile()).unwrap();
 
     // Get allowed origins
-    expect(getAllowedOrigins()).toMatchInlineSnapshot(`
-      [
-        "/var/run/unraid-notifications.sock",
-        "/var/run/unraid-php.sock",
-        "/var/run/unraid-cli.sock",
-        "http://localhost:8080",
-        "https://localhost:4443",
-        "https://tower.local:4443",
-        "https://192.168.1.150:4443",
-        "https://tower:4443",
-        "https://192-168-1-150.thisisfourtyrandomcharacters012345678900.myunraid.net:4443",
-        "https://85-121-123-122.thisisfourtyrandomcharacters012345678900.myunraid.net:8443",
-        "https://10-252-0-1.hash.myunraid.net:4443",
-        "https://10-252-1-1.hash.myunraid.net:4443",
-        "https://10-253-3-1.hash.myunraid.net:4443",
-        "https://10-253-4-1.hash.myunraid.net:4443",
-        "https://10-253-5-1.hash.myunraid.net:4443",
-        "https://10-100-0-1.hash.myunraid.net:4443",
-        "https://10-100-0-2.hash.myunraid.net:4443",
-        "https://10-123-1-2.hash.myunraid.net:4443",
-        "https://221-123-121-112.hash.myunraid.net:4443",
-        "https://google.com",
-        "https://test.com",
-        "https://connect.myunraid.net",
-        "https://connect-staging.myunraid.net",
-        "https://dev-my.myunraid.net:4000",
-      ]
-    `);
+    const allowedOrigins = getAllowedOrigins();
+
+    // Test that the result is an array
+    expect(Array.isArray(allowedOrigins)).toBe(true);
+
+    // Test that it contains the expected socket paths
+    expect(allowedOrigins).toContain('/var/run/unraid-notifications.sock');
+    expect(allowedOrigins).toContain('/var/run/unraid-php.sock');
+    expect(allowedOrigins).toContain('/var/run/unraid-cli.sock');
+
+    // Test that it contains the expected local URLs
+    expect(allowedOrigins).toContain('http://localhost:8080');
+    expect(allowedOrigins).toContain('https://localhost:4443');
+
+    // Test that it contains the expected connect URLs
+    expect(allowedOrigins).toContain('https://connect.myunraid.net');
+    expect(allowedOrigins).toContain('https://connect-staging.myunraid.net');
+    expect(allowedOrigins).toContain('https://dev-my.myunraid.net:4000');
+
+    // Test that it contains the extra origins from config
+    expect(allowedOrigins).toContain('https://google.com');
+    expect(allowedOrigins).toContain('https://test.com');
+
+    // Test that it contains some of the remote URLs
+    expect(allowedOrigins).toContain('https://tower.local:4443');
+    expect(allowedOrigins).toContain('https://192.168.1.150:4443');
+
+    // Test that there are no duplicates
+    expect(allowedOrigins.length).toBe(new Set(allowedOrigins).size);
 });

api/src/__test__/config/api-config.test.ts

@@ -0,0 +1,137 @@
+import { ConfigService } from '@nestjs/config';
+
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+
+import { ApiConfigPersistence } from '@app/unraid-api/config/api-config.module.js';
+import { ConfigPersistenceHelper } from '@app/unraid-api/config/persistence.helper.js';
+
+describe('ApiConfigPersistence', () => {
+    let service: ApiConfigPersistence;
+    let configService: ConfigService;
+    let persistenceHelper: ConfigPersistenceHelper;
+
+    beforeEach(() => {
+        configService = {
+            get: vi.fn(),
+            set: vi.fn(),
+        } as any;
+
+        persistenceHelper = {} as ConfigPersistenceHelper;
+        service = new ApiConfigPersistence(configService, persistenceHelper);
+    });
+
+    describe('convertLegacyConfig', () => {
+        it('should migrate sandbox from string "yes" to boolean true', () => {
+            const legacyConfig = {
+                local: { sandbox: 'yes' },
+                api: { extraOrigins: '' },
+                remote: { ssoSubIds: '' },
+            };
+
+            const result = service.convertLegacyConfig(legacyConfig);
+
+            expect(result.sandbox).toBe(true);
+        });
+
+        it('should migrate sandbox from string "no" to boolean false', () => {
+            const legacyConfig = {
+                local: { sandbox: 'no' },
+                api: { extraOrigins: '' },
+                remote: { ssoSubIds: '' },
+            };
+
+            const result = service.convertLegacyConfig(legacyConfig);
+
+            expect(result.sandbox).toBe(false);
+        });
+
+        it('should migrate extraOrigins from comma-separated string to array', () => {
+            const legacyConfig = {
+                local: { sandbox: 'no' },
+                api: { extraOrigins: 'https://example.com,https://test.com' },
+                remote: { ssoSubIds: '' },
+            };
+
+            const result = service.convertLegacyConfig(legacyConfig);
+
+            expect(result.extraOrigins).toEqual(['https://example.com', 'https://test.com']);
+        });
+
+        it('should filter out non-HTTP origins from extraOrigins', () => {
+            const legacyConfig = {
+                local: { sandbox: 'no' },
+                api: {
+                    extraOrigins: 'https://example.com,invalid-origin,http://test.com,ftp://bad.com',
+                },
+                remote: { ssoSubIds: '' },
+            };
+
+            const result = service.convertLegacyConfig(legacyConfig);
+
+            expect(result.extraOrigins).toEqual(['https://example.com', 'http://test.com']);
+        });
+
+        it('should handle empty extraOrigins string', () => {
+            const legacyConfig = {
+                local: { sandbox: 'no' },
+                api: { extraOrigins: '' },
+                remote: { ssoSubIds: '' },
+            };
+
+            const result = service.convertLegacyConfig(legacyConfig);
+
+            expect(result.extraOrigins).toEqual([]);
+        });
+
+        it('should migrate ssoSubIds from comma-separated string to array', () => {
+            const legacyConfig = {
+                local: { sandbox: 'no' },
+                api: { extraOrigins: '' },
+                remote: { ssoSubIds: 'user1,user2,user3' },
+            };
+
+            const result = service.convertLegacyConfig(legacyConfig);
+
+            expect(result.ssoSubIds).toEqual(['user1', 'user2', 'user3']);
+        });
+
+        it('should handle empty ssoSubIds string', () => {
+            const legacyConfig = {
+                local: { sandbox: 'no' },
+                api: { extraOrigins: '' },
+                remote: { ssoSubIds: '' },
+            };
+
+            const result = service.convertLegacyConfig(legacyConfig);
+
+            expect(result.ssoSubIds).toEqual([]);
+        });
+
+        it('should handle undefined config sections', () => {
+            const legacyConfig = {};
+
+            const result = service.convertLegacyConfig(legacyConfig);
+
+            expect(result.sandbox).toBe(false);
+            expect(result.extraOrigins).toEqual([]);
+            expect(result.ssoSubIds).toEqual([]);
+        });
+
+        it('should handle complete migration with all fields', () => {
+            const legacyConfig = {
+                local: { sandbox: 'yes' },
+                api: { extraOrigins: 'https://app1.example.com,https://app2.example.com' },
+                remote: { ssoSubIds: 'sub1,sub2,sub3' },
+            };
+
+            const result = service.convertLegacyConfig(legacyConfig);
+
+            expect(result.sandbox).toBe(true);
+            expect(result.extraOrigins).toEqual([
+                'https://app1.example.com',
+                'https://app2.example.com',
+            ]);
+            expect(result.ssoSubIds).toEqual(['sub1', 'sub2', 'sub3']);
+        });
+    });
+});

api/src/__test__/core/modules/array/add-disk-to-array.test.ts

@@ -1,5 +0,0 @@
-import { test } from 'vitest';
-
-test.todo('Adds a disk to the array');
-
-test.todo('Fails to add the disk if the array is started');

api/src/__test__/core/modules/array/get-array-data.test.ts

@@ -1,209 +0,0 @@
-import { expect, test, vi } from 'vitest';
-
-import { getArrayData } from '@app/core/modules/array/get-array-data.js';
-import { store } from '@app/store/index.js';
-import { loadConfigFile } from '@app/store/modules/config.js';
-import { loadStateFiles } from '@app/store/modules/emhttp.js';
-
-vi.mock('@app/core/pubsub.js', () => ({
-    pubsub: { publish: vi.fn() },
-}));
-
-test('Creates an array event', async () => {
-    // Load state files into store
-    await store.dispatch(loadStateFiles());
-
-    await store.dispatch(loadConfigFile());
-
-    const arrayEvent = getArrayData(store.getState);
-    expect(arrayEvent).toMatchObject({
-        boot: {
-            comment: 'Unraid OS boot device',
-            critical: null,
-            device: 'sda',
-            exportable: true,
-            format: 'unknown',
-            fsFree: 3191407,
-            fsSize: 4042732,
-            fsType: 'vfat',
-            fsUsed: 851325,
-            id: 'Cruzer',
-            idx: 32,
-            name: 'flash',
-            numErrors: 0,
-            numReads: 0,
-            numWrites: 0,
-            rotational: true,
-            size: 3956700,
-            status: 'DISK_OK',
-            temp: null,
-            transport: 'usb',
-            type: 'Flash',
-            warning: null,
-        },
-        caches: [
-            {
-                comment: '',
-                critical: null,
-                device: 'sdi',
-                exportable: false,
-                format: 'MBR: 4KiB-aligned',
-                fsFree: 111810683,
-                fsSize: 250059317,
-                fsType: 'btrfs',
-                fsUsed: 137273827,
-                id: 'Samsung_SSD_850_EVO_250GB_S2R5NX0H643734Z',
-                idx: 30,
-                name: 'cache',
-                numErrors: 0,
-                numReads: 0,
-                numWrites: 0,
-                rotational: false,
-                size: 244198552,
-                status: 'DISK_OK',
-                temp: 22,
-                transport: 'ata',
-                type: 'Cache',
-                warning: null,
-            },
-            {
-                comment: null,
-                critical: null,
-                device: 'nvme0n1',
-                exportable: false,
-                format: 'MBR: 4KiB-aligned',
-                fsFree: null,
-                fsSize: null,
-                fsType: null,
-                fsUsed: null,
-                id: 'KINGSTON_SA2000M8250G_50026B7282669D9E',
-                idx: 31,
-                name: 'cache2',
-                numErrors: 0,
-                numReads: 0,
-                numWrites: 0,
-                rotational: false,
-                size: 244198552,
-                status: 'DISK_OK',
-                temp: 27,
-                transport: 'nvme',
-                type: 'Cache',
-                warning: null,
-            },
-        ],
-        capacity: {
-            disks: {
-                free: '27',
-                total: '30',
-                used: '3',
-            },
-            kilobytes: {
-                free: '19495825571',
-                total: '41994745901',
-                used: '22498920330',
-            },
-        },
-        disks: [
-            {
-                comment: 'Seagate Exos',
-                critical: 75,
-                device: 'sdf',
-                exportable: false,
-                format: 'GPT: 4KiB-aligned',
-                fsFree: 13882739732,
-                fsSize: 17998742753,
-                fsType: 'xfs',
-                fsUsed: 4116003021,
-                id: 'ST18000NM000J-2TV103_ZR5B1W9X',
-                idx: 1,
-                name: 'disk1',
-                numErrors: 0,
-                numReads: 0,
-                numWrites: 0,
-                rotational: true,
-                size: 17578328012,
-                status: 'DISK_OK',
-                temp: 30,
-                transport: 'ata',
-                type: 'Data',
-                warning: 50,
-            },
-            {
-                comment: '',
-                critical: null,
-                device: 'sdj',
-                exportable: false,
-                format: 'GPT: 4KiB-aligned',
-                fsFree: 93140746,
-                fsSize: 11998001574,
-                fsType: 'xfs',
-                fsUsed: 11904860828,
-                id: 'WDC_WD120EDAZ-11F3RA0_5PJRD45C',
-                idx: 2,
-                name: 'disk2',
-                numErrors: 0,
-                numReads: 0,
-                numWrites: 0,
-                rotational: true,
-                size: 11718885324,
-                status: 'DISK_OK',
-                temp: 30,
-                transport: 'ata',
-                type: 'Data',
-                warning: null,
-            },
-            {
-                comment: '',
-                critical: null,
-                device: 'sde',
-                exportable: false,
-                format: 'GPT: 4KiB-aligned',
-                fsFree: 5519945093,
-                fsSize: 11998001574,
-                fsType: 'xfs',
-                fsUsed: 6478056481,
-                id: 'WDC_WD120EMAZ-11BLFA0_5PH8BTYD',
-                idx: 3,
-                name: 'disk3',
-                numErrors: 0,
-                numReads: 0,
-                numWrites: 0,
-                rotational: true,
-                size: 11718885324,
-                status: 'DISK_OK',
-                temp: 30,
-                transport: 'ata',
-                type: 'Data',
-                warning: null,
-            },
-        ],
-        id: expect.any(String),
-        parities: [
-            {
-                comment: null,
-                critical: null,
-                device: 'sdh',
-                exportable: false,
-                format: 'GPT: 4KiB-aligned',
-                fsFree: null,
-                fsSize: null,
-                fsType: null,
-                fsUsed: null,
-                id: 'ST18000NM000J-2TV103_ZR585CPY',
-                idx: 0,
-                name: 'parity',
-                numErrors: 0,
-                numReads: 0,
-                numWrites: 0,
-                rotational: true,
-                size: 17578328012,
-                status: 'DISK_OK',
-                temp: 25,
-                transport: 'ata',
-                type: 'Parity',
-                warning: null,
-            },
-        ],
-        state: 'STOPPED',
-    });
-});

api/src/__test__/core/modules/array/remove-disk-from-array.test.ts

@@ -1,5 +0,0 @@
-import { test } from 'vitest';
-
-test.todo('Removes a disk from the array');
-
-test.todo('Fails to remove the disk if the array is started');

api/src/__test__/core/modules/array/update-array.test.ts

@@ -1,5 +0,0 @@
-import { test } from 'vitest';
-
-test.todo('Starts the array');
-
-test.todo('Stops the array');

api/src/__test__/core/modules/array/update-parity-check.test.ts

@@ -1,7 +0,0 @@
-import { test } from 'vitest';
-
-test.todo('Can start a parity check');
-
-test.todo('Can pause a parity check');
-
-test.todo('Can start a parity check');

api/src/__test__/core/utils/files/config-file-normalizer.test.ts

@@ -80,7 +80,6 @@ test('it creates a FLASH config with OPTIONAL values', () => {
     // 2fa & t2fa should be ignored
     basicConfig.remote['2Fa'] = 'yes';
     basicConfig.local['2Fa'] = 'yes';
-    basicConfig.local.showT2Fa = 'yes';
 
     basicConfig.api.extraOrigins = 'myextra.origins';
     basicConfig.remote.upnpEnabled = 'yes';
@@ -120,7 +119,6 @@ test('it creates a MEMORY config with OPTIONAL values', () => {
     // 2fa & t2fa should be ignored
     basicConfig.remote['2Fa'] = 'yes';
     basicConfig.local['2Fa'] = 'yes';
-    basicConfig.local.showT2Fa = 'yes';
     basicConfig.api.extraOrigins = 'myextra.origins';
     basicConfig.remote.upnpEnabled = 'yes';
     basicConfig.connectionStatus.upnpStatus = 'Turned On';

api/src/__test__/core/utils/misc/get-key-file.test.ts

@@ -44,7 +44,7 @@ test('Returns empty key if key location is empty', async () => {
 
     // Check if store has state files loaded
     const { status } = store.getState().registration;
-    expect(status).toBe(FileLoadStatus.LOADED);
+    expect(status).toBe(FileLoadStatus.UNLOADED);
     await expect(getKeyFile()).resolves.toBe('');
 });
 
@@ -53,10 +53,10 @@ test(
     async () => {
         const { getKeyFile } = await import('@app/core/utils/misc/get-key-file.js');
         const { loadStateFiles } = await import('@app/store/modules/emhttp.js');
-
+        const { loadRegistrationKey } = await import('@app/store/modules/registration.js');
         // Load state files into store
         await store.dispatch(loadStateFiles());
-
+        await store.dispatch(loadRegistrationKey());
         // Check if store has state files loaded
         const { status } = store.getState().registration;
         expect(status).toBe(FileLoadStatus.LOADED);

api/src/__test__/core/utils/shares/get-shares.test.ts

@@ -8,229 +8,240 @@ test('Returns both disk and user shares', async () => {
     await store.dispatch(loadStateFiles());
 
     expect(getShares()).toMatchInlineSnapshot(`
-		{
-		  "disks": [],
-		  "users": [
-		    {
-		      "allocator": "highwater",
-		      "cachePool": "cache",
-		      "color": "yellow-on",
-		      "comment": "",
-		      "cow": "auto",
-		      "exclude": [],
-		      "floor": "0",
-		      "free": 9309372,
-		      "include": [],
-		      "luksStatus": "0",
-		      "name": "appdata",
-		      "nameOrig": "appdata",
-		      "nfs": {},
-		      "size": 0,
-		      "smb": {},
-		      "splitLevel": "",
-		      "type": "user",
-		      "used": 33619300,
-		    },
-		    {
-		      "allocator": "highwater",
-		      "cachePool": "cache",
-		      "color": "yellow-on",
-		      "comment": "saved VM instances",
-		      "cow": "auto",
-		      "exclude": [],
-		      "floor": "0",
-		      "free": 9309372,
-		      "include": [],
-		      "luksStatus": "0",
-		      "name": "domains",
-		      "nameOrig": "domains",
-		      "nfs": {},
-		      "size": 0,
-		      "smb": {},
-		      "splitLevel": "1",
-		      "type": "user",
-		      "used": 33619300,
-		    },
-		    {
-		      "allocator": "highwater",
-		      "cachePool": "cache",
-		      "color": "yellow-on",
-		      "comment": "ISO images",
-		      "cow": "auto",
-		      "exclude": [],
-		      "floor": "0",
-		      "free": 9309372,
-		      "include": [],
-		      "luksStatus": "0",
-		      "name": "isos",
-		      "nameOrig": "isos",
-		      "nfs": {},
-		      "size": 0,
-		      "smb": {},
-		      "splitLevel": "",
-		      "type": "user",
-		      "used": 33619300,
-		    },
-		    {
-		      "allocator": "highwater",
-		      "cachePool": "cache",
-		      "color": "yellow-on",
-		      "comment": "system data",
-		      "cow": "auto",
-		      "exclude": [],
-		      "floor": "0",
-		      "free": 9309372,
-		      "include": [],
-		      "luksStatus": "0",
-		      "name": "system",
-		      "nameOrig": "system",
-		      "nfs": {},
-		      "size": 0,
-		      "smb": {},
-		      "splitLevel": "1",
-		      "type": "user",
-		      "used": 33619300,
-		    },
-		  ],
-		}
-	`);
+      {
+        "disks": [],
+        "users": [
+          {
+            "allocator": "highwater",
+            "cachePool": "cache",
+            "color": "yellow-on",
+            "comment": "",
+            "cow": "auto",
+            "exclude": [],
+            "floor": "0",
+            "free": 9309372,
+            "id": "appdata",
+            "include": [],
+            "luksStatus": "0",
+            "name": "appdata",
+            "nameOrig": "appdata",
+            "nfs": {},
+            "size": 0,
+            "smb": {},
+            "splitLevel": "",
+            "type": "user",
+            "used": 33619300,
+          },
+          {
+            "allocator": "highwater",
+            "cachePool": "cache",
+            "color": "yellow-on",
+            "comment": "saved VM instances",
+            "cow": "auto",
+            "exclude": [],
+            "floor": "0",
+            "free": 9309372,
+            "id": "domains",
+            "include": [],
+            "luksStatus": "0",
+            "name": "domains",
+            "nameOrig": "domains",
+            "nfs": {},
+            "size": 0,
+            "smb": {},
+            "splitLevel": "1",
+            "type": "user",
+            "used": 33619300,
+          },
+          {
+            "allocator": "highwater",
+            "cachePool": "cache",
+            "color": "yellow-on",
+            "comment": "ISO images",
+            "cow": "auto",
+            "exclude": [],
+            "floor": "0",
+            "free": 9309372,
+            "id": "isos",
+            "include": [],
+            "luksStatus": "0",
+            "name": "isos",
+            "nameOrig": "isos",
+            "nfs": {},
+            "size": 0,
+            "smb": {},
+            "splitLevel": "",
+            "type": "user",
+            "used": 33619300,
+          },
+          {
+            "allocator": "highwater",
+            "cachePool": "cache",
+            "color": "yellow-on",
+            "comment": "system data",
+            "cow": "auto",
+            "exclude": [],
+            "floor": "0",
+            "free": 9309372,
+            "id": "system",
+            "include": [],
+            "luksStatus": "0",
+            "name": "system",
+            "nameOrig": "system",
+            "nfs": {},
+            "size": 0,
+            "smb": {},
+            "splitLevel": "1",
+            "type": "user",
+            "used": 33619300,
+          },
+        ],
+      }
+    `);
 });
 
 test('Returns shares by type', async () => {
     await store.dispatch(loadStateFiles());
     expect(getShares('user')).toMatchInlineSnapshot(`
-		{
-		  "allocator": "highwater",
-		  "cachePool": "cache",
-		  "color": "yellow-on",
-		  "comment": "",
-		  "cow": "auto",
-		  "exclude": [],
-		  "floor": "0",
-		  "free": 9309372,
-		  "include": [],
-		  "luksStatus": "0",
-		  "name": "appdata",
-		  "nameOrig": "appdata",
-		  "nfs": {},
-		  "size": 0,
-		  "smb": {},
-		  "splitLevel": "",
-		  "type": "user",
-		  "used": 33619300,
-		}
-	`);
+      {
+        "allocator": "highwater",
+        "cachePool": "cache",
+        "color": "yellow-on",
+        "comment": "",
+        "cow": "auto",
+        "exclude": [],
+        "floor": "0",
+        "free": 9309372,
+        "id": "appdata",
+        "include": [],
+        "luksStatus": "0",
+        "name": "appdata",
+        "nameOrig": "appdata",
+        "nfs": {},
+        "size": 0,
+        "smb": {},
+        "splitLevel": "",
+        "type": "user",
+        "used": 33619300,
+      }
+    `);
     expect(getShares('users')).toMatchInlineSnapshot(`
-		[
-		  {
-		    "allocator": "highwater",
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "appdata",
-		    "nameOrig": "appdata",
-		    "nfs": {},
-		    "size": 0,
-		    "smb": {},
-		    "splitLevel": "",
-		    "type": "user",
-		    "used": 33619300,
-		  },
-		  {
-		    "allocator": "highwater",
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "saved VM instances",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "domains",
-		    "nameOrig": "domains",
-		    "nfs": {},
-		    "size": 0,
-		    "smb": {},
-		    "splitLevel": "1",
-		    "type": "user",
-		    "used": 33619300,
-		  },
-		  {
-		    "allocator": "highwater",
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "ISO images",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "isos",
-		    "nameOrig": "isos",
-		    "nfs": {},
-		    "size": 0,
-		    "smb": {},
-		    "splitLevel": "",
-		    "type": "user",
-		    "used": 33619300,
-		  },
-		  {
-		    "allocator": "highwater",
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "system data",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "system",
-		    "nameOrig": "system",
-		    "nfs": {},
-		    "size": 0,
-		    "smb": {},
-		    "splitLevel": "1",
-		    "type": "user",
-		    "used": 33619300,
-		  },
-		]
-	`);
+      [
+        {
+          "allocator": "highwater",
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "appdata",
+          "include": [],
+          "luksStatus": "0",
+          "name": "appdata",
+          "nameOrig": "appdata",
+          "nfs": {},
+          "size": 0,
+          "smb": {},
+          "splitLevel": "",
+          "type": "user",
+          "used": 33619300,
+        },
+        {
+          "allocator": "highwater",
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "saved VM instances",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "domains",
+          "include": [],
+          "luksStatus": "0",
+          "name": "domains",
+          "nameOrig": "domains",
+          "nfs": {},
+          "size": 0,
+          "smb": {},
+          "splitLevel": "1",
+          "type": "user",
+          "used": 33619300,
+        },
+        {
+          "allocator": "highwater",
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "ISO images",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "isos",
+          "include": [],
+          "luksStatus": "0",
+          "name": "isos",
+          "nameOrig": "isos",
+          "nfs": {},
+          "size": 0,
+          "smb": {},
+          "splitLevel": "",
+          "type": "user",
+          "used": 33619300,
+        },
+        {
+          "allocator": "highwater",
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "system data",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "system",
+          "include": [],
+          "luksStatus": "0",
+          "name": "system",
+          "nameOrig": "system",
+          "nfs": {},
+          "size": 0,
+          "smb": {},
+          "splitLevel": "1",
+          "type": "user",
+          "used": 33619300,
+        },
+      ]
+    `);
     expect(getShares('disk')).toMatchInlineSnapshot('null');
     expect(getShares('disks')).toMatchInlineSnapshot('[]');
 });
 
 test('Returns shares by name', async () => {
+    await store.dispatch(loadStateFiles());
     expect(getShares('user', { name: 'domains' })).toMatchInlineSnapshot(`
-		{
-		  "allocator": "highwater",
-		  "cachePool": "cache",
-		  "color": "yellow-on",
-		  "comment": "saved VM instances",
-		  "cow": "auto",
-		  "exclude": [],
-		  "floor": "0",
-		  "free": 9309372,
-		  "include": [],
-		  "luksStatus": "0",
-		  "name": "domains",
-		  "nameOrig": "domains",
-		  "nfs": {},
-		  "size": 0,
-		  "smb": {},
-		  "splitLevel": "1",
-		  "type": "user",
-		  "used": 33619300,
-		}
-	`);
+      {
+        "allocator": "highwater",
+        "cachePool": "cache",
+        "color": "yellow-on",
+        "comment": "saved VM instances",
+        "cow": "auto",
+        "exclude": [],
+        "floor": "0",
+        "free": 9309372,
+        "id": "domains",
+        "include": [],
+        "luksStatus": "0",
+        "name": "domains",
+        "nameOrig": "domains",
+        "nfs": {},
+        "size": 0,
+        "smb": {},
+        "splitLevel": "1",
+        "type": "user",
+        "used": 33619300,
+      }
+    `);
     expect(getShares('user', { name: 'non-existent-user-share' })).toMatchInlineSnapshot('null');
     // @TODO: disk shares need to be added to the dev ini files
     expect(getShares('disk', { name: 'disk1' })).toMatchInlineSnapshot('null');

api/src/__test__/graphql/resolvers/query/cloud/check-mothership-authentication.test.ts

@@ -1,29 +0,0 @@
-import 'reflect-metadata';
-
-import { readFileSync } from 'fs';
-import { join } from 'path';
-
-import { expect, test } from 'vitest';
-
-import { checkMothershipAuthentication } from '@app/graphql/resolvers/query/cloud/check-mothership-authentication.js';
-
-test('It fails to authenticate with mothership with no credentials', async () => {
-    try {
-        const packageJson = JSON.parse(readFileSync(join(process.cwd(), 'package.json'), 'utf-8'));
-        await expect(
-            checkMothershipAuthentication('BAD', 'BAD')
-        ).rejects.toThrowErrorMatchingInlineSnapshot(
-            `[Error: Failed to connect to https://mothership.unraid.net/ws with a "426" HTTP error.]`
-        );
-        expect(packageJson.version).not.toBeNull();
-        await expect(
-            checkMothershipAuthentication(packageJson.version, 'BAD_API_KEY')
-        ).rejects.toThrowErrorMatchingInlineSnapshot(`[Error: Invalid credentials]`);
-    } catch (error) {
-        if (error instanceof Error && error.message.includes('Timeout')) {
-            // Test succeeds on timeout
-            return;
-        }
-        throw error;
-    }
-});

api/src/__test__/graphql/resolvers/rclone-api.service.test.ts

@@ -0,0 +1,374 @@
+import { HTTPError } from 'got';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+
+import { RCloneApiService } from '@app/unraid-api/graph/resolvers/rclone/rclone-api.service.js';
+import {
+    CreateRCloneRemoteDto,
+    DeleteRCloneRemoteDto,
+    GetRCloneJobStatusDto,
+    GetRCloneRemoteConfigDto,
+    GetRCloneRemoteDetailsDto,
+    RCloneStartBackupInput,
+    UpdateRCloneRemoteDto,
+} from '@app/unraid-api/graph/resolvers/rclone/rclone.model.js';
+
+vi.mock('got');
+vi.mock('execa');
+vi.mock('p-retry');
+vi.mock('node:fs', () => ({
+    existsSync: vi.fn(),
+}));
+vi.mock('node:fs/promises', () => ({
+    mkdir: vi.fn(),
+    rm: vi.fn(),
+    writeFile: vi.fn(),
+}));
+vi.mock('@app/core/log.js', () => ({
+    sanitizeParams: vi.fn((params) => params),
+}));
+vi.mock('@app/store/index.js', () => ({
+    getters: {
+        paths: () => ({
+            'rclone-socket': '/tmp/rclone.sock',
+            'log-base': '/var/log',
+        }),
+    },
+}));
+
+// Mock NestJS Logger to suppress logs during tests
+vi.mock('@nestjs/common', async (importOriginal) => {
+    const original = await importOriginal<typeof import('@nestjs/common')>();
+    return {
+        ...original,
+        Logger: vi.fn(() => ({
+            log: vi.fn(),
+            warn: vi.fn(),
+            error: vi.fn(),
+            debug: vi.fn(),
+        })),
+    };
+});
+
+describe('RCloneApiService', () => {
+    let service: RCloneApiService;
+    let mockGot: any;
+    let mockExeca: any;
+    let mockPRetry: any;
+    let mockExistsSync: any;
+
+    beforeEach(async () => {
+        vi.clearAllMocks();
+
+        const { default: got } = await import('got');
+        const { execa } = await import('execa');
+        const pRetry = await import('p-retry');
+        const { existsSync } = await import('node:fs');
+
+        mockGot = vi.mocked(got);
+        mockExeca = vi.mocked(execa);
+        mockPRetry = vi.mocked(pRetry.default);
+        mockExistsSync = vi.mocked(existsSync);
+
+        mockGot.post = vi.fn().mockResolvedValue({ body: {} });
+        mockExeca.mockReturnValue({
+            on: vi.fn(),
+            kill: vi.fn(),
+            killed: false,
+            pid: 12345,
+        } as any);
+        mockPRetry.mockResolvedValue(undefined);
+        mockExistsSync.mockReturnValue(false);
+
+        service = new RCloneApiService();
+        await service.onModuleInit();
+    });
+
+    describe('getProviders', () => {
+        it('should return list of providers', async () => {
+            const mockProviders = [
+                { name: 'aws', prefix: 's3', description: 'Amazon S3' },
+                { name: 'google', prefix: 'drive', description: 'Google Drive' },
+            ];
+            mockGot.post.mockResolvedValue({
+                body: { providers: mockProviders },
+            });
+
+            const result = await service.getProviders();
+
+            expect(result).toEqual(mockProviders);
+            expect(mockGot.post).toHaveBeenCalledWith(
+                'http://unix:/tmp/rclone.sock:/config/providers',
+                expect.objectContaining({
+                    json: {},
+                    responseType: 'json',
+                    enableUnixSockets: true,
+                })
+            );
+        });
+
+        it('should return empty array when no providers', async () => {
+            mockGot.post.mockResolvedValue({ body: {} });
+
+            const result = await service.getProviders();
+
+            expect(result).toEqual([]);
+        });
+    });
+
+    describe('listRemotes', () => {
+        it('should return list of remotes', async () => {
+            const mockRemotes = ['backup-s3', 'drive-storage'];
+            mockGot.post.mockResolvedValue({
+                body: { remotes: mockRemotes },
+            });
+
+            const result = await service.listRemotes();
+
+            expect(result).toEqual(mockRemotes);
+            expect(mockGot.post).toHaveBeenCalledWith(
+                'http://unix:/tmp/rclone.sock:/config/listremotes',
+                expect.objectContaining({
+                    json: {},
+                })
+            );
+        });
+
+        it('should return empty array when no remotes', async () => {
+            mockGot.post.mockResolvedValue({ body: {} });
+
+            const result = await service.listRemotes();
+
+            expect(result).toEqual([]);
+        });
+    });
+
+    describe('getRemoteDetails', () => {
+        it('should return remote details', async () => {
+            const input: GetRCloneRemoteDetailsDto = { name: 'test-remote' };
+            const mockConfig = { type: 's3', provider: 'AWS' };
+            mockGot.post.mockResolvedValue({ body: mockConfig });
+
+            const result = await service.getRemoteDetails(input);
+
+            expect(result).toEqual(mockConfig);
+            expect(mockGot.post).toHaveBeenCalledWith(
+                'http://unix:/tmp/rclone.sock:/config/get',
+                expect.objectContaining({
+                    json: { name: 'test-remote' },
+                })
+            );
+        });
+    });
+
+    describe('getRemoteConfig', () => {
+        it('should return remote configuration', async () => {
+            const input: GetRCloneRemoteConfigDto = { name: 'test-remote' };
+            const mockConfig = { type: 's3', access_key_id: 'AKIA...' };
+            mockGot.post.mockResolvedValue({ body: mockConfig });
+
+            const result = await service.getRemoteConfig(input);
+
+            expect(result).toEqual(mockConfig);
+        });
+    });
+
+    describe('createRemote', () => {
+        it('should create a new remote', async () => {
+            const input: CreateRCloneRemoteDto = {
+                name: 'new-remote',
+                type: 's3',
+                parameters: { access_key_id: 'AKIA...', secret_access_key: 'secret' },
+            };
+            const mockResponse = { success: true };
+            mockGot.post.mockResolvedValue({ body: mockResponse });
+
+            const result = await service.createRemote(input);
+
+            expect(result).toEqual(mockResponse);
+            expect(mockGot.post).toHaveBeenCalledWith(
+                'http://unix:/tmp/rclone.sock:/config/create',
+                expect.objectContaining({
+                    json: {
+                        name: 'new-remote',
+                        type: 's3',
+                        parameters: { access_key_id: 'AKIA...', secret_access_key: 'secret' },
+                    },
+                })
+            );
+        });
+    });
+
+    describe('updateRemote', () => {
+        it('should update an existing remote', async () => {
+            const input: UpdateRCloneRemoteDto = {
+                name: 'existing-remote',
+                parameters: { access_key_id: 'NEW_AKIA...' },
+            };
+            const mockResponse = { success: true };
+            mockGot.post.mockResolvedValue({ body: mockResponse });
+
+            const result = await service.updateRemote(input);
+
+            expect(result).toEqual(mockResponse);
+            expect(mockGot.post).toHaveBeenCalledWith(
+                'http://unix:/tmp/rclone.sock:/config/update',
+                expect.objectContaining({
+                    json: {
+                        name: 'existing-remote',
+                        access_key_id: 'NEW_AKIA...',
+                    },
+                })
+            );
+        });
+    });
+
+    describe('deleteRemote', () => {
+        it('should delete a remote', async () => {
+            const input: DeleteRCloneRemoteDto = { name: 'remote-to-delete' };
+            const mockResponse = { success: true };
+            mockGot.post.mockResolvedValue({ body: mockResponse });
+
+            const result = await service.deleteRemote(input);
+
+            expect(result).toEqual(mockResponse);
+            expect(mockGot.post).toHaveBeenCalledWith(
+                'http://unix:/tmp/rclone.sock:/config/delete',
+                expect.objectContaining({
+                    json: { name: 'remote-to-delete' },
+                })
+            );
+        });
+    });
+
+    describe('startBackup', () => {
+        it('should start a backup operation', async () => {
+            const input: RCloneStartBackupInput = {
+                srcPath: '/source/path',
+                dstPath: 'remote:backup/path',
+                options: { delete_on: 'dst' },
+            };
+            const mockResponse = { jobid: 'job-123' };
+            mockGot.post.mockResolvedValue({ body: mockResponse });
+
+            const result = await service.startBackup(input);
+
+            expect(result).toEqual(mockResponse);
+            expect(mockGot.post).toHaveBeenCalledWith(
+                'http://unix:/tmp/rclone.sock:/sync/copy',
+                expect.objectContaining({
+                    json: {
+                        srcFs: '/source/path',
+                        dstFs: 'remote:backup/path',
+                        delete_on: 'dst',
+                    },
+                })
+            );
+        });
+    });
+
+    describe('getJobStatus', () => {
+        it('should return job status', async () => {
+            const input: GetRCloneJobStatusDto = { jobId: 'job-123' };
+            const mockStatus = { status: 'running', progress: 0.5 };
+            mockGot.post.mockResolvedValue({ body: mockStatus });
+
+            const result = await service.getJobStatus(input);
+
+            expect(result).toEqual(mockStatus);
+            expect(mockGot.post).toHaveBeenCalledWith(
+                'http://unix:/tmp/rclone.sock:/job/status',
+                expect.objectContaining({
+                    json: { jobid: 'job-123' },
+                })
+            );
+        });
+    });
+
+    describe('listRunningJobs', () => {
+        it('should return list of running jobs', async () => {
+            const mockJobs = [
+                { id: 'job-1', status: 'running' },
+                { id: 'job-2', status: 'finished' },
+            ];
+            mockGot.post.mockResolvedValue({ body: mockJobs });
+
+            const result = await service.listRunningJobs();
+
+            expect(result).toEqual(mockJobs);
+            expect(mockGot.post).toHaveBeenCalledWith(
+                'http://unix:/tmp/rclone.sock:/job/list',
+                expect.objectContaining({
+                    json: {},
+                })
+            );
+        });
+    });
+
+    describe('error handling', () => {
+        it('should handle HTTP errors with detailed messages', async () => {
+            const httpError = {
+                name: 'HTTPError',
+                message: 'Request failed',
+                response: {
+                    statusCode: 500,
+                    body: JSON.stringify({ error: 'Internal server error' }),
+                },
+            };
+            Object.setPrototypeOf(httpError, HTTPError.prototype);
+            mockGot.post.mockRejectedValue(httpError);
+
+            await expect(service.getProviders()).rejects.toThrow(
+                'Rclone API Error (config/providers, HTTP 500): Rclone Error: Internal server error'
+            );
+        });
+
+        it('should handle HTTP errors with empty response body', async () => {
+            const httpError = {
+                name: 'HTTPError',
+                message: 'Request failed',
+                response: {
+                    statusCode: 404,
+                    body: '',
+                },
+            };
+            Object.setPrototypeOf(httpError, HTTPError.prototype);
+            mockGot.post.mockRejectedValue(httpError);
+
+            await expect(service.getProviders()).rejects.toThrow(
+                'Rclone API Error (config/providers, HTTP 404): Failed to process error response body. Raw body:'
+            );
+        });
+
+        it('should handle HTTP errors with malformed JSON', async () => {
+            const httpError = {
+                name: 'HTTPError',
+                message: 'Request failed',
+                response: {
+                    statusCode: 400,
+                    body: 'invalid json',
+                },
+            };
+            Object.setPrototypeOf(httpError, HTTPError.prototype);
+            mockGot.post.mockRejectedValue(httpError);
+
+            await expect(service.getProviders()).rejects.toThrow(
+                'Rclone API Error (config/providers, HTTP 400): Failed to process error response body. Raw body: invalid json'
+            );
+        });
+
+        it('should handle non-HTTP errors', async () => {
+            const networkError = new Error('Network connection failed');
+            mockGot.post.mockRejectedValue(networkError);
+
+            await expect(service.getProviders()).rejects.toThrow('Network connection failed');
+        });
+
+        it('should handle unknown errors', async () => {
+            mockGot.post.mockRejectedValue('unknown error');
+
+            await expect(service.getProviders()).rejects.toThrow(
+                'Unknown error calling RClone API (config/providers) with params {}: unknown error'
+            );
+        });
+    });
+});

api/src/__test__/graphql/resolvers/subscription/network.test.ts

@@ -1,279 +0,0 @@
-import { expect, test } from 'vitest';
-
-import type { NginxUrlFields } from '@app/graphql/resolvers/subscription/network.js';
-import { type Nginx } from '@app/core/types/states/nginx.js';
-import {
-    getServerIps,
-    getUrlForField,
-    getUrlForServer,
-} from '@app/graphql/resolvers/subscription/network.js';
-import { store } from '@app/store/index.js';
-import { loadConfigFile } from '@app/store/modules/config.js';
-import { loadStateFiles } from '@app/store/modules/emhttp.js';
-
-test.each([
-    [{ httpPort: 80, httpsPort: 443, url: 'my-default-url.com' }],
-    [{ httpPort: 123, httpsPort: 443, url: 'my-default-url.com' }],
-    [{ httpPort: 80, httpsPort: 12_345, url: 'my-default-url.com' }],
-    [{ httpPort: 212, httpsPort: 3_233, url: 'my-default-url.com' }],
-    [{ httpPort: 80, httpsPort: 443, url: 'https://BROKEN_URL' }],
-])('getUrlForField', ({ httpPort, httpsPort, url }) => {
-    const responseInsecure = getUrlForField({
-        port: httpPort,
-        url,
-    });
-
-    const responseSecure = getUrlForField({
-        portSsl: httpsPort,
-        url,
-    });
-    if (httpPort === 80) {
-        expect(responseInsecure.port).toBe('');
-    } else {
-        expect(responseInsecure.port).toBe(httpPort.toString());
-    }
-
-    if (httpsPort === 443) {
-        expect(responseSecure.port).toBe('');
-    } else {
-        expect(responseSecure.port).toBe(httpsPort.toString());
-    }
-});
-
-test('getUrlForServer - field exists, ssl disabled', () => {
-    const result = getUrlForServer({
-        nginx: {
-            lanIp: '192.168.1.1',
-            sslEnabled: false,
-            httpPort: 123,
-            httpsPort: 445,
-        } as const as Nginx,
-        field: 'lanIp',
-    });
-    expect(result).toMatchInlineSnapshot('"http://192.168.1.1:123/"');
-});
-
-test('getUrlForServer - field exists, ssl yes', () => {
-    const result = getUrlForServer({
-        nginx: {
-            lanIp: '192.168.1.1',
-            sslEnabled: true,
-            sslMode: 'yes',
-            httpPort: 123,
-            httpsPort: 445,
-        } as const as Nginx,
-        field: 'lanIp',
-    });
-    expect(result).toMatchInlineSnapshot('"https://192.168.1.1:445/"');
-});
-
-test('getUrlForServer - field exists, ssl yes, port empty', () => {
-    const result = getUrlForServer({
-        nginx: {
-            lanIp: '192.168.1.1',
-            sslEnabled: true,
-            sslMode: 'yes',
-            httpPort: 80,
-            httpsPort: 443,
-        } as const as Nginx,
-        field: 'lanIp',
-    });
-    expect(result).toMatchInlineSnapshot('"https://192.168.1.1/"');
-});
-
-test('getUrlForServer - field exists, ssl auto', async () => {
-    const getResult = async () =>
-        getUrlForServer({
-            nginx: {
-                lanIp: '192.168.1.1',
-                sslEnabled: true,
-                sslMode: 'auto',
-                httpPort: 123,
-                httpsPort: 445,
-            } as const as Nginx,
-            field: 'lanIp',
-        });
-    await expect(getResult).rejects.toThrowErrorMatchingInlineSnapshot(
-        `[Error: Cannot get IP Based URL for field: "lanIp" SSL mode auto]`
-    );
-});
-
-test('getUrlForServer - field does not exist, ssl disabled', async () => {
-    const getResult = async () =>
-        getUrlForServer({
-            nginx: { lanIp: '192.168.1.1', sslEnabled: false, sslMode: 'no' } as const as Nginx,
-            ports: {
-                port: ':123',
-                portSsl: ':445',
-                defaultUrl: new URL('https://my-default-url.unraid.net'),
-            },
-            // @ts-expect-error Field doesn't exist
-            field: 'idontexist',
-        });
-    await expect(getResult).rejects.toThrowErrorMatchingInlineSnapshot(
-        `[Error: IP URL Resolver: Could not resolve any access URL for field: "idontexist", is FQDN?: false]`
-    );
-});
-
-test('getUrlForServer - FQDN - field exists, port non-empty', () => {
-    const result = getUrlForServer({
-        nginx: { lanFqdn: 'my-fqdn.unraid.net', httpsPort: 445 } as unknown as Nginx,
-        field: 'lanFqdn' as NginxUrlFields,
-    });
-    expect(result).toMatchInlineSnapshot('"https://my-fqdn.unraid.net:445/"');
-});
-
-test('getUrlForServer - FQDN - field exists, port empty', () => {
-    const result = getUrlForServer({
-        nginx: { lanFqdn: 'my-fqdn.unraid.net', httpPort: 80, httpsPort: 443 } as unknown as Nginx,
-        field: 'lanFqdn' as NginxUrlFields,
-    });
-    expect(result).toMatchInlineSnapshot('"https://my-fqdn.unraid.net/"');
-});
-
-test.each([
-    [
-        {
-            nginx: {
-                lanFqdn: 'my-fqdn.unraid.net',
-                sslEnabled: false,
-                sslMode: 'no',
-                httpPort: 80,
-                httpsPort: 443,
-            } as unknown as Nginx,
-            field: 'lanFqdn' as NginxUrlFields,
-        },
-    ],
-    [
-        {
-            nginx: {
-                wanFqdn: 'my-fqdn.unraid.net',
-                sslEnabled: true,
-                sslMode: 'yes',
-                httpPort: 80,
-                httpsPort: 443,
-            } as unknown as Nginx,
-            field: 'wanFqdn' as NginxUrlFields,
-        },
-    ],
-    [
-        {
-            nginx: {
-                wanFqdn6: 'my-fqdn.unraid.net',
-                sslEnabled: true,
-                sslMode: 'auto',
-                httpPort: 80,
-                httpsPort: 443,
-            } as unknown as Nginx,
-            field: 'wanFqdn6' as NginxUrlFields,
-        },
-    ],
-])('getUrlForServer - FQDN', ({ nginx, field }) => {
-    const result = getUrlForServer({ nginx, field });
-    expect(result.toString()).toBe('https://my-fqdn.unraid.net/');
-});
-
-test('getUrlForServer - field does not exist, ssl disabled', async () => {
-    const getResult = async () =>
-        getUrlForServer({
-            nginx: { lanFqdn: 'my-fqdn.unraid.net' } as unknown as Nginx,
-            ports: { portSsl: '', port: '', defaultUrl: new URL('https://my-default-url.unraid.net') },
-            // @ts-expect-error Field doesn't exist
-            field: 'idontexist',
-        });
-    await expect(getResult).rejects.toThrowErrorMatchingInlineSnapshot(
-        `[Error: IP URL Resolver: Could not resolve any access URL for field: "idontexist", is FQDN?: false]`
-    );
-});
-
-test('integration test, loading nginx ini and generating all URLs', async () => {
-    await store.dispatch(loadStateFiles());
-    await store.dispatch(loadConfigFile());
-
-    const urls = getServerIps();
-    expect(urls.urls).toMatchInlineSnapshot(`
-		[
-		  {
-		    "ipv4": "https://tower.local:4443/",
-		    "ipv6": "https://tower.local:4443/",
-		    "name": "Default",
-		    "type": "DEFAULT",
-		  },
-		  {
-		    "ipv4": "https://192.168.1.150:4443/",
-		    "name": "LAN IPv4",
-		    "type": "LAN",
-		  },
-		  {
-		    "ipv4": "https://tower:4443/",
-		    "name": "LAN Name",
-		    "type": "MDNS",
-		  },
-		  {
-		    "ipv4": "https://tower.local:4443/",
-		    "name": "LAN MDNS",
-		    "type": "MDNS",
-		  },
-		  {
-		    "ipv4": "https://192-168-1-150.thisisfourtyrandomcharacters012345678900.myunraid.net:4443/",
-		    "name": "FQDN LAN",
-		    "type": "LAN",
-		  },
-		  {
-		    "ipv4": "https://85-121-123-122.thisisfourtyrandomcharacters012345678900.myunraid.net:8443/",
-		    "name": "FQDN WAN",
-		    "type": "WAN",
-		  },
-		  {
-		    "ipv4": "https://10-252-0-1.hash.myunraid.net:4443/",
-		    "name": "FQDN WG 0",
-		    "type": "WIREGUARD",
-		  },
-		  {
-		    "ipv4": "https://10-252-1-1.hash.myunraid.net:4443/",
-		    "name": "FQDN WG 1",
-		    "type": "WIREGUARD",
-		  },
-		  {
-		    "ipv4": "https://10-253-3-1.hash.myunraid.net:4443/",
-		    "name": "FQDN WG 2",
-		    "type": "WIREGUARD",
-		  },
-		  {
-		    "ipv4": "https://10-253-4-1.hash.myunraid.net:4443/",
-		    "name": "FQDN WG 3",
-		    "type": "WIREGUARD",
-		  },
-		  {
-		    "ipv4": "https://10-253-5-1.hash.myunraid.net:4443/",
-		    "name": "FQDN WG 4",
-		    "type": "WIREGUARD",
-		  },
-		  {
-		    "ipv4": "https://10-100-0-1.hash.myunraid.net:4443/",
-		    "name": "FQDN TAILSCALE 0",
-		    "type": "WIREGUARD",
-		  },
-		  {
-		    "ipv4": "https://10-100-0-2.hash.myunraid.net:4443/",
-		    "name": "FQDN TAILSCALE 1",
-		    "type": "WIREGUARD",
-		  },
-		  {
-		    "ipv4": "https://10-123-1-2.hash.myunraid.net:4443/",
-		    "name": "FQDN CUSTOM 0",
-		    "type": "WIREGUARD",
-		  },
-		  {
-		    "ipv4": "https://221-123-121-112.hash.myunraid.net:4443/",
-		    "name": "FQDN CUSTOM 1",
-		    "type": "WIREGUARD",
-		  },
-		]
-	`);
-    expect(urls.errors).toMatchInlineSnapshot(`
-		[
-		  [Error: IP URL Resolver: Could not resolve any access URL for field: "lanIp6", is FQDN?: false],
-		]
-	`);
-});

api/src/__test__/setup.ts

@@ -0,0 +1,8 @@
+import '@app/__test__/setup/env-setup.js';
+// import './setup/mock-fs-setup';
+import '@app/__test__/setup/keyserver-mock.js';
+import '@app/__test__/setup/config-setup.js';
+import '@app/__test__/setup/store-reset.js';
+
+// This file is automatically loaded by Vitest before running tests
+// It imports all the setup files that need to be run before tests

api/src/__test__/setup/config-setup.ts

@@ -0,0 +1,17 @@
+import { copyFileSync, existsSync } from 'fs';
+import { join, resolve } from 'path';
+
+// Get the project root directory
+const projectRoot = resolve(process.cwd());
+
+// Define paths
+const sourceFile = join(projectRoot, 'dev/Unraid.net/myservers.example.cfg');
+const destFile = join(projectRoot, 'dev/Unraid.net/myservers.cfg');
+
+// Ensure the example file exists
+if (!existsSync(sourceFile)) {
+    console.error('Error: myservers.example.cfg not found!');
+    process.exit(1);
+}
+
+copyFileSync(sourceFile, destFile);

api/src/__test__/setup/mock-fs-setup.ts

@@ -0,0 +1,45 @@
+import { beforeEach, vi } from 'vitest';
+
+// Create a global mock file system that can be used across all tests
+export const mockFileSystem = new Map<string, string>();
+
+// Mock fs/promises
+vi.mock('node:fs/promises', () => ({
+    writeFile: vi.fn().mockImplementation((path, content) => {
+        mockFileSystem.set(path.toString(), content.toString());
+        return Promise.resolve();
+    }),
+    readFile: vi.fn().mockImplementation((path) => {
+        const content = mockFileSystem.get(path.toString());
+        if (content === undefined) {
+            return Promise.reject(new Error(`File not found: ${path}`));
+        }
+        return Promise.resolve(content);
+    }),
+    access: vi.fn().mockImplementation((path) => {
+        if (mockFileSystem.has(path.toString())) {
+            return Promise.resolve();
+        }
+        return Promise.reject(new Error(`File not found: ${path}`));
+    }),
+}));
+
+// Mock fs-extra
+vi.mock('fs-extra', () => ({
+    emptyDir: vi.fn().mockImplementation(() => {
+        mockFileSystem.clear();
+        return Promise.resolve();
+    }),
+}));
+
+// Mock file-exists utility
+vi.mock('@app/core/utils/files/file-exists.js', () => ({
+    fileExists: vi.fn().mockImplementation((path) => {
+        return Promise.resolve(mockFileSystem.has(path.toString()));
+    }),
+}));
+
+// Clear the mock file system before each test
+beforeEach(() => {
+    mockFileSystem.clear();
+});

api/src/__test__/setup/store-reset.ts

@@ -0,0 +1,8 @@
+import { beforeEach } from 'vitest';
+
+import { resetStore } from '@app/store/actions/reset-store.js';
+import { store } from '@app/store/index.js';
+
+beforeEach(() => {
+    store.dispatch(resetStore());
+});

api/src/__test__/store/modules/__snapshots__/paths.test.ts.snap

@@ -0,0 +1,38 @@
+// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
+
+exports[`Returns paths 1`] = `
+[
+  "core",
+  "unraid-api-base",
+  "unraid-data",
+  "docker-autostart",
+  "docker-socket",
+  "rclone-socket",
+  "parity-checks",
+  "htpasswd",
+  "emhttpd-socket",
+  "states",
+  "dynamix-base",
+  "dynamix-config",
+  "myservers-base",
+  "myservers-config",
+  "myservers-config-states",
+  "myservers-env",
+  "myservers-keepalive",
+  "keyfile-base",
+  "machine-id",
+  "log-base",
+  "unraid-log-base",
+  "var-run",
+  "auth-sessions",
+  "auth-keys",
+  "passwd",
+  "libvirt-pid",
+  "activationBase",
+  "webGuiBase",
+  "identConfig",
+  "activation",
+  "boot",
+  "webgui",
+]
+`;

api/src/__test__/store/modules/config.test.ts

@@ -1,103 +1,303 @@
-import { expect, test } from 'vitest';
+import { beforeEach, describe, expect, test, vi } from 'vitest';
 
+import { pubsub, PUBSUB_CHANNEL } from '@app/core/pubsub.js';
 import { store } from '@app/store/index.js';
 import { MyServersConfigMemory } from '@app/types/my-servers-config.js';
 
-test('Before init returns default values for all fields', async () => {
-    const state = store.getState().config;
-    expect(state).toMatchSnapshot();
-}, 10_000);
+describe.skip('config tests', () => {
+    // Mock dependencies
+    vi.mock('@app/core/pubsub.js', () => {
+        const mockPublish = vi.fn();
+        return {
+            pubsub: {
+                publish: mockPublish,
+            },
+            PUBSUB_CHANNEL: {
+                OWNER: 'OWNER',
+                SERVERS: 'SERVERS',
+            },
+            __esModule: true,
+            default: {
+                pubsub: {
+                    publish: mockPublish,
+                },
+                PUBSUB_CHANNEL: {
+                    OWNER: 'OWNER',
+                    SERVERS: 'SERVERS',
+                },
+            },
+        };
+    });
 
-test('After init returns values from cfg file for all fields', async () => {
-    const { loadConfigFile } = await import('@app/store/modules/config.js');
+    // Get the mock function for pubsub.publish
+    const mockPublish = vi.mocked(pubsub.publish);
 
-    // Load cfg into store
-    await store.dispatch(loadConfigFile());
+    // Clear mock before each test
+    beforeEach(() => {
+        mockPublish.mockClear();
+    });
 
-    // Check if store has cfg contents loaded
-    const state = store.getState().config;
-    expect(state).toMatchObject(
-        expect.objectContaining({
-            api: {
-                extraOrigins: expect.stringMatching('https://google.com,https://test.com'),
+    vi.mock('@app/mothership/graphql-client.js', () => ({
+        GraphQLClient: {
+            clearInstance: vi.fn(),
+        },
+    }));
+
+    vi.mock('@app/mothership/jobs/ping-timeout-jobs.js', () => ({
+        stopPingTimeoutJobs: vi.fn(),
+    }));
+
+    const createConfigMatcher = (specificValues: Partial<MyServersConfigMemory> = {}) => {
+        const defaultMatcher = {
+            api: expect.objectContaining({
+                extraOrigins: expect.any(String),
                 version: expect.any(String),
-            },
-            connectionStatus: {
-                minigraph: 'PRE_INIT',
-                upnpStatus: '',
-            },
-            local: {
+            }),
+            connectionStatus: expect.objectContaining({
+                minigraph: expect.any(String),
+                upnpStatus: expect.any(String),
+            }),
+            local: expect.objectContaining({
                 sandbox: expect.any(String),
+            }),
+            nodeEnv: expect.any(String),
+            remote: expect.objectContaining({
+                accesstoken: expect.any(String),
+                allowedOrigins: expect.any(String),
+                apikey: expect.any(String),
+                avatar: expect.any(String),
+                dynamicRemoteAccessType: expect.any(String),
+                email: expect.any(String),
+                idtoken: expect.any(String),
+                localApiKey: expect.any(String),
+                refreshtoken: expect.any(String),
+                regWizTime: expect.any(String),
+                ssoSubIds: expect.any(String),
+                upnpEnabled: expect.any(String),
+                username: expect.any(String),
+                wanaccess: expect.any(String),
+                wanport: expect.any(String),
+            }),
+            status: expect.any(String),
+        };
+
+        return expect.objectContaining({
+            ...defaultMatcher,
+            ...specificValues,
+        });
+    };
+
+    // test('Before init returns default values for all fields', async () => {
+    //     const state = store.getState().config;
+    //     expect(state).toMatchSnapshot();
+    // }, 10_000);
+
+    test('After init returns values from cfg file for all fields', async () => {
+        const { loadConfigFile } = await import('@app/store/modules/config.js');
+
+        // Load cfg into store
+        await store.dispatch(loadConfigFile());
+
+        // Check if store has cfg contents loaded
+        const state = store.getState().config;
+        expect(state).toMatchObject(createConfigMatcher());
+    });
+
+    test('updateUserConfig merges in changes to current state', async () => {
+        const { loadConfigFile, updateUserConfig } = await import('@app/store/modules/config.js');
+
+        // Load cfg into store
+        await store.dispatch(loadConfigFile());
+
+        // Update store
+        store.dispatch(
+            updateUserConfig({
+                remote: { avatar: 'https://via.placeholder.com/200' },
+            })
+        );
+
+        const state = store.getState().config;
+        expect(state).toMatchObject(
+            createConfigMatcher({
+                remote: expect.objectContaining({
+                    avatar: 'https://via.placeholder.com/200',
+                }),
+            })
+        );
+    });
+
+    test('loginUser updates state and publishes to pubsub', async () => {
+        const { loginUser } = await import('@app/store/modules/config.js');
+        const userInfo = {
+            email: 'test@example.com',
+            avatar: 'https://via.placeholder.com/200',
+            username: 'testuser',
+            apikey: 'test-api-key',
+            localApiKey: 'test-local-api-key',
+        };
+
+        await store.dispatch(loginUser(userInfo));
+
+        expect(pubsub.publish).toHaveBeenCalledWith(PUBSUB_CHANNEL.OWNER, {
+            owner: {
+                username: userInfo.username,
+                url: '',
+                avatar: userInfo.avatar,
             },
-            nodeEnv: 'test',
-            remote: {
-                accesstoken: '',
-                allowedOrigins: '',
-                apikey: '_______________________BIG_API_KEY_HERE_________________________',
-                avatar: 'https://via.placeholder.com/200',
-                dynamicRemoteAccessType: 'DISABLED',
-                email: 'test@example.com',
-                idtoken: '',
-                localApiKey: '_______________________LOCAL_API_KEY_HERE_________________________',
-                refreshtoken: '',
-                regWizTime: '1611175408732_0951-1653-3509-FBA155FA23C0',
-                ssoSubIds: '',
-                upnpEnabled: 'no',
-                username: 'zspearmint',
-                wanaccess: 'yes',
-                wanport: '8443',
+        });
+
+        const state = store.getState().config;
+        expect(state).toMatchObject(
+            createConfigMatcher({
+                remote: expect.objectContaining(userInfo),
+            })
+        );
+    });
+
+    test('logoutUser clears state and publishes to pubsub', async () => {
+        const { logoutUser } = await import('@app/store/modules/config.js');
+
+        await store.dispatch(logoutUser({ reason: 'test logout' }));
+
+        expect(pubsub.publish).toHaveBeenCalledWith(PUBSUB_CHANNEL.SERVERS, { servers: [] });
+        expect(pubsub.publish).toHaveBeenCalledWith(PUBSUB_CHANNEL.OWNER, {
+            owner: {
+                username: 'root',
+                url: '',
+                avatar: '',
             },
-            status: 'LOADED',
-        })
-    );
-});
-
-test('updateUserConfig merges in changes to current state', async () => {
-    const { loadConfigFile, updateUserConfig } = await import('@app/store/modules/config.js');
-
-    // Load cfg into store
-    await store.dispatch(loadConfigFile());
-
-    // Update store
-    store.dispatch(
-        updateUserConfig({
-            remote: { avatar: 'https://via.placeholder.com/200' },
-        })
-    );
-
-    const state = store.getState().config;
-    expect(state).toMatchObject(
-        expect.objectContaining({
-            api: {
-                extraOrigins: expect.stringMatching('https://google.com,https://test.com'),
-                version: expect.any(String),
-            },
-            connectionStatus: {
-                minigraph: 'PRE_INIT',
-                upnpStatus: '',
-            },
-            local: {
-                sandbox: expect.any(String),
-            },
-            nodeEnv: 'test',
-            remote: {
-                accesstoken: '',
-                allowedOrigins: '',
-                apikey: '_______________________BIG_API_KEY_HERE_________________________',
-                avatar: 'https://via.placeholder.com/200',
-                dynamicRemoteAccessType: 'DISABLED',
-                email: 'test@example.com',
-                idtoken: '',
-                localApiKey: '_______________________LOCAL_API_KEY_HERE_________________________',
-                refreshtoken: '',
-                regWizTime: '1611175408732_0951-1653-3509-FBA155FA23C0',
-                ssoSubIds: '',
-                upnpEnabled: 'no',
-                username: 'zspearmint',
-                wanaccess: 'yes',
-                wanport: '8443',
-            },
-            status: 'LOADED',
-        } as MyServersConfigMemory)
-    );
+        });
+        // expect(stopPingTimeoutJobs).toHaveBeenCalled();
+        // expect(GraphQLClient.clearInstance).toHaveBeenCalled();
+    });
+
+    test('updateAccessTokens updates token fields', async () => {
+        const { updateAccessTokens } = await import('@app/store/modules/config.js');
+        const tokens = {
+            accesstoken: 'new-access-token',
+            refreshtoken: 'new-refresh-token',
+            idtoken: 'new-id-token',
+        };
+
+        store.dispatch(updateAccessTokens(tokens));
+
+        const state = store.getState().config;
+        expect(state).toMatchObject(
+            createConfigMatcher({
+                remote: expect.objectContaining(tokens),
+            })
+        );
+    });
+
+    test('updateAllowedOrigins updates extraOrigins', async () => {
+        const { updateAllowedOrigins } = await import('@app/store/modules/config.js');
+        const origins = ['https://test1.com', 'https://test2.com'];
+
+        store.dispatch(updateAllowedOrigins(origins));
+
+        const state = store.getState().config;
+        expect(state.api.extraOrigins).toBe(origins.join(', '));
+    });
+
+    test('setUpnpState updates upnp settings', async () => {
+        const { setUpnpState } = await import('@app/store/modules/config.js');
+
+        store.dispatch(setUpnpState({ enabled: 'yes', status: 'active' }));
+
+        const state = store.getState().config;
+        expect(state.remote.upnpEnabled).toBe('yes');
+        expect(state.connectionStatus.upnpStatus).toBe('active');
+    });
+
+    test('setWanPortToValue updates wanport', async () => {
+        const { setWanPortToValue } = await import('@app/store/modules/config.js');
+
+        store.dispatch(setWanPortToValue(8443));
+
+        const state = store.getState().config;
+        expect(state.remote.wanport).toBe('8443');
+    });
+
+    test('setWanAccess updates wanaccess', async () => {
+        const { setWanAccess } = await import('@app/store/modules/config.js');
+
+        store.dispatch(setWanAccess('yes'));
+
+        const state = store.getState().config;
+        expect(state.remote.wanaccess).toBe('yes');
+    });
+
+    // test('addSsoUser adds user to ssoSubIds', async () => {
+    //     const { addSsoUser } = await import('@app/store/modules/config.js');
+
+    //     store.dispatch(addSsoUser('user1'));
+    //     store.dispatch(addSsoUser('user2'));
+
+    //     const state = store.getState().config;
+    //     expect(state.remote.ssoSubIds).toBe('user1,user2');
+    // });
+
+    // test('removeSsoUser removes user from ssoSubIds', async () => {
+    //     const { addSsoUser, removeSsoUser } = await import('@app/store/modules/config.js');
+
+    //     store.dispatch(addSsoUser('user1'));
+    //     store.dispatch(addSsoUser('user2'));
+    //     store.dispatch(removeSsoUser('user1'));
+
+    //     const state = store.getState().config;
+    //     expect(state.remote.ssoSubIds).toBe('user2');
+    // });
+
+    // test('removeSsoUser with null clears all ssoSubIds', async () => {
+    //     const { addSsoUser, removeSsoUser } = await import('@app/store/modules/config.js');
+
+    //     store.dispatch(addSsoUser('user1'));
+    //     store.dispatch(addSsoUser('user2'));
+    //     store.dispatch(removeSsoUser(null));
+
+    //     const state = store.getState().config;
+    //     expect(state.remote.ssoSubIds).toBe('');
+    // });
+
+    test('setLocalApiKey updates localApiKey', async () => {
+        const { setLocalApiKey } = await import('@app/store/modules/config.js');
+
+        store.dispatch(setLocalApiKey('new-local-api-key'));
+
+        const state = store.getState().config;
+        expect(state.remote.localApiKey).toBe('new-local-api-key');
+    });
+
+    test('setLocalApiKey with null clears localApiKey', async () => {
+        const { setLocalApiKey } = await import('@app/store/modules/config.js');
+
+        store.dispatch(setLocalApiKey(null));
+
+        const state = store.getState().config;
+        expect(state.remote.localApiKey).toBe('');
+    });
+
+    // test('setGraphqlConnectionStatus updates minigraph status', async () => {
+    //     store.dispatch(setGraphqlConnectionStatus({ status: MinigraphStatus.CONNECTED, error: null }));
+
+    //     const state = store.getState().config;
+    //     expect(state.connectionStatus.minigraph).toBe(MinigraphStatus.CONNECTED);
+    // });
+
+    // test('setupRemoteAccessThunk.fulfilled updates remote access settings', async () => {
+    //     const remoteAccessSettings = {
+    //         accessType: WAN_ACCESS_TYPE.DYNAMIC,
+    //         forwardType: WAN_FORWARD_TYPE.UPNP,
+    //     };
+
+    //     await store.dispatch(setupRemoteAccessThunk(remoteAccessSettings));
+
+    //     const state = store.getState().config;
+    //     expect(state.remote).toMatchObject({
+    //         wanaccess: 'no',
+    //         dynamicRemoteAccessType: 'UPNP',
+    //         wanport: '',
+    //         upnpEnabled: 'yes',
+    //     });
+    // });
 });

api/src/__test__/store/modules/emhttp.test.ts

@@ -197,253 +197,257 @@ test('After init returns values from cfg file for all fields', async () => {
 		}
 	`);
     expect(disks).toMatchInlineSnapshot(`
-		[
-		  {
-		    "comment": null,
-		    "critical": null,
-		    "device": "sdh",
-		    "exportable": false,
-		    "format": "GPT: 4KiB-aligned",
-		    "fsFree": null,
-		    "fsSize": null,
-		    "fsType": null,
-		    "fsUsed": null,
-		    "id": "ST18000NM000J-2TV103_ZR585CPY",
-		    "idx": 0,
-		    "name": "parity",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": true,
-		    "size": 17578328012,
-		    "status": "DISK_OK",
-		    "temp": 25,
-		    "transport": "ata",
-		    "type": "Parity",
-		    "warning": null,
-		  },
-		  {
-		    "comment": "Seagate Exos",
-		    "critical": 75,
-		    "device": "sdf",
-		    "exportable": false,
-		    "format": "GPT: 4KiB-aligned",
-		    "fsFree": 13882739732,
-		    "fsSize": 17998742753,
-		    "fsType": "xfs",
-		    "fsUsed": 4116003021,
-		    "id": "ST18000NM000J-2TV103_ZR5B1W9X",
-		    "idx": 1,
-		    "name": "disk1",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": true,
-		    "size": 17578328012,
-		    "status": "DISK_OK",
-		    "temp": 30,
-		    "transport": "ata",
-		    "type": "Data",
-		    "warning": 50,
-		  },
-		  {
-		    "comment": "",
-		    "critical": null,
-		    "device": "sdj",
-		    "exportable": false,
-		    "format": "GPT: 4KiB-aligned",
-		    "fsFree": 93140746,
-		    "fsSize": 11998001574,
-		    "fsType": "xfs",
-		    "fsUsed": 11904860828,
-		    "id": "WDC_WD120EDAZ-11F3RA0_5PJRD45C",
-		    "idx": 2,
-		    "name": "disk2",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": true,
-		    "size": 11718885324,
-		    "status": "DISK_OK",
-		    "temp": 30,
-		    "transport": "ata",
-		    "type": "Data",
-		    "warning": null,
-		  },
-		  {
-		    "comment": "",
-		    "critical": null,
-		    "device": "sde",
-		    "exportable": false,
-		    "format": "GPT: 4KiB-aligned",
-		    "fsFree": 5519945093,
-		    "fsSize": 11998001574,
-		    "fsType": "xfs",
-		    "fsUsed": 6478056481,
-		    "id": "WDC_WD120EMAZ-11BLFA0_5PH8BTYD",
-		    "idx": 3,
-		    "name": "disk3",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": true,
-		    "size": 11718885324,
-		    "status": "DISK_OK",
-		    "temp": 30,
-		    "transport": "ata",
-		    "type": "Data",
-		    "warning": null,
-		  },
-		  {
-		    "comment": "",
-		    "critical": null,
-		    "device": "sdi",
-		    "exportable": false,
-		    "format": "MBR: 4KiB-aligned",
-		    "fsFree": 111810683,
-		    "fsSize": 250059317,
-		    "fsType": "btrfs",
-		    "fsUsed": 137273827,
-		    "id": "Samsung_SSD_850_EVO_250GB_S2R5NX0H643734Z",
-		    "idx": 30,
-		    "name": "cache",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": false,
-		    "size": 244198552,
-		    "status": "DISK_OK",
-		    "temp": 22,
-		    "transport": "ata",
-		    "type": "Cache",
-		    "warning": null,
-		  },
-		  {
-		    "comment": null,
-		    "critical": null,
-		    "device": "nvme0n1",
-		    "exportable": false,
-		    "format": "MBR: 4KiB-aligned",
-		    "fsFree": null,
-		    "fsSize": null,
-		    "fsType": null,
-		    "fsUsed": null,
-		    "id": "KINGSTON_SA2000M8250G_50026B7282669D9E",
-		    "idx": 31,
-		    "name": "cache2",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": false,
-		    "size": 244198552,
-		    "status": "DISK_OK",
-		    "temp": 27,
-		    "transport": "nvme",
-		    "type": "Cache",
-		    "warning": null,
-		  },
-		  {
-		    "comment": "Unraid OS boot device",
-		    "critical": null,
-		    "device": "sda",
-		    "exportable": true,
-		    "format": "unknown",
-		    "fsFree": 3191407,
-		    "fsSize": 4042732,
-		    "fsType": "vfat",
-		    "fsUsed": 851325,
-		    "id": "Cruzer",
-		    "idx": 32,
-		    "name": "flash",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": true,
-		    "size": 3956700,
-		    "status": "DISK_OK",
-		    "temp": null,
-		    "transport": "usb",
-		    "type": "Flash",
-		    "warning": null,
-		  },
-		]
-	`);
+      [
+        {
+          "comment": null,
+          "critical": null,
+          "device": "sdh",
+          "exportable": false,
+          "format": "GPT: 4KiB-aligned",
+          "fsFree": null,
+          "fsSize": null,
+          "fsType": null,
+          "fsUsed": null,
+          "id": "ST18000NM000J-2TV103_ZR585CPY",
+          "idx": 0,
+          "name": "parity",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": true,
+          "size": 17578328012,
+          "status": "DISK_OK",
+          "temp": 25,
+          "transport": "ata",
+          "type": "PARITY",
+          "warning": null,
+        },
+        {
+          "comment": "Seagate Exos",
+          "critical": 75,
+          "device": "sdf",
+          "exportable": false,
+          "format": "GPT: 4KiB-aligned",
+          "fsFree": 13882739732,
+          "fsSize": 17998742753,
+          "fsType": "xfs",
+          "fsUsed": 4116003021,
+          "id": "ST18000NM000J-2TV103_ZR5B1W9X",
+          "idx": 1,
+          "name": "disk1",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": true,
+          "size": 17578328012,
+          "status": "DISK_OK",
+          "temp": 30,
+          "transport": "ata",
+          "type": "DATA",
+          "warning": 50,
+        },
+        {
+          "comment": "",
+          "critical": null,
+          "device": "sdj",
+          "exportable": false,
+          "format": "GPT: 4KiB-aligned",
+          "fsFree": 93140746,
+          "fsSize": 11998001574,
+          "fsType": "xfs",
+          "fsUsed": 11904860828,
+          "id": "WDC_WD120EDAZ-11F3RA0_5PJRD45C",
+          "idx": 2,
+          "name": "disk2",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": true,
+          "size": 11718885324,
+          "status": "DISK_OK",
+          "temp": 30,
+          "transport": "ata",
+          "type": "DATA",
+          "warning": null,
+        },
+        {
+          "comment": "",
+          "critical": null,
+          "device": "sde",
+          "exportable": false,
+          "format": "GPT: 4KiB-aligned",
+          "fsFree": 5519945093,
+          "fsSize": 11998001574,
+          "fsType": "xfs",
+          "fsUsed": 6478056481,
+          "id": "WDC_WD120EMAZ-11BLFA0_5PH8BTYD",
+          "idx": 3,
+          "name": "disk3",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": true,
+          "size": 11718885324,
+          "status": "DISK_OK",
+          "temp": 30,
+          "transport": "ata",
+          "type": "DATA",
+          "warning": null,
+        },
+        {
+          "comment": "",
+          "critical": null,
+          "device": "sdi",
+          "exportable": false,
+          "format": "MBR: 4KiB-aligned",
+          "fsFree": 111810683,
+          "fsSize": 250059317,
+          "fsType": "btrfs",
+          "fsUsed": 137273827,
+          "id": "Samsung_SSD_850_EVO_250GB_S2R5NX0H643734Z",
+          "idx": 30,
+          "name": "cache",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": false,
+          "size": 244198552,
+          "status": "DISK_OK",
+          "temp": 22,
+          "transport": "ata",
+          "type": "CACHE",
+          "warning": null,
+        },
+        {
+          "comment": null,
+          "critical": null,
+          "device": "nvme0n1",
+          "exportable": false,
+          "format": "MBR: 4KiB-aligned",
+          "fsFree": null,
+          "fsSize": null,
+          "fsType": null,
+          "fsUsed": null,
+          "id": "KINGSTON_SA2000M8250G_50026B7282669D9E",
+          "idx": 31,
+          "name": "cache2",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": false,
+          "size": 244198552,
+          "status": "DISK_OK",
+          "temp": 27,
+          "transport": "nvme",
+          "type": "CACHE",
+          "warning": null,
+        },
+        {
+          "comment": "Unraid OS boot device",
+          "critical": null,
+          "device": "sda",
+          "exportable": true,
+          "format": "unknown",
+          "fsFree": 3191407,
+          "fsSize": 4042732,
+          "fsType": "vfat",
+          "fsUsed": 851325,
+          "id": "Cruzer",
+          "idx": 32,
+          "name": "flash",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": true,
+          "size": 3956700,
+          "status": "DISK_OK",
+          "temp": null,
+          "transport": "usb",
+          "type": "FLASH",
+          "warning": null,
+        },
+      ]
+    `);
     expect(shares).toMatchInlineSnapshot(`
-		[
-		  {
-		    "allocator": "highwater",
-		    "cache": false,
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "appdata",
-		    "nameOrig": "appdata",
-		    "size": 0,
-		    "splitLevel": "",
-		    "used": 33619300,
-		  },
-		  {
-		    "allocator": "highwater",
-		    "cache": false,
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "saved VM instances",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "domains",
-		    "nameOrig": "domains",
-		    "size": 0,
-		    "splitLevel": "1",
-		    "used": 33619300,
-		  },
-		  {
-		    "allocator": "highwater",
-		    "cache": true,
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "ISO images",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "isos",
-		    "nameOrig": "isos",
-		    "size": 0,
-		    "splitLevel": "",
-		    "used": 33619300,
-		  },
-		  {
-		    "allocator": "highwater",
-		    "cache": false,
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "system data",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "system",
-		    "nameOrig": "system",
-		    "size": 0,
-		    "splitLevel": "1",
-		    "used": 33619300,
-		  },
-		]
-	`);
+      [
+        {
+          "allocator": "highwater",
+          "cache": false,
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "appdata",
+          "include": [],
+          "luksStatus": "0",
+          "name": "appdata",
+          "nameOrig": "appdata",
+          "size": 0,
+          "splitLevel": "",
+          "used": 33619300,
+        },
+        {
+          "allocator": "highwater",
+          "cache": false,
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "saved VM instances",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "domains",
+          "include": [],
+          "luksStatus": "0",
+          "name": "domains",
+          "nameOrig": "domains",
+          "size": 0,
+          "splitLevel": "1",
+          "used": 33619300,
+        },
+        {
+          "allocator": "highwater",
+          "cache": true,
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "ISO images",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "isos",
+          "include": [],
+          "luksStatus": "0",
+          "name": "isos",
+          "nameOrig": "isos",
+          "size": 0,
+          "splitLevel": "",
+          "used": 33619300,
+        },
+        {
+          "allocator": "highwater",
+          "cache": false,
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "system data",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "system",
+          "include": [],
+          "luksStatus": "0",
+          "name": "system",
+          "nameOrig": "system",
+          "size": 0,
+          "splitLevel": "1",
+          "used": 33619300,
+        },
+      ]
+    `);
     expect(nfsShares).toMatchInlineSnapshot(`
 		[
 		  {
@@ -957,7 +961,7 @@ test('After init returns values from cfg file for all fields', async () => {
         "configErrorState": "INELIGIBLE",
         "configValid": false,
         "csrfToken": "0000000000000000",
-        "defaultFsType": "xfs",
+        "defaultFsType": "XFS",
         "deviceCount": 4,
         "domain": "",
         "domainLogin": "Administrator",

api/src/__test__/store/modules/paths.test.ts

@@ -4,31 +4,63 @@ import { store } from '@app/store/index.js';
 
 test('Returns paths', async () => {
     const { paths } = store.getState();
-    expect(Object.keys(paths)).toMatchInlineSnapshot(`
-		[
-		  "core",
-		  "unraid-api-base",
-		  "unraid-data",
-		  "docker-autostart",
-		  "docker-socket",
-		  "parity-checks",
-		  "htpasswd",
-		  "emhttpd-socket",
-		  "states",
-		  "dynamix-base",
-		  "dynamix-config",
-		  "myservers-base",
-		  "myservers-config",
-		  "myservers-config-states",
-		  "myservers-env",
-		  "myservers-keepalive",
-		  "keyfile-base",
-		  "machine-id",
-		  "log-base",
-		  "unraid-log-base",
-		  "var-run",
-		  "auth-sessions",
-		  "auth-keys",
-		]
-	`);
+    expect(Object.keys(paths)).toMatchSnapshot();
+
+    expect(paths).toMatchObject({
+        core: expect.stringContaining('api/src/store/modules'),
+        'unraid-api-base': '/usr/local/unraid-api/',
+        'unraid-data': expect.stringContaining('api/dev/data'),
+        'docker-autostart': '/var/lib/docker/unraid-autostart',
+        'docker-socket': '/var/run/docker.sock',
+        'parity-checks': expect.stringContaining('api/dev/states/parity-checks.log'),
+        htpasswd: '/etc/nginx/htpasswd',
+        'emhttpd-socket': '/var/run/emhttpd.socket',
+        states: expect.stringContaining('api/dev/states'),
+        'dynamix-base': expect.stringContaining('api/dev/dynamix'),
+        'dynamix-config': expect.arrayContaining([
+            expect.stringContaining('api/dev/dynamix/default.cfg'),
+            expect.stringContaining('api/dev/dynamix/dynamix.cfg'),
+        ]),
+        'myservers-base': '/boot/config/plugins/dynamix.my.servers/',
+        'myservers-config': expect.stringContaining('api/dev/Unraid.net/myservers.cfg'),
+        'myservers-config-states': expect.stringContaining('api/dev/states/myservers.cfg'),
+        'myservers-env': '/boot/config/plugins/dynamix.my.servers/env',
+        'myservers-keepalive': './dev/Unraid.net/fb_keepalive',
+        'keyfile-base': expect.stringContaining('api/dev/Unraid.net'),
+        'machine-id': expect.stringContaining('api/dev/data/machine-id'),
+        'log-base': '/var/log/unraid-api',
+        'unraid-log-base': '/var/log',
+        'var-run': '/var/run',
+        'auth-sessions': './dev/sessions',
+        'auth-keys': expect.stringContaining('api/dev/keys'),
+        passwd: expect.stringContaining('api/dev/passwd'),
+        'libvirt-pid': '/var/run/libvirt/libvirtd.pid',
+        activationBase: expect.stringContaining('api/dev/activation'),
+        webGuiBase: '/usr/local/emhttp/webGui',
+        identConfig: '/boot/config/ident.cfg',
+        activation: {
+            assets: expect.stringContaining('api/dev/activation/assets'),
+            logo: expect.stringContaining('api/dev/activation/assets/logo.svg'),
+            caseModel: expect.stringContaining('api/dev/activation/assets/case-model.png'),
+            banner: expect.stringContaining('api/dev/activation/assets/banner.png'),
+        },
+        boot: {
+            caseModel: expect.stringContaining('api/dev/dynamix/case-model.png'),
+        },
+        webgui: {
+            imagesBase: '/usr/local/emhttp/webGui/images',
+            logo: {
+                fullPath: '/usr/local/emhttp/webGui/images/UN-logotype-gradient.svg',
+                assetPath: '/webGui/images/UN-logotype-gradient.svg',
+            },
+            caseModel: {
+                fullPath: '/usr/local/emhttp/webGui/images/case-model.png',
+                assetPath: '/webGui/images/case-model.png',
+            },
+            banner: {
+                fullPath: '/usr/local/emhttp/webGui/images/banner.png',
+                assetPath: '/webGui/images/banner.png',
+            },
+        },
+    });
 });

api/src/__test__/store/modules/registration.test.ts

@@ -1,13 +1,13 @@
 import { expect, test } from 'vitest';
 
-import { store } from '@app/store/index.js';
+import { getters, store } from '@app/store/index.js';
 import { loadRegistrationKey } from '@app/store/modules/registration.js';
 import { FileLoadStatus, StateFileKey } from '@app/store/types.js';
 
 // Preloading imports for faster tests
 
 test('Before loading key returns null', async () => {
-    const { status, keyFile } = store.getState().registration;
+    const { status, keyFile } = getters.registration();
     expect(status).toBe(FileLoadStatus.UNLOADED);
     expect(keyFile).toBe(null);
 });
@@ -17,7 +17,7 @@ test('Requires emhttp to be loaded to find key file', async () => {
     await store.dispatch(loadRegistrationKey());
 
     // Check if store has state files loaded
-    const { status, keyFile } = store.getState().registration;
+    const { status, keyFile } = getters.registration();
 
     expect(status).toBe(FileLoadStatus.LOADED);
     expect(keyFile).toBe(null);
@@ -42,7 +42,7 @@ test('Returns empty key if key location is empty', async () => {
     await store.dispatch(loadRegistrationKey());
 
     // Check if store has state files loaded
-    const { status, keyFile } = store.getState().registration;
+    const { status, keyFile } = getters.registration();
     expect(status).toBe(FileLoadStatus.LOADED);
     expect(keyFile).toBe('');
 });

api/src/__test__/store/state-parsers/shares.test.ts

@@ -15,79 +15,83 @@ test('Returns parsed state file', async () => {
         type: 'ini',
     });
     expect(parse(stateFile)).toMatchInlineSnapshot(`
-		[
-		  {
-		    "allocator": "highwater",
-		    "cache": false,
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "appdata",
-		    "nameOrig": "appdata",
-		    "size": 0,
-		    "splitLevel": "",
-		    "used": 33619300,
-		  },
-		  {
-		    "allocator": "highwater",
-		    "cache": false,
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "saved VM instances",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "domains",
-		    "nameOrig": "domains",
-		    "size": 0,
-		    "splitLevel": "1",
-		    "used": 33619300,
-		  },
-		  {
-		    "allocator": "highwater",
-		    "cache": true,
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "ISO images",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "isos",
-		    "nameOrig": "isos",
-		    "size": 0,
-		    "splitLevel": "",
-		    "used": 33619300,
-		  },
-		  {
-		    "allocator": "highwater",
-		    "cache": false,
-		    "cachePool": "cache",
-		    "color": "yellow-on",
-		    "comment": "system data",
-		    "cow": "auto",
-		    "exclude": [],
-		    "floor": "0",
-		    "free": 9309372,
-		    "include": [],
-		    "luksStatus": "0",
-		    "name": "system",
-		    "nameOrig": "system",
-		    "size": 0,
-		    "splitLevel": "1",
-		    "used": 33619300,
-		  },
-		]
-	`);
+      [
+        {
+          "allocator": "highwater",
+          "cache": false,
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "appdata",
+          "include": [],
+          "luksStatus": "0",
+          "name": "appdata",
+          "nameOrig": "appdata",
+          "size": 0,
+          "splitLevel": "",
+          "used": 33619300,
+        },
+        {
+          "allocator": "highwater",
+          "cache": false,
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "saved VM instances",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "domains",
+          "include": [],
+          "luksStatus": "0",
+          "name": "domains",
+          "nameOrig": "domains",
+          "size": 0,
+          "splitLevel": "1",
+          "used": 33619300,
+        },
+        {
+          "allocator": "highwater",
+          "cache": true,
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "ISO images",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "isos",
+          "include": [],
+          "luksStatus": "0",
+          "name": "isos",
+          "nameOrig": "isos",
+          "size": 0,
+          "splitLevel": "",
+          "used": 33619300,
+        },
+        {
+          "allocator": "highwater",
+          "cache": false,
+          "cachePool": "cache",
+          "color": "yellow-on",
+          "comment": "system data",
+          "cow": "auto",
+          "exclude": [],
+          "floor": "0",
+          "free": 9309372,
+          "id": "system",
+          "include": [],
+          "luksStatus": "0",
+          "name": "system",
+          "nameOrig": "system",
+          "size": 0,
+          "splitLevel": "1",
+          "used": 33619300,
+        },
+      ]
+    `);
 });

api/src/__test__/store/state-parsers/slots.test.ts

@@ -15,175 +15,175 @@ test('Returns parsed state file', async () => {
         type: 'ini',
     });
     expect(parse(stateFile)).toMatchInlineSnapshot(`
-		[
-		  {
-		    "comment": null,
-		    "critical": null,
-		    "device": "sdh",
-		    "exportable": false,
-		    "format": "GPT: 4KiB-aligned",
-		    "fsFree": null,
-		    "fsSize": null,
-		    "fsType": null,
-		    "fsUsed": null,
-		    "id": "ST18000NM000J-2TV103_ZR585CPY",
-		    "idx": 0,
-		    "name": "parity",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": true,
-		    "size": 17578328012,
-		    "status": "DISK_OK",
-		    "temp": 25,
-		    "transport": "ata",
-		    "type": "Parity",
-		    "warning": null,
-		  },
-		  {
-		    "comment": "Seagate Exos",
-		    "critical": 75,
-		    "device": "sdf",
-		    "exportable": false,
-		    "format": "GPT: 4KiB-aligned",
-		    "fsFree": 13882739732,
-		    "fsSize": 17998742753,
-		    "fsType": "xfs",
-		    "fsUsed": 4116003021,
-		    "id": "ST18000NM000J-2TV103_ZR5B1W9X",
-		    "idx": 1,
-		    "name": "disk1",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": true,
-		    "size": 17578328012,
-		    "status": "DISK_OK",
-		    "temp": 30,
-		    "transport": "ata",
-		    "type": "Data",
-		    "warning": 50,
-		  },
-		  {
-		    "comment": "",
-		    "critical": null,
-		    "device": "sdj",
-		    "exportable": false,
-		    "format": "GPT: 4KiB-aligned",
-		    "fsFree": 93140746,
-		    "fsSize": 11998001574,
-		    "fsType": "xfs",
-		    "fsUsed": 11904860828,
-		    "id": "WDC_WD120EDAZ-11F3RA0_5PJRD45C",
-		    "idx": 2,
-		    "name": "disk2",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": true,
-		    "size": 11718885324,
-		    "status": "DISK_OK",
-		    "temp": 30,
-		    "transport": "ata",
-		    "type": "Data",
-		    "warning": null,
-		  },
-		  {
-		    "comment": "",
-		    "critical": null,
-		    "device": "sde",
-		    "exportable": false,
-		    "format": "GPT: 4KiB-aligned",
-		    "fsFree": 5519945093,
-		    "fsSize": 11998001574,
-		    "fsType": "xfs",
-		    "fsUsed": 6478056481,
-		    "id": "WDC_WD120EMAZ-11BLFA0_5PH8BTYD",
-		    "idx": 3,
-		    "name": "disk3",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": true,
-		    "size": 11718885324,
-		    "status": "DISK_OK",
-		    "temp": 30,
-		    "transport": "ata",
-		    "type": "Data",
-		    "warning": null,
-		  },
-		  {
-		    "comment": "",
-		    "critical": null,
-		    "device": "sdi",
-		    "exportable": false,
-		    "format": "MBR: 4KiB-aligned",
-		    "fsFree": 111810683,
-		    "fsSize": 250059317,
-		    "fsType": "btrfs",
-		    "fsUsed": 137273827,
-		    "id": "Samsung_SSD_850_EVO_250GB_S2R5NX0H643734Z",
-		    "idx": 30,
-		    "name": "cache",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": false,
-		    "size": 244198552,
-		    "status": "DISK_OK",
-		    "temp": 22,
-		    "transport": "ata",
-		    "type": "Cache",
-		    "warning": null,
-		  },
-		  {
-		    "comment": null,
-		    "critical": null,
-		    "device": "nvme0n1",
-		    "exportable": false,
-		    "format": "MBR: 4KiB-aligned",
-		    "fsFree": null,
-		    "fsSize": null,
-		    "fsType": null,
-		    "fsUsed": null,
-		    "id": "KINGSTON_SA2000M8250G_50026B7282669D9E",
-		    "idx": 31,
-		    "name": "cache2",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": false,
-		    "size": 244198552,
-		    "status": "DISK_OK",
-		    "temp": 27,
-		    "transport": "nvme",
-		    "type": "Cache",
-		    "warning": null,
-		  },
-		  {
-		    "comment": "Unraid OS boot device",
-		    "critical": null,
-		    "device": "sda",
-		    "exportable": true,
-		    "format": "unknown",
-		    "fsFree": 3191407,
-		    "fsSize": 4042732,
-		    "fsType": "vfat",
-		    "fsUsed": 851325,
-		    "id": "Cruzer",
-		    "idx": 32,
-		    "name": "flash",
-		    "numErrors": 0,
-		    "numReads": 0,
-		    "numWrites": 0,
-		    "rotational": true,
-		    "size": 3956700,
-		    "status": "DISK_OK",
-		    "temp": null,
-		    "transport": "usb",
-		    "type": "Flash",
-		    "warning": null,
-		  },
-		]
-	`);
+      [
+        {
+          "comment": null,
+          "critical": null,
+          "device": "sdh",
+          "exportable": false,
+          "format": "GPT: 4KiB-aligned",
+          "fsFree": null,
+          "fsSize": null,
+          "fsType": null,
+          "fsUsed": null,
+          "id": "ST18000NM000J-2TV103_ZR585CPY",
+          "idx": 0,
+          "name": "parity",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": true,
+          "size": 17578328012,
+          "status": "DISK_OK",
+          "temp": 25,
+          "transport": "ata",
+          "type": "PARITY",
+          "warning": null,
+        },
+        {
+          "comment": "Seagate Exos",
+          "critical": 75,
+          "device": "sdf",
+          "exportable": false,
+          "format": "GPT: 4KiB-aligned",
+          "fsFree": 13882739732,
+          "fsSize": 17998742753,
+          "fsType": "xfs",
+          "fsUsed": 4116003021,
+          "id": "ST18000NM000J-2TV103_ZR5B1W9X",
+          "idx": 1,
+          "name": "disk1",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": true,
+          "size": 17578328012,
+          "status": "DISK_OK",
+          "temp": 30,
+          "transport": "ata",
+          "type": "DATA",
+          "warning": 50,
+        },
+        {
+          "comment": "",
+          "critical": null,
+          "device": "sdj",
+          "exportable": false,
+          "format": "GPT: 4KiB-aligned",
+          "fsFree": 93140746,
+          "fsSize": 11998001574,
+          "fsType": "xfs",
+          "fsUsed": 11904860828,
+          "id": "WDC_WD120EDAZ-11F3RA0_5PJRD45C",
+          "idx": 2,
+          "name": "disk2",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": true,
+          "size": 11718885324,
+          "status": "DISK_OK",
+          "temp": 30,
+          "transport": "ata",
+          "type": "DATA",
+          "warning": null,
+        },
+        {
+          "comment": "",
+          "critical": null,
+          "device": "sde",
+          "exportable": false,
+          "format": "GPT: 4KiB-aligned",
+          "fsFree": 5519945093,
+          "fsSize": 11998001574,
+          "fsType": "xfs",
+          "fsUsed": 6478056481,
+          "id": "WDC_WD120EMAZ-11BLFA0_5PH8BTYD",
+          "idx": 3,
+          "name": "disk3",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": true,
+          "size": 11718885324,
+          "status": "DISK_OK",
+          "temp": 30,
+          "transport": "ata",
+          "type": "DATA",
+          "warning": null,
+        },
+        {
+          "comment": "",
+          "critical": null,
+          "device": "sdi",
+          "exportable": false,
+          "format": "MBR: 4KiB-aligned",
+          "fsFree": 111810683,
+          "fsSize": 250059317,
+          "fsType": "btrfs",
+          "fsUsed": 137273827,
+          "id": "Samsung_SSD_850_EVO_250GB_S2R5NX0H643734Z",
+          "idx": 30,
+          "name": "cache",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": false,
+          "size": 244198552,
+          "status": "DISK_OK",
+          "temp": 22,
+          "transport": "ata",
+          "type": "CACHE",
+          "warning": null,
+        },
+        {
+          "comment": null,
+          "critical": null,
+          "device": "nvme0n1",
+          "exportable": false,
+          "format": "MBR: 4KiB-aligned",
+          "fsFree": null,
+          "fsSize": null,
+          "fsType": null,
+          "fsUsed": null,
+          "id": "KINGSTON_SA2000M8250G_50026B7282669D9E",
+          "idx": 31,
+          "name": "cache2",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": false,
+          "size": 244198552,
+          "status": "DISK_OK",
+          "temp": 27,
+          "transport": "nvme",
+          "type": "CACHE",
+          "warning": null,
+        },
+        {
+          "comment": "Unraid OS boot device",
+          "critical": null,
+          "device": "sda",
+          "exportable": true,
+          "format": "unknown",
+          "fsFree": 3191407,
+          "fsSize": 4042732,
+          "fsType": "vfat",
+          "fsUsed": 851325,
+          "id": "Cruzer",
+          "idx": 32,
+          "name": "flash",
+          "numErrors": 0,
+          "numReads": 0,
+          "numWrites": 0,
+          "rotational": true,
+          "size": 3956700,
+          "status": "DISK_OK",
+          "temp": null,
+          "transport": "usb",
+          "type": "FLASH",
+          "warning": null,
+        },
+      ]
+    `);
 });

api/src/__test__/store/state-parsers/var.test.ts

@@ -24,7 +24,7 @@ test('Returns parsed state file', async () => {
         "configErrorState": "INELIGIBLE",
         "configValid": false,
         "csrfToken": "0000000000000000",
-        "defaultFsType": "xfs",
+        "defaultFsType": "XFS",
         "deviceCount": 4,
         "domain": "",
         "domainLogin": "Administrator",

api/src/__test__/utils.test.ts

@@ -1,6 +1,6 @@
 import { describe, expect, it } from 'vitest';
 
-import { csvStringToArray, formatDatetime } from '@app/utils.js';
+import { csvStringToArray, formatDatetime, parsePackageArg } from '@app/utils.js';
 
 describe('formatDatetime', () => {
     const testDate = new Date('2024-02-14T12:34:56');
@@ -103,3 +103,78 @@ describe('csvStringToArray', () => {
         expect(csvStringToArray(',one,')).toEqual(['one']);
     });
 });
+
+describe('parsePackageArg', () => {
+    it('parses simple package names without version', () => {
+        expect(parsePackageArg('lodash')).toEqual({ name: 'lodash' });
+        expect(parsePackageArg('express')).toEqual({ name: 'express' });
+        expect(parsePackageArg('react')).toEqual({ name: 'react' });
+    });
+
+    it('parses simple package names with version', () => {
+        expect(parsePackageArg('lodash@4.17.21')).toEqual({ name: 'lodash', version: '4.17.21' });
+        expect(parsePackageArg('express@4.18.2')).toEqual({ name: 'express', version: '4.18.2' });
+        expect(parsePackageArg('react@18.2.0')).toEqual({ name: 'react', version: '18.2.0' });
+    });
+
+    it('parses scoped package names without version', () => {
+        expect(parsePackageArg('@types/node')).toEqual({ name: '@types/node' });
+        expect(parsePackageArg('@angular/core')).toEqual({ name: '@angular/core' });
+        expect(parsePackageArg('@nestjs/common')).toEqual({ name: '@nestjs/common' });
+    });
+
+    it('parses scoped package names with version', () => {
+        expect(parsePackageArg('@types/node@18.15.0')).toEqual({
+            name: '@types/node',
+            version: '18.15.0',
+        });
+        expect(parsePackageArg('@angular/core@15.2.0')).toEqual({
+            name: '@angular/core',
+            version: '15.2.0',
+        });
+        expect(parsePackageArg('@nestjs/common@9.3.12')).toEqual({
+            name: '@nestjs/common',
+            version: '9.3.12',
+        });
+    });
+
+    it('handles version ranges and tags', () => {
+        expect(parsePackageArg('lodash@^4.17.0')).toEqual({ name: 'lodash', version: '^4.17.0' });
+        expect(parsePackageArg('react@~18.2.0')).toEqual({ name: 'react', version: '~18.2.0' });
+        expect(parsePackageArg('express@latest')).toEqual({ name: 'express', version: 'latest' });
+        expect(parsePackageArg('vue@beta')).toEqual({ name: 'vue', version: 'beta' });
+        expect(parsePackageArg('@types/node@next')).toEqual({ name: '@types/node', version: 'next' });
+    });
+
+    it('handles multiple @ symbols correctly', () => {
+        expect(parsePackageArg('package@1.0.0@extra')).toEqual({
+            name: 'package@1.0.0',
+            version: 'extra',
+        });
+        expect(parsePackageArg('@scope/pkg@1.0.0@extra')).toEqual({
+            name: '@scope/pkg@1.0.0',
+            version: 'extra',
+        });
+    });
+
+    it('ignores versions that contain forward slashes', () => {
+        expect(parsePackageArg('package@github:user/repo')).toEqual({
+            name: 'package@github:user/repo',
+        });
+        expect(parsePackageArg('@scope/pkg@git+https://github.com/user/repo.git')).toEqual({
+            name: '@scope/pkg@git+https://github.com/user/repo.git',
+        });
+    });
+
+    it('handles edge cases', () => {
+        expect(parsePackageArg('@')).toEqual({ name: '@' });
+        expect(parsePackageArg('@scope')).toEqual({ name: '@scope' });
+        expect(parsePackageArg('package@')).toEqual({ name: 'package@' });
+        expect(parsePackageArg('@scope/pkg@')).toEqual({ name: '@scope/pkg@' });
+    });
+
+    it('handles empty version strings', () => {
+        expect(parsePackageArg('package@')).toEqual({ name: 'package@' });
+        expect(parsePackageArg('@scope/package@')).toEqual({ name: '@scope/package@' });
+    });
+});

api/src/cli.ts

@@ -20,16 +20,8 @@ const getUnraidApiLocation = async () => {
 };
 
 try {
-    // Register plugins and create a dynamic module configuration
-    const dynamicModule = await CliModule.registerWithPlugins();
-
-    // Create a new class that extends CliModule with the dynamic configuration
-    const DynamicCliModule = class extends CliModule {
-        static module = dynamicModule.module;
-        static imports = dynamicModule.imports;
-        static providers = dynamicModule.providers;
-    };
-    await CommandFactory.run(DynamicCliModule, {
+    await import('json-bigint-patch');
+    await CommandFactory.run(CliModule, {
         cliName: 'unraid-api',
         logger: LOG_LEVEL === 'TRACE' ? new LogService() : false, // - enable this to see nest initialization issues
         completion: {

api/src/common/allowed-origins.ts

@@ -20,6 +20,7 @@ const getAllowedSocks = (): string[] => [
 
 const getLocalAccessUrlsForServer = (state: RootState = store.getState()): string[] => {
     const { emhttp } = state;
+
     if (emhttp.status !== FileLoadStatus.LOADED) {
         return [];
     }
@@ -90,7 +91,7 @@ const getApolloSandbox = (): string[] => {
 export const getAllowedOrigins = (state: RootState = store.getState()): string[] =>
     uniq([
         ...getAllowedSocks(),
-        ...getLocalAccessUrlsForServer(),
+        ...getLocalAccessUrlsForServer(state),
         ...getRemoteAccessUrlsForAllowedOrigins(state),
         ...getExtraOrigins(),
         ...getConnectOrigins(),

api/src/common/dashboard/get-unraid-version.ts

@@ -1,4 +1,3 @@
-import { getters } from '@app/store/index.js';
 import { FileLoadStatus } from '@app/store/types.js';
 
 /**
@@ -6,6 +5,7 @@ import { FileLoadStatus } from '@app/store/types.js';
  * @returns The current version.
  */
 export const getUnraidVersion = async (): Promise<string> => {
+    const { getters } = await import('@app/store/index.js');
     const { status, var: emhttpVar } = getters.emhttp();
     if (status === FileLoadStatus.LOADED) {
         return emhttpVar.version;

api/src/consts.ts

@@ -79,6 +79,3 @@ export const KEYSERVER_VALIDATION_ENDPOINT = 'https://keys.lime-technology.com/v
 
 /** Set the max retries for the GraphQL Client */
 export const MAX_RETRIES_FOR_LINEAR_BACKOFF = 100;
-
-export const PM2_PATH = join(import.meta.dirname, '../../', 'node_modules', 'pm2', 'bin', 'pm2');
-export const ECOSYSTEM_PATH = join(import.meta.dirname, '../../', 'ecosystem.config.json');

api/src/core/log.ts

@@ -1,18 +1,15 @@
 import { pino } from 'pino';
 import pretty from 'pino-pretty';
 
-import { LOG_TYPE } from '@app/environment.js';
+import { API_VERSION, LOG_LEVEL, LOG_TYPE } from '@app/environment.js';
 
 export const levels = ['trace', 'debug', 'info', 'warn', 'error', 'fatal'] as const;
 
 export type LogLevel = (typeof levels)[number];
 
-const level =
-    levels[levels.indexOf(process.env.LOG_LEVEL?.toLowerCase() as (typeof levels)[number])] ?? 'info';
+const level = levels[levels.indexOf(LOG_LEVEL.toLowerCase() as LogLevel)] ?? 'info';
 
-export const logDestination = pino.destination({
-    sync: true,
-});
+export const logDestination = pino.destination();
 
 const stream =
     LOG_TYPE === 'pretty'
@@ -28,9 +25,30 @@ const stream =
 export const logger = pino(
     {
         level,
-        timestamp: () => `,"time":"${new Date().toISOString()}"`,
+        timestamp: pino.stdTimeFunctions.isoTime,
         formatters: {
             level: (label: string) => ({ level: label }),
+            bindings: (bindings) => ({ ...bindings, apiVersion: API_VERSION }),
+        },
+        redact: {
+            paths: [
+                '*.password',
+                '*.pass',
+                '*.secret',
+                '*.token',
+                '*.key',
+                '*.Password',
+                '*.Pass',
+                '*.Secret',
+                '*.Token',
+                '*.Key',
+                '*.apikey',
+                '*.localApiKey',
+                '*.accesstoken',
+                '*.idtoken',
+                '*.refreshtoken',
+            ],
+            censor: '***REDACTED***',
         },
     },
     stream
@@ -71,3 +89,19 @@ export const loggers = [
     remoteQueryLogger,
     apiLogger,
 ];
+
+export function sanitizeParams(params: Record<string, any>): Record<string, any> {
+    const SENSITIVE_KEYS = ['password', 'secret', 'token', 'key', 'client_secret'];
+    const mask = (value: any) => (typeof value === 'string' && value.length > 0 ? '***' : value);
+    const sanitized: Record<string, any> = {};
+    for (const k in params) {
+        if (SENSITIVE_KEYS.some((s) => k.toLowerCase().includes(s))) {
+            sanitized[k] = mask(params[k]);
+        } else if (typeof params[k] === 'object' && params[k] !== null && !Array.isArray(params[k])) {
+            sanitized[k] = sanitizeParams(params[k]);
+        } else {
+            sanitized[k] = params[k];
+        }
+    }
+    return sanitized;
+}

api/src/core/modules/array/add-disk-to-array.ts

@@ -1,49 +0,0 @@
-import { ArrayRunningError } from '@app/core/errors/array-running-error.js';
-import { FieldMissingError } from '@app/core/errors/field-missing-error.js';
-import { getArrayData } from '@app/core/modules/array/get-array-data.js';
-import { type CoreContext, type CoreResult } from '@app/core/types/index.js';
-import { arrayIsRunning } from '@app/core/utils/array/array-is-running.js';
-import { emcmd } from '@app/core/utils/clients/emcmd.js';
-import { ensurePermission } from '@app/core/utils/permissions/ensure-permission.js';
-import { hasFields } from '@app/core/utils/validation/has-fields.js';
-
-/**
- * Add a disk to the array.
- */
-export const addDiskToArray = async function (context: CoreContext): Promise<CoreResult> {
-    const { data = {}, user } = context;
-
-    // Check permissions
-    ensurePermission(user, {
-        resource: 'array',
-        action: 'create',
-        possession: 'any',
-    });
-
-    const missingFields = hasFields(data, ['id']);
-    if (missingFields.length !== 0) {
-        // Just log first error
-        throw new FieldMissingError(missingFields[0]);
-    }
-
-    if (arrayIsRunning()) {
-        throw new ArrayRunningError();
-    }
-
-    const { id: diskId, slot: preferredSlot } = data;
-    const slot = Number.parseInt(preferredSlot as string, 10);
-
-    // Add disk
-    await emcmd({
-        changeDevice: 'apply',
-        [`slotId.${slot}`]: diskId,
-    });
-
-    const array = getArrayData();
-
-    // Disk added successfully
-    return {
-        text: `Disk was added to the array in slot ${slot}.`,
-        json: array,
-    };
-};

api/src/core/modules/array/get-array-data.ts

@@ -1,12 +1,16 @@
 import { GraphQLError } from 'graphql';
 import { sum } from 'lodash-es';
 
-import type { ArrayCapacity, ArrayType } from '@app/graphql/generated/api/types.js';
-import { ArrayDiskType } from '@app/graphql/generated/api/types.js';
 import { store } from '@app/store/index.js';
 import { FileLoadStatus } from '@app/store/types.js';
+import {
+    ArrayCapacity,
+    ArrayDiskType,
+    ArrayState,
+    UnraidArray,
+} from '@app/unraid-api/graph/resolvers/array/array.model.js';
 
-export const getArrayData = (getState = store.getState): ArrayType => {
+export const getArrayData = (getState = store.getState): UnraidArray => {
     // Var state isn't loaded
     const state = getState();
     if (
@@ -51,7 +55,7 @@ export const getArrayData = (getState = store.getState): ArrayType => {
 
     return {
         id: 'array',
-        state: emhttp.var.mdState,
+        state: emhttp.var.mdState as ArrayState,
         capacity,
         boot,
         parities,

api/src/core/modules/array/index.ts

@@ -1,6 +0,0 @@
-// Created from 'create-ts-index'
-
-export * from './add-disk-to-array.js';
-export * from './remove-disk-from-array.js';
-export * from './update-array.js';
-export * from './update-parity-check.js';

api/src/core/modules/array/remove-disk-from-array.ts

@@ -1,45 +0,0 @@
-import { ArrayRunningError } from '@app/core/errors/array-running-error.js';
-import { FieldMissingError } from '@app/core/errors/field-missing-error.js';
-import { getArrayData } from '@app/core/modules/array/get-array-data.js';
-import { type CoreContext, type CoreResult } from '@app/core/types/index.js';
-import { arrayIsRunning } from '@app/core/utils/array/array-is-running.js';
-import { hasFields } from '@app/core/utils/validation/has-fields.js';
-
-interface Context extends CoreContext {
-    data: {
-        /** The slot the disk is in. */
-        slot: string;
-    };
-}
-
-/**
- * Remove a disk from the array.
- * @returns The updated array.
- */
-export const removeDiskFromArray = async (context: Context): Promise<CoreResult> => {
-    const { data } = context;
-    const missingFields = hasFields(data, ['id']);
-
-    if (missingFields.length !== 0) {
-        // Only log first error
-        throw new FieldMissingError(missingFields[0]);
-    }
-
-    if (arrayIsRunning()) {
-        throw new ArrayRunningError();
-    }
-
-    const { slot } = data;
-
-    // Error removing disk
-    // if () {
-    // }
-
-    const array = getArrayData();
-
-    // Disk removed successfully
-    return {
-        text: `Disk was removed from the array in slot ${slot}.`,
-        json: array,
-    };
-};

api/src/core/modules/array/update-array.ts

@@ -1,88 +0,0 @@
-import type { CoreContext, CoreResult } from '@app/core/types/index.js';
-import { AppError } from '@app/core/errors/app-error.js';
-import { FieldMissingError } from '@app/core/errors/field-missing-error.js';
-import { ParamInvalidError } from '@app/core/errors/param-invalid-error.js';
-import { getArrayData } from '@app/core/modules/array/get-array-data.js';
-import { arrayIsRunning } from '@app/core/utils/array/array-is-running.js';
-import { emcmd } from '@app/core/utils/clients/emcmd.js';
-import { uppercaseFirstChar } from '@app/core/utils/misc/uppercase-first-char.js';
-import { ensurePermission } from '@app/core/utils/permissions/ensure-permission.js';
-import { hasFields } from '@app/core/utils/validation/has-fields.js';
-
-// @TODO: Fix this not working across node apps
-//        each app has it's own lock since the var is scoped
-//        ideally this should have a timeout to prevent it sticking
-let locked = false;
-
-export const updateArray = async (context: CoreContext): Promise<CoreResult> => {
-    const { data = {}, user } = context;
-
-    // Check permissions
-    ensurePermission(user, {
-        resource: 'array',
-        action: 'update',
-        possession: 'any',
-    });
-
-    const missingFields = hasFields(data, ['state']);
-
-    if (missingFields.length !== 0) {
-        // Only log first error
-        throw new FieldMissingError(missingFields[0]);
-    }
-
-    const { state: nextState } = data as { state: string };
-    const startState = arrayIsRunning() ? 'started' : 'stopped';
-    const pendingState = nextState === 'stop' ? 'stopping' : 'starting';
-
-    if (!['start', 'stop'].includes(nextState)) {
-        throw new ParamInvalidError('state', nextState);
-    }
-
-    // Prevent this running multiple times at once
-    if (locked) {
-        throw new AppError('Array state is still being updated.');
-    }
-
-    // Prevent starting/stopping array when it's already in the same state
-    if ((arrayIsRunning() && nextState === 'start') || (!arrayIsRunning() && nextState === 'stop')) {
-        throw new AppError(`The array is already ${startState}`);
-    }
-
-    // Set lock then start/stop array
-    locked = true;
-    const command = {
-        [`cmd${uppercaseFirstChar(nextState)}`]: uppercaseFirstChar(nextState),
-        startState: startState.toUpperCase(),
-    };
-
-    // `await` has to be used otherwise the catch
-    // will finish after the return statement below
-    await emcmd(command).finally(() => {
-        locked = false;
-    });
-
-    // Get new array JSON
-    const array = getArrayData();
-
-    /**
-     * Update array details
-     *
-     * @memberof Core
-     * @module array/update-array
-     * @param {Core~Context} context Context object.
-     * @param {Object} context.data The data object.
-     * @param {'start'|'stop'} context.data.state If the array should be started or stopped.
-     * @param {State~User} context.user The current user.
-     * @returns {Core~Result} The updated array.
-     */
-    return {
-        text: `Array was ${startState}, ${pendingState}.`,
-        json: {
-            ...array,
-            state: nextState === 'start' ? 'started' : 'stopped',
-            previousState: startState,
-            pendingState,
-        },
-    };
-};

api/src/core/modules/array/update-parity-check.ts

@@ -1,78 +0,0 @@
-import type { CoreContext, CoreResult } from '@app/core/types/index.js';
-import { FieldMissingError } from '@app/core/errors/field-missing-error.js';
-import { ParamInvalidError } from '@app/core/errors/param-invalid-error.js';
-import { emcmd } from '@app/core/utils/clients/emcmd.js';
-import { ensurePermission } from '@app/core/utils/permissions/ensure-permission.js';
-import { getters } from '@app/store/index.js';
-
-type State = 'start' | 'cancel' | 'resume' | 'cancel';
-
-interface Context extends CoreContext {
-    data: {
-        state?: State;
-        correct?: boolean;
-    };
-}
-
-/**
- * Remove a disk from the array.
- * @returns The update array.
- */
-export const updateParityCheck = async (context: Context): Promise<CoreResult> => {
-    const { user, data } = context;
-
-    // Check permissions
-    ensurePermission(user, {
-        resource: 'array',
-        action: 'update',
-        possession: 'any',
-    });
-
-    // Validation
-    if (!data.state) {
-        throw new FieldMissingError('state');
-    }
-
-    const { state: wantedState } = data;
-    const emhttp = getters.emhttp();
-    const running = emhttp.var.mdResync !== 0;
-    const states = {
-        pause: {
-            cmdNoCheck: 'Pause',
-        },
-        resume: {
-            cmdCheck: 'Resume',
-        },
-        cancel: {
-            cmdNoCheck: 'Cancel',
-        },
-        start: {
-            cmdCheck: 'Check',
-        },
-    };
-
-    let allowedStates = Object.keys(states);
-
-    // Only allow starting a check if there isn't already one running
-    if (running) {
-        allowedStates = allowedStates.splice(allowedStates.indexOf('start'), 1);
-    }
-
-    // Only allow states from states object
-    if (!allowedStates.includes(wantedState)) {
-        throw new ParamInvalidError('state', wantedState);
-    }
-
-    // Should we write correction to the parity during the check
-    const writeCorrectionsToParity = wantedState === 'start' && data.correct;
-
-    await emcmd({
-        startState: 'STARTED',
-        ...states[wantedState],
-        ...(writeCorrectionsToParity ? { optionCorrect: 'correct' } : {}),
-    });
-
-    return {
-        json: {},
-    };
-};

api/src/core/modules/disks/id/get-disk.ts

@@ -1,6 +1,6 @@
 import { AppError } from '@app/core/errors/app-error.js';
 import { type CoreContext, type CoreResult } from '@app/core/types/index.js';
-import { Disk } from '@app/graphql/generated/api/types.js';
+import { ArrayDisk } from '@app/unraid-api/graph/resolvers/array/array.model.js';
 
 interface Context extends CoreContext {
     params: {
@@ -11,7 +11,7 @@ interface Context extends CoreContext {
 /**
  * Get a single disk.
  */
-export const getDisk = async (context: Context, Disks: Disk[]): Promise<CoreResult> => {
+export const getDisk = async (context: Context, Disks: ArrayDisk[]): Promise<CoreResult> => {
     const { params } = context;
 
     const { id } = params;

api/src/core/modules/docker/get-docker-containers.ts

@@ -1,90 +0,0 @@
-import fs from 'fs';
-
-import camelCaseKeys from 'camelcase-keys';
-
-import type { ContainerPort, Docker, DockerContainer } from '@app/graphql/generated/api/types.js';
-import { dockerLogger } from '@app/core/log.js';
-import { docker } from '@app/core/utils/clients/docker.js';
-import { catchHandlers } from '@app/core/utils/misc/catch-handlers.js';
-import { ContainerPortType, ContainerState } from '@app/graphql/generated/api/types.js';
-import { getters, store } from '@app/store/index.js';
-import { updateDockerState } from '@app/store/modules/docker.js';
-
-export interface ContainerListingOptions {
-    useCache?: boolean;
-}
-
-/**
- * Get all Docker containers.
- * @returns All the in/active Docker containers on the system.
- */
-export const getDockerContainers = async (
-    { useCache }: ContainerListingOptions = { useCache: true }
-): Promise<Array<DockerContainer>> => {
-    const dockerState = getters.docker();
-    if (useCache && dockerState.containers) {
-        dockerLogger.trace('Using docker container cache');
-        return dockerState.containers;
-    }
-
-    dockerLogger.trace('Skipping docker container cache');
-
-    /**
-     * Docker auto start file
-     *
-     * @note Doesn't exist if array is offline.
-     * @see https://github.com/limetech/webgui/issues/502#issue-480992547
-     */
-    const autoStartFile = await fs.promises
-        .readFile(getters.paths()['docker-autostart'], 'utf8')
-        .then((file) => file.toString())
-        .catch(() => '');
-    const autoStarts = autoStartFile.split('\n');
-    const rawContainers = await docker
-        .listContainers({
-            all: true,
-            size: true,
-        })
-        // If docker throws an error return no containers
-        .catch(catchHandlers.docker);
-
-    // Cleanup container object
-    const containers: Array<DockerContainer> = rawContainers.map((container) => {
-        const names = container.Names[0];
-        const containerData: DockerContainer = camelCaseKeys<DockerContainer>(
-            {
-                labels: container.Labels ?? {},
-                sizeRootFs: undefined,
-                imageId: container.ImageID,
-                state:
-                    typeof container.State === 'string'
-                        ? (ContainerState[container.State.toUpperCase()] ?? ContainerState.EXITED)
-                        : ContainerState.EXITED,
-                autoStart: autoStarts.includes(names.split('/')[1]),
-                ports: container.Ports.map<ContainerPort>((port) => ({
-                    ...port,
-                    type: ContainerPortType[port.Type.toUpperCase()],
-                })),
-                command: container.Command,
-                created: container.Created,
-                mounts: container.Mounts,
-                networkSettings: container.NetworkSettings,
-                hostConfig: {
-                    networkMode: container.HostConfig.NetworkMode,
-                },
-                id: container.Id,
-                image: container.Image,
-                status: container.Status,
-            },
-            { deep: true }
-        );
-        return containerData;
-    });
-
-    // Get all of the current containers
-    const installed = containers.length;
-    const running = containers.filter((container) => container.state === ContainerState.RUNNING).length;
-
-    store.dispatch(updateDockerState({ containers, installed, running }));
-    return containers;
-};

api/src/core/modules/docker/get-docker-networks.ts

@@ -1,39 +0,0 @@
-import camelCaseKeys from 'camelcase-keys';
-
-import { type CoreContext, type CoreResult } from '@app/core/types/index.js';
-import { docker } from '@app/core/utils/index.js';
-import { catchHandlers } from '@app/core/utils/misc/catch-handlers.js';
-import { ensurePermission } from '@app/core/utils/permissions/ensure-permission.js';
-
-export const getDockerNetworks = async (context: CoreContext): Promise<CoreResult> => {
-    const { user } = context;
-
-    // Check permissions
-    ensurePermission(user, {
-        resource: 'docker/network',
-        action: 'read',
-        possession: 'any',
-    });
-
-    const networks = await docker
-        .listNetworks()
-        // If docker throws an error return no networks
-        .catch(catchHandlers.docker)
-        .then((networks = []) =>
-            networks.map((object) =>
-                camelCaseKeys(object as unknown as Record<string, unknown>, { deep: true })
-            )
-        );
-
-    /**
-     * Get all Docker networks
-     *
-     * @memberof Core
-     * @module docker/get-networks
-     * @param {Core~Context} context
-     * @returns {Core~Result} All the in/active Docker networks on the system.
-     */
-    return {
-        json: networks,
-    };
-};

api/src/core/modules/docker/index.ts

@@ -1,4 +0,0 @@
-// Created from 'create-ts-index'
-
-export * from './get-docker-containers.js';
-export * from './get-docker-networks.js';