Improve add ssl dialog #23
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
dacsang97
commented
Oct 8, 2025
dacsang97
commented
- Limit max height of input fields
|
There was a problem hiding this comment.
Pull Request Overview
Introduces extensive domain modularization and service layer restructuring (far beyond the stated “Improve add ssl dialog” scope). Key additions include new domains (auth, backup, cluster, alerts, dashboard, modsec, logs), extraction of parsing / config logic into dedicated services, and comprehensive auth unit/integration tests.
- Adds multiple barrel index files and DTO definitions for new domains
- Refactors nginx/log/backup/config generation & parsing into service classes (some duplicated logic introduced)
- Implements full auth flow with 2FA, tokens, repositories, and tests; other new complex services lack test coverage
Reviewed Changes
Copilot reviewed 141 out of 250 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| apps/api/src/domains/logs/services/log-parser.service.ts | New log parsing service (access/error/modsec) logic extracted. |
| apps/api/src/domains/logs/logs.service.ts | Refactored to consume extracted parsers and new types. |
| apps/api/src/domains/domains/services/nginx-config.service.ts | Generates nginx configs (primary implementation). |
| apps/api/src/domains/backup/services/backup-operations.service.ts | Backup-specific nginx config & SSL file operations (duplicates config generation). |
| apps/api/src/domains/backup/backup.service.ts | Large service handling schedules plus (re)generation of nginx configs (duplicate logic). |
| apps/api/src/domains/alerts/services/alert-monitoring.service.ts | Monitoring service now uses shared TIMEOUT constants. |
| apps/api/src/domains/alerts/services/notification.service.ts | Introduces typed responses for notification sending. |
| apps/api/src/domains/auth/** | Full auth domain (service, repo, controller, tests) with 2FA & token handling. |
| apps/api/src/domains/cluster/** | Cluster & node sync logic added. |
| apps/api/src/domains/dashboard/** | Dashboard stats & metrics services added. |
| apps/api/src/domains/modsec/** | ModSecurity DTOs & barrel exports. |
| Various index & dto files | Barrel exports / DTO structuring across new domains. |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Comment on lines
77
to
82
| return ` | ||
| upstream ${upstreamName}_backend { | ||
| ${algorithmDirectives.join('\n ')} | ||
| ${algorithmDirectives.length > 0 ? '\n ' : ''}${servers} | ||
| } | ||
| `; |
There was a problem hiding this comment.
Upstream block generation logic (including algorithm directive insertion and server lines) is duplicated in backup-related services; centralize this builder in a shared utility to avoid divergence and ease future updates.
Comment on lines
255
to
265
| * Generate nginx vhost configuration for a domain during backup restore | ||
| */ | ||
| async generateNginxConfigForBackup(domain: any): Promise<void> { | ||
| const configPath = path.join( | ||
| BACKUP_CONSTANTS.NGINX_SITES_AVAILABLE, | ||
| `${domain.name}.conf` | ||
| ); | ||
| const enabledPath = path.join( | ||
| BACKUP_CONSTANTS.NGINX_SITES_ENABLED, | ||
| `${domain.name}.conf` | ||
| ); |
There was a problem hiding this comment.
This method reimplements nginx config generation already present in nginx-config.service, creating parallel logic that risks configuration drift; refactor to reuse the canonical generator or extract a shared builder module.
Comment on lines
996
to
1002
| let httpServerBlock = ` | ||
| server { | ||
| listen 80; | ||
| server_name ${domain.name}; | ||
|
|
||
| include /etc/nginx/conf.d/acl-rules.conf; | ||
| include /etc/nginx/snippets/acme-challenge.conf; |
There was a problem hiding this comment.
Another reimplementation of HTTP/HTTPS server block assembly appears here (similar logic exists in nginx-config.service and backup-operations.service); consolidate to a single shared function to avoid inconsistent directives (e.g. differing SSL cipher sets or header policies).
Comment on lines
8
to
12
| const NGINX_ACCESS_LOG = '/var/log/nginx/access.log'; | ||
| const NGINX_ERROR_LOG = '/var/log/nginx/error.log'; | ||
| const MODSEC_AUDIT_LOG = '/var/log/modsec_audit.log'; | ||
| const NGINX_LOG_DIR = '/var/log/nginx'; | ||
|
|
There was a problem hiding this comment.
Hardcoded filesystem paths reduce adaptability across environments; consider moving these to a configuration module or environment-based constants to centralize changes and enable testing with alternative paths.
Comment on lines
17
to
79
|
|
||
| const execAsync = promisify(exec); | ||
|
|
||
| /** | ||
| * Backup Service - Contains business logic for backup operations | ||
| */ | ||
| export class BackupService { | ||
| /** | ||
| * Ensure backup directory exists | ||
| */ | ||
| async ensureBackupDir(): Promise<void> { | ||
| try { | ||
| await fs.mkdir(BACKUP_CONSTANTS.BACKUP_DIR, { recursive: true }); | ||
| } catch (error) { | ||
| logger.error('Failed to create backup directory:', error); | ||
| throw new Error('Failed to create backup directory'); | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * Reload nginx configuration | ||
| */ | ||
| async reloadNginx(): Promise<boolean> { | ||
| try { | ||
| logger.info('Testing nginx configuration...'); | ||
| await execAsync('nginx -t'); | ||
|
|
||
| logger.info('Reloading nginx...'); | ||
| await execAsync('systemctl reload nginx'); | ||
|
|
||
| logger.info('Nginx reloaded successfully'); | ||
| return true; | ||
| } catch (error: any) { | ||
| logger.error('Failed to reload nginx:', error); | ||
| logger.error('Nginx test/reload output:', error.stdout || error.stderr); | ||
|
|
||
| try { | ||
| logger.info('Trying alternative reload method...'); | ||
| await execAsync('nginx -s reload'); | ||
| logger.info('Nginx reloaded successfully (alternative method)'); | ||
| return true; | ||
| } catch (altError) { | ||
| logger.error('Alternative reload also failed:', altError); | ||
| return false; | ||
| } | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * Format bytes to human readable size | ||
| */ | ||
| formatBytes(bytes: number): string { | ||
| if (bytes === 0) return '0 B'; | ||
| const k = 1024; | ||
| const sizes = ['B', 'KB', 'MB', 'GB']; | ||
| const i = Math.floor(Math.log(bytes) / Math.log(k)); | ||
| return Math.round((bytes / Math.pow(k, i)) * 100) / 100 + ' ' + sizes[i]; | ||
| } | ||
|
|
||
| /** | ||
| * Get all backup schedules with formatted data | ||
| */ | ||
| async getBackupSchedules(): Promise<FormattedBackupSchedule[]> { |
There was a problem hiding this comment.
BackupService aggregates multiple distinct responsibilities (schedule management, data aggregation, nginx config generation, import/export, SSL file handling) leading to a very large class; consider splitting into focused collaborators (e.g. ScheduleService, ConfigExportService, RestoreService) to reduce complexity and improve testability.
Suggested change
| const execAsync = promisify(exec); | |
| /** | |
| * Backup Service - Contains business logic for backup operations | |
| */ | |
| export class BackupService { | |
| /** | |
| * Ensure backup directory exists | |
| */ | |
| async ensureBackupDir(): Promise<void> { | |
| try { | |
| await fs.mkdir(BACKUP_CONSTANTS.BACKUP_DIR, { recursive: true }); | |
| } catch (error) { | |
| logger.error('Failed to create backup directory:', error); | |
| throw new Error('Failed to create backup directory'); | |
| } | |
| } | |
| /** | |
| * Reload nginx configuration | |
| */ | |
| async reloadNginx(): Promise<boolean> { | |
| try { | |
| logger.info('Testing nginx configuration...'); | |
| await execAsync('nginx -t'); | |
| logger.info('Reloading nginx...'); | |
| await execAsync('systemctl reload nginx'); | |
| logger.info('Nginx reloaded successfully'); | |
| return true; | |
| } catch (error: any) { | |
| logger.error('Failed to reload nginx:', error); | |
| logger.error('Nginx test/reload output:', error.stdout || error.stderr); | |
| try { | |
| logger.info('Trying alternative reload method...'); | |
| await execAsync('nginx -s reload'); | |
| logger.info('Nginx reloaded successfully (alternative method)'); | |
| return true; | |
| } catch (altError) { | |
| logger.error('Alternative reload also failed:', altError); | |
| return false; | |
| } | |
| } | |
| } | |
| /** | |
| * Format bytes to human readable size | |
| */ | |
| formatBytes(bytes: number): string { | |
| if (bytes === 0) return '0 B'; | |
| const k = 1024; | |
| const sizes = ['B', 'KB', 'MB', 'GB']; | |
| const i = Math.floor(Math.log(bytes) / Math.log(k)); | |
| return Math.round((bytes / Math.pow(k, i)) * 100) / 100 + ' ' + sizes[i]; | |
| } | |
| /** | |
| * Get all backup schedules with formatted data | |
| */ | |
| async getBackupSchedules(): Promise<FormattedBackupSchedule[]> { | |
| import { ScheduleService } from './schedule.service'; | |
| import { ConfigExportService } from './config-export.service'; | |
| import { RestoreService } from './restore.service'; | |
| import { SSLFileService } from './ssl-file.service'; | |
| const execAsync = promisify(exec); | |
| /** | |
| * Backup Service - Delegates to focused collaborators for backup operations | |
| */ | |
| export class BackupService { | |
| private scheduleService: ScheduleService; | |
| private configExportService: ConfigExportService; | |
| private restoreService: RestoreService; | |
| private sslFileService: SSLFileService; | |
| constructor() { | |
| this.scheduleService = new ScheduleService(); | |
| this.configExportService = new ConfigExportService(); | |
| this.restoreService = new RestoreService(); | |
| this.sslFileService = new SSLFileService(); | |
| } | |
| async ensureBackupDir(): Promise<void> { | |
| await this.configExportService.ensureBackupDir(); | |
| } | |
| async reloadNginx(): Promise<boolean> { | |
| return await this.configExportService.reloadNginx(); | |
| } | |
| formatBytes(bytes: number): string { | |
| return this.configExportService.formatBytes(bytes); | |
| } | |
| async getBackupSchedules(): Promise<FormattedBackupSchedule[]> { | |
| return await this.scheduleService.getBackupSchedules(); | |
| } | |
| // ... Delegate other methods to the appropriate service | |
| } |
vncloudsco
added a commit
that referenced
this pull request
Oct 8, 2025
* Feat: Update Features Backup & Restore (#12) * feat: Update Features Backup & Restore * Feat: Slave Mode (#13) * feat: Update Features Backup & Restore * Feat: Features update (#14) * feat: Update software * Features update version and update noti Change Password (#15) * feat: Update Features Backup & Restore * Fix frontend error (#16) * Refactor services to use centralized API module and token storage * Feat: Enhance Slave Mode UI with mode switch button and update node mode mutation * feat: Improve SSLDialog layout with enhanced text wrapping for certificate fields * refactor: replace js-cookie with localStorage for token management (#17) * feat: add syncInterval and lastSyncHash columns to system_configs table (#18) * feat: Update project goal description and remove security recommendation * feat: Update project goal description and remove security recommendation * About readme (#21) * feat: Update project goal description and remove security recommendation * Refactor be (#22) * Refactor code structure for improved readability and maintainability * style: limit max height of certificate, private key, and chain input fields (#23) --------- Co-authored-by: SangND <dacsang97@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.