From ff8037f231f557329fc3151b9f9268ddb29eebaf Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Tue, 15 Feb 2022 23:02:03 +0100
Subject: [PATCH 01/35] feat: Generate www & non-www SSL certs

---
 package.json           |  2 +-
 src/lib/letsencrypt.ts | 10 ++++++----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index 4e84cb3e1..04ed95ea3 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
 	"name": "coolify",
 	"description": "An open-source & self-hostable Heroku / Netlify alternative.",
-	"version": "2.0.12",
+	"version": "2.0.13",
 	"license": "AGPL-3.0",
 	"scripts": {
 		"dev": "docker compose -f docker-compose-dev.yaml up -d && NODE_ENV=development svelte-kit dev --host 0.0.0.0",
diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index 86d9e6e25..c0a103ca5 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -6,17 +6,19 @@ import cuid from 'cuid';
 
 export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 	try {
+		const nakedDomain = domain.replace('www.', '');
+		const wwwDomain = `www.${nakedDomain}`;
 		const randomCuid = cuid();
 		if (dev) {
 			return await forceSSLOnApplication({ domain });
 		} else {
 			if (isCoolify) {
 				await asyncExecShell(
-					`docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${domain} --agree-tos --non-interactive --register-unsafely-without-email`
+					`docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --agree-tos --non-interactive --register-unsafely-without-email`
 				);
 
 				const { stderr } = await asyncExecShell(
-					`docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > /app/ssl/${domain}.pem`
+					`docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem`
 				);
 				if (stderr) throw new Error(stderr);
 				return;
@@ -35,10 +37,10 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			if (data.destinationDockerId && data.destinationDocker) {
 				const host = getEngine(data.destinationDocker.engine);
 				await asyncExecShell(
-					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${domain} --agree-tos --non-interactive --register-unsafely-without-email`
+					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --agree-tos --non-interactive --register-unsafely-without-email`
 				);
 				const { stderr } = await asyncExecShell(
-					`DOCKER_HOST=${host} docker run --rm --name bash-${randomCuid} -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > /app/ssl/${domain}.pem`
+					`DOCKER_HOST=${host} docker run --rm --name bash-${randomCuid} -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem`
 				);
 				if (stderr) throw new Error(stderr);
 				await forceSSLOnApplication({ domain });

From 2f0e4587659bdf4e54c19492d11ac14780eaaabd Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Tue, 15 Feb 2022 23:12:28 +0100
Subject: [PATCH 02/35] Expand flag for lets encrypt

---
 src/lib/letsencrypt.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index c0a103ca5..9465ec8da 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -14,7 +14,7 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 		} else {
 			if (isCoolify) {
 				await asyncExecShell(
-					`docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --agree-tos --non-interactive --register-unsafely-without-email`
+					`docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
 				);
 
 				const { stderr } = await asyncExecShell(
@@ -37,7 +37,7 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			if (data.destinationDockerId && data.destinationDocker) {
 				const host = getEngine(data.destinationDocker.engine);
 				await asyncExecShell(
-					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --agree-tos --non-interactive --register-unsafely-without-email`
+					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
 				);
 				const { stderr } = await asyncExecShell(
 					`DOCKER_HOST=${host} docker run --rm --name bash-${randomCuid} -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem`

From eabaca145e2494d7c8636b3babeb5c2c2b9dea42 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Tue, 15 Feb 2022 23:38:10 +0100
Subject: [PATCH 03/35] Fix

---
 src/lib/letsencrypt.ts | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index 9465ec8da..27b3a7eea 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -13,14 +13,15 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			return await forceSSLOnApplication({ domain });
 		} else {
 			if (isCoolify) {
-				await asyncExecShell(
+				const { stderr: certError } = await asyncExecShell(
 					`docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
 				);
+				if (certError) throw new Error(certError);
 
-				const { stderr } = await asyncExecShell(
-					`docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem`
+				const { stderr: copyError } = await asyncExecShell(
+					`docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
 				);
-				if (stderr) throw new Error(stderr);
+				if (copyError) throw new Error(copyError);
 				return;
 			}
 			let data: any = await db.prisma.application.findUnique({
@@ -36,13 +37,14 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			// Set SSL with Let's encrypt
 			if (data.destinationDockerId && data.destinationDocker) {
 				const host = getEngine(data.destinationDocker.engine);
-				await asyncExecShell(
+				const { stderr: certError } = await asyncExecShell(
 					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
 				);
-				const { stderr } = await asyncExecShell(
-					`DOCKER_HOST=${host} docker run --rm --name bash-${randomCuid} -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem`
+				if (certError) throw new Error(certError);
+				const { stderr: copyError } = await asyncExecShell(
+					`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
 				);
-				if (stderr) throw new Error(stderr);
+				if (copyError) throw new Error(copyError);
 				await forceSSLOnApplication({ domain });
 			}
 		}

From df25a694c3d31efc3248fee7ecc902f680c55784 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Tue, 15 Feb 2022 23:59:26 +0100
Subject: [PATCH 04/35] fix: Add no user redis to uri

---
 src/routes/databases/[id]/_Databases/_Databases.svelte | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/routes/databases/[id]/_Databases/_Databases.svelte b/src/routes/databases/[id]/_Databases/_Databases.svelte
index 1483cab1b..cd91c8d6a 100644
--- a/src/routes/databases/[id]/_Databases/_Databases.svelte
+++ b/src/routes/databases/[id]/_Databases/_Databases.svelte
@@ -36,7 +36,7 @@
 
 	function generateUrl() {
 		return browser
-			? `${database.type}://${
+			? `${database.type}://${database.type === 'redis' && ':'}${
 					databaseDbUser ? databaseDbUser + ':' : ''
 			  }${databaseDbUserPassword}@${
 					isPublic

From 91849cdd3a5612c6cd81088884845efda790c871 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Wed, 16 Feb 2022 00:00:49 +0100
Subject: [PATCH 05/35] fix www - non-www ssl

---
 src/lib/letsencrypt.ts | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index 27b3a7eea..6e166d8f2 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -1,5 +1,5 @@
 import { dev } from '$app/env';
-import { forceSSLOffApplication, forceSSLOnApplication, getNextTransactionId } from '$lib/haproxy';
+import { forceSSLOnApplication } from '$lib/haproxy';
 import { asyncExecShell, getEngine } from './common';
 import * as db from '$lib/database';
 import cuid from 'cuid';
@@ -13,15 +13,15 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			return await forceSSLOnApplication({ domain });
 		} else {
 			if (isCoolify) {
-				const { stderr: certError } = await asyncExecShell(
+				await asyncExecShell(
 					`docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
 				);
-				if (certError) throw new Error(certError);
 
 				const { stderr: copyError } = await asyncExecShell(
 					`docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
 				);
-				if (copyError) throw new Error(copyError);
+
+				if (copyError) throw copyError;
 				return;
 			}
 			let data: any = await db.prisma.application.findUnique({
@@ -37,18 +37,18 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			// Set SSL with Let's encrypt
 			if (data.destinationDockerId && data.destinationDocker) {
 				const host = getEngine(data.destinationDocker.engine);
-				const { stderr: certError } = await asyncExecShell(
+				await asyncExecShell(
 					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
 				);
-				if (certError) throw new Error(certError);
 				const { stderr: copyError } = await asyncExecShell(
 					`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
 				);
-				if (copyError) throw new Error(copyError);
+				if (copyError) throw copyError;
 				await forceSSLOnApplication({ domain });
 			}
 		}
 	} catch (error) {
+		console.log(error);
 		throw error;
 	}
 }

From 655d0b5d5f0ff8839fd506258026502499a7fc48 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Wed, 16 Feb 2022 17:13:24 +0100
Subject: [PATCH 06/35] fix: Secure cookie disabled by default

---
 src/hooks.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/hooks.ts b/src/hooks.ts
index d4fea1baf..7a9208585 100644
--- a/src/hooks.ts
+++ b/src/hooks.ts
@@ -10,7 +10,8 @@ import { dev } from '$app/env';
 export const handle = handleSession(
 	{
 		secret: process.env['COOLIFY_SECRET_KEY'],
-		expires: 30
+		expires: 30,
+		cookie: { secure: false }
 	},
 	async function ({ event, resolve }) {
 		let response;

From 8b20761e8b1e1c2d7954275e705b01d5dc319aa0 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 17 Feb 2022 10:11:46 +0100
Subject: [PATCH 07/35] fix: Buggy svelte-kit-cookie-session

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 04ed95ea3..e03c678b0 100644
--- a/package.json
+++ b/package.json
@@ -75,7 +75,7 @@
 		"js-yaml": "4.1.0",
 		"jsonwebtoken": "8.5.1",
 		"node-forge": "1.2.1",
-		"svelte-kit-cookie-session": "2.0.5",
+		"svelte-kit-cookie-session": "2.0.2",
 		"unique-names-generator": "4.6.0"
 	},
 	"prisma": {

From bf047e2a3ceea5c674322a3b1507438a4ee87d15 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 17 Feb 2022 22:14:06 +0100
Subject: [PATCH 08/35] feat: Dual certificates desing: Lots of design/css
 updates version++

---
 package.json                                  |   3 +-
 pnpm-lock.yaml                                |  21 ++-
 .../20220217211304_dualcerts/migration.sql    |  47 +++++++
 prisma/schema.prisma                          |   5 +-
 src/lib/components/Explainer.svelte           |   4 +-
 src/lib/components/Setting.svelte             |  13 +-
 src/lib/database/applications.ts              |   4 +-
 src/lib/database/services.ts                  |   9 +-
 src/lib/haproxy/index.ts                      |   1 -
 src/lib/letsencrypt.ts                        |  73 ++++++----
 src/routes/applications/[id]/index.svelte     |  35 +++--
 src/routes/applications/[id]/settings.json.ts |   4 +-
 .../databases/[id]/_Databases/_CouchDb.svelte | 106 +++++++--------
 .../[id]/_Databases/_Databases.svelte         | 126 ++++++++----------
 .../databases/[id]/_Databases/_MongoDB.svelte |  42 +++---
 .../databases/[id]/_Databases/_MySQL.svelte   | 106 +++++++--------
 .../[id]/_Databases/_PostgreSQL.svelte        |  64 ++++-----
 .../databases/[id]/_Databases/_Redis.svelte   |  35 ++---
 .../destinations/[id]/_LocalDocker.svelte     |  27 ++--
 .../services/[id]/_Services/_MinIO.svelte     |  60 ++++-----
 .../[id]/_Services/_PlausibleAnalytics.svelte | 120 ++++++++---------
 .../services/[id]/_Services/_Services.svelte  |  35 ++++-
 .../[id]/_Services/_VSCodeServer.svelte       |  20 ++-
 .../services/[id]/_Services/_Wordpress.svelte | 114 +++++++---------
 .../[id]/configuration/version.json.ts        |   2 +-
 src/routes/services/[id]/settings.json.ts     |  19 +++
 src/routes/settings/index.json.ts             |  19 ++-
 src/routes/settings/index.svelte              | 108 ++++++++-------
 src/routes/sources/[id]/_Gitlab.svelte        |   2 +-
 src/routes/teams/[id]/index.svelte            |  24 ++--
 src/tailwind.css                              |   6 +-
 tailwind.config.cjs                           |   3 +-
 32 files changed, 670 insertions(+), 587 deletions(-)
 create mode 100644 prisma/migrations/20220217211304_dualcerts/migration.sql
 create mode 100644 src/routes/services/[id]/settings.json.ts

diff --git a/package.json b/package.json
index e03c678b0..50dba74e9 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
 	"name": "coolify",
 	"description": "An open-source & self-hostable Heroku / Netlify alternative.",
-	"version": "2.0.13",
+	"version": "2.0.14",
 	"license": "AGPL-3.0",
 	"scripts": {
 		"dev": "docker compose -f docker-compose-dev.yaml up -d && NODE_ENV=development svelte-kit dev --host 0.0.0.0",
@@ -76,6 +76,7 @@
 		"jsonwebtoken": "8.5.1",
 		"node-forge": "1.2.1",
 		"svelte-kit-cookie-session": "2.0.2",
+		"tailwindcss-scrollbar": "^0.1.0",
 		"unique-names-generator": "4.6.0"
 	},
 	"prisma": {
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 58ddfd8c6..b6e75d0bc 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -43,9 +43,10 @@ specifiers:
   prisma: 3.9.2
   svelte: 3.46.4
   svelte-check: 2.4.3
-  svelte-kit-cookie-session: 2.0.5
+  svelte-kit-cookie-session: 2.0.2
   svelte-preprocess: 4.10.3
   tailwindcss: 3.0.22
+  tailwindcss-scrollbar: ^0.1.0
   ts-node: 10.5.0
   tslib: 2.3.1
   typescript: 4.5.5
@@ -70,7 +71,8 @@ dependencies:
   js-yaml: 4.1.0
   jsonwebtoken: 8.5.1
   node-forge: 1.2.1
-  svelte-kit-cookie-session: 2.0.5
+  svelte-kit-cookie-session: 2.0.2
+  tailwindcss-scrollbar: 0.1.0_tailwindcss@3.0.22
   unique-names-generator: 4.6.0
 
 devDependencies:
@@ -5203,10 +5205,10 @@ packages:
       svelte: 3.46.4
     dev: true
 
-  /svelte-kit-cookie-session/2.0.5:
+  /svelte-kit-cookie-session/2.0.2:
     resolution:
       {
-        integrity: sha512-IX1IXtn42UTz/isem1LqH0SAZdCx6Z6Iu2V4Q83V2EScFbXZWfeFY08Azl8ZrPKdIDhSNHBLAAumRjA6TBxCvQ==
+        integrity: sha512-+JfunYbraIOkecOJlC1iYqH9g6YOY8MXyUdE3hTZquR1JrODmOZZ+pVPmZuVIFpM5sStJf/jF1NT5306TWE9Gw==
       }
     dev: false
 
@@ -5288,6 +5290,17 @@ packages:
       strip-ansi: 6.0.1
     dev: true
 
+  /tailwindcss-scrollbar/0.1.0_tailwindcss@3.0.22:
+    resolution:
+      {
+        integrity: sha512-egipxw4ooQDh94x02XQpPck0P0sfwazwoUGfA9SedPATIuYDR+6qe8d31Gl7YsSMRiOKDkkqfI0kBvEw9lT/Hg==
+      }
+    peerDependencies:
+      tailwindcss: '>= 2.x.x'
+    dependencies:
+      tailwindcss: 3.0.22_c940fbabf228b85b1c73d314b43e31f1
+    dev: false
+
   /tailwindcss/3.0.22_c940fbabf228b85b1c73d314b43e31f1:
     resolution:
       {
diff --git a/prisma/migrations/20220217211304_dualcerts/migration.sql b/prisma/migrations/20220217211304_dualcerts/migration.sql
new file mode 100644
index 000000000..a6ea0a57d
--- /dev/null
+++ b/prisma/migrations/20220217211304_dualcerts/migration.sql
@@ -0,0 +1,47 @@
+-- RedefineTables
+PRAGMA foreign_keys=OFF;
+CREATE TABLE "new_Setting" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "fqdn" TEXT,
+    "isRegistrationEnabled" BOOLEAN NOT NULL DEFAULT false,
+    "dualCerts" BOOLEAN NOT NULL DEFAULT false,
+    "proxyPassword" TEXT NOT NULL,
+    "proxyUser" TEXT NOT NULL,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL
+);
+INSERT INTO "new_Setting" ("createdAt", "fqdn", "id", "isRegistrationEnabled", "proxyPassword", "proxyUser", "updatedAt") SELECT "createdAt", "fqdn", "id", "isRegistrationEnabled", "proxyPassword", "proxyUser", "updatedAt" FROM "Setting";
+DROP TABLE "Setting";
+ALTER TABLE "new_Setting" RENAME TO "Setting";
+CREATE UNIQUE INDEX "Setting_fqdn_key" ON "Setting"("fqdn");
+CREATE TABLE "new_ApplicationSettings" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "applicationId" TEXT NOT NULL,
+    "dualCerts" BOOLEAN NOT NULL DEFAULT false,
+    "debug" BOOLEAN NOT NULL DEFAULT false,
+    "previews" BOOLEAN NOT NULL DEFAULT false,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    CONSTRAINT "ApplicationSettings_applicationId_fkey" FOREIGN KEY ("applicationId") REFERENCES "Application" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+INSERT INTO "new_ApplicationSettings" ("applicationId", "createdAt", "debug", "id", "previews", "updatedAt") SELECT "applicationId", "createdAt", "debug", "id", "previews", "updatedAt" FROM "ApplicationSettings";
+DROP TABLE "ApplicationSettings";
+ALTER TABLE "new_ApplicationSettings" RENAME TO "ApplicationSettings";
+CREATE UNIQUE INDEX "ApplicationSettings_applicationId_key" ON "ApplicationSettings"("applicationId");
+CREATE TABLE "new_Service" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT NOT NULL,
+    "fqdn" TEXT,
+    "dualCerts" BOOLEAN NOT NULL DEFAULT false,
+    "type" TEXT,
+    "version" TEXT,
+    "destinationDockerId" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    CONSTRAINT "Service_destinationDockerId_fkey" FOREIGN KEY ("destinationDockerId") REFERENCES "DestinationDocker" ("id") ON DELETE SET NULL ON UPDATE CASCADE
+);
+INSERT INTO "new_Service" ("createdAt", "destinationDockerId", "fqdn", "id", "name", "type", "updatedAt", "version") SELECT "createdAt", "destinationDockerId", "fqdn", "id", "name", "type", "updatedAt", "version" FROM "Service";
+DROP TABLE "Service";
+ALTER TABLE "new_Service" RENAME TO "Service";
+PRAGMA foreign_key_check;
+PRAGMA foreign_keys=ON;
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index b064d09ab..cf9684f53 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -11,6 +11,7 @@ model Setting {
   id                    String   @id @default(cuid())
   fqdn                  String?  @unique
   isRegistrationEnabled Boolean  @default(false)
+  dualCerts             Boolean  @default(false)
   proxyPassword         String
   proxyUser             String
   createdAt             DateTime @default(now())
@@ -97,6 +98,7 @@ model ApplicationSettings {
   id            String      @id @default(cuid())
   application   Application @relation(fields: [applicationId], references: [id])
   applicationId String      @unique
+  dualCerts     Boolean     @default(false)
   debug         Boolean     @default(false)
   previews      Boolean     @default(false)
   createdAt     DateTime    @default(now())
@@ -105,7 +107,7 @@ model ApplicationSettings {
 
 model Secret {
   id            String      @id @default(cuid())
-  name          String      
+  name          String
   value         String
   isBuildSecret Boolean     @default(false)
   createdAt     DateTime    @default(now())
@@ -234,6 +236,7 @@ model Service {
   id                  String              @id @default(cuid())
   name                String
   fqdn                String?
+  dualCerts           Boolean             @default(false)
   type                String?
   version             String?
   teams               Team[]
diff --git a/src/lib/components/Explainer.svelte b/src/lib/components/Explainer.svelte
index 4eaf3a398..b47c03ec1 100644
--- a/src/lib/components/Explainer.svelte
+++ b/src/lib/components/Explainer.svelte
@@ -1,6 +1,6 @@
 <script>
 	export let text;
-	export let maxWidthClass = 'max-w-[24rem]';
+	export let customClass = 'max-w-[24rem]';
 </script>
 
-<div class="py-1 text-xs text-stone-400 {maxWidthClass}">{@html text}</div>
+<div class="py-1 text-xs text-stone-400 {customClass}">{@html text}</div>
diff --git a/src/lib/components/Setting.svelte b/src/lib/components/Setting.svelte
index b26e3e072..c431273e6 100644
--- a/src/lib/components/Setting.svelte
+++ b/src/lib/components/Setting.svelte
@@ -4,15 +4,17 @@
 	export let setting;
 	export let title;
 	export let description;
-	export let isPadding = true;
+	export let isCenter = true;
 	export let disabled = false;
 </script>
 
-<li class="flex items-center py-4">
-	<div class="flex w-96 flex-col" class:px-4={isPadding} class:pr-32={!isPadding}>
-		<p class="text-xs font-bold text-stone-100 md:text-base">{title}</p>
+<div class="flex items-center py-4 pr-8">
+	<div class="flex w-96 flex-col">
+		<div class="text-xs font-bold text-stone-100 md:text-base">{title}</div>
 		<Explainer text={description} />
 	</div>
+</div>
+<div class:text-center={isCenter}>
 	<div
 		type="button"
 		on:click
@@ -58,5 +60,4 @@
 			</span>
 		</span>
 	</div>
-	<!-- {/if} -->
-</li>
+</div>
diff --git a/src/lib/database/applications.ts b/src/lib/database/applications.ts
index 738ebe594..f2e779bee 100644
--- a/src/lib/database/applications.ts
+++ b/src/lib/database/applications.ts
@@ -209,10 +209,10 @@ export async function configureApplication({
 	});
 }
 
-export async function setApplicationSettings({ id, debug, previews }) {
+export async function setApplicationSettings({ id, debug, previews, dualCerts }) {
 	return await prisma.application.update({
 		where: { id },
-		data: { settings: { update: { debug, previews } } },
+		data: { settings: { update: { debug, previews, dualCerts } } },
 		include: { destinationDocker: true }
 	});
 }
diff --git a/src/lib/database/services.ts b/src/lib/database/services.ts
index 5568cd4a7..5cbf2cbfb 100644
--- a/src/lib/database/services.ts
+++ b/src/lib/database/services.ts
@@ -107,13 +107,20 @@ export async function configureServiceType({ id, type }) {
 		});
 	}
 }
-export async function setService({ id, version }) {
+export async function setServiceVersion({ id, version }) {
 	return await prisma.service.update({
 		where: { id },
 		data: { version }
 	});
 }
 
+export async function setServiceSettings({ id, dualCerts }) {
+	return await prisma.service.update({
+		where: { id },
+		data: { dualCerts }
+	});
+}
+
 export async function updatePlausibleAnalyticsService({ id, fqdn, email, username, name }) {
 	await prisma.plausibleAnalytics.update({ where: { serviceId: id }, data: { email, username } });
 	await prisma.service.update({ where: { id }, data: { name, fqdn } });
diff --git a/src/lib/haproxy/index.ts b/src/lib/haproxy/index.ts
index 0eaee0109..0daf1d493 100644
--- a/src/lib/haproxy/index.ts
+++ b/src/lib/haproxy/index.ts
@@ -2,7 +2,6 @@ import { dev } from '$app/env';
 import { asyncExecShell, getDomain, getEngine } from '$lib/common';
 import got from 'got';
 import * as db from '$lib/database';
-import { letsEncrypt } from '$lib/letsencrypt';
 
 const url = dev ? 'http://localhost:5555' : 'http://coolify-haproxy:5555';
 
diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index 6e166d8f2..6ee29f812 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -3,49 +3,70 @@ import { forceSSLOnApplication } from '$lib/haproxy';
 import { asyncExecShell, getEngine } from './common';
 import * as db from '$lib/database';
 import cuid from 'cuid';
+import getPort from 'get-port';
 
 export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 	try {
 		const nakedDomain = domain.replace('www.', '');
 		const wwwDomain = `www.${nakedDomain}`;
 		const randomCuid = cuid();
-		if (dev) {
-			return await forceSSLOnApplication({ domain });
+		const randomPort = getPort();
+
+		let host;
+		let dualCerts = false;
+		if (isCoolify) {
+			const data = await db.prisma.setting.findFirst();
+			dualCerts = data.dualCerts;
+			host = '/var/run/docker.sock';
 		} else {
-			if (isCoolify) {
-				await asyncExecShell(
-					`docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
-				);
-
-				const { stderr: copyError } = await asyncExecShell(
-					`docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
-				);
-
-				if (copyError) throw copyError;
-				return;
+			// Check Application
+			const applicationData = await db.prisma.application.findUnique({
+				where: { id },
+				include: { destinationDocker: true, settings: true }
+			});
+			if (applicationData) {
+				if (applicationData?.destinationDockerId && applicationData?.destinationDocker) {
+					host = getEngine(applicationData.destinationDocker.engine);
+				}
+				if (applicationData?.settings?.dualCerts) {
+					dualCerts = applicationData.settings.dualCerts;
+				}
 			}
-			let data: any = await db.prisma.application.findUnique({
+			// Check Service
+			const serviceData = await db.prisma.service.findUnique({
 				where: { id },
 				include: { destinationDocker: true }
 			});
-			if (!data) {
-				data = await db.prisma.service.findUnique({
-					where: { id },
-					include: { destinationDocker: true }
-				});
+			if (serviceData) {
+				if (serviceData?.destinationDockerId && serviceData?.destinationDocker) {
+					host = getEngine(serviceData.destinationDocker.engine);
+				}
+				if (serviceData?.dualCerts) {
+					dualCerts = serviceData.dualCerts;
+				}
 			}
-			// Set SSL with Let's encrypt
-			if (data.destinationDockerId && data.destinationDocker) {
-				const host = getEngine(data.destinationDocker.engine);
+		}
+		if (!dev) {
+			if (dualCerts) {
 				await asyncExecShell(
-					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
+					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
 				);
-				const { stderr: copyError } = await asyncExecShell(
+				await asyncExecShell(
 					`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
 				);
-				if (copyError) throw copyError;
-				await forceSSLOnApplication({ domain });
+			} else {
+				await asyncExecShell(
+					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${domain}  --expand --agree-tos --non-interactive --register-unsafely-without-email`
+				);
+				await asyncExecShell(
+					`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > /app/ssl/${domain}.pem"`
+				);
 			}
+		} else {
+			console.log({ dualCerts, host, wwwDomain, nakedDomain, domain });
+		}
+		if (!isCoolify) {
+			await forceSSLOnApplication({ domain });
 		}
 	} catch (error) {
 		console.log(error);
diff --git a/src/routes/applications/[id]/index.svelte b/src/routes/applications/[id]/index.svelte
index 930088ec5..a5d19eb6b 100644
--- a/src/routes/applications/[id]/index.svelte
+++ b/src/routes/applications/[id]/index.svelte
@@ -52,6 +52,7 @@
 	let loading = false;
 	let debug = application.settings.debug;
 	let previews = application.settings.previews;
+	let dualCerts = application.settings.dualCerts;
 
 	onMount(() => {
 		domainEl.focus();
@@ -64,8 +65,11 @@
 		if (name === 'previews') {
 			previews = !previews;
 		}
+		if (name === 'dualCerts') {
+			dualCerts = !dualCerts;
+		}
 		try {
-			await post(`/applications/${id}/settings.json`, { previews, debug });
+			await post(`/applications/${id}/settings.json`, { previews, debug, dualCerts });
 			return toast.push('Settings saved.');
 		} catch ({ error }) {
 			return errorNotification(error);
@@ -252,7 +256,7 @@
 		</div>
 		<div class="grid grid-flow-row gap-2 px-10">
 			<div class="grid grid-cols-3">
-				<label for="fqdn" class="pt-2">Domain (FQDN)</label>
+				<label for="fqdn" class="relative pt-2">Domain (FQDN)</label>
 				<div class="col-span-2">
 					<input
 						readonly={!$session.isAdmin || isRunning}
@@ -266,11 +270,19 @@
 						required
 					/>
 					<Explainer
-						text="If you specify <span class='text-green-600 font-bold'>https</span>, the application will be accessible only over https. SSL certificate will be generated for you.<br>If you specify <span class='text-green-600 font-bold'>www</span>, the application will be redirected (302) from non-www and vice versa.<br><br>To modify the domain, you must first stop the application."
+						text="If you specify <span class='text-green-500 font-bold'>https</span>, the application will be accessible only over https. SSL certificate will be generated for you.<br>If you specify <span class='text-green-500 font-bold'>www</span>, the application will be redirected (302) from non-www and vice versa.<br><br>To modify the domain, you must first stop the application."
 					/>
 				</div>
 			</div>
-
+			<div class="grid grid-cols-2 items-center pb-8">
+				<Setting
+					isCenter={false}
+					bind:setting={dualCerts}
+					title="Generate SSL for www and non-www?"
+					description="It will generate certificates for both www and non-www. <br>You need to have <span class='font-bold text-green-500'>both DNS entries</span> set in advance.<br><br>Useful if you expect to have visitors on both.<br>Application must be redeployed."
+					on:click={() => changeSettings('dualCerts')}
+				/>
+			</div>
 			{#if !staticDeployments.includes(application.buildPack)}
 				<div class="grid grid-cols-3 items-center">
 					<label for="port">Port</label>
@@ -285,6 +297,7 @@
 					</div>
 				</div>
 			{/if}
+
 			{#if !notNodeDeployments.includes(application.buildPack)}
 				<div class="grid grid-cols-3 items-center">
 					<label for="installCommand">Install Command</label>
@@ -361,8 +374,7 @@
 	<div class="flex space-x-1 pb-5 font-bold">
 		<div class="title">Features</div>
 	</div>
-	<div class="px-4 pb-10 sm:px-6">
-		<!-- <ul class="mt-2 divide-y divide-stone-800">
+	<!-- <ul class="mt-2 divide-y divide-stone-800">
 			<Setting
 				bind:setting={forceSSL}
 				on:click={() => changeSettings('forceSSL')}
@@ -370,21 +382,24 @@
 				description="Creates a https redirect for all requests from http and also generates a https certificate for the domain through Let's Encrypt."
 			/>
 		</ul> -->
-		<ul class="mt-2 divide-y divide-stone-800">
+	<div class="px-10 pb-10">
+		<div class="grid grid-cols-2 items-center">
 			<Setting
+				isCenter={false}
 				bind:setting={previews}
 				on:click={() => changeSettings('previews')}
 				title="Enable MR/PR Previews"
 				description="Creates previews from pull and merge requests."
 			/>
-		</ul>
-		<ul class="mt-2 divide-y divide-stone-800">
+		</div>
+		<div class="grid grid-cols-2 items-center">
 			<Setting
+				isCenter={false}
 				bind:setting={debug}
 				on:click={() => changeSettings('debug')}
 				title="Debug Logs"
 				description="Enable debug logs during build phase. <br>(<span class='text-red-500'>sensitive information</span> could be visible in logs)"
 			/>
-		</ul>
+		</div>
 	</div>
 </div>
diff --git a/src/routes/applications/[id]/settings.json.ts b/src/routes/applications/[id]/settings.json.ts
index ddd7bb5ca..6b0b3f808 100644
--- a/src/routes/applications/[id]/settings.json.ts
+++ b/src/routes/applications/[id]/settings.json.ts
@@ -8,10 +8,10 @@ export const post: RequestHandler = async (event) => {
 	if (status === 401) return { status, body };
 
 	const { id } = event.params;
-	const { debug, previews } = await event.request.json();
+	const { debug, previews, dualCerts } = await event.request.json();
 
 	try {
-		await db.setApplicationSettings({ id, debug, previews });
+		await db.setApplicationSettings({ id, debug, previews, dualCerts });
 		return { status: 201 };
 	} catch (error) {
 		return ErrorHandler(error);
diff --git a/src/routes/databases/[id]/_Databases/_CouchDb.svelte b/src/routes/databases/[id]/_Databases/_CouchDb.svelte
index 0d41ec184..3cba4ef93 100644
--- a/src/routes/databases/[id]/_Databases/_CouchDb.svelte
+++ b/src/routes/databases/[id]/_Databases/_CouchDb.svelte
@@ -7,72 +7,62 @@
 	<div class="title">CouchDB</div>
 </div>
 <div class="px-10">
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="defaultDatabase">Default Database</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				required
-				readonly={database.defaultDatabase}
-				disabled={database.defaultDatabase}
-				placeholder="eg: mydb"
-				id="defaultDatabase"
-				name="defaultDatabase"
-				bind:value={database.defaultDatabase}
-			/>
-		</div>
+		<CopyPasswordField
+			required
+			readonly={database.defaultDatabase}
+			disabled={database.defaultDatabase}
+			placeholder="eg: mydb"
+			id="defaultDatabase"
+			name="defaultDatabase"
+			bind:value={database.defaultDatabase}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="dbUser">User</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				id="dbUser"
-				name="dbUser"
-				value={database.dbUser}
-			/>
-		</div>
+		<CopyPasswordField
+			readonly
+			disabled
+			placeholder="Generated automatically after start"
+			id="dbUser"
+			name="dbUser"
+			value={database.dbUser}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="dbUserPassword">Password</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				isPasswordField
-				id="dbUserPassword"
-				name="dbUserPassword"
-				value={database.dbUserPassword}
-			/>
-		</div>
+		<CopyPasswordField
+			readonly
+			disabled
+			placeholder="Generated automatically after start"
+			isPasswordField
+			id="dbUserPassword"
+			name="dbUserPassword"
+			value={database.dbUserPassword}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="rootUser">Root User</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				id="rootUser"
-				name="rootUser"
-				value={database.rootUser}
-			/>
-		</div>
+		<CopyPasswordField
+			readonly
+			disabled
+			placeholder="Generated automatically after start"
+			id="rootUser"
+			name="rootUser"
+			value={database.rootUser}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="rootUserPassword">Root's Password</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				isPasswordField
-				id="rootUserPassword"
-				name="rootUserPassword"
-				value={database.rootUserPassword}
-			/>
-		</div>
+		<CopyPasswordField
+			readonly
+			disabled
+			placeholder="Generated automatically after start"
+			isPasswordField
+			id="rootUserPassword"
+			name="rootUserPassword"
+			value={database.rootUserPassword}
+		/>
 	</div>
 </div>
diff --git a/src/routes/databases/[id]/_Databases/_Databases.svelte b/src/routes/databases/[id]/_Databases/_Databases.svelte
index cd91c8d6a..e09e8d278 100644
--- a/src/routes/databases/[id]/_Databases/_Databases.svelte
+++ b/src/routes/databases/[id]/_Databases/_Databases.svelte
@@ -88,70 +88,60 @@
 		</div>
 
 		<div class="grid grid-flow-row gap-2 px-10">
-			<div class="grid grid-cols-3 items-center">
+			<div class="grid grid-cols-2 items-center">
 				<label for="name">Name</label>
-				<div class="col-span-2 ">
-					<input
-						readonly={!$session.isAdmin}
-						name="name"
-						id="name"
-						bind:value={database.name}
-						required
-					/>
-				</div>
+				<input
+					readonly={!$session.isAdmin}
+					name="name"
+					id="name"
+					bind:value={database.name}
+					required
+				/>
 			</div>
-			<div class="grid grid-cols-3 items-center">
+			<div class="grid grid-cols-2 items-center">
 				<label for="destination">Destination</label>
-				<div class="col-span-2">
-					{#if database.destinationDockerId}
-						<div class="no-underline">
-							<input
-								value={database.destinationDocker.name}
-								id="destination"
-								disabled
-								readonly
-								class="bg-transparent "
-							/>
-						</div>
-					{/if}
-				</div>
+				{#if database.destinationDockerId}
+					<div class="no-underline">
+						<input
+							value={database.destinationDocker.name}
+							id="destination"
+							disabled
+							readonly
+							class="bg-transparent "
+						/>
+					</div>
+				{/if}
 			</div>
 
-			<div class="grid grid-cols-3 items-center">
+			<div class="grid grid-cols-2 items-center">
 				<label for="version">Version</label>
-				<div class="col-span-2 ">
-					<input value={database.version} readonly disabled class="bg-transparent " />
-				</div>
+				<input value={database.version} readonly disabled class="bg-transparent " />
 			</div>
 		</div>
 
 		<div class="grid grid-flow-row gap-2 px-10">
-			<div class="grid grid-cols-3 items-center">
+			<div class="grid grid-cols-2 items-center">
 				<label for="host">Host</label>
-				<div class="col-span-2 ">
-					<CopyPasswordField
-						placeholder="Generated automatically after start"
-						isPasswordField={false}
-						readonly
-						disabled
-						id="host"
-						name="host"
-						value={database.id}
-					/>
-				</div>
+				<CopyPasswordField
+					placeholder="Generated automatically after start"
+					isPasswordField={false}
+					readonly
+					disabled
+					id="host"
+					name="host"
+					value={database.id}
+				/>
 			</div>
-			<div class="grid grid-cols-3 items-center">
+			<div class="grid grid-cols-2 items-center">
 				<label for="publicPort">Port</label>
-				<div class="col-span-2">
-					<CopyPasswordField
-						placeholder="Generated automatically after start"
-						id="publicPort"
-						readonly
-						disabled
-						name="publicPort"
-						value={isPublic ? database.publicPort : privatePort}
-					/>
-				</div>
+				<CopyPasswordField
+					placeholder="Generated automatically after start"
+					id="publicPort"
+					readonly
+					disabled
+					name="publicPort"
+					value={isPublic ? database.publicPort : privatePort}
+				/>
 			</div>
 		</div>
 		<div class="grid grid-flow-row gap-2">
@@ -166,44 +156,42 @@
 			{:else if database.type === 'couchdb'}
 				<CouchDb bind:database />
 			{/if}
-			<div class="grid grid-cols-3 items-center px-10 pb-8">
+			<div class="grid grid-cols-2 items-center px-10 pb-8">
 				<label for="url">Connection String</label>
-				<div class="col-span-2 ">
-					<CopyPasswordField
-						textarea={true}
-						placeholder="Generated automatically after start"
-						isPasswordField={false}
-						id="url"
-						name="url"
-						readonly
-						disabled
-						value={databaseUrl}
-					/>
-				</div>
+				<CopyPasswordField
+					textarea={true}
+					placeholder="Generated automatically after start"
+					isPasswordField={false}
+					id="url"
+					name="url"
+					readonly
+					disabled
+					value={databaseUrl}
+				/>
 			</div>
 		</div>
 	</form>
 	<div class="flex space-x-1 pb-5 font-bold">
 		<div class="title">Features</div>
 	</div>
-	<div class="px-4 pb-10 sm:px-6">
-		<ul class="mt-2 divide-y divide-stone-800">
+	<div class="px-10 pb-10">
+		<div class="grid grid-cols-2 items-center">
 			<Setting
 				bind:setting={isPublic}
 				on:click={() => changeSettings('isPublic')}
 				title="Set it public"
 				description="Your database will be reachable over the internet. <br>Take security seriously in this case!"
 			/>
-		</ul>
+		</div>
 		{#if database.type === 'redis'}
-			<ul class="mt-2 divide-y divide-stone-800">
+			<div class="grid grid-cols-2 items-center">
 				<Setting
 					bind:setting={appendOnly}
 					on:click={() => changeSettings('appendOnly')}
 					title="Change append only mode"
 					description="Useful if you would like to restore redis data from a backup.<br><span class='font-bold text-white'>Database restart is required.</span>"
 				/>
-			</ul>
+			</div>
 		{/if}
 	</div>
 </div>
diff --git a/src/routes/databases/[id]/_Databases/_MongoDB.svelte b/src/routes/databases/[id]/_Databases/_MongoDB.svelte
index cbf3ffe35..54518c012 100644
--- a/src/routes/databases/[id]/_Databases/_MongoDB.svelte
+++ b/src/routes/databases/[id]/_Databases/_MongoDB.svelte
@@ -7,31 +7,27 @@
 	<div class="title">MongoDB</div>
 </div>
 <div class="px-10">
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="rootUser">Root User</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				placeholder="Generated automatically after start"
-				id="rootUser"
-				readonly
-				disabled
-				name="rootUser"
-				value={database.rootUser}
-			/>
-		</div>
+		<CopyPasswordField
+			placeholder="Generated automatically after start"
+			id="rootUser"
+			readonly
+			disabled
+			name="rootUser"
+			value={database.rootUser}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="rootUserPassword">Root's Password</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				placeholder="Generated automatically after start"
-				isPasswordField={true}
-				readonly
-				disabled
-				id="rootUserPassword"
-				name="rootUserPassword"
-				value={database.rootUserPassword}
-			/>
-		</div>
+		<CopyPasswordField
+			placeholder="Generated automatically after start"
+			isPasswordField={true}
+			readonly
+			disabled
+			id="rootUserPassword"
+			name="rootUserPassword"
+			value={database.rootUserPassword}
+		/>
 	</div>
 </div>
diff --git a/src/routes/databases/[id]/_Databases/_MySQL.svelte b/src/routes/databases/[id]/_Databases/_MySQL.svelte
index e361cc9fe..4f24862b3 100644
--- a/src/routes/databases/[id]/_Databases/_MySQL.svelte
+++ b/src/routes/databases/[id]/_Databases/_MySQL.svelte
@@ -7,72 +7,62 @@
 	<div class="title">MySQL</div>
 </div>
 <div class=" px-10">
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="defaultDatabase">Default Database</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				required
-				readonly={database.defaultDatabase}
-				disabled={database.defaultDatabase}
-				placeholder="eg: mydb"
-				id="defaultDatabase"
-				name="defaultDatabase"
-				bind:value={database.defaultDatabase}
-			/>
-		</div>
+		<CopyPasswordField
+			required
+			readonly={database.defaultDatabase}
+			disabled={database.defaultDatabase}
+			placeholder="eg: mydb"
+			id="defaultDatabase"
+			name="defaultDatabase"
+			bind:value={database.defaultDatabase}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="dbUser">User</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				id="dbUser"
-				name="dbUser"
-				value={database.dbUser}
-			/>
-		</div>
+		<CopyPasswordField
+			readonly
+			disabled
+			placeholder="Generated automatically after start"
+			id="dbUser"
+			name="dbUser"
+			value={database.dbUser}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="dbUserPassword">Password</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				isPasswordField
-				id="dbUserPassword"
-				name="dbUserPassword"
-				value={database.dbUserPassword}
-			/>
-		</div>
+		<CopyPasswordField
+			readonly
+			disabled
+			placeholder="Generated automatically after start"
+			isPasswordField
+			id="dbUserPassword"
+			name="dbUserPassword"
+			value={database.dbUserPassword}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="rootUser">Root User</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				id="rootUser"
-				name="rootUser"
-				value={database.rootUser}
-			/>
-		</div>
+		<CopyPasswordField
+			readonly
+			disabled
+			placeholder="Generated automatically after start"
+			id="rootUser"
+			name="rootUser"
+			value={database.rootUser}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="rootUserPassword">Root's Password</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				isPasswordField
-				id="rootUserPassword"
-				name="rootUserPassword"
-				value={database.rootUserPassword}
-			/>
-		</div>
+		<CopyPasswordField
+			readonly
+			disabled
+			placeholder="Generated automatically after start"
+			isPasswordField
+			id="rootUserPassword"
+			name="rootUserPassword"
+			value={database.rootUserPassword}
+		/>
 	</div>
 </div>
diff --git a/src/routes/databases/[id]/_Databases/_PostgreSQL.svelte b/src/routes/databases/[id]/_Databases/_PostgreSQL.svelte
index dc585c8e4..758aaccb0 100644
--- a/src/routes/databases/[id]/_Databases/_PostgreSQL.svelte
+++ b/src/routes/databases/[id]/_Databases/_PostgreSQL.svelte
@@ -7,45 +7,39 @@
 	<div class="title">PostgreSQL</div>
 </div>
 <div class="px-10">
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="defaultDatabase">Default Database</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				required
-				readonly={database.defaultDatabase}
-				disabled={database.defaultDatabase}
-				placeholder="eg: mydb"
-				id="defaultDatabase"
-				name="defaultDatabase"
-				bind:value={database.defaultDatabase}
-			/>
-		</div>
+		<CopyPasswordField
+			required
+			readonly={database.defaultDatabase}
+			disabled={database.defaultDatabase}
+			placeholder="eg: mydb"
+			id="defaultDatabase"
+			name="defaultDatabase"
+			bind:value={database.defaultDatabase}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="dbUser">User</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				id="dbUser"
-				name="dbUser"
-				value={database.dbUser}
-			/>
-		</div>
+		<CopyPasswordField
+			readonly
+			disabled
+			placeholder="Generated automatically after start"
+			id="dbUser"
+			name="dbUser"
+			value={database.dbUser}
+		/>
 	</div>
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="dbUserPassword">Password</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				isPasswordField
-				id="dbUserPassword"
-				name="dbUserPassword"
-				value={database.dbUserPassword}
-			/>
-		</div>
+		<CopyPasswordField
+			readonly
+			disabled
+			placeholder="Generated automatically after start"
+			isPasswordField
+			id="dbUserPassword"
+			name="dbUserPassword"
+			value={database.dbUserPassword}
+		/>
 	</div>
 </div>
diff --git a/src/routes/databases/[id]/_Databases/_Redis.svelte b/src/routes/databases/[id]/_Databases/_Redis.svelte
index ff8f83113..7c02a313e 100644
--- a/src/routes/databases/[id]/_Databases/_Redis.svelte
+++ b/src/routes/databases/[id]/_Databases/_Redis.svelte
@@ -7,32 +7,17 @@
 	<div class="title">Redis</div>
 </div>
 <div class="px-10">
-	<!-- <div class="grid grid-cols-3 items-center">
-		<label for="dbUser">User</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				readonly
-				disabled
-				placeholder="Generated automatically after start"
-				id="dbUser"
-				name="dbUser"
-				bind:value={database.dbUser}
-			/>
-		</div>
-	</div> -->
-	<div class="grid grid-cols-3 items-center">
+	<div class="grid grid-cols-2 items-center">
 		<label for="dbUserPassword">Password</label>
-		<div class="col-span-2 ">
-			<CopyPasswordField
-				disabled
-				readonly
-				placeholder="Generated automatically after start"
-				isPasswordField
-				id="dbUserPassword"
-				name="dbUserPassword"
-				value={database.dbUserPassword}
-			/>
-		</div>
+		<CopyPasswordField
+			disabled
+			readonly
+			placeholder="Generated automatically after start"
+			isPasswordField
+			id="dbUserPassword"
+			name="dbUserPassword"
+			value={database.dbUserPassword}
+		/>
 	</div>
 	<!-- <div class="grid grid-cols-3 items-center">
 		<label for="rootUser">Root User</label>
diff --git a/src/routes/destinations/[id]/_LocalDocker.svelte b/src/routes/destinations/[id]/_LocalDocker.svelte
index 4d584e90a..ba3bebc6e 100644
--- a/src/routes/destinations/[id]/_LocalDocker.svelte
+++ b/src/routes/destinations/[id]/_LocalDocker.svelte
@@ -181,21 +181,18 @@
 				/>
 			</div>
 		</div>
-		<div class="flex justify-start">
-			<ul class="mt-2 divide-y divide-stone-800">
-				<Setting
-					disabled={cannotDisable}
-					bind:setting={destination.isCoolifyProxyUsed}
-					on:click={changeProxySetting}
-					isPadding={false}
-					title="Use Coolify Proxy?"
-					description={`This will install a proxy on the destination to allow you to access your applications and services without any manual configuration. Databases will have their own proxy. <br><br>${
-						cannotDisable
-							? '<span class="font-bold text-white">You cannot disable this proxy as FQDN is configured for Coolify.</span>'
-							: ''
-					}`}
-				/>
-			</ul>
+		<div class="grid grid-cols-2 items-center">
+			<Setting
+				disabled={cannotDisable}
+				bind:setting={destination.isCoolifyProxyUsed}
+				on:click={changeProxySetting}
+				title="Use Coolify Proxy?"
+				description={`This will install a proxy on the destination to allow you to access your applications and services without any manual configuration. Databases will have their own proxy. <br><br>${
+					cannotDisable
+						? '<span class="font-bold text-white">You cannot disable this proxy as FQDN is configured for Coolify.</span>'
+						: ''
+				}`}
+			/>
 		</div>
 	</form>
 </div>
diff --git a/src/routes/services/[id]/_Services/_MinIO.svelte b/src/routes/services/[id]/_Services/_MinIO.svelte
index 2cf4e5823..6bdb1b310 100644
--- a/src/routes/services/[id]/_Services/_MinIO.svelte
+++ b/src/routes/services/[id]/_Services/_MinIO.svelte
@@ -7,42 +7,36 @@
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">MinIO Server</div>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center">
 	<label for="rootUser">Root User</label>
-	<div class="col-span-2 ">
-		<input
-			name="rootUser"
-			id="rootUser"
-			placeholder="User to login"
-			value={service.minio.rootUser}
-			disabled
-			readonly
-		/>
-	</div>
+	<input
+		name="rootUser"
+		id="rootUser"
+		placeholder="User to login"
+		value={service.minio.rootUser}
+		disabled
+		readonly
+	/>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center">
 	<label for="rootUserPassword">Root's Password</label>
-	<div class="col-span-2 ">
-		<CopyPasswordField
-			id="rootUserPassword"
-			isPasswordField
-			readonly
-			disabled
-			name="rootUserPassword"
-			value={service.minio.rootUserPassword}
-		/>
-	</div>
+	<CopyPasswordField
+		id="rootUserPassword"
+		isPasswordField
+		readonly
+		disabled
+		name="rootUserPassword"
+		value={service.minio.rootUserPassword}
+	/>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center">
 	<label for="publicPort">API Port</label>
-	<div class="col-span-2 ">
-		<input
-			name="publicPort"
-			id="publicPort"
-			value={service.minio.publicPort}
-			disabled
-			readonly
-			placeholder="Generated automatically after start"
-		/>
-	</div>
+	<input
+		name="publicPort"
+		id="publicPort"
+		value={service.minio.publicPort}
+		disabled
+		readonly
+		placeholder="Generated automatically after start"
+	/>
 </div>
diff --git a/src/routes/services/[id]/_Services/_PlausibleAnalytics.svelte b/src/routes/services/[id]/_Services/_PlausibleAnalytics.svelte
index 5b9550354..a6d739353 100644
--- a/src/routes/services/[id]/_Services/_PlausibleAnalytics.svelte
+++ b/src/routes/services/[id]/_Services/_PlausibleAnalytics.svelte
@@ -7,86 +7,74 @@
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">Plausible Analytics</div>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="email">Email Address</label>
-	<div class="col-span-2">
-		<input
-			name="email"
-			id="email"
-			disabled={readOnly}
-			readonly={readOnly}
-			placeholder="Email address"
-			bind:value={service.plausibleAnalytics.email}
-			required
-		/>
-	</div>
+	<input
+		name="email"
+		id="email"
+		disabled={readOnly}
+		readonly={readOnly}
+		placeholder="Email address"
+		bind:value={service.plausibleAnalytics.email}
+		required
+	/>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="username">Username</label>
-	<div class="col-span-2">
-		<CopyPasswordField
-			name="username"
-			id="username"
-			disabled={readOnly}
-			readonly={readOnly}
-			placeholder="User to login"
-			bind:value={service.plausibleAnalytics.username}
-			required
-		/>
-	</div>
+	<CopyPasswordField
+		name="username"
+		id="username"
+		disabled={readOnly}
+		readonly={readOnly}
+		placeholder="User to login"
+		bind:value={service.plausibleAnalytics.username}
+		required
+	/>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="password">Password</label>
-	<div class="col-span-2 ">
-		<CopyPasswordField
-			id="password"
-			isPasswordField
-			readonly
-			disabled
-			name="password"
-			value={service.plausibleAnalytics.password}
-		/>
-	</div>
+	<CopyPasswordField
+		id="password"
+		isPasswordField
+		readonly
+		disabled
+		name="password"
+		value={service.plausibleAnalytics.password}
+	/>
 </div>
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">PostgreSQL</div>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="postgresqlUser">Username</label>
-	<div class="col-span-2 ">
-		<CopyPasswordField
-			name="postgresqlUser"
-			id="postgresqlUser"
-			value={service.plausibleAnalytics.postgresqlUser}
-			readonly
-			disabled
-		/>
-	</div>
+	<CopyPasswordField
+		name="postgresqlUser"
+		id="postgresqlUser"
+		value={service.plausibleAnalytics.postgresqlUser}
+		readonly
+		disabled
+	/>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="postgresqlPassword">Password</label>
-	<div class="col-span-2 ">
-		<CopyPasswordField
-			id="postgresqlPassword"
-			isPasswordField
-			readonly
-			disabled
-			name="postgresqlPassword"
-			value={service.plausibleAnalytics.postgresqlPassword}
-		/>
-	</div>
+	<CopyPasswordField
+		id="postgresqlPassword"
+		isPasswordField
+		readonly
+		disabled
+		name="postgresqlPassword"
+		value={service.plausibleAnalytics.postgresqlPassword}
+	/>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="postgresqlDatabase">Database</label>
-	<div class="col-span-2 ">
-		<CopyPasswordField
-			name="postgresqlDatabase"
-			id="postgresqlDatabase"
-			value={service.plausibleAnalytics.postgresqlDatabase}
-			readonly
-			disabled
-		/>
-	</div>
+	<CopyPasswordField
+		name="postgresqlDatabase"
+		id="postgresqlDatabase"
+		value={service.plausibleAnalytics.postgresqlDatabase}
+		readonly
+		disabled
+	/>
 </div>
 <!-- <div class="grid grid-cols-3 items-center">
 	<label for="postgresqlPublicPort">Public Port</label>
diff --git a/src/routes/services/[id]/_Services/_Services.svelte b/src/routes/services/[id]/_Services/_Services.svelte
index 6754d31fe..810f7fa49 100644
--- a/src/routes/services/[id]/_Services/_Services.svelte
+++ b/src/routes/services/[id]/_Services/_Services.svelte
@@ -7,6 +7,7 @@
 	import { post } from '$lib/api';
 	import CopyPasswordField from '$lib/components/CopyPasswordField.svelte';
 	import Explainer from '$lib/components/Explainer.svelte';
+	import Setting from '$lib/components/Setting.svelte';
 	import { errorNotification } from '$lib/form';
 	import { toast } from '@zerodevx/svelte-toast';
 	import MinIo from './_MinIO.svelte';
@@ -18,6 +19,7 @@
 
 	let loading = false;
 	let loadingVerification = false;
+	let dualCerts = service.dualCerts;
 
 	async function handleSubmit() {
 		loading = true;
@@ -42,6 +44,17 @@
 			loadingVerification = false;
 		}
 	}
+	async function changeSettings(name) {
+		try {
+			if (name === 'dualCerts') {
+				dualCerts = !dualCerts;
+			}
+			await post(`/services/${id}/settings.json`, { dualCerts });
+			return toast.push('Settings saved.');
+		} catch ({ error }) {
+			return errorNotification(error);
+		}
+	}
 </script>
 
 <div class="mx-auto max-w-4xl px-6">
@@ -67,10 +80,10 @@
 			{/if}
 		</div>
 
-		<div class="grid grid-flow-row gap-2 px-10">
-			<div class="mt-2 grid grid-cols-3 items-center">
+		<div class="grid grid-flow-row gap-2">
+			<div class="mt-2 grid grid-cols-2 items-center px-10">
 				<label for="name">Name</label>
-				<div class="col-span-2 ">
+				<div>
 					<input
 						readonly={!$session.isAdmin}
 						name="name"
@@ -81,9 +94,9 @@
 				</div>
 			</div>
 
-			<div class="grid grid-cols-3 items-center">
+			<div class="grid grid-cols-2 items-center px-10">
 				<label for="destination">Destination</label>
-				<div class="col-span-2">
+				<div>
 					{#if service.destinationDockerId}
 						<div class="no-underline">
 							<input
@@ -96,9 +109,9 @@
 					{/if}
 				</div>
 			</div>
-			<div class="grid grid-cols-3">
+			<div class="grid grid-cols-2 px-10">
 				<label for="fqdn" class="pt-2">Domain (FQDN)</label>
-				<div class="col-span-2 ">
+				<div>
 					<CopyPasswordField
 						placeholder="eg: https://analytics.coollabs.io"
 						readonly={!$session.isAdmin && !isRunning}
@@ -114,6 +127,14 @@
 					/>
 				</div>
 			</div>
+			<div class="grid grid-cols-2 items-center px-10">
+				<Setting
+					bind:setting={dualCerts}
+					title="Generate SSL for www and non-www?"
+					description="It will generate certificates for both www and non-www. <br>You need to have <span class='font-bold text-pink-600'>both DNS entries</span> set in advance.<br><br>Service needs to be restarted."
+					on:click={() => changeSettings('dualCerts')}
+				/>
+			</div>
 			{#if service.type === 'plausibleanalytics'}
 				<PlausibleAnalytics bind:service {readOnly} />
 			{:else if service.type === 'minio'}
diff --git a/src/routes/services/[id]/_Services/_VSCodeServer.svelte b/src/routes/services/[id]/_Services/_VSCodeServer.svelte
index 4305b612a..f8be43aa5 100644
--- a/src/routes/services/[id]/_Services/_VSCodeServer.svelte
+++ b/src/routes/services/[id]/_Services/_VSCodeServer.svelte
@@ -7,16 +7,14 @@
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">VSCode Server</div>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="password">Password</label>
-	<div class="col-span-2 ">
-		<CopyPasswordField
-			id="password"
-			isPasswordField
-			readonly
-			disabled
-			name="password"
-			value={service.vscodeserver.password}
-		/>
-	</div>
+	<CopyPasswordField
+		id="password"
+		isPasswordField
+		readonly
+		disabled
+		name="password"
+		value={service.vscodeserver.password}
+	/>
 </div>
diff --git a/src/routes/services/[id]/_Services/_Wordpress.svelte b/src/routes/services/[id]/_Services/_Wordpress.svelte
index 93dcbe5f3..aa61aeb55 100644
--- a/src/routes/services/[id]/_Services/_Wordpress.svelte
+++ b/src/routes/services/[id]/_Services/_Wordpress.svelte
@@ -10,85 +10,73 @@
 	<div class="title">Wordpress</div>
 </div>
 
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="extraConfig">Extra Config</label>
-	<div class="col-span-2 ">
-		<textarea
-			disabled={isRunning}
-			readonly={isRunning}
-			class:resize-none={isRunning}
-			rows={isRunning ? 1 : 5}
-			name="extraConfig"
-			id="extraConfig"
-			placeholder={!isRunning
-				? `eg:
+	<textarea
+		disabled={isRunning}
+		readonly={isRunning}
+		class:resize-none={isRunning}
+		rows={isRunning ? 1 : 5}
+		name="extraConfig"
+		id="extraConfig"
+		placeholder={!isRunning
+			? `eg:
 
 define('WP_ALLOW_MULTISITE', true);
 define('MULTISITE', true);
 define('SUBDOMAIN_INSTALL', false);`
-				: null}>{service.wordpress.extraConfig}</textarea
-		>
-	</div>
+			: null}>{service.wordpress.extraConfig || 'N/A'}</textarea
+	>
 </div>
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">MySQL</div>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="mysqlDatabase">Database</label>
-	<div class="col-span-2 ">
-		<input
-			name="mysqlDatabase"
-			id="mysqlDatabase"
-			required
-			readonly={readOnly}
-			disabled={readOnly}
-			bind:value={service.wordpress.mysqlDatabase}
-			placeholder="eg: wordpress_db"
-		/>
-	</div>
+	<input
+		name="mysqlDatabase"
+		id="mysqlDatabase"
+		required
+		readonly={readOnly}
+		disabled={readOnly}
+		bind:value={service.wordpress.mysqlDatabase}
+		placeholder="eg: wordpress_db"
+	/>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="mysqlRootUser">Root User</label>
-	<div class="col-span-2 ">
-		<input
-			name="mysqlRootUser"
-			id="mysqlRootUser"
-			placeholder="MySQL Root User"
-			value={service.wordpress.mysqlRootUser}
-			disabled
-			readonly
-		/>
-	</div>
+	<input
+		name="mysqlRootUser"
+		id="mysqlRootUser"
+		placeholder="MySQL Root User"
+		value={service.wordpress.mysqlRootUser}
+		disabled
+		readonly
+	/>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="mysqlRootUserPassword">Root's Password</label>
-	<div class="col-span-2 ">
-		<CopyPasswordField
-			id="mysqlRootUserPassword"
-			isPasswordField
-			readonly
-			disabled
-			name="mysqlRootUserPassword"
-			value={service.wordpress.mysqlRootUserPassword}
-		/>
-	</div>
+	<CopyPasswordField
+		id="mysqlRootUserPassword"
+		isPasswordField
+		readonly
+		disabled
+		name="mysqlRootUserPassword"
+		value={service.wordpress.mysqlRootUserPassword}
+	/>
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="mysqlUser">User</label>
-	<div class="col-span-2 ">
-		<input name="mysqlUser" id="mysqlUser" value={service.wordpress.mysqlUser} disabled readonly />
-	</div>
+	<input name="mysqlUser" id="mysqlUser" value={service.wordpress.mysqlUser} disabled readonly />
 </div>
-<div class="grid grid-cols-3 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="mysqlPassword">Password</label>
-	<div class="col-span-2 ">
-		<CopyPasswordField
-			id="mysqlPassword"
-			isPasswordField
-			readonly
-			disabled
-			name="mysqlPassword"
-			value={service.wordpress.mysqlPassword}
-		/>
-	</div>
+	<CopyPasswordField
+		id="mysqlPassword"
+		isPasswordField
+		readonly
+		disabled
+		name="mysqlPassword"
+		value={service.wordpress.mysqlPassword}
+	/>
 </div>
diff --git a/src/routes/services/[id]/configuration/version.json.ts b/src/routes/services/[id]/configuration/version.json.ts
index 57d86fed2..f1a1a9522 100644
--- a/src/routes/services/[id]/configuration/version.json.ts
+++ b/src/routes/services/[id]/configuration/version.json.ts
@@ -30,7 +30,7 @@ export const post: RequestHandler = async (event) => {
 	const { version } = await event.request.json();
 
 	try {
-		await db.setService({ id, version });
+		await db.setServiceVersion({ id, version });
 		return {
 			status: 201
 		};
diff --git a/src/routes/services/[id]/settings.json.ts b/src/routes/services/[id]/settings.json.ts
new file mode 100644
index 000000000..50488cf93
--- /dev/null
+++ b/src/routes/services/[id]/settings.json.ts
@@ -0,0 +1,19 @@
+import { getUserDetails } from '$lib/common';
+import * as db from '$lib/database';
+import { ErrorHandler } from '$lib/database';
+import type { RequestHandler } from '@sveltejs/kit';
+
+export const post: RequestHandler = async (event) => {
+	const { teamId, status, body } = await getUserDetails(event);
+	if (status === 401) return { status, body };
+
+	const { id } = event.params;
+	const { dualCerts } = await event.request.json();
+
+	try {
+		await db.setServiceSettings({ id, dualCerts });
+		return { status: 201 };
+	} catch (error) {
+		return ErrorHandler(error);
+	}
+};
diff --git a/src/routes/settings/index.json.ts b/src/routes/settings/index.json.ts
index cdf3ee85d..c814deb89 100644
--- a/src/routes/settings/index.json.ts
+++ b/src/routes/settings/index.json.ts
@@ -15,6 +15,7 @@ import {
 } from '$lib/haproxy';
 import { letsEncrypt } from '$lib/letsencrypt';
 import type { RequestHandler } from '@sveltejs/kit';
+import dns from 'dns/promises';
 
 export const get: RequestHandler = async (event) => {
 	const { status, body } = await getUserDetails(event);
@@ -45,14 +46,18 @@ export const del: RequestHandler = async (event) => {
 	if (status === 401) return { status, body };
 
 	const { fqdn } = await event.request.json();
-
+	const ip = await dns.resolve(event.url.hostname);
 	try {
 		const domain = getDomain(fqdn);
 		await db.prisma.setting.update({ where: { fqdn }, data: { fqdn: null } });
 		await configureCoolifyProxyOff(fqdn);
 		await removeWwwRedirection(domain);
 		return {
-			status: 201
+			status: 200,
+			body: {
+				message: 'Domain removed',
+				redirect: `http://${ip[0]}:3000/settings`
+			}
 		};
 	} catch (error) {
 		return ErrorHandler(error);
@@ -69,16 +74,20 @@ export const post: RequestHandler = async (event) => {
 		};
 	if (status === 401) return { status, body };
 
-	const { fqdn, isRegistrationEnabled } = await event.request.json();
+	const { fqdn, isRegistrationEnabled, dualCerts } = await event.request.json();
 	try {
 		const {
 			id,
 			fqdn: oldFqdn,
-			isRegistrationEnabled: oldIsRegistrationEnabled
+			isRegistrationEnabled: oldIsRegistrationEnabled,
+			dualCerts: oldDualCerts
 		} = await db.listSettings();
 		if (oldIsRegistrationEnabled !== isRegistrationEnabled) {
 			await db.prisma.setting.update({ where: { id }, data: { isRegistrationEnabled } });
 		}
+		if (oldDualCerts !== dualCerts) {
+			await db.prisma.setting.update({ where: { id }, data: { dualCerts } });
+		}
 		if (oldFqdn && oldFqdn !== fqdn) {
 			if (oldFqdn) {
 				const oldDomain = getDomain(oldFqdn);
@@ -93,7 +102,7 @@ export const post: RequestHandler = async (event) => {
 			if (domain) {
 				await configureCoolifyProxyOn(fqdn);
 				await setWwwRedirection(fqdn);
-				if (isHttps && !dev) {
+				if (isHttps) {
 					await letsEncrypt({ domain, isCoolify: true });
 					await forceSSLOnApplication({ domain });
 					await reloadHaproxy('/var/run/docker.sock');
diff --git a/src/routes/settings/index.svelte b/src/routes/settings/index.svelte
index 91bba0e2b..28a853292 100644
--- a/src/routes/settings/index.svelte
+++ b/src/routes/settings/index.svelte
@@ -30,10 +30,13 @@
 	import CopyPasswordField from '$lib/components/CopyPasswordField.svelte';
 	import { browser } from '$app/env';
 	import { getDomain } from '$lib/components/common';
+	import { toast } from '@zerodevx/svelte-toast';
 
 	let isRegistrationEnabled = settings.isRegistrationEnabled;
+	let dualCerts = settings.dualCerts;
+
 	let fqdn = settings.fqdn;
-	let isFqdnSet = settings.fqdn;
+	let isFqdnSet = !!settings.fqdn;
 	let loading = {
 		save: false,
 		remove: false
@@ -43,8 +46,8 @@
 		if (fqdn) {
 			loading.remove = true;
 			try {
-				await del(`/settings.json`, { fqdn });
-				return window.location.reload();
+				const { redirect } = await del(`/settings.json`, { fqdn });
+				return redirect ? window.location.replace(redirect) : window.location.reload();
 			} catch ({ error }) {
 				return errorNotification(error);
 			} finally {
@@ -57,7 +60,11 @@
 			if (name === 'isRegistrationEnabled') {
 				isRegistrationEnabled = !isRegistrationEnabled;
 			}
-			return await post(`/settings.json`, { isRegistrationEnabled });
+			if (name === 'dualCerts') {
+				dualCerts = !dualCerts;
+			}
+			await post(`/settings.json`, { isRegistrationEnabled, dualCerts });
+			return toast.push('Settings saved.');
 		} catch ({ error }) {
 			return errorNotification(error);
 		}
@@ -82,15 +89,15 @@
 	<div class="mr-4 text-2xl tracking-tight">Settings</div>
 </div>
 {#if $session.teamId === '0'}
-	<div class="mx-auto max-w-2xl">
+	<div class="mx-auto max-w-4xl px-6">
 		<form on:submit|preventDefault={handleSubmit}>
-			<div class="flex space-x-1 p-6 font-bold">
+			<div class="flex space-x-1 py-6 font-bold">
 				<div class="title">Global Settings</div>
 				<button
 					type="submit"
 					disabled={loading.save}
-					class:bg-green-600={!loading.save}
-					class:hover:bg-green-500={!loading.save}
+					class:bg-yellow-500={!loading.save}
+					class:hover:bg-yellow-400={!loading.save}
 					class="mx-2 ">{loading.save ? 'Saving...' : 'Save'}</button
 				>
 				{#if isFqdnSet}
@@ -103,10 +110,10 @@
 					>
 				{/if}
 			</div>
-			<div class="px-4 sm:px-6">
-				<div class="flex space-x-4 py-4 px-4">
-					<p class="pt-2 text-base font-bold text-stone-100">Domain (FQDN)</p>
-					<div class="justify-center">
+			<div class="grid grid-flow-row gap-2 px-10">
+				<div class="grid grid-cols-2 items-start">
+					<div class="pt-2 text-base font-bold text-stone-100">Domain (FQDN)</div>
+					<div class="justify-start text-left">
 						<input
 							bind:value={fqdn}
 							readonly={!$session.isAdmin || isFqdnSet}
@@ -118,57 +125,60 @@
 							required
 						/>
 						<Explainer
-							text="If you specify <span class='text-green-600 font-bold'>https</span>, Coolify will be accessible only over https. SSL certificate will be generated for you.<br>If you specify <span class='text-green-600 font-bold'>www</span>, Coolify will be redirected (302) from non-www and vice versa."
+							text="If you specify <span class='text-yellow-500 font-bold'>https</span>, Coolify will be accessible only over https. SSL certificate will be generated for you.<br>If you specify <span class='text-yellow-500 font-bold'>www</span>, Coolify will be redirected (302) from non-www and vice versa."
 						/>
 					</div>
 				</div>
-				<ul class="mt-2 divide-y divide-stone-800">
+				<div class="grid grid-cols-2 items-center">
+					<Setting
+						disabled={isFqdnSet}
+						bind:setting={dualCerts}
+						title="Generate SSL for www and non-www?"
+						description="It will generate certificates for both www and non-www. <br>You need to have <span class='font-bold text-yellow-400'>both DNS entries</span> set in advance.<br><br>Useful if you expect to have visitors on both."
+						on:click={() => !isFqdnSet && changeSettings('dualCerts')}
+					/>
+				</div>
+				<div class="grid grid-cols-2 items-center">
 					<Setting
 						bind:setting={isRegistrationEnabled}
 						title="Registration allowed?"
 						description="Allow further registrations to the application. <br>It's turned off after the first registration. "
 						on:click={() => changeSettings('isRegistrationEnabled')}
 					/>
-				</ul>
+				</div>
 			</div>
 		</form>
-		<div class="mx-auto max-w-4xl px-6">
-			<div class="flex space-x-1 pt-5 font-bold">
-				<div class="title">HAProxy Settings</div>
-			</div>
-			<Explainer
-				text={`Credentials for <a class="text-white font-bold" href=${
-					fqdn
-						? 'http://' + getDomain(fqdn) + ':8404'
-						: browser && 'http://' + window.location.hostname + ':8404'
-				} target="_blank">stats</a> page.`}
-			/>
-
-			<div class="grid grid-cols-3 items-center px-4 pt-5">
+		<div class="flex space-x-1 pt-6 font-bold">
+			<div class="title">Coolify Proxy Settings</div>
+		</div>
+		<Explainer
+			text={`Credentials for <a class="text-white font-bold" href=${
+				fqdn
+					? 'http://' + getDomain(fqdn) + ':8404'
+					: browser && 'http://' + window.location.hostname + ':8404'
+			} target="_blank">stats</a> page.`}
+		/>
+		<div class="px-10 py-5">
+			<div class="grid grid-cols-2 items-center">
 				<label for="proxyUser">User</label>
-
-				<div class="col-span-2 ">
-					<CopyPasswordField
-						readonly
-						disabled
-						id="proxyUser"
-						name="proxyUser"
-						value={settings.proxyUser}
-					/>
-				</div>
+				<CopyPasswordField
+					readonly
+					disabled
+					id="proxyUser"
+					name="proxyUser"
+					value={settings.proxyUser}
+				/>
 			</div>
-			<div class="grid grid-cols-3 items-center px-4">
+			<div class="grid grid-cols-2 items-center">
 				<label for="proxyPassword">Password</label>
-				<div class="col-span-2 ">
-					<CopyPasswordField
-						readonly
-						disabled
-						id="proxyPassword"
-						name="proxyPassword"
-						isPasswordField
-						value={settings.proxyPassword}
-					/>
-				</div>
+				<CopyPasswordField
+					readonly
+					disabled
+					id="proxyPassword"
+					name="proxyPassword"
+					isPasswordField
+					value={settings.proxyPassword}
+				/>
 			</div>
 		</div>
 	</div>
diff --git a/src/routes/sources/[id]/_Gitlab.svelte b/src/routes/sources/[id]/_Gitlab.svelte
index c95bbb1ba..01de75424 100644
--- a/src/routes/sources/[id]/_Gitlab.svelte
+++ b/src/routes/sources/[id]/_Gitlab.svelte
@@ -120,7 +120,7 @@
 			</div>
 
 			<Explainer
-				maxWidthClass="w-full"
+				customClass="w-full"
 				text="<span class='font-bold text-base'>Scopes required:</span> 	
 	<br>- api (Access the authenticated user's API)
 	<br>- read_repository (Allows read-only access to the repository)
diff --git a/src/routes/teams/[id]/index.svelte b/src/routes/teams/[id]/index.svelte
index c4f81d31e..6cd7e2292 100644
--- a/src/routes/teams/[id]/index.svelte
+++ b/src/routes/teams/[id]/index.svelte
@@ -99,7 +99,7 @@
 	<span class="arrow-right-applications px-1 text-cyan-500">></span>
 	<span class="pr-2">{team.name}</span>
 </div>
-<div class="mx-auto max-w-2xl">
+<div class="mx-auto max-w-4xl">
 	<form on:submit|preventDefault={handleSubmit}>
 		<div class="flex space-x-1 p-6 font-bold">
 			<div class="title">Settings</div>
@@ -113,10 +113,10 @@
 			<input id="name" name="name" placeholder="name" bind:value={team.name} />
 		</div>
 		{#if team.id === '0'}
-			<div class="px-20 pt-4 text-center">
+			<div class="px-8 pt-4 text-left">
 				<Explainer
-					maxWidthClass="w-full"
-					text="This is the <span class='text-red-500 font-bold'>root</span> team. <br><br>That means members of this group can manage instance wide settings and have all the priviliges in Coolify. (imagine like root user on Linux)"
+					customClass="w-full"
+					text="This is the <span class='text-red-500 font-bold'>root</span> team. That means members of this group can manage instance wide settings and have all the priviliges in Coolify (imagine like root user on Linux)."
 				/>
 			</div>
 		{/if}
@@ -178,11 +178,19 @@
 	</div>
 </div>
 {#if $session.isAdmin}
-	<div class="mx-auto max-w-2xl pt-8">
+	<div class="mx-auto max-w-4xl pt-8">
 		<form on:submit|preventDefault={sendInvitation}>
-			<div class="flex space-x-1 p-6 font-bold">
-				<div class="title">Invite new member</div>
-				<div class="text-center">
+			<div class="flex space-x-1 p-6">
+				<div>
+					<div class="title font-bold">Invite new member</div>
+					<div class="text-left">
+						<Explainer
+							customClass="w-56"
+							text="You can only invite registered users at the moment - will be extended soon."
+						/>
+					</div>
+				</div>
+				<div class="pt-1 text-center">
 					<button class="bg-cyan-600 hover:bg-cyan-500" type="submit">Send invitation</button>
 				</div>
 			</div>
diff --git a/src/tailwind.css b/src/tailwind.css
index 532cc655a..3b916fbb7 100644
--- a/src/tailwind.css
+++ b/src/tailwind.css
@@ -22,10 +22,10 @@
 }
 
 html {
-	@apply h-full min-h-full;
+	@apply h-full min-h-full overflow-y-scroll;
 }
 body {
-	@apply min-h-screen overflow-x-hidden bg-coolblack text-sm text-white;
+	@apply min-h-screen overflow-x-hidden bg-coolblack text-sm text-white scrollbar-w-1 scrollbar-thumb-coollabs scrollbar-track-coolgray-200;
 }
 
 main,
@@ -170,7 +170,7 @@ a {
 	padding: 8px;
 	color: #fff;
 	content: attr(data-tooltip);
-	@apply min-w-[100px] rounded bg-coollabs text-center font-normal;
+	@apply min-w-[100px] rounded bg-coollabs text-center font-medium;
 }
 
 /* Directions */
diff --git a/tailwind.config.cjs b/tailwind.config.cjs
index 2d119a268..8ec0aad53 100644
--- a/tailwind.config.cjs
+++ b/tailwind.config.cjs
@@ -31,7 +31,8 @@ module.exports = {
 		}
 	},
 	variants: {
+		scrollbar: ['dark'],
 		extend: {}
 	},
-	plugins: []
+	plugins: [require('tailwindcss-scrollbar')]
 };

From ca7f3da19db7fa1f6d963b9b318781affe00d835 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 17 Feb 2022 22:56:15 +0100
Subject: [PATCH 09/35] fix: Getport for letsencrypt design: Add more scroll
 design

---
 src/lib/letsencrypt.ts                                   | 2 +-
 src/routes/applications/[id]/logs/build/_BuildLog.svelte | 2 +-
 src/routes/applications/[id]/logs/index.svelte           | 2 +-
 src/routes/applications/[id]/secrets/index.svelte        | 9 ++++-----
 4 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index 6ee29f812..a75888b61 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -10,7 +10,7 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 		const nakedDomain = domain.replace('www.', '');
 		const wwwDomain = `www.${nakedDomain}`;
 		const randomCuid = cuid();
-		const randomPort = getPort();
+		const randomPort = await getPort();
 
 		let host;
 		let dualCerts = false;
diff --git a/src/routes/applications/[id]/logs/build/_BuildLog.svelte b/src/routes/applications/[id]/logs/build/_BuildLog.svelte
index 349d60eea..e4e1a557a 100644
--- a/src/routes/applications/[id]/logs/build/_BuildLog.svelte
+++ b/src/routes/applications/[id]/logs/build/_BuildLog.svelte
@@ -108,7 +108,7 @@
 			</button>
 		</div>
 		<div
-			class="font-mono leading-6 text-left text-md tracking-tighter rounded bg-coolgray-200 py-5 px-6 whitespace-pre-wrap break-words overflow-auto max-h-[80vh] -mt-12"
+			class="font-mono leading-6 text-left text-md tracking-tighter rounded bg-coolgray-200 py-5 px-6 whitespace-pre-wrap break-words overflow-auto max-h-[80vh] -mt-12 overflow-y-scroll scrollbar-w-1 scrollbar-thumb-coollabs scrollbar-track-coolgray-200"
 			bind:this={logsEl}
 		>
 			{#each logs as log}
diff --git a/src/routes/applications/[id]/logs/index.svelte b/src/routes/applications/[id]/logs/index.svelte
index e558934a0..326815b24 100644
--- a/src/routes/applications/[id]/logs/index.svelte
+++ b/src/routes/applications/[id]/logs/index.svelte
@@ -104,7 +104,7 @@
 				</button>
 			</div>
 			<div
-				class="font-mono leading-6 text-left text-md tracking-tighter rounded bg-coolgray-200 p-6 whitespace-pre-wrap break-words w-full mb-10 -mt-12"
+				class="font-mono leading-6 text-left text-md tracking-tighter rounded bg-coolgray-200 p-6 whitespace-pre-wrap break-words w-full mb-10 -mt-12 overflow-y-visible scrollbar-w-1 scrollbar-thumb-coollabs scrollbar-track-coolgray-200"
 				bind:this={logsEl}
 			>
 				{#each logs as log}
diff --git a/src/routes/applications/[id]/secrets/index.svelte b/src/routes/applications/[id]/secrets/index.svelte
index a596b0040..3a3e4aac7 100644
--- a/src/routes/applications/[id]/secrets/index.svelte
+++ b/src/routes/applications/[id]/secrets/index.svelte
@@ -46,22 +46,21 @@
 			<tr>
 				<th
 					scope="col"
-					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-warmGray-400"
-					>Name</th
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white">Name</th
 				>
 				<th
 					scope="col"
-					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-warmGray-400"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white"
 					>Value</th
 				>
 				<th
 					scope="col"
-					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-warmGray-400"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white"
 					>Need during buildtime?</th
 				>
 				<th
 					scope="col"
-					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-warmGray-400"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white"
 				/>
 			</tr>
 		</thead>

From 24a6bcbd1e58d685ff0fffde3fb7e2adfc6dc0e9 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 17 Feb 2022 23:42:23 +0100
Subject: [PATCH 10/35] fix: Builder debug logging is better now fix: www and
 non-www domain checker

---
 src/lib/database/checks.ts                 | 25 ++++++++++++++--
 src/lib/letsencrypt.ts                     | 35 +++++++++++-----------
 src/lib/queues/builder.ts                  |  3 ++
 src/routes/applications/[id]/check.json.ts |  2 +-
 src/routes/services/[id]/check.json.ts     |  2 +-
 src/routes/settings/check.json.ts          |  2 +-
 6 files changed, 45 insertions(+), 24 deletions(-)

diff --git a/src/lib/database/checks.ts b/src/lib/database/checks.ts
index 7cc066605..35af8dc00 100644
--- a/src/lib/database/checks.ts
+++ b/src/lib/database/checks.ts
@@ -21,16 +21,35 @@ export async function isSecretExists({ id, name }) {
 
 export async function isDomainConfigured({ id, fqdn }) {
 	const domain = getDomain(fqdn);
+	const nakedDomain = domain.replace('www.', '');
 	const foundApp = await prisma.application.findFirst({
-		where: { fqdn: { endsWith: `//${domain}` }, id: { not: id } },
+		where: {
+			OR: [
+				{ fqdn: { endsWith: `//${nakedDomain}` } },
+				{ fqdn: { endsWith: `//www.${nakedDomain}` } }
+			],
+			id: { not: id }
+		},
 		select: { fqdn: true }
 	});
 	const foundService = await prisma.service.findFirst({
-		where: { fqdn: { endsWith: `//${domain}` }, id: { not: id } },
+		where: {
+			OR: [
+				{ fqdn: { endsWith: `//${nakedDomain}` } },
+				{ fqdn: { endsWith: `//www.${nakedDomain}` } }
+			],
+			id: { not: id }
+		},
 		select: { fqdn: true }
 	});
 	const coolifyFqdn = await prisma.setting.findFirst({
-		where: { fqdn: { endsWith: `//${domain}` }, id: { not: id } },
+		where: {
+			OR: [
+				{ fqdn: { endsWith: `//${nakedDomain}` } },
+				{ fqdn: { endsWith: `//www.${nakedDomain}` } }
+			],
+			id: { not: id }
+		},
 		select: { fqdn: true }
 	});
 	if (foundApp || foundService || coolifyFqdn) return true;
diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index a75888b61..8e51d4f58 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -46,30 +46,29 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 				}
 			}
 		}
-		if (!dev) {
-			if (dualCerts) {
-				await asyncExecShell(
-					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
-				);
-				await asyncExecShell(
-					`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
-				);
-			} else {
-				await asyncExecShell(
-					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${domain}  --expand --agree-tos --non-interactive --register-unsafely-without-email`
-				);
-				await asyncExecShell(
-					`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > /app/ssl/${domain}.pem"`
-				);
-			}
+		if (dualCerts) {
+			await asyncExecShell(
+				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
+					dev && '--test-cert'
+				}`
+			);
+			await asyncExecShell(
+				`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
+			);
 		} else {
-			console.log({ dualCerts, host, wwwDomain, nakedDomain, domain });
+			await asyncExecShell(
+				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${domain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
+					dev && '--test-cert'
+				}`
+			);
+			await asyncExecShell(
+				`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > /app/ssl/${domain}.pem"`
+			);
 		}
 		if (!isCoolify) {
 			await forceSSLOnApplication({ domain });
 		}
 	} catch (error) {
-		console.log(error);
 		throw error;
 	}
 }
diff --git a/src/lib/queues/builder.ts b/src/lib/queues/builder.ts
index 41b11dc1e..05c9b19dd 100644
--- a/src/lib/queues/builder.ts
+++ b/src/lib/queues/builder.ts
@@ -239,6 +239,8 @@ export default async function (job) {
 			if (stderr) console.log(stderr);
 			saveBuildLog({ line: 'Deployment successful!', buildId, applicationId });
 		} catch (error) {
+			saveBuildLog({ line: error, buildId, applicationId });
+			sentry.captureException(error);
 			throw new Error(error);
 		}
 		try {
@@ -257,6 +259,7 @@ export default async function (job) {
 				});
 			}
 		} catch (error) {
+			saveBuildLog({ line: error.stdout || error, buildId, applicationId });
 			sentry.captureException(error);
 		}
 	}
diff --git a/src/routes/applications/[id]/check.json.ts b/src/routes/applications/[id]/check.json.ts
index 267f7c384..36e87b616 100644
--- a/src/routes/applications/[id]/check.json.ts
+++ b/src/routes/applications/[id]/check.json.ts
@@ -16,7 +16,7 @@ export const post: RequestHandler = async (event) => {
 		const found = await db.isDomainConfigured({ id, fqdn });
 		if (found) {
 			throw {
-				message: `Domain ${getDomain(fqdn)} is already configured.`
+				message: `Domain ${getDomain(fqdn).replace('www.', '')} is already configured.`
 			};
 		}
 		return {
diff --git a/src/routes/services/[id]/check.json.ts b/src/routes/services/[id]/check.json.ts
index 5fb1915a0..861daee84 100644
--- a/src/routes/services/[id]/check.json.ts
+++ b/src/routes/services/[id]/check.json.ts
@@ -17,7 +17,7 @@ export const post: RequestHandler = async (event) => {
 		return {
 			status: found ? 500 : 200,
 			body: {
-				error: found && `Domain ${getDomain(fqdn)} is already configured`
+				error: found && `Domain ${getDomain(fqdn).replace('www.', '')} is already configured`
 			}
 		};
 	} catch (error) {
diff --git a/src/routes/settings/check.json.ts b/src/routes/settings/check.json.ts
index 0d099abe6..15d91613f 100644
--- a/src/routes/settings/check.json.ts
+++ b/src/routes/settings/check.json.ts
@@ -16,7 +16,7 @@ export const post: RequestHandler = async (event) => {
 		return {
 			status: found ? 500 : 200,
 			body: {
-				error: found && `Domain ${fqdn} is already configured`
+				error: found && `Domain ${fqdn.replace('www.', '')} is already configured`
 			}
 		};
 	} catch (error) {

From 0ed87a5dfc9dcfd962ab080bfd1a4a98bbd0d8a4 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 17 Feb 2022 23:47:37 +0100
Subject: [PATCH 11/35] fix: SSL app off

---
 src/lib/haproxy/index.ts          | 71 +++++++++++++++----------------
 src/routes/settings/index.json.ts |  3 --
 2 files changed, 34 insertions(+), 40 deletions(-)

diff --git a/src/lib/haproxy/index.ts b/src/lib/haproxy/index.ts
index 0daf1d493..0409c15e4 100644
--- a/src/lib/haproxy/index.ts
+++ b/src/lib/haproxy/index.ts
@@ -67,42 +67,40 @@ export async function removeProxyConfiguration({ domain }) {
 	await removeWwwRedirection(domain);
 }
 export async function forceSSLOffApplication({ domain }) {
-	if (!dev) {
-		const haproxy = await haproxyInstance();
-		await checkHAProxy(haproxy);
-		let transactionId;
-		try {
-			const rules: any = await haproxy
-				.get(`v2/services/haproxy/configuration/http_request_rules`, {
-					searchParams: {
-						parent_name: 'http',
-						parent_type: 'frontend'
-					}
-				})
-				.json();
-			if (rules.data.length > 0) {
-				const rule = rules.data.find((rule) => rule.cond_test.includes(`-i ${domain}`));
-				if (rule) {
-					transactionId = await getNextTransactionId();
-
-					await haproxy
-						.delete(`v2/services/haproxy/configuration/http_request_rules/${rule.index}`, {
-							searchParams: {
-								transaction_id: transactionId,
-								parent_name: 'http',
-								parent_type: 'frontend'
-							}
-						})
-						.json();
+	const haproxy = await haproxyInstance();
+	await checkHAProxy(haproxy);
+	let transactionId;
+	try {
+		const rules: any = await haproxy
+			.get(`v2/services/haproxy/configuration/http_request_rules`, {
+				searchParams: {
+					parent_name: 'http',
+					parent_type: 'frontend'
 				}
+			})
+			.json();
+		if (rules.data.length > 0) {
+			const rule = rules.data.find((rule) =>
+				rule.cond_test.includes(`{ hdr(host) -i ${domain} } !{ ssl_fc }`)
+			);
+			if (rule) {
+				transactionId = await getNextTransactionId();
+
+				await haproxy
+					.delete(`v2/services/haproxy/configuration/http_request_rules/${rule.index}`, {
+						searchParams: {
+							transaction_id: transactionId,
+							parent_name: 'http',
+							parent_type: 'frontend'
+						}
+					})
+					.json();
 			}
-		} catch (error) {
-			console.log(error);
-		} finally {
-			if (transactionId) await completeTransaction(transactionId);
 		}
-	} else {
-		console.log(`[DEBUG] Removing ssl for ${domain}`);
+	} catch (error) {
+		console.log(error);
+	} finally {
+		if (transactionId) await completeTransaction(transactionId);
 	}
 }
 export async function forceSSLOnApplication({ domain }) {
@@ -273,6 +271,7 @@ export async function configureProxyForApplication({ domain, imageId, applicatio
 
 export async function configureCoolifyProxyOff(fqdn) {
 	const domain = getDomain(fqdn);
+	const isHttps = fqdn.startsWith('https://');
 	const haproxy = await haproxyInstance();
 	await checkHAProxy(haproxy);
 
@@ -287,10 +286,8 @@ export async function configureCoolifyProxyOff(fqdn) {
 			})
 			.json();
 		await completeTransaction(transactionId);
-		if (!dev) {
-			await forceSSLOffApplication({ domain });
-		}
-		await setWwwRedirection(fqdn);
+		if (isHttps) await forceSSLOffApplication({ domain });
+		await removeWwwRedirection(fqdn);
 	} catch (error) {
 		throw error?.response?.body || error;
 	}
diff --git a/src/routes/settings/index.json.ts b/src/routes/settings/index.json.ts
index c814deb89..41b68ef29 100644
--- a/src/routes/settings/index.json.ts
+++ b/src/routes/settings/index.json.ts
@@ -1,12 +1,9 @@
-import { dev } from '$app/env';
 import { getDomain, getUserDetails } from '$lib/common';
 import * as db from '$lib/database';
 import { listSettings, ErrorHandler } from '$lib/database';
 import {
-	checkContainer,
 	configureCoolifyProxyOff,
 	configureCoolifyProxyOn,
-	forceSSLOffApplication,
 	forceSSLOnApplication,
 	reloadHaproxy,
 	removeWwwRedirection,

From 1aff8933c9c2764f2d9b154d21469201ccf9e1bf Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 17 Feb 2022 23:49:25 +0100
Subject: [PATCH 12/35] fix: Local docker host

---
 src/lib/letsencrypt.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index 8e51d4f58..fc0c811a6 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -17,7 +17,7 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 		if (isCoolify) {
 			const data = await db.prisma.setting.findFirst();
 			dualCerts = data.dualCerts;
-			host = '/var/run/docker.sock';
+			host = 'unix:///var/run/docker.sock';
 		} else {
 			// Check Application
 			const applicationData = await db.prisma.application.findUnique({

From 6a71233eb2da85238e4668f7f41e2c2cccc03ef5 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 17 Feb 2022 23:58:21 +0100
Subject: [PATCH 13/35] fix: Typo

---
 src/lib/letsencrypt.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index fc0c811a6..cb7c5cd12 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -49,7 +49,7 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 		if (dualCerts) {
 			await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
-					dev && '--test-cert'
+					dev ? '--test-cert' : ''
 				}`
 			);
 			await asyncExecShell(
@@ -58,7 +58,7 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 		} else {
 			await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${domain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
-					dev && '--test-cert'
+					dev ? '--test-cert' : ''
 				}`
 			);
 			await asyncExecShell(

From 50cae5ac3bcdbd7b6d3180385a9ed823066ab23e Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 00:08:50 +0100
Subject: [PATCH 14/35] fix: Lets encrypt

---
 src/lib/letsencrypt.ts | 12 ++++++++----
 src/tailwind.css       |  2 +-
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index cb7c5cd12..b0c2cbbf1 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -47,23 +47,27 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			}
 		}
 		if (dualCerts) {
-			await asyncExecShell(
+			const error = await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
 					dev ? '--test-cert' : ''
 				}`
 			);
-			await asyncExecShell(
+			if (error.stderr) throw error;
+			const sslCopyError = await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
 			);
+			if (sslCopyError.stderr) throw sslCopyError;
 		} else {
-			await asyncExecShell(
+			const sslGenerateError = await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${domain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
 					dev ? '--test-cert' : ''
 				}`
 			);
-			await asyncExecShell(
+			if (sslGenerateError.stderr) throw sslGenerateError;
+			const sslCopyError = await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > /app/ssl/${domain}.pem"`
 			);
+			if (sslCopyError.stderr) throw sslCopyError;
 		}
 		if (!isCoolify) {
 			await forceSSLOnApplication({ domain });
diff --git a/src/tailwind.css b/src/tailwind.css
index 3b916fbb7..172af06ce 100644
--- a/src/tailwind.css
+++ b/src/tailwind.css
@@ -170,7 +170,7 @@ a {
 	padding: 8px;
 	color: #fff;
 	content: attr(data-tooltip);
-	@apply min-w-[100px] rounded bg-coollabs text-center font-medium;
+	@apply min-w-[100px] rounded bg-coollabs text-center font-normal;
 }
 
 /* Directions */

From 242b8fa746dbc6bdda7a28be21847939fbddb364 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 00:15:46 +0100
Subject: [PATCH 15/35] fix: Remove SSL with stop

---
 src/lib/haproxy/index.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/lib/haproxy/index.ts b/src/lib/haproxy/index.ts
index 0409c15e4..6d12b9544 100644
--- a/src/lib/haproxy/index.ts
+++ b/src/lib/haproxy/index.ts
@@ -64,6 +64,7 @@ export async function removeProxyConfiguration({ domain }) {
 			.json();
 		await completeTransaction(transactionId);
 	}
+	await forceSSLOffApplication(domain);
 	await removeWwwRedirection(domain);
 }
 export async function forceSSLOffApplication({ domain }) {

From ffb7dc4ec20aad128e5547a1e773894c3acc21c2 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 00:17:07 +0100
Subject: [PATCH 16/35] fix: SSL off for services

---
 src/lib/haproxy/index.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/lib/haproxy/index.ts b/src/lib/haproxy/index.ts
index 6d12b9544..b98c938ed 100644
--- a/src/lib/haproxy/index.ts
+++ b/src/lib/haproxy/index.ts
@@ -577,6 +577,7 @@ export async function configureSimpleServiceProxyOff({ domain }) {
 			.json();
 		await completeTransaction(transactionId);
 	} catch (error) {}
+	await forceSSLOffApplication(domain);
 	await removeWwwRedirection(domain);
 	return;
 }

From 9469f148ffffde3d9e9d1cab8067c73a345d944e Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 00:22:17 +0100
Subject: [PATCH 17/35] fix: Grr

---
 src/lib/haproxy/index.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lib/haproxy/index.ts b/src/lib/haproxy/index.ts
index b98c938ed..8781cbc0e 100644
--- a/src/lib/haproxy/index.ts
+++ b/src/lib/haproxy/index.ts
@@ -64,7 +64,7 @@ export async function removeProxyConfiguration({ domain }) {
 			.json();
 		await completeTransaction(transactionId);
 	}
-	await forceSSLOffApplication(domain);
+	await forceSSLOffApplication({ domain });
 	await removeWwwRedirection(domain);
 }
 export async function forceSSLOffApplication({ domain }) {
@@ -577,7 +577,7 @@ export async function configureSimpleServiceProxyOff({ domain }) {
 			.json();
 		await completeTransaction(transactionId);
 	} catch (error) {}
-	await forceSSLOffApplication(domain);
+	await forceSSLOffApplication({ domain });
 	await removeWwwRedirection(domain);
 	return;
 }

From 7f87c03f97f0b046d3b89c4f99f6762a016f07f0 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 00:25:15 +0100
Subject: [PATCH 18/35] fix: Running state css

---
 src/routes/applications/[id]/logs/build/index.svelte | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/routes/applications/[id]/logs/build/index.svelte b/src/routes/applications/[id]/logs/build/index.svelte
index 2c43c1c29..7f7e24e46 100644
--- a/src/routes/applications/[id]/logs/build/index.svelte
+++ b/src/routes/applications/[id]/logs/build/index.svelte
@@ -104,7 +104,7 @@
 					class:bg-coolgray-400={buildId === build.id}
 					class:border-red-500={build.status === 'failed'}
 					class:border-green-500={build.status === 'success'}
-					class:border-yellow-500={build.status === 'inprogress'}
+					class:border-yellow-500={build.status === 'running'}
 				>
 					<div class="flex-col px-2">
 						<div class="text-sm font-bold">

From c5348ce4b3aedd95b6cdb64557bcd117c1d94523 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 08:48:05 +0100
Subject: [PATCH 19/35] fix: Minor fixes

---
 src/lib/haproxy/index.ts                      | 92 +++++++++----------
 src/lib/queues/builder.ts                     |  1 +
 src/lib/queues/index.ts                       |  7 +-
 .../applications/[id]/logs/build/index.svelte |  8 +-
 src/routes/settings/index.json.ts             |  2 +-
 5 files changed, 56 insertions(+), 54 deletions(-)

diff --git a/src/lib/haproxy/index.ts b/src/lib/haproxy/index.ts
index 8781cbc0e..cda1cd1c1 100644
--- a/src/lib/haproxy/index.ts
+++ b/src/lib/haproxy/index.ts
@@ -105,55 +105,51 @@ export async function forceSSLOffApplication({ domain }) {
 	}
 }
 export async function forceSSLOnApplication({ domain }) {
-	if (!dev) {
-		const haproxy = await haproxyInstance();
-		await checkHAProxy(haproxy);
-		let transactionId;
-		try {
-			const rules: any = await haproxy
-				.get(`v2/services/haproxy/configuration/http_request_rules`, {
-					searchParams: {
-						parent_name: 'http',
-						parent_type: 'frontend'
-					}
-				})
-				.json();
-			let nextRule = 0;
-			if (rules.data.length > 0) {
-				const rule = rules.data.find((rule) =>
-					rule.cond_test.includes(`{ hdr(host) -i ${domain} } !{ ssl_fc }`)
-				);
-				if (rule) return;
-				nextRule = rules.data[rules.data.length - 1].index + 1;
-			}
-			transactionId = await getNextTransactionId();
-
-			await haproxy
-				.post(`v2/services/haproxy/configuration/http_request_rules`, {
-					searchParams: {
-						transaction_id: transactionId,
-						parent_name: 'http',
-						parent_type: 'frontend'
-					},
-					json: {
-						index: nextRule,
-						cond: 'if',
-						cond_test: `{ hdr(host) -i ${domain} } !{ ssl_fc }`,
-						type: 'redirect',
-						redir_type: 'scheme',
-						redir_value: 'https',
-						redir_code: 301
-					}
-				})
-				.json();
-		} catch (error) {
-			console.log(error);
-			throw error;
-		} finally {
-			if (transactionId) await completeTransaction(transactionId);
+	const haproxy = await haproxyInstance();
+	await checkHAProxy(haproxy);
+	let transactionId;
+	try {
+		const rules: any = await haproxy
+			.get(`v2/services/haproxy/configuration/http_request_rules`, {
+				searchParams: {
+					parent_name: 'http',
+					parent_type: 'frontend'
+				}
+			})
+			.json();
+		let nextRule = 0;
+		if (rules.data.length > 0) {
+			const rule = rules.data.find((rule) =>
+				rule.cond_test.includes(`{ hdr(host) -i ${domain} } !{ ssl_fc }`)
+			);
+			if (rule) return;
+			nextRule = rules.data[rules.data.length - 1].index + 1;
 		}
-	} else {
-		console.log(`[DEBUG] Adding ssl for ${domain}`);
+		transactionId = await getNextTransactionId();
+
+		await haproxy
+			.post(`v2/services/haproxy/configuration/http_request_rules`, {
+				searchParams: {
+					transaction_id: transactionId,
+					parent_name: 'http',
+					parent_type: 'frontend'
+				},
+				json: {
+					index: nextRule,
+					cond: 'if',
+					cond_test: `{ hdr(host) -i ${domain} } !{ ssl_fc }`,
+					type: 'redirect',
+					redir_type: 'scheme',
+					redir_value: 'https',
+					redir_code: dev ? 302 : 301
+				}
+			})
+			.json();
+	} catch (error) {
+		console.log(error);
+		throw error;
+	} finally {
+		if (transactionId) await completeTransaction(transactionId);
 	}
 }
 
diff --git a/src/lib/queues/builder.ts b/src/lib/queues/builder.ts
index 05c9b19dd..2e7fe2475 100644
--- a/src/lib/queues/builder.ts
+++ b/src/lib/queues/builder.ts
@@ -261,6 +261,7 @@ export default async function (job) {
 		} catch (error) {
 			saveBuildLog({ line: error.stdout || error, buildId, applicationId });
 			sentry.captureException(error);
+			throw new Error(error);
 		}
 	}
 }
diff --git a/src/lib/queues/index.ts b/src/lib/queues/index.ts
index f8525c4e0..3d0dda4f1 100644
--- a/src/lib/queues/index.ts
+++ b/src/lib/queues/index.ts
@@ -127,7 +127,6 @@ buildWorker.on('completed', async (job: Bullmq.Job) => {
 });
 
 buildWorker.on('failed', async (job: Bullmq.Job, failedReason) => {
-	console.log(failedReason);
 	try {
 		await prisma.build.update({ where: { id: job.data.build_id }, data: { status: 'failed' } });
 	} catch (error) {
@@ -136,7 +135,11 @@ buildWorker.on('failed', async (job: Bullmq.Job, failedReason) => {
 		const workdir = `/tmp/build-sources/${job.data.repository}`;
 		await asyncExecShell(`rm -fr ${workdir}`);
 	}
-	saveBuildLog({ line: 'Failed build!', buildId: job.data.build_id, applicationId: job.data.id });
+	saveBuildLog({
+		line: 'Failed to deploy!',
+		buildId: job.data.build_id,
+		applicationId: job.data.id
+	});
 	saveBuildLog({
 		line: `Reason: ${failedReason.toString()}`,
 		buildId: job.data.build_id,
diff --git a/src/routes/applications/[id]/logs/build/index.svelte b/src/routes/applications/[id]/logs/build/index.svelte
index 7f7e24e46..6ce49f78a 100644
--- a/src/routes/applications/[id]/logs/build/index.svelte
+++ b/src/routes/applications/[id]/logs/build/index.svelte
@@ -82,7 +82,7 @@
 	}
 	async function loadBuild(build) {
 		buildId = build;
-		goto(`/applications/${id}/logs/build?buildId=${buildId}`);
+		await goto(`/applications/${id}/logs/build?buildId=${buildId}`);
 	}
 </script>
 
@@ -94,13 +94,15 @@
 <div class="block flex-row justify-start space-x-2 px-5 pt-6 sm:px-10 md:flex">
 	<div class="mb-4 min-w-[16rem] space-y-2 md:mb-0 ">
 		<div class="top-4 md:sticky">
-			{#each builds as build (build.id)}
+			{#each builds as build, index (build.id)}
 				<div
 					data-tooltip={new Intl.DateTimeFormat('default', dateOptions).format(
 						new Date(build.createdAt)
 					) + `\n${build.status}`}
 					on:click={() => loadBuild(build.id)}
-					class="tooltip-top flex cursor-pointer items-center justify-center rounded-r border-l-2 border-transparent py-4 no-underline transition-all duration-100 hover:bg-coolgray-400 hover:shadow-xl "
+					class:rounded-tr={index === 0}
+					class:rounded-br={index === builds.length - 1}
+					class="tooltip-top flex cursor-pointer items-center justify-center border-l-2 border-transparent py-4 no-underline transition-all duration-100 hover:bg-coolgray-400 hover:shadow-xl "
 					class:bg-coolgray-400={buildId === build.id}
 					class:border-red-500={build.status === 'failed'}
 					class:border-green-500={build.status === 'success'}
diff --git a/src/routes/settings/index.json.ts b/src/routes/settings/index.json.ts
index 41b68ef29..f12aa1f3b 100644
--- a/src/routes/settings/index.json.ts
+++ b/src/routes/settings/index.json.ts
@@ -12,7 +12,7 @@ import {
 } from '$lib/haproxy';
 import { letsEncrypt } from '$lib/letsencrypt';
 import type { RequestHandler } from '@sveltejs/kit';
-import dns from 'dns/promises';
+import { promises as dns } from 'dns';
 
 export const get: RequestHandler = async (event) => {
 	const { status, body } = await getUserDetails(event);

From 4d8bf57135486ffffb8ff919769ef85ff22ee31b Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 09:00:23 +0100
Subject: [PATCH 20/35] fix: Remove force SSL when doing let's encrypt request

---
 src/lib/letsencrypt.ts | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index b0c2cbbf1..751b61c3e 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -1,5 +1,5 @@
 import { dev } from '$app/env';
-import { forceSSLOnApplication } from '$lib/haproxy';
+import { forceSSLOffApplication, forceSSLOnApplication } from '$lib/haproxy';
 import { asyncExecShell, getEngine } from './common';
 import * as db from '$lib/database';
 import cuid from 'cuid';
@@ -10,7 +10,7 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 		const nakedDomain = domain.replace('www.', '');
 		const wwwDomain = `www.${nakedDomain}`;
 		const randomCuid = cuid();
-		const randomPort = await getPort();
+		const randomPort = 9080;
 
 		let host;
 		let dualCerts = false;
@@ -46,6 +46,7 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 				}
 			}
 		}
+		await forceSSLOffApplication({ domain });
 		if (dualCerts) {
 			const error = await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
@@ -69,10 +70,11 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			);
 			if (sslCopyError.stderr) throw sslCopyError;
 		}
+	} catch (error) {
+		throw error;
+	} finally {
 		if (!isCoolify) {
 			await forceSSLOnApplication({ domain });
 		}
-	} catch (error) {
-		throw error;
 	}
 }

From 2ce64ac21369bfec7d865da1dd9a8fb743b518c5 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 13:59:23 +0100
Subject: [PATCH 21/35] fix: hook.ts - relogin needed updated packages fix:
 Lots of typescript thingy fix: ssl request flow fix: proxy cleanup flow

---
 package.json                                  |  18 +--
 pnpm-lock.yaml                                | 138 +++++++++---------
 src/{global.d.ts => app.d.ts}                 | 104 +++++--------
 src/hooks.ts                                  |  35 +++--
 src/lib/common.ts                             |   4 +-
 src/lib/components/Setting.svelte             |   3 +-
 src/lib/database/applications.ts              |   2 +-
 src/lib/database/common.ts                    |  23 +--
 src/lib/database/users.ts                     |  15 +-
 src/lib/haproxy/index.ts                      |  37 ++---
 src/lib/letsencrypt.ts                        |  20 ++-
 src/lib/queues/proxy.ts                       |   4 +-
 src/routes/__layout.svelte                    |  10 +-
 .../configuration/_GitlabRepositories.svelte  |   1 -
 src/routes/applications/[id]/index.svelte     |   6 +-
 src/routes/applications/[id]/stop.json.ts     |   3 +-
 src/routes/applications/index.svelte          |   2 +-
 .../{index.json.ts => dashboard.json.ts}      |   0
 src/routes/destinations/[id]/restart.json.ts  |   2 +-
 src/routes/index.svelte                       |   2 +-
 src/routes/login/index.svelte                 |   4 +-
 .../services/[id]/_Services/_Services.svelte  |   4 +-
 src/routes/services/[id]/minio/stop.json.ts   |   2 +-
 src/routes/services/[id]/nocodb/stop.json.ts  |   2 +-
 .../[id]/plausibleanalytics/stop.json.ts      |   2 +-
 .../services/[id]/vaultwarden/stop.json.ts    |   2 +-
 .../services/[id]/vscodeserver/stop.json.ts   |   2 +-
 .../services/[id]/wordpress/stop.json.ts      |   2 +-
 src/routes/settings/index.json.ts             |   2 +-
 src/routes/settings/index.svelte              |   1 +
 src/routes/teams/[id]/index.svelte            |  20 +--
 src/routes/webhooks/github/events.ts          |   9 +-
 src/routes/webhooks/gitlab/events.ts          |   9 +-
 33 files changed, 243 insertions(+), 247 deletions(-)
 rename src/{global.d.ts => app.d.ts} (50%)
 rename src/routes/{index.json.ts => dashboard.json.ts} (100%)

diff --git a/package.json b/package.json
index 50dba74e9..f0a7b34a7 100644
--- a/package.json
+++ b/package.json
@@ -25,9 +25,9 @@
 		"prepare": "husky install"
 	},
 	"devDependencies": {
-		"@sveltejs/adapter-node": "1.0.0-next.67",
-		"@sveltejs/adapter-static": "1.0.0-next.27",
-		"@sveltejs/kit": "1.0.0-next.259",
+		"@sveltejs/adapter-node": "1.0.0-next.68",
+		"@sveltejs/adapter-static": "1.0.0-next.28",
+		"@sveltejs/kit": "1.0.0-next.278",
 		"@types/bcrypt": "5.0.0",
 		"@types/js-cookie": "3.0.1",
 		"@types/node": "17.0.18",
@@ -50,7 +50,7 @@
 		"svelte": "3.46.4",
 		"svelte-check": "2.4.3",
 		"svelte-preprocess": "4.10.3",
-		"tailwindcss": "3.0.22",
+		"tailwindcss": "3.0.23",
 		"ts-node": "10.5.0",
 		"tslib": "2.3.1",
 		"typescript": "4.5.5"
@@ -59,9 +59,9 @@
 	"dependencies": {
 		"@iarna/toml": "2.2.5",
 		"@prisma/client": "3.9.2",
-		"@sentry/node": "6.17.8",
+		"@sentry/node": "6.17.9",
 		"bcrypt": "5.0.1",
-		"bullmq": "1.72.0",
+		"bullmq": "1.73.0",
 		"compare-versions": "4.1.3",
 		"cookie": "0.4.2",
 		"cuid": "2.1.8",
@@ -69,15 +69,15 @@
 		"dockerode": "3.3.1",
 		"dotenv-extended": "2.9.0",
 		"generate-password": "1.7.0",
-		"get-port": "6.0.0",
+		"get-port": "6.1.0",
 		"got": "12.0.1",
 		"js-cookie": "3.0.1",
 		"js-yaml": "4.1.0",
 		"jsonwebtoken": "8.5.1",
 		"node-forge": "1.2.1",
-		"svelte-kit-cookie-session": "2.0.2",
+		"svelte-kit-cookie-session": "2.1.2",
 		"tailwindcss-scrollbar": "^0.1.0",
-		"unique-names-generator": "4.6.0"
+		"unique-names-generator": "4.7.1"
 	},
 	"prisma": {
 		"seed": "node prisma/seed.cjs"
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index b6e75d0bc..4b0d07310 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -3,10 +3,10 @@ lockfileVersion: 5.3
 specifiers:
   '@iarna/toml': 2.2.5
   '@prisma/client': 3.9.2
-  '@sentry/node': 6.17.8
-  '@sveltejs/adapter-node': 1.0.0-next.67
-  '@sveltejs/adapter-static': 1.0.0-next.27
-  '@sveltejs/kit': 1.0.0-next.259
+  '@sentry/node': 6.17.9
+  '@sveltejs/adapter-node': 1.0.0-next.68
+  '@sveltejs/adapter-static': 1.0.0-next.28
+  '@sveltejs/kit': 1.0.0-next.278
   '@types/bcrypt': 5.0.0
   '@types/js-cookie': 3.0.1
   '@types/node': 17.0.18
@@ -16,7 +16,7 @@ specifiers:
   '@zerodevx/svelte-toast': 0.6.3
   autoprefixer: 10.4.2
   bcrypt: 5.0.1
-  bullmq: 1.72.0
+  bullmq: 1.73.0
   compare-versions: 4.1.3
   cookie: 0.4.2
   cross-var: 1.1.0
@@ -28,7 +28,7 @@ specifiers:
   eslint-config-prettier: 8.3.0
   eslint-plugin-svelte3: 3.2.1
   generate-password: 1.7.0
-  get-port: 6.0.0
+  get-port: 6.1.0
   got: 12.0.1
   husky: 7.0.4
   js-cookie: 3.0.1
@@ -43,21 +43,21 @@ specifiers:
   prisma: 3.9.2
   svelte: 3.46.4
   svelte-check: 2.4.3
-  svelte-kit-cookie-session: 2.0.2
+  svelte-kit-cookie-session: 2.1.2
   svelte-preprocess: 4.10.3
-  tailwindcss: 3.0.22
+  tailwindcss: 3.0.23
   tailwindcss-scrollbar: ^0.1.0
   ts-node: 10.5.0
   tslib: 2.3.1
   typescript: 4.5.5
-  unique-names-generator: 4.6.0
+  unique-names-generator: 4.7.1
 
 dependencies:
   '@iarna/toml': 2.2.5
   '@prisma/client': 3.9.2_prisma@3.9.2
-  '@sentry/node': 6.17.8
+  '@sentry/node': 6.17.9
   bcrypt: 5.0.1
-  bullmq: 1.72.0
+  bullmq: 1.73.0
   compare-versions: 4.1.3
   cookie: 0.4.2
   cuid: 2.1.8
@@ -65,20 +65,20 @@ dependencies:
   dockerode: 3.3.1
   dotenv-extended: 2.9.0
   generate-password: 1.7.0
-  get-port: 6.0.0
+  get-port: 6.1.0
   got: 12.0.1
   js-cookie: 3.0.1
   js-yaml: 4.1.0
   jsonwebtoken: 8.5.1
   node-forge: 1.2.1
-  svelte-kit-cookie-session: 2.0.2
-  tailwindcss-scrollbar: 0.1.0_tailwindcss@3.0.22
-  unique-names-generator: 4.6.0
+  svelte-kit-cookie-session: 2.1.2
+  tailwindcss-scrollbar: 0.1.0_tailwindcss@3.0.23
+  unique-names-generator: 4.7.1
 
 devDependencies:
-  '@sveltejs/adapter-node': 1.0.0-next.67
-  '@sveltejs/adapter-static': 1.0.0-next.27
-  '@sveltejs/kit': 1.0.0-next.259_svelte@3.46.4
+  '@sveltejs/adapter-node': 1.0.0-next.68
+  '@sveltejs/adapter-static': 1.0.0-next.28
+  '@sveltejs/kit': 1.0.0-next.278_svelte@3.46.4
   '@types/bcrypt': 5.0.0
   '@types/js-cookie': 3.0.1
   '@types/node': 17.0.18
@@ -101,7 +101,7 @@ devDependencies:
   svelte: 3.46.4
   svelte-check: 2.4.3_postcss@8.4.6+svelte@3.46.4
   svelte-preprocess: 4.10.3_88b359da5cac6d8f6ee1bbb7080a3fa9
-  tailwindcss: 3.0.22_c940fbabf228b85b1c73d314b43e31f1
+  tailwindcss: 3.0.23_c940fbabf228b85b1c73d314b43e31f1
   ts-node: 10.5.0_f3bd4037939c2ed2942ba074291f8ef2
   tslib: 2.3.1
   typescript: 4.5.5
@@ -295,56 +295,56 @@ packages:
       picomatch: 2.3.0
     dev: true
 
-  /@sentry/core/6.17.8:
+  /@sentry/core/6.17.9:
     resolution:
       {
-        integrity: sha512-4WTjgQom75Rvgn6XYy6e7vMIbWlj8utau1wWvr7kjqFKuuuuycRvPgVzAdVr4B3WDHHCInAZpUchsOLs2qwIEA==
+        integrity: sha512-14KalmTholGUtgdh9TklO+jUpyQ/D3OGkhlH1rnGQGoJgFy2eYm+s+MnUEMxFdGIUCz5kOteuNqYZxaDmFagpQ==
       }
     engines: { node: '>=6' }
     dependencies:
-      '@sentry/hub': 6.17.8
-      '@sentry/minimal': 6.17.8
-      '@sentry/types': 6.17.8
-      '@sentry/utils': 6.17.8
+      '@sentry/hub': 6.17.9
+      '@sentry/minimal': 6.17.9
+      '@sentry/types': 6.17.9
+      '@sentry/utils': 6.17.9
       tslib: 1.14.1
     dev: false
 
-  /@sentry/hub/6.17.8:
+  /@sentry/hub/6.17.9:
     resolution:
       {
-        integrity: sha512-GW0XYpkoQu/kSJaTLfsF4extHDOBPNRnT0qKr/YO20Z5wGxYp8LsdnAuU3njcFHcAV2F/QDTj2BPq1U385/4+A==
+        integrity: sha512-34EdrweWDbBV9EzEFIXcO+JeoyQmKzQVJxpTKZoJA6PUwf2NrndaUdjlkDEtBEzjuLUTxhLxtOzEsYs1O6RVcg==
       }
     engines: { node: '>=6' }
     dependencies:
-      '@sentry/types': 6.17.8
-      '@sentry/utils': 6.17.8
+      '@sentry/types': 6.17.9
+      '@sentry/utils': 6.17.9
       tslib: 1.14.1
     dev: false
 
-  /@sentry/minimal/6.17.8:
+  /@sentry/minimal/6.17.9:
     resolution:
       {
-        integrity: sha512-VJXFZBO/O8SViK0fdzodxpNr+pbpgczNgLpz/MNuSooV6EBesgCMVjXtxDUp1Ie1odc0GUprN/ZMLYBmYdIrKQ==
+        integrity: sha512-T3PMCHcKk6lkZq6zKgANrYJJxXBXKOe+ousV1Fas1rVBMv7dtKfsa4itqQHszcW9shusPDiaQKIJ4zRLE5LKmg==
       }
     engines: { node: '>=6' }
     dependencies:
-      '@sentry/hub': 6.17.8
-      '@sentry/types': 6.17.8
+      '@sentry/hub': 6.17.9
+      '@sentry/types': 6.17.9
       tslib: 1.14.1
     dev: false
 
-  /@sentry/node/6.17.8:
+  /@sentry/node/6.17.9:
     resolution:
       {
-        integrity: sha512-b3zg1XjKtxp7o821ENORO1CCzMM4QzKP01rzztMwyMcj28dmUq36QXoQAnwdKn7jEYkJdLnMeniIBR6U6NUJrQ==
+        integrity: sha512-jbn+q7qPGOh6D7nYoYGaAlmuvMDpQmyMwBtUVYybuZp2AALe43O3Z4LtoJ+1+F31XowpsIPZx1mwNs4ZrILskA==
       }
     engines: { node: '>=6' }
     dependencies:
-      '@sentry/core': 6.17.8
-      '@sentry/hub': 6.17.8
-      '@sentry/tracing': 6.17.8
-      '@sentry/types': 6.17.8
-      '@sentry/utils': 6.17.8
+      '@sentry/core': 6.17.9
+      '@sentry/hub': 6.17.9
+      '@sentry/tracing': 6.17.9
+      '@sentry/types': 6.17.9
+      '@sentry/utils': 6.17.9
       cookie: 0.4.2
       https-proxy-agent: 5.0.0
       lru_map: 0.3.3
@@ -353,36 +353,36 @@ packages:
       - supports-color
     dev: false
 
-  /@sentry/tracing/6.17.8:
+  /@sentry/tracing/6.17.9:
     resolution:
       {
-        integrity: sha512-WJ3W8O6iPI3w7MrzTnYcw3s5PGBNFqT4b9oBCl5Ndjexs8DsGlQOxjrsipo36z6TpnRHpAE4FEbOETb2R8JRJQ==
+        integrity: sha512-5Rb/OS4ryNJLvz2nv6wyjwhifjy6veqaF9ffLrwFYij/WDy7m62ASBblxgeiI3fbPLX0aBRFWIJAq1vko26+AQ==
       }
     engines: { node: '>=6' }
     dependencies:
-      '@sentry/hub': 6.17.8
-      '@sentry/minimal': 6.17.8
-      '@sentry/types': 6.17.8
-      '@sentry/utils': 6.17.8
+      '@sentry/hub': 6.17.9
+      '@sentry/minimal': 6.17.9
+      '@sentry/types': 6.17.9
+      '@sentry/utils': 6.17.9
       tslib: 1.14.1
     dev: false
 
-  /@sentry/types/6.17.8:
+  /@sentry/types/6.17.9:
     resolution:
       {
-        integrity: sha512-0i0f+dpvV62Pm5QMVBHNfEsTGIXoXRGQbeN2LGL4XbhzrzUmIrBPzrnZHv9c/JYtSJnI6A0B9OG7Bdlh3aku+Q==
+        integrity: sha512-xuulX6qUCL14ayEOh/h6FUIvZtsi1Bx34dSOaWDrjXUOJHJAM7214uiqW1GZxPJ13YuaUIubjTSfDmSQ9CBzTw==
       }
     engines: { node: '>=6' }
     dev: false
 
-  /@sentry/utils/6.17.8:
+  /@sentry/utils/6.17.9:
     resolution:
       {
-        integrity: sha512-cAOM53A5FHv95hpDuXKJU8rI4B1XdZ6qe3Yo+/nDS9QDpOgzvyjcItgXPvKW1wUjdHCcnwu7VBfBxB7teYOW9g==
+        integrity: sha512-4eo9Z3JlJCGlGrQRbtZWL+L9NnlUXgTbfK3Lk7oO8D1ev8R5b5+iE6tZHTvU5rQRcq6zu+POT+tK5u9oxc/rnQ==
       }
     engines: { node: '>=6' }
     dependencies:
-      '@sentry/types': 6.17.8
+      '@sentry/types': 6.17.9
       tslib: 1.14.1
     dev: false
 
@@ -394,28 +394,28 @@ packages:
     engines: { node: '>=10' }
     dev: false
 
-  /@sveltejs/adapter-node/1.0.0-next.67:
+  /@sveltejs/adapter-node/1.0.0-next.68:
     resolution:
       {
-        integrity: sha512-+LuLn91xARZsRANiQNIIDpMMncUTnP2pJc8tyL+FdpVvs5UtlvkYJpeCBPFqjjseRpIIbi8Slu89GCdrRXBDUg==
+        integrity: sha512-MiEjtl15Aupm6bjirVlq0kkc9AL8qDXz/blsh4jYMsaiidmcEHeDgfZQFM5YiXy95DbxV30MAkhwCQiYK/J8Kw==
       }
     dependencies:
       tiny-glob: 0.2.9
     dev: true
 
-  /@sveltejs/adapter-static/1.0.0-next.27:
+  /@sveltejs/adapter-static/1.0.0-next.28:
     resolution:
       {
-        integrity: sha512-dcN1p1D7ZY/a9SClfN14mgm9pyWbLxdwM9gzPMZG6xXOoqMtwI03aZOFgGGumHPdv+XcGRZM96vUSRoDm6vBJQ==
+        integrity: sha512-c4xLyeSwnbGQxe4f1SLpHTbxZDm3TEr43scR3tOlVgQN+mnAL9aDdl3nTtdzWmrUDmDEmY4GriAwLyFLZuINLw==
       }
     dependencies:
       tiny-glob: 0.2.9
     dev: true
 
-  /@sveltejs/kit/1.0.0-next.259_svelte@3.46.4:
+  /@sveltejs/kit/1.0.0-next.278_svelte@3.46.4:
     resolution:
       {
-        integrity: sha512-+Tss6cQXmpi4Jno/ZP0zJ3INBLMED+WeW4UI81tmexheC76Y2p+cbInneKO/REx/8QFo1iroYrWAUkZPsOg8Ew==
+        integrity: sha512-WT93Wnu05X9WG9BMMk/dj0gy6R7iXm9aXRDVgmIl9z8jT2ukejgmkhi5IwBYrK0OMIUALRVfukn+iy+srPc91Q==
       }
     engines: { node: '>=14.13' }
     hasBin: true
@@ -1748,10 +1748,10 @@ packages:
       ieee754: 1.2.1
     dev: false
 
-  /bullmq/1.72.0:
+  /bullmq/1.73.0:
     resolution:
       {
-        integrity: sha512-Q0pk6GphHyYsacpjZZFhjp/+TY+2g2FDsJS3qwIyskQL4j7vZaa1iYX3gKDEBn4C5eZMP1EOl9GWkm2bhdB0Wg==
+        integrity: sha512-+BF7yeGagYD/iMkM3FA8Wvb3j3MyKE/OdXv404+nQjUsKXfL7PbqX5NSA9lBtFzOdyFx9ZWyKRnBwuGQsLfM0w==
       }
     dependencies:
       cron-parser: 2.18.0
@@ -3116,10 +3116,10 @@ packages:
     engines: { node: '>=8' }
     dev: false
 
-  /get-port/6.0.0:
+  /get-port/6.1.0:
     resolution:
       {
-        integrity: sha512-qSVkVF6Eq1GdL/cBNiFuP4nUHMF7OEMTqEjC6alR2N90u8BFOoO0PFhNTX2QtAUoGrz8NnrSWj85TZ8YXZ6LOA==
+        integrity: sha512-JKnPFW/G2ZRirH/25sLK1aLBQktJfQLixzMMuMBP8A2G/ivSaIwdTnlJeO7PWeyhyIGVorezNf6+CXZU9i0cIQ==
       }
     engines: { node: ^12.20.0 || ^14.13.1 || >=16.0.0 }
     dev: false
@@ -5205,10 +5205,10 @@ packages:
       svelte: 3.46.4
     dev: true
 
-  /svelte-kit-cookie-session/2.0.2:
+  /svelte-kit-cookie-session/2.1.2:
     resolution:
       {
-        integrity: sha512-+JfunYbraIOkecOJlC1iYqH9g6YOY8MXyUdE3hTZquR1JrODmOZZ+pVPmZuVIFpM5sStJf/jF1NT5306TWE9Gw==
+        integrity: sha512-PfxIWDhiyYWu7iKlL0GHpmwDrdFh+rX/WmBzOuvctF25UqngIo9MCiegWBSBLE1RBwNs5UqaIeI8+vligmY07g==
       }
     dev: false
 
@@ -5290,7 +5290,7 @@ packages:
       strip-ansi: 6.0.1
     dev: true
 
-  /tailwindcss-scrollbar/0.1.0_tailwindcss@3.0.22:
+  /tailwindcss-scrollbar/0.1.0_tailwindcss@3.0.23:
     resolution:
       {
         integrity: sha512-egipxw4ooQDh94x02XQpPck0P0sfwazwoUGfA9SedPATIuYDR+6qe8d31Gl7YsSMRiOKDkkqfI0kBvEw9lT/Hg==
@@ -5298,13 +5298,13 @@ packages:
     peerDependencies:
       tailwindcss: '>= 2.x.x'
     dependencies:
-      tailwindcss: 3.0.22_c940fbabf228b85b1c73d314b43e31f1
+      tailwindcss: 3.0.23_c940fbabf228b85b1c73d314b43e31f1
     dev: false
 
-  /tailwindcss/3.0.22_c940fbabf228b85b1c73d314b43e31f1:
+  /tailwindcss/3.0.23_c940fbabf228b85b1c73d314b43e31f1:
     resolution:
       {
-        integrity: sha512-F8lt74RlNZirnkaSk310+vGQta7c0/hgx7/bqxruM4wS9lp8oqV93lzavajC3VT0Lp4UUtUVIt8ifKcmGzkr0A==
+        integrity: sha512-+OZOV9ubyQ6oI2BXEhzw4HrqvgcARY38xv3zKcjnWtMIZstEsXdI9xftd1iB7+RbOnj2HOEzkA0OyB5BaSxPQA==
       }
     engines: { node: '>=12.13.0' }
     hasBin: true
@@ -5528,10 +5528,10 @@ packages:
       function.name: 1.0.13
     dev: false
 
-  /unique-names-generator/4.6.0:
+  /unique-names-generator/4.7.1:
     resolution:
       {
-        integrity: sha512-m0fke1emBeT96UYn2psPQYwljooDWRTKt9oUZ5vlt88ZFMBGxqwPyLHXwCfkbgdm8jzioCp7oIpo6KdM+fnUlQ==
+        integrity: sha512-lMx9dX+KRmG8sq6gulYYpKWZc9RlGsgBR6aoO8Qsm3qvkSJ+3rAymr+TnV8EDMrIrwuFJ4kruzMWM/OpYzPoow==
       }
     engines: { node: '>=8' }
     dev: false
diff --git a/src/global.d.ts b/src/app.d.ts
similarity index 50%
rename from src/global.d.ts
rename to src/app.d.ts
index 4a2702fbc..6bc235288 100644
--- a/src/global.d.ts
+++ b/src/app.d.ts
@@ -1,74 +1,25 @@
 /// <reference types="@sveltejs/kit" />
-interface Cookies {
-	teamId?: string;
-	gitlabToken?: string;
-	'kit.session'?: string;
-}
-interface Locals {
-	gitlabToken?: string;
-	user: {
-		teamId: string;
-		permission: string;
-		isAdmin: boolean;
-	};
-	session: {
-		data: {
-			uid?: string;
-			teams?: string[];
-			expires?: string;
-		};
-	};
+
+declare namespace App {
+	interface Locals {
+		session: import('svelte-kit-cookie-session').Session<SessionData>;
+		cookies: Record<string, string>;
+	}
+	interface Platform {}
+	interface Session extends SessionData {}
+	interface Stuff {}
 }
 
-type Applications = {
-	name: string;
-	domain: string;
-};
-
-interface Hash {
-	iv: string;
-	content: string;
+interface SessionData {
+	version?: string;
+	userId?: string | null;
+	teamId?: string | null;
+	permission?: string;
+	isAdmin?: boolean;
+	expires?: string | null;
+	gitlabToken?: string | null;
 }
 
-interface BuildPack {
-	name: string;
-}
-
-// TODO: Not used, not working what?!
-enum GitSource {
-	Github = 'github',
-	Gitlab = 'gitlab',
-	Bitbucket = 'bitbucket'
-}
-
-type RawHaproxyConfiguration = {
-	_version: number;
-	data: string;
-};
-
-type NewTransaction = {
-	_version: number;
-	id: string;
-	status: string;
-};
-
-type HttpRequestRuleForceSSL = {
-	return_hdrs: null;
-	cond: string;
-	cond_test: string;
-	index: number;
-	redir_code: number;
-	redir_type: string;
-	redir_value: string;
-	type: string;
-};
-
-// TODO: No any please
-type HttpRequestRule = {
-	_version: number;
-	data: Array<any>;
-};
-
 type DateTimeFormatOptions = {
 	localeMatcher?: 'lookup' | 'best fit';
 	weekday?: 'long' | 'short' | 'narrow';
@@ -84,3 +35,24 @@ type DateTimeFormatOptions = {
 	hour12?: boolean;
 	timeZone?: string;
 };
+
+interface Hash {
+	iv: string;
+	content: string;
+}
+
+type RawHaproxyConfiguration = {
+	_version: number;
+	data: string;
+};
+
+type NewTransaction = {
+	_version: number;
+	id: string;
+	status: string;
+};
+
+type Application = {
+	name: string;
+	domain: string;
+};
diff --git a/src/hooks.ts b/src/hooks.ts
index 7a9208585..5c19350e9 100644
--- a/src/hooks.ts
+++ b/src/hooks.ts
@@ -2,7 +2,7 @@ import dotEnvExtended from 'dotenv-extended';
 dotEnvExtended.load();
 import type { GetSession } from '@sveltejs/kit';
 import { handleSession } from 'svelte-kit-cookie-session';
-import { getUserDetails, isTeamIdTokenAvailable, sentry } from '$lib/common';
+import { getUserDetails, sentry } from '$lib/common';
 import { version } from '$lib/common';
 import cookie from 'cookie';
 import { dev } from '$app/env';
@@ -16,22 +16,29 @@ export const handle = handleSession(
 	async function ({ event, resolve }) {
 		let response;
 		try {
-			const cookies: Cookies = cookie.parse(event.request.headers.get('cookie') || '');
-			if (cookies['kit.session']) {
-				const { permission, teamId } = await getUserDetails(event, false);
-				event.locals.user = {
+			let gitlabToken = event.locals.cookies.gitlabToken;
+
+			if (event.locals.cookies['kit.session']) {
+				const { permission, teamId, userId } = await getUserDetails(event, false);
+				const newSession = {
+					userId,
 					teamId,
 					permission,
-					isAdmin: permission === 'admin' || permission === 'owner'
+					isAdmin: permission === 'admin' || permission === 'owner',
+					expires: event.locals.session.data.expires,
+					gitlabToken: gitlabToken
 				};
+
+				if (JSON.stringify(event.locals.session.data) !== JSON.stringify(newSession)) {
+					event.locals.session.data = { ...newSession };
+				}
 			}
-			if (cookies.gitlabToken) {
-				event.locals.gitlabToken = cookies.gitlabToken;
-			}
+
 			response = await resolve(event, {
 				ssr: !event.url.pathname.startsWith('/webhooks/success')
 			});
 		} catch (error) {
+			console.log(error);
 			response = await resolve(event, {
 				ssr: !event.url.pathname.startsWith('/webhooks/success')
 			});
@@ -62,17 +69,13 @@ export const handle = handleSession(
 	}
 );
 
-export const getSession: GetSession = function (request) {
+export const getSession: GetSession = function ({ locals }) {
 	return {
 		version,
-		gitlabToken: request.locals?.gitlabToken || null,
-		uid: request.locals.session.data?.uid || null,
-		teamId: request.locals.user?.teamId || null,
-		permission: request.locals.user?.permission,
-		isAdmin: request.locals.user?.isAdmin || false
+		...locals.session.data
 	};
 };
 
 export async function handleError({ error, event }) {
-	if (!dev) sentry.captureException(error, { event });
+	if (!dev) sentry.captureException(error, event);
 }
diff --git a/src/lib/common.ts b/src/lib/common.ts
index 3740ba231..3ec0c923c 100644
--- a/src/lib/common.ts
+++ b/src/lib/common.ts
@@ -67,7 +67,7 @@ export const isTeamIdTokenAvailable = (request) => {
 };
 
 export const getTeam = (event) => {
-	const cookies: Cookies = Cookie.parse(event.request.headers.get('cookie'));
+	const cookies = Cookie.parse(event.request.headers.get('cookie'));
 	if (cookies.teamId) {
 		return cookies.teamId;
 	} else if (event.locals.session.data.teamId) {
@@ -78,7 +78,7 @@ export const getTeam = (event) => {
 
 export const getUserDetails = async (event, isAdminRequired = true) => {
 	const teamId = getTeam(event);
-	const userId = event.locals.session.data.uid || null;
+	const userId = event.locals.session.data.userId || null;
 	const { permission = 'read' } = await db.prisma.permission.findFirst({
 		where: { teamId, userId },
 		select: { permission: true },
diff --git a/src/lib/components/Setting.svelte b/src/lib/components/Setting.svelte
index c431273e6..680203c95 100644
--- a/src/lib/components/Setting.svelte
+++ b/src/lib/components/Setting.svelte
@@ -6,6 +6,7 @@
 	export let description;
 	export let isCenter = true;
 	export let disabled = false;
+	export let dataTooltip = null;
 </script>
 
 <div class="flex items-center py-4 pr-8">
@@ -14,7 +15,7 @@
 		<Explainer text={description} />
 	</div>
 </div>
-<div class:text-center={isCenter}>
+<div class:tooltip={dataTooltip} class:text-center={isCenter} data-tooltip={dataTooltip}>
 	<div
 		type="button"
 		on:click
diff --git a/src/lib/database/applications.ts b/src/lib/database/applications.ts
index f2e779bee..ffcafbecd 100644
--- a/src/lib/database/applications.ts
+++ b/src/lib/database/applications.ts
@@ -1,5 +1,5 @@
 import { decrypt, encrypt } from '$lib/crypto';
-import { removeProxyConfiguration, removeWwwRedirection } from '$lib/haproxy';
+import { removeProxyConfiguration } from '$lib/haproxy';
 import { asyncExecShell, getEngine } from '$lib/common';
 
 import { getDomain, removeDestinationDocker } from '$lib/common';
diff --git a/src/lib/database/common.ts b/src/lib/database/common.ts
index 290ecd2b5..04bf54d6b 100644
--- a/src/lib/database/common.ts
+++ b/src/lib/database/common.ts
@@ -2,6 +2,7 @@ import { dev } from '$app/env';
 import { sentry } from '$lib/common';
 import * as Prisma from '@prisma/client';
 import { default as ProdPrisma } from '@prisma/client';
+import type { PrismaClientOptions } from '@prisma/client/runtime';
 import generator from 'generate-password';
 import forge from 'node-forge';
 
@@ -19,28 +20,20 @@ if (!dev) {
 	PrismaClient = ProdPrisma.PrismaClient;
 	P = ProdPrisma.Prisma;
 }
-let prismaOptions = {
+
+export const prisma = new PrismaClient({
+	errorFormat: 'pretty',
 	rejectOnNotFound: false
-};
-if (dev) {
-	prismaOptions = {
-		errorFormat: 'pretty',
-		rejectOnNotFound: false,
-		log: [
-			{
-				emit: 'event',
-				level: 'query'
-			}
-		]
-	};
-}
-export const prisma = new PrismaClient(prismaOptions);
+});
 
 export function ErrorHandler(e) {
 	if (e! instanceof Error) {
 		e = new Error(e.toString());
 	}
 	let truncatedError = e;
+	if (e.stdout) {
+		truncatedError = e.stdout;
+	}
 	if (e.message?.includes('docker run')) {
 		let truncatedArray = [];
 		truncatedArray = truncatedError.message.split('-').filter((line) => {
diff --git a/src/lib/database/users.ts b/src/lib/database/users.ts
index 5c99143a9..e8d3f8ba6 100644
--- a/src/lib/database/users.ts
+++ b/src/lib/database/users.ts
@@ -12,13 +12,16 @@ export async function login({ email, password }) {
 	const users = await prisma.user.count();
 	const userFound = await prisma.user.findUnique({
 		where: { email },
-		include: { teams: true },
+		include: { teams: true, permission: true },
 		rejectOnNotFound: false
 	});
+	console.log(userFound);
 	// Registration disabled if database is not seeded properly
 	const { isRegistrationEnabled, id } = await db.listSettings();
 
 	let uid = cuid();
+	let permission = 'read';
+	let isAdmin = false;
 	// Disable registration if we are registering the first user.
 	if (users === 0) {
 		await prisma.setting.update({ where: { id }, data: { isRegistrationEnabled: false } });
@@ -50,6 +53,8 @@ export async function login({ email, password }) {
 				};
 			}
 			uid = userFound.id;
+			// permission = userFound.permission;
+			isAdmin = true;
 		}
 	} else {
 		// If registration disabled, return 403
@@ -61,6 +66,8 @@ export async function login({ email, password }) {
 
 		const hashedPassword = await bcrypt.hash(password, saltRounds);
 		if (users === 0) {
+			permission = 'owner';
+			isAdmin = true;
 			await prisma.user.create({
 				data: {
 					id: uid,
@@ -103,8 +110,10 @@ export async function login({ email, password }) {
 			'Set-Cookie': `teamId=${uid}; HttpOnly; Path=/; Max-Age=15778800;`
 		},
 		body: {
-			uid,
-			teamId: uid
+			userId: uid,
+			teamId: uid,
+			permission,
+			isAdmin
 		}
 	};
 }
diff --git a/src/lib/haproxy/index.ts b/src/lib/haproxy/index.ts
index cda1cd1c1..4e14be487 100644
--- a/src/lib/haproxy/index.ts
+++ b/src/lib/haproxy/index.ts
@@ -48,7 +48,8 @@ export async function completeTransaction(transactionId) {
 	return await haproxy.put(`v2/services/haproxy/transactions/${transactionId}`);
 }
 
-export async function removeProxyConfiguration({ domain }) {
+export async function removeProxyConfiguration(fqdn) {
+	const domain = getDomain(fqdn);
 	const haproxy = await haproxyInstance();
 	const backendFound = await haproxy
 		.get(`v2/services/haproxy/configuration/backends/${domain}`)
@@ -64,10 +65,10 @@ export async function removeProxyConfiguration({ domain }) {
 			.json();
 		await completeTransaction(transactionId);
 	}
-	await forceSSLOffApplication({ domain });
-	await removeWwwRedirection(domain);
+	await forceSSLOffApplication(domain);
+	await removeWwwRedirection(fqdn);
 }
-export async function forceSSLOffApplication({ domain }) {
+export async function forceSSLOffApplication(domain) {
 	const haproxy = await haproxyInstance();
 	await checkHAProxy(haproxy);
 	let transactionId;
@@ -104,7 +105,7 @@ export async function forceSSLOffApplication({ domain }) {
 		if (transactionId) await completeTransaction(transactionId);
 	}
 }
-export async function forceSSLOnApplication({ domain }) {
+export async function forceSSLOnApplication(domain) {
 	const haproxy = await haproxyInstance();
 	await checkHAProxy(haproxy);
 	let transactionId;
@@ -283,7 +284,7 @@ export async function configureCoolifyProxyOff(fqdn) {
 			})
 			.json();
 		await completeTransaction(transactionId);
-		if (isHttps) await forceSSLOffApplication({ domain });
+		if (isHttps) await forceSSLOffApplication(domain);
 		await removeWwwRedirection(fqdn);
 	} catch (error) {
 		throw error?.response?.body || error;
@@ -558,7 +559,8 @@ export async function configureSimpleServiceProxyOn({ id, domain, port }) {
 	await completeTransaction(transactionId);
 }
 
-export async function configureSimpleServiceProxyOff({ domain }) {
+export async function configureSimpleServiceProxyOff(fqdn) {
+	const domain = getDomain(fqdn);
 	const haproxy = await haproxyInstance();
 	await checkHAProxy(haproxy);
 	try {
@@ -573,12 +575,16 @@ export async function configureSimpleServiceProxyOff({ domain }) {
 			.json();
 		await completeTransaction(transactionId);
 	} catch (error) {}
-	await forceSSLOffApplication({ domain });
-	await removeWwwRedirection(domain);
+	await forceSSLOffApplication(domain);
+	await removeWwwRedirection(fqdn);
 	return;
 }
 
-export async function removeWwwRedirection(domain) {
+export async function removeWwwRedirection(fqdn) {
+	const domain = getDomain(fqdn);
+	const isHttps = fqdn.startsWith('https://');
+	const redirectValue = `${isHttps ? 'https://' : 'http://'}${domain}%[capture.req.uri]`;
+
 	const haproxy = await haproxyInstance();
 	await checkHAProxy();
 	const rules: any = await haproxy
@@ -590,9 +596,7 @@ export async function removeWwwRedirection(domain) {
 		})
 		.json();
 	if (rules.data.length > 0) {
-		const rule = rules.data.find((rule) =>
-			rule.redir_value.includes(`${domain}%[capture.req.uri]`)
-		);
+		const rule = rules.data.find((rule) => rule.redir_value.includes(redirectValue));
 		if (rule) {
 			const transactionId = await getNextTransactionId();
 			await haproxy
@@ -617,6 +621,7 @@ export async function setWwwRedirection(fqdn) {
 		const domain = getDomain(fqdn);
 		const isHttps = fqdn.startsWith('https://');
 		const isWWW = fqdn.includes('www.');
+		const redirectValue = `${isHttps ? 'https://' : 'http://'}${domain}%[capture.req.uri]`;
 		const contTest = `{ req.hdr(host) -i ${isWWW ? domain.replace('www.', '') : `www.${domain}`} }`;
 		const rules: any = await haproxy
 			.get(`v2/services/haproxy/configuration/http_request_rules`, {
@@ -628,13 +633,11 @@ export async function setWwwRedirection(fqdn) {
 			.json();
 		let nextRule = 0;
 		if (rules.data.length > 0) {
-			const rule = rules.data.find((rule) =>
-				rule.redir_value.includes(`${domain}%[capture.req.uri]`)
-			);
+			const rule = rules.data.find((rule) => rule.redir_value.includes(redirectValue));
 			if (rule) return;
 			nextRule = rules.data[rules.data.length - 1].index + 1;
 		}
-		const redirectValue = `${isHttps ? 'https://' : 'http://'}${domain}%[capture.req.uri]`;
+
 		transactionId = await getNextTransactionId();
 		await haproxy
 			.post(`v2/services/haproxy/configuration/http_request_rules`, {
diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index 751b61c3e..b1b2cdee0 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -46,35 +46,33 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 				}
 			}
 		}
-		await forceSSLOffApplication({ domain });
+		await forceSSLOffApplication(domain);
 		if (dualCerts) {
-			const error = await asyncExecShell(
+			await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
 					dev ? '--test-cert' : ''
 				}`
 			);
-			if (error.stderr) throw error;
-			const sslCopyError = await asyncExecShell(
+			await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
 			);
-			if (sslCopyError.stderr) throw sslCopyError;
 		} else {
-			const sslGenerateError = await asyncExecShell(
+			await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${domain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
 					dev ? '--test-cert' : ''
 				}`
 			);
-			if (sslGenerateError.stderr) throw sslGenerateError;
-			const sslCopyError = await asyncExecShell(
+			await asyncExecShell(
 				`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > /app/ssl/${domain}.pem"`
 			);
-			if (sslCopyError.stderr) throw sslCopyError;
 		}
 	} catch (error) {
-		throw error;
+		if (error.code !== 0) {
+			throw error;
+		}
 	} finally {
 		if (!isCoolify) {
-			await forceSSLOnApplication({ domain });
+			await forceSSLOnApplication(domain);
 		}
 	}
 }
diff --git a/src/lib/queues/proxy.ts b/src/lib/queues/proxy.ts
index 92d14f738..36ac37ff9 100644
--- a/src/lib/queues/proxy.ts
+++ b/src/lib/queues/proxy.ts
@@ -48,7 +48,7 @@ export default async function () {
 										port
 									});
 									const isHttps = fqdn.startsWith('https://');
-									if (isHttps) await forceSSLOnApplication({ domain });
+									if (isHttps) await forceSSLOnApplication(domain);
 									await setWwwRedirection(fqdn);
 								}
 							}
@@ -98,7 +98,7 @@ export default async function () {
 			await configureCoolifyProxyOn(fqdn);
 			await setWwwRedirection(fqdn);
 			const isHttps = fqdn.startsWith('https://');
-			if (isHttps) await forceSSLOnApplication({ domain });
+			if (isHttps) await forceSSLOnApplication(domain);
 		}
 	} catch (error) {
 		console.log(error);
diff --git a/src/routes/__layout.svelte b/src/routes/__layout.svelte
index 027a11e3d..75265e1b0 100644
--- a/src/routes/__layout.svelte
+++ b/src/routes/__layout.svelte
@@ -3,13 +3,13 @@
 	import { publicPaths } from '$lib/settings';
 
 	export const load: Load = async ({ fetch, url, params, session }) => {
-		if (!session.uid && !publicPaths.includes(url.pathname)) {
+		if (!session.userId && !publicPaths.includes(url.pathname)) {
 			return {
 				status: 302,
 				redirect: '/login'
 			};
 		}
-		if (!session.uid) {
+		if (!session.userId) {
 			return {};
 		}
 		const endpoint = `/teams.json`;
@@ -49,7 +49,7 @@
 	};
 	let latestVersion = 'latest';
 	onMount(async () => {
-		if ($session.uid) {
+		if ($session.userId) {
 			const overrideVersion = browser && window.localStorage.getItem('latestVersion');
 			try {
 				await get(`/login.json`);
@@ -84,7 +84,7 @@
 	}
 	async function switchTeam() {
 		try {
-			await post(`/index.json?from=${$page.url.pathname}`, {
+			await post(`/dashboard.json?from=${$page.url.pathname}`, {
 				cookie: 'teamId',
 				value: selectedTeamId
 			});
@@ -129,7 +129,7 @@
 	<title>Coolify</title>
 </svelte:head>
 <SvelteToast options={{ intro: { y: -64 }, duration: 3000, pausable: true }} />
-{#if $session.uid}
+{#if $session.userId}
 	<nav class="nav-main">
 		<div class="flex h-screen w-full flex-col items-center transition-all duration-100">
 			<div class="my-4 h-10 w-10"><img src="/favicon.png" alt="coolLabs logo" /></div>
diff --git a/src/routes/applications/[id]/configuration/_GitlabRepositories.svelte b/src/routes/applications/[id]/configuration/_GitlabRepositories.svelte
index 132c3b522..bae86752b 100644
--- a/src/routes/applications/[id]/configuration/_GitlabRepositories.svelte
+++ b/src/routes/applications/[id]/configuration/_GitlabRepositories.svelte
@@ -8,7 +8,6 @@
 	import cuid from 'cuid';
 	import { goto } from '$app/navigation';
 	import { del, get, post, put } from '$lib/api';
-
 	const { id } = $page.params;
 	const from = $page.url.searchParams.get('from');
 
diff --git a/src/routes/applications/[id]/index.svelte b/src/routes/applications/[id]/index.svelte
index a5d19eb6b..e831deff0 100644
--- a/src/routes/applications/[id]/index.svelte
+++ b/src/routes/applications/[id]/index.svelte
@@ -276,11 +276,13 @@
 			</div>
 			<div class="grid grid-cols-2 items-center pb-8">
 				<Setting
+					dataTooltip="Must be stopped to modify."
+					disabled={isRunning}
 					isCenter={false}
 					bind:setting={dualCerts}
 					title="Generate SSL for www and non-www?"
-					description="It will generate certificates for both www and non-www. <br>You need to have <span class='font-bold text-green-500'>both DNS entries</span> set in advance.<br><br>Useful if you expect to have visitors on both.<br>Application must be redeployed."
-					on:click={() => changeSettings('dualCerts')}
+					description="It will generate certificates for both www and non-www. <br>You need to have <span class='font-bold text-green-500'>both DNS entries</span> set in advance.<br><br>Useful if you expect to have visitors on both."
+					on:click={() => !isRunning && changeSettings('dualCerts')}
 				/>
 			</div>
 			{#if !staticDeployments.includes(application.buildPack)}
diff --git a/src/routes/applications/[id]/stop.json.ts b/src/routes/applications/[id]/stop.json.ts
index 1148e3b65..c9d5b9364 100644
--- a/src/routes/applications/[id]/stop.json.ts
+++ b/src/routes/applications/[id]/stop.json.ts
@@ -16,12 +16,11 @@ export const post: RequestHandler = async (event) => {
 			id,
 			teamId
 		});
-		const domain = getDomain(fqdn);
 		if (destinationDockerId) {
 			const docker = dockerInstance({ destinationDocker });
 			await docker.engine.getContainer(id).stop();
 		}
-		await removeProxyConfiguration({ domain });
+		await removeProxyConfiguration(fqdn);
 		return {
 			status: 200
 		};
diff --git a/src/routes/applications/index.svelte b/src/routes/applications/index.svelte
index 033fa03f9..d23626446 100644
--- a/src/routes/applications/index.svelte
+++ b/src/routes/applications/index.svelte
@@ -20,7 +20,7 @@
 </script>
 
 <script lang="ts">
-	export let applications: Array<Applications>;
+	export let applications: Array<Application>;
 	import { session } from '$app/stores';
 	import Application from './_Application.svelte';
 </script>
diff --git a/src/routes/index.json.ts b/src/routes/dashboard.json.ts
similarity index 100%
rename from src/routes/index.json.ts
rename to src/routes/dashboard.json.ts
diff --git a/src/routes/destinations/[id]/restart.json.ts b/src/routes/destinations/[id]/restart.json.ts
index b3efa60da..65a3e0cd4 100644
--- a/src/routes/destinations/[id]/restart.json.ts
+++ b/src/routes/destinations/[id]/restart.json.ts
@@ -24,7 +24,7 @@ export const post: RequestHandler = async (event) => {
 		await configureCoolifyProxyOn(fqdn);
 		await setWwwRedirection(fqdn);
 		const isHttps = fqdn.startsWith('https://');
-		if (isHttps) await forceSSLOnApplication({ domain });
+		if (isHttps) await forceSSLOnApplication(domain);
 		return {
 			status: 200
 		};
diff --git a/src/routes/index.svelte b/src/routes/index.svelte
index 8abfe0fc7..1a5f61b4b 100644
--- a/src/routes/index.svelte
+++ b/src/routes/index.svelte
@@ -1,7 +1,7 @@
 <script context="module" lang="ts">
 	import type { Load } from '@sveltejs/kit';
 	export const load: Load = async ({ fetch, session }) => {
-		const url = `/index.json`;
+		const url = `/dashboard.json`;
 		const res = await fetch(url);
 
 		if (res.ok) {
diff --git a/src/routes/login/index.svelte b/src/routes/login/index.svelte
index 25da6b274..131639d53 100644
--- a/src/routes/login/index.svelte
+++ b/src/routes/login/index.svelte
@@ -9,7 +9,7 @@
 	let emailEl;
 	let email, password;
 
-	if (browser && $session.uid) {
+	if (browser && $session.userId) {
 		goto('/');
 	}
 	onMount(() => {
@@ -34,7 +34,7 @@
 </script>
 
 <div class="flex h-screen flex-col items-center justify-center">
-	{#if $session.uid}
+	{#if $session.userId}
 		<div class="flex justify-center px-4 text-xl font-bold">Already logged in...</div>
 	{:else}
 		<div class="flex justify-center px-4">
diff --git a/src/routes/services/[id]/_Services/_Services.svelte b/src/routes/services/[id]/_Services/_Services.svelte
index 810f7fa49..056daee5f 100644
--- a/src/routes/services/[id]/_Services/_Services.svelte
+++ b/src/routes/services/[id]/_Services/_Services.svelte
@@ -129,10 +129,12 @@
 			</div>
 			<div class="grid grid-cols-2 items-center px-10">
 				<Setting
+					disabled={isRunning}
+					dataTooltip="Must be stopped to modify."
 					bind:setting={dualCerts}
 					title="Generate SSL for www and non-www?"
 					description="It will generate certificates for both www and non-www. <br>You need to have <span class='font-bold text-pink-600'>both DNS entries</span> set in advance.<br><br>Service needs to be restarted."
-					on:click={() => changeSettings('dualCerts')}
+					on:click={() => !isRunning && changeSettings('dualCerts')}
 				/>
 			</div>
 			{#if service.type === 'plausibleanalytics'}
diff --git a/src/routes/services/[id]/minio/stop.json.ts b/src/routes/services/[id]/minio/stop.json.ts
index 95f227009..aed702b1b 100644
--- a/src/routes/services/[id]/minio/stop.json.ts
+++ b/src/routes/services/[id]/minio/stop.json.ts
@@ -35,7 +35,7 @@ export const post: RequestHandler = async (event) => {
 			}
 			try {
 				await stopTcpHttpProxy(destinationDocker, publicPort);
-				await configureSimpleServiceProxyOff({ domain });
+				await configureSimpleServiceProxyOff(fqdn);
 			} catch (error) {
 				console.log(error);
 			}
diff --git a/src/routes/services/[id]/nocodb/stop.json.ts b/src/routes/services/[id]/nocodb/stop.json.ts
index ad48b5dce..f15ba1012 100644
--- a/src/routes/services/[id]/nocodb/stop.json.ts
+++ b/src/routes/services/[id]/nocodb/stop.json.ts
@@ -28,7 +28,7 @@ export const post: RequestHandler = async (event) => {
 				console.error(error);
 			}
 			try {
-				await configureSimpleServiceProxyOff({ domain });
+				await configureSimpleServiceProxyOff(fqdn);
 			} catch (error) {
 				console.log(error);
 			}
diff --git a/src/routes/services/[id]/plausibleanalytics/stop.json.ts b/src/routes/services/[id]/plausibleanalytics/stop.json.ts
index c6e59277d..d9b42d7b3 100644
--- a/src/routes/services/[id]/plausibleanalytics/stop.json.ts
+++ b/src/routes/services/[id]/plausibleanalytics/stop.json.ts
@@ -38,7 +38,7 @@ export const post: RequestHandler = async (event) => {
 			}
 
 			try {
-				await configureSimpleServiceProxyOff({ domain });
+				await configureSimpleServiceProxyOff(fqdn);
 			} catch (error) {
 				console.log(error);
 			}
diff --git a/src/routes/services/[id]/vaultwarden/stop.json.ts b/src/routes/services/[id]/vaultwarden/stop.json.ts
index ad48b5dce..f15ba1012 100644
--- a/src/routes/services/[id]/vaultwarden/stop.json.ts
+++ b/src/routes/services/[id]/vaultwarden/stop.json.ts
@@ -28,7 +28,7 @@ export const post: RequestHandler = async (event) => {
 				console.error(error);
 			}
 			try {
-				await configureSimpleServiceProxyOff({ domain });
+				await configureSimpleServiceProxyOff(fqdn);
 			} catch (error) {
 				console.log(error);
 			}
diff --git a/src/routes/services/[id]/vscodeserver/stop.json.ts b/src/routes/services/[id]/vscodeserver/stop.json.ts
index f094abc6e..cf748b709 100644
--- a/src/routes/services/[id]/vscodeserver/stop.json.ts
+++ b/src/routes/services/[id]/vscodeserver/stop.json.ts
@@ -28,7 +28,7 @@ export const post: RequestHandler = async (event) => {
 				console.error(error);
 			}
 			try {
-				await configureSimpleServiceProxyOff({ domain });
+				await configureSimpleServiceProxyOff(fqdn);
 			} catch (error) {
 				console.log(error);
 			}
diff --git a/src/routes/services/[id]/wordpress/stop.json.ts b/src/routes/services/[id]/wordpress/stop.json.ts
index 759d183b1..800a62de3 100644
--- a/src/routes/services/[id]/wordpress/stop.json.ts
+++ b/src/routes/services/[id]/wordpress/stop.json.ts
@@ -31,7 +31,7 @@ export const post: RequestHandler = async (event) => {
 				console.error(error);
 			}
 			try {
-				await configureSimpleServiceProxyOff({ domain });
+				await configureSimpleServiceProxyOff(fqdn);
 			} catch (error) {
 				console.log(error);
 			}
diff --git a/src/routes/settings/index.json.ts b/src/routes/settings/index.json.ts
index f12aa1f3b..217b314bd 100644
--- a/src/routes/settings/index.json.ts
+++ b/src/routes/settings/index.json.ts
@@ -101,7 +101,7 @@ export const post: RequestHandler = async (event) => {
 				await setWwwRedirection(fqdn);
 				if (isHttps) {
 					await letsEncrypt({ domain, isCoolify: true });
-					await forceSSLOnApplication({ domain });
+					await forceSSLOnApplication(domain);
 					await reloadHaproxy('/var/run/docker.sock');
 				}
 			}
diff --git a/src/routes/settings/index.svelte b/src/routes/settings/index.svelte
index 28a853292..3b565a3af 100644
--- a/src/routes/settings/index.svelte
+++ b/src/routes/settings/index.svelte
@@ -131,6 +131,7 @@
 				</div>
 				<div class="grid grid-cols-2 items-center">
 					<Setting
+						dataTooltip="Must remove the domain before you can change this setting."
 						disabled={isFqdnSet}
 						bind:setting={dualCerts}
 						title="Generate SSL for www and non-www?"
diff --git a/src/routes/teams/[id]/index.svelte b/src/routes/teams/[id]/index.svelte
index 6cd7e2292..487e46486 100644
--- a/src/routes/teams/[id]/index.svelte
+++ b/src/routes/teams/[id]/index.svelte
@@ -22,21 +22,20 @@
 <script lang="ts">
 	export let permissions;
 	export let team;
-	export let invitations;
+	export let invitations: any[];
 	import { page, session } from '$app/stores';
 	import Explainer from '$lib/components/Explainer.svelte';
 	import { errorNotification } from '$lib/form';
 	import { post } from '$lib/api';
 	const { id } = $page.params;
-
 	let invitation = {
 		teamName: team.name,
 		email: null,
 		permission: 'read'
 	};
-	let myPermission = permissions.find((u) => u.user.id === $session.uid).permission;
-	function isAdmin(permission = myPermission) {
-		if (myPermission === 'admin' || myPermission === 'owner') {
+	// let myPermission = permissions.find((u) => u.user.id === $session.userId).permission;
+	function isAdmin(permission: string) {
+		if (permission === 'admin' || permission === 'owner') {
 			return true;
 		}
 
@@ -56,7 +55,7 @@
 			return errorNotification(error);
 		}
 	}
-	async function revokeInvitation(id) {
+	async function revokeInvitation(id: string) {
 		try {
 			await post(`/teams/${id}/invitation/revoke.json`, { id });
 			return window.location.reload();
@@ -64,7 +63,7 @@
 			return errorNotification(error);
 		}
 	}
-	async function removeFromTeam(uid) {
+	async function removeFromTeam(uid: string) {
 		try {
 			await post(`/teams/${id}/remove/user.json`, { teamId: team.id, uid });
 			return window.location.reload();
@@ -72,7 +71,7 @@
 			return errorNotification(error);
 		}
 	}
-	async function changePermission(userId, permissionId, currentPermission) {
+	async function changePermission(userId: string, permissionId: string, currentPermission: string) {
 		let newPermission = 'read';
 		if (currentPermission === 'read') {
 			newPermission = 'admin';
@@ -136,10 +135,11 @@
 				<tr class="text-xs">
 					<td class="py-4"
 						>{permission.user.email}
-						<span class="font-bold">{permission.user.id === $session.uid ? '(You)' : ''}</span></td
+						<span class="font-bold">{permission.user.id === $session.userId ? '(You)' : ''}</span
+						></td
 					>
 					<td class="py-4">{permission.permission}</td>
-					{#if $session.isAdmin && permission.user.id !== $session.uid && permission.permission !== 'owner'}
+					{#if $session.isAdmin && permission.user.id !== $session.userId && permission.permission !== 'owner'}
 						<td class="flex flex-col items-center justify-center space-y-2 py-4 text-center">
 							<button
 								class="w-52 bg-red-600 hover:bg-red-500"
diff --git a/src/routes/webhooks/github/events.ts b/src/routes/webhooks/github/events.ts
index 77370d9e5..1be335871 100644
--- a/src/routes/webhooks/github/events.ts
+++ b/src/routes/webhooks/github/events.ts
@@ -144,10 +144,17 @@ export const post: RequestHandler = async (event) => {
 					} else if (pullmergeRequestAction === 'closed') {
 						if (applicationFound.destinationDockerId) {
 							const domain = getDomain(applicationFound.fqdn);
+							const isHttps = applicationFound.fqdn.startsWith('https://');
+							const isWWW = applicationFound.fqdn.includes('www.');
+							const fqdn = `${isHttps ? 'https://' : 'http://'}${
+								isWWW ? 'www.' : ''
+							}${pullmergeRequestId}.${domain}`;
+
 							const id = `${applicationFound.id}-${pullmergeRequestId}`;
 							const engine = applicationFound.destinationDocker.engine;
+
 							await removeDestinationDocker({ id, engine });
-							await removeProxyConfiguration({ domain: `${pullmergeRequestId}.${domain}` });
+							await removeProxyConfiguration(fqdn);
 						}
 						return {
 							status: 200,
diff --git a/src/routes/webhooks/gitlab/events.ts b/src/routes/webhooks/gitlab/events.ts
index d89507a7c..b1af61fd4 100644
--- a/src/routes/webhooks/gitlab/events.ts
+++ b/src/routes/webhooks/gitlab/events.ts
@@ -141,10 +141,17 @@ export const post: RequestHandler = async (event) => {
 					} else if (action === 'close') {
 						if (applicationFound.destinationDockerId) {
 							const domain = getDomain(applicationFound.fqdn);
+							const isHttps = applicationFound.fqdn.startsWith('https://');
+							const isWWW = applicationFound.fqdn.includes('www.');
+							const fqdn = `${isHttps ? 'https://' : 'http://'}${
+								isWWW ? 'www.' : ''
+							}${pullmergeRequestId}.${domain}`;
+
 							const id = `${applicationFound.id}-${pullmergeRequestId}`;
 							const engine = applicationFound.destinationDocker.engine;
-							await removeProxyConfiguration({ domain: `${pullmergeRequestId}.${domain}` });
+
 							await removeDestinationDocker({ id, engine });
+							await removeProxyConfiguration(fqdn);
 						}
 
 						return {

From 906a63b6b59150c6e889e43e13bbd8d648fc07e5 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 15:29:32 +0100
Subject: [PATCH 22/35] fix: ghToken in session now

---
 src/app.d.ts                                  |  1 +
 src/hooks.ts                                  |  5 +--
 src/routes/applications/[id]/__layout.svelte  |  4 +--
 .../configuration/_GithubRepositories.svelte  | 13 +++----
 .../[id]/configuration/buildpack.svelte       | 10 +++---
 .../[id]/configuration/repository.svelte      |  6 ++--
 src/routes/applications/[id]/index.json.ts    | 35 +++++++++++--------
 src/routes/applications/[id]/index.svelte     |  2 +-
 8 files changed, 37 insertions(+), 39 deletions(-)

diff --git a/src/app.d.ts b/src/app.d.ts
index 6bc235288..c3921e0f2 100644
--- a/src/app.d.ts
+++ b/src/app.d.ts
@@ -18,6 +18,7 @@ interface SessionData {
 	isAdmin?: boolean;
 	expires?: string | null;
 	gitlabToken?: string | null;
+	ghToken?: string | null;
 }
 
 type DateTimeFormatOptions = {
diff --git a/src/hooks.ts b/src/hooks.ts
index 5c19350e9..d74aa83a0 100644
--- a/src/hooks.ts
+++ b/src/hooks.ts
@@ -17,7 +17,7 @@ export const handle = handleSession(
 		let response;
 		try {
 			let gitlabToken = event.locals.cookies.gitlabToken;
-
+			let ghToken = event.locals.cookies.ghToken;
 			if (event.locals.cookies['kit.session']) {
 				const { permission, teamId, userId } = await getUserDetails(event, false);
 				const newSession = {
@@ -26,7 +26,8 @@ export const handle = handleSession(
 					permission,
 					isAdmin: permission === 'admin' || permission === 'owner',
 					expires: event.locals.session.data.expires,
-					gitlabToken: gitlabToken
+					gitlabToken,
+					ghToken
 				};
 
 				if (JSON.stringify(event.locals.session.data) !== JSON.stringify(newSession)) {
diff --git a/src/routes/applications/[id]/__layout.svelte b/src/routes/applications/[id]/__layout.svelte
index 72f99c69a..d09831948 100644
--- a/src/routes/applications/[id]/__layout.svelte
+++ b/src/routes/applications/[id]/__layout.svelte
@@ -17,7 +17,7 @@
 		const endpoint = `/applications/${params.id}.json`;
 		const res = await fetch(endpoint);
 		if (res.ok) {
-			const { application, githubToken, ghToken, isRunning, appId } = await res.json();
+			const { application, isRunning, appId } = await res.json();
 			if (!application || Object.entries(application).length === 0) {
 				return {
 					status: 302,
@@ -42,8 +42,6 @@
 				},
 				stuff: {
 					isRunning,
-					ghToken,
-					githubToken,
 					application,
 					appId
 				}
diff --git a/src/routes/applications/[id]/configuration/_GithubRepositories.svelte b/src/routes/applications/[id]/configuration/_GithubRepositories.svelte
index 43c08f9c1..dfce830a1 100644
--- a/src/routes/applications/[id]/configuration/_GithubRepositories.svelte
+++ b/src/routes/applications/[id]/configuration/_GithubRepositories.svelte
@@ -1,13 +1,11 @@
 <script lang="ts">
 	import { goto } from '$app/navigation';
 
-	export let githubToken;
 	export let application;
 
-	import { page } from '$app/stores';
+	import { page, session } from '$app/stores';
 	import { get, post } from '$lib/api';
-	import { getGithubToken } from '$lib/components/common';
-	import { enhance, errorNotification } from '$lib/form';
+	import { errorNotification } from '$lib/form';
 	import { onMount } from 'svelte';
 
 	const { id } = $page.params;
@@ -30,19 +28,16 @@
 		branch: undefined
 	};
 	let showSave = false;
-	let token = null;
-
 	async function loadRepositoriesByPage(page = 0) {
 		try {
 			return await get(`${apiUrl}/installation/repositories?per_page=100&page=${page}`, {
-				Authorization: `token ${token}`
+				Authorization: `token ${$session.ghToken}`
 			});
 		} catch ({ error }) {
 			return errorNotification(error);
 		}
 	}
 	async function loadRepositories() {
-		token = await getGithubToken({ apiUrl, githubToken, application });
 		let page = 1;
 		let reposCount = 0;
 		const loadedRepos = await loadRepositoriesByPage();
@@ -63,7 +58,7 @@
 		selected.projectId = repositories.find((repo) => repo.full_name === selected.repository).id;
 		try {
 			branches = await get(`${apiUrl}/repos/${selected.repository}/branches`, {
-				Authorization: `token ${token}`
+				Authorization: `token ${$session.ghToken}`
 			});
 			return;
 		} catch ({ error }) {
diff --git a/src/routes/applications/[id]/configuration/buildpack.svelte b/src/routes/applications/[id]/configuration/buildpack.svelte
index b517689a6..d382b24c8 100644
--- a/src/routes/applications/[id]/configuration/buildpack.svelte
+++ b/src/routes/applications/[id]/configuration/buildpack.svelte
@@ -1,7 +1,7 @@
 <script context="module" lang="ts">
 	import type { Load } from '@sveltejs/kit';
 	export const load: Load = async ({ fetch, params, url, stuff }) => {
-		const { application, ghToken } = stuff;
+		const { application } = stuff;
 		if (application?.buildPack && !url.searchParams.get('from')) {
 			return {
 				status: 302,
@@ -14,8 +14,7 @@
 			return {
 				props: {
 					...(await res.json()),
-					application,
-					ghToken
+					application
 				}
 			};
 		}
@@ -43,7 +42,6 @@
 	export let projectId;
 	export let repository;
 	export let branch;
-	export let ghToken;
 	export let type;
 	export let application;
 
@@ -96,7 +94,7 @@
 				}
 			} else if (type === 'github') {
 				const files = await get(`${apiUrl}/repos/${repository}/contents?ref=${branch}`, {
-					Authorization: `Bearer ${ghToken}`,
+					Authorization: `Bearer ${$session.ghToken || ghToken}`,
 					Accept: 'application/vnd.github.v2.json'
 				});
 				const packageJson = files.find(
@@ -113,7 +111,7 @@
 					foundConfig.buildPack = 'docker';
 				} else if (packageJson) {
 					const data = await get(`${packageJson.git_url}`, {
-						Authorization: `Bearer ${ghToken}`,
+						Authorization: `Bearer ${$session.ghToken}`,
 						Accept: 'application/vnd.github.v2.raw'
 					});
 					const json = JSON.parse(data) || {};
diff --git a/src/routes/applications/[id]/configuration/repository.svelte b/src/routes/applications/[id]/configuration/repository.svelte
index 416292e99..259c1d13a 100644
--- a/src/routes/applications/[id]/configuration/repository.svelte
+++ b/src/routes/applications/[id]/configuration/repository.svelte
@@ -1,7 +1,7 @@
 <script context="module" lang="ts">
 	import type { Load } from '@sveltejs/kit';
 	export const load: Load = async ({ params, url, stuff }) => {
-		const { application, githubToken, appId } = stuff;
+		const { application, appId } = stuff;
 		if (application?.branch && application?.repository && !url.searchParams.get('from')) {
 			return {
 				status: 302,
@@ -10,7 +10,6 @@
 		}
 		return {
 			props: {
-				githubToken,
 				application,
 				appId
 			}
@@ -20,7 +19,6 @@
 
 <script lang="ts">
 	export let application;
-	export let githubToken;
 	export let appId;
 	import GithubRepositories from './_GithubRepositories.svelte';
 	import GitlabRepositories from './_GitlabRepositories.svelte';
@@ -31,7 +29,7 @@
 </div>
 <div class="flex flex-wrap justify-center">
 	{#if application.gitSource.type === 'github'}
-		<GithubRepositories {application} {githubToken} />
+		<GithubRepositories {application} />
 	{:else if application.gitSource.type === 'gitlab'}
 		<GitlabRepositories {application} {appId} />
 	{/if}
diff --git a/src/routes/applications/[id]/index.json.ts b/src/routes/applications/[id]/index.json.ts
index 88d8b30a8..daa3f8d75 100644
--- a/src/routes/applications/[id]/index.json.ts
+++ b/src/routes/applications/[id]/index.json.ts
@@ -14,34 +14,41 @@ export const get: RequestHandler = async (event) => {
 	let githubToken = null;
 	let ghToken = null;
 	let isRunning = false;
-
 	const { id } = event.params;
+
 	try {
 		const application = await db.getApplication({ id, teamId });
 		const { gitSource } = application;
 		if (gitSource?.type === 'github' && gitSource?.githubApp) {
-			const payload = {
-				iat: Math.round(new Date().getTime() / 1000),
-				exp: Math.round(new Date().getTime() / 1000 + 60),
-				iss: gitSource.githubApp.appId
-			};
-			githubToken = jsonwebtoken.sign(payload, gitSource.githubApp.privateKey, {
-				algorithm: 'RS256'
-			});
-			ghToken = await getGithubToken({ apiUrl: gitSource.apiUrl, application, githubToken });
+			if (!event.locals.session.data.ghToken) {
+				const payload = {
+					iat: Math.round(new Date().getTime() / 1000),
+					exp: Math.round(new Date().getTime() / 1000 + 600),
+					iss: gitSource.githubApp.appId
+				};
+				githubToken = jsonwebtoken.sign(payload, gitSource.githubApp.privateKey, {
+					algorithm: 'RS256'
+				});
+				ghToken = await getGithubToken({ apiUrl: gitSource.apiUrl, application, githubToken });
+			}
 		}
 		if (application.destinationDockerId) {
 			isRunning = await checkContainer(application.destinationDocker.engine, id);
 		}
-		return {
+		const payload = {
 			body: {
 				isRunning,
-				ghToken,
-				githubToken,
 				application,
 				appId
-			}
+			},
+			headers: {}
 		};
+		if (ghToken) {
+			payload.headers = {
+				'set-cookie': [`ghToken=${ghToken}; HttpOnly; Path=/; Max-Age=15778800;`]
+			};
+		}
+		return payload;
 	} catch (error) {
 		console.log(error);
 		return ErrorHandler(error);
diff --git a/src/routes/applications/[id]/index.svelte b/src/routes/applications/[id]/index.svelte
index e831deff0..c5289e50a 100644
--- a/src/routes/applications/[id]/index.svelte
+++ b/src/routes/applications/[id]/index.svelte
@@ -42,7 +42,7 @@
 	import Explainer from '$lib/components/Explainer.svelte';
 	import Setting from '$lib/components/Setting.svelte';
 	import type Prisma from '@prisma/client';
-	import { getDomain, notNodeDeployments, staticDeployments } from '$lib/components/common';
+	import { notNodeDeployments, staticDeployments } from '$lib/components/common';
 	import { toast } from '@zerodevx/svelte-toast';
 	import { post } from '$lib/api';
 	const { id } = $page.params;

From feee90beef68e02a427015e249e397504b791017 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 15:37:38 +0100
Subject: [PATCH 23/35] fix: Random port for certbot

---
 src/lib/letsencrypt.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index b1b2cdee0..dc4c9d6f7 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -49,7 +49,7 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 		await forceSSLOffApplication(domain);
 		if (dualCerts) {
 			await asyncExecShell(
-				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
+				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p 9080:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
 					dev ? '--test-cert' : ''
 				}`
 			);
@@ -58,7 +58,7 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			);
 		} else {
 			await asyncExecShell(
-				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${domain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
+				`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p 9080:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${domain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
 					dev ? '--test-cert' : ''
 				}`
 			);

From 9db448a5e2b95ce917391776d7a2a5bdaa4f1629 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 15:51:59 +0100
Subject: [PATCH 24/35] fix: follow icon

---
 .../applications/[id]/logs/build/_BuildLog.svelte   |  1 +
 src/routes/applications/[id]/logs/index.svelte      | 13 ++++++++-----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/routes/applications/[id]/logs/build/_BuildLog.svelte b/src/routes/applications/[id]/logs/build/_BuildLog.svelte
index e4e1a557a..6d3cced39 100644
--- a/src/routes/applications/[id]/logs/build/_BuildLog.svelte
+++ b/src/routes/applications/[id]/logs/build/_BuildLog.svelte
@@ -86,6 +86,7 @@
 		<div class="flex justify-end sticky top-0 p-2">
 			<button
 				on:click={followBuild}
+				class="bg-transparent"
 				data-tooltip="Follow logs"
 				class:text-green-500={followingBuild}
 			>
diff --git a/src/routes/applications/[id]/logs/index.svelte b/src/routes/applications/[id]/logs/index.svelte
index 326815b24..036832f6c 100644
--- a/src/routes/applications/[id]/logs/index.svelte
+++ b/src/routes/applications/[id]/logs/index.svelte
@@ -77,11 +77,12 @@
 	{#if logs.length === 0}
 		<div class="text-xl font-bold tracking-tighter">Waiting for the logs...</div>
 	{:else}
-		<div class="relative w-full">
+		<div class="relative">
 			<LoadingLogs />
 			<div class="flex justify-end sticky top-0 p-2">
 				<button
 					on:click={followBuild}
+					class="bg-transparent"
 					data-tooltip="Follow logs"
 					class:text-green-500={followingBuild}
 				>
@@ -104,12 +105,14 @@
 				</button>
 			</div>
 			<div
-				class="font-mono leading-6 text-left text-md tracking-tighter rounded bg-coolgray-200 p-6 whitespace-pre-wrap break-words w-full mb-10 -mt-12 overflow-y-visible scrollbar-w-1 scrollbar-thumb-coollabs scrollbar-track-coolgray-200"
+				class="font-mono leading-6 text-left text-md tracking-tighter rounded bg-coolgray-200 py-5 px-6 whitespace-pre-wrap break-words overflow-auto max-h-[80vh] -mt-12 overflow-y-scroll scrollbar-w-1 scrollbar-thumb-coollabs scrollbar-track-coolgray-200"
 				bind:this={logsEl}
 			>
-				{#each logs as log}
-					{log + '\n'}
-				{/each}
+				<div class="px-2">
+					{#each logs as log}
+						{log + '\n'}
+					{/each}
+				</div>
 			</div>
 		</div>
 	{/if}

From 2efca7a2b5258fae0c3013c2a2ce078d94350e64 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 21:37:40 +0100
Subject: [PATCH 25/35] feat: Basic password reset form

---
 src/hooks.ts                                | 32 +++----
 src/lib/components/CopyPasswordField.svelte |  6 +-
 src/lib/components/Loading.svelte           |  2 +-
 src/lib/database/users.ts                   |  9 +-
 src/lib/settings.ts                         |  2 +
 src/routes/__layout.svelte                  |  2 +-
 src/routes/login/index.svelte               |  1 +
 src/routes/reset/index.json.ts              | 26 ++++++
 src/routes/reset/index.svelte               | 96 +++++++++++++++++++++
 src/routes/reset/password.json.ts           | 27 ++++++
 10 files changed, 179 insertions(+), 24 deletions(-)
 create mode 100644 src/routes/reset/index.json.ts
 create mode 100644 src/routes/reset/index.svelte
 create mode 100644 src/routes/reset/password.json.ts

diff --git a/src/hooks.ts b/src/hooks.ts
index d74aa83a0..7bb2d8060 100644
--- a/src/hooks.ts
+++ b/src/hooks.ts
@@ -16,22 +16,24 @@ export const handle = handleSession(
 	async function ({ event, resolve }) {
 		let response;
 		try {
-			let gitlabToken = event.locals.cookies.gitlabToken;
-			let ghToken = event.locals.cookies.ghToken;
-			if (event.locals.cookies['kit.session']) {
-				const { permission, teamId, userId } = await getUserDetails(event, false);
-				const newSession = {
-					userId,
-					teamId,
-					permission,
-					isAdmin: permission === 'admin' || permission === 'owner',
-					expires: event.locals.session.data.expires,
-					gitlabToken,
-					ghToken
-				};
+			if (event.locals.cookies) {
+				let gitlabToken = event.locals.cookies.gitlabToken || null;
+				let ghToken = event.locals.cookies.ghToken;
+				if (event.locals.cookies['kit.session']) {
+					const { permission, teamId, userId } = await getUserDetails(event, false);
+					const newSession = {
+						userId,
+						teamId,
+						permission,
+						isAdmin: permission === 'admin' || permission === 'owner',
+						expires: event.locals.session.data.expires,
+						gitlabToken,
+						ghToken
+					};
 
-				if (JSON.stringify(event.locals.session.data) !== JSON.stringify(newSession)) {
-					event.locals.session.data = { ...newSession };
+					if (JSON.stringify(event.locals.session.data) !== JSON.stringify(newSession)) {
+						event.locals.session.data = { ...newSession };
+					}
 				}
 			}
 
diff --git a/src/lib/components/CopyPasswordField.svelte b/src/lib/components/CopyPasswordField.svelte
index ab43f48bd..ac2ba94d4 100644
--- a/src/lib/components/CopyPasswordField.svelte
+++ b/src/lib/components/CopyPasswordField.svelte
@@ -29,7 +29,7 @@
 	}
 </script>
 
-<span
+<div
 	class="relative"
 	on:mouseenter={() => showActions(true)}
 	on:mouseleave={() => showActions(false)}
@@ -78,7 +78,7 @@
 	{/if}
 
 	{#if actionsShow}
-		<div class="absolute top-0 right-0 mx-2 cursor-pointer text-warmGray-600 hover:text-white">
+		<div class="absolute top-0 right-0 m-3  cursor-pointer text-warmGray-600 hover:text-white">
 			<div class="flex space-x-2">
 				{#if isPasswordField}
 					<div on:click={() => (showPassword = !showPassword)}>
@@ -142,4 +142,4 @@
 			</div>
 		</div>
 	{/if}
-</span>
+</div>
diff --git a/src/lib/components/Loading.svelte b/src/lib/components/Loading.svelte
index de113e261..99a1054ea 100644
--- a/src/lib/components/Loading.svelte
+++ b/src/lib/components/Loading.svelte
@@ -11,7 +11,7 @@
 		<span class="loader" />
 	</div>
 {:else}
-	<div class=" main h-64 py-24 left-0 top-0 flex flex-wrap content-center mx-auto">
+	<div class="main h-64 py-24 left-0 top-0 flex flex-wrap content-center mx-auto">
 		<span class="loader" />
 	</div>
 {/if}
diff --git a/src/lib/database/users.ts b/src/lib/database/users.ts
index e8d3f8ba6..9c09d0aaf 100644
--- a/src/lib/database/users.ts
+++ b/src/lib/database/users.ts
@@ -6,16 +6,17 @@ import { asyncExecShell, uniqueName } from '$lib/common';
 
 import * as db from '$lib/database';
 import { startCoolifyProxy } from '$lib/haproxy';
-
-export async function login({ email, password }) {
+export async function hashPassword(password: string) {
 	const saltRounds = 15;
+	return bcrypt.hash(password, saltRounds);
+}
+export async function login({ email, password }) {
 	const users = await prisma.user.count();
 	const userFound = await prisma.user.findUnique({
 		where: { email },
 		include: { teams: true, permission: true },
 		rejectOnNotFound: false
 	});
-	console.log(userFound);
 	// Registration disabled if database is not seeded properly
 	const { isRegistrationEnabled, id } = await db.listSettings();
 
@@ -64,7 +65,7 @@ export async function login({ email, password }) {
 			};
 		}
 
-		const hashedPassword = await bcrypt.hash(password, saltRounds);
+		const hashedPassword = await hashPassword(password);
 		if (users === 0) {
 			permission = 'owner';
 			isAdmin = true;
diff --git a/src/lib/settings.ts b/src/lib/settings.ts
index d9e7cff2c..79742e434 100644
--- a/src/lib/settings.ts
+++ b/src/lib/settings.ts
@@ -1,5 +1,7 @@
 export const publicPaths = [
 	'/login',
+	'/reset',
+	'/reset/password',
 	'/webhooks/success',
 	'/webhooks/github',
 	'/webhooks/github/install',
diff --git a/src/routes/__layout.svelte b/src/routes/__layout.svelte
index 75265e1b0..04310b8b3 100644
--- a/src/routes/__layout.svelte
+++ b/src/routes/__layout.svelte
@@ -2,7 +2,7 @@
 	import type { Load } from '@sveltejs/kit';
 	import { publicPaths } from '$lib/settings';
 
-	export const load: Load = async ({ fetch, url, params, session }) => {
+	export const load: Load = async ({ fetch, url, session }) => {
 		if (!session.userId && !publicPaths.includes(url.pathname)) {
 			return {
 				status: 302,
diff --git a/src/routes/login/index.svelte b/src/routes/login/index.svelte
index 131639d53..b1a538c82 100644
--- a/src/routes/login/index.svelte
+++ b/src/routes/login/index.svelte
@@ -67,6 +67,7 @@
 						class:text-stone-600={loading}
 						class:bg-coollabs={!loading}>{loading ? 'Authenticating...' : 'Login'}</button
 					>
+					<button on:click|preventDefault={() => goto('/reset')}>Reset password</button>
 				</div>
 			</form>
 		</div>
diff --git a/src/routes/reset/index.json.ts b/src/routes/reset/index.json.ts
new file mode 100644
index 000000000..a75ea4766
--- /dev/null
+++ b/src/routes/reset/index.json.ts
@@ -0,0 +1,26 @@
+import type { RequestHandler } from '@sveltejs/kit';
+import * as db from '$lib/database';
+
+export const get: RequestHandler = async () => {
+	const users = await db.prisma.user.findMany({});
+	return {
+		status: 200,
+		body: {
+			users
+		}
+	};
+};
+export const post: RequestHandler = async (event) => {
+	const { secretKey } = await event.request.json();
+	if (secretKey !== process.env.COOLIFY_SECRET_KEY) {
+		return {
+			status: 500,
+			body: {
+				error: 'Invalid secret key.'
+			}
+		};
+	}
+	return {
+		status: 200
+	};
+};
diff --git a/src/routes/reset/index.svelte b/src/routes/reset/index.svelte
new file mode 100644
index 000000000..498c63e64
--- /dev/null
+++ b/src/routes/reset/index.svelte
@@ -0,0 +1,96 @@
+<script lang="ts">
+	import { goto } from '$app/navigation';
+	import { get, post } from '$lib/api';
+	import CopyPasswordField from '$lib/components/CopyPasswordField.svelte';
+	import { errorNotification } from '$lib/form';
+	import { toast } from '@zerodevx/svelte-toast';
+
+	let secretKey;
+	let password = false;
+	let users = [];
+
+	async function handleSubmit() {
+		try {
+			await post(`/reset.json`, { secretKey });
+			password = true;
+			const data = await get('/reset.json');
+			users = data.users;
+			return;
+		} catch ({ error }) {
+			return errorNotification(error);
+		}
+	}
+	async function resetPassword(user) {
+		try {
+			await post(`/reset/password.json`, { secretKey, user });
+			toast.push('Password reset done.');
+			return;
+		} catch ({ error }) {
+			return errorNotification(error);
+		}
+	}
+</script>
+
+<div class="icons fixed top-0 left-0 m-3 cursor-pointer" on:click={() => goto('/')}>
+	<svg
+		xmlns="http://www.w3.org/2000/svg"
+		class="h-6 w-6"
+		viewBox="0 0 24 24"
+		stroke-width="1.5"
+		stroke="currentColor"
+		fill="none"
+		stroke-linecap="round"
+		stroke-linejoin="round"
+	>
+		<path stroke="none" d="M0 0h24v24H0z" fill="none" />
+		<line x1="5" y1="12" x2="19" y2="12" />
+		<line x1="5" y1="12" x2="11" y2="18" />
+		<line x1="5" y1="12" x2="11" y2="6" />
+	</svg>
+</div>
+<div class="pb-10 pt-24 text-center text-4xl font-bold">Reset Password</div>
+<div class="flex items-center justify-center">
+	{#if password}
+		<table class="mx-2 text-left">
+			<thead class="mb-2">
+				<tr>
+					<th class="px-2">Email</th>
+					<th>New password</th>
+				</tr>
+			</thead>
+			<tbody>
+				{#each users as user}
+					<tr>
+						<td class="px-2">{user.email}</td>
+						<td class="flex space-x-2">
+							<input
+								id="newPassword"
+								name="newPassword"
+								bind:value={user.newPassword}
+								placeholder="Super secure new password"
+							/>
+							<button
+								class="mx-auto my-4 w-32 bg-coollabs hover:bg-coollabs-100"
+								on:click={() => resetPassword(user)}>Reset</button
+							></td
+						>
+					</tr>
+				{/each}
+			</tbody>
+		</table>
+	{:else}
+		<form class="flex flex-col" on:submit|preventDefault={handleSubmit}>
+			<div class="text-center text-2xl py-2 font-bold">Secret Key</div>
+			<CopyPasswordField
+				isPasswordField={true}
+				id="secretKey"
+				name="secretKey"
+				bind:value={secretKey}
+				placeholder="You can find it in ~/coolify/.env (COOLIFY_SECRET_KEY)"
+			/>
+			<button type="submit" class="bg-coollabs hover:bg-coollabs-100 mx-auto w-32 my-4"
+				>Submit</button
+			>
+		</form>
+	{/if}
+</div>
diff --git a/src/routes/reset/password.json.ts b/src/routes/reset/password.json.ts
new file mode 100644
index 000000000..28e9d56e3
--- /dev/null
+++ b/src/routes/reset/password.json.ts
@@ -0,0 +1,27 @@
+import type { RequestHandler } from '@sveltejs/kit';
+import * as db from '$lib/database';
+import { ErrorHandler, hashPassword } from '$lib/database';
+
+export const post: RequestHandler = async (event) => {
+	const { secretKey, user } = await event.request.json();
+	if (secretKey !== process.env.COOLIFY_SECRET_KEY) {
+		return {
+			status: 500,
+			body: {
+				error: 'Invalid secret key.'
+			}
+		};
+	}
+	try {
+		const hashedPassword = await hashPassword(user.newPassword);
+		await db.prisma.user.update({
+			where: { email: user.email },
+			data: { password: hashedPassword }
+		});
+		return {
+			status: 200
+		};
+	} catch (error) {
+		return ErrorHandler(error);
+	}
+};

From ea3ffc429f05fe0d59d01f043d6cc307bc362196 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 22:05:02 +0100
Subject: [PATCH 26/35] fix: Plausible volume fixed

---
 src/routes/services/[id]/plausibleanalytics/start.json.ts | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/routes/services/[id]/plausibleanalytics/start.json.ts b/src/routes/services/[id]/plausibleanalytics/start.json.ts
index 274c59bd9..94c2e46f1 100644
--- a/src/routes/services/[id]/plausibleanalytics/start.json.ts
+++ b/src/routes/services/[id]/plausibleanalytics/start.json.ts
@@ -60,7 +60,7 @@ export const post: RequestHandler = async (event) => {
 				}
 			},
 			postgresql: {
-				volume: `${plausibleDbId}-postgresql-data:/var/lib/postgresql/data`,
+				volume: `${plausibleDbId}-postgresql-data:/bitnami/postgresql/`,
 				image: 'bitnami/postgresql:13.2.0',
 				environmentVariables: {
 					POSTGRESQL_PASSWORD: postgresqlPassword,
@@ -136,7 +136,6 @@ COPY ./init-db.sh /docker-entrypoint-initdb.d/init-db.sh`;
 						'sh -c "sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh db init-admin && /entrypoint.sh run"',
 					networks: [network],
 					environment: config.plausibleAnalytics.environmentVariables,
-					volumes: [config.postgresql.volume],
 					restart: 'always',
 					depends_on: [`${id}-postgresql`, `${id}-clickhouse`],
 					labels: makeLabelForServices('plausibleAnalytics')

From aa89019236abd90a457946bb2a6110b3c17e5b3a Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 23:25:24 +0100
Subject: [PATCH 27/35] fix: Database connection strings

---
 src/routes/databases/[id]/_Databases/_Databases.svelte | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/routes/databases/[id]/_Databases/_Databases.svelte b/src/routes/databases/[id]/_Databases/_Databases.svelte
index e09e8d278..611936d59 100644
--- a/src/routes/databases/[id]/_Databases/_Databases.svelte
+++ b/src/routes/databases/[id]/_Databases/_Databases.svelte
@@ -36,7 +36,7 @@
 
 	function generateUrl() {
 		return browser
-			? `${database.type}://${database.type === 'redis' && ':'}${
+			? `${database.type}://${database.type === 'redis' ? ':' : ''}${
 					databaseDbUser ? databaseDbUser + ':' : ''
 			  }${databaseDbUserPassword}@${
 					isPublic

From 6c9ef34905e6948e02c52af01369ac17ed99f687 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 18 Feb 2022 23:25:43 +0100
Subject: [PATCH 28/35] chore: version++

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index f0a7b34a7..b936ec3bc 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
 	"name": "coolify",
 	"description": "An open-source & self-hostable Heroku / Netlify alternative.",
-	"version": "2.0.14",
+	"version": "2.0.15",
 	"license": "AGPL-3.0",
 	"scripts": {
 		"dev": "docker compose -f docker-compose-dev.yaml up -d && NODE_ENV=development svelte-kit dev --host 0.0.0.0",

From 64cd5b6e4b6db64aef81ecb1443084c174650094 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Sat, 19 Feb 2022 13:57:56 +0100
Subject: [PATCH 29/35] fix: Gitlab webhooks fixed

---
 src/hooks.ts                                        |  2 +-
 .../databases/[id]/_Databases/_Databases.svelte     |  2 +-
 src/routes/sources/[id]/_Gitlab.svelte              | 13 ++++++++-----
 src/routes/webhooks/gitlab/index.ts                 |  2 +-
 4 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/src/hooks.ts b/src/hooks.ts
index 7bb2d8060..bdd1f9234 100644
--- a/src/hooks.ts
+++ b/src/hooks.ts
@@ -18,7 +18,7 @@ export const handle = handleSession(
 		try {
 			if (event.locals.cookies) {
 				let gitlabToken = event.locals.cookies.gitlabToken || null;
-				let ghToken = event.locals.cookies.ghToken;
+				let ghToken = event.locals.cookies.ghToken || null;
 				if (event.locals.cookies['kit.session']) {
 					const { permission, teamId, userId } = await getUserDetails(event, false);
 					const newSession = {
diff --git a/src/routes/databases/[id]/_Databases/_Databases.svelte b/src/routes/databases/[id]/_Databases/_Databases.svelte
index 611936d59..83c15a496 100644
--- a/src/routes/databases/[id]/_Databases/_Databases.svelte
+++ b/src/routes/databases/[id]/_Databases/_Databases.svelte
@@ -36,7 +36,7 @@
 
 	function generateUrl() {
 		return browser
-			? `${database.type}://${database.type === 'redis' ? ':' : ''}${
+			? `${database.type}://${
 					databaseDbUser ? databaseDbUser + ':' : ''
 			  }${databaseDbUserPassword}@${
 					isPublic
diff --git a/src/routes/sources/[id]/_Gitlab.svelte b/src/routes/sources/[id]/_Gitlab.svelte
index 01de75424..0a39fcf72 100644
--- a/src/routes/sources/[id]/_Gitlab.svelte
+++ b/src/routes/sources/[id]/_Gitlab.svelte
@@ -121,12 +121,15 @@
 
 			<Explainer
 				customClass="w-full"
-				text="<span class='font-bold text-base'>Scopes required:</span> 	
-	<br>- api (Access the authenticated user's API)
-	<br>- read_repository (Allows read-only access to the repository)
-	<br>- email (Allows read-only access to the user's primary email address using OpenID Connect)
+				text="<span class='font-bold text-base text-white'>Scopes required:</span> 	
+	<br>- <span class='text-orange-500 font-bold'>api</span> (Access the authenticated user's API)
+	<br>- <span class='text-orange-500 font-bold'>read_repository</span> (Allows read-only access to the repository)
+	<br>- <span class='text-orange-500 font-bold'>email</span> (Allows read-only access to the user's primary email address using OpenID Connect)
 	<br>
-	<br>For extra security, you can add Expire access tokens!"
+	<br>For extra security, you can set Expire access tokens!
+	<br><br>Webhook URL: <span class='text-orange-500 font-bold'>{window.location
+					.origin}/webhooks/gitlab</span>
+	<br>But if you will set a custom domain name for Coolify, use that instead."
 			/>
 		</form>
 		<form on:submit|preventDefault={handleSubmit} class="grid grid-flow-row gap-2 py-4 pt-10">
diff --git a/src/routes/webhooks/gitlab/index.ts b/src/routes/webhooks/gitlab/index.ts
index 9f953bc88..f3d930ace 100644
--- a/src/routes/webhooks/gitlab/index.ts
+++ b/src/routes/webhooks/gitlab/index.ts
@@ -21,8 +21,8 @@ export const get: RequestHandler = async (event) => {
 	const code = event.url.searchParams.get('code');
 	const state = event.url.searchParams.get('state');
 	try {
+		const { fqdn } = await db.listSettings();
 		const application = await db.getApplication({ id: state, teamId });
-		const { fqdn } = application;
 		const { appId, appSecret } = application.gitSource.gitlabApp;
 		const { htmlUrl } = application.gitSource;
 

From e51a8d43d9a9030ac28efa6d595bf0f4dc89785f Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Sat, 19 Feb 2022 14:03:33 +0100
Subject: [PATCH 30/35] Browser

---
 src/routes/sources/[id]/_Gitlab.svelte | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/routes/sources/[id]/_Gitlab.svelte b/src/routes/sources/[id]/_Gitlab.svelte
index 0a39fcf72..ba18ea5f2 100644
--- a/src/routes/sources/[id]/_Gitlab.svelte
+++ b/src/routes/sources/[id]/_Gitlab.svelte
@@ -5,6 +5,7 @@
 	import { page, session } from '$app/stores';
 	import { onMount } from 'svelte';
 	import { post } from '$lib/api';
+	import { browser } from '$app/env';
 	const { id } = $page.params;
 
 	let loading = false;
@@ -127,8 +128,9 @@
 	<br>- <span class='text-orange-500 font-bold'>email</span> (Allows read-only access to the user's primary email address using OpenID Connect)
 	<br>
 	<br>For extra security, you can set Expire access tokens!
-	<br><br>Webhook URL: <span class='text-orange-500 font-bold'>{window.location
-					.origin}/webhooks/gitlab</span>
+	<br><br>Webhook URL: <span class='text-orange-500 font-bold'>{browser
+					? window.location.origin
+					: ''}/webhooks/gitlab</span>
 	<br>But if you will set a custom domain name for Coolify, use that instead."
 			/>
 		</form>

From 15e69c538a3292edf40c5e58bce58cedaf0fbdd0 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Sat, 19 Feb 2022 14:54:47 +0100
Subject: [PATCH 31/35] feat: Preview secrets chore: version++

---
 package.json                                  |  2 +-
 prisma/schema.prisma                          |  3 +-
 src/lib/database/checks.ts                    |  4 +-
 src/lib/database/secrets.ts                   | 24 +++++--
 .../applications/[id]/previews/index.json.ts  |  7 +-
 .../applications/[id]/previews/index.svelte   | 64 ++++++++++++++++++-
 .../applications/[id]/secrets/_Secret.svelte  | 17 +++--
 .../applications/[id]/secrets/index.json.ts   | 24 ++++---
 8 files changed, 120 insertions(+), 25 deletions(-)

diff --git a/package.json b/package.json
index b936ec3bc..b3945abee 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
 	"name": "coolify",
 	"description": "An open-source & self-hostable Heroku / Netlify alternative.",
-	"version": "2.0.15",
+	"version": "2.0.16",
 	"license": "AGPL-3.0",
 	"scripts": {
 		"dev": "docker compose -f docker-compose-dev.yaml up -d && NODE_ENV=development svelte-kit dev --host 0.0.0.0",
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index cf9684f53..7599602fb 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -109,13 +109,14 @@ model Secret {
   id            String      @id @default(cuid())
   name          String
   value         String
+  isPRMRSecret  Boolean     @default(false)
   isBuildSecret Boolean     @default(false)
   createdAt     DateTime    @default(now())
   updatedAt     DateTime    @updatedAt
   application   Application @relation(fields: [applicationId], references: [id])
   applicationId String
 
-  @@unique([name, applicationId])
+  @@unique([name, applicationId, isPRMRSecret])
 }
 
 model BuildLog {
diff --git a/src/lib/database/checks.ts b/src/lib/database/checks.ts
index 35af8dc00..d825de701 100644
--- a/src/lib/database/checks.ts
+++ b/src/lib/database/checks.ts
@@ -15,8 +15,8 @@ export async function isDockerNetworkExists({ network }) {
 	return await prisma.destinationDocker.findFirst({ where: { network } });
 }
 
-export async function isSecretExists({ id, name }) {
-	return await prisma.secret.findFirst({ where: { name, applicationId: id } });
+export async function isSecretExists({ id, name, isPRMRSecret }) {
+	return await prisma.secret.findFirst({ where: { name, applicationId: id, isPRMRSecret } });
 }
 
 export async function isDomainConfigured({ id, fqdn }) {
diff --git a/src/lib/database/secrets.ts b/src/lib/database/secrets.ts
index c03ec9459..ae5abe05b 100644
--- a/src/lib/database/secrets.ts
+++ b/src/lib/database/secrets.ts
@@ -1,21 +1,35 @@
 import { encrypt } from '$lib/crypto';
 import { prisma } from './common';
 
-export async function listSecrets({ applicationId }) {
+export async function listSecrets(applicationId: string) {
 	return await prisma.secret.findMany({
 		where: { applicationId },
-		orderBy: { createdAt: 'desc' },
-		select: { id: true, createdAt: true, name: true, isBuildSecret: true }
+		orderBy: { createdAt: 'desc' }
 	});
 }
 
-export async function createSecret({ id, name, value, isBuildSecret }) {
+export async function createSecret({ id, name, value, isBuildSecret, isPRMRSecret }) {
 	value = encrypt(value);
 	return await prisma.secret.create({
-		data: { name, value, isBuildSecret, application: { connect: { id } } }
+		data: { name, value, isBuildSecret, isPRMRSecret, application: { connect: { id } } }
 	});
 }
 
+export async function updateSecret({ id, name, value, isBuildSecret, isPRMRSecret }) {
+	value = encrypt(value);
+	const found = await prisma.secret.findFirst({ where: { applicationId: id, name, isPRMRSecret } });
+	if (found) {
+		return await prisma.secret.updateMany({
+			where: { applicationId: id, name, isPRMRSecret },
+			data: { value, isBuildSecret, isPRMRSecret }
+		});
+	} else {
+		return await prisma.secret.create({
+			data: { name, value, isBuildSecret, isPRMRSecret, application: { connect: { id } } }
+		});
+	}
+}
+
 export async function removeSecret({ id, name }) {
 	return await prisma.secret.deleteMany({ where: { applicationId: id, name } });
 }
diff --git a/src/routes/applications/[id]/previews/index.json.ts b/src/routes/applications/[id]/previews/index.json.ts
index fd5bd45b0..c50b01d7b 100644
--- a/src/routes/applications/[id]/previews/index.json.ts
+++ b/src/routes/applications/[id]/previews/index.json.ts
@@ -11,6 +11,9 @@ export const get: RequestHandler = async (event) => {
 
 	const { id } = event.params;
 	try {
+		const secrets = await db.listSecrets(id);
+		const applicationSecrets = secrets.filter((secret) => !secret.isPRMRSecret);
+		const PRMRSecrets = secrets.filter((secret) => secret.isPRMRSecret);
 		const destinationDocker = await db.getDestinationByApplicationId({ id, teamId });
 		const docker = dockerInstance({ destinationDocker });
 		const listContainers = await docker.engine.listContainers({
@@ -35,7 +38,9 @@ export const get: RequestHandler = async (event) => {
 			});
 		return {
 			body: {
-				containers: jsonContainers
+				containers: jsonContainers,
+				applicationSecrets,
+				PRMRSecrets
 			}
 		};
 	} catch (error) {
diff --git a/src/routes/applications/[id]/previews/index.svelte b/src/routes/applications/[id]/previews/index.svelte
index 28c5efd6f..581416050 100644
--- a/src/routes/applications/[id]/previews/index.svelte
+++ b/src/routes/applications/[id]/previews/index.svelte
@@ -22,8 +22,18 @@
 <script lang="ts">
 	export let containers;
 	export let application;
-
+	export let PRMRSecrets;
+	export let applicationSecrets;
 	import { getDomain } from '$lib/components/common';
+	import Secret from '../secrets/_Secret.svelte';
+	import { get } from '$lib/api';
+	import { page } from '$app/stores';
+
+	const { id } = $page.params;
+	async function refreshSecrets() {
+		const data = await get(`/applications/${id}/secrets.json`);
+		PRMRSecrets = [...data.secrets];
+	}
 </script>
 
 <div class="flex space-x-1 p-6 font-bold">
@@ -31,8 +41,56 @@
 		Previews for <a href={application.fqdn} target="_blank">{getDomain(application.fqdn)}</a>
 	</div>
 </div>
-
-<div class="mx-auto max-w-4xl px-6">
+<div>
+	Preview secrets. They will overwrite application secrets for PR/MR deployments. Useful for
+	creating staging environments for these deployments.
+</div>
+<div class="mx-auto max-w-6xl rounded-xl px-6 pt-4">
+	<table class="mx-auto">
+		<thead class=" rounded-xl border-b border-coolgray-500">
+			<tr>
+				<th
+					scope="col"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white">Name</th
+				>
+				<th
+					scope="col"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white"
+					>Value</th
+				>
+				<th
+					scope="col"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white"
+					>Need during buildtime?</th
+				>
+				<th
+					scope="col"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white"
+				/>
+			</tr>
+		</thead>
+		<tbody class="">
+			{#each applicationSecrets as secret}
+				{#key secret.id}
+					<tr class="hover:bg-coolgray-200">
+						<Secret
+							PRMRSecret={PRMRSecrets.find((s) => s.name === secret.name)}
+							isPRMRSecret
+							name={secret.name}
+							value={secret.value ? secret.value : 'ENCRYPTED'}
+							isBuildSecret={secret.isBuildSecret}
+							on:refresh={refreshSecrets}
+						/>
+					</tr>
+				{/key}
+			{/each}
+			<!-- <tr>
+				<Secret isPRMRSecret isNewSecret on:refresh={refreshSecrets} />
+			</tr> -->
+		</tbody>
+	</table>
+</div>
+<div class="mx-auto max-w-4xl py-10">
 	<div class="flex flex-wrap justify-center space-x-2">
 		{#if containers.length > 0}
 			{#each containers as container}
diff --git a/src/routes/applications/[id]/secrets/_Secret.svelte b/src/routes/applications/[id]/secrets/_Secret.svelte
index 60c53080b..b5cbd8751 100644
--- a/src/routes/applications/[id]/secrets/_Secret.svelte
+++ b/src/routes/applications/[id]/secrets/_Secret.svelte
@@ -3,6 +3,11 @@
 	export let value = '';
 	export let isBuildSecret = false;
 	export let isNewSecret = false;
+	export let isPRMRSecret = false;
+	export let PRMRSecret = {};
+
+	if (isPRMRSecret) value = PRMRSecret.value;
+
 	import { page } from '$app/stores';
 	import { del, post } from '$lib/api';
 	import { errorNotification } from '$lib/form';
@@ -36,7 +41,7 @@
 		}
 
 		try {
-			await post(`/applications/${id}/secrets.json`, { name, value, isBuildSecret });
+			await post(`/applications/${id}/secrets.json`, { name, value, isBuildSecret, isPRMRSecret });
 			dispatch('refresh');
 			if (isNewSecret) {
 				name = '';
@@ -75,9 +80,9 @@
 		required
 		placeholder="J$#@UIO%HO#$U%H"
 		class="-mx-2 w-64 border-2 border-transparent"
-		class:bg-transparent={!isNewSecret}
-		class:cursor-not-allowed={!isNewSecret}
-		readonly={!isNewSecret}
+		class:bg-transparent={!isNewSecret && !isPRMRSecret}
+		class:cursor-not-allowed={!isNewSecret && !isPRMRSecret}
+		readonly={!isNewSecret && !isPRMRSecret}
 	/>
 </td>
 <td class="whitespace-nowrap px-6 py-2 text-center text-sm font-medium text-white">
@@ -134,6 +139,10 @@
 		<div class="flex items-center justify-center">
 			<button class="w-24 bg-green-600 hover:bg-green-500" on:click={saveSecret}>Add</button>
 		</div>
+	{:else if isPRMRSecret}
+		<div class="flex items-center justify-center">
+			<button class="w-24 bg-green-600 hover:bg-green-500" on:click={saveSecret}>Set</button>
+		</div>
 	{:else}
 		<div class="flex justify-center items-end">
 			<button class="w-24 bg-red-600 hover:bg-red-500" on:click={removeSecret}>Remove</button>
diff --git a/src/routes/applications/[id]/secrets/index.json.ts b/src/routes/applications/[id]/secrets/index.json.ts
index bed54b950..365a74c87 100644
--- a/src/routes/applications/[id]/secrets/index.json.ts
+++ b/src/routes/applications/[id]/secrets/index.json.ts
@@ -7,8 +7,9 @@ export const get: RequestHandler = async (event) => {
 	const { teamId, status, body } = await getUserDetails(event);
 	if (status === 401) return { status, body };
 
+	const { id } = event.params;
 	try {
-		const secrets = await db.listSecrets({ applicationId: event.params.id });
+		const secrets = await (await db.listSecrets(id)).filter((secret) => !secret.isPRMRSecret);
 		return {
 			status: 200,
 			body: {
@@ -27,16 +28,23 @@ export const post: RequestHandler = async (event) => {
 	if (status === 401) return { status, body };
 
 	const { id } = event.params;
-	const { name, value, isBuildSecret } = await event.request.json();
+	const { name, value, isBuildSecret, isPRMRSecret } = await event.request.json();
 
 	try {
-		const found = await db.isSecretExists({ id, name });
-		if (found) {
-			throw {
-				error: `Secret ${name} already exists.`
-			};
+		if (!isPRMRSecret) {
+			const found = await db.isSecretExists({ id, name, isPRMRSecret });
+			if (found) {
+				throw {
+					error: `Secret ${name} already exists.`
+				};
+			} else {
+				await db.createSecret({ id, name, value, isBuildSecret, isPRMRSecret });
+				return {
+					status: 201
+				};
+			}
 		} else {
-			await db.createSecret({ id, name, value, isBuildSecret });
+			await db.updateSecret({ id, name, value, isBuildSecret, isPRMRSecret });
 			return {
 				status: 201
 			};

From cab7ac7d58140b6fd4c96cedabaa11b437d2ab19 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Sat, 19 Feb 2022 22:37:45 +0100
Subject: [PATCH 32/35] fix: If DNS not found, do not redirect

---
 src/routes/settings/index.json.ts | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/routes/settings/index.json.ts b/src/routes/settings/index.json.ts
index 217b314bd..bd365d5e4 100644
--- a/src/routes/settings/index.json.ts
+++ b/src/routes/settings/index.json.ts
@@ -1,3 +1,4 @@
+import { dev } from '$app/env';
 import { getDomain, getUserDetails } from '$lib/common';
 import * as db from '$lib/database';
 import { listSettings, ErrorHandler } from '$lib/database';
@@ -43,7 +44,13 @@ export const del: RequestHandler = async (event) => {
 	if (status === 401) return { status, body };
 
 	const { fqdn } = await event.request.json();
-	const ip = await dns.resolve(event.url.hostname);
+	let ip;
+	console.log(fqdn);
+	try {
+		ip = await dns.resolve(fqdn);
+	} catch (error) {
+		// Do not care.
+	}
 	try {
 		const domain = getDomain(fqdn);
 		await db.prisma.setting.update({ where: { fqdn }, data: { fqdn: null } });
@@ -53,7 +60,7 @@ export const del: RequestHandler = async (event) => {
 			status: 200,
 			body: {
 				message: 'Domain removed',
-				redirect: `http://${ip[0]}:3000/settings`
+				redirect: ip ? `http://${ip[0]}:3000/settings` : undefined
 			}
 		};
 	} catch (error) {

From 7c683668ebfde005555007004160fc3c04d45bd1 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Sun, 20 Feb 2022 00:00:31 +0100
Subject: [PATCH 33/35] feat: Secrets for previews UI: Some CSS changes

---
 src/lib/buildPacks/docker.ts                  |  13 +-
 src/lib/buildPacks/nextjs.ts                  |  22 +++-
 src/lib/buildPacks/node.ts                    |  22 +++-
 src/lib/buildPacks/nuxtjs.ts                  |  22 +++-
 src/lib/buildPacks/static.ts                  |  22 +++-
 src/lib/components/CopyPasswordField.svelte   | 124 +++++++++---------
 src/lib/components/templates.ts               |   1 -
 src/lib/database/secrets.ts                   |  12 +-
 src/lib/docker.ts                             |  15 ++-
 src/lib/queues/builder.ts                     |  11 +-
 src/routes/applications/[id]/index.svelte     |   6 +-
 .../applications/[id]/previews/index.json.ts  |   8 +-
 .../applications/[id]/previews/index.svelte   |  21 +--
 .../applications/[id]/secrets/_Secret.svelte  |  59 +++++----
 .../applications/[id]/secrets/index.json.ts   |   5 +-
 .../applications/[id]/secrets/index.svelte    |   4 +-
 .../databases/[id]/_Databases/_CouchDb.svelte |   2 +-
 .../databases/[id]/_Databases/_MongoDB.svelte |   2 +-
 .../databases/[id]/_Databases/_MySQL.svelte   |   2 +-
 .../[id]/_Databases/_PostgreSQL.svelte        |   2 +-
 .../databases/[id]/_Databases/_Redis.svelte   |   2 +-
 .../services/[id]/_Services/_MinIO.svelte     |   6 +-
 src/routes/settings/index.svelte              |   2 +-
 src/tailwind.css                              |   4 +-
 24 files changed, 243 insertions(+), 146 deletions(-)

diff --git a/src/lib/buildPacks/docker.ts b/src/lib/buildPacks/docker.ts
index 5bc6ce453..af000e551 100644
--- a/src/lib/buildPacks/docker.ts
+++ b/src/lib/buildPacks/docker.ts
@@ -9,7 +9,8 @@ export default async function ({
 	docker,
 	buildId,
 	baseDirectory,
-	secrets
+	secrets,
+	pullmergeRequestId
 }) {
 	try {
 		let file = `${workdir}/Dockerfile`;
@@ -24,7 +25,15 @@ export default async function ({
 		if (secrets.length > 0) {
 			secrets.forEach((secret) => {
 				if (secret.isBuildSecret) {
-					Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					if (pullmergeRequestId) {
+						if (secret.isPRMRSecret) {
+							Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+						}
+					} else {
+						if (!secret.isPRMRSecret) {
+							Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+						}
+					}
 				}
 			});
 		}
diff --git a/src/lib/buildPacks/nextjs.ts b/src/lib/buildPacks/nextjs.ts
index 53a7f884e..648208d83 100644
--- a/src/lib/buildPacks/nextjs.ts
+++ b/src/lib/buildPacks/nextjs.ts
@@ -2,8 +2,16 @@ import { buildImage } from '$lib/docker';
 import { promises as fs } from 'fs';
 
 const createDockerfile = async (data, image): Promise<void> => {
-	const { workdir, port, installCommand, buildCommand, startCommand, baseDirectory, secrets } =
-		data;
+	const {
+		workdir,
+		port,
+		installCommand,
+		buildCommand,
+		startCommand,
+		baseDirectory,
+		secrets,
+		pullmergeRequestId
+	} = data;
 	const Dockerfile: Array<string> = [];
 
 	Dockerfile.push(`FROM ${image}`);
@@ -11,7 +19,15 @@ const createDockerfile = async (data, image): Promise<void> => {
 	if (secrets.length > 0) {
 		secrets.forEach((secret) => {
 			if (secret.isBuildSecret) {
-				Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+				if (pullmergeRequestId) {
+					if (secret.isPRMRSecret) {
+						Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					}
+				} else {
+					if (!secret.isPRMRSecret) {
+						Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					}
+				}
 			}
 		});
 	}
diff --git a/src/lib/buildPacks/node.ts b/src/lib/buildPacks/node.ts
index 53a7f884e..648208d83 100644
--- a/src/lib/buildPacks/node.ts
+++ b/src/lib/buildPacks/node.ts
@@ -2,8 +2,16 @@ import { buildImage } from '$lib/docker';
 import { promises as fs } from 'fs';
 
 const createDockerfile = async (data, image): Promise<void> => {
-	const { workdir, port, installCommand, buildCommand, startCommand, baseDirectory, secrets } =
-		data;
+	const {
+		workdir,
+		port,
+		installCommand,
+		buildCommand,
+		startCommand,
+		baseDirectory,
+		secrets,
+		pullmergeRequestId
+	} = data;
 	const Dockerfile: Array<string> = [];
 
 	Dockerfile.push(`FROM ${image}`);
@@ -11,7 +19,15 @@ const createDockerfile = async (data, image): Promise<void> => {
 	if (secrets.length > 0) {
 		secrets.forEach((secret) => {
 			if (secret.isBuildSecret) {
-				Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+				if (pullmergeRequestId) {
+					if (secret.isPRMRSecret) {
+						Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					}
+				} else {
+					if (!secret.isPRMRSecret) {
+						Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					}
+				}
 			}
 		});
 	}
diff --git a/src/lib/buildPacks/nuxtjs.ts b/src/lib/buildPacks/nuxtjs.ts
index 53a7f884e..648208d83 100644
--- a/src/lib/buildPacks/nuxtjs.ts
+++ b/src/lib/buildPacks/nuxtjs.ts
@@ -2,8 +2,16 @@ import { buildImage } from '$lib/docker';
 import { promises as fs } from 'fs';
 
 const createDockerfile = async (data, image): Promise<void> => {
-	const { workdir, port, installCommand, buildCommand, startCommand, baseDirectory, secrets } =
-		data;
+	const {
+		workdir,
+		port,
+		installCommand,
+		buildCommand,
+		startCommand,
+		baseDirectory,
+		secrets,
+		pullmergeRequestId
+	} = data;
 	const Dockerfile: Array<string> = [];
 
 	Dockerfile.push(`FROM ${image}`);
@@ -11,7 +19,15 @@ const createDockerfile = async (data, image): Promise<void> => {
 	if (secrets.length > 0) {
 		secrets.forEach((secret) => {
 			if (secret.isBuildSecret) {
-				Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+				if (pullmergeRequestId) {
+					if (secret.isPRMRSecret) {
+						Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					}
+				} else {
+					if (!secret.isPRMRSecret) {
+						Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					}
+				}
 			}
 		});
 	}
diff --git a/src/lib/buildPacks/static.ts b/src/lib/buildPacks/static.ts
index 0db1a0c83..d71eea6e1 100644
--- a/src/lib/buildPacks/static.ts
+++ b/src/lib/buildPacks/static.ts
@@ -2,8 +2,16 @@ import { buildCacheImageWithNode, buildImage } from '$lib/docker';
 import { promises as fs } from 'fs';
 
 const createDockerfile = async (data, image): Promise<void> => {
-	const { applicationId, tag, workdir, buildCommand, baseDirectory, publishDirectory, secrets } =
-		data;
+	const {
+		applicationId,
+		tag,
+		workdir,
+		buildCommand,
+		baseDirectory,
+		publishDirectory,
+		secrets,
+		pullmergeRequestId
+	} = data;
 	const Dockerfile: Array<string> = [];
 
 	Dockerfile.push(`FROM ${image}`);
@@ -11,7 +19,15 @@ const createDockerfile = async (data, image): Promise<void> => {
 	if (secrets.length > 0) {
 		secrets.forEach((secret) => {
 			if (secret.isBuildSecret) {
-				Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+				if (pullmergeRequestId) {
+					if (secret.isPRMRSecret) {
+						Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					}
+				} else {
+					if (!secret.isPRMRSecret) {
+						Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					}
+				}
 			}
 		});
 	}
diff --git a/src/lib/components/CopyPasswordField.svelte b/src/lib/components/CopyPasswordField.svelte
index ac2ba94d4..648fc3278 100644
--- a/src/lib/components/CopyPasswordField.svelte
+++ b/src/lib/components/CopyPasswordField.svelte
@@ -1,9 +1,9 @@
 <script>
 	import { browser } from '$app/env';
 	import { toast } from '@zerodevx/svelte-toast';
-	export let value;
 	let showPassword = false;
 
+	export let value;
 	export let disabled = false;
 	export let isPasswordField = false;
 	export let readonly = false;
@@ -14,7 +14,7 @@
 	export let name;
 	export let placeholder = '';
 
-	let disabledClass = 'bg-coolback disabled:bg-coolblack select-all';
+	let disabledClass = 'bg-coolback disabled:bg-coolblack';
 	let actionsShow = false;
 	let isHttps = browser && window.location.protocol === 'https:';
 
@@ -29,11 +29,7 @@
 	}
 </script>
 
-<div
-	class="relative"
-	on:mouseenter={() => showActions(true)}
-	on:mouseleave={() => showActions(false)}
->
+<div class="relative">
 	{#if !isPasswordField || showPassword}
 		{#if textarea}
 			<textarea
@@ -77,69 +73,67 @@
 		/>
 	{/if}
 
-	{#if actionsShow}
-		<div class="absolute top-0 right-0 m-3  cursor-pointer text-warmGray-600 hover:text-white">
-			<div class="flex space-x-2">
-				{#if isPasswordField}
-					<div on:click={() => (showPassword = !showPassword)}>
-						{#if showPassword}
-							<svg
-								xmlns="http://www.w3.org/2000/svg"
-								class="h-6 w-6"
-								fill="none"
-								viewBox="0 0 24 24"
-								stroke="currentColor"
-							>
-								<path
-									stroke-linecap="round"
-									stroke-linejoin="round"
-									stroke-width="2"
-									d="M13.875 18.825A10.05 10.05 0 0112 19c-4.478 0-8.268-2.943-9.543-7a9.97 9.97 0 011.563-3.029m5.858.908a3 3 0 114.243 4.243M9.878 9.878l4.242 4.242M9.88 9.88l-3.29-3.29m7.532 7.532l3.29 3.29M3 3l3.59 3.59m0 0A9.953 9.953 0 0112 5c4.478 0 8.268 2.943 9.543 7a10.025 10.025 0 01-4.132 5.411m0 0L21 21"
-								/>
-							</svg>
-						{:else}
-							<svg
-								xmlns="http://www.w3.org/2000/svg"
-								class="h-6 w-6"
-								fill="none"
-								viewBox="0 0 24 24"
-								stroke="currentColor"
-							>
-								<path
-									stroke-linecap="round"
-									stroke-linejoin="round"
-									stroke-width="2"
-									d="M15 12a3 3 0 11-6 0 3 3 0 016 0z"
-								/>
-								<path
-									stroke-linecap="round"
-									stroke-linejoin="round"
-									stroke-width="2"
-									d="M2.458 12C3.732 7.943 7.523 5 12 5c4.478 0 8.268 2.943 9.542 7-1.274 4.057-5.064 7-9.542 7-4.477 0-8.268-2.943-9.542-7z"
-								/>
-							</svg>
-						{/if}
-					</div>
-				{/if}
-				{#if value && isHttps}
-					<div on:click={copyToClipboard}>
+	<div class="absolute top-0 right-0 m-3  cursor-pointer text-warmGray-600 hover:text-white">
+		<div class="flex space-x-2">
+			{#if isPasswordField}
+				<div on:click={() => (showPassword = !showPassword)}>
+					{#if showPassword}
 						<svg
 							xmlns="http://www.w3.org/2000/svg"
 							class="h-6 w-6"
-							viewBox="0 0 24 24"
-							stroke-width="1.5"
-							stroke="currentColor"
 							fill="none"
-							stroke-linecap="round"
-							stroke-linejoin="round"
+							viewBox="0 0 24 24"
+							stroke="currentColor"
 						>
-							<path stroke="none" d="M0 0h24v24H0z" fill="none" />
-							<rect x="8" y="8" width="12" height="12" rx="2" />
-							<path d="M16 8v-2a2 2 0 0 0 -2 -2h-8a2 2 0 0 0 -2 2v8a2 2 0 0 0 2 2h2" />
+							<path
+								stroke-linecap="round"
+								stroke-linejoin="round"
+								stroke-width="2"
+								d="M13.875 18.825A10.05 10.05 0 0112 19c-4.478 0-8.268-2.943-9.543-7a9.97 9.97 0 011.563-3.029m5.858.908a3 3 0 114.243 4.243M9.878 9.878l4.242 4.242M9.88 9.88l-3.29-3.29m7.532 7.532l3.29 3.29M3 3l3.59 3.59m0 0A9.953 9.953 0 0112 5c4.478 0 8.268 2.943 9.543 7a10.025 10.025 0 01-4.132 5.411m0 0L21 21"
+							/>
 						</svg>
-					</div>
-				{/if}
-			</div>
+					{:else}
+						<svg
+							xmlns="http://www.w3.org/2000/svg"
+							class="h-6 w-6"
+							fill="none"
+							viewBox="0 0 24 24"
+							stroke="currentColor"
+						>
+							<path
+								stroke-linecap="round"
+								stroke-linejoin="round"
+								stroke-width="2"
+								d="M15 12a3 3 0 11-6 0 3 3 0 016 0z"
+							/>
+							<path
+								stroke-linecap="round"
+								stroke-linejoin="round"
+								stroke-width="2"
+								d="M2.458 12C3.732 7.943 7.523 5 12 5c4.478 0 8.268 2.943 9.542 7-1.274 4.057-5.064 7-9.542 7-4.477 0-8.268-2.943-9.542-7z"
+							/>
+						</svg>
+					{/if}
+				</div>
+			{/if}
+			{#if value && isHttps}
+				<div on:click={copyToClipboard}>
+					<svg
+						xmlns="http://www.w3.org/2000/svg"
+						class="h-6 w-6"
+						viewBox="0 0 24 24"
+						stroke-width="1.5"
+						stroke="currentColor"
+						fill="none"
+						stroke-linecap="round"
+						stroke-linejoin="round"
+					>
+						<path stroke="none" d="M0 0h24v24H0z" fill="none" />
+						<rect x="8" y="8" width="12" height="12" rx="2" />
+						<path d="M16 8v-2a2 2 0 0 0 -2 -2h-8a2 2 0 0 0 -2 2v8a2 2 0 0 0 2 2h2" />
+					</svg>
+				</div>
+			{/if}
 		</div>
-	{/if}
+	</div>
 </div>
diff --git a/src/lib/components/templates.ts b/src/lib/components/templates.ts
index fb52efddb..d6029e4d2 100644
--- a/src/lib/components/templates.ts
+++ b/src/lib/components/templates.ts
@@ -18,7 +18,6 @@ export const buildPacks = [
 
 	{
 		name: 'static',
-		...defaultBuildAndDeploy,
 		publishDirectory: 'dist',
 		port: 80,
 		fancyName: 'Static',
diff --git a/src/lib/database/secrets.ts b/src/lib/database/secrets.ts
index ae5abe05b..167d061f5 100644
--- a/src/lib/database/secrets.ts
+++ b/src/lib/database/secrets.ts
@@ -1,11 +1,17 @@
-import { encrypt } from '$lib/crypto';
+import { encrypt, decrypt } from '$lib/crypto';
 import { prisma } from './common';
 
 export async function listSecrets(applicationId: string) {
-	return await prisma.secret.findMany({
+	let secrets = await prisma.secret.findMany({
 		where: { applicationId },
 		orderBy: { createdAt: 'desc' }
 	});
+	secrets = secrets.map((secret) => {
+		secret.value = decrypt(secret.value);
+		return secret;
+	});
+
+	return secrets;
 }
 
 export async function createSecret({ id, name, value, isBuildSecret, isPRMRSecret }) {
@@ -18,6 +24,8 @@ export async function createSecret({ id, name, value, isBuildSecret, isPRMRSecre
 export async function updateSecret({ id, name, value, isBuildSecret, isPRMRSecret }) {
 	value = encrypt(value);
 	const found = await prisma.secret.findFirst({ where: { applicationId: id, name, isPRMRSecret } });
+	console.log(found);
+
 	if (found) {
 		return await prisma.secret.updateMany({
 			where: { applicationId: id, name, isPRMRSecret },
diff --git a/src/lib/docker.ts b/src/lib/docker.ts
index 52f5d1bef..b3cf89e37 100644
--- a/src/lib/docker.ts
+++ b/src/lib/docker.ts
@@ -13,15 +13,24 @@ export async function buildCacheImageWithNode(data, imageForBuild) {
 		installCommand,
 		buildCommand,
 		debug,
-		secrets
+		secrets,
+		pullmergeRequestId
 	} = data;
 	const Dockerfile: Array<string> = [];
 	Dockerfile.push(`FROM ${imageForBuild}`);
 	Dockerfile.push('WORKDIR /usr/src/app');
 	if (secrets.length > 0) {
 		secrets.forEach((secret) => {
-			if (!secret.isBuildSecret) {
-				Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+			if (secret.isBuildSecret) {
+				if (pullmergeRequestId) {
+					if (secret.isPRMRSecret) {
+						Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					}
+				} else {
+					if (!secret.isPRMRSecret) {
+						Dockerfile.push(`ARG ${secret.name} ${secret.value}`);
+					}
+				}
 			}
 		});
 	}
diff --git a/src/lib/queues/builder.ts b/src/lib/queues/builder.ts
index 2e7fe2475..c145619be 100644
--- a/src/lib/queues/builder.ts
+++ b/src/lib/queues/builder.ts
@@ -64,7 +64,6 @@ export default async function (job) {
 	if (destinationDockerId) {
 		destinationType = 'docker';
 	}
-
 	if (destinationType === 'docker') {
 		const docker = dockerInstance({ destinationDocker });
 		const host = getEngine(destinationDocker.engine);
@@ -205,7 +204,15 @@ export default async function (job) {
 		const envs = [];
 		if (secrets.length > 0) {
 			secrets.forEach((secret) => {
-				envs.push(`${secret.name}=${secret.value}`);
+				if (pullmergeRequestId) {
+					if (secret.isPRMRSecret) {
+						envs.push(`${secret.name}=${secret.value}`);
+					}
+				} else {
+					if (!secret.isPRMRSecret) {
+						envs.push(`${secret.name}=${secret.value}`);
+					}
+				}
 			});
 		}
 		await fs.writeFile(`${workdir}/.env`, envs.join('\n'));
diff --git a/src/routes/applications/[id]/index.svelte b/src/routes/applications/[id]/index.svelte
index c5289e50a..26f13a0e1 100644
--- a/src/routes/applications/[id]/index.svelte
+++ b/src/routes/applications/[id]/index.svelte
@@ -197,7 +197,7 @@
 							value={application.gitSource.name}
 							id="gitSource"
 							disabled
-							class="cursor-pointer bg-coolgray-200 hover:bg-coolgray-500"
+							class="cursor-pointer hover:bg-coolgray-500"
 						/></a
 					>
 				</div>
@@ -214,7 +214,7 @@
 							value="{application.repository}/{application.branch}"
 							id="repository"
 							disabled
-							class="cursor-pointer bg-coolgray-200 hover:bg-coolgray-500"
+							class="cursor-pointer hover:bg-coolgray-500"
 						/></a
 					>
 				</div>
@@ -232,7 +232,7 @@
 							value={application.buildPack}
 							id="buildPack"
 							disabled
-							class="cursor-pointer bg-coolgray-200 hover:bg-coolgray-500"
+							class="cursor-pointe hover:bg-coolgray-500"
 						/></a
 					>
 				</div>
diff --git a/src/routes/applications/[id]/previews/index.json.ts b/src/routes/applications/[id]/previews/index.json.ts
index c50b01d7b..ab10a06b8 100644
--- a/src/routes/applications/[id]/previews/index.json.ts
+++ b/src/routes/applications/[id]/previews/index.json.ts
@@ -39,8 +39,12 @@ export const get: RequestHandler = async (event) => {
 		return {
 			body: {
 				containers: jsonContainers,
-				applicationSecrets,
-				PRMRSecrets
+				applicationSecrets: applicationSecrets.sort((a, b) => {
+					return ('' + a.name).localeCompare(b.name);
+				}),
+				PRMRSecrets: PRMRSecrets.sort((a, b) => {
+					return ('' + a.name).localeCompare(b.name);
+				})
 			}
 		};
 	} catch (error) {
diff --git a/src/routes/applications/[id]/previews/index.svelte b/src/routes/applications/[id]/previews/index.svelte
index 581416050..59b1e4aa2 100644
--- a/src/routes/applications/[id]/previews/index.svelte
+++ b/src/routes/applications/[id]/previews/index.svelte
@@ -28,6 +28,7 @@
 	import Secret from '../secrets/_Secret.svelte';
 	import { get } from '$lib/api';
 	import { page } from '$app/stores';
+	import Explainer from '$lib/components/Explainer.svelte';
 
 	const { id } = $page.params;
 	async function refreshSecrets() {
@@ -41,10 +42,7 @@
 		Previews for <a href={application.fqdn} target="_blank">{getDomain(application.fqdn)}</a>
 	</div>
 </div>
-<div>
-	Preview secrets. They will overwrite application secrets for PR/MR deployments. Useful for
-	creating staging environments for these deployments.
-</div>
+
 <div class="mx-auto max-w-6xl rounded-xl px-6 pt-4">
 	<table class="mx-auto">
 		<thead class=" rounded-xl border-b border-coolgray-500">
@@ -72,24 +70,29 @@
 		<tbody class="">
 			{#each applicationSecrets as secret}
 				{#key secret.id}
-					<tr class="hover:bg-coolgray-200">
+					<tr class="h-20 transition duration-100 hover:bg-coolgray-400">
 						<Secret
 							PRMRSecret={PRMRSecrets.find((s) => s.name === secret.name)}
 							isPRMRSecret
 							name={secret.name}
-							value={secret.value ? secret.value : 'ENCRYPTED'}
+							value={secret.value}
 							isBuildSecret={secret.isBuildSecret}
 							on:refresh={refreshSecrets}
 						/>
 					</tr>
 				{/key}
 			{/each}
-			<!-- <tr>
-				<Secret isPRMRSecret isNewSecret on:refresh={refreshSecrets} />
-			</tr> -->
 		</tbody>
 	</table>
 </div>
+<div class="flex justify-center py-4 text-center">
+	<Explainer
+		customClass="w-full"
+		text={applicationSecrets.length === 0
+			? "<span class='font-bold text-white text-xl'>Please add secrets to the application first.</span> <br><br>These values overwrite application secrets in PR/MR deployments. Useful for creating <span class='text-green-500 font-bold'>staging</span> environments."
+			: "These values overwrite application secrets in PR/MR deployments. Useful for creating <span class='text-green-500 font-bold'>staging</span> environments."}
+	/>
+</div>
 <div class="mx-auto max-w-4xl py-10">
 	<div class="flex flex-wrap justify-center space-x-2">
 		{#if containers.length > 0}
diff --git a/src/routes/applications/[id]/secrets/_Secret.svelte b/src/routes/applications/[id]/secrets/_Secret.svelte
index b5cbd8751..d5d0988d9 100644
--- a/src/routes/applications/[id]/secrets/_Secret.svelte
+++ b/src/routes/applications/[id]/secrets/_Secret.svelte
@@ -10,12 +10,12 @@
 
 	import { page } from '$app/stores';
 	import { del, post } from '$lib/api';
+	import CopyPasswordField from '$lib/components/CopyPasswordField.svelte';
 	import { errorNotification } from '$lib/form';
+	import { toast } from '@zerodevx/svelte-toast';
 	import { createEventDispatcher } from 'svelte';
 
 	const dispatch = createEventDispatcher();
-	let nameEl;
-	let valueEl;
 	const { id } = $page.params;
 	async function removeSecret() {
 		try {
@@ -30,24 +30,24 @@
 			return errorNotification(error);
 		}
 	}
-	async function saveSecret() {
-		const nameValid = nameEl.checkValidity();
-		const valueValid = valueEl.checkValidity();
-		if (!nameValid) {
-			return nameEl.reportValidity();
-		}
-		if (!valueValid) {
-			return valueEl.reportValidity();
-		}
-
+	async function saveSecret(isNew = false) {
+		if (!name) return errorNotification('Name is required.');
+		if (!value) return errorNotification('Value is required.');
 		try {
-			await post(`/applications/${id}/secrets.json`, { name, value, isBuildSecret, isPRMRSecret });
+			await post(`/applications/${id}/secrets.json`, {
+				name,
+				value,
+				isBuildSecret,
+				isPRMRSecret,
+				isNew
+			});
 			dispatch('refresh');
 			if (isNewSecret) {
 				name = '';
 				value = '';
 				isBuildSecret = false;
 			}
+			toast.push('Secret saved.');
 		} catch ({ error }) {
 			return errorNotification(error);
 		}
@@ -61,8 +61,7 @@
 
 <td class="whitespace-nowrap px-6 py-2 text-sm font-medium text-white">
 	<input
-		id="secretName"
-		bind:this={nameEl}
+		id={isNewSecret ? 'secretName' : 'secretNameNew'}
 		bind:value={name}
 		required
 		placeholder="EXAMPLE_VARIABLE"
@@ -73,16 +72,13 @@
 	/>
 </td>
 <td class="whitespace-nowrap px-6 py-2 text-sm font-medium text-white">
-	<input
-		id="secretValue"
+	<CopyPasswordField
+		id={isNewSecret ? 'secretValue' : 'secretValueNew'}
+		name={isNewSecret ? 'secretValue' : 'secretValueNew'}
+		isPasswordField={true}
 		bind:value
-		bind:this={valueEl}
 		required
 		placeholder="J$#@UIO%HO#$U%H"
-		class="-mx-2 w-64 border-2 border-transparent"
-		class:bg-transparent={!isNewSecret && !isPRMRSecret}
-		class:cursor-not-allowed={!isNewSecret && !isPRMRSecret}
-		readonly={!isNewSecret && !isPRMRSecret}
 	/>
 </td>
 <td class="whitespace-nowrap px-6 py-2 text-center text-sm font-medium text-white">
@@ -137,15 +133,20 @@
 <td class="whitespace-nowrap px-6 py-2 text-sm font-medium text-white">
 	{#if isNewSecret}
 		<div class="flex items-center justify-center">
-			<button class="w-24 bg-green-600 hover:bg-green-500" on:click={saveSecret}>Add</button>
-		</div>
-	{:else if isPRMRSecret}
-		<div class="flex items-center justify-center">
-			<button class="w-24 bg-green-600 hover:bg-green-500" on:click={saveSecret}>Set</button>
+			<button class="bg-green-600 hover:bg-green-500" on:click={() => saveSecret(true)}>Add</button>
 		</div>
 	{:else}
-		<div class="flex justify-center items-end">
-			<button class="w-24 bg-red-600 hover:bg-red-500" on:click={removeSecret}>Remove</button>
+		<div class="flex-col space-y-2">
+			<div class="flex items-center justify-center">
+				<button class="w-24 bg-green-600 hover:bg-green-500" on:click={() => saveSecret(false)}
+					>Set</button
+				>
+			</div>
+			{#if !isPRMRSecret}
+				<div class="flex justify-center items-end">
+					<button class="w-24 bg-red-600 hover:bg-red-500" on:click={removeSecret}>Remove</button>
+				</div>
+			{/if}
 		</div>
 	{/if}
 </td>
diff --git a/src/routes/applications/[id]/secrets/index.json.ts b/src/routes/applications/[id]/secrets/index.json.ts
index 365a74c87..5085f1187 100644
--- a/src/routes/applications/[id]/secrets/index.json.ts
+++ b/src/routes/applications/[id]/secrets/index.json.ts
@@ -28,10 +28,9 @@ export const post: RequestHandler = async (event) => {
 	if (status === 401) return { status, body };
 
 	const { id } = event.params;
-	const { name, value, isBuildSecret, isPRMRSecret } = await event.request.json();
-
+	const { name, value, isBuildSecret, isPRMRSecret, isNew } = await event.request.json();
 	try {
-		if (!isPRMRSecret) {
+		if (isNew) {
 			const found = await db.isSecretExists({ id, name, isPRMRSecret });
 			if (found) {
 				throw {
diff --git a/src/routes/applications/[id]/secrets/index.svelte b/src/routes/applications/[id]/secrets/index.svelte
index 3a3e4aac7..04b8593a2 100644
--- a/src/routes/applications/[id]/secrets/index.svelte
+++ b/src/routes/applications/[id]/secrets/index.svelte
@@ -67,10 +67,10 @@
 		<tbody class="">
 			{#each secrets as secret}
 				{#key secret.id}
-					<tr class="hover:bg-coolgray-200">
+					<tr class="h-20 transition duration-100 hover:bg-coolgray-400">
 						<Secret
 							name={secret.name}
-							value={secret.value ? secret.value : 'ENCRYPTED'}
+							value={secret.value}
 							isBuildSecret={secret.isBuildSecret}
 							on:refresh={refreshSecrets}
 						/>
diff --git a/src/routes/databases/[id]/_Databases/_CouchDb.svelte b/src/routes/databases/[id]/_Databases/_CouchDb.svelte
index 3cba4ef93..1a52e342c 100644
--- a/src/routes/databases/[id]/_Databases/_CouchDb.svelte
+++ b/src/routes/databases/[id]/_Databases/_CouchDb.svelte
@@ -6,7 +6,7 @@
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">CouchDB</div>
 </div>
-<div class="px-10">
+<div class="space-y-2 px-10">
 	<div class="grid grid-cols-2 items-center">
 		<label for="defaultDatabase">Default Database</label>
 		<CopyPasswordField
diff --git a/src/routes/databases/[id]/_Databases/_MongoDB.svelte b/src/routes/databases/[id]/_Databases/_MongoDB.svelte
index 54518c012..2b6eae411 100644
--- a/src/routes/databases/[id]/_Databases/_MongoDB.svelte
+++ b/src/routes/databases/[id]/_Databases/_MongoDB.svelte
@@ -6,7 +6,7 @@
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">MongoDB</div>
 </div>
-<div class="px-10">
+<div class="space-y-2 px-10">
 	<div class="grid grid-cols-2 items-center">
 		<label for="rootUser">Root User</label>
 		<CopyPasswordField
diff --git a/src/routes/databases/[id]/_Databases/_MySQL.svelte b/src/routes/databases/[id]/_Databases/_MySQL.svelte
index 4f24862b3..c27a93c08 100644
--- a/src/routes/databases/[id]/_Databases/_MySQL.svelte
+++ b/src/routes/databases/[id]/_Databases/_MySQL.svelte
@@ -6,7 +6,7 @@
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">MySQL</div>
 </div>
-<div class=" px-10">
+<div class="space-y-2 px-10">
 	<div class="grid grid-cols-2 items-center">
 		<label for="defaultDatabase">Default Database</label>
 		<CopyPasswordField
diff --git a/src/routes/databases/[id]/_Databases/_PostgreSQL.svelte b/src/routes/databases/[id]/_Databases/_PostgreSQL.svelte
index 758aaccb0..c792e73d2 100644
--- a/src/routes/databases/[id]/_Databases/_PostgreSQL.svelte
+++ b/src/routes/databases/[id]/_Databases/_PostgreSQL.svelte
@@ -6,7 +6,7 @@
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">PostgreSQL</div>
 </div>
-<div class="px-10">
+<div class="space-y-2 px-10">
 	<div class="grid grid-cols-2 items-center">
 		<label for="defaultDatabase">Default Database</label>
 		<CopyPasswordField
diff --git a/src/routes/databases/[id]/_Databases/_Redis.svelte b/src/routes/databases/[id]/_Databases/_Redis.svelte
index 7c02a313e..a828af55f 100644
--- a/src/routes/databases/[id]/_Databases/_Redis.svelte
+++ b/src/routes/databases/[id]/_Databases/_Redis.svelte
@@ -6,7 +6,7 @@
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">Redis</div>
 </div>
-<div class="px-10">
+<div class="space-y-2 px-10">
 	<div class="grid grid-cols-2 items-center">
 		<label for="dbUserPassword">Password</label>
 		<CopyPasswordField
diff --git a/src/routes/services/[id]/_Services/_MinIO.svelte b/src/routes/services/[id]/_Services/_MinIO.svelte
index 6bdb1b310..ffc67346d 100644
--- a/src/routes/services/[id]/_Services/_MinIO.svelte
+++ b/src/routes/services/[id]/_Services/_MinIO.svelte
@@ -7,7 +7,7 @@
 <div class="flex space-x-1 py-5 font-bold">
 	<div class="title">MinIO Server</div>
 </div>
-<div class="grid grid-cols-2 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="rootUser">Root User</label>
 	<input
 		name="rootUser"
@@ -18,7 +18,7 @@
 		readonly
 	/>
 </div>
-<div class="grid grid-cols-2 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="rootUserPassword">Root's Password</label>
 	<CopyPasswordField
 		id="rootUserPassword"
@@ -29,7 +29,7 @@
 		value={service.minio.rootUserPassword}
 	/>
 </div>
-<div class="grid grid-cols-2 items-center">
+<div class="grid grid-cols-2 items-center px-10">
 	<label for="publicPort">API Port</label>
 	<input
 		name="publicPort"
diff --git a/src/routes/settings/index.svelte b/src/routes/settings/index.svelte
index 3b565a3af..f86af5e4b 100644
--- a/src/routes/settings/index.svelte
+++ b/src/routes/settings/index.svelte
@@ -159,7 +159,7 @@
 					: browser && 'http://' + window.location.hostname + ':8404'
 			} target="_blank">stats</a> page.`}
 		/>
-		<div class="px-10 py-5">
+		<div class="space-y-2 px-10 py-5">
 			<div class="grid grid-cols-2 items-center">
 				<label for="proxyUser">User</label>
 				<CopyPasswordField
diff --git a/src/tailwind.css b/src/tailwind.css
index 172af06ce..ce4c749cd 100644
--- a/src/tailwind.css
+++ b/src/tailwind.css
@@ -35,10 +35,10 @@ main,
 }
 
 input {
-	@apply h-12 w-96 select-all rounded border border-transparent bg-transparent bg-coolgray-200 p-2 text-xs tracking-tight text-white placeholder-stone-600 outline-none transition duration-150 hover:bg-coolgray-500 focus:bg-coolgray-500 disabled:bg-transparent md:text-sm;
+	@apply h-12 w-96 rounded border border-transparent bg-transparent bg-coolgray-200 p-2 text-xs tracking-tight text-white placeholder-stone-600 outline-none transition duration-150 hover:bg-coolgray-500 focus:bg-coolgray-500 disabled:border disabled:border-dashed disabled:border-coolgray-300 disabled:bg-transparent md:text-sm;
 }
 textarea {
-	@apply w-96 select-all rounded border border-transparent bg-transparent bg-coolgray-200 p-2 text-xs tracking-tight text-white placeholder-stone-600 outline-none transition duration-150 hover:bg-coolgray-500 focus:bg-coolgray-500 disabled:bg-transparent md:text-sm;
+	@apply w-96 rounded border border-transparent bg-transparent bg-coolgray-200 p-2 text-xs tracking-tight text-white placeholder-stone-600 outline-none transition duration-150 hover:bg-coolgray-500 focus:bg-coolgray-500 disabled:border disabled:border-dashed disabled:border-coolgray-300 disabled:bg-transparent md:text-sm;
 }
 
 select {

From b931c5f6386d01fab81ea0b804fed9436153ff3d Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Sun, 20 Feb 2022 00:13:16 +0100
Subject: [PATCH 34/35] Migration file

---
 .../20220219231255_prmr_secrets/migration.sql | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 prisma/migrations/20220219231255_prmr_secrets/migration.sql

diff --git a/prisma/migrations/20220219231255_prmr_secrets/migration.sql b/prisma/migrations/20220219231255_prmr_secrets/migration.sql
new file mode 100644
index 000000000..728fcae36
--- /dev/null
+++ b/prisma/migrations/20220219231255_prmr_secrets/migration.sql
@@ -0,0 +1,19 @@
+-- RedefineTables
+PRAGMA foreign_keys=OFF;
+CREATE TABLE "new_Secret" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT NOT NULL,
+    "value" TEXT NOT NULL,
+    "isPRMRSecret" BOOLEAN NOT NULL DEFAULT false,
+    "isBuildSecret" BOOLEAN NOT NULL DEFAULT false,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "applicationId" TEXT NOT NULL,
+    CONSTRAINT "Secret_applicationId_fkey" FOREIGN KEY ("applicationId") REFERENCES "Application" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+INSERT INTO "new_Secret" ("applicationId", "createdAt", "id", "isBuildSecret", "name", "updatedAt", "value") SELECT "applicationId", "createdAt", "id", "isBuildSecret", "name", "updatedAt", "value" FROM "Secret";
+DROP TABLE "Secret";
+ALTER TABLE "new_Secret" RENAME TO "Secret";
+CREATE UNIQUE INDEX "Secret_name_applicationId_isPRMRSecret_key" ON "Secret"("name", "applicationId", "isPRMRSecret");
+PRAGMA foreign_key_check;
+PRAGMA foreign_keys=ON;

From 1cfaef911cad42690aacc3f880d36203e2e072d0 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Sun, 20 Feb 2022 00:17:44 +0100
Subject: [PATCH 35/35] Small fixes

---
 src/routes/applications/[id]/configuration/buildpack.svelte | 2 +-
 src/routes/applications/[id]/index.svelte                   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/routes/applications/[id]/configuration/buildpack.svelte b/src/routes/applications/[id]/configuration/buildpack.svelte
index d382b24c8..79f424753 100644
--- a/src/routes/applications/[id]/configuration/buildpack.svelte
+++ b/src/routes/applications/[id]/configuration/buildpack.svelte
@@ -94,7 +94,7 @@
 				}
 			} else if (type === 'github') {
 				const files = await get(`${apiUrl}/repos/${repository}/contents?ref=${branch}`, {
-					Authorization: `Bearer ${$session.ghToken || ghToken}`,
+					Authorization: `Bearer ${$session.ghToken}`,
 					Accept: 'application/vnd.github.v2.json'
 				});
 				const packageJson = files.find(
diff --git a/src/routes/applications/[id]/index.svelte b/src/routes/applications/[id]/index.svelte
index 26f13a0e1..4e487ed9c 100644
--- a/src/routes/applications/[id]/index.svelte
+++ b/src/routes/applications/[id]/index.svelte
@@ -232,7 +232,7 @@
 							value={application.buildPack}
 							id="buildPack"
 							disabled
-							class="cursor-pointe hover:bg-coolgray-500"
+							class="cursor-pointer hover:bg-coolgray-500"
 						/></a
 					>
 				</div>