Web Page Suggestions

[samcro1967]

A few suggestions for the web page...

Short term

1. ✅ Change Help link to Documentation or Docs and open in a new window. Always keep your app open and users in your app. Self promotion to some extent.
2. ✅ Add link to Github repo and call Github or link to Github Issues and call Issues which opens in a new window
3. ✅ Add a sponsor link so I can buy you a coffee, beer, whiskey, or whatever you poison is.

Longer term

1. Consider a table view. I have 20 services setup currently. Guessing I may add another 10 or so. Table view would be more compact, less scrolling, and a quicker view of more services at once.
2. Someone will probably eventually ask for a tag and filter option to view the dashboard. So maybe in the Dashboard section of the service block there is a tag option which eventually could be used as a display filter in the dashboard. Probably easier to do in the earlier stages of a project than try to retrofit in later.
3. ✅ Someone will undoubtedly ask for authentication since it can have actions to run webhooks which leads to downtime and possibly required validation and/or testing after the update. I think for something like this basic web auth would be sufficient. I would want the ability to disable it and let my reverse proxy handle the auth to eliminate double logins. I would not head down the authorization path. Either someone gets access to the dashboard or they do not. A compromise could be with no auth you get view only access and if authenticated, then you can run the webhooks and eventually update the config once that is available via the UI.

Really impressed with the work on this. I have most things set to update automatically, but a lot of it relies on automation upstream that someone else is maintaining. Previously I would have to periodically go out and verify versions and then notify maintainers they had an issue. Some apps tell you when you login, but not all. Can see it in real time now. Also surprised how many updates some apps are pushing out each day.

[JosephKav]

Short term:
1 - I agree with making it open in new tab, but am not so sure on renaming it to docs. Yes it does take you to the docs page, but you'd use it for help and I think help is more user friendly?
2 - I can add a GitHub drop-down to the navbar with a Repo link and something like Report an issue
3 - been meaning to look into the legal/tax requirements for something like this. I'll speed up on this then 😉. Maybe with this and 2, we could make help a drop-down with Docs,Report an Issue,GitHub,Sponsor?
Longer term
1 - I did have this planned for the future, I just called it a list view rather than table (#3). Have changed that to List/Table
2 - yeah that'd be nice. Maybe a bar at the top that has a tag select drop-down and then buttons that let you filter pending updates/no pending updates/all (default)
3 - I thought about this too, but will leave it for a bit as I'm thinking that if you really want auth, you're most likely gonna be using a reverse proxy already, so just shove it on there

[JosephKav]

And thanks for your appreciation! I really appreciate all the work you've done on these issues and the fact that you like it enough to use it and want to make it better. Contributors like you make doing this a lot more enjoyable (but also make me spend much more time on it XD).

[samcro1967]

I was thinking table rather than a list meaning columns could be sorted eventually in ascending or descending order, filters potentially per column, etc.

Reverse proxy can handle auth externally, but not internally. Someone can always go directly to the URL and bypass the reverse proxy internally. I personally do not need nor want it, but suspect it will come up eventually. I am sure adding that much deeper into the project could become more complex and will require more retrofitting. That is really the only reason I brought it up so that if you did want to do it that it gets added sooner than later. Or maybe at the very least try to add some stubs now that can be enabled later to try to mitigate rework down the road. I've seen several projects struggle trying to add it in after a year or two into a project.

[JosephKav]

I was thinking table rather than a list meaning columns could be sorted eventually in ascending or descending order, filters potentially per column, etc.

I was picturing ny list view as the card style we have now, but put the image on the left and just have the name and update options/current version. This wouldn't be that compact as the cards would require some padding, but more 1 column would be possible.

So this table view you're asking for is essentially a text table, so it'll have icon, name, current_version, latest_version, skip, approve rows that'll be sortable as well as filterable. Its use will be for when you have lots of services and aren't too fussed about the aesthetics

Reverse proxy can handle auth externally, but not internally. Someone can always go directly to the URL and bypass the reverse proxy internally.

Hmm, is it not normal to just reverse proxy everything? That's what I do from my homelab, but maybe I'm an odd one (I do have my local SSL CA certs/dhparam at 16384 keysize purely because 8192 was getting quite common XD). I have everything listening local only and then nginx reverse proxys that, handling all auth/redirects. And I much prefer a subdomain over using ports to access things.
But yeah, I take your point that it'll most likely be easier the sooner I do it, so I'll keep it in mind, thanks.

[samcro1967]

So this table view you're asking for is essentially a text table, so it'll have icon, name, current_version, latest_version, skip, approve rows that'll be sortable as well as filterable. Its use will be for when you have lots of services and aren't too fussed about the aesthetics

Exactly what I was envisioning, but I also like the idea of a more compact card view as well.

Hmm, is it not normal to just reverse proxy everything? That's what I do from my homelab, but maybe I'm an odd one (I do have my local SSL CA certs/dhparam at 16384 keysize purely because 8192 was getting quite common XD). I have everything listening local only and then nginx reverse proxys that, handling all auth/redirects. And I much prefer a subdomain over using ports to access things. But yeah, I take your point that it'll most likely be easier the sooner I do it, so I'll keep it in mind, thanks.

Spot on for exposing services externally and securing them. Externally users only get access to one external ip address, one port, have to authenticate, and then only have access to the apps provisioned through the reverse proxy.

Internally is a different ballgame. You can still do all of that internally. Lets say's Argus in as http://server1:80. You can put it behind a reverse.proxy so they can access it at https://argus.local and have to login. Since they are internally, they have access to all IPs and ports. Even though you want them to go to https://argus.local, they can simply go directly to http://server1:80 and access the app with no authentication.

You could do some things from a network perspective so that only the reverse proxy can access the apps, but that is a little more complicated and I don't think most folks do that by default. Trying to manage an internal DMZ or micro segmentation is not for the faint of heart IMHO. Even seen may large Global Fortune 500 companies struggle with it.

[JosephKav]

Internally is a different ballgame. You can still do all of that internally. Lets say's Argus in as http://server1:80. You can put it behind a reverse.proxy so they can access it at https://argus.local and have to login. Since they are internally, they have access to all IPs and ports. Even though you want them to go to https://argus.local, they can simply go directly to http://server1:80 and access the app with no authentication.

You could do some things from a network perspective so that only the reverse proxy can access the apps, but that is a little more complicated and I don't think most folks do that by default. Trying to manage an internal DMZ or micro segmentation is not for the faint of heart IMHO. Even seen may large Global Fortune 500 companies struggle with it.

I was picturing hosting on a loopback address (127.0.0.0/8/::1/128) so that only your machine can access it. By you not expecting that, it can't be that common, so pushes up the priority on this a bit

[samcro1967]

Might also want to make the web_url links open in a new window as well.

[samcro1967]

I have found https://regoio.herokuapp.com/ to be extremely helpful as I am not a regex expert by any stretch of the imagination. Might be another link to either put on the GitHub page as a resource and/or in the help dropdown. Gives people a resource to help with regex generation as well as docs to the regex language being used to do the parsing. Might also cut down on folks asking you for regex help. ;-)