Merge pull request #34 from Lissy93/feature_status-indicators

Feature: Status Indicators (optional feature)
Lissy93 · Jun 14, 2021 · f03b6c4 · f03b6c4 · vercel · Jun 14, 2021
2 parents 6457fdf + 62c7952
commit f03b6c4
Show file tree

Hide file tree

Showing 23 changed files with 455 additions and 104 deletions.
diff --git a/README.md b/README.md
@@ -19,6 +19,7 @@
 - Customizable layout options, and item sizes
 - Quickly preview a website, by holding down the Alt key while clicking, to open it in a resizable pop-up modal
 - Many options for icons, including full Font-Awesome support and the ability to auto-fetch icon from URLs favicon
+- Option to show service status for each of your apps / links, for basic availability and uptime monitoring
 - Additional info for each item visible on hover (including opening method icon and description as a tooltip)
 - Option for full-screen background image, custom nav-bar links, and custom footer text
 - User preferences stored in local storage and applied on load
@@ -46,7 +47,7 @@
 
 ## Getting Started 🛫
 
-> For full setup instructions, see: [**Getting Started**](./docs/getting-started.md)
+> For full setup instructions, see: [**Deployment**](./docs/deployment.md)
 
 #### Deploying from Docker Hub 🐳
 
@@ -104,7 +105,7 @@ You may find these [example config](https://gist.github.com/Lissy93/000f712a5ce9
 
 ## Theming 🎨
 
-> For full configuration documentation, see: [**Theming**](./docs/theming.md)
+> For full theming documentation, see: [**Theming**](./docs/theming.md)
 
 <p align="center">
   <a href="https://i.ibb.co/BVSHV1v/dashy-themes-slideshow.gif">
@@ -122,7 +123,7 @@ You can also apply custom CSS overrides directly through the UI (Under Config me
 
 ## Cloud Backup & Sync ☁
 
-> For full documentation, see: [**Cloud Backup & Sync**](./docs/backup-restore.md)
+> For full backup documentation, see: [**Cloud Backup & Sync**](./docs/backup-restore.md)
 
 Dashy has an **optional** built-in feature for securely backing up your config to a hosted cloud service, and then restoring it on another instance. This feature is totally optional, and if you do not enable it, then Dashy will not make any external network requests.
 
@@ -136,7 +137,7 @@ All data is encrypted before being sent to the backend. In Dashy, this is done i
 
 ## Authentication 💂
 
-> For full development documentation, see: [**Authentication**](./docs/authentication.md)
+> For full authentication documentation, see: [**Authentication**](./docs/authentication.md)
 
 Dashy has a built-in login feature, which can be used for basic access control. To enable this feature, add an `auth` attribute under `appConfig`, containing an array of users, each with a username, SHA-256 hashed password and optional user type.
 
@@ -146,7 +147,17 @@ appConfig:
     - user: alicia
       hash: 4D1E58C90B3B94BCAD9848ECCACD6D2A8C9FBC5CA913304BBA5CDEAB36FEEFA3
 ```
-At present, access control is handles on the frontend, and therefore in security-critical applications, it is recommended to use VPN access for authentication.
+At present, access control is handled on the frontend, and therefore in security-critical situations, it is recommended to use an alternate method for authentication, such as [Authelia](https://www.authelia.com/), a VPN or web server and firewall rules.
+
+**[⬆️ Back to Top](#dashy)**
+
+---
+
+## Status Indicators 🚦
+
+> For full monitoring documentation, see: [**Status Indicators**](./docs/status-indicators.md)
+
+Dashy has an optional feature that can display a small icon ([like this](./docs/assets/status-check-demo.gif)) next to each of your running services, indicating it's current status. This is useful if you are using Dashy as your homelab's start page, as it gives you an overview of the health of each of your running services. By default, this feature is off, but you can enable it globally by setting `appConfig.statusCheck: true`, or enable/ disable it for an individual item, with `item[n].statusCheck`.
 
 **[⬆️ Back to Top](#dashy)**
 
@@ -210,7 +221,7 @@ For more general questions about any of the technologies used, [StackOverflow](h
 
 ## Documentation 📘
 
-- [Getting Started](/docs/getting-started.md)
+- [Getting Started](/docs/deployment.md)
 - [Configuring](/docs/configuring.md)
 - [Developing](/docs/developing.md)
 - [Contributing](/docs/contributing.md)

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -18,7 +18,7 @@ services:
     #  - GID=1000
     restart: unless-stopped
     healthcheck:
-      test: ['CMD', 'node', '/app/bin/healthcheck']
+      test: ['CMD', 'node', '/app/services/healthcheck']
       interval: 1m30s
       timeout: 10s
       retries: 3

diff --git a/docs/assets/status-check-demo.gif b/docs/assets/status-check-demo.gif
diff --git a/docs/authentication.md b/docs/authentication.md
@@ -42,6 +42,7 @@ Since all authentication is happening entirely on the client-side, it is vulnera
 Addressing this is on the todo list, and there are two potential solutions:
 1. Encrypt all site data against the users password, so that an attacker can not physically access any data without the correct decryption key
 2. Use a backend service to handle authentication, and do not return user data from the server until the correct credentials are provided. However, this would require either Dashy to be run using it's Node.js server, or the use of an external service
+3. Implement authentication using a self-hosted identity management solution, such as [Keycloak for Vue](https://www.keycloak.org/securing-apps/vue)
 
 **[⬆️ Back to Top](#authentication)**
 
@@ -50,13 +51,27 @@ Addressing this is on the todo list, and there are two potential solutions:
 ## Alternative Authentication Methods
 
 If you are hosting Dashy locally, and require remote access, it is recommend to configure a VPN connection into your local network. For instances running on the cloud, you have several other options:
+- Authentication Server
+- VPN
 - IP-Based Access
 - Web Server Authentication
 - OAuth Services
 - Password Protection (for cloud providers)
 
+### Authentication Server
+##### Authelia 
+[Authelia](https://www.authelia.com/) is an open-source full-featured authentication server, which can be self-hosted and either on bare metal, in a Docker container or in a Kubernetes cluster. It allows for fine-grained access control rules based on IP, path, users etc, and supports 2FA, simple password access or bypass policies for your domains. 
+
+- `git clone https://github.com/authelia/authelia.git`
+- `cd authelia/examples/compose/lite`
+- Modify the `users_database.yml` the default username and password is authelia
+- Modify the `configuration.yml` and `docker-compose.yml` with your respective domains and secrets
+- `docker-compose up -d`
+
+For more information, see the [Authelia docs](https://www.authelia.com/docs/)
+
 ### VPN
-The most secure method for accessing Dashy and other self-hosted services remotely is through a VPN connection, using something like [OpenVPN](https://openvpn.net/) or [WireGuard](https://www.wireguard.com/)
+A catch-all solution to accessing services running from your home network remotely is to use a VPN. It means you do not need to worry about implementing complex authentication rules, or trusting the login implementation of individual applications. However it can be inconvenient to use on a day-to-day basis, and some public and corporate WiFi block VPN connections. Two popular VPN protocols are [OpenVPN](https://openvpn.net/) and [WireGuard](https://www.wireguard.com/)
 
 ### IP-Based Access
 If you have a static IP or use a VPN to access your running services, then you can use conditional access to block access to Dashy from everyone except users of your pre-defined IP address. This feature is offered by most cloud providers, and supported by most web servers.
@@ -154,7 +169,7 @@ Restart your web server for changes to take effect.
 ### OAuth Services
 There are also authentication services, such as [Ory.sh](https://www.ory.sh/), [Okta](https://developer.okta.com/), [Auth0](https://auth0.com/), [Firebase](https://firebase.google.com/docs/auth/). Implementing one of these solutions would involve some changes to the [`Auth.js`](https://github.com/Lissy93/dashy/blob/master/src/utils/Auth.js) file, but should be fairly straight forward.
 
-## Static Site Hosting Providers
+### Static Site Hosting Providers
 If you are hosting Dashy on a cloud platform, you will probably find that it has built-in support for password protected access to web apps. For more info, see the relevant docs for your provider, for example: [Netlify Password Protection](https://docs.netlify.com/visitor-access/password-protection/), [Cloudflare Access](https://www.cloudflare.com/teams/access/), [AWS Cognito](https://aws.amazon.com/cognito/), [Azure Authentication](https://docs.microsoft.com/en-us/azure/app-service/scenario-secure-app-authentication-app-service) and [Vercel Password Protection](https://vercel.com/docs/platform/projects#password-protection).
 
 **[⬆️ Back to Top](#authentication)**
diff --git a/docs/getting-started.md → docs/deployment.md b/docs/getting-started.md → docs/deployment.md
@@ -1,6 +1,6 @@
-# Getting Started
+# Deployment
 
-- [Deployment](#deployment)
+- [Running the App](#running-the-app)
   - [Deploy with Docker](#deploy-with-docker)
   - [Deploy from Source](#deploy-from-source)
   - [Deploy to Cloud Service](#deploy-to-cloud-service)
@@ -17,7 +17,7 @@
   - [NGINX](#nginx)
   - [Apache](#apache)
 
-## Deployment
+## Running the App
 
 ### Deploy with Docker
 
@@ -154,7 +154,7 @@ yarn build
 surge ./dist
 ```
 
-**[⬆️ Back to Top](#getting-started)**
+**[⬆️ Back to Top](#deployment)**
 
 ---
 
@@ -177,6 +177,7 @@ The following commands are defined in the [`package.json`](https://github.com/Li
 - **`yarn health-check`** - Checks that the application is up and running on it's specified port, and outputs current status and response times. Useful for integrating into your monitoring service, if you need to maintain high system availability
 - **`yarn build-watch`** - If you find yourself making frequent changes to your configuration, and do not want to have to keep manually rebuilding, then this option is for you. It will watch for changes to any files within the projects root, and then trigger a rebuild. Note that if you are developing new features, then `yarn dev` would be more appropriate, as it's significantly faster at recompiling (under 1 second), and has hot reloading, linting and testing integrated
 - **`yarn build-and-start`** - Builds the app, runs checks and starts the production server. Commands are run in parallel, and so is faster than running them in independently
+- **`yarn pm2-start`** - Starts the Node server using [PM2](https://pm2.keymetrics.io/), a process manager for Node.js applications, that helps them stay alive. PM2 has some built-in basic monitoring features, and an optional [management solution](https://pm2.io/). If you are running the app on bare metal, it is recommended to use this start command
 
 ### Healthchecks
 
@@ -192,7 +193,7 @@ You can check the resource usage for your running Docker containers with `docker
 
 You can also view logs, resource usage and other info as well as manage your Docker workflow in third-party Docker management apps. For example [Portainer](https://github.com/portainer/portainer) an all-in-one management web UI  for Docker and Kubernetes, or [LazyDocker](https://github.com/jesseduffield/lazydocker) a terminal UI for Docker container management and monitoring.
 
-**[⬆️ Back to Top](#getting-started)**
+**[⬆️ Back to Top](#deployment)**
 
 ---
 ## Updating
@@ -230,8 +231,7 @@ For more information, see the [Watchtower Docs](https://containrrr.dev/watchtowe
 4. Re-build: `yarn build`
 5. Start: `yarn start`
 
-
-**[⬆️ Back to Top](#getting-started)**
+**[⬆️ Back to Top](#deployment)**
 
 ---
 
@@ -241,8 +241,9 @@ _The following section only applies if you are not using Docker, and would like
 
 Dashy ships with a pre-configured Node.js server, in [`server.js`](https://github.com/Lissy93/dashy/blob/master/server.js) which serves up the contents of the `./dist` directory on a given port. You can start the server by running `node server`. Note that the app must have been build (run `yarn build`), and you need [Node.js](https://nodejs.org) installed.
 
-However, since Dashy is just a static web application, it can be served with whatever server you like. The following section outlines how you can configure a web server.
+If you wish to run Dashy from a sub page (e.g. `example.com/dashy`), then just set the `BASE_URL` environmental variable to that page name (in this example, `/dashy`), before building the app, and the path to all assets will then resolve to the new path, instead of `./`.
 
+However, since Dashy is just a static web application, it can be served with whatever server you like. The following section outlines how you can configure a web server.
 ### NGINX
 
 Create a new file in `/etc/nginx/sites-enabled/dashy`
@@ -299,13 +300,13 @@ Then restart Apache, with `sudo systemctl restart apache2`
 8. If you need to change the port, click 'Add environmental variable', give it the name 'PORT', choose a port number and press 'Save'.
 9. Dashy should now be running at your selected path an on a given port
 
-**[⬆️ Back to Top](#getting-started)**
+**[⬆️ Back to Top](#deployment)**
 
 ---
 
 ## Authentication
 
-Dashy has built-in client-side authentication, but for security-critical situations, it is recommend to either use a VPN for access, or implement your own authentication using your cloud provider, web server or firewall rules. For more info, see **[Authentication Docs](/docs/authentication.md)**.
+Dashy has built-in authentication and login functionality. However, since this is handled on the client-side, if you are using Dashy in security-critical situations, it is recommended to use an alternate method for authentication, such as [Authelia](https://www.authelia.com/), a VPN or web server and firewall rules. For more info, see **[Authentication Docs](/docs/authentication.md)**.
 
 
-**[⬆️ Back to Top](#getting-started)**
+**[⬆️ Back to Top](#deployment)**
diff --git a/docs/developing.md b/docs/developing.md
@@ -47,6 +47,17 @@ Note:
 - If you are using NPM, replace `yarn` with `npm run`
 - If you are using Docker, precede each command with `docker exec -it [container-id]`. Container ID can be found by running `docker ps`
 
+### Environmental Variables
+
+- `PORT` - The port in which the application will run (defaults to `4000` for the Node.js server, and `80` within the Docker container)
+- `VUE_APP_DOMAIN` - The URL where Dashy is going to be accessible from. This should include the protocol, hostname and (if not 80 or 443), then the port too, e.g. `https://localhost:3000`, `http://192.168.1.2:4002` or `https://dashy.mydomain.com`
+
+All environmental variables are optional. Currently there are not many environmental variables used, as most of the user preferences are stored under `appConfig` in the `conf.yml` file.
+
+If you do add new variables, ensure that there is always a fallback (define it in [`defaults.js`](https://github.com/Lissy93/dashy/blob/master/src/utils/defaults.js)), so as to not cause breaking changes. Don't commit your `.env` file to git, but instead take a few moments to document what you've added under the appropriate section. Try and follow the concepts outlined in the [12 factor app](https://12factor.net/config), as these are good practices.
+
+Any environmental variables used by the frontend are preceded with `VUE_APP_`. Vue will merge the contents of your `.env` file into the app in a similar way to the ['dotenv'](https://github.com/motdotla/dotenv) package, where any variables that you set on your system will always take preference over the contents of any `.env` file.
+
 ### Resources for Beginners
 New to Web Development? Glad you're here! Dashy is a pretty simple app, so it should make a good candidate for your first PR. Presuming that you already have a basic knowledge of JavaScript, the following articles should point you in the right direction for getting up to speed with the technologies used in this project:
 - [Introduction to Vue.js](https://v3.vuejs.org/guide/introduction.html)
@@ -79,7 +90,6 @@ The most significant things to note are:
 
 For the full styleguide, see: [github.com/airbnb/javascript](https://github.com/airbnb/javascript) 
 
-
 ### Frontend Components
 
 All frontend code is located in the `./src` directory, which is split into 5 sub-folders:
@@ -122,6 +132,9 @@ Running `yarn upgrade` will updated all dependencies based on the ranges specifi
 #### Performance - Lighthouse
 The easiest method of checking performance is to use Chromium's build in auditing tool, Lighthouse. To run the test, open Developer Tools (usually F12) --> Lighthouse and click on the 'Generate Report' button at the bottom.
 
+#### Dependencies - BundlePhobia
+[BundlePhobia](https://bundlephobia.com/) is a really useful app that lets you analyze the cost of adding any particular dependency to an application
+
 ### Directory Structure
 
 #### Files in the Root: `./`

diff --git a/docs/readme.md b/docs/readme.md
@@ -1,6 +1,6 @@
 ## Contents
 
-- [Getting Started](/docs/getting-started.md)
+- [Deployment](/docs/deployment.md)
 - [Configuring](/docs/configuring.md)
 - [Developing](/docs/developing.md)
 - [Contributing](/docs/contributing.md)

diff --git a/docs/status-indicators.md b/docs/status-indicators.md
@@ -0,0 +1,46 @@
+# Status Indicators
+
+Dashy has an optional feature that can display a small icon next to each of your running services, indicating it's current status. This is useful if you are using Dashy as your homelab's start page, as it gives you an overview of the health of each of your running services.
+
+<p align="center">
+  <img width="800" src="/docs/assets/status-check-demo.gif" />
+</p>
+
+## Enabling Status Indicators
+By default, this feature is off. If you do not want this feature, just don't add the `statusCheck` to your conf.yml file, then no requests will be made.  
+
+To enable status checks, you can either turn it on for all items, by setting `appConfig.statusCheck: true`, like:
+```yaml
+appConfig:
+  statusCheck: true
+```
+
+Or you can enable/ disable it on a per-item basis, with the `item[n].statusCheck` attribute
+```yaml
+sections:
+- name: Firewall
+  items:
+  - title: OPNsense
+    description: Firewall Central Management
+    icon: networking/opnsense.png
+    url: https://192.168.1.1
+		statusCheck: false
+  - title: MalTrail
+    description: Malicious traffic detection system
+    icon: networking/maltrail.png
+    url: http://192.168.1.1:8338
+		statusCheck: true
+  - title: Ntopng
+    description: Network traffic probe and network use monitor
+    icon: networking/ntop.png
+    url: http://192.168.1.1:3001
+		statusCheck: true
+```
+
+## How it Works
+
+When Dashy is loaded, items with `statusCheck` enabled will make a request, to `https://[your-host-name]/ping?url=[address-or-servce]`, which in turn will ping that running service, and respond with a status code. Response time is calculated from the difference between start and end time of the request. 
+
+An indicator will display next to each item, and will be yellow while waiting for the response to return, green if request was successful, red if it failed, and grey if it was unable to make the request all together.
+
+All requests are made straight from your server, there is no intermediary. So providing you are hosting Dashy yourself, and are checking the status of other self-hosted services, there shouldn't be any privacy concerns.