update project structure

- move agent to /agent
- change /beszel to /src
- update workflows and docker builds

.dockerignore

@@ -0,0 +1,48 @@
+# Node.js dependencies
+node_modules
+src/site/node_modules
+
+# Go build artifacts and binaries
+build
+dist
+*.exe
+beszel-agent
+beszel_data*
+pb_data
+data
+temp
+
+# Development and IDE files
+.vscode
+.idea*
+*.swc
+__debug_*
+
+# Git and version control
+.git
+.gitignore
+
+# Documentation and supplemental files
+*.md
+supplemental
+freebsd-port
+
+# Test files (exclude from production builds)
+*_test.go
+coverage
+
+# Docker files
+dockerfile_*
+
+# Temporary files
+*.tmp
+*.bak
+*.log
+
+# OS specific files
+.DS_Store
+Thumbs.db
+
+# .NET build artifacts
+agent/lhm/obj
+agent/lhm/bin

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -1,8 +1,19 @@
 name: 🐛 Bug report
 description: Report a new bug or issue.
 title: '[Bug]: '
-labels: ['bug']
+labels: ['bug', "needs confirmation"]
 body:
+  - type: dropdown
+    id: component
+    attributes:
+      label: Component
+      description: Which part of Beszel is this about?
+      options:
+        - Hub
+        - Agent
+        - Hub & Agent
+    validations:
+      required: true
   - type: markdown
     attributes:
       value: |
@@ -43,6 +54,39 @@ body:
         3. Pour it into a cup.
     validations:
       required: true
+  - type: dropdown
+    id: category
+    attributes:
+      label: Category
+      description: Which category does this relate to most?
+      options:
+        - Metrics
+        - Charts & Visualization
+        - Settings & Configuration
+        - Notifications & Alerts
+        - Authentication
+        - Installation
+        - Performance
+        - UI / UX
+        - Other
+    validations:
+      required: true
+  - type: dropdown
+    id: metrics
+    attributes:
+      label: Affected Metrics
+      description: If applicable, which specific metric does this relate to most?
+      options:
+        - CPU
+        - Memory
+        - Storage
+        - Network
+        - Containers
+        - GPU
+        - Sensors
+        - Other
+    validations:
+      required: true
   - type: input
     id: system
     attributes:
@@ -61,7 +105,6 @@ body:
     id: install-method
     attributes:
       label: Installation method
-      default: 0
       options:
         - Docker
         - Binary

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -1,8 +1,19 @@
 name: 🚀 Feature request
 description: Request a new feature or change.
 title: "[Feature]: "
-labels: ["enhancement"]
+labels: ["enhancement", "needs review"]
 body:
+  - type: dropdown
+    id: component
+    attributes:
+      label: Component
+      description: Which part of Beszel is this about?
+      options:
+        - Hub
+        - Agent
+        - Hub & Agent
+    validations:
+      required: true
   - type: markdown
     attributes:
       value: Before submitting, please search existing [issues](https://github.com/henrygd/beszel/issues) and [discussions](https://github.com/henrygd/beszel/discussions) (including closed).
@@ -11,8 +22,55 @@ body:
       label: Describe the feature you would like to see
     validations:
       required: true
+  - type: textarea
+    id: motivation
+    attributes:
+      label: Motivation / Use Case
+      description: Why do you want this feature? What problem does it solve?
+    validations:
+      required: true
   - type: textarea
     attributes:
       label: Describe how you would like to see this feature implemented
     validations:
       required: true
+  - type: textarea
+    id: logs
+    attributes:
+      label: Screenshots
+      description: Please attach any relevant screenshots, such as images from your current solution or similar implementations.
+    validations:
+      required: false
+  - type: dropdown
+    id: category
+    attributes:
+      label: Category
+      description: Which category does this relate to most?
+      options:
+        - Metrics
+        - Charts & Visualization
+        - Settings & Configuration
+        - Notifications & Alerts
+        - Authentication
+        - Installation
+        - Performance
+        - UI / UX
+        - Other
+    validations:
+      required: true
+  - type: dropdown
+    id: metrics
+    attributes:
+      label: Affected Metrics
+      description: If applicable, which specific metric does this relate to most?
+      options:
+        - CPU
+        - Memory
+        - Storage
+        - Network
+        - Containers
+        - GPU
+        - Sensors
+        - Other
+    validations:
+      required: true

.github/pull_request_template.md

@@ -0,0 +1,33 @@
+## 📃 Description
+
+A short description of the pull request changes should go here and the sections below should list in detail all changes. You can remove the sections you don't need.
+
+## 📖 Documentation
+
+Add a link to the PR for [documentation](https://github.com/henrygd/beszel-docs) changes.
+
+## 🪵 Changelog
+
+### ➕ Added
+
+- one
+- two
+
+### ✏️ Changed
+
+- one
+- two
+
+### 🔧 Fixed
+
+- one
+- two
+
+### 🗑️ Removed
+
+- one
+- two
+
+## 📷 Screenshots
+
+If this PR has any UI/UX changes it's strongly suggested you add screenshots here.

.github/workflows/docker-images.yml

@@ -13,29 +13,49 @@ jobs:
       matrix:
         include:
           - image: henrygd/beszel
-            context: ./beszel
-            dockerfile: ./beszel/dockerfile_Hub
+            context: ./
+            dockerfile: ./src/dockerfile_hub
             registry: docker.io
             username_secret: DOCKERHUB_USERNAME
             password_secret: DOCKERHUB_TOKEN
+
           - image: henrygd/beszel-agent
-            context: ./beszel
-            dockerfile: ./beszel/dockerfile_Agent
+            context: ./
+            dockerfile: ./src/dockerfile_agent
             registry: docker.io
             username_secret: DOCKERHUB_USERNAME
             password_secret: DOCKERHUB_TOKEN
+
+          - image: henrygd/beszel-agent-nvidia
+            context: ./
+            dockerfile: ./src/dockerfile_agent_nvidia
+            platforms: linux/amd64
+            registry: docker.io
+            username_secret: DOCKERHUB_USERNAME
+            password_secret: DOCKERHUB_TOKEN
+
           - image: ghcr.io/${{ github.repository }}/beszel
-            context: ./beszel
-            dockerfile: ./beszel/dockerfile_Hub
+            context: ./
+            dockerfile: ./src/dockerfile_hub
             registry: ghcr.io
             username: ${{ github.actor }}
             password_secret: GITHUB_TOKEN
+
           - image: ghcr.io/${{ github.repository }}/beszel-agent
-            context: ./beszel
-            dockerfile: ./beszel/dockerfile_Agent
+            context: ./
+            dockerfile: ./src/dockerfile_agent
             registry: ghcr.io
             username: ${{ github.actor }}
             password_secret: GITHUB_TOKEN
+
+          - image: ghcr.io/${{ github.repository }}/beszel-agent-nvidia
+            context: ./
+            dockerfile: ./src/dockerfile_agent_nvidia
+            platforms: linux/amd64
+            registry: ghcr.io
+            username: ${{ github.actor }}
+            password_secret: GITHUB_TOKEN
+
     permissions:
       contents: read
       packages: write
@@ -48,10 +68,10 @@ jobs:
         uses: oven-sh/setup-bun@v2
 
       - name: Install dependencies
-        run: bun install --no-save --cwd ./beszel/site
+        run: bun install --no-save --cwd ./src/site
 
       - name: Build site
-        run: bun run --cwd ./beszel/site build
+        run: bun run --cwd ./src/site build
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
@@ -65,7 +85,7 @@ jobs:
         with:
           images: ${{ matrix.image }}
           tags: |
-            type=edge,enable=true
+            type=raw,value=edge
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
@@ -73,7 +93,9 @@ jobs:
 
       # https://github.com/docker/login-action
       - name: Login to Docker Hub
-        if: github.event_name != 'pull_request'
+        env:
+          password_secret_exists: ${{ secrets[matrix.password_secret] != '' && 'true' || 'false' }}
+        if: github.event_name != 'pull_request' && env.password_secret_exists == 'true'
         uses: docker/login-action@v3
         with:
           username: ${{ matrix.username || secrets[matrix.username_secret] }}
@@ -87,7 +109,7 @@ jobs:
         with:
           context: "${{ matrix.context }}"
           file: ${{ matrix.dockerfile }}
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
-          push: ${{ github.ref_type == 'tag' }}
+          platforms: ${{ matrix.platforms || 'linux/amd64,linux/arm64,linux/arm/v7' }}
+          push: ${{ github.ref_type == 'tag' && secrets[matrix.password_secret] != '' }}
           tags: ${{ steps.metadata.outputs.tags }}
           labels: ${{ steps.metadata.outputs.labels }}

.github/workflows/inactivity-actions.yml

@@ -0,0 +1,43 @@
+name: 'Issue and PR Maintenance'
+
+on:
+  schedule:
+    - cron: '0 0 * * *'   # runs at midnight UTC
+  workflow_dispatch:
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  close-stale:
+    name: Close Stale Issues
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Close Stale Issues
+        uses: actions/stale@v9
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+
+          # Messaging
+          stale-issue-message: >
+            👋 This issue has been automatically marked as stale due to inactivity.
+            If this issue is still relevant, please comment to keep it open.
+            Without activity, it will be closed in 7 days.
+
+          close-issue-message: >
+            🔒 This issue has been automatically closed due to prolonged inactivity.
+            Feel free to open a new issue if you have further questions or concerns.
+
+          # Timing
+          days-before-issue-stale: 14
+          days-before-issue-close: 7
+
+          # Labels
+          stale-issue-label: 'stale'
+          remove-stale-when-updated: true
+          only-issue-labels: 'awaiting-requester'
+
+          # Exemptions
+          exempt-assignees: true
+          exempt-milestones: true

.github/workflows/label-from-dropdown.yml

@@ -0,0 +1,82 @@
+name: Label issues from dropdowns
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  label_from_dropdown:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+    steps:
+      - name: Apply labels based on dropdown choices
+        uses: actions/github-script@v7
+        with:
+          script: |
+
+            const issueNumber = context.issue.number;
+            const owner = context.repo.owner;
+            const repo = context.repo.repo;
+
+            // Get the issue body
+            const body = context.payload.issue.body;
+
+            // Helper to find dropdown value in the body (assuming markdown format)
+            function extractSectionValue(heading) {
+              const regex = new RegExp(`### ${heading}\\s+([\\s\\S]*?)(?:\\n###|$)`, 'i');
+              const match = body.match(regex);
+              if (match) {
+                // Get the first non-empty line after the heading
+                const lines = match[1].split('\n').map(l => l.trim()).filter(Boolean);
+                return lines[0] || null;
+              }
+              return null;
+            }
+
+            // Extract dropdown selections
+            const category = extractSectionValue('Category');
+            const metrics = extractSectionValue('Affected Metrics');
+            const component = extractSectionValue('Component');
+
+            // Build labels to add
+            let labelsToAdd = [];
+            if (category) labelsToAdd.push(category);
+            if (metrics) labelsToAdd.push(metrics);
+            if (component) labelsToAdd.push(component);
+
+            // Get existing labels in the repo
+            const { data: existingLabels } = await github.rest.issues.listLabelsForRepo({
+              owner,
+              repo,
+              per_page: 100
+            });
+            const existingLabelNames = existingLabels.map(l => l.name);
+
+            // Find labels that need to be created
+            const labelsToCreate = labelsToAdd.filter(label => !existingLabelNames.includes(label));
+
+            // Create missing labels (with a default color)
+            for (const label of labelsToCreate) {
+              try {
+                await github.rest.issues.createLabel({
+                  owner,
+                  repo,
+                  name: label,
+                  color: 'ededed' // light gray, you can pick any hex color
+                });
+              } catch (e) {
+                // Ignore if label already exists (race condition), otherwise rethrow
+                if (!e || e.status !== 422) throw e;
+              }
+            }
+
+            // Now apply all labels (they all exist now)
+            if (labelsToAdd.length > 0) {
+              await github.rest.issues.addLabels({
+                owner,
+                repo,
+                issue_number: issueNumber,
+                labels: labelsToAdd
+              });
+            } 

.github/workflows/release.yml

@@ -3,7 +3,7 @@ name: Make release and binaries
 on:
   push:
     tags:
-      - 'v*'
+      - "v*"
 
 permissions:
   contents: write
@@ -21,22 +21,34 @@ jobs:
         uses: oven-sh/setup-bun@v2
 
       - name: Install dependencies
-        run: bun install --no-save --cwd ./beszel/site
+        run: bun install --no-save --cwd ./src/site
 
       - name: Build site
-        run: bun run --cwd ./beszel/site build
+        run: bun run --cwd ./src/site build
 
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
-          go-version: '^1.22.1'
+          go-version: "^1.22.1"
+
+      - name: Set up .NET
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: "9.0.x"
+
+      - name: Build .NET LHM executable for Windows sensors
+        run: |
+          dotnet build -c Release ./agent/lhm/beszel_lhm.csproj
+        shell: bash
 
       - name: GoReleaser beszel
         uses: goreleaser/goreleaser-action@v6
         with:
-          workdir: ./beszel
+          workdir: ./
           distribution: goreleaser
           version: latest
           args: release --clean
         env:
           GITHUB_TOKEN: ${{ secrets.TOKEN || secrets.GITHUB_TOKEN }}
+          WINGET_TOKEN: ${{ secrets.WINGET_TOKEN }}
+          IS_FORK: ${{ github.repository_owner != 'henrygd' }}

.github/workflows/vulncheck.yml

@@ -15,7 +15,7 @@ permissions:
 
 jobs:
   vulncheck:
-    name: Analysis
+    name: VulnCheck
     runs-on: ubuntu-latest
     steps:
       - name: Check out code into the Go module directory
@@ -23,8 +23,8 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
-          go-version: 1.24.x
-          cached: false
+          go-version: 1.25.x
+          # cached: false
       - name: Get official govulncheck
         run: go install golang.org/x/vuln/cmd/govulncheck@latest
         shell: bash

.gitignore

@@ -8,12 +8,15 @@ beszel_data
 beszel_data*
 dist
 *.exe
-beszel/cmd/hub/hub
-beszel/cmd/agent/agent
+src/cmd/hub/hub
+src/cmd/agent/agent
 node_modules
-beszel/build
+build
 *timestamp*
 .swc
-beszel/site/src/locales/**/*.ts
+src/site/src/locales/**/*.ts
 *.bak
 __debug_*
+agent/lhm/obj
+agent/lhm/bin
+dockerfile_agent_dev

.goreleaser.yml

@@ -9,7 +9,7 @@ before:
 builds:
   - id: beszel
     binary: beszel
-    main: cmd/hub/hub.go
+    main: src/cmd/hub/hub.go
     env:
       - CGO_ENABLED=0
     goos:
@@ -22,7 +22,7 @@ builds:
 
   - id: beszel-agent
     binary: beszel-agent
-    main: cmd/agent/agent.go
+    main: src/cmd/agent/agent.go
     env:
       - CGO_ENABLED=0
     goos:
@@ -38,12 +38,25 @@ builds:
       - mips64
       - riscv64
       - mipsle
+      - mips
       - ppc64le
+    gomips:
+      - hardfloat
+      - softfloat
     ignore:
       - goos: freebsd
         goarch: arm
       - goos: openbsd
         goarch: arm
+      - goos: linux
+        goarch: mips64
+        gomips: softfloat
+      - goos: linux
+        goarch: mipsle
+        gomips: hardfloat
+      - goos: linux
+        goarch: mips
+        gomips: hardfloat
       - goos: windows
         goarch: arm
       - goos: darwin
@@ -54,7 +67,7 @@ builds:
 archives:
   - id: beszel-agent
     formats: [tar.gz]
-    builds:
+    ids:
       - beszel-agent
     name_template: >-
       {{ .Binary }}_
@@ -66,7 +79,7 @@ archives:
 
   - id: beszel
     formats: [tar.gz]
-    builds:
+    ids:
       - beszel
     name_template: >-
       {{ .Binary }}_
@@ -85,33 +98,33 @@ nfpms:
       API access.
     maintainer: henrygd <hank@henrygd.me>
     section: net
-    builds:
+    ids:
       - beszel-agent
     formats:
       - deb
     contents:
-      - src: ../supplemental/debian/beszel-agent.service
+      - src: ./supplemental/debian/beszel-agent.service
         dst: lib/systemd/system/beszel-agent.service
         packager: deb
-      - src: ../supplemental/debian/copyright
+      - src: ./supplemental/debian/copyright
         dst: usr/share/doc/beszel-agent/copyright
         packager: deb
-      - src: ../supplemental/debian/lintian-overrides
+      - src: ./supplemental/debian/lintian-overrides
         dst: usr/share/lintian/overrides/beszel-agent
         packager: deb
     scripts:
-      postinstall: ../supplemental/debian/postinstall.sh
-      preremove: ../supplemental/debian/prerm.sh
-      postremove: ../supplemental/debian/postrm.sh
+      postinstall: ./supplemental/debian/postinstall.sh
+      preremove: ./supplemental/debian/prerm.sh
+      postremove: ./supplemental/debian/postrm.sh
     deb:
       predepends:
         - adduser
         - debconf
       scripts:
-        templates: ../supplemental/debian/templates
+        templates: ./supplemental/debian/templates
         # Currently broken due to a bug in goreleaser
         # https://github.com/goreleaser/goreleaser/issues/5487
-        #config: ../supplemental/debian/config.sh
+        #config: ./supplemental/debian/config.sh
 
 scoops:
   - ids: [beszel-agent]
@@ -119,9 +132,10 @@ scoops:
     repository:
       owner: henrygd
       name: beszel-scoops
-    homepage: 'https://beszel.dev'
-    description: 'Agent for Beszel, a lightweight server monitoring platform.'
+    homepage: "https://beszel.dev"
+    description: "Agent for Beszel, a lightweight server monitoring platform."
     license: MIT
+    skip_upload: '{{ if eq (tolower .Env.IS_FORK) "true" }}true{{ else }}auto{{ end }}'
 
 # # Needs choco installed, so doesn't build on linux / default gh workflow :(
 # chocolateys:
@@ -152,9 +166,10 @@ brews:
     repository:
       owner: henrygd
       name: homebrew-beszel
-    homepage: 'https://beszel.dev'
-    description: 'Agent for Beszel, a lightweight server monitoring platform.'
+    homepage: "https://beszel.dev"
+    description: "Agent for Beszel, a lightweight server monitoring platform."
     license: MIT
+    skip_upload: '{{ if eq (tolower .Env.IS_FORK) "true" }}true{{ else }}auto{{ end }}'
     extra_install: |
       (bin/"beszel-agent-launcher").write <<~EOS
         #!/bin/bash
@@ -172,7 +187,6 @@ brews:
       error_log_path "#{Dir.home}/.cache/beszel/beszel-agent.log"
       keep_alive true
       restart_delay 5
-      name beszel-agent
       process_type :background
 
 winget:
@@ -181,13 +195,13 @@ winget:
     package_identifier: henrygd.beszel-agent
     publisher: henrygd
     license: MIT
-    license_url: 'https://github.com/henrygd/beszel/blob/main/LICENSE'
-    copyright: '2025 henrygd'
-    homepage: 'https://beszel.dev'
-    release_notes_url: 'https://github.com/henrygd/beszel/releases/tag/v{{ .Version }}'
-    publisher_support_url: 'https://github.com/henrygd/beszel/issues'
-    short_description: 'Agent for Beszel, a lightweight server monitoring platform.'
-    skip_upload: auto
+    license_url: "https://github.com/henrygd/beszel/blob/main/LICENSE"
+    copyright: "2025 henrygd"
+    homepage: "https://beszel.dev"
+    release_notes_url: "https://github.com/henrygd/beszel/releases/tag/v{{ .Version }}"
+    publisher_support_url: "https://github.com/henrygd/beszel/issues"
+    short_description: "Agent for Beszel, a lightweight server monitoring platform."
+    skip_upload: '{{ if eq (tolower .Env.IS_FORK) "true" }}true{{ else }}auto{{ end }}'
     description: |
       Beszel is a lightweight server monitoring platform that includes Docker
       statistics, historical data, and alert functions. It has a friendly web
@@ -202,13 +216,14 @@ winget:
       owner: henrygd
       name: beszel-winget
       branch: henrygd.beszel-agent-{{ .Version }}
-      pull_request:
-        enabled: false
-        draft: false
-        base:
-          owner: microsoft
-          name: winget-pkgs
-          branch: master
+      token: "{{ .Env.WINGET_TOKEN }}"
+      # pull_request:
+      #   enabled: true
+      #   draft: false
+      #   base:
+      #     owner: microsoft
+      #     name: winget-pkgs
+      #     branch: master
 
 release:
   draft: true
@@ -218,5 +233,5 @@ changelog:
   sort: asc
   filters:
     exclude:
-      - '^docs:'
-      - '^test:'
+      - "^docs:"
+      - "^test:"

Makefile

@@ -0,0 +1,102 @@
+# Default OS/ARCH values
+OS ?= $(shell go env GOOS)
+ARCH ?= $(shell go env GOARCH)
+# Skip building the web UI if true
+SKIP_WEB ?= false
+
+# Set executable extension based on target OS
+EXE_EXT := $(if $(filter windows,$(OS)),.exe,)
+
+.PHONY: tidy build-agent build-hub build-hub-dev build clean lint dev-server dev-agent dev-hub dev generate-locales
+.DEFAULT_GOAL := build
+
+clean:
+	go clean
+	rm -rf ./build
+
+lint:
+	golangci-lint run
+
+test: export GOEXPERIMENT=synctest
+test:
+	go test -tags=testing ./...
+
+tidy:
+	go mod tidy
+
+build-web-ui:
+	@if command -v bun >/dev/null 2>&1; then \
+		bun install --cwd ./src/site && \
+		bun run --cwd ./src/site build; \
+	else \
+		npm install --prefix ./src/site && \
+		npm run --prefix ./src/site build; \
+	fi
+
+# Conditional .NET build - only for Windows
+build-dotnet-conditional:
+	@if [ "$(OS)" = "windows" ]; then \
+		echo "Building .NET executable for Windows..."; \
+		if command -v dotnet >/dev/null 2>&1; then \
+			rm -rf ./agent/lhm/bin; \
+			dotnet build -c Release ./agent/lhm/beszel_lhm.csproj; \
+		else \
+			echo "Error: dotnet not found. Install .NET SDK to build Windows agent."; \
+			exit 1; \
+		fi; \
+	fi
+
+# Update build-agent to include conditional .NET build
+build-agent: tidy build-dotnet-conditional
+	GOOS=$(OS) GOARCH=$(ARCH) go build -o ./build/beszel-agent_$(OS)_$(ARCH)$(EXE_EXT) -ldflags "-w -s" ./src/cmd/agent
+
+build-hub: tidy $(if $(filter false,$(SKIP_WEB)),build-web-ui)
+	GOOS=$(OS) GOARCH=$(ARCH) go build -o ./build/beszel_$(OS)_$(ARCH)$(EXE_EXT) -ldflags "-w -s" ./src/cmd/hub
+
+build-hub-dev: tidy
+	mkdir -p ./src/site/dist && touch ./src/site/dist/index.html
+	GOOS=$(OS) GOARCH=$(ARCH) go build -tags development -o ./build/beszel-dev_$(OS)_$(ARCH)$(EXE_EXT) -ldflags "-w -s" ./src/cmd/hub
+
+build: build-agent build-hub
+
+generate-locales:
+	@if [ ! -f ./src/site/src/locales/en/en.ts ]; then \
+		echo "Generating locales..."; \
+		command -v bun >/dev/null 2>&1 && cd ./src/site && bun install && bun run sync || cd ./src/site && npm install && npm run sync; \
+	fi
+
+dev-server: generate-locales
+	cd ./src/site
+	@if command -v bun >/dev/null 2>&1; then \
+		cd ./src/site && bun run dev --host 0.0.0.0; \
+	else \
+		cd ./src/site && npm run dev --host 0.0.0.0; \
+	fi
+
+dev-hub: export ENV=dev
+dev-hub:
+	mkdir -p ./src/site/dist && touch ./src/site/dist/index.html
+	@if command -v entr >/dev/null 2>&1; then \
+		find ./src/cmd/hub/*.go ./src/{alerts,hub,records,users}/*.go | entr -r -s "cd ./src/cmd/hub && go run -tags development . serve --http 0.0.0.0:8090"; \
+	else \
+		cd ./src/cmd/hub && go run -tags development . serve --http 0.0.0.0:8090; \
+	fi
+
+dev-agent:
+	@if command -v entr >/dev/null 2>&1; then \
+		find ./src/cmd/agent/*.go ./agent/*.go | entr -r go run github.com/henrygd/beszel/src/cmd/agent; \
+	else \
+		go run github.com/henrygd/beszel/src/cmd/agent; \
+	fi
+	
+build-dotnet:
+	@if command -v dotnet >/dev/null 2>&1; then \
+		rm -rf ./agent/lhm/bin; \
+		dotnet build -c Release ./agent/lhm/beszel_lhm.csproj; \
+	else \
+		echo "dotnet not found"; \
+	fi
+
+
+# KEY="..." make -j dev
+dev: dev-server dev-hub dev-agent

agent/agent.go

@@ -2,8 +2,6 @@
 package agent
 
 import (
-	"beszel"
-	"beszel/internal/entities/system"
 	"crypto/sha256"
 	"encoding/hex"
 	"log/slog"
@@ -14,6 +12,8 @@ import (
 	"time"
 
 	"github.com/gliderlabs/ssh"
+	"github.com/henrygd/beszel"
+	"github.com/henrygd/beszel/src/entities/system"
 	"github.com/shirou/gopsutil/v4/host"
 	gossh "golang.org/x/crypto/ssh"
 )
@@ -40,13 +40,13 @@ type Agent struct {
 
 // NewAgent creates a new agent with the given data directory for persisting data.
 // If the data directory is not set, it will attempt to find the optimal directory.
-func NewAgent(dataDir string) (agent *Agent, err error) {
+func NewAgent(dataDir ...string) (agent *Agent, err error) {
 	agent = &Agent{
 		fsStats: make(map[string]*system.FsStats),
 		cache:   NewSessionCache(69 * time.Second),
 	}
 
-	agent.dataDir, err = getDataDir(dataDir)
+	agent.dataDir, err = getDataDir(dataDir...)
 	if err != nil {
 		slog.Warn("Data directory not found")
 	} else {
@@ -113,37 +113,37 @@ func (a *Agent) gatherStats(sessionID string) *system.CombinedData {
 	a.Lock()
 	defer a.Unlock()
 
-	cachedData, ok := a.cache.Get(sessionID)
-	if ok {
-		slog.Debug("Cached stats", "session", sessionID)
-		return cachedData
+	data, isCached := a.cache.Get(sessionID)
+	if isCached {
+		slog.Debug("Cached data", "session", sessionID)
+		return data
 	}
 
-	*cachedData = system.CombinedData{
+	*data = system.CombinedData{
 		Stats: a.getSystemStats(),
 		Info:  a.systemInfo,
 	}
-	slog.Debug("System stats", "data", cachedData)
+	slog.Debug("System data", "data", data)
 
 	if a.dockerManager != nil {
 		if containerStats, err := a.dockerManager.getDockerStats(); err == nil {
-			cachedData.Containers = containerStats
-			slog.Debug("Docker stats", "data", cachedData.Containers)
+			data.Containers = containerStats
+			slog.Debug("Containers", "data", data.Containers)
 		} else {
-			slog.Debug("Docker stats", "err", err)
+			slog.Debug("Containers", "err", err)
 		}
 	}
 
-	cachedData.Stats.ExtraFs = make(map[string]*system.FsStats)
+	data.Stats.ExtraFs = make(map[string]*system.FsStats)
 	for name, stats := range a.fsStats {
 		if !stats.Root && stats.DiskTotal > 0 {
-			cachedData.Stats.ExtraFs[name] = stats
+			data.Stats.ExtraFs[name] = stats
 		}
 	}
-	slog.Debug("Extra filesystems", "data", cachedData.Stats.ExtraFs)
+	slog.Debug("Extra FS", "data", data.Stats.ExtraFs)
 
-	a.cache.Set(sessionID, cachedData)
-	return cachedData
+	a.cache.Set(sessionID, data)
+	return data
 }
 
 // StartAgent initializes and starts the agent with optional WebSocket connection

agent/agent_cache.go

@@ -1,8 +1,9 @@
 package agent
 
 import (
-	"beszel/internal/entities/system"
 	"time"
+
+	"github.com/henrygd/beszel/src/entities/system"
 )
 
 // Not thread safe since we only access from gatherStats which is already locked

agent/agent_cache_test.go

@@ -4,17 +4,18 @@
 package agent
 
 import (
-	"beszel/internal/entities/system"
 	"testing"
 	"testing/synctest"
 	"time"
 
+	"github.com/henrygd/beszel/src/entities/system"
+
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
 func TestSessionCache_GetSet(t *testing.T) {
-	synctest.Run(func() {
+	synctest.Test(t, func(t *testing.T) {
 		cache := NewSessionCache(69 * time.Second)
 
 		testData := &system.CombinedData{

agent/battery/battery.go

@@ -0,0 +1,53 @@
+//go:build !freebsd
+
+// Package battery provides functions to check if the system has a battery and to get the battery stats.
+package battery
+
+import (
+	"errors"
+	"log/slog"
+
+	"github.com/distatus/battery"
+)
+
+var systemHasBattery = false
+var haveCheckedBattery = false
+
+// HasReadableBattery checks if the system has a battery and returns true if it does.
+func HasReadableBattery() bool {
+	if haveCheckedBattery {
+		return systemHasBattery
+	}
+	haveCheckedBattery = true
+	bat, err := battery.Get(0)
+	if err == nil && bat != nil {
+		systemHasBattery = true
+	} else {
+		slog.Debug("No battery found", "err", err)
+	}
+	return systemHasBattery
+}
+
+// GetBatteryStats returns the current battery percent and charge state
+func GetBatteryStats() (batteryPercent uint8, batteryState uint8, err error) {
+	if !systemHasBattery {
+		return batteryPercent, batteryState, errors.ErrUnsupported
+	}
+	batteries, err := battery.GetAll()
+	if err != nil || len(batteries) == 0 {
+		return batteryPercent, batteryState, err
+	}
+	totalCapacity := float64(0)
+	totalCharge := float64(0)
+	for _, bat := range batteries {
+		if bat.Design != 0 {
+			totalCapacity += bat.Design
+		} else {
+			totalCapacity += bat.Full
+		}
+		totalCharge += bat.Current
+	}
+	batteryPercent = uint8(totalCharge / totalCapacity * 100)
+	batteryState = uint8(batteries[0].State.Raw)
+	return batteryPercent, batteryState, nil
+}

agent/battery/battery_freebsd.go

@@ -0,0 +1,13 @@
+//go:build freebsd
+
+package battery
+
+import "errors"
+
+func HasReadableBattery() bool {
+	return false
+}
+
+func GetBatteryStats() (uint8, uint8, error) {
+	return 0, 0, errors.ErrUnsupported
+}

agent/client.go

@@ -1,8 +1,6 @@
 package agent
 
 import (
-	"beszel"
-	"beszel/internal/common"
 	"crypto/tls"
 	"errors"
 	"fmt"
@@ -10,10 +8,14 @@ import (
 	"net"
 	"net/http"
 	"net/url"
+	"os"
 	"path"
 	"strings"
 	"time"
 
+	"github.com/henrygd/beszel"
+	"github.com/henrygd/beszel/src/common"
+
 	"github.com/fxamacker/cbor/v2"
 	"github.com/lxzan/gws"
 	"golang.org/x/crypto/ssh"
@@ -53,9 +55,9 @@ func newWebSocketClient(agent *Agent) (client *WebSocketClient, err error) {
 		return nil, errors.New("invalid hub URL")
 	}
 	// get registration token
-	client.token, _ = GetEnv("TOKEN")
-	if client.token == "" {
-		return nil, errors.New("TOKEN environment variable not set")
+	client.token, err = getToken()
+	if err != nil {
+		return nil, err
 	}
 
 	client.agent = agent
@@ -65,6 +67,27 @@ func newWebSocketClient(agent *Agent) (client *WebSocketClient, err error) {
 	return client, nil
 }
 
+// getToken returns the token for the WebSocket client.
+// It first checks the TOKEN environment variable, then the TOKEN_FILE environment variable.
+// If neither is set, it returns an error.
+func getToken() (string, error) {
+	// get token from env var
+	token, _ := GetEnv("TOKEN")
+	if token != "" {
+		return token, nil
+	}
+	// get token from file
+	tokenFile, _ := GetEnv("TOKEN_FILE")
+	if tokenFile == "" {
+		return "", errors.New("must set TOKEN or TOKEN_FILE")
+	}
+	tokenBytes, err := os.ReadFile(tokenFile)
+	if err != nil {
+		return "", err
+	}
+	return string(tokenBytes), nil
+}
+
 // getOptions returns the WebSocket client options, creating them if necessary.
 // It configures the connection URL, TLS settings, and authentication headers.
 func (client *WebSocketClient) getOptions() *gws.ClientOption {

agent/client_test.go

@@ -0,0 +1,540 @@
+//go:build testing
+// +build testing
+
+package agent
+
+import (
+	"crypto/ed25519"
+	"net/url"
+	"os"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/henrygd/beszel"
+
+	"github.com/henrygd/beszel/src/common"
+
+	"github.com/fxamacker/cbor/v2"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"golang.org/x/crypto/ssh"
+)
+
+// TestNewWebSocketClient tests WebSocket client creation
+func TestNewWebSocketClient(t *testing.T) {
+	agent := createTestAgent(t)
+
+	testCases := []struct {
+		name        string
+		hubURL      string
+		token       string
+		expectError bool
+		errorMsg    string
+	}{
+		{
+			name:        "valid configuration",
+			hubURL:      "http://localhost:8080",
+			token:       "test-token-123",
+			expectError: false,
+		},
+		{
+			name:        "valid https URL",
+			hubURL:      "https://hub.example.com",
+			token:       "secure-token",
+			expectError: false,
+		},
+		{
+			name:        "missing hub URL",
+			hubURL:      "",
+			token:       "test-token",
+			expectError: true,
+			errorMsg:    "HUB_URL environment variable not set",
+		},
+		{
+			name:        "invalid URL",
+			hubURL:      "ht\ttp://invalid",
+			token:       "test-token",
+			expectError: true,
+			errorMsg:    "invalid hub URL",
+		},
+		{
+			name:        "missing token",
+			hubURL:      "http://localhost:8080",
+			token:       "",
+			expectError: true,
+			errorMsg:    "must set TOKEN or TOKEN_FILE",
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			// Set up environment
+			if tc.hubURL != "" {
+				os.Setenv("BESZEL_AGENT_HUB_URL", tc.hubURL)
+			} else {
+				os.Unsetenv("BESZEL_AGENT_HUB_URL")
+			}
+			if tc.token != "" {
+				os.Setenv("BESZEL_AGENT_TOKEN", tc.token)
+			} else {
+				os.Unsetenv("BESZEL_AGENT_TOKEN")
+			}
+			defer func() {
+				os.Unsetenv("BESZEL_AGENT_HUB_URL")
+				os.Unsetenv("BESZEL_AGENT_TOKEN")
+			}()
+
+			client, err := newWebSocketClient(agent)
+
+			if tc.expectError {
+				assert.Error(t, err)
+				if err != nil && tc.errorMsg != "" {
+					assert.Contains(t, err.Error(), tc.errorMsg)
+				}
+				assert.Nil(t, client)
+			} else {
+				require.NoError(t, err)
+				assert.NotNil(t, client)
+				assert.Equal(t, agent, client.agent)
+				assert.Equal(t, tc.token, client.token)
+				assert.Equal(t, tc.hubURL, client.hubURL.String())
+				assert.NotEmpty(t, client.fingerprint)
+				assert.NotNil(t, client.hubRequest)
+			}
+		})
+	}
+}
+
+// TestWebSocketClient_GetOptions tests WebSocket client options configuration
+func TestWebSocketClient_GetOptions(t *testing.T) {
+	agent := createTestAgent(t)
+
+	testCases := []struct {
+		name           string
+		inputURL       string
+		expectedScheme string
+		expectedPath   string
+	}{
+		{
+			name:           "http to ws conversion",
+			inputURL:       "http://localhost:8080",
+			expectedScheme: "ws",
+			expectedPath:   "/api/beszel/agent-connect",
+		},
+		{
+			name:           "https to wss conversion",
+			inputURL:       "https://hub.example.com",
+			expectedScheme: "wss",
+			expectedPath:   "/api/beszel/agent-connect",
+		},
+		{
+			name:           "existing path preservation",
+			inputURL:       "http://localhost:8080/custom/path",
+			expectedScheme: "ws",
+			expectedPath:   "/custom/path/api/beszel/agent-connect",
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			// Set up environment
+			os.Setenv("BESZEL_AGENT_HUB_URL", tc.inputURL)
+			os.Setenv("BESZEL_AGENT_TOKEN", "test-token")
+			defer func() {
+				os.Unsetenv("BESZEL_AGENT_HUB_URL")
+				os.Unsetenv("BESZEL_AGENT_TOKEN")
+			}()
+
+			client, err := newWebSocketClient(agent)
+			require.NoError(t, err)
+
+			options := client.getOptions()
+
+			// Parse the WebSocket URL
+			wsURL, err := url.Parse(options.Addr)
+			require.NoError(t, err)
+
+			assert.Equal(t, tc.expectedScheme, wsURL.Scheme)
+			assert.Equal(t, tc.expectedPath, wsURL.Path)
+
+			// Check headers
+			assert.Equal(t, "test-token", options.RequestHeader.Get("X-Token"))
+			assert.Equal(t, beszel.Version, options.RequestHeader.Get("X-Beszel"))
+			assert.Contains(t, options.RequestHeader.Get("User-Agent"), "Mozilla/5.0")
+
+			// Test options caching
+			options2 := client.getOptions()
+			assert.Same(t, options, options2, "Options should be cached")
+		})
+	}
+}
+
+// TestWebSocketClient_VerifySignature tests signature verification
+func TestWebSocketClient_VerifySignature(t *testing.T) {
+	agent := createTestAgent(t)
+
+	// Generate test key pairs
+	_, goodPrivKey, err := ed25519.GenerateKey(nil)
+	require.NoError(t, err)
+	goodPubKey, err := ssh.NewPublicKey(goodPrivKey.Public().(ed25519.PublicKey))
+	require.NoError(t, err)
+
+	_, badPrivKey, err := ed25519.GenerateKey(nil)
+	require.NoError(t, err)
+	badPubKey, err := ssh.NewPublicKey(badPrivKey.Public().(ed25519.PublicKey))
+	require.NoError(t, err)
+
+	// Set up environment
+	os.Setenv("BESZEL_AGENT_HUB_URL", "http://localhost:8080")
+	os.Setenv("BESZEL_AGENT_TOKEN", "test-token")
+	defer func() {
+		os.Unsetenv("BESZEL_AGENT_HUB_URL")
+		os.Unsetenv("BESZEL_AGENT_TOKEN")
+	}()
+
+	client, err := newWebSocketClient(agent)
+	require.NoError(t, err)
+
+	testCases := []struct {
+		name        string
+		keys        []ssh.PublicKey
+		token       string
+		signWith    ed25519.PrivateKey
+		expectError bool
+	}{
+		{
+			name:        "valid signature with correct key",
+			keys:        []ssh.PublicKey{goodPubKey},
+			token:       "test-token",
+			signWith:    goodPrivKey,
+			expectError: false,
+		},
+		{
+			name:        "invalid signature with wrong key",
+			keys:        []ssh.PublicKey{goodPubKey},
+			token:       "test-token",
+			signWith:    badPrivKey,
+			expectError: true,
+		},
+		{
+			name:        "valid signature with multiple keys",
+			keys:        []ssh.PublicKey{badPubKey, goodPubKey},
+			token:       "test-token",
+			signWith:    goodPrivKey,
+			expectError: false,
+		},
+		{
+			name:        "no valid keys",
+			keys:        []ssh.PublicKey{badPubKey},
+			token:       "test-token",
+			signWith:    goodPrivKey,
+			expectError: true,
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			// Set up agent with test keys
+			agent.keys = tc.keys
+			client.token = tc.token
+
+			// Create signature
+			signature := ed25519.Sign(tc.signWith, []byte(tc.token))
+
+			err := client.verifySignature(signature)
+
+			if tc.expectError {
+				assert.Error(t, err)
+				assert.Contains(t, err.Error(), "invalid signature")
+			} else {
+				assert.NoError(t, err)
+			}
+		})
+	}
+}
+
+// TestWebSocketClient_HandleHubRequest tests hub request routing (basic verification logic)
+func TestWebSocketClient_HandleHubRequest(t *testing.T) {
+	agent := createTestAgent(t)
+
+	// Set up environment
+	os.Setenv("BESZEL_AGENT_HUB_URL", "http://localhost:8080")
+	os.Setenv("BESZEL_AGENT_TOKEN", "test-token")
+	defer func() {
+		os.Unsetenv("BESZEL_AGENT_HUB_URL")
+		os.Unsetenv("BESZEL_AGENT_TOKEN")
+	}()
+
+	client, err := newWebSocketClient(agent)
+	require.NoError(t, err)
+
+	testCases := []struct {
+		name        string
+		action      common.WebSocketAction
+		hubVerified bool
+		expectError bool
+		errorMsg    string
+	}{
+		{
+			name:        "CheckFingerprint without verification",
+			action:      common.CheckFingerprint,
+			hubVerified: false,
+			expectError: false, // CheckFingerprint is allowed without verification
+		},
+		{
+			name:        "GetData without verification",
+			action:      common.GetData,
+			hubVerified: false,
+			expectError: true,
+			errorMsg:    "hub not verified",
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			client.hubVerified = tc.hubVerified
+
+			// Create minimal request
+			hubRequest := &common.HubRequest[cbor.RawMessage]{
+				Action: tc.action,
+				Data:   cbor.RawMessage{},
+			}
+
+			err := client.handleHubRequest(hubRequest)
+
+			if tc.expectError {
+				assert.Error(t, err)
+				if tc.errorMsg != "" {
+					assert.Contains(t, err.Error(), tc.errorMsg)
+				}
+			} else {
+				// For CheckFingerprint, we expect a decode error since we're not providing valid data,
+				// but it shouldn't be the "hub not verified" error
+				if err != nil && tc.errorMsg != "" {
+					assert.NotContains(t, err.Error(), tc.errorMsg)
+				}
+			}
+		})
+	}
+}
+
+// TestWebSocketClient_GetUserAgent tests user agent generation
+func TestGetUserAgent(t *testing.T) {
+	// Run multiple times to check both variants
+	userAgents := make(map[string]bool)
+
+	for range 20 {
+		ua := getUserAgent()
+		userAgents[ua] = true
+
+		// Check that it's a valid Mozilla user agent
+		assert.Contains(t, ua, "Mozilla/5.0")
+		assert.Contains(t, ua, "AppleWebKit/537.36")
+		assert.Contains(t, ua, "Chrome/124.0.0.0")
+		assert.Contains(t, ua, "Safari/537.36")
+
+		// Should contain either Windows or Mac
+		isWindows := strings.Contains(ua, "Windows NT 11.0")
+		isMac := strings.Contains(ua, "Macintosh; Intel Mac OS X 14_0_0")
+		assert.True(t, isWindows || isMac, "User agent should contain either Windows or Mac identifier")
+	}
+
+	// With enough iterations, we should see both variants
+	// though this might occasionally fail
+	if len(userAgents) == 1 {
+		t.Log("Note: Only one user agent variant was generated in this test run")
+	}
+}
+
+// TestWebSocketClient_Close tests connection closing
+func TestWebSocketClient_Close(t *testing.T) {
+	agent := createTestAgent(t)
+
+	// Set up environment
+	os.Setenv("BESZEL_AGENT_HUB_URL", "http://localhost:8080")
+	os.Setenv("BESZEL_AGENT_TOKEN", "test-token")
+	defer func() {
+		os.Unsetenv("BESZEL_AGENT_HUB_URL")
+		os.Unsetenv("BESZEL_AGENT_TOKEN")
+	}()
+
+	client, err := newWebSocketClient(agent)
+	require.NoError(t, err)
+
+	// Test closing with nil connection (should not panic)
+	assert.NotPanics(t, func() {
+		client.Close()
+	})
+}
+
+// TestWebSocketClient_ConnectRateLimit tests connection rate limiting
+func TestWebSocketClient_ConnectRateLimit(t *testing.T) {
+	agent := createTestAgent(t)
+
+	// Set up environment
+	os.Setenv("BESZEL_AGENT_HUB_URL", "http://localhost:8080")
+	os.Setenv("BESZEL_AGENT_TOKEN", "test-token")
+	defer func() {
+		os.Unsetenv("BESZEL_AGENT_HUB_URL")
+		os.Unsetenv("BESZEL_AGENT_TOKEN")
+	}()
+
+	client, err := newWebSocketClient(agent)
+	require.NoError(t, err)
+
+	// Set recent connection attempt
+	client.lastConnectAttempt = time.Now()
+
+	// Test that connection fails quickly due to rate limiting
+	// This won't actually connect but should fail fast
+	err = client.Connect()
+	assert.Error(t, err, "Connection should fail but not hang")
+}
+
+// TestGetToken tests the getToken function with various scenarios
+func TestGetToken(t *testing.T) {
+	unsetEnvVars := func() {
+		os.Unsetenv("BESZEL_AGENT_TOKEN")
+		os.Unsetenv("TOKEN")
+		os.Unsetenv("BESZEL_AGENT_TOKEN_FILE")
+		os.Unsetenv("TOKEN_FILE")
+	}
+
+	t.Run("token from TOKEN environment variable", func(t *testing.T) {
+		unsetEnvVars()
+
+		// Set TOKEN env var
+		expectedToken := "test-token-from-env"
+		os.Setenv("TOKEN", expectedToken)
+		defer os.Unsetenv("TOKEN")
+
+		token, err := getToken()
+		assert.NoError(t, err)
+		assert.Equal(t, expectedToken, token)
+	})
+
+	t.Run("token from BESZEL_AGENT_TOKEN environment variable", func(t *testing.T) {
+		unsetEnvVars()
+
+		// Set BESZEL_AGENT_TOKEN env var (should take precedence)
+		expectedToken := "test-token-from-beszel-env"
+		os.Setenv("BESZEL_AGENT_TOKEN", expectedToken)
+		defer os.Unsetenv("BESZEL_AGENT_TOKEN")
+
+		token, err := getToken()
+		assert.NoError(t, err)
+		assert.Equal(t, expectedToken, token)
+	})
+
+	t.Run("token from TOKEN_FILE", func(t *testing.T) {
+		unsetEnvVars()
+
+		// Create a temporary token file
+		expectedToken := "test-token-from-file"
+		tokenFile, err := os.CreateTemp("", "token-test-*.txt")
+		require.NoError(t, err)
+		defer os.Remove(tokenFile.Name())
+
+		_, err = tokenFile.WriteString(expectedToken)
+		require.NoError(t, err)
+		tokenFile.Close()
+
+		// Set TOKEN_FILE env var
+		os.Setenv("TOKEN_FILE", tokenFile.Name())
+		defer os.Unsetenv("TOKEN_FILE")
+
+		token, err := getToken()
+		assert.NoError(t, err)
+		assert.Equal(t, expectedToken, token)
+	})
+
+	t.Run("token from BESZEL_AGENT_TOKEN_FILE", func(t *testing.T) {
+		unsetEnvVars()
+
+		// Create a temporary token file
+		expectedToken := "test-token-from-beszel-file"
+		tokenFile, err := os.CreateTemp("", "token-test-*.txt")
+		require.NoError(t, err)
+		defer os.Remove(tokenFile.Name())
+
+		_, err = tokenFile.WriteString(expectedToken)
+		require.NoError(t, err)
+		tokenFile.Close()
+
+		// Set BESZEL_AGENT_TOKEN_FILE env var (should take precedence)
+		os.Setenv("BESZEL_AGENT_TOKEN_FILE", tokenFile.Name())
+		defer os.Unsetenv("BESZEL_AGENT_TOKEN_FILE")
+
+		token, err := getToken()
+		assert.NoError(t, err)
+		assert.Equal(t, expectedToken, token)
+	})
+
+	t.Run("TOKEN takes precedence over TOKEN_FILE", func(t *testing.T) {
+		unsetEnvVars()
+
+		// Create a temporary token file
+		fileToken := "token-from-file"
+		tokenFile, err := os.CreateTemp("", "token-test-*.txt")
+		require.NoError(t, err)
+		defer os.Remove(tokenFile.Name())
+
+		_, err = tokenFile.WriteString(fileToken)
+		require.NoError(t, err)
+		tokenFile.Close()
+
+		// Set both TOKEN and TOKEN_FILE
+		envToken := "token-from-env"
+		os.Setenv("TOKEN", envToken)
+		os.Setenv("TOKEN_FILE", tokenFile.Name())
+		defer func() {
+			os.Unsetenv("TOKEN")
+			os.Unsetenv("TOKEN_FILE")
+		}()
+
+		token, err := getToken()
+		assert.NoError(t, err)
+		assert.Equal(t, envToken, token, "TOKEN should take precedence over TOKEN_FILE")
+	})
+
+	t.Run("error when neither TOKEN nor TOKEN_FILE is set", func(t *testing.T) {
+		unsetEnvVars()
+
+		token, err := getToken()
+		assert.Error(t, err)
+		assert.Equal(t, "", token)
+		assert.Contains(t, err.Error(), "must set TOKEN or TOKEN_FILE")
+	})
+
+	t.Run("error when TOKEN_FILE points to non-existent file", func(t *testing.T) {
+		unsetEnvVars()
+
+		// Set TOKEN_FILE to a non-existent file
+		os.Setenv("TOKEN_FILE", "/non/existent/file.txt")
+		defer os.Unsetenv("TOKEN_FILE")
+
+		token, err := getToken()
+		assert.Error(t, err)
+		assert.Equal(t, "", token)
+		assert.Contains(t, err.Error(), "no such file or directory")
+	})
+
+	t.Run("handles empty token file", func(t *testing.T) {
+		unsetEnvVars()
+
+		// Create an empty token file
+		tokenFile, err := os.CreateTemp("", "token-test-*.txt")
+		require.NoError(t, err)
+		defer os.Remove(tokenFile.Name())
+		tokenFile.Close()
+
+		// Set TOKEN_FILE env var
+		os.Setenv("TOKEN_FILE", tokenFile.Name())
+		defer os.Unsetenv("TOKEN_FILE")
+
+		token, err := getToken()
+		assert.NoError(t, err)
+		assert.Equal(t, "", token, "Empty file should return empty string")
+	})
+}

agent/connection_manager.go

@@ -1,13 +1,14 @@
 package agent
 
 import (
-	"beszel/internal/agent/health"
 	"errors"
 	"log/slog"
 	"os"
 	"os/signal"
 	"syscall"
 	"time"
+
+	"github.com/henrygd/beszel/agent/health"
 )
 
 // ConnectionManager manages the connection state and events for the agent.

agent/data_dir.go

@@ -9,35 +9,30 @@ import (
 )
 
 // getDataDir returns the path to the data directory for the agent and an error
-// if the directory is not valid. Pass an empty string to attempt to find the
-// optimal data directory.
-func getDataDir(dataDir string) (string, error) {
-	if dataDir == "" {
-		dataDir, _ = GetEnv("DATA_DIR")
+// if the directory is not valid. Attempts to find the optimal data directory if
+// no data directories are provided.
+func getDataDir(dataDirs ...string) (string, error) {
+	if len(dataDirs) > 0 {
+		return testDataDirs(dataDirs)
 	}
 
+	dataDir, _ := GetEnv("DATA_DIR")
 	if dataDir != "" {
-		return testDataDirs([]string{dataDir})
+		dataDirs = append(dataDirs, dataDir)
 	}
 
-	var dirsToTry []string
-
 	if runtime.GOOS == "windows" {
-		dirsToTry = []string{
+		dataDirs = append(dataDirs,
 			filepath.Join(os.Getenv("APPDATA"), "beszel-agent"),
 			filepath.Join(os.Getenv("LOCALAPPDATA"), "beszel-agent"),
-		}
+		)
 	} else {
-		homeDir, err := os.UserHomeDir()
-		if err != nil {
-			return "", err
-		}
-		dirsToTry = []string{
-			"/var/lib/beszel-agent",
-			filepath.Join(homeDir, ".config", "beszel"),
+		dataDirs = append(dataDirs, "/var/lib/beszel-agent")
+		if homeDir, err := os.UserHomeDir(); err == nil {
+			dataDirs = append(dataDirs, filepath.Join(homeDir, ".config", "beszel"))
 		}
 	}
-	return testDataDirs(dirsToTry)
+	return testDataDirs(dataDirs)
 }
 
 func testDataDirs(paths []string) (string, error) {

agent/data_dir_test.go

@@ -44,15 +44,15 @@ func TestGetDataDir(t *testing.T) {
 		oldValue := os.Getenv("DATA_DIR")
 		defer func() {
 			if oldValue == "" {
-				os.Unsetenv("DATA_DIR")
+				os.Unsetenv("BESZEL_AGENT_DATA_DIR")
 			} else {
-				os.Setenv("DATA_DIR", oldValue)
+				os.Setenv("BESZEL_AGENT_DATA_DIR", oldValue)
 			}
 		}()
 
-		os.Setenv("DATA_DIR", tempDir)
+		os.Setenv("BESZEL_AGENT_DATA_DIR", tempDir)
 
-		result, err := getDataDir("")
+		result, err := getDataDir()
 		require.NoError(t, err)
 		assert.Equal(t, tempDir, result)
 	})
@@ -79,7 +79,7 @@ func TestGetDataDir(t *testing.T) {
 
 		// This will try platform-specific defaults, which may or may not work
 		// We're mainly testing that it doesn't panic and returns some result
-		result, err := getDataDir("")
+		result, err := getDataDir()
 		// We don't assert success/failure here since it depends on system permissions
 		// Just verify we get a string result if no error
 		if err == nil {

agent/disk.go

@@ -1,7 +1,6 @@
 package agent
 
 import (
-	"beszel/internal/entities/system"
 	"log/slog"
 	"os"
 	"path/filepath"
@@ -9,6 +8,8 @@ import (
 	"strings"
 	"time"
 
+	"github.com/henrygd/beszel/src/entities/system"
+
 	"github.com/shirou/gopsutil/v4/disk"
 )
 

agent/docker.go

@@ -1,7 +1,6 @@
 package agent
 
 import (
-	"beszel/internal/entities/container"
 	"bytes"
 	"context"
 	"encoding/json"
@@ -15,6 +14,8 @@ import (
 	"sync"
 	"time"
 
+	"github.com/henrygd/beszel/src/entities/container"
+
 	"github.com/blang/semver"
 )
 

agent/gpu.go

@@ -1,7 +1,6 @@
 package agent
 
 import (
-	"beszel/internal/entities/system"
 	"bufio"
 	"bytes"
 	"encoding/json"
@@ -13,6 +12,8 @@ import (
 	"sync"
 	"time"
 
+	"github.com/henrygd/beszel/src/entities/system"
+
 	"golang.org/x/exp/slog"
 )
 

agent/gpu_test.go

@@ -4,12 +4,13 @@
 package agent
 
 import (
-	"beszel/internal/entities/system"
 	"os"
 	"path/filepath"
 	"testing"
 	"time"
 
+	"github.com/henrygd/beszel/src/entities/system"
+
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )

agent/health/health_test.go

@@ -39,7 +39,7 @@ func TestHealth(t *testing.T) {
 	// This test uses synctest to simulate time passing.
 	// NOTE: This test requires GOEXPERIMENT=synctest to run.
 	t.Run("check with simulated time", func(t *testing.T) {
-		synctest.Run(func() {
+		synctest.Test(t, func(t *testing.T) {
 			// Update the file to set the initial timestamp.
 			require.NoError(t, Update(), "Update() failed inside synctest")
 

agent/lhm/beszel_lhm.cs

@@ -0,0 +1,80 @@
+using System;
+using System.Globalization;
+using LibreHardwareMonitor.Hardware;
+
+class Program
+{
+  static void Main()
+  {
+    var computer = new Computer
+    {
+      IsCpuEnabled = true,
+      IsGpuEnabled = true,
+      IsMemoryEnabled = true,
+      IsMotherboardEnabled = true,
+      IsStorageEnabled = true,
+      // IsPsuEnabled = true,
+      // IsNetworkEnabled = true,
+    };
+    computer.Open();
+
+    var reader = Console.In;
+    var writer = Console.Out;
+
+    string line;
+    while ((line = reader.ReadLine()) != null)
+    {
+      if (line.Trim().Equals("getTemps", StringComparison.OrdinalIgnoreCase))
+      {
+        foreach (var hw in computer.Hardware)
+        {
+          // process main hardware sensors
+          ProcessSensors(hw, writer);
+
+          // process subhardware sensors
+          foreach (var subhardware in hw.SubHardware)
+          {
+            ProcessSensors(subhardware, writer);
+          }
+        }
+        // send empty line to signal end of sensor data
+        writer.WriteLine();
+        writer.Flush();
+      }
+    }
+
+    computer.Close();
+  }
+
+  static void ProcessSensors(IHardware hardware, System.IO.TextWriter writer)
+  {
+    var updated = false;
+    foreach (var sensor in hardware.Sensors)
+    {
+      var validTemp = sensor.SensorType == SensorType.Temperature && sensor.Value.HasValue;
+      if (!validTemp || sensor.Name.Contains("Distance"))
+      {
+        continue;
+      }
+
+      if (!updated)
+      {
+        hardware.Update();
+        updated = true;
+      }
+
+      var name = sensor.Name;
+      // if sensor.Name starts with "Temperature" replace with hardware.Identifier but retain the rest of the name.
+      // usually this is a number like Temperature 3
+      if (sensor.Name.StartsWith("Temperature"))
+      {
+        name = hardware.Identifier.ToString().Replace("/", "_").TrimStart('_') + sensor.Name.Substring(11);
+      }
+
+      // invariant culture assures the value is parsable as a float
+      var value = sensor.Value.Value.ToString("0.##", CultureInfo.InvariantCulture);
+      // write the name and value to the writer
+      writer.WriteLine($"{name}|{value}");
+    }
+  }
+}

agent/lhm/beszel_lhm.csproj

@@ -0,0 +1,11 @@
+<Project Sdk="Microsoft.NET.Sdk">
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net48</TargetFramework>
+    <Platforms>x64</Platforms>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="LibreHardwareMonitorLib" Version="0.9.4" />
+  </ItemGroup>
+</Project>

agent/sensors.go

@@ -1,13 +1,16 @@
 package agent
 
 import (
-	"beszel/internal/entities/system"
 	"context"
 	"fmt"
 	"log/slog"
 	"path"
+	"runtime"
 	"strconv"
 	"strings"
+	"unicode/utf8"
+
+	"github.com/henrygd/beszel/src/entities/system"
 
 	"github.com/shirou/gopsutil/v4/common"
 	"github.com/shirou/gopsutil/v4/sensors"
@@ -82,10 +85,10 @@ func (a *Agent) updateTemperatures(systemStats *system.Stats) {
 	// reset high temp
 	a.systemInfo.DashboardTemp = 0
 
-	temps, err := a.getTempsWithPanicRecovery(sensors.TemperaturesWithContext)
+	temps, err := a.getTempsWithPanicRecovery(getSensorTemps)
 	if err != nil {
 		// retry once on panic (gopsutil/issues/1832)
-		temps, err = a.getTempsWithPanicRecovery(sensors.TemperaturesWithContext)
+		temps, err = a.getTempsWithPanicRecovery(getSensorTemps)
 		if err != nil {
 			slog.Warn("Error updating temperatures", "err", err)
 			if len(systemStats.Temperatures) > 0 {
@@ -103,6 +106,11 @@ func (a *Agent) updateTemperatures(systemStats *system.Stats) {
 
 	systemStats.Temperatures = make(map[string]float64, len(temps))
 	for i, sensor := range temps {
+		// check for malformed strings on darwin (gopsutil/issues/1832)
+		if runtime.GOOS == "darwin" && !utf8.ValidString(sensor.SensorKey) {
+			continue
+		}
+
 		// scale temperature
 		if sensor.Temperature != 0 && sensor.Temperature < 1 {
 			sensor.Temperature = scaleTemperature(sensor.Temperature)

agent/sensors_default.go

@@ -0,0 +1,9 @@
+//go:build !windows
+
+package agent
+
+import (
+	"github.com/shirou/gopsutil/v4/sensors"
+)
+
+var getSensorTemps = sensors.TemperaturesWithContext

agent/sensors_test.go

@@ -4,12 +4,13 @@
 package agent
 
 import (
-	"beszel/internal/entities/system"
 	"context"
 	"fmt"
 	"os"
 	"testing"
 
+	"github.com/henrygd/beszel/src/entities/system"
+
 	"github.com/shirou/gopsutil/v4/common"
 	"github.com/shirou/gopsutil/v4/sensors"
 	"github.com/stretchr/testify/assert"

agent/sensors_windows.go

@@ -0,0 +1,286 @@
+//go:build windows
+
+//go:generate dotnet build -c Release lhm/beszel_lhm.csproj
+
+package agent
+
+import (
+	"bufio"
+	"context"
+	"embed"
+	"errors"
+	"fmt"
+	"io"
+	"log/slog"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/shirou/gopsutil/v4/sensors"
+)
+
+// Note: This is always called from Agent.gatherStats() which holds Agent.Lock(),
+// so no internal concurrency protection is needed.
+
+// lhmProcess is a wrapper around the LHM .NET process.
+type lhmProcess struct {
+	cmd                  *exec.Cmd
+	stdin                io.WriteCloser
+	stdout               io.ReadCloser
+	scanner              *bufio.Scanner
+	isRunning            bool
+	stoppedNoSensors     bool
+	consecutiveNoSensors uint8
+	execPath             string
+	tempDir              string
+}
+
+//go:embed all:lhm/bin/Release/net48
+var lhmFs embed.FS
+
+var (
+	beszelLhm     *lhmProcess
+	beszelLhmOnce sync.Once
+	useLHM        = os.Getenv("LHM") == "true"
+)
+
+var errNoSensors = errors.New("no sensors found (try running as admin with LHM=true)")
+
+// newlhmProcess copies the embedded LHM executable to a temporary directory and starts it.
+func newlhmProcess() (*lhmProcess, error) {
+	destDir := filepath.Join(os.TempDir(), "beszel")
+	execPath := filepath.Join(destDir, "beszel_lhm.exe")
+
+	if err := os.MkdirAll(destDir, 0755); err != nil {
+		return nil, fmt.Errorf("failed to create temp directory: %w", err)
+	}
+
+	// Only copy if executable doesn't exist
+	if _, err := os.Stat(execPath); os.IsNotExist(err) {
+		if err := copyEmbeddedDir(lhmFs, "lhm/bin/Release/net48", destDir); err != nil {
+			return nil, fmt.Errorf("failed to copy embedded directory: %w", err)
+		}
+	}
+
+	lhm := &lhmProcess{
+		execPath: execPath,
+		tempDir:  destDir,
+	}
+
+	if err := lhm.startProcess(); err != nil {
+		return nil, fmt.Errorf("failed to start process: %w", err)
+	}
+
+	return lhm, nil
+}
+
+// startProcess starts the external LHM process
+func (lhm *lhmProcess) startProcess() error {
+	// Clean up any existing process
+	lhm.cleanupProcess()
+
+	cmd := exec.Command(lhm.execPath)
+	stdin, err := cmd.StdinPipe()
+	if err != nil {
+		return err
+	}
+
+	stdout, err := cmd.StdoutPipe()
+	if err != nil {
+		stdin.Close()
+		return err
+	}
+
+	if err := cmd.Start(); err != nil {
+		stdin.Close()
+		stdout.Close()
+		return err
+	}
+
+	// Update process state
+	lhm.cmd = cmd
+	lhm.stdin = stdin
+	lhm.stdout = stdout
+	lhm.scanner = bufio.NewScanner(stdout)
+	lhm.isRunning = true
+
+	// Give process a moment to initialize
+	time.Sleep(100 * time.Millisecond)
+
+	return nil
+}
+
+// cleanupProcess terminates the process and closes resources but preserves files
+func (lhm *lhmProcess) cleanupProcess() {
+	lhm.isRunning = false
+
+	if lhm.cmd != nil && lhm.cmd.Process != nil {
+		lhm.cmd.Process.Kill()
+		lhm.cmd.Wait()
+	}
+
+	if lhm.stdin != nil {
+		lhm.stdin.Close()
+		lhm.stdin = nil
+	}
+	if lhm.stdout != nil {
+		lhm.stdout.Close()
+		lhm.stdout = nil
+	}
+
+	lhm.cmd = nil
+	lhm.scanner = nil
+	lhm.stoppedNoSensors = false
+	lhm.consecutiveNoSensors = 0
+}
+
+func (lhm *lhmProcess) getTemps(ctx context.Context) (temps []sensors.TemperatureStat, err error) {
+	if !useLHM || lhm.stoppedNoSensors {
+		// Fall back to gopsutil if we can't get sensors from LHM
+		return sensors.TemperaturesWithContext(ctx)
+	}
+
+	// Start process if it's not running
+	if !lhm.isRunning || lhm.stdin == nil || lhm.scanner == nil {
+		err := lhm.startProcess()
+		if err != nil {
+			return temps, err
+		}
+	}
+
+	// Send command to process
+	_, err = fmt.Fprintln(lhm.stdin, "getTemps")
+	if err != nil {
+		lhm.isRunning = false
+		return temps, fmt.Errorf("failed to send command: %w", err)
+	}
+
+	// Read all sensor lines until we hit an empty line or EOF
+	for lhm.scanner.Scan() {
+		line := strings.TrimSpace(lhm.scanner.Text())
+		if line == "" {
+			break
+		}
+
+		parts := strings.Split(line, "|")
+		if len(parts) != 2 {
+			slog.Debug("Invalid sensor format", "line", line)
+			continue
+		}
+
+		name := strings.TrimSpace(parts[0])
+		valueStr := strings.TrimSpace(parts[1])
+
+		value, err := strconv.ParseFloat(valueStr, 64)
+		if err != nil {
+			slog.Debug("Failed to parse sensor", "err", err, "line", line)
+			continue
+		}
+
+		if name == "" || value <= 0 || value > 150 {
+			slog.Debug("Invalid sensor", "name", name, "val", value, "line", line)
+			continue
+		}
+
+		temps = append(temps, sensors.TemperatureStat{
+			SensorKey:   name,
+			Temperature: value,
+		})
+	}
+
+	if err := lhm.scanner.Err(); err != nil {
+		lhm.isRunning = false
+		return temps, err
+	}
+
+	// Handle no sensors case
+	if len(temps) == 0 {
+		lhm.consecutiveNoSensors++
+		if lhm.consecutiveNoSensors >= 3 {
+			lhm.stoppedNoSensors = true
+			slog.Warn(errNoSensors.Error())
+			lhm.cleanup()
+		}
+		return sensors.TemperaturesWithContext(ctx)
+	}
+
+	lhm.consecutiveNoSensors = 0
+
+	return temps, nil
+}
+
+// getSensorTemps attempts to pull sensor temperatures from the embedded LHM process.
+// NB: LibreHardwareMonitorLib requires admin privileges to access all available sensors.
+func getSensorTemps(ctx context.Context) (temps []sensors.TemperatureStat, err error) {
+	defer func() {
+		if err != nil {
+			slog.Debug("Error reading sensors", "err", err)
+		}
+	}()
+
+	if !useLHM {
+		return sensors.TemperaturesWithContext(ctx)
+	}
+
+	// Initialize process once
+	beszelLhmOnce.Do(func() {
+		beszelLhm, err = newlhmProcess()
+	})
+
+	if err != nil {
+		return temps, fmt.Errorf("failed to initialize lhm: %w", err)
+	}
+
+	if beszelLhm == nil {
+		return temps, fmt.Errorf("lhm not available")
+	}
+
+	return beszelLhm.getTemps(ctx)
+}
+
+// cleanup terminates the process and closes resources
+func (lhm *lhmProcess) cleanup() {
+	lhm.cleanupProcess()
+	if lhm.tempDir != "" {
+		os.RemoveAll(lhm.tempDir)
+	}
+}
+
+// copyEmbeddedDir copies the embedded directory to the destination path
+func copyEmbeddedDir(fs embed.FS, srcPath, destPath string) error {
+	entries, err := fs.ReadDir(srcPath)
+	if err != nil {
+		return err
+	}
+	if err := os.MkdirAll(destPath, 0755); err != nil {
+		return err
+	}
+
+	for _, entry := range entries {
+		srcEntryPath := path.Join(srcPath, entry.Name())
+		destEntryPath := filepath.Join(destPath, entry.Name())
+
+		if entry.IsDir() {
+			if err := copyEmbeddedDir(fs, srcEntryPath, destEntryPath); err != nil {
+				return err
+			}
+			continue
+		}
+
+		data, err := fs.ReadFile(srcEntryPath)
+		if err != nil {
+			return err
+		}
+
+		if err := os.WriteFile(destEntryPath, data, 0755); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}

agent/server.go

@@ -1,9 +1,6 @@
 package agent
 
 import (
-	"beszel"
-	"beszel/internal/common"
-	"beszel/internal/entities/system"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -14,6 +11,10 @@ import (
 	"strings"
 	"time"
 
+	"github.com/henrygd/beszel"
+	"github.com/henrygd/beszel/src/common"
+	"github.com/henrygd/beszel/src/entities/system"
+
 	"github.com/blang/semver"
 	"github.com/fxamacker/cbor/v2"
 	"github.com/gliderlabs/ssh"

agent/server_test.go

@@ -1,8 +1,6 @@
 package agent
 
 import (
-	"beszel/internal/entities/container"
-	"beszel/internal/entities/system"
 	"context"
 	"crypto/ed25519"
 	"encoding/json"
@@ -15,6 +13,9 @@ import (
 	"testing"
 	"time"
 
+	"github.com/henrygd/beszel/src/entities/container"
+	"github.com/henrygd/beszel/src/entities/system"
+
 	"github.com/blang/semver"
 	"github.com/fxamacker/cbor/v2"
 	"github.com/gliderlabs/ssh"
@@ -473,11 +474,11 @@ func TestWriteToSessionEncoding(t *testing.T) {
 			hubVersion:       "0.12.0-beta0",
 			expectedUsesCbor: false,
 		},
-		{
-			name:             "matching beta version should use CBOR",
-			hubVersion:       "0.12.0-beta1",
-			expectedUsesCbor: true,
-		},
+		// {
+		// 	name:             "matching beta version should use CBOR",
+		// 	hubVersion:       "0.12.0-beta2",
+		// 	expectedUsesCbor: true,
+		// },
 	}
 
 	for _, tt := range tests {

agent/system.go

@@ -1,8 +1,6 @@
 package agent
 
 import (
-	"beszel"
-	"beszel/internal/entities/system"
 	"bufio"
 	"fmt"
 	"log/slog"
@@ -11,9 +9,14 @@ import (
 	"strings"
 	"time"
 
+	"github.com/henrygd/beszel"
+	"github.com/henrygd/beszel/agent/battery"
+	"github.com/henrygd/beszel/src/entities/system"
+
 	"github.com/shirou/gopsutil/v4/cpu"
 	"github.com/shirou/gopsutil/v4/disk"
 	"github.com/shirou/gopsutil/v4/host"
+	"github.com/shirou/gopsutil/v4/load"
 	"github.com/shirou/gopsutil/v4/mem"
 	psutilNet "github.com/shirou/gopsutil/v4/net"
 )
@@ -58,10 +61,10 @@ func (a *Agent) initializeSystemInfo() {
 	}
 
 	// zfs
-	if _, err := getARCSize(); err == nil {
-		a.zfs = true
-	} else {
+	if _, err := getARCSize(); err != nil {
 		slog.Debug("Not monitoring ZFS ARC", "err", err)
+	} else {
+		a.zfs = true
 	}
 }
 
@@ -69,6 +72,11 @@ func (a *Agent) initializeSystemInfo() {
 func (a *Agent) getSystemStats() system.Stats {
 	systemStats := system.Stats{}
 
+	// battery
+	if battery.HasReadableBattery() {
+		systemStats.Battery[0], systemStats.Battery[1], _ = battery.GetBatteryStats()
+	}
+
 	// cpu percent
 	cpuPct, err := cpu.Percent(0, false)
 	if err != nil {
@@ -77,6 +85,16 @@ func (a *Agent) getSystemStats() system.Stats {
 		systemStats.Cpu = twoDecimals(cpuPct[0])
 	}
 
+	// load average
+	if avgstat, err := load.Avg(); err == nil {
+		systemStats.LoadAvg[0] = avgstat.Load1
+		systemStats.LoadAvg[1] = avgstat.Load5
+		systemStats.LoadAvg[2] = avgstat.Load15
+		slog.Debug("Load average", "5m", avgstat.Load5, "15m", avgstat.Load15)
+	} else {
+		slog.Error("Error getting load average", "err", err)
+	}
+
 	// memory
 	if v, err := mem.VirtualMemory(); err == nil {
 		// swap
@@ -163,24 +181,27 @@ func (a *Agent) getSystemStats() system.Stats {
 		a.initializeNetIoStats()
 	}
 	if netIO, err := psutilNet.IOCounters(true); err == nil {
-		secondsElapsed := time.Since(a.netIoStats.Time).Seconds()
+		msElapsed := uint64(time.Since(a.netIoStats.Time).Milliseconds())
 		a.netIoStats.Time = time.Now()
-		bytesSent := uint64(0)
-		bytesRecv := uint64(0)
+		totalBytesSent := uint64(0)
+		totalBytesRecv := uint64(0)
 		// sum all bytes sent and received
 		for _, v := range netIO {
 			// skip if not in valid network interfaces list
 			if _, exists := a.netInterfaces[v.Name]; !exists {
 				continue
 			}
-			bytesSent += v.BytesSent
-			bytesRecv += v.BytesRecv
+			totalBytesSent += v.BytesSent
+			totalBytesRecv += v.BytesRecv
 		}
 		// add to systemStats
-		sentPerSecond := float64(bytesSent-a.netIoStats.BytesSent) / secondsElapsed
-		recvPerSecond := float64(bytesRecv-a.netIoStats.BytesRecv) / secondsElapsed
-		networkSentPs := bytesToMegabytes(sentPerSecond)
-		networkRecvPs := bytesToMegabytes(recvPerSecond)
+		var bytesSentPerSecond, bytesRecvPerSecond uint64
+		if msElapsed > 0 {
+			bytesSentPerSecond = (totalBytesSent - a.netIoStats.BytesSent) * 1000 / msElapsed
+			bytesRecvPerSecond = (totalBytesRecv - a.netIoStats.BytesRecv) * 1000 / msElapsed
+		}
+		networkSentPs := bytesToMegabytes(float64(bytesSentPerSecond))
+		networkRecvPs := bytesToMegabytes(float64(bytesRecvPerSecond))
 		// add check for issue (#150) where sent is a massive number
 		if networkSentPs > 10_000 || networkRecvPs > 10_000 {
 			slog.Warn("Invalid net stats. Resetting.", "sent", networkSentPs, "recv", networkRecvPs)
@@ -195,9 +216,10 @@ func (a *Agent) getSystemStats() system.Stats {
 		} else {
 			systemStats.NetworkSent = networkSentPs
 			systemStats.NetworkRecv = networkRecvPs
+			systemStats.Bandwidth[0], systemStats.Bandwidth[1] = bytesSentPerSecond, bytesRecvPerSecond
 			// update netIoStats
-			a.netIoStats.BytesSent = bytesSent
-			a.netIoStats.BytesRecv = bytesRecv
+			a.netIoStats.BytesSent = totalBytesSent
+			a.netIoStats.BytesRecv = totalBytesRecv
 		}
 	}
 
@@ -240,10 +262,17 @@ func (a *Agent) getSystemStats() system.Stats {
 
 	// update base system info
 	a.systemInfo.Cpu = systemStats.Cpu
+	a.systemInfo.LoadAvg = systemStats.LoadAvg
+	// TODO: remove these in future release in favor of load avg array
+	a.systemInfo.LoadAvg1 = systemStats.LoadAvg[0]
+	a.systemInfo.LoadAvg5 = systemStats.LoadAvg[1]
+	a.systemInfo.LoadAvg15 = systemStats.LoadAvg[2]
 	a.systemInfo.MemPct = systemStats.MemPct
 	a.systemInfo.DiskPct = systemStats.DiskPct
 	a.systemInfo.Uptime, _ = host.Uptime()
+	// TODO: in future release, remove MB bandwidth values in favor of bytes
 	a.systemInfo.Bandwidth = twoDecimals(systemStats.NetworkSent + systemStats.NetworkRecv)
+	a.systemInfo.BandwidthBytes = systemStats.Bandwidth[0] + systemStats.Bandwidth[1]
 	slog.Debug("sysinfo", "data", a.systemInfo)
 
 	return systemStats

agent/update.go

@@ -0,0 +1,165 @@
+package agent
+
+import (
+	"fmt"
+	"log"
+	"os"
+	"os/exec"
+	"runtime"
+	"strings"
+
+	"github.com/henrygd/beszel/src/ghupdate"
+)
+
+// restarter knows how to restart the beszel-agent service.
+type restarter interface {
+	Restart() error
+}
+
+type systemdRestarter struct{ cmd string }
+
+func (s *systemdRestarter) Restart() error {
+	// Only restart if the service is active
+	if err := exec.Command(s.cmd, "is-active", "beszel-agent.service").Run(); err != nil {
+		return nil
+	}
+	ghupdate.ColorPrint(ghupdate.ColorYellow, "Restarting beszel-agent.service via systemd…")
+	return exec.Command(s.cmd, "restart", "beszel-agent.service").Run()
+}
+
+type openRCRestarter struct{ cmd string }
+
+func (o *openRCRestarter) Restart() error {
+	if err := exec.Command(o.cmd, "status", "beszel-agent").Run(); err != nil {
+		return nil
+	}
+	ghupdate.ColorPrint(ghupdate.ColorYellow, "Restarting beszel-agent via OpenRC…")
+	return exec.Command(o.cmd, "restart", "beszel-agent").Run()
+}
+
+type openWRTRestarter struct{ cmd string }
+
+func (w *openWRTRestarter) Restart() error {
+	if err := exec.Command(w.cmd, "running", "beszel-agent").Run(); err != nil {
+		return nil
+	}
+	ghupdate.ColorPrint(ghupdate.ColorYellow, "Restarting beszel-agent via procd…")
+	return exec.Command(w.cmd, "restart", "beszel-agent").Run()
+}
+
+type freeBSDRestarter struct{ cmd string }
+
+func (f *freeBSDRestarter) Restart() error {
+	if err := exec.Command(f.cmd, "beszel-agent", "status").Run(); err != nil {
+		return nil
+	}
+	ghupdate.ColorPrint(ghupdate.ColorYellow, "Restarting beszel-agent via FreeBSD rc…")
+	return exec.Command(f.cmd, "beszel-agent", "restart").Run()
+}
+
+func detectRestarter() restarter {
+	if path, err := exec.LookPath("systemctl"); err == nil {
+		return &systemdRestarter{cmd: path}
+	}
+	if path, err := exec.LookPath("rc-service"); err == nil {
+		return &openRCRestarter{cmd: path}
+	}
+	if path, err := exec.LookPath("service"); err == nil {
+		if runtime.GOOS == "freebsd" {
+			return &freeBSDRestarter{cmd: path}
+		}
+		return &openWRTRestarter{cmd: path}
+	}
+	return nil
+}
+
+// Update checks GitHub for a newer release of beszel-agent, applies it,
+// fixes SELinux context if needed, and restarts the service.
+func Update(useMirror bool) error {
+	exePath, _ := os.Executable()
+
+	dataDir, err := getDataDir()
+	if err != nil {
+		dataDir = os.TempDir()
+	}
+	updated, err := ghupdate.Update(ghupdate.Config{
+		ArchiveExecutable: "beszel-agent",
+		DataDir:           dataDir,
+		UseMirror:         useMirror,
+	})
+	if err != nil {
+		log.Fatal(err)
+	}
+	if !updated {
+		return nil
+	}
+
+	// make sure the file is executable
+	if err := os.Chmod(exePath, 0755); err != nil {
+		ghupdate.ColorPrintf(ghupdate.ColorYellow, "Warning: failed to set executable permissions: %v", err)
+	}
+	// set ownership to beszel:beszel if possible
+	if chownPath, err := exec.LookPath("chown"); err == nil {
+		if err := exec.Command(chownPath, "beszel:beszel", exePath).Run(); err != nil {
+			ghupdate.ColorPrintf(ghupdate.ColorYellow, "Warning: failed to set file ownership: %v", err)
+		}
+	}
+
+	// 6) Fix SELinux context if necessary
+	if err := handleSELinuxContext(exePath); err != nil {
+		ghupdate.ColorPrintf(ghupdate.ColorYellow, "Warning: SELinux context handling: %v", err)
+	}
+
+	// 7) Restart service if running under a recognised init system
+	if r := detectRestarter(); r != nil {
+		if err := r.Restart(); err != nil {
+			ghupdate.ColorPrintf(ghupdate.ColorYellow, "Warning: failed to restart service: %v", err)
+			ghupdate.ColorPrint(ghupdate.ColorYellow, "Please restart the service manually.")
+		} else {
+			ghupdate.ColorPrint(ghupdate.ColorGreen, "Service restarted successfully")
+		}
+	} else {
+		ghupdate.ColorPrint(ghupdate.ColorYellow, "No supported init system detected; please restart manually if needed.")
+	}
+
+	return nil
+}
+
+// handleSELinuxContext restores or applies the correct SELinux label to the binary.
+func handleSELinuxContext(path string) error {
+	out, err := exec.Command("getenforce").Output()
+	if err != nil {
+		// SELinux not enabled or getenforce not available
+		return nil
+	}
+	state := strings.TrimSpace(string(out))
+	if state == "Disabled" {
+		return nil
+	}
+
+	ghupdate.ColorPrint(ghupdate.ColorYellow, "SELinux is enabled; applying context…")
+	var errs []string
+
+	// Try persistent context via semanage+restorecon
+	if semanagePath, err := exec.LookPath("semanage"); err == nil {
+		if err := exec.Command(semanagePath, "fcontext", "-a", "-t", "bin_t", path).Run(); err != nil {
+			errs = append(errs, "semanage fcontext failed: "+err.Error())
+		} else if restoreconPath, err := exec.LookPath("restorecon"); err == nil {
+			if err := exec.Command(restoreconPath, "-v", path).Run(); err != nil {
+				errs = append(errs, "restorecon failed: "+err.Error())
+			}
+		}
+	}
+
+	// Fallback to temporary context via chcon
+	if chconPath, err := exec.LookPath("chcon"); err == nil {
+		if err := exec.Command(chconPath, "-t", "bin_t", path).Run(); err != nil {
+			errs = append(errs, "chcon failed: "+err.Error())
+		}
+	}
+
+	if len(errs) > 0 {
+		return fmt.Errorf("SELinux context errors: %s", strings.Join(errs, "; "))
+	}
+	return nil
+}

beszel/Makefile

@@ -1,72 +0,0 @@
-# Default OS/ARCH values
-OS ?= $(shell go env GOOS)
-ARCH ?= $(shell go env GOARCH)
-# Skip building the web UI if true
-SKIP_WEB ?= false
-
-.PHONY: tidy build-agent build-hub build clean lint dev-server dev-agent dev-hub dev generate-locales
-.DEFAULT_GOAL := build
-
-clean:
-	go clean
-	rm -rf ./build
-
-lint:
-	golangci-lint run
-
-test: export GOEXPERIMENT=synctest
-test:
-	go test -tags=testing ./...
-
-tidy:
-	go mod tidy
-
-build-web-ui:
-	@if command -v bun >/dev/null 2>&1; then \
-		bun install --cwd ./site && \
-		bun run --cwd ./site build; \
-	else \
-		npm install --prefix ./site && \
-		npm run --prefix ./site build; \
-	fi
-
-build-agent: tidy
-	GOOS=$(OS) GOARCH=$(ARCH) go build -o ./build/beszel-agent_$(OS)_$(ARCH) -ldflags "-w -s" beszel/cmd/agent
-
-build-hub: tidy $(if $(filter false,$(SKIP_WEB)),build-web-ui)
-	GOOS=$(OS) GOARCH=$(ARCH) go build -o ./build/beszel_$(OS)_$(ARCH) -ldflags "-w -s" beszel/cmd/hub
-
-build: build-agent build-hub
-
-generate-locales:
-	@if [ ! -f ./site/src/locales/en/en.ts ]; then \
-		echo "Generating locales..."; \
-		command -v bun >/dev/null 2>&1 && cd ./site && bun install && bun run sync || cd ./site && npm install && npm run sync; \
-	fi
-
-dev-server: generate-locales
-	cd ./site
-	@if command -v bun >/dev/null 2>&1; then \
-		cd ./site && bun run dev --host 0.0.0.0; \
-	else \
-		cd ./site && npm run dev --host 0.0.0.0; \
-	fi
-
-dev-hub: export ENV=dev
-dev-hub:
-	mkdir -p ./site/dist && touch ./site/dist/index.html
-	@if command -v entr >/dev/null 2>&1; then \
-		find ./cmd/hub ./internal/{alerts,hub,records,users} -name "*.go" | entr -r -s "cd ./cmd/hub && go run . serve"; \
-	else \
-		cd ./cmd/hub && go run . serve --http 0.0.0.0:8090; \
-	fi
-
-dev-agent:
-	@if command -v entr >/dev/null 2>&1; then \
-		find ./cmd/agent/*.go ./internal/agent/*.go | entr -r go run beszel/cmd/agent; \
-	else \
-		go run beszel/cmd/agent; \
-	fi
-
-# KEY="..." make -j dev
-dev: dev-server dev-hub dev-agent

beszel/cmd/agent/agent.go

@@ -1,122 +0,0 @@
-package main
-
-import (
-	"beszel"
-	"beszel/internal/agent"
-	"beszel/internal/agent/health"
-	"flag"
-	"fmt"
-	"log"
-	"os"
-
-	"golang.org/x/crypto/ssh"
-)
-
-// cli options
-type cmdOptions struct {
-	key    string // key is the public key(s) for SSH authentication.
-	listen string // listen is the address or port to listen on.
-}
-
-// parse parses the command line flags and populates the config struct.
-// It returns true if a subcommand was handled and the program should exit.
-func (opts *cmdOptions) parse() bool {
-	flag.StringVar(&opts.key, "key", "", "Public key(s) for SSH authentication")
-	flag.StringVar(&opts.listen, "listen", "", "Address or port to listen on")
-
-	flag.Usage = func() {
-		fmt.Printf("Usage: %s [command] [flags]\n", os.Args[0])
-		fmt.Println("\nCommands:")
-		fmt.Println("  health    Check if the agent is running")
-		fmt.Println("  help      Display this help message")
-		fmt.Println("  update    Update to the latest version")
-		fmt.Println("  version   Display the version")
-		fmt.Println("\nFlags:")
-		flag.PrintDefaults()
-	}
-
-	subcommand := ""
-	if len(os.Args) > 1 {
-		subcommand = os.Args[1]
-	}
-
-	switch subcommand {
-	case "-v", "version":
-		fmt.Println(beszel.AppName+"-agent", beszel.Version)
-		return true
-	case "help":
-		flag.Usage()
-		return true
-	case "update":
-		agent.Update()
-		return true
-	case "health":
-		err := health.Check()
-		if err != nil {
-			log.Fatal(err)
-		}
-		fmt.Print("ok")
-		return true
-	}
-
-	flag.Parse()
-	return false
-}
-
-// loadPublicKeys loads the public keys from the command line flag, environment variable, or key file.
-func (opts *cmdOptions) loadPublicKeys() ([]ssh.PublicKey, error) {
-	// Try command line flag first
-	if opts.key != "" {
-		return agent.ParseKeys(opts.key)
-	}
-
-	// Try environment variable
-	if key, ok := agent.GetEnv("KEY"); ok && key != "" {
-		return agent.ParseKeys(key)
-	}
-
-	// Try key file
-	keyFile, ok := agent.GetEnv("KEY_FILE")
-	if !ok {
-		return nil, fmt.Errorf("no key provided: must set -key flag, KEY env var, or KEY_FILE env var. Use 'beszel-agent help' for usage")
-	}
-
-	pubKey, err := os.ReadFile(keyFile)
-	if err != nil {
-		return nil, fmt.Errorf("failed to read key file: %w", err)
-	}
-	return agent.ParseKeys(string(pubKey))
-}
-
-func (opts *cmdOptions) getAddress() string {
-	return agent.GetAddress(opts.listen)
-}
-
-func main() {
-	var opts cmdOptions
-	subcommandHandled := opts.parse()
-
-	if subcommandHandled {
-		return
-	}
-
-	var serverConfig agent.ServerOptions
-	var err error
-	serverConfig.Keys, err = opts.loadPublicKeys()
-	if err != nil {
-		log.Fatal("Failed to load public keys:", err)
-	}
-
-	addr := opts.getAddress()
-	serverConfig.Addr = addr
-	serverConfig.Network = agent.GetNetwork(addr)
-
-	agent, err := agent.NewAgent("")
-	if err != nil {
-		log.Fatal("Failed to create agent: ", err)
-	}
-
-	if err := agent.Start(serverConfig); err != nil {
-		log.Fatal("Failed to start server: ", err)
-	}
-}

beszel/internal/agent/update.go

@@ -1,56 +0,0 @@
-package agent
-
-import (
-	"beszel"
-	"fmt"
-	"os"
-	"strings"
-
-	"github.com/blang/semver"
-	"github.com/rhysd/go-github-selfupdate/selfupdate"
-)
-
-// Update updates beszel-agent to the latest version
-func Update() {
-	var latest *selfupdate.Release
-	var found bool
-	var err error
-	currentVersion := semver.MustParse(beszel.Version)
-	fmt.Println("beszel-agent", currentVersion)
-	fmt.Println("Checking for updates...")
-	updater, _ := selfupdate.NewUpdater(selfupdate.Config{
-		Filters: []string{"beszel-agent"},
-	})
-	latest, found, err = updater.DetectLatest("henrygd/beszel")
-
-	if err != nil {
-		fmt.Println("Error checking for updates:", err)
-		os.Exit(1)
-	}
-
-	if !found {
-		fmt.Println("No updates found")
-		os.Exit(0)
-	}
-
-	fmt.Println("Latest version:", latest.Version)
-
-	if latest.Version.LTE(currentVersion) {
-		fmt.Println("You are up to date")
-		return
-	}
-
-	var binaryPath string
-	fmt.Printf("Updating from %s to %s...\n", currentVersion, latest.Version)
-	binaryPath, err = os.Executable()
-	if err != nil {
-		fmt.Println("Error getting binary path:", err)
-		os.Exit(1)
-	}
-	err = selfupdate.UpdateTo(latest.AssetURL, binaryPath)
-	if err != nil {
-		fmt.Println("Please try rerunning with sudo. Error:", err)
-		os.Exit(1)
-	}
-	fmt.Printf("Successfully updated to %s\n\n%s\n", latest.Version, strings.TrimSpace(latest.ReleaseNotes))
-}

beszel/internal/hub/agent_connect.go

@@ -1,247 +0,0 @@
-package hub
-
-import (
-	"beszel/internal/common"
-	"beszel/internal/hub/expirymap"
-	"beszel/internal/hub/ws"
-	"errors"
-	"fmt"
-	"net"
-	"net/http"
-	"strings"
-	"time"
-
-	"github.com/blang/semver"
-	"github.com/lxzan/gws"
-	"github.com/pocketbase/dbx"
-	"github.com/pocketbase/pocketbase/core"
-)
-
-// tokenMap maps tokens to user IDs for universal tokens
-var tokenMap *expirymap.ExpiryMap[string]
-
-type agentConnectRequest struct {
-	token       string
-	agentSemVer semver.Version
-	// for universal token
-	isUniversalToken bool
-	userId           string
-	remoteAddr       string
-}
-
-// validateAgentHeaders validates the required headers from agent connection requests.
-func (h *Hub) validateAgentHeaders(headers http.Header) (string, string, error) {
-	token := headers.Get("X-Token")
-	agentVersion := headers.Get("X-Beszel")
-
-	if agentVersion == "" || token == "" || len(token) > 512 {
-		return "", "", errors.New("")
-	}
-	return token, agentVersion, nil
-}
-
-// getFingerprintRecord retrieves fingerprint data from the database by token.
-func (h *Hub) getFingerprintRecord(token string, recordData *ws.FingerprintRecord) error {
-	err := h.DB().NewQuery("SELECT id, system, fingerprint, token FROM fingerprints WHERE token = {:token}").
-		Bind(dbx.Params{
-			"token": token,
-		}).
-		One(recordData)
-	return err
-}
-
-// sendResponseError sends an HTTP error response with the given status code and message.
-func sendResponseError(res http.ResponseWriter, code int, message string) error {
-	res.WriteHeader(code)
-	if message != "" {
-		res.Write([]byte(message))
-	}
-	return nil
-}
-
-// handleAgentConnect handles the incoming connection request from the agent.
-func (h *Hub) handleAgentConnect(e *core.RequestEvent) error {
-	if err := h.agentConnect(e.Request, e.Response); err != nil {
-		return err
-	}
-	return nil
-}
-
-// agentConnect handles agent connection requests, validating credentials and upgrading to WebSocket.
-func (h *Hub) agentConnect(req *http.Request, res http.ResponseWriter) (err error) {
-	var agentConnectRequest agentConnectRequest
-	var agentVersion string
-	// check if user agent and token are valid
-	agentConnectRequest.token, agentVersion, err = h.validateAgentHeaders(req.Header)
-	if err != nil {
-		return sendResponseError(res, http.StatusUnauthorized, "")
-	}
-
-	// Pull fingerprint from database matching token
-	var fpRecord ws.FingerprintRecord
-	err = h.getFingerprintRecord(agentConnectRequest.token, &fpRecord)
-
-	// if no existing record, check if token is a universal token
-	if err != nil {
-		if err = checkUniversalToken(&agentConnectRequest); err == nil {
-			// if this is a universal token, set the remote address and new record token
-			agentConnectRequest.remoteAddr = getRealIP(req)
-			fpRecord.Token = agentConnectRequest.token
-		}
-	}
-
-	// If no matching token, return unauthorized
-	if err != nil {
-		return sendResponseError(res, http.StatusUnauthorized, "Invalid token")
-	}
-
-	// Validate agent version
-	agentConnectRequest.agentSemVer, err = semver.Parse(agentVersion)
-	if err != nil {
-		return sendResponseError(res, http.StatusUnauthorized, "Invalid agent version")
-	}
-
-	// Upgrade connection to WebSocket
-	conn, err := ws.GetUpgrader().Upgrade(res, req)
-	if err != nil {
-		return sendResponseError(res, http.StatusInternalServerError, "WebSocket upgrade failed")
-	}
-
-	go h.verifyWsConn(conn, agentConnectRequest, fpRecord)
-
-	return nil
-}
-
-// verifyWsConn verifies the WebSocket connection using agent's fingerprint and SSH key signature.
-func (h *Hub) verifyWsConn(conn *gws.Conn, acr agentConnectRequest, fpRecord ws.FingerprintRecord) (err error) {
-	wsConn := ws.NewWsConnection(conn)
-	// must be set before the read loop
-	conn.Session().Store("wsConn", wsConn)
-
-	// make sure connection is closed if there is an error
-	defer func() {
-		if err != nil {
-			wsConn.Close()
-			h.Logger().Error("WebSocket error", "error", err, "system", fpRecord.SystemId)
-		}
-	}()
-
-	go conn.ReadLoop()
-
-	signer, err := h.GetSSHKey("")
-	if err != nil {
-		return err
-	}
-
-	agentFingerprint, err := wsConn.GetFingerprint(acr.token, signer, acr.isUniversalToken)
-	if err != nil {
-		return err
-	}
-
-	// Create system if using universal token
-	if acr.isUniversalToken {
-		if acr.userId == "" {
-			return errors.New("token user not found")
-		}
-		fpRecord.SystemId, err = h.createSystemFromAgentData(&acr, agentFingerprint)
-		if err != nil {
-			return fmt.Errorf("failed to create system from universal token: %w", err)
-		}
-	}
-
-	switch {
-	// If no current fingerprint, update with new fingerprint (first time connecting)
-	case fpRecord.Fingerprint == "":
-		if err := h.SetFingerprint(&fpRecord, agentFingerprint.Fingerprint); err != nil {
-			return err
-		}
-	// Abort if fingerprint exists but doesn't match (different machine)
-	case fpRecord.Fingerprint != agentFingerprint.Fingerprint:
-		return errors.New("fingerprint mismatch")
-	}
-
-	return h.sm.AddWebSocketSystem(fpRecord.SystemId, acr.agentSemVer, wsConn)
-}
-
-// createSystemFromAgentData creates a new system record using data from the agent
-func (h *Hub) createSystemFromAgentData(acr *agentConnectRequest, agentFingerprint common.FingerprintResponse) (recordId string, err error) {
-	systemsCollection, err := h.FindCollectionByNameOrId("systems")
-	if err != nil {
-		return "", fmt.Errorf("failed to find systems collection: %w", err)
-	}
-	// separate port from address
-	if agentFingerprint.Hostname == "" {
-		agentFingerprint.Hostname = acr.remoteAddr
-	}
-	if agentFingerprint.Port == "" {
-		agentFingerprint.Port = "45876"
-	}
-	// create new record
-	systemRecord := core.NewRecord(systemsCollection)
-	systemRecord.Set("name", agentFingerprint.Hostname)
-	systemRecord.Set("host", acr.remoteAddr)
-	systemRecord.Set("port", agentFingerprint.Port)
-	systemRecord.Set("users", []string{acr.userId})
-
-	return systemRecord.Id, h.Save(systemRecord)
-}
-
-// SetFingerprint updates the fingerprint for a given record ID.
-func (h *Hub) SetFingerprint(fpRecord *ws.FingerprintRecord, fingerprint string) (err error) {
-	// // can't use raw query here because it doesn't trigger SSE
-	var record *core.Record
-	switch fpRecord.Id {
-	case "":
-		// create new record for universal token
-		collection, _ := h.FindCachedCollectionByNameOrId("fingerprints")
-		record = core.NewRecord(collection)
-		record.Set("system", fpRecord.SystemId)
-	default:
-		record, err = h.FindRecordById("fingerprints", fpRecord.Id)
-	}
-	if err != nil {
-		return err
-	}
-	record.Set("token", fpRecord.Token)
-	record.Set("fingerprint", fingerprint)
-	return h.SaveNoValidate(record)
-}
-
-func getTokenMap() *expirymap.ExpiryMap[string] {
-	if tokenMap == nil {
-		tokenMap = expirymap.New[string](time.Hour)
-	}
-	return tokenMap
-}
-
-func checkUniversalToken(acr *agentConnectRequest) (err error) {
-	if tokenMap == nil {
-		tokenMap = expirymap.New[string](time.Hour)
-	}
-	acr.userId, acr.isUniversalToken = tokenMap.GetOk(acr.token)
-	if !acr.isUniversalToken {
-		return errors.New("invalid token")
-	}
-	return nil
-}
-
-// getRealIP attempts to extract the real IP address from the request headers.
-func getRealIP(r *http.Request) string {
-	if ip := r.Header.Get("CF-Connecting-IP"); ip != "" {
-		return ip
-	}
-	if ip := r.Header.Get("X-Forwarded-For"); ip != "" {
-		// X-Forwarded-For can contain a comma-separated list: "client_ip, proxy1, proxy2"
-		// Take the first one
-		ips := strings.Split(ip, ",")
-		if len(ips) > 0 {
-			return strings.TrimSpace(ips[0])
-		}
-	}
-	// Fallback to RemoteAddr
-	ip, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return r.RemoteAddr
-	}
-	return ip
-}

beszel/internal/hub/hub_test.go

@@ -1,258 +0,0 @@
-//go:build testing
-// +build testing
-
-package hub_test
-
-import (
-	"beszel/internal/tests"
-	"testing"
-
-	"crypto/ed25519"
-	"encoding/pem"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-	"golang.org/x/crypto/ssh"
-)
-
-func getTestHub(t testing.TB) *tests.TestHub {
-	hub, _ := tests.NewTestHub(t.TempDir())
-	return hub
-}
-
-func TestMakeLink(t *testing.T) {
-	hub := getTestHub(t)
-
-	tests := []struct {
-		name     string
-		appURL   string
-		parts    []string
-		expected string
-	}{
-		{
-			name:     "no parts, no trailing slash in AppURL",
-			appURL:   "http://localhost:8090",
-			parts:    []string{},
-			expected: "http://localhost:8090",
-		},
-		{
-			name:     "no parts, with trailing slash in AppURL",
-			appURL:   "http://localhost:8090/",
-			parts:    []string{},
-			expected: "http://localhost:8090", // TrimSuffix should handle the trailing slash
-		},
-		{
-			name:     "one part",
-			appURL:   "http://example.com",
-			parts:    []string{"one"},
-			expected: "http://example.com/one",
-		},
-		{
-			name:     "multiple parts",
-			appURL:   "http://example.com",
-			parts:    []string{"alpha", "beta", "gamma"},
-			expected: "http://example.com/alpha/beta/gamma",
-		},
-		{
-			name:     "parts with spaces needing escaping",
-			appURL:   "http://example.com",
-			parts:    []string{"path with spaces", "another part"},
-			expected: "http://example.com/path%20with%20spaces/another%20part",
-		},
-		{
-			name:     "parts with slashes needing escaping",
-			appURL:   "http://example.com",
-			parts:    []string{"a/b", "c"},
-			expected: "http://example.com/a%2Fb/c", // url.PathEscape escapes '/'
-		},
-		{
-			name:     "AppURL with subpath, no trailing slash",
-			appURL:   "http://localhost/sub",
-			parts:    []string{"resource"},
-			expected: "http://localhost/sub/resource",
-		},
-		{
-			name:     "AppURL with subpath, with trailing slash",
-			appURL:   "http://localhost/sub/",
-			parts:    []string{"item"},
-			expected: "http://localhost/sub/item",
-		},
-		{
-			name:     "empty parts in the middle",
-			appURL:   "http://localhost",
-			parts:    []string{"first", "", "third"},
-			expected: "http://localhost/first/third",
-		},
-		{
-			name:     "leading and trailing empty parts",
-			appURL:   "http://localhost",
-			parts:    []string{"", "path", ""},
-			expected: "http://localhost/path",
-		},
-		{
-			name:     "parts with various special characters",
-			appURL:   "https://test.dev/",
-			parts:    []string{"p@th?", "key=value&"},
-			expected: "https://test.dev/p@th%3F/key=value&",
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			// Store original app URL and restore it after the test
-			originalAppURL := hub.Settings().Meta.AppURL
-			hub.Settings().Meta.AppURL = tt.appURL
-			defer func() { hub.Settings().Meta.AppURL = originalAppURL }()
-
-			got := hub.MakeLink(tt.parts...)
-			assert.Equal(t, tt.expected, got, "MakeLink generated URL does not match expected")
-		})
-	}
-}
-
-func TestGetSSHKey(t *testing.T) {
-	hub := getTestHub(t)
-
-	// Test Case 1: Key generation (no existing key)
-	t.Run("KeyGeneration", func(t *testing.T) {
-		tempDir := t.TempDir()
-
-		// Ensure pubKey is initially empty or different to ensure GetSSHKey sets it
-		hub.SetPubkey("")
-
-		signer, err := hub.GetSSHKey(tempDir)
-		assert.NoError(t, err, "GetSSHKey should not error when generating a new key")
-		assert.NotNil(t, signer, "GetSSHKey should return a non-nil signer")
-
-		// Check if private key file was created
-		privateKeyPath := filepath.Join(tempDir, "id_ed25519")
-		info, err := os.Stat(privateKeyPath)
-		assert.NoError(t, err, "Private key file should be created")
-		assert.False(t, info.IsDir(), "Private key path should be a file, not a directory")
-
-		// Check if h.pubKey was set
-		assert.NotEmpty(t, hub.GetPubkey(), "h.pubKey should be set after key generation")
-		assert.True(t, strings.HasPrefix(hub.GetPubkey(), "ssh-ed25519 "), "h.pubKey should start with 'ssh-ed25519 '")
-
-		// Verify the generated private key is parsable
-		keyData, err := os.ReadFile(privateKeyPath)
-		require.NoError(t, err)
-		_, err = ssh.ParsePrivateKey(keyData)
-		assert.NoError(t, err, "Generated private key should be parsable by ssh.ParsePrivateKey")
-	})
-
-	// Test Case 2: Existing key
-	t.Run("ExistingKey", func(t *testing.T) {
-		tempDir := t.TempDir()
-
-		// Manually create a valid key pair for the test
-		rawPubKey, rawPrivKey, err := ed25519.GenerateKey(nil)
-		require.NoError(t, err, "Failed to generate raw ed25519 key pair for pre-existing key test")
-
-		// Marshal the private key into OpenSSH PEM format
-		pemBlock, err := ssh.MarshalPrivateKey(rawPrivKey, "")
-		require.NoError(t, err, "Failed to marshal private key to PEM block for pre-existing key test")
-
-		privateKeyBytes := pem.EncodeToMemory(pemBlock)
-		require.NotNil(t, privateKeyBytes, "PEM encoded private key bytes should not be nil")
-
-		privateKeyPath := filepath.Join(tempDir, "id_ed25519")
-		err = os.WriteFile(privateKeyPath, privateKeyBytes, 0600)
-		require.NoError(t, err, "Failed to write pre-existing private key")
-
-		// Determine the expected public key string
-		sshPubKey, err := ssh.NewPublicKey(rawPubKey)
-		require.NoError(t, err)
-		expectedPubKeyStr := strings.TrimSpace(string(ssh.MarshalAuthorizedKey(sshPubKey)))
-
-		// Reset h.pubKey to ensure it's set by GetSSHKey from the file
-		hub.SetPubkey("")
-
-		signer, err := hub.GetSSHKey(tempDir)
-		assert.NoError(t, err, "GetSSHKey should not error when reading an existing key")
-		assert.NotNil(t, signer, "GetSSHKey should return a non-nil signer for an existing key")
-
-		// Check if h.pubKey was set correctly to the public key from the file
-		assert.Equal(t, expectedPubKeyStr, hub.GetPubkey(), "h.pubKey should match the existing public key")
-
-		// Verify the signer's public key matches the original public key
-		signerPubKey := signer.PublicKey()
-		marshaledSignerPubKey := strings.TrimSpace(string(ssh.MarshalAuthorizedKey(signerPubKey)))
-		assert.Equal(t, expectedPubKeyStr, marshaledSignerPubKey, "Signer's public key should match the existing public key")
-	})
-
-	// Test Case 3: Error cases
-	t.Run("ErrorCases", func(t *testing.T) {
-		tests := []struct {
-			name       string
-			setupFunc  func(dir string) error
-			errorCheck func(t *testing.T, err error)
-		}{
-			{
-				name: "CorruptedKey",
-				setupFunc: func(dir string) error {
-					return os.WriteFile(filepath.Join(dir, "id_ed25519"), []byte("this is not a valid SSH key"), 0600)
-				},
-				errorCheck: func(t *testing.T, err error) {
-					assert.Error(t, err)
-					assert.Contains(t, err.Error(), "ssh: no key found")
-				},
-			},
-			{
-				name: "PermissionDenied",
-				setupFunc: func(dir string) error {
-					// Create the key file
-					keyPath := filepath.Join(dir, "id_ed25519")
-					if err := os.WriteFile(keyPath, []byte("dummy content"), 0600); err != nil {
-						return err
-					}
-					// Make it read-only (can't be opened for writing in case a new key needs to be written)
-					return os.Chmod(keyPath, 0400)
-				},
-				errorCheck: func(t *testing.T, err error) {
-					// On read-only key, the parser will attempt to parse it and fail with "ssh: no key found"
-					assert.Error(t, err)
-				},
-			},
-			{
-				name: "EmptyFile",
-				setupFunc: func(dir string) error {
-					// Create an empty file
-					return os.WriteFile(filepath.Join(dir, "id_ed25519"), []byte{}, 0600)
-				},
-				errorCheck: func(t *testing.T, err error) {
-					assert.Error(t, err)
-					// The error from attempting to parse an empty file
-					assert.Contains(t, err.Error(), "ssh: no key found")
-				},
-			},
-		}
-
-		for _, tc := range tests {
-			t.Run(tc.name, func(t *testing.T) {
-				tempDir := t.TempDir()
-
-				// Setup the test case
-				err := tc.setupFunc(tempDir)
-				require.NoError(t, err, "Setup failed")
-
-				// Reset h.pubKey before each test case
-				hub.SetPubkey("")
-
-				// Attempt to get SSH key
-				_, err = hub.GetSSHKey(tempDir)
-
-				// Verify the error
-				tc.errorCheck(t, err)
-
-				// Check that pubKey was not set in error cases
-				assert.Empty(t, hub.GetPubkey(), "h.pubKey should not be set if there was an error")
-			})
-		}
-	})
-}
-
-// Helper function to create test records

beszel/internal/hub/update.go

@@ -1,57 +0,0 @@
-package hub
-
-import (
-	"beszel"
-	"fmt"
-	"os"
-	"strings"
-
-	"github.com/blang/semver"
-	"github.com/rhysd/go-github-selfupdate/selfupdate"
-	"github.com/spf13/cobra"
-)
-
-// Update updates beszel to the latest version
-func Update(_ *cobra.Command, _ []string) {
-	var latest *selfupdate.Release
-	var found bool
-	var err error
-	currentVersion := semver.MustParse(beszel.Version)
-	fmt.Println("beszel", currentVersion)
-	fmt.Println("Checking for updates...")
-	updater, _ := selfupdate.NewUpdater(selfupdate.Config{
-		Filters: []string{"beszel_"},
-	})
-	latest, found, err = updater.DetectLatest("henrygd/beszel")
-
-	if err != nil {
-		fmt.Println("Error checking for updates:", err)
-		os.Exit(1)
-	}
-
-	if !found {
-		fmt.Println("No updates found")
-		os.Exit(0)
-	}
-
-	fmt.Println("Latest version:", latest.Version)
-
-	if latest.Version.LTE(currentVersion) {
-		fmt.Println("You are up to date")
-		return
-	}
-
-	var binaryPath string
-	fmt.Printf("Updating from %s to %s...\n", currentVersion, latest.Version)
-	binaryPath, err = os.Executable()
-	if err != nil {
-		fmt.Println("Error getting binary path:", err)
-		os.Exit(1)
-	}
-	err = selfupdate.UpdateTo(latest.AssetURL, binaryPath)
-	if err != nil {
-		fmt.Println("Please try rerunning with sudo. Error:", err)
-		os.Exit(1)
-	}
-	fmt.Printf("Successfully updated to %s\n\n%s\n", latest.Version, strings.TrimSpace(latest.ReleaseNotes))
-}

beszel/migrations/initial-settings.go

@@ -1,29 +0,0 @@
-package migrations
-
-import (
-	"github.com/pocketbase/pocketbase/core"
-	m "github.com/pocketbase/pocketbase/migrations"
-)
-
-var (
-	TempAdminEmail = "_@b.b"
-)
-
-func init() {
-	m.Register(func(app core.App) error {
-		// initial settings
-		settings := app.Settings()
-		settings.Meta.AppName = "Beszel"
-		settings.Meta.HideControls = true
-		settings.Logs.MinLevel = 4
-		if err := app.Save(settings); err != nil {
-			return err
-		}
-		// create superuser
-		collection, _ := app.FindCollectionByNameOrId(core.CollectionNameSuperusers)
-		user := core.NewRecord(collection)
-		user.SetEmail(TempAdminEmail)
-		user.SetRandomPassword()
-		return app.Save(user)
-	}, nil)
-}

beszel/site/package.json

@@ -1,73 +0,0 @@
-{
-	"name": "beszel",
-	"private": true,
-	"version": "0.12.0-beta1",
-	"type": "module",
-	"scripts": {
-		"dev": "vite",
-		"build": "lingui extract --overwrite && lingui compile && vite build",
-		"preview": "vite preview",
-		"sync": "lingui extract --overwrite && lingui compile",
-		"sync_and_purge": "lingui extract --overwrite --clean && lingui compile"
-	},
-	"dependencies": {
-		"@henrygd/queue": "^1.0.7",
-		"@henrygd/semaphore": "^0.0.2",
-		"@lingui/detect-locale": "^5.3.2",
-		"@lingui/macro": "^5.3.2",
-		"@lingui/react": "^5.3.2",
-		"@nanostores/react": "^0.7.3",
-		"@nanostores/router": "^0.11.0",
-		"@radix-ui/react-alert-dialog": "^1.1.14",
-		"@radix-ui/react-checkbox": "^1.3.2",
-		"@radix-ui/react-dialog": "^1.1.14",
-		"@radix-ui/react-direction": "^1.1.1",
-		"@radix-ui/react-dropdown-menu": "^2.1.15",
-		"@radix-ui/react-label": "^2.1.7",
-		"@radix-ui/react-select": "^2.2.5",
-		"@radix-ui/react-separator": "^1.1.7",
-		"@radix-ui/react-slider": "^1.3.5",
-		"@radix-ui/react-slot": "^1.2.3",
-		"@radix-ui/react-switch": "^1.2.5",
-		"@radix-ui/react-tabs": "^1.1.12",
-		"@radix-ui/react-toast": "^1.2.14",
-		"@radix-ui/react-tooltip": "^1.2.7",
-		"@tanstack/react-table": "^8.21.3",
-		"class-variance-authority": "^0.7.1",
-		"clsx": "^2.1.1",
-		"cmdk": "^1.1.1",
-		"d3-time": "^3.1.0",
-		"lucide-react": "^0.452.0",
-		"nanostores": "^0.11.4",
-		"pocketbase": "^0.26.0",
-		"react": "^18.3.1",
-		"react-dom": "^18.3.1",
-		"recharts": "^2.15.3",
-		"tailwind-merge": "^2.6.0",
-		"tailwindcss-animate": "^1.0.7",
-		"valibot": "^0.42.1"
-	},
-	"devDependencies": {
-		"@lingui/cli": "^5.3.2",
-		"@lingui/swc-plugin": "^5.5.2",
-		"@lingui/vite-plugin": "^5.3.2",
-		"@types/bun": "^1.2.15",
-		"@types/react": "^18.3.23",
-		"@types/react-dom": "^18.3.7",
-		"@vitejs/plugin-react-swc": "^3.10.1",
-		"autoprefixer": "^10.4.21",
-		"postcss": "^8.5.4",
-		"tailwindcss": "^3.4.17",
-		"tailwindcss-rtl": "^0.9.0",
-		"typescript": "^5.8.3",
-		"vite": "^6.3.5"
-	},
-	"overrides": {
-		"@nanostores/router": {
-			"nanostores": "^0.11.3"
-		}
-	},
-	"optionalDependencies": {
-		"@esbuild/linux-arm64": "^0.21.5"
-	}
-}

beszel/site/postcss.config.js

@@ -1,6 +0,0 @@
-export default {
-	plugins: {
-		tailwindcss: {},
-		autoprefixer: {},
-	},
-}

beszel/site/src/components/alerts/alert-button.tsx

@@ -1,133 +0,0 @@
-import { t } from "@lingui/core/macro"
-import { Trans } from "@lingui/react/macro"
-import { memo, useMemo, useState } from "react"
-import { useStore } from "@nanostores/react"
-import { $alerts } from "@/lib/stores"
-import {
-	Dialog,
-	DialogTrigger,
-	DialogContent,
-	DialogDescription,
-	DialogHeader,
-	DialogTitle,
-} from "@/components/ui/dialog"
-import { BellIcon, GlobeIcon, ServerIcon } from "lucide-react"
-import { alertInfo, cn } from "@/lib/utils"
-import { Button } from "@/components/ui/button"
-import { AlertRecord, SystemRecord } from "@/types"
-import { $router, Link } from "../router"
-import { Tabs, TabsContent, TabsList, TabsTrigger } from "@/components/ui/tabs"
-import { Checkbox } from "../ui/checkbox"
-import { SystemAlert, SystemAlertGlobal } from "./alerts-system"
-import { getPagePath } from "@nanostores/router"
-
-export default memo(function AlertsButton({ system }: { system: SystemRecord }) {
-	const alerts = useStore($alerts)
-	const [opened, setOpened] = useState(false)
-
-	const hasAlert = alerts.some((alert) => alert.system === system.id)
-
-	return useMemo(
-		() => (
-			<Dialog>
-				<DialogTrigger asChild>
-					<Button variant="ghost" size="icon" aria-label={t`Alerts`} data-nolink onClick={() => setOpened(true)}>
-						<BellIcon
-							className={cn("h-[1.2em] w-[1.2em] pointer-events-none", {
-								"fill-primary": hasAlert,
-							})}
-						/>
-					</Button>
-				</DialogTrigger>
-				<DialogContent className="max-h-full overflow-auto max-w-[35rem]">
-					{opened && <AlertDialogContent system={system} />}
-				</DialogContent>
-			</Dialog>
-		),
-		[opened, hasAlert]
-	)
-})
-
-function AlertDialogContent({ system }: { system: SystemRecord }) {
-	const alerts = useStore($alerts)
-	const [overwriteExisting, setOverwriteExisting] = useState<boolean | "indeterminate">(false)
-
-	// alertsSignature changes only when alerts for this system change
-	let alertsSignature = ""
-	const systemAlerts = alerts.filter((alert) => {
-		if (alert.system === system.id) {
-			alertsSignature += alert.name + alert.min + alert.value
-			return true
-		}
-		return false
-	}) as AlertRecord[]
-
-	return useMemo(() => {
-		// console.log("render modal", system.name, alertsSignature)
-		const data = Object.keys(alertInfo).map((name) => {
-			const alert = alertInfo[name as keyof typeof alertInfo]
-			return {
-				name: name as keyof typeof alertInfo,
-				alert,
-				system,
-			}
-		})
-
-		return (
-			<>
-				<DialogHeader>
-					<DialogTitle className="text-xl">
-						<Trans>Alerts</Trans>
-					</DialogTitle>
-					<DialogDescription>
-						<Trans>
-							See{" "}
-							<Link href={getPagePath($router, "settings", { name: "notifications" })} className="link">
-								notification settings
-							</Link>{" "}
-							to configure how you receive alerts.
-						</Trans>
-					</DialogDescription>
-				</DialogHeader>
-				<Tabs defaultValue="system">
-					<TabsList className="mb-1 -mt-0.5">
-						<TabsTrigger value="system">
-							<ServerIcon className="me-2 h-3.5 w-3.5" />
-							{system.name}
-						</TabsTrigger>
-						<TabsTrigger value="global">
-							<GlobeIcon className="me-1.5 h-3.5 w-3.5" />
-							<Trans>All Systems</Trans>
-						</TabsTrigger>
-					</TabsList>
-					<TabsContent value="system">
-						<div className="grid gap-3">
-							{data.map((d) => (
-								<SystemAlert key={d.name} system={system} data={d} systemAlerts={systemAlerts} />
-							))}
-						</div>
-					</TabsContent>
-					<TabsContent value="global">
-						<label
-							htmlFor="ovw"
-							className="mb-3 flex gap-2 items-center justify-center cursor-pointer border rounded-sm py-3 px-4 border-destructive text-destructive font-semibold text-sm"
-						>
-							<Checkbox
-								id="ovw"
-								className="text-destructive border-destructive data-[state=checked]:bg-destructive"
-								checked={overwriteExisting}
-								onCheckedChange={setOverwriteExisting}
-							/>
-							<Trans>Overwrite existing alerts</Trans>
-						</label>
-						<div className="grid gap-3">
-							{data.map((d) => (
-								<SystemAlertGlobal key={d.name} data={d} overwrite={overwriteExisting} />
-							))}
-						</div>
-					</TabsContent>
-				</Tabs>
-			</>
-		)
-	}, [alertsSignature, overwriteExisting])
-}

beszel/site/src/components/alerts/alerts-system.tsx

@@ -1,310 +0,0 @@
-import { t } from "@lingui/core/macro"
-import { Trans, Plural } from "@lingui/react/macro"
-import { $alerts, $systems, pb } from "@/lib/stores"
-import { alertInfo, cn } from "@/lib/utils"
-import { Switch } from "@/components/ui/switch"
-import { AlertInfo, AlertRecord, SystemRecord } from "@/types"
-import { lazy, Suspense, useMemo, useState } from "react"
-import { toast } from "../ui/use-toast"
-import { BatchService } from "pocketbase"
-import { getSemaphore } from "@henrygd/semaphore"
-
-interface AlertData {
-	checked?: boolean
-	val?: number
-	min?: number
-	updateAlert?: (checked: boolean, value: number, min: number) => void
-	name: keyof typeof alertInfo
-	alert: AlertInfo
-	system: SystemRecord
-}
-
-const Slider = lazy(() => import("@/components/ui/slider"))
-
-const failedUpdateToast = () =>
-	toast({
-		title: t`Failed to update alert`,
-		description: t`Please check logs for more details.`,
-		variant: "destructive",
-	})
-
-export function SystemAlert({
-	system,
-	systemAlerts,
-	data,
-}: {
-	system: SystemRecord
-	systemAlerts: AlertRecord[]
-	data: AlertData
-}) {
-	const alert = systemAlerts.find((alert) => alert.name === data.name)
-
-	data.updateAlert = async (checked: boolean, value: number, min: number) => {
-		try {
-			if (alert && !checked) {
-				await pb.collection("alerts").delete(alert.id)
-			} else if (alert && checked) {
-				await pb.collection("alerts").update(alert.id, { value, min, triggered: false })
-			} else if (checked) {
-				pb.collection("alerts").create({
-					system: system.id,
-					user: pb.authStore.record!.id,
-					name: data.name,
-					value: value,
-					min: min,
-				})
-			}
-		} catch (e) {
-			failedUpdateToast()
-		}
-	}
-
-	if (alert) {
-		data.checked = true
-		data.val = alert.value
-		data.min = alert.min || 1
-	}
-
-	return <AlertContent data={data} />
-}
-
-export const SystemAlertGlobal = ({ data, overwrite }: { data: AlertData; overwrite: boolean | "indeterminate" }) => {
-	data.checked = false
-	data.val = data.min = 0
-
-	// set of system ids that have an alert for this name when the component is mounted
-	const existingAlertsSystems = useMemo(() => {
-		const map = new Set<string>()
-		const alerts = $alerts.get()
-		for (const alert of alerts) {
-			if (alert.name === data.name) {
-				map.add(alert.system)
-			}
-		}
-		return map
-	}, [])
-
-	data.updateAlert = async (checked: boolean, value: number, min: number) => {
-		const sem = getSemaphore("alerts")
-		await sem.acquire()
-		try {
-			// if another update is waiting behind, don't start this one
-			if (sem.size() > 1) {
-				return
-			}
-
-			const recordData: Partial<AlertRecord> = {
-				value,
-				min,
-				triggered: false,
-			}
-
-			const batch = batchWrapper("alerts", 25)
-			const systems = $systems.get()
-			const currentAlerts = $alerts.get()
-
-			// map of current alerts with this name right now by system id
-			const currentAlertsSystems = new Map<string, AlertRecord>()
-			for (const alert of currentAlerts) {
-				if (alert.name === data.name) {
-					currentAlertsSystems.set(alert.system, alert)
-				}
-			}
-
-			if (overwrite) {
-				existingAlertsSystems.clear()
-			}
-
-			const processSystem = async (system: SystemRecord): Promise<void> => {
-				const existingAlert = existingAlertsSystems.has(system.id)
-
-				if (!overwrite && existingAlert) {
-					return
-				}
-
-				const currentAlert = currentAlertsSystems.get(system.id)
-
-				// delete existing alert if unchecked
-				if (!checked && currentAlert) {
-					return batch.remove(currentAlert.id)
-				}
-				if (checked && currentAlert) {
-					// update existing alert if checked
-					return batch.update(currentAlert.id, recordData)
-				}
-				if (checked) {
-					// create new alert if checked and not existing
-					return batch.create({
-						system: system.id,
-						user: pb.authStore.record!.id,
-						name: data.name,
-						...recordData,
-					})
-				}
-			}
-
-			// make sure current system is updated in the first batch
-			await processSystem(data.system)
-			for (const system of systems) {
-				if (system.id === data.system.id) {
-					continue
-				}
-				if (sem.size() > 1) {
-					return
-				}
-				await processSystem(system)
-			}
-			await batch.send()
-		} finally {
-			sem.release()
-		}
-	}
-
-	return <AlertContent data={data} />
-}
-
-/**
- * Creates a wrapper for performing batch operations on a specified collection.
- */
-function batchWrapper(collection: string, batchSize: number) {
-	let batch: BatchService | undefined
-	let count = 0
-
-	const create = async <T extends Record<string, any>>(options: T) => {
-		batch ||= pb.createBatch()
-		batch.collection(collection).create(options)
-		if (++count >= batchSize) {
-			await send()
-		}
-	}
-
-	const update = async <T extends Record<string, any>>(id: string, data: T) => {
-		batch ||= pb.createBatch()
-		batch.collection(collection).update(id, data)
-		if (++count >= batchSize) {
-			await send()
-		}
-	}
-
-	const remove = async (id: string) => {
-		batch ||= pb.createBatch()
-		batch.collection(collection).delete(id)
-		if (++count >= batchSize) {
-			await send()
-		}
-	}
-
-	const send = async () => {
-		if (count) {
-			await batch?.send({ requestKey: null })
-			batch = undefined
-			count = 0
-		}
-	}
-
-	return {
-		update,
-		remove,
-		send,
-		create,
-	}
-}
-
-function AlertContent({ data }: { data: AlertData }) {
-	const { name } = data
-
-	const singleDescription = data.alert.singleDesc?.()
-
-	const [checked, setChecked] = useState(data.checked || false)
-	const [min, setMin] = useState(data.min || 10)
-	const [value, setValue] = useState(data.val || (singleDescription ? 0 : 80))
-
-	const Icon = alertInfo[name].icon
-
-	return (
-		<div className="rounded-lg border border-muted-foreground/15 hover:border-muted-foreground/20 transition-colors duration-100 group">
-			<label
-				htmlFor={`s${name}`}
-				className={cn("flex flex-row items-center justify-between gap-4 cursor-pointer p-4", {
-					"pb-0": checked,
-				})}
-			>
-				<div className="grid gap-1 select-none">
-					<p className="font-semibold flex gap-3 items-center">
-						<Icon className="h-4 w-4 opacity-85" /> {data.alert.name()}
-					</p>
-					{!checked && <span className="block text-sm text-muted-foreground">{data.alert.desc()}</span>}
-				</div>
-				<Switch
-					id={`s${name}`}
-					checked={checked}
-					onCheckedChange={(newChecked) => {
-						setChecked(newChecked)
-						data.updateAlert?.(newChecked, value, min)
-					}}
-				/>
-			</label>
-			{checked && (
-				<div className="grid sm:grid-cols-2 mt-1.5 gap-5 px-4 pb-5 tabular-nums text-muted-foreground">
-					<Suspense fallback={<div className="h-10" />}>
-						{!singleDescription && (
-							<div>
-								<p id={`v${name}`} className="text-sm block h-8">
-									<Trans>
-										Average exceeds{" "}
-										<strong className="text-foreground">
-											{value}
-											{data.alert.unit}
-										</strong>
-									</Trans>
-								</p>
-								<div className="flex gap-3">
-									<Slider
-										aria-labelledby={`v${name}`}
-										defaultValue={[value]}
-										onValueCommit={(val) => {
-											data.updateAlert?.(true, val[0], min)
-										}}
-										onValueChange={(val) => {
-											setValue(val[0])
-										}}
-										min={1}
-										max={alertInfo[name].max ?? 99}
-									/>
-								</div>
-							</div>
-						)}
-						<div className={cn(singleDescription && "col-span-full lowercase")}>
-							<p id={`t${name}`} className="text-sm block h-8 first-letter:uppercase">
-								{singleDescription && (
-									<>
-										{singleDescription}
-										{` `}
-									</>
-								)}
-								<Trans>
-									For <strong className="text-foreground">{min}</strong>{" "}
-									<Plural value={min} one="minute" other="minutes" />
-								</Trans>
-							</p>
-							<div className="flex gap-3">
-								<Slider
-									aria-labelledby={`v${name}`}
-									defaultValue={[min]}
-									onValueCommit={(min) => {
-										data.updateAlert?.(true, value, min[0])
-									}}
-									onValueChange={(val) => {
-										setMin(val[0])
-									}}
-									min={1}
-									max={60}
-								/>
-							</div>
-						</div>
-					</Suspense>
-				</div>
-			)}
-		</div>
-	)
-}

beszel/site/src/components/charts/area-chart.tsx

@@ -1,150 +0,0 @@
-import { t } from "@lingui/core/macro"
-
-import { Area, AreaChart, CartesianGrid, YAxis } from "recharts"
-import { ChartContainer, ChartTooltip, ChartTooltipContent, xAxis } from "@/components/ui/chart"
-import {
-	useYAxisWidth,
-	cn,
-	formatShortDate,
-	toFixedWithoutTrailingZeros,
-	decimalString,
-	chartMargin,
-} from "@/lib/utils"
-// import Spinner from '../spinner'
-import { ChartData } from "@/types"
-import { memo, useMemo } from "react"
-import { useLingui } from "@lingui/react/macro"
-
-/** [label, key, color, opacity] */
-type DataKeys = [string, string, number, number]
-
-const getNestedValue = (path: string, max = false, data: any): number | null => {
-	// fallback value (obj?.stats?.cpum ? 0 : null) should only come into play when viewing
-	// a max value which doesn't exist, or the value was zero and omitted from the stats object.
-	// so we check if cpum is present. if so, return 0 to make sure the zero value is displayed.
-	// if not, return null - there is no max data so do not display anything.
-	return `stats.${path}${max ? "m" : ""}`
-		.split(".")
-		.reduce((acc: any, key: string) => acc?.[key] ?? (data.stats?.cpum ? 0 : null), data)
-}
-
-export default memo(function AreaChartDefault({
-	maxToggled = false,
-	unit = " MB/s",
-	chartName,
-	chartData,
-	max,
-	tickFormatter,
-	contentFormatter,
-}: {
-	maxToggled?: boolean
-	unit?: string
-	chartName: string
-	chartData: ChartData
-	max?: number
-	tickFormatter?: (value: number) => string
-	contentFormatter?: (value: number) => string
-}) {
-	const { yAxisWidth, updateYAxisWidth } = useYAxisWidth()
-	const { i18n } = useLingui()
-
-	const { chartTime } = chartData
-
-	const showMax = chartTime !== "1h" && maxToggled
-
-	const dataKeys: DataKeys[] = useMemo(() => {
-		// [label, key, color, opacity]
-		if (chartName === "CPU Usage") {
-			return [[t`CPU Usage`, "cpu", 1, 0.4]]
-		} else if (chartName === "dio") {
-			return [
-				[t({ message: "Write", comment: "Disk write" }), "dw", 3, 0.3],
-				[t({ message: "Read", comment: "Disk read" }), "dr", 1, 0.3],
-			]
-		} else if (chartName === "bw") {
-			return [
-				[t({ message: "Sent", comment: "Network bytes sent (upload)" }), "ns", 5, 0.2],
-				[t({ message: "Received", comment: "Network bytes received (download)" }), "nr", 2, 0.2],
-			]
-		} else if (chartName.startsWith("efs")) {
-			return [
-				[t`Write`, `${chartName}.w`, 3, 0.3],
-				[t`Read`, `${chartName}.r`, 1, 0.3],
-			]
-		} else if (chartName.startsWith("g.")) {
-			return [chartName.includes("mu") ? [t`Used`, chartName, 2, 0.25] : [t`Usage`, chartName, 1, 0.4]]
-		}
-		return []
-	}, [chartName, i18n.locale])
-
-	// console.log('Rendered at', new Date())
-
-	if (chartData.systemStats.length === 0) {
-		return null
-	}
-
-	return (
-		<div>
-			<ChartContainer
-				className={cn("h-full w-full absolute aspect-auto bg-card opacity-0 transition-opacity", {
-					"opacity-100": yAxisWidth,
-				})}
-			>
-				<AreaChart accessibilityLayer data={chartData.systemStats} margin={chartMargin}>
-					<CartesianGrid vertical={false} />
-					<YAxis
-						direction="ltr"
-						orientation={chartData.orientation}
-						className="tracking-tighter"
-						width={yAxisWidth}
-						domain={[0, max ?? "auto"]}
-						tickFormatter={(value) => {
-							let val: string
-							if (tickFormatter) {
-								val = tickFormatter(value)
-							} else {
-								val = toFixedWithoutTrailingZeros(value, 2) + unit
-							}
-							return updateYAxisWidth(val)
-						}}
-						tickLine={false}
-						axisLine={false}
-					/>
-					{xAxis(chartData)}
-					<ChartTooltip
-						animationEasing="ease-out"
-						animationDuration={150}
-						content={
-							<ChartTooltipContent
-								labelFormatter={(_, data) => formatShortDate(data[0].payload.created)}
-								contentFormatter={({ value }) => {
-									if (contentFormatter) {
-										return contentFormatter(value)
-									}
-									return decimalString(value) + unit
-								}}
-								// indicator="line"
-							/>
-						}
-					/>
-					{dataKeys.map((key, i) => {
-						const color = `hsl(var(--chart-${key[2]}))`
-						return (
-							<Area
-								key={i}
-								dataKey={getNestedValue.bind(null, key[1], showMax)}
-								name={key[0]}
-								type="monotoneX"
-								fill={color}
-								fillOpacity={key[3]}
-								stroke={color}
-								isAnimationActive={false}
-							/>
-						)
-					})}
-					{/* <ChartLegend content={<ChartLegendContent />} /> */}
-				</AreaChart>
-			</ChartContainer>
-		</div>
-	)
-})

beszel/site/src/components/mode-toggle.tsx

@@ -1,56 +0,0 @@
-import { Trans } from "@lingui/react/macro";
-import { t } from "@lingui/core/macro";
-import { LaptopIcon, MoonStarIcon, SunIcon } from "lucide-react"
-
-import { Button } from "@/components/ui/button"
-import { DropdownMenu, DropdownMenuContent, DropdownMenuItem, DropdownMenuTrigger } from "@/components/ui/dropdown-menu"
-import { useTheme } from "@/components/theme-provider"
-import { cn } from "@/lib/utils"
-
-export function ModeToggle() {
-	const { theme, setTheme } = useTheme()
-
-	const options = [
-		{
-			theme: "light",
-			Icon: SunIcon,
-			label: <Trans comment="Light theme">Light</Trans>,
-		},
-		{
-			theme: "dark",
-			Icon: MoonStarIcon,
-			label: <Trans comment="Dark theme">Dark</Trans>,
-		},
-		{
-			theme: "system",
-			Icon: LaptopIcon,
-			label: <Trans comment="System theme">System</Trans>,
-		},
-	]
-
-	return (
-		<DropdownMenu>
-			<DropdownMenuTrigger asChild>
-				<Button variant={"ghost"} size="icon" aria-label={t`Toggle theme`}>
-					<SunIcon className="h-[1.2rem] w-[1.2rem] dark:opacity-0" />
-					<MoonStarIcon className="absolute h-[1.2rem] w-[1.2rem] opacity-0 dark:opacity-100" />
-				</Button>
-			</DropdownMenuTrigger>
-			<DropdownMenuContent>
-				{options.map((opt) => {
-					const selected = opt.theme === theme
-					return (
-						<DropdownMenuItem
-							key={opt.theme}
-							className={cn("px-2.5", selected ? "font-semibold" : "")}
-							onClick={() => setTheme(opt.theme as "dark" | "light" | "system")}
-						>
-							<opt.Icon className={cn("me-2 h-4 w-4 opacity-80", selected && "opacity-100")} />
-							{opt.label}
-						</DropdownMenuItem>
-					)
-				})}
-			</DropdownMenuContent>
-		</DropdownMenu>
-	)
-}

beszel/site/src/components/routes/home.tsx

@@ -1,131 +0,0 @@
-import { Suspense, lazy, memo, useEffect, useMemo } from "react"
-import { Card, CardContent, CardHeader, CardTitle } from "../ui/card"
-import { $alerts, $systems, pb } from "@/lib/stores"
-import { useStore } from "@nanostores/react"
-import { GithubIcon } from "lucide-react"
-import { Separator } from "../ui/separator"
-import { alertInfo, updateRecordList, updateSystemList } from "@/lib/utils"
-import { AlertRecord, SystemRecord } from "@/types"
-import { Alert, AlertDescription, AlertTitle } from "@/components/ui/alert"
-import { $router, Link } from "../router"
-import { Plural, Trans, useLingui } from "@lingui/react/macro"
-import { getPagePath } from "@nanostores/router"
-
-const SystemsTable = lazy(() => import("../systems-table/systems-table"))
-
-export const Home = memo(() => {
-	const alerts = useStore($alerts)
-	const systems = useStore($systems)
-	const { t } = useLingui()
-
-	let alertsKey = ""
-	const activeAlerts = useMemo(() => {
-		const activeAlerts = alerts.filter((alert) => {
-			const active = alert.triggered && alert.name in alertInfo
-			if (!active) {
-				return false
-			}
-			alert.sysname = systems.find((system) => system.id === alert.system)?.name
-			alertsKey += alert.id
-			return true
-		})
-		return activeAlerts
-	}, [systems, alerts])
-
-	useEffect(() => {
-		document.title = t`Dashboard` + " / Beszel"
-	}, [t])
-
-	useEffect(() => {
-		// make sure we have the latest list of systems
-		updateSystemList()
-
-		// subscribe to real time updates for systems / alerts
-		pb.collection<SystemRecord>("systems").subscribe("*", (e) => {
-			updateRecordList(e, $systems)
-		})
-		pb.collection<AlertRecord>("alerts").subscribe("*", (e) => {
-			updateRecordList(e, $alerts)
-		})
-		return () => {
-			pb.collection("systems").unsubscribe("*")
-			// pb.collection('alerts').unsubscribe('*')
-		}
-	}, [])
-
-	return useMemo(
-		() => (
-			<>
-				{/* show active alerts */}
-				{activeAlerts.length > 0 && <ActiveAlerts key={activeAlerts.length} activeAlerts={activeAlerts} />}
-				<Suspense>
-					<SystemsTable />
-				</Suspense>
-
-				<div className="flex gap-1.5 justify-end items-center pe-3 sm:pe-6 mt-3.5 text-xs opacity-80">
-					<a
-						href="https://github.com/henrygd/beszel"
-						target="_blank"
-						className="flex items-center gap-0.5 text-muted-foreground hover:text-foreground duration-75"
-					>
-						<GithubIcon className="h-3 w-3" /> GitHub
-					</a>
-					<Separator orientation="vertical" className="h-2.5 bg-muted-foreground opacity-70" />
-					<a
-						href="https://github.com/henrygd/beszel/releases"
-						target="_blank"
-						className="text-muted-foreground hover:text-foreground duration-75"
-					>
-						Beszel {globalThis.BESZEL.HUB_VERSION}
-					</a>
-				</div>
-			</>
-		),
-		[alertsKey]
-	)
-})
-
-const ActiveAlerts = memo(({ activeAlerts }: { activeAlerts: AlertRecord[] }) => {
-	return (
-		<Card className="mb-4">
-			<CardHeader className="pb-4 px-2 sm:px-6 max-sm:pt-5 max-sm:pb-1">
-				<div className="px-2 sm:px-1">
-					<CardTitle>
-						<Trans>Active Alerts</Trans>
-					</CardTitle>
-				</div>
-			</CardHeader>
-			<CardContent className="max-sm:p-2">
-				{activeAlerts.length > 0 && (
-					<div className="grid sm:grid-cols-2 lg:grid-cols-3 2xl:grid-cols-4 gap-3">
-						{activeAlerts.map((alert) => {
-							const info = alertInfo[alert.name as keyof typeof alertInfo]
-							return (
-								<Alert
-									key={alert.id}
-									className="hover:-translate-y-[1px] duration-200 bg-transparent border-foreground/10  hover:shadow-md shadow-black"
-								>
-									<info.icon className="h-4 w-4" />
-									<AlertTitle>
-										{alert.sysname} {info.name().toLowerCase().replace("cpu", "CPU")}
-									</AlertTitle>
-									<AlertDescription>
-										<Trans>
-											Exceeds {alert.value}
-											{info.unit} in last <Plural value={alert.min} one="# minute" other="# minutes" />
-										</Trans>
-									</AlertDescription>
-									<Link
-										href={getPagePath($router, "system", { name: alert.sysname! })}
-										className="absolute inset-0 w-full h-full"
-										aria-label="View system"
-									></Link>
-								</Alert>
-							)
-						})}
-					</div>
-				)}
-			</CardContent>
-		</Card>
-	)
-})

beszel/site/src/components/routes/settings/general.tsx

@@ -1,111 +0,0 @@
-import { Trans } from "@lingui/react/macro"
-import { Button } from "@/components/ui/button"
-import { Label } from "@/components/ui/label"
-import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from "@/components/ui/select"
-import { chartTimeData } from "@/lib/utils"
-import { Separator } from "@/components/ui/separator"
-import { LanguagesIcon, LoaderCircleIcon, SaveIcon } from "lucide-react"
-import { UserSettings } from "@/types"
-import { saveSettings } from "./layout"
-import { useState } from "react"
-import languages from "@/lib/languages"
-import { dynamicActivate } from "@/lib/i18n"
-import { useLingui } from "@lingui/react/macro"
-// import { setLang } from "@/lib/i18n"
-
-export default function SettingsProfilePage({ userSettings }: { userSettings: UserSettings }) {
-	const [isLoading, setIsLoading] = useState(false)
-	const { i18n } = useLingui()
-
-	async function handleSubmit(e: React.FormEvent<HTMLFormElement>) {
-		e.preventDefault()
-		setIsLoading(true)
-		const formData = new FormData(e.target as HTMLFormElement)
-		const data = Object.fromEntries(formData) as Partial<UserSettings>
-		await saveSettings(data)
-		setIsLoading(false)
-	}
-
-	return (
-		<div>
-			<div>
-				<h3 className="text-xl font-medium mb-2">
-					<Trans>General</Trans>
-				</h3>
-				<p className="text-sm text-muted-foreground leading-relaxed">
-					<Trans>Change general application options.</Trans>
-				</p>
-			</div>
-			<Separator className="my-4" />
-			<form onSubmit={handleSubmit} className="space-y-5">
-				<div className="space-y-2">
-					<div className="mb-4">
-						<h3 className="mb-1 text-lg font-medium flex items-center gap-2">
-							<LanguagesIcon className="h-4 w-4" />
-							<Trans>Language</Trans>
-						</h3>
-						<p className="text-sm text-muted-foreground leading-relaxed">
-							<Trans>
-								Want to help improve our translations? Check{" "}
-								<a href="https://crowdin.com/project/beszel" className="link" target="_blank" rel="noopener noreferrer">
-									Crowdin
-								</a>{" "}
-								for details.
-							</Trans>
-						</p>
-					</div>
-					<Label className="block" htmlFor="lang">
-						<Trans>Preferred Language</Trans>
-					</Label>
-					<Select value={i18n.locale} onValueChange={(lang: string) => dynamicActivate(lang)}>
-						<SelectTrigger id="lang">
-							<SelectValue />
-						</SelectTrigger>
-						<SelectContent>
-							{languages.map((lang) => (
-								<SelectItem key={lang.lang} value={lang.lang}>
-									<span className="me-2.5">{lang.e}</span>
-									{lang.label}
-								</SelectItem>
-							))}
-						</SelectContent>
-					</Select>
-				</div>
-				<Separator />
-				<div className="space-y-2">
-					<div className="mb-4">
-						<h3 className="mb-1 text-lg font-medium">
-							<Trans>Chart options</Trans>
-						</h3>
-						<p className="text-sm text-muted-foreground leading-relaxed">
-							<Trans>Adjust display options for charts.</Trans>
-						</p>
-					</div>
-					<Label className="block" htmlFor="chartTime">
-						<Trans>Default time period</Trans>
-					</Label>
-					<Select name="chartTime" key={userSettings.chartTime} defaultValue={userSettings.chartTime}>
-						<SelectTrigger id="chartTime">
-							<SelectValue />
-						</SelectTrigger>
-						<SelectContent>
-							{Object.entries(chartTimeData).map(([value, { label }]) => (
-								<SelectItem key={value} value={value}>
-									{label()}
-								</SelectItem>
-							))}
-						</SelectContent>
-					</Select>
-					<p className="text-[0.8rem] text-muted-foreground">
-						<Trans>Sets the default time range for charts when a system is viewed.</Trans>
-					</p>
-				</div>
-				<Separator />
-				<Button type="submit" className="flex items-center gap-1.5 disabled:opacity-100" disabled={isLoading}>
-					{isLoading ? <LoaderCircleIcon className="h-4 w-4 animate-spin" /> : <SaveIcon className="h-4 w-4" />}
-					<Trans>Save Settings</Trans>
-				</Button>
-			</form>
-		</div>
-	)
-}

beszel/site/src/components/systems-table/systems-table.tsx

@@ -1,736 +0,0 @@
-import {
-	CellContext,
-	ColumnDef,
-	ColumnFiltersState,
-	getFilteredRowModel,
-	SortingState,
-	getSortedRowModel,
-	flexRender,
-	VisibilityState,
-	getCoreRowModel,
-	useReactTable,
-	HeaderContext,
-	Row,
-	Table as TableType,
-} from "@tanstack/react-table"
-
-import { Table, TableBody, TableCell, TableHead, TableHeader, TableRow } from "@/components/ui/table"
-
-import { Button, buttonVariants } from "@/components/ui/button"
-
-import {
-	DropdownMenu,
-	DropdownMenuCheckboxItem,
-	DropdownMenuContent,
-	DropdownMenuItem,
-	DropdownMenuLabel,
-	DropdownMenuRadioGroup,
-	DropdownMenuRadioItem,
-	DropdownMenuSeparator,
-	DropdownMenuTrigger,
-} from "@/components/ui/dropdown-menu"
-
-import {
-	AlertDialog,
-	AlertDialogAction,
-	AlertDialogCancel,
-	AlertDialogContent,
-	AlertDialogDescription,
-	AlertDialogFooter,
-	AlertDialogHeader,
-	AlertDialogTitle,
-} from "@/components/ui/alert-dialog"
-
-import { SystemRecord } from "@/types"
-import {
-	MoreHorizontalIcon,
-	ArrowUpDownIcon,
-	MemoryStickIcon,
-	CopyIcon,
-	PauseCircleIcon,
-	PlayCircleIcon,
-	Trash2Icon,
-	WifiIcon,
-	HardDriveIcon,
-	ServerIcon,
-	CpuIcon,
-	LayoutGridIcon,
-	LayoutListIcon,
-	ArrowDownIcon,
-	ArrowUpIcon,
-	Settings2Icon,
-	EyeIcon,
-	PenBoxIcon,
-} from "lucide-react"
-import { memo, useEffect, useMemo, useRef, useState } from "react"
-import { $systems, pb } from "@/lib/stores"
-import { useStore } from "@nanostores/react"
-import { cn, copyToClipboard, decimalString, isReadOnlyUser, useLocalStorage } from "@/lib/utils"
-import AlertsButton from "../alerts/alert-button"
-import { $router, Link, navigate } from "../router"
-import { EthernetIcon, GpuIcon, ThermometerIcon } from "../ui/icons"
-import { useLingui, Trans } from "@lingui/react/macro"
-import { Card, CardContent, CardDescription, CardHeader, CardTitle } from "../ui/card"
-import { Input } from "../ui/input"
-import { ClassValue } from "clsx"
-import { getPagePath } from "@nanostores/router"
-import { SystemDialog } from "../add-system"
-import { Dialog } from "../ui/dialog"
-
-type ViewMode = "table" | "grid"
-
-function CellFormatter(info: CellContext<SystemRecord, unknown>) {
-	const val = (info.getValue() as number) || 0
-	return (
-		<div className="flex gap-2 items-center tabular-nums tracking-tight">
-			<span className="min-w-[3.3em]">{decimalString(val, 1)}%</span>
-			<span className="grow min-w-10 block bg-muted h-[1em] relative rounded-sm overflow-hidden">
-				<span
-					className={cn(
-						"absolute inset-0 w-full h-full origin-left",
-						(info.row.original.status !== "up" && "bg-primary/30") ||
-							(val < 65 && "bg-green-500") ||
-							(val < 90 && "bg-yellow-500") ||
-							"bg-red-600"
-					)}
-					style={{
-						transform: `scalex(${val / 100})`,
-					}}
-				></span>
-			</span>
-		</div>
-	)
-}
-
-function sortableHeader(context: HeaderContext<SystemRecord, unknown>) {
-	const { column } = context
-	// @ts-ignore
-	const { Icon, hideSort, name }: { Icon: React.ElementType; name: () => string; hideSort: boolean } = column.columnDef
-	return (
-		<Button
-			variant="ghost"
-			className="h-9 px-3 flex"
-			onClick={() => column.toggleSorting(column.getIsSorted() === "asc")}
-		>
-			{Icon && <Icon className="me-2 size-4" />}
-			{name()}
-			{hideSort || <ArrowUpDownIcon className="ms-2 size-4" />}
-		</Button>
-	)
-}
-
-export default function SystemsTable() {
-	const data = useStore($systems)
-	const { i18n, t } = useLingui()
-	const [filter, setFilter] = useState<string>()
-	const [sorting, setSorting] = useState<SortingState>([{ id: "system", desc: false }])
-	const [columnFilters, setColumnFilters] = useState<ColumnFiltersState>([])
-	const [columnVisibility, setColumnVisibility] = useLocalStorage<VisibilityState>("cols", {})
-	const [viewMode, setViewMode] = useLocalStorage<ViewMode>("viewMode", window.innerWidth > 1024 ? "table" : "grid")
-
-	const locale = i18n.locale
-
-	useEffect(() => {
-		if (filter !== undefined) {
-			table.getColumn("system")?.setFilterValue(filter)
-		}
-	}, [filter])
-
-	const columnDefs = useMemo(() => {
-		const statusTranslations = {
-			up: () => t`Up`.toLowerCase(),
-			down: () => t`Down`.toLowerCase(),
-			paused: () => t`Paused`.toLowerCase(),
-		}
-		return [
-			{
-				// size: 200,
-				size: 200,
-				minSize: 0,
-				accessorKey: "name",
-				id: "system",
-				name: () => t`System`,
-				filterFn: (row, _, filterVal) => {
-					const filterLower = filterVal.toLowerCase()
-					const { name, status } = row.original
-					// Check if the filter matches the name or status for this row
-					if (
-						name.toLowerCase().includes(filterLower) ||
-						statusTranslations[status as keyof typeof statusTranslations]?.().includes(filterLower)
-					) {
-						return true
-					}
-					return false
-				},
-				enableHiding: false,
-				Icon: ServerIcon,
-				cell: (info) => (
-					<span className="flex gap-0.5 items-center text-base md:pe-5">
-						<IndicatorDot system={info.row.original} />
-						<Button
-							data-nolink
-							variant={"ghost"}
-							className="text-primary/90 h-7 px-1.5 gap-1.5"
-							onClick={() => copyToClipboard(info.getValue() as string)}
-						>
-							{info.getValue() as string}
-							<CopyIcon className="h-2.5 w-2.5" />
-						</Button>
-					</span>
-				),
-				header: sortableHeader,
-			},
-			{
-				accessorKey: "info.cpu",
-				id: "cpu",
-				name: () => t`CPU`,
-				invertSorting: true,
-				cell: CellFormatter,
-				Icon: CpuIcon,
-				header: sortableHeader,
-			},
-			{
-				accessorKey: "info.mp",
-				id: "memory",
-				name: () => t`Memory`,
-				invertSorting: true,
-				cell: CellFormatter,
-				Icon: MemoryStickIcon,
-				header: sortableHeader,
-			},
-			{
-				accessorKey: "info.dp",
-				id: "disk",
-				name: () => t`Disk`,
-				invertSorting: true,
-				cell: CellFormatter,
-				Icon: HardDriveIcon,
-				header: sortableHeader,
-			},
-			{
-				accessorFn: (originalRow) => originalRow.info.g,
-				id: "gpu",
-				name: () => "GPU",
-				invertSorting: true,
-				sortUndefined: -1,
-				cell: CellFormatter,
-				Icon: GpuIcon,
-				header: sortableHeader,
-			},
-			{
-				accessorFn: (originalRow) => originalRow.info.b || 0,
-				id: "net",
-				name: () => t`Net`,
-				invertSorting: true,
-				size: 50,
-				Icon: EthernetIcon,
-				header: sortableHeader,
-				cell(info) {
-					const val = info.getValue() as number
-					return (
-						<span
-							className={cn("tabular-nums whitespace-nowrap", {
-								"ps-1": viewMode === "table",
-							})}
-						>
-							{decimalString(val, val >= 100 ? 1 : 2)} MB/s
-						</span>
-					)
-				},
-			},
-			{
-				accessorFn: (originalRow) => originalRow.info.dt,
-				id: "temp",
-				name: () => t({ message: "Temp", comment: "Temperature label in systems table" }),
-				invertSorting: true,
-				sortUndefined: -1,
-				size: 50,
-				hideSort: true,
-				Icon: ThermometerIcon,
-				header: sortableHeader,
-				cell(info) {
-					const val = info.getValue() as number
-					if (!val) {
-						return null
-					}
-					return (
-						<span
-							className={cn("tabular-nums whitespace-nowrap", {
-								"ps-1.5": viewMode === "table",
-							})}
-						>
-							{decimalString(val)} °C
-						</span>
-					)
-				},
-			},
-			{
-				accessorKey: "info.v",
-				id: "agent",
-				name: () => t`Agent`,
-				invertSorting: true,
-				size: 50,
-				Icon: WifiIcon,
-				hideSort: true,
-				header: sortableHeader,
-				cell(info) {
-					const version = info.getValue() as string
-					if (!version) {
-						return null
-					}
-					const system = info.row.original
-					return (
-						<span
-							className={cn("flex gap-2 items-center md:pe-5 tabular-nums", {
-								"ps-1": viewMode === "table",
-							})}
-						>
-							<IndicatorDot
-								system={system}
-								className={
-									(system.status !== "up" && "bg-primary/30") ||
-									(version === globalThis.BESZEL.HUB_VERSION && "bg-green-500") ||
-									"bg-yellow-500"
-								}
-							/>
-							<span className="truncate max-w-14">{info.getValue() as string}</span>
-						</span>
-					)
-				},
-			},
-			{
-				id: "actions",
-				// @ts-ignore
-				name: () => t({ message: "Actions", comment: "Table column" }),
-				size: 50,
-				cell: ({ row }) => (
-					<div className="flex justify-end items-center gap-1">
-						<AlertsButton system={row.original} />
-						<ActionsButton system={row.original} />
-					</div>
-				),
-			},
-		] as ColumnDef<SystemRecord>[]
-	}, [])
-
-	const table = useReactTable({
-		data,
-		columns: columnDefs,
-		getCoreRowModel: getCoreRowModel(),
-		onSortingChange: setSorting,
-		getSortedRowModel: getSortedRowModel(),
-		onColumnFiltersChange: setColumnFilters,
-		getFilteredRowModel: getFilteredRowModel(),
-		onColumnVisibilityChange: setColumnVisibility,
-		state: {
-			sorting,
-			columnFilters,
-			columnVisibility,
-		},
-		defaultColumn: {
-			minSize: 0,
-			size: 900,
-			maxSize: 900,
-		},
-	})
-
-	const rows = table.getRowModel().rows
-	const columns = table.getAllColumns()
-	const visibleColumns = table.getVisibleLeafColumns()
-	// TODO: hiding temp then gpu messes up table headers
-	const CardHead = useMemo(() => {
-		return (
-			<CardHeader className="pb-5 px-2 sm:px-6 max-sm:pt-5 max-sm:pb-1">
-				<div className="grid md:flex gap-5 w-full items-end">
-					<div className="px-2 sm:px-1">
-						<CardTitle className="mb-2.5">
-							<Trans>All Systems</Trans>
-						</CardTitle>
-						<CardDescription>
-							<Trans>Updated in real time. Click on a system to view information.</Trans>
-						</CardDescription>
-					</div>
-					<div className="flex gap-2 ms-auto w-full md:w-80">
-						<Input placeholder={t`Filter...`} onChange={(e) => setFilter(e.target.value)} className="px-4" />
-						<DropdownMenu>
-							<DropdownMenuTrigger asChild>
-								<Button variant="outline">
-									<Settings2Icon className="me-1.5 size-4 opacity-80" />
-									<Trans>View</Trans>
-								</Button>
-							</DropdownMenuTrigger>
-							<DropdownMenuContent align="end" className="h-72 md:h-auto min-w-48 md:min-w-auto overflow-y-auto">
-								<div className="grid grid-cols-1 md:grid-cols-3 divide-y md:divide-s md:divide-y-0">
-									<div>
-										<DropdownMenuLabel className="pt-2 px-3.5 flex items-center gap-2">
-											<LayoutGridIcon className="size-4" />
-											<Trans>Layout</Trans>
-										</DropdownMenuLabel>
-										<DropdownMenuSeparator />
-										<DropdownMenuRadioGroup
-											className="px-1 pb-1"
-											value={viewMode}
-											onValueChange={(view) => setViewMode(view as ViewMode)}
-										>
-											<DropdownMenuRadioItem value="table" onSelect={(e) => e.preventDefault()} className="gap-2">
-												<LayoutListIcon className="size-4" />
-												<Trans>Table</Trans>
-											</DropdownMenuRadioItem>
-											<DropdownMenuRadioItem value="grid" onSelect={(e) => e.preventDefault()} className="gap-2">
-												<LayoutGridIcon className="size-4" />
-												<Trans>Grid</Trans>
-											</DropdownMenuRadioItem>
-										</DropdownMenuRadioGroup>
-									</div>
-
-									<div>
-										<DropdownMenuLabel className="pt-2 px-3.5 flex items-center gap-2">
-											<ArrowUpDownIcon className="size-4" />
-											<Trans>Sort By</Trans>
-										</DropdownMenuLabel>
-										<DropdownMenuSeparator />
-										<div className="px-1 pb-1">
-											{columns.map((column) => {
-												if (!column.getCanSort()) return null
-												let Icon = <span className="w-6"></span>
-												// if current sort column, show sort direction
-												if (sorting[0]?.id === column.id) {
-													if (sorting[0]?.desc) {
-														Icon = <ArrowUpIcon className="me-2 size-4" />
-													} else {
-														Icon = <ArrowDownIcon className="me-2 size-4" />
-													}
-												}
-												return (
-													<DropdownMenuItem
-														onSelect={(e) => {
-															e.preventDefault()
-															setSorting([{ id: column.id, desc: sorting[0]?.id === column.id && !sorting[0]?.desc }])
-														}}
-														key={column.id}
-													>
-														{Icon}
-														{/* @ts-ignore */}
-														{column.columnDef.name()}
-													</DropdownMenuItem>
-												)
-											})}
-										</div>
-									</div>
-
-									<div>
-										<DropdownMenuLabel className="pt-2 px-3.5 flex items-center gap-2">
-											<EyeIcon className="size-4" />
-											<Trans>Visible Fields</Trans>
-										</DropdownMenuLabel>
-										<DropdownMenuSeparator />
-										<div className="px-1.5 pb-1">
-											{columns
-												.filter((column) => column.getCanHide())
-												.map((column) => {
-													return (
-														<DropdownMenuCheckboxItem
-															key={column.id}
-															onSelect={(e) => e.preventDefault()}
-															checked={column.getIsVisible()}
-															onCheckedChange={(value) => column.toggleVisibility(!!value)}
-														>
-															{/* @ts-ignore */}
-															{column.columnDef.name()}
-														</DropdownMenuCheckboxItem>
-													)
-												})}
-										</div>
-									</div>
-								</div>
-							</DropdownMenuContent>
-						</DropdownMenu>
-					</div>
-				</div>
-			</CardHeader>
-		)
-	}, [visibleColumns.length, sorting, viewMode, locale])
-
-	return (
-		<Card>
-			{CardHead}
-			<div className="p-6 pt-0 max-sm:py-3 max-sm:px-2">
-				{viewMode === "table" ? (
-					// table layout
-					<div className="rounded-md border overflow-hidden">
-						<AllSystemsTable table={table} rows={rows} colLength={visibleColumns.length} />
-					</div>
-				) : (
-					// grid layout
-					<div className="grid gap-4 grid-cols-1 sm:grid-cols-2 lg:grid-cols-3">
-						{rows?.length ? (
-							rows.map((row) => {
-								return <SystemCard key={row.original.id} row={row} table={table} colLength={visibleColumns.length} />
-							})
-						) : (
-							<div className="col-span-full text-center py-8">
-								<Trans>No systems found.</Trans>
-							</div>
-						)}
-					</div>
-				)}
-			</div>
-		</Card>
-	)
-}
-
-const AllSystemsTable = memo(
-	({ table, rows, colLength }: { table: TableType<SystemRecord>; rows: Row<SystemRecord>[]; colLength: number }) => {
-		return (
-			<Table>
-				<SystemsTableHead table={table} colLength={colLength} />
-				<TableBody>
-					{rows.length ? (
-						rows.map((row) => (
-							<SystemTableRow key={row.original.id} row={row} length={rows.length} colLength={colLength} />
-						))
-					) : (
-						<TableRow>
-							<TableCell colSpan={colLength} className="h-24 text-center">
-								<Trans>No systems found.</Trans>
-							</TableCell>
-						</TableRow>
-					)}
-				</TableBody>
-			</Table>
-		)
-	}
-)
-
-function SystemsTableHead({ table, colLength }: { table: TableType<SystemRecord>; colLength: number }) {
-	const { i18n } = useLingui()
-	return useMemo(() => {
-		return (
-			<TableHeader>
-				{table.getHeaderGroups().map((headerGroup) => (
-					<TableRow key={headerGroup.id}>
-						{headerGroup.headers.map((header) => {
-							return (
-								<TableHead className="px-2" key={header.id}>
-									{flexRender(header.column.columnDef.header, header.getContext())}
-								</TableHead>
-							)
-						})}
-					</TableRow>
-				))}
-			</TableHeader>
-		)
-	}, [i18n.locale, colLength])
-}
-
-const SystemTableRow = memo(
-	({ row, length, colLength }: { row: Row<SystemRecord>; length: number; colLength: number }) => {
-		const system = row.original
-		const { t } = useLingui()
-		return useMemo(() => {
-			return (
-				<TableRow
-					// data-state={row.getIsSelected() && "selected"}
-					className={cn("cursor-pointer transition-opacity", {
-						"opacity-50": system.status === "paused",
-					})}
-					onClick={(e) => {
-						const target = e.target as HTMLElement
-						if (!target.closest("[data-nolink]") && e.currentTarget.contains(target)) {
-							navigate(getPagePath($router, "system", { name: system.name }))
-						}
-					}}
-				>
-					{row.getVisibleCells().map((cell) => (
-						<TableCell
-							key={cell.id}
-							style={{
-								width: cell.column.getSize(),
-							}}
-							className={cn("overflow-hidden relative", length > 10 ? "py-2" : "py-2.5")}
-						>
-							{flexRender(cell.column.columnDef.cell, cell.getContext())}
-						</TableCell>
-					))}
-				</TableRow>
-			)
-		}, [system, system.status, colLength, t])
-	}
-)
-
-const SystemCard = memo(
-	({ row, table, colLength }: { row: Row<SystemRecord>; table: TableType<SystemRecord>; colLength: number }) => {
-		const system = row.original
-		const { t } = useLingui()
-
-		return useMemo(() => {
-			return (
-				<Card
-					key={system.id}
-					className={cn(
-						"cursor-pointer hover:shadow-md transition-all bg-transparent w-full dark:border-border duration-200 relative",
-						{
-							"opacity-50": system.status === "paused",
-						}
-					)}
-				>
-					<CardHeader className="py-1 ps-5 pe-3 bg-muted/30 border-b border-border/60">
-						<div className="flex items-center justify-between gap-2">
-							<CardTitle className="text-base tracking-normal shrink-1 text-primary/90 flex items-center min-h-10 gap-2.5 min-w-0">
-								<div className="flex items-center gap-2.5 min-w-0">
-									<IndicatorDot system={system} />
-									<CardTitle className="text-[.95em]/normal tracking-normal truncate text-primary/90">
-										{system.name}
-									</CardTitle>
-								</div>
-							</CardTitle>
-							{table.getColumn("actions")?.getIsVisible() && (
-								<div className="flex gap-1 flex-shrink-0 relative z-10">
-									<AlertsButton system={system} />
-									<ActionsButton system={system} />
-								</div>
-							)}
-						</div>
-					</CardHeader>
-					<CardContent className="space-y-2.5 text-sm px-5 pt-3.5 pb-4">
-						{table.getAllColumns().map((column) => {
-							if (!column.getIsVisible() || column.id === "system" || column.id === "actions") return null
-							const cell = row.getAllCells().find((cell) => cell.column.id === column.id)
-							if (!cell) return null
-							// @ts-ignore
-							const { Icon, name } = column.columnDef as ColumnDef<SystemRecord, unknown>
-							return (
-								<div key={column.id} className="flex items-center gap-3">
-									{Icon && <Icon className="size-4 text-muted-foreground" />}
-									<div className="flex items-center gap-3 flex-1">
-										<span className="text-muted-foreground min-w-16">{name()}:</span>
-										<div className="flex-1">{flexRender(cell.column.columnDef.cell, cell.getContext())}</div>
-									</div>
-								</div>
-							)
-						})}
-					</CardContent>
-					<Link
-						href={getPagePath($router, "system", { name: row.original.name })}
-						className="inset-0 absolute w-full h-full"
-					>
-						<span className="sr-only">{row.original.name}</span>
-					</Link>
-				</Card>
-			)
-		}, [system, colLength, t])
-	}
-)
-
-const ActionsButton = memo(({ system }: { system: SystemRecord }) => {
-	const [deleteOpen, setDeleteOpen] = useState(false)
-	const [editOpen, setEditOpen] = useState(false)
-	let editOpened = useRef(false)
-	const { t } = useLingui()
-	const { id, status, host, name } = system
-
-	return useMemo(() => {
-		return (
-			<>
-				<DropdownMenu>
-					<DropdownMenuTrigger asChild>
-						<Button variant="ghost" size={"icon"} data-nolink>
-							<span className="sr-only">
-								<Trans>Open menu</Trans>
-							</span>
-							<MoreHorizontalIcon className="w-5" />
-						</Button>
-					</DropdownMenuTrigger>
-					<DropdownMenuContent align="end">
-						{!isReadOnlyUser() && (
-							<DropdownMenuItem
-								onSelect={() => {
-									editOpened.current = true
-									setEditOpen(true)
-								}}
-							>
-								<PenBoxIcon className="me-2.5 size-4" />
-								<Trans>Edit</Trans>
-							</DropdownMenuItem>
-						)}
-						<DropdownMenuItem
-							className={cn(isReadOnlyUser() && "hidden")}
-							onClick={() => {
-								pb.collection("systems").update(id, {
-									status: status === "paused" ? "pending" : "paused",
-								})
-							}}
-						>
-							{status === "paused" ? (
-								<>
-									<PlayCircleIcon className="me-2.5 size-4" />
-									<Trans>Resume</Trans>
-								</>
-							) : (
-								<>
-									<PauseCircleIcon className="me-2.5 size-4" />
-									<Trans>Pause</Trans>
-								</>
-							)}
-						</DropdownMenuItem>
-						<DropdownMenuItem onClick={() => copyToClipboard(host)}>
-							<CopyIcon className="me-2.5 size-4" />
-							<Trans>Copy host</Trans>
-						</DropdownMenuItem>
-						<DropdownMenuSeparator className={cn(isReadOnlyUser() && "hidden")} />
-						<DropdownMenuItem className={cn(isReadOnlyUser() && "hidden")} onSelect={() => setDeleteOpen(true)}>
-							<Trash2Icon className="me-2.5 size-4" />
-							<Trans>Delete</Trans>
-						</DropdownMenuItem>
-					</DropdownMenuContent>
-				</DropdownMenu>
-				{/* edit dialog */}
-				<Dialog open={editOpen} onOpenChange={setEditOpen}>
-					{editOpened.current && <SystemDialog system={system} setOpen={setEditOpen} />}
-				</Dialog>
-				{/* deletion dialog */}
-				<AlertDialog open={deleteOpen} onOpenChange={(open) => setDeleteOpen(open)}>
-					<AlertDialogContent>
-						<AlertDialogHeader>
-							<AlertDialogTitle>
-								<Trans>Are you sure you want to delete {name}?</Trans>
-							</AlertDialogTitle>
-							<AlertDialogDescription>
-								<Trans>
-									This action cannot be undone. This will permanently delete all current records for {name} from the
-									database.
-								</Trans>
-							</AlertDialogDescription>
-						</AlertDialogHeader>
-						<AlertDialogFooter>
-							<AlertDialogCancel>
-								<Trans>Cancel</Trans>
-							</AlertDialogCancel>
-							<AlertDialogAction
-								className={cn(buttonVariants({ variant: "destructive" }))}
-								onClick={() => pb.collection("systems").delete(id)}
-							>
-								<Trans>Continue</Trans>
-							</AlertDialogAction>
-						</AlertDialogFooter>
-					</AlertDialogContent>
-				</AlertDialog>
-			</>
-		)
-	}, [id, status, host, name, t, deleteOpen, editOpen])
-})
-
-function IndicatorDot({ system, className }: { system: SystemRecord; className?: ClassValue }) {
-	className ||= {
-		"bg-green-500": system.status === "up",
-		"bg-red-500": system.status === "down",
-		"bg-primary/40": system.status === "paused",
-		"bg-yellow-500": system.status === "pending",
-	}
-	return (
-		<span
-			className={cn("flex-shrink-0 size-2 rounded-full", className)}
-			// style={{ marginBottom: "-1px" }}
-		/>
-	)
-}

beszel/site/src/components/ui/command.tsx

@@ -1,132 +0,0 @@
-import * as React from "react"
-import { DialogTitle, type DialogProps } from "@radix-ui/react-dialog"
-import { Command as CommandPrimitive } from "cmdk"
-import { Search } from "lucide-react"
-
-import { cn } from "@/lib/utils"
-import { Dialog, DialogContent } from "@/components/ui/dialog"
-
-const Command = React.forwardRef<
-	React.ElementRef<typeof CommandPrimitive>,
-	React.ComponentPropsWithoutRef<typeof CommandPrimitive>
->(({ className, ...props }, ref) => (
-	<CommandPrimitive
-		ref={ref}
-		className={cn("flex h-full w-full flex-col overflow-hidden bg-popover text-popover-foreground", className)}
-		{...props}
-	/>
-))
-Command.displayName = CommandPrimitive.displayName
-
-interface CommandDialogProps extends DialogProps {}
-
-const CommandDialog = ({ children, ...props }: CommandDialogProps) => {
-	return (
-		<Dialog {...props}>
-			<DialogContent className="overflow-hidden p-0 shadow-lg">
-				<div className="sr-only">
-					<DialogTitle>Command</DialogTitle>
-				</div>
-				<Command className="[&_[cmdk-group-heading]]:px-2 [&_[cmdk-group-heading]]:font-medium [&_[cmdk-group-heading]]:text-muted-foreground [&_[cmdk-group]:not([hidden])_~[cmdk-group]]:pt-0 [&_[cmdk-group]]:px-2 [&_[cmdk-input-wrapper]_svg]:h-5 [&_[cmdk-input-wrapper]_svg]:w-5 [&_[cmdk-input]]:h-12 [&_[cmdk-item]]:px-2 [&_[cmdk-item]]:py-3 [&_[cmdk-item]_svg]:h-5 [&_[cmdk-item]_svg]:w-5">
-					{children}
-				</Command>
-			</DialogContent>
-		</Dialog>
-	)
-}
-
-const CommandInput = React.forwardRef<
-	React.ElementRef<typeof CommandPrimitive.Input>,
-	React.ComponentPropsWithoutRef<typeof CommandPrimitive.Input>
->(({ className, ...props }, ref) => (
-	<div className="flex items-center border-b px-3" cmdk-input-wrapper="">
-		<Search className="me-2 h-4 w-4 shrink-0 opacity-50" />
-		<CommandPrimitive.Input
-			ref={ref}
-			className={cn(
-				"flex h-11 w-full rounded-md bg-transparent py-3 text-sm outline-none placeholder:text-muted-foreground disabled:cursor-not-allowed disabled:opacity-50",
-				className
-			)}
-			{...props}
-		/>
-	</div>
-))
-
-CommandInput.displayName = CommandPrimitive.Input.displayName
-
-const CommandList = React.forwardRef<
-	React.ElementRef<typeof CommandPrimitive.List>,
-	React.ComponentPropsWithoutRef<typeof CommandPrimitive.List>
->(({ className, ...props }, ref) => (
-	<CommandPrimitive.List
-		ref={ref}
-		className={cn("max-h-[300px] overflow-y-auto overflow-x-hidden", className)}
-		{...props}
-	/>
-))
-
-CommandList.displayName = CommandPrimitive.List.displayName
-
-const CommandEmpty = React.forwardRef<
-	React.ElementRef<typeof CommandPrimitive.Empty>,
-	React.ComponentPropsWithoutRef<typeof CommandPrimitive.Empty>
->((props, ref) => <CommandPrimitive.Empty ref={ref} className="py-6 text-center text-sm" {...props} />)
-
-CommandEmpty.displayName = CommandPrimitive.Empty.displayName
-
-const CommandGroup = React.forwardRef<
-	React.ElementRef<typeof CommandPrimitive.Group>,
-	React.ComponentPropsWithoutRef<typeof CommandPrimitive.Group>
->(({ className, ...props }, ref) => (
-	<CommandPrimitive.Group
-		ref={ref}
-		className={cn(
-			"overflow-hidden p-1 text-foreground [&_[cmdk-group-heading]]:px-2 [&_[cmdk-group-heading]]:py-1.5 [&_[cmdk-group-heading]]:text-xs [&_[cmdk-group-heading]]:font-medium [&_[cmdk-group-heading]]:text-muted-foreground",
-			className
-		)}
-		{...props}
-	/>
-))
-
-CommandGroup.displayName = CommandPrimitive.Group.displayName
-
-const CommandSeparator = React.forwardRef<
-	React.ElementRef<typeof CommandPrimitive.Separator>,
-	React.ComponentPropsWithoutRef<typeof CommandPrimitive.Separator>
->(({ className, ...props }, ref) => (
-	<CommandPrimitive.Separator ref={ref} className={cn("-mx-1 h-px bg-border", className)} {...props} />
-))
-CommandSeparator.displayName = CommandPrimitive.Separator.displayName
-
-const CommandItem = React.forwardRef<
-	React.ElementRef<typeof CommandPrimitive.Item>,
-	React.ComponentPropsWithoutRef<typeof CommandPrimitive.Item>
->(({ className, ...props }, ref) => (
-	<CommandPrimitive.Item
-		ref={ref}
-		className={cn(
-			"relative flex cursor-default opacity-70 select-none items-center rounded-sm px-2 py-1.5 text-sm outline-none aria-selected:bg-accent aria-selected:opacity-90 data-[disabled='true']:pointer-events-none data-[disabled='true']:opacity-50",
-			className
-		)}
-		{...props}
-	/>
-))
-
-CommandItem.displayName = CommandPrimitive.Item.displayName
-
-const CommandShortcut = ({ className, ...props }: React.HTMLAttributes<HTMLSpanElement>) => {
-	return <span className={cn("ms-auto text-xs tracking-wide text-muted-foreground", className)} {...props} />
-}
-CommandShortcut.displayName = "CommandShortcut"
-
-export {
-	Command,
-	CommandDialog,
-	CommandInput,
-	CommandList,
-	CommandEmpty,
-	CommandGroup,
-	CommandItem,
-	CommandShortcut,
-	CommandSeparator,
-}

beszel/site/src/components/ui/input.tsx

@@ -1,22 +0,0 @@
-import * as React from "react"
-
-import { cn } from "@/lib/utils"
-
-export interface InputProps extends React.InputHTMLAttributes<HTMLInputElement> {}
-
-const Input = React.forwardRef<HTMLInputElement, InputProps>(({ className, type, ...props }, ref) => {
-	return (
-		<input
-			type={type}
-			className={cn(
-				"flex h-10 w-full rounded-md border bg-background px-3 py-2 text-sm ring-offset-background file:border-0 file:bg-transparent file:text-sm file:font-medium placeholder:text-muted-foreground focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50",
-				className
-			)}
-			ref={ref}
-			{...props}
-		/>
-	)
-})
-Input.displayName = "Input"
-
-export { Input }

beszel/site/src/components/ui/tooltip.tsx

@@ -1,28 +0,0 @@
-import * as React from "react"
-import * as TooltipPrimitive from "@radix-ui/react-tooltip"
-
-import { cn } from "@/lib/utils"
-
-const TooltipProvider = TooltipPrimitive.Provider
-
-const Tooltip = TooltipPrimitive.Root
-
-const TooltipTrigger = TooltipPrimitive.Trigger
-
-const TooltipContent = React.forwardRef<
-	React.ElementRef<typeof TooltipPrimitive.Content>,
-	React.ComponentPropsWithoutRef<typeof TooltipPrimitive.Content>
->(({ className, sideOffset = 4, ...props }, ref) => (
-	<TooltipPrimitive.Content
-		ref={ref}
-		sideOffset={sideOffset}
-		className={cn(
-			"z-50 overflow-hidden rounded-md border bg-popover px-3 py-1.5 text-sm text-popover-foreground shadow-md animate-in fade-in-0 zoom-in-95 data-[state=closed]:animate-out data-[state=closed]:fade-out-0 data-[state=closed]:zoom-out-95 data-[side=bottom]:slide-in-from-top-2 data-[side=left]:slide-in-from-right-2 data-[side=right]:slide-in-from-left-2 data-[side=top]:slide-in-from-bottom-2",
-			className
-		)}
-		{...props}
-	/>
-))
-TooltipContent.displayName = TooltipPrimitive.Content.displayName
-
-export { Tooltip, TooltipTrigger, TooltipContent, TooltipProvider }

beszel/site/src/index.css

@@ -1,103 +0,0 @@
-@tailwind base;
-@tailwind components;
-@tailwind utilities;
-
-@layer base {
-	:root {
-		--background: 30 8% 98.5%;
-		--foreground: 30 0% 0%;
-		--card: 30 0% 100%;
-		--card-foreground: 240 6.67% 2.94%;
-		--popover: 30 0% 100%;
-		--popover-foreground: 240 10% 6.2%;
-		--primary: 240 5.88% 10%;
-		--primary-foreground: 30 0% 100%;
-		--secondary: 240 4.76% 95.88%;
-		--secondary-foreground: 240 5.88% 10%;
-		--muted: 26 6% 94%;
-		--muted-foreground: 24 2.79% 35.1%;
-		--accent: 20 23.08% 94%;
-		--accent-foreground: 240 5.88% 10%;
-		--destructive: 0 66% 53%;
-		--destructive-foreground: 0 0% 98.04%;
-		--border: 30 8.11% 85.49%;
-		--input: 30 4.29% 72.55%;
-		--ring: 30 3.97% 49.41%;
-		--radius: 0.8rem;
-		/* charts */
-		--chart-1: 220 70% 50%;
-		--chart-2: 160 60% 45%;
-		--chart-3: 30 80% 55%;
-		--chart-4: 280 65% 60%;
-		--chart-5: 340 75% 55%;
-	}
-
-	.dark {
-		color-scheme: dark;
-		--background: 220 5.5% 9%;
-		--foreground: 220 2% 97%;
-		--card: 220 5.5% 10.5%;
-		--card-foreground: 220 2% 97%;
-		--popover: 220 5.5% 9%;
-		--popover-foreground: 220 2% 97%;
-		--primary: 220 2% 96%;
-		--primary-foreground: 220 4% 10%;
-		--secondary: 220 4% 16%;
-		--secondary-foreground: 220 0% 98%;
-		--muted: 220 6% 16%;
-		--muted-foreground: 220 4% 67%;
-		--accent: 220 5% 15.5%;
-		--accent-foreground: 220 2% 98%;
-		--destructive: 0 62% 46%;
-		--destructive-foreground: 0 0% 97%;
-		--border: 220 3% 16%;
-		--input: 220 4% 22%;
-		--ring: 220 4% 80%;
-		--radius: 0.8rem;
-	}
-}
-
-/* Fonts */
-@supports (font-variation-settings: normal) {
-	:root {
-		font-family: Inter, InterVariable, sans-serif;
-	}
-}
-@font-face {
-	font-family: InterVariable;
-	font-style: normal;
-	font-weight: 100 900;
-	font-display: swap;
-	src: url("/static/InterVariable.woff2?v=4.0") format("woff2");
-}
-
-@layer base {
-	* {
-		@apply border-border;
-		overflow-anchor: none;
-	}
-	body {
-		@apply bg-background text-foreground;
-	}
-}
-
-@layer utilities {
-	.link {
-		@apply text-primary font-medium underline-offset-4 hover:underline;
-	}
-	/* New system dialog width */
-	.ns-dialog {
-		min-width: 30.3rem;
-	}
-	:where(:lang(zh), :lang(zh-CN), :lang(ko)) .ns-dialog {
-		min-width: 27.9rem;
-	}
-}
-
-.recharts-tooltip-wrapper {
-	z-index: 1;
-}
-
-.recharts-yAxis {
-	@apply tabular-nums;
-}

beszel/site/src/lib/enums.ts

@@ -1,13 +0,0 @@
-export enum Os {
-	Linux = 0,
-	Darwin,
-	Windows,
-	FreeBSD,
-}
-
-export enum ChartType {
-	Memory,
-	Disk,
-	Network,
-	CPU,
-}

beszel/site/src/lib/stores.ts

@@ -1,48 +0,0 @@
-import PocketBase from "pocketbase"
-import { atom, map, PreinitializedWritableAtom } from "nanostores"
-import { AlertRecord, ChartTimes, SystemRecord, UserSettings } from "@/types"
-import { basePath } from "@/components/router"
-
-/** PocketBase JS Client */
-export const pb = new PocketBase(basePath)
-
-/** Store if user is authenticated */
-export const $authenticated = atom(pb.authStore.isValid)
-
-/** List of system records */
-export const $systems = atom([] as SystemRecord[])
-
-/** List of alert records */
-export const $alerts = atom([] as AlertRecord[])
-
-/** SSH public key */
-export const $publicKey = atom("")
-
-/** Chart time period */
-export const $chartTime = atom("1h") as PreinitializedWritableAtom<ChartTimes>
-
-/** Whether to display average or max chart values */
-export const $maxValues = atom(false)
-
-/** User settings */
-export const $userSettings = map<UserSettings>({
-	chartTime: "1h",
-	emails: [pb.authStore.record?.email || ""],
-})
-// update local storage on change
-$userSettings.subscribe((value) => {
-	// console.log('user settings changed', value)
-	$chartTime.set(value.chartTime)
-})
-
-/** Container chart filter */
-export const $containerFilter = atom("")
-
-/** Temperature chart filter */
-export const $temperatureFilter = atom("")
-
-/** Fallback copy to clipboard dialog content */
-export const $copyContent = atom("")
-
-/** Direction for localization */
-export const $direction = atom<"ltr" | "rtl">("ltr")

beszel/site/src/lib/utils.ts

@@ -1,362 +0,0 @@
-import { t } from "@lingui/core/macro"
-import { toast } from "@/components/ui/use-toast"
-import { type ClassValue, clsx } from "clsx"
-import { twMerge } from "tailwind-merge"
-import { $alerts, $copyContent, $systems, $userSettings, pb } from "./stores"
-import { AlertInfo, AlertRecord, ChartTimeData, ChartTimes, FingerprintRecord, SystemRecord } from "@/types"
-import { RecordModel, RecordSubscription } from "pocketbase"
-import { WritableAtom } from "nanostores"
-import { timeDay, timeHour } from "d3-time"
-import { useEffect, useState } from "react"
-import { CpuIcon, HardDriveIcon, MemoryStickIcon, ServerIcon } from "lucide-react"
-import { EthernetIcon, ThermometerIcon } from "@/components/ui/icons"
-import { prependBasePath } from "@/components/router"
-
-export function cn(...inputs: ClassValue[]) {
-	return twMerge(clsx(inputs))
-}
-
-/** Adds event listener to node and returns function that removes the listener */
-export function listen<T extends Event = Event>(node: Node, event: string, handler: (event: T) => void) {
-	node.addEventListener(event, handler as EventListener)
-	return () => node.removeEventListener(event, handler as EventListener)
-}
-
-export async function copyToClipboard(content: string) {
-	const duration = 1500
-	try {
-		await navigator.clipboard.writeText(content)
-		toast({
-			duration,
-			description: t`Copied to clipboard`,
-		})
-	} catch (e: any) {
-		$copyContent.set(content)
-	}
-}
-
-const verifyAuth = () => {
-	pb.collection("users")
-		.authRefresh()
-		.catch(() => {
-			logOut()
-			toast({
-				title: t`Failed to authenticate`,
-				description: t`Please log in again`,
-				variant: "destructive",
-			})
-		})
-}
-
-export const updateSystemList = (() => {
-	let isFetchingSystems = false
-	return async () => {
-		if (isFetchingSystems) {
-			return
-		}
-		isFetchingSystems = true
-		try {
-			const records = await pb
-				.collection<SystemRecord>("systems")
-				.getFullList({ sort: "+name", fields: "id,name,host,port,info,status" })
-
-			if (records.length) {
-				$systems.set(records)
-			} else {
-				verifyAuth()
-			}
-		} finally {
-			isFetchingSystems = false
-		}
-	}
-})()
-
-/** Logs the user out by clearing the auth store and unsubscribing from realtime updates. */
-export async function logOut() {
-	sessionStorage.setItem("lo", "t")
-	pb.authStore.clear()
-	pb.realtime.unsubscribe()
-}
-
-export const updateAlerts = () => {
-	pb.collection("alerts")
-		.getFullList<AlertRecord>({ fields: "id,name,system,value,min,triggered", sort: "updated" })
-		.then((records) => {
-			$alerts.set(records)
-		})
-}
-
-const hourWithMinutesFormatter = new Intl.DateTimeFormat(undefined, {
-	hour: "numeric",
-	minute: "numeric",
-})
-export const hourWithMinutes = (timestamp: string) => {
-	return hourWithMinutesFormatter.format(new Date(timestamp))
-}
-
-const shortDateFormatter = new Intl.DateTimeFormat(undefined, {
-	day: "numeric",
-	month: "short",
-	hour: "numeric",
-	minute: "numeric",
-})
-export const formatShortDate = (timestamp: string) => {
-	return shortDateFormatter.format(new Date(timestamp))
-}
-
-const dayFormatter = new Intl.DateTimeFormat(undefined, {
-	day: "numeric",
-	month: "short",
-})
-export const formatDay = (timestamp: string) => {
-	return dayFormatter.format(new Date(timestamp))
-}
-
-export const updateFavicon = (newIcon: string) => {
-	;(document.querySelector("link[rel='icon']") as HTMLLinkElement).href = prependBasePath(`/static/${newIcon}`)
-}
-
-export const isAdmin = () => pb.authStore.record?.role === "admin"
-export const isReadOnlyUser = () => pb.authStore.record?.role === "readonly"
-
-/** Update systems / alerts list when records change  */
-export function updateRecordList<T extends RecordModel>(e: RecordSubscription<T>, $store: WritableAtom<T[]>) {
-	const curRecords = $store.get()
-	const newRecords = []
-	if (e.action === "delete") {
-		for (const server of curRecords) {
-			if (server.id !== e.record.id) {
-				newRecords.push(server)
-			}
-		}
-	} else {
-		let found = 0
-		for (const server of curRecords) {
-			if (server.id === e.record.id) {
-				found = newRecords.push(e.record)
-			} else {
-				newRecords.push(server)
-			}
-		}
-		if (!found) {
-			newRecords.push(e.record)
-		}
-	}
-	$store.set(newRecords)
-}
-
-export function getPbTimestamp(timeString: ChartTimes, d?: Date) {
-	d ||= chartTimeData[timeString].getOffset(new Date())
-	const year = d.getUTCFullYear()
-	const month = String(d.getUTCMonth() + 1).padStart(2, "0")
-	const day = String(d.getUTCDate()).padStart(2, "0")
-	const hours = String(d.getUTCHours()).padStart(2, "0")
-	const minutes = String(d.getUTCMinutes()).padStart(2, "0")
-	const seconds = String(d.getUTCSeconds()).padStart(2, "0")
-
-	return `${year}-${month}-${day} ${hours}:${minutes}:${seconds}`
-}
-
-export const chartTimeData: ChartTimeData = {
-	"1h": {
-		type: "1m",
-		expectedInterval: 60_000,
-		label: () => t`1 hour`,
-		// ticks: 12,
-		format: (timestamp: string) => hourWithMinutes(timestamp),
-		getOffset: (endTime: Date) => timeHour.offset(endTime, -1),
-	},
-	"12h": {
-		type: "10m",
-		expectedInterval: 60_000 * 10,
-		label: () => t`12 hours`,
-		ticks: 12,
-		format: (timestamp: string) => hourWithMinutes(timestamp),
-		getOffset: (endTime: Date) => timeHour.offset(endTime, -12),
-	},
-	"24h": {
-		type: "20m",
-		expectedInterval: 60_000 * 20,
-		label: () => t`24 hours`,
-		format: (timestamp: string) => hourWithMinutes(timestamp),
-		getOffset: (endTime: Date) => timeHour.offset(endTime, -24),
-	},
-	"1w": {
-		type: "120m",
-		expectedInterval: 60_000 * 120,
-		label: () => t`1 week`,
-		ticks: 7,
-		format: (timestamp: string) => formatDay(timestamp),
-		getOffset: (endTime: Date) => timeDay.offset(endTime, -7),
-	},
-	"30d": {
-		type: "480m",
-		expectedInterval: 60_000 * 480,
-		label: () => t`30 days`,
-		ticks: 30,
-		format: (timestamp: string) => formatDay(timestamp),
-		getOffset: (endTime: Date) => timeDay.offset(endTime, -30),
-	},
-}
-
-/** Sets the correct width of the y axis in recharts based on the longest label */
-export function useYAxisWidth() {
-	const [yAxisWidth, setYAxisWidth] = useState(0)
-	let maxChars = 0
-	let timeout: Timer
-	function updateYAxisWidth(str: string) {
-		if (str.length > maxChars) {
-			maxChars = str.length
-			const div = document.createElement("div")
-			div.className = "text-xs tabular-nums tracking-tighter table sr-only"
-			div.innerHTML = str
-			clearTimeout(timeout)
-			timeout = setTimeout(() => {
-				document.body.appendChild(div)
-				const width = div.offsetWidth + 24
-				if (width > yAxisWidth) {
-					setYAxisWidth(div.offsetWidth + 24)
-				}
-				document.body.removeChild(div)
-			})
-		}
-		return str
-	}
-	return { yAxisWidth, updateYAxisWidth }
-}
-
-export function toFixedWithoutTrailingZeros(num: number, digits: number) {
-	return parseFloat(num.toFixed(digits)).toString()
-}
-
-export function toFixedFloat(num: number, digits: number) {
-	return parseFloat(num.toFixed(digits))
-}
-
-let decimalFormatters: Map<number, Intl.NumberFormat> = new Map()
-/** Format number to x decimal places */
-export function decimalString(num: number, digits = 2) {
-	let formatter = decimalFormatters.get(digits)
-	if (!formatter) {
-		formatter = new Intl.NumberFormat(undefined, {
-			minimumFractionDigits: digits,
-			maximumFractionDigits: digits,
-		})
-		decimalFormatters.set(digits, formatter)
-	}
-	return formatter.format(num)
-}
-
-/** Get value from local storage */
-function getStorageValue(key: string, defaultValue: any) {
-	const saved = localStorage?.getItem(key)
-	return saved ? JSON.parse(saved) : defaultValue
-}
-
-/** Hook to sync value in local storage */
-export function useLocalStorage<T>(key: string, defaultValue: T) {
-	key = `besz-${key}`
-	const [value, setValue] = useState(() => {
-		return getStorageValue(key, defaultValue)
-	})
-	useEffect(() => {
-		localStorage?.setItem(key, JSON.stringify(value))
-	}, [key, value])
-
-	return [value, setValue]
-}
-
-export async function updateUserSettings() {
-	try {
-		const req = await pb.collection("user_settings").getFirstListItem("", { fields: "settings" })
-		$userSettings.set(req.settings)
-		return
-	} catch (e) {
-		console.log("get settings", e)
-	}
-	// create user settings if error fetching existing
-	try {
-		const createdSettings = await pb.collection("user_settings").create({ user: pb.authStore.record!.id })
-		$userSettings.set(createdSettings.settings)
-	} catch (e) {
-		console.log("create settings", e)
-	}
-}
-
-/**
- * Get the value and unit of size (TB, GB, or MB) for a given size
- * @param n size in gigabytes or megabytes
- * @param isGigabytes boolean indicating if n represents gigabytes (true) or megabytes (false)
- * @returns an object containing the value and unit of size
- */
-export const getSizeAndUnit = (n: number, isGigabytes = true) => {
-	const sizeInGB = isGigabytes ? n : n / 1_000
-
-	if (sizeInGB >= 1_000) {
-		return { v: sizeInGB / 1_000, u: " TB" }
-	} else if (sizeInGB >= 1) {
-		return { v: sizeInGB, u: " GB" }
-	}
-	return { v: isGigabytes ? sizeInGB * 1_000 : n, u: " MB" }
-}
-
-export const chartMargin = { top: 12 }
-
-export const alertInfo: Record<string, AlertInfo> = {
-	Status: {
-		name: () => t`Status`,
-		unit: "",
-		icon: ServerIcon,
-		desc: () => t`Triggers when status switches between up and down`,
-		/** "for x minutes" is appended to desc when only one value */
-		singleDesc: () => t`System` + " " + t`Down`,
-	},
-	CPU: {
-		name: () => t`CPU Usage`,
-		unit: "%",
-		icon: CpuIcon,
-		desc: () => t`Triggers when CPU usage exceeds a threshold`,
-	},
-	Memory: {
-		name: () => t`Memory Usage`,
-		unit: "%",
-		icon: MemoryStickIcon,
-		desc: () => t`Triggers when memory usage exceeds a threshold`,
-	},
-	Disk: {
-		name: () => t`Disk Usage`,
-		unit: "%",
-		icon: HardDriveIcon,
-		desc: () => t`Triggers when usage of any disk exceeds a threshold`,
-	},
-	Bandwidth: {
-		name: () => t`Bandwidth`,
-		unit: " MB/s",
-		icon: EthernetIcon,
-		desc: () => t`Triggers when combined up/down exceeds a threshold`,
-		max: 125,
-	},
-	Temperature: {
-		name: () => t`Temperature`,
-		unit: "°C",
-		icon: ThermometerIcon,
-		desc: () => t`Triggers when any sensor exceeds a threshold`,
-	},
-}
-
-/**
- * Retuns value of system host, truncating full path if socket.
- * @example
- * // Assuming system.host is "/var/run/beszel.sock"
- * const hostname = getHostDisplayValue(system) // hostname will be "beszel.sock"
- */
-export const getHostDisplayValue = (system: SystemRecord): string => system.host.slice(system.host.lastIndexOf("/") + 1)
-
-/** Generate a random token for the agent */
-export const generateToken = () => crypto?.randomUUID() ?? (performance.now() * Math.random()).toString(16)
-
-/** Get the hub URL from the global BESZEL object */
-export const getHubURL = () => BESZEL?.HUB_URL || window.location.origin
-
-/** Map of system IDs to their corresponding tokens (used to avoid fetching in add-system dialog) */
-export const tokenMap = new Map<SystemRecord["id"], FingerprintRecord["token"]>()

beszel/site/tailwind.config.js

@@ -1,100 +0,0 @@
-/** @type {import('tailwindcss').Config} */
-module.exports = {
-	darkMode: ["class"],
-	content: ["./pages/**/*.{ts,tsx}", "./components/**/*.{ts,tsx}", "./app/**/*.{ts,tsx}", "./src/**/*.{ts,tsx}"],
-	prefix: "",
-	theme: {
-		container: {
-			center: true,
-			padding: "1rem",
-			screens: {
-				"2xl": "1420px",
-			},
-		},
-		extend: {
-			fontFamily: {
-				sans: "Inter, sans-serif",
-				// body: ['Inter', 'sans-serif'],
-				// display: ['Inter', 'sans-serif'],
-			},
-			screens: {
-				xs: "425px",
-				450: "450px",
-			},
-			colors: {
-				green: {
-					50: "#EBF9F0",
-					100: "#D8F3E1",
-					200: "#ADE6C0",
-					300: "#85DBA2",
-					400: "#5ACE81",
-					500: "#38BB63",
-					600: "#2D954F",
-					700: "#22723D",
-					800: "#164B28",
-					900: "#0C2715",
-					950: "#06140A",
-				},
-				border: "hsl(var(--border))",
-				input: "hsl(var(--input))",
-				ring: "hsl(var(--ring))",
-				background: "hsl(var(--background))",
-				foreground: "hsl(var(--foreground))",
-				primary: {
-					DEFAULT: "hsl(var(--primary))",
-					foreground: "hsl(var(--primary-foreground))",
-				},
-				secondary: {
-					DEFAULT: "hsl(var(--secondary))",
-					foreground: "hsl(var(--secondary-foreground))",
-				},
-				destructive: {
-					DEFAULT: "hsl(var(--destructive))",
-					foreground: "hsl(var(--destructive-foreground))",
-				},
-				muted: {
-					DEFAULT: "hsl(var(--muted))",
-					foreground: "hsl(var(--muted-foreground))",
-				},
-				accent: {
-					DEFAULT: "hsl(var(--accent))",
-					foreground: "hsl(var(--accent-foreground))",
-				},
-				popover: {
-					DEFAULT: "hsl(var(--popover))",
-					foreground: "hsl(var(--popover-foreground))",
-				},
-				card: {
-					DEFAULT: "hsl(var(--card))",
-					foreground: "hsl(var(--card-foreground))",
-				},
-			},
-			borderRadius: {
-				lg: "var(--radius)",
-				md: "calc(var(--radius) - 2px)",
-				sm: "calc(var(--radius) - 4px)",
-			},
-			keyframes: {
-				"accordion-down": {
-					from: { height: "0" },
-					to: { height: "var(--radix-accordion-content-height)" },
-				},
-				"accordion-up": {
-					from: { height: "var(--radix-accordion-content-height)" },
-					to: { height: "0" },
-				},
-			},
-			animation: {
-				"accordion-down": "accordion-down 0.2s ease-out",
-				"accordion-up": "accordion-up 0.2s ease-out",
-			},
-		},
-	},
-	plugins: [
-		require("tailwindcss-animate"),
-		require("tailwindcss-rtl"),
-		function ({ addVariant }) {
-			addVariant("light", ".light &")
-		},
-	],
-}

go.mod

@@ -1,26 +1,27 @@
-module beszel
+module github.com/henrygd/beszel
 
-go 1.24.4
+go 1.25.1
 
 // lock shoutrrr to specific version to allow review before updating
 replace github.com/nicholas-fedor/shoutrrr => github.com/nicholas-fedor/shoutrrr v0.8.8
 
 require (
 	github.com/blang/semver v3.5.1+incompatible
-	github.com/fxamacker/cbor/v2 v2.8.0
+	github.com/distatus/battery v0.11.0
+	github.com/fxamacker/cbor/v2 v2.9.0
 	github.com/gliderlabs/ssh v0.3.8
 	github.com/google/uuid v1.6.0
 	github.com/lxzan/gws v1.8.9
-	github.com/nicholas-fedor/shoutrrr v0.8.15
+	github.com/nicholas-fedor/shoutrrr v0.8.17
 	github.com/pocketbase/dbx v1.11.0
-	github.com/pocketbase/pocketbase v0.28.4
-	github.com/rhysd/go-github-selfupdate v1.2.3
+	github.com/pocketbase/pocketbase v0.29.3
 	github.com/shirou/gopsutil/v4 v4.25.6
 	github.com/spf13/cast v1.9.2
 	github.com/spf13/cobra v1.9.1
-	github.com/stretchr/testify v1.10.0
-	golang.org/x/crypto v0.39.0
-	golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b
+	github.com/spf13/pflag v1.0.7
+	github.com/stretchr/testify v1.11.0
+	golang.org/x/crypto v0.41.0
+	golang.org/x/exp v0.0.0-20250819193227-8b4c13bb791b
 	gopkg.in/yaml.v3 v3.0.1
 )
 
@@ -39,34 +40,30 @@ require (
 	github.com/go-ole/go-ole v1.3.0 // indirect
 	github.com/go-ozzo/ozzo-validation/v4 v4.3.0 // indirect
 	github.com/go-sql-driver/mysql v1.9.1 // indirect
-	github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
-	github.com/google/go-github/v30 v30.1.0 // indirect
-	github.com/google/go-querystring v1.1.0 // indirect
-	github.com/inconshreveable/go-update v0.0.0-20160112193335-8152e7eb6ccf // indirect
+	github.com/golang-jwt/jwt/v5 v5.3.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/klauspost/compress v1.18.0 // indirect
-	github.com/lufia/plan9stats v0.0.0-20250317134145-8bc96cf8fc35 // indirect
+	github.com/lufia/plan9stats v0.0.0-20250821153705-5981dea3221d // indirect
 	github.com/mattn/go-colorable v0.1.14 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/ncruces/go-strftime v0.1.9 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
-	github.com/spf13/pflag v1.0.6 // indirect
-	github.com/tcnksm/go-gitconfig v0.1.2 // indirect
 	github.com/tklauser/go-sysconf v0.3.15 // indirect
 	github.com/tklauser/numcpus v0.10.0 // indirect
-	github.com/ulikunitz/xz v0.5.12 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
-	golang.org/x/image v0.28.0 // indirect
-	golang.org/x/net v0.41.0 // indirect
+	golang.org/x/image v0.30.0 // indirect
+	golang.org/x/net v0.43.0 // indirect
 	golang.org/x/oauth2 v0.30.0 // indirect
-	golang.org/x/sync v0.15.0 // indirect
-	golang.org/x/sys v0.33.0 // indirect
-	golang.org/x/text v0.26.0 // indirect
-	modernc.org/libc v1.65.10 // indirect
+	golang.org/x/sync v0.16.0 // indirect
+	golang.org/x/sys v0.35.0 // indirect
+	golang.org/x/text v0.28.0 // indirect
+	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
+	howett.net/plist v1.0.1 // indirect
+	modernc.org/libc v1.66.3 // indirect
 	modernc.org/mathutil v1.7.1 // indirect
 	modernc.org/memory v1.11.0 // indirect
-	modernc.org/sqlite v1.38.0 // indirect
+	modernc.org/sqlite v1.38.2 // indirect
 )

go.sum

@@ -13,6 +13,8 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/disintegration/imaging v1.6.2 h1:w1LecBlG2Lnp8B3jk5zSuNqd7b4DXhcjwek1ei82L+c=
 github.com/disintegration/imaging v1.6.2/go.mod h1:44/5580QXChDfwIclfc/PCwrr44amcmDAg8hxG0Ewe4=
+github.com/distatus/battery v0.11.0 h1:KJk89gz90Iq/wJtbjjM9yUzBXV+ASV/EG2WOOL7N8lc=
+github.com/distatus/battery v0.11.0/go.mod h1:KmVkE8A8hpIX4T78QRdMktYpEp35QfOL8A8dwZBxq2k=
 github.com/dolthub/maphash v0.1.0 h1:bsQ7JsF4FkkWyrP3oCnFJgrCUAFbFf3kOl4L/QxPDyQ=
 github.com/dolthub/maphash v0.1.0/go.mod h1:gkg4Ch4CdCDu5h6PMriVLawB7koZ+5ijb9puGMV50a4=
 github.com/domodwyer/mailyak/v3 v3.6.2 h1:x3tGMsyFhTCaxp6ycgR0FE/bu5QiNp+hetUuCOBXMn8=
@@ -25,9 +27,8 @@ github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM=
 github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU=
 github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
 github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
-github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/fxamacker/cbor/v2 v2.8.0 h1:fFtUGXUzXPHTIUdne5+zzMPTfffl3RD5qYnkY40vtxU=
-github.com/fxamacker/cbor/v2 v2.8.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ=
+github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM=
+github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ=
 github.com/gabriel-vasile/mimetype v1.4.9 h1:5k+WDwEsD9eTLL8Tz3L0VnmVh9QxGjRmjBvAG7U/oYY=
 github.com/gabriel-vasile/mimetype v1.4.9/go.mod h1:WnSQhFKJuBlRyLiKohA/2DtIlPFAbguNaG7QCHcyGok=
 github.com/ganigeorgiev/fexpr v0.5.0 h1:XA9JxtTE/Xm+g/JFI6RfZEHSiQlk+1glLvRK1Lpv/Tk=
@@ -46,41 +47,28 @@ github.com/go-sql-driver/mysql v1.9.1 h1:FrjNGn/BsJQjVRuSa8CBrM5BWA9BWoXXat3KrtS
 github.com/go-sql-driver/mysql v1.9.1/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI64Gl8i5p1WMU=
 github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
 github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
-github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=
-github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
+github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
 github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
-github.com/google/go-github/v30 v30.1.0 h1:VLDx+UolQICEOKu2m4uAoMti1SxuEBAl7RSEG16L+Oo=
-github.com/google/go-github/v30 v30.1.0/go.mod h1:n8jBpHl45a/rlBUtRJMOG4GhNADUQFEufcolZ95JfU8=
-github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
-github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
-github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
 github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8=
 github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
-github.com/inconshreveable/go-update v0.0.0-20160112193335-8152e7eb6ccf h1:WfD7VjIE6z8dIvMsI4/s+1qr5EL+zoIGev1BQj1eoJ8=
-github.com/inconshreveable/go-update v0.0.0-20160112193335-8152e7eb6ccf/go.mod h1:hyb9oH7vZsitZCiBt0ZvifOrB+qc8PS5IiilCIb87rg=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/jarcoal/httpmock v1.4.0 h1:BvhqnH0JAYbNudL2GMJKgOHe2CtKlzJ/5rWKyp+hc2k=
 github.com/jarcoal/httpmock v1.4.0/go.mod h1:ftW1xULwo+j0R0JJkJIIi7UKigZUXCLLanykgjwBXL0=
+github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
 github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
-github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
-github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/lufia/plan9stats v0.0.0-20250317134145-8bc96cf8fc35 h1:PpXWgLPs+Fqr325bN2FD2ISlRRztXibcX6e8f5FR5Dc=
-github.com/lufia/plan9stats v0.0.0-20250317134145-8bc96cf8fc35/go.mod h1:autxFIvghDt3jPTLoqZ9OZ7s9qTGNAWmYCjVFWPX/zg=
+github.com/lufia/plan9stats v0.0.0-20250821153705-5981dea3221d h1:vFzYZc8yji+9DmNRhpEbs8VBK4CgV/DPfGzeVJSSp/8=
+github.com/lufia/plan9stats v0.0.0-20250821153705-5981dea3221d/go.mod h1:autxFIvghDt3jPTLoqZ9OZ7s9qTGNAWmYCjVFWPX/zg=
 github.com/lxzan/gws v1.8.9 h1:VU3SGUeWlQrEwfUSfokcZep8mdg/BrUF+y73YYshdBM=
 github.com/lxzan/gws v1.8.9/go.mod h1:d9yHaR1eDTBHagQC6KY7ycUOaz5KWeqQtP3xu7aMK8Y=
 github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE=
@@ -91,11 +79,8 @@ github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdh
 github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
 github.com/nicholas-fedor/shoutrrr v0.8.8 h1:F/oyoatWK5cbHPPgkjRZrA0262TP7KWuUQz9KskRtR8=
 github.com/nicholas-fedor/shoutrrr v0.8.8/go.mod h1:T30Y+eoZFEjDk4HtOItcHQioZSOe3Z6a6aNfSz6jc5c=
-github.com/onsi/ginkgo v1.6.0 h1:Ix8l273rp3QzYgXSR+c8d1fTG7UPgYkOSELPhiY/YGw=
-github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo/v2 v2.23.4 h1:ktYTpKJAVZnDT4VjxSbiBenUjmlL/5QkBEocaWXiQus=
 github.com/onsi/ginkgo/v2 v2.23.4/go.mod h1:Bt66ApGPBFzHyR+JO10Zbt0Gsp4uWxu5mIOTusL46e8=
-github.com/onsi/gomega v1.4.2/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/onsi/gomega v1.37.0 h1:CdEG8g0S133B4OswTDC/5XPSzE1OeP29QOioj2PID2Y=
 github.com/onsi/gomega v1.37.0/go.mod h1:8D9+Txp43QWKhM24yyOBEdpkzN8FvJyAwecBgsU4KU0=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
@@ -103,14 +88,12 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pocketbase/dbx v1.11.0 h1:LpZezioMfT3K4tLrqA55wWFw1EtH1pM4tzSVa7kgszU=
 github.com/pocketbase/dbx v1.11.0/go.mod h1:xXRCIAKTHMgUCyCKZm55pUOdvFziJjQfXaWKhu2vhMs=
-github.com/pocketbase/pocketbase v0.28.4 h1:RmhWXDcfKrFM9/W0G0Zrlv4eKBM8/s/v4SQKytjgD20=
-github.com/pocketbase/pocketbase v0.28.4/go.mod h1:jSuN93vE/oeJVOz2D2ZxcYyr2bYNmDOMCUkM+JhyJQ0=
+github.com/pocketbase/pocketbase v0.29.3 h1:Mj8o5awsbVJIdIoTuQNhfC2oL/c4aImQ3RyfFZlzFVg=
+github.com/pocketbase/pocketbase v0.29.3/go.mod h1:oGpT67LObxCFK4V2fSL7J9YnPbBnnshOpJ5v3zcneww=
 github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU=
 github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
 github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
 github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
-github.com/rhysd/go-github-selfupdate v1.2.3 h1:iaa+J202f+Nc+A8zi75uccC8Wg3omaM7HDeimXA22Ag=
-github.com/rhysd/go-github-selfupdate v1.2.3/go.mod h1:mp/N8zj6jFfBQy/XMYoWsmfzxazpPAODuqarmPDe2Rg=
 github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
 github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
@@ -120,21 +103,17 @@ github.com/spf13/cast v1.9.2 h1:SsGfm7M8QOFtEzumm7UZrZdLLquNdzFYfIbEXntcFbE=
 github.com/spf13/cast v1.9.2/go.mod h1:jNfB8QC9IA6ZuY2ZjDp0KtFO2LZZlg4S/7bzP6qqeHo=
 github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo=
 github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0=
-github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o=
 github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/spf13/pflag v1.0.7 h1:vN6T9TfwStFPFM5XzjsvmzZkLuaLX+HS+0SeFLRgU6M=
+github.com/spf13/pflag v1.0.7/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
-github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/tcnksm/go-gitconfig v0.1.2 h1:iiDhRitByXAEyjgBqsKi9QU4o2TNtv9kPP3RgPgXBPw=
-github.com/tcnksm/go-gitconfig v0.1.2/go.mod h1:/8EhP4H7oJZdIPyT+/UIsG87kTzrzM4UsLGSItWYCpE=
+github.com/stretchr/testify v1.11.0 h1:ib4sjIrwZKxE5u/Japgo/7SJV3PvgjGiRNAvTVGqQl8=
+github.com/stretchr/testify v1.11.0/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
 github.com/tklauser/go-sysconf v0.3.15 h1:VE89k0criAymJ/Os65CSn1IXaol+1wrsFHEB8Ol49K4=
 github.com/tklauser/go-sysconf v0.3.15/go.mod h1:Dmjwr6tYFIseJw7a3dRLJfsHAMXZ3nEnL/aZY+0IuI4=
 github.com/tklauser/numcpus v0.10.0 h1:18njr6LDBk1zuna922MgdjQuJFjrdppsZG60sHGfjso=
 github.com/tklauser/numcpus v0.10.0/go.mod h1:BiTKazU708GQTYF4mB+cmlpT2Is1gLk7XVuEeem8LsQ=
-github.com/ulikunitz/xz v0.5.9/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
-github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
-github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
 github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
@@ -142,75 +121,62 @@ github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQ
 go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs=
 go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
-golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
-golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
-golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b h1:M2rDM6z3Fhozi9O7NWsxAkg/yqS/lQJ6PmkyIV3YP+o=
-golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b/go.mod h1:3//PLf8L/X+8b4vuAfHzxeRUl04Adcb341+IGKfnqS8=
+golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4=
+golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc=
+golang.org/x/exp v0.0.0-20250819193227-8b4c13bb791b h1:DXr+pvt3nC887026GRP39Ej11UATqWDmWuS99x26cD0=
+golang.org/x/exp v0.0.0-20250819193227-8b4c13bb791b/go.mod h1:4QTo5u+SEIbbKW1RacMZq1YEfOBqeXa19JeshGi+zc4=
 golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/image v0.28.0 h1:gdem5JW1OLS4FbkWgLO+7ZeFzYtL3xClb97GaUzYMFE=
-golang.org/x/image v0.28.0/go.mod h1:GUJYXtnGKEUgggyzh+Vxt+AviiCcyiwpsl8iQ8MvwGY=
-golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
-golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
-golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/image v0.30.0 h1:jD5RhkmVAnjqaCUXfbGBrn3lpxbknfN9w2UhHHU+5B4=
+golang.org/x/image v0.30.0/go.mod h1:SAEUTxCCMWSrJcCy/4HwavEsfZZJlYxeHLc6tTiAe/c=
+golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ=
+golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc=
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
-golang.org/x/net v0.41.0 h1:vBTly1HeNPEn3wtREYfy4GZ/NECgw2Cnl+nK6Nz3uvw=
-golang.org/x/net v0.41.0/go.mod h1:B/K4NNqkfmg07DQYrbwvSluqCJOOXwUjeb/5lOisjbA=
-golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE=
+golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg=
 golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
 golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
-golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
-golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw=
+golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
-golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
-golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
-golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg=
-golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
+golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
+golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4=
+golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
-golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
-golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
+golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng=
+golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.34.0 h1:qIpSLOxeCYGg9TrcJokLBG4KFA6d795g0xkBkiESGlo=
-golang.org/x/tools v0.34.0/go.mod h1:pAP9OwEaY1CAW3HOmg3hLZC5Z0CCmzjAF2UQMSqNARg=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
-google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg=
+golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s=
 google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
 google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
 google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
-gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
-gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0/go.mod h1:WDnlLJ4WF5VGsH/HVa3CI79GS0ol3YnhVnKP89i0kNg=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-modernc.org/cc/v4 v4.26.1 h1:+X5NtzVBn0KgsBCBe+xkDC7twLb/jNVj9FPgiwSQO3s=
-modernc.org/cc/v4 v4.26.1/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
+howett.net/plist v1.0.1 h1:37GdZ8tP09Q35o9ych3ehygcsL+HqKSwzctveSlarvM=
+howett.net/plist v1.0.1/go.mod h1:lqaXoTrLY4hg8tnEzNru53gicrbv7rrk+2xJA/7hw9g=
+modernc.org/cc/v4 v4.26.2 h1:991HMkLjJzYBIfha6ECZdjrIYz2/1ayr+FL8GN+CNzM=
+modernc.org/cc/v4 v4.26.2/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
 modernc.org/ccgo/v4 v4.28.0 h1:rjznn6WWehKq7dG4JtLRKxb52Ecv8OUGah8+Z/SfpNU=
 modernc.org/ccgo/v4 v4.28.0/go.mod h1:JygV3+9AV6SmPhDasu4JgquwU81XAKLd3OKTUDNOiKE=
-modernc.org/fileutil v1.3.3 h1:3qaU+7f7xxTUmvU1pJTZiDLAIoJVdUSSauJNHg9yXoA=
-modernc.org/fileutil v1.3.3/go.mod h1:HxmghZSZVAz/LXcMNwZPA/DRrQZEVP9VX0V4LQGQFOc=
+modernc.org/fileutil v1.3.8 h1:qtzNm7ED75pd1C7WgAGcK4edm4fvhtBsEiI/0NQ54YM=
+modernc.org/fileutil v1.3.8/go.mod h1:HxmghZSZVAz/LXcMNwZPA/DRrQZEVP9VX0V4LQGQFOc=
 modernc.org/gc/v2 v2.6.5 h1:nyqdV8q46KvTpZlsw66kWqwXRHdjIlJOhG6kxiV/9xI=
 modernc.org/gc/v2 v2.6.5/go.mod h1:YgIahr1ypgfe7chRuJi2gD7DBQiKSLMPgBQe9oIiito=
-modernc.org/libc v1.65.10 h1:ZwEk8+jhW7qBjHIT+wd0d9VjitRyQef9BnzlzGwMODc=
-modernc.org/libc v1.65.10/go.mod h1:StFvYpx7i/mXtBAfVOjaU0PWZOvIRoZSgXhrwXzr8Po=
+modernc.org/goabi0 v0.2.0 h1:HvEowk7LxcPd0eq6mVOAEMai46V+i7Jrj13t4AzuNks=
+modernc.org/goabi0 v0.2.0/go.mod h1:CEFRnnJhKvWT1c1JTI3Avm+tgOWbkOu5oPA8eH8LnMI=
+modernc.org/libc v1.66.3 h1:cfCbjTUcdsKyyZZfEUKfoHcP3S0Wkvz3jgSzByEWVCQ=
+modernc.org/libc v1.66.3/go.mod h1:XD9zO8kt59cANKvHPXpx7yS2ELPheAey0vjIuZOhOU8=
 modernc.org/mathutil v1.7.1 h1:GCZVGXdaN8gTqB1Mf/usp1Y/hSqgI2vAGGP4jZMCxOU=
 modernc.org/mathutil v1.7.1/go.mod h1:4p5IwJITfppl0G4sUEDtCr4DthTaT47/N3aT6MhfgJg=
 modernc.org/memory v1.11.0 h1:o4QC8aMQzmcwCK3t3Ux/ZHmwFPzE6hf2Y5LbkRs+hbI=
@@ -219,8 +185,8 @@ modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8=
 modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns=
 modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w=
 modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE=
-modernc.org/sqlite v1.38.0 h1:+4OrfPQ8pxHKuWG4md1JpR/EYAh3Md7TdejuuzE7EUI=
-modernc.org/sqlite v1.38.0/go.mod h1:1Bj+yES4SVvBZ4cBOpVZ6QgesMCKpJZDq0nxYzOpmNE=
+modernc.org/sqlite v1.38.2 h1:Aclu7+tgjgcQVShZqim41Bbw9Cho0y/7WzYptXqkEek=
+modernc.org/sqlite v1.38.2/go.mod h1:cPTJYSlgg3Sfg046yBShXENNtPrWrDX8bsbAQBzgQ5E=
 modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0=
 modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A=
 modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=

main.go

@@ -3,8 +3,8 @@ package beszel
 import "github.com/blang/semver"
 
 const (
-	Version = "0.12.0-beta1"
+	Version = "0.12.7"
 	AppName = "beszel"
 )
 
-var MinVersionCbor = semver.MustParse("0.12.0-beta1")
+var MinVersionCbor = semver.MustParse("0.12.0")

readme.md

@@ -16,7 +16,7 @@ It has a friendly web interface, simple configuration, and is ready to use out o
 - **Lightweight**: Smaller and less resource-intensive than leading solutions.
 - **Simple**: Easy setup with little manual configuration required.
 - **Docker stats**: Tracks CPU, memory, and network usage history for each container.
-- **Alerts**: Configurable alerts for CPU, memory, disk, bandwidth, temperature, and status.
+- **Alerts**: Configurable alerts for CPU, memory, disk, bandwidth, temperature, load average, and status.
 - **Multi-user**: Users manage their own systems. Admins can share systems across users.
 - **OAuth / OIDC**: Supports many OAuth2 providers. Password auth can be disabled.
 - **Automatic backups**: Save to and restore from disk or S3-compatible storage.
@@ -27,7 +27,7 @@ It has a friendly web interface, simple configuration, and is ready to use out o
 Beszel consists of two main components: the **hub** and the **agent**.
 
 - **Hub**: A web application built on [PocketBase](https://pocketbase.io/) that provides a dashboard for viewing and managing connected systems.
-- **Agent**: Runs on each system you want to monitor, creating a minimal SSH server to communicate system metrics to the hub.
+- **Agent**: Runs on each system you want to monitor and communicates system metrics to the hub.
 
 ## Getting started
 
@@ -46,8 +46,10 @@ The [quick start guide](https://beszel.dev/guide/getting-started) and other docu
 - **Disk usage** - Host system. Supports multiple partitions and devices.
 - **Disk I/O** - Host system. Supports multiple partitions and devices.
 - **Network usage** - Host system and containers.
+- **Load average** - Host system.
 - **Temperature** - Host system sensors.
 - **GPU usage / temperature / power draw** - Nvidia and AMD only. Must use binary agent.
+- **Battery** - Host system battery charge.
 
 ## Help and discussion
 

src/alerts/alerts.go

@@ -10,7 +10,6 @@ import (
 
 	"github.com/nicholas-fedor/shoutrrr"
 	"github.com/pocketbase/dbx"
-	"github.com/pocketbase/pocketbase/apis"
 	"github.com/pocketbase/pocketbase/core"
 	"github.com/pocketbase/pocketbase/tools/mailer"
 )
@@ -47,6 +46,7 @@ type SystemAlertStats struct {
 	NetSent      float64            `json:"ns"`
 	NetRecv      float64            `json:"nr"`
 	Temperatures map[string]float32 `json:"t"`
+	LoadAvg      [3]float64         `json:"la"`
 }
 
 type SystemAlertData struct {
@@ -87,13 +87,21 @@ var supportsTitle = map[string]struct{}{
 func NewAlertManager(app hubLike) *AlertManager {
 	am := &AlertManager{
 		hub:        app,
-		alertQueue: make(chan alertTask),
+		alertQueue: make(chan alertTask, 5),
 		stopChan:   make(chan struct{}),
 	}
+	am.bindEvents()
 	go am.startWorker()
 	return am
 }
 
+// Bind events to the alerts collection lifecycle
+func (am *AlertManager) bindEvents() {
+	am.hub.OnRecordAfterUpdateSuccess("alerts").BindFunc(updateHistoryOnAlertUpdate)
+	am.hub.OnRecordAfterDeleteSuccess("alerts").BindFunc(resolveHistoryOnAlertDelete)
+}
+
+// SendAlert sends an alert to the user
 func (am *AlertManager) SendAlert(data AlertMessageData) error {
 	// get user settings
 	record, err := am.hub.FindFirstRecordByFilter(
@@ -197,16 +205,14 @@ func (am *AlertManager) SendShoutrrrAlert(notificationUrl, title, message, link,
 }
 
 func (am *AlertManager) SendTestNotification(e *core.RequestEvent) error {
-	info, _ := e.RequestInfo()
-	if info.Auth == nil {
-		return apis.NewForbiddenError("Forbidden", nil)
+	var data struct {
+		URL string `json:"url"`
 	}
-	url := e.Request.URL.Query().Get("url")
-	// log.Println("url", url)
-	if url == "" {
-		return e.JSON(200, map[string]string{"err": "URL is required"})
+	err := e.BindBody(&data)
+	if err != nil || data.URL == "" {
+		return e.BadRequestError("URL is required", err)
 	}
-	err := am.SendShoutrrrAlert(url, "Test Alert", "This is a notification from Beszel.", am.hub.Settings().Meta.AppURL, "View Beszel")
+	err = am.SendShoutrrrAlert(data.URL, "Test Alert", "This is a notification from Beszel.", am.hub.Settings().Meta.AppURL, "View Beszel")
 	if err != nil {
 		return e.JSON(200, map[string]string{"err": err.Error()})
 	}

src/alerts/alerts_api.go

@@ -0,0 +1,119 @@
+package alerts
+
+import (
+	"database/sql"
+	"errors"
+	"net/http"
+
+	"github.com/pocketbase/dbx"
+	"github.com/pocketbase/pocketbase/core"
+)
+
+// UpsertUserAlerts handles API request to create or update alerts for a user
+// across multiple systems (POST /api/beszel/user-alerts)
+func UpsertUserAlerts(e *core.RequestEvent) error {
+	userID := e.Auth.Id
+
+	reqData := struct {
+		Min       uint8    `json:"min"`
+		Value     float64  `json:"value"`
+		Name      string   `json:"name"`
+		Systems   []string `json:"systems"`
+		Overwrite bool     `json:"overwrite"`
+	}{}
+	err := e.BindBody(&reqData)
+	if err != nil || userID == "" || reqData.Name == "" || len(reqData.Systems) == 0 {
+		return e.BadRequestError("Bad data", err)
+	}
+
+	alertsCollection, err := e.App.FindCachedCollectionByNameOrId("alerts")
+	if err != nil {
+		return err
+	}
+
+	err = e.App.RunInTransaction(func(txApp core.App) error {
+		for _, systemId := range reqData.Systems {
+			// find existing matching alert
+			alertRecord, err := txApp.FindFirstRecordByFilter(alertsCollection,
+				"system={:system} && name={:name} && user={:user}",
+				dbx.Params{"system": systemId, "name": reqData.Name, "user": userID})
+
+			if err != nil && !errors.Is(err, sql.ErrNoRows) {
+				return err
+			}
+
+			// skip if alert already exists and overwrite is not set
+			if !reqData.Overwrite && alertRecord != nil {
+				continue
+			}
+
+			// create new alert if it doesn't exist
+			if alertRecord == nil {
+				alertRecord = core.NewRecord(alertsCollection)
+				alertRecord.Set("user", userID)
+				alertRecord.Set("system", systemId)
+				alertRecord.Set("name", reqData.Name)
+			}
+
+			alertRecord.Set("value", reqData.Value)
+			alertRecord.Set("min", reqData.Min)
+
+			if err := txApp.SaveNoValidate(alertRecord); err != nil {
+				return err
+			}
+		}
+		return nil
+	})
+
+	if err != nil {
+		return err
+	}
+
+	return e.JSON(http.StatusOK, map[string]any{"success": true})
+}
+
+// DeleteUserAlerts handles API request to delete alerts for a user across multiple systems
+// (DELETE /api/beszel/user-alerts)
+func DeleteUserAlerts(e *core.RequestEvent) error {
+	userID := e.Auth.Id
+
+	reqData := struct {
+		AlertName string   `json:"name"`
+		Systems   []string `json:"systems"`
+	}{}
+	err := e.BindBody(&reqData)
+	if err != nil || userID == "" || reqData.AlertName == "" || len(reqData.Systems) == 0 {
+		return e.BadRequestError("Bad data", err)
+	}
+
+	var numDeleted uint16
+
+	err = e.App.RunInTransaction(func(txApp core.App) error {
+		for _, systemId := range reqData.Systems {
+			// Find existing alert to delete
+			alertRecord, err := txApp.FindFirstRecordByFilter("alerts",
+				"system={:system} && name={:name} && user={:user}",
+				dbx.Params{"system": systemId, "name": reqData.AlertName, "user": userID})
+
+			if err != nil {
+				if errors.Is(err, sql.ErrNoRows) {
+					// alert doesn't exist, continue to next system
+					continue
+				}
+				return err
+			}
+
+			if err := txApp.Delete(alertRecord); err != nil {
+				return err
+			}
+			numDeleted++
+		}
+		return nil
+	})
+
+	if err != nil {
+		return err
+	}
+
+	return e.JSON(http.StatusOK, map[string]any{"success": true, "count": numDeleted})
+}

src/alerts/alerts_history.go

@@ -0,0 +1,74 @@
+package alerts
+
+import (
+	"time"
+
+	"github.com/pocketbase/dbx"
+	"github.com/pocketbase/pocketbase/core"
+)
+
+// On triggered alert record delete, set matching alert history record to resolved
+func resolveHistoryOnAlertDelete(e *core.RecordEvent) error {
+	if !e.Record.GetBool("triggered") {
+		return e.Next()
+	}
+	_ = resolveAlertHistoryRecord(e.App, e.Record.Id)
+	return e.Next()
+}
+
+// On alert record update, update alert history record
+func updateHistoryOnAlertUpdate(e *core.RecordEvent) error {
+	original := e.Record.Original()
+	new := e.Record
+
+	originalTriggered := original.GetBool("triggered")
+	newTriggered := new.GetBool("triggered")
+
+	// no need to update alert history if triggered state has not changed
+	if originalTriggered == newTriggered {
+		return e.Next()
+	}
+
+	// if new state is triggered, create new alert history record
+	if newTriggered {
+		_, _ = createAlertHistoryRecord(e.App, new)
+		return e.Next()
+	}
+
+	// if new state is not triggered, check for matching alert history record and set it to resolved
+	_ = resolveAlertHistoryRecord(e.App, new.Id)
+	return e.Next()
+}
+
+// resolveAlertHistoryRecord sets the resolved field to the current time
+func resolveAlertHistoryRecord(app core.App, alertRecordID string) error {
+	alertHistoryRecord, err := app.FindFirstRecordByFilter("alerts_history", "alert_id={:alert_id} && resolved=null", dbx.Params{"alert_id": alertRecordID})
+	if err != nil || alertHistoryRecord == nil {
+		return err
+	}
+	alertHistoryRecord.Set("resolved", time.Now().UTC())
+	err = app.Save(alertHistoryRecord)
+	if err != nil {
+		app.Logger().Error("Failed to resolve alert history", "err", err)
+	}
+	return err
+}
+
+// createAlertHistoryRecord creates a new alert history record
+func createAlertHistoryRecord(app core.App, alertRecord *core.Record) (alertHistoryRecord *core.Record, err error) {
+	alertHistoryCollection, err := app.FindCachedCollectionByNameOrId("alerts_history")
+	if err != nil {
+		return nil, err
+	}
+	alertHistoryRecord = core.NewRecord(alertHistoryCollection)
+	alertHistoryRecord.Set("alert_id", alertRecord.Id)
+	alertHistoryRecord.Set("user", alertRecord.GetString("user"))
+	alertHistoryRecord.Set("system", alertRecord.GetString("system"))
+	alertHistoryRecord.Set("name", alertRecord.GetString("name"))
+	alertHistoryRecord.Set("value", alertRecord.GetFloat("value"))
+	err = app.Save(alertHistoryRecord)
+	if err != nil {
+		app.Logger().Error("Failed to save alert history", "err", err)
+	}
+	return alertHistoryRecord, err
+}

src/alerts/alerts_status.go

@@ -136,6 +136,14 @@ func (am *AlertManager) handleSystemUp(systemName string, alertRecords []*core.R
 
 // sendStatusAlert sends a status alert ("up" or "down") to the users associated with the alert records.
 func (am *AlertManager) sendStatusAlert(alertStatus string, systemName string, alertRecord *core.Record) error {
+	switch alertStatus {
+	case "up":
+		alertRecord.Set("triggered", false)
+	case "down":
+		alertRecord.Set("triggered", true)
+	}
+	am.hub.Save(alertRecord)
+
 	var emoji string
 	if alertStatus == "up" {
 		emoji = "\u2705" // Green checkmark emoji
@@ -146,16 +154,16 @@ func (am *AlertManager) sendStatusAlert(alertStatus string, systemName string, a
 	title := fmt.Sprintf("Connection to %s is %s %v", systemName, alertStatus, emoji)
 	message := strings.TrimSuffix(title, emoji)
 
-	if errs := am.hub.ExpandRecord(alertRecord, []string{"user"}, nil); len(errs) > 0 {
-		return errs["user"]
-	}
-	user := alertRecord.ExpandedOne("user")
-	if user == nil {
-		return nil
-	}
+	// if errs := am.hub.ExpandRecord(alertRecord, []string{"user"}, nil); len(errs) > 0 {
+	// 	return errs["user"]
+	// }
+	// user := alertRecord.ExpandedOne("user")
+	// if user == nil {
+	// 	return nil
+	// }
 
 	return am.SendAlert(AlertMessageData{
-		UserID:   user.Id,
+		UserID:   alertRecord.GetString("user"),
 		Title:    title,
 		Message:  message,
 		Link:     am.hub.MakeLink("system", systemName),

src/alerts/alerts_system.go

@@ -1,12 +1,13 @@
 package alerts
 
 import (
-	"beszel/internal/entities/system"
 	"encoding/json"
 	"fmt"
 	"strings"
 	"time"
 
+	"github.com/henrygd/beszel/src/entities/system"
+
 	"github.com/pocketbase/dbx"
 	"github.com/pocketbase/pocketbase/core"
 	"github.com/pocketbase/pocketbase/tools/types"
@@ -15,7 +16,7 @@ import (
 
 func (am *AlertManager) HandleSystemAlerts(systemRecord *core.Record, data *system.CombinedData) error {
 	alertRecords, err := am.hub.FindAllRecords("alerts",
-		dbx.NewExp("system={:system}", dbx.Params{"system": systemRecord.Id}),
+		dbx.NewExp("system={:system} AND name!='Status'", dbx.Params{"system": systemRecord.Id}),
 	)
 	if err != nil || len(alertRecords) == 0 {
 		// log.Println("no alerts found for system")
@@ -54,6 +55,15 @@ func (am *AlertManager) HandleSystemAlerts(systemRecord *core.Record, data *syst
 			}
 			val = data.Info.DashboardTemp
 			unit = "°C"
+		case "LoadAvg1":
+			val = data.Info.LoadAvg[0]
+			unit = ""
+		case "LoadAvg5":
+			val = data.Info.LoadAvg[1]
+			unit = ""
+		case "LoadAvg15":
+			val = data.Info.LoadAvg[2]
+			unit = ""
 		}
 
 		triggered := alertRecord.GetBool("triggered")
@@ -190,6 +200,12 @@ func (am *AlertManager) HandleSystemAlerts(systemRecord *core.Record, data *syst
 					}
 					alert.mapSums[key] += temp
 				}
+			case "LoadAvg1":
+				alert.val += stats.LoadAvg[0]
+			case "LoadAvg5":
+				alert.val += stats.LoadAvg[1]
+			case "LoadAvg15":
+				alert.val += stats.LoadAvg[2]
 			default:
 				continue
 			}
@@ -247,6 +263,10 @@ func (am *AlertManager) sendSystemAlert(alert SystemAlertData) {
 	if alert.name == "Disk" {
 		alert.name += " usage"
 	}
+	// format LoadAvg5 and LoadAvg15
+	if after, ok := strings.CutPrefix(alert.name, "LoadAvg"); ok {
+		alert.name = after + "m Load"
+	}
 
 	// make title alert name lowercase if not CPU
 	titleAlertName := alert.name
@@ -274,18 +294,11 @@ func (am *AlertManager) sendSystemAlert(alert SystemAlertData) {
 		// app.Logger().Error("failed to save alert record", "err", err)
 		return
 	}
-	// expand the user relation and send the alert
-	if errs := am.hub.ExpandRecord(alert.alertRecord, []string{"user"}, nil); len(errs) > 0 {
-		// app.Logger().Error("failed to expand user relation", "errs", errs)
-		return
-	}
-	if user := alert.alertRecord.ExpandedOne("user"); user != nil {
-		am.SendAlert(AlertMessageData{
-			UserID:   user.Id,
-			Title:    subject,
-			Message:  body,
-			Link:     am.hub.MakeLink("system", systemName),
-			LinkText: "View " + systemName,
-		})
-	}
+	am.SendAlert(AlertMessageData{
+		UserID:   alert.alertRecord.GetString("user"),
+		Title:    subject,
+		Message:  body,
+		Link:     am.hub.MakeLink("system", systemName),
+		LinkText: "View " + systemName,
+	})
 }

src/alerts/alerts_test.go

@@ -0,0 +1,604 @@
+//go:build testing
+// +build testing
+
+package alerts_test
+
+import (
+	"bytes"
+	"encoding/json"
+	"io"
+	"net/http"
+	"strings"
+	"testing"
+	"testing/synctest"
+	"time"
+
+	beszelTests "github.com/henrygd/beszel/src/tests"
+
+	"github.com/pocketbase/dbx"
+	"github.com/pocketbase/pocketbase/core"
+	pbTests "github.com/pocketbase/pocketbase/tests"
+	"github.com/stretchr/testify/assert"
+)
+
+// marshal to json and return an io.Reader (for use in ApiScenario.Body)
+func jsonReader(v any) io.Reader {
+	data, err := json.Marshal(v)
+	if err != nil {
+		panic(err)
+	}
+	return bytes.NewReader(data)
+}
+
+func TestUserAlertsApi(t *testing.T) {
+	hub, _ := beszelTests.NewTestHub(t.TempDir())
+	defer hub.Cleanup()
+
+	hub.StartHub()
+
+	user1, _ := beszelTests.CreateUser(hub, "alertstest@example.com", "password")
+	user1Token, _ := user1.NewAuthToken()
+
+	user2, _ := beszelTests.CreateUser(hub, "alertstest2@example.com", "password")
+	user2Token, _ := user2.NewAuthToken()
+
+	system1, _ := beszelTests.CreateRecord(hub, "systems", map[string]any{
+		"name":  "system1",
+		"users": []string{user1.Id},
+		"host":  "127.0.0.1",
+	})
+
+	system2, _ := beszelTests.CreateRecord(hub, "systems", map[string]any{
+		"name":  "system2",
+		"users": []string{user1.Id, user2.Id},
+		"host":  "127.0.0.2",
+	})
+
+	userRecords, _ := hub.CountRecords("users")
+	assert.EqualValues(t, 2, userRecords, "all users should be created")
+
+	systemRecords, _ := hub.CountRecords("systems")
+	assert.EqualValues(t, 2, systemRecords, "all systems should be created")
+
+	testAppFactory := func(t testing.TB) *pbTests.TestApp {
+		return hub.TestApp
+	}
+
+	scenarios := []beszelTests.ApiScenario{
+		// {
+		// 	Name:            "GET not implemented - returns index",
+		// 	Method:          http.MethodGet,
+		// 	URL:             "/api/beszel/user-alerts",
+		// 	ExpectedStatus:  200,
+		// 	ExpectedContent: []string{"<html ", "globalThis.BESZEL"},
+		// 	TestAppFactory:  testAppFactory,
+		// },
+		{
+			Name:            "POST no auth",
+			Method:          http.MethodPost,
+			URL:             "/api/beszel/user-alerts",
+			ExpectedStatus:  401,
+			ExpectedContent: []string{"requires valid"},
+			TestAppFactory:  testAppFactory,
+		},
+		{
+			Name:   "POST no body",
+			Method: http.MethodPost,
+			URL:    "/api/beszel/user-alerts",
+			Headers: map[string]string{
+				"Authorization": user1Token,
+			},
+			ExpectedStatus:  400,
+			ExpectedContent: []string{"Bad data"},
+			TestAppFactory:  testAppFactory,
+		},
+		{
+			Name:   "POST bad data",
+			Method: http.MethodPost,
+			URL:    "/api/beszel/user-alerts",
+			Headers: map[string]string{
+				"Authorization": user1Token,
+			},
+			ExpectedStatus:  400,
+			ExpectedContent: []string{"Bad data"},
+			TestAppFactory:  testAppFactory,
+			Body: jsonReader(map[string]any{
+				"invalidField": "this should cause validation error",
+				"threshold":    "not a number",
+			}),
+		},
+		{
+			Name:   "POST malformed JSON",
+			Method: http.MethodPost,
+			URL:    "/api/beszel/user-alerts",
+			Headers: map[string]string{
+				"Authorization": user1Token,
+			},
+			ExpectedStatus:  400,
+			ExpectedContent: []string{"Bad data"},
+			TestAppFactory:  testAppFactory,
+			Body:            strings.NewReader(`{"alertType": "cpu", "threshold": 80, "enabled": true,}`),
+		},
+		{
+			Name:   "POST valid alert data multiple systems",
+			Method: http.MethodPost,
+			URL:    "/api/beszel/user-alerts",
+			Headers: map[string]string{
+				"Authorization": user1Token,
+			},
+			ExpectedStatus:  200,
+			ExpectedContent: []string{"\"success\":true"},
+			TestAppFactory:  testAppFactory,
+			Body: jsonReader(map[string]any{
+				"name":      "CPU",
+				"value":     69,
+				"min":       9,
+				"systems":   []string{system1.Id, system2.Id},
+				"overwrite": false,
+			}),
+			AfterTestFunc: func(t testing.TB, app *pbTests.TestApp, res *http.Response) {
+				// check total alerts
+				alerts, _ := app.CountRecords("alerts")
+				assert.EqualValues(t, 2, alerts, "should have 2 alerts")
+				// check alert has correct values
+				matchingAlerts, _ := app.CountRecords("alerts", dbx.HashExp{"name": "CPU", "user": user1.Id, "system": system1.Id, "value": 69, "min": 9})
+				assert.EqualValues(t, 1, matchingAlerts, "should have 1 alert")
+			},
+		},
+		{
+			Name:   "POST valid alert data single system",
+			Method: http.MethodPost,
+			URL:    "/api/beszel/user-alerts",
+			Headers: map[string]string{
+				"Authorization": user1Token,
+			},
+			ExpectedStatus:  200,
+			ExpectedContent: []string{"\"success\":true"},
+			TestAppFactory:  testAppFactory,
+			Body: jsonReader(map[string]any{
+				"name":    "Memory",
+				"systems": []string{system1.Id},
+				"value":   90,
+				"min":     10,
+			}),
+			AfterTestFunc: func(t testing.TB, app *pbTests.TestApp, res *http.Response) {
+				user1Alerts, _ := app.CountRecords("alerts", dbx.HashExp{"user": user1.Id})
+				assert.EqualValues(t, 3, user1Alerts, "should have 3 alerts")
+			},
+		},
+		{
+			Name:   "Overwrite: false, should not overwrite existing alert",
+			Method: http.MethodPost,
+			URL:    "/api/beszel/user-alerts",
+			Headers: map[string]string{
+				"Authorization": user1Token,
+			},
+			ExpectedStatus:  200,
+			ExpectedContent: []string{"\"success\":true"},
+			TestAppFactory:  testAppFactory,
+			Body: jsonReader(map[string]any{
+				"name":      "CPU",
+				"value":     45,
+				"min":       5,
+				"systems":   []string{system1.Id},
+				"overwrite": false,
+			}),
+			BeforeTestFunc: func(t testing.TB, app *pbTests.TestApp, e *core.ServeEvent) {
+				beszelTests.ClearCollection(t, app, "alerts")
+				beszelTests.CreateRecord(app, "alerts", map[string]any{
+					"name":   "CPU",
+					"system": system1.Id,
+					"user":   user1.Id,
+					"value":  80,
+					"min":    10,
+				})
+			},
+			AfterTestFunc: func(t testing.TB, app *pbTests.TestApp, res *http.Response) {
+				alerts, _ := app.CountRecords("alerts")
+				assert.EqualValues(t, 1, alerts, "should have 1 alert")
+				alert, _ := app.FindFirstRecordByFilter("alerts", "name = 'CPU' && user = {:user}", dbx.Params{"user": user1.Id})
+				assert.EqualValues(t, 80, alert.Get("value"), "should have 80 as value")
+			},
+		},
+		{
+			Name:   "Overwrite: true, should overwrite existing alert",
+			Method: http.MethodPost,
+			URL:    "/api/beszel/user-alerts",
+			Headers: map[string]string{
+				"Authorization": user2Token,
+			},
+			ExpectedStatus:  200,
+			ExpectedContent: []string{"\"success\":true"},
+			TestAppFactory:  testAppFactory,
+			Body: jsonReader(map[string]any{
+				"name":      "CPU",
+				"value":     45,
+				"min":       5,
+				"systems":   []string{system2.Id},
+				"overwrite": true,
+			}),
+			BeforeTestFunc: func(t testing.TB, app *pbTests.TestApp, e *core.ServeEvent) {
+				beszelTests.ClearCollection(t, app, "alerts")
+				beszelTests.CreateRecord(app, "alerts", map[string]any{
+					"name":   "CPU",
+					"system": system2.Id,
+					"user":   user2.Id,
+					"value":  80,
+					"min":    10,
+				})
+			},
+			AfterTestFunc: func(t testing.TB, app *pbTests.TestApp, res *http.Response) {
+				alerts, _ := app.CountRecords("alerts")
+				assert.EqualValues(t, 1, alerts, "should have 1 alert")
+				alert, _ := app.FindFirstRecordByFilter("alerts", "name = 'CPU' && user = {:user}", dbx.Params{"user": user2.Id})
+				assert.EqualValues(t, 45, alert.Get("value"), "should have 45 as value")
+			},
+		},
+		{
+			Name:            "DELETE no auth",
+			Method:          http.MethodDelete,
+			URL:             "/api/beszel/user-alerts",
+			ExpectedStatus:  401,
+			ExpectedContent: []string{"requires valid"},
+			TestAppFactory:  testAppFactory,
+			Body: jsonReader(map[string]any{
+				"name":    "CPU",
+				"systems": []string{system1.Id},
+			}),
+			BeforeTestFunc: func(t testing.TB, app *pbTests.TestApp, e *core.ServeEvent) {
+				beszelTests.ClearCollection(t, app, "alerts")
+				beszelTests.CreateRecord(app, "alerts", map[string]any{
+					"name":   "CPU",
+					"system": system1.Id,
+					"user":   user1.Id,
+					"value":  80,
+					"min":    10,
+				})
+			},
+			AfterTestFunc: func(t testing.TB, app *pbTests.TestApp, res *http.Response) {
+				alerts, _ := app.CountRecords("alerts")
+				assert.EqualValues(t, 1, alerts, "should have 1 alert")
+			},
+		},
+		{
+			Name:   "DELETE alert",
+			Method: http.MethodDelete,
+			URL:    "/api/beszel/user-alerts",
+			Headers: map[string]string{
+				"Authorization": user1Token,
+			},
+			ExpectedStatus:  200,
+			ExpectedContent: []string{"\"count\":1", "\"success\":true"},
+			TestAppFactory:  testAppFactory,
+			Body: jsonReader(map[string]any{
+				"name":    "CPU",
+				"systems": []string{system1.Id},
+			}),
+			BeforeTestFunc: func(t testing.TB, app *pbTests.TestApp, e *core.ServeEvent) {
+				beszelTests.ClearCollection(t, app, "alerts")
+				beszelTests.CreateRecord(app, "alerts", map[string]any{
+					"name":   "CPU",
+					"system": system1.Id,
+					"user":   user1.Id,
+					"value":  80,
+					"min":    10,
+				})
+			},
+			AfterTestFunc: func(t testing.TB, app *pbTests.TestApp, res *http.Response) {
+				alerts, _ := app.CountRecords("alerts")
+				assert.Zero(t, alerts, "should have 0 alerts")
+			},
+		},
+		{
+			Name:   "DELETE alert multiple systems",
+			Method: http.MethodDelete,
+			URL:    "/api/beszel/user-alerts",
+			Headers: map[string]string{
+				"Authorization": user1Token,
+			},
+			ExpectedStatus:  200,
+			ExpectedContent: []string{"\"count\":2", "\"success\":true"},
+			TestAppFactory:  testAppFactory,
+			Body: jsonReader(map[string]any{
+				"name":    "Memory",
+				"systems": []string{system1.Id, system2.Id},
+			}),
+			BeforeTestFunc: func(t testing.TB, app *pbTests.TestApp, e *core.ServeEvent) {
+				beszelTests.ClearCollection(t, app, "alerts")
+				for _, systemId := range []string{system1.Id, system2.Id} {
+					_, err := beszelTests.CreateRecord(app, "alerts", map[string]any{
+						"name":   "Memory",
+						"system": systemId,
+						"user":   user1.Id,
+						"value":  90,
+						"min":    10,
+					})
+					assert.NoError(t, err, "should create alert")
+				}
+				alerts, _ := app.CountRecords("alerts")
+				assert.EqualValues(t, 2, alerts, "should have 2 alerts")
+			},
+			AfterTestFunc: func(t testing.TB, app *pbTests.TestApp, res *http.Response) {
+				alerts, _ := app.CountRecords("alerts")
+				assert.Zero(t, alerts, "should have 0 alerts")
+			},
+		},
+		{
+			Name:   "User 2 should not be able to delete alert of user 1",
+			Method: http.MethodDelete,
+			URL:    "/api/beszel/user-alerts",
+			Headers: map[string]string{
+				"Authorization": user2Token,
+			},
+			ExpectedStatus:  200,
+			ExpectedContent: []string{"\"count\":1", "\"success\":true"},
+			TestAppFactory:  testAppFactory,
+			Body: jsonReader(map[string]any{
+				"name":    "CPU",
+				"systems": []string{system2.Id},
+			}),
+			BeforeTestFunc: func(t testing.TB, app *pbTests.TestApp, e *core.ServeEvent) {
+				beszelTests.ClearCollection(t, app, "alerts")
+				for _, user := range []string{user1.Id, user2.Id} {
+					beszelTests.CreateRecord(app, "alerts", map[string]any{
+						"name":   "CPU",
+						"system": system2.Id,
+						"user":   user,
+						"value":  80,
+						"min":    10,
+					})
+				}
+				alerts, _ := app.CountRecords("alerts")
+				assert.EqualValues(t, 2, alerts, "should have 2 alerts")
+				user1AlertCount, _ := app.CountRecords("alerts", dbx.HashExp{"user": user1.Id})
+				assert.EqualValues(t, 1, user1AlertCount, "should have 1 alert")
+				user2AlertCount, _ := app.CountRecords("alerts", dbx.HashExp{"user": user2.Id})
+				assert.EqualValues(t, 1, user2AlertCount, "should have 1 alert")
+			},
+			AfterTestFunc: func(t testing.TB, app *pbTests.TestApp, res *http.Response) {
+				user1AlertCount, _ := app.CountRecords("alerts", dbx.HashExp{"user": user1.Id})
+				assert.EqualValues(t, 1, user1AlertCount, "should have 1 alert")
+				user2AlertCount, _ := app.CountRecords("alerts", dbx.HashExp{"user": user2.Id})
+				assert.Zero(t, user2AlertCount, "should have 0 alerts")
+			},
+		},
+	}
+
+	for _, scenario := range scenarios {
+		scenario.Test(t)
+	}
+}
+
+func getHubWithUser(t *testing.T) (*beszelTests.TestHub, *core.Record) {
+	hub, err := beszelTests.NewTestHub(t.TempDir())
+	assert.NoError(t, err)
+	hub.StartHub()
+
+	// Manually initialize the system manager to bind event hooks
+	err = hub.GetSystemManager().Initialize()
+	assert.NoError(t, err)
+
+	// Create a test user
+	user, err := beszelTests.CreateUser(hub, "test@example.com", "password")
+	assert.NoError(t, err)
+
+	// Create user settings for the test user (required for alert notifications)
+	userSettingsData := map[string]any{
+		"user":     user.Id,
+		"settings": `{"emails":[test@example.com],"webhooks":[]}`,
+	}
+	_, err = beszelTests.CreateRecord(hub, "user_settings", userSettingsData)
+	assert.NoError(t, err)
+
+	return hub, user
+}
+
+func TestStatusAlerts(t *testing.T) {
+	synctest.Test(t, func(t *testing.T) {
+		hub, user := getHubWithUser(t)
+		defer hub.Cleanup()
+
+		systems, err := beszelTests.CreateSystems(hub, 4, user.Id, "paused")
+		assert.NoError(t, err)
+
+		var alerts []*core.Record
+		for i, system := range systems {
+			alert, err := beszelTests.CreateRecord(hub, "alerts", map[string]any{
+				"name":   "Status",
+				"system": system.Id,
+				"user":   user.Id,
+				"min":    i + 1,
+			})
+			assert.NoError(t, err)
+			alerts = append(alerts, alert)
+		}
+
+		time.Sleep(10 * time.Millisecond)
+
+		for _, alert := range alerts {
+			assert.False(t, alert.GetBool("triggered"), "Alert should not be triggered immediately")
+		}
+		if hub.TestMailer.TotalSend() != 0 {
+			assert.Zero(t, hub.TestMailer.TotalSend(), "Expected 0 messages, got %d", hub.TestMailer.TotalSend())
+		}
+		for _, system := range systems {
+			assert.EqualValues(t, "paused", system.GetString("status"), "System should be paused")
+		}
+		for _, system := range systems {
+			system.Set("status", "up")
+			err = hub.SaveNoValidate(system)
+			assert.NoError(t, err)
+		}
+		time.Sleep(time.Second)
+		assert.EqualValues(t, 0, hub.GetPendingAlertsCount(), "should have 0 alerts in the pendingAlerts map")
+		for _, system := range systems {
+			system.Set("status", "down")
+			err = hub.SaveNoValidate(system)
+			assert.NoError(t, err)
+		}
+		// after 30 seconds, should have 4 alerts in the pendingAlerts map, no triggered alerts
+		time.Sleep(time.Second * 30)
+		assert.EqualValues(t, 4, hub.GetPendingAlertsCount(), "should have 4 alerts in the pendingAlerts map")
+		triggeredCount, err := hub.CountRecords("alerts", dbx.HashExp{"triggered": true})
+		assert.NoError(t, err)
+		assert.EqualValues(t, 0, triggeredCount, "should have 0 alert triggered")
+		assert.EqualValues(t, 0, hub.TestMailer.TotalSend(), "should have 0 messages sent")
+		// after 1:30 seconds, should have 1 triggered alert and 3 pending alerts
+		time.Sleep(time.Second * 60)
+		assert.EqualValues(t, 3, hub.GetPendingAlertsCount(), "should have 3 alerts in the pendingAlerts map")
+		triggeredCount, err = hub.CountRecords("alerts", dbx.HashExp{"triggered": true})
+		assert.NoError(t, err)
+		assert.EqualValues(t, 1, triggeredCount, "should have 1 alert triggered")
+		assert.EqualValues(t, 1, hub.TestMailer.TotalSend(), "should have 1 messages sent")
+		// after 2:30 seconds, should have 2 triggered alerts and 2 pending alerts
+		time.Sleep(time.Second * 60)
+		assert.EqualValues(t, 2, hub.GetPendingAlertsCount(), "should have 2 alerts in the pendingAlerts map")
+		triggeredCount, err = hub.CountRecords("alerts", dbx.HashExp{"triggered": true})
+		assert.NoError(t, err)
+		assert.EqualValues(t, 2, triggeredCount, "should have 2 alert triggered")
+		assert.EqualValues(t, 2, hub.TestMailer.TotalSend(), "should have 2 messages sent")
+		// now we will bring the remaning systems back up
+		for _, system := range systems {
+			system.Set("status", "up")
+			err = hub.SaveNoValidate(system)
+			assert.NoError(t, err)
+		}
+		time.Sleep(time.Second)
+		// should have 0 alerts in the pendingAlerts map and 0 alerts triggered
+		assert.EqualValues(t, 0, hub.GetPendingAlertsCount(), "should have 0 alerts in the pendingAlerts map")
+		triggeredCount, err = hub.CountRecords("alerts", dbx.HashExp{"triggered": true})
+		assert.NoError(t, err)
+		assert.Zero(t, triggeredCount, "should have 0 alert triggered")
+		// 4 messages sent, 2 down alerts and 2 up alerts for first 2 systems
+		assert.EqualValues(t, 4, hub.TestMailer.TotalSend(), "should have 4 messages sent")
+	})
+}
+
+func TestAlertsHistory(t *testing.T) {
+	synctest.Test(t, func(t *testing.T) {
+		hub, user := getHubWithUser(t)
+		defer hub.Cleanup()
+
+		// Create systems and alerts
+		systems, err := beszelTests.CreateSystems(hub, 1, user.Id, "up")
+		assert.NoError(t, err)
+		system := systems[0]
+
+		alert, err := beszelTests.CreateRecord(hub, "alerts", map[string]any{
+			"name":   "Status",
+			"system": system.Id,
+			"user":   user.Id,
+			"min":    1,
+		})
+		assert.NoError(t, err)
+
+		// Initially, no alert history records should exist
+		initialHistoryCount, err := hub.CountRecords("alerts_history", nil)
+		assert.NoError(t, err)
+		assert.Zero(t, initialHistoryCount, "Should have 0 alert history records initially")
+
+		// Set system to up initially
+		system.Set("status", "up")
+		err = hub.SaveNoValidate(system)
+		assert.NoError(t, err)
+		time.Sleep(10 * time.Millisecond)
+
+		// Set system to down to trigger alert
+		system.Set("status", "down")
+		err = hub.SaveNoValidate(system)
+		assert.NoError(t, err)
+
+		// Wait for alert to trigger (after the downtime delay)
+		// With 1 minute delay, we need to wait at least 1 minute + some buffer
+		time.Sleep(time.Second * 75)
+
+		// Check that alert is triggered
+		triggeredCount, err := hub.CountRecords("alerts", dbx.HashExp{"triggered": true, "id": alert.Id})
+		assert.NoError(t, err)
+		assert.EqualValues(t, 1, triggeredCount, "Alert should be triggered")
+
+		// Check that alert history record was created
+		historyCount, err := hub.CountRecords("alerts_history", dbx.HashExp{"alert_id": alert.Id})
+		assert.NoError(t, err)
+		assert.EqualValues(t, 1, historyCount, "Should have 1 alert history record for triggered alert")
+
+		// Get the alert history record and verify it's not resolved immediately
+		historyRecord, err := hub.FindFirstRecordByFilter("alerts_history", "alert_id={:alert_id}", dbx.Params{"alert_id": alert.Id})
+		assert.NoError(t, err)
+		assert.NotNil(t, historyRecord, "Alert history record should exist")
+		assert.Equal(t, alert.Id, historyRecord.GetString("alert_id"), "Alert history should reference correct alert")
+		assert.Equal(t, system.Id, historyRecord.GetString("system"), "Alert history should reference correct system")
+		assert.Equal(t, "Status", historyRecord.GetString("name"), "Alert history should have correct name")
+
+		// The alert history might be resolved immediately in some cases, so let's check the alert's triggered status
+		alertRecord, err := hub.FindFirstRecordByFilter("alerts", "id={:id}", dbx.Params{"id": alert.Id})
+		assert.NoError(t, err)
+		assert.True(t, alertRecord.GetBool("triggered"), "Alert should still be triggered when checking history")
+
+		// Now resolve the alert by setting system back to up
+		system.Set("status", "up")
+		err = hub.SaveNoValidate(system)
+		assert.NoError(t, err)
+		time.Sleep(200 * time.Millisecond)
+
+		// Check that alert is no longer triggered
+		triggeredCount, err = hub.CountRecords("alerts", dbx.HashExp{"triggered": true, "id": alert.Id})
+		assert.NoError(t, err)
+		assert.Zero(t, triggeredCount, "Alert should not be triggered after system is back up")
+
+		// Check that alert history record is now resolved
+		historyRecord, err = hub.FindFirstRecordByFilter("alerts_history", "alert_id={:alert_id}", dbx.Params{"alert_id": alert.Id})
+		assert.NoError(t, err)
+		assert.NotNil(t, historyRecord, "Alert history record should still exist")
+		assert.NotNil(t, historyRecord.Get("resolved"), "Alert history should be resolved")
+
+		// Test deleting a triggered alert resolves its history
+		// Create another system and alert
+		systems2, err := beszelTests.CreateSystems(hub, 1, user.Id, "up")
+		assert.NoError(t, err)
+		system2 := systems2[0]
+		system2.Set("name", "test-system-2") // Rename for clarity
+		err = hub.SaveNoValidate(system2)
+		assert.NoError(t, err)
+
+		alert2, err := beszelTests.CreateRecord(hub, "alerts", map[string]any{
+			"name":   "Status",
+			"system": system2.Id,
+			"user":   user.Id,
+			"min":    1,
+		})
+		assert.NoError(t, err)
+
+		// Set system2 to down to trigger alert
+		system2.Set("status", "down")
+		err = hub.SaveNoValidate(system2)
+		assert.NoError(t, err)
+
+		// Wait for alert to trigger
+		time.Sleep(time.Second * 75)
+
+		// Verify alert is triggered and history record exists
+		triggeredCount, err = hub.CountRecords("alerts", dbx.HashExp{"triggered": true, "id": alert2.Id})
+		assert.NoError(t, err)
+		assert.EqualValues(t, 1, triggeredCount, "Second alert should be triggered")
+
+		historyCount, err = hub.CountRecords("alerts_history", dbx.HashExp{"alert_id": alert2.Id})
+		assert.NoError(t, err)
+		assert.EqualValues(t, 1, historyCount, "Should have 1 alert history record for second alert")
+
+		// Delete the triggered alert
+		err = hub.Delete(alert2)
+		assert.NoError(t, err)
+
+		// Check that alert history record is resolved after deletion
+		historyRecord2, err := hub.FindFirstRecordByFilter("alerts_history", "alert_id={:alert_id}", dbx.Params{"alert_id": alert2.Id})
+		assert.NoError(t, err)
+		assert.NotNil(t, historyRecord2, "Alert history record should still exist after alert deletion")
+		assert.NotNil(t, historyRecord2.Get("resolved"), "Alert history should be resolved after alert deletion")
+
+		// Verify total history count is correct (2 records total)
+		totalHistoryCount, err := hub.CountRecords("alerts_history", nil)
+		assert.NoError(t, err)
+		assert.EqualValues(t, 2, totalHistoryCount, "Should have 2 total alert history records")
+	})
+}

src/alerts/alerts_test_helpers.go

@@ -0,0 +1,55 @@
+package alerts
+
+import (
+	"sync"
+	"time"
+
+	"github.com/pocketbase/pocketbase/core"
+)
+
+func (am *AlertManager) GetAlertManager() *AlertManager {
+	return am
+}
+
+func (am *AlertManager) GetPendingAlerts() *sync.Map {
+	return &am.pendingAlerts
+}
+
+func (am *AlertManager) GetPendingAlertsCount() int {
+	count := 0
+	am.pendingAlerts.Range(func(key, value any) bool {
+		count++
+		return true
+	})
+	return count
+}
+
+// ProcessPendingAlerts manually processes all expired alerts (for testing)
+func (am *AlertManager) ProcessPendingAlerts() ([]*core.Record, error) {
+	now := time.Now()
+	var lastErr error
+	var processedAlerts []*core.Record
+	am.pendingAlerts.Range(func(key, value any) bool {
+		info := value.(*alertInfo)
+		if now.After(info.expireTime) {
+			// Downtime delay has passed, process alert
+			if err := am.sendStatusAlert("down", info.systemName, info.alertRecord); err != nil {
+				lastErr = err
+			}
+			processedAlerts = append(processedAlerts, info.alertRecord)
+			am.pendingAlerts.Delete(key)
+		}
+		return true
+	})
+	return processedAlerts, lastErr
+}
+
+// ForceExpirePendingAlerts sets all pending alerts to expire immediately (for testing)
+func (am *AlertManager) ForceExpirePendingAlerts() {
+	now := time.Now()
+	am.pendingAlerts.Range(func(key, value any) bool {
+		info := value.(*alertInfo)
+		info.expireTime = now.Add(-time.Second) // Set to 1 second ago
+		return true
+	})
+}

src/cmd/agent/agent.go

@@ -0,0 +1,157 @@
+package main
+
+import (
+	"fmt"
+	"log"
+	"os"
+	"strings"
+
+	"github.com/henrygd/beszel"
+	"github.com/henrygd/beszel/agent"
+	"github.com/henrygd/beszel/agent/health"
+	"github.com/spf13/pflag"
+	"golang.org/x/crypto/ssh"
+)
+
+// cli options
+type cmdOptions struct {
+	key    string // key is the public key(s) for SSH authentication.
+	listen string // listen is the address or port to listen on.
+	// TODO: add hubURL and token
+	// hubURL string // hubURL is the URL of the hub to use.
+	// token  string // token is the token to use for authentication.
+}
+
+// parse parses the command line flags and populates the config struct.
+// It returns true if a subcommand was handled and the program should exit.
+func (opts *cmdOptions) parse() bool {
+	subcommand := ""
+	if len(os.Args) > 1 {
+		subcommand = os.Args[1]
+	}
+
+	// Subcommands that don't require any pflag parsing
+	switch subcommand {
+	case "-v", "version":
+		fmt.Println(beszel.AppName+"-agent", beszel.Version)
+		return true
+	case "health":
+		err := health.Check()
+		if err != nil {
+			log.Fatal(err)
+		}
+		fmt.Print("ok")
+		return true
+	}
+
+	// pflag.CommandLine.ParseErrorsWhitelist.UnknownFlags = true
+	pflag.StringVarP(&opts.key, "key", "k", "", "Public key(s) for SSH authentication")
+	pflag.StringVarP(&opts.listen, "listen", "l", "", "Address or port to listen on")
+	// pflag.StringVarP(&opts.hubURL, "hub-url", "u", "", "URL of the hub to use")
+	// pflag.StringVarP(&opts.token, "token", "t", "", "Token to use for authentication")
+	chinaMirrors := pflag.BoolP("china-mirrors", "c", false, "Use mirror for update (gh.beszel.dev) instead of GitHub")
+	help := pflag.BoolP("help", "h", false, "Show this help message")
+
+	// Convert old single-dash long flags to double-dash for backward compatibility
+	flagsToConvert := []string{"key", "listen"}
+	for i, arg := range os.Args {
+		for _, flag := range flagsToConvert {
+			singleDash := "-" + flag
+			doubleDash := "--" + flag
+			if arg == singleDash {
+				os.Args[i] = doubleDash
+				break
+			} else if strings.HasPrefix(arg, singleDash+"=") {
+				os.Args[i] = doubleDash + arg[len(singleDash):]
+				break
+			}
+		}
+	}
+
+	pflag.Usage = func() {
+		builder := strings.Builder{}
+		builder.WriteString("Usage: ")
+		builder.WriteString(os.Args[0])
+		builder.WriteString(" [command] [flags]\n")
+		builder.WriteString("\nCommands:\n")
+		builder.WriteString("  health    Check if the agent is running\n")
+		// builder.WriteString("  help      Display this help message\n")
+		builder.WriteString("  update    Update to the latest version\n")
+		builder.WriteString("\nFlags:\n")
+		fmt.Print(builder.String())
+		pflag.PrintDefaults()
+	}
+
+	// Parse all arguments with pflag
+	pflag.Parse()
+
+	// Must run after pflag.Parse()
+	switch {
+	case *help || subcommand == "help":
+		pflag.Usage()
+		return true
+	case subcommand == "update":
+		agent.Update(*chinaMirrors)
+		return true
+	}
+
+	return false
+}
+
+// loadPublicKeys loads the public keys from the command line flag, environment variable, or key file.
+func (opts *cmdOptions) loadPublicKeys() ([]ssh.PublicKey, error) {
+	// Try command line flag first
+	if opts.key != "" {
+		return agent.ParseKeys(opts.key)
+	}
+
+	// Try environment variable
+	if key, ok := agent.GetEnv("KEY"); ok && key != "" {
+		return agent.ParseKeys(key)
+	}
+
+	// Try key file
+	keyFile, ok := agent.GetEnv("KEY_FILE")
+	if !ok {
+		return nil, fmt.Errorf("no key provided: must set -key flag, KEY env var, or KEY_FILE env var. Use 'beszel-agent help' for usage")
+	}
+
+	pubKey, err := os.ReadFile(keyFile)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read key file: %w", err)
+	}
+	return agent.ParseKeys(string(pubKey))
+}
+
+func (opts *cmdOptions) getAddress() string {
+	return agent.GetAddress(opts.listen)
+}
+
+func main() {
+	var opts cmdOptions
+	subcommandHandled := opts.parse()
+
+	if subcommandHandled {
+		return
+	}
+
+	var serverConfig agent.ServerOptions
+	var err error
+	serverConfig.Keys, err = opts.loadPublicKeys()
+	if err != nil {
+		log.Fatal("Failed to load public keys:", err)
+	}
+
+	addr := opts.getAddress()
+	serverConfig.Addr = addr
+	serverConfig.Network = agent.GetNetwork(addr)
+
+	a, err := agent.NewAgent()
+	if err != nil {
+		log.Fatal("Failed to create agent: ", err)
+	}
+
+	if err := a.Start(serverConfig); err != nil {
+		log.Fatal("Failed to start server: ", err)
+	}
+}

src/cmd/agent/agent_test.go

@@ -1,13 +1,14 @@
 package main
 
 import (
-	"beszel/internal/agent"
 	"crypto/ed25519"
-	"flag"
 	"os"
 	"path/filepath"
 	"testing"
 
+	"github.com/henrygd/beszel/agent"
+
+	"github.com/spf13/pflag"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"golang.org/x/crypto/ssh"
@@ -245,7 +246,7 @@ func TestParseFlags(t *testing.T) {
 	oldArgs := os.Args
 	defer func() {
 		os.Args = oldArgs
-		flag.CommandLine = flag.NewFlagSet(os.Args[0], flag.ExitOnError)
+		pflag.CommandLine = pflag.NewFlagSet(os.Args[0], pflag.ExitOnError)
 	}()
 
 	tests := []struct {
@@ -269,6 +270,22 @@ func TestParseFlags(t *testing.T) {
 				listen: "",
 			},
 		},
+		{
+			name: "key flag double dash",
+			args: []string{"cmd", "--key", "testkey"},
+			expected: cmdOptions{
+				key:    "testkey",
+				listen: "",
+			},
+		},
+		{
+			name: "key flag short",
+			args: []string{"cmd", "-k", "testkey"},
+			expected: cmdOptions{
+				key:    "testkey",
+				listen: "",
+			},
+		},
 		{
 			name: "addr flag only",
 			args: []string{"cmd", "-listen", ":8080"},
@@ -277,6 +294,22 @@ func TestParseFlags(t *testing.T) {
 				listen: ":8080",
 			},
 		},
+		{
+			name: "addr flag double dash",
+			args: []string{"cmd", "--listen", ":8080"},
+			expected: cmdOptions{
+				key:    "",
+				listen: ":8080",
+			},
+		},
+		{
+			name: "addr flag short",
+			args: []string{"cmd", "-l", ":8080"},
+			expected: cmdOptions{
+				key:    "",
+				listen: ":8080",
+			},
+		},
 		{
 			name: "both flags",
 			args: []string{"cmd", "-key", "testkey", "-listen", ":8080"},
@@ -290,12 +323,12 @@ func TestParseFlags(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			// Reset flags for each test
-			flag.CommandLine = flag.NewFlagSet(tt.args[0], flag.ExitOnError)
+			pflag.CommandLine = pflag.NewFlagSet(tt.args[0], pflag.ExitOnError)
 			os.Args = tt.args
 
 			var opts cmdOptions
 			opts.parse()
-			flag.Parse()
+			pflag.Parse()
 
 			assert.Equal(t, tt.expected, opts)
 		})

src/cmd/hub/hub.go

@@ -1,15 +1,16 @@
 package main
 
 import (
-	"beszel"
-	"beszel/internal/hub"
-	_ "beszel/migrations"
 	"fmt"
 	"log"
 	"net/http"
 	"os"
 	"time"
 
+	"github.com/henrygd/beszel"
+	"github.com/henrygd/beszel/src/hub"
+	_ "github.com/henrygd/beszel/src/migrations"
+
 	"github.com/pocketbase/pocketbase"
 	"github.com/pocketbase/pocketbase/plugins/migratecmd"
 	"github.com/spf13/cobra"
@@ -45,11 +46,13 @@ func getBaseApp() *pocketbase.PocketBase {
 	baseApp.RootCmd.Use = beszel.AppName
 	baseApp.RootCmd.Short = ""
 	// add update command
-	baseApp.RootCmd.AddCommand(&cobra.Command{
+	updateCmd := &cobra.Command{
 		Use:   "update",
 		Short: "Update " + beszel.AppName + " to the latest version",
 		Run:   hub.Update,
-	})
+	}
+	updateCmd.Flags().Bool("china-mirrors", false, "Use mirror (gh.beszel.dev) instead of GitHub")
+	baseApp.RootCmd.AddCommand(updateCmd)
 	// add health command
 	baseApp.RootCmd.AddCommand(newHealthCmd())
 

src/dockerfile_agent

@@ -0,0 +1,26 @@
+FROM --platform=$BUILDPLATFORM golang:alpine AS builder
+
+WORKDIR /app
+
+COPY ../go.mod ../go.sum ./
+RUN go mod download
+
+# Copy source files
+COPY . ./
+
+# Build
+ARG TARGETOS TARGETARCH
+RUN CGO_ENABLED=0 GOGC=75 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -ldflags "-w -s" -o /agent ./src/cmd/agent
+
+RUN rm -rf /tmp/*
+
+# --------------------------
+# Final image: default scratch-based agent
+# --------------------------
+FROM scratch
+COPY --from=builder /agent /agent
+
+# this is so we don't need to create the /tmp directory in the scratch container
+COPY --from=builder /tmp /tmp
+
+ENTRYPOINT ["/agent"]

src/dockerfile_agent_nvidia

@@ -12,15 +12,10 @@ COPY internal ./internal
 ARG TARGETOS TARGETARCH
 RUN CGO_ENABLED=0 GOGC=75 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -ldflags "-w -s" -o /agent ./cmd/agent
 
-RUN rm -rf /tmp/*
-
-# ? -------------------------
-FROM scratch
-
+# --------------------------
+# Final image: GPU-enabled agent with nvidia-smi
+# --------------------------
+FROM nvidia/cuda:12.2.2-base-ubuntu22.04
 COPY --from=builder /agent /agent
 
-# this is so we don't need to create the 
-# /tmp directory in the scratch container
-COPY --from=builder /tmp /tmp
-
 ENTRYPOINT ["/agent"]

src/dockerfile_hub

@@ -3,16 +3,11 @@ FROM --platform=$BUILDPLATFORM golang:alpine AS builder
 WORKDIR /app
 
 # Download Go modules
-COPY go.mod go.sum ./
+COPY ../go.mod ../go.sum ./
 RUN go mod download
 
 # Copy source files
-COPY *.go ./
-COPY cmd ./cmd
-COPY internal ./internal
-COPY migrations ./migrations
-COPY site/dist ./site/dist
-COPY site/*.go ./site
+COPY . ./
 
 RUN apk add --no-cache \
     unzip \
@@ -22,7 +17,7 @@ RUN update-ca-certificates
 
 # Build
 ARG TARGETOS TARGETARCH
-RUN CGO_ENABLED=0 GOGC=75 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -ldflags "-w -s" -o /beszel ./cmd/hub
+RUN CGO_ENABLED=0 GOGC=75 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -ldflags "-w -s" -o /beszel ./src/cmd/hub
 
 # ? -------------------------
 FROM scratch

src/entities/system/system.go

@@ -3,8 +3,9 @@ package system
 // TODO: this is confusing, make common package with common/types common/helpers etc
 
 import (
-	"beszel/internal/entities/container"
 	"time"
+
+	"github.com/henrygd/beszel/src/entities/container"
 )
 
 type Stats struct {
@@ -31,6 +32,15 @@ type Stats struct {
 	Temperatures   map[string]float64  `json:"t,omitempty" cbor:"20,keyasint,omitempty"`
 	ExtraFs        map[string]*FsStats `json:"efs,omitempty" cbor:"21,keyasint,omitempty"`
 	GPUData        map[string]GPUData  `json:"g,omitempty" cbor:"22,keyasint,omitempty"`
+	LoadAvg1       float64             `json:"l1,omitempty" cbor:"23,keyasint,omitempty"`
+	LoadAvg5       float64             `json:"l5,omitempty" cbor:"24,keyasint,omitempty"`
+	LoadAvg15      float64             `json:"l15,omitempty" cbor:"25,keyasint,omitempty"`
+	Bandwidth      [2]uint64           `json:"b,omitzero" cbor:"26,keyasint,omitzero"`  // [sent bytes, recv bytes]
+	MaxBandwidth   [2]uint64           `json:"bm,omitzero" cbor:"27,keyasint,omitzero"` // [sent bytes, recv bytes]
+	// TODO: remove other load fields in future release in favor of load avg array
+	LoadAvg [3]float64 `json:"la,omitempty" cbor:"28,keyasint"`
+	Battery [2]uint8   `json:"bat,omitzero" cbor:"29,keyasint,omitzero"` // [percent, charge state, current]
+	MaxMem  float64    `json:"mm,omitempty" cbor:"30,keyasint,omitempty"`
 }
 
 type GPUData struct {
@@ -74,21 +84,27 @@ const (
 )
 
 type Info struct {
-	Hostname      string  `json:"h" cbor:"0,keyasint"`
-	KernelVersion string  `json:"k,omitempty" cbor:"1,keyasint,omitempty"`
-	Cores         int     `json:"c" cbor:"2,keyasint"`
-	Threads       int     `json:"t,omitempty" cbor:"3,keyasint,omitempty"`
-	CpuModel      string  `json:"m" cbor:"4,keyasint"`
-	Uptime        uint64  `json:"u" cbor:"5,keyasint"`
-	Cpu           float64 `json:"cpu" cbor:"6,keyasint"`
-	MemPct        float64 `json:"mp" cbor:"7,keyasint"`
-	DiskPct       float64 `json:"dp" cbor:"8,keyasint"`
-	Bandwidth     float64 `json:"b" cbor:"9,keyasint"`
-	AgentVersion  string  `json:"v" cbor:"10,keyasint"`
-	Podman        bool    `json:"p,omitempty" cbor:"11,keyasint,omitempty"`
-	GpuPct        float64 `json:"g,omitempty" cbor:"12,keyasint,omitempty"`
-	DashboardTemp float64 `json:"dt,omitempty" cbor:"13,keyasint,omitempty"`
-	Os            Os      `json:"os" cbor:"14,keyasint"`
+	Hostname       string  `json:"h" cbor:"0,keyasint"`
+	KernelVersion  string  `json:"k,omitempty" cbor:"1,keyasint,omitempty"`
+	Cores          int     `json:"c" cbor:"2,keyasint"`
+	Threads        int     `json:"t,omitempty" cbor:"3,keyasint,omitempty"`
+	CpuModel       string  `json:"m" cbor:"4,keyasint"`
+	Uptime         uint64  `json:"u" cbor:"5,keyasint"`
+	Cpu            float64 `json:"cpu" cbor:"6,keyasint"`
+	MemPct         float64 `json:"mp" cbor:"7,keyasint"`
+	DiskPct        float64 `json:"dp" cbor:"8,keyasint"`
+	Bandwidth      float64 `json:"b" cbor:"9,keyasint"`
+	AgentVersion   string  `json:"v" cbor:"10,keyasint"`
+	Podman         bool    `json:"p,omitempty" cbor:"11,keyasint,omitempty"`
+	GpuPct         float64 `json:"g,omitempty" cbor:"12,keyasint,omitempty"`
+	DashboardTemp  float64 `json:"dt,omitempty" cbor:"13,keyasint,omitempty"`
+	Os             Os      `json:"os" cbor:"14,keyasint"`
+	LoadAvg1       float64 `json:"l1,omitempty" cbor:"15,keyasint,omitempty"`
+	LoadAvg5       float64 `json:"l5,omitempty" cbor:"16,keyasint,omitempty"`
+	LoadAvg15      float64 `json:"l15,omitempty" cbor:"17,keyasint,omitempty"`
+	BandwidthBytes uint64  `json:"bb" cbor:"18,keyasint"`
+	// TODO: remove load fields in future release in favor of load avg array
+	LoadAvg [3]float64 `json:"la,omitempty" cbor:"19,keyasint"`
 }
 
 // Final data structure to return to the hub

src/ghupdate/extract.go

@@ -0,0 +1,140 @@
+package ghupdate
+
+import (
+	"archive/tar"
+	"archive/zip"
+	"compress/gzip"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+// extract extracts an archive file to the destination directory.
+// Supports .zip and .tar.gz files based on the file extension.
+func extract(srcPath, destDir string) error {
+	if strings.HasSuffix(srcPath, ".tar.gz") {
+		return extractTarGz(srcPath, destDir)
+	}
+	// Default to zip extraction
+	return extractZip(srcPath, destDir)
+}
+
+// extractTarGz extracts a tar.gz archive to the destination directory.
+func extractTarGz(srcPath, destDir string) error {
+	src, err := os.Open(srcPath)
+	if err != nil {
+		return err
+	}
+	defer src.Close()
+
+	gz, err := gzip.NewReader(src)
+	if err != nil {
+		return err
+	}
+	defer gz.Close()
+
+	tr := tar.NewReader(gz)
+
+	for {
+		header, err := tr.Next()
+		if err == io.EOF {
+			break
+		}
+		if err != nil {
+			return err
+		}
+
+		if header.Typeflag == tar.TypeDir {
+			if err := os.MkdirAll(filepath.Join(destDir, header.Name), 0755); err != nil {
+				return err
+			}
+			continue
+		}
+
+		if err := os.MkdirAll(filepath.Dir(filepath.Join(destDir, header.Name)), 0755); err != nil {
+			return err
+		}
+
+		outFile, err := os.Create(filepath.Join(destDir, header.Name))
+		if err != nil {
+			return err
+		}
+
+		if _, err := io.Copy(outFile, tr); err != nil {
+			outFile.Close()
+			return err
+		}
+		outFile.Close()
+	}
+
+	return nil
+}
+
+// extractZip extracts the zip archive at "src" to "dest".
+//
+// Note that only dirs and regular files will be extracted.
+// Symbolic links, named pipes, sockets, or any other irregular files
+// are skipped because they come with too many edge cases and ambiguities.
+func extractZip(src, dest string) error {
+	zr, err := zip.OpenReader(src)
+	if err != nil {
+		return err
+	}
+	defer zr.Close()
+
+	// normalize dest path to check later for Zip Slip
+	dest = filepath.Clean(dest) + string(os.PathSeparator)
+
+	for _, f := range zr.File {
+		err := extractFile(f, dest)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// extractFile extracts the provided zipFile into "basePath/zipFileName" path,
+// creating all the necessary path directories.
+func extractFile(zipFile *zip.File, basePath string) error {
+	path := filepath.Join(basePath, zipFile.Name)
+
+	// check for Zip Slip
+	if !strings.HasPrefix(path, basePath) {
+		return fmt.Errorf("invalid file path: %s", path)
+	}
+
+	r, err := zipFile.Open()
+	if err != nil {
+		return err
+	}
+	defer r.Close()
+
+	// allow only dirs or regular files
+	if zipFile.FileInfo().IsDir() {
+		if err := os.MkdirAll(path, os.ModePerm); err != nil {
+			return err
+		}
+	} else if zipFile.FileInfo().Mode().IsRegular() {
+		// ensure that the file path directories are created
+		if err := os.MkdirAll(filepath.Dir(path), os.ModePerm); err != nil {
+			return err
+		}
+
+		f, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, zipFile.Mode())
+		if err != nil {
+			return err
+		}
+		defer f.Close()
+
+		_, err = io.Copy(f, r)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}

src/ghupdate/ghupdate.go

@@ -0,0 +1,349 @@
+// Package ghupdate implements a new command to self update the current
+// executable with the latest GitHub release. This is based on PocketBase's
+// ghupdate package with modifications.
+package ghupdate
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"log/slog"
+	"net/http"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strings"
+
+	"github.com/henrygd/beszel"
+
+	"github.com/blang/semver"
+)
+
+// Minimal color functions using ANSI escape codes
+const (
+	colorReset  = "\033[0m"
+	ColorYellow = "\033[33m"
+	ColorGreen  = "\033[32m"
+	colorCyan   = "\033[36m"
+	colorGray   = "\033[90m"
+)
+
+func ColorPrint(color, text string) {
+	fmt.Println(color + text + colorReset)
+}
+
+func ColorPrintf(color, format string, args ...interface{}) {
+	fmt.Printf(color+format+colorReset+"\n", args...)
+}
+
+// HttpClient is a base HTTP client interface (usually used for test purposes).
+type HttpClient interface {
+	Do(req *http.Request) (*http.Response, error)
+}
+
+// Config defines the config options of the ghupdate plugin.
+//
+// NB! This plugin is considered experimental and its config options may change in the future.
+type Config struct {
+	// Owner specifies the account owner of the repository (default to "pocketbase").
+	Owner string
+
+	// Repo specifies the name of the repository (default to "pocketbase").
+	Repo string
+
+	// ArchiveExecutable specifies the name of the executable file in the release archive
+	// (default to "pocketbase"; an additional ".exe" check is also performed as a fallback).
+	ArchiveExecutable string
+
+	// Optional context to use when fetching and downloading the latest release.
+	Context context.Context
+
+	// The HTTP client to use when fetching and downloading the latest release.
+	// Defaults to `http.DefaultClient`.
+	HttpClient HttpClient
+
+	// The data directory to use when fetching and downloading the latest release.
+	DataDir string
+
+	// UseMirror specifies whether to use the beszel.dev mirror instead of GitHub API.
+	// When false (default), always uses api.github.com. When true, uses gh.beszel.dev.
+	UseMirror bool
+}
+
+type updater struct {
+	config         Config
+	currentVersion string
+}
+
+func Update(config Config) (updated bool, err error) {
+	p := &updater{
+		currentVersion: beszel.Version,
+		config:         config,
+	}
+
+	return p.update()
+}
+
+func (p *updater) update() (updated bool, err error) {
+	ColorPrint(ColorYellow, "Fetching release information...")
+
+	if p.config.DataDir == "" {
+		p.config.DataDir = os.TempDir()
+	}
+
+	if p.config.Owner == "" {
+		p.config.Owner = "henrygd"
+	}
+
+	if p.config.Repo == "" {
+		p.config.Repo = "beszel"
+	}
+
+	if p.config.Context == nil {
+		p.config.Context = context.Background()
+	}
+
+	if p.config.HttpClient == nil {
+		p.config.HttpClient = http.DefaultClient
+	}
+
+	var latest *release
+	var useMirror bool
+
+	// Determine the API endpoint based on UseMirror flag
+	apiURL := fmt.Sprintf("https://api.github.com/repos/%s/%s/releases/latest", p.config.Owner, p.config.Repo)
+	if p.config.UseMirror {
+		useMirror = true
+		apiURL = fmt.Sprintf("https://gh.beszel.dev/repos/%s/%s/releases/latest?api=true", p.config.Owner, p.config.Repo)
+		ColorPrint(ColorYellow, "Using mirror for update.")
+	}
+
+	latest, err = fetchLatestRelease(
+		p.config.Context,
+		p.config.HttpClient,
+		apiURL,
+	)
+	if err != nil {
+		return false, err
+	}
+
+	currentVersion := semver.MustParse(strings.TrimPrefix(p.currentVersion, "v"))
+	newVersion := semver.MustParse(strings.TrimPrefix(latest.Tag, "v"))
+
+	if newVersion.LTE(currentVersion) {
+		ColorPrintf(ColorGreen, "You already have the latest version %s.", p.currentVersion)
+		return false, nil
+	}
+
+	suffix := archiveSuffix(p.config.ArchiveExecutable, runtime.GOOS, runtime.GOARCH)
+	asset, err := latest.findAssetBySuffix(suffix)
+	if err != nil {
+		return false, err
+	}
+
+	releaseDir := filepath.Join(p.config.DataDir, ".beszel_update")
+	defer os.RemoveAll(releaseDir)
+
+	ColorPrintf(ColorYellow, "Downloading %s...", asset.Name)
+
+	// download the release asset
+	assetPath := filepath.Join(releaseDir, asset.Name)
+	if err := downloadFile(p.config.Context, p.config.HttpClient, asset.DownloadUrl, assetPath, useMirror); err != nil {
+		return false, err
+	}
+
+	ColorPrintf(ColorYellow, "Extracting %s...", asset.Name)
+
+	extractDir := filepath.Join(releaseDir, "extracted_"+asset.Name)
+	defer os.RemoveAll(extractDir)
+
+	// Extract the archive (automatically detects format)
+	if err := extract(assetPath, extractDir); err != nil {
+		return false, err
+	}
+
+	ColorPrint(ColorYellow, "Replacing the executable...")
+
+	oldExec, err := os.Executable()
+	if err != nil {
+		return false, err
+	}
+	renamedOldExec := oldExec + ".old"
+	defer os.Remove(renamedOldExec)
+
+	newExec := filepath.Join(extractDir, p.config.ArchiveExecutable)
+	if _, err := os.Stat(newExec); err != nil {
+		// try again with an .exe extension
+		newExec = newExec + ".exe"
+		if _, fallbackErr := os.Stat(newExec); fallbackErr != nil {
+			return false, fmt.Errorf("the executable in the extracted path is missing or it is inaccessible: %v, %v", err, fallbackErr)
+		}
+	}
+
+	// rename the current executable
+	if err := os.Rename(oldExec, renamedOldExec); err != nil {
+		return false, fmt.Errorf("failed to rename the current executable: %w", err)
+	}
+
+	tryToRevertExecChanges := func() {
+		if revertErr := os.Rename(renamedOldExec, oldExec); revertErr != nil {
+			slog.Debug(
+				"Failed to revert executable",
+				slog.String("old", renamedOldExec),
+				slog.String("new", oldExec),
+				slog.String("error", revertErr.Error()),
+			)
+		}
+	}
+
+	// replace with the extracted binary
+	if err := os.Rename(newExec, oldExec); err != nil {
+		// If rename fails due to cross-device link, try copying instead
+		if isCrossDeviceError(err) {
+			if err := copyFile(newExec, oldExec); err != nil {
+				tryToRevertExecChanges()
+				return false, fmt.Errorf("failed replacing the executable: %w", err)
+			}
+		} else {
+			tryToRevertExecChanges()
+			return false, fmt.Errorf("failed replacing the executable: %w", err)
+		}
+	}
+
+	ColorPrint(colorGray, "---")
+	ColorPrint(ColorGreen, "Update completed successfully!")
+
+	// print the release notes
+	if latest.Body != "" {
+		fmt.Print("\n")
+		releaseNotes := strings.TrimSpace(strings.Replace(latest.Body, "> _To update the prebuilt executable you can run `./"+p.config.ArchiveExecutable+" update`._", "", 1))
+		ColorPrint(colorCyan, releaseNotes)
+		fmt.Print("\n")
+	}
+
+	return true, nil
+}
+
+func fetchLatestRelease(
+	ctx context.Context,
+	client HttpClient,
+	url string,
+) (*release, error) {
+	req, err := http.NewRequestWithContext(ctx, "GET", url, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	res, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+
+	rawBody, err := io.ReadAll(res.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	// http.Client doesn't treat non 2xx responses as error
+	if res.StatusCode >= 400 {
+		return nil, fmt.Errorf(
+			"(%d) failed to fetch latest releases:\n%s",
+			res.StatusCode,
+			string(rawBody),
+		)
+	}
+
+	result := &release{}
+	if err := json.Unmarshal(rawBody, result); err != nil {
+		return nil, err
+	}
+
+	return result, nil
+}
+
+func downloadFile(
+	ctx context.Context,
+	client HttpClient,
+	url string,
+	destPath string,
+	useMirror bool,
+) error {
+	if useMirror {
+		url = strings.Replace(url, "github.com", "gh.beszel.dev", 1)
+	}
+	req, err := http.NewRequestWithContext(ctx, "GET", url, nil)
+	if err != nil {
+		return err
+	}
+
+	res, err := client.Do(req)
+	if err != nil {
+		return err
+	}
+	defer res.Body.Close()
+
+	// http.Client doesn't treat non 2xx responses as error
+	if res.StatusCode >= 400 {
+		return fmt.Errorf("(%d) failed to send download file request", res.StatusCode)
+	}
+
+	// ensure that the dest parent dir(s) exist
+	if err := os.MkdirAll(filepath.Dir(destPath), os.ModePerm); err != nil {
+		return err
+	}
+
+	dest, err := os.Create(destPath)
+	if err != nil {
+		return err
+	}
+	defer dest.Close()
+
+	if _, err := io.Copy(dest, res.Body); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// isCrossDeviceError checks if the error is due to a cross-device link
+func isCrossDeviceError(err error) bool {
+	return err != nil && (strings.Contains(err.Error(), "cross-device") ||
+		strings.Contains(err.Error(), "EXDEV"))
+}
+
+// copyFile copies a file from src to dst, preserving permissions
+func copyFile(src, dst string) error {
+	sourceFile, err := os.Open(src)
+	if err != nil {
+		return err
+	}
+	defer sourceFile.Close()
+
+	destFile, err := os.Create(dst)
+	if err != nil {
+		return err
+	}
+	defer destFile.Close()
+
+	// Copy the file contents
+	if _, err := io.Copy(destFile, sourceFile); err != nil {
+		return err
+	}
+
+	// Preserve the original file permissions
+	sourceInfo, err := sourceFile.Stat()
+	if err != nil {
+		return err
+	}
+
+	return destFile.Chmod(sourceInfo.Mode())
+}
+
+func archiveSuffix(binaryName, goos, goarch string) string {
+	if goos == "windows" {
+		return fmt.Sprintf("%s_%s_%s.zip", binaryName, goos, goarch)
+	}
+	return fmt.Sprintf("%s_%s_%s.tar.gz", binaryName, goos, goarch)
+}

src/ghupdate/ghupdate_test.go

@@ -0,0 +1,45 @@
+package ghupdate
+
+import (
+	"path/filepath"
+	"testing"
+)
+
+func TestReleaseFindAssetBySuffix(t *testing.T) {
+	r := release{
+		Assets: []*releaseAsset{
+			{Name: "test1.zip", Id: 1},
+			{Name: "test2.zip", Id: 2},
+			{Name: "test22.zip", Id: 22},
+			{Name: "test3.zip", Id: 3},
+		},
+	}
+
+	asset, err := r.findAssetBySuffix("2.zip")
+	if err != nil {
+		t.Fatalf("Expected nil, got err: %v", err)
+	}
+
+	if asset.Id != 2 {
+		t.Fatalf("Expected asset with id %d, got %v", 2, asset)
+	}
+}
+
+func TestExtractFailure(t *testing.T) {
+	testDir := t.TempDir()
+
+	// Test with missing zip file
+	missingZipPath := filepath.Join(testDir, "missing_test.zip")
+	extractedPath := filepath.Join(testDir, "zip_extract")
+
+	if err := extract(missingZipPath, extractedPath); err == nil {
+		t.Fatal("Expected Extract to fail due to missing zip file")
+	}
+
+	// Test with missing tar.gz file
+	missingTarPath := filepath.Join(testDir, "missing_test.tar.gz")
+
+	if err := extract(missingTarPath, extractedPath); err == nil {
+		t.Fatal("Expected Extract to fail due to missing tar.gz file")
+	}
+}

src/ghupdate/release.go

@@ -0,0 +1,36 @@
+package ghupdate
+
+import (
+	"errors"
+	"strings"
+)
+
+type releaseAsset struct {
+	Name        string `json:"name"`
+	DownloadUrl string `json:"browser_download_url"`
+	Id          int    `json:"id"`
+	Size        int    `json:"size"`
+}
+
+type release struct {
+	Name      string          `json:"name"`
+	Tag       string          `json:"tag_name"`
+	Published string          `json:"published_at"`
+	Url       string          `json:"html_url"`
+	Body      string          `json:"body"`
+	Assets    []*releaseAsset `json:"assets"`
+	Id        int             `json:"id"`
+}
+
+// findAssetBySuffix returns the first available asset containing the specified suffix.
+func (r *release) findAssetBySuffix(suffix string) (*releaseAsset, error) {
+	if suffix != "" {
+		for _, asset := range r.Assets {
+			if strings.HasSuffix(asset.Name, suffix) {
+				return asset, nil
+			}
+		}
+	}
+
+	return nil, errors.New("missing asset containing " + suffix)
+}

src/hub/agent_connect.go

@@ -0,0 +1,321 @@
+package hub
+
+import (
+	"errors"
+	"net"
+	"net/http"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/henrygd/beszel/src/common"
+	"github.com/henrygd/beszel/src/hub/expirymap"
+	"github.com/henrygd/beszel/src/hub/ws"
+
+	"github.com/blang/semver"
+	"github.com/lxzan/gws"
+	"github.com/pocketbase/dbx"
+	"github.com/pocketbase/pocketbase/core"
+)
+
+// agentConnectRequest holds information related to an agent's connection attempt.
+type agentConnectRequest struct {
+	hub         *Hub
+	req         *http.Request
+	res         http.ResponseWriter
+	token       string
+	agentSemVer semver.Version
+	// isUniversalToken is true if the token is a universal token.
+	isUniversalToken bool
+	// userId is the user ID associated with the universal token.
+	userId string
+}
+
+// universalTokenMap stores active universal tokens and their associated user IDs.
+var universalTokenMap tokenMap
+
+type tokenMap struct {
+	store *expirymap.ExpiryMap[string]
+	once  sync.Once
+}
+
+// getMap returns the expirymap, creating it if necessary.
+func (tm *tokenMap) GetMap() *expirymap.ExpiryMap[string] {
+	tm.once.Do(func() {
+		tm.store = expirymap.New[string](time.Hour)
+	})
+	return tm.store
+}
+
+// handleAgentConnect is the HTTP handler for an agent's connection request.
+func (h *Hub) handleAgentConnect(e *core.RequestEvent) error {
+	agentRequest := agentConnectRequest{req: e.Request, res: e.Response, hub: h}
+	_ = agentRequest.agentConnect()
+	return nil
+}
+
+// agentConnect validates agent credentials and upgrades the connection to a WebSocket.
+func (acr *agentConnectRequest) agentConnect() (err error) {
+	var agentVersion string
+
+	acr.token, agentVersion, err = acr.validateAgentHeaders(acr.req.Header)
+	if err != nil {
+		return acr.sendResponseError(acr.res, http.StatusBadRequest, "")
+	}
+
+	// Check if token is an active universal token
+	acr.userId, acr.isUniversalToken = universalTokenMap.GetMap().GetOk(acr.token)
+
+	// Find matching fingerprint records for this token
+	fpRecords := getFingerprintRecordsByToken(acr.token, acr.hub)
+	if len(fpRecords) == 0 && !acr.isUniversalToken {
+		// Invalid token - no records found and not a universal token
+		return acr.sendResponseError(acr.res, http.StatusUnauthorized, "Invalid token")
+	}
+
+	// Validate agent version
+	acr.agentSemVer, err = semver.Parse(agentVersion)
+	if err != nil {
+		return acr.sendResponseError(acr.res, http.StatusUnauthorized, "Invalid agent version")
+	}
+
+	// Upgrade connection to WebSocket
+	conn, err := ws.GetUpgrader().Upgrade(acr.res, acr.req)
+	if err != nil {
+		return acr.sendResponseError(acr.res, http.StatusInternalServerError, "WebSocket upgrade failed")
+	}
+
+	go acr.verifyWsConn(conn, fpRecords)
+
+	return nil
+}
+
+// verifyWsConn verifies the WebSocket connection using the agent's fingerprint and
+// SSH key signature, then adds the system to the system manager.
+func (acr *agentConnectRequest) verifyWsConn(conn *gws.Conn, fpRecords []ws.FingerprintRecord) (err error) {
+	wsConn := ws.NewWsConnection(conn)
+
+	// must set wsConn in connection store before the read loop
+	conn.Session().Store("wsConn", wsConn)
+
+	// make sure connection is closed if there is an error
+	defer func() {
+		if err != nil {
+			wsConn.Close([]byte(err.Error()))
+		}
+	}()
+
+	go conn.ReadLoop()
+
+	signer, err := acr.hub.GetSSHKey("")
+	if err != nil {
+		return err
+	}
+
+	agentFingerprint, err := wsConn.GetFingerprint(acr.token, signer, acr.isUniversalToken)
+	if err != nil {
+		return err
+	}
+
+	// Find or create the appropriate system for this token and fingerprint
+	fpRecord, err := acr.findOrCreateSystemForToken(fpRecords, agentFingerprint)
+	if err != nil {
+		return err
+	}
+
+	return acr.hub.sm.AddWebSocketSystem(fpRecord.SystemId, acr.agentSemVer, wsConn)
+}
+
+// validateAgentHeaders extracts and validates the token and agent version from HTTP headers.
+func (acr *agentConnectRequest) validateAgentHeaders(headers http.Header) (string, string, error) {
+	token := headers.Get("X-Token")
+	agentVersion := headers.Get("X-Beszel")
+
+	if agentVersion == "" || token == "" || len(token) > 64 {
+		return "", "", errors.New("")
+	}
+	return token, agentVersion, nil
+}
+
+// sendResponseError writes an HTTP error response.
+func (acr *agentConnectRequest) sendResponseError(res http.ResponseWriter, code int, message string) error {
+	res.WriteHeader(code)
+	if message != "" {
+		res.Write([]byte(message))
+	}
+	return nil
+}
+
+// getFingerprintRecordsByToken retrieves all fingerprint records associated with a given token.
+func getFingerprintRecordsByToken(token string, h *Hub) []ws.FingerprintRecord {
+	var records []ws.FingerprintRecord
+	// All will populate empty slice even on error
+	_ = h.DB().NewQuery("SELECT id, system, fingerprint, token FROM fingerprints WHERE token = {:token}").
+		Bind(dbx.Params{
+			"token": token,
+		}).
+		All(&records)
+	return records
+}
+
+// findOrCreateSystemForToken finds an existing system matching the token and fingerprint,
+// or creates a new one for a universal token.
+func (acr *agentConnectRequest) findOrCreateSystemForToken(fpRecords []ws.FingerprintRecord, agentFingerprint common.FingerprintResponse) (ws.FingerprintRecord, error) {
+	// No records - only valid for active universal tokens
+	if len(fpRecords) == 0 {
+		return acr.handleNoRecords(agentFingerprint)
+	}
+
+	// Single record - handle as regular token
+	if len(fpRecords) == 1 && !acr.isUniversalToken {
+		return acr.handleSingleRecord(fpRecords[0], agentFingerprint)
+	}
+
+	// Multiple records or universal token - look for matching fingerprint
+	return acr.handleMultipleRecordsOrUniversalToken(fpRecords, agentFingerprint)
+}
+
+// handleNoRecords handles the case where no fingerprint records are found for a token.
+// A new system is created if the token is a valid universal token.
+func (acr *agentConnectRequest) handleNoRecords(agentFingerprint common.FingerprintResponse) (ws.FingerprintRecord, error) {
+	var fpRecord ws.FingerprintRecord
+
+	if !acr.isUniversalToken || acr.userId == "" {
+		return fpRecord, errors.New("no matching fingerprints")
+	}
+
+	return acr.createNewSystemForUniversalToken(agentFingerprint)
+}
+
+// handleSingleRecord handles the case with a single fingerprint record. It validates
+// the agent's fingerprint against the stored one, or sets it on first connect.
+func (acr *agentConnectRequest) handleSingleRecord(fpRecord ws.FingerprintRecord, agentFingerprint common.FingerprintResponse) (ws.FingerprintRecord, error) {
+	// If no current fingerprint, update with new fingerprint (first time connecting)
+	if fpRecord.Fingerprint == "" {
+		if err := acr.hub.SetFingerprint(&fpRecord, agentFingerprint.Fingerprint); err != nil {
+			return fpRecord, err
+		}
+		// Update the record with the fingerprint that was set
+		fpRecord.Fingerprint = agentFingerprint.Fingerprint
+		return fpRecord, nil
+	}
+
+	// Abort if fingerprint exists but doesn't match (different machine)
+	if fpRecord.Fingerprint != agentFingerprint.Fingerprint {
+		return fpRecord, errors.New("fingerprint mismatch")
+	}
+
+	return fpRecord, nil
+}
+
+// handleMultipleRecordsOrUniversalToken finds a matching fingerprint from multiple records.
+// If no match is found and the token is a universal token, a new system is created.
+func (acr *agentConnectRequest) handleMultipleRecordsOrUniversalToken(fpRecords []ws.FingerprintRecord, agentFingerprint common.FingerprintResponse) (ws.FingerprintRecord, error) {
+	// Return existing record with matching fingerprint if found
+	for i := range fpRecords {
+		if fpRecords[i].Fingerprint == agentFingerprint.Fingerprint {
+			return fpRecords[i], nil
+		}
+	}
+
+	// No matching fingerprint record found, but it's
+	// an active universal token so create a new system
+	if acr.isUniversalToken {
+		return acr.createNewSystemForUniversalToken(agentFingerprint)
+	}
+
+	return ws.FingerprintRecord{}, errors.New("fingerprint mismatch")
+}
+
+// createNewSystemForUniversalToken creates a new system and fingerprint record for a universal token.
+func (acr *agentConnectRequest) createNewSystemForUniversalToken(agentFingerprint common.FingerprintResponse) (ws.FingerprintRecord, error) {
+	var fpRecord ws.FingerprintRecord
+	if !acr.isUniversalToken || acr.userId == "" {
+		return fpRecord, errors.New("invalid token")
+	}
+
+	fpRecord.Token = acr.token
+
+	systemId, err := acr.createSystem(agentFingerprint)
+	if err != nil {
+		return fpRecord, err
+	}
+	fpRecord.SystemId = systemId
+
+	// Set the fingerprint for the new system
+	if err := acr.hub.SetFingerprint(&fpRecord, agentFingerprint.Fingerprint); err != nil {
+		return fpRecord, err
+	}
+
+	// Update the record with the fingerprint that was set
+	fpRecord.Fingerprint = agentFingerprint.Fingerprint
+
+	return fpRecord, nil
+}
+
+// createSystem creates a new system record in the database using details from the agent.
+func (acr *agentConnectRequest) createSystem(agentFingerprint common.FingerprintResponse) (recordId string, err error) {
+	systemsCollection, err := acr.hub.FindCachedCollectionByNameOrId("systems")
+	if err != nil {
+		return "", err
+	}
+	remoteAddr := getRealIP(acr.req)
+	// separate port from address
+	if agentFingerprint.Hostname == "" {
+		agentFingerprint.Hostname = remoteAddr
+	}
+	if agentFingerprint.Port == "" {
+		agentFingerprint.Port = "45876"
+	}
+	// create new record
+	systemRecord := core.NewRecord(systemsCollection)
+	systemRecord.Set("name", agentFingerprint.Hostname)
+	systemRecord.Set("host", remoteAddr)
+	systemRecord.Set("port", agentFingerprint.Port)
+	systemRecord.Set("users", []string{acr.userId})
+
+	return systemRecord.Id, acr.hub.Save(systemRecord)
+}
+
+// SetFingerprint creates or updates a fingerprint record in the database.
+func (h *Hub) SetFingerprint(fpRecord *ws.FingerprintRecord, fingerprint string) (err error) {
+	// // can't use raw query here because it doesn't trigger SSE
+	var record *core.Record
+	switch fpRecord.Id {
+	case "":
+		// create new record for universal token
+		collection, _ := h.FindCachedCollectionByNameOrId("fingerprints")
+		record = core.NewRecord(collection)
+		record.Set("system", fpRecord.SystemId)
+	default:
+		record, err = h.FindRecordById("fingerprints", fpRecord.Id)
+	}
+	if err != nil {
+		return err
+	}
+	record.Set("token", fpRecord.Token)
+	record.Set("fingerprint", fingerprint)
+	return h.SaveNoValidate(record)
+}
+
+// getRealIP extracts the client's real IP address from request headers,
+// checking common proxy headers before falling back to the remote address.
+func getRealIP(r *http.Request) string {
+	if ip := r.Header.Get("CF-Connecting-IP"); ip != "" {
+		return ip
+	}
+	if ip := r.Header.Get("X-Forwarded-For"); ip != "" {
+		// X-Forwarded-For can contain a comma-separated list: "client_ip, proxy1, proxy2"
+		// Take the first one
+		ips := strings.Split(ip, ",")
+		if len(ips) > 0 {
+			return strings.TrimSpace(ips[0])
+		}
+	}
+	// Fallback to RemoteAddr
+	ip, _, err := net.SplitHostPort(r.RemoteAddr)
+	if err != nil {
+		return r.RemoteAddr
+	}
+	return ip
+}

src/hub/config/config.go

@@ -2,15 +2,15 @@
 package config
 
 import (
-	"beszel/internal/entities/system"
 	"fmt"
 	"log"
 	"os"
 	"path/filepath"
 
 	"github.com/google/uuid"
+	"github.com/henrygd/beszel/src/entities/system"
+
 	"github.com/pocketbase/dbx"
-	"github.com/pocketbase/pocketbase/apis"
 	"github.com/pocketbase/pocketbase/core"
 	"github.com/spf13/cast"
 	"gopkg.in/yaml.v3"
@@ -279,9 +279,8 @@ func createFingerprintRecord(app core.App, systemID, token string) error {
 
 // Returns the current config.yml file as a JSON object
 func GetYamlConfig(e *core.RequestEvent) error {
-	info, _ := e.RequestInfo()
-	if info.Auth == nil || info.Auth.GetString("role") != "admin" {
-		return apis.NewForbiddenError("Forbidden", nil)
+	if e.Auth.GetString("role") != "admin" {
+		return e.ForbiddenError("Requires admin role", nil)
 	}
 	configContent, err := generateYAML(e.App)
 	if err != nil {

src/hub/config/config_test.go

@@ -4,12 +4,14 @@
 package config_test
 
 import (
-	"beszel/internal/hub/config"
-	"beszel/internal/tests"
 	"os"
 	"path/filepath"
 	"testing"
 
+	"github.com/henrygd/beszel/src/tests"
+
+	"github.com/henrygd/beszel/src/hub/config"
+
 	"github.com/pocketbase/pocketbase/core"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

src/hub/hub.go

@@ -2,25 +2,23 @@
 package hub
 
 import (
-	"beszel"
-	"beszel/internal/alerts"
-	"beszel/internal/hub/config"
-	"beszel/internal/hub/systems"
-	"beszel/internal/records"
-	"beszel/internal/users"
-	"beszel/site"
 	"crypto/ed25519"
 	"encoding/pem"
 	"fmt"
-	"io/fs"
 	"net/http"
-	"net/http/httputil"
 	"net/url"
 	"os"
 	"path"
 	"strings"
 	"time"
 
+	"github.com/henrygd/beszel"
+	"github.com/henrygd/beszel/src/alerts"
+	"github.com/henrygd/beszel/src/hub/config"
+	"github.com/henrygd/beszel/src/hub/systems"
+	"github.com/henrygd/beszel/src/records"
+	"github.com/henrygd/beszel/src/users"
+
 	"github.com/google/uuid"
 	"github.com/pocketbase/pocketbase"
 	"github.com/pocketbase/pocketbase/apis"
@@ -164,58 +162,9 @@ func (h *Hub) initialize(e *core.ServeEvent) error {
 	return nil
 }
 
-// startServer sets up the server for Beszel
-func (h *Hub) startServer(se *core.ServeEvent) error {
-	// TODO: exclude dev server from production binary
-	switch h.IsDev() {
-	case true:
-		proxy := httputil.NewSingleHostReverseProxy(&url.URL{
-			Scheme: "http",
-			Host:   "localhost:5173",
-		})
-		se.Router.GET("/{path...}", func(e *core.RequestEvent) error {
-			proxy.ServeHTTP(e.Response, e.Request)
-			return nil
-		})
-	default:
-		// parse app url
-		parsedURL, err := url.Parse(h.appURL)
-		if err != nil {
-			return err
-		}
-		// fix base paths in html if using subpath
-		basePath := strings.TrimSuffix(parsedURL.Path, "/") + "/"
-		indexFile, _ := fs.ReadFile(site.DistDirFS, "index.html")
-		indexContent := strings.ReplaceAll(string(indexFile), "./", basePath)
-		indexContent = strings.Replace(indexContent, "{{V}}", beszel.Version, 1)
-		indexContent = strings.Replace(indexContent, "{{HUB_URL}}", h.appURL, 1)
-		// set up static asset serving
-		staticPaths := [2]string{"/static/", "/assets/"}
-		serveStatic := apis.Static(site.DistDirFS, false)
-		// get CSP configuration
-		csp, cspExists := GetEnv("CSP")
-		// add route
-		se.Router.GET("/{path...}", func(e *core.RequestEvent) error {
-			// serve static assets if path is in staticPaths
-			for i := range staticPaths {
-				if strings.Contains(e.Request.URL.Path, staticPaths[i]) {
-					e.Response.Header().Set("Cache-Control", "public, max-age=2592000")
-					return serveStatic(e)
-				}
-			}
-			if cspExists {
-				e.Response.Header().Del("X-Frame-Options")
-				e.Response.Header().Set("Content-Security-Policy", csp)
-			}
-			return e.HTML(http.StatusOK, indexContent)
-		})
-	}
-	return nil
-}
-
 // registerCronJobs sets up scheduled tasks
 func (h *Hub) registerCronJobs(_ *core.ServeEvent) error {
-	// delete old records once every hour
+	// delete old system_stats and alerts_history records once every hour
 	h.Cron().MustAdd("delete old records", "8 * * * *", h.rm.DeleteOldRecords)
 	// create longer records every 10 minutes
 	h.Cron().MustAdd("create longer records", "*/10 * * * *", h.rm.CreateLongerRecords)
@@ -224,48 +173,48 @@ func (h *Hub) registerCronJobs(_ *core.ServeEvent) error {
 
 // custom api routes
 func (h *Hub) registerApiRoutes(se *core.ServeEvent) error {
-	// returns public key and version
-	se.Router.GET("/api/beszel/getkey", func(e *core.RequestEvent) error {
-		info, _ := e.RequestInfo()
-		if info.Auth == nil {
-			return apis.NewForbiddenError("Forbidden", nil)
-		}
-		return e.JSON(http.StatusOK, map[string]string{"key": h.pubKey, "v": beszel.Version})
-	})
+	// auth protected routes
+	apiAuth := se.Router.Group("/api/beszel")
+	apiAuth.Bind(apis.RequireAuth())
+	// auth optional routes
+	apiNoAuth := se.Router.Group("/api/beszel")
+
+	// create first user endpoint only needed if no users exist
+	if totalUsers, _ := se.App.CountRecords("users"); totalUsers == 0 {
+		apiNoAuth.POST("/create-user", h.um.CreateFirstUser)
+	}
 	// check if first time setup on login page
-	se.Router.GET("/api/beszel/first-run", func(e *core.RequestEvent) error {
-		total, err := h.CountRecords("users")
+	apiNoAuth.GET("/first-run", func(e *core.RequestEvent) error {
+		total, err := e.App.CountRecords("users")
 		return e.JSON(http.StatusOK, map[string]bool{"firstRun": err == nil && total == 0})
 	})
+	// get public key and version
+	apiAuth.GET("/getkey", func(e *core.RequestEvent) error {
+		return e.JSON(http.StatusOK, map[string]string{"key": h.pubKey, "v": beszel.Version})
+	})
 	// send test notification
-	se.Router.GET("/api/beszel/send-test-notification", h.SendTestNotification)
-	// API endpoint to get config.yml content
-	se.Router.GET("/api/beszel/config-yaml", config.GetYamlConfig)
+	apiAuth.POST("/test-notification", h.SendTestNotification)
+	// get config.yml content
+	apiAuth.GET("/config-yaml", config.GetYamlConfig)
 	// handle agent websocket connection
-	se.Router.GET("/api/beszel/agent-connect", h.handleAgentConnect)
+	apiNoAuth.GET("/agent-connect", h.handleAgentConnect)
 	// get or create universal tokens
-	se.Router.GET("/api/beszel/universal-token", h.getUniversalToken)
-	// create first user endpoint only needed if no users exist
-	if totalUsers, _ := h.CountRecords("users"); totalUsers == 0 {
-		se.Router.POST("/api/beszel/create-user", h.um.CreateFirstUser)
-	}
+	apiAuth.GET("/universal-token", h.getUniversalToken)
+	// update / delete user alerts
+	apiAuth.POST("/user-alerts", alerts.UpsertUserAlerts)
+	apiAuth.DELETE("/user-alerts", alerts.DeleteUserAlerts)
+
 	return nil
 }
 
 // Handler for universal token API endpoint (create, read, delete)
 func (h *Hub) getUniversalToken(e *core.RequestEvent) error {
-	info, err := e.RequestInfo()
-	if err != nil || info.Auth == nil {
-		return apis.NewForbiddenError("Forbidden", nil)
-	}
-
-	tokenMap := getTokenMap()
-	userID := info.Auth.Id
+	tokenMap := universalTokenMap.GetMap()
+	userID := e.Auth.Id
 	query := e.Request.URL.Query()
 	token := query.Get("token")
-	tokenSet := token != ""
 
-	if !tokenSet {
+	if token == "" {
 		// return existing token if it exists
 		if token, _, ok := tokenMap.GetByValue(userID); ok {
 			return e.JSON(http.StatusOK, map[string]any{"token": token, "active": true})