- Remove is_readable() check when running as root
- Root can read files even with 0700 permissions
- Should fix issue where REDIS_PASSWORD file exists but is not readable (0700, owner 1000, process 0)
- Docker secrets may have restrictive permissions that root can bypass
- Handle paths like /redis_password and convert to /run/secrets/redis_password
- Docker Swarm may set *_FILE variables with just the secret name
- Add file permission debugging to diagnose read issues
- Should fix issue where REDIS_PASSWORD_FILE points to /redis_password instead of /run/secrets/redis_password
- Use RedisConfig::fromEnvironment() in LoggerInitializer
- Remove fallback logic in QueueInitializer, always use connection pool
- Make RedisConfig constructor private
- Clean up Redis connection error message
- Manually set REDIS_PASSWORD_FILE if file exists but variable is not set
- Handles cases where Docker Compose doesn't set the variable correctly
- Should fix issue where REDIS_PASSWORD_FILE is missing even though configured
- Add secrets section at end of docker-compose.staging.yml
- Ensures secrets are properly loaded even if inherited from base file
- Should fix issue where REDIS_PASSWORD_FILE variable is not set
- Secrets are now explicitly defined: redis_password, db_user_password, app_key, vault_encryption_key, git_token
- Check getenv(), $_ENV and $_SERVER for REDIS_PASSWORD_FILE
- Check if /run/secrets/redis_password file exists
- Help diagnose why REDIS_PASSWORD_FILE is not in environment
- Add debug logging for REDIS_PASSWORD_FILE and REDIS_PASSWORD
- Check if REDIS_PASSWORD_FILE exists and has correct value
- Check if secret file exists and is readable
- Help diagnose why REDIS_PASSWORD_FILE is not in logs
- Update all() first pass to skip storing empty values when secret resolution fails
- Ensures second pass can still resolve secrets from *_FILE variables
- Prevents empty values from blocking secret resolution in second pass
- Should fix issue where REDIS_PASSWORD was empty even though REDIS_PASSWORD_FILE existed
- Update all() method to check for *_FILE variables and resolve their base variables
- Ensures APP_KEY, DB_PASSWORD, etc. are resolved even if they don't exist in the array
- Two-pass approach: first processes existing variables, second checks for *_FILE patterns
- Fixes issue where APP_KEY was empty even though APP_KEY_FILE existed
- Add REDIS_PASSWORD_FILE=/run/secrets/redis_password to staging-app environment
- Add redis_password to staging-app secrets list
- Ensures REDIS_PASSWORD can be resolved from Docker Secret via *_FILE pattern
- Fixes issue where REDIS_PASSWORD was empty in staging-app even though secret exists
- Update all() to automatically resolve Docker Secrets (*_FILE pattern) for empty variables
- Ensures DB_PASSWORD, REDIS_PASSWORD, etc. are resolved from their *_FILE counterparts when empty
- Variables like DB_PASSWORD_FILE are still included in output, but empty values are replaced with resolved secrets
- Fixes issue where DB_PASSWORD and REDIS_PASSWORD appeared empty in logs even though *_FILE variables existed
- Update get() method to treat empty strings as 'not set' for Docker Secrets resolution
- Allows Docker Secrets (*_FILE pattern) to override empty values
- Preserves original behavior: explicitly set empty strings are still returned
- Fixes issue where RAPIDMAIL_USERNAME and RAPIDMAIL_PASSWORD appear empty even when Docker Secrets are available
- Update all() to merge internal variables with system environment variables
- Ensures variables set after initialization (e.g., by PHP-FPM) are included
- Internal variables take precedence over system variables
- Fixes issue where RAPIDMAIL_USERNAME and RAPIDMAIL_PASSWORD were missing in all() output
- Fix priority order in loadSystemEnvironment() to check and first
- Add dynamic fallback in Environment::get() to handle variables set after initialization
- Ensure all environment variables are captured during bootstrap, including those set dynamically by PHP-FPM/FastCGI
Fixes issue where environment variables like RAPIDMAIL_USERNAME and RAPIDMAIL_PASSWORD were missing during bootstrap but available later in request processing.
- Improve WireGuard client IP calculation logic (find next available IP)
- Add local wireguard-clients directory for storing client configs
- Integrate Redis pool into CacheInitializer
- Improve ContainerBootstrapper with better imports and Redis pool
- Add monitoring role tags for better task organization
- Update WireGuard documentation
- Store generated WireGuard client configs locally
- Fix user home directory detection for stack path expansion
- Handle tilde expansion and relative paths correctly
- Add fallback logic for path resolution
- Replace job-level if condition with env variable for better control
- Add conditional checks to all build steps
- Add skip step when build not required
- Simplify deploy-staging conditions
- Add fallback to 'latest' tag when build fails
- Add fallback mechanism when pulling specific image tag fails
- Fix code style: move opening brace in ObjectInfo
- Remove unused comment in ObjectStorage
- build job accesses needs.runtime-base.outputs.image_ref, so runtime-base must be in needs
- Added always() condition to ensure build runs even if runtime-base is skipped
- Outputs will be empty if runtime-base was skipped, which is handled gracefully
- Better handling of optional runtime-base outputs
- Added null check for runtime-base image_ref
- Improved logging when using freshly built runtime image
