Fix/bugs

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,53 @@
+---
+name: Bug Report
+about: Report a bug to help us improve Dequel
+title: "[Bug]: "
+labels: bug, triage
+assignees: ""
+---
+
+## Description
+
+A clear and concise description of what the bug is.
+
+## Steps to Reproduce
+
+1. Go to '...'
+2. Click on '...'
+3. Scroll down to '...'
+4. See error
+
+## Expected Behavior
+
+What did you expect to happen?
+
+## Actual Behavior
+
+What actually happened?
+
+## Screenshots / Logs
+
+If applicable, add screenshots or relevant logs.
+
+## Environment
+
+- **Dequel Version**: (check `VERSION` or `scripts/dequel status`)
+- **OS**:
+- **Docker version**:
+- **Bun version** (if relevant):
+- **Browser** (if relevant):
+
+## Affected Component
+
+- [ ] API (Backend)
+- [ ] Web Dashboard (Frontend)
+- [ ] Docs
+- [ ] CLI / Install Script
+- [ ] Docker / Deployment
+- [ ] Build System (Railpack / BuildKit)
+- [ ] Caddy / Ingress
+- [ ] Monitoring (Prometheus / Grafana / Loki)
+
+## Additional Context
+
+Add any other context, workarounds, or related issues.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,41 @@
+---
+name: Feature Request
+about: Suggest an idea for Dequel
+title: "[Feature]: "
+labels: enhancement
+assignees: ""
+---
+
+## Problem Statement
+
+Is your feature request related to a problem? Please describe what you're trying to solve.
+
+## Proposed Solution
+
+A clear and concise description of what you want to happen.
+
+## Alternative Solutions
+
+Any alternative solutions or features you've considered.
+
+## Affected Component
+
+- [ ] API (Backend)
+- [ ] Web Dashboard (Frontend)
+- [ ] Docs
+- [ ] CLI / Install Script
+- [ ] Build System (Railpack / BuildKit)
+- [ ] Caddy / Ingress
+- [ ] Monitoring (Prometheus / Grafana / Loki)
+
+## Mockups / Examples
+
+If applicable, add mockups, diagrams, or examples from other projects.
+
+## Additional Context
+
+Add any other context or screenshots.
+
+## Would you like to implement this?
+
+- [ ] Yes, I'd be happy to submit a PR

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,43 @@
+## Description
+
+Please provide a summary of the changes and the motivation behind them. What problem does this PR solve?
+
+Fixes #(issue)
+
+## Type of Change
+
+- [ ] Bug fix (non-breaking change that fixes an issue)
+- [ ] New feature (non-breaking change that adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] Documentation update
+- [ ] Refactor (no functional changes)
+- [ ] CI / Build / Tooling
+- [ ] Other (please describe):
+
+## How Has This Been Tested?
+
+Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce.
+
+- [ ] Existing tests pass (`bun test` in `apps/api/`)
+- [ ] New tests added (if applicable)
+- [ ] Manual testing performed (describe steps)
+
+## Checklist
+
+- [ ] My code follows the project's code style (no comments, named exports, functional components, etc.)
+- [ ] I have read the [contributing guidelines](../CONTRIBUTING.md)
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] I have updated the documentation (if applicable)
+- [ ] My changes generate no new warnings or lint errors
+- [ ] I have run `bun test` in `apps/api/` and all tests pass
+- [ ] I have synced the VERSION file if needed (`bun run sync-versions`)
+
+## Screenshots (if applicable)
+
+| Before | After |
+|--------|-------|
+| (insert here) | (insert here) |
+
+## Additional Context
+
+Add any other context about the PR here (e.g., migration notes, deployment considerations, rollback strategy).

.github/workflows/release.yml

@@ -71,11 +71,7 @@ jobs:
           cp docker-compose.yml "$TAR_DIR/"
           cp scripts/dequel "$TAR_DIR/dequel"
           cp infra/caddy/Caddyfile "$TAR_DIR/infra/caddy/"
-          cp infra/monitoring/prometheus.yml "$TAR_DIR/infra/monitoring/"
-          cp infra/monitoring/loki-config.yml "$TAR_DIR/infra/monitoring/"
-          cp infra/monitoring/promtail-config.yml "$TAR_DIR/infra/monitoring/"
-          cp infra/monitoring/grafana/datasources/loki.yml "$TAR_DIR/infra/monitoring/grafana/datasources/"
-          cp infra/monitoring/grafana/datasources/prometheus.yml "$TAR_DIR/infra/monitoring/grafana/datasources/"
+          cp -r infra/monitoring "$TAR_DIR/infra/"
           cd "$TAR_DIR" && tar -czf "../dequel-config-${VERSION}.tar.gz" .
 
       - name: Create GitHub Release

.github/workflows/vuln-scan.yml

@@ -0,0 +1,50 @@
+name: Security Scans
+
+on:
+    push:
+    pull_request:
+    workflow_dispatch:
+
+concurrency:
+    group: security-scans-${{ github.ref }}
+    cancel-in-progress: true
+
+permissions:
+    contents: read
+    pull-requests: read
+
+jobs:
+    forbidden-pattern-scan:
+        name: Forbidden Pattern Scan
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout
+              uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5
+              with:
+                  persist-credentials: false
+
+            - name: Run forbidden pattern scan
+              run: bash scripts/workflow/forbidden-pattern-scan.sh "${{ github.workspace }}"
+
+    lazarus-scanner:
+        name: Lazarus Scanner
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout
+              uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5
+              with:
+                  persist-credentials: false
+
+            - name: Setup Python
+              uses: actions/setup-python@v5
+              with:
+                  python-version: "3.12"
+
+            - name: Download lazarus_scanner.py
+              run: |
+                  curl -fsSL -o lazarus_scanner.py \
+                    https://raw.githubusercontent.com/hngprojects/lazarus-scanner/b1367e3a7a1463fbef90919867555a73f6acdf66/lazarus_scanner.py
+                  echo "ddbb2181479f9a07d5859ceeac9160fd45084d28d95311ce49fc63fc1959e831  lazarus_scanner.py" | sha256sum --check || { echo "FAIL: SHA256 mismatch"; exit 1; }
+
+            - name: Run Lazarus scanner
+              run: python3 lazarus_scanner.py

.gitignore

@@ -10,3 +10,5 @@ infra/caddy/routes/
 bugs
 apps/api/index
 docker-compose.yml
+bump.sh
+scripts/workflow/bump.sh

CHANGELOG.md

@@ -5,6 +5,31 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.1.1] - 2026-06-19
+
+### Added
+
+- Per-project Grafana dashboards automatically created on successful deployment
+- Configurable `CADDY_BASE_DOMAIN` for public ingress with automatic Let's Encrypt SSL
+- Dynamic `railpack.json` generation with deployment abort support
+- GitHub webhook management and project management API endpoints
+- Project source and port configuration options
+- SMTP configuration and system settings API
+
+### Changed
+
+- Monitoring stack hardened: Prometheus now validates TSDB blocks and quarantines corrupted ones on startup; Promtail scoped to `dequel_net` network; Grafana datasources use stable UIDs for reliable dashboard provisioning
+- `PUBLIC_URL` is now derived from `CADDY_BASE_DOMAIN` instead of requiring separate configuration
+- Refactored infrastructure monitoring configs into dedicated files for maintainability
+
+### Fixed
+
+- Container network reconciliation now force-disconnects stale network references before starting containers, preventing Docker network ID changes from breaking deployments
+
+### Documentation
+
+- Installation guide, quickstart, and system configuration docs updated for `CADDY_BASE_DOMAIN`
+
 ## [0.1.0] - 2026-06-08
 
 ### Added

CONTRIBUTING.md

@@ -0,0 +1,107 @@
+# Contributing to Dequel
+
+Thank you for your interest in contributing! Here's how to get started.
+
+## Getting Started
+
+1. Fork and clone the repo
+2. Install dependencies: `bun install` (from repo root — needed for tests, version syncing, and local tooling)
+3. Read [`AGENTS.md`](./AGENTS.md) for the full architecture and conventions
+
+## Reporting Bugs
+
+Open a [Bug Report](https://github.com/Lftobs/dequel/issues/new?template=bug_report.md). Include:
+
+- Steps to reproduce
+- Expected vs actual behavior
+- Dequel version (`VERSION` file or `scripts/dequel status`)
+- Environment details (OS, Docker version, browser if relevant)
+
+## Suggesting Features
+
+Open a [Feature Request](https://github.com/Lftobs/dequel/issues/new?template=feature_request.md). Describe:
+
+- The problem you're solving
+- Your proposed solution
+- Any alternatives considered
+- Whether you'd like to implement it yourself
+
+## Development
+
+### Running Locally
+
+Run the full stack with Docker Compose:
+
+```bash
+docker compose up -d --build
+```
+
+This starts all services (API, Web, Caddy, BuildKit, Redis, Prometheus, Loki, Grafana). The dashboard is at `https://localhost`, API at `https://localhost/api`, Grafana at `https://localhost/grafana` (admin/admin).
+
+### Code Conventions
+
+- **No comments** in source code unless absolutely necessary
+- **Named exports** over default exports
+- **Functional components + hooks** in React
+- **Tailwind CSS** for styling (web and docs)
+- Max ~500 lines per file — split into feature-grouped directories
+- `set -euo pipefail` in all bash scripts
+
+### Database Migrations
+
+Run from `apps/api/`:
+
+```bash
+cd apps/api
+bunx drizzle-kit generate
+bunx drizzle-kit push
+```
+
+### Testing
+
+Run from `apps/api/`:
+
+```bash
+cd apps/api && bun test
+```
+
+Always run tests before committing API changes.
+
+### Versioning
+
+```bash
+./bump.sh v0.2.0
+```
+
+This updates `VERSION`, all `package.json` files, and optionally adds a changelog entry.
+
+## Pull Requests
+
+1. Create a PR from your fork using the [PR template](./.github/PULL_REQUEST_TEMPLATE.md)
+2. Ensure all tests pass (`cd apps/api && bun test`)
+3. Keep changes focused — one feature/fix per PR
+4. Update documentation if your change affects user-facing behavior
+5. If changing API behavior, update the docs site content
+
+### PR Checklist
+
+- [ ] Tests pass (`cd apps/api && bun test`)
+- [ ] No new warnings or lint errors
+- [ ] Documentation updated (if applicable)
+- [ ] Version synced (`bun run sync-versions`) if `VERSION` changed
+- [ ] Follows code conventions (no comments, named exports, etc.)
+
+## Release Process
+
+Maintainers cut releases by tagging:
+
+```bash
+git tag vX.Y.Z
+git push origin vX.Y.Z
+```
+
+CI builds Docker images to `ghcr.io/lftobs/dequel/{api,web}:X.Y.Z`, deploys docs to Vercel, and creates a GitHub Release.
+
+## Questions?
+
+Open a [Discussion](https://github.com/Lftobs/dequel/discussions) for questions and community support.

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Lftobs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

VERSION

@@ -1 +1 @@
-0.1.0
+0.1.1

apps/api/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dequel-api",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "private": true,
   "type": "module",
   "scripts": {

apps/api/src/api/projects/index.ts

@@ -7,6 +7,7 @@ import {
 	getProjectById,
 	updateProject,
 	deleteProject,
+	listDomains,
 } from "../../db/repo";
 import { tryRun, reloadCaddy } from "../../orchestrator/runtime";
 import { removeFromCaddyRoute } from "../../utils/domain-verifier";