fix(project-manager): remover Dify KB das descriptions, marcar nota TODO

Dify foi removido 06-03-2026. Skills brainstorm/discover ainda referenciam-no no corpo. Bump v1.2 + nota top-of-file. Reescrita workflow para próxima sessão. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-07 04:52:03 +01:00
parent 6285be6c2e
commit faef9b47dc
185 changed files with 9238 additions and 589 deletions
@@ -71,6 +71,8 @@ curl -s -X POST "http://localhost:3000/api/trpc/projects.createProject" \

 Endpoints completos com exemplos curl: ver [references/services-api.md](references/services-api.md)

+**Verificados 12-03-2026** (engenharia reversa do backend.js minificado):
+
 | Endpoint | Tipo | Descrição |
 |----------|------|-----------|
 | `services.app.createService` | POST | Criar serviço app |
@@ -79,10 +81,14 @@ Endpoints completos com exemplos curl: ver [references/services-api.md](referenc
 | `services.redis.createService` | POST | Criar Redis |
 | `services.app.inspectService` | GET | Inspecionar serviço |
 | `services.app.deployService` | POST | Fazer deploy |
-| `services.app.enableService` | POST | Activar serviço |
-| `services.app.disableService` | POST | Desactivar serviço |
+| `services.app.stopService` | POST | Parar serviço |
+| `services.app.startService` | POST | Iniciar serviço |
+| `services.app.restartService` | POST | Reiniciar serviço |
 | `services.app.destroyService` | POST | Destruir serviço |

+**Endpoints que NAO existem** (removidos da versao anterior):
+`enableService`, `disableService` — usar `startService`/`stopService` em vez disso.
+
 **Parâmetros obrigatórios:** `projectName` + `serviceName` em todos os endpoints de serviços.

 **Regra Descomplicar:** `projectName:"descomplicar"` para serviços próprios.
@@ -93,19 +99,70 @@ Endpoints completos com exemplos curl: ver [references/services-api.md](referenc

 Endpoints completos com exemplos curl: ver [references/service-config-api.md](references/service-config-api.md)

-| Endpoint | Descrição |
-|----------|-----------|
-| `services.app.updateSourceGithub` | Source GitHub (`owner`, `repo`, `ref`, `path`) |
-| `services.app.updateSourceGit` | Source Git custom (`repo`, `ref`, `path`) |
-| `services.app.updateSourceImage` | Source Docker image (`image`) |
-| `services.app.updateEnv` | Variáveis de ambiente (`env` como string multi-linha) |
-| `services.app.updateDomains` | Domínios (`domains[]` com `host`, `https`, `port`) |
-| `services.app.updateMounts` | Volumes (`mounts[]` com `type`, `name`, `mountPath`) |
-| `services.app.updatePorts` | Portas TCP/UDP (`ports[]` com `published`, `target`, `protocol`) |
-| `services.app.updateResources` | CPU/RAM (`memoryLimit`, `cpuLimit`, etc.) |
-| `services.app.updateBuild` | Build config (`type`, `buildCommand`, `startCommand`) |
-| `services.app.updateAdvanced` | Deploy avançado (`replicas`, `command`, `zeroDowntime`) |
-| `services.postgres.updateBackup` | Backup BD para S3 |
+**Verificados 12-03-2026:**
+
+| Endpoint | Descrição | Verificado |
+|----------|-----------|:----------:|
+| `services.app.updateSourceGithub` | Source GitHub (`owner`, `repo`, `ref`, `path`) | Sim |
+| `services.app.updateSourceGit` | Source Git custom (`repo`, `ref`, `path`) — params no nivel raiz, NAO dentro de `source` | Sim |
+| `services.app.updateSourceImage` | Source Docker image (`image`) | Sim |
+| `services.app.updateEnv` | Variáveis de ambiente (`env` como string multi-linha) | Sim |
+| `services.app.updateBuild` | Build config (`type`, `buildCommand`, `startCommand`) | Sim |
+| `services.app.updateResources` | CPU/RAM (`memoryLimit`, `cpuLimit`, etc.) | Sim |
+| `services.app.updateAdvanced` | Deploy avançado (`replicas`, `command`, `zeroDowntime`) | Sim |
+| `services.app.updateRedirects` | Redireccionamentos HTTP | Sim |
+| `services.app.updateBasicAuth` | Autenticacao basica | Sim |
+| `services.app.updateMaintenance` | Modo manutencao | Sim |
+
+**Endpoints que NAO existem na versao instalada:**
+- ~~`services.app.updateDomains`~~ — dominios so via UI do EasyPanel
+- ~~`services.app.updateMounts`~~ — nao encontrado
+- ~~`services.app.updatePorts`~~ — nao encontrado
+
+---
+
+## Domains API (Verificado 12-03-2026)
+
+Os dominios NAO sao geridos por `services.app.*` mas sim pelo namespace `domains.*`.
+
+| Endpoint | Tipo | Descricao |
+|----------|------|-----------|
+| `domains.listDomains` | GET | Listar dominios do projecto (`projectName`) |
+| `domains.createDomain` | POST | Criar dominio |
+| `domains.updateDomain` | POST | Actualizar dominio |
+| `domains.deleteDomain` | POST | Remover dominio |
+
+```bash
+# Listar dominios
+INPUT='{"json":{"projectName":"descomplicar"}}'
+ENCODED=$(python3 -c "import urllib.parse; print(urllib.parse.quote('$INPUT'))")
+curl -s "http://localhost:3000/api/trpc/domains.listDomains?input=$ENCODED" \
+  -H "Authorization: Bearer $TOKEN"
+
+# Criar dominio para servico
+curl -s -X POST "http://localhost:3000/api/trpc/domains.createDomain" \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"json":{
+    "id":"meu-dominio-id",
+    "https":true,
+    "host":"app.descomplicar.pt",
+    "path":"/",
+    "middlewares":[],
+    "certificateResolver":"letsencrypt",
+    "wildcard":false,
+    "destinationType":"service",
+    "serviceDestination":{
+      "protocol":"http",
+      "port":3000,
+      "path":"/",
+      "projectName":"descomplicar",
+      "serviceName":"meu-servico"
+    }
+  }}'
+```
+
+**Nota:** O `id` pode ser qualquer string unica (cuid ou slug). O `certificateResolver` deve ser `"letsencrypt"` para HTTPS com certificado automatico, ou `""` para dominios internos.

 ---

@@ -214,11 +271,11 @@ O EasyPanel usa Docker Swarm internamente. Isto impõe limitações nos mounts q

 1. **Bind mounts no Swarm** — O Docker Swarm não garante que o container corra sempre no mesmo nó. Um bind mount (`type: "bind"`) aponta para um path no host, mas se o container migrar para outro nó, esse path pode não existir. O EasyPanel mitiga isto parcialmente por correr num único nó, mas a limitação arquitectural mantém-se.

-2. **Sem suporte nativo a NFS/CIFS** — A API `updateMounts` não suporta drivers de volume remotos (NFS, CIFS, etc.) directamente. Para volumes partilhados, é necessário criar o volume Docker manualmente com o driver adequado e depois referenciá-lo.
+2. **Sem suporte nativo a NFS/CIFS** — O EasyPanel nao suporta drivers de volume remotos (NFS, CIFS, etc.) directamente via API. Para volumes partilhados, e necessario criar o volume Docker manualmente com o driver adequado e depois referencia-lo.

 3. **Permissões** — Volumes criados via API pertencem a `root:root` por defeito. Containers que correm com utilizador não-root podem ter problemas de permissões. Workaround: usar `command` no `updateAdvanced` para corrigir permissões no arranque.

-4. **Substituição total** — `updateMounts` substitui **todos** os mounts existentes. Para adicionar um mount, é preciso primeiro obter os mounts actuais via `inspectService` e enviar a lista completa com o novo mount incluído.
+4. **Substituicao total** — Mounts sao geridos via UI do EasyPanel. O endpoint `updateMounts` NAO foi encontrado na versao instalada. Configurar mounts directamente na interface web.

 ### Workarounds conhecidos

@@ -259,14 +316,21 @@ docker volume create --driver local \

 ---

+## Seguranca
+
+**ATENCAO:** `services.app.inspectService` retorna TODAS as variaveis de ambiente em texto limpo, incluindo passwords, tokens API e credenciais de base de dados. Nunca incluir output bruto de `inspectService` em reports, logs ou comentarios. Sanitizar sempre antes de mostrar ao utilizador.
+
+Campos sensiveis tipicos no `env`: `DB_PASS`, `API_TOKEN`, `SERVER_PASS`, `GATEWAY_PASS`, `EASYPANEL_API_TOKEN`.
+
 ## Anti-Patterns

 | Anti-Pattern | Risco | Alternativa |
 |--------------|-------|-------------|
-| Expor API externamente | Segurança crítica | Usar apenas via SSH localhost |
+| Expor API externamente | Seguranca critica | Usar apenas via SSH localhost |
 | Hardcode token | Leak de credenciais | Usar `/etc/easypanel/.api-token` |
-| Não validar response | Erros silenciosos | Verificar `result.data.json` |
+| Nao validar response | Erros silenciosos | Verificar `result.data.json` |
 | POST sem `Content-Type` | Request falha | Sempre incluir header |
+| Mostrar output de inspectService | Expoe passwords em texto limpo | Sanitizar env vars |

 ---

@@ -274,5 +338,17 @@ docker volume create --driver local \

 | Ficheiro | Conteúdo |
 |----------|----------|
-| [references/services-api.md](references/services-api.md) | Endpoints de serviços com curl completo (create, inspect, deploy, enable/disable, destroy) |
-| [references/service-config-api.md](references/service-config-api.md) | Endpoints de configuração (source, env, domains, mounts, ports, resources, build, deploy, backup BD) |
+| [references/services-api.md](references/services-api.md) | Endpoints de servicos com curl completo (create, inspect, deploy, stop/start/restart, destroy) |
+| [references/service-config-api.md](references/service-config-api.md) | Endpoints de configuracao (source, env, resources, build, deploy, domains, backup BD) |
+
+---
+
+## Healing Log
+
+Registo de erros conhecidos e como evitá-los. Lido automaticamente antes de executar.
+
+```jsonl
+{"date":"","issue":"","fix":"","source":"user|auto"}
+```
+
+*Adicionar nova linha após cada erro corrigido.*
@@ -1,5 +1,9 @@
 # EasyPanel API - Service Configuration

+**Verificado:** 12-03-2026 (engenharia reversa do backend.js)
+
+---
+
 ## Actualizar Source (GitHub)

 ```bash
@@ -18,6 +22,8 @@ curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateSourceGithub"

 ## Actualizar Source (Git Custom)

+**IMPORTANTE:** Os parametros `repo`, `ref`, `path` devem estar no nivel RAIZ do JSON, NAO dentro de um objecto `source`.
+
 ```bash
 curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateSourceGit" \
  -H "Authorization: Bearer $TOKEN" \
@@ -25,12 +31,22 @@ curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateSourceGit" \
  -d '{"json":{
    "projectName":"descomplicar",
    "serviceName":"minha-api",
-    "repo":"https://git.descomplicar.pt/org/repo",
+    "repo":"https://ealmeida:TOKEN@git.descomplicar.pt/ealmeida/repo",
    "ref":"main",
    "path":"/"
  }}'
 ```

+**Errado (causa zodErrors):**
+```json
+{"json":{"projectName":"x","serviceName":"y","source":{"type":"git","repo":"...","ref":"main","path":"/"}}}
+```
+
+**Correcto:**
+```json
+{"json":{"projectName":"x","serviceName":"y","repo":"...","ref":"main","path":"/"}}
+```
+
 ## Actualizar Source (Docker Image)

 ```bash
@@ -57,48 +73,20 @@ curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateEnv" \
  }}'
 ```

-## Actualizar Domains
+## Actualizar Build Config

 ```bash
-curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateDomains" \
+curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateBuild" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"json":{
    "projectName":"descomplicar",
    "serviceName":"minha-api",
-    "domains":[
-      {"host":"api.descomplicar.pt","https":true,"port":3000}
-    ]
-  }}'
-```
-
-## Actualizar Mounts
-
-```bash
-curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateMounts" \
-  -H "Authorization: Bearer $TOKEN" \
-  -H "Content-Type: application/json" \
-  -d '{"json":{
-    "projectName":"descomplicar",
-    "serviceName":"minha-api",
-    "mounts":[
-      {"type":"volume","name":"data","mountPath":"/app/data"}
-    ]
-  }}'
-```
-
-## Actualizar Ports (non-HTTP)
-
-```bash
-curl -s -X POST "http://localhost:3000/api/trpc/services.app.updatePorts" \
-  -H "Authorization: Bearer $TOKEN" \
-  -H "Content-Type: application/json" \
-  -d '{"json":{
-    "projectName":"descomplicar",
-    "serviceName":"minha-api",
-    "ports":[
-      {"published":8080,"target":3000,"protocol":"tcp"}
-    ]
+    "build":{
+      "type":"nixpacks",
+      "buildCommand":"npm run build",
+      "startCommand":"npm start"
+    }
  }}'
 ```

@@ -120,23 +108,6 @@ curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateResources" \
  }}'
 ```

-## Actualizar Build Config
-
-```bash
-curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateBuild" \
-  -H "Authorization: Bearer $TOKEN" \
-  -H "Content-Type: application/json" \
-  -d '{"json":{
-    "projectName":"descomplicar",
-    "serviceName":"minha-api",
-    "build":{
-      "type":"nixpacks",
-      "buildCommand":"npm run build",
-      "startCommand":"npm start"
-    }
-  }}'
-```
-
 ## Actualizar Deploy (Replicas, Command)

 ```bash
@@ -154,6 +125,45 @@ curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateAdvanced" \
  }}'
 ```

+## Actualizar Redirects
+
+```bash
+curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateRedirects" \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"json":{
+    "projectName":"descomplicar",
+    "serviceName":"minha-api",
+    "redirects":[]
+  }}'
+```
+
+## Actualizar Basic Auth
+
+```bash
+curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateBasicAuth" \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"json":{
+    "projectName":"descomplicar",
+    "serviceName":"minha-api",
+    "basicAuth":{"enabled":false}
+  }}'
+```
+
+## Actualizar Maintenance Mode
+
+```bash
+curl -s -X POST "http://localhost:3000/api/trpc/services.app.updateMaintenance" \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"json":{
+    "projectName":"descomplicar",
+    "serviceName":"minha-api",
+    "maintenance":{"enabled":false}
+  }}'
+```
+
 ## Database Backup Config

 ```bash
@@ -176,3 +186,98 @@ curl -s -X POST "http://localhost:3000/api/trpc/services.postgres.updateBackup"
    }
  }}'
 ```
+
+---
+
+## Domains API (Namespace separado)
+
+**IMPORTANTE:** Os dominios NAO sao geridos por `services.app.*` mas sim pelo namespace `domains.*`.
+
+### Listar Dominios (GET)
+
+```bash
+INPUT='{"json":{"projectName":"descomplicar"}}'
+ENCODED=$(python3 -c "import urllib.parse; print(urllib.parse.quote('$INPUT'))")
+curl -s "http://localhost:3000/api/trpc/domains.listDomains?input=$ENCODED" \
+  -H "Authorization: Bearer $TOKEN"
+```
+
+### Criar Dominio (POST)
+
+```bash
+curl -s -X POST "http://localhost:3000/api/trpc/domains.createDomain" \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"json":{
+    "id":"meu-dominio-id",
+    "https":true,
+    "host":"app.descomplicar.pt",
+    "path":"/",
+    "middlewares":[],
+    "certificateResolver":"letsencrypt",
+    "wildcard":false,
+    "destinationType":"service",
+    "serviceDestination":{
+      "protocol":"http",
+      "port":3000,
+      "path":"/",
+      "projectName":"descomplicar",
+      "serviceName":"meu-servico"
+    }
+  }}'
+```
+
+**Notas:**
+- O `id` pode ser qualquer string unica (cuid ou slug)
+- `certificateResolver`: `"letsencrypt"` para HTTPS, `""` para dominios internos
+- `destinationType`: `"service"` para servicos EasyPanel, `"custom"` para destinos externos
+
+### Actualizar Dominio (POST)
+
+```bash
+curl -s -X POST "http://localhost:3000/api/trpc/domains.updateDomain" \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"json":{...mesmo schema de createDomain...}}'
+```
+
+### Remover Dominio (POST)
+
+```bash
+curl -s -X POST "http://localhost:3000/api/trpc/domains.deleteDomain" \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"json":{"id":"meu-dominio-id"}}'
+```
+
+---
+
+## Resumo de Endpoints de Configuracao
+
+| Endpoint | Tipo | Descricao | Verificado |
+|----------|------|-----------|:----------:|
+| `services.app.updateSourceGithub` | POST | Source GitHub (`owner`,`repo`,`ref`,`path`) | Sim |
+| `services.app.updateSourceGit` | POST | Source Git custom (`repo`,`ref`,`path` RAIZ) | Sim |
+| `services.app.updateSourceImage` | POST | Source Docker image (`image`) | Sim |
+| `services.app.updateEnv` | POST | Variaveis de ambiente (`env` string) | Sim |
+| `services.app.updateBuild` | POST | Build config (`type`,`buildCommand`,`startCommand`) | Sim |
+| `services.app.updateResources` | POST | CPU/RAM limits | Sim |
+| `services.app.updateAdvanced` | POST | Deploy avancado (replicas, command, zeroDowntime) | Sim |
+| `services.app.updateRedirects` | POST | Redireccionamentos HTTP | Sim |
+| `services.app.updateBasicAuth` | POST | Autenticacao basica | Sim |
+| `services.app.updateMaintenance` | POST | Modo manutencao | Sim |
+| `domains.listDomains` | GET | Listar dominios (`projectName`) | Sim |
+| `domains.createDomain` | POST | Criar dominio | Sim |
+| `domains.updateDomain` | POST | Actualizar dominio | Sim |
+| `domains.deleteDomain` | POST | Remover dominio | Sim |
+
+**Endpoints que NAO existem na versao instalada:**
+- ~~`services.app.updateDomains`~~ — usar `domains.createDomain`
+- ~~`services.app.updateMounts`~~ — nao encontrado
+- ~~`services.app.updatePorts`~~ — nao encontrado
+- ~~`services.app.saveDomains`~~ — nao existe
+- ~~`services.app.saveGithubSource`~~ — usar `updateSourceGithub` ou `updateSourceGit`
+
+---
+
+*Actualizado: 12-03-2026*
@@ -1,10 +1,12 @@
 # EasyPanel API - Services

+**Verificado:** 12-03-2026 (engenharia reversa do backend.js)
+
 ## Service Types

 | Type | Descricao |
 |------|-----------|
-| `app` | Aplicacao (Node.js, Python, Go, etc.) |
+| `app` | Aplicacao (Node.js, Python, Go, Rust, etc.) |
 | `mysql` | MySQL database |
 | `mariadb` | MariaDB database |
 | `postgres` | PostgreSQL database |
@@ -42,14 +44,16 @@ curl -s -X POST "http://localhost:3000/api/trpc/services.redis.createService" \
  -d '{"json":{"projectName":"descomplicar","serviceName":"cache"}}'
 ```

-## Inspeccionar Servico
+## Inspeccionar Servico (GET)

 ```bash
-curl -s "http://localhost:3000/api/trpc/services.app.inspectService?input=%7B%22json%22%3A%7B%22projectName%22%3A%22descomplicar%22%2C%22serviceName%22%3A%22dashboard_descomplicar%22%7D%7D" \
+INPUT='{"json":{"projectName":"descomplicar","serviceName":"dashboard_descomplicar"}}'
+ENCODED=$(python3 -c "import urllib.parse; print(urllib.parse.quote('$INPUT'))")
+curl -s "http://localhost:3000/api/trpc/services.app.inspectService?input=$ENCODED" \
  -H "Authorization: Bearer $TOKEN"
 ```

-Response:
+Response parcial:
 ```json
 {
  "projectName": "descomplicar",
@@ -74,22 +78,30 @@ curl -s -X POST "http://localhost:3000/api/trpc/services.app.deployService" \
  -d '{"json":{"projectName":"descomplicar","serviceName":"minha-api"}}'
 ```

-## Enable/Disable Servico
+## Stop / Start / Restart Servico

 ```bash
-# Disable
-curl -s -X POST "http://localhost:3000/api/trpc/services.app.disableService" \
+# Parar servico
+curl -s -X POST "http://localhost:3000/api/trpc/services.app.stopService" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"json":{"projectName":"descomplicar","serviceName":"minha-api"}}'

-# Enable
-curl -s -X POST "http://localhost:3000/api/trpc/services.app.enableService" \
+# Iniciar servico
+curl -s -X POST "http://localhost:3000/api/trpc/services.app.startService" \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"json":{"projectName":"descomplicar","serviceName":"minha-api"}}'
+
+# Reiniciar servico
+curl -s -X POST "http://localhost:3000/api/trpc/services.app.restartService" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"json":{"projectName":"descomplicar","serviceName":"minha-api"}}'
 ```

+**IMPORTANTE:** `enableService` e `disableService` NAO existem na versao instalada. Usar `startService`/`stopService`.
+
 ## Destruir Servico

 ```bash
@@ -98,3 +110,26 @@ curl -s -X POST "http://localhost:3000/api/trpc/services.app.destroyService" \
  -H "Content-Type: application/json" \
  -d '{"json":{"projectName":"descomplicar","serviceName":"minha-api"}}'
 ```
+
+---
+
+## Resumo de Endpoints
+
+| Endpoint | Tipo | Descricao | Verificado |
+|----------|------|-----------|:----------:|
+| `services.app.createService` | POST | Criar servico app | Sim |
+| `services.postgres.createService` | POST | Criar PostgreSQL | Sim |
+| `services.mysql.createService` | POST | Criar MySQL | Sim |
+| `services.redis.createService` | POST | Criar Redis | Sim |
+| `services.app.inspectService` | GET | Inspeccionar servico | Sim |
+| `services.app.deployService` | POST | Fazer deploy | Sim |
+| `services.app.stopService` | POST | Parar servico | Sim |
+| `services.app.startService` | POST | Iniciar servico | Sim |
+| `services.app.restartService` | POST | Reiniciar servico | Sim |
+| `services.app.destroyService` | POST | Destruir servico | Sim |
+
+**Endpoints que NAO existem:** `enableService`, `disableService`, `redeployService`
+
+---
+
+*Actualizado: 12-03-2026*