Merge branch 'main' into dependabot/npm_and_yarn/assets/braces-3.0.3

.dialyzer_ignore.exs

@@ -0,0 +1,4 @@
+[
+  {"lib/x509/certificate.ex", "Unknown type: X509.ASN1.record/1."},
+  {"lib/x509/certificate/extension.ex", "Unknown type: X509.ASN1.record/1."}
+]

.dockerignore

@@ -1,7 +1,10 @@
-**/node_modules/
-.git
+.elixir-tools
+.elixir-ls
+.env.*
+.github
 .idea #IntelliJ stuff
 _build
+**/node_modules/
 deps
+fly*
 tmp
-

.formatter.exs

@@ -2,5 +2,6 @@
 [
   plugins: [Phoenix.LiveView.HTMLFormatter],
   inputs: ["{mix,.formatter}.exs", "{config,lib,test}/**/*.{heex,ex,exs}"],
-  heex_line_length: 200
+  heex_line_length: 200,
+  import_deps: [:assert_eventually]
 ]

.github/workflows/ci.yml

@@ -4,6 +4,8 @@ on:
   push:
     branches:
       - main
+    tags:
+      - 'v*'
   workflow_dispatch:
   pull_request:
 

.gitignore

@@ -15,3 +15,4 @@ test/fixtures/ssl/device-root-ca.srl
 .vscode
 
 .env*
+.iex.exs

.tool-versions

@@ -1,4 +1,4 @@
 nodejs 16.18.1
 python 3.10.13
-elixir 1.17.1-otp-27
-erlang 27.0
+elixir 1.17.2-otp-27
+erlang 27.0.1

CHANGELOG.md

@@ -0,0 +1,85 @@
+# Changelog
+
+## Unreleased
+
+### Added
+* Add the oban integration to Sentry (#1543)
+* Add device count and estimated device count for Deployment views (#1517)
+* Use Chart.js for metrics (#1523)
+* Add task for generating randomized device metrics (#1564)
+
+### Changed
+* Device channel cleanups (#1546)
+* Increase the Repo queue_target (#1545)
+* Updates for releasing an official 2.0.0 version (#1548) (#1549)
+* Remove EctoReporter and NodeReporter (#1554) (#1563)
+* Fix typos (#1557)
+* Sentry configuration and release id updates (#1560) (#1568)
+* Logging changes (#1556) (#1561) (#1571)
+  * Log from telemetry data
+  * Move statsd metrics to a module
+* Allow the socket drainer to be configured at runtime (#1577)
+* Add y-scale start number as chart parameter (#1580)
+* Metrics charts improvements (#1581)
+* More logging tweaks (#1576)
+* Dependency updates
+  * castore, 1.0.8 to 1.0.9
+  * ex_aws_s3, 2.5.3 to 2.5.4
+  * dialyxir, 1.4.3 to 1.4.4
+  * bcrypt_elixir, 3.2.0 to 3.3.0
+  * comeonin, 5.4.0 to 5.5.0
+  * swoosh, 1.17.1 to 1.17.2
+  * slipstream, 1.1.1 to 1.1.2
+  * telemetry_metrics_statsd, 0.7.0 to 0.7.1
+
+### Fixed
+* Dialyzer fixes (#1553)
+* Use the Endpoint from the socket (#1558)
+* Update tzdata to fix an exception during boot (#1559)
+* Only render connection tooltip when timestamp is present (#1565)
+* Use the endpoint from the socket in device socket (#1579)
+* Reintroduce missing custom metrics and metadata to device page. (#1578)
+* Only broadcast on terminate/2 if the channel is joined (#1586)
+
+Full Changelog - https://github.com/nerves-hub/nerves_hub_web/compare/463ce1d...421afb9
+
+## v2.0.0
+
+Trying to create a Changelog from the previous tagged version `v1.3.0` from
+January 2023 is frankly a bit much.
+
+The fundamentals:
+
+- Performant at scale: It is used in production with hundreds of thousands of connected devices. It works well.
+- Remove AWS: It is now easy to run and set up on any hosting platform
+
+There is also a lot more. The [initial announcement of 2.0](https://elixirforum.com/t/introducing-nerveshub-2-0/55531/5)
+has the basic idea. The only idea that isn't currently actively pursued or
+already delivered is MQTT and that is bound to pop up again in the future.
+
+A lot of this work should be credited to Eric Oestrich and he gave an update
+on it at [the Nerves Meetup](https://www.youtube.com/watch?v=vSYbSTXL26I).
+
+Jon Carstens covered some of the work during
+[his NervesConf talk](https://www.youtube.com/watch?v=lHcC9gwk_rg) as a well.
+
+After the 2.x changes were available Josh Kalderimis joined in and started
+looking at ease of use which led to a lot of various improvements but the
+biggest one is the alternative device authentication method: Shared Secret
+
+Since then we have contributions from 19 people where Eric Oestrich dominates
+the stats. Followed by Josh Kalderimis. Then Jon Carstens. 
+
+There are a lot of things planned. SmartRent, NervesCloud and other users of
+the project are in active collaboration on improving the featureset, the
+performance and the user experience. We want this to be not just a great tool
+for developers that choose Nerves but a surprising delight and joy to use.
+
+### Migration
+
+You should be able to migrate using the Ecto migrations. Nothing should be
+break if you migrate a 1.x install to the 2.x releases. We still recommend
+that you set aside time for dealing with anything unusual that might come up.
+
+You may also need some time to deprovision the AWS resources you no longer
+need.

Dockerfile

@@ -1,13 +1,12 @@
-ARG ELIXIR_VERSION=1.17.1
-ARG OTP_VERSION=27.0
+ARG ELIXIR_VERSION=1.17.2
+ARG OTP_VERSION=27.0.1
 ARG DISTRO=noble-20240605
 ARG NODE_VERSION=16.20.2
 
 ARG BUILDER_IMAGE="hexpm/elixir:${ELIXIR_VERSION}-erlang-${OTP_VERSION}-ubuntu-${DISTRO}"
 ARG RUNNER_IMAGE="ubuntu:${DISTRO}"
 ARG DEBIAN_FRONTEND=noninteractive
 
-
 ###
 ### First Stage - Fetch deps for building web assets
 ###
@@ -80,6 +79,9 @@ COPY lib lib
 
 COPY --from=assets /build/priv/static priv/static
 
+# We need the git history for creating the project version in Mix
+COPY .git .git
+
 RUN mix compile
 RUN mix phx.digest
 RUN mix sentry.package_source_code

README.md

@@ -2,28 +2,31 @@
 
 ![GitHub Actions](https://github.com/nerves-hub/nerves_hub_web/actions/workflows/ci.yml/badge.svg?branch=main)
 
-This is the source code for the NervesHub firmware update and device management
-server.
+This is the source repository for the NervesHub firmware update and device management
+server. Container images are available [on ghcr over here](https://ghcr.io/nerves-hub/nerves-hub). Issue reports, Pull Requests and feature requests are very welcome.
 
-**Important**
+## Features
 
-This is the 2.0 development branch of NervesHub. If you have been using
-NervesHub prior to around April, 2023 and are not following 2.0 development, see
-the [`maint-v1.0`
-branch](https://github.com/nerves-hub/nerves_hub_web/tree/maint-v1.0). The
-`maint-v1.0` branch is being used in production. 2.0 development is in progress,
-and we don't have guides or good documentation yet. If you use the 2.0
-development branch, we don't expect breaking changes, but please bear with us as
-we complete the 2.0 release.
+- Delivery of signed firmware to authenticated Nerves devices
+- Robust and reliable, confirmed to work at a scale of hundreds of thousands of devices
+- Hardware device certificate authentication using NervesKey
+- Shared secret authentication for easy onboarding and simpler setups
+- Self-hostable with minimal infrastructure, Dockerfile provided
+- Remote IEx terminal for debugging and device recovery
+- and more...
+
+Now that NervesHub 2.x is released we will refer to it simply as NervesHub. The 1.x version is now Legacy NervesHub ([`maint-v1.0`
+branch](https://github.com/nerves-hub/nerves_hub_web/tree/maint-v1.0)) and is under very limited maintenance and migration is strongly encouraged. The people that develop NervesHub no longer have 1.x environments running. See notes on migrating below.
+
+## Migration from 1.x to 2.x
+
+Migration should be quite straight-forward, there should not be any breaking changes. It is still the same application and NervesHubLink should stay largely compatible. You may find you no longer need a lot of the AWS services that was relied on by the 1.x version. We recommend decomissioning those if they aren't used for other things. Version 2.x requires an application server to run on, an S3-compatible object storage and a Postgres database. It also requires some control over how ingress is done for custom SSL handling. This should all be less than the requirements of Legacy NervesHub.
 
 ## Project overview and setup
 
 ### Development environment setup
 
-For best compatibility with Erlang SSL versions, we use Erlang/OTP 23.0.4. If
-you're coming to NervesHub without OTP 23 or earlier devices, don't worry about
-this. OTP 23.0.4 is difficult to install on Apple M1/M2 hardware so developing
-on Linux is highly recommended if you're keeping to the OTP 23.0.4 requirement.
+For best compatibility with Erlang SSL versions, we use Erlang/OTP 27.0.1.
 
 The `.tool-versions` files contains the Erlang, Elixir and NodeJS versions.
 Install [asdf-vm](https://asdf-vm.com/) and run the following for quick setup:
@@ -82,8 +85,8 @@ echo "127.0.0.1 nerves-hub.org" | sudo tee -a /etc/hosts
 
 Once the server is running, by default in development you can access it at http://localhost:4000
 
-In development you can login into a pre-generated account with the username
-`nerveshub` and password `nerveshub`.
+In development you can login into a pre-generated account with the email
+`nerveshub@nerves-hub.org` and password `nerveshub`.
 
 ### Running Tests
 

api-spec.yml

@@ -1,7 +1,7 @@
-openapi: '3.0.2'
+openapi: "3.0.2"
 info:
   title: NervesHub Web
-  version: '2.0'
+  version: "2.0"
 servers:
   - url: http://localhost:4000/api
 security:
@@ -31,13 +31,25 @@ components:
     device:
       type: object
       properties:
+        connection_status:
+          type: string
+          example: "connected"
+        connection_established_at:
+          type: string
+          format: date-time
+        connection_disconnected_at:
+          type: string
+          format: date-time
+        connection_last_seen_at:
+          type: string
+          format: date-time
         deployment:
-          $ref: '#/components/schemas/deployment'
+          $ref: "#/components/schemas/deployment"
         description:
           type: string
           example: "A device"
         firmware_metadata:
-          $ref: '#/components/schemas/firmware_metadata'
+          $ref: "#/components/schemas/firmware_metadata"
         firmware_update_status:
           type: string
           enum: [latest, pending, updating]
@@ -162,7 +174,7 @@ paths:
             format: uuid
           required: true
       responses:
-        '200':
+        "200":
           description: OK
           content:
             application/json:
@@ -176,8 +188,8 @@ paths:
                   `deployment` contains information about what firmware version and UUID should eventually be running on the device.
                 properties:
                   data:
-                    $ref: '#/components/schemas/device'
-        '404':
+                    $ref: "#/components/schemas/device"
+        "404":
           description: Not found
           content:
             application/json:
@@ -204,7 +216,7 @@ paths:
                   type: string
                   example: "kiosk"
       responses:
-        '200':
+        "200":
           description: OK
           content:
             application/json:
@@ -219,7 +231,7 @@ paths:
           schema:
             type: string
       responses:
-        '200':
+        "200":
           description: OK
           content:
             application/json:
@@ -229,7 +241,7 @@ paths:
                   data:
                     type: array
                     items:
-                      $ref: '#/components/schemas/script'
+                      $ref: "#/components/schemas/script"
   /devices/{identifier}/scripts/{id}:
     post:
       summary: Trigger a script to run
@@ -243,7 +255,7 @@ paths:
           schema:
             type: integer
       responses:
-        '200':
+        "200":
           description: OK
           content:
             text/plain:
@@ -262,7 +274,7 @@ paths:
             type: string
             example: nerveshub
       responses:
-        '200':
+        "200":
           description: OK
           content:
             application/json:
@@ -293,22 +305,22 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/firmware_key'
+              $ref: "#/components/schemas/firmware_key"
       responses:
-        '200':
+        "200":
           description: OK
           content:
             application/json:
               schema:
                 type: object
                 properties:
                   data:
-                    $ref: '#/components/schemas/firmware_key'
+                    $ref: "#/components/schemas/firmware_key"
   /users/me:
     get:
       summary: View information about the authenticated user
       responses:
-        '200':
+        "200":
           description: OK
           content:
             application/json: