From fb1db6c891abb7e42b83d584f9acddf93f1176de Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Thu, 19 Mar 2026 20:20:26 +0200 Subject: [PATCH 01/14] feat(desktop): wire auto-updater with GitHub Releases --- surfsense_desktop/src/main.ts | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/surfsense_desktop/src/main.ts b/surfsense_desktop/src/main.ts index a25644cb5..e0a6c3be5 100644 --- a/surfsense_desktop/src/main.ts +++ b/surfsense_desktop/src/main.ts @@ -1,6 +1,7 @@ import { app, BrowserWindow, shell, ipcMain, session, dialog, clipboard, Menu } from 'electron'; import path from 'path'; import { getPort } from 'get-port-please'; +import { autoUpdater } from 'electron-updater'; function showErrorDialog(title: string, error: unknown): void { const err = error instanceof Error ? error : new Error(String(error)); @@ -210,6 +211,37 @@ if (process.defaultApp) { app.setAsDefaultProtocolClient(PROTOCOL); } +function setupAutoUpdater() { + if (isDev) return; + + autoUpdater.autoDownload = true; + + autoUpdater.on('update-available', (info) => { + console.log(`Update available: ${info.version}`); + }); + + autoUpdater.on('update-downloaded', (info) => { + console.log(`Update downloaded: ${info.version}`); + dialog.showMessageBox({ + type: 'info', + buttons: ['Restart', 'Later'], + defaultId: 0, + title: 'Update Ready', + message: `Version ${info.version} has been downloaded. Restart to apply the update.`, + }).then(({ response }) => { + if (response === 0) { + autoUpdater.quitAndInstall(); + } + }); + }); + + autoUpdater.on('error', (err) => { + console.error('Auto-updater error:', err); + }); + + autoUpdater.checkForUpdates(); +} + function setupMenu() { const isMac = process.platform === 'darwin'; const template: Electron.MenuItemConstructorOptions[] = [ @@ -233,6 +265,7 @@ app.whenReady().then(async () => { return; } createWindow(); + setupAutoUpdater(); // If a deep link was received before the window was ready, handle it now if (deepLinkUrl) { From 71e87f302b33dec8eb43a6718db1d4eea059282b Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Thu, 19 Mar 2026 20:49:30 +0200 Subject: [PATCH 02/14] ci(desktop): add release workflow skeleton with tag trigger and matrix --- .github/workflows/desktop-release.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 .github/workflows/desktop-release.yml diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml new file mode 100644 index 000000000..3a449b2c2 --- /dev/null +++ b/.github/workflows/desktop-release.yml @@ -0,0 +1,17 @@ +name: Desktop Release + +on: + push: + tags: + - 'v*' + +jobs: + build: + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [macos-latest, ubuntu-latest, windows-latest] + + steps: + - name: Checkout + uses: actions/checkout@v4 From b6c1db33eb920dce99c32edcdca09c1ca174ab1d Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 14:04:07 +0200 Subject: [PATCH 03/14] ci(desktop): add pnpm and Node.js setup steps --- .github/workflows/desktop-release.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index 3a449b2c2..815c2fceb 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -15,3 +15,12 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + + - name: Setup pnpm + uses: pnpm/action-setup@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: 20 + cache: 'pnpm' From 4b50b3db1a2d14d20e3bba2ef91622b82ec59cce Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 14:49:52 +0200 Subject: [PATCH 04/14] ci(desktop): add dependency install and Next.js build steps --- .github/workflows/desktop-release.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index 815c2fceb..2d48b1b34 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -24,3 +24,15 @@ jobs: with: node-version: 20 cache: 'pnpm' + + - name: Install web dependencies + run: pnpm install + working-directory: surfsense_web + + - name: Build Next.js standalone + run: pnpm build + working-directory: surfsense_web + + - name: Install desktop dependencies + run: pnpm install + working-directory: surfsense_desktop From 0f37919f3d0d5bf11c97ea2ec1168d8cff02bd0b Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 15:10:24 +0200 Subject: [PATCH 05/14] ci(desktop): add Electron build step --- .github/workflows/desktop-release.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index 2d48b1b34..11b65d574 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -36,3 +36,7 @@ jobs: - name: Install desktop dependencies run: pnpm install working-directory: surfsense_desktop + + - name: Build Electron + run: pnpm build + working-directory: surfsense_desktop From 337c381f3626abd2981cffd4d82a6c293a8111b9 Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 15:19:38 +0200 Subject: [PATCH 06/14] ci(desktop): add package & publish step with platform matrix and permissions --- .github/workflows/desktop-release.yml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index 11b65d574..41e802588 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -5,12 +5,21 @@ on: tags: - 'v*' +permissions: + contents: write + jobs: build: runs-on: ${{ matrix.os }} strategy: matrix: - os: [macos-latest, ubuntu-latest, windows-latest] + include: + - os: macos-latest + platform: --mac + - os: ubuntu-latest + platform: --linux + - os: windows-latest + platform: --win steps: - name: Checkout @@ -40,3 +49,9 @@ jobs: - name: Build Electron run: pnpm build working-directory: surfsense_desktop + + - name: Package & Publish + run: pnpm exec electron-builder ${{ matrix.platform }} --config electron-builder.yml --publish always + working-directory: surfsense_desktop + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 207ef02f5e04e6b56370d44be616bd526574d0b6 Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 15:30:20 +0200 Subject: [PATCH 07/14] ci(desktop): fix pnpm cache by specifying lockfile paths for monorepo --- .github/workflows/desktop-release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index 41e802588..26bd6e3db 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -33,6 +33,9 @@ jobs: with: node-version: 20 cache: 'pnpm' + cache-dependency-path: | + surfsense_web/pnpm-lock.yaml + surfsense_desktop/pnpm-lock.yaml - name: Install web dependencies run: pnpm install From cbee2e254cb5c081cea87956f057a5e5fd7c7e5b Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 15:31:05 +0200 Subject: [PATCH 08/14] ci(desktop): disable fail-fast so all platform builds complete independently --- .github/workflows/desktop-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index 26bd6e3db..bbb38ac83 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -12,6 +12,7 @@ jobs: build: runs-on: ${{ matrix.os }} strategy: + fail-fast: false matrix: include: - os: macos-latest From a08d03041abbebdaaece14b336e6b5f20611d467 Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 15:42:03 +0200 Subject: [PATCH 09/14] ci(desktop): align tag trigger with upstream beta-v* convention --- .github/workflows/desktop-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index bbb38ac83..dba2fa9cd 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -3,7 +3,7 @@ name: Desktop Release on: push: tags: - - 'v*' + - 'beta-v*' permissions: contents: write From 9db5b5e99dc0c8ee41c02b76c03c1c3f700dc476 Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 16:21:11 +0200 Subject: [PATCH 10/14] ci(desktop): pass NEXT_PUBLIC env vars from GitHub Actions variables to Next.js build --- .github/workflows/desktop-release.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index dba2fa9cd..68b169497 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -45,6 +45,11 @@ jobs: - name: Build Next.js standalone run: pnpm build working-directory: surfsense_web + env: + NEXT_PUBLIC_FASTAPI_BACKEND_URL: ${{ vars.NEXT_PUBLIC_FASTAPI_BACKEND_URL }} + NEXT_PUBLIC_ELECTRIC_URL: ${{ vars.NEXT_PUBLIC_ELECTRIC_URL }} + NEXT_PUBLIC_DEPLOYMENT_MODE: ${{ vars.NEXT_PUBLIC_DEPLOYMENT_MODE }} + NEXT_PUBLIC_FASTAPI_BACKEND_AUTH_TYPE: ${{ vars.NEXT_PUBLIC_FASTAPI_BACKEND_AUTH_TYPE }} - name: Install desktop dependencies run: pnpm install From 70712f21db9d4d0407c749f9d46ce2c3947726a6 Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 16:29:48 +0200 Subject: [PATCH 11/14] ci(desktop): add HOSTED_FRONTEND_URL from GitHub Actions variables for Electron build --- .github/workflows/desktop-release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index 68b169497..03af2bd25 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -58,6 +58,8 @@ jobs: - name: Build Electron run: pnpm build working-directory: surfsense_desktop + env: + HOSTED_FRONTEND_URL: ${{ vars.HOSTED_FRONTEND_URL }} - name: Package & Publish run: pnpm exec electron-builder ${{ matrix.platform }} --config electron-builder.yml --publish always From d4ef79375bbd09f111531dc1f9eae6bccc3716d9 Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 16:35:56 +0200 Subject: [PATCH 12/14] fix(desktop): read HOSTED_FRONTEND_URL from process.env before .env file --- surfsense_desktop/scripts/build-electron.mjs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/surfsense_desktop/scripts/build-electron.mjs b/surfsense_desktop/scripts/build-electron.mjs index 2c59061b4..923830296 100644 --- a/surfsense_desktop/scripts/build-electron.mjs +++ b/surfsense_desktop/scripts/build-electron.mjs @@ -109,7 +109,7 @@ async function buildElectron() { minify: false, define: { 'process.env.HOSTED_FRONTEND_URL': JSON.stringify( - desktopEnv.HOSTED_FRONTEND_URL || 'https://surfsense.net' + process.env.HOSTED_FRONTEND_URL || desktopEnv.HOSTED_FRONTEND_URL || 'https://surfsense.net' ), }, }; From c891cc3d9b99a1baa75851e0998c6a1c4f9b0f42 Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 16:44:10 +0200 Subject: [PATCH 13/14] ci(desktop): auto-extract version from tag and pass to electron-builder --- .github/workflows/desktop-release.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index 03af2bd25..cd1d554b9 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -26,6 +26,11 @@ jobs: - name: Checkout uses: actions/checkout@v4 + - name: Extract version from tag + id: version + shell: bash + run: echo "VERSION=${GITHUB_REF#refs/tags/beta-v}" >> "$GITHUB_OUTPUT" + - name: Setup pnpm uses: pnpm/action-setup@v4 @@ -62,7 +67,7 @@ jobs: HOSTED_FRONTEND_URL: ${{ vars.HOSTED_FRONTEND_URL }} - name: Package & Publish - run: pnpm exec electron-builder ${{ matrix.platform }} --config electron-builder.yml --publish always + run: pnpm exec electron-builder ${{ matrix.platform }} --config electron-builder.yml --publish always -c.extraMetadata.version=${{ steps.version.outputs.VERSION }} working-directory: surfsense_desktop env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} From e7b5b37404ae896ac540aa242fcc73c4ddc136e4 Mon Sep 17 00:00:00 2001 From: CREDO23 Date: Fri, 20 Mar 2026 16:55:18 +0200 Subject: [PATCH 14/14] ci(desktop): support both v* and beta-v* tag triggers with unified version extraction --- .github/workflows/desktop-release.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index cd1d554b9..7119fcb6d 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -3,6 +3,7 @@ name: Desktop Release on: push: tags: + - 'v*' - 'beta-v*' permissions: @@ -29,7 +30,11 @@ jobs: - name: Extract version from tag id: version shell: bash - run: echo "VERSION=${GITHUB_REF#refs/tags/beta-v}" >> "$GITHUB_OUTPUT" + run: | + TAG=${GITHUB_REF#refs/tags/} + VERSION=${TAG#beta-} + VERSION=${VERSION#v} + echo "VERSION=$VERSION" >> "$GITHUB_OUTPUT" - name: Setup pnpm uses: pnpm/action-setup@v4