v1.3 — Snowflake Proxy, Multi-Server Dashboard & Fleet Management

Conduit Manager v1.3

A major release bringing Snowflake proxy support, multi-server management, and comprehensive hardening. Run Tor Snowflake proxies alongside Conduit, manage fleets of remote servers from a single dashboard, and connect via non-root SSH with automatic sudo handling. Every byte formatter now scales to terabytes, and a full code audit squashed every bug found across 10,000+ lines. ❄️🚀

🌟 New Features

• ❄️ Snowflake Proxy Management: Run Tor Snowflake proxies alongside Conduit containers. Full menu with start/stop/restart, per-instance CPU and memory limits, and multi-instance support.
• 🌍 Snowflake Per-Country Stats: Live connection breakdown by country with activity bars, powered by Prometheus metrics scraping. See exactly where your Snowflake traffic is helping.
• 🖥️ Multi-Server Dashboard: Real-time TUI monitoring all your servers at once with 20-second auto-refresh. Per-server actions (restart, stop, start, update, logs) and bulk operations across your entire fleet.
• 🔗 Remote Server Management: Add, edit, and remove remote servers with encrypted credential storage. SSH ControlMaster keeps connections alive for instant command execution.
• 👤 Non-Root SSH Support: Automatic sudo prefix for non-root users. Setup wizard detects and verifies passwordless sudo, with clear instructions if it's not configured.
• 📊 Data Cap Monitoring: Set upload, download, and total data caps independently. Containers auto-stop when any cap is exceeded and resume on the next billing cycle.
• 🔑 Server Management from Dashboard: Press [M] in the multi-server dashboard to add, edit, or remove servers without leaving the TUI.
• 📱 Telegram Inline Keyboards: Interactive button menus for container management, QR codes, and settings — no more typing commands.
• 🏥 Telegram Health Check: /health command reports container states, system resources, and uptime in one message.
• 📷 QR Code via Telegram: /qr command generates and sends container claim QR codes directly to your chat.
• 📋 Weekly Summary Reports: Configurable weekly Telegram reports alongside existing periodic summaries.
• 🔧 System Stats in Reports: CPU usage, temperature, and RAM now included in all Telegram status reports.
• ⚖️ Safety & Legal Info: New info page with guidance on running Conduit responsibly in different regions.
• 🖥️ CLI Server Commands: conduit add-server, conduit remove-server, conduit servers, conduit dashboard, and conduit snowflake for scriptable management.

⚡ Performance

• SSH ControlMaster: Persistent SSH connections (300s keepalive) eliminate reconnection overhead for dashboard refreshes.
• Parallel SSH Queries: All remote server stats fetched simultaneously via background jobs, not sequentially.
• Zero-Fork Dashboard Parsing: _jparse and _fmt_bytes use bash builtins (printf -v, parameter expansion) — no subshells spawned during dashboard rendering.
• Progress Bar in Header: Refresh countdown embedded in the title row instead of a separate line, reducing visual clutter.

🐛 Fixes

• Timeout Detection: Dashboard server action timeout now correctly detects SIGTERM (exit 143) instead of checking for SIGKILL (137). Users now see the timeout warning message.
• Alert Aggregation: check_alerts() now sums CPU and takes max RAM across all containers instead of only monitoring the first one.
• Tracker Telegram Notification: Stuck-container auto-restart notification now works — replaced undefined function calls with direct curl to Telegram API.
• Network Interface Detection: get_net_speed() uses dev keyword matching instead of fragile awk '{print $5}' positional parsing.
• Docker Name Matching: Service status check uses strict ^conduit(-[0-9]+)?$ regex instead of loose prefix match that could count unrelated containers.
• Backup Filename Quoting: Hardened sh -c command in backup restore to prevent word splitting on filenames.
• TB Overflow Display: All byte formatters (format_bytes, _fmt_bytes, format_gb) now scale to terabytes instead of showing 1034.52 GB.
• Snowflake Connection Label: Changed from misleading "active connections" to "connections served" — these are cumulative totals, not live counts.
• Dead Code Cleanup: Removed unreachable branches, dead case patterns, and tautological guards identified during audit.
• Config Label Sanitization: TELEGRAM_SERVER_LABEL now strips quotes before writing to prevent settings.conf corruption.

🔒 Security

• Encrypted Credential Storage: Remote server passwords encrypted with AES-256-CBC using a per-install random key. Credential files stored with mode 600.
• sshpass Environment Mode: Passwords passed via SSHPASS environment variable — never visible in ps output.
• SSH Connection Validation: Connection strings validated against [a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+(:[0-9]+)? regex before use.
• Server Label Validation: Labels restricted to [a-zA-Z0-9_-]+ — prevents injection in grep patterns and config files.
• Full Code Audit: Five parallel audit agents reviewed all 10,400 lines. Every CRITICAL and HIGH finding verified and resolved. Final score: 9/10 across all categories.

⬆️ Seamless Upgrade from v1.2

Existing users do not need to reinstall. Just run the update command or use Option 8 from the menu. All containers, settings, Telegram config, remote servers, and node identity keys are preserved automatically. Snowflake proxy is disabled by default until you enable it from the Snowflake menu.

💡 Tip for existing users: After updating, check out the Snowflake Proxy option in the main menu to start helping Tor users, and try conduit dashboard if you manage multiple servers.

v1.2 - Telegram Bot, Resource Limits & Faster TUI

Conduit Manager v1.2

A major release focused on resource control, Telegram integration, and performance. Containers now support per-instance CPU and memory limits, a full Telegram bot provides remote monitoring and management, and parallelized Docker commands cut TUI refresh times by 75%. 🚀

🌟 New Features

• 🖥️ Per-Container Resource Limits: Set CPU and memory limits for each container via the Settings menu. Smart defaults based on your system's CPU cores and RAM. Limits are also prompted when adding new containers.
• 🤖 Telegram Bot Integration: Full-featured Telegram bot with guided setup wizard. Receive periodic status reports with client counts, bandwidth, and timestamps — all delivered automatically.
• 📲 Telegram Container Commands: Manage containers remotely with /containers, /restart_N, /stop_N, /start_N directly from Telegram.
• 🔧 Systemd Notification Service: Telegram bot runs as a proper systemd service — survives reboots, TUI exits, and SSH disconnects.
• 🔢 Compact Number Display: Large counts now show as 16.5K, 1.2M instead of raw numbers across all screens and reports.
• 👥 Active Clients Count: Dashboard and Telegram reports now show both connected and connecting peers separately.
• 📈 Total Bandwidth Served: Reports include cumulative bandwidth alongside per-session stats.
• 🕐 Timestamps on Reports: All Telegram reports include server time and uptime info.
• 🏷️ Server Label & IP: Reports identify your server by label and IP for multi-server operators.
• 🔄 Auto-Restart for Stuck Containers: Improved detection and automatic recovery of stuck containers.

⚡ Performance

• Parallelized Docker Commands: All TUI screens (Status, Container Management, Advanced Stats, Live Peers) now run Docker commands in parallel.
• Batched Inspect Calls: Single docker inspect call for all containers instead of one per container.
• Parallel Stop/Remove: Multi-container operations run concurrently instead of sequentially.
• ~75% Faster Refresh: Screen refresh time reduced from ~10s to ~2-3s with multiple containers.

🐛 Fixes

• False WAITING Status: Health check no longer shows WAITING for connected containers without stats.
• Container Lifecycle Logic: Start/stop/restart now correctly detects resource limit changes and recreates containers when needed.
• Duplicate Countries in GeoIP: Broader name normalization prevents duplicate country entries (e.g., "Korea" vs "South Korea").
• Telegram Markdown Escaping: Backslash handling fixed — reports no longer break with special characters.
• Telegram Container Names: Fixed mismatch (conduit2 → conduit-2) so bot commands target the right container.
• Telegram Report Accuracy: Log tail increased from 50 to 400 lines for accurate client counting.
• Wizard Failure Recovery: Failed setup wizard now preserves your existing config instead of leaving a blank file.
• Tracker Arithmetic Overflow: Fixed overflow in traffic counters for high-traffic nodes.
• Input/Output Error Loop: Broken /dev/tty no longer causes infinite error loop.
• CPU Normalization: Reports now divide CPU usage by core count for accurate percentages.
• Peers Count Consistency: Peer counts now match across all views (dashboard, stats, peers, Telegram).
• Notification Loop: Menu no longer restarts the notification loop every time it opens.
• PID Management: Proper cleanup of background process PID files.
• Stale Temp Data: Temp directories cleaned up to prevent reading leftover data from previous sessions.
• Multiple TUI Stability Fixes: Various edge cases and display glitches resolved.

🔒 Security

• Atomic Settings Writes: Config file writes use temp file + rename — no more corruption on power loss.
• Secure Temp Directories: All temp dirs use mktemp with random names (prevents symlink attacks).
• Pipeline Error Detection: set -eo pipefail catches failures in piped commands.
• Docker Stats Timeout: timeout 10 on docker stats prevents indefinite hangs.
• Silent Bot Token Input: Telegram token is not echoed to terminal during setup.
• Chat ID Validation: Numeric-only validation prevents injection in Telegram chat IDs.
• Restricted PID Permissions: PID files created with mode 600.
• OPSEC Warning: Setup wizard warns operators in censored regions about Telegram metadata.
• Curl Safety Limits: All curl calls include --max-filesize and --max-time.

⬆️ Seamless Upgrade from v1.1

Existing users do not need to reinstall. Just run the update command or use Option 8 from the menu. All containers, settings, Telegram config, and node identity keys are preserved automatically. The new resource limits default to unlimited (same behavior as before) until you configure them.

💡 Tip for existing users: After updating, check out Settings & Tools (Option 9) to set up Telegram notifications and configure resource limits for your containers.

---

📥 How to Update

Simply run the installer again:

curl -sL https://raw.githubusercontent.com/SamNet-dev/conduit-manager/main/conduit.sh | sudo bash

Conduit Manager v1.1 — Multi-Container, Background Tracker, Advanced Stats & Log Rotation

Conduit Manager v1.1

A massive update bringing multi-container scaling, a background traffic tracker, advanced stats, and a completely overhauled dashboard. 🚀

🌟 New Features

• 🐳 Multi-Container Support: Run up to 5 Conduit containers on a single server for maximum throughput. Add or remove containers on the fly from the new Manage Containers page.
• 📡 Background Traffic Tracker: A dedicated systemd service that continuously monitors traffic with per-country GeoIP resolution. Stats persist across restarts — no more losing data when you close the menu.
• 📊 Advanced Stats Page (Option a): Full-screen dashboard with bar charts showing Top 5 countries by connected peers, download, upload, and unique IPs. Auto-refreshes every 15 seconds.
• ⚙️ Per-Container Settings: Configure max-clients and bandwidth individually for each container from the new Container Settings page.
• 📖 Info & Help Hub (Option i): Multi-page guide with 5 sub-pages covering the tracker, stats, containers & scaling, privacy & security, and about.
• 🧠 Smart Install: Detects your CPU cores and RAM during setup and recommends the right number of containers for your hardware.

🔄 Changes & Improvements

• Dashboard Overhaul (Option 1): Side-by-side layout showing Active Clients per country (left) and Top 5 Upload (right) with real-time bar graphs and percentage breakdowns.
• Live Peer Traffic Rewrite (Option 4): Redesigned as a clean table with Country, Total bytes, Speed, and estimated Clients per country. SSH traffic (port 22) is now excluded.
• Container Manager (Option 6): Auto-refreshing status view with soft update so no more screen flicker. See CPU, RAM, and client count per container in real time.
• Service Auto-Recovery: Script automatically detects and restarts failed conduit.service on launch. No more stuck "failed" status.
• Version in Banner: Version number now displayed directly in the dashboard header.

🐛 Fixes

• Docker Log Rotation: Containers now have automatic log rotation (15MB max, 3 rotated files per container). Previously, Docker logs grew without limit and could eat gigabytes of disk space over time. After updating, restart your containers from the menu (Option 7 → Restart) to apply the new log limits and clear old bloated logs.
• Snap Docker Compatibility: Backup restore now falls back to docker cp when bind-mounts fail (fixes Snap-installed Docker on Ubuntu).
• Amazon Linux 2023 GeoIP: Installer now auto-detects and installs libmaxminddb when legacy geoiplookup is unavailable (fixes AL2023/Fedora).

⬆️ Seamless Upgrade from v1.0.x

Existing users do not need to reinstall. Your current container is recognized automatically. Just run the new script and select "Open management menu" — all new features are available immediately. The background tracker starts on your next container restart.

💡 Tip for existing users: After updating, restart your containers once from the menu (Option 7 → Restart) to activate Docker log rotation and free up disk space from old logs. You can also restart docker in c. 📦 Manage containers menu as well.

---

📥 How to Update

Simply run the installer again:

curl -sL https://raw.githubusercontent.com/SamNet-dev/conduit-manager/main/conduit.sh | sudo bash

v1.0.2 - Live Peers, Data Persistence, and Health Checks

Conduit Manager v1.0.2

This is a major update focusing on visibility, data persistence, and stability. 🚀

🌟 New Features

• 🌍 Live Peer Traffic Map (Option 9): Visualize exactly where your traffic is going! This new dashboard shows real-time bandwidth usage broken down by country, including active peer counts and cumulative data.
• 💾 Backup & Restore: You can now securely backup your Node Identity Key (conduit_key.json). This allows you to move servers or reinstall without losing your reputation and network presence.
• 🩺 Health Checks: Added a comprehensive conduit health command to diagnose Docker issues, network connectivity, and container status.

🔄 Changes & Improvements

• Robust Stats Streaming: Reverted the live stats mechanism (Option 2) to use direct log streaming. This ensures 100% compatibility across all VPS providers, fixing issues where stats would show as "0".
• Simplified Updates: Removed the strict SHA256 image digest verification. This ensures you always pull the latest functioning image without the installer acting as a blocker during upstream updates.

❤️ Special Thanks

A huge thank you to @moghtaderi for their incredible work on this release. They contributed the core logic for the Live Peer Traffic map, the Backup/Restore system, and helped refine the health checks. This update wouldn't be possible without their pull request and dedication!

---

📥 How to Update

You do not need to uninstall. Simply run the installer again to update your management script:

curl -sL https://raw.githubusercontent.com/SamNet-dev/conduit-manager/main/conduit.sh | sudo bash

Psiphon Conduit Manager v1.0.1: Dashboard Overhaul & Core Upgrade (d8522a8)

Psiphon Conduit Manager v1.0.1 - Release Notes

This version introduces support for the latest Conduit core engine and a major overhaul of the management dashboard for better performance and clarity.

🚀 New Features & Improvements

• New Core Engine: Upgraded to Conduit CLI d8522a8.
• Unlimited Bandwidth: Added the highly requested option to set bandwidth to Unlimited (-1) during setup or via the settings menu.
• Dashboard UI Overhaul:
  • New 3-Row Resource Layout: Track App, System, and Total usage separately.
  • CPU Normalization: App CPU now shows as a percentage of total system capacity
  • Live CPU Delta: System CPU now shows instantaneous usage rather than the average since boot.
• Performance Tuning:
  • Instant Stats: Increased log buffer to 2500 lines to ensure traffic stats load instantly, even in verbose mode.
  • Faster Refresh: Dashboard now updates every 5 seconds.
  • Flicker-Free Updates: Switched to smooth screen refreshing (no more full-screen flickering or ghosting).
• Stability & Fixes:
  • Hardened the management script with set +e to prevent menu crashes.
  • Ensured full compatibility with Unix (LF) line endings.
  • Added get_cpu_cores utility to the management script for better scaling.

---

❤️ Special Thanks

A huge thank you to @ssmirr for the incredible work on the Conduit Core Engine. This project wouldn't be possible without your dedication and high-quality contributions!

---

📦 How to Update

Run the installer again to apply the new management script and core engine:

curl -sL [https://raw.githubusercontent.com/SamNet-dev/conduit-manager/main/conduit.sh](https://raw.githubusercontent.com/SamNet-dev/conduit-manager/main/conduit.sh) | sudo bash