Skip to content

chore: replace graphql server #1875

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
pujitm wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

chore: replace graphql server #1875

pujitm wants to merge 1 commit into from
+202 −147

Conversation

@pujitm
Copy link
Member

@pujitm pujitm commented Jan 14, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features

    • Adds an Unraid Core service with startup/shutdown integration and installer support to manage core alongside the API.
    • Service lifecycle script enabling start/stop/restart/status for the Unraid Phoenix application.

  • Behavior Changes

    • GraphQL proxy now routes to the Unraid Core backend.

  • Bug Fixes

    • Improved remote-access verification to validate configuration before enabling WAN access.

  • Tests

    • Simplified SSO/authentication test suite by removing redundant edge cases.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 14, 2026
edited
Loading

Note

Currently processing new changes in this PR. This may take a few minutes, please wait...

📥 Commits

Reviewing files that changed from the base of the PR and between 861c49d and 2a31900.

📒 Files selected for processing (10)
  • api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/rc.nginx.modified.snapshot
  • api/src/unraid-api/unraid-file-modifier/modifications/patches/rc-nginx.patch
  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
  • plugin/plugins/dynamix.unraid.net.plg
  • plugin/source/dynamix.unraid.net/etc/rc.d/rc.unraid
  • plugin/source/dynamix.unraid.net/etc/rc.d/rc6.d/K30unraid-core
  • plugin/source/dynamix.unraid.net/install/doinst.sh
  • plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh
  • web/__test__/components/SsoButton.test.ts
  • web/src/components/sso/useSsoAuth.ts
 __________________________________________________
< Veni, Vidi, Validavi. I came, I saw, I reviewed. >
 --------------------------------------------------
  \
   \   (\__/)
       (•ㅅ•)
       /   づ

✏️ Tip: You can disable in-progress messages by setting review_status to false in your review settings. Additionally, you can disable the fortune message by setting in_progress_fortune to false in your review settings.

Tip

You can get early access to new features in CodeRabbit.

Enable the early_access setting in your project's settings in CodeRabbit to enable early access features such as new models, tools, and more.

Walkthrough

This PR adds Unraid Core service management and packaging, routes /graphql through the core socket instead of the API socket, updates installation and shutdown scripts to manage the core, and simplifies SSO by removing client-side state token handling.

Changes

Cohort / File(s) Summary
Core package plugin changes
plugin/plugins/dynamix.unraid.net.plg, plugin/source/dynamix.unraid.net/install/doinst.sh		 Adds core package metadata and installation/upgrade/uninstall logic to the PLG; applies install permissions for core shutdown script in doinst.sh; integrates core lifecycle steps with API install flow.
Core runtime scripts
plugin/source/dynamix.unraid.net/etc/rc.d/rc.unraid, plugin/source/dynamix.unraid.net/etc/rc.d/rc6.d/K30unraid-core		 Adds rc.unraid service script to manage the Unraid Phoenix app (start/stop/status/restart/rollback) and a shutdown symlink script to stop the core during shutdown.
Install verification updates
plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh		 Adds checks and messaging for the new core shutdown script and updates critical file/dir checks and shutdown error accounting.
Nginx rc patch / modifier
api/src/unraid-api/unraid-file-modifier/modifications/patches/rc-nginx.patch, api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts, api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/rc.nginx.modified.snapshot		 Changes /graphql proxy_pass from unraid-api.sock to unraid-core.sock; introduces check_remote_access() and new globals (CONNECT_CONFIG, API_UTILS); adjusts NET_FQDN iteration quoting and related logic.
SSO/client auth changes & tests
web/src/components/sso/useSsoAuth.ts, web/__test__/components/SsoButton.test.ts		 Removes client-side CSRF/state token generation and sessionStorage use; simplifies navigate flow to redirect to /auth/sso/{providerId}; reduces and simplifies related tests to expect fixed redirect behavior.

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant Nginx
  participant UnraidCore
  participant UnraidAPI

  Client->>Nginx: HTTP POST /graphql
  Nginx->>UnraidCore: proxy_pass to unraid-core.sock
  UnraidCore->>UnraidAPI: (optional) internal call to API service/socket
  UnraidAPI-->>UnraidCore: API response
  UnraidCore-->>Nginx: GraphQL response
  Nginx-->>Client: HTTP response
Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Poem

🐰
I hopped through sockets, patches, and plg,
Core and API now dance in a jig,
No state to stash, the flow is lean,
Shutdowns tidy, installations clean,
A little rabbit cheers the new routine.

🚥 Pre-merge checks | ✅ 1 | ❌ 2
❌ Failed checks (1 warning, 1 inconclusive)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check ❓ Inconclusive The title 'chore: replace graphql server' is vague and does not accurately capture the scope of changes, which extends far beyond just replacing a GraphQL server. Consider a more specific title that reflects the main objectives, such as 'feat: integrate Unraid Core service alongside API' or 'chore: refactor authentication and service architecture'.
✅ Passed checks (1 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings

Comment @coderabbitai help to get the list of available commands and usage tips.

@codecov
Copy link

codecov bot commented Jan 14, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 90.90909% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 46.39%. Comparing base (38a6f0c) to head (2a31900).

Files with missing lines Patch % Lines
...le-modifier/modifications/rc-nginx.modification.ts 85.71% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1875      +/-   ##
==========================================
- Coverage   46.40%   46.39%   -0.02%     
==========================================
  Files         954      954              
  Lines       59791    59770      -21     
  Branches     5538     5530       -8     
==========================================
- Hits        27749    27731      -18     
+ Misses      31923    31920       -3     
  Partials      119      119

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@pujitm pujitm force-pushed the feat/substitute-graphql branch from 230e0cd to 861c49d Compare January 14, 2026 23:27
coderabbitai[bot]
coderabbitai bot requested changes Jan 14, 2026
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🤖 Fix all issues with AI agents 
In `@plugin/plugins/dynamix.unraid.net.plg`:
- Around line 333-346: Replace the broad glob "unraid-*" used when setting
core_pkg_installed with a version-specific pattern or filter to avoid matching
unrelated packages: update the ls/grep invocation that assigns
core_pkg_installed to only match names like "unraid-" followed by a digit (e.g.,
use "unraid-[0-9]*" or pipe through grep -E '^unraid-[0-9]') so
core_pkg_installed and core_pkg_basename resolve to the actual core package name
and removepkg --terse is invoked only for that package.

In `@plugin/source/dynamix.unraid.net/etc/rc.d/rc.unraid`:
- Around line 67-79: The rollback() function currently does rm -rf
/usr/local/unraid then mv /usr/local/unraid.prev /usr/local/unraid which is not
atomic and can leave the system without an installation if mv fails; change to a
safer three-step swap: rename the current dir to a temp backup (e.g., mv
/usr/local/unraid /usr/local/unraid.tmp), then mv /usr/local/unraid.prev to
/usr/local/unraid, and only after verifying that succeeds remove the temp
backup; ensure each mv is checked for failure and on any error attempt to
restore from the temp backup and return a non-zero exit code so rollback is
atomic and recoverable, updating the rollback() function and its error handling
accordingly.
🧹 Nitpick comments (5)
web/src/components/sso/useSsoAuth.ts (1)

91-93: Guard placement has no effect - consider moving to function start.

This guard at the end of the try block is a no-op: if a token or error exists, the function already returned at lines 76 or 88. If neither exists, there's no code after this guard anyway.

If the intent is to restrict OAuth callback processing to the login page only, move this guard to the beginning of handleOAuthCallback:

♻️ Suggested refactor 
 const handleOAuthCallback = async () => {
+  if (window.location.pathname !== '/login') {
+    return;
+  }
+
   try {
     // First check hash parameters (for token and error - keeps them out of server logs)
     const hashParams = new URLSearchParams(window.location.hash.slice(1));
     ...
-    if (window.location.pathname !== '/login') {
-      return;
-    }
   } catch (err) {
plugin/source/dynamix.unraid.net/etc/rc.d/rc.unraid (2)

25-26: Minor: Simplify command substitution.

Line 26 uses an unnecessary cat pipe. Consider simplifying:

 export SECRET_KEY_BASE=$(cat "$CONFIG_DIR/secret_key_base")
-export RELEASE_COOKIE=$(cat "$CONFIG_DIR/secret_key_base" | head -c 20)
+export RELEASE_COOKIE=$(head -c 20 "$CONFIG_DIR/secret_key_base")

81-88: Unknown commands should exit with non-zero status.

When an invalid command is passed, the script shows usage but exits with status 0 (implicit). Consider exiting with non-zero for unknown commands:

 case "${1:-}" in
     start)    start ;;
     stop)     stop ;;
     restart)  restart ;;
     status)   status ;;
     rollback) rollback ;;
-    *)        echo "Usage: $0 {start|stop|restart|status|rollback}" ;;
+    *)        echo "Usage: $0 {start|stop|restart|status|rollback}"; exit 1 ;;
 esac
plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh (1)

219-219: Trailing whitespace.

Line 219 has trailing whitespace after fi. Consider removing it for consistency.

-fi 
+fi
api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts (1)

98-105: Clarify why OS version check is disabled.

The change to pass { checkOsVersion: false } removes version gating for this modification. Consider adding a brief comment explaining why this modification should apply to all versions, given the class docstring mentions "< Unraid 7.2.0".

  async shouldApply(): Promise<ShouldApplyWithReason> {
+       // Apply to all versions as core socket routing is needed regardless of OS version
        const { shouldApply, reason } = await super.shouldApply({ checkOsVersion: false });
📜 Review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 230e0cd and 861c49d.

📒 Files selected for processing (10)
  • api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/rc.nginx.modified.snapshot
  • api/src/unraid-api/unraid-file-modifier/modifications/patches/rc-nginx.patch
  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
  • plugin/plugins/dynamix.unraid.net.plg
  • plugin/source/dynamix.unraid.net/etc/rc.d/rc.unraid
  • plugin/source/dynamix.unraid.net/etc/rc.d/rc6.d/K30unraid-core
  • plugin/source/dynamix.unraid.net/install/doinst.sh
  • plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh
  • web/__test__/components/SsoButton.test.ts
  • web/src/components/sso/useSsoAuth.ts
🚧 Files skipped from review as they are similar to previous changes (4)
  • web/test/components/SsoButton.test.ts
  • plugin/source/dynamix.unraid.net/install/doinst.sh
  • plugin/source/dynamix.unraid.net/etc/rc.d/rc6.d/K30unraid-core
  • api/src/unraid-api/unraid-file-modifier/modifications/test/snapshots/rc.nginx.modified.snapshot
🧰 Additional context used
📓 Path-based instructions (7)
**/*

📄 CodeRabbit inference engine (.cursor/rules/default.mdc)

Never add comments unless they are needed for clarity of function

Files:

  • plugin/source/dynamix.unraid.net/etc/rc.d/rc.unraid
  • web/src/components/sso/useSsoAuth.ts
  • plugin/plugins/dynamix.unraid.net.plg
  • plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh
  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
  • api/src/unraid-api/unraid-file-modifier/modifications/patches/rc-nginx.patch
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.{ts,tsx,js,jsx}: Always use TypeScript imports with .js extensions for ESM compatibility
Never add comments unless they are needed for clarity of function
Never add comments for obvious things, and avoid commenting when starting and ending code blocks

Files:

  • web/src/components/sso/useSsoAuth.ts
  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
web/**/*

📄 CodeRabbit inference engine (CLAUDE.md)

Always run pnpm codegen for GraphQL code generation in the web directory

Files:

  • web/src/components/sso/useSsoAuth.ts
web/src/**/*.ts

📄 CodeRabbit inference engine (CLAUDE.md)

Ensure Vue reactivity imports are added to store files (computed, ref, watchEffect)

Files:

  • web/src/components/sso/useSsoAuth.ts
**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.{ts,tsx}: Never use the any type. Always prefer proper typing
Avoid using casting whenever possible, prefer proper typing from the start

Files:

  • web/src/components/sso/useSsoAuth.ts
  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
api/**/*

📄 CodeRabbit inference engine (CLAUDE.md)

Prefer adding new files to the NestJS repo located at api/src/unraid-api/ instead of the legacy code

Files:

  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
  • api/src/unraid-api/unraid-file-modifier/modifications/patches/rc-nginx.patch
api/**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

cache-manager v7 expects TTL values in milliseconds, not seconds (e.g., 600000 for 10 minutes, not 600)

Files:

  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
🧠 Learnings (16)
📓 Common learnings 
Learnt from: pujitm
Repo: unraid/api PR: 1211
File: web/composables/gql/gql.ts:17-18
Timestamp: 2025-03-12T13:48:14.850Z
Learning: In the Unraid API project, the duplicate GraphQL query and mutation strings in gql.ts files are intentionally generated by GraphQL CodeGen tool and are necessary for the type system to function properly.

Learnt from: mdatelle
Repo: unraid/api PR: 1106
File: unraid-ui/src/components/index.ts:2-2
Timestamp: 2025-02-04T17:21:39.710Z
Learning: The unraid-ui package is undergoing a major refactoring process, and breaking changes are expected during this transition period.
📚 Learning: 2025-06-11T14:14:30.348Z 
Learnt from: pujitm
Repo: unraid/api PR: 1415
File: plugin/plugins/dynamix.unraid.net.plg:234-236
Timestamp: 2025-06-11T14:14:30.348Z
Learning: For the Unraid Connect plugin, the script `/etc/rc.d/rc.unraid-api` is bundled with the plugin package itself, so its presence on the target system is guaranteed during installation.

Applied to files:

  • plugin/source/dynamix.unraid.net/etc/rc.d/rc.unraid
  • plugin/plugins/dynamix.unraid.net.plg
  • plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh
📚 Learning: 2025-01-27T14:31:42.305Z 
Learnt from: elibosley
Repo: unraid/api PR: 1063
File: web/components/SsoButton.ce.vue:5-8
Timestamp: 2025-01-27T14:31:42.305Z
Learning: In the Unraid API web components, SSO-related props are intentionally provided in both camelCase (`ssoEnabled`) and lowercase (`ssoenabled`) variants to support interchangeable usage across different contexts (e.g., HTML attributes vs Vue props).

Applied to files:

  • web/src/components/sso/useSsoAuth.ts
📚 Learning: 2025-09-04T18:42:53.531Z 
Learnt from: pujitm
Repo: unraid/api PR: 1658
File: plugin/plugins/dynamix.unraid.net.plg:73-79
Timestamp: 2025-09-04T18:42:53.531Z
Learning: In the dynamix.unraid.net plugin, versions 6.12.1-6.12.14 and 6.12.15 prereleases are intentionally allowed to install with warnings (rather than immediate cleanup) to provide users with a grace period and notice before functionality is completely removed. This is a deliberate UX decision to avoid immediately breaking existing setups while encouraging upgrades.

Applied to files:

  • plugin/plugins/dynamix.unraid.net.plg
  • plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh
📚 Learning: 2025-01-29T00:59:26.633Z 
Learnt from: zackspear
Repo: unraid/api PR: 1079
File: web/scripts/deploy-dev.sh:51-54
Timestamp: 2025-01-29T00:59:26.633Z
Learning: For the Unraid web components deployment process, JS file validation isn't required in auth-request.php updates since the files come from the controlled build pipeline where we are the source.

Applied to files:

  • plugin/plugins/dynamix.unraid.net.plg
📚 Learning: 2025-09-04T15:26:34.416Z 
Learnt from: elibosley
Repo: unraid/api PR: 1657
File: web/scripts/deploy-dev.sh:37-41
Timestamp: 2025-09-04T15:26:34.416Z
Learning: In web/scripts/deploy-dev.sh, the command `rm -rf /usr/local/emhttp/plugins/dynamix.my.servers/unraid-components/*` intentionally removes all contents of the unraid-components directory before deploying standalone components. This broader cleanup is desired behavior according to the maintainer elibosley.

Applied to files:

  • plugin/plugins/dynamix.unraid.net.plg
  • plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh
📚 Learning: 2025-05-07T16:07:47.236Z 
Learnt from: elibosley
Repo: unraid/api PR: 1381
File: plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/setup_api.sh:107-113
Timestamp: 2025-05-07T16:07:47.236Z
Learning: The Unraid API is designed to handle missing configuration files gracefully with smart internal fallbacks rather than requiring installation scripts to create default configurations.

Applied to files:

  • plugin/plugins/dynamix.unraid.net.plg
📚 Learning: 2025-05-08T19:28:54.365Z 
Learnt from: elibosley
Repo: unraid/api PR: 1381
File: plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh:19-24
Timestamp: 2025-05-08T19:28:54.365Z
Learning: The directory `/usr/local/emhttp/plugins/dynamix.my.servers` is a valid directory that exists as part of the Unraid API plugin installation and should be included in verification checks.

Applied to files:

  • plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh
📚 Learning: 2025-03-27T13:34:53.438Z 
Learnt from: pujitm
Repo: unraid/api PR: 1252
File: api/src/environment.ts:56-56
Timestamp: 2025-03-27T13:34:53.438Z
Learning: For critical components in the Unraid API, such as retrieving version information from package.json, failing fast (allowing crashes) is preferred over graceful degradation with fallback values.

Applied to files:

  • plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh
📚 Learning: 2025-01-29T16:35:43.699Z 
Learnt from: elibosley
Repo: unraid/api PR: 1082
File: api/src/unraid-api/unraid-file-modifier/modifications/log-rotate.modification.ts:39-41
Timestamp: 2025-01-29T16:35:43.699Z
Learning: In the Unraid API, FileModification implementations (apply/rollback methods) don't need to implement their own error handling as it's handled by the UnraidFileModifierService caller.

Applied to files:

  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
📚 Learning: 2025-01-29T16:35:43.699Z 
Learnt from: elibosley
Repo: unraid/api PR: 1082
File: api/src/unraid-api/unraid-file-modifier/modifications/log-rotate.modification.ts:39-41
Timestamp: 2025-01-29T16:35:43.699Z
Learning: The UnraidFileModifierService in the Unraid API provides comprehensive error handling for all FileModification implementations, including detailed error logging with stack traces and modification IDs. Individual FileModification implementations should focus on their core functionality without duplicating error handling.

Applied to files:

  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
📚 Learning: 2025-01-29T16:36:04.777Z 
Learnt from: elibosley
Repo: unraid/api PR: 1082
File: api/src/unraid-api/unraid-file-modifier/modifications/log-rotate.modification.ts:33-37
Timestamp: 2025-01-29T16:36:04.777Z
Learning: In the Unraid API, FileModification implementations (like LogRotateModification) don't need to handle errors internally as error handling is managed at the UnraidFileModifierService level.

Applied to files:

  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
📚 Learning: 2025-01-29T16:36:04.777Z 
Learnt from: elibosley
Repo: unraid/api PR: 1082
File: api/src/unraid-api/unraid-file-modifier/modifications/log-rotate.modification.ts:33-37
Timestamp: 2025-01-29T16:36:04.777Z
Learning: The UnraidFileModifierService in the Unraid API provides comprehensive error handling for all FileModification implementations. It includes try/catch blocks, detailed error logging, and safe rollback mechanisms. Individual FileModification implementations (like LogRotateModification) should allow errors to propagate to this service layer rather than handling them internally.

Applied to files:

  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
📚 Learning: 2025-02-03T18:57:53.577Z 
Learnt from: elibosley
Repo: unraid/api PR: 1101
File: api/src/unraid-api/unraid-file-modifier/modifications/__test__/generic-modification.spec.ts:80-80
Timestamp: 2025-02-03T18:57:53.577Z
Learning: In the unraid/api codebase, patch files generated for file modifications always use the .patch extension, regardless of the source file type being modified.

Applied to files:

  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
  • api/src/unraid-api/unraid-file-modifier/modifications/patches/rc-nginx.patch
📚 Learning: 2025-11-24T17:51:37.915Z 
Learnt from: CR
Repo: unraid/api PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T17:51:37.915Z
Learning: Applies to api/**/* : Prefer adding new files to the NestJS repo located at `api/src/unraid-api/` instead of the legacy code

Applied to files:

  • api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts
📚 Learning: 2025-02-03T17:21:26.738Z 
Learnt from: elibosley
Repo: unraid/api PR: 1101
File: api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/DefaultPageLayout.php.modified.snapshot.php:203-207
Timestamp: 2025-02-03T17:21:26.738Z
Learning: The project uses patches to override existing Unraid pages rather than modifying them directly.

Applied to files:

  • api/src/unraid-api/unraid-file-modifier/modifications/patches/rc-nginx.patch
⏰ Context from checks skipped due to timeout of 900000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Test API
🔇 Additional comments (11)
web/src/components/sso/useSsoAuth.ts (1)

52-56: LGTM!

Clean simplification with proper URL encoding of the provider ID to prevent injection issues.

plugin/source/dynamix.unraid.net/etc/rc.d/rc.unraid (1)

1-10: LGTM!

Clear header, appropriate variable definitions with sensible defaults for paths. Using ${UNRAID_LOG_PATH:-...} for configurable logging is good practice.

plugin/source/dynamix.unraid.net/usr/local/share/dynamix.unraid.net/install/scripts/verify_install.sh (2)

43-50: LGTM!

The additions of /etc/rc.d/rc.unraid to critical files and /usr/local/unraid to critical directories are consistent with the new Unraid Core service being introduced in this PR.

164-170: LGTM!

The new shutdown script check for K30unraid-core follows the established pattern used for K10flash-backup and K20unraid-api. The ordering (K30) ensures the core service stops after the API service (K20).

api/src/unraid-api/unraid-file-modifier/modifications/patches/rc-nginx.patch (2)

25-40: LGTM - Well-structured remote access check.

The check_remote_access() function properly validates multiple conditions before enabling remote access:

  1. Plugin enablement via api_utils.sh
  2. Config file and jq availability
  3. Both wanaccess=true AND valid username

The defensive checks (file existence, command availability, null handling) are appropriate.

73-86: Good fix for array iteration.

Quoting the array expansion ("${!NET_FQDN[@]}" instead of ${!NET_FQDN[@]}) correctly prevents word splitting on interface names that might contain spaces or special characters.

api/src/unraid-api/unraid-file-modifier/modifications/rc-nginx.modification.ts (1)

71-74: LGTM!

The proxy_pass target change aligns with routing /graphql requests through the new Unraid Core service socket.

plugin/plugins/dynamix.unraid.net.plg (4)

12-15: LGTM!

Core package entities are properly defined with SHA256 checksum for integrity verification.

59-63: LGTM!

Core package download block follows the same pattern as the main API package with proper URL and SHA256 verification.

555-584: Core package installation follows good patterns.

The installation logic properly:

  1. Cleans up old package versions
  2. Stops the service before upgrade
  3. Uses upgradepkg --install-new --reinstall
  4. Sets executable permission on rc.unraid
  5. Exits with error if package file is missing

One note: Line 559's cleanup pattern unraid-*.txz could also be made more specific similar to the uninstall pattern concern.

661-667: LGTM!

Core service startup after API startup is appropriate. The warning message when rc.unraid is not found provides good visibility for debugging.

✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.

plugin/plugins/dynamix.unraid.net.plg
Comment on lines +333 to +346
# Stop and remove Unraid Core package
if [ -x "/etc/rc.d/rc.unraid" ]; then
echo "Stopping Unraid Core..."
/etc/rc.d/rc.unraid stop || echo "Warning: Failed to stop Unraid Core"
fi
core_pkg_installed=$(ls -1 /var/log/packages/unraid-* 2>/dev/null | head -1)
if [ -n "$core_pkg_installed" ]; then
core_pkg_basename=$(basename "$core_pkg_installed")
echo "Removing core package: $core_pkg_basename"
removepkg --terse "$core_pkg_basename"
else
echo "No Unraid Core package found"
fi
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

cat -n plugin/plugins/dynamix.unraid.net.plg | sed -n '333,346p'

Repository: unraid/api

Length of output: 722

🏁 Script executed:

# Check for package naming patterns in the codebase
rg "unraid-" plugin/plugins/dynamix.unraid.net.plg | head -20

Repository: unraid/api

Length of output: 1437

🏁 Script executed:

# Look for references to package removals or installations to understand naming conventions
rg "removepkg|installpkg|txz" plugin/plugins/dynamix.unraid.net.plg | head -30

Repository: unraid/api

Length of output: 1699

Use a more specific pattern for core package matching.

The glob pattern unraid-* on line 339 could match unrelated packages like unraid-api if they're installed in /var/log/packages/. Since the core package follows a version-based naming convention (e.g., unraid-0.1.0-2026.01.14.1), use:

Suggested fix 
-      core_pkg_installed=$(ls -1 /var/log/packages/unraid-* 2>/dev/null | head -1)
+      core_pkg_installed=$(ls -1 /var/log/packages/unraid-[0-9]* 2>/dev/null | head -1)
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
# Stop and remove Unraid Core package
if [ -x "/etc/rc.d/rc.unraid" ]; then
echo "Stopping Unraid Core..."
/etc/rc.d/rc.unraid stop || echo "Warning: Failed to stop Unraid Core"
fi
core_pkg_installed=$(ls -1 /var/log/packages/unraid-* 2>/dev/null | head -1)
if [ -n "$core_pkg_installed" ]; then
core_pkg_basename=$(basename "$core_pkg_installed")
echo "Removing core package: $core_pkg_basename"
removepkg --terse "$core_pkg_basename"
else
echo "No Unraid Core package found"
fi
# Stop and remove Unraid Core package
if [ -x "/etc/rc.d/rc.unraid" ]; then
echo "Stopping Unraid Core..."
/etc/rc.d/rc.unraid stop || echo "Warning: Failed to stop Unraid Core"
fi
core_pkg_installed=$(ls -1 /var/log/packages/unraid-[0-9]* 2>/dev/null | head -1)
if [ -n "$core_pkg_installed" ]; then
core_pkg_basename=$(basename "$core_pkg_installed")
echo "Removing core package: $core_pkg_basename"
removepkg --terse "$core_pkg_basename"
else
echo "No Unraid Core package found"
fi
🤖 Prompt for AI Agents 
In `@plugin/plugins/dynamix.unraid.net.plg` around lines 333 - 346, Replace the
broad glob "unraid-*" used when setting core_pkg_installed with a
version-specific pattern or filter to avoid matching unrelated packages: update
the ls/grep invocation that assigns core_pkg_installed to only match names like
"unraid-" followed by a digit (e.g., use "unraid-[0-9]*" or pipe through grep -E
'^unraid-[0-9]') so core_pkg_installed and core_pkg_basename resolve to the
actual core package name and removepkg --terse is invoked only for that package.

plugin/source/dynamix.unraid.net/etc/rc.d/rc.unraid
Comment on lines +67 to +79
rollback() {
if [ -d "/usr/local/unraid.prev" ]; then
echo "Rolling back to previous version..."
stop
rm -rf /usr/local/unraid
mv /usr/local/unraid.prev /usr/local/unraid
start
echo "Rollback complete"
else
echo "No previous version available"
exit 1
fi
}
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Rollback operation is not atomic and risks data loss.

If the mv command on line 72 fails after rm -rf on line 71, the system will be left without any installation. Consider a safer swap approach:

🔧 Suggested safer rollback 
 rollback() {
     if [ -d "/usr/local/unraid.prev" ]; then
         echo "Rolling back to previous version..."
         stop
-        rm -rf /usr/local/unraid
-        mv /usr/local/unraid.prev /usr/local/unraid
+        # Atomic swap: rename current to .old, then prev to current
+        rm -rf /usr/local/unraid.old 2>/dev/null
+        mv /usr/local/unraid /usr/local/unraid.old && \
+        mv /usr/local/unraid.prev /usr/local/unraid && \
+        rm -rf /usr/local/unraid.old
         start
         echo "Rollback complete"
     else
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
rollback() {
if [ -d "/usr/local/unraid.prev" ]; then
echo "Rolling back to previous version..."
stop
rm -rf /usr/local/unraid
mv /usr/local/unraid.prev /usr/local/unraid
start
echo "Rollback complete"
else
echo "No previous version available"
exit 1
fi
}
rollback() {
if [ -d "/usr/local/unraid.prev" ]; then
echo "Rolling back to previous version..."
stop
rm -rf /usr/local/unraid.old 2>/dev/null
mv /usr/local/unraid /usr/local/unraid.old && \
mv /usr/local/unraid.prev /usr/local/unraid && \
rm -rf /usr/local/unraid.old
start
echo "Rollback complete"
else
echo "No previous version available"
exit 1
fi
}
🤖 Prompt for AI Agents 
In `@plugin/source/dynamix.unraid.net/etc/rc.d/rc.unraid` around lines 67 - 79,
The rollback() function currently does rm -rf /usr/local/unraid then mv
/usr/local/unraid.prev /usr/local/unraid which is not atomic and can leave the
system without an installation if mv fails; change to a safer three-step swap:
rename the current dir to a temp backup (e.g., mv /usr/local/unraid
/usr/local/unraid.tmp), then mv /usr/local/unraid.prev to /usr/local/unraid, and
only after verifying that succeeds remove the temp backup; ensure each mv is
checked for failure and on any error attempt to restore from the temp backup and
return a non-zero exit code so rollback is atomic and recoverable, updating the
rollback() function and its error handling accordingly.

@pujitm pujitm force-pushed the feat/substitute-graphql branch from 861c49d to 2a31900 Compare January 15, 2026 10:09
@github-actions
Copy link
Contributor

github-actions bot commented Jan 15, 2026

This plugin has been deployed to Cloudflare R2 and is available for testing.
Download it at this URL:

https://preview.dl.unraid.net/unraid-api/tag/PR1875/dynamix.unraid.net.plg

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pujitm