v0.1.0 (#112)

* feat: add schema for registry and routes * feat: add docker registry upload * feat: add show cluster * refactor: set the registry url in image in case we have a registry asociated * feat: add update registry and fix the docker url markup * chore: remove --advertise-ip on swarm script * refactor: remove listen address of swarm initialize * feat: add table to show nodes and add dropdown to add manager & workers * refactor: improve interface for cluster * refactor: improve UI * feat: add experimental swarm settings * refactor: remove comments * refactor: prettify json of each setting * refactor: add interface tooltip * refactor: delete static form self registry * refactor: allow to se a empty registry * fix: remove text area warnings * feat: add network swarm json * refactor: update ui * revert: go back to swarm init config * refactor: remove initialization on server, only on setup script * Update LICENSE.MD * feat: appearance theme support system config * refactor: remove logs * fix(README-ru): hyperlink-ed docs url * feat: (#107) webhook listener filter docker events based on image tag. Fixes #107 * refactor: simplify comparison docker tags * refactor: remove return in res status * refactor: prevent to updates download automatically * feat: support code editor (#105) * feat: support code editor * Update codeblock * refactor: remove unused class --------- Co-authored-by: Mauricio Siu <47042324+Siumauricio@users.noreply.github.com> * fix: select the right image from sourcetype (#109) * chore: bump minor version --------- Co-authored-by: hehehai <riverhohai@gmail.com> Co-authored-by: Bayram Tagiev <bayram.tagiev.a@gmail.com> Co-authored-by: Paulo Santana <30875229+hikinine@users.noreply.github.com>
2025-06-26 18:27:59 +00:00 · 2024-05-29 21:05:22 -06:00
parent 56a94ad14a
commit 7cb299a4bb
124 changed files with 26520 additions and 1525 deletions
--- a/server/api/root.ts
+++ b/server/api/root.ts
@@ -20,6 +20,8 @@ import { securityRouter } from "./routers/security";
 import { portRouter } from "./routers/port";
 import { adminRouter } from "./routers/admin";
 import { dockerRouter } from "./routers/docker";
+import { registryRouter } from "./routers/registry";
+import { clusterRouter } from "./routers/cluster";
 /**
 * This is the primary router for your server.
 *
@@ -47,6 +49,8 @@ export const appRouter = createTRPCRouter({
 	security: securityRouter,
 	redirects: redirectsRouter,
 	port: portRouter,
+	registry: registryRouter,
+	cluster: clusterRouter,
 });

 // export type definition of API
--- a/server/api/routers/cluster.ts
+++ b/server/api/routers/cluster.ts
@@ -0,0 +1,48 @@
+import { docker } from "@/server/constants";
+import { createTRPCRouter, protectedProcedure } from "../trpc";
+import { getPublicIpWithFallback } from "@/server/wss/terminal";
+import type { DockerNode } from "../services/cluster";
+import { z } from "zod";
+import { TRPCError } from "@trpc/server";
+import { execAsync } from "@/server/utils/process/execAsync";
+
+export const clusterRouter = createTRPCRouter({
+	getNodes: protectedProcedure.query(async () => {
+		const workers: DockerNode[] = await docker.listNodes();
+
+		return workers;
+	}),
+	removeWorker: protectedProcedure
+		.input(
+			z.object({
+				nodeId: z.string(),
+			}),
+		)
+		.mutation(async ({ input }) => {
+			try {
+				await execAsync(
+					`docker node update --availability drain ${input.nodeId}`,
+				);
+				await execAsync(`docker node rm ${input.nodeId} --force`);
+				return true;
+			} catch (error) {
+				throw new TRPCError({
+					code: "INTERNAL_SERVER_ERROR",
+					message: "Error to remove the node",
+					cause: error,
+				});
+			}
+		}),
+	addWorker: protectedProcedure.query(async ({ input }) => {
+		const result = await docker.swarmInspect();
+		return `docker swarm join --token ${
+			result.JoinTokens.Worker
+		} ${await getPublicIpWithFallback()}:2377`;
+	}),
+	addManager: protectedProcedure.query(async ({ input }) => {
+		const result = await docker.swarmInspect();
+		return `docker swarm join --token ${
+			result.JoinTokens.Manager
+		} ${await getPublicIpWithFallback()}:2377`;
+	}),
+});
--- a/server/api/routers/registry.ts
+++ b/server/api/routers/registry.ts
@@ -0,0 +1,92 @@
+import {
+	apiCreateRegistry,
+	apiEnableSelfHostedRegistry,
+	apiFindOneRegistry,
+	apiRemoveRegistry,
+	apiTestRegistry,
+	apiUpdateRegistry,
+} from "@/server/db/schema";
+import {
+	createRegistry,
+	findAllRegistry,
+	findRegistryById,
+	removeRegistry,
+	updateRegistry,
+} from "../services/registry";
+import { adminProcedure, createTRPCRouter, protectedProcedure } from "../trpc";
+import { TRPCError } from "@trpc/server";
+import { manageRegistry } from "@/server/utils/traefik/registry";
+import { initializeRegistry } from "@/server/setup/registry-setup";
+import { docker } from "@/server/constants";
+
+export const registryRouter = createTRPCRouter({
+	create: adminProcedure
+		.input(apiCreateRegistry)
+		.mutation(async ({ ctx, input }) => {
+			return await createRegistry(input);
+		}),
+	remove: adminProcedure
+		.input(apiRemoveRegistry)
+		.mutation(async ({ ctx, input }) => {
+			return await removeRegistry(input.registryId);
+		}),
+	update: protectedProcedure
+		.input(apiUpdateRegistry)
+		.mutation(async ({ input }) => {
+			const { registryId, ...rest } = input;
+			const application = await updateRegistry(registryId, {
+				...rest,
+			});
+
+			if (!application) {
+				throw new TRPCError({
+					code: "BAD_REQUEST",
+					message: "Update: Error to update registry",
+				});
+			}
+
+			return true;
+		}),
+	all: protectedProcedure.query(async () => {
+		return await findAllRegistry();
+	}),
+	one: adminProcedure.input(apiFindOneRegistry).query(async ({ input }) => {
+		return await findRegistryById(input.registryId);
+	}),
+	testRegistry: protectedProcedure
+		.input(apiTestRegistry)
+		.mutation(async ({ input }) => {
+			try {
+				const result = await docker.checkAuth({
+					username: input.username,
+					password: input.password,
+					serveraddress: input.registryUrl,
+				});
+
+				return true;
+			} catch (error) {
+				console.log(error);
+				return false;
+			}
+		}),
+
+	enableSelfHostedRegistry: adminProcedure
+		.input(apiEnableSelfHostedRegistry)
+		.mutation(async ({ input }) => {
+			const selfHostedRegistry = await createRegistry({
+				...input,
+				registryName: "Self Hosted Registry",
+				registryType: "selfHosted",
+				registryUrl:
+					process.env.NODE_ENV === "production"
+						? input.registryUrl
+						: "dokploy-registry.docker.localhost",
+				imagePrefix: null,
+			});
+
+			await manageRegistry(selfHostedRegistry);
+			await initializeRegistry(input.username, input.password);
+
+			return selfHostedRegistry;
+		}),
+});
--- a/server/api/routers/settings.ts
+++ b/server/api/routers/settings.ts
@@ -181,7 +181,7 @@ export const settingsRouter = createTRPCRouter({
 			return true;
 		}),

-	checkAndUpdateImage: adminProcedure.query(async () => {
+	checkAndUpdateImage: adminProcedure.mutation(async () => {
 		return await pullLatestRelease();
 	}),
 	updateServer: adminProcedure.mutation(async () => {
@@ -238,3 +238,4 @@ export const settingsRouter = createTRPCRouter({
 			return readConfigInPath(input.path);
 		}),
 });
+// apt-get install apache2-utils
--- a/server/api/services/application.ts
+++ b/server/api/services/application.ts
@@ -61,6 +61,7 @@ export const findApplicationById = async (applicationId: string) => {
 			redirects: true,
 			security: true,
 			ports: true,
+			registry: true,
 		},
 	});
 	if (!application) {
--- a/server/api/services/cluster.ts
+++ b/server/api/services/cluster.ts
@@ -0,0 +1,41 @@
+export interface DockerNode {
+	ID: string;
+	Version: {
+		Index: number;
+	};
+	CreatedAt: string;
+	UpdatedAt: string;
+	Spec: {
+		Name: string;
+		Labels: Record<string, string>;
+		Role: "worker" | "manager";
+		Availability: "active" | "pause" | "drain";
+	};
+	Description: {
+		Hostname: string;
+		Platform: {
+			Architecture: string;
+			OS: string;
+		};
+		Resources: {
+			NanoCPUs: number;
+			MemoryBytes: number;
+		};
+		Engine: {
+			EngineVersion: string;
+			Plugins: Array<{
+				Type: string;
+				Name: string;
+			}>;
+		};
+	};
+	Status: {
+		State: "unknown" | "down" | "ready" | "disconnected";
+		Message: string;
+		Addr: string;
+	};
+	ManagerStatus?: {
+		Leader: boolean;
+		Addr: string;
+	};
+}
--- a/server/api/services/registry.ts
+++ b/server/api/services/registry.ts
@@ -0,0 +1,113 @@
+import { type apiCreateRegistry, registry } from "@/server/db/schema";
+import { TRPCError } from "@trpc/server";
+import { db } from "@/server/db";
+import { eq } from "drizzle-orm";
+import { findAdmin } from "./admin";
+import {
+	manageRegistry,
+	removeSelfHostedRegistry,
+} from "@/server/utils/traefik/registry";
+import { removeService } from "@/server/utils/docker/utils";
+import { initializeRegistry } from "@/server/setup/registry-setup";
+
+export type Registry = typeof registry.$inferSelect;
+
+export const createRegistry = async (input: typeof apiCreateRegistry._type) => {
+	const admin = await findAdmin();
+
+	const newRegistry = await db
+		.insert(registry)
+		.values({
+			...input,
+			adminId: admin.adminId,
+		})
+		.returning()
+		.then((value) => value[0]);
+
+	if (!newRegistry) {
+		throw new TRPCError({
+			code: "BAD_REQUEST",
+			message: "Error input:  Inserting registry",
+		});
+	}
+	return newRegistry;
+};
+
+export const removeRegistry = async (registryId: string) => {
+	try {
+		const response = await db
+			.delete(registry)
+			.where(eq(registry.registryId, registryId))
+			.returning()
+			.then((res) => res[0]);
+
+		if (!response) {
+			throw new TRPCError({
+				code: "NOT_FOUND",
+				message: "Registry not found",
+			});
+		}
+
+		if (response.registryType === "selfHosted") {
+			await removeSelfHostedRegistry();
+			await removeService("dokploy-registry");
+		}
+
+		return response;
+	} catch (error) {
+		throw new TRPCError({
+			code: "BAD_REQUEST",
+			message: "Error to remove this registry",
+			cause: error,
+		});
+	}
+};
+
+export const updateRegistry = async (
+	registryId: string,
+	registryData: Partial<Registry>,
+) => {
+	try {
+		const response = await db
+			.update(registry)
+			.set({
+				...registryData,
+			})
+			.where(eq(registry.registryId, registryId))
+			.returning()
+			.then((res) => res[0]);
+
+		if (response?.registryType === "selfHosted") {
+			await manageRegistry(response);
+			await initializeRegistry(response.username, response.password);
+		}
+
+		return response;
+	} catch (error) {
+		throw new TRPCError({
+			code: "BAD_REQUEST",
+			message: "Error to update this registry",
+		});
+	}
+};
+
+export const findRegistryById = async (registryId: string) => {
+	const registryResponse = await db.query.registry.findFirst({
+		where: eq(registry.registryId, registryId),
+		columns: {
+			password: false,
+		},
+	});
+	if (!registryResponse) {
+		throw new TRPCError({
+			code: "NOT_FOUND",
+			message: "Registry not found",
+		});
+	}
+	return registryResponse;
+};
+
+export const findAllRegistry = async () => {
+	const registryResponse = await db.query.registry.findMany();
+	return registryResponse;
+};
--- a/server/constants/index.ts
+++ b/server/constants/index.ts
@@ -11,5 +11,6 @@ export const LOGS_PATH = `${BASE_PATH}/logs`;
 export const APPLICATIONS_PATH = `${BASE_PATH}/applications`;
 export const SSH_PATH = `${BASE_PATH}/ssh`;
 export const CERTIFICATES_PATH = `${DYNAMIC_TRAEFIK_PATH}/certificates`;
+export const REGISTRY_PATH = `${DYNAMIC_TRAEFIK_PATH}/registry`;
 export const MONITORING_PATH = `${BASE_PATH}/monitoring`;
 export const docker = new Docker();
--- a/server/db/drizzle.config.ts
+++ b/server/db/drizzle.config.ts
@@ -1,13 +1,14 @@
-import type { Config } from "drizzle-kit";
+import { defineConfig } from "drizzle-kit";

-console.log("> Generating PG Schema:", process.env.DATABASE_URL);
-export default {
+export default defineConfig({
 	schema: "./server/db/schema/index.ts",
-	driver: "pg",
+	dialect: "postgresql",
 	dbCredentials: {
-		connectionString: process.env.DATABASE_URL || "",
+		url: process.env.DATABASE_URL || "",
 	},
-	verbose: true,
-	strict: true,
 	out: "drizzle",
-} satisfies Config;
+	migrations: {
+		table: "migrations",
+		schema: "public",
+	},
+});
--- a/server/db/schema/admin.ts
+++ b/server/db/schema/admin.ts
@@ -6,6 +6,7 @@ import { users } from "./user";
 import { createInsertSchema } from "drizzle-zod";
 import { z } from "zod";
 import { certificateType } from "./shared";
+import { registry } from "./registry";

 export const admins = pgTable("admin", {
 	adminId: text("adminId")
@@ -39,6 +40,7 @@ export const adminsRelations = relations(admins, ({ one, many }) => ({
 		references: [auth.id],
 	}),
 	users: many(users),
+	registry: many(registry),
 }));

 const createSchema = createInsertSchema(admins, {
--- a/server/db/schema/application.ts
+++ b/server/db/schema/application.ts
@@ -10,8 +10,16 @@ import { projects } from "./project";
 import { security } from "./security";
 import { applicationStatus } from "./shared";
 import { ports } from "./port";
-import { boolean, integer, pgEnum, pgTable, text } from "drizzle-orm/pg-core";
+import {
+	boolean,
+	integer,
+	json,
+	pgEnum,
+	pgTable,
+	text,
+} from "drizzle-orm/pg-core";
 import { generateAppName } from "./utils";
+import { registry } from "./registry";

 export const sourceType = pgEnum("sourceType", ["docker", "git", "github"]);

@@ -22,6 +30,65 @@ export const buildType = pgEnum("buildType", [
 	"nixpacks",
 ]);

+// TODO: refactor this types
+interface HealthCheckSwarm {
+	Test?: string[] | undefined;
+	Interval?: number | undefined;
+	Timeout?: number | undefined;
+	StartPeriod?: number | undefined;
+	Retries?: number | undefined;
+}
+
+interface RestartPolicySwarm {
+	Condition?: string | undefined;
+	Delay?: number | undefined;
+	MaxAttempts?: number | undefined;
+	Window?: number | undefined;
+}
+
+interface PlacementSwarm {
+	Constraints?: string[] | undefined;
+	Preferences?: Array<{ Spread: { SpreadDescriptor: string } }> | undefined;
+	MaxReplicas?: number | undefined;
+	Platforms?:
+		| Array<{
+				Architecture: string;
+				OS: string;
+		  }>
+		| undefined;
+}
+
+interface UpdateConfigSwarm {
+	Parallelism: number;
+	Delay?: number | undefined;
+	FailureAction?: string | undefined;
+	Monitor?: number | undefined;
+	MaxFailureRatio?: number | undefined;
+	Order: string;
+}
+
+interface ServiceModeSwarm {
+	Replicated?: { Replicas?: number | undefined } | undefined;
+	Global?: {} | undefined;
+	ReplicatedJob?:
+		| {
+				MaxConcurrent?: number | undefined;
+				TotalCompletions?: number | undefined;
+		  }
+		| undefined;
+	GlobalJob?: {} | undefined;
+}
+
+interface NetworkSwarm {
+	Target?: string | undefined;
+	Aliases?: string[] | undefined;
+	DriverOpts?: { [key: string]: string } | undefined;
+}
+
+interface LabelsSwarm {
+	[name: string]: string;
+}
+
 export const applications = pgTable("application", {
 	applicationId: text("applicationId")
 		.notNull()
@@ -60,6 +127,17 @@ export const applications = pgTable("application", {
 	customGitBuildPath: text("customGitBuildPath"),
 	customGitSSHKey: text("customGitSSHKey"),
 	dockerfile: text("dockerfile"),
+	// Docker swarm json
+	healthCheckSwarm: json("healthCheckSwarm").$type<HealthCheckSwarm>(),
+	restartPolicySwarm: json("restartPolicySwarm").$type<RestartPolicySwarm>(),
+	placementSwarm: json("placementSwarm").$type<PlacementSwarm>(),
+	updateConfigSwarm: json("updateConfigSwarm").$type<UpdateConfigSwarm>(),
+	rollbackConfigSwarm: json("rollbackConfigSwarm").$type<UpdateConfigSwarm>(),
+	modeSwarm: json("modeSwarm").$type<ServiceModeSwarm>(),
+	labelsSwarm: json("labelsSwarm").$type<LabelsSwarm>(),
+	networkSwarm: json("networkSwarm").$type<NetworkSwarm[]>(),
+	//
+	replicas: integer("replicas").default(1).notNull(),
 	applicationStatus: applicationStatus("applicationStatus")
 		.notNull()
 		.default("idle"),
@@ -67,6 +145,9 @@ export const applications = pgTable("application", {
 	createdAt: text("createdAt")
 		.notNull()
 		.$defaultFn(() => new Date().toISOString()),
+	registryId: text("registryId").references(() => registry.registryId, {
+		onDelete: "set null",
+	}),
 	projectId: text("projectId")
 		.notNull()
 		.references(() => projects.projectId, { onDelete: "cascade" }),
@@ -85,9 +166,101 @@ export const applicationsRelations = relations(
 		redirects: many(redirects),
 		security: many(security),
 		ports: many(ports),
+		registry: one(registry, {
+			fields: [applications.registryId],
+			references: [registry.registryId],
+		}),
 	}),
 );

+const HealthCheckSwarmSchema = z
+	.object({
+		Test: z.array(z.string()).optional(),
+		Interval: z.number().optional(),
+		Timeout: z.number().optional(),
+		StartPeriod: z.number().optional(),
+		Retries: z.number().optional(),
+	})
+	.strict();
+
+const RestartPolicySwarmSchema = z
+	.object({
+		Condition: z.string().optional(),
+		Delay: z.number().optional(),
+		MaxAttempts: z.number().optional(),
+		Window: z.number().optional(),
+	})
+	.strict();
+
+const PreferenceSchema = z
+	.object({
+		Spread: z.object({
+			SpreadDescriptor: z.string(),
+		}),
+	})
+	.strict();
+
+const PlatformSchema = z
+	.object({
+		Architecture: z.string(),
+		OS: z.string(),
+	})
+	.strict();
+
+const PlacementSwarmSchema = z
+	.object({
+		Constraints: z.array(z.string()).optional(),
+		Preferences: z.array(PreferenceSchema).optional(),
+		MaxReplicas: z.number().optional(),
+		Platforms: z.array(PlatformSchema).optional(),
+	})
+	.strict();
+
+const UpdateConfigSwarmSchema = z
+	.object({
+		Parallelism: z.number(),
+		Delay: z.number().optional(),
+		FailureAction: z.string().optional(),
+		Monitor: z.number().optional(),
+		MaxFailureRatio: z.number().optional(),
+		Order: z.string(),
+	})
+	.strict();
+
+const ReplicatedSchema = z
+	.object({
+		Replicas: z.number().optional(),
+	})
+	.strict();
+
+const ReplicatedJobSchema = z
+	.object({
+		MaxConcurrent: z.number().optional(),
+		TotalCompletions: z.number().optional(),
+	})
+	.strict();
+
+const ServiceModeSwarmSchema = z
+	.object({
+		Replicated: ReplicatedSchema.optional(),
+		Global: z.object({}).optional(),
+		ReplicatedJob: ReplicatedJobSchema.optional(),
+		GlobalJob: z.object({}).optional(),
+	})
+	.strict();
+
+const NetworkSwarmSchema = z.array(
+	z
+		.object({
+			Target: z.string().optional(),
+			Aliases: z.array(z.string()).optional(),
+			DriverOpts: z.object({}).optional(),
+		})
+		.strict(),
+);
+
+const LabelsSwarmSchema = z.record(z.string());
+
 const createSchema = createInsertSchema(applications, {
 	appName: z.string(),
 	createdAt: z.string(),
@@ -124,6 +297,14 @@ const createSchema = createInsertSchema(applications, {
 		"nixpacks",
 	]),
 	owner: z.string(),
+	healthCheckSwarm: HealthCheckSwarmSchema.nullable(),
+	restartPolicySwarm: RestartPolicySwarmSchema.nullable(),
+	placementSwarm: PlacementSwarmSchema.nullable(),
+	updateConfigSwarm: UpdateConfigSwarmSchema.nullable(),
+	rollbackConfigSwarm: UpdateConfigSwarmSchema.nullable(),
+	modeSwarm: ServiceModeSwarmSchema.nullable(),
+	labelsSwarm: LabelsSwarmSchema.nullable(),
+	networkSwarm: NetworkSwarmSchema.nullable(),
 });

 export const apiCreateApplication = createSchema.pick({
--- a/server/db/schema/index.ts
+++ b/server/db/schema/index.ts
@@ -1,6 +1,5 @@
 export * from "./application";
 export * from "./postgres";
-
 export * from "./user";
 export * from "./admin";
 export * from "./auth";
@@ -20,3 +19,4 @@ export * from "./security";
 export * from "./port";
 export * from "./redis";
 export * from "./shared";
+export * from "./registry";
--- a/server/db/schema/registry.ts
+++ b/server/db/schema/registry.ts
@@ -0,0 +1,98 @@
+import { createInsertSchema } from "drizzle-zod";
+import { nanoid } from "nanoid";
+import { relations, sql } from "drizzle-orm";
+import { boolean, pgEnum, pgTable, text, timestamp } from "drizzle-orm/pg-core";
+import { auth } from "./auth";
+import { admins } from "./admin";
+import { z } from "zod";
+import { applications } from "./application";
+/**
+ * This is an example of how to use the multi-project schema feature of Drizzle ORM. Use the same
+ * database instance for multiple projects.
+ *
+ * @see https://orm.drizzle.team/docs/goodies#multi-project-schema
+ */
+export const registryType = pgEnum("RegistryType", ["selfHosted", "cloud"]);
+
+export const registry = pgTable("registry", {
+	registryId: text("registryId")
+		.notNull()
+		.primaryKey()
+		.$defaultFn(() => nanoid()),
+	registryName: text("registryName").notNull(),
+	imagePrefix: text("imagePrefix"),
+	username: text("username").notNull(),
+	password: text("password").notNull(),
+	registryUrl: text("registryUrl").notNull(),
+	createdAt: text("createdAt")
+		.notNull()
+		.$defaultFn(() => new Date().toISOString()),
+	registryType: registryType("selfHosted").notNull().default("cloud"),
+	adminId: text("adminId")
+		.notNull()
+		.references(() => admins.adminId, { onDelete: "cascade" }),
+});
+
+export const registryRelations = relations(registry, ({ one, many }) => ({
+	admin: one(admins, {
+		fields: [registry.adminId],
+		references: [admins.adminId],
+	}),
+	applications: many(applications),
+}));
+
+const createSchema = createInsertSchema(registry, {
+	registryName: z.string().min(1),
+	username: z.string().min(1),
+	password: z.string().min(1),
+	registryUrl: z.string().min(1),
+	adminId: z.string().min(1),
+	registryId: z.string().min(1),
+	registryType: z.enum(["selfHosted", "cloud"]),
+	imagePrefix: z.string().nullable().optional(),
+});
+
+export const apiCreateRegistry = createSchema
+	.pick({})
+	.extend({
+		registryName: z.string().min(1),
+		username: z.string().min(1),
+		password: z.string().min(1),
+		registryUrl: z.string(),
+		registryType: z.enum(["selfHosted", "cloud"]),
+		imagePrefix: z.string().nullable().optional(),
+	})
+	.required();
+
+export const apiTestRegistry = createSchema.pick({}).extend({
+	registryName: z.string().min(1),
+	username: z.string().min(1),
+	password: z.string().min(1),
+	registryUrl: z.string(),
+	registryType: z.enum(["selfHosted", "cloud"]),
+	imagePrefix: z.string().nullable().optional(),
+});
+
+export const apiRemoveRegistry = createSchema
+	.pick({
+		registryId: true,
+	})
+	.required();
+
+export const apiFindOneRegistry = createSchema
+	.pick({
+		registryId: true,
+	})
+	.required();
+
+export const apiUpdateRegistry = createSchema.partial().extend({
+	registryId: z.string().min(1),
+});
+
+export const apiEnableSelfHostedRegistry = createSchema
+	.pick({
+		registryUrl: true,
+		username: true,
+		password: true,
+	})
+	.required();
--- a/server/server.ts
+++ b/server/server.ts
@@ -10,7 +10,7 @@ import {
 import { setupDeploymentLogsWebSocketServer } from "./wss/listen-deployment";
 import { setupDockerStatsMonitoringSocketServer } from "./wss/docker-stats";
 import { setupDirectories } from "./setup/config-paths";
-import { initializeNetwork, initializeSwarm } from "./setup/setup";
+import { initializeNetwork } from "./setup/setup";
 import {
 	createDefaultMiddlewares,
 	createDefaultServerTraefikConfig,
@@ -44,7 +44,6 @@ void app.prepare().then(async () => {
 		if (process.env.NODE_ENV === "production") {
 			setupDirectories();
 			createDefaultMiddlewares();
-			await initializeSwarm();
 			await initializeNetwork();
 			createDefaultTraefikConfig();
 			createDefaultServerTraefikConfig();
--- a/server/setup/registry-setup.ts
+++ b/server/setup/registry-setup.ts
@@ -0,0 +1,89 @@
+import type { CreateServiceOptions } from "dockerode";
+import { docker, REGISTRY_PATH } from "../constants";
+import { pullImage } from "../utils/docker/utils";
+import { execAsync } from "../utils/process/execAsync";
+import { generateRandomPassword } from "../auth/random-password";
+
+export const initializeRegistry = async (
+	username: string,
+	password: string,
+) => {
+	const imageName = "registry:2.8.3";
+	const containerName = "dokploy-registry";
+	await generateRegistryPassword(username, password);
+	const randomPass = await generateRandomPassword();
+	const settings: CreateServiceOptions = {
+		Name: containerName,
+		TaskTemplate: {
+			ContainerSpec: {
+				Image: imageName,
+				Env: [
+					"REGISTRY_STORAGE_DELETE_ENABLED=true",
+					"REGISTRY_AUTH=htpasswd",
+					"REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm",
+					"REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd",
+					`REGISTRY_HTTP_SECRET=${randomPass.hashedPassword}`,
+				],
+				Mounts: [
+					{
+						Type: "bind",
+						Source: `${REGISTRY_PATH}/htpasswd`,
+						Target: "/auth/htpasswd",
+						ReadOnly: true,
+					},
+					{
+						Type: "volume",
+						Source: "registry-data",
+						Target: "/var/lib/registry",
+						ReadOnly: false,
+					},
+				],
+			},
+			Networks: [{ Target: "dokploy-network" }],
+			RestartPolicy: {
+				Condition: "on-failure",
+			},
+		},
+		Mode: {
+			Replicated: {
+				Replicas: 1,
+			},
+		},
+		EndpointSpec: {
+			Ports: [
+				{
+					TargetPort: 5000,
+					PublishedPort: 5000,
+					Protocol: "tcp",
+					PublishMode: "host",
+				},
+			],
+		},
+	};
+	try {
+		await pullImage(imageName);
+
+		const service = docker.getService(containerName);
+		const inspect = await service.inspect();
+		await service.update({
+			version: Number.parseInt(inspect.Version.Index),
+			...settings,
+		});
+		console.log("Registry Started ✅");
+	} catch (error) {
+		await docker.createService(settings);
+		console.log("Registry Not Found: Starting ✅");
+	}
+};
+
+const generateRegistryPassword = async (username: string, password: string) => {
+	try {
+		const command = `htpasswd -nbB ${username} "${password}" > ${REGISTRY_PATH}/htpasswd`;
+		const result = await execAsync(command);
+		console.log("Password generated ✅");
+		return result.stdout.trim();
+	} catch (error) {
+		console.error("Error generating password:", error);
+		return null;
+	}
+};
--- a/server/utils/builders/index.ts
+++ b/server/utils/builders/index.ts
@@ -5,6 +5,7 @@ import type { CreateServiceOptions } from "dockerode";
 import {
 	calculateResources,
 	generateBindMounts,
+	generateConfigContainer,
 	generateFileMounts,
 	generateVolumeMounts,
 	prepareEnvironmentVariables,
@@ -13,6 +14,7 @@ import { buildCustomDocker } from "./docker-file";
 import { buildHeroku } from "./heroku";
 import { buildNixpacks } from "./nixpacks";
 import { buildPaketo } from "./paketo";
+import { uploadImage } from "../cluster/upload";

 // NIXPACKS codeDirectory = where is the path of the code directory
 // HEROKU codeDirectory = where is the path of the code directory
@@ -20,7 +22,7 @@ import { buildPaketo } from "./paketo";
 // DOCKERFILE codeDirectory = where is the exact path of the (Dockerfile)
 export type ApplicationNested = InferResultType<
 	"applications",
-	{ mounts: true; security: true; redirects: true; ports: true }
+	{ mounts: true; security: true; redirects: true; ports: true; registry: true }
 >;
 export const buildApplication = async (
 	application: ApplicationNested,
@@ -42,6 +44,10 @@ export const buildApplication = async (
 		} else if (buildType === "dockerfile") {
 			await buildCustomDocker(application, writeStream);
 		}
+
+		if (application.registryId) {
+			await uploadImage(application, writeStream);
+		}
 		await mechanizeDockerContainer(application);
 		writeStream.write("Docker Deployed: ✅");
 	} catch (error) {
@@ -59,8 +65,6 @@ export const mechanizeDockerContainer = async (
 		appName,
 		env,
 		mounts,
-		sourceType,
-		dockerImage,
 		cpuLimit,
 		memoryLimit,
 		memoryReservation,
@@ -75,16 +79,34 @@ export const mechanizeDockerContainer = async (
 		cpuLimit,
 		cpuReservation,
 	});
+
 	const volumesMount = generateVolumeMounts(mounts);
+
+	const {
+		HealthCheck,
+		RestartPolicy,
+		Placement,
+		Labels,
+		Mode,
+		RollbackConfig,
+		UpdateConfig,
+		Networks,
+	} = generateConfigContainer(application);
+
 	const bindsMount = generateBindMounts(mounts);
 	const filesMount = generateFileMounts(appName, mounts);
 	const envVariables = prepareEnvironmentVariables(env);

+	const image = getImageName(application);
+	const authConfig = getAuthConfig(application);
+
 	const settings: CreateServiceOptions = {
+		authconfig: authConfig,
 		Name: appName,
 		TaskTemplate: {
 			ContainerSpec: {
-				Image: sourceType === "docker" ? dockerImage! : `${appName}:latest`,
+				HealthCheck,
+				Image: image,
 				Env: envVariables,
 				Mounts: [...volumesMount, ...bindsMount, ...filesMount],
 				...(command
@@ -93,20 +115,17 @@ export const mechanizeDockerContainer = async (
 							Args: ["-c", command],
 						}
 					: {}),
+				Labels,
 			},
-			Networks: [{ Target: "dokploy-network" }],
-			RestartPolicy: {
-				Condition: "on-failure",
-			},
+			Networks,
+			RestartPolicy,
+			Placement,
 			Resources: {
 				...resources,
 			},
 		},
-		Mode: {
-			Replicated: {
-				Replicas: 1,
-			},
-		},
+		Mode,
+		RollbackConfig,
 		EndpointSpec: {
 			Ports: ports.map((port) => ({
 				Protocol: port.protocol,
@@ -114,10 +133,7 @@ export const mechanizeDockerContainer = async (
 				PublishedPort: port.publishedPort,
 			})),
 		},
-		UpdateConfig: {
-			Parallelism: 1,
-			Order: "start-first",
-		},
+		UpdateConfig,
 	};

 	try {
@@ -132,7 +148,43 @@ export const mechanizeDockerContainer = async (
 			},
 		});
 	} catch (error) {
+		console.log(error);
 		await docker.createService(settings);
 	}
-	// await cleanUpUnusedImages();
+};
+
+const getImageName = (application: ApplicationNested) => {
+	const { appName, sourceType, dockerImage, registry } = application;
+
+	if (sourceType === "docker") {
+		return dockerImage || "ERROR-NO-IMAGE-PROVIDED";
+	}
+
+	const registryUrl = registry?.registryUrl || "";
+	const imagePrefix = registry?.imagePrefix ? `${registry.imagePrefix}/` : "";
+	return registry
+		? `${registryUrl}/${imagePrefix}${appName}`
+		: `${appName}:latest`;
+};
+
+const getAuthConfig = (application: ApplicationNested) => {
+	const { registry, username, password, sourceType } = application;
+
+	if (sourceType === "docker") {
+		if (username && password) {
+			return {
+				password,
+				username,
+				serveraddress: "https://index.docker.io/v1/",
+			};
+		}
+	} else if (registry) {
+		return {
+			password: registry.password,
+			username: registry.username,
+			serveraddress: registry.registryUrl,
+		};
+	}
+
+	return undefined;
 };
--- a/server/utils/cluster/upload.ts
+++ b/server/utils/cluster/upload.ts
@@ -0,0 +1,65 @@
+import type { ApplicationNested } from "../builders";
+import { spawnAsync } from "../process/spawnAsync";
+import type { WriteStream } from "node:fs";
+
+export const uploadImage = async (
+	application: ApplicationNested,
+	writeStream: WriteStream,
+) => {
+	const registry = application.registry;
+
+	if (!registry) {
+		throw new Error("Registry not found");
+	}
+
+	const { registryUrl, imagePrefix, registryType } = registry;
+	const { appName } = application;
+	const imageName = `${appName}:latest`;
+
+	const finalURL =
+		registryType === "selfHosted"
+			? process.env.NODE_ENV === "development"
+				? "localhost:5000"
+				: registryUrl
+			: registryUrl;
+
+	const registryTag = imagePrefix
+		? `${finalURL}/${imagePrefix}/${imageName}`
+		: `${finalURL}/${imageName}`;
+
+	try {
+		console.log(finalURL, registryTag);
+		writeStream.write(
+			`📦 [Enabled Registry] Uploading image to ${registry.registryType} | ${registryTag} | ${finalURL}\n`,
+		);
+
+		await spawnAsync(
+			"docker",
+			["login", finalURL, "-u", registry.username, "-p", registry.password],
+			(data) => {
+				if (writeStream.writable) {
+					writeStream.write(data);
+				}
+			},
+		);
+
+		await spawnAsync("docker", ["tag", imageName, registryTag], (data) => {
+			if (writeStream.writable) {
+				writeStream.write(data);
+			}
+		});
+
+		await spawnAsync("docker", ["push", registryTag], (data) => {
+			if (writeStream.writable) {
+				writeStream.write(data);
+			}
+		});
+	} catch (error) {
+		console.log(error);
+		throw error;
+	}
+};
+// docker:
+// endpoint: "unix:///var/run/docker.sock"
+// exposedByDefault: false
+// swarmMode: true
--- a/server/utils/docker/utils.ts
+++ b/server/utils/docker/utils.ts
@@ -122,10 +122,10 @@ export const cleanUpInactiveContainers = async () => {

 		for (const container of inactiveContainers) {
 			await docker.getContainer(container.Id).remove({ force: true });
-			console.log(`Contenedor eliminado: ${container.Id}`);
+			console.log(`Cleaning up inactive container: ${container.Id}`);
 		}
 	} catch (error) {
-		console.error("Error al limpiar contenedores inactivos:", error);
+		console.error("Error cleaning up inactive containers:", error);
 		throw error;
 	}
 };
@@ -199,6 +199,83 @@ export const calculateResources = ({
 	};
 };

+export const generateConfigContainer = (application: ApplicationNested) => {
+	const {
+		healthCheckSwarm,
+		restartPolicySwarm,
+		placementSwarm,
+		updateConfigSwarm,
+		rollbackConfigSwarm,
+		modeSwarm,
+		labelsSwarm,
+		replicas,
+		mounts,
+		networkSwarm,
+	} = application;
+
+	const haveMounts = mounts.length > 0;
+
+	return {
+		...(healthCheckSwarm && {
+			HealthCheck: healthCheckSwarm,
+		}),
+		...(restartPolicySwarm
+			? {
+					RestartPolicy: restartPolicySwarm,
+				}
+			: {
+					// if no restartPolicySwarm provided use default
+					RestartPolicy: {
+						Condition: "on-failure",
+					},
+				}),
+		...(placementSwarm
+			? {
+					Placement: placementSwarm,
+				}
+			: {
+					// if app have mounts keep manager as constraint
+					Placement: {
+						Constraints: haveMounts ? ["node.role==manager"] : [],
+					},
+				}),
+		...(labelsSwarm && {
+			Labels: labelsSwarm,
+		}),
+		...(modeSwarm
+			? {
+					Mode: modeSwarm,
+				}
+			: {
+					// use replicas value if no modeSwarm provided
+					Mode: {
+						Replicated: {
+							Replicas: replicas,
+						},
+					},
+				}),
+		...(rollbackConfigSwarm && {
+			RollbackConfig: rollbackConfigSwarm,
+		}),
+		...(updateConfigSwarm
+			? { UpdateConfig: updateConfigSwarm }
+			: {
+					// default config if no updateConfigSwarm provided
+					UpdateConfig: {
+						Parallelism: 1,
+						Order: "start-first",
+					},
+				}),
+		...(networkSwarm
+			? {
+					Networks: networkSwarm,
+				}
+			: {
+					Networks: [{ Target: "dokploy-network" }],
+				}),
+	};
+};
+
 export const generateBindMounts = (mounts: ApplicationNested["mounts"]) => {
 	if (!mounts || mounts.length === 0) {
 		return [];
--- a/server/utils/traefik/domain.ts
+++ b/server/utils/traefik/domain.ts
@@ -47,10 +47,7 @@ export const removeDomain = async (appName: string, uniqueKey: number) => {
 	}
 };

-export const createRouterConfig = async (
-	app: ApplicationNested,
-	domain: Domain,
-) => {
+const createRouterConfig = async (app: ApplicationNested, domain: Domain) => {
 	const { appName, redirects, security } = app;
 	const { certificateType } = domain;

--- a/server/utils/traefik/registry.ts
+++ b/server/utils/traefik/registry.ts
@@ -0,0 +1,71 @@
+import type { FileConfig, HttpRouter } from "./file-types";
+import type { Registry } from "@/server/api/services/registry";
+import { removeDirectoryIfExistsContent } from "../filesystem/directory";
+import { REGISTRY_PATH } from "@/server/constants";
+import { dump, load } from "js-yaml";
+import { join } from "node:path";
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
+
+export const manageRegistry = async (registry: Registry) => {
+	if (!existsSync(REGISTRY_PATH)) {
+		mkdirSync(REGISTRY_PATH, { recursive: true });
+	}
+
+	const appName = "dokploy-registry";
+	const config: FileConfig = loadOrCreateConfig();
+
+	const serviceName = `${appName}-service`;
+	const routerName = `${appName}-router`;
+
+	config.http = config.http || { routers: {}, services: {} };
+	config.http.routers = config.http.routers || {};
+	config.http.services = config.http.services || {};
+
+	config.http.routers[routerName] = await createRegistryRouterConfig(registry);
+
+	config.http.services[serviceName] = {
+		loadBalancer: {
+			servers: [{ url: `http://${appName}:5000` }],
+			passHostHeader: true,
+		},
+	};
+
+	const yamlConfig = dump(config);
+	const configFile = join(REGISTRY_PATH, "registry.yml");
+	writeFileSync(configFile, yamlConfig);
+};
+
+export const removeSelfHostedRegistry = async () => {
+	await removeDirectoryIfExistsContent(REGISTRY_PATH);
+};
+
+const createRegistryRouterConfig = async (registry: Registry) => {
+	const { registryUrl } = registry;
+	const routerConfig: HttpRouter = {
+		rule: `Host(\`${registryUrl}\`)`,
+		service: "dokploy-registry-service",
+		entryPoints: [
+			"web",
+			...(process.env.NODE_ENV === "production" ? ["websecure"] : []),
+		],
+		...(process.env.NODE_ENV === "production"
+			? {
+					tls: { certResolver: "letsencrypt" },
+				}
+			: {}),
+	};
+
+	return routerConfig;
+};
+
+const loadOrCreateConfig = (): FileConfig => {
+	const configPath = join(REGISTRY_PATH, "registry.yml");
+	if (existsSync(configPath)) {
+		const yamlStr = readFileSync(configPath, "utf8");
+		const parsedConfig = (load(yamlStr) as FileConfig) || {
+			http: { routers: {}, services: {} },
+		};
+		return parsedConfig;
+	}
+	return { http: { routers: {}, services: {} } };
+};