Temps

Changelog

New updates and improvements to Temps. Follow along as we build the future of self-hosted deployments.

View on GitHubDocumentation
Jump to:v0.0.7v0.0.6v0.0.5v0.0.4v0.0.3v0.1.0
0.0.7
Changelog

Docker Compose, Edge CDN, Email Tracking & Content-Addressable Storage

Docker Compose as a first-class deployment preset, Edge CDN proxy with ECIES-encrypted TLS distribution, email open/click tracking, content-addressable static asset storage, container exec, and CLI deploy commands.

  • Docker Compose as a first-class deployment preset: deploy multi-container apps via git-push with automatic pipeline orchestration
  • Compose override: user-provided YAML merged at deploy time for port remapping, volume overrides, and command changes
  • Public ports model: explicit control over which compose service ports are proxied publicly, each with its own subdomain
  • Service-specific custom domain routing: custom domains can target a specific compose service
  • Compose file picker in project creation: filters files by root directory
  • Per-service URLs in container list and detail views
  • Screenshot capture for Docker Compose deployments
  • Temps system environment variables injected into all compose services via auto-generated override
  • Volume preservation across redeployments; full cleanup on project/environment deletion
  • `temps edge` CLI command: lightweight, stateless CDN proxy node powered by Pingora — no database required
  • Automatic registration with the control plane via X25519 public key exchange
  • ECIES-encrypted TLS certificate delivery with forward secrecy (fresh ephemeral keypair per sync)
  • Content-addressable local cache with LRU eviction
  • Heartbeat reporting every 30 seconds with cache statistics
  • Region labels for analytics grouping
  • SSRF protection for edge node address validation
  • Email open tracking: transparent tracking pixel injected into outgoing HTML emails
  • Email click tracking: all links rewritten to route through tracking endpoint with 302 redirect
  • `email_events` and `email_links` tables for granular tracking event storage
  • Authenticated tracking data endpoints for summary, events, and per-link click stats
  • Open/click count columns in the Sent Emails table with tracking stats card on Email Detail page
  • 116 tests covering tracking service, HTTP handlers, and full E2E flow
  • Static asset caching via SHA-256 content hashing with git-style blob sharding
  • DB-backed URL→hash mapping for proxy-level asset resolution
  • Asset cache purge API and Purge Asset Cache button in environment settings UI
  • Nightly garbage collection for unreferenced blobs
  • One-shot command execution and persistent terminal via WebSocket with PTY resize support
  • `temps deploy image`: deploy pre-built Docker images from any registry
  • `temps deploy static`: deploy static file directories or archives
  • `temps deploy git`: trigger build pipeline from a specific commit, branch, or tag
  • All deploy commands support `--wait` with configurable timeout
  • Replaced all `Command::new("git")` CLI calls with `git2` (libgit2) — git CLI is no longer a runtime dependency
  • `FsFileStore` rewritten as content-addressable store: identical content shares a single blob
  • `persist_static_assets` job no longer blocks `mark_deployment_complete`; runs in parallel
  • Standalone `temps-compose` crate and Stacks UI removed; Docker Compose is now a deployment preset
  • Fixed workflow context clobbering: parallel jobs overwrote each other's outputs — root cause of containers not registering after deployment
  • Fixed container registration silently skipped: `persist_static_assets` blocking `mark_deployment_complete`
  • Fixed orphaned container teardown: added slug-based fallback cleanup
  • Fixed SQL injection surface: ORDER BY identifiers now quoted for CamelCase PostgreSQL column support
  • Fixed CPU stats always showing 0.0% by switching Docker stats API from one-shot to stream mode
  • Fixed compose override port parsing for both quoted and unquoted port entries
  • Fixed GitHub API rate limiting on public repos: all endpoints use authenticated tokens
  • Fixed `temps deploy static` runtime panic from duplicate short alias
  • Fixed edge proxy `.unwrap()` calls: replaced with `?` error propagation
  • Fixed incorrect `corepack` command for pnpm in Next.js preset
  • Fixed network throughput display showing cumulative total instead of actual rate
  • Fixed erroneous `--` in git checkout command (#40)
0.0.6
Changelog

Multi-Node Clusters, AI Gateway & Scale-to-Zero

The biggest release yet — distribute deployments across multiple nodes with WireGuard networking, route AI traffic through a unified gateway, collect GenAI traces, promote deployments between environments, and sleep idle environments to zero with automatic wake-on-request.

  • Distribute deployments across a control plane and multiple worker nodes connected via WireGuard private networking
  • `temps-agent` crate: worker node agent with Docker runtime, token-based auth, and deploy/status/stop/logs API
  • `temps-wireguard` crate: WireGuard tunnel management for secure node-to-node networking
  • `temps agent` and `temps join` CLI commands for worker node setup (direct or relay mode)
  • `temps node` CLI subcommand with list, show, drain, and remove operations
  • Node scheduler with LeastLoaded (default) and RoundRobin strategies; resource-aware placement with configurable max load threshold
  • Cross-node service connectivity: environment variables rewritten for remote containers to reach services on the control plane via private IP
  • Multi-node-aware route table: proxy resolves worker node private addresses with round-robin load balancing
  • Node health check job monitoring worker heartbeats with automatic offline marking
  • Node drain with workload migration, `--wait` flag, and configurable timeout
  • Nodes management page in the web UI with resource usage visualization and per-node container listing
  • Alarm and monitoring system with container restart, OOM, high CPU/memory, outage, and deployment failure detection
  • AI Gateway with multi-provider support for routing AI traffic through a unified endpoint
  • GenAI OTel tracing: collect and visualize AI conversations from `gen_ai.*` spans with Vercel AI SDK fallback support
  • Conversation view, token usage aggregation, and tool call detail for AI traces
  • AI usage analytics: per-model token tracking with agent/session context, BYOK vs platform key breakdown
  • Vercel AI SDK tracing examples (Node.js) and Python GenAI tracing examples
  • Deployment promotion between environments with environment protection settings (required reviewers, branch restrictions)
  • On-demand scale-to-zero environments: sleep after configurable idle timeout and wake automatically on incoming HTTP requests via proxy integration
  • Environment password protection: cookie-based password wall with HMAC-signed cookies and argon2 hashing, served by the proxy
  • OpenTelemetry ingest and query system (`temps-otel` crate) with OTLP/protobuf support for traces, metrics, and logs; web UI with filterable trace list and waterfall span visualization
  • Structured log aggregator (`temps-log-aggregator` crate): real-time Docker container log collection with compressed NDJSON chunk storage, live tail via SSE, and automatic retention cleanup
  • Frontend log history viewer with search filters, pagination, and virtualized rendering
  • `ProxyLogBatchWriter`: bounded channel with batch INSERT (up to 200 rows/flush) replacing unbounded fire-and-forget spawns
  • Resource monitoring tab with per-environment CPU, memory, and disk metrics
  • Analytics overview charts: Channels, Devices, Languages, Operating Systems, and UTM Campaigns with bar visualization
  • Drill-down navigation in Browsers, Locations, and OS charts with breadcrumb navigation
  • Funnel card step pipeline: horizontal pipeline showing per-step completions and conversion rates
  • External plugin system: standalone binaries in `~/.temps/plugins/` auto-discovered and integrated at boot via Unix domain sockets
  • `temps-plugin-sdk` crate with `ExternalPlugin` trait, `main!()` macro, and hyper-over-UDS runtime
  • OpenAPI schema propagation for external plugins with automatic path prefixing
  • Encryption at rest for environment variables with AES-256-GCM via `EncryptionService`
  • Embedded userspace WireGuard via defguard/boringtun — eliminates `wireguard-tools` system dependency
  • Upgraded Pingora from 0.7.0 to 0.8.0 with ProxyServiceBuilder and downstream connection keepalive limits
  • MCP (Model Context Protocol) server with 210 tools across 30 domain modules
  • Proxy converts HTML responses to Markdown on the fly for `Accept: text/markdown` (Cloudflare Markdown for Agents compatible)
  • Automatic `CRON_SECRET` injection into deployed containers with Bearer auth for cron endpoints
  • Service clusters: HA PostgreSQL via pg_auto_failover with multi-host connection strings
  • Server-side domain pagination with search and reusable `DomainSelector` combobox component
  • Fixed duplicate live visitors: proxy double-decrypted the visitor cookie causing new visitor records on every returning page load
  • Fixed static deployment visitor duplication by skipping visitor creation for static asset paths
  • Fixed proxy returning incorrect `Content-Length` for HEAD responses over HTTP/2
  • Added upstream connection/read/write/idle timeouts and automatic retry on stale connections
  • Replaced PostgreSQL advisory lock with process-level `tokio::Mutex` for deployment locking
  • Fixed deployment queue starvation: route confirmation poll now runs on every loop iteration
  • Fixed phantom deployments on node drain/failover with smart drain logic
  • Fixed GenAI trace token counts showing as zero (PostgreSQL SUM type mismatch)
  • Fixed funnel edit page always showing "Funnel Not Found"
  • Fixed funnel card metrics never loading due to date format mismatch
  • Fixed proxy memory leak from unbounded fire-and-forget INSERT spawns
  • Fixed Dockerfile path not saved in project settings
  • Patched critical HTTP Request Smuggling vulnerabilities in `pingora-core`
  • Patched high-severity `aws-lc-sys` vulnerabilities: PKCS7 bypass, cert chain bypass, AES-CCM timing side-channel
  • Patched `jsonwebtoken` type confusion authorization bypass
  • Patched `quinn-proto` unauthenticated remote DoS via panic in QUIC transport
  • Updated Vercel AI SDK to 5.x to fix file upload whitelist bypass

Multi-node architecture

Temps now supports distributing deployments across multiple servers. Set up a control plane with `temps serve`, then add worker nodes with `temps join` and `temps agent`. Nodes communicate over WireGuard tunnels, and the scheduler automatically places containers on the least-loaded nodes. Drain a node to gracefully migrate workloads before maintenance.

Scale-to-zero environments

Environments can now sleep after a configurable idle timeout and wake automatically when an HTTP request arrives. The proxy detects sleeping environments, triggers a wake, and holds the request until the container is healthy — all transparent to the end user. Great for staging, preview, and development environments that don't need to run 24/7.

0.0.5
Changelog

OpenTelemetry, External Plugins & Backup Improvements

OpenTelemetry ingest with trace visualization, a plugin system for extending Temps with standalone binaries, and major improvements to database backup reliability.

  • OTel ingest and query system with OTLP/protobuf support for traces, metrics, and logs
  • Web UI with filterable trace list and waterfall span visualization
  • Header-based and path-based ingest routes with API key and deployment token auth
  • Standalone binary plugin system: auto-discovered in `~/.temps/plugins/` and integrated at boot
  • Plugin SDK with `ExternalPlugin` trait and Unix domain socket runtime
  • Frontend dynamic plugin integration with sidebar nav entries and command palette search
  • PostgreSQL backup now runs `pg_dump` inside a disposable sidecar container, eliminating OOM kills
  • TimescaleDB databases supported via `--format=custom` with advisory circular-FK warnings suppressed
  • Proxy HTML-to-Markdown conversion extracts `<main>` content before conversion
  • Lifecycle management improvements and bounded caches for memory safety across 11 crates
  • Fixed proxy log retention and vulnerability scanner filtering
  • Install script now uses `bash` instead of `sh`, fixing failures on Ubuntu 24
  • Added protoc dependency to release workflow for `temps-otel` build
0.0.4
Changelog

Analytics Dashboard & CLI Improvements

Enhanced analytics dashboard with drag-to-zoom and referrer tracking, plus CLI usability improvements for service management and deployment rollbacks.

  • Analytics dashboard with drag-to-zoom for time range selection
  • Referrer tracking improvements with favicon display and better naming
  • Hardcoded fallback for service required parameters in CLI wizard
  • Moved logs under deployments subcommand with improved log rendering
  • Fixed required parameter population when creating services in wizard
  • Added pre-flight image existence check before deployment rollback
  • Removed internal ID headers from proxy responses
0.0.3
Changelog

Docker Image Deployments, Templates & Demo Mode

Deploy local Docker images and static files directly, project templates for quick starts, and a demo mode for trying Temps without a full setup.

  • Local Docker image deployment command with verification job
  • Remote deployment support and enhanced project source types
  • Static file deployment support
  • Docker image inspection and platform validation improvements
  • Project templates configuration for quick-start scaffolding
  • Demo mode with enhanced UI components
  • Migration command for database schema management
  • System user creation for webhook context
  • Visitor journey and page flow analytics endpoints
  • Date filtering for visitor analytics
  • EarthGlobe component for geographic visitor visualization
  • Recent activity endpoint for real-time event tracking
  • Fixed deployment routing for Docker image uploads in git projects
  • Fixed environment slug usage for manual deployment URLs
0.1.0
Changelog

Initial Release

The first public release of Temps — a self-hosted deployment platform built with Rust and powered by Cloudflare Pingora.

  • Core deployment engine with zero-downtime deployments
  • Support for Node.js, Python, Go, and Rust applications
  • Git provider integrations (GitHub, GitLab) for auto-deployments
  • Reverse proxy with automatic TLS/ACME via Pingora
  • Managed services (PostgreSQL, Redis, S3)
  • Analytics engine with funnels and session replay
  • Error tracking (Sentry-compatible)
  • Status page and uptime monitoring
  • Web UI built with React and Rsbuild
  • PostgreSQL with TimescaleDB for metrics storage

Getting started

Temps is designed to be easy to self-host. Run the install script to download the binary, then `temps setup` to configure your server. Check out the quickstart guide to get up and running in minutes.