Add GATEWAY_UDP_PORT environment variable with default value 51900 to replace hardcoded port 51820. Update DEFAULT_GATEWAY_ENDPOINT in .env.example to use new port. Add UDP port mapping to gateway service in docker-compose using GATEWAY_UDP_PORT. Add NEXAVPN_GATEWAY_LISTEN_PORT environment variable to gateway container. Update gateway-entrypoint.sh to use GATEWAY_LISTEN_PORT variable in bootstrap payload and WireGuard interface configuration.
Add rx_bytes and tx_bytes fields to Device type and API responses. Add formatDataSize helper for human-readable byte formatting with units from B to TB. Add Received and Sent columns to devices table in admin UI with formatted traffic totals. Add traffic metrics display to device action panel.
Add TelemetrySnapshot and PeerTelemetry types for gateway runtime stats. Add gateway telemetry endpoint at POST /gateway
Add tunnel_status command to desktop client for querying active tunnel state. Add is_active method to tunnel_manager that calls status command on bundled backend. Add status command to tunnel-helper that checks WireGuard service state on Windows via sc query and interface state on macOS via wg show. Add windows_client_status function for IPC-based status queries with active field in TunnelResponse. Update App.tsx to query tunnel status on
Remove wait_for_backend_dns function and its invocation from apply_bundle, relying instead on curl connectivity checks in main loop to handle backend availability. Simplifies bootstrap logic by removing redundant DNS verification step.
Add getent availability check before attempting DNS resolution in wait_for_backend_dns function. Fall back to allowing curl connectivity check in main loop when getent is not available, supporting Alpine-based images that don't ship getent by default.
Add wait_for_backend_dns function to verify backend hostname resolution before attempting bootstrap/sync operations. Configure NEXAVPN_BACKEND_HOST environment variable and net.ipv4.ip_forward sysctl in docker-compose. Use atomic write pattern for state.json via temporary file to prevent corruption on failed downloads. Make sysctl ip_forward call conditional on write permissions and non-fatal.
Add depends_on backend service to gateway in docker-compose to ensure backend is available before gateway starts. Refactor gateway-entrypoint.sh to move bootstrap logic into apply_bundle function with error handling, enabling automatic retry on bootstrap failure instead of exiting immediately.
Add Bootstrap and AgentSyncBundle handlers to gateway package with X-Gateway-Bootstrap-Token header authentication. Implement UpsertByName repository method for idempotent gateway registration. Update gateway entrypoint script to auto-generate keys and bootstrap gateway on first run, persisting gateway ID to disk. Add GATEWAY_BOOTSTRAP_TOKEN config and update environment variables for gateway name, bootstrap URL, and sync URL.
Add monorepo structure for NexaVPN WireGuard control plane including:
- .gitignore for node_modules, build artifacts, and environment files
- README with project overview, monorepo layout, and quick start guide
- Admin web UI with React, Vite, TypeScript, and nginx reverse proxy
- API client with type definitions for users, devices, policies, gateways, and audit logs
- Admin pages for dashboard, users, devices, policies, g
