Convert things to regional cache

Show the input validation in the error report
Remove NoNewPrivileges
2026-06-22 07:12:04 +00:00 · 2026-06-21 16:01:46 -04:00 · 2026-06-19 13:02:38 -04:00 · 2026-06-14 15:02:18 -07:00
10 changed files with 27 additions and 23 deletions
--- a/server/lib/billing/usageService.ts
+++ b/server/lib/billing/usageService.ts
@@ -12,7 +12,7 @@ import {
 import { FeatureId, getFeatureMeterId } from "./features";
 import logger from "@server/logger";
 import { build } from "@server/build";
-import cache from "#dynamic/lib/cache";
+import { regionalCache as cache } from "#dynamic/lib/cache";

 export function noop() {
    if (build !== "saas") {
@@ -22,7 +22,6 @@ export function noop() {
 }

 export class UsageService {
-
    constructor() {
        if (noop()) {
            return;
@@ -57,7 +56,10 @@ export class UsageService {
            try {
                let usage;
                if (transaction) {
-                    const orgIdToUse = await this.getBillingOrg(orgId, transaction);
+                    const orgIdToUse = await this.getBillingOrg(
+                        orgId,
+                        transaction
+                    );
                    usage = await this.internalAddUsage(
                        orgIdToUse,
                        featureId,
--- a/server/lib/blueprints/applyBlueprint.ts
+++ b/server/lib/blueprints/applyBlueprint.ts
@@ -48,18 +48,18 @@ export async function applyBlueprint({
    name,
    source = "API"
 }: ApplyBlueprintArgs): Promise<Blueprint> {
-    // Validate the input data
-    const validationResult = ConfigSchema.safeParse(configData);
-    if (!validationResult.success) {
-        throw new Error(fromError(validationResult.error).toString());
-    }
-
-    const config: Config = validationResult.data;
    let blueprintSucceeded: boolean = false;
-    let blueprintMessage: string;
+    let blueprintMessage = "";
    let error: any | null = null;

    try {
+        const validationResult = ConfigSchema.safeParse(configData);
+        if (!validationResult.success) {
+            throw new Error(fromError(validationResult.error).toString());
+        }
+
+        const config: Config = validationResult.data;
+
        let proxyResourcesResults: PublicResourcesResults = [];
        let clientResourcesResults: ClientResourcesResults = [];
        await db.transaction(async (trx) => {
--- a/server/private/lib/certificates.ts
+++ b/server/private/lib/certificates.ts
@@ -17,7 +17,7 @@ import { certificates, db } from "@server/db";
 import { and, eq, isNotNull, or, inArray, sql } from "drizzle-orm";
 import { decrypt } from "@server/lib/crypto";
 import logger from "@server/logger";
-import cache from "#private/lib/cache";
+import { regionalCache as cache } from "#private/lib/cache";
 import { build } from "@server/build";

 // Define the return type for clarity and type safety
--- a/server/private/routers/remoteExitNode/listRemoteExitNodes.ts
+++ b/server/private/routers/remoteExitNode/listRemoteExitNodes.ts
@@ -22,7 +22,7 @@ import createHttpError from "http-errors";
 import logger from "@server/logger";
 import { fromError } from "zod-validation-error";
 import { ListRemoteExitNodesResponse } from "@server/routers/remoteExitNode/types";
-import cache from "#private/lib/cache";
+import { regionalCache as cache } from "#private/lib/cache";
 import semver from "semver";

 let stalePangolinNodeVersion: string | null = null;
--- a/server/routers/newt/getNewtVersion.ts
+++ b/server/routers/newt/getNewtVersion.ts
@@ -10,7 +10,7 @@ import { verifyPassword } from "@server/auth/password";
 import response from "@server/lib/response";
 import HttpCode from "@server/types/HttpCode";
 import logger from "@server/logger";
-import cache from "#dynamic/lib/cache";
+import { regionalCache as cache } from "#dynamic/lib/cache";
 import config from "@server/lib/config";

 // Stale-while-revalidate in-memory fallback for the releases API.
--- a/server/routers/newt/handleSocketMessages.ts
+++ b/server/routers/newt/handleSocketMessages.ts
@@ -2,7 +2,7 @@ import { MessageHandler } from "@server/routers/ws";
 import logger from "@server/logger";
 import { Newt } from "@server/db";
 import { applyNewtDockerBlueprint } from "@server/lib/blueprints/applyNewtDockerBlueprint";
-import cache from "#dynamic/lib/cache";
+import cache from "#dynamic/lib/cache"; // not using regional here because we dont know where the site is

 export const handleDockerStatusMessage: MessageHandler = async (context) => {
    const { message, client, sendToClient } = context;
--- a/server/routers/olm/handleOlmRegisterMessage.ts
+++ b/server/routers/olm/handleOlmRegisterMessage.ts
@@ -20,7 +20,7 @@ import { handleFingerprintInsertion } from "./fingerprintingUtils";
 import { build } from "@server/build";
 import { canCompress } from "@server/lib/clientVersionChecks";
 import config from "@server/lib/config";
-import cache from "#dynamic/lib/cache";
+import cache from "#dynamic/lib/cache"; // not using regional here because we need this in the register message handler before we know where the client is

 const HOLEPUNCH_STALE_CHAIN_THRESHOLD = 18;
 const HOLEPUNCH_STALE_CHAIN_TTL_SECONDS = 1800;
--- a/server/routers/resource/listUserResourceAliases.ts
+++ b/server/routers/resource/listUserResourceAliases.ts
@@ -15,8 +15,7 @@ import logger from "@server/logger";
 import { z } from "zod";
 import { fromZodError } from "zod-validation-error";
 import type { PaginatedResponse } from "@server/types/Pagination";
-import { OpenAPITags, registry } from "@server/openApi";
-import { localCache } from "#dynamic/lib/cache";
+import { regionalCache as cache } from "#dynamic/lib/cache";

 const USER_RESOURCE_ALIASES_CACHE_TTL_SEC = 60;

@@ -153,7 +152,7 @@ export async function listUserResourceAliases(
            pageSize
        );
        const cachedData: ListUserResourceAliasesResponse | undefined =
-            localCache.get(cacheKey);
+            await cache.get(cacheKey);

        if (cachedData) {
            return response<ListUserResourceAliasesResponse>(res, {
@@ -211,7 +210,11 @@ export async function listUserResourceAliases(
                    page
                }
            };
-            localCache.set(cacheKey, data, USER_RESOURCE_ALIASES_CACHE_TTL_SEC);
+            await cache.set(
+                cacheKey,
+                data,
+                USER_RESOURCE_ALIASES_CACHE_TTL_SEC
+            );
            return response<ListUserResourceAliasesResponse>(res, {
                data,
                success: true,
@@ -256,7 +259,7 @@ export async function listUserResourceAliases(
                page
            }
        };
-        localCache.set(cacheKey, data, USER_RESOURCE_ALIASES_CACHE_TTL_SEC);
+        await cache.set(cacheKey, data, USER_RESOURCE_ALIASES_CACHE_TTL_SEC);

        return response<ListUserResourceAliasesResponse>(res, {
            data,
--- a/server/routers/site/listSites.ts
+++ b/server/routers/site/listSites.ts
@@ -14,7 +14,7 @@ import {
    siteLabels,
    type Label
 } from "@server/db";
-import cache from "#dynamic/lib/cache";
+import { regionalCache as cache } from "#dynamic/lib/cache";
 import response from "@server/lib/response";
 import logger from "@server/logger";
 import { OpenAPITags, registry } from "@server/openApi";
--- a/src/components/newt-install-commands.tsx
+++ b/src/components/newt-install-commands.tsx
@@ -139,7 +139,6 @@ Restart=always
 RestartSec=2
 UMask=0077

-NoNewPrivileges=true
 PrivateTmp=true

 [Install]
Author	SHA1	Message	Date
Owen	bc28290d8e	Convert things to regional cache	2026-06-21 16:01:46 -04:00
Owen	241610579c	Show the input validation in the error report	2026-06-19 13:02:38 -04:00
Owen	f9cc52ece9	Remove NoNewPrivileges Fixes https://github.com/fosrl/newt/issues/383	2026-06-14 15:02:18 -07:00