Skip to content

Releases: wnstify/wdm

v1.0.3

18 Jun 19:39
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v1.0.3
This tag was signed with the committer’s verified signature.
wnstfy Simon Gajdosik
SSH Key Fingerprint: 8IL6V/p2u1k1gjaWW5sSOxbFOd6MPPGQYZd8Ukzoncc
Verified
Learn about vigilant mode.
f0aba51
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.0.3 Latest
Latest

Fixed

  • Treat catalog resource bands as guidance and Docker limit caps instead of
    blocking installs when the host is below the curated minimum profile.
  • Fixed Stoat startup ordering so the crond service no longer waits on the
    mongo-init migration seeding job during install.
Assets 10
Loading

v1.0.2

18 Jun 17:29
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v1.0.2
This tag was signed with the committer’s verified signature.
wnstfy Simon Gajdosik
SSH Key Fingerprint: 8IL6V/p2u1k1gjaWW5sSOxbFOd6MPPGQYZd8Ukzoncc
Verified
Learn about vigilant mode.
30f1d1c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.0.2

Fixed

  • Advanced the stable catalog version so existing installs can receive the
    Stoat LiveKit UID/GID template fix through wdm catalog update.

CI

  • Added a catalog freshness guard so catalog or template changes must advance
    the stable catalog generated_at timestamp before release.
Loading

v1.0.1

18 Jun 15:41
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v1.0.1
This tag was signed with the committer’s verified signature.
wnstfy Simon Gajdosik
SSH Key Fingerprint: 8IL6V/p2u1k1gjaWW5sSOxbFOd6MPPGQYZd8Ukzoncc
Verified
Learn about vigilant mode.
1e61ece
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.0.1

The first public release of wdm (Webnestify Docker Manager), a Go terminal
application combining a Bubble Tea TUI and a CLI for installing, updating, and
checking a curated set of Docker Compose self-hosting templates. It targets
Linux amd64 (Debian 12/13 and Ubuntu 24.04/26.04) with Docker 20.10+ and
Compose V2.

Added

  • Install, update, status, remove, and self-update workflows for curated
    Docker Compose stacks, from both the TUI and the CLI.
  • Per-stack locking plus generation of each stack's .env and Compose files.
  • Automatic secret generation with redaction: secrets never reach logs or
    JSON output.
  • Pre-change backups and a cancellation-safe rollback when an install fails.
  • Signed-and-verified catalog and release artifacts that fail closed on a
    missing or invalid signature, checksum, or attestation.
  • Runs without root or sudo, and never destroys volumes on remove.

Catalog

Nineteen curated apps ship at launch (catalog schema version 2): Uptime Kuma,
FreshRSS, Jellyfin, n8n, Navidrome, Open WebUI, SerpBear, qBittorrent,
Syncthing, Baserow, Nextcloud, DocuSeal, Vaultwarden, Authentik, MeshCentral,
WireGuard + AdGuard Home, Zulip, Dockhand, and Stoat.

Security and verification

Each release publishes seven assets:

  • wdm-linux-amd64 — the linux/amd64 binary.
  • catalog-stable.tar.gz — the stable-channel catalog bundle.
  • attestation.json — multi-subject SLSA provenance attestation.
  • wdm-linux-amd64.spdx.json — SPDX 2.3 JSON SBOM of the binary.
  • SHA256SUMS — checksums over the payload files.
  • SHA256SUMS.sig — detached Ed25519 signature over SHA256SUMS for
    in-product verification.
  • SHA256SUMS.cosign.bundle — keyless cosign/Sigstore bundle over
    SHA256SUMS for human and CI verification.

See SECURITY.md for the full verification procedure.

Known issues

The following end-to-end behaviors are not yet covered by the automated install
smoke matrix and are scheduled for validation after v1:

  • WireGuard + AdGuard Home: the public peer (VPN) tunnel path.
  • Open WebUI: live model conversation.
  • Stoat: voice, gifbox, and web-push features.
Loading

v1.0.0

17 Jun 19:33
@github-actions github-actions
v1.0.0
This tag was signed with the committer’s verified signature.
wnstfy Simon Gajdosik
SSH Key Fingerprint: 8IL6V/p2u1k1gjaWW5sSOxbFOd6MPPGQYZd8Ukzoncc
Verified
Learn about vigilant mode.
d0d97e4
This commit was signed with the committer’s verified signature.
wnstfy Simon Gajdosik
SSH Key Fingerprint: 8IL6V/p2u1k1gjaWW5sSOxbFOd6MPPGQYZd8Ukzoncc
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.0.0

The first public release of wdm (Webnestify Docker Manager), a Go terminal
application combining a Bubble Tea TUI and a CLI for installing, updating, and
checking a curated set of Docker Compose self-hosting templates. It targets
Linux amd64 (Debian 12/13 and Ubuntu 24.04/26.04) with Docker 20.10+ and
Compose V2.

Added

  • Install, update, status, remove, and self-update workflows for curated
    Docker Compose stacks, from both the TUI and the CLI.
  • Per-stack locking plus generation of each stack's .env and Compose files.
  • Automatic secret generation with redaction: secrets never reach logs or
    JSON output.
  • Pre-change backups and a cancellation-safe rollback when an install fails.
  • Signed-and-verified catalog and release artifacts that fail closed on a
    missing or invalid signature, checksum, or attestation.
  • Runs without root or sudo, and never destroys volumes on remove.

Catalog

Nineteen curated apps ship at launch (catalog schema version 2): Uptime Kuma,
FreshRSS, Jellyfin, n8n, Navidrome, Open WebUI, SerpBear, qBittorrent,
Syncthing, Baserow, Nextcloud, DocuSeal, Vaultwarden, Authentik, MeshCentral,
WireGuard + AdGuard Home, Zulip, Dockhand, and Stoat.

Security and verification

Each release publishes seven assets:

  • wdm-linux-amd64 — the linux/amd64 binary.
  • catalog-stable.tar.gz — the stable-channel catalog bundle.
  • attestation.json — multi-subject SLSA provenance attestation.
  • wdm-linux-amd64.spdx.json — SPDX 2.3 JSON SBOM of the binary.
  • SHA256SUMS — checksums over the payload files.
  • SHA256SUMS.sig — detached Ed25519 signature over SHA256SUMS for
    in-product verification.
  • SHA256SUMS.cosign.bundle — keyless cosign/Sigstore bundle over
    SHA256SUMS for human and CI verification.

See SECURITY.md for the full verification procedure.

Known issues

The following end-to-end behaviors are not yet covered by the automated install
smoke matrix and are scheduled for validation after v1:

  • WireGuard + AdGuard Home: the public peer (VPN) tunnel path.
  • Open WebUI: live model conversation.
  • Stoat: voice, gifbox, and web-push features.
Loading