v6.10.0

feat(ops-view-certificates): Make Export and Delete actions available inline (inRow) as well as in the context menu; bump @design.estate/dees-catalog to ^3.43.0
v6.9.0
2026-02-17 17:49:12 +00:00 · 2026-02-17 17:49:12 +00:00 · 2026-02-17 16:28:33 +00:00 · 2026-02-17 16:28:33 +00:00 · 2026-02-17 14:17:18 +00:00 · 2026-02-17 14:17:18 +00:00
18 changed files with 1035 additions and 226 deletions
--- a/changelog.md
+++ b/changelog.md
@@ -1,5 +1,79 @@
 # Changelog

+## 2026-02-17 - 6.10.0 - feat(ops-view-certificates)
+Make Export and Delete actions available inline (inRow) as well as in the context menu; bump @design.estate/dees-catalog to ^3.43.0
+
+- Added 'inRow' to action types for 'Export' and 'Delete' in ts_web/elements/ops-view-certificates.ts to expose actions inline in the row
+- Updated dependency @design.estate/dees-catalog from ^3.42.2 to ^3.43.0 in package.json
+
+## 2026-02-17 - 6.9.0 - feat(certificates)
+add certificate import, export, and deletion support (server handlers, request types, and UI)
+
+- Add typed request handlers in opsserver: deleteCertificate, exportCertificate, importCertificate (ts/opsserver/handlers/certificate.handler.ts)
+- Implement deleteCertificate/exportCertificate/importCertificate functions handling storage paths, in-memory status map updates, backoff clearing, validation, and SmartAcme-compatible /certs/ and /proxy-certs/ formats
+- Add request interfaces IReq_DeleteCertificate, IReq_ExportCertificate, IReq_ImportCertificate (ts_interfaces/requests/certificate.ts)
+- Add web app actions deleteCertificateAction, importCertificateAction and fetchCertificateExport to call new typed requests (ts_web/appstate.ts)
+- Update certificates UI to support Import, Export, and Delete actions and add downloadJsonFile helper (ts_web/elements/ops-view-certificates.ts)
+
+## 2026-02-17 - 6.8.0 - feat(remote-ingress)
+support auto-deriving ports for remote ingress edges and expose manual/derived port breakdown in API and UI
+
+- Add autoDerivePorts flag to IRemoteIngress with default true and migration to set existing stored edges to autoDerivePorts = true
+- RemoteIngressManager: getEffectiveListenPorts now returns the union of manual + derived ports when autoDerivePorts is enabled; added getPortBreakdown to return manual vs derived lists
+- API handlers updated: create/update requests accept autoDerivePorts; responses now include effectiveListenPorts, manualPorts, and derivedPorts (secrets still masked)
+- Web UI updated: create and edit dialogs include an Auto-derive checkbox; port badges now visually distinguish manual vs derived ports; added updateRemoteIngressAction
+- Non-breaking change: new field defaults to true so existing behavior is preserved
+
+## 2026-02-17 - 6.7.0 - feat(remote-ingress)
+Support auto-derived effective listen ports, make listenPorts optional, add toggle action and refine remote ingress creation/management UI
+
+- Add effectiveListenPorts?: number[] to IRemoteIngress interface (present in API responses)
+- Make createRemoteIngressAction.listenPorts optional and update creation modal to allow empty ports (auto-derived)
+- Add toggleRemoteIngressAction to enable/disable remote ingress edges and wire up Enable/Disable row/context-menu actions
+- Update getPortsHtml to prefer manual listenPorts, fall back to effectiveListenPorts, show '(auto)' when derived and 'none' when no ports
+- Standardize UI actions to use inRow/contextmenu and actionFunc signatures; update create modal to use explicit Cancel/Create menu options and collect form data programmatically
+
+## 2026-02-17 - 6.6.1 - fix(icons)
+standardize icon identifiers to lucide-prefixed names across operational views
+
+- Replaced legacy/ambiguous icon names with 'lucide:...' identifiers in four UI modules: ts_web/elements/ops-view-certificates.ts, ops-view-network.ts, ops-view-overview.ts, and ops-view-security.ts.
+- Updated common action/menu icons (e.g. arrowsRotate -> lucide:RefreshCw, magnifyingGlass -> lucide:Search, copy -> lucide:Copy, fileExport -> lucide:FileOutput).
+- Mapped dashboard/tile icons to lucide equivalents (e.g. server -> lucide:Server, networkWired/sitemap -> lucide:Network, download/upload -> lucide:Download/Upload, microchip/memory -> lucide:Cpu/MemoryStick).
+- Normalized alert and status icons to lucide names (e.g. triangleExclamation -> lucide:TriangleAlert, shield/userShield -> lucide:Shield/ShieldCheck, clock/clockRotateLeft -> lucide:Clock/History).
+
+## 2026-02-17 - 6.6.0 - feat(remoteingress)
+derive effective remote ingress listen ports from route configs and expose them via ops API
+
+- Derive listen ports from SmartProxy route configs with remoteIngress.enabled; supports optional edgeFilter to target edges by id or tags.
+- Add RemoteIngressManager.setRoutes(), derivePortsForEdge(), and getEffectiveListenPorts() which falls back to manual listenPorts when present.
+- dcrouter now supplies route configs to RemoteIngressManager during initialization and when updating SmartProxy configuration to keep derived ports in sync.
+- Ops API now returns effectiveListenPorts for edges; createRemoteIngress.listenPorts is optional and createEdge defaults listenPorts to an empty array.
+- Bump dependency @serve.zone/remoteingress to ^3.0.4 to align types/behavior.
+
+## 2026-02-16 - 6.5.0 - feat(ops-view-remoteingress)
+add 'Create Edge Node' header action to remote ingress table and remove duplicate createNewAction
+
+- Add a 'Create Edge Node' header action in dataActions that opens DeesModal to collect name, listenPorts and tags
+- Parse comma-separated listenPorts into integer array and normalize optional tags
+- Dispatch appstate.createRemoteIngressAction with the collected payload
+- Remove the previously duplicated createNewAction prop from the dees-table
+
+## 2026-02-16 - 6.4.5 - fix(remoteingress)
+mark remote ingress data actions as row actions and bump @design.estate/dees-catalog dependency
+
+- Add type:['row'] to 'Regenerate Secret' and 'Delete' dataActions in ts_web/elements/ops-view-remoteingress.ts to ensure they are treated as row actions in the UI
+- Bump @design.estate/dees-catalog from ^3.42.0 to ^3.42.2 in package.json
+
+## 2026-02-16 - 6.4.4 - fix(deps)
+bump @push.rocks/smartproxy to ^25.7.3
+
+- Updated @push.rocks/smartproxy from ^25.7.2 to ^25.7.3 in package.json
+
+## 2026-02-16 - 6.4.3 - fix(deps)
+bump @push.rocks/smartproxy to ^25.7.2
+
+- Updated package.json: @push.rocks/smartproxy ^25.7.1 -> ^25.7.2 (patch dependency update)
+
 ## 2026-02-16 - 6.4.2 - fix(smartproxy)
 bump @push.rocks/smartproxy to ^25.7.1

--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@serve.zone/dcrouter",
  "private": false,
-  "version": "6.4.2",
+  "version": "6.10.0",
  "description": "A multifaceted routing service handling mail and SMS delivery functions.",
  "type": "module",
  "exports": {
@@ -32,7 +32,7 @@
    "@api.global/typedserver": "^8.3.0",
    "@api.global/typedsocket": "^4.1.0",
    "@apiclient.xyz/cloudflare": "^7.1.0",
-    "@design.estate/dees-catalog": "^3.42.0",
+    "@design.estate/dees-catalog": "^3.43.0",
    "@design.estate/dees-element": "^2.1.6",
    "@push.rocks/projectinfo": "^5.0.2",
    "@push.rocks/qenv": "^6.1.3",
@@ -49,14 +49,14 @@
    "@push.rocks/smartnetwork": "^4.4.0",
    "@push.rocks/smartpath": "^6.0.0",
    "@push.rocks/smartpromise": "^4.2.3",
-    "@push.rocks/smartproxy": "^25.7.1",
+    "@push.rocks/smartproxy": "^25.7.3",
    "@push.rocks/smartradius": "^1.1.1",
    "@push.rocks/smartrequest": "^5.0.1",
    "@push.rocks/smartrx": "^3.0.10",
    "@push.rocks/smartstate": "^2.0.30",
    "@push.rocks/smartunique": "^3.0.9",
    "@serve.zone/interfaces": "^5.3.0",
-    "@serve.zone/remoteingress": "^3.0.2",
+    "@serve.zone/remoteingress": "^3.0.4",
    "@tsclass/tsclass": "^9.3.0",
    "lru-cache": "^11.2.6",
    "uuid": "^13.0.0"
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -24,8 +24,8 @@ importers:
        specifier: ^7.1.0
        version: 7.1.0
      '@design.estate/dees-catalog':
-        specifier: ^3.42.0
-        version: 3.42.0(@tiptap/pm@2.27.2)
+        specifier: ^3.43.0
+        version: 3.43.0(@tiptap/pm@2.27.2)
      '@design.estate/dees-element':
        specifier: ^2.1.6
        version: 2.1.6
@@ -75,8 +75,8 @@ importers:
        specifier: ^4.2.3
        version: 4.2.3
      '@push.rocks/smartproxy':
-        specifier: ^25.7.1
-        version: 25.7.1
+        specifier: ^25.7.3
+        version: 25.7.3
      '@push.rocks/smartradius':
        specifier: ^1.1.1
        version: 1.1.1
@@ -96,8 +96,8 @@ importers:
        specifier: ^5.3.0
        version: 5.3.0
      '@serve.zone/remoteingress':
-        specifier: ^3.0.2
-        version: 3.0.2
+        specifier: ^3.0.4
+        version: 3.0.4
      '@tsclass/tsclass':
        specifier: ^9.3.0
        version: 9.3.0
@@ -351,8 +351,8 @@ packages:
  '@configvault.io/interfaces@1.0.17':
    resolution: {integrity: sha512-bEcCUR2VBDJsTin8HQh8Uw/mlYl2v8A3jMIaQ+MTB9Hrqd6CZL2dL7iJdWyFl/3EIX+LDxWFR+Oq7liIq7w+1Q==}

-  '@design.estate/dees-catalog@3.42.0':
-    resolution: {integrity: sha512-pArkafnrhRsHsSxKUMUM2YP5ei/AbcchPEKZY2PyHHAdXcNxyT3pE2Oh1FPcs1pqF2LpEgJRq8KFQbFhvhp8Nw==}
+  '@design.estate/dees-catalog@3.43.0':
+    resolution: {integrity: sha512-UFW8oThP9Mc4L0wVVgmuGux868Ct/TwZ1WP8hZCe4e/+5gmxDc+4EArnt5hePHENboe1Soobh9mmrMN6kQZ3xQ==}

  '@design.estate/dees-comms@1.0.30':
    resolution: {integrity: sha512-KchMlklJfKAjQiJiR0xmofXtQ27VgZtBIxcMwPE9d+h3jJRv+lPZxzBQVOM0eyM0uS44S5vJMZ11IeV4uDXSHg==}
@@ -681,74 +681,74 @@ packages:
  '@mongodb-js/saslprep@1.4.6':
    resolution: {integrity: sha512-y+x3H1xBZd38n10NZF/rEBlvDOOMQ6LKUTHqr8R9VkJ+mmQOYtJFxIlkkK8fZrtOiL6VixbOBWMbZGBdal3Z1g==}

-  '@napi-rs/canvas-android-arm64@0.1.91':
-    resolution: {integrity: sha512-SLLzXXgSnfct4zy/BVAfweZQkYkPJsNsJ2e5DOE8DFEHC6PufyUrwb12yqeu2So2IOIDpWJJaDAxKY/xpy6MYQ==}
+  '@napi-rs/canvas-android-arm64@0.1.93':
+    resolution: {integrity: sha512-xRIoOPFvneR29Dtq5d9p2AJbijDCFeV4jQ+5Ms/xVAXJVb8R0Jlu+pPr/SkhrG+Mouaml4roPSXugTIeRl6CMA==}
    engines: {node: '>= 10'}
    cpu: [arm64]
    os: [android]

-  '@napi-rs/canvas-darwin-arm64@0.1.91':
-    resolution: {integrity: sha512-bzdbCjIjw3iRuVFL+uxdSoMra/l09ydGNX9gsBxO/zg+5nlppscIpj6gg+nL6VNG85zwUarDleIrUJ+FWHvmuA==}
+  '@napi-rs/canvas-darwin-arm64@0.1.93':
+    resolution: {integrity: sha512-daNDi76HN5grC6GXDmpxdfP+N2mQPd3sCfg62VyHwUuvbZh32P7R/IUjkzAxtYMtTza+Zvx9hfLJ3J7ENL6WMA==}
    engines: {node: '>= 10'}
    cpu: [arm64]
    os: [darwin]

-  '@napi-rs/canvas-darwin-x64@0.1.91':
-    resolution: {integrity: sha512-q3qpkpw0IsG9fAS/dmcGIhCVoNxj8ojbexZKWwz3HwxlEWsLncEQRl4arnxrwbpLc2nTNTyj4WwDn7QR5NDAaA==}
+  '@napi-rs/canvas-darwin-x64@0.1.93':
+    resolution: {integrity: sha512-1YfuNPIQLawsg/gSNdJRk4kQWUy9M/Gy8FGsOI79nhQEJ2PZdqpSPl5UNzf4elfuNXuVbEbmmjP68EQdUunDuQ==}
    engines: {node: '>= 10'}
    cpu: [x64]
    os: [darwin]

-  '@napi-rs/canvas-linux-arm-gnueabihf@0.1.91':
-    resolution: {integrity: sha512-Io3g8wJZVhK8G+Fpg1363BE90pIPqg+ZbeehYNxPWDSzbgwU3xV0l8r/JBzODwC7XHi1RpFEk+xyUTMa2POj6w==}
+  '@napi-rs/canvas-linux-arm-gnueabihf@0.1.93':
+    resolution: {integrity: sha512-8kEkOQPZjuyHjupvXExuJZiuiVNecdABGq3DLI7aO1EvQFOOlWMm2d/8Q5qXdV73Tn+nu3m16+kPajsN1oJefQ==}
    engines: {node: '>= 10'}
    cpu: [arm]
    os: [linux]

-  '@napi-rs/canvas-linux-arm64-gnu@0.1.91':
-    resolution: {integrity: sha512-HBnto+0rxx1bQSl8bCWA9PyBKtlk2z/AI32r3cu4kcNO+M/5SD4b0v1MWBWZyqMQyxFjWgy3ECyDjDKMC6tY1A==}
+  '@napi-rs/canvas-linux-arm64-gnu@0.1.93':
+    resolution: {integrity: sha512-qIKLKkBkYSyWSYAoDThoxf5y1gr4X0g7W8rDU7d2HDeAAcotdVHUwuKkMeNe6+5VNk7/95EIhbslQjSxiCu32g==}
    engines: {node: '>= 10'}
    cpu: [arm64]
    os: [linux]

-  '@napi-rs/canvas-linux-arm64-musl@0.1.91':
-    resolution: {integrity: sha512-/eJtVe2Xw9A86I4kwXpxxoNagdGclu12/NSMsfoL8q05QmeRCbfjhg1PJS7ENAuAvaiUiALGrbVfeY1KU1gztQ==}
+  '@napi-rs/canvas-linux-arm64-musl@0.1.93':
+    resolution: {integrity: sha512-mAwQBGM3qArS9XEO21AK4E1uGvCuUCXjhIZk0dlVvs49MQ6wAAuCkYKNFpSKeSicKrLWwBMfgWX4qZoPh+M00A==}
    engines: {node: '>= 10'}
    cpu: [arm64]
    os: [linux]

-  '@napi-rs/canvas-linux-riscv64-gnu@0.1.91':
-    resolution: {integrity: sha512-floNK9wQuRWevUhhXRcuis7h0zirdytVxPgkonWO+kQlbvxV7gEUHGUFQyq4n55UHYFwgck1SAfJ1HuXv/+ppQ==}
+  '@napi-rs/canvas-linux-riscv64-gnu@0.1.93':
+    resolution: {integrity: sha512-kaIH5MpPzOZfkM+QMsBxGdM9jlJT+N+fwz2IEaju/S+DL65E5TgPOx4QcD5dQ8vsMxlak6uDrudBc4ns5xzZCw==}
    engines: {node: '>= 10'}
    cpu: [riscv64]
    os: [linux]

-  '@napi-rs/canvas-linux-x64-gnu@0.1.91':
-    resolution: {integrity: sha512-c3YDqBdf7KETuZy2AxsHFMsBBX1dWT43yFfWUq+j1IELdgesWtxf/6N7csi3VPf6VA3PmnT9EhMyb+M1wfGtqw==}
+  '@napi-rs/canvas-linux-x64-gnu@0.1.93':
+    resolution: {integrity: sha512-KtMZJqYWvOSeW5w3VSV2f5iGnwNdKJm4gwgVid4xNy1NFi+NJSyuglA1lX1u4wIPxizyxh8OW5c5Usf6oSOMNQ==}
    engines: {node: '>= 10'}
    cpu: [x64]
    os: [linux]

-  '@napi-rs/canvas-linux-x64-musl@0.1.91':
-    resolution: {integrity: sha512-RpZ3RPIwgEcNBHSHSX98adm+4VP8SMT5FN6250s5jQbWpX/XNUX5aLMfAVJS/YnDjS1QlsCgQxFOPU0aCCWgag==}
+  '@napi-rs/canvas-linux-x64-musl@0.1.93':
+    resolution: {integrity: sha512-qRZhOvlDBooRLX6V3/t9X9B+plZK+OrPLgfFixu0A1RO/3VHbubOknfnMnocSDAqk/L6cRyKI83VP2ciR9UO7w==}
    engines: {node: '>= 10'}
    cpu: [x64]
    os: [linux]

-  '@napi-rs/canvas-win32-arm64-msvc@0.1.91':
-    resolution: {integrity: sha512-gF8MBp4X134AgVurxqlCdDA2qO0WaDdi9o6Sd5rWRVXRhWhYQ6wkdEzXNLIrmmros0Tsp2J0hQzx4ej/9O8trQ==}
+  '@napi-rs/canvas-win32-arm64-msvc@0.1.93':
+    resolution: {integrity: sha512-um5XE44vF8bjkQEsH2iRSUP9fDeQGYbn/qjM/v4whXG83qsqapAXlOPOQqSARZB1SiNvPUAuXoRsJLlKFmAEFw==}
    engines: {node: '>= 10'}
    cpu: [arm64]
    os: [win32]

-  '@napi-rs/canvas-win32-x64-msvc@0.1.91':
-    resolution: {integrity: sha512-++gtW9EV/neKI8TshD8WFxzBYALSPag2kFRahIJV+LYsyt5kBn21b1dBhEUDHf7O+wiZmuFCeUa7QKGHnYRZBA==}
+  '@napi-rs/canvas-win32-x64-msvc@0.1.93':
+    resolution: {integrity: sha512-maHlizZgmKsAPJwjwBZMnsWfq3Ca9QutoteQwKe7YqsmbECoylrLCCOGCDOredstW4BRWqRTfCl6NJaVVeAQvQ==}
    engines: {node: '>= 10'}
    cpu: [x64]
    os: [win32]

-  '@napi-rs/canvas@0.1.91':
-    resolution: {integrity: sha512-eeIe1GoB74P1B0Nkw6pV8BCQ3hfCfvyYr4BntzlCsnFXzVJiPMDnLeIx3gVB0xQMblHYnjK/0nCLvirEhOjr5g==}
+  '@napi-rs/canvas@0.1.93':
+    resolution: {integrity: sha512-unVFo8CUlUeJCCxt50+j4yy91NF4x6n9zdGcvEsOFAWzowtZm3mgx8X2D7xjwV0cFSfxmpGPoe+JS77uzeFsxg==}
    engines: {node: '>= 10'}

  '@napi-rs/wasm-runtime@1.0.7':
@@ -1034,8 +1034,8 @@ packages:
  '@push.rocks/smartpromise@4.2.3':
    resolution: {integrity: sha512-Ycg/TJR+tMt+S3wSFurOpEoW6nXv12QBtKXgBcjMZ4RsdO28geN46U09osPn9N9WuwQy1PkmTV5J/V4F9U8qEw==}

-  '@push.rocks/smartproxy@25.7.1':
-    resolution: {integrity: sha512-1cVXDID/ZUx/vrgriSDUe+kya3n/efJeIVzGWJGL0z9z6DD8Wym74Z6VRl4aMXtN2pBUnAfU8InKAjCkQGqXRw==}
+  '@push.rocks/smartproxy@25.7.3':
+    resolution: {integrity: sha512-9b5dwsLAhuDqnJptGBum4qBHlZwZPqPG3CJKxAwE3uFKjCmcE8qGDwodI0CjrQ7KW2PJ1BMq/Lk4ghs3Da6PWw==}

  '@push.rocks/smartpuppeteer@2.0.5':
    resolution: {integrity: sha512-yK/qSeWVHIGWRp3c8S5tfdGP6WCKllZC4DR8d8CQlEjszOSBmHtlTdyyqOMBZ/BA4kd+eU5f3A1r4K2tGYty1g==}
@@ -1340,8 +1340,8 @@ packages:
  '@serve.zone/interfaces@5.3.0':
    resolution: {integrity: sha512-venO7wtDR9ixzD9NhdERBGjNKbFA5LL0yHw4eqGh0UpmvtXVc3SFG0uuHDilOKMZqZ8bttV88qVsFy1aSTJrtA==}

-  '@serve.zone/remoteingress@3.0.2':
-    resolution: {integrity: sha512-FnwNVO0Dn9xuNv0t81u6pjCizSeCyMjkRKm6wN5qycCdGFoJmFbBamHqV01KtK1KcgDTd7LX+PowSqKReNrBGw==}
+  '@serve.zone/remoteingress@3.0.4':
+    resolution: {integrity: sha512-ZD66Y8fvW7SjealziOlhaC7+Y/3gxQkZlj/X8rxgVHmGhlc/YQtn6H6LNVazbM88BXK5ns004Qo6ongAB6Ho0Q==}

  '@sindresorhus/is@5.6.0':
    resolution: {integrity: sha512-TV7t8GKYaJWsn00tFDqBw8+Uqmr8A0fRU1tvTQhyZzGv0sJCGRQL3JGMI3ucuKo3XIZdUP+Lx7/gh2t3lewy7g==}
@@ -1566,31 +1566,6 @@ packages:
  '@socket.io/component-emitter@3.1.2':
    resolution: {integrity: sha512-9BCxFwvbGg/RsZK9tjXd8s4UcwR0MWeFQ1XEKIQVVvAGJyINdrqKMcTRyLoK8Rse1GjzLV9cwjWV1olXRWEXVA==}

-  '@svgdotjs/svg.draggable.js@3.0.6':
-    resolution: {integrity: sha512-7iJFm9lL3C40HQcqzEfezK2l+dW2CpoVY3b77KQGqc8GXWa6LhhmX5Ckv7alQfUXBuZbjpICZ+Dvq1czlGx7gA==}
-    peerDependencies:
-      '@svgdotjs/svg.js': ^3.2.4
-
-  '@svgdotjs/svg.filter.js@3.0.9':
-    resolution: {integrity: sha512-/69XMRCDoam2HgC4ldHIaDgeQf1ViHIsa0Ld4uWgiXtZ+E24DWHe/9Ib6kbNiZ7WRIdlVokUDR1Fg0kjIpkfbw==}
-    engines: {node: '>= 0.8.0'}
-
-  '@svgdotjs/svg.js@3.2.5':
-    resolution: {integrity: sha512-/VNHWYhNu+BS7ktbYoVGrCmsXDh+chFMaONMwGNdIBcFHrWqk2jY8fNyr3DLdtQUIalvkPfM554ZSFa3dm3nxQ==}
-
-  '@svgdotjs/svg.resize.js@2.0.5':
-    resolution: {integrity: sha512-4heRW4B1QrJeENfi7326lUPYBCevj78FJs8kfeDxn5st0IYPIRXoTtOSYvTzFWgaWWXd3YCDE6ao4fmv91RthA==}
-    engines: {node: '>= 14.18'}
-    peerDependencies:
-      '@svgdotjs/svg.js': ^3.2.4
-      '@svgdotjs/svg.select.js': ^4.0.1
-
-  '@svgdotjs/svg.select.js@4.0.3':
-    resolution: {integrity: sha512-qkMgso1sd2hXKd1FZ1weO7ANq12sNmQJeGDjs46QwDVsxSRcHmvWKL2NDF7Yimpwf3sl5esOLkPqtV2bQ3v/Jg==}
-    engines: {node: '>= 14.18'}
-    peerDependencies:
-      '@svgdotjs/svg.js': ^3.2.4
-
  '@szmarczak/http-timer@5.0.1':
    resolution: {integrity: sha512-+PmQX0PiAYPMeVYe237LJAYvOMYW1j2rH5YROyS3b4CTVJum34HfRvKvAzozHAQG0TnHNdUfY9nCeUyRAs//cw==}
    engines: {node: '>=14.16'}
@@ -1991,8 +1966,8 @@ packages:
    resolution: {integrity: sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==}
    engines: {node: '>=12'}

-  apexcharts@5.3.6:
-    resolution: {integrity: sha512-sVEPw+J0Gp0IHQabKu8cfdsxlfME0e36Wid7RIaPclGM2OUt+O7O4+6mfAmTUYhy5bDk8cNHzEhPfVtLCIXEJA==}
+  apexcharts@5.6.0:
+    resolution: {integrity: sha512-BZua59yedRsaDfnxkzNrkyLCvluq2c3ZDBIz4joxSKtgr0xDQXQ5dzceMhf/TpTbAjaF+2NYIpLP3BEEIG2s/w==}

  argparse@1.0.10:
    resolution: {integrity: sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==}
@@ -3044,8 +3019,8 @@ packages:
    resolution: {integrity: sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==}
    engines: {node: '>=12'}

-  lucide@0.563.0:
-    resolution: {integrity: sha512-2zBzDJ5n2Plj3d0ksj6h9TWPOSiKu9gtxJxnBAye11X/8gfWied6IYJn6ADYBp1NPoJmgpyOYP3wMrVx69+2AA==}
+  lucide@0.564.0:
+    resolution: {integrity: sha512-FasyXKHWon773WIl3HeCQpd5xS6E0aLjqxiQStlHNKktni+HDncc1sqY+6vRUbCfmDsIaKQz43EEQLAUDLZO0g==}

  mailparser@3.9.3:
    resolution: {integrity: sha512-AnB0a3zROum6fLaa52L+/K2SoRJVyFDk78Ea6q1D0ofcZLxWEWDtsS1+OrVqKbV7r5dulKL/AwYQccFGAPpuYQ==}
@@ -3608,8 +3583,8 @@ packages:
  property-information@7.1.0:
    resolution: {integrity: sha512-TwEZ+X+yCJmYfL7TPUOcvBZ4QfoT5YenQiJuX//0th53DE6w0xxLEtfK3iyryQFddXuvkIk51EEgrJQ0WJkOmQ==}

-  prosemirror-changeset@2.3.1:
-    resolution: {integrity: sha512-j0kORIBm8ayJNl3zQvD1TTPHJX3g042et6y/KQhZhnPrruO8exkTgG8X+NRpj7kIyMMEx74Xb3DyMIBtO0IKkQ==}
+  prosemirror-changeset@2.4.0:
+    resolution: {integrity: sha512-LvqH2v7Q2SF6yxatuPP2e8vSUKS/L+xAU7dPDC4RMyHMhZoGDfBC74mYuyYF4gLqOEG758wajtyhNnsTkuhvng==}

  prosemirror-collab@1.3.1:
    resolution: {integrity: sha512-4SnynYR9TTYaQVXd/ieUvsVV4PDMBzrq2xPUWutHivDuOshZXqQ5rGbZM84HEaXKbLdItse7weMGOUdDVcLKEQ==}
@@ -3635,8 +3610,8 @@ packages:
  prosemirror-markdown@1.13.4:
    resolution: {integrity: sha512-D98dm4cQ3Hs6EmjK500TdAOew4Z03EV71ajEFiWra3Upr7diytJsjF4mPV2dW+eK5uNectiRj0xFxYI9NLXDbw==}

-  prosemirror-menu@1.2.5:
-    resolution: {integrity: sha512-qwXzynnpBIeg1D7BAtjOusR+81xCp53j7iWu/IargiRZqRjGIlQuu1f3jFi+ehrHhWMLoyOQTSRx/IWZJqOYtQ==}
+  prosemirror-menu@1.3.0:
+    resolution: {integrity: sha512-TImyPXCHPcDsSka2/lwJ6WjTASr4re/qWq1yoTTuLOqfXucwF6VcRa2LWCkM/EyTD1UO3CUwiH8qURJoWJRxwg==}

  prosemirror-model@1.25.4:
    resolution: {integrity: sha512-PIM7E43PBxKce8OQeezAs9j4TP+5yDpZVbuurd1h5phUxEKIu+G2a+EUZzIC5nS1mJktDJWzbqS23n1tsAf5QA==}
@@ -4272,11 +4247,13 @@ packages:

  xterm-addon-fit@0.8.0:
    resolution: {integrity: sha512-yj3Np7XlvxxhYF/EJ7p3KHaMt6OdwQ+HDu573Vx1lRXsVxOcnVJs51RgjZOouIZOczTsskaS+CpXspK81/DLqw==}
+    deprecated: This package is now deprecated. Move to @xterm/addon-fit instead.
    peerDependencies:
      xterm: ^5.0.0

  xterm@5.3.0:
    resolution: {integrity: sha512-8QqjlekLUFTrU6x7xck1MsPzPA571K5zNqWm0M0oroYEWVOptZ0+ubQSkQ3uxIEhcIHRujJy6emDWX4A7qyFzg==}
+    deprecated: This package is now deprecated. Move to @xterm/xterm instead.

  y18n@5.0.8:
    resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==}
@@ -4388,7 +4365,7 @@ snapshots:
      '@api.global/typedrequest-interfaces': 3.0.19
      '@api.global/typedsocket': 4.1.0(@push.rocks/smartserve@2.0.1)
      '@cloudflare/workers-types': 4.20260210.0
-      '@design.estate/dees-catalog': 3.42.0(@tiptap/pm@2.27.2)
+      '@design.estate/dees-catalog': 3.43.0(@tiptap/pm@2.27.2)
      '@design.estate/dees-comms': 1.0.30
      '@push.rocks/lik': 6.2.2
      '@push.rocks/smartdelay': 3.0.5
@@ -4986,7 +4963,7 @@ snapshots:
    dependencies:
      '@api.global/typedrequest-interfaces': 3.0.19

-  '@design.estate/dees-catalog@3.42.0(@tiptap/pm@2.27.2)':
+  '@design.estate/dees-catalog@3.43.0(@tiptap/pm@2.27.2)':
    dependencies:
      '@design.estate/dees-domtools': 2.3.8
      '@design.estate/dees-element': 2.1.6
@@ -5006,10 +4983,10 @@ snapshots:
      '@tiptap/extension-underline': 2.27.2(@tiptap/core@2.27.2(@tiptap/pm@2.27.2))
      '@tiptap/starter-kit': 2.27.2
      '@tsclass/tsclass': 9.3.0
-      apexcharts: 5.3.6
+      apexcharts: 5.6.0
      highlight.js: 11.11.1
      ibantools: 4.5.1
-      lucide: 0.563.0
+      lucide: 0.564.0
      monaco-editor: 0.55.1
      pdfjs-dist: 4.10.38
      xterm: 5.3.0
@@ -5495,52 +5472,52 @@ snapshots:
    dependencies:
      sparse-bitfield: 3.0.3

-  '@napi-rs/canvas-android-arm64@0.1.91':
+  '@napi-rs/canvas-android-arm64@0.1.93':
    optional: true

-  '@napi-rs/canvas-darwin-arm64@0.1.91':
+  '@napi-rs/canvas-darwin-arm64@0.1.93':
    optional: true

-  '@napi-rs/canvas-darwin-x64@0.1.91':
+  '@napi-rs/canvas-darwin-x64@0.1.93':
    optional: true

-  '@napi-rs/canvas-linux-arm-gnueabihf@0.1.91':
+  '@napi-rs/canvas-linux-arm-gnueabihf@0.1.93':
    optional: true

-  '@napi-rs/canvas-linux-arm64-gnu@0.1.91':
+  '@napi-rs/canvas-linux-arm64-gnu@0.1.93':
    optional: true

-  '@napi-rs/canvas-linux-arm64-musl@0.1.91':
+  '@napi-rs/canvas-linux-arm64-musl@0.1.93':
    optional: true

-  '@napi-rs/canvas-linux-riscv64-gnu@0.1.91':
+  '@napi-rs/canvas-linux-riscv64-gnu@0.1.93':
    optional: true

-  '@napi-rs/canvas-linux-x64-gnu@0.1.91':
+  '@napi-rs/canvas-linux-x64-gnu@0.1.93':
    optional: true

-  '@napi-rs/canvas-linux-x64-musl@0.1.91':
+  '@napi-rs/canvas-linux-x64-musl@0.1.93':
    optional: true

-  '@napi-rs/canvas-win32-arm64-msvc@0.1.91':
+  '@napi-rs/canvas-win32-arm64-msvc@0.1.93':
    optional: true

-  '@napi-rs/canvas-win32-x64-msvc@0.1.91':
+  '@napi-rs/canvas-win32-x64-msvc@0.1.93':
    optional: true

-  '@napi-rs/canvas@0.1.91':
+  '@napi-rs/canvas@0.1.93':
    optionalDependencies:
-      '@napi-rs/canvas-android-arm64': 0.1.91
-      '@napi-rs/canvas-darwin-arm64': 0.1.91
-      '@napi-rs/canvas-darwin-x64': 0.1.91
-      '@napi-rs/canvas-linux-arm-gnueabihf': 0.1.91
-      '@napi-rs/canvas-linux-arm64-gnu': 0.1.91
-      '@napi-rs/canvas-linux-arm64-musl': 0.1.91
-      '@napi-rs/canvas-linux-riscv64-gnu': 0.1.91
-      '@napi-rs/canvas-linux-x64-gnu': 0.1.91
-      '@napi-rs/canvas-linux-x64-musl': 0.1.91
-      '@napi-rs/canvas-win32-arm64-msvc': 0.1.91
-      '@napi-rs/canvas-win32-x64-msvc': 0.1.91
+      '@napi-rs/canvas-android-arm64': 0.1.93
+      '@napi-rs/canvas-darwin-arm64': 0.1.93
+      '@napi-rs/canvas-darwin-x64': 0.1.93
+      '@napi-rs/canvas-linux-arm-gnueabihf': 0.1.93
+      '@napi-rs/canvas-linux-arm64-gnu': 0.1.93
+      '@napi-rs/canvas-linux-arm64-musl': 0.1.93
+      '@napi-rs/canvas-linux-riscv64-gnu': 0.1.93
+      '@napi-rs/canvas-linux-x64-gnu': 0.1.93
+      '@napi-rs/canvas-linux-x64-musl': 0.1.93
+      '@napi-rs/canvas-win32-arm64-msvc': 0.1.93
+      '@napi-rs/canvas-win32-x64-msvc': 0.1.93
    optional: true

  '@napi-rs/wasm-runtime@1.0.7':
@@ -6375,7 +6352,7 @@ snapshots:

  '@push.rocks/smartpromise@4.2.3': {}

-  '@push.rocks/smartproxy@25.7.1':
+  '@push.rocks/smartproxy@25.7.3':
    dependencies:
      '@push.rocks/smartcrypto': 2.0.4
      '@push.rocks/smartlog': 3.1.11
@@ -6853,7 +6830,7 @@ snapshots:
      '@push.rocks/smartlog-interfaces': 3.0.2
      '@tsclass/tsclass': 9.3.0

-  '@serve.zone/remoteingress@3.0.2':
+  '@serve.zone/remoteingress@3.0.4':
    dependencies:
      '@push.rocks/qenv': 6.1.3
      '@push.rocks/smartrust': 1.2.1
@@ -7200,25 +7177,6 @@ snapshots:

  '@socket.io/component-emitter@3.1.2': {}

-  '@svgdotjs/svg.draggable.js@3.0.6(@svgdotjs/svg.js@3.2.5)':
-    dependencies:
-      '@svgdotjs/svg.js': 3.2.5
-
-  '@svgdotjs/svg.filter.js@3.0.9':
-    dependencies:
-      '@svgdotjs/svg.js': 3.2.5
-
-  '@svgdotjs/svg.js@3.2.5': {}
-
-  '@svgdotjs/svg.resize.js@2.0.5(@svgdotjs/svg.js@3.2.5)(@svgdotjs/svg.select.js@4.0.3(@svgdotjs/svg.js@3.2.5))':
-    dependencies:
-      '@svgdotjs/svg.js': 3.2.5
-      '@svgdotjs/svg.select.js': 4.0.3(@svgdotjs/svg.js@3.2.5)
-
-  '@svgdotjs/svg.select.js@4.0.3(@svgdotjs/svg.js@3.2.5)':
-    dependencies:
-      '@svgdotjs/svg.js': 3.2.5
-
  '@szmarczak/http-timer@5.0.1':
    dependencies:
      defer-to-connect: 2.0.1
@@ -7334,7 +7292,7 @@ snapshots:

  '@tiptap/pm@2.27.2':
    dependencies:
-      prosemirror-changeset: 2.3.1
+      prosemirror-changeset: 2.4.0
      prosemirror-collab: 1.3.1
      prosemirror-commands: 1.7.1
      prosemirror-dropcursor: 1.8.2
@@ -7343,7 +7301,7 @@ snapshots:
      prosemirror-inputrules: 1.5.1
      prosemirror-keymap: 1.2.3
      prosemirror-markdown: 1.13.4
-      prosemirror-menu: 1.2.5
+      prosemirror-menu: 1.3.0
      prosemirror-model: 1.25.4
      prosemirror-schema-basic: 1.2.4
      prosemirror-schema-list: 1.5.1
@@ -7647,13 +7605,8 @@ snapshots:

  ansi-styles@6.2.3: {}

-  apexcharts@5.3.6:
+  apexcharts@5.6.0:
    dependencies:
-      '@svgdotjs/svg.draggable.js': 3.0.6(@svgdotjs/svg.js@3.2.5)
-      '@svgdotjs/svg.filter.js': 3.0.9
-      '@svgdotjs/svg.js': 3.2.5
-      '@svgdotjs/svg.resize.js': 2.0.5(@svgdotjs/svg.js@3.2.5)(@svgdotjs/svg.select.js@4.0.3(@svgdotjs/svg.js@3.2.5))
-      '@svgdotjs/svg.select.js': 4.0.3(@svgdotjs/svg.js@3.2.5)
      '@yr/monotone-cubic-spline': 1.0.3

  argparse@1.0.10:
@@ -8809,7 +8762,7 @@ snapshots:

  lru-cache@7.18.3: {}

-  lucide@0.563.0: {}
+  lucide@0.564.0: {}

  mailparser@3.9.3:
    dependencies:
@@ -9474,7 +9427,7 @@ snapshots:

  pdfjs-dist@4.10.38:
    optionalDependencies:
-      '@napi-rs/canvas': 0.1.91
+      '@napi-rs/canvas': 0.1.93

  peberminta@0.9.0: {}

@@ -9513,7 +9466,7 @@ snapshots:

  property-information@7.1.0: {}

-  prosemirror-changeset@2.3.1:
+  prosemirror-changeset@2.4.0:
    dependencies:
      prosemirror-transform: 1.11.0

@@ -9563,7 +9516,7 @@ snapshots:
      markdown-it: 14.1.1
      prosemirror-model: 1.25.4

-  prosemirror-menu@1.2.5:
+  prosemirror-menu@1.3.0:
    dependencies:
      crelt: 1.0.6
      prosemirror-commands: 1.7.1
--- a/ts/00_commitinfo_data.ts
+++ b/ts/00_commitinfo_data.ts
@@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@serve.zone/dcrouter',
-  version: '6.4.2',
+  version: '6.10.0',
  description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }
--- a/ts/classes.dcrouter.ts
+++ b/ts/classes.dcrouter.ts
@@ -955,10 +955,15 @@ export class DcRouter {
    
    // Update configuration
    this.options.smartProxyConfig = config;
-    
+
+    // Update routes on RemoteIngressManager so derived ports stay in sync
+    if (this.remoteIngressManager && config.routes) {
+      this.remoteIngressManager.setRoutes(config.routes as any[]);
+    }
+
    // Start new SmartProxy with updated configuration (will include email routes if configured)
    await this.setupSmartProxy();
-    
+
    console.log('SmartProxy configuration updated');
  }
  
@@ -1587,6 +1592,10 @@ export class DcRouter {
    this.remoteIngressManager = new RemoteIngressManager(this.storageManager);
    await this.remoteIngressManager.initialize();

+    // Pass current routes so the manager can derive edge ports from remoteIngress-tagged routes
+    const currentRoutes = this.options.smartProxyConfig?.routes || [];
+    this.remoteIngressManager.setRoutes(currentRoutes as any[]);
+
    // Create and start the tunnel manager
    this.tunnelManager = new TunnelManager(this.remoteIngressManager, {
      tunnelPort: this.options.remoteIngressConfig.tunnelPort ?? 8443,
--- a/ts/opsserver/handlers/certificate.handler.ts
+++ b/ts/opsserver/handlers/certificate.handler.ts
@@ -42,6 +42,36 @@ export class CertificateHandler {
        }
      )
    );
+
+    // Delete certificate
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DeleteCertificate>(
+        'deleteCertificate',
+        async (dataArg) => {
+          return this.deleteCertificate(dataArg.domain);
+        }
+      )
+    );
+
+    // Export certificate
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ExportCertificate>(
+        'exportCertificate',
+        async (dataArg) => {
+          return this.exportCertificate(dataArg.domain);
+        }
+      )
+    );
+
+    // Import certificate
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ImportCertificate>(
+        'importCertificate',
+        async (dataArg) => {
+          return this.importCertificate(dataArg.cert);
+        }
+      )
+    );
  }

  /**
@@ -324,4 +354,154 @@ export class CertificateHandler {

    return { success: false, message: `No routes found for domain '${domain}'` };
  }
+
+  /**
+   * Delete certificate data for a domain from storage
+   */
+  private async deleteCertificate(domain: string): Promise<{ success: boolean; message?: string }> {
+    const dcRouter = this.opsServerRef.dcRouterRef;
+    const cleanDomain = domain.replace(/^\*\.?/, '');
+
+    // Delete from all known storage paths
+    const paths = [
+      `/proxy-certs/${domain}`,
+      `/proxy-certs/${cleanDomain}`,
+      `/certs/${cleanDomain}`,
+    ];
+
+    for (const path of paths) {
+      try {
+        await dcRouter.storageManager.delete(path);
+      } catch {
+        // Path may not exist — ignore
+      }
+    }
+
+    // Clear from in-memory status map
+    dcRouter.certificateStatusMap.delete(domain);
+
+    // Clear backoff info
+    if (dcRouter.certProvisionScheduler) {
+      await dcRouter.certProvisionScheduler.clearBackoff(domain);
+    }
+
+    return { success: true, message: `Certificate data deleted for '${domain}'` };
+  }
+
+  /**
+   * Export certificate data for a domain as ICert-shaped JSON
+   */
+  private async exportCertificate(domain: string): Promise<{
+    success: boolean;
+    cert?: {
+      id: string;
+      domainName: string;
+      created: number;
+      validUntil: number;
+      privateKey: string;
+      publicKey: string;
+      csr: string;
+    };
+    message?: string;
+  }> {
+    const dcRouter = this.opsServerRef.dcRouterRef;
+    const cleanDomain = domain.replace(/^\*\.?/, '');
+
+    // Try SmartAcme /certs/ path first (has full ICert fields)
+    let certData = await dcRouter.storageManager.getJSON(`/certs/${cleanDomain}`);
+    if (certData && certData.publicKey && certData.privateKey) {
+      return {
+        success: true,
+        cert: {
+          id: certData.id || plugins.crypto.randomUUID(),
+          domainName: certData.domainName || domain,
+          created: certData.created || Date.now(),
+          validUntil: certData.validUntil || 0,
+          privateKey: certData.privateKey,
+          publicKey: certData.publicKey,
+          csr: certData.csr || '',
+        },
+      };
+    }
+
+    // Fallback: try /proxy-certs/ with original domain
+    certData = await dcRouter.storageManager.getJSON(`/proxy-certs/${domain}`);
+    if (!certData || !certData.publicKey) {
+      // Try with clean domain
+      certData = await dcRouter.storageManager.getJSON(`/proxy-certs/${cleanDomain}`);
+    }
+
+    if (certData && certData.publicKey && certData.privateKey) {
+      return {
+        success: true,
+        cert: {
+          id: plugins.crypto.randomUUID(),
+          domainName: domain,
+          created: certData.validFrom || Date.now(),
+          validUntil: certData.validUntil || 0,
+          privateKey: certData.privateKey,
+          publicKey: certData.publicKey,
+          csr: '',
+        },
+      };
+    }
+
+    return { success: false, message: `No certificate data found for '${domain}'` };
+  }
+
+  /**
+   * Import a certificate from ICert-shaped JSON
+   */
+  private async importCertificate(cert: {
+    id: string;
+    domainName: string;
+    created: number;
+    validUntil: number;
+    privateKey: string;
+    publicKey: string;
+    csr: string;
+  }): Promise<{ success: boolean; message?: string }> {
+    // Validate PEM content
+    if (!cert.publicKey || !cert.publicKey.includes('-----BEGIN CERTIFICATE-----')) {
+      return { success: false, message: 'Invalid publicKey: must contain a PEM-encoded certificate' };
+    }
+    if (!cert.privateKey || !cert.privateKey.includes('-----BEGIN')) {
+      return { success: false, message: 'Invalid privateKey: must contain a PEM-encoded key' };
+    }
+
+    const dcRouter = this.opsServerRef.dcRouterRef;
+    const cleanDomain = cert.domainName.replace(/^\*\.?/, '');
+
+    // Save to /certs/ (SmartAcme-compatible path)
+    await dcRouter.storageManager.setJSON(`/certs/${cleanDomain}`, {
+      id: cert.id,
+      domainName: cert.domainName,
+      created: cert.created,
+      validUntil: cert.validUntil,
+      privateKey: cert.privateKey,
+      publicKey: cert.publicKey,
+      csr: cert.csr || '',
+    });
+
+    // Also save to /proxy-certs/ (proxy-cert format)
+    await dcRouter.storageManager.setJSON(`/proxy-certs/${cert.domainName}`, {
+      domain: cert.domainName,
+      publicKey: cert.publicKey,
+      privateKey: cert.privateKey,
+      ca: undefined,
+      validUntil: cert.validUntil,
+      validFrom: cert.created,
+    });
+
+    // Update in-memory status map
+    dcRouter.certificateStatusMap.set(cert.domainName, {
+      status: 'valid',
+      source: 'static',
+      expiryDate: cert.validUntil ? new Date(cert.validUntil).toISOString() : undefined,
+      issuedAt: cert.created ? new Date(cert.created).toISOString() : undefined,
+      routeNames: [],
+    });
+
+    return { success: true, message: `Certificate imported for '${cert.domainName}'` };
+  }
 }
--- a/ts/opsserver/handlers/remoteingress.handler.ts
+++ b/ts/opsserver/handlers/remoteingress.handler.ts
@@ -20,11 +20,17 @@ export class RemoteIngressHandler {
          if (!manager) {
            return { edges: [] };
          }
-          // Return edges without secrets
-          const edges = manager.getAllEdges().map((e) => ({
-            ...e,
-            secret: '********', // Never expose secrets via API
-          }));
+          // Return edges without secrets, enriched with effective listen ports and breakdown
+          const edges = manager.getAllEdges().map((e) => {
+            const breakdown = manager.getPortBreakdown(e);
+            return {
+              ...e,
+              secret: '********', // Never expose secrets via API
+              effectiveListenPorts: manager.getEffectiveListenPorts(e),
+              manualPorts: breakdown.manual,
+              derivedPorts: breakdown.derived,
+            };
+          });
          return { edges };
        },
      ),
@@ -47,8 +53,9 @@ export class RemoteIngressHandler {

          const edge = await manager.createEdge(
            dataArg.name,
-            dataArg.listenPorts,
+            dataArg.listenPorts || [],
            dataArg.tags,
+            dataArg.autoDerivePorts ?? true,
          );

          // Sync allowed edges with the hub
@@ -101,6 +108,7 @@ export class RemoteIngressHandler {
          const edge = await manager.updateEdge(dataArg.id, {
            name: dataArg.name,
            listenPorts: dataArg.listenPorts,
+            autoDerivePorts: dataArg.autoDerivePorts,
            enabled: dataArg.enabled,
            tags: dataArg.tags,
          });
@@ -114,7 +122,17 @@ export class RemoteIngressHandler {
            await tunnelManager.syncAllowedEdges();
          }

-          return { success: true, edge: { ...edge, secret: '********' } };
+          const breakdown = manager.getPortBreakdown(edge);
+          return {
+            success: true,
+            edge: {
+              ...edge,
+              secret: '********',
+              effectiveListenPorts: manager.getEffectiveListenPorts(edge),
+              manualPorts: breakdown.manual,
+              derivedPorts: breakdown.derived,
+            },
+          };
        },
      ),
    );
--- a/ts/remoteingress/classes.remoteingress-manager.ts
+++ b/ts/remoteingress/classes.remoteingress-manager.ts
@@ -1,9 +1,30 @@
 import * as plugins from '../plugins.js';
 import type { StorageManager } from '../storage/classes.storagemanager.js';
-import type { IRemoteIngress } from '../../ts_interfaces/data/remoteingress.js';
+import type { IRemoteIngress, IDcRouterRouteConfig } from '../../ts_interfaces/data/remoteingress.js';

 const STORAGE_PREFIX = '/remote-ingress/';

+/**
+ * Flatten a port range (number | number[] | Array<{from, to}>) to a sorted unique number array.
+ */
+function extractPorts(portRange: number | number[] | Array<{ from: number; to: number }>): number[] {
+  const ports = new Set<number>();
+  if (typeof portRange === 'number') {
+    ports.add(portRange);
+  } else if (Array.isArray(portRange)) {
+    for (const entry of portRange) {
+      if (typeof entry === 'number') {
+        ports.add(entry);
+      } else if (typeof entry === 'object' && 'from' in entry && 'to' in entry) {
+        for (let p = entry.from; p <= entry.to; p++) {
+          ports.add(p);
+        }
+      }
+    }
+  }
+  return [...ports].sort((a, b) => a - b);
+}
+
 /**
 * Manages CRUD for remote ingress edge registrations.
 * Persists edge configs via StorageManager and provides
@@ -12,6 +33,7 @@ const STORAGE_PREFIX = '/remote-ingress/';
 export class RemoteIngressManager {
  private storageManager: StorageManager;
  private edges: Map<string, IRemoteIngress> = new Map();
+  private routes: IDcRouterRouteConfig[] = [];

  constructor(storageManager: StorageManager) {
    this.storageManager = storageManager;
@@ -25,18 +47,87 @@ export class RemoteIngressManager {
    for (const key of keys) {
      const edge = await this.storageManager.getJSON<IRemoteIngress>(key);
      if (edge) {
+        // Migration: old edges without autoDerivePorts default to true
+        if ((edge as any).autoDerivePorts === undefined) {
+          edge.autoDerivePorts = true;
+          await this.storageManager.setJSON(key, edge);
+        }
        this.edges.set(edge.id, edge);
      }
    }
  }

+  /**
+   * Store the current route configs for port derivation.
+   */
+  public setRoutes(routes: IDcRouterRouteConfig[]): void {
+    this.routes = routes;
+  }
+
+  /**
+   * Derive listen ports for an edge from routes tagged with remoteIngress.enabled.
+   * When a route specifies edgeFilter, only edges whose id or tags match get that route's ports.
+   * When edgeFilter is absent, the route applies to all edges.
+   */
+  public derivePortsForEdge(edgeId: string, edgeTags?: string[]): number[] {
+    const ports = new Set<number>();
+
+    for (const route of this.routes) {
+      if (!route.remoteIngress?.enabled) continue;
+
+      // Apply edge filter if present
+      const filter = route.remoteIngress.edgeFilter;
+      if (filter && filter.length > 0) {
+        const idMatch = filter.includes(edgeId);
+        const tagMatch = edgeTags?.some((tag) => filter.includes(tag)) ?? false;
+        if (!idMatch && !tagMatch) continue;
+      }
+
+      // Extract ports from the route match
+      if (route.match?.ports) {
+        for (const p of extractPorts(route.match.ports)) {
+          ports.add(p);
+        }
+      }
+    }
+
+    return [...ports].sort((a, b) => a - b);
+  }
+
+  /**
+   * Get the effective listen ports for an edge.
+   * Manual ports are always included. Auto-derived ports are added (union) when autoDerivePorts is true.
+   */
+  public getEffectiveListenPorts(edge: IRemoteIngress): number[] {
+    const manualPorts = edge.listenPorts || [];
+    const shouldDerive = edge.autoDerivePorts !== false;
+    if (!shouldDerive) return [...manualPorts].sort((a, b) => a - b);
+    const derivedPorts = this.derivePortsForEdge(edge.id, edge.tags);
+    return [...new Set([...manualPorts, ...derivedPorts])].sort((a, b) => a - b);
+  }
+
+  /**
+   * Get manual and derived port breakdown for an edge (used in API responses).
+   * Derived ports exclude any ports already present in the manual list.
+   */
+  public getPortBreakdown(edge: IRemoteIngress): { manual: number[]; derived: number[] } {
+    const manual = edge.listenPorts || [];
+    const shouldDerive = edge.autoDerivePorts !== false;
+    if (!shouldDerive) return { manual, derived: [] };
+    const manualSet = new Set(manual);
+    const allDerived = this.derivePortsForEdge(edge.id, edge.tags);
+    const derived = allDerived.filter((p) => !manualSet.has(p));
+    return { manual, derived };
+  }
+
  /**
   * Create a new edge registration.
   */
  public async createEdge(
    name: string,
-    listenPorts: number[],
+    listenPorts: number[] = [],
    tags?: string[],
+    autoDerivePorts: boolean = true,
  ): Promise<IRemoteIngress> {
    const id = plugins.uuid.v4();
    const secret = plugins.crypto.randomBytes(32).toString('hex');
@@ -48,6 +139,7 @@ export class RemoteIngressManager {
      secret,
      listenPorts,
      enabled: true,
+      autoDerivePorts,
      tags: tags || [],
      createdAt: now,
      updatedAt: now,
@@ -80,6 +172,7 @@ export class RemoteIngressManager {
    updates: {
      name?: string;
      listenPorts?: number[];
+      autoDerivePorts?: boolean;
      enabled?: boolean;
      tags?: string[];
    },
@@ -91,6 +184,7 @@ export class RemoteIngressManager {

    if (updates.name !== undefined) edge.name = updates.name;
    if (updates.listenPorts !== undefined) edge.listenPorts = updates.listenPorts;
+    if (updates.autoDerivePorts !== undefined) edge.autoDerivePorts = updates.autoDerivePorts;
    if (updates.enabled !== undefined) edge.enabled = updates.enabled;
    if (updates.tags !== undefined) edge.tags = updates.tags;
    edge.updatedAt = Date.now();
--- a/ts_interfaces/data/remoteingress.ts
+++ b/ts_interfaces/data/remoteingress.ts
@@ -1,3 +1,5 @@
+import type { IRouteConfig } from '@push.rocks/smartproxy';
+
 /**
 * A stored remote ingress edge registration.
 */
@@ -7,9 +9,17 @@ export interface IRemoteIngress {
  secret: string;
  listenPorts: number[];
  enabled: boolean;
+  /** Whether to auto-derive ports from remoteIngress-tagged routes. Defaults to true. */
+  autoDerivePorts: boolean;
  tags?: string[];
  createdAt: number;
  updatedAt: number;
+  /** Effective ports (union of manual + derived) — only present in API responses. */
+  effectiveListenPorts?: number[];
+  /** Ports explicitly set by the user — only present in API responses. */
+  manualPorts?: number[];
+  /** Ports auto-derived from route configs — only present in API responses. */
+  derivedPorts?: number[];
 }

 /**
@@ -23,3 +33,25 @@ export interface IRemoteIngressStatus {
  lastHeartbeat: number | null;
  connectedAt: number | null;
 }
+
+/**
+ * Route-level remote ingress configuration.
+ * When attached to a route, signals that traffic for this route
+ * should be accepted from remote edge nodes.
+ */
+export interface IRouteRemoteIngress {
+  /** Whether this route receives traffic from edge nodes */
+  enabled: boolean;
+  /** Optional filter: only edges whose id or tags match get this route's ports.
+   *  When absent, the route applies to all edges. */
+  edgeFilter?: string[];
+}
+
+/**
+ * Extended route config used within dcrouter.
+ * Adds the optional `remoteIngress` property to SmartProxy's IRouteConfig.
+ * SmartProxy ignores unknown properties at runtime.
+ */
+export type IDcRouterRouteConfig = IRouteConfig & {
+  remoteIngress?: IRouteRemoteIngress;
+};
--- a/ts_interfaces/requests/certificate.ts
+++ b/ts_interfaces/requests/certificate.ts
@@ -74,3 +74,68 @@ export interface IReq_ReprovisionCertificateDomain extends plugins.typedrequestI
    message?: string;
  };
 }
+
+// Delete a certificate by domain
+export interface IReq_DeleteCertificate extends plugins.typedrequestInterfaces.implementsTR<
+  plugins.typedrequestInterfaces.ITypedRequest,
+  IReq_DeleteCertificate
+> {
+  method: 'deleteCertificate';
+  request: {
+    identity?: authInterfaces.IIdentity;
+    domain: string;
+  };
+  response: {
+    success: boolean;
+    message?: string;
+  };
+}
+
+// Export a certificate as ICert JSON
+export interface IReq_ExportCertificate extends plugins.typedrequestInterfaces.implementsTR<
+  plugins.typedrequestInterfaces.ITypedRequest,
+  IReq_ExportCertificate
+> {
+  method: 'exportCertificate';
+  request: {
+    identity?: authInterfaces.IIdentity;
+    domain: string;
+  };
+  response: {
+    success: boolean;
+    cert?: {
+      id: string;
+      domainName: string;
+      created: number;
+      validUntil: number;
+      privateKey: string;
+      publicKey: string;
+      csr: string;
+    };
+    message?: string;
+  };
+}
+
+// Import a certificate from ICert JSON
+export interface IReq_ImportCertificate extends plugins.typedrequestInterfaces.implementsTR<
+  plugins.typedrequestInterfaces.ITypedRequest,
+  IReq_ImportCertificate
+> {
+  method: 'importCertificate';
+  request: {
+    identity?: authInterfaces.IIdentity;
+    cert: {
+      id: string;
+      domainName: string;
+      created: number;
+      validUntil: number;
+      privateKey: string;
+      publicKey: string;
+      csr: string;
+    };
+  };
+  response: {
+    success: boolean;
+    message?: string;
+  };
+}
--- a/ts_interfaces/requests/remoteingress.ts
+++ b/ts_interfaces/requests/remoteingress.ts
@@ -17,7 +17,8 @@ export interface IReq_CreateRemoteIngress extends plugins.typedrequestInterfaces
  request: {
    identity?: authInterfaces.IIdentity;
    name: string;
-    listenPorts: number[];
+    listenPorts?: number[];
+    autoDerivePorts?: boolean;
    tags?: string[];
  };
  response: {
@@ -57,6 +58,7 @@ export interface IReq_UpdateRemoteIngress extends plugins.typedrequestInterfaces
    id: string;
    name?: string;
    listenPorts?: number[];
+    autoDerivePorts?: boolean;
    enabled?: boolean;
    tags?: string[];
  };
--- a/ts_web/00_commitinfo_data.ts
+++ b/ts_web/00_commitinfo_data.ts
@@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@serve.zone/dcrouter',
-  version: '6.4.2',
+  version: '6.10.0',
  description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }
--- a/ts_web/appstate.ts
+++ b/ts_web/appstate.ts
@@ -780,6 +780,80 @@ export const reprovisionCertificateAction = certificateStatePart.createAction<st
  }
 );

+export const deleteCertificateAction = certificateStatePart.createAction<string>(
+  async (statePartArg, domain) => {
+    const context = getActionContext();
+    const currentState = statePartArg.getState();
+
+    try {
+      const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
+        interfaces.requests.IReq_DeleteCertificate
+      >('/typedrequest', 'deleteCertificate');
+
+      await request.fire({
+        identity: context.identity,
+        domain,
+      });
+
+      // Re-fetch overview after deletion
+      await certificateStatePart.dispatchAction(fetchCertificateOverviewAction, null);
+      return statePartArg.getState();
+    } catch (error) {
+      return {
+        ...currentState,
+        error: error instanceof Error ? error.message : 'Failed to delete certificate',
+      };
+    }
+  }
+);
+
+export const importCertificateAction = certificateStatePart.createAction<{
+  id: string;
+  domainName: string;
+  created: number;
+  validUntil: number;
+  privateKey: string;
+  publicKey: string;
+  csr: string;
+}>(
+  async (statePartArg, cert) => {
+    const context = getActionContext();
+    const currentState = statePartArg.getState();
+
+    try {
+      const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
+        interfaces.requests.IReq_ImportCertificate
+      >('/typedrequest', 'importCertificate');
+
+      await request.fire({
+        identity: context.identity,
+        cert,
+      });
+
+      // Re-fetch overview after import
+      await certificateStatePart.dispatchAction(fetchCertificateOverviewAction, null);
+      return statePartArg.getState();
+    } catch (error) {
+      return {
+        ...currentState,
+        error: error instanceof Error ? error.message : 'Failed to import certificate',
+      };
+    }
+  }
+);
+
+export async function fetchCertificateExport(domain: string) {
+  const context = getActionContext();
+  const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
+    interfaces.requests.IReq_ExportCertificate
+  >('/typedrequest', 'exportCertificate');
+
+  return request.fire({
+    identity: context.identity,
+    domain,
+  });
+}
+
 // ============================================================================
 // Remote Ingress Actions
 // ============================================================================
@@ -821,7 +895,8 @@ export const fetchRemoteIngressAction = remoteIngressStatePart.createAction(asyn

 export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
  name: string;
-  listenPorts: number[];
+  listenPorts?: number[];
+  autoDerivePorts?: boolean;
  tags?: string[];
 }>(async (statePartArg, dataArg) => {
  const context = getActionContext();
@@ -836,6 +911,7 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
      identity: context.identity,
      name: dataArg.name,
      listenPorts: dataArg.listenPorts,
+      autoDerivePorts: dataArg.autoDerivePorts,
      tags: dataArg.tags,
    });

@@ -883,6 +959,40 @@ export const deleteRemoteIngressAction = remoteIngressStatePart.createAction<str
  }
 );

+export const updateRemoteIngressAction = remoteIngressStatePart.createAction<{
+  id: string;
+  name?: string;
+  listenPorts?: number[];
+  autoDerivePorts?: boolean;
+  tags?: string[];
+}>(async (statePartArg, dataArg) => {
+  const context = getActionContext();
+  const currentState = statePartArg.getState();
+
+  try {
+    const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
+      interfaces.requests.IReq_UpdateRemoteIngress
+    >('/typedrequest', 'updateRemoteIngress');
+
+    await request.fire({
+      identity: context.identity,
+      id: dataArg.id,
+      name: dataArg.name,
+      listenPorts: dataArg.listenPorts,
+      autoDerivePorts: dataArg.autoDerivePorts,
+      tags: dataArg.tags,
+    });
+
+    await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
+    return statePartArg.getState();
+  } catch (error) {
+    return {
+      ...currentState,
+      error: error instanceof Error ? error.message : 'Failed to update edge',
+    };
+  }
+});
+
 export const regenerateRemoteIngressSecretAction = remoteIngressStatePart.createAction<string>(
  async (statePartArg, edgeId) => {
    const context = getActionContext();
@@ -924,6 +1034,34 @@ export const clearNewEdgeSecretAction = remoteIngressStatePart.createAction(
  }
 );

+export const toggleRemoteIngressAction = remoteIngressStatePart.createAction<{
+  id: string;
+  enabled: boolean;
+}>(async (statePartArg, dataArg) => {
+  const context = getActionContext();
+  const currentState = statePartArg.getState();
+
+  try {
+    const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
+      interfaces.requests.IReq_UpdateRemoteIngress
+    >('/typedrequest', 'updateRemoteIngress');
+
+    await request.fire({
+      identity: context.identity,
+      id: dataArg.id,
+      enabled: dataArg.enabled,
+    });
+
+    await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
+    return statePartArg.getState();
+  } catch (error) {
+    return {
+      ...currentState,
+      error: error instanceof Error ? error.message : 'Failed to toggle edge',
+    };
+  }
+});
+
 // Combined refresh action for efficient polling
 async function dispatchCombinedRefreshAction() {
  const context = getActionContext();
--- a/ts_web/elements/ops-view-certificates.ts
+++ b/ts_web/elements/ops-view-certificates.ts
@@ -175,7 +175,7 @@ export class OpsViewCertificates extends DeesElement {
        title: 'Total Certificates',
        value: summary.total,
        type: 'number',
-        icon: 'shieldHalved',
+        icon: 'lucide:ShieldHalf',
        color: '#3b82f6',
      },
      {
@@ -183,7 +183,7 @@ export class OpsViewCertificates extends DeesElement {
        title: 'Valid',
        value: summary.valid,
        type: 'number',
-        icon: 'check',
+        icon: 'lucide:Check',
        color: '#22c55e',
      },
      {
@@ -191,7 +191,7 @@ export class OpsViewCertificates extends DeesElement {
        title: 'Expiring Soon',
        value: summary.expiring,
        type: 'number',
-        icon: 'clock',
+        icon: 'lucide:Clock',
        color: '#f59e0b',
      },
      {
@@ -199,7 +199,7 @@ export class OpsViewCertificates extends DeesElement {
        title: 'Failed / Expired',
        value: summary.failed + summary.expired,
        type: 'number',
-        icon: 'triangleExclamation',
+        icon: 'lucide:TriangleAlert',
        color: '#ef4444',
      },
    ];
@@ -211,7 +211,7 @@ export class OpsViewCertificates extends DeesElement {
        .gridActions=${[
          {
            name: 'Refresh',
-            iconName: 'arrowsRotate',
+            iconName: 'lucide:RefreshCw',
            action: async () => {
              await appstate.certificateStatePart.dispatchAction(
                appstate.fetchCertificateOverviewAction,
@@ -241,9 +241,64 @@ export class OpsViewCertificates extends DeesElement {
              : '',
        })}
        .dataActions=${[
+          {
+            name: 'Import Certificate',
+            iconName: 'lucide:upload',
+            type: ['header'],
+            actionFunc: async () => {
+              const { DeesModal } = await import('@design.estate/dees-catalog');
+              await DeesModal.createAndShow({
+                heading: 'Import Certificate',
+                content: html`
+                  <dees-form>
+                    <dees-input-fileupload
+                      key="certJsonFile"
+                      label="Certificate JSON (.tsclass.cert.json)"
+                      accept=".json"
+                      .multiple=${false}
+                      required
+                    ></dees-input-fileupload>
+                  </dees-form>
+                `,
+                menuOptions: [
+                  {
+                    name: 'Import',
+                    iconName: 'lucide:upload',
+                    action: async (modal) => {
+                      const { DeesToast } = await import('@design.estate/dees-catalog');
+                      try {
+                        const form = modal.shadowRoot.querySelector('dees-form') as any;
+                        const formData = await form.collectFormData();
+                        const files = formData.certJsonFile;
+                        if (!files || files.length === 0) {
+                          DeesToast.show({ message: 'Please select a JSON file.', type: 'warning', duration: 3000 });
+                          return;
+                        }
+                        const file = files[0];
+                        const text = await file.text();
+                        const cert = JSON.parse(text);
+                        if (!cert.domainName || !cert.publicKey || !cert.privateKey) {
+                          DeesToast.show({ message: 'Invalid cert JSON: missing domainName, publicKey, or privateKey.', type: 'error', duration: 4000 });
+                          return;
+                        }
+                        await appstate.certificateStatePart.dispatchAction(
+                          appstate.importCertificateAction,
+                          cert,
+                        );
+                        DeesToast.show({ message: `Certificate imported for ${cert.domainName}`, type: 'success', duration: 3000 });
+                        modal.destroy();
+                      } catch (err) {
+                        DeesToast.show({ message: `Import failed: ${err.message}`, type: 'error', duration: 4000 });
+                      }
+                    },
+                  },
+                ],
+              });
+            },
+          },
          {
            name: 'Reprovision',
-            iconName: 'arrowsRotate',
+            iconName: 'lucide:RefreshCw',
            type: ['inRow'],
            actionFunc: async (actionData: { item: interfaces.requests.ICertificateInfo }) => {
              const cert = actionData.item;
@@ -268,9 +323,66 @@ export class OpsViewCertificates extends DeesElement {
              });
            },
          },
+          {
+            name: 'Export',
+            iconName: 'lucide:download',
+            type: ['inRow', 'contextmenu'],
+            actionFunc: async (actionData: { item: interfaces.requests.ICertificateInfo }) => {
+              const { DeesToast } = await import('@design.estate/dees-catalog');
+              const cert = actionData.item;
+              try {
+                const response = await appstate.fetchCertificateExport(cert.domain);
+                if (response.success && response.cert) {
+                  const safeDomain = cert.domain.replace(/\*/g, '_wildcard');
+                  this.downloadJsonFile(`${safeDomain}.tsclass.cert.json`, response.cert);
+                  DeesToast.show({ message: `Certificate exported for ${cert.domain}`, type: 'success', duration: 3000 });
+                } else {
+                  DeesToast.show({ message: response.message || 'Export failed', type: 'error', duration: 4000 });
+                }
+              } catch (err) {
+                DeesToast.show({ message: `Export failed: ${err.message}`, type: 'error', duration: 4000 });
+              }
+            },
+          },
+          {
+            name: 'Delete',
+            iconName: 'lucide:trash-2',
+            type: ['inRow', 'contextmenu'],
+            actionFunc: async (actionData: { item: interfaces.requests.ICertificateInfo }) => {
+              const cert = actionData.item;
+              const { DeesModal, DeesToast } = await import('@design.estate/dees-catalog');
+              await DeesModal.createAndShow({
+                heading: `Delete Certificate: ${cert.domain}`,
+                content: html`
+                  <div style="padding: 20px; font-size: 14px;">
+                    <p>Are you sure you want to delete the certificate data for <strong>${cert.domain}</strong>?</p>
+                    <p style="color: #f59e0b; margin-top: 12px;">Note: The certificate may remain in proxy memory until the next restart or reprovisioning.</p>
+                  </div>
+                `,
+                menuOptions: [
+                  {
+                    name: 'Delete',
+                    iconName: 'lucide:trash-2',
+                    action: async (modal) => {
+                      try {
+                        await appstate.certificateStatePart.dispatchAction(
+                          appstate.deleteCertificateAction,
+                          cert.domain,
+                        );
+                        DeesToast.show({ message: `Certificate deleted for ${cert.domain}`, type: 'success', duration: 3000 });
+                        modal.destroy();
+                      } catch (err) {
+                        DeesToast.show({ message: `Delete failed: ${err.message}`, type: 'error', duration: 4000 });
+                      }
+                    },
+                  },
+                ],
+              });
+            },
+          },
          {
            name: 'View Details',
-            iconName: 'magnifyingGlass',
+            iconName: 'lucide:Search',
            type: ['doubleClick', 'contextmenu'],
            actionFunc: async (actionData: { item: interfaces.requests.ICertificateInfo }) => {
              const cert = actionData.item;
@@ -289,7 +401,7 @@ export class OpsViewCertificates extends DeesElement {
                menuOptions: [
                  {
                    name: 'Copy Domain',
-                    iconName: 'copy',
+                    iconName: 'lucide:Copy',
                    action: async () => {
                      await navigator.clipboard.writeText(cert.domain);
                    },
@@ -309,6 +421,19 @@ export class OpsViewCertificates extends DeesElement {
    `;
  }

+  private downloadJsonFile(filename: string, data: any): void {
+    const json = JSON.stringify(data, null, 2);
+    const blob = new Blob([json], { type: 'application/json' });
+    const url = URL.createObjectURL(blob);
+    const a = document.createElement('a');
+    a.href = url;
+    a.download = filename;
+    document.body.appendChild(a);
+    a.click();
+    document.body.removeChild(a);
+    URL.revokeObjectURL(url);
+  }
+
  private renderRoutePills(routeNames: string[]): TemplateResult {
    const maxShow = 3;
    const visible = routeNames.slice(0, maxShow);
--- a/ts_web/elements/ops-view-network.ts
+++ b/ts_web/elements/ops-view-network.ts
@@ -287,7 +287,7 @@ export class OpsViewNetwork extends DeesElement {
          .dataActions=${[
            {
              name: 'View Details',
-              iconName: 'magnifyingGlass',
+              iconName: 'lucide:Search',
              type: ['inRow', 'doubleClick', 'contextmenu'],
              actionFunc: async (actionData) => {
                await this.showRequestDetails(actionData.item);
@@ -336,7 +336,7 @@ export class OpsViewNetwork extends DeesElement {
      menuOptions: [
        {
          name: 'Copy Request ID',
-          iconName: 'copy',
+          iconName: 'lucide:Copy',
          action: async () => {
            await navigator.clipboard.writeText(request.id);
          }
@@ -429,13 +429,13 @@ export class OpsViewNetwork extends DeesElement {
        title: 'Active Connections',
        value: activeConnections,
        type: 'number',
-        icon: 'plug',
+        icon: 'lucide:Plug',
        color: activeConnections > 100 ? '#f59e0b' : '#22c55e',
        description: `Total: ${this.networkState.requestsTotal || this.statsState.serverStats?.totalConnections || 0}`,
        actions: [
          {
            name: 'View Details',
-            iconName: 'magnifyingGlass',
+            iconName: 'lucide:Search',
            action: async () => {
            },
          },
@@ -446,7 +446,7 @@ export class OpsViewNetwork extends DeesElement {
        title: 'Requests/sec',
        value: reqPerSec,
        type: 'trend',
-        icon: 'chartLine',
+        icon: 'lucide:ChartLine',
        color: '#3b82f6',
        trendData: trendData,
        description: `Total: ${this.formatNumber(this.networkState.requestsTotal || 0)} requests`,
@@ -457,7 +457,7 @@ export class OpsViewNetwork extends DeesElement {
        value: this.formatBitsPerSecond(throughput.in),
        unit: '',
        type: 'number',
-        icon: 'download',
+        icon: 'lucide:Download',
        color: '#22c55e',
        description: `Total: ${this.formatBytes(this.networkState.totalBytes?.in || 0)}`,
      },
@@ -467,7 +467,7 @@ export class OpsViewNetwork extends DeesElement {
        value: this.formatBitsPerSecond(throughput.out),
        unit: '',
        type: 'number',
-        icon: 'upload',
+        icon: 'lucide:Upload',
        color: '#8b5cf6',
        description: `Total: ${this.formatBytes(this.networkState.totalBytes?.out || 0)}`,
      },
@@ -480,7 +480,7 @@ export class OpsViewNetwork extends DeesElement {
        .gridActions=${[
          {
            name: 'Export Data',
-            iconName: 'fileExport',
+            iconName: 'lucide:FileOutput',
            action: async () => {
              console.log('Export feature coming soon');
            },
--- a/ts_web/elements/ops-view-overview.ts
+++ b/ts_web/elements/ops-view-overview.ts
@@ -163,7 +163,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Server Status',
        value: this.statsState.serverStats.uptime ? 'Online' : 'Offline',
        type: 'text',
-        icon: 'server',
+        icon: 'lucide:Server',
        color: this.statsState.serverStats.uptime ? '#22c55e' : '#ef4444',
        description: `Uptime: ${this.formatUptime(this.statsState.serverStats.uptime)}`,
      },
@@ -172,7 +172,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Active Connections',
        value: this.statsState.serverStats.activeConnections,
        type: 'number',
-        icon: 'networkWired',
+        icon: 'lucide:Network',
        color: '#3b82f6',
        description: `Total: ${this.statsState.serverStats.totalConnections}`,
      },
@@ -181,7 +181,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Throughput In',
        value: this.formatBitsPerSecond(this.statsState.serverStats.throughput?.bytesInPerSecond || 0),
        type: 'text',
-        icon: 'download',
+        icon: 'lucide:Download',
        color: '#22c55e',
        description: `Total: ${this.formatBytes(this.statsState.serverStats.throughput?.bytesIn || 0)}`,
      },
@@ -190,7 +190,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Throughput Out',
        value: this.formatBitsPerSecond(this.statsState.serverStats.throughput?.bytesOutPerSecond || 0),
        type: 'text',
-        icon: 'upload',
+        icon: 'lucide:Upload',
        color: '#8b5cf6',
        description: `Total: ${this.formatBytes(this.statsState.serverStats.throughput?.bytesOut || 0)}`,
      },
@@ -199,7 +199,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'CPU Usage',
        value: cpuUsage,
        type: 'gauge',
-        icon: 'microchip',
+        icon: 'lucide:Cpu',
        gaugeOptions: {
          min: 0,
          max: 100,
@@ -215,7 +215,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Memory Usage',
        value: memoryUsage,
        type: 'percentage',
-        icon: 'memory',
+        icon: 'lucide:MemoryStick',
        color: memoryUsage > 80 ? '#ef4444' : memoryUsage > 60 ? '#f59e0b' : '#22c55e',
        description: this.statsState.serverStats.memoryUsage.actualUsageBytes !== undefined && this.statsState.serverStats.memoryUsage.maxMemoryMB !== undefined
          ? `${this.formatBytes(this.statsState.serverStats.memoryUsage.actualUsageBytes)} / ${this.formatBytes(this.statsState.serverStats.memoryUsage.maxMemoryMB * 1024 * 1024)}`
@@ -229,7 +229,7 @@ export class OpsViewOverview extends DeesElement {
        .gridActions=${[
          {
            name: 'Refresh',
-            iconName: 'arrowsRotate',
+            iconName: 'lucide:RefreshCw',
            action: async () => {
              await appstate.statsStatePart.dispatchAction(appstate.fetchAllStatsAction, null);
            },
@@ -251,7 +251,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Emails Sent',
        value: this.statsState.emailStats.sent,
        type: 'number',
-        icon: 'paperPlane',
+        icon: 'lucide:Send',
        color: '#22c55e',
        description: `Delivery rate: ${(deliveryRate * 100).toFixed(1)}%`,
      },
@@ -260,7 +260,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Emails Received',
        value: this.statsState.emailStats.received,
        type: 'number',
-        icon: 'envelope',
+        icon: 'lucide:Mail',
        color: '#3b82f6',
      },
      {
@@ -268,7 +268,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Queued',
        value: this.statsState.emailStats.queued,
        type: 'number',
-        icon: 'clock',
+        icon: 'lucide:Clock',
        color: '#f59e0b',
        description: 'Pending delivery',
      },
@@ -277,7 +277,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Failed',
        value: this.statsState.emailStats.failed,
        type: 'number',
-        icon: 'triangleExclamation',
+        icon: 'lucide:TriangleAlert',
        color: '#ef4444',
        description: `Bounce rate: ${(bounceRate * 100).toFixed(1)}%`,
      },
@@ -300,7 +300,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'DNS Queries',
        value: this.statsState.dnsStats.totalQueries,
        type: 'number',
-        icon: 'globe',
+        icon: 'lucide:Globe',
        color: '#3b82f6',
        description: 'Total queries handled',
      },
@@ -309,7 +309,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Cache Hit Rate',
        value: cacheHitRate,
        type: 'percentage',
-        icon: 'database',
+        icon: 'lucide:Database',
        color: cacheHitRate > 80 ? '#22c55e' : cacheHitRate > 60 ? '#f59e0b' : '#ef4444',
        description: `${this.statsState.dnsStats.cacheHits} hits / ${this.statsState.dnsStats.cacheMisses} misses`,
      },
@@ -318,7 +318,7 @@ export class OpsViewOverview extends DeesElement {
        title: 'Active Domains',
        value: this.statsState.dnsStats.activeDomains,
        type: 'number',
-        icon: 'sitemap',
+        icon: 'lucide:Network',
        color: '#8b5cf6',
      },
      {
@@ -327,7 +327,7 @@ export class OpsViewOverview extends DeesElement {
        value: this.statsState.dnsStats.averageResponseTime.toFixed(1),
        unit: 'ms',
        type: 'number',
-        icon: 'clockRotateLeft',
+        icon: 'lucide:History',
        color: this.statsState.dnsStats.averageResponseTime < 50 ? '#22c55e' : '#f59e0b',
      },
    ];
--- a/ts_web/elements/ops-view-remoteingress.ts
+++ b/ts_web/elements/ops-view-remoteingress.ts
@@ -114,6 +114,17 @@ export class OpsViewRemoteIngress extends DeesElement {
        background: ${cssManager.bdTheme('#eff6ff', '#172554')};
        color: ${cssManager.bdTheme('#1e40af', '#60a5fa')};
      }
+
+      .portBadge.manual {
+        background: ${cssManager.bdTheme('#eff6ff', '#172554')};
+        color: ${cssManager.bdTheme('#1e40af', '#60a5fa')};
+      }
+
+      .portBadge.derived {
+        background: ${cssManager.bdTheme('#ecfdf5', '#022c22')};
+        color: ${cssManager.bdTheme('#047857', '#34d399')};
+        border: 1px dashed ${cssManager.bdTheme('#6ee7b7', '#065f46')};
+      }
    `,
  ];

@@ -187,15 +198,148 @@ export class OpsViewRemoteIngress extends DeesElement {
            name: edge.name,
            status: this.getEdgeStatusHtml(edge),
            publicIp: this.getEdgePublicIp(edge.id),
-            ports: this.getPortsHtml(edge.listenPorts),
+            ports: this.getPortsHtml(edge),
            tunnels: this.getEdgeTunnelCount(edge.id),
            lastHeartbeat: this.getLastHeartbeat(edge.id),
          })}
          .dataActions=${[
+            {
+              name: 'Create Edge Node',
+              iconName: 'lucide:plus',
+              type: ['header'],
+              actionFunc: async () => {
+                const { DeesModal } = await import('@design.estate/dees-catalog');
+                const modal = await DeesModal.createAndShow({
+                  heading: 'Create Edge Node',
+                  content: html`
+                    <dees-form>
+                      <dees-input-text .key=${'name'} .label=${'Name'} .required=${true}></dees-input-text>
+                      <dees-input-text .key=${'listenPorts'} .label=${'Additional Manual Ports (comma-separated, optional)'}></dees-input-text>
+                      <dees-input-checkbox .key=${'autoDerivePorts'} .label=${'Auto-derive ports from routes'} .value=${true}></dees-input-checkbox>
+                      <dees-input-text .key=${'tags'} .label=${'Tags (comma-separated, optional)'}></dees-input-text>
+                    </dees-form>
+                  `,
+                  menuOptions: [
+                    {
+                      name: 'Cancel',
+                      iconName: 'lucide:x',
+                      action: async (modalArg: any) => await modalArg.destroy(),
+                    },
+                    {
+                      name: 'Create',
+                      iconName: 'lucide:plus',
+                      action: async (modalArg: any) => {
+                        const form = modalArg.shadowRoot?.querySelector('.content')?.querySelector('dees-form');
+                        if (!form) return;
+                        const formData = await form.collectFormData();
+                        const name = formData.name;
+                        if (!name) return;
+                        const portsStr = formData.listenPorts?.trim();
+                        const listenPorts = portsStr
+                          ? portsStr.split(',').map((p: string) => parseInt(p.trim(), 10)).filter((p: number) => !isNaN(p))
+                          : undefined;
+                        const autoDerivePorts = formData.autoDerivePorts !== false;
+                        const tags = formData.tags
+                          ? formData.tags.split(',').map((t: string) => t.trim()).filter(Boolean)
+                          : undefined;
+                        await appstate.remoteIngressStatePart.dispatchAction(
+                          appstate.createRemoteIngressAction,
+                          { name, listenPorts, autoDerivePorts, tags },
+                        );
+                        await modalArg.destroy();
+                      },
+                    },
+                  ],
+                });
+              },
+            },
+            {
+              name: 'Enable',
+              iconName: 'lucide:play',
+              type: ['inRow', 'contextmenu'] as any,
+              actionRelevancyCheckFunc: (actionData: any) => !actionData.item.enabled,
+              actionFunc: async (actionData: any) => {
+                const edge = actionData.item as interfaces.data.IRemoteIngress;
+                await appstate.remoteIngressStatePart.dispatchAction(
+                  appstate.toggleRemoteIngressAction,
+                  { id: edge.id, enabled: true },
+                );
+              },
+            },
+            {
+              name: 'Disable',
+              iconName: 'lucide:pause',
+              type: ['inRow', 'contextmenu'] as any,
+              actionRelevancyCheckFunc: (actionData: any) => actionData.item.enabled,
+              actionFunc: async (actionData: any) => {
+                const edge = actionData.item as interfaces.data.IRemoteIngress;
+                await appstate.remoteIngressStatePart.dispatchAction(
+                  appstate.toggleRemoteIngressAction,
+                  { id: edge.id, enabled: false },
+                );
+              },
+            },
+            {
+              name: 'Edit',
+              iconName: 'lucide:pencil',
+              type: ['inRow', 'contextmenu'] as any,
+              actionFunc: async (actionData: any) => {
+                const edge = actionData.item as interfaces.data.IRemoteIngress;
+                const { DeesModal } = await import('@design.estate/dees-catalog');
+                await DeesModal.createAndShow({
+                  heading: `Edit Edge: ${edge.name}`,
+                  content: html`
+                    <dees-form>
+                      <dees-input-text .key=${'name'} .label=${'Name'} .value=${edge.name}></dees-input-text>
+                      <dees-input-text .key=${'listenPorts'} .label=${'Manual Ports (comma-separated)'} .value=${(edge.listenPorts || []).join(', ')}></dees-input-text>
+                      <dees-input-checkbox .key=${'autoDerivePorts'} .label=${'Auto-derive ports from routes'} .value=${edge.autoDerivePorts !== false}></dees-input-checkbox>
+                      <dees-input-text .key=${'tags'} .label=${'Tags (comma-separated)'} .value=${(edge.tags || []).join(', ')}></dees-input-text>
+                    </dees-form>
+                  `,
+                  menuOptions: [
+                    {
+                      name: 'Cancel',
+                      iconName: 'lucide:x',
+                      action: async (modalArg: any) => await modalArg.destroy(),
+                    },
+                    {
+                      name: 'Save',
+                      iconName: 'lucide:check',
+                      action: async (modalArg: any) => {
+                        const form = modalArg.shadowRoot?.querySelector('.content')?.querySelector('dees-form');
+                        if (!form) return;
+                        const formData = await form.collectFormData();
+                        const portsStr = formData.listenPorts?.trim();
+                        const listenPorts = portsStr
+                          ? portsStr.split(',').map((p: string) => parseInt(p.trim(), 10)).filter((p: number) => !isNaN(p))
+                          : [];
+                        const autoDerivePorts = formData.autoDerivePorts !== false;
+                        const tags = formData.tags
+                          ? formData.tags.split(',').map((t: string) => t.trim()).filter(Boolean)
+                          : [];
+                        await appstate.remoteIngressStatePart.dispatchAction(
+                          appstate.updateRemoteIngressAction,
+                          {
+                            id: edge.id,
+                            name: formData.name || edge.name,
+                            listenPorts,
+                            autoDerivePorts,
+                            tags,
+                          },
+                        );
+                        await modalArg.destroy();
+                      },
+                    },
+                  ],
+                });
+              },
+            },
            {
              name: 'Regenerate Secret',
              iconName: 'lucide:key',
-              action: async (edge: interfaces.data.IRemoteIngress) => {
+              type: ['inRow', 'contextmenu'] as any,
+              actionFunc: async (actionData: any) => {
+                const edge = actionData.item as interfaces.data.IRemoteIngress;
                await appstate.remoteIngressStatePart.dispatchAction(
                  appstate.regenerateRemoteIngressSecretAction,
                  edge.id,
@@ -205,7 +349,9 @@ export class OpsViewRemoteIngress extends DeesElement {
            {
              name: 'Delete',
              iconName: 'lucide:trash2',
-              action: async (edge: interfaces.data.IRemoteIngress) => {
+              type: ['inRow', 'contextmenu'] as any,
+              actionFunc: async (actionData: any) => {
+                const edge = actionData.item as interfaces.data.IRemoteIngress;
                await appstate.remoteIngressStatePart.dispatchAction(
                  appstate.deleteRemoteIngressAction,
                  edge.id,
@@ -213,38 +359,6 @@ export class OpsViewRemoteIngress extends DeesElement {
              },
            },
          ]}
-          .createNewAction=${async () => {
-            const { DeesModal } = await import('@design.estate/dees-catalog');
-            const result = await DeesModal.createAndShow({
-              heading: 'Create Edge Node',
-              content: html`
-                <dees-form>
-                  <dees-input-text .key=${'name'} .label=${'Name'} .required=${true}></dees-input-text>
-                  <dees-input-text .key=${'listenPorts'} .label=${'Listen Ports (comma-separated)'} .required=${true} .value=${'443,25'}></dees-input-text>
-                  <dees-input-text .key=${'tags'} .label=${'Tags (comma-separated, optional)'}></dees-input-text>
-                </dees-form>
-              `,
-              menuOptions: [],
-            });
-            if (result) {
-              const formData = result as any;
-              const ports = (formData.name ? formData.listenPorts : '443')
-                .split(',')
-                .map((p: string) => parseInt(p.trim(), 10))
-                .filter((p: number) => !isNaN(p));
-              const tags = formData.tags
-                ? formData.tags.split(',').map((t: string) => t.trim()).filter(Boolean)
-                : undefined;
-              await appstate.remoteIngressStatePart.dispatchAction(
-                appstate.createRemoteIngressAction,
-                {
-                  name: formData.name,
-                  listenPorts: ports,
-                  tags,
-                },
-              );
-            }
-          }}
        ></dees-table>
      </div>
    `;
@@ -270,8 +384,13 @@ export class OpsViewRemoteIngress extends DeesElement {
    return status?.publicIp || '-';
  }

-  private getPortsHtml(ports: number[]): TemplateResult {
-    return html`<div class="portsDisplay">${ports.map(p => html`<span class="portBadge">${p}</span>`)}</div>`;
+  private getPortsHtml(edge: interfaces.data.IRemoteIngress): TemplateResult {
+    const manualPorts = edge.manualPorts || [];
+    const derivedPorts = edge.derivedPorts || [];
+    if (manualPorts.length === 0 && derivedPorts.length === 0) {
+      return html`<span style="color: var(--text-muted, #6b7280); font-size: 12px;">none</span>`;
+    }
+    return html`<div class="portsDisplay">${manualPorts.map(p => html`<span class="portBadge manual">${p}</span>`)}${derivedPorts.map(p => html`<span class="portBadge derived">${p}</span>`)}${derivedPorts.length > 0 ? html`<span style="font-size: 11px; color: var(--text-muted, #6b7280); align-self: center;">(auto)</span>` : ''}</div>`;
  }

  private getEdgeTunnelCount(edgeId: string): number {
--- a/ts_web/elements/ops-view-security.ts
+++ b/ts_web/elements/ops-view-security.ts
@@ -256,7 +256,7 @@ export class OpsViewSecurity extends DeesElement {
        title: 'Threat Level',
        value: threatScore,
        type: 'gauge',
-        icon: 'shield',
+        icon: 'lucide:Shield',
        gaugeOptions: {
          min: 0,
          max: 100,
@@ -273,7 +273,7 @@ export class OpsViewSecurity extends DeesElement {
        title: 'Blocked Threats',
        value: metrics.blockedIPs.length + metrics.spamDetected,
        type: 'number',
-        icon: 'userShield',
+        icon: 'lucide:ShieldCheck',
        color: '#ef4444',
        description: 'Total threats blocked today',
      },
@@ -282,7 +282,7 @@ export class OpsViewSecurity extends DeesElement {
        title: 'Active Sessions',
        value: 0,
        type: 'number',
-        icon: 'users',
+        icon: 'lucide:Users',
        color: '#22c55e',
        description: 'Current authenticated sessions',
      },
@@ -291,7 +291,7 @@ export class OpsViewSecurity extends DeesElement {
        title: 'Auth Failures',
        value: metrics.authenticationFailures,
        type: 'number',
-        icon: 'lockOpen',
+        icon: 'lucide:LockOpen',
        color: metrics.authenticationFailures > 10 ? '#ef4444' : '#f59e0b',
        description: 'Failed login attempts today',
      },
@@ -355,7 +355,7 @@ export class OpsViewSecurity extends DeesElement {
        title: 'Authentication Failures',
        value: metrics.authenticationFailures,
        type: 'number',
-        icon: 'lockOpen',
+        icon: 'lucide:LockOpen',
        color: metrics.authenticationFailures > 10 ? '#ef4444' : '#f59e0b',
        description: 'Failed authentication attempts today',
      },
@@ -364,7 +364,7 @@ export class OpsViewSecurity extends DeesElement {
        title: 'Successful Logins',
        value: 0,
        type: 'number',
-        icon: 'lock',
+        icon: 'lucide:Lock',
        color: '#22c55e',
        description: 'Successful logins today',
      },
@@ -399,7 +399,7 @@ export class OpsViewSecurity extends DeesElement {
        title: 'Malware Detection',
        value: metrics.malwareDetected,
        type: 'number',
-        icon: 'virusSlash',
+        icon: 'lucide:BugOff',
        color: metrics.malwareDetected > 0 ? '#ef4444' : '#22c55e',
        description: 'Malware detected',
      },
@@ -408,7 +408,7 @@ export class OpsViewSecurity extends DeesElement {
        title: 'Phishing Detection',
        value: metrics.phishingDetected,
        type: 'number',
-        icon: 'fishFins',
+        icon: 'lucide:Fish',
        color: metrics.phishingDetected > 0 ? '#ef4444' : '#22c55e',
        description: 'Phishing attempts detected',
      },
@@ -417,7 +417,7 @@ export class OpsViewSecurity extends DeesElement {
        title: 'Suspicious Activities',
        value: metrics.suspiciousActivities,
        type: 'number',
-        icon: 'triangleExclamation',
+        icon: 'lucide:TriangleAlert',
        color: metrics.suspiciousActivities > 5 ? '#ef4444' : '#f59e0b',
        description: 'Suspicious activities detected',
      },
@@ -426,7 +426,7 @@ export class OpsViewSecurity extends DeesElement {
        title: 'Spam Detection',
        value: metrics.spamDetected,
        type: 'number',
-        icon: 'ban',
+        icon: 'lucide:Ban',
        color: '#f59e0b',
        description: 'Spam emails blocked',
      },
Author	SHA1	Message	Date
Juergen Kunz	b21f3385e1	v6.10.0 Some checks failed Docker (tags) / security (push) Failing after 1s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2026-02-17 17:49:12 +00:00
Juergen Kunz	dd61e0c962	feat(ops-view-certificates): Make Export and Delete actions available inline (inRow) as well as in the context menu; bump @design.estate/dees-catalog to ^3.43.0	2026-02-17 17:49:12 +00:00
Juergen Kunz	ac3a42fc41	v6.9.0 Some checks failed Docker (tags) / security (push) Failing after 1s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2026-02-17 16:28:33 +00:00
Juergen Kunz	c23f16149c	feat(certificates): add certificate import, export, and deletion support (server handlers, request types, and UI)	2026-02-17 16:28:33 +00:00
Juergen Kunz	529a4bae00	v6.8.0 Some checks failed Docker (tags) / security (push) Failing after 1s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2026-02-17 14:17:18 +00:00
Juergen Kunz	49606ae007	feat(remote-ingress): support auto-deriving ports for remote ingress edges and expose manual/derived port breakdown in API and UI	2026-02-17 14:17:18 +00:00
Juergen Kunz	31a6510d8b	v6.7.0 Some checks failed Docker (tags) / security (push) Failing after 1s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2026-02-17 11:56:54 +00:00
Juergen Kunz	b5e760ae07	feat(remote-ingress): Support auto-derived effective listen ports, make listenPorts optional, add toggle action and refine remote ingress creation/management UI	2026-02-17 11:56:54 +00:00
Juergen Kunz	ea32babaac	v6.6.1 Some checks failed Docker (tags) / security (push) Failing after 1s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2026-02-17 10:57:27 +00:00
Juergen Kunz	a4ddedaf46	fix(icons): standardize icon identifiers to lucide-prefixed names across operational views	2026-02-17 10:57:27 +00:00
Juergen Kunz	7ce09c53ca	v6.6.0 Some checks failed Docker (tags) / security (push) Failing after 1s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2026-02-17 10:55:31 +00:00
Juergen Kunz	69be2295f1	feat(remoteingress): derive effective remote ingress listen ports from route configs and expose them via ops API	2026-02-17 10:55:31 +00:00
Juergen Kunz	018efa32f6	v6.5.0 Some checks failed Docker (tags) / security (push) Failing after 1s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2026-02-16 22:42:30 +00:00
Juergen Kunz	2530918dc6	v6.4.5 Some checks failed Docker (tags) / security (push) Failing after 1s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2026-02-16 17:47:43 +00:00
Juergen Kunz	0b09ea1573	fix(remoteingress): mark remote ingress data actions as row actions and bump @design.estate/dees-catalog dependency	2026-02-16 17:47:43 +00:00
Juergen Kunz	21157477b4	v6.4.4 Some checks failed Docker (tags) / security (push) Failing after 1s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2026-02-16 14:50:44 +00:00
Juergen Kunz	fcf36e5cd5	fix(deps): bump @push.rocks/smartproxy to ^25.7.3	2026-02-16 14:50:44 +00:00
Juergen Kunz	f5740fa565	v6.4.3 Some checks failed Docker (tags) / security (push) Failing after 1s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2026-02-16 13:44:38 +00:00
Juergen Kunz	4a9fba53a9	fix(deps): bump @push.rocks/smartproxy to ^25.7.2	2026-02-16 13:44:38 +00:00