v2.0.0

feat(appstore): use shared resolver
v1.31.0
2026-05-25 03:12:29 +00:00 · 2026-05-25 03:10:18 +00:00 · 2026-05-25 01:40:38 +00:00 · 2026-05-25 01:39:59 +00:00 · 2026-05-24 21:23:33 +00:00 · 2026-05-24 21:20:46 +00:00
32 changed files with 1075 additions and 600 deletions
@@ -3,6 +3,61 @@
 ## Pending


+## 2026-05-25 - 2.0.0
+
+### Breaking Changes
+
+- switch Onebox App Store resolution to the shared appstore client
+  - Uses `@serve.zone/appstore` and `@serve.zone/interfaces` for App Store metadata, parsing, and Docker digest resolution
+  - Renames App Store typed request methods to `getAppStoreTemplates`, `getAppStoreConfig`, `installAppStoreApp`, and `getUpgradeableAppStoreServices`
+  - Removes local duplicated App Store DTO and resolver code while preserving Onebox install and upgrade behavior
+
+## 2026-05-25 - 1.31.0
+
+### Features
+
+- resolve repo manifests and docker digest-tracked images (appstore)
+  - Add catalog source, resolved source, channel, runtime, upgrade strategy, and version metadata types for appstore manifests.
+  - Resolve catalog entries from repo manifests and pin digest-tracked Docker images using registry digests.
+  - Propagate resolved image digests into app version configs and service creation options.
+  - Add runtime coverage for repo manifest resolution and digest-tracked latest images.
+
+## 2026-05-24 - 1.30.2
+
+### Fixes
+
+- reduce remaining reverse proxy wording to required legacy SmartProxy cleanup and migration identifiers
+- clean up legacy reverse proxy naming for SmartProxy (smartproxy)
+  - Update legacy reverse proxy service naming and logs used during SmartProxy startup cleanup.
+  - Clarify migration and documentation wording for the legacy reverse proxy to SmartProxy transition.
+  - Bump @serve.zone/catalog to ^2.12.6 and add pnpm workspace build dependency settings.
+
+## 2026-05-24 - 1.30.1
+
+### Fixes
+
+- align Onebox settings gateway cards with the dees-tile footer action pattern
+- align settings gateway cards with dees-tile footer actions (settings-ui)
+  - Replaces custom gateway card wrappers with dees-tile header and footer slots.
+  - Uses tile-styled action buttons for Admin UI and dcrouter settings saves.
+
+## 2026-05-24 - 1.30.0
+
+### Features
+
+- add configurable Onebox Admin UI domain
+  - expose Admin UI domain in settings
+  - sync the Admin UI route as a first-class dcrouter gateway route
+  - keep Admin UI routing separate from app service routes
+- add configurable Admin UI domain routing (admin-ui)
+  - Expose and validate the Admin UI domain in settings
+  - Sync the Admin UI as a dedicated dcrouter gateway route and SmartProxy route
+  - Preserve configured and legacy Admin UI routes during stale-route reconciliation
+
+### Fixes
+
+- preserve Onebox Admin UI routes during external gateway stale-route reconciliation
+
 ## 2026-05-24 - 1.29.0

 ### Features
@@ -1,6 +1,6 @@
 {
  "name": "@serve.zone/onebox",
-  "version": "1.29.0",
+  "version": "2.0.0",
  "exports": "./mod.ts",
  "tasks": {
    "test": "deno test --allow-all test/",
@@ -27,7 +27,9 @@
    "@push.rocks/smartguard": "npm:@push.rocks/smartguard@^3.1.0",
    "@push.rocks/smartjwt": "npm:@push.rocks/smartjwt@^2.2.2",
    "@api.global/typedsocket": "npm:@api.global/typedsocket@^4.1.3",
-    "@serve.zone/containerarchive": "npm:@serve.zone/containerarchive@^0.1.3"
+    "@serve.zone/containerarchive": "npm:@serve.zone/containerarchive@^0.1.3",
+    "@serve.zone/interfaces": "npm:@serve.zone/interfaces@^6.0.0",
+    "@serve.zone/appstore": "npm:@serve.zone/appstore@^0.2.0"
  },
  "compilerOptions": {
    "lib": [
@@ -1,6 +1,6 @@
 {
  "name": "@serve.zone/onebox",
-  "version": "1.29.0",
+  "version": "2.0.0",
  "description": "Self-hosted container platform with automatic SSL and DNS - a mini Heroku for single servers",
  "main": "mod.ts",
  "type": "module",
@@ -58,7 +58,9 @@
    "@api.global/typedsocket": "^4.1.3",
    "@design.estate/dees-catalog": "^3.81.0",
    "@design.estate/dees-element": "^2.2.4",
-    "@serve.zone/catalog": "^2.12.5"
+    "@serve.zone/appstore": "^0.2.0",
+    "@serve.zone/catalog": "^2.12.6",
+    "@serve.zone/interfaces": "^6.0.0"
  },
  "devDependencies": {
    "@git.zone/tsbundle": "^2.10.4",
@@ -20,9 +20,15 @@ importers:
      '@design.estate/dees-element':
        specifier: ^2.2.4
        version: 2.2.4
+      '@serve.zone/appstore':
+        specifier: ^0.2.0
+        version: 0.2.0
      '@serve.zone/catalog':
-        specifier: ^2.12.5
-        version: 2.12.5(@tiptap/pm@2.27.2)
+        specifier: ^2.12.6
+        version: 2.12.6(@tiptap/pm@2.27.2)
+      '@serve.zone/interfaces':
+        specifier: ^6.0.0
+        version: 6.0.0
    devDependencies:
      '@git.zone/tsbundle':
        specifier: ^2.10.4
@@ -977,8 +983,14 @@ packages:
  '@sec-ant/readable-stream@0.4.1':
    resolution: {integrity: sha512-831qok9r2t8AlxLko40y2ebgSDhenenCatLVeW/uBtnHPyhHOvG0C7TvfgecV+wHzIm5KUICgzmVpWS+IMEAeg==}

-  '@serve.zone/catalog@2.12.5':
-    resolution: {integrity: sha512-0AgHnxonJ7xyYdA02s4tN9/aZG8yBYml4sAA7AUt9fYpRtKYMuZXUcUOS3Rz/FvUu1PrKe7QLtex9VK5IqZDPw==}
+  '@serve.zone/appstore@0.2.0':
+    resolution: {integrity: sha512-qt2LVaRpzfJdUywllm+F0njwnN3aHc2aZHEcjc9REn1VDT47UuUEGaKkfNiosGK0GJqb1hPI/GwyuGMe4H4q7w==}
+
+  '@serve.zone/catalog@2.12.6':
+    resolution: {integrity: sha512-FjieZNCHTCHufMre8OSP8bFP9L4DPL9yNtd7UMwD1yQ8wublgAq6eWrx6Tfb+3k8Hyof33BBt4rbFyrvIEBk+A==}
+
+  '@serve.zone/interfaces@6.0.0':
+    resolution: {integrity: sha512-nCidhOH0XlX+7e6xaJDq6fwnwaWasB/4w2LHkV7A96G+m+7EXZqbbaKSboUlaiGDly0dWNajk2FrYFo64ZucPA==}

  '@tempfix/lenis@1.3.20':
    resolution: {integrity: sha512-ypeB0FuHLHOCQXW4d0RQ69txPJJH+1CHcpsZIUdcv2t1vR0IVyQr2vHihtde9UOXhjzqEnUphWon/UcJNsa0YA==}
@@ -3572,7 +3584,11 @@ snapshots:

  '@sec-ant/readable-stream@0.4.1': {}

-  '@serve.zone/catalog@2.12.5(@tiptap/pm@2.27.2)':
+  '@serve.zone/appstore@0.2.0':
+    dependencies:
+      '@serve.zone/interfaces': 6.0.0
+
+  '@serve.zone/catalog@2.12.6(@tiptap/pm@2.27.2)':
    dependencies:
      '@design.estate/dees-catalog': 3.81.0(@tiptap/pm@2.27.2)
      '@design.estate/dees-domtools': 2.5.6
@@ -3585,6 +3601,12 @@ snapshots:
      - supports-color
      - vue

+  '@serve.zone/interfaces@6.0.0':
+    dependencies:
+      '@api.global/typedrequest-interfaces': 3.0.19
+      '@push.rocks/smartlog-interfaces': 3.0.2
+      '@tsclass/tsclass': 9.5.1
+
  '@tempfix/lenis@1.3.20': {}

  '@tempfix/webcontainer__api@1.6.1': {}
@@ -0,0 +1,4 @@
+allowBuilds:
+  esbuild: true
+ignoredBuiltDependencies:
+  - '@design.estate/dees-catalog'
@@ -46,7 +46,7 @@ ts/database/

 ## Current Migration Version: 15

-Migration 15 renames the core reverse proxy platform service from `caddy` to `smartproxy`.
+Migration 15 renames the legacy core reverse proxy platform service type to `smartproxy`.

 ## Reverse Proxy (April 2026 - SmartProxy Docker Service)

@@ -183,7 +183,7 @@ onebox config set cloudflareZoneId zone-id

 ## App Store

-The App Store manager fetches catalog data from `serve.zone/appstore-apptemplates` and caches it briefly. Templates can declare platform requirements, so installing an app can automatically provision MongoDB, S3-compatible storage, ClickHouse, Redis, or MariaDB resources and inject the resulting credentials as environment variables.
+The App Store manager fetches metadata from `serve.zone/appstore` through `@serve.zone/appstore` and caches it briefly. Templates can declare platform requirements, so installing an app can automatically provision MongoDB, S3-compatible storage, ClickHouse, Redis, or MariaDB resources and inject the resulting credentials as environment variables.

 ```bash
 onebox appstore list
@@ -2,12 +2,14 @@ import { assertEquals, assertThrows } from '@std/assert';

 import { AppStoreManager } from '../ts/classes/appstore.ts';
 import { OneboxDockerManager } from '../ts/classes/docker.ts';
-import type { IAppVersionConfig } from '../ts/classes/appstore-types.ts';
+import type * as servezoneInterfaces from '@serve.zone/interfaces';
 import type { IService } from '../ts/types.ts';

+type IAppStoreVersionConfig = servezoneInterfaces.appstore.IAppStoreVersionConfig;
+
 const createAppStore = () => new AppStoreManager({} as any);

-const baseConfig: IAppVersionConfig = {
+const baseConfig: IAppStoreVersionConfig = {
  image: 'example/app:1.0.0',
  port: 3000,
  envVars: [
@@ -81,6 +83,96 @@ Deno.test('appstore rejects invalid template ports and volumes', () => {
  );
 });

+Deno.test('appstore resolves repo manifests and docker digest-tracked latest images', async () => {
+  const appStoreBaseUrl = 'https://appstore.example.test';
+  const manifestUrl = 'https://code.example.test/cloudly/servezone.appstore.json';
+  const digest = 'sha256:1234567890abcdef';
+
+  const fakeFetch: typeof fetch = async (input, init) => {
+    const url = input instanceof Request ? input.url : input.toString();
+    const method = init?.method || 'GET';
+
+    if (url === `${appStoreBaseUrl}/appstore.resolved.json`) {
+      return new Response('not found', { status: 404 });
+    }
+
+    if (url === `${appStoreBaseUrl}/appstore.json`) {
+      return Response.json({
+        schemaVersion: 1,
+        updatedAt: '2026-05-24T00:00:00Z',
+        apps: [
+          {
+            id: 'cloudly',
+            name: 'Cloudly',
+            description: 'Central metadata can stay curated.',
+            category: 'Dev Tools',
+            latestVersion: '1.0.0',
+            source: {
+              type: 'repoManifest',
+              url: manifestUrl,
+              ref: 'main',
+            },
+          },
+        ],
+      });
+    }
+
+    if (url === manifestUrl) {
+      return Response.json({
+        schemaVersion: 1,
+        app: {
+          id: 'cloudly',
+          name: 'Cloudly',
+          description: 'Manifest-owned app metadata.',
+          category: 'Dev Tools',
+          maintainer: 'serve.zone',
+        },
+        latestVersion: 'latest',
+        source: {
+          type: 'dockerImage',
+          image: 'registry.example.test/serve.zone/cloudly:latest',
+          tracking: 'digest',
+        },
+        runtime: {
+          image: 'registry.example.test/serve.zone/cloudly:latest',
+          port: 80,
+        },
+      });
+    }
+
+    if (
+      url === 'https://registry.example.test/v2/serve.zone/cloudly/manifests/latest' &&
+      method === 'HEAD'
+    ) {
+      return new Response(null, {
+        status: 200,
+        headers: { 'docker-content-digest': digest },
+      });
+    }
+
+    return new Response(`unexpected ${method} ${url}`, { status: 500 });
+  };
+
+  const appStore = new AppStoreManager({} as any, {
+    baseUrl: appStoreBaseUrl,
+    fetch: fakeFetch,
+  });
+
+  const appStoreIndex = await appStore.getAppStore();
+  assertEquals(appStoreIndex.apps[0].latestVersion, `latest@${digest}`);
+  assertEquals(appStoreIndex.apps[0].resolvedSource?.manifestHash?.length, 64);
+  assertEquals(appStoreIndex.apps[0].upgradeStrategy, 'dockerDigest');
+
+  const appMeta = await appStore.getAppMeta('cloudly');
+  assertEquals(appMeta.latestVersion, `latest@${digest}`);
+  assertEquals(appMeta.versions, [`latest@${digest}`]);
+
+  const config = await appStore.getAppVersionConfig('cloudly', appMeta.latestVersion);
+  assertEquals(config.image, 'registry.example.test/serve.zone/cloudly:latest');
+  assertEquals(config.appStoreVersion, `latest@${digest}`);
+  assertEquals(config.resolvedImageDigest, digest);
+});
+
 Deno.test('docker service spec validation rejects unsafe volume and port declarations', () => {
  const dockerManager = new OneboxDockerManager();

@@ -173,6 +173,47 @@ Deno.test('ExternalGatewayManager syncs service routes to dcrouter gatewayClient
  assertEquals(syncRequest.requestData.enabled, true);
 });

+Deno.test('ExternalGatewayManager syncs Admin UI route to dcrouter gatewayClient API', async () => {
+  const oneboxRef = makeOneboxRef();
+  oneboxRef.database.settings.set('adminUiDomain', 'Onebox.Example.com');
+  oneboxRef.database.settings.set('serverIP', '203.0.113.10');
+  oneboxRef.database.settings.set('httpPort', '8080');
+
+  const requests: Array<{ method: string; requestData: Record<string, unknown> }> = [];
+  const manager = new ExternalGatewayManager(oneboxRef as any);
+  (manager as any).fireDcRouterRequest = async (
+    method: string,
+    requestData: Record<string, unknown>,
+  ) => {
+    if (method === 'getGatewayClientContext') {
+      return {
+        context: { role: 'gatewayClient', gatewayClient: { type: 'onebox', id: 'onebox-token' } },
+      };
+    }
+    requests.push({ method, requestData });
+    if (method === 'exportCertificate') {
+      return { success: false };
+    }
+    return { success: true, action: 'created', routeId: 'admin-route' };
+  };
+
+  await manager.syncAdminUiRoute();
+
+  const syncRequest = requests.find((request) => request.method === 'syncGatewayClientRoute')!;
+  const route = syncRequest.requestData.route as any;
+  const ownership = syncRequest.requestData.ownership as any;
+
+  assertEquals(ownership, {
+    gatewayClientType: 'onebox',
+    gatewayClientId: 'onebox-token',
+    appId: 'onebox-admin-ui',
+    hostname: 'onebox.example.com',
+  });
+  assertEquals(route.match, { ports: [443], domains: ['onebox.example.com'] });
+  assertEquals(route.action.targets, [{ host: '203.0.113.10', port: 8080 }]);
+  assertEquals(syncRequest.requestData.enabled, true);
+});
+
 Deno.test('ExternalGatewayManager uses managed dcrouter local target in managed mode', async () => {
  const oneboxRef = makeOneboxRef();
  (oneboxRef as any).managedDcRouter = {
@@ -322,6 +363,206 @@ Deno.test('ExternalGatewayManager removes stale gateway routes during reconcilia
  assertEquals((deletes[0].ownership as any).hostname, 'stale.example.com');
 });

+Deno.test('ExternalGatewayManager preserves configured Admin UI route during reconciliation', async () => {
+  const oneboxRef = makeOneboxRef();
+  oneboxRef.database.settings.set('adminUiDomain', 'onebox.example.com');
+  oneboxRef.database.settings.set('serverIP', '203.0.113.10');
+  oneboxRef.database.services.push({
+    id: 1,
+    name: 'active',
+    image: 'nginx:latest',
+    envVars: {},
+    port: 3000,
+    domain: 'active.example.com',
+    status: 'running',
+    createdAt: 1,
+    updatedAt: 1,
+  });
+
+  const deletes: Record<string, unknown>[] = [];
+  const manager = new ExternalGatewayManager(oneboxRef as any);
+  (manager as any).fireDcRouterRequest = async (method: string, requestData: Record<string, unknown>) => {
+    if (method === 'getGatewayClientContext') {
+      return { context: { role: 'gatewayClient', gatewayClient: { type: 'onebox', id: 'onebox-token' } } };
+    }
+    if (method === 'syncGatewayClientRoute') {
+      if (requestData.delete) {
+        deletes.push(requestData);
+        return { success: true, action: 'deleted' };
+      }
+      return { success: true, action: 'updated' };
+    }
+    if (method === 'exportCertificate') {
+      return { success: false };
+    }
+    if (method === 'getGatewayClientDnsRecords') {
+      return {
+        records: [
+          {
+            id: 'admin-record',
+            domainId: 'domain-1',
+            name: 'onebox',
+            type: 'A',
+            value: '203.0.113.10',
+            ttl: 300,
+            source: 'route',
+            status: 'active',
+            gatewayClientType: 'onebox',
+            gatewayClientId: 'onebox-token',
+            appId: 'onebox-admin-ui',
+            hostname: 'onebox.example.com',
+            routeId: 'admin-route',
+          },
+          {
+            id: 'stale-record',
+            domainId: 'domain-1',
+            name: 'stale',
+            type: 'A',
+            value: '203.0.113.10',
+            ttl: 300,
+            source: 'route',
+            status: 'active',
+            gatewayClientType: 'onebox',
+            gatewayClientId: 'onebox-token',
+            appId: 'stale',
+            hostname: 'stale.example.com',
+            routeId: 'stale-route',
+          },
+        ],
+      };
+    }
+    throw new Error(`Unexpected method: ${method}`);
+  };
+
+  await manager.syncServiceRoutes();
+
+  assertEquals(deletes.length, 1);
+  assertEquals((deletes[0].ownership as any).hostname, 'stale.example.com');
+});
+
+Deno.test('ExternalGatewayManager preserves legacy Admin UI route when setting is absent', async () => {
+  const oneboxRef = makeOneboxRef();
+  oneboxRef.database.settings.set('serverIP', '203.0.113.10');
+
+  const deletes: Record<string, unknown>[] = [];
+  const manager = new ExternalGatewayManager(oneboxRef as any);
+  (manager as any).fireDcRouterRequest = async (
+    method: string,
+    requestData: Record<string, unknown>,
+  ) => {
+    if (method === 'getGatewayClientContext') {
+      return {
+        context: { role: 'gatewayClient', gatewayClient: { type: 'onebox', id: 'onebox-token' } },
+      };
+    }
+    if (method === 'syncGatewayClientRoute') {
+      if (requestData.delete) {
+        deletes.push(requestData);
+        return { success: true, action: 'deleted' };
+      }
+      return { success: true, action: 'updated' };
+    }
+    if (method === 'getGatewayClientDnsRecords') {
+      return {
+        records: [
+          {
+            id: 'legacy-admin-record',
+            domainId: 'domain-1',
+            name: 'onebox',
+            type: 'A',
+            value: '203.0.113.10',
+            ttl: 300,
+            source: 'route',
+            status: 'active',
+            gatewayClientType: 'onebox',
+            gatewayClientId: 'onebox-token',
+            appId: 'onebox',
+            hostname: 'onebox.example.com',
+            routeId: 'legacy-admin-route',
+          },
+          {
+            id: 'stale-record',
+            domainId: 'domain-1',
+            name: 'stale',
+            type: 'A',
+            value: '203.0.113.10',
+            ttl: 300,
+            source: 'route',
+            status: 'active',
+            gatewayClientType: 'onebox',
+            gatewayClientId: 'onebox-token',
+            appId: 'stale',
+            hostname: 'stale.example.com',
+            routeId: 'stale-route',
+          },
+        ],
+      };
+    }
+    throw new Error(`Unexpected method: ${method}`);
+  };
+
+  await manager.syncServiceRoutes();
+
+  assertEquals(deletes.length, 1);
+  assertEquals((deletes[0].ownership as any).hostname, 'stale.example.com');
+});
+
+Deno.test('ExternalGatewayManager deletes old Admin UI route after domain change', async () => {
+  const oneboxRef = makeOneboxRef();
+  oneboxRef.database.settings.set('adminUiDomain', 'new.example.com');
+  oneboxRef.database.settings.set('serverIP', '203.0.113.10');
+
+  const deletes: Record<string, unknown>[] = [];
+  const manager = new ExternalGatewayManager(oneboxRef as any);
+  (manager as any).fireDcRouterRequest = async (
+    method: string,
+    requestData: Record<string, unknown>,
+  ) => {
+    if (method === 'getGatewayClientContext') {
+      return {
+        context: { role: 'gatewayClient', gatewayClient: { type: 'onebox', id: 'onebox-token' } },
+      };
+    }
+    if (method === 'syncGatewayClientRoute') {
+      if (requestData.delete) {
+        deletes.push(requestData);
+        return { success: true, action: 'deleted' };
+      }
+      return { success: true, action: 'updated' };
+    }
+    if (method === 'exportCertificate') {
+      return { success: false };
+    }
+    if (method === 'getGatewayClientDnsRecords') {
+      return {
+        records: [
+          {
+            id: 'old-admin-record',
+            domainId: 'domain-1',
+            name: 'onebox',
+            type: 'A',
+            value: '203.0.113.10',
+            ttl: 300,
+            source: 'route',
+            status: 'active',
+            gatewayClientType: 'onebox',
+            gatewayClientId: 'onebox-token',
+            appId: 'onebox-admin-ui',
+            hostname: 'old.example.com',
+            routeId: 'old-admin-route',
+          },
+        ],
+      };
+    }
+    throw new Error(`Unexpected method: ${method}`);
+  };
+
+  await manager.syncServiceRoutes();
+
+  assertEquals(deletes.length, 1);
+  assertEquals((deletes[0].ownership as any).hostname, 'old.example.com');
+});
+
 Deno.test('ExternalGatewayManager imports exported dcrouter certificates into Onebox', async () => {
  const oneboxRef = makeOneboxRef();
  const manager = new ExternalGatewayManager(oneboxRef as any);
@@ -0,0 +1,50 @@
+import { assertEquals } from '@std/assert';
+
+import { OneboxReverseProxy } from '../ts/classes/reverseproxy.ts';
+import type { IService } from '../ts/types.ts';
+
+class FakeDatabase {
+  public settings = new Map<string, string>();
+  public services: IService[] = [];
+
+  getSetting(key: string): string | null {
+    return this.settings.get(key) ?? null;
+  }
+
+  getAllServices(): IService[] {
+    return this.services;
+  }
+
+  getServiceByID(id: number): IService | null {
+    return this.services.find((service) => service.id === id) ?? null;
+  }
+
+  getAllSSLCertificates(): [] {
+    return [];
+  }
+}
+
+Deno.test('OneboxReverseProxy loads Admin UI domain as local SmartProxy route', async () => {
+  const database = new FakeDatabase();
+  database.settings.set('adminUiDomain', 'onebox.example.com');
+  database.settings.set('serverIP', '203.0.113.10');
+
+  const reverseProxy = new OneboxReverseProxy({ database } as any);
+  const routes: Array<{ domain: string; upstream: string }> = [];
+  (reverseProxy as any).smartProxy = {
+    clear: () => routes.splice(0, routes.length),
+    addRoute: async (domain: string, upstream: string) => {
+      routes.push({ domain, upstream });
+    },
+    getCertificates: () => [],
+  };
+
+  await reverseProxy.reloadRoutes();
+
+  assertEquals(routes, [
+    {
+      domain: 'onebox.example.com',
+      upstream: '203.0.113.10:3000',
+    },
+  ]);
+});
@@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@serve.zone/onebox',
-  version: '1.29.0',
+  version: '2.0.0',
  description: 'Self-hosted container platform with automatic SSL and DNS - a mini Heroku for single servers'
 }
@@ -1,109 +0,0 @@
-/**
- * App Store type definitions
- */
-
-export interface ICatalog {
-  schemaVersion: number;
-  updatedAt: string;
-  apps: ICatalogApp[];
-}
-
-export interface ICatalogApp {
-  id: string;
-  name: string;
-  description: string;
-  category: string;
-  iconName?: string;
-  iconUrl?: string;
-  latestVersion: string;
-  tags?: string[];
-}
-
-export interface IAppCatalogVolume {
-  name?: string;
-  source?: string;
-  mountPath: string;
-  driver?: string;
-  readOnly?: boolean;
-  backup?: boolean;
-  options?: Record<string, string>;
-}
-
-export type TAppCatalogVolumeSpec = string | IAppCatalogVolume;
-
-export interface IAppCatalogPublishedPort {
-  targetPort: number;
-  targetPortEnd?: number;
-  publishedPort?: number;
-  publishedPortEnd?: number;
-  protocol?: 'tcp' | 'udp';
-  hostIp?: string;
-}
-
-export interface IAppMeta {
-  id: string;
-  name: string;
-  description: string;
-  category: string;
-  iconName?: string;
-  latestVersion: string;
-  versions: string[];
-  maintainer?: string;
-  links?: Record<string, string>;
-}
-
-export interface IAppVersionConfig {
-  image: string;
-  port: number;
-  envVars?: Array<{ key: string; value: string; description: string; required?: boolean }>;
-  volumes?: TAppCatalogVolumeSpec[];
-  publishedPorts?: IAppCatalogPublishedPort[];
-  platformRequirements?: {
-    mongodb?: boolean;
-    s3?: boolean;
-    clickhouse?: boolean;
-    redis?: boolean;
-    mariadb?: boolean;
-  };
-  minOneboxVersion?: string;
-}
-
-export interface IAppInstallOptions {
-  appId: string;
-  version?: string;
-  serviceName: string;
-  domain?: string;
-  port?: number;
-  publishedPorts?: IAppCatalogPublishedPort[];
-  envVars?: Record<string, string>;
-  autoDNS?: boolean;
-}
-
-export interface IMigrationContext {
-  service: {
-    name: string;
-    image: string;
-    envVars: Record<string, string>;
-    port: number;
-  };
-  fromVersion: string;
-  toVersion: string;
-}
-
-export interface IMigrationResult {
-  success: boolean;
-  envVars?: Record<string, string>;
-  image?: string;
-  port?: number;
-  volumes?: IAppCatalogVolume[];
-  publishedPorts?: IAppCatalogPublishedPort[];
-  warnings: string[];
-}
-
-export interface IUpgradeableService {
-  serviceName: string;
-  appTemplateId: string;
-  currentVersion: string;
-  latestVersion: string;
-  hasMigration: boolean;
-}
@@ -1,117 +1,144 @@
 /**
 * App Store Manager
- * Fetches, caches, and serves app templates from the remote appstore-apptemplates repo.
- * The remote repo is the single source of truth — no fallback catalog.
+ * Fetches, caches, and serves app templates from the remote App Store repo.
 */

-import type {
-  ICatalog,
-  ICatalogApp,
-  IAppMeta,
-  IAppCatalogVolume,
-  IAppInstallOptions,
-  IAppVersionConfig,
-  IMigrationContext,
-  IMigrationResult,
-  IUpgradeableService,
-} from './appstore-types.ts';
+import * as plugins from '../plugins.ts';
 import { logger } from '../logging.ts';
 import { getErrorMessage } from '../utils/error.ts';
 import type { Onebox } from './onebox.ts';
-import type { IService, IServiceVolume } from '../types.ts';
+import type { IService, IServicePublishedPort, IServiceVolume } from '../types.ts';
 import { projectInfo } from '../info.ts';

-export class AppStoreManager {
-  private oneboxRef: Onebox;
-  private catalogCache: ICatalog | null = null;
-  private lastFetchTime = 0;
-  private readonly repoBaseUrl = 'https://code.foss.global/serve.zone/appstore-apptemplates/raw/branch/main';
-  private readonly cacheTtlMs = 5 * 60 * 1000; // 5 minutes
+type IAppStoreIndex = plugins.servezoneInterfaces.appstore.IAppStoreIndex;
+type IAppStoreApp = plugins.servezoneInterfaces.appstore.IAppStoreApp;
+type IAppStoreAppMeta = plugins.servezoneInterfaces.appstore.IAppStoreAppMeta;
+type IAppStoreVersionConfig = plugins.servezoneInterfaces.appstore.IAppStoreVersionConfig;
+type IAppStoreInstallOptions = plugins.servezoneInterfaces.appstore.IAppStoreInstallRequest & {
+  autoDNS?: boolean;
+};
+type IUpgradeableAppStoreService = plugins.servezoneInterfaces.appstore.IUpgradeableAppStoreService;

-  constructor(oneboxRef: Onebox) {
-    this.oneboxRef = oneboxRef;
+export interface IAppStoreManagerOptions {
+  baseUrl?: string;
+  fetch?: typeof fetch;
+  resolveDockerDigests?: boolean;
+}
+
+export interface IMigrationContext {
+  service: {
+    name: string;
+    image: string;
+    envVars: Record<string, string>;
+    port: number;
+  };
+  fromVersion: string;
+  toVersion: string;
+}
+
+export interface IMigrationResult {
+  success: boolean;
+  envVars?: Record<string, string>;
+  image?: string;
+  imageDigest?: string;
+  port?: number;
+  volumes?: IServiceVolume[];
+  publishedPorts?: IServicePublishedPort[];
+  warnings: string[];
+}
+
+export class AppStoreManager {
+  private appStoreCache: IAppStoreIndex | null = null;
+  private appStoreResolver: plugins.servezoneAppstore.AppStoreResolver;
+  private lastFetchTime = 0;
+  private readonly appStoreBaseUrl: string;
+  private readonly fetchRef: typeof fetch;
+  private readonly resolveDockerDigests: boolean;
+  private readonly cacheTtlMs = 5 * 60 * 1000;
+
+  constructor(
+    private oneboxRef: Onebox,
+    optionsArg: IAppStoreManagerOptions = {},
+  ) {
+    this.appStoreBaseUrl = optionsArg.baseUrl || 'https://code.foss.global/serve.zone/appstore/raw/branch/main';
+    this.fetchRef = optionsArg.fetch || fetch;
+    this.resolveDockerDigests = optionsArg.resolveDockerDigests ?? true;
+    this.appStoreResolver = this.createAppStoreResolver();
  }

-  async init(): Promise<void> {
+  public async init(): Promise<void> {
    try {
-      await this.getCatalog();
-      logger.info(`App Store initialized with ${this.catalogCache?.apps.length || 0} templates`);
+      await this.getAppStore();
+      logger.info(`App Store initialized with ${this.appStoreCache?.apps.length || 0} templates`);
    } catch (error) {
      logger.warn(`App Store initialization failed: ${getErrorMessage(error)}`);
      logger.warn('App Store will retry on next request');
    }
  }

-  /**
-   * Get the catalog (cached, refreshes after TTL)
-   */
-  async getCatalog(): Promise<ICatalog> {
+  public async getAppStore(): Promise<IAppStoreIndex> {
    const now = Date.now();
-    if (this.catalogCache && (now - this.lastFetchTime) < this.cacheTtlMs) {
-      return this.catalogCache;
+    if (this.appStoreCache && (now - this.lastFetchTime) < this.cacheTtlMs) {
+      return this.appStoreCache;
    }

    try {
-      const catalog = await this.fetchJson('catalog.json') as ICatalog;
-      if (catalog && catalog.apps && Array.isArray(catalog.apps)) {
-        this.catalogCache = catalog;
-        this.lastFetchTime = now;
-        return catalog;
-      }
-      throw new Error('Invalid catalog format');
+      const resolver = this.createAppStoreResolver();
+      const appStore = await resolver.getAppStoreIndex();
+      this.appStoreResolver = resolver;
+      this.appStoreCache = appStore;
+      this.lastFetchTime = now;
+      return appStore;
    } catch (error) {
-      logger.warn(`Failed to fetch remote catalog: ${getErrorMessage(error)}`);
-      // Return cached if available, otherwise return empty catalog
-      if (this.catalogCache) {
-        return this.catalogCache;
+      logger.warn(`Failed to fetch remote App Store: ${getErrorMessage(error)}`);
+      if (this.appStoreCache) {
+        return this.appStoreCache;
      }
      return { schemaVersion: 1, updatedAt: '', apps: [] };
    }
  }

-  /**
-   * Get the catalog apps list (convenience method for the API)
-   */
-  async getApps(): Promise<ICatalogApp[]> {
-    const catalog = await this.getCatalog();
-    return catalog.apps;
+  public async getApps(): Promise<IAppStoreApp[]> {
+    return (await this.getAppStore()).apps;
  }

-  /**
-   * Fetch app metadata (versions list, etc.)
-   */
-  async getAppMeta(appId: string): Promise<IAppMeta> {
+  public async getAppMeta(appIdArg: string): Promise<IAppStoreAppMeta> {
    try {
-      return await this.fetchJson(`apps/${appId}/app.json`) as IAppMeta;
+      await this.getAppStore();
+      return await this.appStoreResolver.getAppMeta(appIdArg);
    } catch (error) {
-      throw new Error(`Failed to fetch metadata for app '${appId}': ${getErrorMessage(error)}`);
+      throw new Error(`Failed to fetch metadata for app '${appIdArg}': ${getErrorMessage(error)}`);
    }
  }

-  /**
-   * Fetch full config for an app version
-   */
-  async getAppVersionConfig(appId: string, version: string): Promise<IAppVersionConfig> {
+  public async getAppVersionConfig(
+    appIdArg: string,
+    versionArg?: string,
+  ): Promise<IAppStoreVersionConfig> {
    try {
-      const config = await this.fetchJson(`apps/${appId}/versions/${version}/config.json`) as IAppVersionConfig;
-      this.validateAppVersionConfig(config, `${appId}@${version}`);
-      return config;
+      const version = versionArg || (await this.getAppMeta(appIdArg)).latestVersion;
+      await this.getAppStore();
+      return await this.appStoreResolver.getAppVersionConfig(appIdArg, version);
    } catch (error) {
-      throw new Error(`Failed to fetch config for ${appId}@${version}: ${getErrorMessage(error)}`);
+      throw new Error(`Failed to fetch config for ${appIdArg}@${versionArg || 'latest'}: ${getErrorMessage(error)}`);
    }
  }

-  async installApp(optionsArg: IAppInstallOptions): Promise<IService> {
+  public async installApp(optionsArg: IAppStoreInstallOptions): Promise<IService> {
    this.validateInstallOptions(optionsArg);
    const appMeta = await this.getAppMeta(optionsArg.appId);
    const version = optionsArg.version || appMeta.latestVersion;
    const config = await this.getAppVersionConfig(optionsArg.appId, version);
+    const appStoreVersion = config.appStoreVersion || version;
    this.assertRuntimeCompatibility(config);
    const servicePort = optionsArg.port || config.port;
    this.assertValidPort(servicePort, 'install service port');
    const volumes = this.normalizeVolumes(config.volumes);
    const publishedPorts = optionsArg.publishedPorts || config.publishedPorts || [];
-    this.validatePublishedPorts(publishedPorts, `${optionsArg.appId}@${version}`);
+    this.validateAppVersionConfig(
+      { ...config, port: servicePort, publishedPorts },
+      `${optionsArg.appId}@${version} install`,
+    );

    const envVars = this.getAppStoreEnvVars(config, optionsArg.envVars || {});
    if (this.requiresTemplateValue(envVars, 'SERVICE_DOMAIN') && !optionsArg.domain) {
@@ -133,105 +160,95 @@ export class AppStoreManager {
      enableRedis: Boolean(config.platformRequirements?.redis),
      enableMariaDB: Boolean(config.platformRequirements?.mariadb),
      appTemplateId: optionsArg.appId,
-      appTemplateVersion: version,
+      appTemplateVersion: appStoreVersion,
+      imageDigest: config.resolvedImageDigest,
    });
  }

-  /**
-   * Compare deployed services against catalog to find those with available upgrades
-   */
-  async getUpgradeableServices(): Promise<IUpgradeableService[]> {
-    const catalog = await this.getCatalog();
+  public async getUpgradeableAppStoreServices(): Promise<IUpgradeableAppStoreService[]> {
+    const appStore = await this.getAppStore();
    const services = this.oneboxRef.database.getAllServices();
-    const upgradeable: IUpgradeableService[] = [];
+    const upgradeable: IUpgradeableAppStoreService[] = [];

    for (const service of services) {
      if (!service.appTemplateId || !service.appTemplateVersion) continue;

-      const catalogApp = catalog.apps.find(a => a.id === service.appTemplateId);
-      if (!catalogApp) continue;
+      const appStoreApp = appStore.apps.find((appArg: IAppStoreApp) => appArg.id === service.appTemplateId);
+      if (!appStoreApp || appStoreApp.latestVersion === service.appTemplateVersion) continue;

-      if (catalogApp.latestVersion !== service.appTemplateVersion) {
-        // Check if a migration script exists
-        const hasMigration = await this.hasMigrationScript(
+      upgradeable.push({
+        serviceName: service.name,
+        appTemplateId: service.appTemplateId,
+        currentVersion: service.appTemplateVersion,
+        latestVersion: appStoreApp.latestVersion,
+        hasMigration: await this.hasMigrationScript(
          service.appTemplateId,
          service.appTemplateVersion,
-          catalogApp.latestVersion,
-        );
-
-        upgradeable.push({
-          serviceName: service.name,
-          appTemplateId: service.appTemplateId,
-          currentVersion: service.appTemplateVersion,
-          latestVersion: catalogApp.latestVersion,
-          hasMigration,
-        });
-      }
+          appStoreApp.latestVersion,
+        ),
+      });
    }

    return upgradeable;
  }

-  /**
-   * Check if a migration script exists for a specific version transition
-   */
-  async hasMigrationScript(appId: string, fromVersion: string, toVersion: string): Promise<boolean> {
+  public async hasMigrationScript(
+    appIdArg: string,
+    fromVersionArg: string,
+    toVersionArg: string,
+  ): Promise<boolean> {
    try {
-      const scriptPath = `apps/${appId}/versions/${toVersion}/migrate-from-${fromVersion}.ts`;
-      await this.fetchText(scriptPath);
+      await this.fetchText(`apps/${appIdArg}/versions/${toVersionArg}/migrate-from-${fromVersionArg}.ts`);
      return true;
    } catch {
      return false;
    }
  }

-  /**
-   * Execute a migration in a sandboxed Deno child process
-   */
-  async executeMigration(service: IService, fromVersion: string, toVersion: string): Promise<IMigrationResult> {
-    const appId = service.appTemplateId;
+  public async executeMigration(
+    serviceArg: IService,
+    fromVersionArg: string,
+    toVersionArg: string,
+  ): Promise<IMigrationResult> {
+    const appId = serviceArg.appTemplateId;
    if (!appId) {
      throw new Error('Service has no appTemplateId');
    }

-    // Fetch the migration script
-    const scriptPath = `apps/${appId}/versions/${toVersion}/migrate-from-${fromVersion}.ts`;
+    const scriptPath = `apps/${appId}/versions/${toVersionArg}/migrate-from-${fromVersionArg}.ts`;
    let scriptContent: string;
    try {
      scriptContent = await this.fetchText(scriptPath);
    } catch {
-      // No migration script — do a simple config-based upgrade
-      logger.info(`No migration script for ${appId} ${fromVersion} -> ${toVersion}, using config-only upgrade`);
-      const config = await this.getAppVersionConfig(appId, toVersion);
+      logger.info(`No migration script for ${appId} ${fromVersionArg} -> ${toVersionArg}, using config-only upgrade`);
+      const config = await this.getAppVersionConfig(appId, toVersionArg);
      return {
        success: true,
        image: config.image,
+        imageDigest: config.resolvedImageDigest,
        port: config.port,
        volumes: this.normalizeVolumes(config.volumes),
        publishedPorts: config.publishedPorts,
-        envVars: undefined, // Keep existing env vars
+        envVars: undefined,
        warnings: [],
      };
    }

-    // Write to temp file
    const tempFile = `/tmp/onebox-migration-${crypto.randomUUID()}.ts`;
    await Deno.writeTextFile(tempFile, scriptContent);

    try {
-      // Prepare context
      const context: IMigrationContext = {
        service: {
-          name: service.name,
-          image: service.image,
-          envVars: service.envVars,
-          port: service.port,
+          name: serviceArg.name,
+          image: serviceArg.image,
+          envVars: serviceArg.envVars,
+          port: serviceArg.port,
        },
-        fromVersion,
-        toVersion,
+        fromVersion: fromVersionArg,
+        toVersion: toVersionArg,
      };

-      // Execute in sandboxed Deno child process
      const cmd = new Deno.Command('deno', {
        args: ['run', '--allow-env', '--allow-net=none', '--allow-read=none', '--allow-write=none', tempFile],
        stdin: 'piped',
@@ -240,27 +257,22 @@ export class AppStoreManager {
      });

      const child = cmd.spawn();
-
-      // Write context to stdin
      const writer = child.stdin.getWriter();
      await writer.write(new TextEncoder().encode(JSON.stringify(context)));
      await writer.close();

-      // Read result
      const output = await child.output();
-      const exitCode = output.code;
      const stdout = new TextDecoder().decode(output.stdout);
      const stderr = new TextDecoder().decode(output.stderr);

-      if (exitCode !== 0) {
-        logger.error(`Migration script failed (exit ${exitCode}): ${stderr.substring(0, 500)}`);
+      if (output.code !== 0) {
+        logger.error(`Migration script failed (exit ${output.code}): ${stderr.substring(0, 500)}`);
        return {
          success: false,
          warnings: [`Migration script failed: ${stderr.substring(0, 200)}`],
        };
      }

-      // Parse result from stdout
      try {
        const result = JSON.parse(stdout) as IMigrationResult;
        result.success = true;
@@ -273,58 +285,49 @@ export class AppStoreManager {
        };
      }
    } finally {
-      // Cleanup temp file
      try {
        await Deno.remove(tempFile);
      } catch {
-        // Ignore cleanup errors
+        // Ignore cleanup errors.
      }
    }
  }

-  /**
-   * Apply an upgrade: update image, env vars, recreate container
-   */
-  async applyUpgrade(
-    serviceName: string,
-    migrationResult: IMigrationResult,
-    newVersion: string,
+  public async applyUpgrade(
+    serviceNameArg: string,
+    migrationResultArg: IMigrationResult,
+    newVersionArg: string,
  ): Promise<IService> {
-    const service = this.oneboxRef.database.getServiceByName(serviceName);
+    const service = this.oneboxRef.database.getServiceByName(serviceNameArg);
    if (!service) {
-      throw new Error(`Service not found: ${serviceName}`);
+      throw new Error(`Service not found: ${serviceNameArg}`);
    }

-    // Stop the existing container
    if (service.containerID && service.status === 'running') {
-      await this.oneboxRef.services.stopService(serviceName);
+      await this.oneboxRef.services.stopService(serviceNameArg);
    }

-    // Update service record
    const updates: Partial<IService> = {
-      appTemplateVersion: newVersion,
+      appTemplateVersion: newVersionArg,
    };

-    if (migrationResult.image) {
-      updates.image = migrationResult.image;
+    if (migrationResultArg.image) {
+      updates.image = migrationResultArg.image;
    }
-
-    if (migrationResult.port) {
-      updates.port = migrationResult.port;
+    if (migrationResultArg.imageDigest !== undefined) {
+      updates.imageDigest = migrationResultArg.imageDigest;
    }
-
-    if (migrationResult.volumes) {
-      updates.volumes = migrationResult.volumes;
+    if (migrationResultArg.port) {
+      updates.port = migrationResultArg.port;
    }
-
-    if (migrationResult.publishedPorts) {
-      updates.publishedPorts = migrationResult.publishedPorts;
+    if (migrationResultArg.volumes) {
+      updates.volumes = migrationResultArg.volumes;
    }
-
-    if (migrationResult.envVars) {
-      // Merge: migration result provides base, user overrides preserved
-      const mergedEnvVars = { ...migrationResult.envVars };
-      // Keep any user-set env vars that aren't in the migration result
+    if (migrationResultArg.publishedPorts) {
+      updates.publishedPorts = migrationResultArg.publishedPorts;
+    }
+    if (migrationResultArg.envVars) {
+      const mergedEnvVars = { ...migrationResultArg.envVars };
      for (const [key, value] of Object.entries(service.envVars)) {
        if (!(key in mergedEnvVars)) {
          mergedEnvVars[key] = value;
@@ -335,98 +338,55 @@ export class AppStoreManager {

    this.oneboxRef.database.updateService(service.id!, updates);

-    // Pull new image if changed
-    const newImage = migrationResult.image || service.image;
-    if (migrationResult.image && migrationResult.image !== service.image) {
+    const newImage = migrationResultArg.image || service.image;
+    if (migrationResultArg.image && migrationResultArg.image !== service.image) {
      await this.oneboxRef.docker.pullImage(newImage);
    }

-    // Recreate and start container
-    const updatedService = this.oneboxRef.database.getServiceByName(serviceName)!;
-
-    // Remove old container
+    const updatedService = this.oneboxRef.database.getServiceByName(serviceNameArg)!;
    if (service.containerID) {
      try {
        await this.oneboxRef.docker.removeContainer(service.containerID, true);
      } catch {
-        // Container might already be gone
+        // Container might already be gone.
      }
    }

-    // Create new container
    const containerID = await this.oneboxRef.docker.createContainer(updatedService);
    this.oneboxRef.database.updateService(service.id!, { containerID, status: 'starting' });
-
-    // Start container
    await this.oneboxRef.docker.startContainer(containerID);
    this.oneboxRef.database.updateService(service.id!, { status: 'running' });

-    logger.success(`Service '${serviceName}' upgraded to template version ${newVersion}`);
-    return this.oneboxRef.database.getServiceByName(serviceName)!;
+    logger.success(`Service '${serviceNameArg}' upgraded to App Store version ${newVersionArg}`);
+    return this.oneboxRef.database.getServiceByName(serviceNameArg)!;
  }

-  /**
-   * Fetch JSON from the remote repo
-   */
-  private async fetchJson(path: string): Promise<unknown> {
-    const url = `${this.repoBaseUrl}/${path}`;
-    const response = await fetch(url);
-    if (!response.ok) {
-      throw new Error(`HTTP ${response.status} for ${url}`);
-    }
-    return response.json();
+  public normalizeVolumes(volumesArg: IAppStoreVersionConfig['volumes'] = []): IServiceVolume[] {
+    return this.appStoreResolver.normalizeVolumes(volumesArg) as IServiceVolume[];
  }

-  /**
-   * Fetch text from the remote repo
-   */
-  private async fetchText(path: string): Promise<string> {
-    const url = `${this.repoBaseUrl}/${path}`;
-    const response = await fetch(url);
+  public validateAppVersionConfig(configArg: IAppStoreVersionConfig, labelArg = 'app config'): void {
+    this.appStoreResolver.validateAppStoreVersionConfig(configArg, labelArg);
+  }
+
+  private createAppStoreResolver(): plugins.servezoneAppstore.AppStoreResolver {
+    return new plugins.servezoneAppstore.AppStoreResolver({
+      baseUrl: this.appStoreBaseUrl,
+      fetch: this.fetchRef,
+      resolveDockerDigests: this.resolveDockerDigests,
+    });
+  }
+
+  private async fetchText(pathArg: string): Promise<string> {
+    const url = `${this.appStoreBaseUrl}/${pathArg}`;
+    const response = await this.fetchRef(url);
    if (!response.ok) {
      throw new Error(`HTTP ${response.status} for ${url}`);
    }
    return response.text();
  }

-  public normalizeVolumes(volumesArg: IAppVersionConfig['volumes'] = []): IServiceVolume[] {
-    return volumesArg.map((volumeArg, indexArg): IAppCatalogVolume => {
-      if (typeof volumeArg === 'string') {
-        return { mountPath: volumeArg };
-      }
-      return volumeArg;
-    }).map((volumeArg, indexArg) => {
-      this.validateVolume(volumeArg, `volume ${indexArg + 1}`);
-      return volumeArg;
-    });
-  }
-
-  public validateAppVersionConfig(configArg: IAppVersionConfig, labelArg = 'app config'): void {
-    if (!configArg || typeof configArg !== 'object') {
-      throw new Error(`Invalid ${labelArg}: config must be an object`);
-    }
-    if (!configArg.image || typeof configArg.image !== 'string') {
-      throw new Error(`Invalid ${labelArg}: image is required`);
-    }
-    if (configArg.image.endsWith(':latest')) {
-      logger.warn(`App template ${labelArg} uses a mutable ':latest' image tag`);
-    }
-    this.assertValidPort(configArg.port, `${labelArg} port`);
-
-    for (const envVar of configArg.envVars || []) {
-      if (!envVar.key || !/^[A-Z_][A-Z0-9_]*$/.test(envVar.key)) {
-        throw new Error(`Invalid ${labelArg}: env var key '${envVar.key}' is not valid`);
-      }
-      if (envVar.value !== undefined && typeof envVar.value !== 'string') {
-        throw new Error(`Invalid ${labelArg}: env var '${envVar.key}' value must be a string`);
-      }
-    }
-
-    this.normalizeVolumes(configArg.volumes);
-    this.validatePublishedPorts(configArg.publishedPorts || [], labelArg);
-  }
-
-  private validateInstallOptions(optionsArg: IAppInstallOptions): void {
+  private validateInstallOptions(optionsArg: IAppStoreInstallOptions): void {
    if (!optionsArg.appId || !/^[a-z0-9][a-z0-9-]*$/.test(optionsArg.appId)) {
      throw new Error(`Invalid app id: ${optionsArg.appId}`);
    }
@@ -436,66 +396,6 @@ export class AppStoreManager {
    if (optionsArg.port !== undefined) {
      this.assertValidPort(optionsArg.port, 'install service port');
    }
-    if (optionsArg.publishedPorts) {
-      this.validatePublishedPorts(optionsArg.publishedPorts, `install options for ${optionsArg.appId}`);
-    }
-  }
-
-  private validateVolume(volumeArg: IAppCatalogVolume, labelArg: string): void {
-    if (!volumeArg.mountPath || !volumeArg.mountPath.startsWith('/')) {
-      throw new Error(`Invalid ${labelArg}: mountPath must be an absolute path`);
-    }
-    if (volumeArg.mountPath.includes(':')) {
-      throw new Error(`Invalid ${labelArg}: mountPath must not contain ':'`);
-    }
-    if ((volumeArg.source || volumeArg.name)?.includes(':')) {
-      throw new Error(`Invalid ${labelArg}: source/name must not contain ':'`);
-    }
-  }
-
-  private validatePublishedPorts(
-    publishedPortsArg: IAppVersionConfig['publishedPorts'] = [],
-    labelArg: string,
-  ): void {
-    const seenPublishedPorts = new Set<string>();
-    for (const portArg of publishedPortsArg) {
-      const protocol = portArg.protocol || 'tcp';
-      const targetStart = portArg.targetPort;
-      const targetEnd = portArg.targetPortEnd || targetStart;
-      const publishedStart = portArg.publishedPort || targetStart;
-      const publishedEnd = portArg.publishedPortEnd || (publishedStart + (targetEnd - targetStart));
-      const hostIp = portArg.hostIp || '0.0.0.0';
-
-      if (!['tcp', 'udp'].includes(protocol)) {
-        throw new Error(`Invalid ${labelArg}: published port protocol '${protocol}' is not supported`);
-      }
-      this.assertValidPort(targetStart, `${labelArg} targetPort`);
-      this.assertValidPort(targetEnd, `${labelArg} targetPortEnd`);
-      this.assertValidPort(publishedStart, `${labelArg} publishedPort`);
-      this.assertValidPort(publishedEnd, `${labelArg} publishedPortEnd`);
-      if (targetEnd < targetStart || publishedEnd < publishedStart) {
-        throw new Error(`Invalid ${labelArg}: published port ranges must be ascending`);
-      }
-      if ((targetEnd - targetStart) !== (publishedEnd - publishedStart)) {
-        throw new Error(`Invalid ${labelArg}: target and published port ranges must have the same size`);
-      }
-      if ((targetEnd - targetStart) > 1000) {
-        throw new Error(`Invalid ${labelArg}: published port ranges may not exceed 1001 ports`);
-      }
-
-      for (let offset = 0; offset <= targetEnd - targetStart; offset++) {
-        const publishedPort = publishedStart + offset;
-        const publishedKey = `${hostIp}/${protocol}/${publishedPort}`;
-        const wildcardKey = `0.0.0.0/${protocol}/${publishedPort}`;
-        const conflictsWithWildcard = hostIp === '0.0.0.0'
-          ? Array.from(seenPublishedPorts).some((keyArg) => keyArg.endsWith(`/${protocol}/${publishedPort}`))
-          : seenPublishedPorts.has(wildcardKey);
-        if (seenPublishedPorts.has(publishedKey) || conflictsWithWildcard) {
-          throw new Error(`Invalid ${labelArg}: duplicate published port ${hostIp}:${publishedPort}/${protocol}`);
-        }
-        seenPublishedPorts.add(publishedKey);
-      }
-    }
  }

  private assertValidPort(portArg: number, labelArg: string): void {
@@ -505,7 +405,7 @@ export class AppStoreManager {
  }

  private getAppStoreEnvVars(
-    configArg: IAppVersionConfig,
+    configArg: IAppStoreVersionConfig,
    overridesArg: Record<string, string>,
  ): Record<string, string> {
    const envVars: Record<string, string> = {};
@@ -519,14 +419,10 @@ export class AppStoreManager {
      envVars[envVar.key] = value;
    }

-    for (const [key, value] of Object.entries(overridesArg)) {
-      envVars[key] = value;
-    }
+    Object.assign(envVars, overridesArg);

    if (missingRequiredEnvVars.length > 0) {
-      throw new Error(
-        `Missing required app env var(s): ${missingRequiredEnvVars.join(', ')}`,
-      );
+      throw new Error(`Missing required app env var(s): ${missingRequiredEnvVars.join(', ')}`);
    }

    return envVars;
@@ -536,7 +432,7 @@ export class AppStoreManager {
    return Object.values(envVarsArg).some((value) => value.includes(`\${${templateNameArg}}`));
  }

-  private assertRuntimeCompatibility(configArg: IAppVersionConfig): void {
+  private assertRuntimeCompatibility(configArg: IAppStoreVersionConfig): void {
    if (!configArg.minOneboxVersion) return;
    if (this.compareVersions(projectInfo.version, configArg.minOneboxVersion) < 0) {
      throw new Error(
@@ -1,11 +1,17 @@
 import * as plugins from '../plugins.ts';
 import { logger } from '../logging.ts';
 import { getErrorMessage } from '../utils/error.ts';
+import { normalizeHostname } from '../utils/domain.ts';
 import { OneboxDatabase } from './database.ts';
 import type { IDomain, IService } from '../types.ts';
 import type { TDcRouterMode } from './managed-dcrouter.ts';

+const adminUiRouteName = 'onebox-admin-ui';
+
 type TWorkHosterType = 'onebox';
+type TExternalGatewayRoute = Pick<IService, 'id' | 'name' | 'domain' | 'status'> & {
+  domain: string;
+};

 interface IExternalGatewayConfig {
  url: string;
@@ -137,15 +143,34 @@ export class ExternalGatewayManager {
  }

  public async syncServiceRoutes(): Promise<void> {
+    const adminUiRoute = this.getAdminUiRoute();
+    const adminUiDomain = adminUiRoute?.domain;
    const services = this.database.getAllServices()
-      .filter((service) => service.domain && service.status === 'running');
+      .filter((service) =>
+        service.domain && service.status === 'running' && service.domain !== adminUiDomain
+      );
    const activeHostnames = new Set(services.map((service) => service.domain!));

+    if (adminUiRoute) {
+      activeHostnames.add(adminUiRoute.domain);
+      try {
+        await this.syncGatewayRoute(adminUiRoute);
+      } catch (error) {
+        logger.warn(
+          `Failed to sync external gateway route for ${adminUiRoute.domain}: ${
+            getErrorMessage(error)
+          }`,
+        );
+      }
+    }
+
    for (const service of services) {
      try {
        await this.syncServiceRoute(service);
      } catch (error) {
-        logger.warn(`Failed to sync external gateway route for ${service.domain}: ${getErrorMessage(error)}`);
+        logger.warn(
+          `Failed to sync external gateway route for ${service.domain}: ${getErrorMessage(error)}`,
+        );
      }
    }

@@ -158,6 +183,7 @@ export class ExternalGatewayManager {

    for (const record of records) {
      if (!record.hostname || activeHostnamesArg.has(record.hostname)) continue;
+      if (this.shouldPreserveUnconfiguredAdminUiRecord(record)) continue;
      if (!record.routeId && !record.appId && !record.serviceName) continue;
      staleRecordsByHostname.set(record.hostname, record);
    }
@@ -169,7 +195,11 @@ export class ExternalGatewayManager {
          domain: record.hostname,
        });
      } catch (error) {
-        logger.warn(`Failed to delete stale external gateway route for ${record.hostname}: ${getErrorMessage(error)}`);
+        logger.warn(
+          `Failed to delete stale external gateway route for ${record.hostname}: ${
+            getErrorMessage(error)
+          }`,
+        );
      }
    }
  }
@@ -289,40 +319,72 @@ export class ExternalGatewayManager {
  public async syncServiceRoute(service: IService): Promise<void> {
    if (!service.domain) return;

+    await this.syncGatewayRoute({
+      id: service.id,
+      name: service.name,
+      domain: service.domain,
+      status: service.status,
+    });
+  }
+
+  public async syncAdminUiRoute(): Promise<void> {
+    const route = this.getAdminUiRoute();
+    if (!route) return;
+    await this.syncGatewayRoute(route);
+  }
+
+  public async deleteAdminUiRoute(domain: string): Promise<void> {
+    const normalizedDomain = normalizeHostname(domain);
+    if (!normalizedDomain) return;
+    await this.deleteServiceRoute({
+      name: adminUiRouteName,
+      domain: normalizedDomain,
+    });
+  }
+
+  private async syncGatewayRoute(route: TExternalGatewayRoute): Promise<void> {
+    if (!route.domain) return;
+
    const config = await this.getConfig({ requireTarget: true });
    if (!config) return;

    const result = await this.fireDcRouterRequest<IWorkAppRouteSyncResult>(
      'syncGatewayClientRoute',
      {
-        ownership: this.buildGatewayClientOwnership(service, service.domain, config),
-        route: this.buildRoute(service, config),
-        enabled: service.status === 'running',
+        ownership: this.buildGatewayClientOwnership(route, route.domain, config),
+        route: this.buildRoute(route, config),
+        enabled: route.status === 'running',
      },
      config,
    ).catch(async () => {
      return await this.fireDcRouterRequest<IWorkAppRouteSyncResult>(
        'syncWorkAppRoute',
        {
-          ownership: this.buildOwnership(service, service.domain!, config),
-          route: this.buildRoute(service, config),
-          enabled: service.status === 'running',
+          ownership: this.buildOwnership(route, route.domain, config),
+          route: this.buildRoute(route, config),
+          enabled: route.status === 'running',
        },
        config,
      );
    });

    if (!result.success) {
-      throw new Error(result.message || `dcrouter route sync failed for ${service.domain}`);
+      throw new Error(result.message || `dcrouter route sync failed for ${route.domain}`);
    }

-    logger.success(`External gateway route ${result.action || 'synced'} for ${service.domain}`);
-    await this.importCertificateForDomain(service.domain).catch((error) => {
-      logger.debug(`External gateway certificate import skipped for ${service.domain}: ${getErrorMessage(error)}`);
+    logger.success(`External gateway route ${result.action || 'synced'} for ${route.domain}`);
+    await this.importCertificateForDomain(route.domain).catch((error) => {
+      logger.debug(
+        `External gateway certificate import skipped for ${route.domain}: ${
+          getErrorMessage(error)
+        }`,
+      );
    });
  }

-  public async deleteServiceRoute(service: Pick<IService, 'id' | 'name' | 'domain'>): Promise<void> {
+  public async deleteServiceRoute(
+    service: Pick<IService, 'id' | 'name' | 'domain'>,
+  ): Promise<void> {
    if (!service.domain) return;

    const config = await this.getConfig({ requireTarget: false });
@@ -536,12 +598,35 @@ export class ExternalGatewayManager {
    return ownership;
  }

-  private buildRoute(service: IService, config: IExternalGatewayConfig): IDcRouterRouteConfig {
+  private getAdminUiRoute(): TExternalGatewayRoute | null {
+    const domain = normalizeHostname(this.database.getSetting('adminUiDomain') || '');
+    if (!domain) return null;
    return {
-      name: this.routeName(service.domain!),
+      id: 0,
+      name: adminUiRouteName,
+      domain,
+      status: 'running',
+    };
+  }
+
+  private isAdminUiRecord(record: IGatewayDnsRecord): boolean {
+    const ownerName = record.serviceName || record.appId;
+    return ownerName === adminUiRouteName || ownerName === 'onebox';
+  }
+
+  private shouldPreserveUnconfiguredAdminUiRecord(record: IGatewayDnsRecord): boolean {
+    return this.database.getSetting('adminUiDomain') === null && this.isAdminUiRecord(record);
+  }
+
+  private buildRoute(
+    route: TExternalGatewayRoute,
+    config: IExternalGatewayConfig,
+  ): IDcRouterRouteConfig {
+    return {
+      name: this.routeName(route.domain),
      match: {
        ports: [443],
-        domains: [service.domain!],
+        domains: [route.domain],
      },
      action: {
        type: 'forward',
@@ -10,15 +10,20 @@

 import { logger } from '../logging.ts';
 import { getErrorMessage } from '../utils/error.ts';
+import { normalizeHostname } from '../utils/domain.ts';
 import { OneboxDatabase } from './database.ts';
 import { SmartProxyManager } from './smartproxy.ts';

+const adminUiRouteName = 'onebox-admin-ui';
+const adminUiPort = 3000;
+
 interface IProxyRoute {
  domain: string;
  targetHost: string;
  targetPort: number;
-  serviceId: number;
+  serviceId?: number;
  serviceName?: string;
+  routeType: 'service' | 'admin-ui';
 }

 export class OneboxReverseProxy {
@@ -112,6 +117,7 @@ export class OneboxReverseProxy {
        targetPort,
        serviceId,
        serviceName,
+        routeType: 'service',
      };

      this.routes.set(domain, route);
@@ -127,6 +133,25 @@ export class OneboxReverseProxy {
    }
  }

+  async addAdminUiRoute(domain: string): Promise<void> {
+    const normalizedDomain = normalizeHostname(domain);
+    if (!normalizedDomain) return;
+
+    const targetHost = this.getAdminUiTargetHost();
+    const route: IProxyRoute = {
+      domain: normalizedDomain,
+      targetHost,
+      targetPort: adminUiPort,
+      serviceName: adminUiRouteName,
+      routeType: 'admin-ui',
+    };
+
+    this.routes.set(normalizedDomain, route);
+    const upstream = `${targetHost}:${adminUiPort}`;
+    await this.smartProxy.addRoute(normalizedDomain, upstream);
+    logger.success(`Added Admin UI proxy route: ${normalizedDomain} -> ${upstream}`);
+  }
+
  /**
   * Remove a route
   */
@@ -166,6 +191,11 @@ export class OneboxReverseProxy {
        }
      }

+      const adminUiDomain = this.getAdminUiDomain();
+      if (adminUiDomain) {
+        await this.addAdminUiRoute(adminUiDomain);
+      }
+
      logger.success(`Loaded ${this.routes.size} proxy routes`);
    } catch (error) {
      logger.error(`Failed to reload routes: ${getErrorMessage(error)}`);
@@ -173,6 +203,18 @@ export class OneboxReverseProxy {
    }
  }

+  private getAdminUiDomain(): string {
+    return normalizeHostname(this.database.getSetting('adminUiDomain') || '');
+  }
+
+  private getAdminUiTargetHost(): string {
+    const serverIP = this.database.getSetting('serverIP');
+    if (!serverIP) {
+      logger.warn('serverIP is not configured; Admin UI proxy route will use host.docker.internal');
+    }
+    return serverIP || 'host.docker.internal';
+  }
+
  /**
   * Add TLS certificate for a domain
   * Sends PEM content to SmartProxy via Admin API
@@ -107,6 +107,7 @@ export class OneboxServicesManager {
        registryRepository: options.useOneboxRegistry ? options.name : undefined,
        registryImageTag: options.registryImageTag || 'latest',
        autoUpdateOnPush: options.autoUpdateOnPush,
+        imageDigest: options.imageDigest,
        // Platform requirements
        platformRequirements,
        // App Store template tracking
@@ -10,7 +10,7 @@ import { logger } from '../logging.ts';
 import { getErrorMessage } from '../utils/error.ts';

 const SMARTPROXY_SERVICE_NAME = 'onebox-smartproxy';
-const LEGACY_CADDY_SERVICE_NAME = 'onebox-caddy';
+const LEGACY_REVERSE_PROXY_SERVICE_NAME = 'onebox-caddy';
 const SMARTPROXY_IMAGE = 'code.foss.global/host.today/ht-docker-smartproxy:latest';
 const SMARTPROXY_ADMIN_CONTAINER_PORT = 3000;
 const SMARTPROXY_HTTP_CONTAINER_PORT = 80;
@@ -102,10 +102,12 @@ export class SmartProxyManager {

      logger.info('Starting SmartProxy Docker service...');

-      const legacyService = await this.getExistingService(LEGACY_CADDY_SERVICE_NAME);
+      const legacyService = await this.getExistingService(LEGACY_REVERSE_PROXY_SERVICE_NAME);
      if (legacyService) {
-        logger.info('Legacy Caddy service exists, removing it before SmartProxy startup...');
-        await this.removeService(LEGACY_CADDY_SERVICE_NAME);
+        logger.info(
+          `Legacy reverse proxy service ${LEGACY_REVERSE_PROXY_SERVICE_NAME} exists, removing it before SmartProxy startup...`,
+        );
+        await this.removeService(LEGACY_REVERSE_PROXY_SERVICE_NAME);
        await new Promise((resolve) => setTimeout(resolve, 2000));
      }

@@ -9,7 +9,9 @@ import { Onebox } from './classes/onebox.ts';
 import { OneboxDaemon } from './classes/daemon.ts';
 import { OneboxSystemd } from './classes/systemd.ts';
 import { OneboxUpdateManager } from './classes/update-manager.ts';
-import type { IAppVersionConfig } from './classes/appstore-types.ts';
+import type * as servezoneInterfaces from '@serve.zone/interfaces';
+
+type IAppStoreVersionConfig = servezoneInterfaces.appstore.IAppStoreVersionConfig;

 export async function runCli(): Promise<void> {
  const args = Deno.args;
@@ -591,7 +593,7 @@ function parseEnvArgs(args: string[]): Record<string, string> {
 }

 function getAppStoreEnvVars(
-  configArg: IAppVersionConfig,
+  configArg: IAppStoreVersionConfig,
  overridesArg: Record<string, string>,
 ): Record<string, string> {
  const envVars: Record<string, string> = {};
@@ -3,7 +3,7 @@ import type { TQueryFunction } from '../types.ts';

 export class Migration015SmartProxyPlatformService extends BaseMigration {
  readonly version = 15;
-  readonly description = 'Rename Caddy platform service to SmartProxy';
+  readonly description = 'Rename legacy reverse proxy platform service to SmartProxy';

  up(query: TQueryFunction): void {
    query(
@@ -13,10 +13,9 @@ export class AppStoreHandler {
  }

  private registerHandlers(): void {
-    // Get app templates (catalog)
    this.typedrouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetAppTemplates>(
-        'getAppTemplates',
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetAppStoreTemplates>(
+        'getAppStoreTemplates',
        async (dataArg) => {
          await requireAdminIdentity(this.opsServerRef.adminHandler, dataArg);
          const apps = await this.opsServerRef.oneboxRef.appStore.getApps();
@@ -25,10 +24,9 @@ export class AppStoreHandler {
      ),
    );

-    // Get app config for a specific version
    this.typedrouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetAppConfig>(
-        'getAppConfig',
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetAppStoreConfig>(
+        'getAppStoreConfig',
        async (dataArg) => {
          await requireAdminIdentity(this.opsServerRef.adminHandler, dataArg);
          const config = await this.opsServerRef.oneboxRef.appStore.getAppVersionConfig(
@@ -42,8 +40,8 @@ export class AppStoreHandler {
    );

    this.typedrouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_InstallAppTemplate>(
-        'installAppTemplate',
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_InstallAppStoreApp>(
+        'installAppStoreApp',
        async (dataArg) => {
          await requireAdminIdentity(this.opsServerRef.adminHandler, dataArg);
          const service = await this.opsServerRef.oneboxRef.appStore.installApp(dataArg.install);
@@ -52,22 +50,20 @@ export class AppStoreHandler {
      ),
    );

-    // Get services with available upgrades
    this.typedrouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetUpgradeableServices>(
-        'getUpgradeableServices',
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetUpgradeableAppStoreServices>(
+        'getUpgradeableAppStoreServices',
        async (dataArg) => {
          await requireAdminIdentity(this.opsServerRef.adminHandler, dataArg);
-          const services = await this.opsServerRef.oneboxRef.appStore.getUpgradeableServices();
+          const services = await this.opsServerRef.oneboxRef.appStore.getUpgradeableAppStoreServices();
          return { services };
        },
      ),
    );

-    // Upgrade a service to a new template version
    this.typedrouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_UpgradeService>(
-        'upgradeService',
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_UpgradeAppStoreService>(
+        'upgradeAppStoreService',
        async (dataArg) => {
          await requireAdminIdentity(this.opsServerRef.adminHandler, dataArg);

@@ -84,7 +80,6 @@ export class AppStoreHandler {

          logger.info(`Upgrading service '${dataArg.serviceName}' from v${existingService.appTemplateVersion} to v${dataArg.targetVersion}`);

-          // Execute migration
          const migrationResult = await this.opsServerRef.oneboxRef.appStore.executeMigration(
            existingService,
            existingService.appTemplateVersion,
@@ -97,7 +92,6 @@ export class AppStoreHandler {
            );
          }

-          // Apply the upgrade
          const updatedService = await this.opsServerRef.oneboxRef.appStore.applyUpgrade(
            dataArg.serviceName,
            migrationResult,
@@ -4,6 +4,7 @@ import * as interfaces from '../../../ts_interfaces/index.ts';
 import { requireAdminIdentity } from '../helpers/guards.ts';
 import { logger } from '../../logging.ts';
 import { getErrorMessage } from '../../utils/error.ts';
+import { isValidHostname, normalizeHostname } from '../../utils/domain.ts';

 export class SettingsHandler {
  public typedrouter = new plugins.typedrequest.TypedRouter();
@@ -23,6 +24,7 @@ export class SettingsHandler {
    return {
      cloudflareToken: cloudflareToken || '',
      cloudflareZoneId: settingsMap['cloudflareZoneId'] || '',
+      adminUiDomain: settingsMap['adminUiDomain'] || '',
      dcrouterMode: managedDcRouter.getMode(),
      dcrouterManagedImage: managedDcRouter.getImage(),
      dcrouterManagedOpsPort: managedDcRouter.getOpsPort(),
@@ -64,8 +66,10 @@ export class SettingsHandler {
          const db = this.opsServerRef.oneboxRef.database;
          const updates = dataArg.settings;

+          const normalizedUpdates = this.normalizeUpdates(updates);
+
          // Store each setting as key-value pair
-          for (const [key, value] of Object.entries(updates)) {
+          for (const [key, value] of Object.entries(normalizedUpdates)) {
            if (value !== undefined) {
              if (db.isSecretSettingKey(key)) {
                await db.setSecretSetting(key, String(value));
@@ -75,8 +79,8 @@ export class SettingsHandler {
            }
          }

-          if (this.hasExternalGatewaySetting(updates)) {
-            this.refreshDcRouterGateway().catch((error) => {
+          if (this.hasRouteSyncSetting(normalizedUpdates)) {
+            this.refreshGatewayRoutes(normalizedUpdates).catch((error) => {
              logger.warn(`dcrouter gateway settings refresh failed: ${getErrorMessage(error)}`);
            });
          }
@@ -110,8 +114,23 @@ export class SettingsHandler {
    );
  }

-  private hasExternalGatewaySetting(settings: Partial<interfaces.data.ISettings>): boolean {
+  private normalizeUpdates(
+    settings: Partial<interfaces.data.ISettings>,
+  ): Partial<interfaces.data.ISettings> {
+    const normalizedUpdates = { ...settings };
+    if (Object.prototype.hasOwnProperty.call(normalizedUpdates, 'adminUiDomain')) {
+      const normalizedDomain = normalizeHostname(String(normalizedUpdates.adminUiDomain || ''));
+      if (!isValidHostname(normalizedDomain)) {
+        throw new plugins.typedrequest.TypedResponseError('Invalid Admin UI domain');
+      }
+      normalizedUpdates.adminUiDomain = normalizedDomain;
+    }
+    return normalizedUpdates;
+  }
+
+  private hasRouteSyncSetting(settings: Partial<interfaces.data.ISettings>): boolean {
    return [
+      'adminUiDomain',
      'dcrouterMode',
      'dcrouterManagedImage',
      'dcrouterManagedOpsPort',
@@ -127,23 +146,29 @@ export class SettingsHandler {
    ].some((key) => Object.prototype.hasOwnProperty.call(settings, key));
  }

-  private async refreshDcRouterGateway(): Promise<void> {
+  private hasManagedDcRouterRuntimeSetting(settings: Partial<interfaces.data.ISettings>): boolean {
+    return [
+      'dcrouterMode',
+      'dcrouterManagedImage',
+      'dcrouterManagedOpsPort',
+      'dcrouterManagedHttpPort',
+      'dcrouterManagedHttpsPort',
+      'dcrouterManagedDataDir',
+    ].some((key) => Object.prototype.hasOwnProperty.call(settings, key));
+  }
+
+  private async refreshGatewayRoutes(settings: Partial<interfaces.data.ISettings>): Promise<void> {
    const onebox = this.opsServerRef.oneboxRef;
-    if (onebox.managedDcRouter.getMode() === 'managed') {
-      await onebox.managedDcRouter.restart();
-    } else {
-      await onebox.managedDcRouter.stop();
+    if (this.hasManagedDcRouterRuntimeSetting(settings)) {
+      if (onebox.managedDcRouter.getMode() === 'managed') {
+        await onebox.managedDcRouter.restart();
+      } else {
+        await onebox.managedDcRouter.stop();
+      }
    }

+    await onebox.reverseProxy.reloadRoutes();
    await onebox.externalGateway.syncDomains();
-
-    const services = onebox.database.getAllServices().filter((service) => service.domain);
-    await Promise.all(services.map(async (service) => {
-      try {
-        await onebox.externalGateway.syncServiceRoute(service);
-      } catch (error) {
-        logger.warn(`Failed to sync external gateway route for ${service.domain}: ${getErrorMessage(error)}`);
-      }
-    }));
+    await onebox.externalGateway.syncServiceRoutes();
  }
 }
@@ -82,6 +82,11 @@ export { smartguard, smartjwt };
 import { ContainerArchive } from '@serve.zone/containerarchive';
 export { ContainerArchive };

+// serve.zone App Store contracts and resolver
+import * as servezoneInterfaces from '@serve.zone/interfaces';
+import * as servezoneAppstore from '@serve.zone/appstore';
+export { servezoneInterfaces, servezoneAppstore };
+
 // Node.js compat for streaming
 import * as nodeFs from 'node:fs';
 import * as nodeStream from 'node:stream';
@@ -280,6 +280,7 @@ export interface ISetting {
 // Application settings
 export interface IAppSettings {
  serverIP?: string;
+  adminUiDomain?: string;
  cloudflareToken?: string;
  cloudflareZoneId?: string;
  dcrouterMode?: 'managed' | 'external' | 'disabled';
@@ -332,6 +333,7 @@ export interface IServiceDeployOptions {
  useOneboxRegistry?: boolean;
  registryImageTag?: string;
  autoUpdateOnPush?: boolean;
+  imageDigest?: string;
  // Platform service requirements
  enableMongoDB?: boolean;
  enableS3?: boolean;
@@ -0,0 +1,17 @@
+export function normalizeHostname(valueArg: string): string {
+  const trimmedValue = valueArg.trim().toLowerCase();
+  if (!trimmedValue) return '';
+
+  const withoutProtocol = trimmedValue.replace(/^[a-z][a-z0-9+.-]*:\/\//, '');
+  const withoutPath = withoutProtocol.split('/')[0].split('?')[0].split('#')[0];
+  return withoutPath.replace(/:\d+$/, '').replace(/\.$/, '');
+}
+
+export function isValidHostname(hostnameArg: string): boolean {
+  if (!hostnameArg) return true;
+  if (hostnameArg.length > 253) return false;
+  return hostnameArg.split('.').every((label) => {
+    if (!label || label.length > 63) return false;
+    return /^[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$/.test(label);
+  });
+}
@@ -21,6 +21,7 @@ export interface IManagedDcRouterStatus {
 export interface ISettings {
  cloudflareToken: string;
  cloudflareZoneId: string;
+  adminUiDomain: string;
  dcrouterMode: TDcRouterMode;
  dcrouterManagedImage: string;
  dcrouterManagedOpsPort: number;
@@ -1,125 +1,77 @@
+import type * as servezoneInterfaces from '@serve.zone/interfaces';
 import * as plugins from '../plugins.ts';
 import * as data from '../data/index.ts';

-export interface ICatalogApp {
-  id: string;
-  name: string;
-  description: string;
-  category: string;
-  iconName?: string;
-  iconUrl?: string;
-  latestVersion: string;
-  tags?: string[];
-}
+export type IAppStoreApp = servezoneInterfaces.appstore.IAppStoreApp;
+export type IAppStoreVersionConfig = servezoneInterfaces.appstore.IAppStoreVersionConfig;
+export type IAppStoreAppMeta = servezoneInterfaces.appstore.IAppStoreAppMeta;
+export type IUpgradeableAppStoreService = servezoneInterfaces.appstore.IUpgradeableAppStoreService;

-export interface IAppVersionConfig {
-  image: string;
-  port: number;
-  envVars?: Array<{ key: string; value: string; description: string; required?: boolean }>;
-  volumes?: Array<string | data.IServiceVolume>;
-  publishedPorts?: data.IServicePublishedPort[];
-  platformRequirements?: {
-    mongodb?: boolean;
-    s3?: boolean;
-    clickhouse?: boolean;
-    redis?: boolean;
-    mariadb?: boolean;
-  };
-  minOneboxVersion?: string;
-}
-
-export interface IAppInstallOptions {
-  appId: string;
-  version?: string;
-  serviceName: string;
-  domain?: string;
-  port?: number;
-  publishedPorts?: data.IServicePublishedPort[];
-  envVars?: Record<string, string>;
+export interface IAppStoreInstallOptions extends servezoneInterfaces.appstore.IAppStoreInstallRequest {
  autoDNS?: boolean;
 }

-export interface IAppMeta {
-  id: string;
-  name: string;
-  description: string;
-  category: string;
-  iconName?: string;
-  latestVersion: string;
-  versions: string[];
-  maintainer?: string;
-  links?: Record<string, string>;
-}
-
-export interface IUpgradeableService {
-  serviceName: string;
-  appTemplateId: string;
-  currentVersion: string;
-  latestVersion: string;
-  hasMigration: boolean;
-}
-
-export interface IReq_GetAppTemplates extends plugins.typedrequestInterfaces.implementsTR<
+export interface IReq_GetAppStoreTemplates extends plugins.typedrequestInterfaces.implementsTR<
  plugins.typedrequestInterfaces.ITypedRequest,
-  IReq_GetAppTemplates
+  IReq_GetAppStoreTemplates
 > {
-  method: 'getAppTemplates';
+  method: 'getAppStoreTemplates';
  request: {
    identity: data.IIdentity;
  };
  response: {
-    apps: ICatalogApp[];
+    apps: IAppStoreApp[];
  };
 }

-export interface IReq_GetAppConfig extends plugins.typedrequestInterfaces.implementsTR<
+export interface IReq_GetAppStoreConfig extends plugins.typedrequestInterfaces.implementsTR<
  plugins.typedrequestInterfaces.ITypedRequest,
-  IReq_GetAppConfig
+  IReq_GetAppStoreConfig
 > {
-  method: 'getAppConfig';
+  method: 'getAppStoreConfig';
  request: {
    identity: data.IIdentity;
    appId: string;
    version: string;
  };
  response: {
-    config: IAppVersionConfig;
-    appMeta: IAppMeta;
+    config: IAppStoreVersionConfig;
+    appMeta: IAppStoreAppMeta;
  };
 }

-export interface IReq_InstallAppTemplate extends plugins.typedrequestInterfaces.implementsTR<
+export interface IReq_InstallAppStoreApp extends plugins.typedrequestInterfaces.implementsTR<
  plugins.typedrequestInterfaces.ITypedRequest,
-  IReq_InstallAppTemplate
+  IReq_InstallAppStoreApp
 > {
-  method: 'installAppTemplate';
+  method: 'installAppStoreApp';
  request: {
    identity: data.IIdentity;
-    install: IAppInstallOptions;
+    install: IAppStoreInstallOptions;
  };
  response: {
    service: data.IService;
  };
 }

-export interface IReq_GetUpgradeableServices extends plugins.typedrequestInterfaces.implementsTR<
+export interface IReq_GetUpgradeableAppStoreServices extends plugins.typedrequestInterfaces.implementsTR<
  plugins.typedrequestInterfaces.ITypedRequest,
-  IReq_GetUpgradeableServices
+  IReq_GetUpgradeableAppStoreServices
 > {
-  method: 'getUpgradeableServices';
+  method: 'getUpgradeableAppStoreServices';
  request: {
    identity: data.IIdentity;
  };
  response: {
-    services: IUpgradeableService[];
+    services: IUpgradeableAppStoreService[];
  };
 }

-export interface IReq_UpgradeService extends plugins.typedrequestInterfaces.implementsTR<
+export interface IReq_UpgradeAppStoreService extends plugins.typedrequestInterfaces.implementsTR<
  plugins.typedrequestInterfaces.ITypedRequest,
-  IReq_UpgradeService
+  IReq_UpgradeAppStoreService
 > {
-  method: 'upgradeService';
+  method: 'upgradeAppStoreService';
  request: {
    identity: data.IIdentity;
    serviceName: string;
@@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@serve.zone/onebox',
-  version: '1.29.0',
+  version: '2.0.0',
  description: 'Self-hosted container platform with automatic SSL and DNS - a mini Heroku for single servers'
 }
@@ -58,8 +58,8 @@ export interface ISettingsState {
 }

 export interface IAppStoreState {
-  apps: interfaces.requests.ICatalogApp[];
-  upgradeableServices: interfaces.requests.IUpgradeableService[];
+  apps: interfaces.requests.IAppStoreApp[];
+  upgradeableServices: interfaces.requests.IUpgradeableAppStoreService[];
 }

 export interface IUiState {
@@ -1226,13 +1226,13 @@ async function disconnectSocket() {
 // App Store Actions
 // ============================================================================

-export const fetchAppTemplatesAction = appStoreStatePart.createAction(
+export const fetchAppStoreTemplatesAction = appStoreStatePart.createAction(
  async (statePartArg) => {
    const context = getActionContext();
    try {
      const typedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
-        interfaces.requests.IReq_GetAppTemplates
-      >('/typedrequest', 'getAppTemplates');
+        interfaces.requests.IReq_GetAppStoreTemplates
+      >('/typedrequest', 'getAppStoreTemplates');
      const response = await typedRequest.fire({ identity: context.identity! });
      return { ...statePartArg.getState(), apps: response.apps };
    } catch (err) {
@@ -1242,13 +1242,13 @@ export const fetchAppTemplatesAction = appStoreStatePart.createAction(
  },
 );

-export const fetchUpgradeableServicesAction = appStoreStatePart.createAction(
+export const fetchUpgradeableAppStoreServicesAction = appStoreStatePart.createAction(
  async (statePartArg) => {
    const context = getActionContext();
    try {
      const typedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
-        interfaces.requests.IReq_GetUpgradeableServices
-      >('/typedrequest', 'getUpgradeableServices');
+        interfaces.requests.IReq_GetUpgradeableAppStoreServices
+      >('/typedrequest', 'getUpgradeableAppStoreServices');
      const response = await typedRequest.fire({ identity: context.identity! });
      return { ...statePartArg.getState(), upgradeableServices: response.services };
    } catch (err) {
@@ -1258,15 +1258,15 @@ export const fetchUpgradeableServicesAction = appStoreStatePart.createAction(
  },
 );

-export const upgradeServiceAction = appStoreStatePart.createAction<{
+export const upgradeAppStoreServiceAction = appStoreStatePart.createAction<{
  serviceName: string;
  targetVersion: string;
 }>(async (statePartArg, dataArg) => {
  const context = getActionContext();
  try {
    const typedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
-      interfaces.requests.IReq_UpgradeService
-    >('/typedrequest', 'upgradeService');
+      interfaces.requests.IReq_UpgradeAppStoreService
+    >('/typedrequest', 'upgradeAppStoreService');
    await typedRequest.fire({
      identity: context.identity!,
      serviceName: dataArg.serviceName,
@@ -1274,8 +1274,8 @@ export const upgradeServiceAction = appStoreStatePart.createAction<{
    });
    // Re-fetch upgradeable services and services list
    const upgradeReq = new plugins.domtools.plugins.typedrequest.TypedRequest<
-      interfaces.requests.IReq_GetUpgradeableServices
-    >('/typedrequest', 'getUpgradeableServices');
+      interfaces.requests.IReq_GetUpgradeableAppStoreServices
+    >('/typedrequest', 'getUpgradeableAppStoreServices');
    const upgradeResp = await upgradeReq.fire({ identity: context.identity! });
    return { ...statePartArg.getState(), upgradeableServices: upgradeResp.services };
  } catch (err) {
@@ -25,13 +25,13 @@ export class ObViewAppStore extends DeesElement {
  accessor currentView: 'grid' | 'detail' = 'grid';

  @state()
-  accessor selectedApp: interfaces.requests.ICatalogApp | null = null;
+  accessor selectedApp: interfaces.requests.IAppStoreApp | null = null;

  @state()
-  accessor selectedAppMeta: interfaces.requests.IAppMeta | null = null;
+  accessor selectedAppMeta: interfaces.requests.IAppStoreAppMeta | null = null;

  @state()
-  accessor selectedAppConfig: interfaces.requests.IAppVersionConfig | null = null;
+  accessor selectedAppConfig: interfaces.requests.IAppStoreVersionConfig | null = null;

  @state()
  accessor selectedVersion: string = '';
@@ -331,7 +331,7 @@ export class ObViewAppStore extends DeesElement {

  async connectedCallback() {
    super.connectedCallback();
-    await appstate.appStoreStatePart.dispatchAction(appstate.fetchAppTemplatesAction, null);
+    await appstate.appStoreStatePart.dispatchAction(appstate.fetchAppStoreTemplatesAction, null);
  }

  public render(): TemplateResult {
@@ -541,7 +541,7 @@ export class ObViewAppStore extends DeesElement {
    `;
  }

-  private renderDeploymentFootprint(config: interfaces.requests.IAppVersionConfig): TemplateResult | '' {
+  private renderDeploymentFootprint(config: interfaces.requests.IAppStoreVersionConfig): TemplateResult | '' {
    const volumes = this.getConfigVolumes(config);
    const publishedPorts = config.publishedPorts || [];

@@ -577,7 +577,7 @@ export class ObViewAppStore extends DeesElement {
    `;
  }

-  private renderDeployConfirmation(config: interfaces.requests.IAppVersionConfig): TemplateResult | '' {
+  private renderDeployConfirmation(config: interfaces.requests.IAppStoreVersionConfig): TemplateResult | '' {
    const volumes = this.getConfigVolumes(config);
    const publishedPorts = config.publishedPorts || [];
    if (volumes.length === 0 && publishedPorts.length === 0) return '';
@@ -590,7 +590,7 @@ export class ObViewAppStore extends DeesElement {
    `;
  }

-  private getConfigVolumes(config: interfaces.requests.IAppVersionConfig): interfaces.data.IServiceVolume[] {
+  private getConfigVolumes(config: interfaces.requests.IAppStoreVersionConfig): interfaces.data.IServiceVolume[] {
    return (config.volumes || []).map((volume) => {
      if (typeof volume === 'string') {
        return { mountPath: volume };
@@ -658,8 +658,8 @@ export class ObViewAppStore extends DeesElement {
      if (!identity) return;

      const typedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
-        interfaces.requests.IReq_GetAppConfig
-      >('/typedrequest', 'getAppConfig');
+        interfaces.requests.IReq_GetAppStoreConfig
+      >('/typedrequest', 'getAppStoreConfig');

      const response = await typedRequest.fire({ identity, appId, version });

@@ -728,8 +728,8 @@ export class ObViewAppStore extends DeesElement {
      const identity = appstate.loginStatePart.getState().identity;
      if (!identity) return;
      const typedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
-        interfaces.requests.IReq_InstallAppTemplate
-      >('/typedrequest', 'installAppTemplate');
+        interfaces.requests.IReq_InstallAppStoreApp
+      >('/typedrequest', 'installAppStoreApp');
      await typedRequest.fire({
        identity,
        install: {
@@ -226,7 +226,7 @@ export class ObViewServices extends DeesElement {
    await Promise.all([
      appstate.servicesStatePart.dispatchAction(appstate.fetchServicesAction, null),
      appstate.servicesStatePart.dispatchAction(appstate.fetchPlatformServicesAction, null),
-      appstate.appStoreStatePart.dispatchAction(appstate.fetchUpgradeableServicesAction, null),
+      appstate.appStoreStatePart.dispatchAction(appstate.fetchUpgradeableAppStoreServicesAction, null),
    ]);

    // If a platform service was selected from the dashboard, navigate to its detail
@@ -497,7 +497,7 @@ export class ObViewServices extends DeesElement {
            class="deploy-button"
            style="padding: 8px 16px; font-size: 13px;"
            @click=${async () => {
-              await appstate.appStoreStatePart.dispatchAction(appstate.upgradeServiceAction, {
+              await appstate.appStoreStatePart.dispatchAction(appstate.upgradeAppStoreServiceAction, {
                serviceName: upgradeInfo.serviceName,
                targetVersion: upgradeInfo.latestVersion,
              });
@@ -48,31 +48,45 @@ export class ObViewSettings extends DeesElement {
    cssManager.defaultStyles,
    shared.viewHostCss,
    css`
-      .gateway-card {
+      dees-tile {
+        display: block;
        margin-bottom: 24px;
-        border: 1px solid ${cssManager.bdTheme('#e4e4e7', '#27272a')};
-        border-radius: 12px;
-        background: ${cssManager.bdTheme('#ffffff', '#09090b')};
-        overflow: hidden;
-        box-shadow: 0 1px 2px ${cssManager.bdTheme('rgba(0,0,0,0.04)', 'rgba(0,0,0,0.2)')};
      }

      .gateway-header {
-        padding: 16px 20px;
-        border-bottom: 1px solid ${cssManager.bdTheme('#f4f4f5', '#27272a')};
-        background: ${cssManager.bdTheme('#fafafa', '#101013')};
+        height: 36px;
+        display: flex;
+        align-items: center;
+        padding: 0 16px;
+        width: 100%;
+        box-sizing: border-box;
+      }
+
+      .gateway-heading {
+        flex: 1;
+        display: flex;
+        align-items: baseline;
+        gap: 8px;
+        min-width: 0;
      }

      .gateway-title {
-        font-size: 15px;
-        font-weight: 600;
-        color: ${cssManager.bdTheme('#18181b', '#fafafa')};
+        font-size: 13px;
+        font-weight: 500;
+        letter-spacing: -0.01em;
+        color: var(--dees-color-text-secondary);
+        white-space: nowrap;
+        overflow: hidden;
+        text-overflow: ellipsis;
      }

      .gateway-subtitle {
-        margin-top: 4px;
-        font-size: 13px;
-        color: ${cssManager.bdTheme('#71717a', '#a1a1aa')};
+        font-size: 12px;
+        color: var(--dees-color-text-muted);
+        letter-spacing: -0.01em;
+        white-space: nowrap;
+        overflow: hidden;
+        text-overflow: ellipsis;
      }

      .gateway-content {
@@ -176,8 +190,51 @@ export class ObViewSettings extends DeesElement {

      .gateway-footer {
        display: flex;
+        flex-direction: row;
        justify-content: flex-end;
-        padding: 0 20px 20px;
+        align-items: center;
+        gap: 0;
+        height: 36px;
+        width: 100%;
+        box-sizing: border-box;
+      }
+
+      .tile-button {
+        padding: 0 16px;
+        height: 100%;
+        text-align: center;
+        font-size: 12px;
+        font-weight: 500;
+        cursor: pointer;
+        user-select: none;
+        transition: all 0.15s ease;
+        background: transparent;
+        border: none;
+        border-left: 1px solid var(--dees-color-border-subtle);
+        color: var(--dees-color-text-muted);
+        white-space: nowrap;
+        display: flex;
+        align-items: center;
+        gap: 6px;
+      }
+
+      .tile-button:first-child {
+        border-left: none;
+      }
+
+      .tile-button:hover {
+        background: var(--dees-color-hover);
+        color: var(--dees-color-text-primary);
+      }
+
+      .tile-button.primary {
+        color: ${cssManager.bdTheme('hsl(217.2 91.2% 59.8%)', 'hsl(213.1 93.9% 67.8%)')};
+        font-weight: 600;
+      }
+
+      .tile-button.primary:hover {
+        background: ${cssManager.bdTheme('hsl(217.2 91.2% 59.8% / 0.08)', 'hsl(213.1 93.9% 67.8% / 0.08)')};
+        color: ${cssManager.bdTheme('hsl(217.2 91.2% 50%)', 'hsl(213.1 93.9% 75%)')};
      }

      @media (max-width: 700px) {
@@ -201,12 +258,14 @@ export class ObViewSettings extends DeesElement {
  public render(): TemplateResult {
    return html`
      <ob-sectionheading>Settings</ob-sectionheading>
+      ${this.renderAdminUiSettings()}
      ${this.renderExternalGatewaySettings()}
      <sz-settings-view
        .settings=${this.settingsState.settings || {
          darkMode: true,
          cloudflareToken: '',
          cloudflareZoneId: '',
+          adminUiDomain: '',
          dcrouterMode: 'managed',
          dcrouterManagedImage: 'code.foss.global/serve.zone/dcrouter:latest',
          dcrouterManagedOpsPort: 3300,
@@ -244,14 +303,39 @@ export class ObViewSettings extends DeesElement {
    `;
  }

+  private renderAdminUiSettings(): TemplateResult {
+    const settings = this.settingsState.settings;
+    return html`
+      <dees-tile>
+        <div slot="header" class="gateway-header">
+          <div class="gateway-heading">
+            <span class="gateway-title">Onebox Admin UI</span>
+            <span class="gateway-subtitle">Configure the public hostname for this Onebox dashboard</span>
+          </div>
+        </div>
+        <div class="gateway-content">
+          ${this.renderGatewayInput('adminUiDomain', 'Admin UI Domain', settings?.adminUiDomain || '', 'Example: onebox.example.com. Leave empty to disable the public Admin UI route.')}
+          ${this.renderGatewayReadonly('Local Target', 'Onebox OpsServer on port 3000', 'The external gateway forwards to SmartProxy, which forwards this hostname to the Onebox Admin UI.')}
+        </div>
+        <div slot="footer" class="gateway-footer">
+          <button class="tile-button primary" type="button" @click=${() => this.saveAdminUiSettings()}>
+            Save Admin UI Domain
+          </button>
+        </div>
+      </dees-tile>
+    `;
+  }
+
  private renderExternalGatewaySettings(): TemplateResult {
    const settings = this.settingsState.settings;
    const mode = settings?.dcrouterMode || 'managed';
    return html`
-      <section class="gateway-card">
-        <div class="gateway-header">
-          <div class="gateway-title">dcrouter Gateway</div>
-          <div class="gateway-subtitle">Run a local managed dcrouter or delegate routing, DNS, and certificates to an external dcrouter.</div>
+      <dees-tile>
+        <div slot="header" class="gateway-header">
+          <div class="gateway-heading">
+            <span class="gateway-title">dcrouter Gateway</span>
+            <span class="gateway-subtitle">Run a local managed dcrouter or delegate routing to an external dcrouter</span>
+          </div>
        </div>
        <div class="gateway-mode-row">
          ${this.renderModeButton('managed', 'Managed Local', mode)}
@@ -277,15 +361,12 @@ export class ObViewSettings extends DeesElement {
            <div class="gateway-disabled">dcrouter route delegation is disabled. Onebox will keep using its local SmartProxy directly.</div>
          `}
        </div>
-        <div class="gateway-footer">
-          <dees-button
-            .text=${'Save dcrouter Settings'}
-            .type=${'default'}
-            .icon=${'lucide:Save'}
-            @click=${() => this.saveExternalGatewaySettings()}
-          ></dees-button>
+        <div slot="footer" class="gateway-footer">
+          <button class="tile-button primary" type="button" @click=${() => this.saveExternalGatewaySettings()}>
+            Save dcrouter Settings
+          </button>
        </div>
-      </section>
+      </dees-tile>
    `;
  }

@@ -329,7 +410,7 @@ export class ObViewSettings extends DeesElement {
    isPassword = false,
  ): TemplateResult {
    return html`
-      <div class="gateway-field ${key === 'dcrouterGatewayUrl' ? 'full' : ''}">
+      <div class="gateway-field ${key === 'dcrouterGatewayUrl' || key === 'adminUiDomain' ? 'full' : ''}">
        <dees-input-text
          .key=${key}
          .label=${label}
@@ -393,4 +474,15 @@ export class ObViewSettings extends DeesElement {
    });
    await appstate.settingsStatePart.dispatchAction(appstate.fetchManagedDcRouterStatusAction, null);
  }
+
+  private async saveAdminUiSettings(): Promise<void> {
+    const settings = this.settingsState.settings;
+    if (!settings) return;
+
+    await appstate.settingsStatePart.dispatchAction(appstate.updateSettingsAction, {
+      settings: {
+        adminUiDomain: settings.adminUiDomain || '',
+      },
+    });
+  }
 }
Author	SHA1	Message	Date
jkunz	3e68e875ac	v2.0.0 Release / build-and-release (push) Successful in 2m38s Details	2026-05-25 03:12:29 +00:00
jkunz	a30260e336	feat(appstore): use shared resolver	2026-05-25 03:10:18 +00:00
jkunz	be53f179ab	v1.31.0 Release / build-and-release (push) Successful in 2m29s Details	2026-05-25 01:40:38 +00:00
jkunz	db52934f35	feat(appstore): resolve repo manifests and docker digest-tracked images	2026-05-25 01:39:59 +00:00
jkunz	d29257dcf7	v1.30.2	2026-05-24 21:23:33 +00:00
jkunz	3b2b806165	fix(smartproxy): clean up legacy reverse proxy naming for SmartProxy	2026-05-24 21:20:46 +00:00
jkunz	070c936a69	v1.30.1 Release / build-and-release (push) Successful in 2m26s Details	2026-05-24 17:42:02 +00:00
jkunz	3f15cbda80	fix(settings-ui): align settings gateway cards with dees-tile footer actions	2026-05-24 17:41:34 +00:00
jkunz	4b48f0056e	v1.30.0 Release / build-and-release (push) Successful in 2m29s Details	2026-05-24 14:46:51 +00:00
jkunz	d91fda084b	feat(admin-ui): add configurable Admin UI domain routing	2026-05-24 14:46:35 +00:00