merge: develop into main for v1.1.2 release

When TLS_ENABLED=false (e.g. behind a reverse proxy) the healthcheck
was still hitting https://localhost which fails on plain HTTP, keeping
the container perpetually in 'starting' state on TrueNAS SCALE.

Use a shell conditional so the correct protocol is used at runtime:
  - TLS_ENABLED=false  -> wget http://localhost:${PORT}/health
  - TLS_ENABLED=true (default) -> wget --no-check-certificate https://...

Dockerfile

@@ -49,10 +49,10 @@ USER node
 
 EXPOSE 3001
 
-# HEALTHCHECK — Docker will restart the container if this fails 3 times
-# --no-check-certificate handles self-signed / snakeoil certs.
-# Remove that flag when using a CA-signed certificate.
+# HEALTHCHECK — Docker will restart the container if this fails 3 times.
+# Respects TLS_ENABLED at runtime: uses https (with --no-check-certificate
+# to handle self-signed/snakeoil certs) when TLS is on, plain http when off.
 HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
-  CMD wget -qO- --no-check-certificate https://localhost:3001/health || exit 1
+  CMD /bin/sh -c '[ "${TLS_ENABLED:-true}" = "false" ] && wget -qO- http://localhost:${PORT:-3001}/health || wget -qO- --no-check-certificate https://localhost:${PORT:-3001}/health'
 
 CMD ["node", "server/index.js"]

docker-compose.yaml

@@ -47,9 +47,9 @@ services:
       - ALL                     # drop all Linux capabilities
     cap_add: []                 # add back none — Node.js needs no special caps
     healthcheck:
-      # Uses --no-check-certificate for self-signed / snakeoil certs.
-      # Remove that flag if using a CA-signed certificate.
-      test: ["CMD", "wget", "-qO-", "--no-check-certificate", "https://localhost:3001/health"]
+      # Respects TLS_ENABLED: uses http when set to false, https otherwise.
+      # --no-check-certificate handles self-signed / snakeoil certs.
+      test: ["CMD", "/bin/sh", "-c", "[ \"${TLS_ENABLED:-true}\" = \"false\" ] && wget -qO- http://localhost:${PORT:-3001}/health || wget -qO- --no-check-certificate https://localhost:${PORT:-3001}/health"]
       interval: 30s
       timeout: 5s
       retries: 3

package.json

@@ -1,6 +1,6 @@
 {
   "name": "sofarr",
-  "version": "1.1.0",
+  "version": "1.1.2",
   "description": "A personal media download dashboard that shows your downloads 'so far' while you relax on the sofa waiting for your *arr services to finish",
   "main": "server/index.js",
   "scripts": {

server/index.js

@@ -8,6 +8,7 @@ const fs = require('fs');
 const http = require('http');
 const https = require('https');
 require('dotenv').config();
+const { version } = require('../package.json');
 
 // Setup logging with levels
 // Levels: debug (0), info (1), warn (2), error (3), silent (4)
@@ -300,7 +301,7 @@ const isSnakeoil = TLS_ENABLED &&
 
 server.listen(PORT, () => {
   console.log(`=================================`);
-  console.log(`  sofarr - Your Downloads Dashboard`);
+  console.log(`  sofarr v${version} - Your Downloads Dashboard`);
   console.log(`  Server running on ${protocol}://localhost:${PORT}`);
   if (tlsCredentials && isSnakeoil) {
     console.warn(`  [TLS] Using bundled snakeoil certificate (self-signed).`);