1 - Changelogs

CDM-Server Update Notes

v1.2.1

Release Date: 2025-06-24

Fixes

  • rs-2326 A container leaving zombie processes behind.

v1.2.0

Release Date: 2025-06-12

Feature

  • IQ-Software – CDM-Server now supports IQ-Software V8.0 - 0050.
  • rs-2164 Session View
  • rs-1978 Make SESSION_INACTIVITY_TIMEOUT_IN_SECONDS configurable by the customer
  • rs-1605 Client IP address added to access log
  • rs-2128 Infobox component automatic size adjustment enhancement
  • rs-2224 Improved check of certificate configuration at server start time
  • rs-2267 Show proper error if root password is too short
  • rs-2055 Added groups column to users view
  • rs-2090 Enhance Drag-and-Drop with Auto-Expand for Business Unit Folders

v1.1.1

Release Date: 2025-03-26

Fixes

  • rs-2200: Permission Error After Upgrading from v1.0.0 to v1.1.0
  • rs-2204: Improved error logging
  • rs-2213: IQ-Software connectivity error (TLS certificate related)

v1.1.0

Release Date: 2025-03-13

Features

  • IQ-Software – CDM-Server now supports IQ-Software V8.0 - 0040.
  • Login URL – The login URL has been updated to / instead of web/welcome.html ( Documentation ).
  • RBAC for CDM-Server – Roles can be defined on Business Units, Projects and Structures and the access to these elements is controlled by the Groups and Roles defined. ( Documentation ).
  • Business Unit – A reload button has been added in Business Unit.
  • Database Enhancements – Added automatic backup & manual restore functionality, and performance optimizations. ( Documentation )
  • Settings Panel – Added a settings panel that allows the user to change the language. Admin can also set a contact email. ( Documentation )
  • Bill of Materials – This has been updated. ( Documentation )

Fixes

  • Better Login & Group Handling – Fixed login issues and improved group management in the initial setup.
  • Azure & LDAP Integration – Bug fixes.
  • Optimized Dashboard – Fixed missing or incorrect translations for a better user experience.
  • Candidate Approval – Minor UI tweaks.
  • Various improvements across the board for a smoother and more secure experience.

v1.0.1

Release Date: 2024-11-19

Features

  • Support for IQ-Software V8.0
  • Azure (Entra) integration

Fixes

  • Minor bug fixes

v1.0.0

Release Date: 2024-11-06

Features

  • Server support for IQ-Software V8.0
  • Candidate approval workflow
  • Local user management
  • LDAP integration
  • Role-based access control (RBAC) (No Enforcement)
  • User and group management

2 - Data Backup/Restore and Maintenance

About how to backup/restore your data, as well as scheduled daily/weekly maintenance tasks.

Backup

Automatic backup

The automatic backup system is integrated into the CDM-Server. It does not function when the CDM server is down.

Every night at 2:00 AM, a daily compressed backup file in the .tar.gz format is created in the .backups folder. This file, in turn, contains a highly compressed file named db.tar.gz, which holds all the database files required for restoring a database. Additionally, the backup file in the uploads folder contains binary blob files that belong to the CDM server’s data model but are stored outside the database for performance reasons. The name of the backup file is generated according to the following pattern:

cdm_backup_<database-version>_<date>.tar.gz

The date follows the format %Y%m%d%H%M%S and is based on the host system’s time zone. Here is an example of a backup file name created on December 12, 2024, starting at 2:00 AM, with the database version 16:

cdm_backup_16_20241212020000.tar.gz

Backup files older than 30 days are automatically deleted. The backup files are created without significantly affecting the database operations.

Preserving backup files for longer than 30 days is your task. Please make sure you copy the backup files to a save place before they get deleted.

Manual Backup Execution

Backups can also be manually initiated if needed (e.g., before deploying a new CDM server version). To do so, simply run the shell script:

./backup

The CDM-Server needs to be active for the backup to work. The backup is created without significantly affecting database operations. A manual backup must not be started while an automatic backup is running. The backup file is generated using the same pattern as the automatically created backup files and is located in the same folder. It is also named according to the same format and is also automatically deleted after 30 days.

Restore

To do this, run the script

./restore

Then, the instructions of the script must be followed. The script instructions are only available in English. The script stops the CDM-Server. If the script runs successfully, start the CDM-Server again using

./start

Maintenance

We automatically run some maintenance tasks on the data and database every week on Sunday at 00:00 and 04:00 (Server time).

Examples runs of ./backup and ./restore

Execute manual backup

./backup
pg_basebackup: initiating base backup, waiting for checkpoint to complete   
pg_basebackup: checkpoint completed
pg_basebackup: write-ahead log start point: 0/E6000028 on timeline 1
pg_basebackup: starting background WAL receiver
pg_basebackup: created temporary replication slot "pg_basebackup_292042"
pg_basebackup: write-ahead log end point: 0/E6000100
pg_basebackup: waiting for background process to finish streaming ...
pg_basebackup: syncing data to disk ...
pg_basebackup: renaming backup_manifest.tmp to backup_manifest
pg_basebackup: base backup completed
Database and files backup completed.
Backup of database and files completed.

Execute restore

./restore
Page: 1 of 4

1. cdm_backup_16_20250221080438.tar.gz
2. cdm_backup_16_20250221075006.tar.gz
3. cdm_backup_16_20250221020000.tar.gz
4. cdm_backup_16_20250220020000.tar.gz
5. cdm_backup_16_20250219020000.tar.gz
6. cdm_backup_16_20250218020000.tar.gz  
7. cdm_backup_16_20250217020000.tar.gz
8. cdm_backup_16_20250216020000.tar.gz
9. cdm_backup_16_20250215020000.tar.gz
10. cdm_backup_16_20250214020000.tar.gz

Enter the number to select a backup, 'n' for next page, 'q' to quit.
Choose an option: 1
Selected backup: cdm_backup_16_20250221080438.tar.gz
Are you sure you want to restore this backup? (y/n): y
Validating the backup file...
Backup file validated successfully.
Stopping the app and database container...
Stopping the server with Docker Compose...
[+] Running 7/7
✔ Container main-proxy-1   Removed                                                                                                                                                          0.9s
✔ Container pfx-converter  Removed                                                                                                                                                          0.0s
✔ Container cdm-web-1     Removed                                                                                                                                                          0.2s
✔ Container cdm-app-1     Removed                                                                                                                                                          2.3s
✔ Container main-db-1      Removed                                                                                                                                                          0.4s
✔ Network main_default     Removed                                                                                                                                                          0.2s
✔ Network main_common-net  Removed                                                                                                                                                          0.3s
Server stopped successfully!
Server stopped successfully!
Restoring the backup...
Database and file restoration process completed.

./start

3 - Service Worker

This document describes how the service worker enhances the application’s behavior, including its supported features like session management, client communication, and request tracking, as well as the potential impact if it fails or becomes unavailable.

Supported Features

Session Management

  • Auto Logout: The service worker keeps track of open tabs and logs you out automatically when no clients are active.
  • Session Check: It periodically checks if your session is still active. If the session has expired or is no longer valid, all open tabs will be notified.
  • Session Update Notifications: When your session changes (e.g., you log out, or your session expires), all open tabs are updated with the new session information.

Client Communication and Coordination

  • Active Tab Updates: The service worker keeps track of which tabs are open and ensures all of them are updated when a new tab opens or an existing one is closed.
  • Language & Project Updates: Relays language changes and locked project updates among all active tabs, so they stay in sync.

Impact When the Service Worker Is Not Working

If the service worker fails or is unavailable, the following issues may arise:

  • Session Problems: Without the service worker, automatic logout and periodic session validation may not occur. This could lead to stale sessions or unexpected logouts.
  • Delayed or Missing Notifications: Real-time notifications regarding session updates, language changes, or locked projects may not be delivered, causing inconsistencies across tabs.
  • Tabs Out of Sync: If you have multiple tabs open, they may not stay coordinated. Changes in one tab (e.g., language updates) might not be reflected in other tabs, leading to inconsistencies and potential user confusion.

Troubleshooting

If you’re experiencing issues with the service worker, here’s what you can do to resolve it:

  1. Check Browser Support
    Ensure that your browser supports service workers. Most modern browsers support them, including:

    • Chrome
    • Firefox (note that it might not work in private browsing mode)
    • Safari
    • Edge

    Some browsers may block service workers in certain modes, so be sure to check your browser’s settings.
    For a detailed list of supported browsers and any known compatibility issues, please refer to the official Service Worker Browser Compatibility page on MDN Web Docs.

  2. Verify the Service Worker is Active
    Use the browser’s developer tools to check if the service worker is registered and active. Here’s how:

    • In Chrome, Edge and Firefox:
      1. Open Developer Tools (F12).
      2. Go to the “Application” tab.
      3. Under “Service Workers”, verify if the service worker is registered and listed as “Activated”. Service Worker
  3. Re-register the Service Worker
    If the service worker is not active or seems outdated, try re-registering it:

    • In Chrome, Edge and Firefox:
      1. Open Developer Tools (F12).
      2. Go to the “Application” tab.
      3. Under “Service Workers”, click “Unregister” if it’s listed there.
      4. After unregistering, refresh the page to force the registration of the latest service worker.
  4. Look for Fallback Notifications
    The application may display a warning if the service worker is unavailable. Pay attention to any messages or prompts in the app that provide more details or steps to take.

4 - Logs

Where to find logs and how to manage them.

Application Logs

In the .logs directory, you can find all the logs generated by the server.

Container Logs

There are also some logs generated by OCI containers. You can find them in the /var/lib/docker/containers (or equivalent if you are using something else) directory. For database, 10x 10mb files are retained. For application, 10x 100mb files are retained.

5 - Setup on Windows

Running CDM-Server on Windows using WSL2

Prerequisites

  • Latest Windows Version with WSL2 Support
    • Recommended: Windows Server 2022
    • Should Work: Windows 11 23H2+
  • Access to Windows Store
  • Internet Connection

Installation Steps

  1. Install: Ubuntu LTS on Windows Store
    • Alternatively, open Windows Store, Search for Ubuntu (by Canonical Group Limited) and Install it
  2. Open Ubuntu from START and follow the instructions to set up your user inside WSL Ubuntu
  3. Install Docker Engine with Docker Compose Plugin
  4. Once done, optionally type: cd ~ && mkdir cdm && cd cdm
  5. Now that you have a working linux inside windows, you can follow the CDM-Server installation on linux steps: See here
  6. After the installation, you can find the CDM-Server in ~/cdm directory

Troubleshooting

  • I can access CDM-Server from the server computer but not from other devices
    • Check your firewall settings and make sure the port is open
    • The specified CDM_HOST should resolve to the server’s IP address
  • I want to run CDM-Server as a service in Ubuntu

6 - Bill of Materials

Software Bill of Materials for CDM-Server

CDM-Server SBOM

We provide the SBOM in OWASP’s CycloneDX v1.5/v1.6 format which has been officially ratified as an Ecma International standard.

You can find the SBOM for CDM-Server here:

Additional Information

CDM-Server also utilizes:

7 - Install Self-Signed Certificate

How to Install Self-Signed Certificate on the Client

Manual Installation Steps

First, you receive the certificate from the administrator. Then, you can install it using the following steps:

Right Click on Certificate

Install Certificate

Select Location

Proceed Installation

Review

Confirm Warning