Miscellaneous

• 1: Changelogs
• 2: Data Backup/Restore and Maintenance
• 3: Service Worker
• 4: Logs
• 5: Setup on Windows
• 6: Bill of Materials
• 7: Install Self-Signed Certificate

1 - Changelogs

v1.2.1

Release Date: 2025-06-24

Fixes

• rs-2326 A container leaving zombie processes behind.

v1.2.0

Release Date: 2025-06-12

Feature

• IQ-Software – CDM-Server now supports IQ-Software V8.0 - 0050.
• rs-2164 Session View
• rs-1978 Make SESSION_INACTIVITY_TIMEOUT_IN_SECONDS configurable by the customer
• rs-1605 Client IP address added to access log
• rs-2128 Infobox component automatic size adjustment enhancement
• rs-2224 Improved check of certificate configuration at server start time
• rs-2267 Show proper error if root password is too short
• rs-2055 Added groups column to users view
• rs-2090 Enhance Drag-and-Drop with Auto-Expand for Business Unit Folders

v1.1.1

Release Date: 2025-03-26

Fixes

• rs-2200: Permission Error After Upgrading from v1.0.0 to v1.1.0
• rs-2204: Improved error logging
• rs-2213: IQ-Software connectivity error (TLS certificate related)

v1.1.0

Release Date: 2025-03-13

Features

• IQ-Software – CDM-Server now supports IQ-Software V8.0 - 0040.
• Login URL – The login URL has been updated to / instead of web/welcome.html ( Documentation ).
• RBAC for CDM-Server – Roles can be defined on Business Units, Projects and Structures and the access to these elements is controlled by the Groups and Roles defined. ( Documentation ).
• Business Unit – A reload button has been added in Business Unit.
• Database Enhancements – Added automatic backup & manual restore functionality, and performance optimizations. ( Documentation )
• Settings Panel – Added a settings panel that allows the user to change the language. Admin can also set a contact email. ( Documentation )
• Bill of Materials – This has been updated. ( Documentation )

Fixes

• Better Login & Group Handling – Fixed login issues and improved group management in the initial setup.
• Azure & LDAP Integration – Bug fixes.
• Optimized Dashboard – Fixed missing or incorrect translations for a better user experience.
• Candidate Approval – Minor UI tweaks.
• Various improvements across the board for a smoother and more secure experience.

v1.0.1

Release Date: 2024-11-19

Features

• Support for IQ-Software V8.0
• Azure (Entra) integration

Fixes

• Minor bug fixes

v1.0.0

Release Date: 2024-11-06

Features

• Server support for IQ-Software V8.0
• Candidate approval workflow
• Local user management
• LDAP integration
• Role-based access control (RBAC) (No Enforcement)
• User and group management

2 - Data Backup/Restore and Maintenance

Backup

Automatic backup

The automatic backup system is integrated into the CDM-Server. It does not function when the CDM server is down.

Every night at 2:00 AM, a daily compressed backup file in the .tar.gz format is created in the .backups folder. This file, in turn, contains a highly compressed file named db.tar.gz, which holds all the database files required for restoring a database. Additionally, the backup file in the uploads folder contains binary blob files that belong to the CDM server’s data model but are stored outside the database for performance reasons. The name of the backup file is generated according to the following pattern:

cdm_backup_<database-version>_<date>.tar.gz

The date follows the format %Y%m%d%H%M%S and is based on the host system’s time zone. Here is an example of a backup file name created on December 12, 2024, starting at 2:00 AM, with the database version 16:

cdm_backup_16_20241212020000.tar.gz

Backup files older than 30 days are automatically deleted. The backup files are created without significantly affecting the database operations.

Preserving backup files for longer than 30 days is your task. Please make sure you copy the backup files to a save place before they get deleted.

Manual Backup Execution

Backups can also be manually initiated if needed (e.g., before deploying a new CDM server version). To do so, simply run the shell script:

./backup

The CDM-Server needs to be active for the backup to work. The backup is created without significantly affecting database operations. A manual backup must not be started while an automatic backup is running. The backup file is generated using the same pattern as the automatically created backup files and is located in the same folder. It is also named according to the same format and is also automatically deleted after 30 days.

Restore

To do this, run the script

./restore

Then, the instructions of the script must be followed. The script instructions are only available in English. The script stops the CDM-Server. If the script runs successfully, start the CDM-Server again using

./start

Maintenance

We automatically run some maintenance tasks on the data and database every week on Sunday at 00:00 and 04:00 (Server time).

Examples runs of ./backup and ./restore

Execute manual backup

./backup
pg_basebackup: initiating base backup, waiting for checkpoint to complete   
pg_basebackup: checkpoint completed
pg_basebackup: write-ahead log start point: 0/E6000028 on timeline 1
pg_basebackup: starting background WAL receiver
pg_basebackup: created temporary replication slot "pg_basebackup_292042"
pg_basebackup: write-ahead log end point: 0/E6000100
pg_basebackup: waiting for background process to finish streaming ...
pg_basebackup: syncing data to disk ...
pg_basebackup: renaming backup_manifest.tmp to backup_manifest
pg_basebackup: base backup completed
Database and files backup completed.
Backup of database and files completed.

Execute restore

./restore
Page: 1 of 4

1. cdm_backup_16_20250221080438.tar.gz
2. cdm_backup_16_20250221075006.tar.gz
3. cdm_backup_16_20250221020000.tar.gz
4. cdm_backup_16_20250220020000.tar.gz
5. cdm_backup_16_20250219020000.tar.gz
6. cdm_backup_16_20250218020000.tar.gz  
7. cdm_backup_16_20250217020000.tar.gz
8. cdm_backup_16_20250216020000.tar.gz
9. cdm_backup_16_20250215020000.tar.gz
10. cdm_backup_16_20250214020000.tar.gz

Enter the number to select a backup, 'n' for next page, 'q' to quit.
Choose an option: 1
Selected backup: cdm_backup_16_20250221080438.tar.gz
Are you sure you want to restore this backup? (y/n): y
Validating the backup file...
Backup file validated successfully.
Stopping the app and database container...
Stopping the server with Docker Compose...
[+] Running 7/7
✔ Container main-proxy-1   Removed                                                                                                                                                          0.9s
✔ Container pfx-converter  Removed                                                                                                                                                          0.0s
✔ Container cdm-web-1     Removed                                                                                                                                                          0.2s
✔ Container cdm-app-1     Removed                                                                                                                                                          2.3s
✔ Container main-db-1      Removed                                                                                                                                                          0.4s
✔ Network main_default     Removed                                                                                                                                                          0.2s
✔ Network main_common-net  Removed                                                                                                                                                          0.3s
Server stopped successfully!
Server stopped successfully!
Restoring the backup...
Database and file restoration process completed.

./start

3 - Service Worker

Supported Features

Session Management

• Auto Logout: The service worker keeps track of open tabs and logs you out automatically when no clients are active.
• Session Check: It periodically checks if your session is still active. If the session has expired or is no longer valid, all open tabs will be notified.
• Session Update Notifications: When your session changes (e.g., you log out, or your session expires), all open tabs are updated with the new session information.

Client Communication and Coordination

• Active Tab Updates: The service worker keeps track of which tabs are open and ensures all of them are updated when a new tab opens or an existing one is closed.
• Language & Project Updates: Relays language changes and locked project updates among all active tabs, so they stay in sync.

Impact When the Service Worker Is Not Working

If the service worker fails or is unavailable, the following issues may arise:

• Session Problems: Without the service worker, automatic logout and periodic session validation may not occur. This could lead to stale sessions or unexpected logouts.
• Delayed or Missing Notifications: Real-time notifications regarding session updates, language changes, or locked projects may not be delivered, causing inconsistencies across tabs.
• Tabs Out of Sync: If you have multiple tabs open, they may not stay coordinated. Changes in one tab (e.g., language updates) might not be reflected in other tabs, leading to inconsistencies and potential user confusion.

Troubleshooting

If you’re experiencing issues with the service worker, here’s what you can do to resolve it:

1. Check Browser Support
   Ensure that your browser supports service workers. Most modern browsers support them, including:

   • Chrome
   • Firefox (note that it might not work in private browsing mode)
   • Safari
   • Edge

   Some browsers may block service workers in certain modes, so be sure to check your browser’s settings.
   For a detailed list of supported browsers and any known compatibility issues, please refer to the official Service Worker Browser Compatibility page on MDN Web Docs.

2. Verify the Service Worker is Active
   Use the browser’s developer tools to check if the service worker is registered and active. Here’s how:

   • In Chrome, Edge and Firefox:
     1. Open Developer Tools (F12).
     2. Go to the “Application” tab.
     3. Under “Service Workers”, verify if the service worker is registered and listed as “Activated”.

3. Re-register the Service Worker
   If the service worker is not active or seems outdated, try re-registering it:

   • In Chrome, Edge and Firefox:
     1. Open Developer Tools (F12).
     2. Go to the “Application” tab.
     3. Under “Service Workers”, click “Unregister” if it’s listed there.
     4. After unregistering, refresh the page to force the registration of the latest service worker.

4. Look for Fallback Notifications
   The application may display a warning if the service worker is unavailable. Pay attention to any messages or prompts in the app that provide more details or steps to take.

4 - Logs

Application Logs

In the .logs directory, you can find all the logs generated by the server.

Container Logs

There are also some logs generated by OCI containers. You can find them in the /var/lib/docker/containers (or equivalent if you are using something else) directory. For database, 10x 10mb files are retained. For application, 10x 100mb files are retained.

5 - Setup on Windows

Prerequisites

• Latest Windows Version with WSL2 Support
  • Recommended: Windows Server 2022
  • Should Work: Windows 11 23H2+
• Access to Windows Store
• Internet Connection

Installation Steps

1. Install: Ubuntu LTS on Windows Store
   • Alternatively, open Windows Store, Search for Ubuntu (by Canonical Group Limited) and Install it
2. Open Ubuntu from START and follow the instructions to set up your user inside WSL Ubuntu
3. Install Docker Engine with Docker Compose Plugin
   • (Recommended) Uninstall Old Versions
   • From the official Docker website: Install Docker Engine
     • This involves two steps: add canonical apt repository and then installing docker engine
4. Once done, optionally type: cd ~ && mkdir cdm && cd cdm
5. Now that you have a working linux inside windows, you can follow the CDM-Server installation on linux steps: See here
6. After the installation, you can find the CDM-Server in ~/cdm directory

Troubleshooting

• I can access CDM-Server from the server computer but not from other devices
  • Check your firewall settings and make sure the port is open
  • The specified CDM_HOST should resolve to the server’s IP address
• I want to run CDM-Server as a service in Ubuntu
  • You need to follow WSL2 Systemd Guide to run services in WSL2

6 - Bill of Materials

CDM-Server SBOM

We provide the SBOM in OWASP’s CycloneDX v1.5/v1.6 format which has been officially ratified as an Ecma International standard.

You can find the SBOM for CDM-Server here:

• v1.2.1: JSON 1 | Summary 1 || JSON 2 | Summary 2
• v1.2.0: JSON 1 | Summary 1 || JSON 2 | Summary 2
• v1.1.1: JSON 1 | Summary 1 || JSON 2 | Summary 2
• v1.1.0: JSON 1 | Summary 1 || JSON 2 | Summary 2
• v1.0.1: JSON | Summary
• v1.0.0: JSON | Summary

Additional Information

CDM-Server also utilizes:

• Java 21 (Temurin JRE 21.0.5)
• PostgreSQL v16 (postgres:16-alpine)
• Alpine Linux
• pg_repack 1.5.0
• Bulma 0.9.4
• Caddy 2.9.1
• Traefik 3.3.3

7 - Install Self-Signed Certificate

Manual Installation Steps

First, you receive the certificate from the administrator. Then, you can install it using the following steps: