* feat(xray): add tunnel health monitor
* fix(tunnelmonitor): reuse netproxy client and init logger in tests
Replace the duplicated newHTTPClient/dialContextWithProxy with netproxy.NewHTTPClient, which centralises the http/https/socks5 handling and avoids the dial-goroutine connection leak on context cancellation. Cap failures at the threshold during cooldown so the counter stays a true consecutive-failure count. Add TestMain to initialise the logger and fix the nil-pointer panic in the success-after-failure path.
* fix(tunnelmonitor): observable recovery, signal headroom, and hardening
Address the remaining review findings on the tunnel health monitor:
- Recovery is now synchronous and observable: the callback calls
server.RestartXray() directly and returns its error instead of just
enqueuing SIGUSR1, so a failed restart no longer masks as success and
arms the cooldown while the tunnel is still down.
- Give the OS signal channel headroom (buffer 8) so producers cannot
starve a SIGTERM/SIGINT out of the single slot.
- Warn at startup when the monitor is enabled without a proxy, since the
probe then measures host connectivity rather than the xray tunnel.
- Cap failures at the threshold in the nil-recover branch too, matching
the cooldown cap.
- Document the XUI_TUNNEL_HEALTH_* vars in .env.example and the README.
- Add tests for status-code classification, Normalize bounds, New proxy
scheme errors, the recovery-error and nil-recover paths, the cooldown
cap, and Run context cancellation (coverage 90%).
---------
Co-authored-by: Sanaei <ho3ein.sanaei@gmail.com>
* feat(docker): support XUI_PORT runtime override
Allow deployments to select the panel listener port without mutating the persisted webPort setting. Invalid values fall back to the database-backed port and are covered by parser boundary tests.
* docs: describe XUI_PORT deployment usage
Add commented local and Compose examples, explain runtime precedence, and call out matching Docker bridge port mappings.
* feat(env): allow setting the initial URI path for the web panel
* fix(setting): normalize and guard XUI_INIT_WEB_BASE_PATH default
Address Copilot review on PR #5149: an env value that is empty, whitespace, or lacks slashes (e.g. `panel`) could produce an invalid webBasePath such as `/ /` and reach the frontend un-normalized.
getEnv now trims whitespace and falls back when the value is empty; the env-derived default is passed through the existing normalizeBasePath helper (reused from node.go) so it always carries a leading and trailing slash. GetBasePath reuses the same helper instead of duplicating the slash logic.
---------
Co-authored-by: Sanaei <ho3ein.sanaei@gmail.com>