github davefatkin/EinVault v1.1.1
EinVault 1.1.1

3 hours ago

EinVault

This release makes single-target quick logs a true one-tap action. The full 1.1 and 1.0 announcements are reprinted below so they stay put.

One tap when there's nothing to pick

  • A quick log button that can only reach one companion now logs the moment you tap it. The target picker only opens when there's an actual choice to make. In practice that means a caretaker with one assigned companion, or a quick log pinned to a single companion, skips the extra confirmation step entirely (#175).
  • The recent activity feed picks up the new entry straight away, no refresh needed. That was already the case, but it's now covered by tests so it stays that way.

Upgrading

Pull the new image. Migrations run on boot and nothing in your config changes.


EinVault 1.1

1.1 opens quick logs to every role and adds a Bearer-token HTTP API, so you can drive EinVault from smart buttons, scripts, and other devices without a browser. The full 1.0 announcement is reprinted below so it stays put.

Quick logs for everyone

Quick logs used to be caretaker-only. Now members, admins, and caretakers all get them: personal one-tap buttons for the events you log over and over, re-orderable, and switchable on and off. Build custom ones under Settings > Quick logs (event type, note, target companions) and share a copy with another user. A shared copy arrives disabled, so nobody can drop a live logging button into your UI without you turning it on, and a recipient who can't reach any of the companions is skipped instead of getting a dead button.

Bearer-token API

EinVault now exposes an HTTP API so a device can log and read without a browser session. Create a token under Settings > API tokens; it acts as you, so a caretaker's token still needs an active shift and only reaches assigned companions.

What it covers:

  • Log daily events and journal entries, run your quick logs, and record health events and weight.
  • List and complete reminders.
  • Read your companions, the caretaker shift schedule, and the user roster (scoped to what you're allowed to see).

Built for real devices:

  • Tokens are full or write-only (a log-only button never reads back notes), with optional expiry, rotation, and a per-user cap.
  • Send an Idempotency-Key and a retry on a flaky connection replays the original result instead of double-logging.
  • Every error carries a stable { code, message }, so a device branches on the code, not the wording. Per-IP and per-token rate limits keep it polite, and a global API_TOKENS_ENABLED switch turns the whole thing off.
  • Per-user access is on by default while the API is enabled; admins grant or revoke it for any member or caretaker, which disables all their tokens at once.

Self-hosted docs live at /api/docs: a zero-dependency reference with a Try-It panel that fires real requests, generated from the same schemas the server validates against, so it can't drift from what an endpoint actually accepts. The raw spec is /api/openapi.json (OpenAPI 3.1).

Big shoutout to @LeSnowTiger for the feedback and ideas!

Upgrading

Pull the new image. Migrations run on boot and nothing in your existing config changes. The API is on by default; set API_TOKENS_ENABLED=false if you'd rather not expose it (that hides token creation and 404s every endpoint). Every user starts with API access while it's enabled, and admins can revoke it per person from Admin > Users > Manage.


EinVault 1.0

EinVault started as a way to keep track of my own pup without handing his health records to some cloud service, and 1.0 is the version I'm truly pleased with. It still does what it always did: track health records, daily activities, and care schedules for your companions, all on hardware you control. It just looks a whole lot better now, and it picked up a few things along the way.

The redesign

Almost every screen got reworked. New colors, calmer layouts, and empty states that actually tell you what to do instead of staring back at you blankly. The member, admin, and caretaker views were pulled into line with each other, the settings pages finally share one layout, and dark mode behaves itself everywhere. If you've been running an older build, the first thing you'll notice on launch is that it doesn't look like the same app.

Ein

EinVault has a mascot now. Ein is a little corgi who shows up on the login screen, greets you on a fresh dashboard, and turns up looking appropriately confused when you hit a 404.

Two-factor auth

You can lock your account down with an authenticator app. Turn it on under Settings > Security, scan the code, and write down your backup codes somewhere safe. If you run EinVault for other people, you can require 2FA across the board (or just for admins), and reset it for anyone who loses their phone. SSO logins are left alone, since your identity provider already handles that. One thing to know before you flip it on: see the upgrade notes below.

Odds and ends

  • Page icons and colors are consistent now (weight, health, reminders, activity each have their own look), across both the owner and caretaker sides.
  • Role badges are actually distinguishable at a glance.
  • New favicon, proper app icons, and a web manifest, so it installs cleanly to a phone home screen.
  • Added a medication schedule alongside feeding and walks.
  • Six languages (English, German, Spanish, French, Italian, Portuguese). Fair warning: everything but English is machine-translated and may read a little off. Corrections welcome.

Upgrading to 1.0

Pulling the new image is all you need. Migrations run on boot, and none of your existing config changes.

The only new knob is for 2FA: set TWOFA_ENC_KEY to a 32-byte base64 key (openssl rand -base64 32) and it encrypts the stored TOTP secrets. Leave it unset and 2FA just stays off. It doesn't touch any of your OIDC settings.

Also quietly bumped a build-time dependency (esbuild) to clear a security advisory. Nothing in the running server was affected.

Thanks for using EinVault. If something's broken or rough, open an issue. If there's something you'd like me to consider adding or changing, open an issue! Many of the ideas for features that have been added over the past few months have come from a small group of dedicated users.

Don't miss a new EinVault release

NewReleases is sending notifications on new releases.