593daa17bf
fix: move readOnly into inputProps on download token OutlinedInput
2026-03-01 16:39:42 +01:00
0943798399
feat: show download token with copy and regenerate on Config Detail
2026-03-01 16:33:38 +01:00
c24c00b307
feat: add regenerateToken to configsApi
2026-03-01 16:27:11 +01:00
ab181e802f
fix: remove unused Response import, constrain format param to Literal[json,zip]
2026-03-01 16:26:43 +01:00
b71e1e5989
feat: token auth on generate endpoint and regenerate-token endpoint
2026-03-01 16:24:28 +01:00
2e0cda834b
feat: add get_optional_user for unauthenticated generate access
2026-03-01 16:05:15 +01:00
29b71b267e
feat: reject empty-string tokens in GenerateRequest (min_length=1)
2026-03-01 16:04:43 +01:00
3b90373b78
feat: add download_token to ConfigOut, add GenerateRequest and RegenerateTokenOut schemas
2026-03-01 16:02:38 +01:00
9b15c081b0
feat: add index on configs.download_token for token-auth lookups
2026-03-01 16:01:57 +01:00
e9a91a7794
feat: add download_token field to Config model
2026-03-01 15:59:59 +01:00
d6e3904f0a
fix: remove permanent server_default from download_token migration
2026-03-01 15:59:20 +01:00
c55d73fd58
feat: migration 0012 — add download_token to configs
2026-03-01 15:35:21 +01:00
ad35b00023
docs: add implementation plan for config download token
2026-03-01 15:33:19 +01:00
d28d034a17
docs: add design doc for config download token
2026-03-01 15:31:42 +01:00
4d0164ed02
chore: use storageClassName nfs for postgres PV/PVC
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 11s
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 11s
2026-03-01 14:54:45 +01:00
426fb8fbfd
chore: use existing 'nfs' PV instead of creating one
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 44s
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m34s
2026-03-01 14:49:56 +01:00
d56075a74e
feat: expose app version from ConfigMap in sidebar footer
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 59s
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 1m27s
2026-03-01 11:51:30 +01:00
9382106e8d
fix: reset generated files cache when modal closes so reopening fetches fresh data
2026-03-01 11:45:47 +01:00
390774c79a
feat: default interface broadcast to 'detect'
2026-03-01 11:43:58 +01:00
08dddb7297
fix: convert empty select values to null before submitting
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 32s
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m27s
2026-03-01 11:37:25 +01:00
02c8f71957
feat: complete snat with all shorewall columns (proto, port, ipsec, mark, user, switch, origdest, probability)
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m14s
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 2m2s
2026-03-01 11:28:25 +01:00
36224cebcd
feat: complete rules with all shorewall columns (origdest, rate, user, mark, connlimit, time, headers, switch, helper)
2026-03-01 11:25:09 +01:00
3c259a1862
feat: add placeholder support to EntityForm FieldDef
2026-03-01 11:18:53 +01:00
e05e9d5975
feat: add limit:burst and connlimit:mask fields to policies
2026-03-01 11:18:26 +01:00
3dc97df6cd
feat: allow 'all' for policy source and destination zones
2026-03-01 11:14:42 +01:00
8b787a99c2
feat: add broadcast field to interfaces
2026-03-01 11:13:13 +01:00
58ef0dec63
feat: allow interfaces to have no zone (shorewall '-' zone)
2026-03-01 11:11:52 +01:00
21d404229a
feat: add hosts and params files, fix rules SECTION NEW header
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 44s
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m32s
2026-03-01 01:43:15 +01:00
15f28cb070
chore: bump container version to 0.007
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m3s
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 1m29s
2026-03-01 01:31:17 +01:00
686ce911bb
feat: rename masq to snat throughout, update generator to Shorewall 5 snat format
2026-03-01 01:30:19 +01:00
1b543ed44a
chore: remove OIDC debug logging
2026-03-01 01:24:45 +01:00
59d9b438a1
debug: decode and log raw ID token payload in OIDC callback
2026-03-01 01:24:06 +01:00
388e945343
chore: remove temporary OIDC debug logging
2026-03-01 01:21:22 +01:00
740983277f
debug: log userinfo keys and groups claim in OIDC callback
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 45s
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m31s
2026-03-01 01:17:12 +01:00
6b340f50cb
fix: remove passlib import from migration 0001, embed static hash
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 30s
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 1m29s
2026-03-01 01:10:17 +01:00
aaa6e7def4
Version bump to test sso
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 1m18s
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m36s
2026-03-01 01:02:44 +01:00
2b6cd29413
feat(sso): bump container version for SSO release
2026-03-01 00:55:19 +01:00
daabafc595
feat(sso): replace login form with SSO redirect button
2026-03-01 00:55:07 +01:00
1daa6f6e90
feat(sso): replace local auth with Keycloak OIDC callback flow
2026-03-01 00:51:14 +01:00
f28240c37f
feat(sso): update User model and schemas for Keycloak
2026-03-01 00:50:44 +01:00
95fbe99b61
feat(sso): migration — add keycloak_sub, make hashed_password nullable
2026-03-01 00:50:20 +01:00
ff4aa155d1
feat(sso): add KEYCLOAK_CLIENT_SECRET to secrets script and backend deployment
2026-03-01 00:45:37 +01:00
924e51ffaa
feat(sso): add Keycloak settings to database.py and Helm ConfigMap
2026-03-01 00:45:07 +01:00
58f0fd50d8
feat(sso): replace passlib/bcrypt with authlib + httpx
2026-03-01 00:44:18 +01:00
40113bc634
docs: add Keycloak SSO integration design
2026-03-01 00:37:49 +01:00
4c4cdf0a52
fix: route all traffic through nginx; remove direct /api->backend ingress rule
...
Traefik forwards /api/auth/login to the backend verbatim, causing 404.
Nginx already strips the /api prefix correctly via proxy_pass with trailing
slash. Routing everything through frontend/nginx avoids the double-routing
and the need for a StripPrefix middleware.
2026-03-01 00:12:33 +01:00
5ac2f931f8
URL changed - rebuild
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 43s
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 1m57s
2026-03-01 00:06:57 +01:00
bd229d52a1
fix: run postgres as uid 99/gid 100 to match Unraid NFS squash mapping
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 12s
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m9s
2026-03-01 00:02:12 +01:00
271fec8da5
fix: add JWT_SECRET_KEY to migrate init container; run postgres as uid 70 to avoid NFS chown failure
2026-02-28 23:53:03 +01:00
ee50261216
fix: set build_context to backend/ and frontend/ subdirectories
...
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 1m20s
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m25s
Dockerfiles use COPY requirements.txt . and COPY package*.json ./ which
expect the build context to be their own subdirectory, not the repo root.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-02-28 23:36:02 +01:00
