adebaumann/shorefront
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78 Commits 2 Branches 0 Tags
9b15c081b0a455048d3d170e0c90396a573798ad
Commit Graph

38 Commits

Author SHA1 Message Date
Adrian A. Baumann
9b15c081b0 feat: add index on configs.download_token for token-auth lookups 2026-03-01 16:01:57 +01:00
Adrian A. Baumann
e9a91a7794 feat: add download_token field to Config model 2026-03-01 15:59:59 +01:00
Adrian A. Baumann
d6e3904f0a fix: remove permanent server_default from download_token migration 2026-03-01 15:59:20 +01:00
Adrian A. Baumann
c55d73fd58 feat: migration 0012 — add download_token to configs 2026-03-01 15:35:21 +01:00
Adrian A. Baumann
d56075a74e feat: expose app version from ConfigMap in sidebar footer
All checks were successful
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 59s
Details
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 1m27s
Details
2026-03-01 11:51:30 +01:00
Adrian A. Baumann
390774c79a feat: default interface broadcast to 'detect' 2026-03-01 11:43:58 +01:00
Adrian A. Baumann
02c8f71957 feat: complete snat with all shorewall columns (proto, port, ipsec, mark, user, switch, origdest, probability)
All checks were successful
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m14s
Details
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 2m2s
Details
2026-03-01 11:28:25 +01:00
Adrian A. Baumann
36224cebcd feat: complete rules with all shorewall columns (origdest, rate, user, mark, connlimit, time, headers, switch, helper) 2026-03-01 11:25:09 +01:00
Adrian A. Baumann
e05e9d5975 feat: add limit:burst and connlimit:mask fields to policies 2026-03-01 11:18:26 +01:00
Adrian A. Baumann
3dc97df6cd feat: allow 'all' for policy source and destination zones 2026-03-01 11:14:42 +01:00
Adrian A. Baumann
8b787a99c2 feat: add broadcast field to interfaces 2026-03-01 11:13:13 +01:00
Adrian A. Baumann
58ef0dec63 feat: allow interfaces to have no zone (shorewall '-' zone) 2026-03-01 11:11:52 +01:00
Adrian A. Baumann
21d404229a feat: add hosts and params files, fix rules SECTION NEW header
All checks were successful
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 44s
Details
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m32s
Details
2026-03-01 01:43:15 +01:00
Adrian A. Baumann
686ce911bb feat: rename masq to snat throughout, update generator to Shorewall 5 snat format 2026-03-01 01:30:19 +01:00
Adrian A. Baumann
1b543ed44a chore: remove OIDC debug logging 2026-03-01 01:24:45 +01:00
Adrian A. Baumann
59d9b438a1 debug: decode and log raw ID token payload in OIDC callback 2026-03-01 01:24:06 +01:00
Adrian A. Baumann
388e945343 chore: remove temporary OIDC debug logging 2026-03-01 01:21:22 +01:00
Adrian A. Baumann
740983277f debug: log userinfo keys and groups claim in OIDC callback
All checks were successful
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 45s
Details
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 1m31s
Details
2026-03-01 01:17:12 +01:00
Adrian A. Baumann
6b340f50cb fix: remove passlib import from migration 0001, embed static hash
All checks were successful
Build containers when image tags change / build-if-image-changed (frontend, shorefront-frontend, shorefront frontend, frontend/Dockerfile, git.baumann.gr/adebaumann/shorefront-frontend, .frontend.image) (push) Successful in 30s
Details
Build containers when image tags change / build-if-image-changed (backend, shorefront-backend, shorefront backend, backend/Dockerfile, git.baumann.gr/adebaumann/shorefront-backend, .backend.image) (push) Successful in 1m29s
Details
2026-03-01 01:10:17 +01:00
Adrian A. Baumann
1daa6f6e90 feat(sso): replace local auth with Keycloak OIDC callback flow 2026-03-01 00:51:14 +01:00
Adrian A. Baumann
f28240c37f feat(sso): update User model and schemas for Keycloak 2026-03-01 00:50:44 +01:00
Adrian A. Baumann
95fbe99b61 feat(sso): migration — add keycloak_sub, make hashed_password nullable 2026-03-01 00:50:20 +01:00
Adrian A. Baumann
924e51ffaa feat(sso): add Keycloak settings to database.py and Helm ConfigMap 2026-03-01 00:45:07 +01:00
Adrian A. Baumann
58f0fd50d8 feat(sso): replace passlib/bcrypt with authlib + httpx 2026-03-01 00:44:18 +01:00
Adrian A. Baumann
123e914f01 fix: pin bcrypt<4.0.0 to restore passlib compatibility 
passlib 1.7.4 (unmaintained since 2020) is incompatible with bcrypt>=4.0:
- bcrypt 4.x removed bcrypt.__about__ (passlib version probe fails)
- bcrypt 4.x enforces 72-byte password limit strictly, crashing
  passlib's detect_wrap_bug() compatibility test during context init

Pinning bcrypt<4.0.0 is the standard workaround until passlib is replaced.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-28 21:49:00 +01:00
Adrian A. Baumann
3f5b0d1591 fix: set PYTHONPATH=/app so alembic can import app package 
When the alembic console-script entry point runs, Python sets sys.path[0]
to the entry point directory (/usr/local/bin/), not the WORKDIR. Without
PYTHONPATH=/app, `from app.models import Base` in alembic/env.py fails
with ModuleNotFoundError. uvicorn is unaffected as it adds CWD to
sys.path itself.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-28 21:42:39 +01:00
Adrian A. Baumann
488c385de3 fix: correct generate endpoint return type, migration server_default SQL, and auth loading propagation 2026-02-28 21:22:11 +01:00
Adrian A. Baumann
1afc95fe8b feat: add ShorewallGenerator (zones, interfaces, policy, rules, masq, json, zip) 2026-02-28 20:02:48 +01:00
Adrian A. Baumann
77aded3918 feat: add nested resource routers for zones, interfaces, policies, rules, masq 2026-02-28 20:02:05 +01:00
Adrian A. Baumann
099fd8307f feat: add configs CRUD router with generate endpoint 2026-02-28 20:00:19 +01:00
Adrian A. Baumann
ec6b9f6332 feat: add auth router (register/login/logout/me) 2026-02-28 19:59:33 +01:00
Adrian A. Baumann
472593b8e6 feat: add FastAPI app entrypoint 2026-02-28 19:59:07 +01:00
Adrian A. Baumann
5c33dd7c96 feat: add Pydantic schemas 2026-02-28 19:58:30 +01:00
Adrian A. Baumann
a96cdc825c feat: add JWT auth module 2026-02-28 19:58:10 +01:00
Adrian A. Baumann
bee6b83556 feat: add Alembic migration with schema and seed data 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-28 19:57:35 +01:00
Adrian A. Baumann
c562d35345 feat: add SQLAlchemy models and database setup 2026-02-28 19:55:54 +01:00
Adrian A. Baumann
ee9dc101da feat: add backend Dockerfile and requirements 2026-02-28 19:54:06 +01:00
Adrian A. Baumann
cb9b802d43 feat: add project skeleton and docker-compose 2026-02-28 19:53:19 +01:00