Build [v1.14.21]
This commit is contained in:
@@ -1,3 +1,3 @@
|
||||
836417
|
||||
836418
|
||||
836432
|
||||
5397
|
||||
5398
|
||||
5414
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
local_certs
|
||||
skip_install_trust
|
||||
auto_https disable_redirects
|
||||
|
||||
on_demand_tls {
|
||||
ask http://localhost:8916/
|
||||
}
|
||||
|
||||
BIN
backups/ainventory_2026-04-23_15-36-20.tar.gz
Normal file
BIN
backups/ainventory_2026-04-23_15-36-20.tar.gz
Normal file
Binary file not shown.
@@ -1,41 +1,58 @@
|
||||
# TFM aInventory - Caddy Patched IP Configuration
|
||||
# Version 1.9.17 - The Dynamic Shield (Production Polish)
|
||||
# TFM aInventory - Standalone Caddy Configuration
|
||||
# Self-signed SSL/TLS reverse proxy for any IP/hostname
|
||||
{
|
||||
admin off
|
||||
local_certs
|
||||
local_certs
|
||||
skip_install_trust
|
||||
auto_https disable_redirects
|
||||
# Configure on-demand TLS for private network IPs
|
||||
on_demand_tls {
|
||||
|
||||
on_demand_tls {
|
||||
ask http://localhost:8916/
|
||||
# This allows Caddy to generate internal certs for any IP/domain.
|
||||
ask http://backend:8000/
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Dynamic HTTPS Frontend (port 8919) - Matches ANY IP or hostname
|
||||
https:// {
|
||||
tls internal {
|
||||
https://:8919 {
|
||||
tls internal {
|
||||
on_demand
|
||||
}
|
||||
|
||||
reverse_proxy frontend:3000
|
||||
|
||||
header {
|
||||
# Next.js HMR Support (WebSocket)
|
||||
handle /_next/webpack-hmr {
|
||||
reverse_proxy http://localhost:8917 {
|
||||
header_up Upgrade {>Upgrade}
|
||||
header_up Connection {>Connection}
|
||||
}
|
||||
}
|
||||
|
||||
reverse_proxy http://localhost:8917 {
|
||||
header_up X-Forwarded-For {remote_host}
|
||||
header_up X-Forwarded-Proto https
|
||||
header_up X-Forwarded-Host {host}
|
||||
}
|
||||
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||
X-XSS-Protection "1; mode=block"
|
||||
X-Frame-Options "SAMEORIGIN"
|
||||
X-Frame-Options "SAMEORIGIN"
|
||||
Referrer-Policy "strict-origin-when-cross-origin"
|
||||
}
|
||||
}
|
||||
|
||||
# Dynamic HTTPS Backend (port 8918) - Matches ANY IP or hostname
|
||||
https://:444 {
|
||||
tls internal {
|
||||
https://:8918 {
|
||||
tls internal {
|
||||
on_demand
|
||||
}
|
||||
|
||||
}
|
||||
reverse_proxy http://localhost:8916 {
|
||||
header_up X-Forwarded-For {remote_host}
|
||||
header_up X-Forwarded-Proto https
|
||||
header_up X-Forwarded-Host {host}
|
||||
}
|
||||
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,36 +1,23 @@
|
||||
# CURRENT AI WORKING SESSION — HANDOVER
|
||||
|
||||
**Active AI:** Claude Haiku 4.5 (Claude Code)
|
||||
**Active AI:** Gemini CLI
|
||||
**Last Updated:** 2026-04-23
|
||||
**Current Version:** v1.14.19
|
||||
**Status**: ✅ PHASE 7 COMPLETE | 🟢 READY FOR PHASE 8
|
||||
**Status**: ✅ SSL PROXY FIXED | 🟢 READY FOR PHASE 8
|
||||
|
||||
---
|
||||
|
||||
## SESSION 41 EXECUTION SUMMARY — Infrastructure & Export Fixes
|
||||
## SESSION 42 EXECUTION SUMMARY — SSL Infrastructure Fix
|
||||
|
||||
### 1. Phase 7: Config Consolidation (COMPLETE)
|
||||
- **Centralized YAML**: Migrated all configuration to `config/*.yaml`.
|
||||
- **SSOT Architecture**: Established `network.yaml` as the Master Source of Truth for Server IP and Port management.
|
||||
- **Dynamic Injection**: Frontend API URLs and Backend CORS are now dynamically calculated from master network settings.
|
||||
- **Python Tooling**: All legacy `.sh` scripts converted to robust, secure Python scripts in `scripts/`.
|
||||
- **Enhanced Launcher**: `run_standalone.py` now supports `start`, `stop`, `restart`, `status`, and Caddy SSL proxying.
|
||||
### 1. SSL Proxy Fix (COMPLETE)
|
||||
- **Port 80 Conflict**: Identified that Caddy was failing to start because it tried to bind to port 80 for HTTP->HTTPS redirects, while port 80 was already in use by a system-wide Caddy.
|
||||
- **Caddy Configuration**: Modified `Caddyfile.standalone` (root and `config/`) to include `auto_https disable_redirects` in the global options. This allows Caddy to run on custom ports (8918/8919) without interfering with port 80.
|
||||
- **Service Restart**: Successfully restarted backend, frontend, and proxy using `scripts/run_standalone.py restart`.
|
||||
|
||||
### 2. Admin & Security Improvements
|
||||
- **AI Key Detection**: Fixed backend logic to correctly report AI key status from YAML/Secrets.
|
||||
- **Secure Saving**: Implemented `ConfigManager.update_keys()` to route sensitive data correctly to `secrets.yaml`.
|
||||
- **Recursion Fix**: Resolved a critical infinite recursion loop in the configuration manager.
|
||||
|
||||
### 3. Export System Overhaul
|
||||
- **Data Integrity**: Fixed a routing collision that caused binary SQLite downloads instead of CSV data.
|
||||
- **FastAPI Streaming**: Refactored exports to use `StreamingResponse` for memory efficiency.
|
||||
- **Premium UI**: Integrated the `ExportPanel` into the dark-mode aesthetic with standard premium button styles.
|
||||
- **WebSocket Fix**: Improved Caddy configuration for Next.js HMR stability.
|
||||
|
||||
### 4. Cleanup & Preparation
|
||||
- ✅ Deleted all deprecated `.sh` and `.env` files.
|
||||
- ✅ Rebuilt virtual environment (`venv/`) and verified dependencies (added `openpyxl`).
|
||||
- ✅ Incremented system version to **v1.14.19**.
|
||||
### 2. Verification
|
||||
- **Backend SSL**: Verified reachable at `https://localhost:8918/` (Port 8916 upstream).
|
||||
- **Frontend SSL**: Verified reachable at `https://localhost:8919/` (Port 8917 upstream).
|
||||
- **Service Status**: `run_standalone.py status` confirms all components are UP.
|
||||
|
||||
---
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"version": "1.14.20",
|
||||
"last_build": "2026-04-23-1536",
|
||||
"version": "1.14.21",
|
||||
"last_build": "2026-04-23-1559",
|
||||
"codename": "ConfigCore",
|
||||
"commit": "b0ac7426"
|
||||
"commit": "6e88ea91"
|
||||
}
|
||||
Reference in New Issue
Block a user