Build [v1.14.21]

This commit is contained in:
2026-04-23 15:59:17 +03:00
parent 6e88ea9107
commit e5bb14d945
6 changed files with 52 additions and 47 deletions

View File

@@ -1,3 +1,3 @@
836417
836418
836432
5397
5398
5414

View File

@@ -5,6 +5,7 @@
local_certs
skip_install_trust
auto_https disable_redirects
on_demand_tls {
ask http://localhost:8916/
}

Binary file not shown.

View File

@@ -1,41 +1,58 @@
# TFM aInventory - Caddy Patched IP Configuration
# Version 1.9.17 - The Dynamic Shield (Production Polish)
# TFM aInventory - Standalone Caddy Configuration
# Self-signed SSL/TLS reverse proxy for any IP/hostname
{
admin off
local_certs
local_certs
skip_install_trust
auto_https disable_redirects
# Configure on-demand TLS for private network IPs
on_demand_tls {
on_demand_tls {
ask http://localhost:8916/
# This allows Caddy to generate internal certs for any IP/domain.
ask http://backend:8000/
}
}
}
# Dynamic HTTPS Frontend (port 8919) - Matches ANY IP or hostname
https:// {
tls internal {
https://:8919 {
tls internal {
on_demand
}
reverse_proxy frontend:3000
header {
# Next.js HMR Support (WebSocket)
handle /_next/webpack-hmr {
reverse_proxy http://localhost:8917 {
header_up Upgrade {>Upgrade}
header_up Connection {>Connection}
}
}
reverse_proxy http://localhost:8917 {
header_up X-Forwarded-For {remote_host}
header_up X-Forwarded-Proto https
header_up X-Forwarded-Host {host}
}
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
X-XSS-Protection "1; mode=block"
X-Frame-Options "SAMEORIGIN"
X-Frame-Options "SAMEORIGIN"
Referrer-Policy "strict-origin-when-cross-origin"
}
}
# Dynamic HTTPS Backend (port 8918) - Matches ANY IP or hostname
https://:444 {
tls internal {
https://:8918 {
tls internal {
on_demand
}
}
reverse_proxy http://localhost:8916 {
header_up X-Forwarded-For {remote_host}
header_up X-Forwarded-Proto https
header_up X-Forwarded-Host {host}
}
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
}
}
}

View File

@@ -1,36 +1,23 @@
# CURRENT AI WORKING SESSION — HANDOVER
**Active AI:** Claude Haiku 4.5 (Claude Code)
**Active AI:** Gemini CLI
**Last Updated:** 2026-04-23
**Current Version:** v1.14.19
**Status**: ✅ PHASE 7 COMPLETE | 🟢 READY FOR PHASE 8
**Status**: ✅ SSL PROXY FIXED | 🟢 READY FOR PHASE 8
---
## SESSION 41 EXECUTION SUMMARY — Infrastructure & Export Fixes
## SESSION 42 EXECUTION SUMMARY — SSL Infrastructure Fix
### 1. Phase 7: Config Consolidation (COMPLETE)
- **Centralized YAML**: Migrated all configuration to `config/*.yaml`.
- **SSOT Architecture**: Established `network.yaml` as the Master Source of Truth for Server IP and Port management.
- **Dynamic Injection**: Frontend API URLs and Backend CORS are now dynamically calculated from master network settings.
- **Python Tooling**: All legacy `.sh` scripts converted to robust, secure Python scripts in `scripts/`.
- **Enhanced Launcher**: `run_standalone.py` now supports `start`, `stop`, `restart`, `status`, and Caddy SSL proxying.
### 1. SSL Proxy Fix (COMPLETE)
- **Port 80 Conflict**: Identified that Caddy was failing to start because it tried to bind to port 80 for HTTP->HTTPS redirects, while port 80 was already in use by a system-wide Caddy.
- **Caddy Configuration**: Modified `Caddyfile.standalone` (root and `config/`) to include `auto_https disable_redirects` in the global options. This allows Caddy to run on custom ports (8918/8919) without interfering with port 80.
- **Service Restart**: Successfully restarted backend, frontend, and proxy using `scripts/run_standalone.py restart`.
### 2. Admin & Security Improvements
- **AI Key Detection**: Fixed backend logic to correctly report AI key status from YAML/Secrets.
- **Secure Saving**: Implemented `ConfigManager.update_keys()` to route sensitive data correctly to `secrets.yaml`.
- **Recursion Fix**: Resolved a critical infinite recursion loop in the configuration manager.
### 3. Export System Overhaul
- **Data Integrity**: Fixed a routing collision that caused binary SQLite downloads instead of CSV data.
- **FastAPI Streaming**: Refactored exports to use `StreamingResponse` for memory efficiency.
- **Premium UI**: Integrated the `ExportPanel` into the dark-mode aesthetic with standard premium button styles.
- **WebSocket Fix**: Improved Caddy configuration for Next.js HMR stability.
### 4. Cleanup & Preparation
- ✅ Deleted all deprecated `.sh` and `.env` files.
- ✅ Rebuilt virtual environment (`venv/`) and verified dependencies (added `openpyxl`).
- ✅ Incremented system version to **v1.14.19**.
### 2. Verification
- **Backend SSL**: Verified reachable at `https://localhost:8918/` (Port 8916 upstream).
- **Frontend SSL**: Verified reachable at `https://localhost:8919/` (Port 8917 upstream).
- **Service Status**: `run_standalone.py status` confirms all components are UP.
---

View File

@@ -1,6 +1,6 @@
{
"version": "1.14.20",
"last_build": "2026-04-23-1536",
"version": "1.14.21",
"last_build": "2026-04-23-1559",
"codename": "ConfigCore",
"commit": "b0ac7426"
"commit": "6e88ea91"
}