Build [v1.14.21]

This commit is contained in:
2026-04-23 15:59:17 +03:00
parent 6e88ea9107
commit e5bb14d945
6 changed files with 52 additions and 47 deletions

View File

@@ -1,3 +1,3 @@
836417 5397
836418 5398
836432 5414

View File

@@ -5,6 +5,7 @@
local_certs local_certs
skip_install_trust skip_install_trust
auto_https disable_redirects auto_https disable_redirects
on_demand_tls { on_demand_tls {
ask http://localhost:8916/ ask http://localhost:8916/
} }

Binary file not shown.

View File

@@ -1,41 +1,58 @@
# TFM aInventory - Caddy Patched IP Configuration # TFM aInventory - Standalone Caddy Configuration
# Version 1.9.17 - The Dynamic Shield (Production Polish) # Self-signed SSL/TLS reverse proxy for any IP/hostname
{ {
admin off admin off
local_certs local_certs
local_certs
skip_install_trust skip_install_trust
auto_https disable_redirects auto_https disable_redirects
on_demand_tls { on_demand_tls {
on_demand_tls {
ask http://localhost:8916/ ask http://localhost:8916/
# This allows Caddy to generate internal certs for any IP/domain. }
ask http://backend:8000/
}
} }
# Dynamic HTTPS Frontend (port 8919) - Matches ANY IP or hostname # Dynamic HTTPS Frontend (port 8919) - Matches ANY IP or hostname
https:// { https://:8919 {
tls internal { tls internal {
on_demand on_demand
} }
# Next.js HMR Support (WebSocket) # Next.js HMR Support (WebSocket)
handle /_next/webpack-hmr {
reverse_proxy http://localhost:8917 {
header_up Upgrade {>Upgrade}
header_up Connection {>Connection}
}
}
reverse_proxy http://localhost:8917 {
header_up X-Forwarded-For {remote_host}
header_up X-Forwarded-Proto https
header_up X-Forwarded-Host {host}
}
header { header {
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
X-XSS-Protection "1; mode=block" X-XSS-Protection "1; mode=block"
X-Frame-Options "SAMEORIGIN" X-Frame-Options "SAMEORIGIN"
X-Frame-Options "SAMEORIGIN"
Referrer-Policy "strict-origin-when-cross-origin" Referrer-Policy "strict-origin-when-cross-origin"
} }
} }
# Dynamic HTTPS Backend (port 8918) - Matches ANY IP or hostname # Dynamic HTTPS Backend (port 8918) - Matches ANY IP or hostname
https://:444 { https://:8918 {
tls internal { tls internal {
on_demand on_demand
} }
} reverse_proxy http://localhost:8916 {
header_up X-Forwarded-For {remote_host}
header_up X-Forwarded-Proto https
header_up X-Forwarded-Host {host}
}
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
}
}
} }

View File

@@ -1,36 +1,23 @@
# CURRENT AI WORKING SESSION — HANDOVER # CURRENT AI WORKING SESSION — HANDOVER
**Active AI:** Claude Haiku 4.5 (Claude Code) **Active AI:** Gemini CLI
**Last Updated:** 2026-04-23 **Last Updated:** 2026-04-23
**Current Version:** v1.14.19 **Current Version:** v1.14.19
**Status**: ✅ PHASE 7 COMPLETE | 🟢 READY FOR PHASE 8 **Status**: ✅ SSL PROXY FIXED | 🟢 READY FOR PHASE 8
--- ---
## SESSION 41 EXECUTION SUMMARY — Infrastructure & Export Fixes ## SESSION 42 EXECUTION SUMMARY — SSL Infrastructure Fix
### 1. Phase 7: Config Consolidation (COMPLETE) ### 1. SSL Proxy Fix (COMPLETE)
- **Centralized YAML**: Migrated all configuration to `config/*.yaml`. - **Port 80 Conflict**: Identified that Caddy was failing to start because it tried to bind to port 80 for HTTP->HTTPS redirects, while port 80 was already in use by a system-wide Caddy.
- **SSOT Architecture**: Established `network.yaml` as the Master Source of Truth for Server IP and Port management. - **Caddy Configuration**: Modified `Caddyfile.standalone` (root and `config/`) to include `auto_https disable_redirects` in the global options. This allows Caddy to run on custom ports (8918/8919) without interfering with port 80.
- **Dynamic Injection**: Frontend API URLs and Backend CORS are now dynamically calculated from master network settings. - **Service Restart**: Successfully restarted backend, frontend, and proxy using `scripts/run_standalone.py restart`.
- **Python Tooling**: All legacy `.sh` scripts converted to robust, secure Python scripts in `scripts/`.
- **Enhanced Launcher**: `run_standalone.py` now supports `start`, `stop`, `restart`, `status`, and Caddy SSL proxying.
### 2. Admin & Security Improvements ### 2. Verification
- **AI Key Detection**: Fixed backend logic to correctly report AI key status from YAML/Secrets. - **Backend SSL**: Verified reachable at `https://localhost:8918/` (Port 8916 upstream).
- **Secure Saving**: Implemented `ConfigManager.update_keys()` to route sensitive data correctly to `secrets.yaml`. - **Frontend SSL**: Verified reachable at `https://localhost:8919/` (Port 8917 upstream).
- **Recursion Fix**: Resolved a critical infinite recursion loop in the configuration manager. - **Service Status**: `run_standalone.py status` confirms all components are UP.
### 3. Export System Overhaul
- **Data Integrity**: Fixed a routing collision that caused binary SQLite downloads instead of CSV data.
- **FastAPI Streaming**: Refactored exports to use `StreamingResponse` for memory efficiency.
- **Premium UI**: Integrated the `ExportPanel` into the dark-mode aesthetic with standard premium button styles.
- **WebSocket Fix**: Improved Caddy configuration for Next.js HMR stability.
### 4. Cleanup & Preparation
- ✅ Deleted all deprecated `.sh` and `.env` files.
- ✅ Rebuilt virtual environment (`venv/`) and verified dependencies (added `openpyxl`).
- ✅ Incremented system version to **v1.14.19**.
--- ---

View File

@@ -1,6 +1,6 @@
{ {
"version": "1.14.20", "version": "1.14.21",
"last_build": "2026-04-23-1536", "last_build": "2026-04-23-1559",
"codename": "ConfigCore", "codename": "ConfigCore",
"commit": "b0ac7426" "commit": "6e88ea91"
} }