Commit Graph

567 Commits

Author SHA1 Message Date
96f4a5d228 Build [v1.14.13] 2026-04-23 14:51:52 +03:00
827dfcdf2f fix(08): fix infinite recursion in config manager 2026-04-23 14:51:51 +03:00
9afe335384 Build [v1.14.12] 2026-04-23 14:45:07 +03:00
c14a28b093 fix(08): fix AI key status detection and enable saving to secrets.yaml 2026-04-23 14:45:07 +03:00
568bccb37e Build [v1.14.11] 2026-04-23 14:04:08 +03:00
e5a24df13d docs(08): align all .example config files with SSOT architecture 2026-04-23 14:04:08 +03:00
6f34fdc782 Build [v1.14.10] 2026-04-23 13:58:33 +03:00
a5a460e765 feat(08): implement SSOT architecture for network configuration 2026-04-23 13:58:33 +03:00
5978917494 Build [v1.14.9] 2026-04-23 12:58:31 +03:00
33805cb79c docs(07): update backend.yaml.example with LDAP schema 2026-04-23 12:58:31 +03:00
6be7318205 Build [v1.14.8] 2026-04-23 12:58:15 +03:00
88e5d66f36 chore(07): integrate LDAP config into YAML and remove JSON files 2026-04-23 12:58:15 +03:00
7d492764d2 Build [v1.13.1] 2026-04-23 12:56:30 +03:00
d9dffdc389 chore(07): remove deprecated bash scripts and legacy env files 2026-04-23 12:56:30 +03:00
01e30ba7b5 docs(07-04): update README.md for Phase 7 config structure 2026-04-23 12:53:59 +03:00
22343941bd docs(07-04): rewrite DEPLOYMENT.md for Phase 7 config structure 2026-04-23 12:53:41 +03:00
0c6f571aa7 docs(07-04): update .gitignore to deprecate inventory.env 2026-04-23 12:53:15 +03:00
6b7becfe2d feat(07-04): update backend/entrypoint.sh with config validation 2026-04-23 12:53:03 +03:00
5b3a23f90f feat(07-04): update backend/Dockerfile with config/ documentation 2026-04-23 12:52:37 +03:00
9f267a5344 feat(07-04): update docker-compose.yml to reference config/ and remove inventory.env 2026-04-23 12:52:17 +03:00
225972b8d0 chore(07-02): update entrypoint.sh to document YAML config
- Add comments about D-06 load order and YAML config path
- Add warning if backend.yaml is missing
- Remove any implied inventory.env dependencies
2026-04-23 12:48:18 +03:00
9253eb6596 feat(07-03): convert export_prod.sh to Python with YAML config parsing 2026-04-23 12:48:05 +03:00
63f72c11ff feat(07-03): convert install_service.sh to Python with YAML config parsing 2026-04-23 12:47:27 +03:00
1621625bfb feat(07-03): convert run_standalone.sh to Python with YAML config parsing 2026-04-23 12:46:50 +03:00
938fd2daf8 feat(07-02): update main.py to use new YAML config loader
- Replace os.environ calls with get_config()
- Use configuration for CORS and network settings
- Remove direct dotenv/inventory.env references
2026-04-23 12:46:49 +03:00
ce79c919e6 feat(07-03): convert deploy.sh to Python with YAML config parsing 2026-04-23 12:46:06 +03:00
28cdc90056 feat(07-02): update config_manager.py for YAML support
- Replace dotenv with PyYAML
- Implement read_config, update_config, validate_config_file for backend.yaml
- Update get_masked_key to use new config structure
- Remove inventory.env references
2026-04-23 12:45:51 +03:00
ae61fa6382 feat(07-02): refactor config_loader.py for YAML and D-06 load order
- Replace dotenv with PyYAML
- Implement D-06 load order: env vars > YAML > defaults
- Add validation and logging for config
- Remove inventory.env references
- Update requirements.txt
2026-04-23 12:45:26 +03:00
0127831b58 docs(07-01): complete config structure and schemas plan summary 2026-04-23 12:42:49 +03:00
e0c8b7e800 docs(07-01): create comprehensive config/README.md documentation
- Added 150+ lines documenting every YAML file
- Included Quick Start, Load Order, and Security Best Practices
- Documented environment variable override naming convention
- Added troubleshooting guide for common config issues
2026-04-23 12:42:30 +03:00
48bcb243c0 chore(07-01): update .gitignore to protect actual YAML configs
- Ignored config/*.yaml (secrets protection)
- Ensured examples/schemas are tracked via !config/*.yaml.example
- Added specific rules for secrets.yaml and its example
2026-04-23 12:42:20 +03:00
095df98ceb feat(07-01): create config/ folder and YAML example files
- Added backend.yaml.example with AI, DB, auth, and logging schema
- Added frontend.yaml.example with API and feature flag schema
- Added network.yaml.example with ports and SSL schema
- Added docker.yaml.example with resource and volume schema
- Added secrets.yaml.example as a template for sensitive data
- All files include comprehensive comments documenting every variable
2026-04-23 12:42:07 +03:00
7b29749806 docs: update SESSION_STATE for Phase 7 planning completion
- Phase 7 planning completed with 4 comprehensive plans
- All 8 design decisions (D-01 through D-08) addressed
- Plans verified and ready for execution
- YAML format + Python scripts alignment confirmed
- Ready for /gsd-execute-phase 7

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-04-23 12:33:10 +03:00
b7218175bb docs(phase-7): create detailed phase plans for config consolidation (4 plans, 14 tasks) 2026-04-23 12:29:05 +03:00
dacf7d2921 docs(phase-7): capture consolidated context from structured discussion
Discussion locked in 4 key decisions:

1. YAML Format: All configs standardized on YAML (backend.yaml, frontend.yaml,
   network.yaml, docker.yaml) for better structure and validation

2. Secrets Management: Separate config/secrets.yaml file (git-ignored) with
   config/secrets.yaml.example template + strong documentation

3. Examples: Commit all .yaml.example files for developer onboarding

4. Scripts: Audit bash scripts for redundancy, then convert all needed ones
   to Python for native YAML parsing and cleaner architecture

Immediate deprecation of inventory.env (no fallback after Phase 7).

Discussion log preserved in 07-DISCUSSION-LOG.md

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-04-23 12:20:53 +03:00
2b7a2b3a89 docs(phase-7): add configuration consolidation planning
- Phase 7: Config Consolidation
- CONTEXT.md: Defines scope, decisions, and requirements
- PLAN.md: 18-task implementation plan with detailed acceptance criteria
- Centralize all configs into config/ folder
- Update deploy scripts, backend loading, and documentation
- Maintain backward compatibility with inventory.env

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-04-23 12:07:39 +03:00
8aeabcf1f5 chore: major codebase cleanup and documentation consolidation 1.14.5_cleaned 2026-04-23 11:44:33 +03:00
0e356e6c89 backup: Phase 6 search and export fixes before cleanup
- Added search button to main page header with Ctrl+K listener
- Implemented SearchModal component rendering
- Fixed SearchModal to use axiosInstance with correct backend URL (8916)
- Fixed token key from 'auth_token' to 'inventory_token'
- Verified export endpoints working correctly
- All Phase 6 UAT fixes in place

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-04-23 11:22:16 +03:00
dc6970700b fix(export): use axiosInstance to ensure correct backend URL and auth
- Changed useExport.ts to import and use axiosInstance from api.ts
- This ensures requests go to port 8918 (backend) not 8919 (frontend)
- Removed manual token handling (axiosInstance interceptor handles it)
- Removed /api prefix from paths (axiosInstance baseURL has the full URL)
- Exported axiosInstance from api.ts for reuse in other modules
- Fixes 404 errors caused by requests routing to frontend instead of backend
2026-04-23 11:04:11 +03:00
1ed2cb6c07 fix(export): update frontend to call new /admin/db/export endpoint
- Changed exportSnapshot to call GET /api/admin/db/export?type=inventory
- Changed exportAuditTrail to call GET /api/admin/db/export?type=audit
- Fixed token key: auth_token → inventory_token
- Changed HTTP method from POST to GET
- Fixes 404 errors when exporting from admin page
2026-04-23 10:59:59 +03:00
7dfa993b57 feat(export): add /admin/db/export endpoint for frontend
- Changed router prefix from /admin/exports to /admin
- Added GET /admin/db/export endpoint
- Supports type: inventory|audit|combined
- Supports format: csv|xlsx
- Maintains auth guard and audit logging
- Fixes frontend 404 error on export calls
2026-04-23 10:54:07 +03:00
61b58bc68d test(phase-6): document UAT results and fix plans
Phase 6 UAT completed:
- Auth:  PASS (admin/admin working)
- AI item creation:  PASS (scan/photo working)
- Search:  FAIL (no button on main page, Ctrl+K not wired)
- Export:  FAIL (404 endpoint mismatch)
- Admin dashboard:  PARTIAL (accessible but export broken)

Two critical issues identified with fix plans ready.
2026-04-23 10:52:20 +03:00
3d0cd2475c docs: update Phase 6 testing progress - auth working, 2 issues found
- Authentication fully functional (admin/admin login working)
- Export endpoint mismatch identified (frontend vs backend paths)
- Missing search button/Ctrl+K on inventory page
- Ready for Phase 6 issue fixes
2026-04-23 10:39:37 +03:00
cbdb2f04f6 fix(auth): use actual hostname instead of localhost in frontend API client
- Modified frontend/lib/api.ts to use window.location.hostname as fallback
- Ensures browser on external IP reaches correct backend HTTPS port
- Allows admin/admin login to work from any access point
- Auth is fully functional and working
2026-04-23 10:39:18 +03:00
ec24483eb3 security: add mandatory authentication policy - never disable auth
Auth must ALWAYS be enabled in all environments. Added comprehensive rule:
- NO auth bypass, debug mode, or dev-only disabling
- NO hardcoded credentials or weak defaults
- EVERY API endpoint requires JWT token
- Password hashing via passlib pbkdf2_sha256
- Debug strategy for auth breakages (never skip auth)

This ensures security is non-negotiable across all deployments.
2026-04-23 10:10:12 +03:00
a2a5c02f87 docs: add comprehensive Phase 6 testing plan for next session
- 5 test phases covering all changes
- Priority levels for staged execution
- Success/failure criteria
- Ready for next session execution
- Handover documentation created
2026-04-22 19:44:05 +03:00
725a6cad85 fix(6): revert Item.id to optional to fix delete function
Made id required (breaking change) - reverted back to optional
This allows items without id to exist during lifecycle
Fixes 'Failed to delete item' error

The delete function was broken by forcing id to be required
2026-04-22 19:38:45 +03:00
0881b0ecee fix(6): resolve static asset serving and proxy header issues
Fixed issues:
1. Caddy not forwarding X-Forwarded headers to Next.js
   - Added X-Forwarded-For, X-Forwarded-Proto, X-Forwarded-Host
2. Removed X-Content-Type-Options: nosniff (blocks static assets)
3. Copy static files to standalone build directory
   - Next.js standalone requires files in .next/standalone/.next/static/
4. Made script auto-copy static files after build

Result:
  ✓ CSS/JS loading with correct MIME types (text/css, text/javascript)
  ✓ Frontend fully rendering via HTTPS
  ✓ All static assets cached and served correctly
  ✓ Tested working via IP address (192.168.84.131:8919)
2026-04-22 19:34:32 +03:00
0deef7f601 fix(6): make Caddy listen on any IP/hostname for HTTPS
Changed from localhost-specific to wildcard listening:
  - https://:8918 (any IP on port 8918) → backend
  - https://:8919 (any IP on port 8919) → frontend

On-demand TLS generates certificates for any accessing IP/hostname
Self-signed certs now work via:
  - localhost
  - 127.0.0.1
  - 192.168.x.x (or any IP on network)
  - Any hostname

Tested and verified working via 192.168.84.131:8919
2026-04-22 19:23:12 +03:00
e664215ab8 fix(6): fix argparse default for foreground mode
Changed default from 'foreground' (invalid choice) to None
Now correctly handles no arguments to start in foreground mode

Tested and verified:
  ✓ python3 start_servers.py        (foreground - all 3 services running)
  ✓ python3 start_servers.py start   (background)
  ✓ python3 start_servers.py status  (shows all services)
  ✓ python3 start_servers.py stop    (graceful shutdown)
  ✓ HTTP endpoints responding on 8916/8917
  ✓ HTTPS endpoints responding on 8918/8919 (Caddy)
  ✓ All three services (backend, frontend, caddy) working together
2026-04-22 19:21:16 +03:00