Add docs and project files - force for Culurien

2026-03-28 20:46:24 -04:00
parent dc61797423
commit 484a7f77ce
343 changed files with 119530 additions and 0 deletions
--- a/docs/4_LOG/2025-11/Status-Updates/quick-todos.md
+++ b/docs/4_LOG/2025-11/Status-Updates/quick-todos.md
@@ -0,0 +1,73 @@
+# Quick TODOs - One-Liners
+
+## 🎨 Dashboard & Visuals
+- Add security status indicators to dashboard (machine binding, Ed25519, nonce protection)
+- Create security metrics visualization panels
+- Add live operations count badges
+- Visual agent health status with color coding
+
+## 🔬 Research & Analysis
+
+### ✅ COMPLETED: Duplicate Command Queue Logic Research
+**Analysis Date:** 2025-11-03
+
+**Current Command Structure:**
+- Commands have `AgentID` + `CommandType` + `Status`
+- Scheduler creates commands like `scan_apt`, `scan_dnf`, `scan_updates`
+- Backpressure threshold: 5 pending commands per agent
+- No duplicate detection currently implemented
+
+**Duplicate Detection Strategy:**
+1. **Check existing pending/sent commands** before creating new ones
+2. **Use `AgentID` + `CommandType` + `Status IN ('pending', 'sent')`** as duplicate criteria
+3. **Consider timing**: Skip duplicates only if recent (< 5 minutes old)
+4. **Preserve legitimate scheduling**: Allow duplicates after reasonable intervals
+
+**Implementation Considerations:**
+- ✅ **Safe**: Won't disrupt legitimate retry/interval logic
+- ✅ **Efficient**: Simple database query before command creation
+- ⚠️ **Edge Cases**: Manual commands vs auto-generated commands need different handling
+- ⚠️ **User Control**: Future dashboard controls for "force rescan" vs normal scheduling
+
+**Recommended Approach:**
+```go
+// Check for recent duplicate before creating command
+recentDuplicate, err := q.CheckRecentDuplicate(agentID, commandType, 5*time.Minute)
+if err != nil { return err }
+if recentDuplicate {
+    log.Printf("Skipping duplicate %s command for %s", commandType, hostname)
+    return nil
+}
+```
+
+- Analyze scheduler behavior with user-controlled scheduling functions
+- Investigate agent command acknowledgment flow edge cases
+- Study security validation failure patterns and root causes
+
+## 🔧 Technical Improvements
+- Add Cache-Control: no-store headers to security endpoints
+- Standardize directory paths (/var/lib/aggregator → /var/lib/redflag, /etc/aggregator → /etc/redflag)
+- Implement proper upgrade path from 0.1.17 to 0.1.22 with key signing changes
+- Add database migration cleanup for old agent IDs and stale data
+
+## 📊 Monitoring & Metrics
+- Add actual counters for security validation failures/successes
+- Implement historical data tracking for security events
+- Create alert integration for security monitoring systems
+- Track rate limit usage and backpressure events
+
+## 🚀 Future Features
+- User-controlled scheduler functions and agenda planning
+- HSM integration for private key storage
+- Mutual TLS for additional transport security
+- Role-based filtering for sensitive security metrics
+
+## 🧪 Testing & Validation
+- Load testing for security endpoints under high traffic
+- Integration testing with real dashboard authentication
+- Test agent behavior with network interruptions
+- Validate command deduplication logic impact
+
+---
+Last Updated: 2025-11-03
+Priority: Focus on dashboard visuals and duplicate command research