Fimeg/Redflag
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
106 Commits 2 Branches 0 Tags
484a7f77ceb77964b6d1f2e267b181753758cc1d
Commit Graph

14 Commits

Author SHA1 Message Date
Fimeg
f7c8d23c5d WIP: Save current state - security subsystems, migrations, logging 2025-12-16 14:19:59 -05:00
Fimeg
3f9164c7ca fix: complete security vulnerability remediation 
Critical Security Fixes:
- Fix JWT secret derivation vulnerability - replace deriveJWTSecret with cryptographically secure GenerateSecureToken
- Secure setup interface - remove JWT secret display and API response exposure
- Fix database migration 012 parameter naming conflict in mark_registration_token_used function
- Restore working Docker Compose environment variable configuration

Security Impact:
- Eliminates system-wide compromise risk from admin credential exposure
- Removes sensitive JWT secret exposure during setup process
- Ensures cryptographically secure JWT token generation
- Fixes agent registration and token creation functionality

Testing:
- Agent registration working properly
- Token consumption tracking functional
- Registration tokens created without 500 errors
- Secure JWT secret generation verified
 2025-10-31 10:41:04 -04:00
Fimeg
e5d59eac02 fix deployment workflow - manual bootstrap copy and restart 2025-10-31 07:41:00 -04:00
Fimeg
44bb05ca5d added .env bootstrap and fallback 2025-10-31 06:54:34 -04:00
Fimeg
a92ac0ed78 v0.1.17: UI fixes, Linux improvements, documentation overhaul 
UI/UX:
- Fix heartbeat auto-refresh and rate-limiting page
- Add navigation breadcrumbs to settings pages
- New screenshots added

Linux Agent v0.1.17:
- Fix disk detection for multiple mount points
- Improve installer idempotency
- Prevent duplicate registrations

Documentation:
- README rewrite: 538→229 lines, homelab-focused
- Split docs: API.md, CONFIGURATION.md, DEVELOPMENT.md
- Add NOTICE for Apache 2.0 attribution
 2025-10-30 22:17:48 -04:00
Fimeg
3940877fb2 fix: use Docker volume for server config instead of bind mount 
- Change server-config from bind mount to named volume
- Fixes permission denied errors when saving configuration
- Config now persists properly across container restarts
 2025-10-29 15:37:18 -04:00
Fimeg
8abbacbec4 feat: add web UI service to docker-compose 
- Add Dockerfile for React web application
- Add nginx configuration for API proxying
- Add web service to docker-compose.yml
- Web UI now accessible on port 3000
- API requests proxied to backend server on port 8080
 2025-10-29 15:15:45 -04:00
Fimeg
73fb8d49b0 Implement web-based welcome mode configuration 2025-10-29 13:16:17 -04:00
Fimeg
b1ea9e72ad Add welcome mode for server configuration 2025-10-29 13:08:52 -04:00
Fimeg
1acddb58a5 Auto-configure server on first Docker run 2025-10-29 13:01:28 -04:00
Fimeg
237e04531f Fix duplicate volumes in docker-compose 2025-10-29 12:54:26 -04:00
Fimeg
c027a1da6c Fix Go version and agent workflow 2025-10-29 12:43:18 -04:00
Fimeg
740d75f3cf Docker deployment for most users 2025-10-29 12:37:00 -04:00
Fimeg
55b7d03010 Session 4 complete - RedFlag update management platform 
🚩 Private development - version retention only

 Complete web dashboard (React + TypeScript + TailwindCSS)
 Production-ready server backend (Go + Gin + PostgreSQL)
 Linux agent with APT + Docker scanning + local CLI tools
 JWT authentication and REST API
 Update discovery and approval workflow

🚧 Status: Alpha software - active development
📦 Purpose: Version retention during development
⚠️  Not for public use or deployment
 2025-10-13 16:46:31 -04:00