mirror of
https://github.com/zvx-echo6/central.git
synced 2026-05-21 18:14:44 +02:00
malice
dbe627dee4CHANGELOG.md: - v0.3.0 Phase 1b entry covering operator console, events feed, wizard, session auth, and infrastructure changes docs/environment.md: - New "Network and Service Bindings" section documenting: - central-gui binds 0.0.0.0 by design (network gating is ops) - NATS listener ports table (4222/8080/8222/1883) Co-authored-by: Matt Johnson <mj@k7zvx.com>
3.6 KiB
3.6 KiB
Changelog
v0.3.0 — Phase 1b (2026-05-18)
Operator console. FastAPI + Jinja2 + Pico + HTMX. Self-hosted, Tailscale-gated by default, no application-level auth beyond the operator session.
Added
- Operator console (
central-guisystemd service on port 8000) - Login + session auth (argon2id, 90-day DB-backed sessions)
- Dashboard: events 24h by adapter, stream sizes, last-poll-time per adapter
- Adapters list and edit page (cadence + per-adapter settings), with Leaflet region picker and click-to-draw rectangles
- Streams view with retention chips (1d / 7d / 14d / 30d / 365d / custom)
- API keys management (list / add / rotate / delete,
encrypted at rest via
crypto.encrypt, plaintext never logged or stored) - First-run wizard (5 steps: operator, system, keys, adapters, finish) with deferred-commit pattern — no DB writes until Finish runs as a single transaction
- Events feed page (
/events) — paginated, filterable by adapter / category / time range / map viewport, with color-coded geometry overlay, click-to-popup, and expandable row details showing full event payload - Paginated events JSON API (
/events.json) — cursor-based pagination, same filter surface as the HTML feed
Changed
- CSRF tokens are now session-bound (synchronizer token pattern), replacing the previous fastapi-csrf-protect library. Eliminates a rotation race that broke first-load submissions
- First-run wizard is a single atomic transaction at Finish, not per-step DB writes. Back navigation works; abandoned wizards leave no orphan rows
Fixed
- Adapter editor's JSONB double-encoding bug (write path
called
json.dumpsbefore asyncpg's codec, corrupting the settings column) - Dashboard polls card was reading from the wrong NATS
subject and using a durable consumer instead of
get_last_msg, leaking zombie consumers - Browser-noise paths (/favicon.ico, /apple-touch-icon.png, /robots.txt) return 204 directly, preventing parallel requests from racing the CSRF cookie on first page load
- SubResource Integrity hashes for leaflet-draw assets corrected (previous values were fabricated and silently blocked by browsers)
Infrastructure
- New
config.sessionscolumn:csrf_token(per-session synchronizer) - Composite index on
public.events (time DESC, id DESC)for cursor pagination central-guisystemd service
v0.2.0 — Phase 1a (2026-05-16)
Three live data sources, configurable infrastructure, hot-reload everywhere.
Added
- FIRMS fire hotspot adapter (VIIRS_SNPP_NRT + VIIRS_NOAA20_NRT)
- USGS earthquake adapter (GeoJSON feed)
- Operational config in Postgres
configschema (adapters, api_keys, streams) with LISTEN/NOTIFY hot-reload - Per-stream retention management (config.streams) with supervisor-managed max_bytes auto-tuning
- Unified region selection (bbox) across all adapters
- Adapter registry pattern for one-line addition of new sources
apply_config()per-adapter for generic hot-reload of settings
Changed
- NWS adapter migrated from
stateslist to bbox region filter - Polygon-vs-bbox intersection (shapely) replaces centroid filter
- CloudEvents protocol constants moved from operational config to code constants
- Operational config retired from
central.tomlto Postgres (config.adapters,config.api_keys); TOML removed
Fixed
- Cadence-decrease hot-reload (AsyncLimiter inside NWS adapter removed; supervisor is single owner of cadence)
last_completed_pollpreserved across adapter enable/disable cycles to honor the rate-limit guarantee
Infrastructure
- CENTRAL_FIRE stream (7d default retention)
- CENTRAL_QUAKE stream (7d default retention)