Commit Graph

19 Commits

Author SHA1 Message Date
Gan, Jimmy a4018ed3ca fix: read real client IP from X-Forwarded-For behind Caddy/Docker
Deploy Dashboard / deploy (push) Successful in 36s
2026-02-26 03:29:28 +08:00
Gan, Jimmy 6ed57f56f5 fix: use TCP socket probe instead of ping for LAN detection
Deploy Dashboard / deploy (push) Successful in 41s
2026-02-26 03:27:04 +08:00
Gan, Jimmy 1b55675201 fix: ping router instead of Mac for LAN detection
Deploy Dashboard / deploy (push) Successful in 50s
2026-02-26 03:24:02 +08:00
Gan, Jimmy da1f709f01 feat: LAN detection via ping probe for Tailscale clients at home
Deploy Dashboard / deploy (push) Successful in 1m16s
2026-02-26 03:19:14 +08:00
Gan, Jimmy 2835e6b021 feat: detect LAN client via /api/client-ip for smart sidebar links
Deploy Dashboard / deploy (push) Successful in 1m10s
2026-02-26 03:11:13 +08:00
Gan, Jimmy 69ed0f981c fix: support port 8443 origin for WebAuthn passkeys and CORS
Deploy Dashboard / deploy (push) Successful in 35s
2026-02-26 02:00:29 +08:00
jimmy c91954e33f revert test commit
Deploy Dashboard / deploy (push) Successful in 30s
2026-02-25 13:46:29 +00:00
jimmy 9fb78c2b71 test: verify Claude Code on NAS can build+deploy
Deploy Dashboard / deploy (push) Successful in 48s
2026-02-25 13:40:11 +00:00
Gan, Jimmy facda4eadd Clean up: remove stale scripts/docs, fix debug prints, update PLAN.md
Deploy Dashboard / deploy (push) Successful in 37s
2026-02-24 10:14:48 +08:00
Gan, Jimmy 13eec52cc4 Fix audit log timezone to UTC+8
Deploy Dashboard / deploy (push) Successful in 25s
2026-02-22 12:42:21 +08:00
Gan, Jimmy 9683cd3165 Add security improvements: refresh tokens, passkeys, CSP, audit logging, TOTP encryption
Deploy Dashboard / deploy (push) Successful in 1m26s
- Shorten access token to 30min with 7-day refresh token flow
- Add WebAuthn passkey registration and login with TOTP fallback
- Add Content-Security-Policy header
- Add audit logging middleware to /volume1/docker/nas-dashboard/audit.log
- Block /volume1/docker/ in files endpoint
- Encrypt TOTP secret at rest with Fernet (derived from SECRET_KEY)
- New deps: py_webauthn, cryptography
2026-02-22 11:04:40 +08:00
Gan, Jimmy c5fcb9bc64 Add CORS, rate limiting, security headers, and files endpoint protection
Deploy Dashboard / deploy (push) Successful in 18s
2026-02-21 11:18:29 +08:00
Gan, Jimmy 18605926ca security: remove hardcoded secrets, add health endpoint, add security headers 2026-02-20 22:04:01 +08:00
Gan, Jimmy c6392556d5 fix: resolve OpenClaw iframe connection refused and Docker HTTP proxy conflict
Deploy Dashboard / deploy (push) Successful in 8m20s
2026-02-20 17:25:16 +08:00
Gan, Jimmy 0519a4b4c6 fix: add proxy support to httpx to allow Telegram API requests
Deploy Dashboard / deploy (push) Successful in 3m24s
2026-02-20 10:36:59 +08:00
Gan, Jimmy 1a93caf62d feat: add container monitor & telegram alerts
Deploy Dashboard / deploy (push) Has been cancelled
Added asyncio monitoring task to main.py to watch Docker container state transitions and send Telegram notifications on failures.
2026-02-20 10:31:18 +08:00
Gan, Jimmy 651bc0580e Phase 7: Auth & Security upgrade (JWT, 2FA, Login UI) 2026-02-19 03:47:48 +08:00
Gan, Jimmy f3db7d3654 Dashboard UI overhaul: modern design with system stats, SVG icons, Inter font, theme toggle, loading states, and log modal 2026-02-19 02:29:25 +08:00
Gan, Jimmy 70aa421d7f Add NAS dashboard MVP: Docker mgmt, Gitea, Files, Terminal 2026-02-19 01:59:50 +08:00