linux_patch_manager

git-echo/linux_patch_manager

Private

Public Access

Fork 0

Commit Graph

Author	SHA1	Message	Date
Echo	6c72dc3ac6	feat: populate os_family, os_name, arch, agent_version from health poller and enrollment Some checks failed CI Pipeline / Rust Format Check (push) Failing after 2s CI Pipeline / Clippy Lints (push) Failing after 1s CI Pipeline / Rust Unit Tests (push) Failing after 2s CI Pipeline / Security Audit (push) Failing after 2s CI Pipeline / Frontend Lint & Type Check (push) Failing after 3s CI Pipeline / Build .deb & Release (push) Has been skipped - health_poller: persist agent_version from HealthData.version - health_poller: call /system/info to update os_family, os_name, arch - enrollment: set os_family and arch from os_details during approval - enrollment: build os_name from os+os_version when name field absent - COALESCE in UPDATE preserves existing values when new data unavailable - version bump 0.1.7 -> 0.1.8	2026-05-21 00:09:57 +00:00
Echo	6811f84a7c	feat(M2): Authentication, Authorization & Frontend Shell - pm-auth::password: Argon2id (m=65536,t=3,p=1) hashing + verification - pm-auth::jwt: EdDSA/Ed25519 JWT issuance + validation (15-min TTL) - pm-auth::refresh: Opaque 256-bit refresh tokens, SHA-256 hashed, 1-hour sliding inactivity timeout, rotation on use, revocable - pm-auth::mfa_totp: TOTP setup/verify (HMAC-SHA1, 6-digit, 30s) with otpauth:// URI generation (Google Authenticator compatible) - pm-auth::mfa_webauthn: Stub (full implementation deferred) - pm-auth::rbac: Axum middleware for JWT auth + IP whitelist + admin/operator role enforcement + FromRequestParts extractor - pm-auth::session: Full login flow (password → MFA → tokens), token refresh, logout, force-logout - pm-web auth routes: POST /api/v1/auth/login\|refresh\|logout, GET /api/v1/auth/mfa/setup, POST /api/v1/auth/mfa/verify - IP whitelist middleware on all protected connection points - migrations/002_seed_admin.sql: Default admin account seed - Frontend: Auth store (Zustand with persistence), login page with MFA prompt, MFA setup page (stepper), JWT auto-refresh interceptor, route guards (RequireAuth), updated App.tsx routing - cargo check --workspace: zero errors, 1 minor warning Closes M2.	2026-04-23 16:10:08 +00:00

Author

SHA1

Message

Date

Echo

6c72dc3ac6

feat: populate os_family, os_name, arch, agent_version from health poller and enrollment

CI Pipeline / Rust Format Check (push) Failing after 2s

CI Pipeline / Clippy Lints (push) Failing after 1s

CI Pipeline / Rust Unit Tests (push) Failing after 2s

CI Pipeline / Security Audit (push) Failing after 2s

CI Pipeline / Frontend Lint & Type Check (push) Failing after 3s

CI Pipeline / Build .deb & Release (push) Has been skipped

- health_poller: persist agent_version from HealthData.version
- health_poller: call /system/info to update os_family, os_name, arch
- enrollment: set os_family and arch from os_details during approval
- enrollment: build os_name from os+os_version when name field absent
- COALESCE in UPDATE preserves existing values when new data unavailable
- version bump 0.1.7 -> 0.1.8

2026-05-21 00:09:57 +00:00

Echo

6811f84a7c

feat(M2): Authentication, Authorization & Frontend Shell

- pm-auth::password: Argon2id (m=65536,t=3,p=1) hashing + verification
- pm-auth::jwt: EdDSA/Ed25519 JWT issuance + validation (15-min TTL)
- pm-auth::refresh: Opaque 256-bit refresh tokens, SHA-256 hashed,
  1-hour sliding inactivity timeout, rotation on use, revocable
- pm-auth::mfa_totp: TOTP setup/verify (HMAC-SHA1, 6-digit, 30s)
  with otpauth:// URI generation (Google Authenticator compatible)
- pm-auth::mfa_webauthn: Stub (full implementation deferred)
- pm-auth::rbac: Axum middleware for JWT auth + IP whitelist +
  admin/operator role enforcement + FromRequestParts extractor
- pm-auth::session: Full login flow (password → MFA → tokens),
  token refresh, logout, force-logout
- pm-web auth routes: POST /api/v1/auth/login|refresh|logout,
  GET /api/v1/auth/mfa/setup, POST /api/v1/auth/mfa/verify
- IP whitelist middleware on all protected connection points
- migrations/002_seed_admin.sql: Default admin account seed
- Frontend: Auth store (Zustand with persistence), login page with
  MFA prompt, MFA setup page (stepper), JWT auto-refresh interceptor,
  route guards (RequireAuth), updated App.tsx routing
- cargo check --workspace: zero errors, 1 minor warning

Closes M2.

2026-04-23 16:10:08 +00:00

2 Commits