13 Commits

Author	SHA1	Message	Date
Draco-Lunaris-Echo	b9fb3427e0	fix(security): encrypt app secrets at rest with AES-256-GCM (#6) ... Encrypt three sensitive secrets that were stored in plaintext: OIDC client_secret, SMTP smtp_password, TOTP totp_secret. AES-256-GCM via pm-core::crypto helper. New per-install key at /etc/patch-manager/keys/secret-encryption.key, separate from health-check.key for blast-radius isolation. MASKED placeholder behavior in API responses is preserved. 23 files changed, +1248 / -28. Closes #6.	2026-06-03 15:08:25 -05:00
Draco-Lunaris-Echo	88b190ac8d	fix(security): restrict auth-config mutations to Admin role (#5) ... Restrict manager-wide authentication configuration mutations (OIDC, SMTP, IP allowlist) to Admin role. Operators now receive 403 forbidden_role. - New admin_required helper in settings.rs - 4 gate changes: update_settings, discover_oidc, test_oidc, update_ip_whitelist - 5 new AuditAction variants + migration 019 - SPA friendly error message on 403 - 3 admin_required unit tests pass (43/43) - Full integration tests deferred to issue #15 Closes #5	2026-06-03 09:16:41 -05:00
Echo	6c72dc3ac6	feat: populate os_family, os_name, arch, agent_version from health poller and enrollment ... - health_poller: persist agent_version from HealthData.version - health_poller: call /system/info to update os_family, os_name, arch - enrollment: set os_family and arch from os_details during approval - enrollment: build os_name from os+os_version when name field absent - COALESCE in UPDATE preserves existing values when new data unavailable - version bump 0.1.7 -> 0.1.8	2026-05-21 00:09:57 +00:00
Echo	f70c5e53f9	feat: add host editing endpoint and frontend UI	2026-05-18 21:52:00 +00:00
Echo	3878bd4952	feat: add reporter role for SSO auto-provisioning	2026-05-14 02:23:18 +00:00
Echo	69d2e88bbd	feat: OIDC SSO provider support (Keycloak, Azure AD, custom) ... - Refactored azure_sso.rs to sso.rs with generic OIDC provider support - Added OIDC discovery URL lookup with 1hr TTL caching - Added PKCE for all providers, client_secret optional for public clients - Added /api/v1/auth/sso/login and /api/v1/auth/sso/callback routes - Added /api/v1/auth/azure/* backward-compatible routes - Added POST /settings/sso/discover and POST /settings/sso/test endpoints - Frontend: Provider dropdown (Keycloak/Azure AD/Custom OIDC) - Frontend: Auto-fill discovery URL for Keycloak - Frontend: Discover Endpoints and Test Connection buttons - Frontend: Dynamic SSO button based on provider display name - Made migration 014 idempotent with DO blocks and IF NOT EXISTS - Fixed debian/install to use /usr/local/bin/ for binaries - Fixed frontend file path in .deb package - Reset admin password on dev server - Fixed database permissions for oidc_config table	2026-05-13 13:32:24 +00:00
Echo	e3d8569b05	feat: include notification recipients in SMTP test email	2026-05-13 00:33:41 +00:00
Echo	c8b6b01dbc	fix: resolve settings save failure - boolean type mismatch and improve error messages	2026-05-13 00:07:46 +00:00
Echo	f04565ead7	style: cargo fmt --all for v0.1.3 SSO changes	2026-05-12 17:14:48 +00:00
Echo	86a6c714d4	feat: Complete Azure SSO implementation (v0.1.3) ... - Add SSO session cleanup task (10-min expiry, 60s purge interval) - Change callback to redirect to frontend with tokens as query params - Add sso_callback_url to SecurityConfig with serde default - Add SsoCallbackPage.tsx for handling SSO callback redirects - Add /auth/sso/callback public route to App.tsx - Add Sign in with Microsoft Azure button to LoginPage - Replace insecure decode_jwt_payload with verify_id_token - Implement JWKS caching (1-hour TTL) and RSA signature verification - Validate iss, aud, exp claims on id_token - Add jsonwebtoken dependency to pm-web crate - Update config.example.toml with sso_callback_url setting - Add sso_callback_url to settings response (read-only from TOML)	2026-05-12 17:01:20 +00:00
Echo	5a4d4d583e	style: Apply rustfmt with stable-only config ... - Fixed rustfmt.toml to only use stable options (removed nightly-only) - Applied cargo fmt --all to fix formatting violations - Stable options: edition=2021, max_width=100, reorder_imports/modules, match_block_trailing_comma	2026-04-24 15:32:50 +00:00
Echo	297bf1bd83	feat(M11+M12): Email notifications, audit hardening, deployment packaging, backup/DR, integration testing ... M11 - Email Notifications + Audit Logging Hardening: - Email notifier (lettre crate) with templates for patch failure, job completion, maintenance reminders - Audit log hash chaining (prev_hash + row_hash) for tamper-evident logging - Periodic + on-demand audit integrity verification - Audit logging for all config changes and certificate operations - Frontend: email settings integration, audit integrity verification action M12 - Deployment Packaging, Backup/DR, Integration Testing: - scripts/backup.sh: Nightly pg_dump, CA backup (GPG), config backup (secrets excluded unless encrypted) - scripts/setup.sh: Enhanced with backup dir, seed migration, backup cron, systemd target install - systemd units: Restart=always, WatchdogSec, ReadWritePaths, security hardening - systemd/patch-manager.target: Service target for coordinated lifecycle - docs/runbooks/restore.md: Full DR runbook with RPO 24h / RTO 4h targets - scripts/integration-test.sh: 9 test suites covering full API lifecycle - scripts/performance-test.sh: NFR validation (dashboard <5s, CIDR /22 <10s, API <2s) - docs/security-review.md: Comprehensive security control verification - docs/compliance-mapping.md: HIPAA (6 sections) + PCI-DSS v4.0 (9 requirements) mapped	2026-04-24 00:45:51 +00:00
Echo	84ab92f4f0	feat(M10): Settings page - Azure SSO, SMTP, polling, IP whitelist, TLS strategy	2026-04-23 21:40:37 +00:00