domverse/crowdsec-admin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6 Commits 2 Branches 0 Tags
pre-portainer-migration
Commit Graph

6 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
domverse
ff8ed3428f feat: server-side reason/origin/limit filters + client-side row filter
All checks were successful
Deploy / deploy (push) Successful in 17s
Details 
Two new performance + UX wins:

- Server: /decisions now accepts reason (scenarios_containing), origin
  (origins), and limit. Default 200, max 2000. Header shows current count
  and warns when at the cap.
- Client: a "quick filter rows" input does substring match across all
  visible columns instantly with no server round-trip. Useful when the
  server-side result is small enough to scroll but you still want to find
  one scenario fast.
- Bulk select-all now toggles only currently visible rows so you can
  filter then bulk-unban.

Drops inline onclick handlers in favor of delegated change listeners to
keep per-row cost low at large limits.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-17 00:08:27 +02:00
domverse
a324d5a68d feat: bulk unban via checkboxes
All checks were successful
Deploy / deploy (push) Successful in 23s
Details 
Adds per-row checkboxes, a select-all toggle, a live "N selected" counter,
and an /unban-bulk endpoint that DELETEs each chosen decision id. Single-row
Unban buttons still work via hx-vals so they don't accidentally submit the
bulk form.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-17 00:02:59 +02:00
domverse
ffe08a3fc4 ci: retrigger after LAPI_BOUNCER_KEY secret added
All checks were successful
Deploy / deploy (push) Successful in 28s
Details
2026-06-16 23:59:45 +02:00
domverse
5d589915f7 fix: split LAPI auth — bouncer key for read, machine JWT for delete
All checks were successful
Deploy / deploy (push) Successful in 19s
Details 
LAPI does not let machine JWTs hit GET /v1/decisions even after the machine
is validated (returns 403 access forbidden). Conversely, bouncer X-Api-Key
does not satisfy DELETE /v1/decisions (returns 401 "cookie token is empty").

The webapp now holds both credentials and routes each call to the right
authority. Adds LAPI_BOUNCER_KEY env var + Gitea secret.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-16 23:58:20 +02:00
domverse
a5971403b2 fix: drop docker healthcheck so Traefik routes immediately
All checks were successful
Deploy / deploy (push) Successful in 20s
Details 
Traefik docker provider skips routing for containers whose Docker HEALTHCHECK
reports unhealthy. Our /healthz returns 503 if LAPI is unreachable, which left
the container stuck unhealthy and the router never appeared — every request
returned 404 from Traefik.

/healthz still exists for manual probes; Kuma probes via Traefik also still
work.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-16 23:51:49 +02:00
domverse
9c8b4ca0cc feat: initial scaffold of CrowdSec admin webapp
All checks were successful
Deploy / deploy (push) Successful in 39s
Details 
Flask + htmx mini-app to list and delete CrowdSec decisions from a browser,
gated behind Authentik. Talks to host LAPI via host.docker.internal:8080
using machine JWT auth (bouncer X-Api-Key is read-only).

Gitea Actions CI/CD on push to main: runner rebuilds image and brings the
stack up via docker compose on the host (same pattern as flight-radar).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-16 23:39:20 +02:00