domverse/crowdsec-admin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10 Commits 2 Branches 0 Tags
13e672c18daff1e2592f1036c383c39f4b9f6fe8
Commit Graph

5 Commits

Author SHA1 Message Date
domverse
f82ef9d82e chore(docker): add HEALTHCHECK probe
All checks were successful
Deploy / deploy (push) Successful in 17s
Details 
Python urllib GET / on 127.0.0.1:8000. start_period=30s
gives gunicorn workers time to boot. Lets Docker mark
container unhealthy if Flask app wedges, and feeds
Portainer + diagnose.sh signal that the app is alive.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-20 21:31:33 +02:00
domverse
ff8ed3428f feat: server-side reason/origin/limit filters + client-side row filter
All checks were successful
Deploy / deploy (push) Successful in 17s
Details 
Two new performance + UX wins:

- Server: /decisions now accepts reason (scenarios_containing), origin
  (origins), and limit. Default 200, max 2000. Header shows current count
  and warns when at the cap.
- Client: a "quick filter rows" input does substring match across all
  visible columns instantly with no server round-trip. Useful when the
  server-side result is small enough to scroll but you still want to find
  one scenario fast.
- Bulk select-all now toggles only currently visible rows so you can
  filter then bulk-unban.

Drops inline onclick handlers in favor of delegated change listeners to
keep per-row cost low at large limits.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-17 00:08:27 +02:00
domverse
a324d5a68d feat: bulk unban via checkboxes
All checks were successful
Deploy / deploy (push) Successful in 23s
Details 
Adds per-row checkboxes, a select-all toggle, a live "N selected" counter,
and an /unban-bulk endpoint that DELETEs each chosen decision id. Single-row
Unban buttons still work via hx-vals so they don't accidentally submit the
bulk form.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-17 00:02:59 +02:00
domverse
5d589915f7 fix: split LAPI auth — bouncer key for read, machine JWT for delete
All checks were successful
Deploy / deploy (push) Successful in 19s
Details 
LAPI does not let machine JWTs hit GET /v1/decisions even after the machine
is validated (returns 403 access forbidden). Conversely, bouncer X-Api-Key
does not satisfy DELETE /v1/decisions (returns 401 "cookie token is empty").

The webapp now holds both credentials and routes each call to the right
authority. Adds LAPI_BOUNCER_KEY env var + Gitea secret.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-16 23:58:20 +02:00
domverse
9c8b4ca0cc feat: initial scaffold of CrowdSec admin webapp
All checks were successful
Deploy / deploy (push) Successful in 39s
Details 
Flask + htmx mini-app to list and delete CrowdSec decisions from a browser,
gated behind Authentik. Talks to host LAPI via host.docker.internal:8080
using machine JWT auth (bouncer X-Api-Key is read-only).

Gitea Actions CI/CD on push to main: runner rebuilds image and brings the
stack up via docker compose on the host (same pattern as flight-radar).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-16 23:39:20 +02:00