pxe-server

ge-aerospace/pxe-server

Fork 0

Commit Graph

Author	SHA1	Message	Date
cproudlock	9122b28c31	webapp: imaging progress dashboard + serial column on reports list Adds end-to-end progress tracking for PXE imaging sessions and surfaces each Blancco report's BIOS serial in the report list. webapp: * services/imaging_status.py - JSON-per-serial state store under IMAGING_DIR (default /var/log/pxe-imaging). Atomic write via tempfile + rename. log_tail capped at 50 lines. Merges partial updates so clients can post just the current_stage tick. * config.py - new IMAGING_DIR env-overridable path. * services/csrf.py - explicit exempt list for machine-to-machine endpoints; /imaging/status is the first entry. Air-gapped LAN; trust-by-network for client posts. * app.py - four new routes: GET /imaging dashboard (renders all sessions) POST /imaging/status client status push (JSON body) GET /imaging/<serial>.json raw session JSON for ad-hoc polling POST /imaging/delete/<s> clear a session from the dashboard Also parses each Blancco XML in the /reports list to surface system.serial + system.model columns. * templates/imaging.html - Bootstrap dashboard with per-session cards (state badge, progress bar, stage idx/total, mac, elapsed, log tail). meta http-equiv refresh=5 for auto-tick. * templates/base.html - new "Imaging Progress" nav entry. * templates/reports.html - Serial + Model columns added. playbook: * shopfloor-setup/Shopfloor/lib/Send-PxeStatus.ps1 - new helper. Dot-source this then call Send-PxeStatus -Stage X -StageIndex N -StageTotal M from any stage script. BIOS serial via CIM, MAC via Get-NetAdapter, pctype + machinenumber from C:\Enrollment. Failures are swallowed to a local log so a network blip doesn't block imaging. * shopfloor-setup/Run-ShopfloorSetup.ps1 - dot-sources helper + posts at three coarse milestones (start, PPKG enrollment, handoff to Monitor-IntuneProgress). * shopfloor-setup/gea-shopfloor-keyence/09-Setup-Keyence.ps1 - posts at session start + after Install-FromManifest with succeeded/failed status derived from $rc. Other 09-Setup-*.ps1 scripts can follow the same pattern. ID is BIOS serial (stable across WinPE -> Windows transition and across reboots, unlike hostname which is random pre-PPKG). Operator already knows the serial of the bay they imaged. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-13 10:07:18 -04:00
cproudlock	c16a4f23b4	webapp: extract service layer (config.py + services/) from app.py Phase 1a of a multi-session refactor toward a clean blueprint structure. Pulls the helper code that lived alongside the routes in the 1621-line app.py into focused modules. app.py is now 625 lines of mostly routes plus a small Flask wiring header. Behaviour is unchanged: smoke-tested against the 8 main GET routes (200 OK). New modules: - config.py env vars + IMAGE_TYPES + FRIENDLY_NAMES + SHARED_DEPLOY_* taxonomy + unattend XML namespaces. - services/audit.py audit log file handler + audit() helper. - services/csrf.py session CSRF token + before_request validator wired via init_csrf(app). - services/fs.py image_root / deploy_path / unattend_path / control_path / tools_path + load_json / save_json + resolve_destination. - services/system.py service_status / find_usb_mounts / find_upload_sources. - services/images.py image_status + load_image_config. - services/deploy.py import_deploy + _merge_tree + _replace_with_symlink + allowed_import_source. - services/unattend.py parse_unattend / build_unattend_xml / extract_form_data and the qn / qwcm / settings pass helpers. - services/wim.py extract_startnet / update_startnet / list_files wrapping wimextract / wimupdate / wimdir. Endpoint names kept stable (dashboard, clonezilla_backups, etc.) so existing url_for(...) calls in templates are unchanged. Phase 1b (Flask blueprints with ".endpoint" naming) deferred to a future session because it requires updating ~30 url_for sites in templates and is mostly cosmetic. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-08 18:25:32 -04:00

Author

SHA1

Message

Date

cproudlock

9122b28c31

webapp: imaging progress dashboard + serial column on reports list

Adds end-to-end progress tracking for PXE imaging sessions and surfaces
each Blancco report's BIOS serial in the report list.

webapp:
  * services/imaging_status.py - JSON-per-serial state store under
    IMAGING_DIR (default /var/log/pxe-imaging). Atomic write via
    tempfile + rename. log_tail capped at 50 lines. Merges partial
    updates so clients can post just the current_stage tick.
  * config.py - new IMAGING_DIR env-overridable path.
  * services/csrf.py - explicit exempt list for machine-to-machine
    endpoints; /imaging/status is the first entry. Air-gapped LAN;
    trust-by-network for client posts.
  * app.py - four new routes:
      GET  /imaging               dashboard (renders all sessions)
      POST /imaging/status        client status push (JSON body)
      GET  /imaging/<serial>.json raw session JSON for ad-hoc polling
      POST /imaging/delete/<s>    clear a session from the dashboard
    Also parses each Blancco XML in the /reports list to surface
    system.serial + system.model columns.
  * templates/imaging.html - Bootstrap dashboard with per-session
    cards (state badge, progress bar, stage idx/total, mac, elapsed,
    log tail). meta http-equiv refresh=5 for auto-tick.
  * templates/base.html - new "Imaging Progress" nav entry.
  * templates/reports.html - Serial + Model columns added.

playbook:
  * shopfloor-setup/Shopfloor/lib/Send-PxeStatus.ps1 - new helper.
    Dot-source this then call Send-PxeStatus -Stage X -StageIndex N
    -StageTotal M from any stage script. BIOS serial via CIM, MAC via
    Get-NetAdapter, pctype + machinenumber from C:\Enrollment.
    Failures are swallowed to a local log so a network blip doesn't
    block imaging.
  * shopfloor-setup/Run-ShopfloorSetup.ps1 - dot-sources helper +
    posts at three coarse milestones (start, PPKG enrollment,
    handoff to Monitor-IntuneProgress).
  * shopfloor-setup/gea-shopfloor-keyence/09-Setup-Keyence.ps1 -
    posts at session start + after Install-FromManifest with
    succeeded/failed status derived from $rc. Other 09-Setup-*.ps1
    scripts can follow the same pattern.

ID is BIOS serial (stable across WinPE -> Windows transition and
across reboots, unlike hostname which is random pre-PPKG). Operator
already knows the serial of the bay they imaged.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-13 10:07:18 -04:00

cproudlock

c16a4f23b4

webapp: extract service layer (config.py + services/) from app.py

Phase 1a of a multi-session refactor toward a clean blueprint
structure. Pulls the helper code that lived alongside the routes in
the 1621-line app.py into focused modules. app.py is now 625 lines
of mostly routes plus a small Flask wiring header. Behaviour is
unchanged: smoke-tested against the 8 main GET routes (200 OK).

New modules:

- config.py            env vars + IMAGE_TYPES + FRIENDLY_NAMES +
                       SHARED_DEPLOY_* taxonomy + unattend XML
                       namespaces.
- services/audit.py    audit log file handler + audit() helper.
- services/csrf.py     session CSRF token + before_request validator
                       wired via init_csrf(app).
- services/fs.py       image_root / deploy_path / unattend_path /
                       control_path / tools_path + load_json /
                       save_json + resolve_destination.
- services/system.py   service_status / find_usb_mounts /
                       find_upload_sources.
- services/images.py   image_status + load_image_config.
- services/deploy.py   import_deploy + _merge_tree +
                       _replace_with_symlink + allowed_import_source.
- services/unattend.py parse_unattend / build_unattend_xml /
                       extract_form_data and the qn / qwcm / settings
                       pass helpers.
- services/wim.py      extract_startnet / update_startnet / list_files
                       wrapping wimextract / wimupdate / wimdir.

Endpoint names kept stable (dashboard, clonezilla_backups, etc.) so
existing url_for(...) calls in templates are unchanged. Phase 1b
(Flask blueprints with ".endpoint" naming) deferred to a future
session because it requires updating ~30 url_for sites in templates
and is mostly cosmetic.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-08 18:25:32 -04:00

2 Commits