pxe-server

ge-aerospace/pxe-server

Fork 0

Commit Graph

Author	SHA1	Message	Date
cproudlock	69a1682a7f	webapp: imaging UX overhaul + image management CRUD Imaging dashboard - services/imaging_log_tail.py: parses dnsmasq leases, Apache access log, Samba per-host log files, and dnsmasq syslog (DHCP/TFTP). Synthesizes inferred sessions keyed by MAC for bays that have only touched the boot chain but not yet pushed to /imaging/status. Active window 90 min. - imaging_status.list_sessions() merges inferred sessions into the dashboard list. Real client-pushed sessions win for the same MAC. - imaging_status: stage_history field tracks every stage transition (capped 30); sidecar .log file per serial records every log_lines push uncapped (read_full_log() caps detail-page response to 1 MB). - delete_session/delete_all_sessions clean up sidecar .log too. - New SSE endpoint /imaging/stream emits a session-list hash every 5s. Client fetches /imaging/tiles (HTML partial) on hash change and swaps #imaging-tiles innerHTML. Polling fallback at 15s if SSE drops. - Tile-swap preserves scroll, filter input, expanded state via localStorage, and any LAPS input the operator is mid-pasting (swap skipped when a laps-input is focused). - imaging.html: removed 15s location.reload(). Added live-status dot in header (gray idle / green SSE connected / red SSE lost). - _imaging_tiles.html: shared partial used by both /imaging full render and /imaging/tiles SSE refresh. Inferred bays render with yellow border + log-inferred badge + no progress bar (stage_index inference is coarse). - imaging_detail.html (new): per-bay forensics page at /imaging/session/ <serial>. Session metadata grid, stage timeline table, full sidecar log with truncation indicator, Copy-support-summary button. Linked from each client-pushed tile. - qr-render.js exposes window.renderAllQRs() so the SSE swap can re-render Intune device-ID QRs in the swapped-in tiles. Image management - services/image_registry.py: JSON registry of image types at {SAMBA_SHARE}/image-registry.json. Bootstraps from baked-in config.IMAGE_TYPES on first run. create/clone/delete/rename_friendly mutate the file then call reload() which rewrites config.IMAGE_TYPES + config.FRIENDLY_NAMES in place. Sidebar reflects on next request. - app.py routes: /images/new, /images/<t>/clone, /images/<t>/delete (with optional content-wipe checkbox), /images/<t>/rename. - dashboard.html: + New image type button + Clone/Delete per row, all in Bootstrap modals with confirmation copy. - Clone copies Deploy/ tree but preserves symlinks to shared dirs (Out-of- box Drivers, Operating Systems, Packages) so disk usage stays low. - Delete with content checked unlinks symlinks (does not follow into shared dirs). Driver / package upload + orphan adoption - services/images.py: upload_driver, adopt_orphan, remove_orphans, upload_package. Filename sanitization blocks path traversal. - app.py routes: /images/<t>/drivers/upload, /images/<t>/drivers/adopt, /images/<t>/drivers/orphans/delete, /images/<t>/packages/upload. - image_config.html: Upload .zip button + modal on Drivers section. Orphan drivers card-footer rebuilt as interactive list with per-row Adopt inline form (family + destinationDir inputs) and bulk select+delete. - Upload .zip on Packages section with optional destinationDir field that appends a packages.json entry. Configuration - config.py: new env vars DNSMASQ_LEASES, APACHE_ACCESS_LOG, SAMBA_LOG_DIR, DNSMASQ_SYSLOG for the log-tailer. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-30 13:21:06 -04:00
cproudlock	c16a4f23b4	webapp: extract service layer (config.py + services/) from app.py Phase 1a of a multi-session refactor toward a clean blueprint structure. Pulls the helper code that lived alongside the routes in the 1621-line app.py into focused modules. app.py is now 625 lines of mostly routes plus a small Flask wiring header. Behaviour is unchanged: smoke-tested against the 8 main GET routes (200 OK). New modules: - config.py env vars + IMAGE_TYPES + FRIENDLY_NAMES + SHARED_DEPLOY_* taxonomy + unattend XML namespaces. - services/audit.py audit log file handler + audit() helper. - services/csrf.py session CSRF token + before_request validator wired via init_csrf(app). - services/fs.py image_root / deploy_path / unattend_path / control_path / tools_path + load_json / save_json + resolve_destination. - services/system.py service_status / find_usb_mounts / find_upload_sources. - services/images.py image_status + load_image_config. - services/deploy.py import_deploy + _merge_tree + _replace_with_symlink + allowed_import_source. - services/unattend.py parse_unattend / build_unattend_xml / extract_form_data and the qn / qwcm / settings pass helpers. - services/wim.py extract_startnet / update_startnet / list_files wrapping wimextract / wimupdate / wimdir. Endpoint names kept stable (dashboard, clonezilla_backups, etc.) so existing url_for(...) calls in templates are unchanged. Phase 1b (Flask blueprints with ".endpoint" naming) deferred to a future session because it requires updating ~30 url_for sites in templates and is mostly cosmetic. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-08 18:25:32 -04:00

Author

SHA1

Message

Date

cproudlock

69a1682a7f

webapp: imaging UX overhaul + image management CRUD

Imaging dashboard
- services/imaging_log_tail.py: parses dnsmasq leases, Apache access log,
  Samba per-host log files, and dnsmasq syslog (DHCP/TFTP). Synthesizes
  inferred sessions keyed by MAC for bays that have only touched the boot
  chain but not yet pushed to /imaging/status. Active window 90 min.
- imaging_status.list_sessions() merges inferred sessions into the dashboard
  list. Real client-pushed sessions win for the same MAC.
- imaging_status: stage_history field tracks every stage transition (capped
  30); sidecar .log file per serial records every log_lines push uncapped
  (read_full_log() caps detail-page response to 1 MB).
- delete_session/delete_all_sessions clean up sidecar .log too.
- New SSE endpoint /imaging/stream emits a session-list hash every 5s.
  Client fetches /imaging/tiles (HTML partial) on hash change and swaps
  #imaging-tiles innerHTML. Polling fallback at 15s if SSE drops.
- Tile-swap preserves scroll, filter input, expanded state via localStorage,
  and any LAPS input the operator is mid-pasting (swap skipped when a
  laps-input is focused).
- imaging.html: removed 15s location.reload(). Added live-status dot in
  header (gray idle / green SSE connected / red SSE lost).
- _imaging_tiles.html: shared partial used by both /imaging full render and
  /imaging/tiles SSE refresh. Inferred bays render with yellow border +
  log-inferred badge + no progress bar (stage_index inference is coarse).
- imaging_detail.html (new): per-bay forensics page at /imaging/session/
  <serial>. Session metadata grid, stage timeline table, full sidecar log
  with truncation indicator, Copy-support-summary button. Linked from each
  client-pushed tile.
- qr-render.js exposes window.renderAllQRs() so the SSE swap can re-render
  Intune device-ID QRs in the swapped-in tiles.

Image management
- services/image_registry.py: JSON registry of image types at
  {SAMBA_SHARE}/image-registry.json. Bootstraps from baked-in
  config.IMAGE_TYPES on first run. create/clone/delete/rename_friendly
  mutate the file then call reload() which rewrites config.IMAGE_TYPES +
  config.FRIENDLY_NAMES in place. Sidebar reflects on next request.
- app.py routes: /images/new, /images/<t>/clone, /images/<t>/delete (with
  optional content-wipe checkbox), /images/<t>/rename.
- dashboard.html: + New image type button + Clone/Delete per row, all in
  Bootstrap modals with confirmation copy.
- Clone copies Deploy/ tree but preserves symlinks to shared dirs (Out-of-
  box Drivers, Operating Systems, Packages) so disk usage stays low.
- Delete with content checked unlinks symlinks (does not follow into shared
  dirs).

Driver / package upload + orphan adoption
- services/images.py: upload_driver, adopt_orphan, remove_orphans,
  upload_package. Filename sanitization blocks path traversal.
- app.py routes: /images/<t>/drivers/upload, /images/<t>/drivers/adopt,
  /images/<t>/drivers/orphans/delete, /images/<t>/packages/upload.
- image_config.html: Upload .zip button + modal on Drivers section. Orphan
  drivers card-footer rebuilt as interactive list with per-row Adopt inline
  form (family + destinationDir inputs) and bulk select+delete.
- Upload .zip on Packages section with optional destinationDir field that
  appends a packages.json entry.

Configuration
- config.py: new env vars DNSMASQ_LEASES, APACHE_ACCESS_LOG, SAMBA_LOG_DIR,
  DNSMASQ_SYSLOG for the log-tailer.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-30 13:21:06 -04:00

cproudlock

c16a4f23b4

webapp: extract service layer (config.py + services/) from app.py

Phase 1a of a multi-session refactor toward a clean blueprint
structure. Pulls the helper code that lived alongside the routes in
the 1621-line app.py into focused modules. app.py is now 625 lines
of mostly routes plus a small Flask wiring header. Behaviour is
unchanged: smoke-tested against the 8 main GET routes (200 OK).

New modules:

- config.py            env vars + IMAGE_TYPES + FRIENDLY_NAMES +
                       SHARED_DEPLOY_* taxonomy + unattend XML
                       namespaces.
- services/audit.py    audit log file handler + audit() helper.
- services/csrf.py     session CSRF token + before_request validator
                       wired via init_csrf(app).
- services/fs.py       image_root / deploy_path / unattend_path /
                       control_path / tools_path + load_json /
                       save_json + resolve_destination.
- services/system.py   service_status / find_usb_mounts /
                       find_upload_sources.
- services/images.py   image_status + load_image_config.
- services/deploy.py   import_deploy + _merge_tree +
                       _replace_with_symlink + allowed_import_source.
- services/unattend.py parse_unattend / build_unattend_xml /
                       extract_form_data and the qn / qwcm / settings
                       pass helpers.
- services/wim.py      extract_startnet / update_startnet / list_files
                       wrapping wimextract / wimupdate / wimdir.

Endpoint names kept stable (dashboard, clonezilla_backups, etc.) so
existing url_for(...) calls in templates are unchanged. Phase 1b
(Flask blueprints with ".endpoint" naming) deferred to a future
session because it requires updating ~30 url_for sites in templates
and is mostly cosmetic.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-08 18:25:32 -04:00

2 Commits