Your Name
8530f0e0d5
安全补强: 6项P0/P1漏洞修复
...
P0-1: PHP配置注入防护 — install.py添加_escape_php_string()转义单引号和反斜杠
P0-2: WebSocket JWT校验 — _verify_ws_token()要求exp+sub字段
P1-1: 删除SHA256密码fallback — auth_service.py和auth.py直接import bcrypt
P1-3: LIKE通配符转义 — search.py添加_escape_like()并对所有ilike()加escape参数
P1-2: 安全响应头中间件 — main.py添加SecurityHeadersMiddleware注入4个安全头
P0-3: Refresh Token重用检测 — Admin模型添加token_version字段,token格式改为token:admin_id:version
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com >
2026-05-22 22:16:50 +08:00
Your Name
cea5730804
P0: Add StaticFiles mount + root redirect to install wizard
...
Critical fix: FastAPI was not serving any static files, causing all
frontend pages (install.html, login.html, etc.) to return 404.
Changes:
- Add StaticFiles mount at /app/ for web/app/ directory (html=True)
- Redirect root path / to /app/install.html in install mode
- Remove redundant "/" path bypass in InstallModeMiddleware
- Production Nginx still serves static files directly (no conflict)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 12:24:32 +08:00
Your Name
dfc37f6e90
修复设置页面键名与后端DB_OVERRIDE_MAP不匹配
...
settings.html引用pool_size/max_overflow/agent_heartbeat_interval
但config.py的DB_OVERRIDE_MAP期望db_pool_size/db_max_overflow/
heartbeat_timeout,导致这些设置无法从MySQL正确加载。
对齐前端键名与后端映射表。
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 12:02:08 +08:00
Your Name
0bcfeaa6d6
修复心跳刷入rollback误用 + API参数规范化
...
- heartbeat_flush: 移除循环内session.rollback(),防止一个服务器
刷入失败导致整个批次session状态损坏
- assets.py: 为Query参数添加Query()类型+描述+校验约束,
统一FastAPI参数风格 (server_id/session_id/limit/parent_id)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 11:58:15 +08:00
Your Name
cb5b4c42de
多Worker守护 + 告警服务器名 + 清理PHP残留
...
- main.py: Redis主Worker选举,防止多Worker重复执行后台任务
- agent.py: 告警/恢复广播使用真实服务器名(查MySQL)替代"server-{id}"
- sync_v2.py: 修复browse目录解析死代码,正确取parts[8]
- install.html: 移除过时install.php引用,更新为"删除.env重装"
- nginx配置: 移除PHP-FPM路由(install.html纯静态无需PHP)
- schedule_runner: 清理未使用的get_redis_sync导入
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 11:54:11 +08:00
Your Name
b36e1d8010
服务器详情: 兼容多种Agent心跳字段名(cpu_percent/cpu_usage)
...
- normalize: cpu_percent || cpu_usage, memory_percent || mem_usage, disk_percent || disk_usage
- 防止Agent使用不同字段名时显示空白
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 11:23:19 +08:00
Your Name
8a5d4159a4
文件管理: 添加缺失的路径输入框 + Enter键触发浏览
...
- 添加dirPath输入框(之前只有JS引用没有DOM元素)
- Enter键支持快速跳转到指定路径
- 输入框预填默认值'/'
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 11:13:23 +08:00
Your Name
c03fe97d18
UX优化: 同步日志显示服务器名 + redis_url可编辑
...
- 同步日志API: JOIN Server表返回server_name字段
- 推送历史: 显示服务器名称替代操作人
- 仪表盘最近同步: 显示服务器名称替代server_id
- redis_url从SENSITIVE_KEYS移除(非密码,用户需可编辑)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 11:10:20 +08:00
Your Name
e9feaa6cdc
前后端一致性审计 + 批量操作 + 调度同步模式
...
- 服务器列表: 添加批量选择(checkbox)+批量推送/删除操作栏
- 推送页面: 支持从服务器列表页预选服务器跳转(sessionStorage)
- 调度页面: 添加同步模式选择(增量/全量/校验和)
- 后端: PushSchedule模型+Schema+API+ScheduleRunner添加sync_mode字段
- 仪表盘: 移除重复的函数定义和初始化调用
- 数据库迁移: 启动时自动执行schema migration(添加sync_mode列)
- 安装向导: 添加schema migration步骤
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 11:01:17 +08:00
Your Name
83547c0b2e
服务器列表分类过滤 + 搜索增强
...
- 添加分类过滤下拉框(对接/api/servers/?category=参数)
- 自动从服务器数据提取分类选项填充下拉框
- 搜索框也匹配分类字段
- 添加刷新按钮
- 切换分类时自动重新加载服务器列表
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 10:11:15 +08:00
Your Name
2ec24371c5
/api/auth/me 返回 system_name 供前端品牌定制
...
- auth.py: /me端点现在查询settings表返回system_name字段
- layout.js的loadLayoutUser()使用此字段动态更新侧边栏品牌名
- 用户在设置页修改"系统名称"后,所有页面侧边栏自动显示
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 09:54:19 +08:00
Your Name
8ae4bc48cd
文件管理增强 + 更新项目完成度至99%
...
- files.html: 面包屑导航、目录排序(文件夹优先)、父目录(..)链接、
文件所有者显示、toast反馈、owner列
- CLAUDE.md: 更新实现状态,新增Phase E UX增强条目(S1-S3安全,
UX1-UX10前端体验),完成度从95%提升至99%
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 09:49:10 +08:00
Your Name
9d34655cc1
fix: Alpine.js x-data缺失 + 登录页429锁定处理
...
- index.html/servers.html: 添加缺失的 x-data="{sidebarOpen:true}"
(Alpine.js需要初始化sidebarOpen变量)
- login.html: 正确处理429状态码(账户临时锁定),显示锁定提示
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 09:46:23 +08:00
Your Name
249a1aaed9
重试队列增强 + 审计分页
...
- 后端: 添加 POST /api/retries/{id}/retry (手动重试) + DELETE /api/retries/{id}
+ 审计日志分页(offset/limit/count) + PushRetryJobRepo新增get_all/get_by_id/delete
- 前端retries: 手动重试按钮、删除按钮、状态过滤、操作人显示、toast反馈
- 前端audit: 分页控件(上一页/下一页)、每页50条、新增retry_job/delete_retry过滤
- 修复index.html: 适配审计API新返回格式(data.items)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 09:41:33 +08:00
Your Name
120ae186ef
统一所有页面到layout.js共享布局组件
...
- 将11个业务页面(index/servers/files/scripts/credentials/settings/terminal等)
的内联侧边栏全部迁移到layout.js的initLayout()共享组件
- 移除各页面重复的loadUser()函数,统一由layout.js处理
- 统一全局搜索功能、用户信息加载、品牌名称显示
- 消除约800行重复的侧边栏HTML代码
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 09:29:25 +08:00
Your Name
cca410da33
P2: 推送页面增强 + 登录页安全强化
...
- push.html: 完整重写 — 逐服务器状态显示(成功/失败/等待)、进度条、
同步模式选择卡片、并发/批次配置、全选/全不选、推送历史记录、toast反馈
- login.html: 密码可见性切换(eye图标)、失败次数提示(3次/5次警告)、
登录失败时卡片shake动画、锁定警告提示区、迁移layout.js
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 09:23:38 +08:00
Your Name
26833f00d3
P1: Toast通知系统 + 脚本编辑/执行结果格式化
...
- api.js: 添加全局toast()通知函数,支持success/error/warning/info四种类型
- scripts.html: 完整重写 — 点击脚本名编辑、执行结果按服务器格式化显示(command/stdout/stderr/exit_code)
- servers.html/credentials.html/schedules.html/settings.html: 所有操作添加toast反馈
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 09:20:44 +08:00
Your Name
d4ea03d735
P2: 全局搜索功能 — 后端API + 前端侧边栏搜索
...
- 新增 /api/search/ 端点: 跨服务器/脚本/凭据/调度搜索
- layout.js: 侧边栏底部搜索框, 300ms防抖, 下拉结果面板
- main.py: 注册搜索路由
2026-05-22 09:08:09 +08:00
Your Name
f262876b25
P2: 共享侧边栏布局组件 + 4个页面迁移
...
Nexus CI/CD / test (push) Waiting to run
Nexus CI/CD / deploy (push) Blocked by required conditions
Nexus Pre-commit Checks / quick-check (push) Waiting to run
- 新增 layout.js: initLayout() 自动生成侧边栏+高亮+用户信息
- retries/audit/schedules 已迁移到共享布局
- 减少约200行重复HTML代码
2026-05-22 09:05:49 +08:00
Your Name
bfa50337e5
P1+P2: 前端功能增强
...
- servers.html: 服务器详情面板(系统信息/同步日志/SSH会话三标签页)
- index.html: 仪表盘增强(分类分布图/最近同步日志/自动刷新30s)
- credentials.html: 密码预设标签页(对接/api/presets/ CRUD)
2026-05-22 09:03:18 +08:00
Your Name
305f8d5689
P1: 全局JWT保护 + 审计日志补全 — scripts/assets/servers
...
- scripts.py: 所有9个端点添加JWT认证 + CUD操作审计日志
- assets.py: 所有GET端点添加JWT + 写操作审计日志补全
- servers.py: GET端点JWT保护(上轮未提交)
- WSL全量验证通过: ALL CHECKS PASSED
2026-05-22 08:55:34 +08:00
Your Name
785ffe2a7e
fix: 设置页面敏感字段显示为只读锁定状态
...
脱敏值(包含***或...)显示为只读文本+🔒 标记,防止用户编辑部分遮蔽值
2026-05-22 08:47:16 +08:00
Your Name
55b7cbe904
fix: P1安全加固 — 全局JWT保护 + 审计日志补全 + 敏感字段过滤
...
Settings API:
- 所有端点添加JWT认证(get_current_admin)
- 不可改项(secret_key/api_key/encryption_key/database_url)禁止PUT修改
- 敏感字段GET响应自动脱敏(前8位+...)
- Schedules/Presets/Retry CRUD添加JWT+审计日志
Servers API:
- POST/PUT/DELETE添加JWT认证
- 服务器增删改写审计日志
Assets API:
- Platform/Node写操作添加JWT认证
- Platform创建添加审计日志
2026-05-22 08:46:09 +08:00
Your Name
b9139093f1
fix: 更新.env.example + CLAUDE.md反映D2迁移
...
- .env.example: install.php→install.html引用, 添加NEXUS_API_BASE_URL
- install.py: 移除_write_env中重复的site_url计算
- CLAUDE.md: 全面更新项目记忆, 反映6步完成+D1/D2/D3解决
2026-05-22 08:39:33 +08:00
Your Name
f796ddf0a5
feat: D2 install.php→install.html迁移 + D3 WebSSH终端完善
...
D2: install.php → install.html + FastAPI API
- 新增 server/api/install.py: 6个安装向导API端点(无JWT)
- 新增 web/app/install.html: Alpine.js五步安装向导
- main.py: 条件启动模式(无.env=安装模式,仅/api/install/可用)
- InstallModeMiddleware: 安装模式下非安装路由返回503
- DbSessionMiddleware: 跳过安装API(自管理临时引擎连接)
- 三写一致性: .env + config.php + MySQL settings表同步
D3: WebSSH terminal.html 完善
- 全功能xterm.js终端 + Koko协议 + 自动resize
- Alpine.js + Tailwind CSS v4 统一风格
- 全屏/断开连接/连接状态指示器
文档更新:
- status.md: 第五步→✅ , 完成度~95%
- roadmap.md: D2技术债务已解决
2026-05-22 08:37:01 +08:00
Your Name
c9a99f4fb3
fix: 全项目文档对齐 + 代码清理
...
代码修复:
- web/agent/agent.py: datetime.utcnow() → datetime.now(timezone.utc)
- requirements.txt: 移除 paramiko==3.5.0 (已无活跃引用)
- 删除 server/infrastructure/ssh/pool.py (DEPRECATED, 无引用)
连接池三层对齐 (config.py/.env.example/session.py):
- DB_POOL_SIZE 100→160, DB_MAX_OVERFLOW 100→120
- 基于 MySQL max_connections=400, install.php 公式
文档修复 (21项):
- P0: 硬编码域名/IP替换为配置变量占位符
- P1: 10个过时设计文档加归档标注 (引用旧文件结构)
- P2: step-3-webssh报告 paramiko引用修正
- 6份审查报告连接池参数勘误 100/100→160/120
- ECC安全报告 EC5 datetime.utcnow 标记已修复
- docs/README.md 文档索引重写
- docs/memory/mem_nexus_overview.md 移除硬编码凭证
- docs/project/tech-stack-inventory.md paramiko标记已移除
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 08:19:56 +08:00
Your Name
302fdcc1a1
test: update E2E test suite for v6 API + JWT auth
...
- Login first to acquire JWT token for all protected routes
- Use correct v6 API paths (/api/presets/, /api/schedules/, /api/scripts/)
- Add tests for: scripts CRUD, schedules toggle, settings, audit, sync browse
- Remove obsolete password-presets and retry-jobs paths
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 00:39:03 +08:00
Your Name
5590391779
feat: Nexus Agent rebrand + server_id + exec endpoint + trigger_type
...
Nexus CI/CD / test (push) Waiting to run
Nexus CI/CD / deploy (push) Blocked by required conditions
Nexus Pre-commit Checks / quick-check (push) Waiting to run
Agent (agent.py):
- Rebrand MultiSync → Nexus throughout
- Add server_id to heartbeat payload (required by backend AgentHeartbeat schema)
- Add /exec endpoint for remote command execution via Nexus
- Update heartbeat fields to match backend: cpu_usage, mem_usage, disk_usage
- Use 60s default interval (matches CLAUDE.md spec)
Agent (agent.sh):
- Rebrand, add SERVER_ID env var, send in heartbeat payload
- Update service name to nexus-agent
Agent (install.sh):
- Rebrand, add --id parameter for server_id
- Write server_id to config.json
- Service name: nexus-agent
- Add config.example.json for reference
SyncEngineV2:
- Add trigger_type parameter to sync_files() (was hardcoded "manual")
- Schedule/retry runners can now pass "schedule"/"retry" trigger types
Nginx:
- Add /agent/ to static asset locations for agent file downloads
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 00:37:39 +08:00
Your Name
56993e4f98
fix: auth logout, Nginx configs, missing dependency, CORS
...
- auth: logout endpoint now accepts refresh_token (was admin_id which
frontend can't know) — added logout_by_token() to AuthService
- api.js: sendBeacon uses Blob with application/json content-type
(was sending text/plain which FastAPI couldn't parse)
- Nginx: fixed SPA fallback to 404 (not SPA), added install.php
PHP-FPM handler, added production HTTPS config for api.synaglobal.vip
- requirements: added cryptography==44.0.0 (used by crypto.py but
was missing from requirements.txt)
- models: removed unused Fernet import from domain models
- CORS: added http://api.synaglobal.vip origin
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 00:30:28 +08:00
Your Name
cd3c35b5e6
fix: add per-field save buttons to settings page
...
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 00:04:29 +08:00
Your Name
f0c586a345
feat: complete frontend interactive features + unified sidebar
...
- credentials: add credential CRUD form (type, host, port, user, password, db)
- schedules: add enable/disable toggle, edit modal, server selection
- retries: add status badges, retry progress bar, error display, refresh
- audit: add action filter dropdown, IP column, better status badges
- settings: reorganize into sections (brand/alert/infra/telegram)
- servers: add/edit modal with full form fields
- scripts: add execute modal + delete button
- All pages: unified sidebar with all nav items + hover states
- install.php: fix post-AdminLTE removal link paths
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-22 00:02:46 +08:00
Your Name
00a6491e59
chore: remove AdminLTE PHP frontend (keep only install.php)
...
All functionality now covered by web/app/*.html (Alpine.js + Tailwind).
Deleted: 29 PHP pages, ace editor, chart.min.js, app.js, style.css.
Kept: install.php (installation wizard with DB table creation + .env write).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 23:42:21 +08:00
Your Name
7caa880ebd
feat: unified api.js auth + Pydantic models + JWT security hardening
...
- All Alpine.js pages now use shared api.js for JWT auto-refresh (9 pages)
- Dashboard uses /servers/stats endpoint instead of fetching all servers
- Replaced all raw dict params with Pydantic models (agent, settings, presets)
- Added AgentHeartbeat, AgentExec, SettingUpdatePayload, DbCredentialCreate schemas
- JWT decode now requires exp+sub claims; better error logging
- ServerService.push_to_servers delegates to SyncService.batch_push
- SyncService handles None audit_repo/retry_repo gracefully
- Branding: web/app.js + web/style.css MultiSync→Nexus
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 23:38:01 +08:00
Your Name
a584792603
feat: Pydantic request models + pagination + JWT auto-refresh
...
- server/api/schemas.py: New shared Pydantic models for all API routes
(ServerCreate/Update/Push/Check, SyncFiles/Commands/Config/Sftp/Browse,
ScriptCreate/Update/Execute, ScheduleCreate/Update, PlatformCreate/Update,
NodeCreate/Update, PaginatedResponse)
- servers.py: Replace raw dict with Pydantic models, add pagination
(page/per_page params, response now includes items/total/pages)
- sync_v2.py: Replace raw dict with SyncFiles/Commands/Config/Sftp/Browse
- scripts.py: Replace raw dict with ScriptCreate/Update/Execute
- assets.py: Replace raw dict with PlatformCreate/Update, NodeCreate/Update
- web/app/api.js: Shared JS auth module with JWT auto-refresh (2min
before expiry), 401 retry with refresh token, doLogout with
sendBeacon to backend, backward-compatible ah() alias
- web/app/servers.html: Use api.js, handle paginated response format
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 23:18:49 +08:00
Your Name
1a27327036
fix: PHP frontend JWT auth + API endpoints + missing tables + branding
...
- login.php: Fix JWT response format (success/access_token vs status=ok),
store JWT tokens in session, support TOTP 202 flow
- api_client.php: Dual auth (JWT Bearer + X-API-Key fallback), add
auto-refresh on 401, fix API endpoints (checkServerHealth → array,
getServerLogs, getAuditLogs, getDashboardStats field mapping)
- api_proxy.php: Fix check_all to use /api/servers/check (not per-server),
fix get_logs to support global endpoint, restart_multisync → restart_nexus
- install.php: Add 4 missing tables (platforms, nodes, ssh_sessions,
command_logs), fix table creation order for FK dependencies, add JWT
columns to admins, add new indexes, add platform_id/node_id/protocols/
extra_attrs/connectivity to servers
- logout.php: Call /api/auth/logout to invalidate JWT refresh token
- index.php: Use JWT Bearer auth for API calls
- server_service.py: Implement real check_all_servers with concurrent
httpx Agent health checks (was stub)
- servers.py: Add GET /api/servers/logs global sync logs endpoint
- Branding: MultiSync → Nexus across all PHP files (sidebar, titles,
TOTP issuer, version strings)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 23:11:30 +08:00
Your Name
814e11588e
feat: P1 background tasks + server stats endpoint
...
1. schedule_runner.py: cron-based schedule execution every 60s
- Parses 5-field cron expressions (*, */N, ranges, lists)
- Triggers SyncEngineV2.sync_files for due schedules
- Prevents re-trigger within same minute
2. retry_runner.py: automatic retry of failed pushes every 5min
- Exponential backoff (60s base, doubles per retry, max 64x)
- Respects max_retries from PushRetryJob model
3. GET /api/servers/stats: dashboard aggregation endpoint
- Returns total/online/offline counts + category breakdown
- Reads real-time status from Redis, falls back to MySQL
- Registered before /{id} to avoid path collision
4. main.py: register schedule_runner + retry_runner as background tasks
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 22:58:17 +08:00
Your Name
73c1776e1e
fix: P0 critical runtime issues
...
1. conftest.py: add missing `from server.main import app` import
2. dependencies.py: get_db() reuses middleware session instead of
creating independent AsyncSessionLocal (fixes double-session bug)
3. auth_jwt.py: get_optional_admin uses request.state.db instead of
creating leaked AsyncSessionLocal session
4. config.py: default DATABASE_URL uses mysql+aiomysql (not pymysql)
5. sync_engine_v2.py: sanitize config keys with regex, escape values
to prevent command injection in sync_config
6. sync_v2.py: add POST /api/sync/browse endpoint for remote dir listing
7. files.html: browseDir calls real API instead of placeholder stub
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 22:54:35 +08:00
Your Name
ead4b2580f
fix: 3 code bugs + test fixes (46/46 passing)
...
Nexus CI/CD / test (push) Waiting to run
Nexus CI/CD / deploy (push) Blocked by required conditions
Nexus Pre-commit Checks / quick-check (push) Waiting to run
1. infrastructure/__init__.py: remove nonexistent get_ssh_pool import,
use lazy __getattr__ to avoid triggering MySQL engine at import time
2. auth_service.py + auth_jwt.py: JWT sub field must be string
(PyJWT 2.12+ enforces RFC 7519), decode with int() conversion
3. session.py: lazy engine init — engine created on first access
instead of module import time, allows testing without MySQL
4. Tests: fix Column default assertions (SQLAlchemy defaults only
apply on DB INSERT), fix Request.url mock for Starlette
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 22:30:34 +08:00
Your Name
3ba85986ed
docs: update 194 skill files with cleaned group tags + metadata
...
All skill files group labels cleaned (no duplicates, no garbled text).
CMS developer renamed to frontend developer in AG group.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 22:12:57 +08:00
Your Name
3ecd3d75d4
docs: reports + research + team roster + tech-stack evaluation
...
Add implementation progress reports, review reports (CTO/quality/deploy),
session log, signoff table, team roster, collaboration charter,
tech-stack evaluation and inventory, research reports.
Remove obsolete multisync_server.py.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 22:12:29 +08:00
Your Name
539c33ef42
feat: Nexus 6.0 6-step implementation (Step 0-5)
...
Step 0: Infrastructure hardening — Redis BlockingConnectionPool,
WebSocket two-layer (memory+Redis Pub/Sub), JWT auth, DB session leak fix
Step 1: Data layer — 4 new tables (platforms/nodes/command_logs/ssh_sessions),
data migration (category→Node), repos + API routes
Step 2: Auth layer — JWT middleware on all routes, TOTP JWT integration
Step 3: Web SSH — asyncssh connection pool, /ws/terminal endpoint,
xterm.js frontend, Koko protocol
Step 4: Sync engine v2 — file/command/config/SFTP modes, parallel execution
Step 5: Frontend migration — 12 Tailwind CSS v4 + Alpine.js pages,
PHP-FPM removal from nginx config
21 Python backend + 12 HTML frontend + 2 deploy configs + 3 test files
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 22:11:38 +08:00
Your Name
e5b0c2d4ef
ci: restore gitea workflows
2026-05-21 05:55:02 +08:00
Your Name
4cfed27bf7
docs: superpowers design specs + plans
2026-05-21 05:50:24 +08:00
Your Name
003ca96f07
tests: load_test + quick_load + test_api
2026-05-21 05:49:05 +08:00
Your Name
9e20898fd0
mcp: multisync_server + bridge + firefox
2026-05-21 05:48:19 +08:00
Your Name
cad49e6de1
docs: memory knowledge base + settings
2026-05-21 05:47:42 +08:00
Your Name
06f1e9ee07
docs: 194 team skills
2026-05-21 05:43:51 +08:00
Your Name
55e14805de
install.php: auto-detect site URL + simplified DB config + auto-configure process guardian
...
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-21 05:42:55 +08:00
Your Name
ae94101eb8
docs: add CLAUDE.md project memory for agent continuity
2026-05-20 17:29:02 +08:00
Your Name
f9045a8404
refactor: 仓库结构扁平化 + PHP前端合并到Nexus仓库
...
- 将 Nexus/Nexus/* 移到仓库根目录(消除双层嵌套)
- 删除旧的多层空壳目录 (server/, web/, agent/, deploy/, docs/)
- 将PHP前端 (web/) 合并进Nexus仓库 — 统一管理
- 部署时 git clone Nexus 仓库即可,不再需要两个仓库
目录结构:
server/ ← Python FastAPI后端
web/ ← PHP前端 (install.php, config.php, etc)
deploy/ ← Supervisor + Shell健康检查
docs/ ← 部署文档
tests/ ← 测试
.env ← 不在git中 (install.php生成)
.gitignore ← 排除 .env, SECRETS.md
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-20 17:24:21 +08:00