ada22e6017
security: upgrade some package versions
Push -> develop / Build Docker images (push) Failing after 13s
Push -> develop / Deploy (push) Has been skipped
Push -> develop / Notify on result (push) Successful in 0s
2026-06-23 03:20:58 +00:00
f971c4cdaa
ci: update failover
Push -> develop / Build Docker images (push) Successful in 9s
Push -> develop / Deploy (push) Successful in 19s
Push -> develop / Notify on result (push) Successful in 0s
2026-06-23 03:04:59 +00:00
f58ec37b8a
ci: update source path
Push -> develop / Build Docker images (push) Successful in 2m52s
Push -> develop / Deploy (push) Successful in 7s
Push -> develop / Notify on result (push) Successful in 0s
2026-06-23 02:44:17 +00:00
8d2ce300a0
ci: update source path
Push -> develop / Build Docker images (push) Successful in 26s
Push -> develop / Rolling deploy (push) Failing after 3s
Push -> develop / Notify on result (push) Successful in 0s
2026-06-23 01:38:32 +00:00
47a8501885
ci: install versioned trivy+gitleak
Push -> develop / Build Docker images (push) Successful in 47s
Push -> develop / Rolling deploy (push) Failing after 3s
Push -> develop / Notify on result (push) Successful in 0s
2026-06-23 01:27:55 +00:00
35730d14a6
ci: fix docker runner
Push -> develop / Build Docker images (push) Failing after 2m49s
Push -> develop / Rolling deploy (push) Has been skipped
Push -> develop / Notify on result (push) Successful in 0s
2026-06-23 01:21:50 +00:00
c335a60f02
ci: fix runner node
Push -> develop / Build Docker images (push) Failing after 2s
Push -> develop / Rolling deploy (push) Has been skipped
Push -> develop / Notify on result (push) Successful in 0s
2026-06-23 01:17:36 +00:00
SangNguyen
c4da5ab594
ci: add gitea + runner
Push -> develop / Build Docker images (push) Failing after 8s
Push -> develop / Rolling deploy (push) Has been skipped
Push -> develop / Notify on result (push) Successful in 1s
2026-06-23 00:26:00 +00:00
SangNguyen
a02669118a
Merge remote-tracking branch 'refs/remotes/origin/ci/deploy' into ci/deploy
2026-06-20 04:25:35 +00:00
SangNguyen
bd402a225f
add inventory
2026-06-20 04:25:16 +00:00
78de3601c8
ci + ansible
2026-06-20 11:24:27 +07:00
966578ed58
ci + ansible
2026-06-20 11:06:27 +07:00
coryHawkvelt
a6d74d9316
fix: prevent ghost memberships from soft-deleted users
2026-06-10 05:30:24 +00:00
coryHawkvelt
05589ce442
cli: Add multi org support for issuing certs, add testing
2026-06-05 06:23:12 +00:00
coryHawkvelt
f002f4e495
feat: expose ZT reconciliation drift metrics in job output
2026-06-02 04:32:55 +00:00
coryHawkvelt
66df4b6ab5
feat: add deactivation reason to session termination logs
2026-06-01 16:32:00 +00:00
coryHawkvelt
ccd21ccde4
docs: document suspended membership reinstatement paths
2026-06-01 07:46:04 +00:00
coryHawkvelt
55f24ea9e5
feat: hide invite-only networks from non-admin users in listing
2026-05-30 06:40:49 +00:00
coryHawkvelt
2aad17f5e0
feat: add network-level kill switch endpoint
2026-05-30 06:32:26 +00:00
coryHawkvelt
fed72f8bcd
feat: add admin and user session listing endpoints with enriched device/network details
2026-05-29 05:30:51 +00:00
coryHawkvelt
f869f6c06d
feat: send suspension emails and enhanced audit logs for MFA non-compliance
2026-05-29 05:28:13 +00:00
coryHawkvelt
13767d3fa1
fix: add missing ExternalProviderConfig import to models package
2026-05-29 04:58:54 +00:00
coryHawkvelt
cade827b63
feat: return human-friendly names for network members
2026-05-28 10:19:20 +00:00
coryHawkvelt
2c8160d78e
Updated ZeroTier network membership flow and logic
2026-05-28 05:42:04 +00:00
coryHawkvelt
2342a1aab6
Added OIDC client CORS attributes
2026-05-19 15:15:47 +00:00
78bae3c2bb
Improvments to logging\auditing
2026-05-19 10:38:26 +00:00
HawkveltGiteaAdmin
f856aa5aea
Merge pull request #37 from CoryHawkless/oidc-uplift
...
OIDC uplift
2026-05-19 14:48:58 +09:30
815084132f
refactor: standardize audit logging for ISO27001 compliance
2026-05-14 05:59:49 +00:00
417d462fb9
Resolved issue with incorrect method for recording ip_address and user_agent
2026-05-08 09:25:27 +00:00
81a221bd2b
refactor: consolidate login audit logging and add superadmin user audit endpoints
2026-05-08 06:26:32 +00:00
6d794106be
fixed app double loading
2026-05-07 21:20:25 +00:00
c6f36ba62c
feat: add user and event filtering to organization activity endpoint
2026-05-07 20:45:44 +00:00
d100fdff3b
feat: allow admins to bypass approval flow when joining networks
2026-05-07 20:04:08 +00:00
coryHawkvelt
803bf4f4f2
refactor: consolidate user and superadmin sessions into unified model
2026-04-28 20:54:15 +09:30
coryHawkvelt
5abbadff9a
Improve auditing
2026-04-28 17:17:54 +09:30
coryHawkvelt
63a3109a82
oidc-client mk1
2026-04-27 02:44:32 +09:30
HawkveltGiteaAdmin
32d517ea08
Merge pull request #30 from jamesii-b/v1.01/stable
...
Feat: Implemented Known hosts via CLI & Fix: Permissons for ssh-cert
2026-04-26 22:55:07 +08:00
HawkveltGiteaAdmin
5b799b186f
Merge branch 'main' into v1.01/stable
2026-04-26 22:54:54 +08:00
HawkveltGiteaAdmin
5d94299aaa
Merge pull request #34 from CoryHawkless/cory-wip-session
...
fix(cors): handle wildcard origin with credentials and add unit tests
2026-04-26 22:34:50 +08:00
coryHawkvelt
02e95a4199
feat(organizations): email inviter when membership invite is accepted
...
When a user accepts an org invite, send a notification email to the
person who sent the invite with membership details (member name, email,
org name, role) and an optional View Organization button.
Added build_invite_accepted_html() template to email_templates.py,
wired it into the accept_invite() handler, and added a test case.
2026-04-26 18:36:58 +09:30
coryHawkvelt
d48e6b2f97
feat: add sliding session timeout with idle and absolute caps
2026-04-26 18:12:37 +09:30
HawkveltGiteaAdmin
dfe584b60a
Merge pull request #35 from CoryHawkless/migration-fix
...
Migration fix
2026-04-26 14:42:36 +08:00
coryHawkvelt
adfeb1bd0f
fix: remove redundant unique constraints on id columns from all migrations
...
Remove UniqueConstraint('id') from all create_table calls in the initial
migration (40 occurrences) and the bulk constraint additions from the
superadmin migration (43 create + 43 drop). These were redundant with
PrimaryKeyConstraint('id') which already guarantees uniqueness.
Also removes duplicate unique enforcement on superadmins.email and
superadmin_sessions.token (kept the unique indexes, dropped the
table-level UniqueConstraints).
Fixes the root cause in BaseModel by removing unique=True from the id
column definition, which was causing Alembic autogenerate to produce
these redundant constraints.
Renames idx_cert_audit_org to ix_certificate_audit_logs_organization_id
to follow Alembic naming conventions.
2026-04-26 06:41:33 +00:00
coryHawkvelt
0fb98b4b38
Migration fix
2026-04-26 06:22:05 +00:00
coryHawkvelt
60799bbc52
fix(cors): handle wildcard origin with credentials and add unit tests
...
- Refactor CORS middleware to echo request origin when wildcard + credentials
is configured (browsers reject Access-Control-Allow-Origin: * with
Access-Control-Allow-Credentials: true)
- Add _is_origin_allowed() and _cors_origin_header() helpers
- Use CORS_SUPPORTS_CREDENTIALS config consistently
- Ensure consistent Access-Control-Allow-Headers in all CORS paths
- Fix redirect validation in get_token() to allow wildcard CORS origins
- Add 46 unit tests covering encryption round-trips, idempotency, key
derivation, thread safety, CORS origin matching, and preflight responses
2026-04-26 01:12:39 +09:30
HawkveltGiteaAdmin
01c76ed172
Merge pull request #32 from CoryHawkless/cli-ui
...
Cli UI
2026-04-25 22:45:50 +08:00
coryHawkvelt
9738765258
fix: set 0600 permissions on SSH certificates and challenge files in gatehouse-cli
2026-04-26 00:13:37 +09:30
coryHawkvelt
caf3fd2cd6
feat: add branded OAuth callback screen with auto-close to CLI client
2026-04-26 00:11:47 +09:30
coryHawkvelt
bb977aedf9
test: add API-level coverage for internal helpers, schemas, and service validation
2026-04-25 22:17:41 +09:30
coryHawkvelt
1de10323af
Fixed SSH test cases
2026-04-25 11:01:00 +09:30
sangnn
SangNguyen
sangnn
coryHawkvelt
Ubuntu
HawkveltGiteaAdmin