porsche/vmis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
22 Commits 1 Branch 0 Tags
230037d1bc2f222a4424d42338e26266fcacd3a2
Commit Graph

17 Commits

Author SHA1 Message Date
VMIS Developer
230037d1bc feat: OO 容器範本加入主機字型 bind mount,新租戶自動掛載繁中字型 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-16 14:08:49 +08:00
VMIS Developer
5662e08218 fix: Traefik 路由範本加入 /login OIDC redirect 
- manager 和一般租戶都加入 {code}-login 路由 (priority 300)
- 加入 {code}-oidc-redirect middleware 自動導向 user_oidc/login/1
- 修正 NC 無法透過 /login 觸發 SSO 的問題

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-16 12:50:33 +08:00
VMIS Developer
47e24dbca9 fix: schedule_account realm 改用 tenant.code,mail 連線改用 mailserver + starttls 
- realm: 移除 tenant.keycloak_realm fallback,直接用 tenant.code (與 Keycloak realm 一致)
- IMAP: 10.1.0.254:143/none → mailserver:143/starttls
- SMTP: 10.1.0.254:587/none → mailserver:587/starttls

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-16 07:11:35 +08:00
VMIS Developer
60e85f565a fix: deploy directory uses {code}-test for trial environment 
測試環境 deploy 目錄改為 {code}-test,避免與正式環境同 code 租戶衝突。
ssh_compose_up 也傳入正確的 deploy_name。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-16 01:45:44 +08:00
VMIS Developer
1ee0e98243 fix: traefik YAML filename uses {code}-test.yml for trial/test environment 
正式: {code}.yml, 測試: {code}-test.yml,與容器命名一致

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-16 01:38:02 +08:00
VMIS Developer
d60b62cbbc fix: use tenant.code as realm name, remove keycloak_realm fallback 
realm = tenant.code (管理中心容器命名統一以 code 為依據)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-16 01:29:12 +08:00
VMIS Developer
cbfdd0e734 fix: rename management center containers to {realm}[-test] convention 
- docker/vmis: container_name vmis-backend → vmis
- docker/vmis-test: container_name vmis-backend-test → vmis-admin-test
- route YAML: vmis_backend_url uses realm dynamically (http://{realm}:10281)

All containers now follow consistent naming: nc-{realm}, oo-{realm}, {realm}

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-16 00:43:16 +08:00
VMIS Developer
47805b202f feat: add vmis-backend-test container config and fix test env route 
- Add docker/vmis-test/ with separate .env (10.1.0.20:5433) and docker-compose
- Route YAML: is_active=False → vmis-backend-test, is_active=True → vmis-backend
- Test and production managers now use independent backend containers

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 23:48:26 +08:00
VMIS Developer
164b8f7ca8 fix: manager tenant root → NC Drive, /admin → vmis-backend (correct route) 
Reverts incorrect redirect: root path now serves NC Drive directly.
Manager tenant routes: /admin (priority 200) → vmis-backend, /api (priority 200) → vmis-backend, / → NC container.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 23:33:34 +08:00
VMIS Developer
cf1e26c2e9 revert: all tenants (including manager) need NC+OO containers 
Manager tenant is a real company tenant with employees who need
NC Drive + OO. is_manager only controls admin portal access and
Traefik route inclusion, not whether NC/OO infrastructure is needed.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 22:33:25 +08:00
VMIS Developer
3ee7f72f52 fix: manager tenant root path redirects to /admin, no NC drive route 
Manager tenant has no NC container. Root path now redirects to /admin/
instead of pointing to nc-vmis:80 (Bad Gateway). Route structure:
- / → redirect to /admin/
- /admin/* → vmis-backend (StripPrefix)
- /api/* → vmis-backend

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 21:52:40 +08:00
VMIS Developer
c96057c1b3 fix: skip NC/Mail steps for manager tenant in account scheduler 
Manager tenant accounts don't have an NC container, so NC user
creation and Mail setup should be skipped (marked as success).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 21:18:56 +08:00
VMIS Developer
5d4e8087fb fix: skip NC/OO/quota steps for manager tenant in scheduler 
Manager tenant (is_manager=True) only needs Traefik route + SSO + Mailbox.
NC and OO containers should not be created for the manager tenant.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:32:12 +08:00
VMIS Developer
92ee91019e fix: use environment-specific PostgreSQL port (5432 prod / 5433 trial) 
PG_PORT was hardcoded to 5433 (trial env), causing scheduler to fail
connecting to production PostgreSQL which listens on 5432.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:03:02 +08:00
VMIS Developer
8eb3909ca9 feat(deploy): 正式環境部署設定 
- frontend/api.js: API URL 自動判斷 (localhost=dev, 其他=相對路徑 /api/v1)
- main.py: 加入 StaticFiles 掛載 admin-portal,CORS 開放
- schedule_tenant: Traefik 路由範本更新
  - 管理租戶加入 /api 路由 (priority 200)
  - /admin 加入 StripPrefix middleware
  - admin 服務改指向 vmis-backend:10281
- docker/vmis: 新增 Dockerfile + docker-compose.yml

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 18:11:31 +08:00
VMIS Developer
62baadb06f feat(vmis): 租戶自動開通完整流程 + Admin Portal SSO + NC 行事曆訂閱 
Backend:
- schedule_tenant: NC 新容器自動 pgsql 安裝 (_nc_db_check 全新容器處理)
- schedule_tenant: NC 初始化加入 Redis + APCu memcache 設定 (修正 OIDC invalid_state)
- schedule_tenant: 新租戶 KC realm 自動設定 accessCodeLifespan=600s (修正 authentication_expired)
- schedule_account: NC Mail 帳號自動設定 (nc_mail_result/nc_mail_done_at)
- schedule_account: NC 台灣國定假日行事曆自動訂閱 (CalDAV MKCALENDAR)
- nextcloud_client: 新增 subscribe_calendar() CalDAV 訂閱方法
- settings: 新增系統設定 API (site_title/version/timezone/SSO/Keycloak)
- models/result: 新增 nc_mail_result, nc_mail_done_at 欄位
- alembic: 遷移 002(system_settings) 003(keycloak_admin) 004(nc_mail_result)

Frontend (Admin Portal):
- 新增完整管理後台 (index/tenants/accounts/servers/schedules/logs/settings/system-status)
- api.js: Keycloak JS Adapter SSO 整合 (PKCE/S256, fallback KC JS 來源, 自動 token 更新)
- index.html: Promise.allSettled 取代 Promise.all,防止單一 API 失敗影響整頁
- 所有頁面加入 try/catch + toast 錯誤處理
- 新增品牌 LOGO 與 favicon

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 15:31:37 +08:00
VMIS Developer
42d1420f9c feat(backend): Phase 1-4 全新開發完成,37/37 TDD 通過 
[Phase 0 Reset]
- 清除舊版 app/、alembic/versions/、雜亂測試腳本
- 新 requirements.txt (移除 caldav/redis/keycloak-lib,加入 apscheduler/croniter/docker/paramiko/ping3/dnspython)

[Phase 1 資料庫]
- 9 張資料表 SQLAlchemy Models:tenants / accounts / schedules / schedule_logs /
  tenant_schedule_results / account_schedule_results / servers / server_status_logs / system_status_logs
- Alembic migration 001_create_all_tables (已套用到 10.1.0.20:5433/virtual_mis)
- seed.py:schedules 初始 3 筆 / servers 初始 4 筆

[Phase 2 CRUD API]
- GET/POST/PUT/DELETE: /api/v1/tenants / accounts / servers / schedules
- /api/v1/system-status
- 帳號編碼自動產生 (prefix + seq_no 4碼左補0)
- 燈號 (lights) 從最新排程結果取得

[Phase 3 Watchdog]
- APScheduler interval 3分鐘,原子 UPDATE status=Going 防重複執行
- 手動觸發 API: POST /api/v1/schedules/{id}/run

[Phase 4 Service Clients]
- KeycloakClient:vmis-admin realm,REST API (不用 python-keycloak)
- MailClient:Docker Mailserver @ 10.1.0.254:8080,含 MX DNS 驗證
- DockerClient:docker-py 本機 + paramiko SSH 遠端 compose
- NextcloudClient:OCS API user/quota
- SystemChecker:功能驗證 (traefik routers>0 / keycloak token / SMTP EHLO / DB SELECT 1 / ping)

[TDD]
- 37 tests / 37 passed (2.11s)
- SQLite in-memory + StaticPool,無需外部 DB

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-14 13:10:15 +08:00