- MapPin icon and Sites nav link in sidebar Fleet section
- Tenant index shows Sites count card in 3-column grid
- "Manage sites" link added to tenant index bottom links
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- SiteTable with sortable columns, search, delete confirmation, unassigned row
- Site list page at /tenants/{tenantId}/sites with create/edit dialogs
- Site detail page at /tenants/{tenantId}/sites/{siteId} with health stats
- Route tree regenerated for new site routes
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Sites API client with CRUD, device assignment, and bulk-assign methods
- SiteFormDialog handles create and edit with mutation and cache invalidation
- Form fields: name, address, lat/lng, elevation, notes
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add site_service with CRUD, health rollup, device assignment functions
- Add sites router with 8 endpoints (CRUD + assign/unassign/bulk-assign)
- RBAC: viewer for reads, operator for writes, tenant_admin for delete
- Wire sites_router into main.py with /api prefix
- Health rollup computes device_count, online_count, online_percent per site
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add migration 030 with sites table, RLS policy, and device site_id FK
- Add Site SQLAlchemy model with tenant isolation
- Add site_id nullable FK and relationship to Device model
- Add sites relationship to Tenant model
- Register Site in models __init__.py
- Add SiteCreate, SiteUpdate, SiteResponse, SiteListResponse schemas
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Swap 9 old screenshots for 8 new ones showing fleet dashboard, traffic,
firmware management, config templates, device detail, interface
utilization, device health, and traffic analytics. Update carousel
markup with Deep Space card styling.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace CSS variables, hardcoded colors, font families, syntax token
colors, and banner styling. Swap Google Fonts for self-hosted Manrope
and IBM Plex Mono woff2 files. Update theme-color meta tags and remove
testing-banner--light variant across all 19 HTML files.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add device_id to the audit log API response and frontend type, then
use DeviceLink to make device hostnames navigable in AuditLogTable.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
12 hours of mock device polling produced rich metrics data.
Dashboards show real bandwidth, device counts, and events.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
These are local-only planning docs, already in .gitignore.
Files were committed before the gitignore entry was added.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New SEO page targeting "open source mikrotik management" keyword.
Added to sitemap with 0.8 priority. Cross-linked from existing
centralized management page.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fourth blog post covering a NATS JetStream memory issue found
during 100-device simulation testing.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Without a byte limit, the stream grows unbounded within its 24h
max_age window. At 101 devices polling every 60s, it hits 128MB
in ~10 hours and OOMs the NATS container.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Mock RouterOS server and screenshot automation live here
but should not be in the public repo.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace all screenshots with Deep Space dark theme captures.
New tenants: Lebowski Lanes, MXC Studios, Irken Empire.
Login screenshot now shows Secret Key fields.
Remove old Stranger's Ranch screenshot.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Third blog post covering current capabilities, limitations, and
design philosophy. Factual inventory of what works, what's rough,
and what's missing entirely.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add Kubernetes/Helm deployment section to DEPLOYMENT.md, telemetry
environment variables to CONFIGURATION.md, telemetry privacy details
to SECURITY.md, telemetry bullet to README quick start, and fix Go
version from 1.24 to 1.25 in docs/README.md.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Secret resource now named with -secrets suffix to match all template refs
- Add CREDENTIAL_ENCRYPTION_KEY to migration init container (VPN migration needs it)
- Fix postgres secretKeyRef to use -secrets suffix
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Local override values with pullPolicy: Never, dev environment,
disabled ingress/wireguard, and placeholder secrets. File is gitignored
since it contains dev credentials; exists only on local machines.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Post-install notes cover OpenBao initialization/unseal workflow,
ingress or port-forward access, admin credentials, and health check.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Routes /api, /docs, /metrics to API service and / to frontend,
with optional TLS and annotation support.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Privileged deployment with NET_ADMIN, sysctl ip_forward, tun device
mount, and UDP LoadBalancer service on port 51820.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Go poller with NET_ADMIN capability, configmap envFrom, and secret
refs for DATABASE_URL (poller_user), OPENBAO_TOKEN, and encryption key.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Simple nginx-based deployment serving the React SPA on port 80,
no runtime env or volumes required.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Includes two init containers (VPN route setup, Alembic migrations),
secret refs for JWT/encryption/OpenBao/SMTP, and PVC mounts for
git-store, firmware-cache, and wireguard config.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
File-backed storage, IPC_LOCK capability for mlock, startup/liveness/
readiness probes. Config mounted via subPath from ConfigMap.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
