Runs nats-server with --jetstream and monitoring on port 8222.
Headless service for StatefulSet DNS, ClusterIP service for app connections.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Ephemeral cache with no PVC. Includes redis-cli ping probes for
liveness and readiness.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Includes ConfigMap for init.sql (TimescaleDB extension, app_user and
poller_user role creation), StatefulSet with liveness/readiness probes,
and headless Service for stable DNS.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Three PVCs with configurable size and storageClass. Wireguard PVC is
conditional on wireguard.enabled.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Single Secret with all sensitive values (JWT, encryption keys, DB
passwords, SMTP credentials, poller DB URL). Single ConfigMap with
all non-sensitive config including URL helpers and optional value guards.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Instruments setup.py to send per-step diagnostic events to the TOD
telemetry collector when the user opts in. Uses a shared static token
with no registration flow — fully anonymous.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace placeholder "coming soon" pages with functional implementations
that query the fleet APIs and display real-time wireless issues and
resource consumption data.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Full visual overhaul spec — new color system, typography (Manrope + IBM
Plex Mono), component language, layout restructure with Context Strip,
and 4-phase implementation plan. WCAG AA compliant in both modes.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- WifiPanel: revert useEffect back to useState initializer (avoids
synchronous setState in effect)
- Device detail: avoid Date.now() during render for push alert check
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
kms_service.py does not exist and Transit encryption was never
implemented for SMTP passwords, making the decrypt_transit code path
unreachable. Remove it entirely and leave only the Fernet fallback.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add error checking to all three write calls in bridge.go. A write
failure now terminates that goroutine's copy loop and triggers cancel,
which lets the other goroutines clean up naturally.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Remove 7 no-op exported stubs from toast.tsx (ToastProvider, ToastViewport,
Toast, ToastTitle, ToastDescription, ToastClose, useToasts) — nothing imports them
- Remove fwFailKey variable and its Set() call from worker.go — the
firmware:check-failed Redis key was never read anywhere
- Remove unused deviceStore and credCache fields from tunnel.Manager struct
and drop corresponding parameters from NewManager(); update call site in
main.go and all test usages
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
