janpeter/Ops-dashboard
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Ops-dashboard. deployen van repos naar docker
10 commits 9 branches 0 tags 336 KiB
Find a file
Scrum4Me Agent 3cc966c70c fix(tsconfig): exclude ops-agent from Next.js TypeScript check 
ops-agent has its own separate tsconfig and dependencies (fastify, js-yaml)
that are not installed in the root node_modules.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-13 17:28:55 +02:00
app feat(docker): agent-client helper, Docker container list page 2026-05-13 17:27:35 +02:00
components/ui feat: Next.js + Tailwind + shadcn/ui project skeleton 2026-05-13 16:59:21 +02:00
deploy feat(auth): shared-secret auth web-app → ops-agent 2026-05-13 17:22:37 +02:00
lib feat(docker): agent-client helper, Docker container list page 2026-05-13 17:27:35 +02:00
ops-agent feat(auth): shared-secret auth web-app → ops-agent 2026-05-13 17:22:37 +02:00
prisma feat: Prisma schema, migrations en seed voor auth en audit-log 2026-05-13 17:04:27 +02:00
public feat: Next.js + Tailwind + shadcn/ui project skeleton 2026-05-13 16:59:21 +02:00
.dockerignore feat: Dockerfile, deploy configs en Caddy-block voor ops.jp-visser.nl 2026-05-13 17:12:37 +02:00
.env.example feat(auth): shared-secret auth web-app → ops-agent 2026-05-13 17:22:37 +02:00
.gitignore feat: Prisma schema, migrations en seed voor auth en audit-log 2026-05-13 17:04:27 +02:00
AGENTS.md feat: Next.js + Tailwind + shadcn/ui project skeleton 2026-05-13 16:59:21 +02:00
CLAUDE.md feat: Next.js + Tailwind + shadcn/ui project skeleton 2026-05-13 16:59:21 +02:00
components.json feat: Next.js + Tailwind + shadcn/ui project skeleton 2026-05-13 16:59:21 +02:00
Dockerfile feat: Dockerfile, deploy configs en Caddy-block voor ops.jp-visser.nl 2026-05-13 17:12:37 +02:00
next.config.ts feat: Dockerfile, deploy configs en Caddy-block voor ops.jp-visser.nl 2026-05-13 17:12:37 +02:00
package-lock.json feat: Prisma schema, migrations en seed voor auth en audit-log 2026-05-13 17:04:27 +02:00
package.json feat: Prisma schema, migrations en seed voor auth en audit-log 2026-05-13 17:04:27 +02:00
postcss.config.mjs feat: Next.js + Tailwind + shadcn/ui project skeleton 2026-05-13 16:59:21 +02:00
prisma.config.ts feat: Prisma schema, migrations en seed voor auth en audit-log 2026-05-13 17:04:27 +02:00
proxy.ts feat: login page, session management, auth API routes en proxy guard 2026-05-13 17:10:07 +02:00
README.md feat(auth): shared-secret auth web-app → ops-agent 2026-05-13 17:22:37 +02:00
tsconfig.json fix(tsconfig): exclude ops-agent from Next.js TypeScript check 2026-05-13 17:28:55 +02:00

README.md

Ops Dashboard

Single-user ops dashboard voor jp-visser.nl.

See docs/runbooks/ for setup, deployment, and operational procedures.

Ops-agent auth

The web-app communicates with the ops-agent via a shared secret stored in /etc/ops-agent/secret (mode 0640, owner root:ops-agent).

  • The ops-agent reads the secret at startup via OPS_AGENT_SECRET_PATH.
  • Every request from the web-app carries Authorization: Bearer <secret>.
  • The agent validates using a constant-time comparison to prevent timing attacks.
  • The web-app reads the secret value from the OPS_AGENT_SECRET environment variable.

Secret rotation procedure

  1. Generate a new secret on the server: 
    openssl rand -hex 32 | sudo tee /etc/ops-agent/secret
sudo chown root:ops-agent /etc/ops-agent/secret
sudo chmod 0640 /etc/ops-agent/secret
  2. Update OPS_AGENT_SECRET in the web-app's environment file (/srv/ops/ops-dashboard.env) with the new value.
  3. Restart both services: 
    sudo systemctl restart ops-agent
sudo docker compose -f /srv/ops/docker-compose.ops-dashboard.yml restart ops-dashboard
  4. Verify the dashboard is operational and that systemctl status ops-agent shows the service running without errors.