A5: Extract all route groups into Flask blueprints (app.py -1735 lines)

Extract 9 route groups out of app.py into routes/ blueprints: - routes/network.py — DNS, DHCP, NTP, network info/test (10 routes) - routes/wireguard.py — WireGuard keys, peers, config, enforcement (18 routes) - routes/cells.py — cell-to-cell connections (5 routes) - routes/peers.py — peer CRUD + IP update + _next_peer_ip helper (10 routes) - routes/routing.py — NAT, peer routes, firewall, iptables (17 routes) - routes/vault.py — certs, trust, secrets (19 routes) - routes/containers.py — containers, images, volumes (14 routes) - routes/services.py — service bus, logs, services status/connectivity (18 routes) - routes/peer_dashboard.py — peer-scoped dashboard/services (2 routes) All blueprints use lazy `from app import X` inside route bodies to preserve test patch compatibility (patch('app.email_manager', mock) still works). Also included in this commit: - A1 fix: backup/restore now includes email/calendar user files - A2 fix: apply_config sets applying=True flag via helper container - A3 fix: add_peer rolls back firewall on DNS failure app.py reduced: 3011 → 1294 lines. 1021 tests passing. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-01 06:11:21 -04:00
parent d54844cd44
commit 09138fbc18
16 changed files with 2108 additions and 2072 deletions
@@ -235,6 +235,20 @@ class ConfigManager:
                for zone_file in dns_data.glob('*.zone'):
                    shutil.copy2(zone_file, zones_dir / zone_file.name)

+            # Service-specific user account files (authoritative source of truth —
+            # cell_config.json only carries a best-effort sync of these).
+            svc_user_files = [
+                (data_dir / 'email'    / 'users.json',     'email_users.json'),
+                (data_dir / 'calendar' / 'users.json',     'calendar_users.json'),
+                (data_dir / 'calendar' / 'calendars.json', 'calendar_calendars.json'),
+            ]
+            for src, dest_name in svc_user_files:
+                if src.exists():
+                    try:
+                        shutil.copy2(src, backup_path / dest_name)
+                    except (PermissionError, OSError) as e:
+                        logger.warning(f"Could not back up {src.name}: {e} (skipping)")
+
            services = ['identity'] + list(self.service_schemas.keys())
            manifest = {
                "backup_id": backup_id,
@@ -316,6 +330,20 @@ class ConfigManager:
                except (PermissionError, OSError) as dir_err:
                    logger.warning(f"Could not create dns data dir {dns_data}: {dir_err} (skipping)")

+            # Service-specific user account files
+            svc_restore_map = [
+                (backup_path / 'email_users.json',        data_dir / 'email'    / 'users.json'),
+                (backup_path / 'calendar_users.json',     data_dir / 'calendar' / 'users.json'),
+                (backup_path / 'calendar_calendars.json', data_dir / 'calendar' / 'calendars.json'),
+            ]
+            for src, dest in svc_restore_map:
+                if src.exists():
+                    try:
+                        dest.parent.mkdir(parents=True, exist_ok=True)
+                        shutil.copy2(src, dest)
+                    except (PermissionError, OSError) as e:
+                        logger.warning(f"Could not restore {dest.name}: {e} (skipping)")
+
            self.configs = self._load_all_configs()
            logger.info(f"Restored configuration from backup: {backup_id}")
            return True