roof
c41cadafb4
Network Services page is rebuilt around real API data: GET /api/dns/overview returns provider-aware records; per-service Cloudflare sync is exposed via POST /api/ddns/sync; effective domain is displayed so operators can verify what external name resolves to the cell; NTP status reflects the actual systemd-timesyncd state rather than a hardcoded boolean. DHCP is fully decommissioned: the cell-dhcp container is removed from docker-compose.yml, DHCP methods are stripped from network_manager, the setup_cell script no longer seeds DHCP config, and the Settings DHCP field is gone. DHCP was never a PIC responsibility and the container was consuming resources for no benefit. Dead code removed: api/config.py (superseded by config_manager), the standalone Email/Calendar/Files pages (these are now optional store services and do not need dedicated pages). api/constants.py is introduced to hold RESERVED_SUBDOMAINS in one place rather than scattered literals. Docker resource limits (mem_limit, cpus, pids_limit) are added to all compose services so a runaway process cannot starve the host. Makefile gains a warning before the backup target so operators are not surprised by the archive path. Settings same/accept state fix ensures the Cell Identity section correctly shows the accept/discard banner and does not flash a false-positive change indicator on first load. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
14 lines
486 B
Python
14 lines
486 B
Python
"""
|
|
constants — shared project-wide constants.
|
|
|
|
Single source of truth for values that multiple managers must agree on.
|
|
"""
|
|
|
|
# Core PIC infrastructure subdomains — never allow store services to hijack these.
|
|
# 'mail', 'calendar', 'files', 'webdav', 'webmail' are intentionally absent:
|
|
# they belong to official PIC store services and must be claimable by them.
|
|
RESERVED_SUBDOMAINS = frozenset({
|
|
'api', 'webui', 'admin', 'www', 'ns1', 'ns2',
|
|
'git', 'registry', 'install',
|
|
})
|