pic/api at bd71466a879933700adc2e2d22d73a56ccfc7c48 - pic - Gitea: Git with a cup of tea

roof/pic

Files

T

History

roof bd71466a87

Unit Tests / test (push) Successful in 7m31s

Details

fix: split-horizon DNS zone uses WireGuard IP, not Docker bridge IP

VPN peers can reach Caddy via the host's WireGuard interface (10.0.0.1),
not via the Docker bridge IP (172.20.0.2) which is unreachable outside
the container network. _bootstrap_dns now calls _get_wg_server_ip()
instead of ip_utils.get_service_ips() so the internal zone returns a
routable address for service subdomains.

Also log config save failures instead of silently swallowing them —
the silent PermissionError/OSError was masking write failures and
making it impossible to diagnose why installed services disappeared
after container restarts.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-06-08 02:11:01 -04:00

..

fix: WireGuard routing, DNS, service access, and UI improvements

2026-04-20 12:43:23 -04:00

fix: DDNS update token in body, webdav gating, regression tests

2026-06-07 16:56:12 -04:00

account_manager.py

fix: fall back to cell effective domain when email service domain not configured

2026-06-05 17:06:51 -04:00

API_DOCUMENTATION.md

init

2025-09-12 23:04:52 +03:00

app.py

fix: split-horizon DNS zone uses WireGuard IP, not Docker bridge IP

2026-06-08 02:11:01 -04:00

auth_manager.py

Fix CI unit test failures and DDNS config wiring

2026-05-10 04:20:19 -04:00

auth_routes.py

fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests

2026-04-27 11:30:21 -04:00

base_service_manager.py

fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests

2026-04-27 11:30:21 -04:00

caddy_manager.py

feat: HTTPS cert status, IDENTITY_CHANGED wiring, remove stale ip_utils Caddyfile writes

2026-06-05 11:39:36 -04:00

calendar_manager.py

fix: service credential provisioning and install reliability

2026-06-07 13:41:41 -04:00

cell_cli.py

init

2025-09-12 23:04:52 +03:00

cell_link_manager.py

Fix: use domain_name (FQDN) in cell invite and conflict checks

2026-06-06 11:56:42 -04:00

cell_manager.py

init

2025-09-12 23:04:52 +03:00

config_manager.py

fix: split-horizon DNS zone uses WireGuard IP, not Docker bridge IP

2026-06-08 02:11:01 -04:00

config.py

init

2025-09-12 23:04:52 +03:00

connectivity_manager.py

Implement connectivity store services (wireguard-ext, openvpn-client, tor)

2026-05-30 10:06:48 -04:00

container_manager.py

fix: silent autosave, pending dedup, domain/cell_name pending, containers access

2026-04-24 07:16:13 -04:00

ddns_manager.py

fix: DDNS update token in body, webdav gating, regression tests

2026-06-07 16:56:12 -04:00

Dockerfile

fix: full-tunnel default, real host routing table, peer config tunnel mode

2026-04-20 15:20:55 -04:00

egress_manager.py

feat: add EgressManager — per-service egress enforcement via host iptables

2026-05-30 00:58:47 -04:00

email_manager.py

fix: service credential provisioning and install reliability

2026-06-07 13:41:41 -04:00

enhanced_cli.py

fix: all 214 tests passing (from 36 failures)

2026-04-19 16:43:07 -04:00

file_manager.py

fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests

2026-04-27 11:30:21 -04:00

firewall_manager.py

fix: DNS split-horizon in DDNS mode, service access filter, health check, verbosity persistence

2026-06-07 13:05:58 -04:00

ip_utils.py

fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests

2026-04-27 11:30:21 -04:00

legacy_cleanup.py

feat: Phase 5 — remove legacy service blocks, one-shot container cleanup

2026-05-29 15:57:45 -04:00

log_manager.py

fix: spurious health alerts, show rotated logs, clear history button

2026-04-21 03:05:04 -04:00

managers.py

fix: DNS split-horizon in DDNS mode, service access filter, health check, verbosity persistence

2026-06-07 13:05:58 -04:00

manifest_validator.py

Implement connectivity store services (wireguard-ext, openvpn-client, tor)

2026-05-30 10:06:48 -04:00

network_manager.py

fix: ensure DNS zone changes take effect immediately on startup

2026-06-07 03:41:19 -04:00

peer_registry.py

Phase 5: extended connectivity — WireGuard ext, OpenVPN, Tor exit routing

2026-05-09 10:48:20 -04:00

port_registry.py

feat: port conflict validation, autosave on Apply, extended integration tests

2026-04-24 04:45:47 -04:00

requirements.txt

Fix CI unit test failures and DDNS config wiring

2026-05-10 04:20:19 -04:00

routing_manager.py

feat(cells): fix PIC-to-PIC connection + add service-sharing permissions

2026-05-01 08:35:24 -04:00

service_bus.py

feat: make DDNS domain_name the effective domain across all services

2026-05-28 02:48:47 -04:00

service_composer.py

fix: service credential provisioning and install reliability

2026-06-07 13:41:41 -04:00

service_registry.py

feat: Phase 2 — remove builtins layer, ServiceRegistry is installed-only

2026-05-29 08:53:44 -04:00

service_store_manager.py

fix: peer access to /api/services/active and unconditional Caddy startup regen

2026-06-07 15:58:27 -04:00

setup_manager.py

feat: remove optional services step from setup wizard

2026-05-29 18:33:43 -04:00

test_enhanced_api.py

wip: make work Services Status

2025-09-13 14:23:31 +03:00

vault_manager.py

fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests

2026-04-27 11:30:21 -04:00

wireguard_manager.py

fix: get_status returns actual configured WG address instead of hardcoded default

2026-06-06 14:48:49 -04:00