Merge claude/2

This commit is contained in:
librelad 2026-05-27 14:39:58 +01:00
commit cd6f1354ca
15 changed files with 35 additions and 74 deletions

View File

@ -1,5 +0,0 @@
TITLE=Features
DESCRIPTION=Toggle system components and features
ICON=features
ORDER=5
SUBCATEGORY_ORDER=features_core,features_security,features_terminal

View File

@ -1,18 +0,0 @@
# ================================================================================
# Core Features - Essential LibrePortal functionality and core services
# ================================================================================
CFG_REQUIREMENT_CONFIG=true # Configuration Management - Enable configuration management system for LibrePortal settings
CFG_REQUIREMENT_COMMAND=true # Command Line Tool - Install the libreportal command line tool for system management
CFG_REQUIREMENT_WEBUI=true # Web Interface - Install and manage the LibrePortal web based management interface
CFG_REQUIREMENT_WEBUI_SERVICE=true # Web Task Service - Install the task management systemd service for the web interface
CFG_REQUIREMENT_DATABASE=true # Database Support - Install and configure database support for application data storage
CFG_REQUIREMENT_PASSWORDS=true # Password Management - Enable password generation and management features
CFG_REQUIREMENT_DOCKER_CE=true # Docker CE - Install Docker Community Edition instead of the default Docker version
CFG_REQUIREMENT_DOCKER_COMPOSE=true # Docker Compose - Install Docker Compose for multi container application management
CFG_REQUIREMENT_DOCKER_NETWORK=true # Docker Network - Create and manage Docker network for container communication
CFG_REQUIREMENT_UFW=true # Firewall Protection - Install and configure the Uncomplicated Firewall for system security
CFG_REQUIREMENT_UFWD=true # Docker Firewall - Install UFW Docker for container aware firewall management which is rooted Docker specific
CFG_REQUIREMENT_SSLCERTS=true # SSL Certificates - Generate and manage SSL certificates for secure HTTPS connections
CFG_REQUIREMENT_CRONTAB=true # Scheduled Tasks - Setup scheduled tasks and automated maintenance jobs
CFG_REQUIREMENT_WHITELIST_PORT_UPDATER=true # Auto Port Management - Automatically update port whitelist when applications are installed or removed
CFG_REQUIREMENT_BCRYPT_SAVE=true # Password Encryption - Encrypt saved passwords using bcrypt for enhanced security

View File

@ -1,7 +0,0 @@
# ================================================================================
# Security and Authentication - SSH access and security configuration
# ================================================================================
CFG_REQUIREMENT_SSHKEY_DOWNLOADER=false # SSH Key Downloader - Enable SSH key download functionality for remote access
CFG_REQUIREMENT_SSH_DISABLE_PASSWORDS=false # SSH Password Disable - Disable password authentication for SSH requiring key based access only
CFG_REQUIREMENT_GLUETUN_FOR_ALL=false # Gluetun For All Apps - Allow routing through Gluetun VPN for every app (default: only curated categories)

View File

@ -1,12 +0,0 @@
# ================================================================================
# Terminal Only - Advanced terminal based features and utilities **ADVANCED**
# ================================================================================
CFG_REQUIREMENT_SUGGEST_INSTALLS=false # Install Suggestions - Enable application suggestions and recommendations during installation
CFG_REQUIREMENT_SUGGEST_METRICS=true # Metrics Suggestions - Offer Prometheus and Grafana during first install (requires Install Suggestions enabled)
CFG_REQUIREMENT_CONTINUE_PROMPT=false # Continue Prompts - Show continue prompts during installation for user confirmation
CFG_REQUIREMENT_CONFIGS_CHECK=true # Config Validation - Validate configuration files on startup for errors and consistency
CFG_REQUIREMENT_CONFIGS_AUTO_UPDATE=true # Auto Config Updates - Add new config options from the template (non-interactive)
CFG_REQUIREMENT_CONFIGS_AUTO_DELETE=true # Auto Config Deletes - Remove config options no longer present in the template
CFG_REQUIREMENT_MISSING_IPS=false # IP Configuration Check - Check for and alert about missing IP configurations
CFG_REQUIREMENT_DOCKER_NETWORK_PRUNE=true # Docker Network Cleanup - Enable automatic cleanup of unused Docker networks
CFG_REQUIREMENT_DOCKER_SWITCHER=true # Docker Switcher - Install Docker version switching utility for managing multiple Docker versions

View File

@ -10,3 +10,11 @@ CFG_GIT_USER=changeme # Git Username - Git us
CFG_GIT_KEY=changeme # Git Access Key - SSH key or API key for Git repository access
CFG_GIT_UPDATES=true # Auto Check Updates - Check for updates automatically
CFG_GIT_AUTO_UPDATES=true # Auto Apply Updates - Automatically apply updates when available
CFG_REQUIREMENT_CONFIG=true # Configuration Management - Install the configuration management system. Disabling this on an existing install will brick the system. **ADVANCED** **DEV**
CFG_REQUIREMENT_COMMAND=true # Command Line Tool - Install the libreportal command line tool. Disabling this on an existing install will brick the system. **ADVANCED** **DEV**
CFG_REQUIREMENT_WEBUI=true # Web Interface - Install the LibrePortal WebUI. Disabling this on an existing install will brick the system. **ADVANCED** **DEV**
CFG_REQUIREMENT_WEBUI_SERVICE=true # Web Task Service - Install the task-processor systemd service that backs the WebUI. Disabling this on an existing install will brick the system. **ADVANCED** **DEV**
CFG_REQUIREMENT_DATABASE=true # Database Support - Install and configure database support for application data storage. Install-time choice only — flipping post-install will not retrofit. **ADVANCED** **DEV**
CFG_REQUIREMENT_PASSWORDS=true # Password Management - Enable password generation and management features. Install-time choice only. **ADVANCED** **DEV**
CFG_REQUIREMENT_DOCKER_CE=true # Docker CE - Install Docker Community Edition instead of the distro default. Install-time choice only — flipping post-install does not swap Docker. **ADVANCED** **DEV**
CFG_REQUIREMENT_DOCKER_COMPOSE=true # Docker Compose - Install Docker Compose for multi-container application management. Install-time choice only. **ADVANCED** **DEV**

View File

@ -7,3 +7,11 @@ CFG_GENERATED_PASS_LENGTH=14 # Password Length - Len
CFG_GENERATED_USER_LENGTH=8 # Username Length - Length for auto generated usernames
CFG_UFW_LOGGING=off # Firewall Logging - UFW firewall logging level [off|low|medium|high|full]
CFG_TEXT_EDITOR=nano # Text Editor - Default text editor for system operations [nano|vim]
CFG_REQUIREMENT_CRONTAB=true # Scheduled Tasks - Install scheduled tasks and automated maintenance jobs
CFG_REQUIREMENT_CONFIGS_CHECK=true # Config Validation - Validate configuration files on startup for errors and consistency
CFG_REQUIREMENT_CONFIGS_AUTO_UPDATE=true # Auto Config Updates - Add new config options from the template (non-interactive)
CFG_REQUIREMENT_CONFIGS_AUTO_DELETE=true # Auto Config Deletes - Remove config options no longer present in the template
CFG_REQUIREMENT_MISSING_IPS=false # IP Configuration Check - Check for and alert about missing IP configurations
CFG_REQUIREMENT_CONTINUE_PROMPT=false # Continue Prompts - Show continue prompts during installation for user confirmation
CFG_REQUIREMENT_SUGGEST_INSTALLS=false # Install Suggestions - Enable application suggestions and recommendations during installation
CFG_REQUIREMENT_SUGGEST_METRICS=true # Metrics Suggestions - Offer Prometheus and Grafana during first install (requires Install Suggestions enabled)

View File

@ -2,4 +2,4 @@ TITLE=Network
DESCRIPTION=Network configuration and domain management
ICON=network
ORDER=4
SUBCATEGORY_ORDER=network_domains,network_whitelist,network_dns,network_docker,network_rootless,network_ports,network_headscale
SUBCATEGORY_ORDER=network_domains,network_whitelist,network_firewall,network_dns,network_docker,network_rootless,network_ports,network_headscale

View File

@ -5,3 +5,6 @@
CFG_NETWORK_NAME=vpn # Network Name - Docker network name for container communication
CFG_NETWORK_SUBNET=10.100.0.0/16 # Network Subnet - Subnet range for Docker network
CFG_NETWORK_MTU=1500 # Network MTU - Maximum transmission unit for network packets
CFG_REQUIREMENT_DOCKER_NETWORK=true # Docker Network - Create and manage the Docker network for container communication
CFG_REQUIREMENT_DOCKER_NETWORK_PRUNE=true # Network Cleanup - Automatically prune unused Docker networks
CFG_REQUIREMENT_DOCKER_SWITCHER=true # Docker Switcher - Install the Docker version switching utility

View File

@ -10,3 +10,4 @@ CFG_DOMAIN_6= # Domain 6 - Domain slo
CFG_DOMAIN_7= # Domain 7 - Domain slot 7 for a Traefik
CFG_DOMAIN_8= # Domain 8 - Domain slot 8 for a Traefik
CFG_DOMAIN_9= # Domain 9 - Domain slot 9 for a Traefik
CFG_REQUIREMENT_SSLCERTS=true # SSL Certificates - Generate and manage SSL certificates for secure HTTPS connections **ADVANCED**

View File

@ -0,0 +1,6 @@
# ================================================================================
# Firewall - Host firewall and port-whitelist automation **ADVANCED**
# ================================================================================
CFG_REQUIREMENT_UFW=true # Firewall Protection - Install and configure the Uncomplicated Firewall (UFW) for system security
CFG_REQUIREMENT_UFWD=true # Docker Firewall - Install UFW-Docker for container-aware firewall management (rooted Docker only)
CFG_REQUIREMENT_WHITELIST_PORT_UPDATER=true # Auto Port Whitelisting - Update the port whitelist automatically when applications are installed or removed

View File

@ -2,4 +2,4 @@ TITLE=Security
DESCRIPTION=Intrusion prevention, bouncers, and host firewall configuration
ICON=security
ORDER=5
SUBCATEGORY_ORDER=security_logins
SUBCATEGORY_ORDER=security_logins,security_ssh

View File

@ -0,0 +1,7 @@
# ================================================================================
# SSH & Access Hardening - Secure remote access and auth-storage toggles **ADVANCED**
# ================================================================================
CFG_REQUIREMENT_SSHKEY_DOWNLOADER=false # SSH Key Downloader - Enable SSH key download functionality for remote access
CFG_REQUIREMENT_SSH_DISABLE_PASSWORDS=false # Disable SSH Passwords - Disable password authentication for SSH (requires key-based access only)
CFG_REQUIREMENT_BCRYPT_SAVE=true # Password Encryption - Encrypt saved passwords using bcrypt for enhanced security
CFG_REQUIREMENT_GLUETUN_FOR_ALL=false # Gluetun For All Apps - Allow routing through Gluetun VPN for every app (default: only curated categories)

View File

@ -47,22 +47,6 @@
font-style: italic;
}
/* Header-only variant used as a page-level banner (e.g. config?=features).
Without inner content below the header, the header's bottom margin
is wasted whitespace, and the section needs its own bottom margin
to separate from whatever follows. */
.danger-zone-section--header-only {
margin-bottom: 24px;
}
.danger-zone-section--header-only .danger-zone-header {
margin-bottom: 0;
}
.danger-zone-section--header-only .danger-zone-header p {
margin-top: 4px;
}
/* Inline variant — same recipe as .danger-zone-section, smaller padding. */
.danger-zone-banner {
background: rgba(var(--status-danger-rgb), 0.10);

View File

@ -176,19 +176,6 @@ if (typeof window.ConfigManager === 'undefined') {
var formHTML = '';
var self = this; // Preserve 'this' context
// Features page is system-level — add a Danger Zone header at the
// top so it's visually obvious before the user touches anything.
// Reuses the same `.danger-zone-section` / `.danger-zone-header`
// styling used elsewhere, but without the advanced/unused toggle
// tickboxes that live inside the normal danger zone — this is just
// the heading.
if (category === 'features') {
formHTML += '<div class="danger-zone-section danger-zone-section--header-only"><div class="danger-zone-header"><h3>⚠️ Danger Zone</h3><p>These options are for advanced users and may affect system stability</p></div></div>';
// Divider below the features Danger Zone banner, separating it from
// the feature fields — same rule used elsewhere in the config form.
formHTML += '<div class="config-divider"></div>';
}
//console.log('ConfigManager: About to process configData entries:', Object.keys(configData));
// Filter subcategories by type

View File

@ -4,7 +4,6 @@ checkRequirements()
{
isHeader "Checking Requirements"
isNotice "Requirements are about to be installed."
isNotice "Edit the features config if you want to disable anything."
echo ""
checkRootRequirement;