🔧 chore(env): update database path in environment files
- change DATABASE_PATH in .env-example and docker-compose.yml - ensure consistency with Dockerfile for app directory structure 📦 build(docker): adjust Dockerfile for new data directory - create /app/data directory for database storage - update DATABASE_PATH environment variable accordingly 📝 docs(README): update README for German localization - replace English sections with German equivalents - adjust setup instructions to match new environment configurations
This commit is contained in:
nocci
parent
ea06f16407
commit
d7e95c5580
4 changed files with 58 additions and 83 deletions
|
|
@ -2,6 +2,6 @@
|
||||||
SESSION_SECRET=changeme_super_secret_value
|
SESSION_SECRET=changeme_super_secret_value
|
||||||
# Set to 1 for HTTPS deployments; set to 0 only for local HTTP testing.
|
# Set to 1 for HTTPS deployments; set to 0 only for local HTTP testing.
|
||||||
SESSION_COOKIE_SECURE=1
|
SESSION_COOKIE_SECURE=1
|
||||||
DATABASE_PATH=/data/fleetledger.db
|
DATABASE_PATH=/app/data/fleetledger.db
|
||||||
# Optional: Fernet key for encrypting management passwords (leave empty to disable)
|
# Optional: Fernet key for encrypting management passwords (leave empty to disable)
|
||||||
ENCRYPTION_KEY=
|
ENCRYPTION_KEY=
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,8 @@ RUN pip install --no-cache-dir -r requirements.txt
|
||||||
|
|
||||||
COPY app ./app
|
COPY app ./app
|
||||||
|
|
||||||
ENV DATABASE_PATH=/data/fleetledger.db
|
RUN mkdir -p /app/data
|
||||||
|
ENV DATABASE_PATH=/app/data/fleetledger.db
|
||||||
|
|
||||||
EXPOSE 8000
|
EXPOSE 8000
|
||||||
|
|
||||||
|
|
|
||||||
129
README.md
129
README.md
|
|
@ -1,86 +1,63 @@
|
||||||
# FleetLedger
|
# FleetLedger
|
||||||
|
|
||||||
FleetLedger is a small self-hosted web app to keep track of your rented servers:
|
Self-hosted Übersicht für gemietete Server (VPS, Dedizierte, Storage, Managed). Mehrnutzerfähig, Dark-Mode-first und PWA-ready.
|
||||||
|
|
||||||
- VPS, dedicated servers, storage boxes, managed services
|
|
||||||
- Provider, location, IPs, hardware
|
|
||||||
- Monthly / yearly pricing and contract dates
|
|
||||||
- Simple access info (management URLs, SSH user + key hint)
|
|
||||||
- Multi-user support with per-user data separation
|
|
||||||
- Admin user management (activate / deactivate users)
|
|
||||||
- Dark-mode-first UI with PWA support (installable as an app)
|
|
||||||
- Per-user **map view** for server locations
|
|
||||||
- Admin **global dashboard** for fleet-wide stats
|
|
||||||
|
|
||||||
> **Security note:** FleetLedger is *not* a full password manager.
|
|
||||||
> It is intentionally designed to store only **management password(s) optionally** and
|
|
||||||
> only **SSH key *names*** (no private keys).
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Features
|
## Features
|
||||||
|
- Server-CRUD pro Benutzer, Soft-Delete/Archiv
|
||||||
|
- Dashboard (Kosten, ablaufende Verträge) + Admin-Gesamtübersicht
|
||||||
|
- Map-Ansicht pro Nutzer auf Basis der Location-Namen (Leaflet)
|
||||||
|
- Optional verschlüsselte Speicherung von Management-Passwörtern (Fernet)
|
||||||
|
- Session-Auth mit CSRF-Schutz, Admin-Rolle
|
||||||
|
- PWA: Manifest, Service Worker, installierbar
|
||||||
|
|
||||||
- **Authentication & Users**
|
## Stack
|
||||||
- User registration + login (session cookie based)
|
- FastAPI, SQLModel, Jinja2
|
||||||
- First registered user becomes **admin**
|
- SQLite (Standard), Passlib (bcrypt), Cryptography (Fernet)
|
||||||
- Admin can view all users and activate/deactivate them
|
- Tailwind via CDN, Leaflet für Karte
|
||||||
- Deactivated users cannot log in and will be logged out automatically
|
- Uvicorn als ASGI-Server
|
||||||
|
|
||||||
- **Server Management**
|
## Schnellstart mit Docker
|
||||||
- Each user has their own list of servers (no cross-visibility)
|
1. Repository klonen
|
||||||
- Create / edit / archive (soft-delete) servers
|
```bash
|
||||||
- Fields include:
|
git clone https://example.com/your/fleetledger.git
|
||||||
- General: name, hostname, type (VPS, dedicated, storage, managed, other), provider, location, tags
|
cd fleetledger
|
||||||
- Network: IPv4, IPv6
|
```
|
||||||
- Billing: price, currency, billing period (monthly/yearly/other), contract start/end
|
2. Umgebung setzen
|
||||||
- Hardware: CPU model, core count, RAM, storage size & type
|
```bash
|
||||||
- Access: management URL, management user, management password (optional), SSH user, SSH key hint
|
cp .env-example .env
|
||||||
- Free-form notes
|
# SESSION_SECRET in .env auf einen starken, einzigartigen Wert setzen
|
||||||
- Contract badges:
|
```
|
||||||
- **"abgelaufen"** (expired): contract end in the past
|
3. Starten
|
||||||
- **"läuft bald aus"** (expiring soon): contract end within the next 30 days
|
```bash
|
||||||
- Detail view also shows how many days until / since contract end
|
docker-compose up --build
|
||||||
|
```
|
||||||
|
Die SQLite-DB liegt in `./data/` (Bind-Mount in den Container unter `/app/data/fleetledger.db`).
|
||||||
|
|
||||||
- **Per-user Dashboard & Map**
|
## Lokale Entwicklung (ohne Docker)
|
||||||
- On `/`: small dashboard row showing:
|
- Voraussetzungen: Python 3.12, virtualenv empfohlen.
|
||||||
- number of active servers
|
- Setup:
|
||||||
- estimated total monthly cost
|
```bash
|
||||||
- how many contracts are expiring soon / already expired
|
python -m venv .venv
|
||||||
- On `/map`: Leaflet-based map showing all non-archived servers of the logged-in user
|
source .venv/bin/activate
|
||||||
- Marker position is derived from the `location` string (city/datacenter name)
|
pip install -r requirements.txt
|
||||||
- Multiple servers per city are slightly offset so all markers remain clickable
|
cp .env-example .env
|
||||||
- Click on a marker → opens the server details page
|
export SESSION_SECRET="ein_langer_random_wert"
|
||||||
|
export SESSION_COOKIE_SECURE=0 # nur lokal ohne HTTPS
|
||||||
|
uvicorn app.main:app --reload --port 8000
|
||||||
|
```
|
||||||
|
|
||||||
- **Admin Global Dashboard**
|
## Umgebungsvariablen
|
||||||
- On `/admin/dashboard` (admin only):
|
- `SESSION_SECRET` (erforderlich): Langer, zufälliger String für die Session-Signierung.
|
||||||
- Global counts: users, servers, monthly cost, expiring soon, expired
|
- `SESSION_COOKIE_SECURE` (default `1`): Auf `0` nur für lokale HTTP-Tests setzen, sonst `1` (HTTPS).
|
||||||
- Breakdown by provider (server count, monthly total, expiring soon, expired)
|
- `DATABASE_PATH` (default `/app/data/fleetledger.db` im Docker-Image): Pfad zur SQLite-Datei. Lokal z. B. `./data/fleetledger.db`.
|
||||||
- List of contracts expiring soon and already expired
|
- `ENCRYPTION_KEY` (optional): Fernet-Key für verschlüsselte Management-Passwörter. Leer lassen, wenn keine Speicherung gewünscht ist.
|
||||||
|
|
||||||
- **Security**
|
## Sicherheitshinweise
|
||||||
- Passwords hashed with **bcrypt** (`passlib[bcrypt]`)
|
- Immer einen starken `SESSION_SECRET` verwenden; im Docker-Setup wird der Start verweigert, wenn ein Platzhalter genutzt wird.
|
||||||
- Optional encryption for management passwords using **Fernet** (`cryptography`)
|
- Produktiv hinter HTTPS betreiben (`SESSION_COOKIE_SECURE=1`).
|
||||||
- No private SSH keys are stored, only name/hint strings
|
- Management-Passwörter nur mit gesetztem `ENCRYPTION_KEY` speichern; ohne Key werden sie nicht persistiert.
|
||||||
- Jinja2 auto-escaping enabled; no untrusted HTML is rendered with `|safe`
|
- CSRF-Schutz ist aktiv für Form-POSTs; Browser-Service-Worker cached Assets versioniert.
|
||||||
- Management URLs are restricted to `http://` or `https://` (no `javascript:` links, etc.)
|
|
||||||
|
|
||||||
- **UI / UX**
|
## Datenhaltung
|
||||||
- TailwindCSS via CDN for quick styling
|
- SQLite speichert die Daten in einer Datei (`DATABASE_PATH`). In Docker wird `./data/` aus dem Host eingebunden.
|
||||||
- Dark mode is **enabled by default**
|
- Backups: Einfach die SQLite-Datei in `./data/` sichern, während der Dienst gestoppt ist.
|
||||||
- Theme preference stored in `localStorage` and toggleable via a small button
|
|
||||||
- Responsive layout, works well on mobile
|
|
||||||
- PWA manifest and service worker for a simple offline-friendly experience
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Quick Start (Docker)
|
|
||||||
|
|
||||||
### 0. Environment
|
|
||||||
|
|
||||||
Kopiere `.env-example` nach `.env` und setze mindestens ein starkes `SESSION_SECRET`. Für lokale HTTP-Tests kannst du `SESSION_COOKIE_SECURE=0` setzen, in Produktion sollte es `1` bleiben. Optional kannst du einen `ENCRYPTION_KEY` (Fernet) hinterlegen, um Management-Passwörter zu speichern.
|
|
||||||
|
|
||||||
### 1. Clone / copy the repository
|
|
||||||
|
|
||||||
```bash
|
|
||||||
git clone https://example.com/your/fleetledger.git
|
|
||||||
cd fleetledger
|
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,7 @@ services:
|
||||||
ports:
|
ports:
|
||||||
- "8000:8000"
|
- "8000:8000"
|
||||||
environment:
|
environment:
|
||||||
- DATABASE_PATH=/data/fleetledger.db
|
- DATABASE_PATH=/app/data/fleetledger.db
|
||||||
# SESSION_SECRET must be provided (e.g. via .env) and should be long and random
|
# SESSION_SECRET must be provided (e.g. via .env) and should be long and random
|
||||||
- SESSION_SECRET=${SESSION_SECRET:?Set SESSION_SECRET in your environment}
|
- SESSION_SECRET=${SESSION_SECRET:?Set SESSION_SECRET in your environment}
|
||||||
# Set to 0 only for local HTTP testing; keep secure (default) in production
|
# Set to 0 only for local HTTP testing; keep secure (default) in production
|
||||||
|
|
@ -14,8 +14,5 @@ services:
|
||||||
# Optional: encryption key for management passwords (Fernet key)
|
# Optional: encryption key for management passwords (Fernet key)
|
||||||
# - ENCRYPTION_KEY=your_fernet_key_here
|
# - ENCRYPTION_KEY=your_fernet_key_here
|
||||||
volumes:
|
volumes:
|
||||||
- fleetledger_data:/data
|
- ./data:/app/data
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
||||||
volumes:
|
|
||||||
fleetledger_data:
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue