MALIO-DEV/Supervisor
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: MALIO-DEV:v1.4.1
Branches Tags
MALIO-DEV:develop MALIO-DEV:fix/status-recette-log MALIO-DEV:fix/correctif MALIO-DEV:fix/prod-runtime-issues MALIO-DEV:feat/440-add-section-check-backup
MALIO-DEV:v1.4.2 MALIO-DEV:v1.4.1 MALIO-DEV:v1.4.0 MALIO-DEV:v1.3.1 MALIO-DEV:v1.3.0 MALIO-DEV:v1.2.4 MALIO-DEV:v1.2.3 MALIO-DEV:v1.2.2 MALIO-DEV:v1.2.1 MALIO-DEV:v1.2.0 MALIO-DEV:v1.1.0 MALIO-DEV:v1.0.0
..
compare: MALIO-DEV:v1.4.2
Branches Tags
MALIO-DEV:fix/status-recette-log MALIO-DEV:develop MALIO-DEV:fix/correctif MALIO-DEV:fix/prod-runtime-issues MALIO-DEV:feat/440-add-section-check-backup
MALIO-DEV:v1.4.2 MALIO-DEV:v1.4.1 MALIO-DEV:v1.4.0 MALIO-DEV:v1.3.1 MALIO-DEV:v1.3.0 MALIO-DEV:v1.2.4 MALIO-DEV:v1.2.3 MALIO-DEV:v1.2.2 MALIO-DEV:v1.2.1 MALIO-DEV:v1.2.0 MALIO-DEV:v1.1.0 MALIO-DEV:v1.0.0

6 Commits
v1.4.1 ... v1.4.2

Author SHA1 Message Date
semantic-release-bot
d0a3f73989 chore(release): 1.4.2 2026-03-18 12:49:19 +00:00
admin malio
659f22f15b Merge pull request 'fix/status-recette-log' (#20) from fix/status-recette-log into develop
All checks were successful
Release / release (push) Successful in 33s
Details 
Reviewed-on: #20
 2026-03-18 12:48:49 +00:00
kevin
403bc91f33 fix: systeme metrics chart 2026-03-18 11:36:59 +01:00
kevin
0a73c5cb37 fix: use recette status log 2026-03-18 10:33:18 +01:00
kevin
c12387ac94 fix: t-005 a t-0029 correctif 2026-03-18 09:00:11 +01:00
kevin
bdb65a09ff fix: t-001 a t-005 correctif 2026-03-17 15:33:36 +01:00
22 changed files with 317 additions and 125 deletions
Expand all files Collapse all files

10
CHANGELOG.md
View File

@@ -1,3 +1,13 @@
## [1.4.2](https://gitea.malio.fr/MALIO-DEV/Supervisor/compare/v1.4.1...v1.4.2) (2026-03-18)
### Bug Fixes
* systeme metrics chart ([403bc91](https://gitea.malio.fr/MALIO-DEV/Supervisor/commit/403bc91f33ca2253d698531e8c6bf0c28b40f5c8))
* t-001 a t-005 correctif ([bdb65a0](https://gitea.malio.fr/MALIO-DEV/Supervisor/commit/bdb65a09ff247f8fb3d22913a3426a89fad1d177))
* t-005 a t-0029 correctif ([c12387a](https://gitea.malio.fr/MALIO-DEV/Supervisor/commit/c12387ac947cde677e78fe77d914a904795d404c))
* use recette status log ([0a73c5c](https://gitea.malio.fr/MALIO-DEV/Supervisor/commit/0a73c5cb37c557568647684382440d95de7bf3ab))
## [1.4.1](https://gitea.malio.fr/MALIO-DEV/Supervisor/compare/v1.4.0...v1.4.1) (2026-03-17)

15
README.md
View File

@@ -95,6 +95,19 @@ Consequence visible :
- si `API_SECRET_KEY` est vide, les appels API sont refusés avec `401 Unauthorized`
- l'application web pose aussi un cookie HTTP-only via `server/middleware/auth-cookie.ts` pour réutiliser ce secret coté navigateur
## Securite
Le comportement actuel du projet repose sur une hypothèse d'exposition très forte.
- `server/middleware/auth-cookie.ts` pose automatiquement le cookie `api_auth_token` à tout visiteur qui charge l'interface web
- ce cookie permet ensuite d'accéder aux routes `/api/*` protégées par `API_SECRET_KEY`
- il n'existe pas de login utilisateur ni de contrôle d'identité distinct dans le dépôt
Conséquence :
- `Supervisor` doit être déployé uniquement sur un réseau de confiance, derrière un VPN, une restriction d'IP, un proxy d'authentification ou un autre contrôle d'accès externe
- si l'application est exposée publiquement sans protection supplémentaire, ce mécanisme ne constitue pas une authentification suffisante
### SSH pour les backups
Les fonctionnalités de backup utilisent `ssh` avec les options `BatchMode=yes` et `ConnectTimeout=5` dans `server/utils/ssh.ts`. Cela implique un accès sans saisie interactive de mot de passe.
@@ -126,4 +139,4 @@ Usage :
- `npm run generate` : généré une sortie statique si ce mode est compatible avec votre usage
- `npm run preview` : prévisualisé le build Nuxt
- `npm run lint` : execute ESLint
- `npm run lint:fix` : applique les corrections ESLint automatiques : collecte périodique CPU, mémoire et réseau
- `npm run lint:fix` : applique les corrections ESLint automatiques : collecte périodique CPU, mémoire et réseau

1
assets/css/main.css
View File

@@ -15,7 +15,6 @@
--color-m-success: rgb(var(--m-success));
--color-m-accent: rgb(var(--m-accent));
--color-m-warning: rgb(var(--m-warning));
--color-m-succes: rgb(var(--m-success));
--font-display: "Outfit", system-ui, sans-serif;
--font-mono: "JetBrains Mono", "Fira Code", monospace;
}

27
components/BackupRun.vue
View File

@@ -77,7 +77,6 @@
</template>
<script setup lang="ts">
import { computed, onMounted, ref } from "vue"
import { Icon as IconifyIcon } from "@iconify/vue"
import { apiFetch } from "~/composables/useApiAuth"
@@ -108,6 +107,12 @@ type ScriptResult = {
downloadFolders: string[]
}
type ApiErrorLike = {
data?: {
statusMessage?: string
}
}
const emit = defineEmits<{
result: [payload: ScriptResult]
}>()
@@ -116,7 +121,6 @@ const active = ref<string | null>(null)
const loading = ref(true)
const runningKey = ref<string | null>(null)
const scripts = ref<BackupScript[]>([])
const output = ref<string>("")
const message = ref<string>("")
const isError = ref(false)
@@ -125,7 +129,6 @@ const statusClass = computed(() => (isError.value ? "status-error" : "status-suc
const loadScripts = async () => {
loading.value = true
message.value = ""
output.value = ""
isError.value = false
emit("result", {
key: null,
@@ -156,7 +159,6 @@ const loadScripts = async () => {
const runScript = async (key: string) => {
active.value = key
runningKey.value = key
output.value = ""
message.value = ""
isError.value = false
@@ -165,30 +167,25 @@ const runScript = async (key: string) => {
method: "POST",
body: { key }
})
const resultOutput = data.output || "Aucune sortie retournee."
message.value = `${data.label} execute avec succes`
output.value = data.output || "Aucune sortie retournee."
emit("result", {
key: data.key,
label: data.label,
output: output.value,
output: resultOutput,
isError: false,
downloadFolders: data.downloadFolders || []
})
} catch (error: unknown) {
isError.value = true
const statusMessage =
const errorMessage =
typeof error === "object" &&
error !== null &&
"data" in error &&
typeof error.data === "object" &&
error.data !== null &&
"statusMessage" in error.data &&
typeof error.data.statusMessage === "string"
? error.data.statusMessage
typeof (error as ApiErrorLike).data?.statusMessage === "string"
? (error as ApiErrorLike).data?.statusMessage
: null
message.value = statusMessage || "Erreur execution script"
output.value = ""
message.value = errorMessage || "Erreur execution script"
emit("result", {
key,
label: scripts.value.find((item) => item.key === key)?.label || key,

75
components/StatusSite.vue
View File

@@ -24,17 +24,27 @@
v-else
:key="`${row.label}-${row.url}`"
class="status-row"
:class="row.status === 200 ? 'row-ok' : 'row-error'"
:class="row.ok ? 'row-ok' : 'row-error'"
>
<div class="flex items-center gap-3">
<span class="status-dot" :class="row.status === 200 ? 'dot-ok' : 'dot-error'" />
<span class="font-display text-sm font-semibold text-m-text">
{{ row.label }}
<div class="status-copy">
<div class="flex items-center gap-3">
<span class="status-dot" :class="row.ok ? 'dot-ok' : 'dot-error'" />
<span class="font-display text-sm font-semibold text-m-text">
{{ row.label }}
</span>
</div>
<p class="status-detail">
{{ row.detail }}
</p>
</div>
<div class="status-meta">
<span class="font-mono text-xs" :class="row.ok ? 'text-m-success' : 'text-m-error'">
{{ statusLabel(row) }}
</span>
<span class="status-time">
{{ formatCheckedAt(row.checkedAt) }}
</span>
</div>
<span class="font-mono text-xs" :class="row.status === 200 ? 'text-m-success' : 'text-m-error'">
{{ statusLabel(row.status) }}
</span>
</div>
</div>
</template>
@@ -51,6 +61,7 @@ interface StatusRow {
ok: boolean
status: number
checkedAt: string
detail: string
error?: string
}
@@ -74,10 +85,24 @@ const loading = ref(true)
const initialized = ref(false)
let timer: ReturnType<typeof setInterval> | null = null
const statusLabel = (status: number) => {
if (status === 200) return "HTTP 200"
if (status === 0) return "Injoignable"
return `KO (${status})`
const statusLabel = (row: StatusRow) => {
if (row.ok) return "OK"
if (row.status === 0) return "DOWN"
return `KO (${row.status})`
}
const formatCheckedAt = (checkedAt: string) => {
const date = new Date(checkedAt)
if (Number.isNaN(date.getTime())) {
return checkedAt
}
return date.toLocaleTimeString("fr-FR", {
hour: "2-digit",
minute: "2-digit",
second: "2-digit"
})
}
const checkStatus = async () => {
@@ -95,6 +120,7 @@ const checkStatus = async () => {
ok: false,
status: 0,
checkedAt: new Date().toISOString(),
detail: "Lecture du statut impossible",
error: error instanceof Error ? error.message : String(error)
}
]
@@ -149,6 +175,7 @@ onBeforeUnmount(() => {
display: flex;
align-items: center;
justify-content: space-between;
gap: 1rem;
min-height: 3.2rem;
padding: 0.85rem 1rem;
border-radius: 14px;
@@ -157,6 +184,30 @@ onBeforeUnmount(() => {
transition: all 0.2s ease;
}
.status-copy {
min-width: 0;
}
.status-detail {
margin: 0.35rem 0 0;
color: rgb(var(--m-muted));
font-size: 0.78rem;
line-height: 1.4;
}
.status-meta {
display: flex;
flex-direction: column;
align-items: flex-end;
gap: 0.2rem;
flex-shrink: 0;
}
.status-time {
font-size: 0.72rem;
color: rgb(var(--m-muted));
}
.row-ok {
border-color: rgb(var(--m-success) / 0.08);
}

1
composables/useApiAuth.ts
View File

@@ -42,7 +42,6 @@ export function useApiAuthHeader() {
// Tous les appels frontend vers /api/* reutilisent ce header commun.
return {
Authorization: `Bearer ${token}`
}
}

1
layouts/default.vue
View File

@@ -146,7 +146,6 @@
</template>
<script setup lang="ts">
import {ref} from "vue"
import {Icon as IconifyIcon} from "@iconify/vue"
import logoSrc from '~/assets/LOGO_CARRE_BLANC.png'

6
nuxt.config.ts
View File

@@ -26,7 +26,7 @@ export default defineNuxtConfig({
head: {
link: [
{ rel: "preconnect", href: "https://fonts.googleapis.com" },
{ rel: "preconnect", href: "https://fonts.gstatic.com ", crossorigin: "" },
{ rel: "preconnect", href: "https://fonts.gstatic.com", crossorigin: "" },
{
rel: "stylesheet",
href: "https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;500;600;700&family=Outfit:wght@300;400;500;600;700;800;900&display=swap"
@@ -36,6 +36,8 @@ export default defineNuxtConfig({
},
runtimeConfig: {
apiSecretKey: process.env.API_SECRET_KEY,
discordBotToken: process.env.DISCORD_BOT_TOKEN,
discordChannelId: process.env.DISCORD_CHANNEL_ID,
public: {
appVersion: getRepoVersion(),
apiKey: process.env.API_SECRET_KEY
@@ -44,4 +46,4 @@ export default defineNuxtConfig({
vite: {
plugins: [tailwindcss()]
}
})
})

8
package-lock.json generated
View File

@@ -1,10 +1,10 @@
{
"name": "disk-monitor",
"name": "supervisor",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "disk-monitor",
"name": "supervisor",
"hasInstallScript": true,
"dependencies": {
"@iconify/vue": "^5.0.0",
@@ -15,11 +15,13 @@
"@semantic-release/changelog": "^6.0.3",
"@semantic-release/commit-analyzer": "^13.0.1",
"@semantic-release/git": "^10.0.1",
"@semantic-release/github": "^12.0.6",
"@semantic-release/release-notes-generator": "^14.1.0",
"@tailwindcss/vite": "^4.2.1",
"semantic-release": "^25.0.3",
"tailwindcss": "^4.2.1"
},
"engines": {
"node": ">=20"
}
},
"node_modules/@actions/core": {

6
package.json
View File

@@ -1,7 +1,10 @@
{
"name": "disk-monitor",
"name": "supervisor",
"type": "module",
"private": true,
"engines": {
"node": ">=20"
},
"scripts": {
"build": "nuxt build",
"dev": "nuxt dev",
@@ -20,7 +23,6 @@
"@semantic-release/changelog": "^6.0.3",
"@semantic-release/commit-analyzer": "^13.0.1",
"@semantic-release/git": "^10.0.1",
"@semantic-release/github": "^12.0.6",
"@semantic-release/release-notes-generator": "^14.1.0",
"@tailwindcss/vite": "^4.2.1",
"semantic-release": "^25.0.3",

9
pages/index.vue
View File

@@ -66,7 +66,6 @@
</template>
<script setup lang="ts">
import {computed, onMounted, ref} from "vue"
import { apiFetch } from "~/composables/useApiAuth"
import type { SystemMetrics } from "~/types/system";
@@ -334,14 +333,6 @@ onBeforeUnmount(() => {
grid-template-columns: 1fr;
}
.backup-selector {
order: 2;
}
.backup-list-mobile {
order: 3;
}
.speedtest-card-mobile {
order: 4;
}

2
public/robots.txt
View File

@@ -1,2 +1,2 @@
User-Agent: *
Disallow:
Disallow: /

6
server/api/backups.get.ts
View File

@@ -3,12 +3,10 @@ import {
shellQuote,
resolveFolderRemoteDir,
REMOTE_ROOT,
isSafeFolder,
} from "../utils/ssh.ts"
import {process} from "std-env";
const MAX_FILES_PER_FOLDER = Number(process.env.BACKUPS_MAX_FILES)
const isSafeFolder = (value: string) => /^[a-zA-Z0-9._-]+$/.test(value)
const MAX_FILES_PER_FOLDER = Math.max(1, Number(process.env.BACKUPS_MAX_FILES) || 50)
function isMissingPathError(error: unknown): boolean {

7
server/api/discord/messages.get.ts
View File

@@ -1,6 +1,7 @@
export default defineEventHandler(async () => {
const token = process.env.DISCORD_BOT_TOKEN
const channel = process.env.DISCORD_CHANNEL_ID
export default defineEventHandler(async (event) => {
const config = useRuntimeConfig(event)
const token = config.discordBotToken
const channel = config.discordChannelId
if (!token || !channel) {
throw createError({

44
server/api/disk.get.ts
View File

@@ -1,10 +1,16 @@
import { exec } from "child_process"
import { execFile } from "node:child_process"
type DiskSource = {
key: "remote" | "local"
label: string
}
type CommandSpec = {
command: string
args: string[]
cwd?: string
}
const diskSources: DiskSource[] = [
{
key: "remote",
@@ -16,33 +22,28 @@ const diskSources: DiskSource[] = [
}
]
function getDefaultCommand(source: DiskSource) {
function getCommand(source: DiskSource): CommandSpec {
const localScriptDir = process.env.DISK_LOCAL_SCRIPT_DIR || "/home/malio/Malio-ops/CheckStorage"
const remoteHost = process.env.DISK_REMOTE_HOST || "malio-b"
const remoteScriptDir = process.env.DISK_REMOTE_SCRIPT_DIR || "/home/malio-b/Malio-ops/CheckStorage"
if (source.key === "local") {
return `cd ${localScriptDir} && bash check-storage.sh`
return {
command: "bash",
args: ["check-storage.sh"],
cwd: localScriptDir
}
}
return `ssh ${remoteHost} "cd ${remoteScriptDir} && ./check-storage.sh"`
return {
command: "ssh",
args: [remoteHost, `cd ${remoteScriptDir} && ./check-storage.sh`]
}
}
function getEnvCommand(source: DiskSource) {
const envKey = `DISK_COMMAND_${source.key.toUpperCase()}`
const legacyEnvKey =
source.key === "remote" ? "DISK_REMOTE_COMMAND" : source.key === "local" ? "DISK_LOCAL_COMMAND" : ""
return (
process.env[envKey] ||
(legacyEnvKey ? process.env[legacyEnvKey] : undefined) ||
getDefaultCommand(source)
)
}
function runShellCommand(command: string): Promise<string> {
function runCommand({ command, args, cwd }: CommandSpec): Promise<string> {
return new Promise((resolve, reject) => {
exec(command, (error, stdout, stderr) => {
execFile(command, args, { cwd }, (error, stdout, stderr) => {
if (error) {
reject(stderr || error.message)
return
@@ -56,12 +57,7 @@ export default defineEventHandler(async () => {
const results = await Promise.all(
diskSources.map(async (source) => {
try {
const envCommand = getEnvCommand(source)
if (!envCommand) {
throw new Error(`Commande disque manquante pour ${source.key}`)
}
const output = await runShellCommand(envCommand)
const output = await runCommand(getCommand(source))
return {
key: source.key,
label: source.label,

8
server/api/download-latest.get.ts
View File

@@ -3,11 +3,10 @@ import {
shellQuote,
resolveFolderRemoteDir,
REMOTE_HOST,
isSafeFolder
} from "../utils/ssh.ts"
import { spawn } from "node:child_process"
const isSafeFolder = (value: string) => /^[a-zA-Z0-9._-]+$/.test(value)
async function getLatestRemoteFile(remoteDir: string): Promise<string | null> {
const output = await runSsh(`cd ${shellQuote(remoteDir)} && ls -1A | sort -r | head -n 1`)
const fileName = output.trim()
@@ -45,6 +44,9 @@ export default defineEventHandler(async (event) => {
}
const fileName = await getLatestRemoteFile(remoteDir)
if (!fileName || !isSafeFolder(fileName)) {
continue
}
if (!fileName) {
continue
}
@@ -93,6 +95,6 @@ export default defineEventHandler(async (event) => {
console.error(`Erreur archive SSH (${code}): ${stderr}`)
}
})
event.node.res.on("close", () => child.kill())
return sendStream(event, child.stdout)
})

8
server/api/download.get.ts
View File

@@ -3,13 +3,11 @@ import {
shellQuote,
resolveFolderRemoteDir,
REMOTE_HOST,
isSafeFolder,
isSafeFile
} from "../utils/ssh.ts"
import { spawn } from "node:child_process"
const isSafeFolder = (value: string) => /^[a-zA-Z0-9._-]+$/.test(value)
const isSafeFile = (value: string) => /^[a-zA-Z0-9._-]+$/.test(value)
function buildContentDisposition(fileName: string) {
const asciiName = fileName.replace(/[^\x20-\x7E]/g, "_").replace(/["\\]/g, "_")
return `attachment; filename="${asciiName}"; filename*=UTF-8''${encodeURIComponent(fileName)}`
@@ -61,6 +59,6 @@ export default defineEventHandler(async (event) => {
console.error(`Erreur téléchargement SSH (${code}): ${stderr}`)
}
})
event.node.res.on("close", () => child.kill())
return sendStream(event, child.stdout)
})

3
server/api/upload.post.ts
View File

@@ -1,9 +1,10 @@
export default defineEventHandler(async (event) => {
const req = event.node.req
const MAX_UPLOAD_BYTES = 100 * 1024 * 1024 // 100MB
let received = 0
for await (const chunk of req) {
if (received > MAX_UPLOAD_BYTES) throw createError({ statusCode: 413, statusMessage: "Fichier trop volumineux" })
received += chunk.length
}

181
server/api/version-status.get.ts
View File

@@ -1,33 +1,160 @@
import targets from "../config/version-status-targets.json"
import { readFile } from "node:fs/promises"
import { join } from "node:path"
type StatusEntry = {
checkedAt: string
status: "OK" | "DOWN"
host: string
detail: string
}
type StatusResult = {
label: string
url: string
ok: boolean
status: number
checkedAt: string
detail: string
}
const DEFAULT_RECETTE_SCRIPTS_DIR = "/home/malio/Malio-ops/RecetteScripts"
function parseEnvFile(content: string) {
const values: Record<string, string> = {}
for (const rawLine of content.split("\n")) {
const line = rawLine.trim()
if (!line || line.startsWith("#")) {
continue
}
const separatorIndex = line.indexOf("=")
if (separatorIndex === -1) {
continue
}
const key = line.slice(0, separatorIndex).trim()
const value = line.slice(separatorIndex + 1).trim()
if (!key) {
continue
}
values[key] = value.replace(/^['"]|['"]$/g, "")
}
return values
}
function getLogFileName(date: Date) {
const year = date.getFullYear()
const month = String(date.getMonth() + 1).padStart(2, "0")
const day = String(date.getDate()).padStart(2, "0")
return `app_health_${year}-${month}-${day}.log`
}
function parseStatusLine(line: string): StatusEntry | null {
const parts = line.split(" | ")
if (parts.length < 4) {
return null
}
const [checkedAt, status, host, ...detailParts] = parts
if ((status !== "OK" && status !== "DOWN") || !host) {
return null
}
return {
checkedAt,
status,
host,
detail: detailParts.join(" | ")
}
}
function buildStatusResult(entry: StatusEntry): StatusResult {
return {
label: entry.host,
url: `http://${entry.host}/`,
ok: entry.status === "OK",
status: entry.status === "OK" ? 200 : 0,
checkedAt: entry.checkedAt,
detail: entry.detail
}
}
export default defineEventHandler(async () => {
const results = await Promise.all(
targets.map(async (target) => {
try {
const response = await fetch(target.url, {
method: "GET",
headers: { Accept: "application/json" }
})
const recetteScriptsDir = process.env.RECETTE_SCRIPTS_DIR || DEFAULT_RECETTE_SCRIPTS_DIR
const envFilePath = join(recetteScriptsDir, ".env")
return {
label: target.label,
url: target.url,
ok: response.status === 200,
status: response.status,
checkedAt: new Date().toISOString()
}
} catch (error) {
return {
label: target.label,
url: target.url,
ok: false,
status: 0,
checkedAt: new Date().toISOString(),
error: error instanceof Error ? error.message : String(error)
}
try {
const envFileContent = await readFile(envFilePath, "utf8")
const envValues = parseEnvFile(envFileContent)
const logDir = envValues.APP_LOG_DIR
if (!logDir) {
throw createError({
statusCode: 500,
statusMessage: "Variable APP_LOG_DIR manquante"
})
}
const logFilePath = join(logDir, getLogFileName(new Date()))
const logFileContent = await readFile(logFilePath, "utf8")
const latestEntriesByHost = new Map<string, StatusEntry>()
for (const line of logFileContent.split("\n")) {
const entry = parseStatusLine(line)
if (!entry) {
continue
}
})
)
return { results }
latestEntriesByHost.set(entry.host, entry)
}
const configuredHosts = (envValues.APP_URLS || "")
.split(/\s+/)
.map((host) => host.trim())
.filter(Boolean)
const orderedResults = configuredHosts
.map((host) => latestEntriesByHost.get(host))
.filter((entry): entry is StatusEntry => Boolean(entry))
.map(buildStatusResult)
const remainingResults = Array.from(latestEntriesByHost.entries())
.filter(([host]) => !configuredHosts.includes(host))
.map(([, entry]) => buildStatusResult(entry))
const results = [...orderedResults, ...remainingResults]
if (results.length === 0) {
throw createError({
statusCode: 503,
statusMessage: "Aucun statut disponible"
})
}
return {
results
}
} catch (error) {
console.error("Erreur lecture status recette:", error)
if (
typeof error === "object" &&
error !== null &&
"statusCode" in error &&
"statusMessage" in error
) {
throw error
}
throw createError({
statusCode: 500,
statusMessage: "Erreur lors de l'opération"
})
}
})

5
server/config/version-status-targets.json
View File

@@ -1,5 +0,0 @@
[
{ "label": "Ferme", "url": "http://ferme.malio-dev.fr/api/version" },
{ "label": "SIRH", "url": "http://sirh.malio-dev.fr/api/version" },
{ "label": "Inventory", "url": "http://inventory.malio-dev.fr/api/health" }
]

6
server/middleware/auth-cookie.ts
View File

@@ -1,3 +1,9 @@
// SECURITE:
// Ce middleware pose automatiquement le cookie d'authentification pour tout
// visiteur de l'interface web. Ce comportement repose sur l'hypothèse que
// Supervisor n'est exposé qu'à un réseau de confiance ou derrière un contrôle
// d'accès externe. Si l'application devient publiquement accessible, ce
// mécanisme ne constitue pas une authentification utilisateur.
export default defineEventHandler((event) => {
const path = event.path || event.node.req.url || ""

13
server/utils/ssh.ts
View File

@@ -1,20 +1,23 @@
import { execFile } from "node:child_process"
import {process} from "std-env";
import {execFile} from "node:child_process"
import folderMap from "#server/config/backup-folders.json";
export const REMOTE_HOST = process.env.BACKUPS_REMOTE_HOST
export const REMOTE_ROOT = process.env.BACKUPS_REMOTE_ROOT || "/home/malio-b/backups"
export const FOLDER_MAP = folderMap as Record<string, string>
export const isSafeFolder = (value: string) => /^[a-zA-Z0-9._-]+$/.test(value)
export const isSafeFile = (value: string) => /^[a-zA-Z0-9._-]+$/.test(value)
export const shellQuote = (value: string) => `'${value.replace(/'/g, `'\\''`)}'`
export function runSsh(command: string): Promise<string> {
if (!REMOTE_HOST) {
return Promise.reject(new Error("BACKUPS_REMOTE_HOST is not configured"))
}
return new Promise((resolve, reject) => {
execFile(
"ssh",
["-o", "BatchMode=yes", "-o", "ConnectTimeout=5", REMOTE_HOST, command],
{ maxBuffer: 10 * 1024 * 1024 },
{maxBuffer: 10 * 1024 * 1024},
(error, stdout, stderr) => {
if (error) {
reject(stderr || error.message)
@@ -42,7 +45,7 @@ export async function resolveFolderRemoteDir(folderName: string): Promise<string
return direct
}
const nested = `${REMOTE_ROOT}/bdd_recette/${folderName}`
const nested = `${REMOTE_ROOT}/bdd-recette/${folderName}`
if (await remoteDirExists(nested)) {
return nested
}