linumiq_net-web_app

LinumIQ/linumiq_net-web_app

Fork 0

Commit Graph

Author	SHA1	Message	Date
Gerhard Scheikl	fb4880a1d9	feat(admin): comprehensive admin interface (users, tunnels, metrics, audit, reserved subdomains) Adds an authenticated admin surface gated by auth.users.app_metadata.role==='admin'. - lib/auth/admin-guard.ts: requireAdmin() (pages) + requireAdminApi() (routes) - middleware.ts: defense-in-depth /admin and /api/admin guarding - API: users (list/detail/role/ban/delete), tunnels (list + active/quota/reset/reassign/regenerate-token/delete), metrics, audit log, reserved subdomains - Self-lockout prevention (no self demote/ban/delete) - Best-effort Redis kill-switch via dependency-free net-socket client (REDIS_URL) - admin_audit_log + reserved_subdomains migration (RLS on, service-role only) - Admin UI (overview, users, tunnels, reserved, audit) + conditional nav link	2026-05-31 10:58:23 +02:00
linumiq_net-user	f1cca454e2	dev: parameterize compose for dev build (web-dev image/container, dev_edge network) - image web-dev:1.0.0, container web-dev, network dev_edge - NEXT_PUBLIC_* build args resolved from gitignored .env.production (api-dev/app-dev URLs) so the dev bundle targets the dev API. - ignore .env.production (dev secrets) in this branch.	2026-05-30 13:24:23 +02:00
root	c935e39fa1	initial commit	2026-05-29 17:07:00 +02:00

Author

SHA1

Message

Date

Gerhard Scheikl

fb4880a1d9

feat(admin): comprehensive admin interface (users, tunnels, metrics, audit, reserved subdomains)

Adds an authenticated admin surface gated by auth.users.app_metadata.role==='admin'.

- lib/auth/admin-guard.ts: requireAdmin() (pages) + requireAdminApi() (routes)
- middleware.ts: defense-in-depth /admin and /api/admin guarding
- API: users (list/detail/role/ban/delete), tunnels (list + active/quota/reset/reassign/regenerate-token/delete), metrics, audit log, reserved subdomains
- Self-lockout prevention (no self demote/ban/delete)
- Best-effort Redis kill-switch via dependency-free net-socket client (REDIS_URL)
- admin_audit_log + reserved_subdomains migration (RLS on, service-role only)
- Admin UI (overview, users, tunnels, reserved, audit) + conditional nav link

2026-05-31 10:58:23 +02:00

linumiq_net-user

f1cca454e2

dev: parameterize compose for dev build (web-dev image/container, dev_edge network)

- image web-dev:1.0.0, container web-dev, network dev_edge
- NEXT_PUBLIC_* build args resolved from gitignored .env.production
  (api-dev/app-dev URLs) so the dev bundle targets the dev API.
- ignore .env.production (dev secrets) in this branch.

2026-05-30 13:24:23 +02:00

root

c935e39fa1

initial commit

2026-05-29 17:07:00 +02:00

3 Commits