Add a read-only configuration view to the web UI #68
No reviewers
Labels
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
keyop-go/nfq_forwarder!68
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "issue22_webui_config"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Closes #22 (https://gitlab.keyop.co.uk/keyop/go/nfq_forwarder/-/work_items/22).
Scope
Per the ticket's own hedge ("ideally... but that may need to be split out to a separate
ticket"), this covers viewing the running configuration only. Editing + restarting the
service is split into #25 - it's meaningfully bigger and more sensitive (no live-reload path
exists today, so "restart" means a real process restart against a process holding real
capabilities, triggered from an authenticated web request; any edit also needs the same
validation
config.LoadFromFilealready does before it's ever written to disk).Changes
webUIServerpreviously only ever receivedconfig.WebUI(used once, to build the sessionstore, and never stored) - nothing in the request path had access to the full running
configuration.
newWebUIServer/runWebUInow take the whole*config.Configurationinstead.GET /config(page) andGET /api/config(JSON), following the exact pattern theexisting tunnels dashboard already uses (
requireSessionPage/requireSessionAPI- no CSRFneeded, since there's nothing state-changing here).
defaultssection (includingby_networkrules), and a table of connections - via a purpose-built DTO (webUIConfig,matching the existing
webUITunnelpattern) rather than marshalingconfig.Configurationdirectly, keeping
internal/configfree of web/JSON concerns. Sinceconfig.LoadFromFilealready resolves defaults into each
Connectionat load time, the connections table showseach connection's effective settings for free.
cell()DOM helper out ofapp.jsinto a newcommon.js, soconfig.jsdoesn't duplicate them or accidentally pull inapp.js'stunnel-specific assumptions (it unconditionally polls
#tunnels, which doesn't exist on theconfig page).
Is anything here sensitive?
No - confirmed from the config struct: there's no password/token/API-key field anywhere in it,
SSH auth is key-file-based (a path, not embedded key material), and the web UI's own auth
delegates to PAM. Displaying it also doesn't widen the trust boundary: reaching this page
already requires passing PAM auth as the same OS account that can read the real config file
directly from disk.
Testing
buildConfigDTOis unit tested directly against a fully-populatedconfig.Configuration(all fields, including
by_networkand multiple connections), independent of any HTTPmachinery.
handleConfigPage/handleAPIConfigget the same authenticated-200 / unauthenticated-401ishtreatment as the existing
handleIndex/handleAPITunnelstests.TestWebUIStaticFilesServedextended to cover the two new static JS files.Manually inspected the real rendered HTML shell, the JSON payload, and cross-checked every
field
config.jsreads against the DTO's actual JSON tags (no browser available in thisenvironment to click through it, but the full request/response contract was exercised for
real via
httptestand printed for review).go build ./...,go vet ./...make lint(golangci-lint + yamllint + gitleaks)make test(go test -race -cover ./...)Docs
Updated
README.md,docs/README.md, andCLAUDE.md(Design notes + Testing sections).assigned to @danny
requested review from @danny
LGTM and seems to work as intended in live testing.
approved this merge request
mentioned in commit
646530d3ccmentioned in issue #22