refactor(webinstaller): extract inline payload constants to furtka/assets/
Slice 1a of the self-update story. Every HTML/CSS/shell-script/systemd-
unit payload that used to live as a triple-quoted string constant inside
webinstaller/app.py now lives as a real file under furtka/assets/:
furtka/assets/Caddyfile
furtka/assets/VERSION (new — matches pyproject.toml)
furtka/assets/www/{index.html, settings/index.html, style.css, status.json}
furtka/assets/bin/{furtka-status, furtka-welcome}
furtka/assets/systemd/furtka-{api,reconcile,status,welcome}.service
furtka/assets/systemd/furtka-status.timer
The installer now pulls each file from disk via _read_asset(). Byte-for-
byte identical output at install time — a fresh-ISO install should land
the same files in the same places with the same contents, verified by
tests/test_webinstaller_assets.py which reconstructs each base64 blob
and asserts equality against the on-disk asset.
iso/build.sh also copies furtka/assets/ next to the webinstaller source
at /opt/furtka/assets on the live ISO so _resolve_assets_dir() finds
them with a "next to me" lookup. In dev the same function walks two
levels up to the repo copy, so pytest works without any env vars.
furtka-status.sh drops the /etc/furtka/version TODO — it now reads
/opt/furtka/VERSION directly, which Slice 1b will upgrade to
/opt/furtka/current/VERSION once the symlink layout lands.
_FURTKA_WRAPPER_SH (the 5-line /usr/local/bin/furtka shim) stays inline;
it's tiny and not asset-shaped.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 13:08:53 +02:00
|
|
|
/* Furtka on-box design system. Served by Caddy at /style.css,
|
|
|
|
|
consumed by the landing page AND the resource-manager /apps
|
|
|
|
|
page. One source of truth for tokens + components. */
|
|
|
|
|
|
|
|
|
|
:root {
|
|
|
|
|
--bg: #0f1115;
|
|
|
|
|
--fg: #e8eaed;
|
|
|
|
|
--muted: #9aa0a6;
|
|
|
|
|
--accent: #6ee7b7;
|
|
|
|
|
--accent-soft: rgba(110, 231, 183, 0.12);
|
|
|
|
|
--card: #1a1d24;
|
|
|
|
|
--card-hover: #222530;
|
|
|
|
|
--border: #2a2d34;
|
|
|
|
|
--warn: #4a3030;
|
|
|
|
|
--warn-fg: #fed;
|
|
|
|
|
--danger: #f08080;
|
|
|
|
|
|
|
|
|
|
--r-sm: 4px;
|
|
|
|
|
--r-md: 8px;
|
|
|
|
|
--r-lg: 12px;
|
|
|
|
|
--r-pill: 999px;
|
|
|
|
|
|
|
|
|
|
--shadow-card: 0 1px 2px rgba(0, 0, 0, 0.3);
|
|
|
|
|
--ring: 0 0 0 2px var(--accent);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@media (prefers-color-scheme: light) {
|
|
|
|
|
:root {
|
|
|
|
|
--bg: #f7f6f3;
|
|
|
|
|
--fg: #17181c;
|
|
|
|
|
--muted: #5e6066;
|
|
|
|
|
--accent: #0f8a5f;
|
|
|
|
|
--accent-soft: rgba(15, 138, 95, 0.12);
|
|
|
|
|
--card: #ffffff;
|
|
|
|
|
--card-hover: #f0efeb;
|
|
|
|
|
--border: #e3e1dc;
|
|
|
|
|
--warn: #fde2d3;
|
|
|
|
|
--warn-fg: #5a2a10;
|
|
|
|
|
--danger: #c03a28;
|
|
|
|
|
--shadow-card: 0 1px 3px rgba(0, 0, 0, 0.08);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
* { box-sizing: border-box; }
|
|
|
|
|
body {
|
|
|
|
|
margin: 0;
|
|
|
|
|
font-family: system-ui, -apple-system, "Segoe UI", Roboto, sans-serif;
|
|
|
|
|
background: var(--bg);
|
|
|
|
|
color: var(--fg);
|
|
|
|
|
line-height: 1.5;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Shared page container — both landing and /apps wrap content in
|
|
|
|
|
<main class="wrap"> so sizing + padding stay consistent. */
|
|
|
|
|
.wrap { max-width: 780px; margin: 0 auto; padding: 1.25rem 1.5rem 3rem; }
|
|
|
|
|
|
|
|
|
|
/* Top nav — persistent across pages (Jakob's Law). */
|
|
|
|
|
.nav {
|
|
|
|
|
display: flex;
|
|
|
|
|
align-items: center;
|
|
|
|
|
justify-content: space-between;
|
|
|
|
|
padding-bottom: 1.25rem;
|
|
|
|
|
border-bottom: 1px solid var(--border);
|
|
|
|
|
margin-bottom: 2rem;
|
|
|
|
|
}
|
|
|
|
|
.brand {
|
|
|
|
|
font-weight: 700;
|
|
|
|
|
letter-spacing: 0.02em;
|
|
|
|
|
color: var(--fg);
|
|
|
|
|
text-decoration: none;
|
|
|
|
|
font-size: 1.05rem;
|
|
|
|
|
display: inline-flex;
|
|
|
|
|
align-items: center;
|
|
|
|
|
gap: 0.55rem;
|
|
|
|
|
}
|
|
|
|
|
.brand::before {
|
|
|
|
|
content: "";
|
|
|
|
|
width: 0.7rem;
|
|
|
|
|
height: 0.7rem;
|
|
|
|
|
background: var(--accent);
|
|
|
|
|
border-radius: 2px;
|
|
|
|
|
transform: rotate(45deg);
|
|
|
|
|
}
|
|
|
|
|
.nav-links { display: flex; gap: 0.25rem; }
|
|
|
|
|
.nav-links a {
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
text-decoration: none;
|
|
|
|
|
font-size: 0.9rem;
|
|
|
|
|
padding: 0.35rem 0.75rem;
|
|
|
|
|
border-radius: var(--r-sm);
|
|
|
|
|
}
|
|
|
|
|
.nav-links a:hover { color: var(--fg); }
|
|
|
|
|
.nav-links a[aria-current="page"] {
|
|
|
|
|
color: var(--fg);
|
|
|
|
|
background: var(--accent-soft);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* -- Landing page ---------------------------------------------- */
|
|
|
|
|
header h1 { margin: 0 0 0.5rem; font-size: 2.5rem; }
|
|
|
|
|
.lead { font-size: 1.25rem; color: var(--muted); margin: 0 0 0.25rem; }
|
|
|
|
|
.host { color: var(--muted); margin: 0 0 3rem; }
|
|
|
|
|
.host code {
|
|
|
|
|
background: var(--card);
|
|
|
|
|
padding: 0.15rem 0.5rem;
|
|
|
|
|
border-radius: var(--r-sm);
|
|
|
|
|
color: var(--accent);
|
|
|
|
|
}
|
|
|
|
|
section h2 {
|
|
|
|
|
font-size: 1.1rem;
|
|
|
|
|
text-transform: uppercase;
|
|
|
|
|
letter-spacing: 0.1em;
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
margin: 2rem 0 1rem;
|
|
|
|
|
}
|
|
|
|
|
.tiles {
|
|
|
|
|
display: grid;
|
|
|
|
|
grid-template-columns: repeat(auto-fit, minmax(180px, 1fr));
|
|
|
|
|
gap: 1rem;
|
|
|
|
|
}
|
|
|
|
|
.tile {
|
|
|
|
|
background: var(--card);
|
|
|
|
|
padding: 1.25rem;
|
|
|
|
|
border-radius: var(--r-md);
|
|
|
|
|
display: flex;
|
|
|
|
|
flex-direction: column;
|
|
|
|
|
}
|
|
|
|
|
.tile .label {
|
|
|
|
|
font-size: 0.8rem;
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
text-transform: uppercase;
|
|
|
|
|
letter-spacing: 0.08em;
|
|
|
|
|
}
|
|
|
|
|
.tile .value { font-size: 1.25rem; margin-top: 0.5rem; }
|
|
|
|
|
.updated { font-size: 0.85rem; color: var(--muted); margin-top: 1rem; }
|
|
|
|
|
.soon {
|
|
|
|
|
background: var(--card);
|
|
|
|
|
padding: 1.5rem;
|
|
|
|
|
border-radius: var(--r-md);
|
|
|
|
|
margin-top: 2rem;
|
|
|
|
|
}
|
|
|
|
|
footer {
|
|
|
|
|
margin-top: 4rem;
|
|
|
|
|
padding-top: 1.5rem;
|
|
|
|
|
border-top: 1px solid var(--border);
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
font-size: 0.9rem;
|
|
|
|
|
}
|
|
|
|
|
footer a { color: var(--accent); }
|
|
|
|
|
|
|
|
|
|
/* -- Apps page ------------------------------------------------- */
|
|
|
|
|
h1 { font-size: 2rem; margin: 0; }
|
|
|
|
|
h2 {
|
|
|
|
|
font-size: 1rem;
|
|
|
|
|
text-transform: uppercase;
|
|
|
|
|
letter-spacing: 0.1em;
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
margin: 2rem 0 0.75rem;
|
|
|
|
|
}
|
|
|
|
|
.lede { color: var(--muted); margin: 0.25rem 0 1rem; }
|
|
|
|
|
.warn {
|
|
|
|
|
background: var(--warn);
|
|
|
|
|
padding: 1rem;
|
|
|
|
|
border-radius: var(--r-md);
|
|
|
|
|
margin: 1.5rem 0;
|
|
|
|
|
color: var(--warn-fg);
|
|
|
|
|
font-size: 0.9rem;
|
|
|
|
|
}
|
|
|
|
|
.app {
|
|
|
|
|
background: var(--card);
|
|
|
|
|
padding: 1rem;
|
|
|
|
|
border-radius: var(--r-md);
|
|
|
|
|
margin: 0.5rem 0;
|
|
|
|
|
display: flex;
|
|
|
|
|
justify-content: space-between;
|
|
|
|
|
align-items: center;
|
|
|
|
|
gap: 1rem;
|
|
|
|
|
box-shadow: var(--shadow-card);
|
|
|
|
|
}
|
|
|
|
|
.app .left {
|
|
|
|
|
display: flex;
|
|
|
|
|
align-items: center;
|
|
|
|
|
gap: 1rem;
|
|
|
|
|
min-width: 0;
|
|
|
|
|
flex: 1;
|
|
|
|
|
}
|
|
|
|
|
.meta { display: flex; flex-direction: column; min-width: 0; }
|
|
|
|
|
.name { font-weight: 600; font-size: 1.05rem; }
|
|
|
|
|
.name small { color: var(--muted); font-weight: 400; margin-left: 0.5rem; }
|
|
|
|
|
.desc {
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
font-size: 0.9rem;
|
|
|
|
|
overflow: hidden;
|
|
|
|
|
text-overflow: ellipsis;
|
|
|
|
|
}
|
|
|
|
|
.buttons {
|
|
|
|
|
display: flex;
|
|
|
|
|
gap: 0.5rem;
|
|
|
|
|
flex-wrap: wrap;
|
|
|
|
|
justify-content: flex-end;
|
|
|
|
|
}
|
2026-04-20 15:44:01 +02:00
|
|
|
button, .btn {
|
refactor(webinstaller): extract inline payload constants to furtka/assets/
Slice 1a of the self-update story. Every HTML/CSS/shell-script/systemd-
unit payload that used to live as a triple-quoted string constant inside
webinstaller/app.py now lives as a real file under furtka/assets/:
furtka/assets/Caddyfile
furtka/assets/VERSION (new — matches pyproject.toml)
furtka/assets/www/{index.html, settings/index.html, style.css, status.json}
furtka/assets/bin/{furtka-status, furtka-welcome}
furtka/assets/systemd/furtka-{api,reconcile,status,welcome}.service
furtka/assets/systemd/furtka-status.timer
The installer now pulls each file from disk via _read_asset(). Byte-for-
byte identical output at install time — a fresh-ISO install should land
the same files in the same places with the same contents, verified by
tests/test_webinstaller_assets.py which reconstructs each base64 blob
and asserts equality against the on-disk asset.
iso/build.sh also copies furtka/assets/ next to the webinstaller source
at /opt/furtka/assets on the live ISO so _resolve_assets_dir() finds
them with a "next to me" lookup. In dev the same function walks two
levels up to the repo copy, so pytest works without any env vars.
furtka-status.sh drops the /etc/furtka/version TODO — it now reads
/opt/furtka/VERSION directly, which Slice 1b will upgrade to
/opt/furtka/current/VERSION once the symlink layout lands.
_FURTKA_WRAPPER_SH (the 5-line /usr/local/bin/furtka shim) stays inline;
it's tiny and not asset-shaped.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 13:08:53 +02:00
|
|
|
background: var(--accent);
|
|
|
|
|
border: none;
|
|
|
|
|
color: var(--bg);
|
|
|
|
|
font-weight: 600;
|
|
|
|
|
padding: 0.5rem 1rem;
|
|
|
|
|
border-radius: var(--r-sm);
|
|
|
|
|
cursor: pointer;
|
|
|
|
|
white-space: nowrap;
|
|
|
|
|
font-size: 0.9rem;
|
|
|
|
|
font-family: inherit;
|
2026-04-20 15:44:01 +02:00
|
|
|
/* Anchor rendered-as-button: strip underline + keep the button's
|
|
|
|
|
rectangular hit area. `display: inline-flex` so an <a class="btn">
|
|
|
|
|
lines up vertically with its <button> siblings in .buttons. */
|
|
|
|
|
text-decoration: none;
|
|
|
|
|
display: inline-flex;
|
|
|
|
|
align-items: center;
|
refactor(webinstaller): extract inline payload constants to furtka/assets/
Slice 1a of the self-update story. Every HTML/CSS/shell-script/systemd-
unit payload that used to live as a triple-quoted string constant inside
webinstaller/app.py now lives as a real file under furtka/assets/:
furtka/assets/Caddyfile
furtka/assets/VERSION (new — matches pyproject.toml)
furtka/assets/www/{index.html, settings/index.html, style.css, status.json}
furtka/assets/bin/{furtka-status, furtka-welcome}
furtka/assets/systemd/furtka-{api,reconcile,status,welcome}.service
furtka/assets/systemd/furtka-status.timer
The installer now pulls each file from disk via _read_asset(). Byte-for-
byte identical output at install time — a fresh-ISO install should land
the same files in the same places with the same contents, verified by
tests/test_webinstaller_assets.py which reconstructs each base64 blob
and asserts equality against the on-disk asset.
iso/build.sh also copies furtka/assets/ next to the webinstaller source
at /opt/furtka/assets on the live ISO so _resolve_assets_dir() finds
them with a "next to me" lookup. In dev the same function walks two
levels up to the repo copy, so pytest works without any env vars.
furtka-status.sh drops the /etc/furtka/version TODO — it now reads
/opt/furtka/VERSION directly, which Slice 1b will upgrade to
/opt/furtka/current/VERSION once the symlink layout lands.
_FURTKA_WRAPPER_SH (the 5-line /usr/local/bin/furtka shim) stays inline;
it's tiny and not asset-shaped.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 13:08:53 +02:00
|
|
|
}
|
2026-04-20 15:44:01 +02:00
|
|
|
button.secondary, .btn.secondary {
|
refactor(webinstaller): extract inline payload constants to furtka/assets/
Slice 1a of the self-update story. Every HTML/CSS/shell-script/systemd-
unit payload that used to live as a triple-quoted string constant inside
webinstaller/app.py now lives as a real file under furtka/assets/:
furtka/assets/Caddyfile
furtka/assets/VERSION (new — matches pyproject.toml)
furtka/assets/www/{index.html, settings/index.html, style.css, status.json}
furtka/assets/bin/{furtka-status, furtka-welcome}
furtka/assets/systemd/furtka-{api,reconcile,status,welcome}.service
furtka/assets/systemd/furtka-status.timer
The installer now pulls each file from disk via _read_asset(). Byte-for-
byte identical output at install time — a fresh-ISO install should land
the same files in the same places with the same contents, verified by
tests/test_webinstaller_assets.py which reconstructs each base64 blob
and asserts equality against the on-disk asset.
iso/build.sh also copies furtka/assets/ next to the webinstaller source
at /opt/furtka/assets on the live ISO so _resolve_assets_dir() finds
them with a "next to me" lookup. In dev the same function walks two
levels up to the repo copy, so pytest works without any env vars.
furtka-status.sh drops the /etc/furtka/version TODO — it now reads
/opt/furtka/VERSION directly, which Slice 1b will upgrade to
/opt/furtka/current/VERSION once the symlink layout lands.
_FURTKA_WRAPPER_SH (the 5-line /usr/local/bin/furtka shim) stays inline;
it's tiny and not asset-shaped.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 13:08:53 +02:00
|
|
|
background: var(--card);
|
|
|
|
|
color: var(--fg);
|
|
|
|
|
border: 1px solid var(--border);
|
|
|
|
|
}
|
|
|
|
|
button.danger { background: var(--danger); color: #fff; }
|
|
|
|
|
button:disabled { opacity: 0.5; cursor: wait; }
|
2026-04-20 15:44:01 +02:00
|
|
|
button:focus-visible, .btn:focus-visible { outline: none; box-shadow: var(--ring); }
|
refactor(webinstaller): extract inline payload constants to furtka/assets/
Slice 1a of the self-update story. Every HTML/CSS/shell-script/systemd-
unit payload that used to live as a triple-quoted string constant inside
webinstaller/app.py now lives as a real file under furtka/assets/:
furtka/assets/Caddyfile
furtka/assets/VERSION (new — matches pyproject.toml)
furtka/assets/www/{index.html, settings/index.html, style.css, status.json}
furtka/assets/bin/{furtka-status, furtka-welcome}
furtka/assets/systemd/furtka-{api,reconcile,status,welcome}.service
furtka/assets/systemd/furtka-status.timer
The installer now pulls each file from disk via _read_asset(). Byte-for-
byte identical output at install time — a fresh-ISO install should land
the same files in the same places with the same contents, verified by
tests/test_webinstaller_assets.py which reconstructs each base64 blob
and asserts equality against the on-disk asset.
iso/build.sh also copies furtka/assets/ next to the webinstaller source
at /opt/furtka/assets on the live ISO so _resolve_assets_dir() finds
them with a "next to me" lookup. In dev the same function walks two
levels up to the repo copy, so pytest works without any env vars.
furtka-status.sh drops the /etc/furtka/version TODO — it now reads
/opt/furtka/VERSION directly, which Slice 1b will upgrade to
/opt/furtka/current/VERSION once the symlink layout lands.
_FURTKA_WRAPPER_SH (the 5-line /usr/local/bin/furtka shim) stays inline;
it's tiny and not asset-shaped.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 13:08:53 +02:00
|
|
|
.empty { color: var(--muted); font-style: italic; padding: 0.5rem 0; }
|
feat(catalog): on-box apps catalog synced independently of core version
New `furtka catalog sync` pulls the latest daniel/furtka-apps release,
verifies its sha256, extracts under /var/lib/furtka/catalog/, and
atomically swaps into place — so apps can ship without cutting a new
Furtka core release. A daily timer (furtka-catalog-sync.timer, 10 min
post-boot + 24 h with ±6 h jitter) drives the sync; /apps gets a
manual "Sync apps catalog" button that kicks the same code path via a
detached systemd-run unit.
Layout of the new on-box tree:
/var/lib/furtka/catalog/ synced catalog (survives self-updates)
├── VERSION
└── apps/<name>/ ...
/var/lib/furtka/catalog-state.json sync stage + last version, UI-polled
/run/furtka/catalog.lock flock so timer + manual click can't race
Resolver precedence (furtka/sources.py): catalog wins over the bundled
seed (/opt/furtka/current/apps/, carried by the core release for offline
first-boot). Installed apps under /var/lib/furtka/apps/ are never auto-
swapped — user clicks Reinstall to move an existing install onto a
newer catalog version; settings merge-preserved via the existing
installer.install_from path.
New files:
- furtka/_release_common.py — shared Forgejo/tarball primitives lifted
from furtka/updater.py. Both modules now import from here; updater's
behaviour and public API unchanged.
- furtka/catalog.py — check_catalog(), sync_catalog() with staging +
manifest validation + atomic rename. Refuses bad sha256 / broken
manifests and leaves the live catalog intact on any failure path.
- furtka/sources.py — resolve_app_name() / list_available() abstraction
used by installer.resolve_source and api._list_available.
- assets/systemd/furtka-catalog-sync.{service,timer} — oneshot service
+ daily timer. Timer auto-enables on self-update via a one-line
addition to _link_new_units (fresh installs get enabled via the
webinstaller's _FURTKA_UNITS list).
API + UI:
- /api/bundled renamed internally to _list_available; endpoint stays as
a backcompat alias; /api/apps/available is the new canonical name.
Each list entry carries a `source` field ("catalog" | "bundled").
- POST /api/catalog/sync/check + /apply + GET /api/catalog/status.
- /apps page grows a catalog-status row + Sync button; poll loop
mirrors the Furtka self-update flow.
CLI: `furtka catalog sync [--check]` + `furtka catalog status` (both
support --json). Old `furtka app install` / `reconcile` / `update` /
`rollback` surfaces are unchanged.
Test gate: 194/170 baseline + 24 new tests covering catalog sync
(happy path, sha256 mismatch, invalid manifest, lock contention,
preserves-on-failure) + resolver precedence + api renames. ruff
check + format clean.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-20 14:16:02 +02:00
|
|
|
.catalog-row {
|
|
|
|
|
display: flex;
|
|
|
|
|
justify-content: space-between;
|
|
|
|
|
align-items: center;
|
|
|
|
|
flex-wrap: wrap;
|
|
|
|
|
gap: 0.75rem;
|
|
|
|
|
padding: 0.5rem 0 0.75rem;
|
|
|
|
|
}
|
|
|
|
|
.catalog-state {
|
|
|
|
|
margin: 0;
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
font-size: 0.9rem;
|
|
|
|
|
}
|
|
|
|
|
.catalog-stage.pending {
|
|
|
|
|
color: var(--fg);
|
|
|
|
|
font-style: italic;
|
|
|
|
|
}
|
refactor(webinstaller): extract inline payload constants to furtka/assets/
Slice 1a of the self-update story. Every HTML/CSS/shell-script/systemd-
unit payload that used to live as a triple-quoted string constant inside
webinstaller/app.py now lives as a real file under furtka/assets/:
furtka/assets/Caddyfile
furtka/assets/VERSION (new — matches pyproject.toml)
furtka/assets/www/{index.html, settings/index.html, style.css, status.json}
furtka/assets/bin/{furtka-status, furtka-welcome}
furtka/assets/systemd/furtka-{api,reconcile,status,welcome}.service
furtka/assets/systemd/furtka-status.timer
The installer now pulls each file from disk via _read_asset(). Byte-for-
byte identical output at install time — a fresh-ISO install should land
the same files in the same places with the same contents, verified by
tests/test_webinstaller_assets.py which reconstructs each base64 blob
and asserts equality against the on-disk asset.
iso/build.sh also copies furtka/assets/ next to the webinstaller source
at /opt/furtka/assets on the live ISO so _resolve_assets_dir() finds
them with a "next to me" lookup. In dev the same function walks two
levels up to the repo copy, so pytest works without any env vars.
furtka-status.sh drops the /etc/furtka/version TODO — it now reads
/opt/furtka/VERSION directly, which Slice 1b will upgrade to
/opt/furtka/current/VERSION once the symlink layout lands.
_FURTKA_WRAPPER_SH (the 5-line /usr/local/bin/furtka shim) stays inline;
it's tiny and not asset-shaped.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 13:08:53 +02:00
|
|
|
pre {
|
|
|
|
|
background: var(--card);
|
|
|
|
|
padding: 1rem;
|
|
|
|
|
border-radius: var(--r-md);
|
|
|
|
|
overflow-x: auto;
|
|
|
|
|
font-size: 0.85rem;
|
|
|
|
|
white-space: pre-wrap;
|
|
|
|
|
word-wrap: break-word;
|
|
|
|
|
}
|
|
|
|
|
details.log-details {
|
|
|
|
|
margin-top: 0.25rem;
|
|
|
|
|
}
|
|
|
|
|
details.log-details > summary {
|
|
|
|
|
cursor: pointer;
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
font-size: 0.9rem;
|
|
|
|
|
padding: 0.25rem 0;
|
|
|
|
|
user-select: none;
|
|
|
|
|
}
|
|
|
|
|
details.log-details[open] > summary { color: var(--fg); }
|
|
|
|
|
|
|
|
|
|
/* Modal */
|
|
|
|
|
.modal-backdrop {
|
|
|
|
|
position: fixed;
|
|
|
|
|
inset: 0;
|
|
|
|
|
background: rgba(0, 0, 0, 0.6);
|
|
|
|
|
display: none;
|
|
|
|
|
align-items: flex-start;
|
|
|
|
|
justify-content: center;
|
|
|
|
|
padding: 2rem 1rem;
|
|
|
|
|
overflow-y: auto;
|
|
|
|
|
z-index: 10;
|
|
|
|
|
}
|
|
|
|
|
.modal-backdrop.open { display: flex; }
|
|
|
|
|
.modal {
|
|
|
|
|
background: var(--card);
|
|
|
|
|
border-radius: var(--r-md);
|
|
|
|
|
padding: 1.5rem;
|
|
|
|
|
max-width: 520px;
|
|
|
|
|
width: 100%;
|
|
|
|
|
}
|
|
|
|
|
.modal h3 { margin: 0 0 0.5rem; font-size: 1.3rem; }
|
|
|
|
|
.modal .long {
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
font-size: 0.9rem;
|
|
|
|
|
margin-bottom: 1.25rem;
|
|
|
|
|
white-space: pre-wrap;
|
|
|
|
|
}
|
|
|
|
|
.field { margin-bottom: 1rem; }
|
|
|
|
|
.field label {
|
|
|
|
|
display: block;
|
|
|
|
|
font-weight: 600;
|
|
|
|
|
margin-bottom: 0.25rem;
|
|
|
|
|
font-size: 0.95rem;
|
|
|
|
|
}
|
|
|
|
|
.field .hint { color: var(--muted); font-size: 0.85rem; margin-bottom: 0.35rem; }
|
|
|
|
|
.field input {
|
|
|
|
|
width: 100%;
|
|
|
|
|
background: var(--bg);
|
|
|
|
|
color: var(--fg);
|
|
|
|
|
border: 1px solid var(--border);
|
|
|
|
|
border-radius: var(--r-sm);
|
|
|
|
|
padding: 0.5rem 0.6rem;
|
|
|
|
|
font-size: 0.95rem;
|
|
|
|
|
font-family: inherit;
|
|
|
|
|
}
|
|
|
|
|
.field input:focus { outline: 2px solid var(--accent); outline-offset: -1px; }
|
|
|
|
|
.field .req { color: var(--danger); margin-left: 0.25rem; }
|
feat(auth): login-guard the Furtka UI with a cookie session
One-admin, one-password model — all of /apps, /api/*, /, and
/settings/ now require a signed-in session. Passwords are werkzeug
PBKDF2-hashed in /var/lib/furtka/users.json (mode 0600, atomic write
via the same .tmp+chmod+rename dance installer.write_env uses).
Sessions are secrets.token_urlsafe(32) tokens held in a module-level
SessionStore dict (thread-safe lock included for when we swap to
ThreadingHTTPServer). Cookies are HttpOnly, SameSite=Strict, and
Path=/, with Secure set when X-Forwarded-Proto from Caddy says HTTPS.
Two bootstrap paths:
* Fresh install — webinstaller step-1 collects Linux user + password,
the chroot post-install step hashes the password and writes
users.json on the target partition. First browser visit lands on
/login with the account already present.
* Upgrade from 26.10-alpha — no users.json yet, so /login detects
setup_needed() and renders a first-run setup form. POST creates
the admin and immediately logs in.
POST /logout revokes the server session and clears the cookie.
Unauthenticated HTML requests 302 to /login; unauthenticated API
requests 401 JSON so fetch() callers see a clean error. A sleep(0.5)
on failed logins is the brute-force speed bump on top of werkzeug's
~600k-iter PBKDF2.
Caddyfile gains /login* and /logout* handle blocks in the shared
furtka_routes snippet so both :80 and the HTTPS hostname block
forward the auth endpoints to localhost:7000. Without this Caddy
would 404 from the static file server.
Test surface:
* tests/test_auth.py (new, 19 cases): hash roundtrip, users.json
I/O, session create/lookup/expire/revoke.
* tests/test_api.py: new admin_session fixture; existing HTTP
tests updated to send the cookie; new tests cover login setup,
login success, wrong-password 401, logout revocation, and the
guard's 302/401 split.
* tests/test_webinstaller_assets.py: new case that unpacks the
users.json _write_file_cmd body and verifies the werkzeug hash
round-trips against the step-1 password.
Bumped version to 26.11-alpha and rolled CHANGELOG. Also folded in
the ruff-format fix that was pending from 26.10-alpha's lint red.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 13:01:17 +02:00
|
|
|
.modal .error,
|
|
|
|
|
.login-wrap .error {
|
refactor(webinstaller): extract inline payload constants to furtka/assets/
Slice 1a of the self-update story. Every HTML/CSS/shell-script/systemd-
unit payload that used to live as a triple-quoted string constant inside
webinstaller/app.py now lives as a real file under furtka/assets/:
furtka/assets/Caddyfile
furtka/assets/VERSION (new — matches pyproject.toml)
furtka/assets/www/{index.html, settings/index.html, style.css, status.json}
furtka/assets/bin/{furtka-status, furtka-welcome}
furtka/assets/systemd/furtka-{api,reconcile,status,welcome}.service
furtka/assets/systemd/furtka-status.timer
The installer now pulls each file from disk via _read_asset(). Byte-for-
byte identical output at install time — a fresh-ISO install should land
the same files in the same places with the same contents, verified by
tests/test_webinstaller_assets.py which reconstructs each base64 blob
and asserts equality against the on-disk asset.
iso/build.sh also copies furtka/assets/ next to the webinstaller source
at /opt/furtka/assets on the live ISO so _resolve_assets_dir() finds
them with a "next to me" lookup. In dev the same function walks two
levels up to the repo copy, so pytest works without any env vars.
furtka-status.sh drops the /etc/furtka/version TODO — it now reads
/opt/furtka/VERSION directly, which Slice 1b will upgrade to
/opt/furtka/current/VERSION once the symlink layout lands.
_FURTKA_WRAPPER_SH (the 5-line /usr/local/bin/furtka shim) stays inline;
it's tiny and not asset-shaped.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 13:08:53 +02:00
|
|
|
background: var(--warn);
|
|
|
|
|
color: var(--warn-fg);
|
|
|
|
|
padding: 0.5rem 0.75rem;
|
|
|
|
|
border-radius: var(--r-sm);
|
|
|
|
|
margin-bottom: 1rem;
|
|
|
|
|
font-size: 0.9rem;
|
|
|
|
|
display: none;
|
|
|
|
|
}
|
feat(auth): login-guard the Furtka UI with a cookie session
One-admin, one-password model — all of /apps, /api/*, /, and
/settings/ now require a signed-in session. Passwords are werkzeug
PBKDF2-hashed in /var/lib/furtka/users.json (mode 0600, atomic write
via the same .tmp+chmod+rename dance installer.write_env uses).
Sessions are secrets.token_urlsafe(32) tokens held in a module-level
SessionStore dict (thread-safe lock included for when we swap to
ThreadingHTTPServer). Cookies are HttpOnly, SameSite=Strict, and
Path=/, with Secure set when X-Forwarded-Proto from Caddy says HTTPS.
Two bootstrap paths:
* Fresh install — webinstaller step-1 collects Linux user + password,
the chroot post-install step hashes the password and writes
users.json on the target partition. First browser visit lands on
/login with the account already present.
* Upgrade from 26.10-alpha — no users.json yet, so /login detects
setup_needed() and renders a first-run setup form. POST creates
the admin and immediately logs in.
POST /logout revokes the server session and clears the cookie.
Unauthenticated HTML requests 302 to /login; unauthenticated API
requests 401 JSON so fetch() callers see a clean error. A sleep(0.5)
on failed logins is the brute-force speed bump on top of werkzeug's
~600k-iter PBKDF2.
Caddyfile gains /login* and /logout* handle blocks in the shared
furtka_routes snippet so both :80 and the HTTPS hostname block
forward the auth endpoints to localhost:7000. Without this Caddy
would 404 from the static file server.
Test surface:
* tests/test_auth.py (new, 19 cases): hash roundtrip, users.json
I/O, session create/lookup/expire/revoke.
* tests/test_api.py: new admin_session fixture; existing HTTP
tests updated to send the cookie; new tests cover login setup,
login success, wrong-password 401, logout revocation, and the
guard's 302/401 split.
* tests/test_webinstaller_assets.py: new case that unpacks the
users.json _write_file_cmd body and verifies the werkzeug hash
round-trips against the step-1 password.
Bumped version to 26.11-alpha and rolled CHANGELOG. Also folded in
the ruff-format fix that was pending from 26.10-alpha's lint red.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 13:01:17 +02:00
|
|
|
.modal .error.show,
|
|
|
|
|
.login-wrap .error.show { display: block; }
|
|
|
|
|
|
|
|
|
|
/* Login + first-run setup page. Shares .wrap's max-width so the form
|
|
|
|
|
sits in the same column the rest of the app uses, just without the
|
|
|
|
|
Home/Apps/Settings nav. A bit of top padding so the H1 isn't glued
|
|
|
|
|
to the viewport edge. */
|
|
|
|
|
.login-wrap { padding-top: 3rem; }
|
|
|
|
|
.login-wrap .actions { margin-top: 0.5rem; }
|
refactor(webinstaller): extract inline payload constants to furtka/assets/
Slice 1a of the self-update story. Every HTML/CSS/shell-script/systemd-
unit payload that used to live as a triple-quoted string constant inside
webinstaller/app.py now lives as a real file under furtka/assets/:
furtka/assets/Caddyfile
furtka/assets/VERSION (new — matches pyproject.toml)
furtka/assets/www/{index.html, settings/index.html, style.css, status.json}
furtka/assets/bin/{furtka-status, furtka-welcome}
furtka/assets/systemd/furtka-{api,reconcile,status,welcome}.service
furtka/assets/systemd/furtka-status.timer
The installer now pulls each file from disk via _read_asset(). Byte-for-
byte identical output at install time — a fresh-ISO install should land
the same files in the same places with the same contents, verified by
tests/test_webinstaller_assets.py which reconstructs each base64 blob
and asserts equality against the on-disk asset.
iso/build.sh also copies furtka/assets/ next to the webinstaller source
at /opt/furtka/assets on the live ISO so _resolve_assets_dir() finds
them with a "next to me" lookup. In dev the same function walks two
levels up to the repo copy, so pytest works without any env vars.
furtka-status.sh drops the /etc/furtka/version TODO — it now reads
/opt/furtka/VERSION directly, which Slice 1b will upgrade to
/opt/furtka/current/VERSION once the symlink layout lands.
_FURTKA_WRAPPER_SH (the 5-line /usr/local/bin/furtka shim) stays inline;
it's tiny and not asset-shaped.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 13:08:53 +02:00
|
|
|
.modal-actions {
|
|
|
|
|
display: flex;
|
|
|
|
|
justify-content: flex-end;
|
|
|
|
|
gap: 0.5rem;
|
|
|
|
|
margin-top: 0.5rem;
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-16 13:44:34 +02:00
|
|
|
/* Row of buttons beneath a card — used by the Furtka updates card on
|
|
|
|
|
/settings. Left-aligned, wraps on narrow screens. */
|
2026-04-20 15:54:58 +02:00
|
|
|
.update-actions,
|
|
|
|
|
.power-actions {
|
2026-04-16 13:44:34 +02:00
|
|
|
display: flex;
|
|
|
|
|
gap: 0.5rem;
|
|
|
|
|
flex-wrap: wrap;
|
|
|
|
|
margin-top: 1rem;
|
2026-04-17 12:19:06 +02:00
|
|
|
align-items: center;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Inline link rendered alongside a button (e.g. next to "Download CA"
|
|
|
|
|
on /settings). No button chrome — just accent colour + underline on
|
|
|
|
|
hover — so the distinction between primary action and secondary
|
|
|
|
|
resource stays visually clear. */
|
|
|
|
|
.inline-link {
|
|
|
|
|
color: var(--accent);
|
|
|
|
|
text-decoration: none;
|
|
|
|
|
font-size: 0.9rem;
|
|
|
|
|
}
|
|
|
|
|
.inline-link:hover { text-decoration: underline; }
|
|
|
|
|
|
|
|
|
|
/* Checkbox + label row for the /settings HTTPS-force toggle. */
|
|
|
|
|
.https-toggle {
|
|
|
|
|
display: flex;
|
|
|
|
|
align-items: center;
|
|
|
|
|
gap: 0.55rem;
|
|
|
|
|
margin-top: 1rem;
|
|
|
|
|
font-size: 0.95rem;
|
|
|
|
|
cursor: pointer;
|
2026-04-16 13:44:34 +02:00
|
|
|
}
|
2026-04-17 12:19:06 +02:00
|
|
|
.https-toggle input { cursor: pointer; }
|
2026-04-16 13:44:34 +02:00
|
|
|
|
refactor(webinstaller): extract inline payload constants to furtka/assets/
Slice 1a of the self-update story. Every HTML/CSS/shell-script/systemd-
unit payload that used to live as a triple-quoted string constant inside
webinstaller/app.py now lives as a real file under furtka/assets/:
furtka/assets/Caddyfile
furtka/assets/VERSION (new — matches pyproject.toml)
furtka/assets/www/{index.html, settings/index.html, style.css, status.json}
furtka/assets/bin/{furtka-status, furtka-welcome}
furtka/assets/systemd/furtka-{api,reconcile,status,welcome}.service
furtka/assets/systemd/furtka-status.timer
The installer now pulls each file from disk via _read_asset(). Byte-for-
byte identical output at install time — a fresh-ISO install should land
the same files in the same places with the same contents, verified by
tests/test_webinstaller_assets.py which reconstructs each base64 blob
and asserts equality against the on-disk asset.
iso/build.sh also copies furtka/assets/ next to the webinstaller source
at /opt/furtka/assets on the live ISO so _resolve_assets_dir() finds
them with a "next to me" lookup. In dev the same function walks two
levels up to the repo copy, so pytest works without any env vars.
furtka-status.sh drops the /etc/furtka/version TODO — it now reads
/opt/furtka/VERSION directly, which Slice 1b will upgrade to
/opt/furtka/current/VERSION once the symlink layout lands.
_FURTKA_WRAPPER_SH (the 5-line /usr/local/bin/furtka shim) stays inline;
it's tiny and not asset-shaped.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 13:08:53 +02:00
|
|
|
/* -- Shared primitives for later slices ------------------------ */
|
|
|
|
|
.chip {
|
|
|
|
|
display: inline-block;
|
|
|
|
|
background: var(--card);
|
|
|
|
|
color: var(--accent);
|
|
|
|
|
padding: 0.15rem 0.6rem;
|
|
|
|
|
border-radius: var(--r-pill);
|
|
|
|
|
font-size: 0.8rem;
|
|
|
|
|
font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
|
|
|
|
|
}
|
|
|
|
|
.chip-muted { color: var(--muted); }
|
|
|
|
|
|
|
|
|
|
.card {
|
|
|
|
|
background: var(--card);
|
|
|
|
|
padding: 1.25rem;
|
|
|
|
|
border-radius: var(--r-md);
|
|
|
|
|
box-shadow: var(--shadow-card);
|
|
|
|
|
}
|
|
|
|
|
.card + .card { margin-top: 1rem; }
|
|
|
|
|
.card h3 { margin: 0 0 0.75rem; font-size: 1.05rem; }
|
|
|
|
|
|
|
|
|
|
.kv {
|
|
|
|
|
display: grid;
|
|
|
|
|
grid-template-columns: max-content 1fr;
|
|
|
|
|
column-gap: 1.25rem;
|
|
|
|
|
row-gap: 0.4rem;
|
|
|
|
|
font-size: 0.95rem;
|
|
|
|
|
}
|
|
|
|
|
.kv dt { color: var(--muted); }
|
2026-04-20 13:41:33 +02:00
|
|
|
.kv dd {
|
|
|
|
|
margin: 0;
|
|
|
|
|
color: var(--fg);
|
|
|
|
|
font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
|
|
|
|
|
/* Grid items default to min-width: auto (= content width), so a long
|
|
|
|
|
unbreakable value like a SHA-256 fingerprint would push past the
|
|
|
|
|
card. min-width: 0 lets the 1fr track enforce the column width, and
|
|
|
|
|
overflow-wrap: anywhere gives the colon-separated hex string valid
|
|
|
|
|
break opportunities. */
|
|
|
|
|
min-width: 0;
|
|
|
|
|
overflow-wrap: anywhere;
|
|
|
|
|
}
|
refactor(webinstaller): extract inline payload constants to furtka/assets/
Slice 1a of the self-update story. Every HTML/CSS/shell-script/systemd-
unit payload that used to live as a triple-quoted string constant inside
webinstaller/app.py now lives as a real file under furtka/assets/:
furtka/assets/Caddyfile
furtka/assets/VERSION (new — matches pyproject.toml)
furtka/assets/www/{index.html, settings/index.html, style.css, status.json}
furtka/assets/bin/{furtka-status, furtka-welcome}
furtka/assets/systemd/furtka-{api,reconcile,status,welcome}.service
furtka/assets/systemd/furtka-status.timer
The installer now pulls each file from disk via _read_asset(). Byte-for-
byte identical output at install time — a fresh-ISO install should land
the same files in the same places with the same contents, verified by
tests/test_webinstaller_assets.py which reconstructs each base64 blob
and asserts equality against the on-disk asset.
iso/build.sh also copies furtka/assets/ next to the webinstaller source
at /opt/furtka/assets on the live ISO so _resolve_assets_dir() finds
them with a "next to me" lookup. In dev the same function walks two
levels up to the repo copy, so pytest works without any env vars.
furtka-status.sh drops the /etc/furtka/version TODO — it now reads
/opt/furtka/VERSION directly, which Slice 1b will upgrade to
/opt/furtka/current/VERSION once the symlink layout lands.
_FURTKA_WRAPPER_SH (the 5-line /usr/local/bin/furtka shim) stays inline;
it's tiny and not asset-shaped.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 13:08:53 +02:00
|
|
|
|
|
|
|
|
.coming {
|
|
|
|
|
display: flex;
|
|
|
|
|
flex-wrap: wrap;
|
|
|
|
|
gap: 0.5rem;
|
|
|
|
|
margin-top: 0.5rem;
|
|
|
|
|
}
|
|
|
|
|
.coming a {
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
text-decoration: none;
|
|
|
|
|
padding: 0.3rem 0.8rem;
|
|
|
|
|
border-radius: var(--r-pill);
|
|
|
|
|
border: 1px solid var(--border);
|
|
|
|
|
font-size: 0.85rem;
|
|
|
|
|
}
|
|
|
|
|
.coming a:hover { color: var(--fg); border-color: var(--accent); }
|
|
|
|
|
.coming .hint {
|
|
|
|
|
color: var(--muted);
|
|
|
|
|
font-size: 0.85rem;
|
|
|
|
|
width: 100%;
|
|
|
|
|
margin: 0 0 0.25rem;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
.grid-apps {
|
|
|
|
|
display: grid;
|
|
|
|
|
grid-template-columns: repeat(auto-fill, minmax(150px, 1fr));
|
|
|
|
|
gap: 0.75rem;
|
|
|
|
|
}
|
|
|
|
|
.app-tile {
|
|
|
|
|
background: var(--bg);
|
|
|
|
|
border: 1px solid var(--border);
|
|
|
|
|
border-radius: var(--r-md);
|
|
|
|
|
padding: 1rem;
|
|
|
|
|
display: flex;
|
|
|
|
|
flex-direction: column;
|
|
|
|
|
gap: 0.5rem;
|
|
|
|
|
align-items: flex-start;
|
|
|
|
|
text-decoration: none;
|
|
|
|
|
color: var(--fg);
|
|
|
|
|
transition: border-color 120ms, background 120ms;
|
|
|
|
|
}
|
|
|
|
|
.app-tile:hover { border-color: var(--accent); background: var(--card-hover); }
|
|
|
|
|
.app-tile .icon {
|
|
|
|
|
width: 40px;
|
|
|
|
|
height: 40px;
|
|
|
|
|
color: var(--accent);
|
|
|
|
|
display: flex;
|
|
|
|
|
align-items: center;
|
|
|
|
|
justify-content: center;
|
|
|
|
|
}
|
|
|
|
|
.app-tile .icon svg { width: 100%; height: 100%; }
|
|
|
|
|
.app-tile .name { font-weight: 600; font-size: 0.95rem; }
|
|
|
|
|
.app-tile .cta { color: var(--accent); font-size: 0.85rem; }
|
|
|
|
|
|
|
|
|
|
/* Icon slot inside a /apps row. The app icon inherits currentColor
|
|
|
|
|
so a folder path rendered with fill="currentColor" picks up the
|
|
|
|
|
accent, while a nested <path> using stroke="var(--accent)" still
|
|
|
|
|
gets the brand color. */
|
|
|
|
|
.app-icon {
|
|
|
|
|
width: 56px;
|
|
|
|
|
height: 56px;
|
|
|
|
|
flex-shrink: 0;
|
|
|
|
|
background: var(--accent-soft);
|
|
|
|
|
border-radius: var(--r-md);
|
|
|
|
|
display: flex;
|
|
|
|
|
align-items: center;
|
|
|
|
|
justify-content: center;
|
|
|
|
|
color: var(--accent);
|
|
|
|
|
}
|
|
|
|
|
.app-icon svg { width: 36px; height: 36px; }
|