diff --git a/README.md b/README.md index 58c2e80..4dedb2e 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ silo/ │ ├── silo/ # CLI tool │ └── silod/ # API server ├── internal/ -│ ├── api/ # HTTP handlers and routes (75 endpoints) +│ ├── api/ # HTTP handlers and routes (78 endpoints) │ ├── auth/ # Authentication (local, LDAP, OIDC) │ ├── config/ # Configuration loading │ ├── db/ # PostgreSQL repositories diff --git a/ROADMAP.md b/ROADMAP.md index 4f28134..dc6db61 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -39,7 +39,7 @@ This document compares Silo's current capabilities against SOLIDWORKS PDM—the ### Implemented Features (MVP Complete) #### Core Database System -- PostgreSQL schema with 11 migrations +- PostgreSQL schema with 13 migrations - UUID-based identifiers throughout - Soft delete support via `archived_at` timestamps - Atomic sequence generation for part numbers @@ -92,7 +92,7 @@ This document compares Silo's current capabilities against SOLIDWORKS PDM—the - Template generation for import formatting #### API & Web Interface -- REST API with 75 endpoints +- REST API with 78 endpoints - Authentication: local (bcrypt), LDAP/FreeIPA, OIDC/Keycloak - Role-based access control (admin > editor > viewer) - API token management (SHA-256 hashed) @@ -129,7 +129,7 @@ This document compares Silo's current capabilities against SOLIDWORKS PDM—the | Component | Status | |-----------|--------| -| PostgreSQL | Running (psql.kindred.internal) | +| PostgreSQL | Running (psql.example.internal) | | MinIO | Configured in Docker Compose | | Silo API Server | Builds successfully | | Docker Compose | Complete (dev and production) | @@ -255,14 +255,14 @@ CAD integration is maintained in separate repositories ([silo-mod](https://git.k | Feature | SOLIDWORKS PDM | Silo Status | Priority | Complexity | |---------|---------------|-------------|----------|------------| | ERP integration | SAP, Dynamics, etc. | Partial (Odoo stubs) | Medium | Complex | -| API access | Full COM/REST API | Full REST API (75 endpoints) | - | - | +| API access | Full COM/REST API | Full REST API (78 endpoints) | - | - | | Dispatch scripts | Automation without coding | None | Medium | Moderate | | Task scheduler | Background processing | None | Medium | Moderate | | Email system | SMTP integration | None | High | Simple | | Web portal | Browser access | Full (React SPA + auth) | - | - | **Gap Analysis:** -Silo has a comprehensive REST API (75 endpoints) and a full web UI with authentication. Odoo ERP integration has config/sync-log scaffolding but push/pull operations are stubs. Remaining gaps: email notifications, task scheduler, dispatch automation. +Silo has a comprehensive REST API (78 endpoints) and a full web UI with authentication. Odoo ERP integration has config/sync-log scaffolding but push/pull operations are stubs. Remaining gaps: email notifications, task scheduler, dispatch automation. --- diff --git a/cmd/silo/main.go b/cmd/silo/main.go index 546ceb3..36c6c7d 100644 --- a/cmd/silo/main.go +++ b/cmd/silo/main.go @@ -66,7 +66,7 @@ Token subcommands: silo token revoke Revoke a token Environment variables for API access: - SILO_API_URL Base URL of the Silo server (e.g., https://silo.kindred.internal) + SILO_API_URL Base URL of the Silo server (e.g., https://silo.example.internal) SILO_API_TOKEN API token for authentication Examples: diff --git a/config.example.yaml b/config.example.yaml index c9089c6..ec8677a 100644 --- a/config.example.yaml +++ b/config.example.yaml @@ -8,7 +8,7 @@ server: # read_only: false # Reject all write operations; toggle at runtime with SIGUSR1 database: - host: "psql.kindred.internal" + host: "psql.example.internal" port: 5432 name: "silo" user: "silo" @@ -17,7 +17,7 @@ database: max_connections: 10 storage: - endpoint: "minio.kindred.internal:9000" + endpoint: "minio.example.internal:9000" access_key: "" # Use SILO_MINIO_ACCESS_KEY env var secret_key: "" # Use SILO_MINIO_SECRET_KEY env var bucket: "silo-files" @@ -53,7 +53,7 @@ auth: # LDAP / FreeIPA ldap: enabled: false - url: "ldaps://ipa.kindred.internal" + url: "ldaps://ipa.example.internal" base_dn: "dc=kindred,dc=internal" user_search_dn: "cn=users,cn=accounts,dc=kindred,dc=internal" # Optional service account for user search (omit for direct user bind) @@ -77,10 +77,10 @@ auth: # OIDC / Keycloak oidc: enabled: false - issuer_url: "https://keycloak.kindred.internal/realms/silo" + issuer_url: "https://keycloak.example.internal/realms/silo" client_id: "silo" client_secret: "" # Use SILO_OIDC_CLIENT_SECRET env var - redirect_url: "https://silo.kindred.internal/auth/callback" + redirect_url: "https://silo.example.internal/auth/callback" scopes: ["openid", "profile", "email"] # Map Keycloak realm roles to Silo roles admin_role: "silo-admin" @@ -90,4 +90,4 @@ auth: # CORS origins (locked down when auth is enabled) cors: allowed_origins: - - "https://silo.kindred.internal" + - "https://silo.example.internal" diff --git a/deployments/config.prod.yaml b/deployments/config.prod.yaml index cd0508c..fefaf38 100644 --- a/deployments/config.prod.yaml +++ b/deployments/config.prod.yaml @@ -1,7 +1,7 @@ # Silo Production Configuration # Single-binary deployment: silod serves API + React SPA # -# Layout on silo.kindred.internal: +# Layout on silo.example.internal: # /opt/silo/bin/silod - server binary # /opt/silo/web/dist/ - built React frontend (served automatically) # /opt/silo/schemas/ - part number schemas @@ -18,10 +18,10 @@ server: host: "0.0.0.0" port: 8080 - base_url: "https://silo.kindred.internal" + base_url: "https://silo.example.internal" database: - host: "psql.kindred.internal" + host: "psql.example.internal" port: 5432 name: "silo" user: "silo" @@ -30,7 +30,7 @@ database: max_connections: 20 storage: - endpoint: "minio.kindred.internal:9000" + endpoint: "minio.example.internal:9000" access_key: "" # Set via SILO_MINIO_ACCESS_KEY secret_key: "" # Set via SILO_MINIO_SECRET_KEY bucket: "silo-files" @@ -53,7 +53,7 @@ auth: default_admin_password: "" # Set via SILO_ADMIN_PASSWORD ldap: enabled: true - url: "ldaps://ipa.kindred.internal" + url: "ldaps://ipa.example.internal" base_dn: "dc=kindred,dc=internal" user_search_dn: "cn=users,cn=accounts,dc=kindred,dc=internal" user_attr: "uid" @@ -73,4 +73,4 @@ auth: enabled: false cors: allowed_origins: - - "https://silo.kindred.internal" + - "https://silo.example.internal" diff --git a/deployments/docker-compose.prod.yaml b/deployments/docker-compose.prod.yaml index 104c54b..b540e85 100644 --- a/deployments/docker-compose.prod.yaml +++ b/deployments/docker-compose.prod.yaml @@ -1,5 +1,5 @@ # Production Docker Compose for Silo -# Uses external PostgreSQL (psql.kindred.internal) and MinIO (minio.kindred.internal) +# Uses external PostgreSQL (psql.example.internal) and MinIO (minio.example.internal) # # Usage: # export SILO_DB_PASSWORD= @@ -15,23 +15,23 @@ services: container_name: silod restart: unless-stopped environment: - # Database connection (psql.kindred.internal) - SILO_DB_HOST: psql.kindred.internal + # Database connection (psql.example.internal) + SILO_DB_HOST: psql.example.internal SILO_DB_PORT: 5432 SILO_DB_NAME: silo SILO_DB_USER: silo SILO_DB_PASSWORD: ${SILO_DB_PASSWORD:?Database password required} SILO_DB_SSLMODE: require - # MinIO storage (minio.kindred.internal) - SILO_MINIO_ENDPOINT: minio.kindred.internal:9000 + # MinIO storage (minio.example.internal) + SILO_MINIO_ENDPOINT: minio.example.internal:9000 SILO_MINIO_ACCESS_KEY: ${SILO_MINIO_ACCESS_KEY:?MinIO access key required} SILO_MINIO_SECRET_KEY: ${SILO_MINIO_SECRET_KEY:?MinIO secret key required} SILO_MINIO_BUCKET: silo-files SILO_MINIO_USE_SSL: "true" # Server settings - SILO_SERVER_BASE_URL: ${SILO_BASE_URL:-http://silo.kindred.internal:8080} + SILO_SERVER_BASE_URL: ${SILO_BASE_URL:-http://silo.example.internal:8080} ports: - "8080:8080" volumes: diff --git a/deployments/systemd/silod.env.example b/deployments/systemd/silod.env.example index ff50644..c6e4c4f 100644 --- a/deployments/systemd/silod.env.example +++ b/deployments/systemd/silod.env.example @@ -2,11 +2,11 @@ # Copy to /etc/silo/silod.env and fill in values # Permissions: chmod 600 /etc/silo/silod.env -# Database credentials (psql.kindred.internal) +# Database credentials (psql.example.internal) # Database: silo, User: silo SILO_DB_PASSWORD= -# MinIO credentials (minio.kindred.internal) +# MinIO credentials (minio.example.internal) # User: silouser SILO_MINIO_ACCESS_KEY=silouser SILO_MINIO_SECRET_KEY= @@ -23,4 +23,4 @@ SILO_ADMIN_PASSWORD= # SILO_LDAP_BIND_PASSWORD= # Optional: Override server base URL -# SILO_SERVER_BASE_URL=http://silo.kindred.internal:8080 +# SILO_SERVER_BASE_URL=http://silo.example.internal:8080 diff --git a/docs/AUTH_USER_GUIDE.md b/docs/AUTH_USER_GUIDE.md index 6968700..a34dc98 100644 --- a/docs/AUTH_USER_GUIDE.md +++ b/docs/AUTH_USER_GUIDE.md @@ -38,7 +38,7 @@ API tokens allow the FreeCAD plugin, scripts, and CI pipelines to authenticate w ### Creating a Token (CLI) ```sh -export SILO_API_URL=https://silo.kindred.internal +export SILO_API_URL=https://silo.example.internal export SILO_API_TOKEN=silo_ silo token create --name "CI pipeline" @@ -140,7 +140,7 @@ auth: ldap: enabled: true - url: "ldaps://ipa.kindred.internal" + url: "ldaps://ipa.example.internal" base_dn: "dc=kindred,dc=internal" user_search_dn: "cn=users,cn=accounts,dc=kindred,dc=internal" user_attr: "uid" @@ -170,10 +170,10 @@ auth: oidc: enabled: true - issuer_url: "https://keycloak.kindred.internal/realms/silo" + issuer_url: "https://keycloak.example.internal/realms/silo" client_id: "silo" client_secret: "" # Set via SILO_OIDC_CLIENT_SECRET - redirect_url: "https://silo.kindred.internal/auth/callback" + redirect_url: "https://silo.example.internal/auth/callback" scopes: ["openid", "profile", "email"] admin_role: "silo-admin" editor_role: "silo-editor" @@ -186,7 +186,7 @@ auth: auth: cors: allowed_origins: - - "https://silo.kindred.internal" + - "https://silo.example.internal" ``` ## Environment Variables @@ -254,4 +254,4 @@ UPDATE users SET password_hash = '', is_active = true WHERE usernam - Verify the token is set in FreeCAD preferences or `SILO_API_TOKEN` - Check the API URL points to the correct server -- Test with curl: `curl -H "Authorization: Bearer silo_..." https://silo.kindred.internal/api/items` +- Test with curl: `curl -H "Authorization: Bearer silo_..." https://silo.example.internal/api/items` diff --git a/docs/DEPLOYMENT.md b/docs/DEPLOYMENT.md index 04f449e..ee78902 100644 --- a/docs/DEPLOYMENT.md +++ b/docs/DEPLOYMENT.md @@ -17,7 +17,7 @@ This guide covers deploying Silo to a dedicated VM using external PostgreSQL and ``` ┌─────────────────────────────────────────────────────────────────┐ -│ silo.kindred.internal │ +│ silo.example.internal │ │ ┌───────────────────────────────────────────────────────────┐ │ │ │ silod │ │ │ │ (Silo API Server) │ │ @@ -27,7 +27,7 @@ This guide covers deploying Silo to a dedicated VM using external PostgreSQL and │ │ ▼ ▼ ┌─────────────────────────┐ ┌─────────────────────────────────┐ -│ psql.kindred.internal │ │ minio.kindred.internal │ +│ psql.example.internal │ │ minio.example.internal │ │ PostgreSQL 16 │ │ MinIO S3 │ │ :5432 │ │ :9000 (API) │ │ │ │ :9001 (Console) │ @@ -40,8 +40,8 @@ The following external services are already configured: | Service | Host | Database/Bucket | User | |---------|------|-----------------|------| -| PostgreSQL | psql.kindred.internal:5432 | silo | silo | -| MinIO | minio.kindred.internal:9000 | silo-files | silouser | +| PostgreSQL | psql.example.internal:5432 | silo | silo | +| MinIO | minio.example.internal:9000 | silo-files | silouser | Migrations have been applied to the database. @@ -53,10 +53,10 @@ For a fresh VM, run these commands: ```bash # 1. SSH to the target host -ssh root@silo.kindred.internal +ssh root@silo.example.internal # 2. Download and run setup script -curl -fsSL https://gitea.kindred.internal/kindred/silo-0062/raw/branch/main/scripts/setup-host.sh | bash +curl -fsSL https://git.kindred-systems.com/kindred/silo/raw/branch/main/scripts/setup-host.sh | bash # 3. Configure credentials nano /etc/silo/silod.env @@ -69,16 +69,16 @@ nano /etc/silo/silod.env ## Initial Setup -Run the setup script once on `silo.kindred.internal` to prepare the host: +Run the setup script once on `silo.example.internal` to prepare the host: ```bash # Option 1: If you have the repo locally -scp scripts/setup-host.sh root@silo.kindred.internal:/tmp/ -ssh root@silo.kindred.internal 'bash /tmp/setup-host.sh' +scp scripts/setup-host.sh root@silo.example.internal:/tmp/ +ssh root@silo.example.internal 'bash /tmp/setup-host.sh' # Option 2: Direct on the host -ssh root@silo.kindred.internal -curl -fsSL https://git.kindred.internal/kindred/silo/raw/branch/main/scripts/setup-host.sh -o /tmp/setup-host.sh +ssh root@silo.example.internal +curl -fsSL https://git.kindred-systems.com/kindred/silo/raw/branch/main/scripts/setup-host.sh -o /tmp/setup-host.sh bash /tmp/setup-host.sh ``` @@ -100,10 +100,10 @@ sudo nano /etc/silo/silod.env Fill in the values: ```bash -# Database credentials (psql.kindred.internal) +# Database credentials (psql.example.internal) SILO_DB_PASSWORD=your-database-password -# MinIO credentials (minio.kindred.internal) +# MinIO credentials (minio.example.internal) SILO_MINIO_ACCESS_KEY=silouser SILO_MINIO_SECRET_KEY=your-minio-secret-key ``` @@ -114,10 +114,10 @@ Before deploying, verify connectivity to external services: ```bash # Test PostgreSQL -psql -h psql.kindred.internal -U silo -d silo -c 'SELECT 1' +psql -h psql.example.internal -U silo -d silo -c 'SELECT 1' # Test MinIO -curl -I http://minio.kindred.internal:9000/minio/health/live +curl -I http://minio.example.internal:9000/minio/health/live ``` --- @@ -129,7 +129,7 @@ curl -I http://minio.kindred.internal:9000/minio/health/live To deploy or update Silo, run the deploy script on the target host: ```bash -ssh root@silo.kindred.internal +ssh root@silo.example.internal /opt/silo/src/scripts/deploy.sh ``` @@ -165,7 +165,7 @@ sudo /opt/silo/src/scripts/deploy.sh --status You can override the git repository URL and branch: ```bash -export SILO_REPO_URL=https://git.kindred.internal/kindred/silo.git +export SILO_REPO_URL=https://git.kindred-systems.com/kindred/silo.git export SILO_BRANCH=main sudo -E /opt/silo/src/scripts/deploy.sh ``` @@ -247,7 +247,7 @@ curl http://localhost:8080/ready To update to the latest version: ```bash -ssh root@silo.kindred.internal +ssh root@silo.example.internal /opt/silo/src/scripts/deploy.sh ``` @@ -269,7 +269,7 @@ When new migrations are added, run them manually: ls -la /opt/silo/src/migrations/ # Run a specific migration -psql -h psql.kindred.internal -U silo -d silo -f /opt/silo/src/migrations/008_new_feature.sql +psql -h psql.example.internal -U silo -d silo -f /opt/silo/src/migrations/008_new_feature.sql ``` --- @@ -303,13 +303,13 @@ psql -h psql.kindred.internal -U silo -d silo -f /opt/silo/src/migrations/008_ne 1. Test network connectivity: ```bash - nc -zv psql.kindred.internal 5432 + nc -zv psql.example.internal 5432 ``` 2. Test credentials: ```bash source /etc/silo/silod.env - PGPASSWORD=$SILO_DB_PASSWORD psql -h psql.kindred.internal -U silo -d silo -c 'SELECT 1' + PGPASSWORD=$SILO_DB_PASSWORD psql -h psql.example.internal -U silo -d silo -c 'SELECT 1' ``` 3. Check `pg_hba.conf` on PostgreSQL server allows connections from this host. @@ -318,12 +318,12 @@ psql -h psql.kindred.internal -U silo -d silo -f /opt/silo/src/migrations/008_ne 1. Test network connectivity: ```bash - nc -zv minio.kindred.internal 9000 + nc -zv minio.example.internal 9000 ``` 2. Test with curl: ```bash - curl -I http://minio.kindred.internal:9000/minio/health/live + curl -I http://minio.example.internal:9000/minio/health/live ``` 3. Check SSL settings in config match MinIO setup: @@ -340,8 +340,8 @@ curl -v http://localhost:8080/health curl -v http://localhost:8080/ready # If ready fails but health passes, check external services -psql -h psql.kindred.internal -U silo -d silo -c 'SELECT 1' -curl http://minio.kindred.internal:9000/minio/health/live +psql -h psql.example.internal -U silo -d silo -c 'SELECT 1' +curl http://minio.example.internal:9000/minio/health/live ``` ### Build Fails @@ -391,14 +391,14 @@ This script: getcert list ``` -2. The silo config is already updated to use `https://silo.kindred.internal` as base URL. Restart silo: +2. The silo config is already updated to use `https://silo.example.internal` as base URL. Restart silo: ```bash sudo systemctl restart silod ``` 3. Test the setup: ```bash - curl https://silo.kindred.internal/health + curl https://silo.example.internal/health ``` ### Certificate Management @@ -422,7 +422,7 @@ For clients to trust the Silo HTTPS certificate, they need the IPA CA: ```bash # Download CA cert -curl -o /tmp/ipa-ca.crt https://ipa.kindred.internal/ipa/config/ca.crt +curl -o /tmp/ipa-ca.crt https://ipa.example.internal/ipa/config/ca.crt # Ubuntu/Debian sudo cp /tmp/ipa-ca.crt /usr/local/share/ca-certificates/ipa-ca.crt diff --git a/docs/GAP_ANALYSIS.md b/docs/GAP_ANALYSIS.md index a347833..bf0c0c7 100644 --- a/docs/GAP_ANALYSIS.md +++ b/docs/GAP_ANALYSIS.md @@ -365,7 +365,7 @@ internal/ handlers.go # Items, schemas, projects, revisions middleware.go # Auth middleware odoo_handlers.go # Odoo integration endpoints - routes.go # Route registration (75 endpoints) + routes.go # Route registration (78 endpoints) search.go # Fuzzy search auth/ auth.go # Auth service: local, LDAP, OIDC diff --git a/docs/SPECIFICATION.md b/docs/SPECIFICATION.md index 772b927..ac8a93d 100644 --- a/docs/SPECIFICATION.md +++ b/docs/SPECIFICATION.md @@ -37,7 +37,7 @@ Silo treats **part numbering schemas as configuration, not code**. Multiple numb ▼ ┌─────────────────────────────────────────────────────────────┐ │ Silo Server (silod) │ -│ - REST API (75 endpoints) │ +│ - REST API (78 endpoints) │ │ - Authentication (local, LDAP, OIDC) │ │ - Schema parsing and validation │ │ - Part number generation engine │ @@ -50,7 +50,7 @@ Silo treats **part numbering schemas as configuration, not code**. Multiple numb ▼ ▼ ┌─────────────────────────┐ ┌─────────────────────────────┐ │ PostgreSQL │ │ MinIO │ -│ (psql.kindred.internal)│ │ - File storage │ +│ (psql.example.internal)│ │ - File storage │ │ - Item metadata │ │ - Versioned objects │ │ - Relationships │ │ - Thumbnails │ │ - Revision history │ │ │ @@ -63,7 +63,7 @@ Silo treats **part numbering schemas as configuration, not code**. Multiple numb | Component | Technology | Notes | |-----------|------------|-------| -| Database | PostgreSQL 16 | Existing instance at psql.kindred.internal | +| Database | PostgreSQL 16 | Existing instance at psql.example.internal | | File Storage | MinIO | S3-compatible, versioning enabled | | CLI & API Server | Go (1.24) | chi/v5 router, pgx/v5 driver, zerolog | | Authentication | Multi-backend | Local (bcrypt), LDAP/FreeIPA, OIDC/Keycloak | @@ -598,7 +598,7 @@ See [AUTH.md](AUTH.md) for full architecture details and [AUTH_USER_GUIDE.md](AU ## 11. API Design -### 11.1 REST Endpoints (75 Implemented) +### 11.1 REST Endpoints (78 Implemented) ``` # Health (no auth) @@ -615,6 +615,9 @@ GET /auth/callback # OIDC callback # Public API (no auth required) GET /api/auth/config # Auth backend configuration (for login UI) +# Server-Sent Events (require auth) +GET /api/events # SSE stream for real-time updates + # Auth API (require auth) GET /api/auth/me # Current authenticated user GET /api/auth/tokens # List user's API tokens @@ -644,6 +647,7 @@ DELETE /api/projects/{code} # Delete project [ed # Items (read: viewer, write: editor) GET /api/items # List/filter items GET /api/items/search # Fuzzy search +GET /api/items/by-uuid/{uuid} # Get item by UUID GET /api/items/export.csv # Export items to CSV GET /api/items/template.csv # CSV import template GET /api/items/export.ods # Export items to ODS @@ -689,6 +693,7 @@ GET /api/items/{partNumber}/bom/export.csv # Export BOM as CSV GET /api/items/{partNumber}/bom/export.ods # Export BOM as ODS POST /api/items/{partNumber}/bom # Add BOM entry [editor] POST /api/items/{partNumber}/bom/import # Import BOM from CSV [editor] +POST /api/items/{partNumber}/bom/merge # Merge BOM from ODS with conflict resolution [editor] PUT /api/items/{partNumber}/bom/{childPartNumber} # Update BOM entry [editor] DELETE /api/items/{partNumber}/bom/{childPartNumber} # Remove BOM entry [editor] @@ -734,11 +739,11 @@ POST /api/inventory/{partNumber}/move ### 12.1 Implemented -- [x] PostgreSQL database schema (11 migrations) +- [x] PostgreSQL database schema (13 migrations) - [x] YAML schema parser for part numbering - [x] Part number generation engine - [x] CLI tool (`cmd/silo`) -- [x] API server (`cmd/silod`) with 75 endpoints +- [x] API server (`cmd/silod`) with 78 endpoints - [x] MinIO integration for file storage with versioning - [x] BOM relationships (component, alternate, reference) - [x] Multi-level BOM (recursive expansion with configurable depth) diff --git a/docs/STATUS.md b/docs/STATUS.md index 43235c2..cac9bbb 100644 --- a/docs/STATUS.md +++ b/docs/STATUS.md @@ -10,10 +10,10 @@ | Component | Status | Notes | |-----------|--------|-------| -| PostgreSQL schema | Complete | 11 migrations applied | +| PostgreSQL schema | Complete | 13 migrations applied | | YAML schema parser | Complete | Supports enum, serial, constant, string segments | | Part number generator | Complete | Scoped sequences, category-based format | -| API server (`silod`) | Complete | 75 REST endpoints via chi/v5 | +| API server (`silod`) | Complete | 78 REST endpoints via chi/v5 | | CLI tool (`silo`) | Complete | Item registration and management | | MinIO file storage | Complete | Upload, download, versioning, checksums | | Revision control | Complete | Append-only history, rollback, comparison, status/labels | @@ -55,7 +55,7 @@ FreeCAD workbench and LibreOffice Calc extension are maintained in separate repo | Service | Host | Status | |---------|------|--------| -| PostgreSQL | psql.kindred.internal:5432 | Running | +| PostgreSQL | psql.example.internal:5432 | Running | | MinIO | localhost:9000 (API) / :9001 (console) | Configured | | Silo API | localhost:8080 | Builds successfully | @@ -92,5 +92,7 @@ The schema defines 170 category codes across 10 groups: | 007_revision_status.sql | Revision status and labels | | 008_odoo_integration.sql | Odoo ERP integration tables (integrations, sync_log) | | 009_auth.sql | Authentication system (users, api_tokens, sessions, audit_log, user tracking columns) | -| 010_item_extended_fields.sql | Extended item fields (sourcing_type, sourcing_link, standard_cost, long_description) | +| 010_item_extended_fields.sql | Extended item fields (sourcing_type, long_description) | | 011_item_files.sql | Item file attachments (item_files table, thumbnail_key column) | +| 012_bom_source.sql | BOM entry source tracking | +| 013_move_cost_sourcing_to_props.sql | Move sourcing_link and standard_cost from item columns to revision properties | diff --git a/scripts/deploy.sh b/scripts/deploy.sh index f93df11..fca11a5 100755 --- a/scripts/deploy.sh +++ b/scripts/deploy.sh @@ -1,18 +1,18 @@ #!/bin/bash -# Deploy Silo to silo.kindred.internal +# Deploy Silo to silo.example.internal # # Usage: ./scripts/deploy.sh [host] -# host defaults to silo.kindred.internal +# host defaults to silo.example.internal # # Prerequisites: # - SSH access to the target host # - /etc/silo/silod.env must exist on target with credentials filled in -# - PostgreSQL reachable from target at psql.kindred.internal -# - MinIO reachable from target at minio.kindred.internal +# - PostgreSQL reachable from target at psql.example.internal +# - MinIO reachable from target at minio.example.internal set -euo pipefail -TARGET="${1:-silo.kindred.internal}" +TARGET="${1:-silo.example.internal}" DEPLOY_DIR="/opt/silo" CONFIG_DIR="/etc/silo" SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" @@ -123,14 +123,14 @@ if command -v psql &>/dev/null && [ -n "${SILO_DB_PASSWORD:-}" ]; then for f in "$DEPLOY_DIR/migrations/"*.sql; do echo " $(basename "$f")" PGPASSWORD="$SILO_DB_PASSWORD" psql \ - -h psql.kindred.internal -p 5432 \ + -h psql.example.internal -p 5432 \ -U silo -d silo \ -f "$f" -q 2>&1 | grep -v "already exists" || true done echo " Migrations complete." else echo " WARNING: psql not available or SILO_DB_PASSWORD not set, skipping migrations." - echo " Run migrations manually: PGPASSWORD=... psql -h psql.kindred.internal -U silo -d silo -f /opt/silo/migrations/NNN_name.sql" + echo " Run migrations manually: PGPASSWORD=... psql -h psql.example.internal -U silo -d silo -f /opt/silo/migrations/NNN_name.sql" fi # Start service diff --git a/scripts/setup-host.sh b/scripts/setup-host.sh index 725f3a0..65d8b6b 100755 --- a/scripts/setup-host.sh +++ b/scripts/setup-host.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash # # Silo Host Setup Script -# Run this once on silo.kindred.internal to prepare for deployment +# Run this once on silo.example.internal to prepare for deployment # # Usage: # sudo ./setup-host.sh @@ -24,7 +24,7 @@ BLUE='\033[0;34m' NC='\033[0m' # Configuration -REPO_URL="${SILO_REPO_URL:-https://gitea.kindred.internal/kindred/silo-0062.git}" +REPO_URL="${SILO_REPO_URL:-https://git.kindred-systems.com/kindred/silo.git}" REPO_BRANCH="${SILO_BRANCH:-main}" INSTALL_DIR="/opt/silo" CONFIG_DIR="/etc/silo" @@ -159,17 +159,17 @@ if [[ ! -f "${ENV_FILE}" ]]; then # Silo daemon environment variables # Fill in the values below -# Database credentials (psql.kindred.internal) +# Database credentials (psql.example.internal) # Database: silo, User: silo SILO_DB_PASSWORD= -# MinIO credentials (minio.kindred.internal) +# MinIO credentials (minio.example.internal) # User: silouser SILO_MINIO_ACCESS_KEY=silouser SILO_MINIO_SECRET_KEY= # Optional overrides -# SILO_SERVER_BASE_URL=http://silo.kindred.internal:8080 +# SILO_SERVER_BASE_URL=http://silo.example.internal:8080 EOF chmod 600 "${ENV_FILE}" chown root:silo "${ENV_FILE}" @@ -214,10 +214,10 @@ echo "1. Edit ${ENV_FILE} and fill in credentials:" echo " sudo nano ${ENV_FILE}" echo "" echo "2. Verify database connectivity:" -echo " psql -h psql.kindred.internal -U silo -d silo -c 'SELECT 1'" +echo " psql -h psql.example.internal -U silo -d silo -c 'SELECT 1'" echo "" echo "3. Verify MinIO connectivity:" -echo " curl -I http://minio.kindred.internal:9000/minio/health/live" +echo " curl -I http://minio.example.internal:9000/minio/health/live" echo "" echo "4. Run the deployment:" echo " sudo ${INSTALL_DIR}/src/scripts/deploy.sh" diff --git a/scripts/setup-ipa-nginx.sh b/scripts/setup-ipa-nginx.sh index f35ea8b..0a37d4c 100755 --- a/scripts/setup-ipa-nginx.sh +++ b/scripts/setup-ipa-nginx.sh @@ -7,8 +7,8 @@ # sudo ./scripts/setup-ipa-nginx.sh # # Prerequisites: -# - FreeIPA server at ipa.kindred.internal -# - DNS configured for silo.kindred.internal +# - FreeIPA server at ipa.example.internal +# - DNS configured for silo.example.internal # - Admin credentials for IPA enrollment set -euo pipefail @@ -21,10 +21,10 @@ BLUE='\033[0;34m' NC='\033[0m' # Configuration -IPA_SERVER="${IPA_SERVER:-ipa.kindred.internal}" -IPA_DOMAIN="${IPA_DOMAIN:-kindred.internal}" +IPA_SERVER="${IPA_SERVER:-ipa.example.internal}" +IPA_DOMAIN="${IPA_DOMAIN:-example.internal}" IPA_REALM="${IPA_REALM:-KINDRED.INTERNAL}" -HOSTNAME="silo.kindred.internal" +HOSTNAME="silo.example.internal" CERT_DIR="/etc/ssl/silo" SILO_PORT=8080 @@ -193,7 +193,7 @@ cat > /etc/nginx/sites-available/silo << 'NGINX_EOF' server { listen 80; listen [::]:80; - server_name silo.kindred.internal; + server_name silo.example.internal; # Allow certmonger/ACME challenges location /.well-known/ { @@ -209,7 +209,7 @@ server { server { listen 443 ssl http2; listen [::]:443 ssl http2; - server_name silo.kindred.internal; + server_name silo.example.internal; # SSL certificates (managed by certmonger/IPA) ssl_certificate /etc/ssl/silo/silo.crt; @@ -343,14 +343,14 @@ echo " getcert list" echo "" echo "2. Update silo config to use correct base URL:" echo " sudo nano /etc/silo/config.yaml" -echo " # Change base_url to: https://silo.kindred.internal" +echo " # Change base_url to: https://silo.example.internal" echo "" echo "3. Restart silo service:" echo " sudo systemctl restart silod" echo "" echo "4. Test the setup:" -echo " curl -k https://silo.kindred.internal/health" -echo " curl https://silo.kindred.internal/health # after trusting IPA CA" +echo " curl -k https://silo.example.internal/health" +echo " curl https://silo.example.internal/health # after trusting IPA CA" echo "" echo "5. Trust IPA CA on client machines:" echo " # The CA cert is at: ${CERT_DIR}/ca.crt"