Reintroduce TFE duration metadata: DB columns, form fields, controllers, views, and migration

Add 'unsafe-eval' to CSP script-src directives (htmx requires Function())
2026-06-25 16:19:19 +02:00 · 2026-06-11 13:05:37 +02:00
parent 00fed5f0e3
commit d588ae004d
81 changed files with 1061 additions and 840 deletions
--- a/nginx/xamxam.conf.reference
+++ b/nginx/xamxam.conf.reference
@@ -113,12 +113,8 @@ server {
        deny all;
    }

-    # Admin panel - password protected
+    # Admin panel - password protected at the PHP layer (AdminAuth)
    location ^~ /admin/ {
-        # HTTP Basic Authentication (first layer)
-        auth_basic "Admin Access - Post-ERG";
-        auth_basic_user_file /etc/nginx/.htpasswd-xamxam;
-
        # Rate limiting for admin
        limit_req zone=admin burst=5 nodelay;