PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
c3f6e8a033623431f79e577fc8ec244a0fe0b07c
xamxam/TODO.md

7.4 KiB
Raw Blame History

TODO

Move Restrictions d'accès aux fichiers to acces.php

  • Remove fieldset from templates/admin/contenus.php
  • Add fieldset to templates/admin/acces.php
  • Load $siteSettings in admin/acces.php controller
  • Update redirect in settings.php for formulaire_restrictions → /admin/acces.php

Fix PeerTube upload — Google-resumable protocol adherence

  • Use Location header from init response (not reconstruct URL from JSON body)
  • Switch chunk method from PUT → PATCH (Google-resumable variant)
  • Use actual file MIME type in chunk Content-Type (not application/octet-stream)
  • Ensure chunk size is multiple of 256 KB
  • Add PATCH/HEAD methods to httpRequest()
  • Add CURLOPT_HEADERFUNCTION to capture response headers
  • Disable CURLOPT_FOLLOWLOCATION to preserve Location header
  • Add cancelUpload() helper for Delete-on-error cleanup
  • PeerTube upload fixed — simple multipart POST /api/v1/videos/upload works
  • Upload progress: 0-25% browser upload, 25-99% server polling via /admin/actions/upload-progress.php
  • Decorelate formats from fichiers: no HTMX toggling; Site web/Vidéo/Audio always visible
  • Sticky formats fieldset inside parent container
  • Server-side progress: PeerTubeService writes to temp file, client polls progress endpoint
  • Fix cover deletion bug: !empty() instead of isset()
  • Remove old duplicate file list CSS; unified recap+edit file figure styling
  • Standardise uploaded/preexisting files styling: recap now matches edit (classes, icons, meta row, display_label)
  • Refactor licence fieldset: Libre→CC2r+licence, Interne→opt-in licence, Interdit→none

HTMX Toast Feedback for Settings Checkboxes (contenus.php)

  • Add hx-target response divs to the three fieldsets in contenus.php
  • Update settings.php to return HTML toast on HTMX requests

Production Error Fixes (2026-05-11 remote logs)

  • 413 Request Entity Too Large — bumped client_max_body_size to 256M, PHP post/upload to 256M, timeouts to 300s
  • Missing v_smtp_active view on server — made all CREATE VIEW statements idempotent with IF NOT EXISTS in schema.sql
  • bars.svg 404 — created app/public/assets/img/bars.svg (animated SVG spinner)
  • Nginx rate limiting too aggressive — increased admin zone to 300r/m, burst=30 to handle ~11 concurrent HTMX fragment requests on contenus.php page load
  • Migration idempotencyCREATE INDEX / CREATE TRIGGER / CREATE VIEW now use IF NOT EXISTS in schema.sql and generate-schema.py; migrate.sh no longer fails on re-run
  • Database readonly — intermittent permission issue after deploy (added deploy-nginx recipe; permissions should be fixed by --chown + deploy-server.sh)
  • Upload progress bar not visiblecollectFileNames() now also checks FilePond instances directly (not just input.files); upload-progress.php no longer requires admin auth (blocked partage form polling)

PeerTube Alternate Labels & FilePond Pools

  • Add peertube_video_label and peertube_audio_label columns (migration 029)
  • Update PeerTubeService getSettings/updateSettings for new fields
  • Add label fields to parametres.php admin form
  • Handle label saving in admin/actions/settings.php
  • Uncomment video/audio slots in fichiers-fragment.php with FilePond pools when PeerTube enabled
  • Register peertube_video / peertube_audio queue types in file-upload-filepond.js
  • Update handlePeerTubeUpload → handlePeerTubeQueueFiles in both create/edit controllers
  • When PeerTube active, restrict TFE pool to PDF/images/VTT/archives only (no video/audio)
  • Add HTMX swap attributes to Vidéo/Audio format checkboxes for live toggling
  • Store PeerTube uploads as peertube_ids:{uuid} in thesis_files.file_path
  • Create templates/partials/peertube-embed.php iframe embed template
  • Render PeerTube embeds in public thesis view (tfe.php)
  • Handle PeerTube files in admin recapitulatif.php and fichiers-fragment.php
  • Shared SMTP credentials — remove username/password from peertube_settings (migration 031)
  • PeerTubeService reads credentials from SmtpRelay
  • OAuth client_id/secret fetched on-demand and cached in-memory (no DB storage)
  • Resumable upload protocol (POST init + PUT chunks) in PeerTubeService::upload()
  • Admin recapitulatif: show real PeerTube watch links (public/unlisted only)
  • Optimize public thesis view: load PeerTube instance URL once before file loop
  • Test end-to-end: activate PeerTube, set labels, submit form with video/audio files

SQLite Backup & Data Integrity (docs/backup-plan.md)

Phase 1 — WAL Mode

  • WAL mode already active (PRAGMA journal_modewal) — set in Database constructor
  • Verify -wal and -shm sidecar files exist after writes
  • Verify nginx/PHP write access to sidecar files on server
  • Add deploy-verify-permissions recipe that checks ownership, directory perms, file perms, and writability after rsync
  • deploy recipe now uploads and runs deploy-server.sh to fix permissions, then verifies them
  • deploy recipe now runs migrations (scripts/migrate.sh) after ensuring DB exists
  • fix migrate.sh to detect server vs local layout (no app/ subdir on server)
  • regenerate schema.sql from local DB via generate-schema.py (includes v_smtp_active, all 28 migrations)
  • fix generate-schema.py to include v_smtp_active (was explicitly excluded)

Phase 2 — Audit Log

  • admin_audit_log table already exists (migration 009), AdminLogger already writes to it
  • Create the audit_log table for data-level audit (before/after row snapshots)
  • Create Audit.php helper class
  • Instrument all DELETE, UPDATE, INSERT operations on core tables (theses, tags, languages, thesis_files)
  • Verify by triggering a test delete and querying SELECT * FROM audit_log ORDER BY id DESC LIMIT 5

Phase 3 — Soft Deletes

  • Add deleted_at columns to languages, tags, theses
  • Rebuild views v_theses_full and v_theses_public with deleted_at IS NULL filters
  • Update schema.sql for fresh installs
  • Replace all hard DELETEs with soft deletes (DELETEUPDATE ... SET deleted_at = ...)
  • Add deleted_at IS NULL to all SELECT queries touching these tables
  • Add admin "Corbeille" view for soft-deleted theses with Restore and Hard Delete actions
  • Test each htmx-driven element (language search, tag search, repertoire filters) to confirm deleted entries don't appear
  • Admin: add soft-deleted tags/languages view with restore option

Phase 4 — Hourly Snapshots via Cronjob

  • Create scripts/backup-sqlite.sh (hot backup via sqlite3 .backup, gzip, retention pruning)
  • Test locally — backup created, restores correctly
  • Add just backup-snapshot command for local ad-hoc backups
  • Deploy backup script to server (/usr/local/bin/backup-sqlite.sh) — just deploy-backup-script
  • Create /var/backups/xamxam/ directory on server — part of just deploy-backup-cron
  • Add cron jobs (hourly 30d + daily 90d) — just deploy-backup-cron
  • Test restore from production backup — just test-restore <remote-gz-path>
  • Manual backup trigger — just trigger-backup
  • Check backup log — just deploy-check-backup-log
  • List remote backups — just deploy-list-backups
  • One-shot deploy — just deploy-backup (script + cron)

Phase 5 — Remote Sync (for later)

  • (Deferred)
Reference in New Issue View Git Blame Copy Permalink