feat(agent): v0.3.5 Windows inbound forwarding, UI actions, lifecycle

- Configure tailscale serve automatically for each instance on Windows userspace networking.
- Add local UI buttons: start/stop/reset/delete instances (stop/start preserve volumes).
- Clean shutdown: stop tailscaled and instances, notify server with instance_stopped.
- Restart tailscaled on agent boot using persisted state when pre-auth key is absent.
- Sync instance stopped/deleted status to dashboard (server/lib/websocket.ts).
- Security: include prior authz/scoping changes across API routes, ephemeral pre-auth keys, ACL policy, internal API key.
- Update SUIVI_VPN_ONDEMAND.md and docs/ONBOARDING_CLIENT.md.
- Bump agent version to 0.3.5.
This commit is contained in:
EduBox Dev
2026-06-25 22:59:09 +00:00
parent 331187e9b5
commit a414f03a59
33 changed files with 3075 additions and 340 deletions
+22 -4
View File
@@ -1,13 +1,20 @@
import { NextRequest, NextResponse } from "next/server";
import { prisma } from "@/lib/prisma";
import { requireAuth, requireRole, getScopedEstablishmentId, forbidden } from "@/lib/api-auth";
export async function GET(req: NextRequest) {
const user = await requireAuth();
if (user instanceof NextResponse) return user;
const { searchParams } = new URL(req.url);
const establishmentId = searchParams.get("establishmentId");
if (!establishmentId) return NextResponse.json({ error: "Missing establishmentId" }, { status: 400 });
const requestedId = searchParams.get("establishmentId");
const establishmentId = getScopedEstablishmentId(user, requestedId);
if (establishmentId instanceof NextResponse) return establishmentId;
const where = establishmentId ? { establishmentId } : {};
const classes = await prisma.class.findMany({
where: { establishmentId },
where,
include: { _count: { select: { students: true } } },
orderBy: { createdAt: "desc" },
});
@@ -15,8 +22,19 @@ export async function GET(req: NextRequest) {
}
export async function POST(req: NextRequest) {
const user = await requireAuth();
if (user instanceof NextResponse) return user;
const denied = requireRole(user, "superadmin", "admin");
if (denied) return denied;
const body = await req.json();
const { establishmentId, name, level } = body;
const requestedId = body.establishmentId;
const establishmentId = getScopedEstablishmentId(user, requestedId);
if (establishmentId instanceof NextResponse) return establishmentId;
if (!establishmentId) return forbidden();
const { name, level } = body;
const cls = await prisma.class.create({
data: { establishmentId, name, level },
});