Update docs/security.md to reflect that the
/api/whitelist endpoints now accept both
IPv4 and IPv6 addresses, removing the
previous statement that IPv6 was unsupported.
- Correct "proxyway" typo in README
- Rewrite design.md to explain SQLite decision over in-memory map,
highlighting persistence, ACID transactions, and concurrent read
support via WAL mode
- Increase audit log rotation limit from 100k to 200k entries
Rename the `entry` field to `ip` throughout the whitelist API for
clarity and consistency. This affects API request/response bodies,
path parameters, OpenAPI spec, documentation, and database queries
in the audit log endpoint.
Update project structure to use a src/ directory layout and
improve documentation across multiple files.
- Update README.md build command to use ./src
- Add directory structure documentation
- Update status endpoint to include DB health status
- Add pagination support (limit/offset) to whitelist list endpoints
- Document new query parameters with examples
- Update deployment guide to mark API token as required
- Add testing instructions
- Clarify audit log rotation in design documentation
Remove extraneous closing brace from nginx auth-proxy location block
that was causing syntax errors. Update documentation to reflect proper
UPPER_CASE naming convention for environment variables (AUTH_PROXY_*)
and correct the default database path from relative to absolute path.
The proxy was forwarding the original Content-Length header to the
proxied service, which caused issues with request body processing.
Now setting it to an empty string to prevent nginx from passing the
original content-length value.
Move proxy_pass directive to correct position in nginx location block and
update proxy settings: enable request body forwarding (proxy_pass_request_body
on) and pass original Content-Length header (from $content_length variable)
instead of stripping it, ensuring auth-proxy receives full request payloads.
- Change whitelist response format to use single `entry` field instead of `ip` + `reason`
- Update auth endpoint to return 204 No Content instead of 200 with body
- Add 405 Method Not Allowed response for auth endpoint
- Fix operationId for permanent whitelist endpoint (was `listTempWhitelist`)
- Add query parameters for logs endpoint: action, ip, limit, offset
- Update documentation in docs/api.md and openapi.yaml
- Add GET /api/whitelist/perm/list to list permanent whitelisted entries
- Implement permWhitelistListHandler with API key verification
- Rename permanent_whitelist table to perm_whitelist for consistency
- Update default DB path from ./data to /data
- Comment out build job in CI/CD workflow
- Migrate IP-based temporary whitelisting from file to SQLite storage
- Add REST API endpoints for managing temporary and permanent whitelists
- Create `.env.example` with required environment variables
- Document API endpoints in README.md and docs/api.md
- Add new dependency `modernc.org/sqlite` for SQLite support
- Update deployment and security documentation