adminmpmcz/patchcenter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
PatchCenter - Application web de gestion du patching
426 Commits 1 Branch 2 Tags 93 MiB
Python 49.9%
HTML 29.8%
PLpgSQL 19.4%
Shell 0.9%
main
Go to file
MOUTAOUAKIL-ext Khalid (admin) 4590e89ff6 feat(securite/ldap): cookie Secure, logs debug LDAPS, .gitignore durci 
- auth.py: flag Secure + path=/ sur le cookie d'authentification
- ldap_service.py: logging debug des connexions LDAPS vers logs/ldap_debug.log (jamais les mots de passe)
- .gitignore: protege cles/certs TLS (ssl/, *.key, *.crt) + artefacts lourds (db/, sitepkgs.zip, *.bak, dump)
- inclut aussi des modifs en cours: planning_import, patch_run_service, patching_iexec

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-18 15:42:00 +02:00
agents
app feat(securite/ldap): cookie Secure, logs debug LDAPS, .gitignore durci 2026-06-18 15:42:00 +02:00
deploy
docs
scripts
tools
.gitignore feat(securite/ldap): cookie Secure, logs debug LDAPS, .gitignore durci 2026-06-18 15:42:00 +02:00
backfill_canonicalize_env_domain_20260507.sql
cleanup_fqdn_incoherents.sql
fill_fqdn_from_domain_ltd.sql
migrate_applications.sql
migrate_correspondance.sql
migrate_drop_legacy_servers.sql
migrate_etat.sql
migrate_missing_tables_20260427.sql
migrate_patch_excludes_v2_20260507.sql
migrate_patch_excludes_v2_fix_20260507.sql
migrate_patch_excludes_wiki.sql
migrate_patching_notes_20260507.sql
migrate_patching_notes_fix_20260507.sql
migrate_pct_workflow_20260507.sql
migrate_planning_imports_v2.sql
migrate_planning_imports_v3.sql
migrate_planning_imports_v4.sql
migrate_planning_imports.sql
migrate_qualys_vuln_dashboard.sql
migrate_servers_satellite.sql
migrate_teams_pct_workflow.sql
migrate_teams_rules_20260506.sql
migrate_teams_rules_v2_20260506.sql
migrate_users.sql
populate_zones.sql
README.md
replace_etat.py
requirements.txt
resync_servers_text_fields.sql
run.sh
schema.sql
tailwind.config.js
update_zone_dmz.sql

README.md

PatchCenter — SLPM (SANEF Linux Patch Manager)

App web FastAPI/PostgreSQL pour piloter le patching Linux SANEF : plan de patching, historique, users AD/LDAP, intégration iTop, API Qualys.

Source de vérité : VM CT 116 (pc.mpcz.fr, 172.28.199.185 + pct exec 116 -- ...) + repo Gitea adminmpmcz/patchcenter.

Workflow de dev (validé 2026-04-17)

  1. Claude modifie direct sur CT 116 via SSH → git push Gitea
  2. Khalid sur poste SANEF (C:\patchcenter) → git pull → test sur 127.0.0.1:8080
  3. Si OK : Khalid ajoute ses modifs + git push Gitea
  4. Claude sur CT 116 → git pull + systemctl restart patchcenter

Stack

  • Python 3.11+ / FastAPI / Uvicorn
  • PostgreSQL (patchcenter)
  • Jinja2 + Tailwind (templates)
  • LDAP (AD SANEF) pour auth

Structure

  • app/ — code FastAPI (auth, models, routers, services)
  • deploy/ — scripts déploiement + migrations SQL
  • tools/ — scripts d'import/enrichissement (Qualys, iTop, Ayoub, etc.)
  • docs/ — DEPLOY.md, SANEF_PATCHING_PROCESS.md
  • migrate_*.sql — migrations DB manuelles

Lancer en local (poste SANEF, pas la copie locale Claude)

python -m uvicorn app.main:app --host 0.0.0.0 --port 8080

Gitea

  • Repo : http://172.28.199.202:3000/adminmpmcz/patchcenter
  • Creds HTTPS : adminmpmcz / Admin@2025

Notes

  • SECRET_KEY côté VM : sanef-patchcenter-demo-key-change-me (drop-in systemd)
  • DB échangée via Gitea Releases (attachment .sql), jamais dans le git tree
  • Après restore DB : ALTER TABLE ... OWNER TO patchcenter pour toutes les tables+sequences