2229a8254a
* Add editable display-name field to generic integrations Lets users set a custom name for Proxmox, Docker, AWS, Remote Desktop, Netbird, Cloudflare, Uptime Kuma, and Weather integrations, separate from the host/IP field, mirroring the SSH host rename pattern. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_016kF4hZWEkRCPPvCZTeXxn4 * Surface the new-integration name field as a labeled input The name field for new generic integrations was a faint header input with only placeholder text, easy to miss. Move it into the form grid as a proper labeled "Name" field next to the other connection fields. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_016kF4hZWEkRCPPvCZTeXxn4 * Add file upload for SSH private key and certificate fields Lets users pick a key file from disk (e.g. ~/.ssh) instead of pasting its contents into the Private Key / OPKSSH Certificate fields. * Fix SSH private key paste corrupting multi-line PEM format Private Key and Certificate fields were single-line <input> elements, which strip newlines on paste and corrupt PEM-formatted keys (causing 'Unsupported key format' errors). Render them as multi-line textareas instead so pasted keys keep their line breaks. * Add JSON-converted bookmark import file for Archnest data import Converts homarr-bookmarks.md into the format expected by /api/data/import. * Auto-populate bookmark icons via favicon service in import JSON Each bookmark now points to Google's favicon endpoint for its domain instead of having no icon at all. * docs: remove superseded Homarr bookmarks markdown export homarr-bookmarks.md was a recovery/source-data snapshot (78 entries, explicitly caveated as approximate pending live-DB confirmation) whose sole purpose was generating homarr-bookmarks-import.json, which has since been committed and is the actionable artifact. No other file references the .md version, so it's now stale duplicate data. Audited the other root-level markdown files (HANDOFF.md, README.md, TERMIX_MIGRATION.md, archnest-blueprint.md, design-decisions.md, glance.md) for conflicting claims against each other and the current codebase — no contradictions found. archnest-blueprint.md's 6-page nav table is outdated relative to the real app's 11 pages, but the file is explicitly framed (in README.md) as the original/historical design spec rather than a current-state doc, so it's left as-is. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_016kF4hZWEkRCPPvCZTeXxn4 --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|---|---|---|
| .github/workflows | ||
| .kiro | ||
| assets | ||
| backend | ||
| pics | ||
| public | ||
| src | ||
| .dockerignore | ||
| .env.example | ||
| .gitignore | ||
| archnest-blueprint.md | ||
| design-decisions.md | ||
| docker-compose.yml | ||
| Dockerfile | ||
| eslint.config.js | ||
| glance.md | ||
| HANDOFF.md | ||
| homarr-bookmarks-import.json | ||
| index.html | ||
| nginx.conf | ||
| package-lock.json | ||
| package.json | ||
| README.md | ||
| TERMIX_MIGRATION.md | ||
| tsconfig.app.json | ||
| tsconfig.json | ||
| tsconfig.node.json | ||
| vite.config.ts | ||
ArchNest
A self-hosted ops dashboard — infrastructure monitoring, a bookmark hub for your homelab/cloud links, an embedded terminal, and system settings, all in one place. Real backend, real integrations, no mock data.
Frontend: React 19 + TypeScript + Vite, styled with Tailwind CSS v4, charts via Recharts, icons via Lucide React.
Backend: Fastify + TypeScript + SQLite (better-sqlite3), JWT auth, AES-256-GCM encrypted integration secrets.
For a full handoff/status writeup (what's done, what's not, how to resume), see HANDOFF.md.
Pages
| Page | Route | Status |
|---|---|---|
| Glance | / |
Done — real backend data (system status, resource overview, alerts, network traffic) |
| Infrastructure | /infrastructure |
Done — resource distribution, node status grid, cost/trend breakdown, all from real integration data. "Network" sub-tab planned as a future addition. |
| BookNest | /booknest |
Done — categorized bookmark hub wired to the real bookmarks API |
| Terminal | /terminal |
Pending / on hold — will be based on a fork of the (archived) Termix project; user has the fork and intends to hand this off to another AI session to integrate. Do not start this without explicit instruction. |
| Settings | /settings |
Done — Profile (real user identity + avatar, editable via API), Appearance, Integrations (8 real adapters), Notifications, Data & Backup, About |
See archnest-blueprint.md for the original per-page design spec and design-decisions.md for the visual/UX conventions and lessons learned while building each page — read that file before making layout changes, it documents why things are built the way they are (hero banner layering, card blend techniques, icon library gotchas, etc.).
Development
Frontend:
npm install
npm run dev
Backend:
cd backend
npm install
ARCHNEST_SECRET_KEY=$(openssl rand -hex 32) ARCHNEST_JWT_SECRET=$(openssl rand -hex 32) npm run dev
Both ARCHNEST_SECRET_KEY (encrypts integration secrets at rest) and ARCHNEST_JWT_SECRET (signs auth tokens) are required env vars with no defaults — the server will refuse to start without them. ARCHNEST_DB_PATH optionally overrides the SQLite file location (defaults to a local path under backend/). PORT overrides the listen port (default 4000-range, check server.ts).
Type-check both before committing:
npx tsc --noEmit # from repo root, frontend
cd backend && npx tsc --noEmit # backend
Vite/the browser surface some runtime errors (e.g. missing icon exports) that the type-checker won't catch, so also smoke-test pages in a browser.
Tech Stack
Frontend
- React 19 + Vite + TypeScript
- React Router for routing
- Tailwind CSS v4
- Recharts (donuts, line/area charts)
- Lucide React (icons)
Backend
- Fastify 5 + TypeScript,
tsxfor dev,tsc -bfor build better-sqlite3for storage@fastify/jwtfor auth tokens,bcryptjsfor password hashingzodfor request validation- AES-256-GCM (Node
crypto) for encrypting integration secrets at rest - Integration adapters: Proxmox, Docker, NetBird, Cloudflare, AWS, Uptime Kuma, Weather, SSH (see
backend/src/integrations/)
Deploy target: Docker on racknerd1 → NPM (Nginx Proxy Manager) proxy at archnest.snsnetlabs.com.
Deployment
Live and deployed at archnest.snsnetlabs.com. The pipeline at .github/workflows/deploy.yml triggers on every push to main: it copies the repo to racknerd1 over SCP and runs docker compose up -d --build there, gated on an /api/health check. No further setup is needed — merging a PR to main redeploys automatically.
If a deploy fails, check the workflow run's deploy job steps in order: Pre-flight (confirms host .env exists), Copy repo to racknerd1, Build, restart, and clean up, Health check (backend /api/health).
For reference, the one-time setup that was done to stand this up: host provisioning (Docker/Compose on racknerd1, deploy SSH user, /opt/archnest directory), /opt/archnest/.env populated from .env.example with real secrets, RACKNERD_HOST/RACKNERD_USER/RACKNERD_SSH_KEY added as GitHub Actions secrets, and DNS/Nginx Proxy Manager pointed at the host.
See HANDOFF.md for current feature work in progress (multi-user accounts, SSO, security settings).