sam/dev_arc_aws
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ArchNest paid SaaS line (AWS) — forked from open-source v1 (dev_archnest v1.0)
58 commits 2 branches 1 tag 45 MiB
TypeScript 96.9%
Shell 1.8%
CSS 0.8%
Dockerfile 0.3%
JavaScript 0.1%
Find a file
Claude 27abbc8ce1
Phase 1c: OPKSSH cert auth, tmux session monitor/reattach, session logging 
- terminal.ts: connectWithCertificate() shells out to system ssh via
  node-pty for OpenSSH certificate auth (ssh2 has no native support);
  list_tmux WS message + tmuxSession connect param for tmux
  attach/create with shell-injection-safe name validation;
  sessionLogging config field appends terminal output to disk.
- Settings.tsx: certificate secret field and sessionLogging checkbox
  for SSH host integrations.
- Terminal.tsx: tmux session picker in each pane's header.
- Verified end-to-end against a real test SSH server running real
  bash/tmux processes (plain shell, tmux create+list, session log
  written to disk). Cert auth path type-checks but is unverified in
  this sandbox (no ssh CLI available) - documented as a gap in
  TERMIX_MIGRATION.md.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01BbJV5nm8KPVH1oNJYKpnoF
2026-06-19 11:28:51 +00:00
.github/workflows Add Docker deployment and GitHub Actions workflow for racknerd1 2026-06-18 14:18:00 +00:00
.kiro update 2026-06-18 08:14:00 -04:00
assets Restore Resource Distribution card, remove Resource Utilization, apply blank KPI bg to status row 2026-06-18 17:26:39 +00:00
backend Phase 1c: OPKSSH cert auth, tmux session monitor/reattach, session logging 2026-06-19 11:28:51 +00:00
pics pics 2026-06-11 19:26:56 -05:00
public Restore Resource Distribution card, remove Resource Utilization, apply blank KPI bg to status row 2026-06-18 17:26:39 +00:00
src Phase 1c: OPKSSH cert auth, tmux session monitor/reattach, session logging 2026-06-19 11:28:51 +00:00
.dockerignore Add Docker deployment and GitHub Actions workflow for racknerd1 2026-06-18 14:18:00 +00:00
.gitignore Add backend skeleton: Fastify + SQLite API with auth and integrations 2026-06-18 19:04:48 +00:00
archnest-blueprint.md pics 2026-06-11 19:26:56 -05:00
design-decisions.md Add backend skeleton: Fastify + SQLite API with auth and integrations 2026-06-18 19:04:48 +00:00
docker-compose.yml Add backend skeleton: Fastify + SQLite API with auth and integrations 2026-06-18 19:04:48 +00:00
Dockerfile Add Docker deployment and GitHub Actions workflow for racknerd1 2026-06-18 14:18:00 +00:00
eslint.config.js update 2026-06-18 08:14:00 -04:00
glance.md update 2026-06-18 08:14:00 -04:00
HANDOFF.md Update HANDOFF.md: Proxmox TLS and fast-jwt fixes are done 2026-06-19 10:28:58 +00:00
index.html update 2026-06-18 08:14:00 -04:00
nginx.conf Add Docker deployment and GitHub Actions workflow for racknerd1 2026-06-18 14:18:00 +00:00
package-lock.json Add Phase 1a: core SSH terminal (Termix migration) 2026-06-19 10:52:04 +00:00
package.json Add Phase 1a: core SSH terminal (Termix migration) 2026-06-19 10:52:04 +00:00
README.md Update README and add HANDOFF.md for session handoff 2026-06-18 21:12:50 +00:00
TERMIX_MIGRATION.md Phase 1c: OPKSSH cert auth, tmux session monitor/reattach, session logging 2026-06-19 11:28:51 +00:00
tsconfig.app.json update 2026-06-18 08:14:00 -04:00
tsconfig.json update 2026-06-18 08:14:00 -04:00
tsconfig.node.json update 2026-06-18 08:14:00 -04:00
vite.config.ts Add Phase 1a: core SSH terminal (Termix migration) 2026-06-19 10:52:04 +00:00

README.md

ArchNest

A self-hosted ops dashboard — infrastructure monitoring, a bookmark hub for your homelab/cloud links, an embedded terminal, and system settings, all in one place. Real backend, real integrations, no mock data.

Frontend: React 19 + TypeScript + Vite, styled with Tailwind CSS v4, charts via Recharts, icons via Lucide React. Backend: Fastify + TypeScript + SQLite (better-sqlite3), JWT auth, AES-256-GCM encrypted integration secrets.

For a full handoff/status writeup (what's done, what's not, how to resume), see HANDOFF.md.

Pages

Page Route Status
Glance / Done — real backend data (system status, resource overview, alerts, network traffic)
Infrastructure /infrastructure Done — resource distribution, node status grid, cost/trend breakdown, all from real integration data. "Network" sub-tab planned as a future addition.
BookNest /booknest Done — categorized bookmark hub wired to the real bookmarks API
Terminal /terminal Pending / on hold — will be based on a fork of the (archived) Termix project; user has the fork and intends to hand this off to another AI session to integrate. Do not start this without explicit instruction.
Settings /settings Done — Profile (real user identity + avatar, editable via API), Appearance, Integrations (8 real adapters), Notifications, Data & Backup, About

See archnest-blueprint.md for the original per-page design spec and design-decisions.md for the visual/UX conventions and lessons learned while building each page — read that file before making layout changes, it documents why things are built the way they are (hero banner layering, card blend techniques, icon library gotchas, etc.).

Development

Frontend:

npm install
npm run dev

Backend:

cd backend
npm install
ARCHNEST_SECRET_KEY=$(openssl rand -hex 32) ARCHNEST_JWT_SECRET=$(openssl rand -hex 32) npm run dev

Both ARCHNEST_SECRET_KEY (encrypts integration secrets at rest) and ARCHNEST_JWT_SECRET (signs auth tokens) are required env vars with no defaults — the server will refuse to start without them. ARCHNEST_DB_PATH optionally overrides the SQLite file location (defaults to a local path under backend/). PORT overrides the listen port (default 4000-range, check server.ts).

Type-check both before committing:

npx tsc --noEmit          # from repo root, frontend
cd backend && npx tsc --noEmit   # backend

Vite/the browser surface some runtime errors (e.g. missing icon exports) that the type-checker won't catch, so also smoke-test pages in a browser.

Tech Stack

Frontend

  • React 19 + Vite + TypeScript
  • React Router for routing
  • Tailwind CSS v4
  • Recharts (donuts, line/area charts)
  • Lucide React (icons)

Backend

  • Fastify 5 + TypeScript, tsx for dev, tsc -b for build
  • better-sqlite3 for storage
  • @fastify/jwt for auth tokens, bcryptjs for password hashing
  • zod for request validation
  • AES-256-GCM (Node crypto) for encrypting integration secrets at rest
  • Integration adapters: Proxmox, Docker, NetBird, Cloudflare, AWS, Uptime Kuma, Weather, SSH (see backend/src/integrations/)

Deploy target: Docker on racknerd1 → NPM (Nginx Proxy Manager) proxy at archnest.snsnetlabs.com.

Deployment

This project is deployed via Docker on racknerd1, proxied through Nginx Proxy Manager at archnest.snsnetlabs.com. Not yet deployed as of this writing — still under active development on the claude/wonderful-faraday-qxym5t branch.