sub2api-cn-relay-manager

Author	SHA1	Message	Date
phamnazage-jpg	47ced19c7b	fix(deploy): production CRM deployment improvements - Fix deploy_crm_only.sh: non-destructive hot reload - Enhanced stop logic with pgrep + fuser for port release - Added 3-layer verification (process/control/user) - Check /proc/$pid/exe for (deleted) marker - Never delete DB - Fix portal script contracts: crm_session → crm_subject - deploy_tksea_portal.sh: use $cookie_crm_subject - test_tksea_portal_assets.sh: assert crm_subject exists - nginx.example.conf: updated trusted subject header - Add systemd service management - sub2api-crm.service.template - install_crm_systemd.sh - verify_crm_deployment.sh Update docs/plans/2026-06-04-next-version-plan.md with deployment findings.	2026-06-10 15:44:45 +08:00
phamnazage-jpg	4e2ee087fd	feat(vNext.4): implement trusted-subject security chain for portal user key self-service - Add portal_auth.go: Portal user session auth with HMAC-signed cookies - Add /api/portal/session/{login,logout,state} endpoints - Update nginx config template: cookie-to-header trusted proxy pattern - Update frontend: sync CRM session on login/logout - Add TRUSTED_SUBJECT_DEPLOY_GUIDE.md with remote43 deployment steps - Update EXECUTION_BOARD.md: mark trusted-subject blocking issue as resolved This implements the secure chain: Browser → Portal → nginx (cookie→header) → CRM (verify proxy secret) Required remote43 actions: 1. Generate 64-char hex secret 2. Update .env.crm with TRUSTED_* config 3. Update nginx with cookie map and header injection 4. Restart services Fixes EXECUTION_BOARD.md 2026-06-08 blocking issue	2026-06-09 07:48:03 +08:00
phamnazage-jpg	dbbb313a36	feat: close v3 governance evidence and slo metrics wiring Some checks failed CI / Build & Test (push) Has been cancelled Details CI / Lint (push) Has been cancelled Details CI / Security Scan (push) Has been cancelled Details CI / Docker Build (push) Has been cancelled Details CI / Release (push) Has been cancelled Details	2026-06-08 13:59:03 +08:00
phamnazage-jpg	77b7f7f660	feat: harden runtime import and frontend verification workflows Some checks failed CI / Build & Test (push) Has been cancelled Details CI / Lint (push) Has been cancelled Details CI / Security Scan (push) Has been cancelled Details CI / Docker Build (push) Has been cancelled Details CI / Release (push) Has been cancelled Details	2026-06-04 20:02:36 +08:00
phamnazage-jpg	c982c595b8	feat(accounts): add provider account admin view	2026-05-29 15:50:28 +08:00
phamnazage-jpg	2896e62071	feat(routing): add route health admin view	2026-05-29 13:37:43 +08:00
phamnazage-jpg	2e9b4ab988	feat(portal): add logical group admin page	2026-05-29 13:06:19 +08:00
phamnazage-jpg	8d7aa925df	feat(admin): persist provider drafts in crm	2026-05-27 21:49:12 +08:00
phamnazage-jpg	ebd86a4256	feat(batch): add live reuse admin verification flow	2026-05-27 20:23:42 +08:00
phamnazage-jpg	02580cda0b	feat: organize scripts and add portal validation assets	2026-05-27 09:39:05 +08:00

10 Commits