feat: Stage 1 — backend and frontend scaffolding

Backend (tasks 1.1, 1.5–1.8): - pyproject.toml with FastAPI, Pydantic v2, aiosqlite, APScheduler 3.x, structlog, bcrypt; ruff + mypy strict configured - Pydantic Settings (BANGUI_ prefix env vars, fail-fast validation) - SQLite schema: settings, sessions, blocklist_sources, import_log; WAL mode + foreign keys; idempotent init_db() - FastAPI app factory with lifespan (DB, aiohttp session, scheduler), CORS, unhandled-exception handler, GET /api/health - Fail2BanClient: async Unix-socket wrapper using run_in_executor, custom error types, async context manager - Utility modules: ip_utils, time_utils, constants - 47 tests; ruff 0 errors; mypy --strict 0 errors Frontend (tasks 1.2–1.4): - Vite + React 18 + TypeScript strict; Fluent UI v9; ESLint + Prettier - Custom brand theme (#0F6CBD, WCAG AA contrast) with light/dark variants - Typed fetch API client (ApiError, get/post/put/del) + endpoints constants - tsc --noEmit 0 errors
2026-02-28 21:15:01 +01:00
parent 460d877339
commit 7392c930d6
59 changed files with 7601 additions and 17 deletions
--- a/backend/app/models/jail.py
+++ b/backend/app/models/jail.py
@@ -0,0 +1,89 @@
+"""Jail management Pydantic models.
+
+Request, response, and domain models used by the jails router and service.
+"""
+
+from pydantic import BaseModel, ConfigDict, Field
+
+
+class JailStatus(BaseModel):
+    """Runtime metrics for a single jail."""
+
+    model_config = ConfigDict(strict=True)
+
+    currently_banned: int = Field(..., ge=0)
+    total_banned: int = Field(..., ge=0)
+    currently_failed: int = Field(..., ge=0)
+    total_failed: int = Field(..., ge=0)
+
+
+class Jail(BaseModel):
+    """Domain model for a single fail2ban jail with its full configuration."""
+
+    model_config = ConfigDict(strict=True)
+
+    name: str = Field(..., description="Jail name as configured in fail2ban.")
+    enabled: bool = Field(..., description="Whether the jail is currently active.")
+    running: bool = Field(..., description="Whether the jail backend is running.")
+    idle: bool = Field(default=False, description="Whether the jail is in idle mode.")
+    backend: str = Field(..., description="Log monitoring backend (e.g. polling, systemd).")
+    log_paths: list[str] = Field(default_factory=list, description="Monitored log files.")
+    fail_regex: list[str] = Field(default_factory=list, description="Failure detection regex patterns.")
+    ignore_regex: list[str] = Field(default_factory=list, description="Regex patterns that bypass the ban logic.")
+    ignore_ips: list[str] = Field(default_factory=list, description="IP addresses or CIDRs on the ignore list.")
+    date_pattern: str | None = Field(default=None, description="Custom date pattern for log parsing.")
+    log_encoding: str = Field(default="UTF-8", description="Log file encoding.")
+    find_time: int = Field(..., description="Time window (seconds) for counting failures.")
+    ban_time: int = Field(..., description="Duration (seconds) of a ban. -1 means permanent.")
+    max_retry: int = Field(..., description="Number of failures before a ban is issued.")
+    status: JailStatus | None = Field(default=None, description="Runtime counters.")
+
+
+class JailSummary(BaseModel):
+    """Lightweight jail entry for the overview list."""
+
+    model_config = ConfigDict(strict=True)
+
+    name: str
+    enabled: bool
+    running: bool
+    idle: bool
+    backend: str
+    find_time: int
+    ban_time: int
+    max_retry: int
+    status: JailStatus | None = None
+
+
+class JailListResponse(BaseModel):
+    """Response for ``GET /api/jails``."""
+
+    model_config = ConfigDict(strict=True)
+
+    jails: list[JailSummary] = Field(default_factory=list)
+    total: int = Field(..., ge=0)
+
+
+class JailDetailResponse(BaseModel):
+    """Response for ``GET /api/jails/{name}``."""
+
+    model_config = ConfigDict(strict=True)
+
+    jail: Jail
+
+
+class JailCommandResponse(BaseModel):
+    """Generic response for jail control commands (start, stop, reload, idle)."""
+
+    model_config = ConfigDict(strict=True)
+
+    message: str
+    jail: str
+
+
+class IgnoreIpRequest(BaseModel):
+    """Payload for adding an IP or network to a jail's ignore list."""
+
+    model_config = ConfigDict(strict=True)
+
+    ip: str = Field(..., description="IP address or CIDR network to ignore.")