GeneralBots/botserver
2
1
Fork 0
Code Activity Actions
botserver/src/security
History
Rodrigo Rodriguez (Pragmatismo) e992ed3b39
Some checks are pending
BotServer CI/CD / build (push) Waiting to run
Details
Enforce Vault-only secrets: remove env var fallbacks, all secrets from Vault 
- Remove all std::env::var calls except VAULT_* and PORT
- get_from_env returns hardcoded defaults only (no env var reading)
- Auth config, rate limits, email, analytics, calendar all use Vault
- WORK_PATH replaced with get_work_path() helper reading from Vault
- .env on production cleaned to only VAULT_ADDR, VAULT_TOKEN, VAULT_CACERT, PORT
- All service IPs/credentials stored in Vault secret/gbo/*
2026-04-03 07:11:40 -03:00
..
auth_api Enforce Vault-only secrets: remove env var fallbacks, all secrets from Vault 2026-04-03 07:11:40 -03:00
protection security: add CoreDNS ACL hardening and fail2ban proxy jail 2026-03-17 11:18:19 -03:00
antivirus.rs Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules 2026-01-08 13:16:17 -03:00
api_keys.rs Fix build errors and unused imports in core, security and package_manager modules 2026-01-24 22:04:47 -03:00
audit.rs Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules 2026-01-08 13:16:17 -03:00
auth.rs Refactor: Split large files into modular subdirectories 2026-02-12 21:09:30 +00:00
auth_provider.rs fix(server): update security modules and TODOs 2026-01-25 08:42:36 -03:00
ca.rs feat(autotask): Implement AutoTask system with intent classification and app generation 2025-12-27 21:10:09 -03:00
cert_pinning.rs Fix build errors and unused imports in core, security and package_manager modules 2026-01-24 22:04:47 -03:00
command_guard.rs fix: Vault seeding, service health checks, and restart idempotency 2026-04-01 12:22:57 -03:00
cors.rs WIP: Local changes before merging master into main 2026-03-01 07:40:11 -03:00
csrf.rs Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules 2026-01-08 13:16:17 -03:00
dlp.rs Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules 2026-01-08 13:16:17 -03:00
encryption.rs Fix build errors and unused imports in core, security and package_manager modules 2026-01-24 22:04:47 -03:00
error_sanitizer.rs Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules 2026-01-08 13:16:17 -03:00
file_validation.rs feat: add campaigns, attendance SLA, and marketing modules 2026-03-14 16:35:42 -03:00
headers.rs Fix tenant-org-bot relationship and CRM lead form 2026-03-12 18:19:18 -03:00
integration.rs WIP: Local changes before merging master into main 2026-03-01 07:40:11 -03:00
jwt.rs feat: Add comprehensive stage progress logging 2026-03-01 22:36:14 -03:00
log_sanitizer.rs feat: Add JWT secret rotation and health verification 2026-02-19 19:42:41 +00:00
mfa.rs Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules 2026-01-08 13:16:17 -03:00
mod.rs feat: Add JWT secret rotation and health verification 2026-02-19 19:42:41 +00:00
mutual_tls.rs Remove all code comments and fix ratatui version 2025-12-23 18:40:58 -03:00
panic_handler.rs WIP: Multiple code improvements from previous session 2026-02-08 12:25:37 +00:00
passkey.rs Refactor: Split large files into modular subdirectories 2026-02-12 21:09:30 +00:00
passkey_handlers.rs Refactor: Split large files into modular subdirectories 2026-02-12 21:09:30 +00:00
passkey_service.rs Refactor: Split large files into modular subdirectories 2026-02-12 21:09:30 +00:00
passkey_types.rs Refactor: Split large files into modular subdirectories 2026-02-12 21:09:30 +00:00
password.rs Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules 2026-01-08 13:16:17 -03:00
path_guard.rs feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
prompt_security.rs Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules 2026-01-08 13:16:17 -03:00
rate_limiter.rs fix: Resolve unused import and variable warnings 2026-02-19 11:48:17 +00:00
rbac_middleware.rs LXD proxy and container improvements 2026-03-15 15:50:02 -03:00
redis_csrf_store.rs feat: add campaigns, attendance SLA, and marketing modules 2026-03-14 16:35:42 -03:00
redis_session_store.rs feat: Add JWT secret rotation and health verification 2026-02-19 19:42:41 +00:00
request_id.rs feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
request_limits.rs feat: Add JWT secret rotation and health verification 2026-02-19 19:42:41 +00:00
safe_unwrap.rs feat: Add JWT secret rotation and health verification 2026-02-19 19:42:41 +00:00
secrets.rs Fix build errors and unused imports in core, security and package_manager modules 2026-01-24 22:04:47 -03:00
security.md Fix tenant-org-bot relationship and CRM lead form 2026-03-12 18:19:18 -03:00
security_monitoring.rs Fix SafeCommand to allow shell scripts with redirects and command chaining 2026-01-08 23:50:38 -03:00
session.rs feat: Add JWT secret rotation and health verification 2026-02-19 19:42:41 +00:00
sql_guard.rs Allow dynamic tables from app_generator in db_api 2026-01-02 18:20:04 -03:00
tls.rs feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
validation.rs feat: Add JWT secret rotation and health verification 2026-02-19 19:42:41 +00:00
webhook.rs Fix SafeCommand to allow shell scripts with redirects and command chaining 2026-01-08 23:50:38 -03:00
zitadel_auth.rs WIP: Local changes before merging master into main 2026-03-01 07:40:11 -03:00