refactor: comprehensive code quality, security, and release readiness improvements
Some checks failed
Lint & Test / test (push) Failing after 48s
Some checks failed
Lint & Test / test (push) Failing after 48s
Security: tighten CORS defaults, add webhook rate limiting, fix XSS in automations, guard WebSocket JSON.parse, validate ADB address input, seal debug exception leak, URL-encode WS tokens, CSS.escape in selectors. Code quality: add Pydantic models for brightness/power endpoints, fix thread safety and name uniqueness in DeviceStore, immutable update pattern, split 6 oversized files into 16 focused modules, enable TypeScript strictNullChecks (741→102 errors), type state variables, add dom-utils helper, migrate 3 modules from inline onclick to event delegation, ProcessorDependencies dataclass. Performance: async store saves, health endpoint log level, command palette debounce, optimized entity-events comparison, fix service worker precache list. Testing: expand from 45 to 293 passing tests — add store tests (141), route tests (25), core logic tests (42), E2E flow tests (33), organize into tests/api/, tests/storage/, tests/core/, tests/e2e/. DevOps: CI test pipeline, pre-commit config, Dockerfile multi-stage build with non-root user and health check, docker-compose improvements, version bump to 0.2.0. Docs: rewrite CLAUDE.md (202→56 lines), server/CLAUDE.md (212→76), create contexts/server-operations.md, fix .js→.ts references, fix env var prefix in README, rewrite INSTALLATION.md, add CONTRIBUTING.md and .env.example.
This commit is contained in:
54
server/.env.example
Normal file
54
server/.env.example
Normal file
@@ -0,0 +1,54 @@
|
||||
# WLED Screen Controller — Environment Variables
|
||||
# Copy this file to .env and adjust values as needed.
|
||||
# All variables use the WLED_ prefix with __ (double underscore) as the nesting delimiter.
|
||||
|
||||
# ── Server ──────────────────────────────────────────────
|
||||
# WLED_SERVER__HOST=0.0.0.0 # Listen address (default: 0.0.0.0)
|
||||
# WLED_SERVER__PORT=8080 # Listen port (default: 8080)
|
||||
# WLED_SERVER__LOG_LEVEL=INFO # Log level: DEBUG, INFO, WARNING, ERROR (default: INFO)
|
||||
# WLED_SERVER__CORS_ORIGINS=["*"] # JSON array of allowed CORS origins
|
||||
|
||||
# ── Authentication ──────────────────────────────────────
|
||||
# API keys are required. Format: JSON object {"label": "key"}.
|
||||
# WLED_AUTH__API_KEYS={"dev": "development-key-change-in-production"}
|
||||
|
||||
# ── Storage paths ───────────────────────────────────────
|
||||
# All paths are relative to the server working directory.
|
||||
# WLED_STORAGE__DEVICES_FILE=data/devices.json
|
||||
# WLED_STORAGE__TEMPLATES_FILE=data/capture_templates.json
|
||||
# WLED_STORAGE__POSTPROCESSING_TEMPLATES_FILE=data/postprocessing_templates.json
|
||||
# WLED_STORAGE__PICTURE_SOURCES_FILE=data/picture_sources.json
|
||||
# WLED_STORAGE__OUTPUT_TARGETS_FILE=data/output_targets.json
|
||||
# WLED_STORAGE__PATTERN_TEMPLATES_FILE=data/pattern_templates.json
|
||||
# WLED_STORAGE__COLOR_STRIP_SOURCES_FILE=data/color_strip_sources.json
|
||||
# WLED_STORAGE__AUDIO_SOURCES_FILE=data/audio_sources.json
|
||||
# WLED_STORAGE__AUDIO_TEMPLATES_FILE=data/audio_templates.json
|
||||
# WLED_STORAGE__VALUE_SOURCES_FILE=data/value_sources.json
|
||||
# WLED_STORAGE__AUTOMATIONS_FILE=data/automations.json
|
||||
# WLED_STORAGE__SCENE_PRESETS_FILE=data/scene_presets.json
|
||||
# WLED_STORAGE__COLOR_STRIP_PROCESSING_TEMPLATES_FILE=data/color_strip_processing_templates.json
|
||||
# WLED_STORAGE__SYNC_CLOCKS_FILE=data/sync_clocks.json
|
||||
|
||||
# ── MQTT (optional) ────────────────────────────────────
|
||||
# WLED_MQTT__ENABLED=false
|
||||
# WLED_MQTT__BROKER_HOST=localhost
|
||||
# WLED_MQTT__BROKER_PORT=1883
|
||||
# WLED_MQTT__USERNAME=
|
||||
# WLED_MQTT__PASSWORD=
|
||||
# WLED_MQTT__CLIENT_ID=ledgrab
|
||||
# WLED_MQTT__BASE_TOPIC=ledgrab
|
||||
|
||||
# ── Logging ─────────────────────────────────────────────
|
||||
# WLED_LOGGING__FORMAT=json # json or text (default: json)
|
||||
# WLED_LOGGING__FILE=logs/wled_controller.log
|
||||
# WLED_LOGGING__MAX_SIZE_MB=100
|
||||
# WLED_LOGGING__BACKUP_COUNT=5
|
||||
|
||||
# ── Demo mode ───────────────────────────────────────────
|
||||
# WLED_DEMO=false # Enable demo mode (uses data/demo/ directory)
|
||||
|
||||
# ── Config file override ───────────────────────────────
|
||||
# WLED_CONFIG_PATH= # Absolute path to a YAML config file (overrides all above)
|
||||
|
||||
# ── Docker Compose extras (not part of WLED_ prefix) ───
|
||||
# DISPLAY=:0 # X11 display for Linux screen capture
|
||||
Reference in New Issue
Block a user