mabdalla/sawa-control-panel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
sawa-control-panel/docs/ROADMAP.md

5.9 KiB
Raw Blame History

Sawa Control Panel — Roadmap

Living document. Phases are sequential. Within each phase, items are ordered by priority.

Phase 1 — Foundation (MVP)

Goal: A working panel accessible from the local network with basic service control.

1.1 Project Setup

  • Vite + React + Tailwind frontend scaffold
  • Express backend scaffold with health check endpoint
  • nginx reverse proxy config for /api/* to backend
  • PM2 config for backend process management
  • Basic deploy script — build + scp to server

1.2 Service Control API

  • GET /api/v1/services — list all managed services with status
  • POST /api/v1/services/:name/start
  • POST /api/v1/services/:name/stop
  • POST /api/v1/services/:name/restart
  • Service whitelist enforcement in backend
  • sudoers config for non-root rc-service execution

1.3 Dashboard UI

  • Service cards — name, status indicator, start/stop/restart buttons
  • Status polling every 10 seconds — auto-refresh without page reload
  • Green/red/yellow visual indicator per service state
  • Confirmation dialog before stopping critical services (nginx, sshd, nftables)

1.4 Security — Client Certificates (mTLS)

  • CA key and cert generation script (certs/create-ca.sh)
  • Per-device client cert generation script (certs/create-client.sh <device-name>)
  • nginx mTLS config — ssl_verify_client on
  • PKCS12 (.p12) export for mobile device installation
  • Instructions: install cert on Windows laptop + Android/iOS phone
  • Verify: unauthorized device gets TLS handshake failure, no HTTP response

Phase 2 — System Monitoring

Goal: Real-time visibility into server health.

2.1 Resource Metrics API

  • GET /api/v1/system/cpu — current CPU usage percent
  • GET /api/v1/system/memory — used/total/free RAM
  • GET /api/v1/system/disk — usage per mounted partition
  • GET /api/v1/system/uptime — system uptime in seconds
  • GET /api/v1/system/load — 1/5/15 min load averages

2.2 Monitoring UI

  • CPU usage gauge — animated, updates every 5 seconds
  • RAM bar — used vs available with percentage
  • Disk usage bars — one per partition
  • Uptime counter — live display
  • Load average — color coded (green < 1.0, yellow < 2.0, red >= 2.0)

2.3 Service Logs

  • GET /api/v1/logs/:service — last 100 lines of service log
  • Log viewer panel per service — expandable in UI
  • Auto-scroll to latest entries
  • Tail mode — live log streaming via SSE or WebSocket

Phase 3 — Virtual Host Management

Goal: Add/remove/configure nginx virtual hosts from the UI without touching the CLI.

3.1 Virtual Host API

  • GET /api/v1/vhosts — list all configured virtual hosts
  • POST /api/v1/vhosts — create new virtual host config file
  • DELETE /api/v1/vhosts/:name — remove virtual host
  • POST /api/v1/vhosts/:name/enable
  • POST /api/v1/vhosts/:name/disable
  • POST /api/v1/nginx/reload — nginx -t then reload if ok

3.2 Virtual Host UI

  • List of all domains/sites with status
  • Add new site form — domain, port, document root, backend type (static/PHP/Node/proxy)
  • Enable/disable toggle per site
  • nginx config test result shown before applying changes

3.3 SSL/TLS Management

  • Self-signed cert generation per domain (local/LAN use)
  • Certbot integration — request Let's Encrypt cert per domain
  • Cert expiry display per domain with renewal status

Phase 4 — UI Redesign

Goal: Overhaul the panel with a professional dashboard-style interface.

  • Persistent header with real-time metrics
  • Left sidebar navigation with collapsible services tree
  • Direct service detail pages with log viewer and controls
  • Refactored health dashboard
  • Integrated virtual host creation form

Phase 5 — App Market (Current)

Goal: One-click installation, configuration, and management of server applications. Shield the user from the CLI entirely.

5.1 Recipe System

  • Define recipe.json schema (id, name, version, category, steps, database, service, vhost, ssl)
  • backend/recipes/ folder — one subfolder per app
  • Each recipe folder contains recipe.json + install.sh
  • Recipe loader service reads all recipes at startup

5.2 Installation Engine (backend)

  • backend/routes/apps.js
    • GET /api/v1/apps — list all recipes with status
    • POST /api/v1/apps/:id/install — execute recipe
    • GET /api/v1/apps/:id/status — installed/not installed
    • POST /api/v1/apps/:id/uninstall
  • backend/services/appInstaller.js — recipe executor:
    • fetch → configure → database → service → vhost → ssl
  • Database provisioning helper (postgres + mariadb)
  • PM2 registration helper
  • VHost writer (reuse vhostService.js)
  • Certbot integration — optional SSL per domain
  • Install log streaming via SSE

5.3 Initial Recipe Library

  • forgejo — Go binary, postgres, PM2, nginx
  • phpmyadmin — PHP-FPM, nginx, mariadb
  • pgadmin — Python, PM2, nginx, postgres
  • static-site — folder

Phase 6 — Traffic Analytics (Future)

Goal: nginx access log analysis built into the panel — no external tools needed.

  • Parse nginx access logs per virtual host
  • Daily/weekly/monthly request counts per domain
  • Top pages, top IPs, top user agents
  • Error rate tracking — 4xx and 5xx breakdown
  • Bandwidth usage per domain
  • Geo-IP visitor origins using local MaxMind DB
  • Internal charts for visualization

Phase 7 — Multi-Node / Cluster Support (Future)

Goal: Manage multiple Sawa server nodes from one panel instance.

  • Node registry via SSH key auth
  • SSH-based remote command execution
  • Unified dashboard for all nodes
  • Aggregate resource monitoring
  • Distributed LLM inference management (exo cluster)
  • Node health alerts and notifications