Initial release — Salus by Stranto v1.6.1.0

FastAPI/Jinja2 web app for viewing and rebooting TP-Link Omada APs across all sites. Authentik OIDC auth, SQLite audit log, Docker deploy. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-27 14:36:02 +02:00
commit 284924e86d
17 changed files with 1646 additions and 0 deletions
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,30 @@
+# Copy this file to .env and fill in your values
+# .env is never committed (see .gitignore)
+
+# --- Dev mode (set to true to skip Authentik login entirely) ---
+AUTH_DISABLED=false
+
+# --- Omada Controller ---
+OMADA_BASE_URL=https://sdn.qwe.stranto.com:8043/
+OMADA_USERNAME=api-user
+OMADA_PASSWORD=secret
+OMADA_VERIFY_SSL=false
+# OpenAPI client credentials — required for reboot on Omada Controller v5.9+/v6+
+# Create in Omada Controller: Settings → OpenAPI → Add Role → Add Client
+OMADA_CLIENT_ID=
+OMADA_CLIENT_SECRET=
+
+# --- Authentik OIDC ---
+AUTHENTIK_ISSUER=https://auth.stranto.com/application/o/qwe-salus/
+AUTHENTIK_CLIENT_ID=
+AUTHENTIK_CLIENT_SECRET=
+# For local dev, use localhost; for production use the public URL
+AUTHENTIK_REDIRECT_URI=http://localhost:8080/auth/callback
+
+# --- Session ---
+# Generate with: python -c "import secrets; print(secrets.token_hex(32))"
+SESSION_SECRET_KEY=changeme_replace_with_random_string
+
+# --- Database ---
+# Defaults to /data/audit.db (Docker).  Override for local dev:
+DB_PATH=./audit.db