Log Collectors (backend/internal/collectors/logs/):
- LogEntry model with level, source, message, fields
- Manager for coordinating multiple collectors
- JournalCollector: systemd journal via journalctl CLI
- FileCollector: tail log files with format parsing (plain, json, nginx)
- DockerCollector: docker container logs via docker CLI
- All collectors are pure Go (no CGO dependencies)
Database Storage:
- Add logs table with indexes for efficient querying
- StoreLogs: batch insert log entries
- QueryLogs: filter by agent, source, level, time, full-text search
- DeleteOldLogs: retention cleanup
- Implementations for both SQLite and PostgreSQL
Frontend Log Viewer:
- Log types and level color definitions
- Logs API client with streaming support
- /logs route with search, level filters, source filters
- Live streaming mode for real-time log tailing
- Paginated loading with load more
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Frontend Auth System:
- Add auth types (User, Role, Permission, LoginResponse)
- Add auth API client with token injection (authApi, usersApi, rolesApi)
- Add auth store with localStorage persistence and expiration
- Add hasPermission/hasAnyPermission permission checks
Login Page:
- Create /login route with username/password form
- Auto-redirect if already authenticated
- Loading states and error handling
Admin Pages:
- Add /admin layout with route guards ($effect-based)
- Create users management page with CRUD modals
- Create roles management page with permission editor
- Category-based permission selection UI
Header Integration:
- Add UserMenu component with dropdown
- Show admin link for users with admin permissions
- Show Sign In link when not authenticated
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
RBAC System (internal/auth/):
- Permission constants for all resources (dashboard, agents, alerts, etc.)
- Wildcard permission support ("*" for admin, "category:*" for groups)
- Authorizer service with role-based permission checking
- RequirePermission middleware for route protection
Role Management API:
- GET /roles - List all roles
- GET /roles/:id - Get role details
- POST /roles - Create custom role
- PUT /roles/:id - Update role (custom only)
- DELETE /roles/:id - Delete role (custom only)
User Management API (admin):
- GET /users - List all users
- GET /users/:id - Get user details
- GET /users/:id/roles - Get user's roles
- POST /users - Create new user
- PUT /users/:id - Update user profile
- DELETE /users/:id - Disable user account
- POST /users/:id/enable - Re-enable user
- POST /users/:id/reset-password - Reset password
- PUT /users/:id/roles - Assign roles to user
Built-in Roles (via database migrations):
- admin: Full access (*)
- operator: Agent and alert management
- viewer: Read-only dashboard access
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Auth Package (internal/auth/):
- Service: main auth orchestrator with multi-provider support
- LocalProvider: username/password auth with bcrypt hashing
- LDAPProvider: LDAP/Active Directory authentication with:
- Service account bind for user search
- User bind for password verification
- Automatic user provisioning on first login
- Group membership to role synchronization
- SessionManager: token-based session lifecycle
- Middleware: Gin middleware for route protection
- API: REST endpoints for login/logout/register
Security Features:
- bcrypt with cost factor 12 for password hashing
- Secure random 32-byte session tokens
- HTTP-only session cookies with SameSite=Lax
- Bearer token support for API clients
- Session expiration and cleanup
- Account disable with session invalidation
API Endpoints:
- POST /auth/login - Authenticate and get session
- POST /auth/logout - Invalidate current session
- POST /auth/logout/all - Invalidate all user sessions
- POST /auth/register - Create account (if enabled)
- GET /auth/me - Get current user info
- PUT /auth/me - Update profile
- PUT /auth/me/password - Change password
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Devices Store (stores/devices.ts):
- Device state management with Map<deviceId, DeviceMetrics>
- View mode: overview (device grid) vs detail (single device)
- Per-device history tracking for sparklines
- Device sorting by status (online first) then hostname
Multi-Device Types (types/metrics.ts):
- DeviceMetrics with status (online/degraded/offline)
- MultiDeviceMessage union type for SSE messages
- DeviceStatusChange for connect/disconnect events
Device Components:
- DeviceCard: Compact device summary with CPU/RAM/GPU bars
- DeviceGrid: Responsive grid of all connected devices
- FleetStatusBar: Shows device counts and navigation breadcrumb
SSE Handler Updates:
- Auto-detect multi-device vs single-device mode
- Route messages to appropriate handler
- Clear devices on host switch
View Mode Routing:
- Overview mode: Shows DeviceGrid with all devices
- Detail mode: Shows full dashboard for selected device
- Seamless transition between modes
- Device selection updates the metrics store for dashboard cards
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Agent Package (internal/agent/):
- Agent struct with all collectors and memory-efficient pooling
- Run loop with configurable collection interval
- Graceful shutdown with context cancellation
- Auto-reconnection callback for re-registration
gRPC Client (internal/agent/client.go):
- mTLS support with CA, agent cert, and key
- Bidirectional streaming for metrics
- Heartbeat fallback when streaming fails
- Exponential backoff with jitter for reconnection
- Concurrent reconnection handling with mutex
Protocol Buffers (proto/tyto.proto):
- AgentService with Stream, Register, Heartbeat RPCs
- MetricsReport with summary fields for aggregation
- ConfigUpdate and Command messages for server control
- RegisterStatus enum for registration workflow
CLI Integration (cmd/tyto/main.go):
- Full agent subcommand with flag parsing
- Support for --id, --server, --interval, --ca-cert, etc.
- Environment variable overrides (TYTO_AGENT_*)
- Signal handling for graceful shutdown
Build System (Makefile):
- Cross-compilation for linux/amd64, arm64, armv7
- Stripped binaries with version info
- Proto generation target
- Test and coverage targets
Config Updates:
- DefaultConfig() and LoadFromPath() functions
- Agent config properly parsed from YAML
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
PKI Package (internal/pki/):
- CA initialization with configurable validity and key size
- Server certificate generation with DNS/IP SANs
- Agent certificate generation (agent ID in CN)
- Certificate revocation list (CRL) support
- mTLS TLS configuration helpers
- File-based certificate store with JSON persistence
CLI Commands (cmd/tyto/):
- `tyto pki init-ca` - Initialize new Certificate Authority
- `tyto pki gen-server` - Generate server certificate
- `tyto pki gen-agent` - Generate agent certificate
- `tyto pki revoke` - Revoke certificate by serial
- `tyto pki list` - List all certificates
- `tyto pki info` - Show CA information
Security Features:
- RSA 4096-bit keys by default
- TLS 1.2 minimum version
- Client certificate verification for mTLS
- CRL checking in TLS handshake
- Agent ID extraction from verified certificates
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add gear icon button to open settings/export panel (desktop + mobile)
- Fix page title from "System Monitor" to "Tyto" in +page.svelte
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Rename project from system-monitor to Tyto (barn owl themed)
- Update Go module name and all import paths
- Update Docker container names (tyto-backend, tyto-frontend)
- Update localStorage keys (tyto-settings, tyto-hosts)
- Create barn owl SVG favicon and PWA icons (192, 512)
- Update header with owl logo icon
- Update manifest.json and app.html with Tyto branding
Named after Tyto alba, the barn owl — nature's silent, watchful guardian
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add README with shields.io badges for Go, SvelteKit, Docker
- Document quick start with Docker Compose
- Add multi-host monitoring setup guide with network diagram
- Include full API reference with endpoint table
- Add configuration section with environment variables
- Document keyboard shortcuts and alert configuration
- Add troubleshooting section with collapsible details
- Include MIT LICENSE file
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add per-process details modal with kill/pause/resume functionality
- GET /api/v1/processes/:pid for detailed process info
- POST /api/v1/processes/:pid/signal for sending signals
- ProcessDetailModal component with state, resources, command line
- Add desktop notifications for alerts
- Browser Notification API integration
- Toggle in AlertsCard with permission handling
- Auto-close for warnings, persistent for critical
- Add CSV/JSON export functionality
- GET /api/v1/export/metrics?format=csv|json
- Export buttons in SettingsPanel
- Includes host name in filename
- Add multi-host monitoring support
- HostSelector component for switching between backends
- Hosts store with localStorage persistence
- All API calls updated for remote host URLs
- Add disk I/O rate charts to HistoryCard
- Read/write bytes/sec sparklines
- Complements existing network rate charts
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
SVG was using fixed width/height attributes causing clipping in
smaller containers. Now uses viewBox for coordinate system and
w-full h-full classes to fill container properly.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When container restarts, backend resets to default 5s interval but
frontend still shows the user's stored preference from localStorage.
Now on SSE connect, frontend pushes its stored refresh rate to the
backend, ensuring they stay in sync after container rebuilds.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add min-w-0 to flex containers to allow proper shrinking
- Hide sparklines below 400px viewport width
- Add flex-shrink-0 and overflow-hidden to sparkline containers
- Reduce font sizes and gaps on mobile for better fit
Affects CpuCard, MemoryCard, and GpuCard sparkline displays.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Dashboard Editor & Layout:
- Full-screen visual editor for reorganizing cards
- Drag-and-drop cards between sections
- Toggle card visibility with persistence to localStorage
- Reset to default layout option
Alerts System:
- Threshold-based alerts for CPU, memory, temperature, disk, GPU
- Alert manager with duration requirements
- AlertsCard component with settings UI
- API endpoints for alerts CRUD
New Collectors:
- Docker container monitoring with parallel stats fetching
- Systemd service status via D-Bus
- Historical metrics storage (1 hour at 1s intervals)
PWA Support:
- Service worker with offline caching
- Web app manifest with SVG icons
- iOS PWA meta tags
Mobile Responsive:
- Collapsible hamburger menu on mobile
- Adaptive grid layouts for all screen sizes
- Touch-friendly hover states
- Safe area insets for notched devices
UI Enhancements:
- Light/dark theme toggle with persistence
- Keyboard shortcuts (T=theme, R=refresh, ?=help)
- Per-process expandable details in ProcessesCard
- Sparkline charts for historical data
Performance Fixes:
- Buffered SSE channels to prevent blocking
- Parallel Docker stats collection with timeout
- D-Bus timeout for systemd collector
Tests:
- Unit tests for CPU, memory, network collectors
- Alert manager tests
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Full-stack system monitoring dashboard for Linux with AMD GPU support.
Features:
- Real-time metrics via Server-Sent Events (SSE)
- CPU usage per core with frequency and load averages
- Memory and swap utilization
- Disk usage and I/O activity
- Network interfaces with traffic stats
- Process list sorted by CPU or memory
- Temperature sensors (CPU, GPU, NVMe, motherboard)
- AMD GPU monitoring (utilization, VRAM, temp, clocks, power, fan)
- Configurable refresh rate (1-60 seconds)
Stack:
- Backend: Go + Gin, reading from /proc and /sys
- Frontend: SvelteKit 5 + Tailwind CSS
- Deployment: Docker Compose with host volume mounts
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
