bfb159d0f0
fix: add SSL bypass and error logging to Grafana provisioning
...
- Add CURLOPT_SSL_VERIFYPEER=false for shared hosting environments
- Add CURLOPT_FOLLOWLOCATION to handle redirects
- Log all Grafana heartbeat attempts with HTTP code and cURL errors
- Helps debug provisioning failures on DreamHost and similar hosts
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-05-21 22:48:49 -05:00
47faa1b289
fix: update Grafana API token (Admin SA) [skip ci]
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-05-21 22:42:49 -05:00
9ccd27e809
chore(version): bump 02.01.27 → 02.01.28 [skip ci]
2026-05-22 02:56:54 +00:00
1c1b541bc5
chore(version): bump 02.01.26 → 02.01.27 [skip ci]
2026-05-22 02:25:30 +00:00
0bc5504e16
security: obfuscate Grafana credentials with XOR+base64
...
API key and URL stored as XOR-encoded base64 constants. Deobfuscated
at runtime only when needed. Prevents plain-text grep discovery.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-05-21 21:25:01 -05:00
f63e46030d
chore(version): bump 02.01.25 → 02.01.26 [skip ci]
2026-05-22 02:21:14 +00:00
34df31b086
feat: hardcode Grafana credentials, always-on health endpoint
...
- Health endpoint always enabled when plugin is installed
- Grafana URL and API key hardcoded as constants
- Removed enable_health_endpoint, grafana_url, grafana_api_key from config UI
- Token still auto-generated and shown as read-only
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-05-21 21:20:44 -05:00
94b63ae08f
chore(version): bump 02.01.24 → 02.01.25 [skip ci]
2026-05-22 02:02:17 +00:00
444b8c2853
chore(version): bump 02.01.23 → 02.01.24 [skip ci]
2026-05-21 21:00:29 +00:00
18f64b5b68
chore(version): bump 02.01.22 → 02.01.23 [skip ci]
2026-05-21 20:56:44 +00:00
d1e2555f00
feat(diagnostics): add health endpoint with Grafana auto-provisioning ( #54 )
...
Implements heartbeat telemetry for WaaS dashboard monitoring:
- JSON health endpoint at /?mokowaas=health with token auth
- Database, filesystem, cache, and extension health checks
- Auto-generated API token (separate from Joomla user tokens)
- Grafana Infinity datasource auto-provisioning via REST API
- Shared dashboard with endpoint dropdown variable
- Auto-provision on plugin install/update via script.php
- Grafana plugin install via API (replaces deprecated CLI)
- Deprovisioning on disable (datasource cleanup)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-05-21 15:44:04 -05:00
jmiller
a0f3e42861
fix(lang): update pretty name to Joomla convention [skip ci]
2026-05-16 22:57:25 +00:00
jmiller
76e0da69bb
fix(lang): update pretty name to Joomla convention [skip ci]
2026-05-16 22:57:25 +00:00
03ee7a95f3
fix(lang): update pretty name to Joomla convention [skip ci]
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-05-16 09:35:02 -05:00
9ff176606f
chore: Gitea-only workflows + remove GitHub update server [skip ci]
2026-04-26 21:54:09 -05:00
a7cef01ff1
chore(release): build 02.01.21 [skip ci]
2026-04-23 22:52:07 +00:00
jmiller
e8e6c93295
fix: remove CSS injection, lock MokoWaaS + MokoOnyx ( #7 )
...
Standards Compliance / Secret Scanning (push) Failing after 3s
Standards Compliance / License Header Validation (push) Successful in 2s
Standards Compliance / Repository Structure Validation (push) Successful in 3s
Standards Compliance / Coding Standards Check (push) Failing after 3s
Standards Compliance / Documentation Quality Check (push) Successful in 3s
Standards Compliance / Workflow Configuration Check (push) Failing after 4s
Standards Compliance / README Completeness Check (push) Successful in 3s
Standards Compliance / Git Repository Hygiene (push) Successful in 3s
Standards Compliance / Line Length Check (push) Failing after 3s
Standards Compliance / Script Integrity Validation (push) Successful in 4s
Standards Compliance / File Naming Standards (push) Successful in 3s
Standards Compliance / Insecure Code Pattern Detection (push) Successful in 3s
Standards Compliance / Dead Code Detection (push) Successful in 4s
Standards Compliance / File Size Limits (push) Successful in 3s
Standards Compliance / Binary File Detection (push) Successful in 4s
Standards Compliance / TODO/FIXME Tracking (push) Successful in 2s
Standards Compliance / Version Consistency Check (push) Successful in 48s
Standards Compliance / Code Complexity Analysis (push) Successful in 46s
Standards Compliance / Code Duplication Detection (push) Successful in 47s
Standards Compliance / Broken Link Detection (push) Successful in 3s
Standards Compliance / API Documentation Coverage (push) Successful in 2s
Standards Compliance / Accessibility Check (push) Successful in 3s
Standards Compliance / Performance Metrics (push) Successful in 2s
Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 48s
Standards Compliance / Terraform Configuration Validation (push) Successful in 5s
Standards Compliance / Unused Dependencies Check (push) Successful in 53s
Repo Health / Access control (push) Failing after 2s
Repo Health / Release configuration (push) Has been skipped
Repo Health / Scripts governance (push) Has been skipped
Repo Health / Repository health (push) Has been skipped
Standards Compliance / Enterprise Readiness Check (push) Failing after 50s
Update MokoOnyx Payload / update-payload (push) Failing after 33s
Standards Compliance / Repository Health Check (push) Failing after 51s
Standards Compliance / Compliance Summary (push) Failing after 1s
fix: remove CSS injection, lock MokoWaaS + MokoOnyx
2026-04-23 20:14:20 +00:00
jmiller
3a46d20c52
Release 02.01.20 — brand buttons, dev mode, ATS overrides
Standards Compliance / Secret Scanning (push) Failing after 3s
Standards Compliance / Repository Structure Validation (push) Successful in 2s
Standards Compliance / License Header Validation (push) Successful in 2s
Standards Compliance / Coding Standards Check (push) Failing after 3s
Standards Compliance / Workflow Configuration Check (push) Failing after 3s
Standards Compliance / Documentation Quality Check (push) Successful in 3s
Standards Compliance / README Completeness Check (push) Successful in 3s
Standards Compliance / Git Repository Hygiene (push) Successful in 3s
Standards Compliance / Line Length Check (push) Failing after 3s
Standards Compliance / Script Integrity Validation (push) Successful in 3s
Standards Compliance / File Naming Standards (push) Successful in 3s
Standards Compliance / Insecure Code Pattern Detection (push) Successful in 2s
Standards Compliance / Dead Code Detection (push) Successful in 4s
Standards Compliance / File Size Limits (push) Successful in 3s
Standards Compliance / Binary File Detection (push) Successful in 4s
Standards Compliance / TODO/FIXME Tracking (push) Successful in 3s
Standards Compliance / Version Consistency Check (push) Successful in 49s
Standards Compliance / Code Duplication Detection (push) Successful in 43s
Standards Compliance / Broken Link Detection (push) Successful in 3s
Standards Compliance / Code Complexity Analysis (push) Successful in 46s
Standards Compliance / API Documentation Coverage (push) Successful in 3s
Standards Compliance / Accessibility Check (push) Successful in 3s
Standards Compliance / Performance Metrics (push) Successful in 2s
Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 49s
Standards Compliance / Terraform Configuration Validation (push) Successful in 6s
Update MokoOnyx Payload / update-payload (push) Successful in 3s
Repo Health / Access control (push) Failing after 2s
Repo Health / Release configuration (push) Has been skipped
Repo Health / Scripts governance (push) Has been skipped
Repo Health / Repository health (push) Has been skipped
Standards Compliance / Unused Dependencies Check (push) Successful in 53s
Standards Compliance / Enterprise Readiness Check (push) Failing after 47s
Standards Compliance / Repository Health Check (push) Failing after 49s
Standards Compliance / Compliance Summary (push) Failing after 1s
2026-04-23 19:33:59 +00:00
cb03a89f98
fix: Gitea priority 1, GitHub priority 2 for update server
...
Repo Health / Access control (push) Failing after 1s
Repo Health / Release configuration (push) Has been skipped
Repo Health / Scripts governance (push) Has been skipped
Repo Health / Repository health (push) Has been skipped
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-22 03:34:53 -05:00
d4a5367eed
fix: add <element>mokowaas</element> to manifest for correct ZIP naming
...
Repo Health / Access control (push) Failing after 1s
Repo Health / Release configuration (push) Has been skipped
Repo Health / Scripts governance (push) Has been skipped
Repo Health / Repository health (push) Has been skipped
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-22 02:42:34 -05:00
43bd0e2031
Bump 02.01.14 — GitHub-primary update server, MokoOnyx lock support
...
Repo Health / Access control (push) Failing after 1s
Standards Compliance / Secret Scanning (push) Failing after 2s
Standards Compliance / License Header Validation (push) Successful in 2s
Standards Compliance / Repository Structure Validation (push) Successful in 2s
Standards Compliance / Coding Standards Check (push) Failing after 3s
Standards Compliance / Workflow Configuration Check (push) Failing after 3s
Standards Compliance / Documentation Quality Check (push) Successful in 2s
Standards Compliance / README Completeness Check (push) Successful in 2s
Standards Compliance / Git Repository Hygiene (push) Successful in 3s
Standards Compliance / Script Integrity Validation (push) Successful in 3s
Standards Compliance / Line Length Check (push) Failing after 2s
Standards Compliance / File Naming Standards (push) Successful in 3s
Standards Compliance / Insecure Code Pattern Detection (push) Successful in 2s
Standards Compliance / Version Consistency Check (push) Successful in 34s
Standards Compliance / Code Complexity Analysis (push) Successful in 33s
Standards Compliance / Code Duplication Detection (push) Successful in 32s
Standards Compliance / Dead Code Detection (push) Successful in 4s
Standards Compliance / File Size Limits (push) Successful in 3s
Standards Compliance / TODO/FIXME Tracking (push) Successful in 3s
Standards Compliance / Binary File Detection (push) Successful in 4s
Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 40s
Standards Compliance / Broken Link Detection (push) Successful in 3s
Standards Compliance / Unused Dependencies Check (push) Successful in 44s
Standards Compliance / API Documentation Coverage (push) Successful in 2s
Standards Compliance / Accessibility Check (push) Successful in 2s
Standards Compliance / Performance Metrics (push) Successful in 3s
Standards Compliance / Enterprise Readiness Check (push) Failing after 38s
Standards Compliance / Repository Health Check (push) Failing after 37s
Update MokoCassiopeia Payload / update-payload (push) Failing after 3s
Standards Compliance / Terraform Configuration Validation (push) Successful in 5s
Repo Health / Release configuration (push) Has been skipped
Repo Health / Scripts governance (push) Has been skipped
Repo Health / Repository health (push) Has been skipped
Standards Compliance / Compliance Summary (push) Failing after 1s
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-21 17:22:26 -05:00
68f897ffe4
feat: add all update channels, Gitea-primary update server URL
...
Repo Health / Access control (push) Failing after 5s
Standards Compliance / Secret Scanning (push) Failing after 2s
Standards Compliance / License Header Validation (push) Successful in 3s
Standards Compliance / Repository Structure Validation (push) Successful in 3s
Standards Compliance / Coding Standards Check (push) Failing after 2s
Standards Compliance / Workflow Configuration Check (push) Failing after 2s
Standards Compliance / Documentation Quality Check (push) Successful in 3s
Standards Compliance / README Completeness Check (push) Successful in 3s
Standards Compliance / Git Repository Hygiene (push) Successful in 2s
Standards Compliance / Script Integrity Validation (push) Successful in 4s
Standards Compliance / Line Length Check (push) Failing after 3s
Standards Compliance / File Naming Standards (push) Successful in 3s
Standards Compliance / Insecure Code Pattern Detection (push) Successful in 2s
Standards Compliance / Version Consistency Check (push) Successful in 36s
Standards Compliance / Code Complexity Analysis (push) Successful in 42s
Standards Compliance / Dead Code Detection (push) Successful in 4s
Standards Compliance / Code Duplication Detection (push) Successful in 37s
Standards Compliance / File Size Limits (push) Successful in 3s
Standards Compliance / TODO/FIXME Tracking (push) Successful in 3s
Standards Compliance / Binary File Detection (push) Successful in 4s
Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 35s
Standards Compliance / Broken Link Detection (push) Successful in 3s
Standards Compliance / Unused Dependencies Check (push) Successful in 37s
Standards Compliance / API Documentation Coverage (push) Successful in 2s
Standards Compliance / Accessibility Check (push) Successful in 3s
Standards Compliance / Performance Metrics (push) Successful in 2s
Standards Compliance / Enterprise Readiness Check (push) Failing after 33s
Standards Compliance / Repository Health Check (push) Failing after 32s
Standards Compliance / Terraform Configuration Validation (push) Successful in 5s
Update MokoCassiopeia Payload / update-payload (push) Failing after 3s
Repo Health / Release configuration (push) Has been skipped
Repo Health / Scripts governance (push) Has been skipped
Repo Health / Repository health (push) Has been skipped
Standards Compliance / Compliance Summary (push) Failing after 1s
- updates.xml: all 5 channels (dev, alpha, beta, rc, stable)
- manifest: Gitea priority 1, GitHub priority 2
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-21 17:17:53 -05:00
3df40214f3
feat: prefer MokoOnyx over MokoCassiopeia — lock Onyx, unlock Cassiopeia
...
Repo Health / Access control (push) Failing after 4s
Standards Compliance / Secret Scanning (push) Failing after 2s
Standards Compliance / License Header Validation (push) Successful in 2s
Standards Compliance / Repository Structure Validation (push) Successful in 3s
Standards Compliance / Coding Standards Check (push) Failing after 3s
Standards Compliance / Workflow Configuration Check (push) Failing after 3s
Standards Compliance / Documentation Quality Check (push) Successful in 3s
Standards Compliance / README Completeness Check (push) Successful in 2s
Standards Compliance / Git Repository Hygiene (push) Successful in 3s
Standards Compliance / Version Consistency Check (push) Successful in 35s
Standards Compliance / Line Length Check (push) Failing after 3s
Standards Compliance / File Naming Standards (push) Successful in 2s
Standards Compliance / Insecure Code Pattern Detection (push) Successful in 3s
Standards Compliance / Script Integrity Validation (push) Successful in 39s
Standards Compliance / Code Complexity Analysis (push) Successful in 35s
Standards Compliance / Dead Code Detection (push) Successful in 4s
Standards Compliance / File Size Limits (push) Successful in 2s
Standards Compliance / Binary File Detection (push) Successful in 4s
Standards Compliance / TODO/FIXME Tracking (push) Successful in 3s
Standards Compliance / Code Duplication Detection (push) Successful in 39s
Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 34s
Standards Compliance / Broken Link Detection (push) Successful in 4s
Standards Compliance / API Documentation Coverage (push) Successful in 2s
Standards Compliance / Accessibility Check (push) Successful in 3s
Standards Compliance / Performance Metrics (push) Successful in 2s
Standards Compliance / Unused Dependencies Check (push) Successful in 39s
Standards Compliance / Enterprise Readiness Check (push) Failing after 37s
Standards Compliance / Terraform Configuration Validation (push) Successful in 5s
Standards Compliance / Repository Health Check (push) Failing after 34s
Repo Health / Release configuration (push) Has been skipped
Repo Health / Scripts governance (push) Has been skipped
Repo Health / Repository health (push) Has been skipped
Standards Compliance / Compliance Summary (push) Failing after 1s
Update MokoCassiopeia Payload / update-payload (push) Failing after 10s
If MokoOnyx is installed, lock it and set as default.
Unlock MokoCassiopeia to allow uninstall.
Falls back to MokoCassiopeia if Onyx not present.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-21 17:09:18 -05:00
jmiller
72b2d1eace
test: dev version bump to 02.01.11
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 19:59:46 -05:00
jmiller
2b539db1d6
release: v02.01.10
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 17:19:14 -05:00
jmiller
f4fea85aed
release: v02.01.09 — email reads version from manifest
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 17:09:37 -05:00
jmiller
a29008fc99
fix: read version from manifest instead of hardcoding in email
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 17:07:59 -05:00
jmiller
b9bf7750dd
fix: sync all version numbers to 02.01.08, add SHA256 checksum
...
Updated version in all .ini, .php, .md files to 02.01.08.
Added SHA256 checksum to updates.xml for install integrity validation.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 17:04:44 -05:00
jmiller
13ce80f7c1
release: v02.01.08
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:59:08 -05:00
jmiller
6078565485
feat: bundle mokocassiopeia as payload inside plugin zip
...
- MokoCassiopeia zip shipped at src/payload/mokocassiopeia.zip
- Install script uses local payload instead of downloading
- Removed getDownloadUrlFromUpdates (no longer needed)
- Added update-payload.yml workflow to refresh payload on merge to main
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:59:02 -05:00
jmiller
2067d33caf
release: v02.01.07
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:53:30 -05:00
jmiller
cd6d236670
release: v02.01.06 — patch bump to trigger update
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:52:26 -05:00
jmiller
31e5cfd23a
release: v02.01.05
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:49:08 -05:00
jmiller
acfecc383e
fix: use release zip from updates.xml for mokocassiopeia install
...
The release zip is properly structured for Joomla installation.
Simplified extraction logic — release zips have templateDetails.xml
at root or one level deep. Added better error messages with the
failing URL for debugging.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:49:03 -05:00
jmiller
868b22393c
release: v02.01.04
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:41:04 -05:00
jmiller
5f4c335876
feat: send email notification on uninstall
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:40:58 -05:00
jmiller
53a3c34865
release: v02.01.03 — install notification email, allow uninstall
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:39:53 -05:00
jmiller
5d0d006ccd
feat: email notification on install/update, allow super user uninstall
...
- Send email to webmaster@mokoconsulting.tech on every install/update
with site name, version, PHP, Joomla version
- Changed locked=0 (allows uninstall by super users) but kept
protected=1 (prevents disabling)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:39:08 -05:00
jmiller
243467a121
release: v02.01.02 — resolve mokocassiopeia from updates.xml
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:28:28 -05:00
jmiller
b1bc264314
feat: resolve mokocassiopeia download URL from updates.xml
...
Instead of hardcoding the zip URL, fetches MokoCassiopeia's updates.xml
from the repo main branch and parses the downloadurl. This way the
download location is controlled by the MokoCassiopeia repo.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:28:08 -05:00
jmiller
db4bf1c784
fix: extract mokocassiopeia zip before installing
...
Joomla Installer::install() expects a directory path, not a zip file.
Now extracts the zip to a temp folder, finds the templateDetails.xml,
and passes the correct directory to the installer.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:26:40 -05:00
jmiller
c81e409a57
feat: auto-install mokocassiopeia, set as default, lock template
...
Minor version bump to 02.01.01:
- Auto-install mokocassiopeia from GitHub if not present
- Lock and protect the template (cannot be disabled/uninstalled)
- Set mokocassiopeia as default site template
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:22:01 -05:00
jmiller
7fdfaac7fb
Merge branch 'dev'
2026-04-07 16:20:52 -05:00
jmiller
f12e55f8b9
feat: auto-install and lock mokocassiopeia template
...
On install/update, checks if mokocassiopeia template exists. If found,
locks and protects it. If missing, downloads latest release from
GitHub and installs it automatically.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:20:26 -05:00
jmiller
dcc1ba9569
release: v02.00.03 — lock plugin in postflight
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:17:28 -05:00
jmiller
5296a39cd5
Merge dev into main — v02.00.03 lock fix
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:16:34 -05:00
jmiller
d9dd6c4051
fix: lock plugin in postflight so it applies on update too
...
install() only runs on first install. Moved enableAndLockPlugin() to
postflight() which runs on both install and update, ensuring existing
installs get locked when updating.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 16:11:21 -05:00
jmiller
8dc00800a0
release: v02.00.02 — lock plugin on install
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 15:57:27 -05:00
jmiller
5222efa2e2
feat: lock plugin on install — cannot be disabled or uninstalled
...
Sets both locked=1 and protected=1 in #__extensions on install.
Prevents tenants from disabling or uninstalling the plugin through
the Extension Manager.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 15:56:58 -05:00
jmiller
1b38ce9a07
feat: lock plugin on install — cannot be disabled or uninstalled
...
Sets both locked=1 and protected=1 in #__extensions on install.
Prevents tenants from disabling or uninstalling the plugin through
the Extension Manager.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 15:55:38 -05:00
Jonathan Miller
jmiller