restic-manager/CHANGELOG.md

Changelog

All notable changes to this project are documented here. The format follows Keep a Changelog, and the project follows Semantic Versioning.

Unreleased

[1.1.0] - 2026-06-15

Added

• Always-On vs intermittent host mode. A host can now be marked as not always-on — for laptops/workstations that legitimately sleep, travel, or shut down outside hours. An intermittent host no longer raises "agent offline" alerts when it disappears; instead it shows a calm "asleep" state in the UI ("asleep · last seen … · will catch up on return") and is covered by a longer-horizon staleness alert (raised only when it has an enabled schedule and no successful backup in 7 days). When such a host reconnects, the server waits a short settle window and then automatically dispatches any scheduled backup whose window elapsed while it was asleep. Toggle per host from the host detail page (operator-band, audited as host.mode_updated). New and existing hosts default to always-on, so current fleets are unaffected.

Changed

• Host-detail header redesign: tags and presence are grouped into labelled, boxed pills with click-to-edit; presence shows a 24x7 / Free chip; the agent "out of date" indicator is simplified (the full version detail remains in the Agent-update panel and on hover).
• Relative timestamps ("2h ago") now tick client-side, so a tab left open no longer shows a stale value as wall-clock time moves on.
• Release and CI container images are now published to and pulled from the zot OCI registry (docker.dcglab.co.uk).

[1.0.1] - 2026-05-09

Fixed

• Build version is now single-sourced from internal/version, and the server Dockerfile's ldflags were corrected so docker-built binaries report their real version. Previously internal/version.Version stayed at its "dev" default in docker images, which made every host look permanently out-of-date to the update logic.

1.0.0 - 2026-05-09

First tagged release. Six development phases brought the project from empty repo to a self-hostable, multi-tenant restic backup orchestrator with a web UI, JSON API, and self-updating agent fleet.

Phase 1 — MVP: enrolment, visibility, on-demand backup

• HTTP server, SQLite store with migrations, AEAD-encrypted credentials at rest, Argon2id password hashing, session cookies.
• WebSocket transport between server and agents (heartbeat, hello, schedule fan-out, job log streaming).
• Agent install path for Linux (systemd unit + install.sh); one-time enrolment tokens with embedded repo credentials.
• Run-now backup execution end-to-end, snapshot listing.
• Server-side encrypted repo creds pushed to the agent on hello.

Phase 2 — Scheduling, retention, repo operations

• Source groups (paths + excludes + pre/post hooks + bandwidth caps) decoupled from schedules; a schedule fires a source group.
• Cron-style schedules with retention policies, server-driven reconciliation push and ack.
• restic forget, prune, check, unlock automation; periodic maintenance ticker with per-host stagger.
• Pending-runs queue with backpressure (max_concurrent_jobs per host).
• Repo stats panel on the host detail page (size, last-check, last- prune, stale-lock banner).
• Auto-init of repos on first onboard with credential-failure surface on the host detail page.
• Announce-and-approve enrolment path for hosts that don't have a pre-minted token (Ed25519 fingerprint, operator approves).
• Windows agent: SCM service integration + install.ps1 installer.
• Cross-platform alt-enrolment (announce flow on Windows).

Phase 3 — Restore, alerts, audit

• Restore wizard: pick a snapshot, pick paths, pick a target (in-place / new directory), live progress.
• Snapshot diff against parent.
• Alert engine: per-source-group dedup, severity tiers, ack / resolve.
• Live-refresh alerts table with severity cues.
• Audit log UI with filters, sort, CSV export, payload-detail modal.

Phase 4 — RBAC, OIDC, host tags

• Role-based access control: viewer / operator / admin.
• User management UI (invite, role change, disable, password reset).
• Generic OIDC SSO with JIT user provisioning + role mapping.
• Per-host tags with chip-row filter on the dashboard.

Phase 5 — OSS readiness

• mdBook-rendered docs site at docs/book/.
• Contributor onboarding (CONTRIBUTING.md, security policy, license).
• Docker-only release pipeline + reference deployment compose file.
• Playwright e2e harness covering the smoke runbook.

Phase 6 — Update delivery + observability

• Agent self-update: server-side channel pin per host, signed binary fetch via the WS transport, atomic swap with rollback on failure.
• Fleet-wide update orchestration with per-host stagger and an admin pause switch.
• Prometheus /metrics endpoint + Grafana dashboard JSON.
• Repo size trend per host (90-day rolling) on the host detail page.

Cross-cutting

• Live dashboard with column sort, filters, free-text host search, background-tab-aware live refresh (5s cadence).
• Pure-Go binary with embedded UI, no Node/CGO at runtime.
• Reproducible -trimpath -ldflags="-s -w" builds for linux/amd64, linux/arm64, windows/amd64.
• Sharded CI (server-http / store / rest), pre-commit hooks (gofumpt, go vet, golangci-lint).
• Threat model published (docs/threat-model.md).