History

Petr 485ac0a742 Security fixes: sanitize dev_docs, harden sudoers and config validation H1 - Sanitize dev_docs/ for public release: - Replace all real employee names with generic placeholders (padak->admin1, matejkys->admin2, dasa->admin3, petr->john, etc.) - Replace GCP project ID (kids-ai-data-analysis -> your-gcp-project) - Replace server hostname (data-broker-for-claude -> your-server) - Replace real IP address (34.88.8.46 -> YOUR_SERVER_IP) - Replace internal FQDN with placeholder - Covers: security.md, server.md, disaster-recovery.md, desktop-app.md, session_explore.md, plan-rsync-fix.md, draft/*.md H3 - webapp-setup.sh: validate sudoers syntax BEFORE copying to /etc/sudoers.d - Prevents broken sudo if syntax is invalid - Uses install -m 440 for atomic copy with correct permissions M1 - setup.sh: deploy user created with /usr/sbin/nologin instead of /bin/bash - CI/CD service account does not need interactive shell M2 - config/loader.py: warn on missing env vars, validate webapp_secret_key - _resolve_env_refs now logs warnings for unset ${ENV_VAR} references - _validate_config checks auth.webapp_secret_key is non-empty - Prevents Flask signing sessions with empty secret key All 118 tests pass.		2026-03-09 08:06:45 +01:00
..
draft	Security fixes: sanitize dev_docs, harden sudoers and config validation	2026-03-09 08:06:45 +01:00
design-system.md	Initial commit: OSS data distribution platform	2026-03-08 23:31:28 +01:00
desktop-app.md	Security fixes: sanitize dev_docs, harden sudoers and config validation	2026-03-09 08:06:45 +01:00
disaster-recovery.md	Security fixes: sanitize dev_docs, harden sudoers and config validation	2026-03-09 08:06:45 +01:00
insights.md	OSS cleanup: remove internal references, harden deployment, add config env interpolation	2026-03-09 07:59:57 +01:00
jira.md	OSS cleanup: remove internal references, harden deployment, add config env interpolation	2026-03-09 07:59:57 +01:00
plan-corporate-memory.md	Initial commit: OSS data distribution platform	2026-03-08 23:31:28 +01:00
plan-rsync-fix.md	Security fixes: sanitize dev_docs, harden sudoers and config validation	2026-03-09 08:06:45 +01:00
plan_parquet_types_fix.md	Initial commit: OSS data distribution platform	2026-03-08 23:31:28 +01:00
README.md	Initial commit: OSS data distribution platform	2026-03-08 23:31:28 +01:00
security.md	Security fixes: sanitize dev_docs, harden sudoers and config validation	2026-03-09 08:06:45 +01:00
server.md	Security fixes: sanitize dev_docs, harden sudoers and config validation	2026-03-09 08:06:45 +01:00
session_explore.md	Security fixes: sanitize dev_docs, harden sudoers and config validation	2026-03-09 08:06:45 +01:00
telegram_bot.md	Initial commit: OSS data distribution platform	2026-03-08 23:31:28 +01:00

README.md

Developer Documentation

This folder contains documentation for developers and server administrators only.

⚠️ This folder is NOT synced to analyst machines - it stays on the server and in the git repository only.

Server Administration

server.md - Data broker server configuration and management
disaster-recovery.md - Recovery procedures for server failures
security.md - Security audit report and hardening guidelines
jira.md - Jira webhook integration and server-side processing

Application Development

desktop-app.md - macOS desktop app architecture and development
telegram_bot.md - Telegram notification bot technical docs
design-system.md - UI/UX design system for web applications
insights.md - Activity Center dashboard feature documentation

Planning & Meetings

plan-corporate-memory.md - Corporate Memory module implementation plan
meetings/ - Meeting transcripts, summaries, and notes

For Analysts

If you're an analyst looking for documentation on how to use the platform, see the docs/ folder instead: