ansible/flaskpaste
1
0
Fork 0
forked from claw/flaskpaste
Code Pull Requests Activity
Files
cf458347ef4c911e8451d8ea2edf4792d3d27244
flaskpaste/TASKLIST.md
Username cf458347ef add systemd service unit and rate limit headers 
Systemd deployment:
- examples/flaskpaste.service with security hardening
- examples/flaskpaste.env with all config options
- README deployment section updated

Rate limit headers (X-RateLimit-*):
- Limit, Remaining, Reset on 201 and 429 responses
- Per-IP tracking with auth multiplier
- api.md documented
2025-12-24 17:51:14 +01:00

3.4 KiB
Raw Blame History

Task List

Prioritized, actionable tasks. Each task is small and completable in one session.

Priority 1: Ecosystem

Status Task
Create Ansible deployment role
Add Kubernetes manifests (Deployment, Service, ConfigMap)

Priority 3: Quality

Status Task
Fix mypy type errors (currently ignored)

Priority 4: Documentation

Status Task
Create CONTRIBUTING.md with development setup
Add PKI usage examples to documentation

Completed

Date Task
2024-12 Add systemd service unit example
2024-12 Add rate limit headers (X-RateLimit-*)
2024-12 Integrate PKI audit logging (CERT_ISSUED, CERT_REVOKED, AUTH_FAILURE)
2024-12 Integrate request duration metrics (Prometheus histogram)
2024-12 Add memory leak detection tests (tracemalloc)
2024-12 Add concurrent paste creation tests
2024-12 Add container deployment integration tests
2024-12 Add tiered auto-expiry (anon/untrusted/trusted)
2024-12 Add admin list all pastes (--all flag)
2024-12 Add batch delete with confirmation (--confirm N)
2024-12 Add admin rights for first PKI user
2024-12 Add public certificate registration endpoint
2024-12 Add CLI register command
2024-12 Implement anti-flood (dynamic PoW difficulty)
2024-12 Implement IP-based rate limiting
2024-12 Add scheduled cleanup (pastes, hashes, rate limits)
2024-12 Add CLI list/search/update/export commands
2024-12 Add CLI PoW retry (max 5 attempts)
2024-12 Add paste listing for authenticated users
2024-12 Implement minimal PKI (CA, issuance, revocation)
2024-12 Add security tooling (ruff, bandit, mypy, pip-audit)
2024-12 Create Makefile with dev workflow targets
2024-12 Setup CI/CD pipeline (Gitea Actions)
2024-12 Fix all ruff lint issues
2024-12 Optimize CI workflow (concurrency, job deps)
2024-12 Add PKI commands to CLI (status, issue, revoke)
2024-12 Implement burn-after-read option
2024-12 Implement custom expiry per paste
2024-12 Optimize Containerfile with multi-stage build
2024-12 Implement E2E encryption in CLI (AES-256-GCM)
2024-12 Implement entropy enforcement
2024-12 Add /client endpoint for CLI download
2024-12 Add URL prefix support
2024-12 Implement proof-of-work spam prevention
2024-12 Update documentation for v1.1.0
2024-12 Add HEAD method for paste endpoints
2024-12 Add SQLite WAL mode for better concurrency
2024-12 Implement content-hash deduplication
2024-12 Add X-Proxy-Secret validation
2024-12 Add X-Request-ID tracing
2024-11 Implement security headers
2024-11 Add client certificate authentication
2024-11 Create test suite

Task Guidelines

  • Tasks should be completable in < 2 hours
  • Each task results in one atomic commit
  • Mark ☑ when complete, move to Completed section
  • Remove tasks that become irrelevant
  • Pull new tasks from TODO.md as capacity allows
View Git Blame Copy Permalink