实现 LightOps 运维面板基础功能

migrations/0001_init.sql

@@ -0,0 +1,89 @@
+CREATE TABLE IF NOT EXISTS users (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    username TEXT NOT NULL UNIQUE,
+    password_hash TEXT NOT NULL,
+    role TEXT NOT NULL DEFAULT 'admin',
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+
+CREATE TABLE IF NOT EXISTS agents (
+    id TEXT PRIMARY KEY,
+    name TEXT NOT NULL,
+    hostname TEXT NOT NULL,
+    os TEXT NOT NULL,
+    arch TEXT NOT NULL,
+    version TEXT NOT NULL,
+    ip TEXT,
+    status TEXT NOT NULL DEFAULT 'offline',
+    secret_hash TEXT NOT NULL,
+    capabilities_json TEXT NOT NULL DEFAULT '{}',
+    last_seen_at TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+
+CREATE TABLE IF NOT EXISTS agent_metrics (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    agent_id TEXT NOT NULL,
+    cpu_usage REAL NOT NULL,
+    memory_total INTEGER NOT NULL,
+    memory_used INTEGER NOT NULL,
+    disk_total INTEGER NOT NULL,
+    disk_used INTEGER NOT NULL,
+    load_avg REAL NOT NULL,
+    uptime INTEGER NOT NULL,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY(agent_id) REFERENCES agents(id) ON DELETE CASCADE
+);
+
+CREATE INDEX IF NOT EXISTS idx_agent_metrics_agent_created ON agent_metrics(agent_id, created_at DESC);
+
+CREATE TABLE IF NOT EXISTS registration_tokens (
+    id TEXT PRIMARY KEY,
+    token_hash TEXT NOT NULL UNIQUE,
+    name TEXT,
+    expires_at TEXT NOT NULL,
+    used_at TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+
+CREATE TABLE IF NOT EXISTS tasks (
+    id TEXT PRIMARY KEY,
+    agent_id TEXT NOT NULL,
+    user_id INTEGER,
+    action TEXT NOT NULL,
+    params_json TEXT NOT NULL,
+    status TEXT NOT NULL,
+    result_json TEXT,
+    error TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    started_at TEXT,
+    finished_at TEXT,
+    FOREIGN KEY(agent_id) REFERENCES agents(id) ON DELETE CASCADE,
+    FOREIGN KEY(user_id) REFERENCES users(id) ON DELETE SET NULL
+);
+
+CREATE INDEX IF NOT EXISTS idx_tasks_agent_created ON tasks(agent_id, created_at DESC);
+
+CREATE TABLE IF NOT EXISTS audit_logs (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    user_id INTEGER,
+    agent_id TEXT,
+    action TEXT NOT NULL,
+    target TEXT,
+    params_summary TEXT,
+    success INTEGER NOT NULL,
+    error TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY(user_id) REFERENCES users(id) ON DELETE SET NULL,
+    FOREIGN KEY(agent_id) REFERENCES agents(id) ON DELETE SET NULL
+);
+
+CREATE INDEX IF NOT EXISTS idx_audit_logs_created ON audit_logs(created_at DESC);
+
+CREATE TABLE IF NOT EXISTS settings (
+    key TEXT PRIMARY KEY,
+    value TEXT NOT NULL
+);
+

migrations/0002_applications.sql

@@ -0,0 +1,70 @@
+CREATE TABLE IF NOT EXISTS applications (
+    id TEXT PRIMARY KEY,
+    agent_id TEXT NOT NULL,
+    name TEXT NOT NULL,
+    display_name TEXT NOT NULL,
+    description TEXT,
+    app_type TEXT NOT NULL,
+    provider TEXT NOT NULL,
+    status TEXT NOT NULL,
+    version TEXT,
+    install_path TEXT,
+    work_dir TEXT,
+    config_paths_json TEXT NOT NULL DEFAULT '[]',
+    log_paths_json TEXT NOT NULL DEFAULT '[]',
+    data_paths_json TEXT NOT NULL DEFAULT '[]',
+    ports_json TEXT NOT NULL DEFAULT '[]',
+    domains_json TEXT NOT NULL DEFAULT '[]',
+    service_name TEXT,
+    container_id TEXT,
+    compose_project TEXT,
+    package_name TEXT,
+    nginx_site TEXT,
+    run_user TEXT,
+    is_system INTEGER NOT NULL DEFAULT 0,
+    is_managed INTEGER NOT NULL DEFAULT 0,
+    is_lightops_managed INTEGER NOT NULL DEFAULT 0,
+    metadata_json TEXT NOT NULL DEFAULT '{}',
+    created_at TEXT NOT NULL,
+    updated_at TEXT NOT NULL,
+    FOREIGN KEY(agent_id) REFERENCES agents(id) ON DELETE CASCADE
+);
+
+CREATE INDEX IF NOT EXISTS idx_applications_agent ON applications(agent_id);
+CREATE INDEX IF NOT EXISTS idx_applications_provider ON applications(provider);
+CREATE INDEX IF NOT EXISTS idx_applications_status ON applications(status);
+
+CREATE TABLE IF NOT EXISTS application_relations (
+    id TEXT PRIMARY KEY,
+    agent_id TEXT NOT NULL,
+    app_id TEXT NOT NULL,
+    relation_type TEXT NOT NULL,
+    target_id TEXT,
+    target_name TEXT,
+    metadata_json TEXT NOT NULL DEFAULT '{}',
+    created_at TEXT NOT NULL,
+    FOREIGN KEY(agent_id) REFERENCES agents(id) ON DELETE CASCADE,
+    FOREIGN KEY(app_id) REFERENCES applications(id) ON DELETE CASCADE
+);
+
+CREATE INDEX IF NOT EXISTS idx_application_relations_app ON application_relations(app_id);
+
+CREATE TABLE IF NOT EXISTS application_actions (
+    id TEXT PRIMARY KEY,
+    agent_id TEXT NOT NULL,
+    app_id TEXT,
+    user_id TEXT,
+    action TEXT NOT NULL,
+    status TEXT NOT NULL,
+    params_json TEXT,
+    result_json TEXT,
+    error TEXT,
+    created_at TEXT NOT NULL,
+    finished_at TEXT,
+    FOREIGN KEY(agent_id) REFERENCES agents(id) ON DELETE CASCADE,
+    FOREIGN KEY(app_id) REFERENCES applications(id) ON DELETE SET NULL
+);
+
+CREATE INDEX IF NOT EXISTS idx_application_actions_app_created ON application_actions(app_id, created_at DESC);
+CREATE INDEX IF NOT EXISTS idx_application_actions_agent_created ON application_actions(agent_id, created_at DESC);
+

migrations/0003_agent_network_metrics.sql

@@ -0,0 +1,2 @@
+ALTER TABLE agent_metrics ADD COLUMN network_rx INTEGER NOT NULL DEFAULT 0;
+ALTER TABLE agent_metrics ADD COLUMN network_tx INTEGER NOT NULL DEFAULT 0;

migrations/0004_production_hardening.sql

@@ -0,0 +1,68 @@
+CREATE TABLE IF NOT EXISTS user_permissions (
+    user_id INTEGER NOT NULL,
+    permission TEXT NOT NULL,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    PRIMARY KEY(user_id, permission),
+    FOREIGN KEY(user_id) REFERENCES users(id) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS agent_access (
+    user_id INTEGER NOT NULL,
+    agent_id TEXT NOT NULL,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    PRIMARY KEY(user_id, agent_id),
+    FOREIGN KEY(user_id) REFERENCES users(id) ON DELETE CASCADE,
+    FOREIGN KEY(agent_id) REFERENCES agents(id) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS alert_rules (
+    id TEXT PRIMARY KEY,
+    name TEXT NOT NULL,
+    metric TEXT NOT NULL,
+    operator TEXT NOT NULL DEFAULT '>=',
+    threshold REAL NOT NULL,
+    duration_seconds INTEGER NOT NULL DEFAULT 0,
+    severity TEXT NOT NULL DEFAULT 'warning',
+    agent_id TEXT,
+    enabled INTEGER NOT NULL DEFAULT 1,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    updated_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY(agent_id) REFERENCES agents(id) ON DELETE CASCADE
+);
+
+CREATE INDEX IF NOT EXISTS idx_alert_rules_enabled ON alert_rules(enabled);
+CREATE INDEX IF NOT EXISTS idx_alert_rules_agent ON alert_rules(agent_id);
+
+CREATE TABLE IF NOT EXISTS alert_events (
+    id TEXT PRIMARY KEY,
+    rule_id TEXT NOT NULL,
+    agent_id TEXT NOT NULL,
+    metric TEXT NOT NULL,
+    value REAL NOT NULL,
+    threshold REAL NOT NULL,
+    severity TEXT NOT NULL,
+    status TEXT NOT NULL DEFAULT 'open',
+    message TEXT NOT NULL,
+    first_seen_at TEXT NOT NULL,
+    last_seen_at TEXT NOT NULL,
+    resolved_at TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY(rule_id) REFERENCES alert_rules(id) ON DELETE CASCADE,
+    FOREIGN KEY(agent_id) REFERENCES agents(id) ON DELETE CASCADE
+);
+
+CREATE INDEX IF NOT EXISTS idx_alert_events_status ON alert_events(status, last_seen_at DESC);
+CREATE INDEX IF NOT EXISTS idx_alert_events_agent ON alert_events(agent_id, last_seen_at DESC);
+
+INSERT OR IGNORE INTO settings(key, value) VALUES
+('security.terminal_enabled', 'true'),
+('security.file_write_enabled', 'true'),
+('security.require_danger_confirm', 'true'),
+('agent.offline_after_seconds', '120'),
+('metrics.retention_days', '30'),
+('alerts.enabled', 'true');
+
+INSERT OR IGNORE INTO alert_rules(id, name, metric, operator, threshold, severity) VALUES
+('builtin-cpu-high', 'CPU 使用率过高', 'cpu_usage', '>=', 90, 'warning'),
+('builtin-memory-high', '内存使用率过高', 'memory_usage', '>=', 90, 'warning'),
+('builtin-disk-high', '磁盘使用率过高', 'disk_usage', '>=', 92, 'critical');

migrations/0005_notifications.sql

@@ -0,0 +1,29 @@
+CREATE TABLE IF NOT EXISTS notification_channels (
+    id TEXT PRIMARY KEY,
+    name TEXT NOT NULL,
+    channel_type TEXT NOT NULL,
+    config_json TEXT NOT NULL DEFAULT '{}',
+    enabled INTEGER NOT NULL DEFAULT 1,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+
+CREATE TABLE IF NOT EXISTS notification_deliveries (
+    id TEXT PRIMARY KEY,
+    event_id TEXT NOT NULL,
+    channel TEXT NOT NULL,
+    status TEXT NOT NULL,
+    error TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY(event_id) REFERENCES alert_events(id) ON DELETE CASCADE
+);
+
+CREATE INDEX IF NOT EXISTS idx_notification_deliveries_event ON notification_deliveries(event_id);
+CREATE INDEX IF NOT EXISTS idx_notification_deliveries_status ON notification_deliveries(status, created_at DESC);
+
+INSERT OR IGNORE INTO settings(key, value) VALUES
+('notifications.webhook_enabled', 'false'),
+('notifications.webhook_url', '');
+
+INSERT OR IGNORE INTO alert_rules(id, name, metric, operator, threshold, severity) VALUES
+('builtin-ssl-expiring', 'SSL 证书即将到期', 'ssl_days_remaining', '<=', 30, 'warning');

migrations/0006_app_store.sql

@@ -0,0 +1,17 @@
+CREATE TABLE IF NOT EXISTS app_store_installs (
+    id TEXT PRIMARY KEY,
+    agent_id TEXT NOT NULL,
+    slug TEXT NOT NULL,
+    name TEXT NOT NULL,
+    project TEXT NOT NULL,
+    status TEXT NOT NULL,
+    params_json TEXT NOT NULL DEFAULT '{}',
+    result_json TEXT,
+    error TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    updated_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY(agent_id) REFERENCES agents(id) ON DELETE CASCADE
+);
+
+CREATE INDEX IF NOT EXISTS idx_app_store_installs_agent ON app_store_installs(agent_id, updated_at DESC);
+CREATE INDEX IF NOT EXISTS idx_app_store_installs_slug ON app_store_installs(slug, updated_at DESC);

migrations/0007_alert_notification_details.sql

@@ -0,0 +1,5 @@
+ALTER TABLE alert_rules ADD COLUMN silence_until TEXT;
+ALTER TABLE alert_rules ADD COLUMN notify_recovery INTEGER NOT NULL DEFAULT 1;
+
+INSERT OR IGNORE INTO settings(key, value) VALUES
+('notifications.recovery_enabled', 'true');

migrations/0008_task_events.sql

@@ -0,0 +1,11 @@
+CREATE TABLE IF NOT EXISTS task_events (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    task_id TEXT NOT NULL,
+    level TEXT NOT NULL,
+    message TEXT NOT NULL,
+    data_json TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY(task_id) REFERENCES tasks(id) ON DELETE CASCADE
+);
+
+CREATE INDEX IF NOT EXISTS idx_task_events_task_created ON task_events(task_id, created_at ASC);

migrations/0009_app_health_settings.sql

@@ -0,0 +1,9 @@
+INSERT OR IGNORE INTO settings(key, value) VALUES
+('apps.health_check_enabled', 'true'),
+('apps.health_alert_enabled', 'true'),
+('apps.health_check_interval_seconds', '300'),
+('apps.health_check_batch_size', '20'),
+('apps.health_check_timeout_seconds', '5'),
+('updates.repo_dir', '.'),
+('updates.branch', 'main'),
+('updates.script_path', 'scripts/update-from-git.sh');