Commit graph

10 commits

Author SHA1 Message Date
snider
b24a3f00d6 fix: Add timeouts, atomic writes, and thread safety improvements
- Add 30s context timeout for database transactions in hashrate.go
- Add helper function for parsing SQLite timestamps with error logging
- Implement atomic file writes (temp + rename) for profile_manager.go,
  config_manager.go, and peer.go to prevent corruption on crash
- Add 5s timeout for stats collection per miner in manager.go
- Add 5s timeout for stdin writes in miner.go
- Clean up config file on failed miner start in xmrig_start.go
- Implement debounced saves (5s) for peer registry to reduce disk I/O
- Fix CheckInstallation data race in xmrig.go and ttminer.go by adding
  proper mutex protection around shared field updates
- Add 10s handshake timeout for WebSocket connections in transport.go
- Update peer_test.go to call Close() before reload to flush changes

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-31 02:55:30 +00:00
snider
74bbf14de4 fix: Address networking, memory leak, and segfault issues from code review
Networking/Protocol fixes:
- Add HTTP server timeouts (Read/Write/Idle/ReadHeader) in service.go
- Fix CORS address parsing to use net.SplitHostPort safely
- Add request body size limit middleware (1MB max)
- Enforce MaxConns limit in WebSocket upgrade handler
- Fix WebSocket origin validation to only allow localhost
- Add read/write deadlines to WebSocket connections

Memory leak fixes:
- Add sync.Once to Manager.Stop() to prevent double-close panic
- Fix controller pending map leak by closing response channel
- Add memory reallocation for hashrate history slices when oversized
- Fix LogBuffer to truncate long lines and force reallocation on trim
- Add process wait timeout to prevent goroutine leaks on zombie processes
- Drain HTTP response body on copy error to allow connection reuse

Segfault/panic prevention:
- Add nil check in GetTotalHashrate for stats pointer
- Fix hashrate history slice reallocation to prevent capacity bloat

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-31 02:26:46 +00:00
snider
1351dc7562 fix: Address race conditions and network blocking issues
Critical fixes:
- Release mutex before HTTP calls in GetStats() to prevent blocking
- Fix m.cmd race between Stop() and Wait() goroutine by capturing locally
- Add context support to GetStats() for proper request cancellation

High priority fixes:
- Add existence check in collectMinerStats() before operating on miners
- Add mutex-protected httpClient getter/setter for thread-safe test mocking

Changes:
- Miner interface now requires context.Context for GetStats()
- Stats HTTP requests timeout after 5 seconds (was 30s client default)
- All callers updated to pass context (service uses request context)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-31 01:55:24 +00:00
snider
9592971678 fix: Address CodeRabbit review findings
- Create api/swagger.md page to properly document Swagger UI access
  instead of linking raw swagger.json in mkdocs nav
- Fix Stop() state management: properly set Running=false and cmd=nil
  on all exit paths, wait for process termination to avoid zombies

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-31 01:28:01 +00:00
snider
f2afdeeb82 fix: Address medium severity code quality issues
- Fix deprecated strings.Title usage with golang.org/x/text/cases
- Replace log.Fatalf in service startup with channel-based error handling
- Add graceful SIGTERM before SIGKILL in Stop() for proper cleanup
- Add mutex protection for LogBuffer access in GetLogs()
- Add instance name sanitization with regex to prevent injection
- Add error logging in updateInstallationCache for failed operations

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-31 01:15:35 +00:00
snider
006dd3712e fix: Address critical security and concurrency issues
Security fixes:
- Remove hardcoded wallet address from CLI defaults (start.go, serve.go)
  Pool and wallet are now required flags or must be provided explicitly
- Change file permissions from 0644 to 0600 for sensitive config files
  Affects: xmrig config, profiles, settings, config cache
- Fix path traversal in untar() - now returns error instead of silently skipping

Concurrency fix:
- Fix race condition in GetStats() - was using RLock while writing m.FullStats
  Changed to Lock/Unlock in both xmrig_stats.go and ttminer_stats.go

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-31 00:50:06 +00:00
snider
f10e7a16e2 feat: Add stdin console commands, SQLite persistence, and P2P enhancements
- Add stdin pipe support for sending console commands to running miners (XMRig/TT-Miner)
- Add base64 encoding for log transport to preserve ANSI escape codes
- Add SQLite database for persistent hashrate history storage
- Enhance P2P worker to handle remote miner commands (start/stop/stats/logs)
- Add console UI page with ANSI-to-HTML rendering and command input
- Add E2E tests for navigation, UI elements, and miner start flow
- Update Dockerfile to use Go 1.24 with GOTOOLCHAIN=auto

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-29 23:30:19 +00:00
snider
e0c9c92244 feat: Implement logging functionality for miners with log buffer and retrieval endpoint 2025-12-29 22:10:45 +00:00
Snider
816f860b73 feat: Enhance mining configuration management and API documentation 2025-12-07 16:26:18 +00:00
Snider
2576d4bc1b feat: Update server configuration and add XMRig miner management functionality 2025-12-07 15:14:30 +00:00