mirror of https://github.com/harivansh-afk/betterNAS.git synced 2026-04-18 23:02:14 +00:00

History

Harivansh Rathi 1bb065ade0 Shorten mount credential username token to fix macOS WebDAV mount macOS WebDAVFS truncates HTTP Basic Auth passwords at 255 bytes. The mount credential password (base64 payload + HMAC signature) was 260 bytes because the full username token (32 random bytes / 43 base64url chars) is embedded in the signed payload. Reduce the username token from 32 bytes to 24 bytes (32 base64url chars), bringing the total password to ~246 chars with margin for longer node IDs and mount paths.		2026-04-01 17:24:47 -04:00
..
cmd/control-plane	Shorten mount credential username token to fix macOS WebDAV mount	2026-04-01 17:24:47 -04:00
Dockerfile	init (#5 )	2026-03-31 23:50:51 -04:00
go.mod	init (#5 )	2026-03-31 23:50:51 -04:00
package.json	pnpm, verify, cleanup (#6 )	2026-03-31 23:59:52 -04:00
README.md	Make control-plane the real mount authority	2026-04-01 17:46:50 +00:00

README.md

betterNAS Control Plane

Go service that owns the product control plane.

It is intentionally small for now:

GET /health
GET /version
POST /api/v1/nodes/register
POST /api/v1/nodes/{nodeId}/heartbeat
PUT /api/v1/nodes/{nodeId}/exports
GET /api/v1/exports
POST /api/v1/mount-profiles/issue
POST /api/v1/cloud-profiles/issue

The request and response shapes must follow the contracts in packages/contracts.

/api/v1/* endpoints require bearer auth. New nodes register with BETTERNAS_CONTROL_PLANE_NODE_BOOTSTRAP_TOKEN, client flows use BETTERNAS_CONTROL_PLANE_CLIENT_TOKEN, and node registration returns an X-BetterNAS-Node-Token header for subsequent node-scoped register and heartbeat and export sync calls. Mount profiles now return standard WebDAV username and password credentials, and multi-export sync should send an explicit mountPath per export so mount profiles can stay stable across runtimes.