mirror of https://github.com/ChuckBuilds/LEDMatrix.git synced 2026-06-29 23:38:38 +00:00

Files

Chuck 6096a22c3d feat(web): add Tools tab and row address type display setting (#373 )

* feat(web): add Tools tab and row address type setting

Adds a Tools/Utilities tab to the web interface with one-click
maintenance buttons that previously required SSH:
- Git status panel (branch, dirty state, recent commits)
- Pull latest (rebase) and force reset to origin/main
- Reinstall base requirements (pip, with output)
- Reinstall per-plugin requirements (pass/fail per plugin)
- Clear __pycache__ directories
- Quick-access restart for display and web services

Also exposes the hzeller row_address_type option (0–4) in the
Display settings tab. The backend already read this value from
config; the UI, API field list, and validation were missing.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix(tools-tab): address code review findings

- Add _GIT = shutil.which('git') alongside _SUDO/_JOURNALCTL; return
  503 in force_git_reset and get_git_info if git is unavailable
- Check git branch/status returncodes in get_git_info(); return a clear
  500 error instead of silently treating a failed run as a clean repo
- Cap pip stdout+stderr at 50 KB via _truncate_output() helper to
  avoid OOM on verbose dependency resolution or build failures
- Scrub embedded HTTPS credentials from remote_url via
  _scrub_git_remote_url() using urllib.parse before returning to UI
- Fix clear_pycache to track and report failed deletions separately
  instead of counting them as successes (removed ignore_errors=True,
  wrapped in try/except OSError)

Skipped: plugin_manager-vs-api_v3.plugin_manager (api_v3 is the
Blueprint object; accessing .plugin_manager on it would fail — module-
level variable is the correct pattern used throughout this blueprint);
pages_v3 broad-except (identical to every other _load_*_partial in the
file); base.html HTMX fallback (loadTabContent handles all tabs
generically; named fallbacks only exist for tabs needing JS re-init);
tools.html auth (pre-existing architectural decision — reboot/shutdown
on the same endpoint are also unauthenticated).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix(tools-tab): resolve remaining PR review comments

- api_v3: use getattr(api_v3, 'plugin_manager', None) instead of the
  module-level plugin_manager (always None); app.py sets the blueprint
  attribute, not the module global, so the fallback to plugin-repos was
  always taken
- pages_v3: replace broad except Exception in _load_tools_partial with
  specific TemplateNotFound / OSError handlers and add [Pages V3][Tools]
  context prefix to log messages and error responses for easier Pi
  debugging
- base.html: add Tools tab branch to the HTMX-unavailable fallback block
  in loadTabContent so the tab loads gracefully via direct fetch if HTMX
  never initialises

Skipped: auth on execute_system_action — pre-existing app-wide design;
reboot/shutdown and all other system actions share the same exposure.
An app-level auth layer is the correct fix and is out of scope here.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix(tools-tab): resolve second-pass review findings

- Wrap per-plugin subprocess.run in try/except TimeoutExpired/OSError so
  one plugin's failure appends a result entry and continues the loop
  rather than collapsing the whole batch into a 500
- Validate double_sided_copies divisibility against chain_length
  (horizontal axis) or parallel (vertical axis) after the range check;
  reads effective axis from the current request or stored config
- Exclude double_sided_fields from the generic key-merge loop so
  double_sided_enabled/copies/axis are never written as root-level keys
- Fix tools.html copy: "then restores the stash" removed — git_pull
  stashes changes but never pops them
- Check r.ok and d.status in loadGitInfo before building the panel;
  backend error messages now surface instead of silently showing a
  false-clean state

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix(tools-tab): don't expose filesystem paths in OSError messages

CodeQL flagged str(exc) flowing into the JSON response for the
install_plugin_requirements action. Use exc.strerror instead, which
gives the OS error description ("No such file or directory",
"Permission denied") without the internal filesystem path.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Chuck <chuck@example.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-06-29 12:19:54 -04:00

blueprints

feat(web): add Tools tab and row address type display setting (#373 )

2026-06-29 12:19:54 -04:00

static/v3

fix(web): repair array-table.js syntax error and version static assets (#357 )

2026-06-01 11:00:40 -04:00

templates/v3

feat(web): add Tools tab and row address type display setting (#373 )

2026-06-29 12:19:54 -04:00

__init__.py

Plugins (#145 )

2025-12-27 14:15:49 -05:00

app.py

fix(plugins): stop core updates from resurrecting uninstalled built-in plugins (#368 )

2026-06-11 18:18:28 -04:00

cache.py

Plugins (#145 )

2025-12-27 14:15:49 -05:00

logging_config.py

fix: Codacy security fixes, CVE dependency bumps, and code quality cleanup (#331 )

2026-05-15 10:19:55 -04:00

README.md

docs: refresh and correct stale documentation across repo (#306 )

2026-04-07 21:04:25 -04:00

requirements.txt

fix: Codacy security fixes, CVE dependency bumps, and code quality cleanup (#331 )

2026-05-15 10:19:55 -04:00

run.sh

Plugins (#145 )

2025-12-27 14:15:49 -05:00

start.py

fix: Codacy round-2 — urllib3 CVEs, missed JS/Python issues (#336 )

2026-05-15 18:04:21 -04:00

README.md

LED Matrix Web Interface V3

Modern, production web interface for controlling the LED Matrix display.

Overview

This directory contains the active V3 web interface with the following features:

Real-time display preview via Server-Sent Events (SSE)
Plugin management and configuration
System monitoring and logs
Modern, responsive UI
RESTful API

Directory Structure

web_interface/
├── app.py                    # Main Flask application
├── start.py                  # Startup script
├── run.sh                    # Shell runner script
├── requirements.txt          # Python dependencies
├── blueprints/               # Flask blueprints
│   ├── api_v3.py            # API endpoints
│   └── pages_v3.py          # Page routes
├── templates/                # HTML templates
│   └── v3/
│       ├── base.html
│       ├── index.html
│       └── partials/
└── static/                   # CSS/JS assets
    └── v3/
        ├── app.css
        └── app.js

Running the Web Interface

Standalone (Development)

From the project root:

python3 web_interface/start.py

Or using the shell script:

./web_interface/run.sh

As a Service (Production)

The web interface can run as a systemd service that starts automatically based on the web_display_autostart configuration setting:

sudo systemctl start ledmatrix-web
sudo systemctl enable ledmatrix-web  # Start on boot

Accessing the Interface

Once running, access the web interface at:

Local: http://localhost:5000
Network: http://:5000

Configuration

The web interface reads configuration from:

config/config.json - Main configuration
config/config_secrets.json - API keys and secrets

API Documentation

The V3 API is mounted at /api/v3/ (app.py:144). For the complete list and request/response formats, see docs/REST_API_REFERENCE.md. Quick reference for the most common endpoints:

Configuration

GET /api/v3/config/main - Get main configuration
POST /api/v3/config/main - Save main configuration
GET /api/v3/config/secrets - Get secrets configuration
POST /api/v3/config/raw/main - Save raw main config (Config Editor)
POST /api/v3/config/raw/secrets - Save raw secrets

Display & System Control

GET /api/v3/system/status - System status
POST /api/v3/system/action - Control display (action body: start_display, stop_display, restart_display_service, restart_web_service, git_pull, reboot_system, shutdown_system, enable_autostart, disable_autostart)
GET /api/v3/display/current - Current display frame
GET /api/v3/display/on-demand/status - On-demand status
POST /api/v3/display/on-demand/start - Trigger on-demand display
POST /api/v3/display/on-demand/stop - Clear on-demand

Plugins

GET /api/v3/plugins/installed - List installed plugins
GET /api/v3/plugins/config?plugin_id=<id> - Get plugin config
POST /api/v3/plugins/config - Update plugin configuration
GET /api/v3/plugins/schema?plugin_id=<id> - Get plugin schema
POST /api/v3/plugins/toggle - Enable/disable plugin
POST /api/v3/plugins/install - Install from registry
POST /api/v3/plugins/install-from-url - Install from GitHub URL
POST /api/v3/plugins/uninstall - Uninstall plugin
POST /api/v3/plugins/update - Update plugin

Plugin Store

GET /api/v3/plugins/store/list - List available registry plugins
GET /api/v3/plugins/store/github-status - GitHub authentication status
POST /api/v3/plugins/store/refresh - Refresh registry from GitHub

Real-time Streams (SSE)

SSE stream endpoints are defined directly on the Flask app (app.py:607-619 — includes the CSRF exemption and rate-limit hookup alongside the three route definitions), not on the api_v3 blueprint:

GET /api/v3/stream/stats - System statistics stream
GET /api/v3/stream/display - Display preview stream
GET /api/v3/stream/logs - Service logs stream

Development

When making changes to the web interface:

Edit files in this directory
Test changes by running python3 web_interface/start.py
Restart the service if running: sudo systemctl restart ledmatrix-web

Notes

Templates and static files use the v3/ prefix to allow for future versions
The interface uses Flask blueprints for modular organization
SSE streams provide real-time updates without polling