AdminGit2026/nis2-agile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[CORE] Housekeeping: CLAUDE.md allineato, docker hardening, gitignore

Browse Source 
- CLAUDE.md: aggiunto NonConformityController, companies.html, architecture.html,
  i18n.js, help.js, SQL 003-005, 22 tabelle, endpoint NCR/CAPA, API base path
  aggiornato a /api/... (post-subdomain), cronologia commit aggiornata
- docker-compose.yml: mem_limit (app 256m, web 128m, db 512m) + DB port
  binding su 127.0.0.1 per sicurezza
- .gitignore: aggiunti docker/*.bak* e .claude/memory/
- Eliminati file backup temporanei docker-compose.yml.bak.*

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
DevEnv nis2-agile 2026-02-20 11:09:04 +01:00
parent 7080695d06
commit a53b4beb37
4 changed files with 45 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.claude/settings.local.json
View File

@ -24,7 +24,8 @@
"Bash(docker:*)", "Bash(docker:*)",
"Bash(ssh:*)", "Bash(ssh:*)",
"Bash(scp:*)", "Bash(scp:*)",
"Bash(tar:*)" "Bash(tar:*)",
"Read(//root/**)"
] ]
} }
} }

4
.gitignore vendored
View File

@ -33,3 +33,7 @@ docker/data/
# Claude # Claude
.claude/plans/ .claude/plans/
.claude/memory/
# Backup files
docker/*.bak*

48
CLAUDE.md
View File

@ -19,7 +19,7 @@ Target: PMI, Enterprise, Consulenti/CISO.
- AI: Anthropic Claude API (claude-sonnet-4-5-20250929) - AI: Anthropic Claude API (claude-sonnet-4-5-20250929)
- Server: Hetzner CPX31 (135.181.149.254) - Server: Hetzner CPX31 (135.181.149.254)
- VCS: Gitea (git.certisource.it) - VCS: Gitea (git.certisource.it)
- URL Produzione: https://certisource.it/nis2/ - URL Produzione: https://nis2.certisource.it/
## Visibilita Cross-Project ## Visibilita Cross-Project
@ -102,6 +102,7 @@ nis2.agile/
│ │ ├── AuthController.php # Login, register, JWT, rate limiting │ │ ├── AuthController.php # Login, register, JWT, rate limiting
│ │ ├── DashboardController.php # Overview, score, deadlines, heatmap │ │ ├── DashboardController.php # Overview, score, deadlines, heatmap
│ │ ├── IncidentController.php # Incidenti Art.23 (24h/72h/30d) + email │ │ ├── IncidentController.php # Incidenti Art.23 (24h/72h/30d) + email
│ │ ├── NonConformityController.php# NCR/CAPA non-conformità e azioni correttive
│ │ ├── OnboardingController.php # Wizard onboarding con visura/CertiSource │ │ ├── OnboardingController.php # Wizard onboarding con visura/CertiSource
│ │ ├── OrganizationController.php # CRUD org, membri, classificazione NIS2 │ │ ├── OrganizationController.php # CRUD org, membri, classificazione NIS2
│ │ ├── PolicyController.php # Policy, approvazione, AI generation │ │ ├── PolicyController.php # Policy, approvazione, AI generation
@ -136,6 +137,8 @@ nis2.agile/
│ ├── assets.html # Inventario asset │ ├── assets.html # Inventario asset
│ ├── reports.html # Report compliance + audit log │ ├── reports.html # Report compliance + audit log
│ ├── settings.html # Impostazioni org/profilo/membri │ ├── settings.html # Impostazioni org/profilo/membri
│ ├── companies.html # Gestione aziende (consulente)
│ ├── architecture.html # Pagina architettura sistema
│ ├── admin/ │ ├── admin/
│ │ ├── index.html # Admin dashboard │ │ ├── index.html # Admin dashboard
│ │ ├── organizations.html # Gestione organizzazioni │ │ ├── organizations.html # Gestione organizzazioni
@ -144,7 +147,9 @@ nis2.agile/
│ │ └── style.css # CSS principale (~1600 righe) │ │ └── style.css # CSS principale (~1600 righe)
│ ├── js/ │ ├── js/
│ │ ├── api.js # Client API (270 righe, tutti gli endpoint) │ │ ├── api.js # Client API (270 righe, tutti gli endpoint)
│ │ └── common.js # Utility condivise (sidebar, notifiche, etc.) │ │ ├── common.js # Utility condivise (sidebar, notifiche, etc.)
│ │ ├── i18n.js # Internazionalizzazione IT/EN
│ │ └── help.js # Help contestuale online
│ └── uploads/ # Upload directory (gitignored) │ └── uploads/ # Upload directory (gitignored)
│ └── visure/ # PDF visure camerali │ └── visure/ # PDF visure camerali
├── docker/ ├── docker/
@ -155,7 +160,10 @@ nis2.agile/
└── docs/ └── docs/
├── sql/ ├── sql/
│ ├── 001_initial_schema.sql # Schema DB completo (20 tabelle) │ ├── 001_initial_schema.sql # Schema DB completo (20 tabelle)
│ └── 002_email_log.sql # Tabella email_log │ ├── 002_email_log.sql # Tabella email_log
│ ├── 003_voluntary_compliance.sql # ALTER organizations: voluntary_compliance
│ ├── 004_ncr_capa.sql # Tabelle non_conformities, corrective_actions
│ └── 005_consultant_support.sql # ALTER user_organizations: ruolo consultant
├── context/ ├── context/
│ └── CONTEXT_SCHEMA_DB.md │ └── CONTEXT_SCHEMA_DB.md
├── prompts/ ├── prompts/
@ -177,10 +185,10 @@ nis2.agile/
3. **Login** → se ha org → `dashboard.html`, altrimenti → `onboarding.html` 3. **Login** → se ha org → `dashboard.html`, altrimenti → `onboarding.html`
4. **Dashboard** → navigazione sidebar a tutti i moduli 4. **Dashboard** → navigazione sidebar a tutti i moduli
## Database (21 tabelle) ## Database (22 tabelle)
organizations, users, user_organizations, refresh_tokens, assessments, assessment_responses, risks, risk_treatments, incidents, incident_timeline, policies, suppliers, training_courses, training_assignments, assets, compliance_controls, evidence_files, audit_logs, ai_interactions, email_log organizations, users, user_organizations, refresh_tokens, assessments, assessment_responses, risks, risk_treatments, incidents, incident_timeline, policies, suppliers, training_courses, training_assignments, assets, compliance_controls, evidence_files, audit_logs, ai_interactions, email_log, non_conformities, corrective_actions
Schema: `docs/sql/001_initial_schema.sql` + `docs/sql/002_email_log.sql` Schema: `docs/sql/` (5 migrazioni: 001→005)
## Servizi ## Servizi
@ -220,22 +228,28 @@ Schema: `docs/sql/001_initial_schema.sql` + `docs/sql/002_email_log.sql`
## Git ## Git
- **Repository**: https://git.certisource.it/AdminGit2026/nis2-agile - **Repository**: https://git.certisource.it/AdminGit2026/nis2-agile
- **Token Gitea**: Configurato in git credential manager (non documentare qui) - **Token Gitea**: Configurato in git credential manager (non documentare qui)
- **Branch**: main (7 commit) - **Branch**: main
- **Commit format**: `[AREA] Descrizione` - **Commit format**: `[AREA] Descrizione`
### Cronologia Commit ### Cronologia Commit
``` ```
7080695 [FEAT] Ruolo Consulente + Wizard Registrazione v2
ba21534 [DEPLOY] Migrazione a subdomain nis2.certisource.it
92f9366 Merge branch 'main'
d3eac7c [CORE] Rimosso credenziali da CLAUDE.md + aggiunto docs/DB_ACCESS.md
a0fd543 [CORE] Aggiunto settings Claude Code con permessi ampi
0a73983 [FIX] Dockerignore: allow docker/php.ini for build context
4bd2326 [CORE] Aggiunto integrazione agile-services
52fd45f [FEAT] i18n IT/EN, Help Online contestuale, pagina Architettura
4e3408e [FEAT] Visura auto-fill, adesione volontaria, modulo NCR/CAPA
517cab7 [FIX] Fix annual_turnover field name in setup-org.html
68f8cab [POLISH] Docker setup fix + UI polish + project completion
bcc5a2b [FIX] E2E testing - fix router, EmailService, frontend data mapping bcc5a2b [FIX] E2E testing - fix router, EmailService, frontend data mapping
6f4b457 [FEAT] Add EmailService, RateLimitService, ReportService + integrations
9aa2788 [FEAT] Add onboarding wizard with visura camerale and CertiSource integration
73e78ea [FEAT] Add all frontend pages - complete UI for NIS2 platform
c03d22e [FIX] Deploy fixes - Auth header passthrough, dashboard query, landing page
ae78a2f [CORE] Initial project scaffold - NIS2 Agile Compliance Platform
``` ```
## API Endpoints Completi ## API Endpoints Completi
Base: `/nis2/api/{controller}/{action}/{id?}` Base: `/api/{controller}/{action}/{id?}` (su subdomain https://nis2.certisource.it/)
### Auth: POST register, login, logout, refresh, change-password | GET me | PUT profile ### Auth: POST register, login, logout, refresh, change-password | GET me | PUT profile
### Organizations: POST create, classify | GET current, list, {id}/members | PUT {id} | POST {id}/invite | DELETE {id}/members/{sid} ### Organizations: POST create, classify | GET current, list, {id}/members | PUT {id} | POST {id}/invite | DELETE {id}/members/{sid}
@ -250,6 +264,7 @@ Base: `/nis2/api/{controller}/{action}/{id?}`
### Audit: GET controls, evidence/list, report, logs, iso27001-mapping, executive-report, export | PUT controls/{sid} | POST evidence/upload ### Audit: GET controls, evidence/list, report, logs, iso27001-mapping, executive-report, export | PUT controls/{sid} | POST evidence/upload
### Onboarding: POST upload-visura, fetch-company, complete ### Onboarding: POST upload-visura, fetch-company, complete
### Admin: GET organizations, users, stats ### Admin: GET organizations, users, stats
### NCR/CAPA: GET list, {id}, stats | POST create, fromAssessment, {id}/capa, {id}/sync, webhook | PUT {id}, capa/{subId}
## Stato Completamento ## Stato Completamento
Tutti i moduli sono implementati e testati: Tutti i moduli sono implementati e testati:
@ -264,4 +279,9 @@ Tutti i moduli sono implementati e testati:
3. **Frontend data mapping** - Dashboard, Assessment, Onboarding avevano nomi campo diversi dal backend 3. **Frontend data mapping** - Dashboard, Assessment, Onboarding avevano nomi campo diversi dal backend
4. **Field name mismatches** - annual_turnover→annual_turnover_eur, question_id→question_code, compliance_level→response_value 4. **Field name mismatches** - annual_turnover→annual_turnover_eur, question_id→question_code, compliance_level→response_value
*Ultimo aggiornamento: 2026-02-17* *Ultimo aggiornamento: 2026-02-20*
## REGOLA: Sincronizzazione CLAUDE.md
- Dopo QUALSIASI modifica a: URL produzione, dominio, porta, path, schema DB, architettura -> **AGGIORNARE CLAUDE.md IMMEDIATAMENTE**
- CLAUDE.md e la "single source of truth" del progetto
- A fine sessione: verificare che CLAUDE.md rifletta lo stato reale

5
docker/docker-compose.yml
View File

@ -8,6 +8,7 @@ services:
dockerfile: docker/Dockerfile dockerfile: docker/Dockerfile
container_name: nis2-app container_name: nis2-app
restart: unless-stopped restart: unless-stopped
mem_limit: 256m
volumes: volumes:
- ../application:/var/www/nis2-agile/application - ../application:/var/www/nis2-agile/application
- ../public:/var/www/nis2-agile/public - ../public:/var/www/nis2-agile/public
@ -35,6 +36,7 @@ services:
image: nginx:1.27-alpine image: nginx:1.27-alpine
container_name: nis2-web container_name: nis2-web
restart: unless-stopped restart: unless-stopped
mem_limit: 128m
ports: ports:
- "${WEB_PORT:-8080}:8080" - "${WEB_PORT:-8080}:8080"
volumes: volumes:
@ -51,13 +53,14 @@ services:
image: mysql:8.0 image: mysql:8.0
container_name: nis2-db container_name: nis2-db
restart: unless-stopped restart: unless-stopped
mem_limit: 512m
environment: environment:
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD:-rootpass} MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD:-rootpass}
MYSQL_DATABASE: ${DB_NAME:-nis2_agile_db} MYSQL_DATABASE: ${DB_NAME:-nis2_agile_db}
MYSQL_USER: ${DB_USER:-nis2_user} MYSQL_USER: ${DB_USER:-nis2_user}
MYSQL_PASSWORD: ${DB_PASS} MYSQL_PASSWORD: ${DB_PASS}
ports: ports:
- "${DB_EXPOSE_PORT:-3307}:3306" - "127.0.0.1:${DB_EXPOSE_PORT:-3307}:3306"
volumes: volumes:
- nis2-db-data:/var/lib/mysql - nis2-db-data:/var/lib/mysql
- ../docs/sql/001_initial_schema.sql:/docker-entrypoint-initdb.d/001_initial_schema.sql:ro - ../docs/sql/001_initial_schema.sql:/docker-entrypoint-initdb.d/001_initial_schema.sql:ro