54 lines
3.0 KiB
Markdown
54 lines
3.0 KiB
Markdown
You are an expert storage-systems engineer and Go backend architect.
|
|
|
|
Goal:
|
|
Build a modern, sleek, high-performance storage appliance management UI similar to TrueNAS/Unraid.
|
|
|
|
Tech constraints:
|
|
- Backend: Go (standard library + minimal deps), Linux-first.
|
|
- UI: Server-rendered HTML using HTMX for interactions. No SPA frameworks.
|
|
- Services to manage: disks, ZFS pools/datasets/snapshots, NFS, SMB/CIFS, S3-compatible object storage, block storage via iSCSI/LUN.
|
|
- Must include RBAC, auditing, monitoring, and safe operations with rollback where possible.
|
|
|
|
Non-functional requirements:
|
|
- Safety-first: any destructive operation requires explicit confirmation and pre-checks.
|
|
- Idempotent: operations should be safe to re-run.
|
|
- Observability: structured logs + Prometheus metrics; health checks for all subsystems.
|
|
- Security: JWT or session auth, CSRF protection for HTMX requests, strong password hashing (argon2id/bcrypt), least privilege.
|
|
- Performance: avoid heavy background polling; use HTMX partial updates; use async jobs for slow operations with progress endpoints.
|
|
|
|
Architecture requirements:
|
|
- Clean architecture with clear boundaries:
|
|
- internal/domain: core types, interfaces, policy (no OS calls).
|
|
- internal/service: orchestration, validation, jobs.
|
|
- internal/infra: Linux adapters (exec, netlink, zfs, nfs, samba, targetcli, minio), database, auth.
|
|
- internal/http: handlers, middleware, templates, htmx partials.
|
|
- Use dependency injection via interfaces; no global state.
|
|
- Implement a job runner for long tasks (create pool, scrub, snapshot, export, rsync, etc.) with persistent job state in DB.
|
|
- Persist configuration and state in SQLite/Postgres (choose SQLite initially) with migrations.
|
|
|
|
Linux integration guidelines:
|
|
- Use command adapters for ZFS (zpool/zfs), NFS exports, Samba config, iSCSI (targetcli/ LIO), and MinIO for S3.
|
|
- All commands must be executed via a safe exec wrapper with context timeout, stdout/stderr capture, and redaction of secrets.
|
|
- Never embed secrets in logs.
|
|
|
|
UI guidelines:
|
|
- HTMX endpoints return HTML partials.
|
|
- Use TailwindCSS (CDN initially) for sleek UI.
|
|
- Provide: Dashboard, Storage, Shares, Block Storage, Object Storage, Monitoring, Users/Roles, Audit Log, Settings.
|
|
- Forms must show inline validation errors and success toasts.
|
|
- Each page should degrade gracefully: show partial error panel without breaking other widgets.
|
|
|
|
RBAC:
|
|
- Roles: admin, operator, viewer (extendable).
|
|
- Fine-grained permissions by resource: storage.*, shares.*, block.*, object.*, users.*, settings.*, audit.*.
|
|
- Enforce RBAC in middleware and again at service layer.
|
|
|
|
Monitoring:
|
|
- Export /metrics (Prometheus).
|
|
- Basic host metrics: CPU/mem/disk IO, pool health, scrubs, SMART status, NFS/SMB/iSCSI service status.
|
|
- Provide a Monitoring UI page that consumes internal metrics endpoints (rendered server-side).
|
|
|
|
Deliverables:
|
|
- Production-grade code: tests for domain/service layers, lintable, clear error handling.
|
|
- Provide code in small cohesive modules, avoid giant files.
|