{ "project": "systemd-networkd Web UI", "version": "0.1", "requirements": { "functional": [ { "id": "F-001", "description": "The system shall provide a web-based dashboard to display current network status (interfaces, addresses, routes) by invoking `networkctl status --json=short`." }, { "id": "F-002", "description": "The system shall provide access to logs of `systemd-networkd.service` via `journalctl`." }, { "id": "F-003", "description": "The system shall provide controls to restart `systemd-networkd` without rebooting the device." }, { "id": "F-004", "description": "The system shall provide a control to reboot the device." }, { "id": "F-005", "description": "The system shall present contextual teaching information (e.g., IPv4 basics, logs explanation, restart rationale) directly within the web interface." }, { "id": "F-006", "description": "The system shall use a single-page design with minimal dependencies (HTML + Fluent UI web components from CDN)." } ], "technical": [ { "id": "T-001", "description": "The backend shall be implemented in Go, exposing HTTP endpoints on port 80." }, { "id": "T-002", "description": "The system shall run as a `systemd` service with restricted privileges (User=network-ui, ProtectSystem=strict, NoNewPrivileges=yes)." }, { "id": "T-003", "description": "The backend shall execute only specific whitelisted commands: `networkctl`, `journalctl`, `systemctl restart systemd-networkd`, and `systemctl reboot`." }, { "id": "T-004", "description": "The frontend shall consume backend endpoints via REST-style APIs returning UTF8-SON" }, { "id": "T-005", "description": "The system shall require no external database or file storage beyond access to `systemd` configuration and logs." }, { "id": "T-006", "description": "The service shall start automatically at boot and remain persistent under `systemd` supervision." }, { "id": "T-007", "description": "The design shall ensure sandboxing: no direct shell access beyond intended commands, no write access to arbitrary filesystem locations." } ] } }