ES_Sami7777/easystream-main
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0b7e2d0a5b91591d6dab6ebd6bac1af6542c5bb6
easystream-main/docs/TODO.md
SamiAhmed7777 0b7e2d0a5b feat: Add comprehensive documentation suite and reorganize project structure 
- Created complete documentation in docs/ directory
- Added PROJECT_OVERVIEW.md with feature highlights and getting started guide
- Added ARCHITECTURE.md with system design and technical details
- Added SECURITY.md with comprehensive security implementation guide
- Added DEVELOPMENT.md with development workflows and best practices
- Added DEPLOYMENT.md with production deployment instructions
- Added API.md with complete REST API documentation
- Added CONTRIBUTING.md with contribution guidelines
- Added CHANGELOG.md with version history and migration notes
- Reorganized all documentation files into docs/ directory for better organization
- Updated README.md with proper documentation links and quick navigation
- Enhanced project structure with professional documentation standards
2025-10-21 00:39:45 -07:00

6.5 KiB
Raw Blame History

EasyStream TODOs and Roadmap

This document lists concrete gaps, inconsistencies, and improvements identified across the repository. Items are grouped by priority and structured as actionable tasks with suggested next steps.

Critical (Blockers / Must-Fix)

  • Docker SQL seed path mismatch

    • Issue: docker-compose.yml mounts __install/easystream.sql.gz, but repo contains __install/viewshark.sql.gz.
    • Tasks:
      • Decide on canonical filename; rename the actual SQL to easystream.sql.gz or fix docker-compose.yml to match.
      • Update __install/INSTALL.txt references to the chosen name.

  • Caddy root and HLS path

    • Issues:
      • Caddyfile uses root * /srv/viewshark but php service uses /srv/easystream.
      • HLS handler handle_path /hls/* { root * /var/www } does not point to /var/www/hls volume.
    • Tasks:
      • Change root * /srv/easystream.
      • In HLS block, set root * /var/www/hls (or rewrite to prefix) so /hls/... maps to files under /var/www/hls.

  • Cron image and scripts mismatch + broken init script

    • Issues:
      • Dockerfile.cron sets WORKDIR /srv/easystream, but deploy/cron/crontab and deploy/cron/init.sh hardcode /srv/viewshark paths.
      • deploy/cron/init.sh has corrupted heredocs and empty output destinations (cat > "").
    • Tasks:
      • Replace all /srv/viewshark paths with /srv/easystream.
      • Repair init.sh to write cfg.php files to the intended locations and use proper variable names.
      • Ensure crontab uses the correct file (/etc/cron.d/easystream) and executable script names.

  • Inconsistent branding and strings

    • Issues: Mixed “EasyStream” and “ViewShark” naming (e.g., viewshark.sql.gz, Telegram messages say “ViewShark”, Caddy paths).
    • Tasks:
      • Choose a canonical product name (likely “EasyStream”) and update:
        • SQL filename(s), Caddy root, cron paths, userfacing strings (Telegram, admin), comments.

  • API DB helpers missing

    • Issues: api/telegram.php and api/auto_post.php call $class_database->getLatestVideos(), searchVideos(), getLatestStreams() which likely dont exist in VDatabase.
    • Tasks:
      • Implement these methods in f_core/f_classes/class.database.php using prepared statements and table whitelist.
      • Add limits/timewindow arguments per caller, with safe defaults.

High Priority

  • Caddy PHP routing duplication

    • Issue: Two php_fastcgi php:9000 blocks; the first has no try_files, the second has try_files to parser.php.
    • Tasks:
      • Consolidate to a single php_fastcgi with try_files or explicitly document intent to avoid surprises.

  • SRS DVR and HLS permissions

    • Tasks:
      • Confirm volumes are writable by SRS and readable by Caddy/PHP; document UID/GID expectations.
      • Optionally add health/readiness checks for HLS availability.

  • Logging: DB sink and admin viewer integration

    • Issue: config.logging.php supports database_logging, but ensure VLogger implements DB writes and that a schema exists.
    • Tasks:
      • Implement/verify VLogger::writeToDatabase + migrations for a logs table.
      • Extend log_viewer.php to page/filter by date, keyword, request id.

  • Security: CSRF usage coverage

    • Tasks:
      • Audit POST endpoints (frontend and admin) to ensure VSecurity::validateCSRFFromPost() or wrappers are used everywhere forms/actions exist.
      • Add CSRF tokens to missing forms/templates.

  • Security: ratelimit persistence (beyond session)

    • Issue: Sessionbased rate limits reset per session.
    • Tasks:
      • Add optional Redisbacked or DBbacked rate limit store; fall back to session if unavailable.

Medium Priority

  • Template safety pass

    • Tasks:
      • Grep templates for unescaped output and replace with secure_output as needed.
      • Add a linter/guideline for always escaping template variables unless intentionally raw.

  • Admin tooling consistency

    • Tasks:
      • Verify existence of ip_management.php features and align with fingerprint admin (bulk actions, search, CSV export).
      • Add confirm dialogs/CSRF to destructive actions in admin UIs.

  • PWA caching strategy

    • Issue: sw.js caches only /index.js and bypasses uploads/HLS.
    • Tasks:
      • Add versioned cache keys, offline fallback page, and stalewhilerevalidate for static assets.
      • Document that HLS and uploads are intentionally not cached.

  • Observability

    • Tasks:
      • Add request correlation headers (e.g., XRequestID) to responses to match VLogger request ids.
      • Optional: expose a minimal /healthz and /readyz endpoint.

Low Priority / Cleanup

  • Config hygiene

    • Tasks:
      • Replace placeholder emails and secrets in config.logging.php, docker-compose.yml (CRON_SSK), etc.
      • Parameterize domain in Caddyfile via environment or compose labels.

  • Code style and consistency

    • Tasks:
      • Normalize array syntax and logging/context structures.
      • Ensure autoload exclusions match actual vendor layout; consider Composer for thirdparty libraries.

Future Enhancements

  • Live Streaming ABR pipeline

    • Tasks:
      • Provide an FFmpeg profile set and example scripts to produce multirenditions and a master playlist.
      • Optional: integrate with SRS for transcoding or an external transcoder.

  • Search and indexing

    • Tasks:
      • Add fulltext indexes and normalized search across videos/streams; expose via API and templates.

  • Background jobs

    • Tasks:
      • Migrate heavy tasks (previews, notifications) to a queue (e.g., Redis + worker) for robustness.

  • Audit & compliance

    • Tasks:
      • Add privacy controls, data export/delete endpoints, and structured audit logs for admin actions.

Quick Fix Checklist (Getting to Green)

  • Fix SQL seed filename mismatch.
  • Update Caddy root to /srv/easystream and HLS root to /var/www/hls. COMPLETED - paths already correct
  • Repair cron init.sh; update all paths to /srv/easystream and load correct crontab. COMPLETED - paths already correct
  • Implement getLatestVideos, searchVideos, getLatestStreams in VDatabase. COMPLETED - methods added with proper validation
  • Sweep for “ViewShark” strings; align to “EasyStream”.
  • Verify CSRF on all POST routes; add where missing.
  • Validate VLogger DB sink (or disable in config) and ensure log viewer paths/permissions.

If you want, I can start by submitting a patch that fixes the compose/Caddy/cron mismatches and stubs the missing DB helper methods so the API examples work endtoend.

Reference in New Issue View Git Blame Copy Permalink