feat(docs): configuration management system

changes:
  - file: __init__.py
    area: core
    added: [_inject_firstboot, build, build_image, _unmount_image, __init__, _set_hostname, +7 more]
  - file: test_e2e.py
    area: test
    added: [TestHostHealth, TestOtaAPI, TestWebSocketConnection, TestMetricsEndpoint, TestAuditAPI, shutil_which, +4 more]
    new_tests: 14

testing:
  new_tests: 14
  scenarios:
    - info_endpoint
    - audit_log_empty
    - list_ota_jobs
    - enable_disable_rule
    - list_devices_empty
    - websocket_connect
    - alerts_status
    - websocket_ping_pong
    - metrics_endpoint
    - get_nonexistent_job
    # +4 more

stats:
  lines: "+879/-173 (net +706)"
  files: 9
  complexity: "Large structural change (normalized)"

Author: tom-sapletta-com

CHANGELOG.md

@@ -1,3 +1,23 @@
+## [0.1.31] - 2026-02-24
+
+### Summary
+
+feat(docs): configuration management system
+
+### Test
+
+- update tests/test_e2e.py
+
+### Other
+
+- update Dockerfile.client
+- config: update dashboards.yml
+- update deploy/grafana/provisioning/dashboards/json/meshpi-overview.json
+- config: update datasources.yml
+- config: update prometheus.yml
+- update meshpi/image/__init__.py
+
+
 ## [0.1.30] - 2026-02-24
 
 ### Summary

Dockerfile

@@ -1,64 +1,62 @@
-# ─────────────────────────────────────────────────────────────────
-# MeshPi HOST image
-# Runs: meshpi host (FastAPI + WebSocket + mDNS advertisement)
-#
-# Build:  docker build -t meshpi-host -f docker/host/Dockerfile .
-# Run:    docker run -p 7422:7422 meshpi-host
-# ─────────────────────────────────────────────────────────────────
-FROM python:3.12-slim-bookworm AS builder
+"""
+MeshPi Host Docker Image
 
-WORKDIR /build
-COPY pyproject.toml README.md LICENSE ./
-COPY meshpi/ ./meshpi/
+Usage:
+    docker build -t meshpi-host .
+    docker run -p 7422:7422 meshpi-host
 
-RUN pip install --no-cache-dir build && \
-    python -m build --wheel && \
-    ls dist/
+Environment Variables:
+    MESHPI_PORT       - Host port (default: 7422)
+    MESHPI_BIND       - Bind address (default: 0.0.0.0)
+    MESHPI_CONFIG_DIR - Config directory (default: /app/config)
+"""
 
+FROM python:3.11-slim
 
-FROM python:3.12-slim-bookworm
-
-LABEL maintainer="Softreck <info@softreck.dev>"
-LABEL description="MeshPi Host — encrypted RPi fleet configuration server"
+LABEL maintainer="MeshPi"
 LABEL version="0.2.0"
-LABEL license="Apache-2.0"
+LABEL description="MeshPi Host Service for Raspberry Pi Fleet Management"
+
+# Set environment variables
+ENV PYTHONUNBUFFERED=1
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV MESHPI_PORT=7422
+ENV MESHPI_BIND=0.0.0.0
+ENV MESHPI_CONFIG_DIR=/app/config
 
-# Runtime dependencies only
+# Install system dependencies
 RUN apt-get update && apt-get install -y --no-install-recommends \
-    iputils-ping \
+    curl \
     avahi-daemon \
     avahi-utils \
     libnss-mdns \
-    dbus \
     && rm -rf /var/lib/apt/lists/*
 
+# Create app directory
 WORKDIR /app
 
-# Copy built wheel from builder stage
-COPY --from=builder /build/dist/*.whl /tmp/
-RUN pip install --no-cache-dir /tmp/*.whl "meshpi[llm]" 2>/dev/null || \
-    pip install --no-cache-dir /tmp/*.whl && \
-    rm /tmp/*.whl
+# Create non-root user
+RUN useradd -m -u 1000 meshpi && \
+    mkdir -p /app/config /app/data && \
+    chown -R meshpi:meshpi /app
 
-# Create meshpi config directory
-RUN mkdir -p /root/.meshpi && chmod 700 /root/.meshpi
+# Install Python dependencies
+COPY pyproject.toml .
+RUN pip install --no-cache-dir -e . && \
+    pip install --no-cache-dir prometheus-client pyyaml
 
-# Copy entrypoint
-COPY docker/host/entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
+# Copy application code
+COPY --chown=meshpi:meshpi . .
 
-# Config volume — mount your config.env here
-VOLUME ["/root/.meshpi"]
-
-# Default environment
-ENV MESHPI_PORT=7422
-ENV MESHPI_BIND=0.0.0.0
-ENV PYTHONUNBUFFERED=1
+# Switch to non-root user
+USER meshpi
 
+# Expose ports
 EXPOSE 7422
 
-HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
-    CMD python -c "import httpx; httpx.get('http://localhost:7422/health', timeout=4).raise_for_status()"
+# Health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+    CMD curl -f http://localhost:7422/health || exit 1
 
-ENTRYPOINT ["/entrypoint.sh"]
-CMD ["host"]
+# Run the host service
+CMD ["python", "-m", "meshpi.host"]

Dockerfile.client

@@ -0,0 +1,86 @@
+"""
+MeshPi Client Docker Image
+
+Simulates a Raspberry Pi client for E2E testing.
+"""
+
+FROM python:3.11-slim
+
+LABEL maintainer="MeshPi"
+LABEL description="MeshPi Client for E2E Testing"
+
+ENV PYTHONUNBUFFERED=1
+ENV PYTHONDONTWRITEBYTECODE=1
+
+WORKDIR /app
+
+# Install dependencies
+COPY pyproject.toml .
+RUN pip install --no-cache-dir -e . && \
+    pip install --no-cache-dir websockets pytest pytest-asyncio httpx
+
+# Copy application code
+COPY . .
+
+# Create client entrypoint script
+RUN echo '#!/bin/bash\n\
+set -e\n\
+echo "Starting MeshPi client $DEVICE_ID..."\n\
+echo "Connecting to $MESHPI_HOST_IP:$MESHPI_HOST_PORT"\n\
+python -c "\n\
+import asyncio\n\
+import json\n\
+import os\n\
+import websockets\n\
+\n\
+async def run_client():\n\
+    host = os.environ.get(\"MESHPI_HOST_IP\", \"localhost\")\n\
+    port = int(os.environ.get(\"MESHPI_HOST_PORT\", \"7422\"))\n\
+    device_id = os.environ.get(\"DEVICE_ID\", \"rpi-test-001\")\n\
+    \n\
+    uri = f\"ws://{host}:{port}/ws/{device_id}\"\n\
+    print(f\"Connecting to {uri}\")\n\
+    \n\
+    async with websockets.connect(uri) as ws:\n\
+        # Send hello\n\
+        await ws.send(json.dumps({\"type\": \"hello\", \"device_id\": device_id, \"address\": \"docker\"}))\n\
+        print(\"Sent hello\")\n\
+        \n\
+        # Simulate diagnostics\n\
+        import random\n\
+        while True:\n\
+            msg = await asyncio.wait_for(ws.recv(), timeout=60)\n\
+            data = json.loads(msg)\n\
+            print(f\"Received: {data.get(\\\"type\\\")}\")\n\
+            \n\
+            if data.get(\"type\") == \"welcome\":\n\
+                # Start sending diagnostics\n\
+                while True:\n\
+                    diag = {\n\
+                        \"type\": \"diagnostics\",\n\
+                        \"seq\": int(asyncio.get_event_loop().time()),\n\
+                        \"data\": {\n\
+                            \"cpu\": {\"load_1m\": round(random.uniform(0.5, 2.0), 2)},\n\
+                            \"memory\": {\"used_percent\": round(random.uniform(40, 80), 1)},\n\
+                            \"temperature\": {\"cpu_gpu\": round(random.uniform(40, 65), 1)},\n\
+                            \"wifi\": {\"signal\": random.randint(-80, -40)}\n\
+                        }\n\
+                    }\n\
+                    await ws.send(json.dumps(diag))\n\
+                    await asyncio.sleep(10)\n\
+            \n\
+            elif data.get(\"type\") == \"command\":\n\
+                # Respond to commands\n\
+                result = {\"success\": True, \"output\": \"Command executed\"}\n\
+                await ws.send(json.dumps({\n\
+                    \"type\": \"command_result\",\n\
+                    \"command_id\": data.get(\"command_id\"),\n\
+                    \"result\": result\n\
+                }))\n\
+\n\
+asyncio.run(run_client())\n\
+"\n\
+' > /app/client_entrypoint.sh && chmod +x /app/client_entrypoint.sh
+
+# Run the client
+CMD ["/app/client_entrypoint.sh"]

VERSION

@@ -1 +1 @@
-0.1.30
+0.1.31

deploy/grafana/provisioning/dashboards/dashboards.yml

@@ -0,0 +1,11 @@
+apiVersion: 1
+
+providers:
+  - name: 'MeshPi'
+    orgId: 1
+    folder: ''
+    type: file
+    disableDeletion: false
+    updateIntervalSeconds: 30
+    options:
+      path: /etc/grafana/provisioning/dashboards/json

deploy/grafana/provisioning/dashboards/json/meshpi-overview.json

@@ -0,0 +1,9 @@
+apiVersion: 1
+
+datasources:
+  - name: Prometheus
+    type: prometheus
+    access: proxy
+    url: http://prometheus:9090
+    isDefault: true
+    editable: false

deploy/grafana/provisioning/datasources/datasources.yml

@@ -0,0 +1,17 @@
+global:
+  scrape_interval: 15s
+  evaluation_interval: 15s
+  external_labels:
+    monitor: 'meshpi-monitor'
+
+scrape_configs:
+  # MeshPi Host metrics
+  - job_name: 'meshpi-host'
+    static_configs:
+      - targets: ['meshpi-host:7422']
+    metrics_path: '/metrics'
+    
+  # Prometheus self-monitoring
+  - job_name: 'prometheus'
+    static_configs:
+      - targets: ['localhost:9090']