From a3d5d61454bd03324d2f61304366f221a0855041 Mon Sep 17 00:00:00 2001 From: kaffa Date: Sun, 1 Feb 2026 14:15:57 +0000 Subject: [PATCH] docs: Update CLAUDE.md with safety features - Update server.py line count - Add Safety Features section documenting: - Atomic file writes - File locking - Disk-first pattern with rollback - Command validation - Input validation - Bulk operation limits Co-Authored-By: Claude Opus 4.5 --- CLAUDE.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/CLAUDE.md b/CLAUDE.md index 7643f20..68abe8e 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -311,6 +311,14 @@ api.example.com → pool_6 - **servers.json**: Auto-restored by MCP on startup - No manual save required - `haproxy_add_server` auto-saves +### Safety Features +- **Atomic file writes**: Temp file + rename prevents corruption +- **File locking**: Prevents race conditions on concurrent operations +- **Disk-first pattern**: Config saved before HAProxy update, rollback on failure +- **Command validation**: HAProxy responses checked for errors +- **Input validation**: Domain format, IP (v4/v6), port range, slot limits +- **Bulk limits**: Max 10 servers per bulk add, 10KB JSON size limit + ## HAProxy Runtime API ```bash @@ -338,7 +346,7 @@ echo "set server pool_1/pool_1_1 state ready" | nc localhost 9999 ``` /opt/haproxy/ ├── mcp/ # MCP server (streamable-http) -│ └── server.py # Main MCP server (~1750 lines, 22 tools) +│ └── server.py # Main MCP server (~1700 lines, 22 tools) ├── conf/ │ ├── haproxy.cfg # Main HAProxy config (100 pool backends) │ ├── domains.map # Domain → Pool mapping