Version: 1.1.0 Last Updated: 2025-12-28
| Category | Completed | In Progress | Planned | Total |
|---|---|---|---|---|
| Core Features | 9 | 0 | 3 | 12 |
| API Integration | 2 | 0 | 0 | 2 |
| UI/UX | 6 | 0 | 2 | 8 |
| Data Management | 4 | 0 | 5 | 9 |
| Testing | 6 | 0 | 1 | 7 |
| Security | 0 | 0 | 2 | 2 |
-
[IPAM-001] ✅ Network Management
- Priority: Critical | Category: Core
- Description: Create, view, and manage IP networks with CIDR notation
- Acceptance Criteria:
- ✅ Add networks with CIDR validation
- ✅ Automatic broadcast address calculation
- ✅ VLAN ID support
- ✅ Location and description fields
- ✅ Network utilization statistics
-
[IPAM-002] ✅ Host Management
- Priority: Critical | Category: Core
- Description: Manage individual IP addresses and hosts
- Acceptance Criteria:
- ✅ Add hosts with IP validation
- ✅ Hostname and MAC address tracking
- ✅ Status management (active/inactive/reserved)
- ✅ Assignment tracking (is_assigned)
- ✅ Discovery metadata (last_seen, discovery_source)
- ✅ Auto-network detection for hosts
- ✅ Host-to-network relationships
- ✅ DHCP range management per network
-
[IPAM-003] ✅ Extensible Export System
- Priority: High | Category: Data Management
- Description: Plugin-based export system supporting multiple formats
- Acceptance Criteria:
- ✅ CSV export for networks and hosts
- ✅ JSON export format
- ✅ Abstract base class for exporters
- ✅ Factory pattern for format selection
- ✅ Legacy route compatibility
-
[IPAM-004] ✅ Extensible Import System
- Priority: High | Category: Data Management
- Description: Plugin-based import system with validation
- Acceptance Criteria:
- ✅ CSV import with validation
- ✅ Error handling and reporting
- ✅ Duplicate detection and skipping
- ✅ Abstract base class for importers
- ✅ Format auto-detection by extension
-
[IPAM-017] ✅ Data Backup & Restore
- Priority: Medium | Category: Data Management
- Description: Backup and restore utilities with verification
- Acceptance Criteria:
- ✅ Scheduled backups via CLI (cron-friendly)
- ✅ One-click restore from backup
- ✅ Backup verification and integrity checks
- ✅ Database migration utilities via Flask-Migrate
-
[IPAM-005] ✅ Responsive Web Interface
- Priority: High | Category: UI/UX
- Description: Modern Bootstrap 5 interface with DataTables
- Acceptance Criteria:
- ✅ Bootstrap 5 responsive design
- ✅ DataTables for sorting/filtering
- ✅ Navigation with dropdown menus
- ✅ Flash message system
- ✅ Mobile-friendly interface
-
[IPAM-006] ✅ Dashboard with Statistics
- Priority: Medium | Category: UI/UX
- Description: Overview dashboard with network utilization
- Acceptance Criteria:
- ✅ Network and host count cards
- ✅ Utilization progress bars
- ✅ Recent networks/hosts tables
- ✅ Visual status indicators
-
[IPAM-007] ✅ Comprehensive Test Suite
- Priority: High | Category: Testing
- Description: Unit and integration tests with coverage
- Acceptance Criteria:
- ✅ Model tests for Network/Host
- ✅ Route tests for all endpoints
- ✅ Form validation tests
- ✅ Export/Import functionality tests
- ✅ Test fixtures and factories
-
[IPAM-008] ✅ Code Quality Standards
- Priority: High | Category: Development
- Description: Google Style Guide compliance and tooling
- Acceptance Criteria:
- ✅ Black formatting (80 char limit)
- ✅ Google-style imports and structure
- ✅ Pylint compliance
- ✅ Git hooks and standards
No features currently in progress
-
[IPAM-020] ✅ Network Names and Domains
- Priority: Medium | Category: Core
- Status: Complete
- Description: Add name and domain fields to networks for better organization
- Acceptance Criteria:
- ✅ Add
namefield to Network model (optional, user-friendly identifier) - ✅ Add
domainfield to Network model (optional, DNS domain for network) - ✅ Update network forms to include new fields
- ✅ Update network displays and tables
- ✅ Database migration for existing networks
- ✅ Add
- Technical Implementation:
- Added
nameanddomainVARCHAR(100) columns to networks table - Updated NetworkForm with new optional fields
- Enhanced all network templates and API responses
- Backward compatible with existing networks
- Added
-
[IPAM-021] ✅ Host CNAME Support
- Priority: Medium | Category: Core
- Status: Complete
- Description: Add CNAME alias support for hosts with export integration
- Acceptance Criteria:
- ✅ Add
cnamefield to Host model (optional, DNS alias) - ✅ Update host forms and displays
- ✅ Extend DNSmasq exporter with
cname=CNAME,HOSTNAMEentries - ✅ Update all templates to show CNAME field
- ✅ CNAME statistics in DNSmasq export
- ✅ Add
- Technical Features:
- Added
cnameVARCHAR(255) column to hosts table - Updated HostForm and all host templates
- Enhanced DNSmasq exporter with separate CNAME section
- CNAME aliases work with all DNSmasq modes (DNS/DHCP/Combined)
- Export format:
cname=ALIAS,HOSTNAME
- Added
-
[IPAM-022] ✅ Form Field Validation Indicators
- Priority: Low | Category: UI/UX
- Status: Complete
- Description: Visual indicators for mandatory vs optional form fields
- Acceptance Criteria:
- ✅ Add asterisk (*) to required field labels
- ✅ Helpful form-text for all fields (required/optional)
- ✅ Consistent styling across all forms
- ✅ Clear visual distinction between mandatory and optional fields
- UI Improvements:
- Red asterisk (*) for required fields (Network Address, CIDR, IP Address)
- Form-text descriptions for all fields
- Consistent Bootstrap styling throughout forms
- [IPAM-019] ✅ Edit and Delete Functionality for Networks and Hosts
- Priority: High | Category: Core
- Status: Complete
- Description: Full CRUD operations with edit forms and safe deletion
- Acceptance Criteria:
- ✅ Edit network form with validation and error handling
- ✅ Edit host form with network auto-detection and manual assignment
- ✅ Delete network with host-dependency protection
- ✅ Delete host with confirmation dialog
- ✅ Action buttons integrated into DataTables
- ✅ JavaScript confirmation dialogs for deletions
- ✅ Flash messages for success/error feedback
- ✅ Form pre-population with existing data
- Routes Added:
GET/POST /edit_network/<id>- Edit network formGET/POST /edit_host/<id>- Edit host formPOST /delete_network/<id>- Delete network (with host check)POST /delete_host/<id>- Delete host
- Technical Features:
- Network deletion blocked if hosts are assigned
- Host IP validation and network auto-detection
- CSRF protection for all forms
- Bootstrap form styling with validation feedback
- JavaScript confirmation with host count display
- [IPAM-018] ✅ DNSmasq Host Export with Multiple Modes
- Priority: Medium | Category: Export
- Status: Complete
- Description: Export hosts in DNSmasq configuration format with configurable modes
- Acceptance Criteria:
- ✅ DNS Mode: Only
host-record=hostname,IPentries for DNS server use - ✅ DHCP Mode: Only
dhcp-host=MAC,IP,hostnameentries for DHCP server use - ✅ Combined Mode: Both DNS and DHCP entries for full DNSmasq setup
- ✅ Separate active and reserved hosts in all modes
- ✅ Include mode-specific statistics and comments
- ✅ Skip inactive hosts and hosts without hostnames
- ✅ Skip hosts without MAC addresses in DHCP-only mode
- ✅ DNS Mode: Only
- Export Routes:
/export/hosts/dnsmasq- Combined mode (default)/export/hosts/dnsmasq-dns- DNS-only mode/export/hosts/dnsmasq-dhcp- DHCP-only mode
- Technical Notes:
- DNS Mode: All hosts get
host-record=hostname,IP(ignores MAC) - DHCP Mode: Only hosts with MAC get
dhcp-host=MAC,IP,hostname - Combined Mode: MAC hosts get
dhcp-host, non-MAC hosts gethost-record - File extension:
.conf - MIME type:
text/plain - Configurable via DNSmasqExporter constructor
- DNS Mode: All hosts get
- [IPAM-009] ✅ Export/Import Test Coverage
- Priority: High | Category: Testing
- Status: Complete
- Description: Complete test coverage for new export/import system
- Acceptance Criteria:
- ✅ CSV exporter/importer tests
- ✅ JSON exporter/importer tests
- ✅ Route integration tests
- ✅ Error handling edge cases
- ✅ Performance tests for large datasets
- Completed: Added comprehensive edge case tests, performance tests, and JSON import functionality
-
[IPAM-023] ✅ Comprehensive REST API with OpenAPI/Swagger
- Priority: High | Category: API
- Status: Complete
- Description: Complete RESTful API for all IPAM operations with filtering, pagination, and interactive Swagger UI documentation
- Acceptance Criteria:
- Network Operations:
- ✅
GET /api/v1/networks- List all networks (with filtering support) - ✅
GET /api/v1/networks/{id}- Get specific network details - ✅
POST /api/v1/networks- Create new network - ✅
PUT /api/v1/networks/{id}- Update existing network - ✅
DELETE /api/v1/networks/{id}- Delete network (with host check) - ✅
GET /api/v1/networks/{id}/hosts- List hosts in specific network
- ✅
- Host Operations:
- ✅
GET /api/v1/hosts- List all hosts (with filtering support) - ✅
GET /api/v1/hosts/{id}- Get specific host details - ✅
POST /api/v1/hosts- Create new host - ✅
PUT /api/v1/hosts/{id}- Update existing host - ✅
DELETE /api/v1/hosts/{id}- Delete host
- ✅
- IP Management:
- ✅
GET /api/v1/ip/networks/{id}/next-ip- Get next available IP in network - ✅
GET /api/v1/ip/networks/{id}/available-ips- List all available IPs - ✅
GET /api/v1/ip/{ip_address}- Query IP address status/details
- ✅
- Filtering & Search:
- ✅ Network filters:
name,domain,vlan_id,location - ✅ Host filters:
hostname,cname,status,mac_address,network_id - ✅ Pagination support:
page,per_page
- ✅ Network filters:
- Response Format:
- ✅ Consistent JSON responses with metadata
- ✅ Error handling with proper HTTP status codes
- ✅ Interactive Swagger UI at
/api/v1/docs
- Network Operations:
- Technical Implementation:
- Flask-RESTX for auto-documentation and Swagger UI
- Application Factory pattern for modular architecture
- SQLAlchemy models in dedicated ipam/models.py
- Comprehensive error handling with proper status codes
- Blueprint-based routing (ipam/api/ and ipam/web/)
- Implementation Files:
ipam/__init__.py- Application factory with db initializationipam/extensions.py- Flask-SQLAlchemy extensionipam/models.py- Network and Host modelsipam/config.py- Configuration with absolute database pathsipam/api/__init__.py- API blueprint and Swagger configurationipam/api/models.py- Request/response serialization modelsipam/api/networks.py- Network CRUD endpointsipam/api/hosts.py- Host CRUD endpointsipam/api/ip_management.py- IP allocation and query endpointsipam/web/- Web interface blueprintAPI.md- Complete API documentationtests/test_database.py- Database initialization tests
- Completed: API fully operational at http://127.0.0.1:5000/api/v1 with Swagger UI at /api/v1/docs
- Notes: API authentication and rate limiting are now supported.
-
[IPAM-014] ✅ REST API Expansion (Auth + Rate Limiting)
- Priority: Medium | Category: API
- Status: Complete
- Description: Token authentication and rate limiting for all API endpoints
- Acceptance Criteria:
- ✅ Token-based authentication via
Authorization: BearerorX-API-Key - ✅ Swagger UI remains publicly accessible
- ✅ Configurable rate limit defaults and limiter backend
- ✅ Environment-driven configuration (
API_TOKENS,API_RATE_LIMIT) - ✅ Optional rate limiting toggle (
RATELIMIT_ENABLED)
- ✅ Token-based authentication via
-
[IPAM-010] 📅 Subnet Calculator
- Priority: Medium | Category: Network Tools
- Estimated Effort: Medium (2-3 days)
- Description: Built-in subnet calculator and IP range tools
- Acceptance Criteria:
- Calculate available subnets from larger networks
- Visual subnet splitting recommendations
- IP range conflict detection
- Subnet mask conversion tools
- Technical Notes:
- Use ipaddress library for calculations
- Add JavaScript for real-time calculations
-
[IPAM-011] 📅 Network Scanner Integration
- Priority: Medium | Category: Discovery
- Estimated Effort: High (4-5 days)
- Description: Scan network ranges for active hosts
- Acceptance Criteria:
- Ping sweep functionality
- Port scanning for common services
- Auto-populate discovered hosts
- Scheduled scan capabilities
- Dependencies: [IPAM-010] for subnet calculations
- Technical Notes: Consider using python-nmap library
-
[IPAM-024] 📅 IP Lease History
- Priority: Medium | Category: Data Management
- Estimated Effort: Medium (2-3 days)
- Description: Track assignment and metadata changes for hosts and networks
- Acceptance Criteria:
- Record create/update/delete events with timestamp and actor
- Persist history entries in a dedicated table
- UI for viewing history on host and network details
- API endpoints for history retrieval
- Export history entries in CSV/JSON
-
[IPAM-012] 📅 Advanced Import Formats
- Priority: Low | Category: Data Management
- Estimated Effort: Medium (2-3 days)
- Description: Support for XML, Excel, and network tool exports
- Acceptance Criteria:
- XML import/export
- Excel (.xlsx) support
- Nmap XML import
- Cisco/HP switch MAC table import
- Dependencies: [IPAM-004] plugin system
-
[IPAM-013] 📅 Advanced Export with Filtering
- Priority: High | Category: Data Management
- Estimated Effort: Medium (2-3 days)
- Description: Export all data or filtered subsets with advanced options
- Acceptance Criteria:
- Complete Database Export: All networks, hosts, and relationships
- Filtered Network Export: By VLAN, location, IP range, utilization
- Filtered Host Export: By status, network, hostname pattern, date range
- Multiple Format Support: CSV, JSON, Excel for all export types
- Custom Field Selection: Choose which columns to include
- Export Templates: Save and reuse filter configurations
- UI Features:
- Advanced filter interface with multiple criteria
- Export preview with row count estimation
- Progress indicator for large exports
- Download history and re-export capability
- Technical Implementation:
# Export with advanced filtering /export/networks?vlan_id=100&location=datacenter&format=csv /export/hosts?status=active&network_id=5&format=json /export/complete?include=networks,hosts,relationships&format=excel # Filter examples networks: VLAN ID, location, IP range, utilization %, description hosts: status, network, hostname regex, IP range, last_seen date
- UI Mockup:
[ Advanced Export ] Export Type: [●] Networks [ ] Hosts [●] Complete Database Filters: ┌─ Networks ─────────────────────────────────────────┐ │ VLAN ID: [100,200-300] Location: [datacenter*] │ │ IP Range: [10.0.0.0/8] Utilization: [>80%] │ └────────────────────────────────────────────────────┘ ┌─ Hosts ────────────────────────────────────────────┐ │ Status: [☑active ☐inactive ☑reserved] │ │ Hostname: [server*] Last Seen: [last 30 days] │ └────────────────────────────────────────────────────┘ Format: [CSV ▼] Include: [☑IP ☑Hostname ☐MAC ☑Status] Preview: ~1,247 networks, ~5,632 hosts [Export] [Save as Template] [Load Template] - Dependencies: [IPAM-004] plugin system for format support
-
[IPAM-027] 📅 Custom Fields
- Priority: Medium | Category: Data Management
- Estimated Effort: Medium (2-3 days)
- Description: User-defined fields for hosts and networks
- Acceptance Criteria:
- Admin UI to define custom fields (string/int/bool/date)
- API support for reading and writing custom fields
- Export/import includes custom field values
- Validation for required fields and type constraints
-
[IPAM-017] 📅 Data Backup & Restore
- Priority: Medium | Category: Data Management
- Estimated Effort: Small (1-2 days)
- Description: Automated backup and restore functionality
- Acceptance Criteria:
- Scheduled database backups
- One-click restore from backup
- Complete database migration utilities
- Backup verification and integrity checks
-
[IPAM-016] 📅 Local User Management UI
- Priority: Medium | Category: UI/Security
- Estimated Effort: Small (1-2 days)
- Description: Admin interface for local user management
- Acceptance Criteria:
- User list with search and filtering
- Add/edit/disable user accounts
- Role assignment interface
- Password reset functionality
- User activity logging
- Dependencies: [IPAM-015] hybrid authentication system
- Technical Notes:
- Reuse existing Bootstrap/DataTables UI patterns
- Add password strength validation
- Implement user audit trail
- [IPAM-026] 📅 IP Conflict Detection
- Priority: Medium | Category: Core
- Estimated Effort: Medium (2-3 days)
- Description: Detect duplicate IPs and overlapping ranges
- Acceptance Criteria:
- Detect duplicate IPs within a network
- Detect overlapping networks and DHCP range overlaps
- UI warnings on create/update
- API returns structured conflict errors
- Background validation for existing data
-
[IPAM-025] 📅 Role-Based Access Control
- Priority: High | Category: Security
- Estimated Effort: Medium (3-4 days)
- Description: Fine-grained permissions across UI and API
- Acceptance Criteria:
- Roles: ReadOnly, Editor, Admin, APIOnly
- Enforce permissions on UI routes and API endpoints
- Admin UI for role assignment
- Configurable default role for new users
- Audit log entries for role changes
-
[IPAM-015] 📅 Hybrid Authentication System
-
Priority: High | Category: Security
-
Estimated Effort: Medium (3-4 days)
-
Description: Support both local user management and OIDC via OAuth2 Proxy
-
Acceptance Criteria:
- Local Authentication: Built-in user registration, login, password reset
- OAuth2 Proxy Support: OIDC integration via reverse proxy
- Role-based Access Control: Admin, User, ReadOnly roles
- Configurable Auth Mode: Environment variable to switch between modes
- User Management UI: Admin interface for local users
- Session Management: Secure session handling for both modes
-
Technical Notes:
- Use Flask-Login for local authentication
- Header extraction for proxy-based auth
- Unified User model supporting both auth types
- Role inheritance from OIDC groups or local assignment
-
Authentication Modes:
Mode 1: Local Authentication (Default)
# .env AUTH_MODE=local SECRET_KEY=your-secret-key
Mode 2: OAuth2 Proxy
# docker-compose.auth.yml services: oauth2-proxy: image: quay.io/oauth2-proxy/oauth2-proxy:latest ports: ["4180:4180"] environment: - OAUTH2_PROXY_UPSTREAM=http://ipam:5000 - OAUTH2_PROXY_OIDC_ISSUER_URL=${OIDC_ISSUER} - OAUTH2_PROXY_CLIENT_ID=${OIDC_CLIENT_ID} - OAUTH2_PROXY_PASS_USER_HEADERS=true ipam: environment: - AUTH_MODE=proxy - AUTH_USER_HEADER=X-Forwarded-User
-
Implementation Structure:
# auth/models.py class User(db.Model): id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(80), unique=True, nullable=False) email = db.Column(db.String(120), unique=True, nullable=False) password_hash = db.Column(db.String(255)) # Only for local auth role = db.Column(db.String(20), default='user') # admin/user/readonly auth_type = db.Column(db.String(10), default='local') # local/proxy is_active = db.Column(db.Boolean, default=True) # auth/manager.py class AuthManager: def authenticate_user(self, request): if app.config['AUTH_MODE'] == 'proxy': return self._authenticate_proxy(request) else: return self._authenticate_local(request)
-
Rationale: Maximum flexibility - simple setup for development/small deployments, enterprise-ready OIDC for larger organizations
-
- Multi-tenant Support: Not planned for current roadmap
- Rationale: Single-tenant IPAM covers majority of use cases
- Complexity: Would require significant architecture changes
- Alternative: Deploy multiple IPAM instances for isolation
- ✅ Core IPAM functionality
- ✅ Export/Import system with plugin architecture
- ✅ Responsive web interface
- ✅ Comprehensive test suite
- 📅 Advanced export with filtering and templates
- 📅 Network tools and calculator
- 📅 Enhanced import formats (Excel, XML)
- 📅 REST API expansion
- 📅 Hybrid authentication system (local + OIDC)
- 📅 User management interface
- 📅 Role-based access control
- 📅 IP lease history
- 📅 IP conflict detection
- 📅 Custom fields for hosts and networks
- 📅 Network discovery tools
- 📅 Advanced reporting and analytics
- 📅 Performance optimizations for large datasets
Sprint: Export/Import System Enhancement Duration: 2025-10-01 to 2025-10-05
- ✅ Complete plugin-based export/import system
- ✅ Achieve 95%+ test coverage for export/import features
- ✅ Add JSON import capability
- ✅ Performance optimization for large datasets
- ✅ All export/import tests passing
- ✅ No regression in existing functionality
- ✅ Plugin system documented for future extensions
- ✅ JSON import/export functionality complete
- ✅ Comprehensive edge case and performance test coverage
- id: "IPAM-XXX"
title: "Feature Name"
status: "pending" # pending, in_progress, completed, blocked
priority: "medium" # low, medium, high, critical
category: "category_name" # core, ui, api, security, testing, etc.
estimated_effort: "medium" # small (1-2d), medium (2-4d), high (4-7d)
description: "Brief description of the feature"
rationale: "Why this feature is needed"
acceptance_criteria:
- "Specific requirement 1"
- "Specific requirement 2"
technical_notes:
- "Implementation considerations"
dependencies: ["IPAM-XXX"] # Other features this depends on
assignee: "optional"📞 Need a new feature? Create an issue using the template above or contact the development team.