A - Z
Page Index

An Otter Wiki 
# O_Bmar

# OT-BMAR (Operational Technology & Building Management Asset Registry)

OT-BMAR is a highly secure, containerized relational asset management engine designed to track mission-critical metadata for BMS servers, network controllers, and software licenses.

## Key Features
- **Strict RBAC**: Admin, Engineer, and Field Tech roles with granular access controls and "least privilege" visibility for secrets.
- **Two-Stage Bulk Import**: An "Analyze then Confirm" workflow for CSV/Excel data, featuring a property-level change matrix to prevent accidental overrides.
- **Naming Convention Enforcement**: Automated validation of asset naming (e.g., Servers start with `Win-`, Network Controllers start with `Qnx-`, `Titan-`, or `ATLAS-SD-`).
- **High-Density UI**: A "system registry" aesthetic designed for efficiency, featuring responsive card layouts and interactive audit tooltips.
- **Credential Security**: All sensitive fields (passwords, keys, passphrases) are encrypted at rest using AES-256 (Fernet).
- **Immutable Audit Ledger**: Automated tracking of all CREATE, UPDATE, DELETE, and VIEW_PASSWORD actions with full state snapshots.
- **Standardized Schema**: Case-sensitive PostgreSQL consistency with ALL CAPS enums (SERVER, NETWORK_CONTROLLER, ROUTER, etc.).

## System Architecture
- **Backend**: FastAPI (Python 3.11) with SQLAlchemy and PostgreSQL 16.
- **Frontend**: React 18 SPA with Vite, Tailwind CSS (High-Density Design), and Lucide icons.
- **Security**: JWT authentication with sliding sessions and encrypted credential management.

## Quick Start
1. Ensure Docker and Docker Compose are installed.
2. Clone the repository and navigate to the root directory.
3. Run `docker compose up --build -d`.
4. Access the dashboard at `http://localhost:3000`.

## Administrative Utilities
- **Asset Auditor**: A specialized script (`asset-auditor/scripts/audit_assets.py`) for identifying registry discrepancies and naming violations.
- **Data Recovery**: Database volumes are mounted to `postgres_data` for persistence.
- **Encryption**: The master Fernet key is managed via the `FIELD_ASSET_ENCRYPTION_KEY` environment variable in the `.env` file.

## Default Credentials
- **Admin**: `admin` / `AdminPass123!`
- **Engineer**: `engineer` / `EngineerPass123!`
- **Field Tech**: `tech` / `TechPass123!`
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9