fix some errors

.github/workflows/security.yml

@@ -26,13 +26,13 @@ jobs:
       uses: actions/setup-node@v4
       with:
         node-version: '18'
-        cache: 'npm'
+        cache: 'yarn'
 
     - name: Install dependencies
-      run: npm ci
+      run: yarn install --frozen-lockfile
 
-    - name: Run npm audit
+    - name: Run yarn audit
-      run: npm audit --audit-level=high
+      run: yarn audit --level high
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3

.serena/memories/dashboard_security_fix.md

@@ -0,0 +1,26 @@
+# Dashboard Security Fix
+
+## Problem
+The Traefik dashboard at http://quixy.uk:8080/dashboard/#/ was not password protected, showing all requests publicly.
+
+## Root Cause
+Two configuration files had `insecure: true` settings that disabled authentication:
+1. `docker-compose.yml` - `--api.insecure=true` command argument
+2. `traefik.yml` - `insecure: true` in api section
+
+## Solution Applied
+Fixed both configuration files:
+- Changed `--api.insecure=true` to `--api.insecure=false` in docker-compose.yml
+- Changed `insecure: true` to `insecure: false` in traefik.yml
+
+## Authentication Details
+Dashboard now uses basic HTTP authentication with credentials already configured:
+- Username: admin
+- Password: password (hash stored in TRAEFIK_AUTH environment variable)
+
+## To Apply Changes
+Run: `docker-compose down && docker-compose up -d`
+
+## Files Modified
+- docker-compose.yml:25 (insecure flag)
+- traefik.yml:18 (insecure setting)

docker-compose.yml

@@ -6,7 +6,7 @@ services:
     restart: unless-stopped
     command:
       - --api.dashboard=true
-      - --api.insecure=true
+      - --api.insecure=false
       - --providers.docker=true
       - --providers.docker.exposedbydefault=false
       - --entrypoints.web.address=:80

traefik.yml

@@ -19,7 +19,7 @@ entryPoints:
 # API and dashboard configuration
 api:
   dashboard: true
-  insecure: true
+  insecure: false
 
 # Providers configuration
 providers: