Merged
Conversation
j-chmielewski
force-pushed
the
config-to-db-merge
branch
from
ae1b728 to
3ca2fb4
Compare
There was a problem hiding this comment.
Pull request overview
This PR continues the “config to DB” migration by moving additional runtime-configured settings into the settings DB row, ensuring runtime defaults are initialized from DB state, and exposing new settings sections in the web UI for VPN stats retention/purge and enrollment/password reset timeouts.
Changes:
- Add DB-backed settings initialization (
initialize_runtime_defaults) to generate/validatesecret_keyand derivewebauthn_rp_id, and remove legacygrpc_urlsettings plumbing. - Add new web settings pages/routes for “VPN stats” and “Enrollment”, plus a new “Auth cookie timeout (days)” field on the Instance settings page.
- Update migrations and tests to align with DB-backed settings and updated initialization helpers.
Reviewed changes
Copilot reviewed 21 out of 21 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| web/src/shared/api/types.ts | Adds SettingsTimeoutsAndMaintenance and extends the Settings type with new timeout/purge fields. |
| web/src/routes/_authorized/_default/settings/vpn-stats.tsx | Adds route entry for the new VPN stats settings page. |
| web/src/routes/_authorized/_default/settings/enrollment.tsx | Adds route entry for the new Enrollment settings page. |
| web/src/routeTree.gen.ts | Updates generated route tree to include the new settings routes. |
| web/src/pages/settings/SettingsVpnStatsPage/SettingsVpnStatsPage.tsx | Implements UI + PATCH for stats purge frequency/threshold and disable toggle. |
| web/src/pages/settings/SettingsInstancePage/SettingsInstancePage.tsx | Adds auth_cookie_timeout_days to schema/defaults and UI. |
| web/src/pages/settings/SettingsIndexPage/tabs/SettingsGeneralTab.tsx | Adds navigation entries to the new settings pages. |
| web/src/pages/settings/SettingsEnrollmentPage/SettingsEnrollmentPage.tsx | Implements UI + PATCH for enrollment/password reset token + session timeouts. |
| migrations/20260227091211_[2.0.0]_settings_in_db.up.sql | Removes grpc_url column addition; keeps other settings-in-DB columns. |
| migrations/20260227091211_[2.0.0]_settings_in_db.down.sql | Removes grpc_url column drop to match the updated up migration. |
| crates/defguard_proxy_manager/src/servers/enrollment.rs | Updates tests to use Settings::initialize_runtime_defaults. |
| crates/defguard_core/tests/integration/common.rs | Adjusts test config/setup to DB-backed settings and changes initialize_users signature. |
| crates/defguard_core/tests/integration/api/common/mod.rs | Updates caller to new initialize_users signature. |
| crates/defguard_core/tests/integration/api/acl.rs | Updates caller to new initialize_users signature. |
| crates/defguard_core/src/lib.rs | Hardcodes admin password for dev env init to match removed config field. |
| crates/defguard_core/src/enterprise/directory_sync/tests.rs | Updates settings initialization and admin user initialization. |
| crates/defguard_common/src/db/models/settings.rs | Implements runtime defaults init, secret key generation changes, removes grpc_url, refactors config-application logic, adds tests. |
| crates/defguard_common/src/config.rs | Removes/changes deprecated config fields to align with DB settings (e.g., auth_cookie_timeout now optional, removes default_admin_password and grpc_url). |
| crates/defguard/src/main.rs | Reorders startup to initialize current settings and apply runtime defaults at appropriate points. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
web/src/pages/settings/SettingsInstancePage/SettingsInstancePage.tsx
Outdated
Show resolved
Hide resolved
moubctez
approved these changes
Mar 6, 2026
filipslezaklab
approved these changes
Mar 6, 2026
filipslezaklab
added a commit
that referenced
this pull request
Mar 6, 2026
* initial migration commit * set migration on flags init * add session info endpoint * fix clippy * sqlx query for offline * migration wizard ui init - copy existing steps * up * update ui * add dedicated migration wizard API (#2157) * add a separate API server for the migration wizard * add auth endpoints to migration API * add migration confirm ui content * upgrade ui packages * add translations strings * remove wizard_needed flag * Migration config to db, part 1 (#2156) * fix migration flags (#2159) * update migration routes * allow persisting active migration step * upgrade wizard navigation * update ui redirects for _authorized * add a helper struct to keep channels open (#2166) Co-authored-by: Filip Ślęzak <102536422+filipslezaklab@users.noreply.github.com> * update finish step * fix final step navigate * Update types.ts * resolve merge duplicate files, merge wizard-flags to wizard * core compiles * update sqlx queries * ui fix route guards * update session-info cache logic * fix ensure secret crashing on first run after 2.0 upgrade * adjust migration finish action * fix after merge conflicts * update sqlx * fix wizard.rs after merge issues * fix react p > div error * Update justfile * provide default value for auth_cookie_timeout * Move config values to DB settings - part 2 (#2202) --------- Co-authored-by: Maciek <19913370+wojcik91@users.noreply.github.com> Co-authored-by: Jacek Chmielewski <jchmielewski@teonite.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.