alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d8ab22876ffeca7a58e455c3bb366c655f2c1f73
tiny-forge/internal/store/settings.go
T
alexei.dolgolyov 8b886ddf2b feat(backup): take Tinyforge DB snapshot before every deploy 
Adds an opt-in "auto_backup_before_deploy" setting that triggers a
"pre-deploy" backup at the start of every project deploy via the deploy
pipeline (covers both the async HTTP path and the sync poller/webhook
path). Failures are logged to the deploy log but do not abort — missing
a backup is preferable to refusing to ship a fix.

- store: settings.auto_backup_before_deploy column + scan/update wiring
- backup: accept "pre-deploy" as a valid backup_type
- deployer: small PreDeployBackuper interface, hooked into runDeploy
  right after settings load and before any state-mutating work
- api: settings request/response surface the new flag
- web: ToggleSwitch on the backup settings page; "Pre-deploy" badge
  variant in the backup list (badge-warning so it stands out)
- i18n: en/ru strings for the toggle, help text, and badge label
2026-05-07 02:14:26 +03:00

117 lines
4.3 KiB
Go
Raw Blame History

package store
import (
"fmt"
)
// GetSettings returns the global settings (single-row pattern, always row id=1).
func (s *Store) GetSettings() (Settings, error) {
var st Settings
var wildcardDNS, npmRemote, backupEnabled, autoBackupBeforeDeploy int
err := s.db.QueryRow(
`SELECT domain, server_ip, public_ip, network, subdomain_pattern, notification_url,
notification_secret,
npm_url, npm_email, npm_password, polling_interval,
base_volume_path, ssl_certificate_id, stale_threshold_days,
allowed_volume_paths, wildcard_dns, dns_provider,
cloudflare_api_token, cloudflare_zone_id,
npm_remote, npm_access_list_id, proxy_provider,
traefik_entrypoint, traefik_cert_resolver, traefik_network, traefik_api_url,
image_prune_threshold_mb,
backup_enabled, backup_interval_hours, backup_retention_count,
auto_backup_before_deploy,
stats_interval_seconds, stats_retention_hours,
updated_at
FROM settings WHERE id = 1`,
).Scan(&st.Domain, &st.ServerIP, &st.PublicIP, &st.Network, &st.SubdomainPattern, &st.NotificationURL,
&st.NotificationSecret,
&st.NpmURL, &st.NpmEmail, &st.NpmPassword, &st.PollingInterval,
&st.BaseVolumePath, &st.SSLCertificateID, &st.StaleThresholdDays,
&st.AllowedVolumePaths, &wildcardDNS, &st.DNSProvider,
&st.CloudflareAPIToken, &st.CloudflareZoneID,
&npmRemote, &st.NpmAccessListID, &st.ProxyProvider,
&st.TraefikEntrypoint, &st.TraefikCertResolver, &st.TraefikNetwork, &st.TraefikAPIURL,
&st.ImagePruneThresholdMB,
&backupEnabled, &st.BackupIntervalHours, &st.BackupRetentionCount,
&autoBackupBeforeDeploy,
&st.StatsIntervalSeconds, &st.StatsRetentionHours,
&st.UpdatedAt)
if err != nil {
return Settings{}, fmt.Errorf("query settings: %w", err)
}
st.WildcardDNS = wildcardDNS != 0
st.NpmRemote = npmRemote != 0
st.BackupEnabled = backupEnabled != 0
st.AutoBackupBeforeDeploy = autoBackupBeforeDeploy != 0
return st, nil
}
// UpdateSettings upserts the global settings row.
func (s *Store) UpdateSettings(st Settings) error {
st.UpdatedAt = Now()
wildcardDNS := 0
if st.WildcardDNS {
wildcardDNS = 1
}
npmRemote := 0
if st.NpmRemote {
npmRemote = 1
}
backupEnabled := 0
if st.BackupEnabled {
backupEnabled = 1
}
autoBackupBeforeDeploy := 0
if st.AutoBackupBeforeDeploy {
autoBackupBeforeDeploy = 1
}
_, err := s.db.Exec(
`UPDATE settings SET
domain=?, server_ip=?, public_ip=?, network=?, subdomain_pattern=?, notification_url=?,
notification_secret=?,
npm_url=?, npm_email=?, npm_password=?, polling_interval=?,
base_volume_path=?, ssl_certificate_id=?, stale_threshold_days=?,
allowed_volume_paths=?, wildcard_dns=?, dns_provider=?,
cloudflare_api_token=?, cloudflare_zone_id=?,
npm_remote=?, npm_access_list_id=?, proxy_provider=?,
traefik_entrypoint=?, traefik_cert_resolver=?, traefik_network=?, traefik_api_url=?,
image_prune_threshold_mb=?,
backup_enabled=?, backup_interval_hours=?, backup_retention_count=?,
auto_backup_before_deploy=?,
stats_interval_seconds=?, stats_retention_hours=?,
updated_at=?
WHERE id = 1`,
st.Domain, st.ServerIP, st.PublicIP, st.Network, st.SubdomainPattern, st.NotificationURL,
st.NotificationSecret,
st.NpmURL, st.NpmEmail, st.NpmPassword, st.PollingInterval,
st.BaseVolumePath, st.SSLCertificateID, st.StaleThresholdDays,
st.AllowedVolumePaths, wildcardDNS, st.DNSProvider,
st.CloudflareAPIToken, st.CloudflareZoneID,
npmRemote, st.NpmAccessListID, st.ProxyProvider,
st.TraefikEntrypoint, st.TraefikCertResolver, st.TraefikNetwork, st.TraefikAPIURL,
st.ImagePruneThresholdMB,
backupEnabled, st.BackupIntervalHours, st.BackupRetentionCount,
autoBackupBeforeDeploy,
st.StatsIntervalSeconds, st.StatsRetentionHours,
st.UpdatedAt,
)
if err != nil {
return fmt.Errorf("update settings: %w", err)
}
return nil
}
// SetSettingsNotificationSecret rewrites only the global outgoing-webhook
// signing secret on the singleton settings row. Pass an empty string to
// disable signing globally (notifications still send, just without HMAC).
func (s *Store) SetSettingsNotificationSecret(secret string) error {
_, err := s.db.Exec(
`UPDATE settings SET notification_secret=?, updated_at=? WHERE id = 1`,
secret, Now(),
)
if err != nil {
return fmt.Errorf("set settings notification secret: %w", err)
}
return nil
}
Reference in New Issue View Git Blame Copy Permalink