Skip to content

migration wizard #2138

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
filipslezaklab wants to merge 15 commits into
base: dev
Choose a base branch
from
+2,566 −495
Draft

migration wizard #2138

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
2039492
initial migration commit
filipslezaklab Feb 26, 2026
18ffd09
set migration on flags init
filipslezaklab Feb 26, 2026
8876f8b
add session info endpoint
filipslezaklab Feb 26, 2026
b80c101
fix clippy
filipslezaklab Feb 26, 2026
f219d61
sqlx query for offline
filipslezaklab Feb 26, 2026
36fafc5
migration wizard ui init - copy existing steps
filipslezaklab Feb 27, 2026
9629a88
up
filipslezaklab Mar 2, 2026
f605d01
update ui
filipslezaklab Mar 2, 2026
add1118
add dedicated migration wizard API (#2157)
wojcik91 Mar 2, 2026
f96c50b
add migration confirm ui content
filipslezaklab Mar 2, 2026
f8f1bc8
upgrade ui packages
filipslezaklab Mar 2, 2026
9c5ad00
add translations strings
filipslezaklab Mar 2, 2026
5a1b97a
remove wizard_needed flag
filipslezaklab Mar 2, 2026
7cc2ce2
Migration config to db, part 1 (#2156)
j-chmielewski Mar 2, 2026
534e595
fix migration flags (#2159)
j-chmielewski Mar 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 44 additions & 0 deletions .sqlx/query-9042a72c21aa8c26cd187c2d336c844a983d2f0697a7b937a94e3f00d0c7a830.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

46 changes: 35 additions & 11 deletions crates/defguard/src/main.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ use defguard_common::{
};
use defguard_core::{
auth::failed_login::FailedLoginMap,
db::AppEvent,
db::{AppEvent, models::wizard_flags::WizardFlags},
enterprise::{
activity_log_stream::activity_log_stream_manager::run_activity_log_stream_manager,
license::{License, run_periodic_license_check, set_cached_license},
Expand All @@ -33,7 +33,7 @@ use defguard_event_router::{RouterReceiverSet, run_event_router};
use defguard_gateway_manager::{GatewayManager, GatewayTxSet};
use defguard_proxy_manager::{ProxyManager, ProxyTxSet};
use defguard_session_manager::{events::SessionManagerEvent, run_session_manager};
use defguard_setup::setup::run_setup_web_server;
use defguard_setup::{migration::run_migration_web_server, setup::run_setup_web_server};
use defguard_vpn_stats_purge::run_periodic_stats_purge;
use secrecy::ExposeSecret;
use tokio::sync::{
Expand Down Expand Up @@ -94,27 +94,49 @@ async fn main() -> Result<(), anyhow::Error> {
info!("Using HMAC OpenID signing key");
}

let wizard_flags = WizardFlags::init(&pool).await?;
let mut ini_server_config = true;

// initialize default settings
Settings::init_defaults(&pool).await?;
// initialize global settings struct
initialize_current_settings(&pool).await?;
Settings::ensure_secret_key(&pool, &config).await?;
let mut settings = Settings::get_current_settings();

if !settings.initial_setup_completed {
if wizard_flags.initial_wizard_in_progress && !wizard_flags.initial_wizard_completed {
if let Err(err) =
run_setup_web_server(pool.clone(), config.http_bind_address, config.http_port).await
{
anyhow::bail!("Setup web server exited with error: {err}");
}
settings = Settings::get_current_settings();
} else if wizard_flags.migration_wizard_in_progress && !wizard_flags.migration_wizard_completed
{
settings.update_from_config(&pool, &config).await?;

config.initialize_post_settings();
SERVER_CONFIG
.set(config.clone())
.expect("Failed to initialize server config.");

ini_server_config = false;

if let Err(err) =
run_migration_web_server(pool.clone(), config.http_bind_address, config.http_port).await
{
anyhow::bail!("Migration web server exited with error: {err}");
}
settings = Settings::get_current_settings();
}

config.initialize_post_settings();
if ini_server_config {
config.initialize_post_settings();

SERVER_CONFIG
.set(config.clone())
.expect("Failed to initialize server config.");
SERVER_CONFIG
.set(config.clone())
.expect("Failed to initialize server config.");
}

// create event channels for services
let (api_event_tx, api_event_rx) = unbounded_channel::<ApiEvent>();
Expand All @@ -141,7 +163,7 @@ async fn main() -> Result<(), anyhow::Error> {
anyhow::bail!("CA certificate or key were not found in settings, despite completing setup.")
}

// read grpc TLS cert and key
// read grpc TLS cert and key from legacy config values
let grpc_cert = config
.grpc_cert
.as_ref()
Expand Down Expand Up @@ -172,11 +194,13 @@ async fn main() -> Result<(), anyhow::Error> {
}

let (proxy_control_tx, proxy_control_rx) = channel::<ProxyControlMessage>(100);
let proxy_secret_key = settings.secret_key_required()?.to_string();
let proxy_manager = ProxyManager::new(
pool.clone(),
ProxyTxSet::new(gateway_tx.clone(), bidi_event_tx.clone()),
Arc::clone(&incompatible_components),
proxy_control_rx,
proxy_secret_key,
);

let mut gateway_manager = GatewayManager::new(
Expand Down Expand Up @@ -208,9 +232,9 @@ async fn main() -> Result<(), anyhow::Error> {
) => error!("Web server returned early: {res:?}"),
res = run_periodic_stats_purge(
pool.clone(),
config.stats_purge_frequency.into(),
config.stats_purge_threshold.into()
), if !config.disable_stats_purge =>
settings.stats_purge_frequency(),
settings.stats_purge_threshold()
), if !settings.disable_stats_purge =>
error!("Periodic stats purge task returned early: {res:?}"),
res = run_periodic_license_check(&pool) =>
error!("Periodic license check task returned early: {res:?}"),
Expand Down
Loading