feat(ui): clean vertical settings menu and improved version formatting

app/services/update_service.py

@@ -2,6 +2,7 @@
 
 import json
 import logging
+import os
 import shutil
 import subprocess
 from datetime import datetime
@@ -198,18 +199,143 @@ def trigger_update(config: Any, db_path: str) -> dict:
 
     logger.info("git pull succeeded: %s", result.stdout.strip()[:200])
 
-    # 4. Fire-and-forget docker compose rebuild — the container will restart itself
+    # 4. Read version info from the freshly-pulled source
-    compose_cmd = [
+    build_env = os.environ.copy()
-        "docker", "compose",
+    try:
-        "-f", f"{SOURCE_DIR}/docker-compose.yml",
+        build_env["GIT_COMMIT"] = subprocess.run(
-        "up", "--build", "-d",
+            ["git", "-C", SOURCE_DIR, "rev-parse", "--short", "HEAD"],
-    ]
+            capture_output=True, text=True, timeout=10,
-    subprocess.Popen(
+        ).stdout.strip() or "unknown"
-        compose_cmd,
+
-        stdout=subprocess.DEVNULL,
+        build_env["GIT_BRANCH"] = subprocess.run(
-        stderr=subprocess.DEVNULL,
+            ["git", "-C", SOURCE_DIR, "rev-parse", "--abbrev-ref", "HEAD"],
+            capture_output=True, text=True, timeout=10,
+        ).stdout.strip() or "unknown"
+
+        build_env["GIT_COMMIT_DATE"] = subprocess.run(
+            ["git", "-C", SOURCE_DIR, "log", "-1", "--format=%cI"],
+            capture_output=True, text=True, timeout=10,
+        ).stdout.strip() or "unknown"
+
+        tag_result = subprocess.run(
+            ["git", "-C", SOURCE_DIR, "describe", "--tags", "--abbrev=0"],
+            capture_output=True, text=True, timeout=10,
         )
-    logger.info("docker compose up --build -d triggered — container will restart shortly.")
+        build_env["GIT_TAG"] = tag_result.stdout.strip() if tag_result.returncode == 0 else "unknown"
+    except Exception as exc:
+        logger.warning("Could not read version info from source: %s", exc)
+
+    logger.info(
+        "Rebuilding with GIT_TAG=%s GIT_COMMIT=%s GIT_BRANCH=%s",
+        build_env.get("GIT_TAG", "?"),
+        build_env.get("GIT_COMMIT", "?"),
+        build_env.get("GIT_BRANCH", "?"),
+    )
+
+    # 5. Two-phase rebuild: Build image first, then swap container.
+    #    The swap will kill this process (we ARE the container), so we must
+    #    ensure the compose-up runs detached on the Docker host via a wrapper.
+    log_path = Path(BACKUP_DIR) / "update_rebuild.log"
+
+    # Phase A — build the new image (does NOT stop anything)
+    build_cmd = [
+        "docker", "compose",
+        "-p", "netbirdmsp-appliance",
+        "-f", f"{SOURCE_DIR}/docker-compose.yml",
+        "build", "--no-cache",
+        "netbird-msp-appliance",
+    ]
+    logger.info("Phase A: building new image …")
+    try:
+        build_result = subprocess.run(
+            build_cmd,
+            capture_output=True, text=True,
+            timeout=600,
+            env=build_env,
+        )
+        with open(log_path, "w") as f:
+            f.write(build_result.stdout)
+            f.write(build_result.stderr)
+        if build_result.returncode != 0:
+            logger.error("Image build failed: %s", build_result.stderr[:500])
+            return {
+                "ok": False,
+                "message": f"Image build failed: {build_result.stderr[:300]}",
+                "backup": backup_path,
+            }
+    except subprocess.TimeoutExpired:
+        return {"ok": False, "message": "Image build timed out after 600s.", "backup": backup_path}
+
+    logger.info("Phase A complete — image built successfully.")
+
+    # Phase B — swap the container using a helper container.
+    #    When compose recreates our container, ALL processes inside die (PID namespace
+    #    is destroyed). So we launch a *separate* helper container via 'docker run -d'
+    #    that has access to the Docker socket and runs 'docker compose up -d'.
+    #    This helper lives outside our container and survives our restart.
+
+    # Discover the host-side path of /app-source (docker volumes use host paths)
+    try:
+        inspect_result = subprocess.run(
+            ["docker", "inspect", "netbird-msp-appliance",
+             "--format", '{{range .Mounts}}{{if eq .Destination "/app-source"}}{{.Source}}{{end}}{{end}}'],
+            capture_output=True, text=True, timeout=10,
+        )
+        host_source_dir = inspect_result.stdout.strip()
+        if not host_source_dir:
+            raise ValueError("Could not find /app-source mount")
+    except Exception as exc:
+        logger.error("Failed to discover host source path: %s", exc)
+        return {"ok": False, "message": f"Could not find host source path: {exc}", "backup": backup_path}
+
+    logger.info("Host source directory: %s", host_source_dir)
+
+    env_flags = []
+    for key in ("GIT_TAG", "GIT_COMMIT", "GIT_BRANCH", "GIT_COMMIT_DATE"):
+        val = build_env.get(key, "unknown")
+        env_flags.extend(["-e", f"{key}={val}"])
+
+    # Use the same image we're already running (it has docker CLI + compose plugin)
+    own_image = "netbirdmsp-appliance-netbird-msp-appliance:latest"
+
+    helper_cmd = [
+        "docker", "run", "--rm", "-d", "--privileged",
+        "--name", "msp-updater",
+        "-v", "/var/run/docker.sock:/var/run/docker.sock:z",
+        "-v", f"{host_source_dir}:{host_source_dir}:ro,z",
+        *env_flags,
+        own_image,
+        "sh", "-c",
+        (
+            "sleep 3 && "
+            "docker compose -p netbirdmsp-appliance "
+            f"-f {host_source_dir}/docker-compose.yml "
+            "up --force-recreate --no-deps -d netbird-msp-appliance"
+        ),
+    ]
+    try:
+        # Remove stale updater container if any
+        subprocess.run(
+            ["docker", "rm", "-f", "msp-updater"],
+            capture_output=True, timeout=10,
+        )
+        result = subprocess.run(
+            helper_cmd,
+            capture_output=True, text=True,
+            timeout=30,
+            env=build_env,
+        )
+        if result.returncode != 0:
+            logger.error("Failed to start updater container: %s", result.stderr.strip())
+            return {
+                "ok": False,
+                "message": f"Update-Container konnte nicht gestartet werden: {result.stderr.strip()[:200]}",
+                "backup": backup_path,
+            }
+        logger.info("Phase B: updater container started — this container will restart in ~5s.")
+    except Exception as exc:
+        logger.error("Failed to launch updater: %s", exc)
+        return {"ok": False, "message": f"Updater launch failed: {exc}", "backup": backup_path}
 
     return {
         "ok": True,

containers.txt

@@ -0,0 +1,9 @@
+NAMES                       STATUS                     IMAGE
+netbird-msp-appliance       Up 3 minutes (healthy)     netbirdmsp-appliance-netbird-msp-appliance
+msp-updater                 Exited (0) 3 minutes ago   netbirdmsp-appliance-netbird-msp-appliance:latest
+netbird-kunde1-caddy        Up 2 hours                 caddy:2-alpine
+netbird-kunde1-signal       Up 2 hours                 netbirdio/signal:latest
+netbird-kunde1-dashboard    Up 2 hours                 netbirdio/dashboard:latest
+netbird-kunde1-relay        Up 2 hours                 netbirdio/relay:latest
+netbird-kunde1-management   Up 2 hours                 netbirdio/management:latest
+docker-socket-proxy         Up 2 hours                 tecnativa/docker-socket-proxy:latest

helper.txt

@@ -0,0 +1 @@
+Error response from daemon: No such container: msp-updater

logs.txt

@@ -0,0 +1,9 @@
+INFO:     Started server process [1]
+INFO:     Waiting for application startup.
+2026-02-22 14:53:59,694 [INFO] app.main: Starting NetBird MSP Appliance...
+2026-02-22 14:53:59,744 [INFO] app.main: Database initialized.
+INFO:     Application startup complete.
+INFO:     Uvicorn running on http://0.0.0.0:8000 (Press CTRL+C to quit)
+INFO:     127.0.0.1:45370 - "GET /api/health HTTP/1.1" 200 OK
+INFO:     127.0.0.1:57724 - "GET /api/health HTTP/1.1" 200 OK
+INFO:     127.0.0.1:56212 - "GET /api/health HTTP/1.1" 200 OK

out.txt

@@ -0,0 +1 @@
+msp-updater

port.txt

@@ -0,0 +1,2 @@
+8000/tcp -> 0.0.0.0:8000
+8000/tcp -> [::]:8000

static/js/app.js

@@ -1219,12 +1219,12 @@ async function loadVersionInfo() {
 
         let html = `<div class="row g-3">
             <div class="col-md-6">
-                <div class="border rounded p-3">
+                <div class="border rounded p-3 h-100">
                     <div class="text-muted small mb-1">${t('settings.currentVersion')}</div>
                     <div class="fw-bold fs-5">${esc(currentTag || currentCommit)}</div>
                     ${currentTag ? `<div class="text-muted small font-monospace">${t('settings.commitHash')}: ${esc(currentCommit)}</div>` : ''}
                     <div class="text-muted small">${t('settings.branch')}: <strong>${esc(current.branch || 'unknown')}</strong></div>
-                    <div class="text-muted small">${esc(current.date || '')}</div>
+                    <div class="text-muted small mt-2"><i class="bi bi-clock me-1"></i>${formatDate(current.date)}</div>
                 </div>
             </div>`;
 
@@ -1235,17 +1235,17 @@ async function loadVersionInfo() {
                 ? `<span class="badge bg-warning text-dark ms-1">${t('settings.updateAvailable')}</span>`
                 : `<span class="badge bg-success ms-1">${t('settings.upToDate')}</span>`;
             html += `<div class="col-md-6">
-                <div class="border rounded p-3 ${needsUpdate ? 'border-warning' : ''}">
+                <div class="border rounded p-3 h-100 ${needsUpdate ? 'border-warning' : ''}">
                     <div class="text-muted small mb-1">${t('settings.latestVersion')} ${badge}</div>
                     <div class="fw-bold fs-5">${esc(latestTag || latestCommit)}</div>
                     ${latestTag ? `<div class="text-muted small font-monospace">${t('settings.commitHash')}: ${esc(latestCommit)}</div>` : ''}
                     <div class="text-muted small">${t('settings.branch')}: <strong>${esc(latest.branch || 'unknown')}</strong></div>
-                    <div class="text-muted small">${esc(latest.message || '')}</div>
+                    <div class="text-muted small mt-2"><i class="bi bi-clock me-1"></i>${formatDate(latest.date)}</div>
-                    <div class="text-muted small">${esc(latest.date || '')}</div>
+                    ${latest.message ? `<div class="text-muted small mt-1 border-top pt-1 text-truncate" title="${esc(latest.message)}"><i class="bi bi-chat-text me-1"></i>${esc(latest.message)}</div>` : ''}
                 </div>
             </div>`;
         } else if (data.error) {
-            html += `<div class="col-md-6"><div class="alert alert-warning mb-0">${esc(data.error)}</div></div>`;
+            html += `<div class="col-md-6"><div class="alert alert-warning h-100 mb-0">${esc(data.error)}</div></div>`;
         }
         html += '</div>';
 

update_helper.txt

@@ -0,0 +1,4 @@
+ Container netbird-msp-appliance Recreate 
+ Container netbird-msp-appliance Recreated 
+ Container netbird-msp-appliance Starting 
+ Container netbird-msp-appliance Started