BurgerGames/NetBirdMSP-Appliance
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1bbe4904a7eed6f3c0553bafa5e2d1551f45613d
NetBirdMSP-Appliance/app/database.py
twothatit 1bbe4904a7 fix: resolve circular import, async blocking, SELinux and delete timeout issues 
- Extract shared SlowAPI limiter to app/limiter.py to break circular
  import between app.main and app.routers.auth
- Seed default SystemConfig row (id=1) on first DB init so settings
  page works out of the box
- Make all docker_service.compose_* functions async (run_in_executor)
  so long docker pulls/stops no longer block the async event loop
- Propagate async to netbird_service stop/start/restart and await
  callers in deployments router
- Move customer delete to BackgroundTasks so the HTTP response returns
  immediately and avoids frontend "Network error" on slow machines
- docker-compose: add :z SELinux labels, mount docker.sock directly,
  add security_opt label:disable for socket access, extra_hosts for
  host.docker.internal, enable DELETE/VOLUMES on socket proxy
- npm_service: auto-detect outbound host IP via UDP socket when
  HOST_IP env var is not set

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-19 00:30:25 +01:00

117 lines
3.9 KiB
Python
Raw Blame History

"""Database setup and session management for NetBird MSP Appliance."""
import os
import sys
from typing import Generator
from sqlalchemy import create_engine, event
from sqlalchemy.orm import Session, sessionmaker, declarative_base
DATABASE_PATH = os.environ.get("DATABASE_PATH", "/app/data/netbird_msp.db")
DATABASE_URL = f"sqlite:///{DATABASE_PATH}"
engine = create_engine(
DATABASE_URL,
connect_args={"check_same_thread": False},
echo=False,
)
# Enable WAL mode and foreign keys for SQLite
@event.listens_for(engine, "connect")
def _set_sqlite_pragma(dbapi_connection, connection_record) -> None:
cursor = dbapi_connection.cursor()
cursor.execute("PRAGMA journal_mode=WAL")
cursor.execute("PRAGMA foreign_keys=ON")
cursor.close()
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
Base = declarative_base()
def get_db() -> Generator[Session, None, None]:
"""Yield a database session, ensuring it is closed after use."""
db = SessionLocal()
try:
yield db
finally:
db.close()
def init_db() -> None:
"""Create all database tables and run lightweight migrations."""
from app.models import ( # noqa: F401
Customer,
Deployment,
DeploymentLog,
SystemConfig,
User,
)
Base.metadata.create_all(bind=engine)
_run_migrations()
# Insert default SystemConfig row (id=1) if it doesn't exist yet
db = SessionLocal()
try:
if not db.query(SystemConfig).filter(SystemConfig.id == 1).first():
db.add(SystemConfig(
id=1,
base_domain="example.com",
admin_email="admin@example.com",
npm_api_url="http://localhost:81",
npm_api_email_encrypted="",
npm_api_password_encrypted="",
))
db.commit()
finally:
db.close()
def _run_migrations() -> None:
"""Add columns that may be missing from older database versions."""
import sqlite3
conn = sqlite3.connect(DATABASE_PATH)
cursor = conn.cursor()
def _has_column(table: str, column: str) -> bool:
cursor.execute(f"PRAGMA table_info({table})")
return any(row[1] == column for row in cursor.fetchall())
migrations = [
("deployments", "dashboard_port", "INTEGER"),
("system_config", "dashboard_base_port", "INTEGER DEFAULT 9000"),
("deployments", "netbird_admin_email", "TEXT"),
("deployments", "netbird_admin_password", "TEXT"),
("system_config", "branding_name", "TEXT DEFAULT 'NetBird MSP Appliance'"),
("system_config", "branding_logo_path", "TEXT"),
("users", "role", "TEXT DEFAULT 'admin'"),
("users", "auth_provider", "TEXT DEFAULT 'local'"),
("system_config", "azure_enabled", "BOOLEAN DEFAULT 0"),
("system_config", "azure_tenant_id", "TEXT"),
("system_config", "azure_client_id", "TEXT"),
("system_config", "azure_client_secret_encrypted", "TEXT"),
("system_config", "branding_subtitle", "TEXT DEFAULT 'Multi-Tenant Management Platform'"),
("system_config", "default_language", "TEXT DEFAULT 'en'"),
("users", "default_language", "TEXT"),
("deployments", "npm_stream_id", "INTEGER"),
("system_config", "mfa_enabled", "BOOLEAN DEFAULT 0"),
("users", "totp_secret_encrypted", "TEXT"),
("users", "totp_enabled", "BOOLEAN DEFAULT 0"),
("system_config", "ssl_mode", "TEXT DEFAULT 'letsencrypt'"),
("system_config", "wildcard_cert_id", "INTEGER"),
]
for table, column, col_type in migrations:
if not _has_column(table, column):
cursor.execute(f"ALTER TABLE {table} ADD COLUMN {column} {col_type}")
conn.commit()
conn.close()
if __name__ == "__main__":
if len(sys.argv) > 1 and sys.argv[1] == "init":
init_db()
print("Database initialized successfully.")
Reference in New Issue View Git Blame Copy Permalink