fix: align database layer and API routes with SQLite backend#7
Merged
Conversation
The control plane uses better-sqlite3 but several modules still emitted
MySQL-only SQL or referenced columns that were never created, breaking
the production build and core flows (PKI, backups, audit logging).
- Restore the build by exporting `getPkiService` from `lib/pki-service.ts`
(the new download route imported it) and rewriting the helper to use
SQLite-compatible upserts (`ON CONFLICT(...) DO UPDATE SET ... = excluded.x`).
- Add idempotent column migrations in `lib/db.ts` so existing panel.sqlite
files gain the missing `client_cert`, `client_key`, and `wg_privkey`
columns required by the OpenVPN/WireGuard flows.
- Replace MySQL `NOW()` with `CURRENT_TIMESTAMP` in the audit logger and
the user-create route, and drop the redundant `created_at` column from
the user INSERT (the table already has a default).
- Detect duplicate-username errors via SQLite's `SQLITE_CONSTRAINT_UNIQUE`
and the `UNIQUE constraint failed` message in `app/api/users/route.ts`,
while still honouring the legacy MySQL `ER_DUP_ENTRY` code.
- Convert `app/api/backup/import/route.ts` to SQLite upserts and remove
references to columns that don't exist (`traffic_up`, `traffic_down`,
`connected_clients`, `last_check`); mirror the cleanup in the export.
- Replace the insecure `Math.random()` WireGuard private-key generator
in `app/api/client/download/route.ts` with `crypto.randomBytes(32)`,
and persist the generated key per-user so subsequent downloads are
stable instead of rotating on every request.
- Reduce `app/api/migrate/route.ts` to a thin trigger for the new
in-process migrator; the previous body used MySQL-only `ALTER TABLE
... ADD COLUMN IF NOT EXISTS` syntax that always failed under SQLite.
- Normalise the user `status` enum across `lib/schemas.ts`,
`lib/db-types.ts`, and both user routes so values produced by the UI
('disabled') validate consistently.
- Tidy lint warnings: drop unused imports in the tunnel-nodes view, the
add-node modal, the subscription route, and `lib/tunnel-commands.ts`.
https://claude.ai/code/session_01BF6aKfH4Q7CjxF3ycVkRoT
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The control plane uses better-sqlite3 but several modules still emitted
MySQL-only SQL or referenced columns that were never created, breaking
the production build and core flows (PKI, backups, audit logging).
getPkiServicefromlib/pki-service.ts(the new download route imported it) and rewriting the helper to use
SQLite-compatible upserts (
ON CONFLICT(...) DO UPDATE SET ... = excluded.x).lib/db.tsso existing panel.sqlitefiles gain the missing
client_cert,client_key, andwg_privkeycolumns required by the OpenVPN/WireGuard flows.
NOW()withCURRENT_TIMESTAMPin the audit logger andthe user-create route, and drop the redundant
created_atcolumn fromthe user INSERT (the table already has a default).
SQLITE_CONSTRAINT_UNIQUEand the
UNIQUE constraint failedmessage inapp/api/users/route.ts,while still honouring the legacy MySQL
ER_DUP_ENTRYcode.app/api/backup/import/route.tsto SQLite upserts and removereferences to columns that don't exist (
traffic_up,traffic_down,connected_clients,last_check); mirror the cleanup in the export.Math.random()WireGuard private-key generatorin
app/api/client/download/route.tswithcrypto.randomBytes(32),and persist the generated key per-user so subsequent downloads are
stable instead of rotating on every request.
app/api/migrate/route.tsto a thin trigger for the newin-process migrator; the previous body used MySQL-only
ALTER TABLE ... ADD COLUMN IF NOT EXISTSsyntax that always failed under SQLite.statusenum acrosslib/schemas.ts,lib/db-types.ts, and both user routes so values produced by the UI('disabled') validate consistently.
add-node modal, the subscription route, and
lib/tunnel-commands.ts.https://claude.ai/code/session_01BF6aKfH4Q7CjxF3ycVkRoT