feat(sessions): add configurable auto-cleanup for old agent sessions#83
Open
DeryFerd wants to merge 3 commits into
Open
feat(sessions): add configurable auto-cleanup for old agent sessions#83DeryFerd wants to merge 3 commits into
DeryFerd wants to merge 3 commits into
Conversation
… Add EVONIC_PUBLIC_PROTOCOL environment variable to control protocol (http/https) embedded in downloaded Evonet connector binaries. Changes: - Add EVONIC_PUBLIC_PROTOCOL config with validation (auto/http/https) - Update protocol detection in _build_binary() with explicit override - Add debug/warning logs for protocol detection traceability - Document configuration in .env.example Motivation: When Evonic is deployed behind non-standard reverse proxies, automatic protocol detection from request headers may be unreliable. If the wrong protocol is embedded in the binary, the connector will: 1. Fail to connect (protocol mismatch) 2. Potentially expose connector_token over plaintext HTTP This fix allows explicit protocol configuration while maintaining backward-compatible auto-detection as the default. Protocol detection priority (auto mode): 1. X-Forwarded-Proto header 2. X-Real-Proto header 3. CF-Visitor header (Cloudflare) 4. request.scheme (ProxyFix-corrected) 5. Fallback to https with warning Closes issue identified in security audit: protocol misconfiguration could expose connector tokens in certain proxy configurations.
Add automatic cleanup of old agent sessions based on configurable age threshold to prevent unbounded database growth. Changes: - models/chat.py: Add AgentChatDB.get_old_sessions(max_age_days) to query sessions by last-updated timestamp - models/chat.py: Add AgentChatDB.delete_old_sessions(max_age_days, dry_run) that archives old sessions and their messages; dry_run=True returns count without making changes - backend/scheduler.py: Add Scheduler._cleanup_old_sessions() that iterates all agents and calls delete_old_sessions() per agent - backend/scheduler.py: Register sessions cleanup as a daily 04:00 cron job (builtin:sessions_cleanup) - .env.example: Document EVONIC_SESSION_MAX_AGE_DAYS (default: 90 days) Admin controls: - Set EVONIC_SESSION_MAX_AGE_DAYS=0 to disable cleanup entirely - Default of 90 days is conservative; adjust to your retention needs Benefits: - Prevents unbounded session database growth on long-running instances - Improves query performance as session count stays bounded - Privacy-friendly: old conversations are automatically purged
4855f04 to
e1c4654
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
Evonic stores agent sessions indefinitely. For a long-running instance, this means the
chat_sessionstable and session JSONL files grow without bound. Over time, this can:Most sessions stop being useful after a few months. Someone who tried Evonic once in January probably isn't coming back to resume that session in July. But without auto-cleanup, those dead sessions sit there forever.
What Changed
This PR adds configurable automatic cleanup of old agent sessions:
New database methods (
models/chat.py):get_old_sessions(max_age_days)- queries sessions older than a thresholddelete_old_sessions(max_age_days, dry_run=False)- removes old sessions with optional dry-run mode for safetyScheduled cleanup job (
backend/scheduler.py):EVONIC_SESSION_MAX_AGE_DAYSfrom environment (default: 90 days)EVONIC_SESSION_MAX_AGE_DAYS=0Configuration (
.env.example):EVONIC_SESSION_MAX_AGE_DAYSwith clear explanationTest coverage (
unit_tests/test_session_cleanup.py):The implementation is conservative:
Why 90 Days?
The default is a guess. It's long enough that most active users won't lose recent sessions, but short enough to prevent unbounded growth on a busy instance.
Admins can adjust this. If you run a personal instance with one user, you might want 365 days or even 0 (disabled). If you run a shared instance with hundreds of users, 30 days might make more sense.
How It Works
The cleanup job runs at 04:00 every day (configurable in
scheduler.pyif needed). It:EVONIC_SESSION_MAX_AGE_DAYSfrom environmentdelete_old_sessions(max_age_days)Sessions are considered "old" based on
last_updatedtimestamp. If a session hasn't been touched in 90+ days (or whatever threshold is configured), it gets deleted. This removes both the database row and the JSONL file.Backward Compatibility
EVONIC_SESSION_MAX_AGE_DAYSis not set, defaults to 90 days (not 0)Testing
All tests pass:
Tested scenarios:
The tests use an in-memory SQLite database and temporary JSONL files, so they don't affect real data.
Manual Testing
To test manually on a development instance:
EVONIC_SESSION_MAX_AGE_DAYS=30in.env[SESSION_CLEANUP]messages at 04:00Privacy Note
This feature helps with privacy. If someone uses Evonic once and doesn't come back, their conversation history automatically disappears after 90 days (or whatever threshold is set). That's better than keeping it forever.
For shared/public instances, this is especially useful. Old conversations from users who stopped using the system don't pile up indefinitely.
Alternative Approaches Considered
Manual cleanup script: Could work, but requires admin to remember to run it. Scheduled cleanup is more reliable.
Per-user retention settings: Adds UI complexity. Most users won't configure this. A sensible global default is simpler.
Cleanup on startup: Runs too often on frequently-restarted instances, not often enough on long-running ones. Daily scheduled cleanup is more predictable.
What Wasn't Changed
The cleanup is purely additive. If something goes wrong, setting
EVONIC_SESSION_MAX_AGE_DAYS=0disables it immediately without requiring code changes.