Skip to content

Settings Reference

The Settings page now spans two storage scopes: shell-scoped settings that apply to every workspace in the local shell database, and workspace-scoped settings that travel with the currently selected workspace. All settings still persist locally and survive application restarts.

Prerequisites

  • ntkDeploy installed and launched — see First Launch.
  • For Policy Server settings, your policy server endpoint and TLS certificates must be available.

Opening Settings

Click Settings in the left sidebar (section settings). The page loads the current values for the active workspace session. Any change takes effect immediately — there is no save/cancel flow; each field auto-saves on change.

Settings Ownership by Scope

Scope Stored in Settings
Shell-scoped ntkdeploy_shell.db Theme mode, default deployment concurrency, default backup strategy, artifact base directory, selected workspace
Workspace-scoped Current workspace database or shell workspace_settings row Artifact retention days, conductor address, policy server URL, certificate paths, signing key, and public key

Switching workspaces reloads the workspace-scoped values immediately. Shell-scoped values stay the same because they belong to the local shell, not to a specific workspace.

Appearance

This section is shell-scoped.

Setting Options Default Notes
Theme mode System, Light, Dark System Controls whether the app follows the OS color scheme or uses a fixed theme

Deployment Defaults

These values are shell-scoped and pre-populate the Deployment Wizard when starting a new deployment.

Setting Options Default Notes
Default concurrency 5, 10, 25 5 Maximum number of parallel device deployments
Default backup strategy None, Backup, Rotate backup The pre-selected backup strategy in the wizard

Artifacts

Deployment artifacts (built JSON payloads + metadata) are stored locally for audit and rollback purposes. This section mixes one workspace-scoped control and one shell-scoped control.

Setting Type Default Notes
Retention days Slider 1–120 30 Workspace-scoped. Artifacts older than this number of days are eligible for cleanup for the current workspace. The value is stored inside that workspace database and is included in workspace bundle exports.
Artifacts directory Directory picker System default Shell-scoped. Overrides the artifact base directory for the whole shell. ntkDeploy writes each workspace into its own subdirectory under that base.

Artifact Actions

Button Action
Clean up old artifacts Immediately deletes artifacts older than the configured retention period. Displays a count of deleted files.

Note: The effective artifacts directory shown in Settings is always <artifact base directory>/<workspaceId>. If no override is set, ntkDeploy uses the default artifact base directory and still appends the active workspace ID. If you choose a folder that already ends with the current workspace ID, ntkDeploy stores its parent as the shell-level base directory so the effective path remains stable after a workspace switch.

Policy Server

These settings are workspace-scoped. They control how the currently selected workspace connects to the external ntkDrive conductor and policy server for ABAC enforcement.

Setting Label Format Required for policy Notes
Conductor Address Conductor Address host:port No Default: xdrive.dev:9010. Used as the conductorAddress field in deployed configs. When a conductor address is configured here, it is also embedded in all mobile profiles generated by ntkDeploy as the Profile-tier fallback for ntkMobile conductor resolution. If this field is empty or not set, mobile profiles are generated without a conductorAddress field and ntkMobile falls back to its built-in default (xdrive.dev:9010).
Policy Manager URL Policy Manager URL https://host:port Yes Policy server HTTPS endpoint (e.g., https://policy.example.com:8443)
CA certificate path CA certificate path File path .crt, .pem, .cer Conditional TLS CA certificate for the policy server. Use the browse button to pick a file.
Client certificate path Client certificate path File path .crt, .pem, .cer Conditional TLS client certificate for mutual TLS.
Client key path Client key path File path .key, .pem Conditional Private key corresponding to the client certificate.
Signing key (hex) Signing key Hex string Conditional Masked field. Used to sign policy requests.
Public key (hex) Public key (hex, optional) Hex string No Optional public key for verification.

Testing the Connection

Click Test connection (the filled button at the bottom of the Policy Server section) to verify that ntkDeploy can reach the policy server with the configured credentials.

Result Feedback
Success Snack bar: Policy server connection succeeded.
Failure Snack bar showing the error message returned by the server or TLS layer

Note: Test connection validates endpoint reachability only — it does not directly set or unlock the Policy Connectivity Gate. Gate state is updated automatically by ntkDeploy's background connectivity monitoring based on ongoing results. See Deployment Preflight Reference for how the gate affects deployments.

Workspace bundle import/export preserves these values with the workspace. Switching to another workspace replaces them with that workspace's saved policy configuration.

Resetting Settings

There is no one-click reset to defaults. To reset individual settings:

  • Theme: change the dropdown back to System.
  • Concurrency / backup strategy: select the default values from the dropdowns.
  • Artifact retention: drag the slider back to 30 days.
  • Artifacts directory: no in-UI clear option exists. Use the Change button to select a different directory, or reset the shell-level base path directly in the shell database.
  • Policy settings: clear each field individually for the current workspace.

Next Steps