Appearance
Admin and System
This page covers Truetask's admin-only features for monitoring, auditing, and maintaining the workspace. Most regular users never need to open these sections — but when something goes wrong or compliance comes knocking, this is where you go.
Admin only
Every feature on this page requires the site Owner or Admin role. Some features additionally require a Pro or Enterprise license.
Health
Settings → Site → Health gives you a real-time status page for the services Truetask depends on:
| Service | What it checks |
|---|---|
| Database | PocketBase connection — the primary data store |
| API | FastAPI service — core business logic and data access |
| MCP | Model Context Protocol server — only when enabled |
When to check it
- After an update, to verify everything came back online
- When users report slowness or errors, to rule out service issues
- Periodically, as part of your ops routine
Status indicators
Each service shows green (healthy), yellow (degraded), or red (down). Expand the entry for diagnostic details, including error messages and response times.
Updates
Settings → Site → Updates shows the currently installed version of Truetask and links to upgrade instructions.
- Current version — your installed build
- Latest available — when this instance can reach the internet, shows the newest release
- Update window expires — when you lose access to new releases under your current license (pair this with the License page)
Actually performing an update is a server-side operation — see the Admin Guide for step-by-step upgrade instructions.
Audit Log 
Settings → Audit & Security → Audit Log is an append-only record of every significant action taken in the workspace. Nothing is ever deleted from the audit log — it's a complete, tamper-evident history.
What gets logged
| Action | Examples |
|---|---|
create | New tasks, lists, boards, tags |
update | Any edit to a tracked entity |
delete | Removals |
move | Tasks moved between lists or boards |
archive | Boards or tasks archived |
export | Data exported from the system |
import | Data imported into the system |
ldap_sync | LDAP synchronization events |
ldap_auth | LDAP authentication events |
Each entry records:
- Date and time (UTC)
- Actor — the user who performed the action
- Board — which board the action affected (if applicable)
- Entity — the specific task, list, board, etc.
- Action — what was done
- Change summary — human-readable diff of old vs new values
Filtering
Filter the log by user, board, entity type (card, list, board, tags, system), action, and date range. Every column is sortable.
Chain Integrity
Each audit entry is linked to the previous one via a SHA-256 hash — the entry's hash includes the previous hash plus the actor, board, entity, action, and metadata. This makes the log tamper-evident: you can detect whether any entry has been altered or removed.
The genesis hash (truetask_genesis_v1) seeds the chain for the first entry on each board.
Click Verify integrity to re-run the chain check on demand.
Exports
The audit log can be exported in five formats:
| Format | Use case |
|---|---|
| CSV | Import into spreadsheets or BI tools |
| JSON | Programmatic processing |
| Excel | Share with non-technical stakeholders |
| SOC 2 Report (HTML) | Compliance audits with SOC 2 Type II mapping |
| ISO 27001 Report (HTML) | Compliance audits with ISO 27001 Annex A mapping |
The SOC 2 and ISO 27001 reports include:
- An activity summary table
- The detailed audit trail
- Chain integrity attestation stating that logs are immutable and that integrity can be verified via hash
- For ISO 27001: a control mapping (A.5 Organizational Controls, A.8 Asset Management)
Active Sessions
Settings → Audit & Security → Active Sessions shows every active session across every user on the workspace.
For each session you see:
| Field | Description |
|---|---|
| User | Who the session belongs to |
| Browser | Parsed from the user agent |
| IP address | Where the session was opened from |
| Last activity | When that session was last used |
Click Revoke on any session to force-sign-out on that device. Useful for:
- A user reports a lost or stolen laptop
- An employee leaves and you want to ensure they're signed out everywhere
- Investigating a suspicious login
Individual users can also manage their own sessions from Profile → Sessions — see Profile.
Backups
Settings → Server → Backups configures automated workspace backups.
Schedule
- Frequency — daily, weekly, or a custom schedule (e.g. every day at 4:00 AM)
- Retention — how many backups to keep (e.g. the last 7 daily backups)
Older backups are automatically pruned as newer ones take their place.
Manual Backups
Click Backup Now to create an immediate backup. Useful before any risky operation — major upgrade, bulk import, configuration change.
Restore
Click Restore on any backup to roll the workspace back to that point. Restoration is immediate and replaces the current state.
Restore replaces everything
Restoring from a backup overwrites all current data with the backup's contents. Anything created or changed since the backup was taken will be lost. Consider using Workspace Export (below) to save a snapshot of the current state before restoring.
Workspace Export
Settings → Server → Export creates a portable JSON export of everything in the workspace:
- All boards, lists, tasks, tags, and members
- Custom fields and their values
- Automations
- Comments and attachments metadata
Use it for:
- Migration to another Truetask instance
- Full audits where you need an offline copy of the data
- Pre-restore snapshots as a safety net before any restore
Very large workspaces can take a few minutes to export. The download starts automatically when the export is ready.
Data Retention 
Settings → Server → Data Retention configures automatic cleanup of operational data:
| Data | Default | Configurable |
|---|---|---|
| Audit logs | Keep all | Days to retain |
| Notifications | Keep all | Days to retain |
| Sessions | Keep all | Days to retain |
| Webhook logs | Keep all | Days to retain |
| Error logs | Keep all | Days to retain |
Retention runs automatically — data older than the configured period is permanently deleted. Set retention policies in consultation with your organization's data policies.
Tips
- Check Health after every upgrade — it's the fastest way to catch a service that didn't start correctly
- Run Verify integrity on the audit log periodically in regulated environments — quarterly is a good cadence
- Test restores in a staging environment before needing them in production
- Compliance exports (SOC 2, ISO 27001) are designed to be handed to auditors as-is — they include the attestation language auditors expect
- Set reasonable retention — too short and you lose context for investigations; too long and you waste storage