FEATURE (adaptivity): Add mobile adaptivity

.gitignore

@@ -4,4 +4,5 @@ postgresus-data/
 pgdata/
 docker-compose.yml
 node_modules/
-.idea
+.idea
+/articles

README.md

@@ -58,12 +58,12 @@
 - **SSL support**: Secure connections available
 - **Easy restoration**: One-click restore from any backup
 
-### 🔒 **Backup Encryption** <a href="https://postgresus.com/encryption">(docs)</a>
+### 🔒 **Enterprise-grade security** <a href="https://postgresus.com/security">(docs)</a>
 
 - **AES-256-GCM encryption**: Enterprise-grade protection for backup files
-- **Zero-trust storage**: Encrypted backups are useless so you can keep in shared storages like S3, Azure Blob Storage, etc.
-- **Optionality**: Encrypted backups are optional and can be enabled or disabled if you wish
-- **Download unencrypted**: You can still download unencrypted backups via the 'Download' button to use them in `pg_restore` or other tools.
+- **Zero-trust storage**: Backups are encrypted and they are useless to attackers, so you can keep them in shared storages like S3, Azure Blob Storage, etc.
+- **Encryption for secrets**: Any sensitive data is encrypted and never exposed, even in logs or error messages
+- **Read-only user**: Postgresus uses by default a read-only user for backups and never stores anything that can change your data
 
 ### 👥 **Suitable for Teams** <a href="https://postgresus.com/access-management">(docs)</a>
 

backend/cmd/main.go

@@ -18,6 +18,7 @@ import (
 	backups_config "postgresus-backend/internal/features/backups/config"
 	"postgresus-backend/internal/features/databases"
 	"postgresus-backend/internal/features/disk"
+	"postgresus-backend/internal/features/encryption/secrets"
 	healthcheck_attempt "postgresus-backend/internal/features/healthcheck/attempt"
 	healthcheck_config "postgresus-backend/internal/features/healthcheck/config"
 	"postgresus-backend/internal/features/notifiers"
@@ -64,6 +65,12 @@ func main() {
 		os.Exit(1)
 	}
 
+	err = secrets.GetSecretKeyService().MigrateKeyFromDbToFileIfExist()
+	if err != nil {
+		log.Error("Failed to migrate secret key from database to file", "error", err)
+		os.Exit(1)
+	}
+
 	err = users_services.GetUserService().CreateInitialAdmin()
 	if err != nil {
 		log.Error("Failed to create initial admin", "error", err)

backend/internal/config/config.go

@@ -26,8 +26,9 @@ type EnvVariables struct {
 	EnvMode              env_utils.EnvMode `env:"ENV_MODE"             required:"true"`
 	PostgresesInstallDir string            `env:"POSTGRES_INSTALL_DIR"`
 
-	DataFolder string
-	TempFolder string
+	DataFolder    string
+	TempFolder    string
+	SecretKeyPath string
 
 	TestGoogleDriveClientID     string `env:"TEST_GOOGLE_DRIVE_CLIENT_ID"`
 	TestGoogleDriveClientSecret string `env:"TEST_GOOGLE_DRIVE_CLIENT_SECRET"`
@@ -146,6 +147,7 @@ func loadEnvVariables() {
 	// (projectRoot/postgresus-data -> /postgresus-data)
 	env.DataFolder = filepath.Join(filepath.Dir(backendRoot), "postgresus-data", "backups")
 	env.TempFolder = filepath.Join(filepath.Dir(backendRoot), "postgresus-data", "temp")
+	env.SecretKeyPath = filepath.Join(filepath.Dir(backendRoot), "postgresus-data", "secret.key")
 
 	if env.IsTesting {
 		if env.TestPostgres12Port == "" {

backend/internal/features/backups/backups/di.go

@@ -1,17 +1,18 @@
 package backups
 
 import (
+	"time"
+
 	audit_logs "postgresus-backend/internal/features/audit_logs"
 	"postgresus-backend/internal/features/backups/backups/usecases"
 	backups_config "postgresus-backend/internal/features/backups/config"
 	"postgresus-backend/internal/features/databases"
+	encryption_secrets "postgresus-backend/internal/features/encryption/secrets"
 	"postgresus-backend/internal/features/notifiers"
 	"postgresus-backend/internal/features/storages"
-	users_repositories "postgresus-backend/internal/features/users/repositories"
 	workspaces_services "postgresus-backend/internal/features/workspaces/services"
 	"postgresus-backend/internal/util/encryption"
 	"postgresus-backend/internal/util/logger"
-	"time"
 )
 
 var backupRepository = &BackupRepository{}
@@ -25,7 +26,7 @@ var backupService = &BackupService{
 	notifiers.GetNotifierService(),
 	notifiers.GetNotifierService(),
 	backups_config.GetBackupConfigService(),
-	users_repositories.GetSecretKeyRepository(),
+	encryption_secrets.GetSecretKeyService(),
 	encryption.GetFieldEncryptor(),
 	usecases.GetCreateBackupUsecase(),
 	logger.GetLogger(),

backend/internal/features/backups/backups/service.go

@@ -7,19 +7,20 @@ import (
 	"fmt"
 	"io"
 	"log/slog"
+	"slices"
+	"strings"
+	"time"
+
 	audit_logs "postgresus-backend/internal/features/audit_logs"
 	"postgresus-backend/internal/features/backups/backups/encryption"
 	backups_config "postgresus-backend/internal/features/backups/config"
 	"postgresus-backend/internal/features/databases"
+	encryption_secrets "postgresus-backend/internal/features/encryption/secrets"
 	"postgresus-backend/internal/features/notifiers"
 	"postgresus-backend/internal/features/storages"
 	users_models "postgresus-backend/internal/features/users/models"
-	users_repositories "postgresus-backend/internal/features/users/repositories"
 	workspaces_services "postgresus-backend/internal/features/workspaces/services"
 	util_encryption "postgresus-backend/internal/util/encryption"
-	"slices"
-	"strings"
-	"time"
 
 	"github.com/google/uuid"
 )
@@ -31,7 +32,7 @@ type BackupService struct {
 	notifierService     *notifiers.NotifierService
 	notificationSender  NotificationSender
 	backupConfigService *backups_config.BackupConfigService
-	secretKeyRepo       *users_repositories.SecretKeyRepository
+	secretKeyService    *encryption_secrets.SecretKeyService
 	fieldEncryptor      util_encryption.FieldEncryptor
 
 	createBackupUseCase CreateBackupUsecase
@@ -628,7 +629,7 @@ func (s *BackupService) getBackupReader(backupID uuid.UUID) (io.ReadCloser, erro
 	}
 
 	// Get master key
-	masterKey, err := s.secretKeyRepo.GetSecretKey()
+	masterKey, err := s.secretKeyService.GetSecretKey()
 	if err != nil {
 		if closeErr := fileReader.Close(); closeErr != nil {
 			s.logger.Error("Failed to close file reader", "error", closeErr)

backend/internal/features/backups/backups/service_test.go

@@ -3,21 +3,22 @@ package backups
 import (
 	"context"
 	"errors"
+	"strings"
+	"testing"
+	"time"
+
 	usecases_postgresql "postgresus-backend/internal/features/backups/backups/usecases/postgresql"
 	backups_config "postgresus-backend/internal/features/backups/config"
 	"postgresus-backend/internal/features/databases"
+	encryption_secrets "postgresus-backend/internal/features/encryption/secrets"
 	"postgresus-backend/internal/features/notifiers"
 	"postgresus-backend/internal/features/storages"
 	users_enums "postgresus-backend/internal/features/users/enums"
-	users_repositories "postgresus-backend/internal/features/users/repositories"
 	users_testing "postgresus-backend/internal/features/users/testing"
 	workspaces_services "postgresus-backend/internal/features/workspaces/services"
 	workspaces_testing "postgresus-backend/internal/features/workspaces/testing"
 	"postgresus-backend/internal/util/encryption"
 	"postgresus-backend/internal/util/logger"
-	"strings"
-	"testing"
-	"time"
 
 	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
@@ -56,7 +57,7 @@ func Test_BackupExecuted_NotificationSent(t *testing.T) {
 			notifiers.GetNotifierService(),
 			mockNotificationSender,
 			backups_config.GetBackupConfigService(),
-			users_repositories.GetSecretKeyRepository(),
+			encryption_secrets.GetSecretKeyService(),
 			encryption.GetFieldEncryptor(),
 			&CreateFailedBackupUsecase{},
 			logger.GetLogger(),
@@ -104,7 +105,7 @@ func Test_BackupExecuted_NotificationSent(t *testing.T) {
 			notifiers.GetNotifierService(),
 			mockNotificationSender,
 			backups_config.GetBackupConfigService(),
-			users_repositories.GetSecretKeyRepository(),
+			encryption_secrets.GetSecretKeyService(),
 			encryption.GetFieldEncryptor(),
 			&CreateSuccessBackupUsecase{},
 			logger.GetLogger(),
@@ -129,7 +130,7 @@ func Test_BackupExecuted_NotificationSent(t *testing.T) {
 			notifiers.GetNotifierService(),
 			mockNotificationSender,
 			backups_config.GetBackupConfigService(),
-			users_repositories.GetSecretKeyRepository(),
+			encryption_secrets.GetSecretKeyService(),
 			encryption.GetFieldEncryptor(),
 			&CreateSuccessBackupUsecase{},
 			logger.GetLogger(),

backend/internal/features/backups/backups/usecases/postgresql/create_backup_uc.go

@@ -19,8 +19,8 @@ import (
 	backups_config "postgresus-backend/internal/features/backups/config"
 	"postgresus-backend/internal/features/databases"
 	pgtypes "postgresus-backend/internal/features/databases/databases/postgresql"
+	encryption_secrets "postgresus-backend/internal/features/encryption/secrets"
 	"postgresus-backend/internal/features/storages"
-	users_repositories "postgresus-backend/internal/features/users/repositories"
 	"postgresus-backend/internal/util/encryption"
 	"postgresus-backend/internal/util/tools"
 
@@ -34,16 +34,15 @@ const (
 	progressReportIntervalMB = 1.0
 	pgConnectTimeout         = 30
 	compressionLevel         = 5
-	defaultBackupLimit       = 1000
 	exitCodeAccessViolation  = -1073741819
 	exitCodeGenericError     = 1
 	exitCodeConnectionError  = 2
 )
 
 type CreatePostgresqlBackupUsecase struct {
-	logger         *slog.Logger
-	secretKeyRepo  *users_repositories.SecretKeyRepository
-	fieldEncryptor encryption.FieldEncryptor
+	logger           *slog.Logger
+	secretKeyService *encryption_secrets.SecretKeyService
+	fieldEncryptor   encryption.FieldEncryptor
 }
 
 // Execute creates a backup of the database
@@ -81,6 +80,11 @@ func (uc *CreatePostgresqlBackupUsecase) Execute(
 
 	args := uc.buildPgDumpArgs(pg)
 
+	decryptedPassword, err := uc.fieldEncryptor.Decrypt(db.ID, pg.Password)
+	if err != nil {
+		return nil, fmt.Errorf("failed to decrypt database password: %w", err)
+	}
+
 	return uc.streamToStorage(
 		ctx,
 		backupID,
@@ -92,7 +96,7 @@ func (uc *CreatePostgresqlBackupUsecase) Execute(
 			config.GetEnv().PostgresesInstallDir,
 		),
 		args,
-		pg.Password,
+		decryptedPassword,
 		storage,
 		db,
 		backupProgressListener,
@@ -461,7 +465,7 @@ func (uc *CreatePostgresqlBackupUsecase) setupBackupEncryption(
 		return nil, nil, metadata, fmt.Errorf("failed to generate nonce: %w", err)
 	}
 
-	masterKey, err := uc.secretKeyRepo.GetSecretKey()
+	masterKey, err := uc.secretKeyService.GetSecretKey()
 	if err != nil {
 		return nil, nil, metadata, fmt.Errorf("failed to get master key: %w", err)
 	}

backend/internal/features/backups/backups/usecases/postgresql/di.go

@@ -1,14 +1,14 @@
 package usecases_postgresql
 
 import (
-	users_repositories "postgresus-backend/internal/features/users/repositories"
+	"postgresus-backend/internal/features/encryption/secrets"
 	"postgresus-backend/internal/util/encryption"
 	"postgresus-backend/internal/util/logger"
 )
 
 var createPostgresqlBackupUsecase = &CreatePostgresqlBackupUsecase{
 	logger.GetLogger(),
-	users_repositories.GetSecretKeyRepository(),
+	secrets.GetSecretKeyService(),
 	encryption.GetFieldEncryptor(),
 }
 

backend/internal/features/databases/controller.go

@@ -26,7 +26,8 @@ func (c *DatabaseController) RegisterRoutes(router *gin.RouterGroup) {
 	router.POST("/databases/test-connection-direct", c.TestDatabaseConnectionDirect)
 	router.POST("/databases/:id/copy", c.CopyDatabase)
 	router.GET("/databases/notifier/:id/is-using", c.IsNotifierUsing)
-
+	router.POST("/databases/is-readonly", c.IsUserReadOnly)
+	router.POST("/databases/create-readonly-user", c.CreateReadOnlyUser)
 }
 
 // CreateDatabase
@@ -330,3 +331,76 @@ func (c *DatabaseController) CopyDatabase(ctx *gin.Context) {
 
 	ctx.JSON(http.StatusCreated, copiedDatabase)
 }
+
+// IsUserReadOnly
+// @Summary Check if database user is read-only
+// @Description Check if current database credentials have only read (SELECT) privileges
+// @Tags databases
+// @Accept json
+// @Produce json
+// @Security BearerAuth
+// @Param request body Database true "Database configuration to check"
+// @Success 200 {object} IsReadOnlyResponse
+// @Failure 400 {object} map[string]string
+// @Failure 401 {object} map[string]string
+// @Failure 403 {object} map[string]string
+// @Router /databases/is-readonly [post]
+func (c *DatabaseController) IsUserReadOnly(ctx *gin.Context) {
+	user, ok := users_middleware.GetUserFromContext(ctx)
+	if !ok {
+		ctx.JSON(http.StatusUnauthorized, gin.H{"error": "User not authenticated"})
+		return
+	}
+
+	var request Database
+	if err := ctx.ShouldBindJSON(&request); err != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	isReadOnly, err := c.databaseService.IsUserReadOnly(user, &request)
+	if err != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	ctx.JSON(http.StatusOK, IsReadOnlyResponse{IsReadOnly: isReadOnly})
+}
+
+// CreateReadOnlyUser
+// @Summary Create read-only database user
+// @Description Create a new PostgreSQL user with read-only privileges for backup operations
+// @Tags databases
+// @Accept json
+// @Produce json
+// @Security BearerAuth
+// @Param request body Database true "Database configuration to create user for"
+// @Success 200 {object} CreateReadOnlyUserResponse
+// @Failure 400 {object} map[string]string
+// @Failure 401 {object} map[string]string
+// @Failure 403 {object} map[string]string
+// @Router /databases/create-readonly-user [post]
+func (c *DatabaseController) CreateReadOnlyUser(ctx *gin.Context) {
+	user, ok := users_middleware.GetUserFromContext(ctx)
+	if !ok {
+		ctx.JSON(http.StatusUnauthorized, gin.H{"error": "User not authenticated"})
+		return
+	}
+
+	var request Database
+	if err := ctx.ShouldBindJSON(&request); err != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	username, password, err := c.databaseService.CreateReadOnlyUser(user, &request)
+	if err != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	ctx.JSON(http.StatusOK, CreateReadOnlyUserResponse{
+		Username: username,
+		Password: password,
+	})
+}

backend/internal/features/databases/databases/postgresql/model.go

@@ -8,6 +8,7 @@ import (
 	"postgresus-backend/internal/util/encryption"
 	"postgresus-backend/internal/util/tools"
 	"regexp"
+	"strings"
 	"time"
 
 	"github.com/google/uuid"
@@ -18,7 +19,6 @@ type PostgresqlDatabase struct {
 	ID uuid.UUID `json:"id" gorm:"primaryKey;type:uuid;default:gen_random_uuid()"`
 
 	DatabaseID *uuid.UUID `json:"databaseId" gorm:"type:uuid;column:database_id"`
-	RestoreID  *uuid.UUID `json:"restoreId"  gorm:"type:uuid;column:restore_id"`
 
 	Version tools.PostgresqlVersion `json:"version" gorm:"type:text;not null"`
 
@@ -106,6 +106,384 @@ func (p *PostgresqlDatabase) EncryptSensitiveFields(
 	return nil
 }
 
+// IsUserReadOnly checks if the database user has read-only privileges.
+//
+// This method performs a comprehensive security check by examining:
+// - Role-level attributes (superuser, createrole, createdb)
+// - Database-level privileges (CREATE, TEMP)
+// - Table-level write permissions (INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER)
+//
+// A user is considered read-only only if they have ZERO write privileges
+// across all three levels. This ensures the database user follows the
+// principle of least privilege for backup operations.
+func (p *PostgresqlDatabase) IsUserReadOnly(
+	ctx context.Context,
+	logger *slog.Logger,
+	encryptor encryption.FieldEncryptor,
+	databaseID uuid.UUID,
+) (bool, error) {
+	password, err := decryptPasswordIfNeeded(p.Password, encryptor, databaseID)
+	if err != nil {
+		return false, fmt.Errorf("failed to decrypt password: %w", err)
+	}
+
+	connStr := buildConnectionStringForDB(p, *p.Database, password)
+
+	conn, err := pgx.Connect(ctx, connStr)
+	if err != nil {
+		return false, fmt.Errorf("failed to connect to database: %w", err)
+	}
+	defer func() {
+		if closeErr := conn.Close(ctx); closeErr != nil {
+			logger.Error("Failed to close connection", "error", closeErr)
+		}
+	}()
+
+	// LEVEL 1: Check role-level attributes
+	var isSuperuser, canCreateRole, canCreateDB bool
+	err = conn.QueryRow(ctx, `
+		SELECT
+			rolsuper,
+			rolcreaterole,
+			rolcreatedb
+		FROM pg_roles
+		WHERE rolname = current_user
+	`).Scan(&isSuperuser, &canCreateRole, &canCreateDB)
+	if err != nil {
+		return false, fmt.Errorf("failed to check role attributes: %w", err)
+	}
+
+	if isSuperuser || canCreateRole || canCreateDB {
+		return false, nil
+	}
+
+	// LEVEL 2: Check database-level privileges
+	var canCreate, canTemp bool
+	err = conn.QueryRow(ctx, `
+		SELECT
+			has_database_privilege(current_user, current_database(), 'CREATE') as can_create,
+			has_database_privilege(current_user, current_database(), 'TEMP') as can_temp
+	`).Scan(&canCreate, &canTemp)
+	if err != nil {
+		return false, fmt.Errorf("failed to check database privileges: %w", err)
+	}
+
+	if canCreate || canTemp {
+		return false, nil
+	}
+
+	// LEVEL 2.5: Check schema-level CREATE privileges
+	schemaRows, err := conn.Query(ctx, `
+		SELECT DISTINCT nspname
+		FROM pg_namespace n
+		WHERE has_schema_privilege(current_user, n.nspname, 'CREATE')
+		AND nspname NOT IN ('pg_catalog', 'information_schema', 'pg_toast')
+	`)
+	if err != nil {
+		return false, fmt.Errorf("failed to check schema privileges: %w", err)
+	}
+	defer schemaRows.Close()
+
+	// If user has CREATE privilege on any schema, they're not read-only
+	if schemaRows.Next() {
+		return false, nil
+	}
+
+	if err := schemaRows.Err(); err != nil {
+		return false, fmt.Errorf("error iterating schema privileges: %w", err)
+	}
+
+	// LEVEL 3: Check table-level write permissions
+	rows, err := conn.Query(ctx, `
+		SELECT DISTINCT privilege_type
+		FROM information_schema.role_table_grants
+		WHERE grantee = current_user
+		AND table_schema NOT IN ('pg_catalog', 'information_schema')
+	`)
+	if err != nil {
+		return false, fmt.Errorf("failed to check table privileges: %w", err)
+	}
+	defer rows.Close()
+
+	writePrivileges := map[string]bool{
+		"INSERT":     true,
+		"UPDATE":     true,
+		"DELETE":     true,
+		"TRUNCATE":   true,
+		"REFERENCES": true,
+		"TRIGGER":    true,
+	}
+
+	for rows.Next() {
+		var privilege string
+		if err := rows.Scan(&privilege); err != nil {
+			return false, fmt.Errorf("failed to scan privilege: %w", err)
+		}
+
+		if writePrivileges[privilege] {
+			return false, nil
+		}
+	}
+
+	if err := rows.Err(); err != nil {
+		return false, fmt.Errorf("error iterating privileges: %w", err)
+	}
+
+	return true, nil
+}
+
+// CreateReadOnlyUser creates a new PostgreSQL user with read-only privileges.
+//
+// This method performs the following operations atomically in a single transaction:
+// 1. Creates a PostgreSQL user with a UUID-based password
+// 2. Grants CONNECT privilege on the database
+// 3. Grants USAGE on all non-system schemas
+// 4. Grants SELECT on all existing tables and sequences
+// 5. Sets default privileges for future tables and sequences
+//
+// Security features:
+// - Username format: "postgresus-{8-char-uuid}" for uniqueness
+// - Password: Full UUID (36 characters) for strong entropy
+// - Transaction safety: All operations rollback on any failure
+// - Retry logic: Up to 3 attempts if username collision occurs
+// - Pre-validation: Checks CREATEROLE privilege before starting transaction
+func (p *PostgresqlDatabase) CreateReadOnlyUser(
+	ctx context.Context,
+	logger *slog.Logger,
+	encryptor encryption.FieldEncryptor,
+	databaseID uuid.UUID,
+) (string, string, error) {
+	password, err := decryptPasswordIfNeeded(p.Password, encryptor, databaseID)
+	if err != nil {
+		return "", "", fmt.Errorf("failed to decrypt password: %w", err)
+	}
+
+	connStr := buildConnectionStringForDB(p, *p.Database, password)
+
+	conn, err := pgx.Connect(ctx, connStr)
+	if err != nil {
+		return "", "", fmt.Errorf("failed to connect to database: %w", err)
+	}
+	defer func() {
+		if closeErr := conn.Close(ctx); closeErr != nil {
+			logger.Error("Failed to close connection", "error", closeErr)
+		}
+	}()
+
+	// Pre-validate: Check if current user can create roles
+	var canCreateRole, isSuperuser bool
+	err = conn.QueryRow(ctx, `
+		SELECT rolcreaterole, rolsuper
+		FROM pg_roles
+		WHERE rolname = current_user
+	`).Scan(&canCreateRole, &isSuperuser)
+	if err != nil {
+		return "", "", fmt.Errorf("failed to check permissions: %w", err)
+	}
+	if !canCreateRole && !isSuperuser {
+		return "", "", errors.New("current database user lacks CREATEROLE privilege")
+	}
+
+	// Retry logic for username collision
+	maxRetries := 3
+	for attempt := 0; attempt < maxRetries; attempt++ {
+		username := fmt.Sprintf("postgresus-%s", uuid.New().String()[:8])
+		newPassword := uuid.New().String()
+
+		tx, err := conn.Begin(ctx)
+		if err != nil {
+			return "", "", fmt.Errorf("failed to begin transaction: %w", err)
+		}
+
+		success := false
+		defer func() {
+			if !success {
+				if rollbackErr := tx.Rollback(ctx); rollbackErr != nil {
+					logger.Error("Failed to rollback transaction", "error", rollbackErr)
+				}
+			}
+		}()
+
+		// Step 1: Create PostgreSQL user with LOGIN privilege
+		_, err = tx.Exec(
+			ctx,
+			fmt.Sprintf(`CREATE USER "%s" WITH PASSWORD '%s' LOGIN`, username, newPassword),
+		)
+		if err != nil {
+			if err.Error() != "" && attempt < maxRetries-1 {
+				continue
+			}
+			return "", "", fmt.Errorf("failed to create user: %w", err)
+		}
+
+		// Step 1.5: Revoke CREATE privilege from PUBLIC role on public schema
+		// This is necessary because all PostgreSQL users inherit CREATE privilege on the
+		// public schema through the PUBLIC role. This is a one-time operation that affects
+		// the entire database, making it more secure by default.
+		// Note: This only affects the public schema; other schemas are unaffected.
+		_, err = tx.Exec(ctx, `REVOKE CREATE ON SCHEMA public FROM PUBLIC`)
+		if err != nil {
+			logger.Error("Failed to revoke CREATE on public from PUBLIC", "error", err)
+			if !strings.Contains(err.Error(), "schema \"public\" does not exist") &&
+				!strings.Contains(err.Error(), "permission denied") {
+				return "", "", fmt.Errorf("failed to revoke CREATE from PUBLIC: %w", err)
+			}
+		}
+
+		// Now revoke from the specific user as well (belt and suspenders)
+		_, err = tx.Exec(ctx, fmt.Sprintf(`REVOKE CREATE ON SCHEMA public FROM "%s"`, username))
+		if err != nil {
+			logger.Error(
+				"Failed to revoke CREATE on public schema from user",
+				"error",
+				err,
+				"username",
+				username,
+			)
+		}
+
+		// Step 2: Grant database connection privilege and revoke TEMP
+		_, err = tx.Exec(
+			ctx,
+			fmt.Sprintf(`GRANT CONNECT ON DATABASE %s TO "%s"`, *p.Database, username),
+		)
+		if err != nil {
+			return "", "", fmt.Errorf("failed to grant connect privilege: %w", err)
+		}
+
+		// Revoke TEMP privilege from PUBLIC role (like CREATE on public schema, TEMP is granted to PUBLIC by default)
+		_, err = tx.Exec(ctx, fmt.Sprintf(`REVOKE TEMP ON DATABASE %s FROM PUBLIC`, *p.Database))
+		if err != nil {
+			logger.Warn("Failed to revoke TEMP from PUBLIC", "error", err)
+		}
+
+		// Also revoke from the specific user (belt and suspenders)
+		_, err = tx.Exec(
+			ctx,
+			fmt.Sprintf(`REVOKE TEMP ON DATABASE %s FROM "%s"`, *p.Database, username),
+		)
+		if err != nil {
+			logger.Warn("Failed to revoke TEMP privilege", "error", err, "username", username)
+		}
+
+		// Step 3: Discover all user-created schemas
+		rows, err := tx.Query(ctx, `
+			SELECT schema_name
+			FROM information_schema.schemata
+			WHERE schema_name NOT IN ('pg_catalog', 'information_schema')
+		`)
+		if err != nil {
+			return "", "", fmt.Errorf("failed to get schemas: %w", err)
+		}
+
+		var schemas []string
+		for rows.Next() {
+			var schema string
+			if err := rows.Scan(&schema); err != nil {
+				rows.Close()
+				return "", "", fmt.Errorf("failed to scan schema: %w", err)
+			}
+			schemas = append(schemas, schema)
+		}
+		rows.Close()
+
+		if err := rows.Err(); err != nil {
+			return "", "", fmt.Errorf("error iterating schemas: %w", err)
+		}
+
+		// Step 4: Grant USAGE on each schema and explicitly prevent CREATE
+		for _, schema := range schemas {
+			// Revoke CREATE specifically (handles inheritance from PUBLIC role)
+			_, err = tx.Exec(
+				ctx,
+				fmt.Sprintf(`REVOKE CREATE ON SCHEMA "%s" FROM "%s"`, schema, username),
+			)
+			if err != nil {
+				logger.Warn(
+					"Failed to revoke CREATE on schema",
+					"error",
+					err,
+					"schema",
+					schema,
+					"username",
+					username,
+				)
+			}
+
+			// Grant only USAGE (not CREATE)
+			_, err = tx.Exec(
+				ctx,
+				fmt.Sprintf(`GRANT USAGE ON SCHEMA "%s" TO "%s"`, schema, username),
+			)
+			if err != nil {
+				return "", "", fmt.Errorf("failed to grant usage on schema %s: %w", schema, err)
+			}
+		}
+
+		// Step 5: Grant SELECT on ALL existing tables and sequences
+		grantSelectSQL := fmt.Sprintf(`
+			DO $$
+			DECLARE
+				schema_rec RECORD;
+			BEGIN
+				FOR schema_rec IN
+					SELECT schema_name
+					FROM information_schema.schemata
+					WHERE schema_name NOT IN ('pg_catalog', 'information_schema')
+				LOOP
+					EXECUTE format('GRANT SELECT ON ALL TABLES IN SCHEMA %%I TO "%s"', schema_rec.schema_name);
+					EXECUTE format('GRANT SELECT ON ALL SEQUENCES IN SCHEMA %%I TO "%s"', schema_rec.schema_name);
+				END LOOP;
+			END $$;
+		`, username, username)
+
+		_, err = tx.Exec(ctx, grantSelectSQL)
+		if err != nil {
+			return "", "", fmt.Errorf("failed to grant select on tables: %w", err)
+		}
+
+		// Step 6: Set default privileges for FUTURE tables and sequences
+		defaultPrivilegesSQL := fmt.Sprintf(`
+			DO $$
+			DECLARE
+				schema_rec RECORD;
+			BEGIN
+				FOR schema_rec IN
+					SELECT schema_name
+					FROM information_schema.schemata
+					WHERE schema_name NOT IN ('pg_catalog', 'information_schema')
+				LOOP
+					EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %%I GRANT SELECT ON TABLES TO "%s"', schema_rec.schema_name);
+					EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %%I GRANT SELECT ON SEQUENCES TO "%s"', schema_rec.schema_name);
+				END LOOP;
+			END $$;
+		`, username, username)
+
+		_, err = tx.Exec(ctx, defaultPrivilegesSQL)
+		if err != nil {
+			return "", "", fmt.Errorf("failed to set default privileges: %w", err)
+		}
+
+		// Step 7: Verify user creation before committing
+		var verifyUsername string
+		err = tx.QueryRow(ctx, fmt.Sprintf(`SELECT rolname FROM pg_roles WHERE rolname = '%s'`, username)).
+			Scan(&verifyUsername)
+		if err != nil {
+			return "", "", fmt.Errorf("failed to verify user creation: %w", err)
+		}
+
+		if err := tx.Commit(ctx); err != nil {
+			return "", "", fmt.Errorf("failed to commit transaction: %w", err)
+		}
+
+		success = true
+		logger.Info("Read-only user created successfully", "username", username)
+		return username, newPassword, nil
+	}
+
+	return "", "", errors.New("failed to generate unique username after 3 attempts")
+}
+
 // testSingleDatabaseConnection tests connection to a specific database for pg_dump
 func testSingleDatabaseConnection(
 	logger *slog.Logger,

backend/internal/features/databases/databases/postgresql/readonly_user_test.go

@@ -0,0 +1,323 @@
+package postgresql
+
+import (
+	"context"
+	"fmt"
+	"log/slog"
+	"os"
+	"strconv"
+	"strings"
+	"testing"
+
+	"github.com/google/uuid"
+	"github.com/jmoiron/sqlx"
+	_ "github.com/lib/pq"
+	"github.com/stretchr/testify/assert"
+
+	"postgresus-backend/internal/config"
+	"postgresus-backend/internal/util/tools"
+)
+
+func Test_IsUserReadOnly_AdminUser_ReturnsFalse(t *testing.T) {
+	env := config.GetEnv()
+	cases := []struct {
+		name    string
+		version string
+		port    string
+	}{
+		{"PostgreSQL 12", "12", env.TestPostgres12Port},
+		{"PostgreSQL 13", "13", env.TestPostgres13Port},
+		{"PostgreSQL 14", "14", env.TestPostgres14Port},
+		{"PostgreSQL 15", "15", env.TestPostgres15Port},
+		{"PostgreSQL 16", "16", env.TestPostgres16Port},
+		{"PostgreSQL 17", "17", env.TestPostgres17Port},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			t.Parallel()
+
+			container := connectToPostgresContainer(t, tc.port)
+			defer container.DB.Close()
+
+			pgModel := createPostgresModel(container)
+			logger := slog.New(slog.NewTextHandler(os.Stdout, nil))
+			ctx := context.Background()
+
+			isReadOnly, err := pgModel.IsUserReadOnly(ctx, logger, nil, uuid.New())
+			assert.NoError(t, err)
+			assert.False(t, isReadOnly, "Admin user should not be read-only")
+		})
+	}
+}
+
+func Test_CreateReadOnlyUser_UserCanReadButNotWrite(t *testing.T) {
+	env := config.GetEnv()
+	cases := []struct {
+		name    string
+		version string
+		port    string
+	}{
+		{"PostgreSQL 12", "12", env.TestPostgres12Port},
+		{"PostgreSQL 13", "13", env.TestPostgres13Port},
+		{"PostgreSQL 14", "14", env.TestPostgres14Port},
+		{"PostgreSQL 15", "15", env.TestPostgres15Port},
+		{"PostgreSQL 16", "16", env.TestPostgres16Port},
+		{"PostgreSQL 17", "17", env.TestPostgres17Port},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			t.Parallel()
+
+			container := connectToPostgresContainer(t, tc.port)
+			defer container.DB.Close()
+
+			_, err := container.DB.Exec(`
+			DROP TABLE IF EXISTS readonly_test CASCADE;
+			DROP TABLE IF EXISTS hack_table CASCADE;
+			DROP TABLE IF EXISTS future_table CASCADE;
+			CREATE TABLE readonly_test (
+				id SERIAL PRIMARY KEY,
+				data TEXT NOT NULL
+			);
+			INSERT INTO readonly_test (data) VALUES ('test1'), ('test2');
+		`)
+			assert.NoError(t, err)
+
+			pgModel := createPostgresModel(container)
+			logger := slog.New(slog.NewTextHandler(os.Stdout, nil))
+			ctx := context.Background()
+
+			username, password, err := pgModel.CreateReadOnlyUser(ctx, logger, nil, uuid.New())
+			assert.NoError(t, err)
+			assert.NotEmpty(t, username)
+			assert.NotEmpty(t, password)
+			assert.True(t, strings.HasPrefix(username, "postgresus-"))
+
+			readOnlyModel := &PostgresqlDatabase{
+				Version:  pgModel.Version,
+				Host:     pgModel.Host,
+				Port:     pgModel.Port,
+				Username: username,
+				Password: password,
+				Database: pgModel.Database,
+				IsHttps:  false,
+			}
+
+			isReadOnly, err := readOnlyModel.IsUserReadOnly(ctx, logger, nil, uuid.New())
+			assert.NoError(t, err)
+			assert.True(t, isReadOnly, "Created user should be read-only")
+
+			readOnlyDSN := fmt.Sprintf(
+				"host=%s port=%d user=%s password=%s dbname=%s sslmode=disable",
+				container.Host,
+				container.Port,
+				username,
+				password,
+				container.Database,
+			)
+			readOnlyConn, err := sqlx.Connect("postgres", readOnlyDSN)
+			assert.NoError(t, err)
+			defer readOnlyConn.Close()
+
+			var count int
+			err = readOnlyConn.Get(&count, "SELECT COUNT(*) FROM readonly_test")
+			assert.NoError(t, err)
+			assert.Equal(t, 2, count)
+
+			_, err = readOnlyConn.Exec("INSERT INTO readonly_test (data) VALUES ('should-fail')")
+			assert.Error(t, err)
+			assert.Contains(t, err.Error(), "permission denied")
+
+			_, err = readOnlyConn.Exec("UPDATE readonly_test SET data = 'hacked' WHERE id = 1")
+			assert.Error(t, err)
+			assert.Contains(t, err.Error(), "permission denied")
+
+			_, err = readOnlyConn.Exec("DELETE FROM readonly_test WHERE id = 1")
+			assert.Error(t, err)
+			assert.Contains(t, err.Error(), "permission denied")
+
+			_, err = readOnlyConn.Exec("CREATE TABLE hack_table (id INT)")
+			assert.Error(t, err)
+			assert.Contains(t, err.Error(), "permission denied")
+
+			// Clean up: Drop user with CASCADE to handle default privilege dependencies
+			_, err = container.DB.Exec(fmt.Sprintf(`DROP OWNED BY "%s" CASCADE`, username))
+			if err != nil {
+				t.Logf("Warning: Failed to drop owned objects: %v", err)
+			}
+
+			_, err = container.DB.Exec(fmt.Sprintf(`DROP USER IF EXISTS "%s"`, username))
+			assert.NoError(t, err)
+		})
+	}
+}
+
+func Test_ReadOnlyUser_FutureTables_HaveSelectPermission(t *testing.T) {
+	env := config.GetEnv()
+	container := connectToPostgresContainer(t, env.TestPostgres16Port)
+	defer container.DB.Close()
+
+	pgModel := createPostgresModel(container)
+	logger := slog.New(slog.NewTextHandler(os.Stdout, nil))
+	ctx := context.Background()
+
+	username, password, err := pgModel.CreateReadOnlyUser(ctx, logger, nil, uuid.New())
+	assert.NoError(t, err)
+
+	_, err = container.DB.Exec(`
+		CREATE TABLE future_table (
+			id SERIAL PRIMARY KEY,
+			data TEXT NOT NULL
+		);
+		INSERT INTO future_table (data) VALUES ('future_data');
+	`)
+	assert.NoError(t, err)
+
+	readOnlyDSN := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=disable",
+		container.Host, container.Port, username, password, container.Database)
+	readOnlyConn, err := sqlx.Connect("postgres", readOnlyDSN)
+	assert.NoError(t, err)
+	defer readOnlyConn.Close()
+
+	var data string
+	err = readOnlyConn.Get(&data, "SELECT data FROM future_table LIMIT 1")
+	assert.NoError(t, err)
+	assert.Equal(t, "future_data", data)
+
+	// Clean up: Drop user with CASCADE to handle default privilege dependencies
+	_, err = container.DB.Exec(fmt.Sprintf(`DROP OWNED BY "%s" CASCADE`, username))
+	if err != nil {
+		t.Logf("Warning: Failed to drop owned objects: %v", err)
+	}
+
+	_, err = container.DB.Exec(fmt.Sprintf(`DROP USER IF EXISTS "%s"`, username))
+	assert.NoError(t, err)
+}
+
+func Test_ReadOnlyUser_MultipleSchemas_AllAccessible(t *testing.T) {
+	env := config.GetEnv()
+	container := connectToPostgresContainer(t, env.TestPostgres16Port)
+	defer container.DB.Close()
+
+	_, err := container.DB.Exec(`
+		CREATE SCHEMA IF NOT EXISTS schema_a;
+		CREATE SCHEMA IF NOT EXISTS schema_b;
+		CREATE TABLE schema_a.table_a (id INT, data TEXT);
+		CREATE TABLE schema_b.table_b (id INT, data TEXT);
+		INSERT INTO schema_a.table_a VALUES (1, 'data_a');
+		INSERT INTO schema_b.table_b VALUES (2, 'data_b');
+	`)
+	assert.NoError(t, err)
+
+	pgModel := createPostgresModel(container)
+	logger := slog.New(slog.NewTextHandler(os.Stdout, nil))
+	ctx := context.Background()
+
+	username, password, err := pgModel.CreateReadOnlyUser(ctx, logger, nil, uuid.New())
+	assert.NoError(t, err)
+
+	readOnlyDSN := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=disable",
+		container.Host, container.Port, username, password, container.Database)
+	readOnlyConn, err := sqlx.Connect("postgres", readOnlyDSN)
+	assert.NoError(t, err)
+	defer readOnlyConn.Close()
+
+	var dataA string
+	err = readOnlyConn.Get(&dataA, "SELECT data FROM schema_a.table_a LIMIT 1")
+	assert.NoError(t, err)
+	assert.Equal(t, "data_a", dataA)
+
+	var dataB string
+	err = readOnlyConn.Get(&dataB, "SELECT data FROM schema_b.table_b LIMIT 1")
+	assert.NoError(t, err)
+	assert.Equal(t, "data_b", dataB)
+
+	// Clean up: Drop user with CASCADE to handle default privilege dependencies
+	_, err = container.DB.Exec(fmt.Sprintf(`DROP OWNED BY "%s" CASCADE`, username))
+	if err != nil {
+		t.Logf("Warning: Failed to drop owned objects: %v", err)
+	}
+
+	_, err = container.DB.Exec(fmt.Sprintf(`DROP USER IF EXISTS "%s"`, username))
+	assert.NoError(t, err)
+	_, err = container.DB.Exec(`DROP SCHEMA schema_a CASCADE; DROP SCHEMA schema_b CASCADE;`)
+	assert.NoError(t, err)
+}
+
+type PostgresContainer struct {
+	Host     string
+	Port     int
+	Username string
+	Password string
+	Database string
+	DB       *sqlx.DB
+}
+
+func connectToPostgresContainer(t *testing.T, port string) *PostgresContainer {
+	dbName := "testdb"
+	password := "testpassword"
+	username := "testuser"
+	host := "localhost"
+
+	portInt, err := strconv.Atoi(port)
+	assert.NoError(t, err)
+
+	dsn := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=disable",
+		host, portInt, username, password, dbName)
+
+	db, err := sqlx.Connect("postgres", dsn)
+	assert.NoError(t, err)
+
+	var versionStr string
+	err = db.Get(&versionStr, "SELECT version()")
+	assert.NoError(t, err)
+
+	return &PostgresContainer{
+		Host:     host,
+		Port:     portInt,
+		Username: username,
+		Password: password,
+		Database: dbName,
+		DB:       db,
+	}
+}
+
+func createPostgresModel(container *PostgresContainer) *PostgresqlDatabase {
+	var versionStr string
+	err := container.DB.Get(&versionStr, "SELECT version()")
+	if err != nil {
+		return nil
+	}
+
+	version := extractPostgresVersion(versionStr)
+
+	return &PostgresqlDatabase{
+		Version:  version,
+		Host:     container.Host,
+		Port:     container.Port,
+		Username: container.Username,
+		Password: container.Password,
+		Database: &container.Database,
+		IsHttps:  false,
+	}
+}
+
+func extractPostgresVersion(versionStr string) tools.PostgresqlVersion {
+	if strings.Contains(versionStr, "PostgreSQL 12") {
+		return tools.GetPostgresqlVersionEnum("12")
+	} else if strings.Contains(versionStr, "PostgreSQL 13") {
+		return tools.GetPostgresqlVersionEnum("13")
+	} else if strings.Contains(versionStr, "PostgreSQL 14") {
+		return tools.GetPostgresqlVersionEnum("14")
+	} else if strings.Contains(versionStr, "PostgreSQL 15") {
+		return tools.GetPostgresqlVersionEnum("15")
+	} else if strings.Contains(versionStr, "PostgreSQL 16") {
+		return tools.GetPostgresqlVersionEnum("16")
+	} else if strings.Contains(versionStr, "PostgreSQL 17") {
+		return tools.GetPostgresqlVersionEnum("17")
+	}
+
+	return tools.GetPostgresqlVersionEnum("16")
+}

backend/internal/features/databases/dto.go

@@ -0,0 +1,10 @@
+package databases
+
+type CreateReadOnlyUserResponse struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
+type IsReadOnlyResponse struct {
+	IsReadOnly bool `json:"isReadOnly"`
+}

backend/internal/features/databases/service.go

@@ -1,6 +1,7 @@
 package databases
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"log/slog"
@@ -456,3 +457,148 @@ func (s *DatabaseService) OnBeforeWorkspaceDeletion(workspaceID uuid.UUID) error
 
 	return nil
 }
+
+func (s *DatabaseService) IsUserReadOnly(
+	user *users_models.User,
+	database *Database,
+) (bool, error) {
+	var usingDatabase *Database
+
+	if database.ID != uuid.Nil {
+		existingDatabase, err := s.dbRepository.FindByID(database.ID)
+		if err != nil {
+			return false, err
+		}
+
+		if existingDatabase.WorkspaceID == nil {
+			return false, errors.New("cannot check user for database without workspace")
+		}
+
+		canAccess, _, err := s.workspaceService.CanUserAccessWorkspace(
+			*existingDatabase.WorkspaceID,
+			user,
+		)
+		if err != nil {
+			return false, err
+		}
+		if !canAccess {
+			return false, errors.New("insufficient permissions to access this database")
+		}
+
+		if database.WorkspaceID != nil && *existingDatabase.WorkspaceID != *database.WorkspaceID {
+			return false, errors.New("database does not belong to this workspace")
+		}
+
+		existingDatabase.Update(database)
+
+		if err := existingDatabase.Validate(); err != nil {
+			return false, err
+		}
+
+		usingDatabase = existingDatabase
+	} else {
+		if database.WorkspaceID != nil {
+			canAccess, _, err := s.workspaceService.CanUserAccessWorkspace(*database.WorkspaceID, user)
+			if err != nil {
+				return false, err
+			}
+			if !canAccess {
+				return false, errors.New("insufficient permissions to access this workspace")
+			}
+		}
+
+		usingDatabase = database
+	}
+
+	if usingDatabase.Type != DatabaseTypePostgres {
+		return false, errors.New("read-only check only supported for PostgreSQL databases")
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
+	defer cancel()
+
+	return usingDatabase.Postgresql.IsUserReadOnly(
+		ctx,
+		s.logger,
+		s.fieldEncryptor,
+		usingDatabase.ID,
+	)
+}
+
+func (s *DatabaseService) CreateReadOnlyUser(
+	user *users_models.User,
+	database *Database,
+) (string, string, error) {
+	var usingDatabase *Database
+
+	if database.ID != uuid.Nil {
+		existingDatabase, err := s.dbRepository.FindByID(database.ID)
+		if err != nil {
+			return "", "", err
+		}
+
+		if existingDatabase.WorkspaceID == nil {
+			return "", "", errors.New("cannot create user for database without workspace")
+		}
+
+		canManage, err := s.workspaceService.CanUserManageDBs(*existingDatabase.WorkspaceID, user)
+		if err != nil {
+			return "", "", err
+		}
+		if !canManage {
+			return "", "", errors.New("insufficient permissions to manage this database")
+		}
+
+		if database.WorkspaceID != nil && *existingDatabase.WorkspaceID != *database.WorkspaceID {
+			return "", "", errors.New("database does not belong to this workspace")
+		}
+
+		existingDatabase.Update(database)
+
+		if err := existingDatabase.Validate(); err != nil {
+			return "", "", err
+		}
+
+		usingDatabase = existingDatabase
+	} else {
+		if database.WorkspaceID != nil {
+			canManage, err := s.workspaceService.CanUserManageDBs(*database.WorkspaceID, user)
+			if err != nil {
+				return "", "", err
+			}
+			if !canManage {
+				return "", "", errors.New("insufficient permissions to manage this workspace")
+			}
+		}
+
+		usingDatabase = database
+	}
+
+	if usingDatabase.Type != DatabaseTypePostgres {
+		return "", "", errors.New("read-only user creation only supported for PostgreSQL")
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+	defer cancel()
+
+	username, password, err := usingDatabase.Postgresql.CreateReadOnlyUser(
+		ctx, s.logger, s.fieldEncryptor, usingDatabase.ID,
+	)
+	if err != nil {
+		return "", "", err
+	}
+
+	if usingDatabase.WorkspaceID != nil {
+		s.auditLogService.WriteAuditLog(
+			fmt.Sprintf(
+				"Read-only user created for database: %s (username: %s)",
+				usingDatabase.Name,
+				username,
+			),
+			&user.ID,
+			usingDatabase.WorkspaceID,
+		)
+	}
+
+	return username, password, nil
+}

backend/internal/features/encryption/secrets/di.go

@@ -0,0 +1,9 @@
+package secrets
+
+var secretKeyService = &SecretKeyService{
+	nil,
+}
+
+func GetSecretKeyService() *SecretKeyService {
+	return secretKeyService
+}

backend/internal/features/encryption/secrets/model.go

@@ -0,0 +1 @@
+package secrets

backend/internal/features/encryption/secrets/service.go

@@ -0,0 +1,73 @@
+package secrets
+
+import (
+	"errors"
+	"fmt"
+	"os"
+
+	"postgresus-backend/internal/config"
+	user_models "postgresus-backend/internal/features/users/models"
+	"postgresus-backend/internal/storage"
+
+	"github.com/google/uuid"
+	"gorm.io/gorm"
+)
+
+type SecretKeyService struct {
+	cachedKey *string
+}
+
+func (s *SecretKeyService) MigrateKeyFromDbToFileIfExist() error {
+	var secretKey user_models.SecretKey
+
+	err := storage.GetDb().First(&secretKey).Error
+	if err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return nil
+		}
+		return fmt.Errorf("failed to check for secret key in database: %w", err)
+	}
+
+	if secretKey.Secret == "" {
+		return nil
+	}
+
+	secretKeyPath := config.GetEnv().SecretKeyPath
+	if err := os.WriteFile(secretKeyPath, []byte(secretKey.Secret), 0600); err != nil {
+		return fmt.Errorf("failed to write secret key to file: %w", err)
+	}
+
+	if err := storage.GetDb().Exec("DELETE FROM secret_keys").Error; err != nil {
+		return fmt.Errorf("failed to delete secret key from database: %w", err)
+	}
+
+	return nil
+}
+
+func (s *SecretKeyService) GetSecretKey() (string, error) {
+	if s.cachedKey != nil {
+		return *s.cachedKey, nil
+	}
+
+	secretKeyPath := config.GetEnv().SecretKeyPath
+	data, err := os.ReadFile(secretKeyPath)
+	if err != nil {
+		if os.IsNotExist(err) {
+			newKey := s.generateNewSecretKey()
+			if err := os.WriteFile(secretKeyPath, []byte(newKey), 0600); err != nil {
+				return "", fmt.Errorf("failed to write new secret key: %w", err)
+			}
+			s.cachedKey = &newKey
+			return newKey, nil
+		}
+		return "", fmt.Errorf("failed to read secret key file: %w", err)
+	}
+
+	key := string(data)
+	s.cachedKey = &key
+	return key, nil
+}
+
+func (s *SecretKeyService) generateNewSecretKey() string {
+	return uuid.New().String() + uuid.New().String()
+}

backend/internal/features/notifiers/models/slack/model.go

@@ -70,6 +70,7 @@ func (s *SlackNotifier) Send(
 		maxAttempts       = 5
 		defaultBackoff    = 2 * time.Second // when Retry-After header missing
 		backoffMultiplier = 1.5             // use exponential growth
+		requestTimeout    = 30 * time.Second
 	)
 
 	var (
@@ -77,6 +78,10 @@ func (s *SlackNotifier) Send(
 		attempts = 0
 	)
 
+	client := &http.Client{
+		Timeout: requestTimeout,
+	}
+
 	for {
 		attempts++
 
@@ -92,7 +97,7 @@ func (s *SlackNotifier) Send(
 		req.Header.Set("Content-Type", "application/json; charset=utf-8")
 		req.Header.Set("Authorization", "Bearer "+botToken)
 
-		resp, err := http.DefaultClient.Do(req)
+		resp, err := client.Do(req)
 		if err != nil {
 			return fmt.Errorf("send slack message: %w", err)
 		}

backend/internal/features/restores/models/model.go

@@ -2,7 +2,6 @@ package models
 
 import (
 	"postgresus-backend/internal/features/backups/backups"
-	"postgresus-backend/internal/features/databases/databases/postgresql"
 	"postgresus-backend/internal/features/restores/enums"
 	"time"
 
@@ -16,8 +15,6 @@ type Restore struct {
 	BackupID uuid.UUID `json:"backupId" gorm:"column:backup_id;type:uuid;not null"`
 	Backup   *backups.Backup
 
-	Postgresql *postgresql.PostgresqlDatabase `json:"postgresql,omitempty" gorm:"foreignKey:RestoreID"`
-
 	FailMessage *string `json:"failMessage" gorm:"column:fail_message"`
 
 	RestoreDurationMs int64     `json:"restoreDurationMs" gorm:"column:restore_duration_ms;default:0"`

backend/internal/features/restores/repository.go

@@ -32,7 +32,6 @@ func (r *RestoreRepository) FindByBackupID(backupID uuid.UUID) ([]*models.Restor
 	if err := storage.
 		GetDb().
 		Preload("Backup").
-		Preload("Postgresql").
 		Where("backup_id = ?", backupID).
 		Order("created_at DESC").
 		Find(&restores).Error; err != nil {
@@ -48,7 +47,6 @@ func (r *RestoreRepository) FindByID(id uuid.UUID) (*models.Restore, error) {
 	if err := storage.
 		GetDb().
 		Preload("Backup").
-		Preload("Postgresql").
 		Where("id = ?", id).
 		First(&restore).Error; err != nil {
 		return nil, err
@@ -63,7 +61,6 @@ func (r *RestoreRepository) FindByStatus(status enums.RestoreStatus) ([]*models.
 	if err := storage.
 		GetDb().
 		Preload("Backup").
-		Preload("Postgresql").
 		Where("status = ?", status).
 		Order("created_at DESC").
 		Find(&restores).Error; err != nil {

backend/internal/features/restores/service.go

@@ -191,15 +191,9 @@ func (s *RestoreService) RestoreBackup(
 		return err
 	}
 
-	// Set the RestoreID on the PostgreSQL database and save it
-	if requestDTO.PostgresqlDatabase != nil {
-		requestDTO.PostgresqlDatabase.RestoreID = &restore.ID
-		restore.Postgresql = requestDTO.PostgresqlDatabase
-
-		// Save the restore again to include the postgresql database
-		if err := s.restoreRepository.Save(&restore); err != nil {
-			return err
-		}
+	// Save the restore again to include the postgresql database
+	if err := s.restoreRepository.Save(&restore); err != nil {
+		return err
 	}
 
 	storage, err := s.storageService.GetStorageByID(backup.StorageID)
@@ -216,10 +210,15 @@ func (s *RestoreService) RestoreBackup(
 
 	start := time.Now().UTC()
 
+	restoringToDB := &databases.Database{
+		Postgresql: requestDTO.PostgresqlDatabase,
+	}
+
 	err = s.restoreBackupUsecase.Execute(
 		backupConfig,
 		restore,
 		database,
+		restoringToDB,
 		backup,
 		storage,
 	)

backend/internal/features/restores/usecases/postgresql/di.go

@@ -1,13 +1,13 @@
 package usecases_postgresql
 
 import (
-	users_repositories "postgresus-backend/internal/features/users/repositories"
+	"postgresus-backend/internal/features/encryption/secrets"
 	"postgresus-backend/internal/util/logger"
 )
 
 var restorePostgresqlBackupUsecase = &RestorePostgresqlBackupUsecase{
 	logger.GetLogger(),
-	users_repositories.GetSecretKeyRepository(),
+	secrets.GetSecretKeyService(),
 }
 
 func GetRestorePostgresqlBackupUsecase() *RestorePostgresqlBackupUsecase {

backend/internal/features/restores/usecases/postgresql/restore_backup_uc.go

@@ -20,9 +20,9 @@ import (
 	backups_config "postgresus-backend/internal/features/backups/config"
 	"postgresus-backend/internal/features/databases"
 	pgtypes "postgresus-backend/internal/features/databases/databases/postgresql"
+	encryption_secrets "postgresus-backend/internal/features/encryption/secrets"
 	"postgresus-backend/internal/features/restores/models"
 	"postgresus-backend/internal/features/storages"
-	users_repositories "postgresus-backend/internal/features/users/repositories"
 	util_encryption "postgresus-backend/internal/util/encryption"
 	files_utils "postgresus-backend/internal/util/files"
 	"postgresus-backend/internal/util/tools"
@@ -31,18 +31,19 @@ import (
 )
 
 type RestorePostgresqlBackupUsecase struct {
-	logger        *slog.Logger
-	secretKeyRepo *users_repositories.SecretKeyRepository
+	logger           *slog.Logger
+	secretKeyService *encryption_secrets.SecretKeyService
 }
 
 func (uc *RestorePostgresqlBackupUsecase) Execute(
-	database *databases.Database,
+	originalDB *databases.Database,
+	restoringToDB *databases.Database,
 	backupConfig *backups_config.BackupConfig,
 	restore models.Restore,
 	backup *backups.Backup,
 	storage *storages.Storage,
 ) error {
-	if database.Type != databases.DatabaseTypePostgres {
+	if originalDB.Type != databases.DatabaseTypePostgres {
 		return errors.New("database type not supported")
 	}
 
@@ -54,7 +55,7 @@ func (uc *RestorePostgresqlBackupUsecase) Execute(
 		backup.ID,
 	)
 
-	pg := restore.Postgresql
+	pg := restoringToDB.Postgresql
 	if pg == nil {
 		return fmt.Errorf("postgresql configuration is required for restore")
 	}
@@ -78,11 +79,12 @@ func (uc *RestorePostgresqlBackupUsecase) Execute(
 		"--verbose",   // Add verbose output to help with debugging
 		"--clean",     // Clean (drop) database objects before recreating them
 		"--if-exists", // Use IF EXISTS when dropping objects
-		"--no-owner",
+		"--no-owner",  // Skip restoring ownership
+		"--no-acl",    // Skip restoring access privileges (GRANT/REVOKE commands)
 	}
 
 	return uc.restoreFromStorage(
-		database,
+		originalDB,
 		tools.GetPostgresqlExecutable(
 			pg.Version,
 			"pg_restore",
@@ -232,7 +234,7 @@ func (uc *RestorePostgresqlBackupUsecase) downloadBackupToTempFile(
 		}
 
 		// Get master key
-		masterKey, err := uc.secretKeyRepo.GetSecretKey()
+		masterKey, err := uc.secretKeyService.GetSecretKey()
 		if err != nil {
 			cleanupFunc()
 			return "", nil, fmt.Errorf("failed to get master key for decryption: %w", err)

backend/internal/features/restores/usecases/restore_backup_uc.go

@@ -17,13 +17,15 @@ type RestoreBackupUsecase struct {
 func (uc *RestoreBackupUsecase) Execute(
 	backupConfig *backups_config.BackupConfig,
 	restore models.Restore,
-	database *databases.Database,
+	originalDB *databases.Database,
+	restoringToDB *databases.Database,
 	backup *backups.Backup,
 	storage *storages.Storage,
 ) error {
-	if database.Type == databases.DatabaseTypePostgres {
+	if originalDB.Type == databases.DatabaseTypePostgres {
 		return uc.restorePostgresqlBackupUsecase.Execute(
-			database,
+			originalDB,
+			restoringToDB,
 			backupConfig,
 			restore,
 			backup,

backend/internal/features/tests/postgresql_backup_restore_test.go

@@ -1,31 +1,36 @@
 package tests
 
 import (
-	"context"
+	"encoding/json"
 	"fmt"
+	"net/http"
 	"os"
 	"path/filepath"
-	"postgresus-backend/internal/config"
-	"postgresus-backend/internal/features/backups/backups"
-	usecases_postgresql_backup "postgresus-backend/internal/features/backups/backups/usecases/postgresql"
-	backups_config "postgresus-backend/internal/features/backups/config"
-	"postgresus-backend/internal/features/databases"
-	pgtypes "postgresus-backend/internal/features/databases/databases/postgresql"
-	"postgresus-backend/internal/features/intervals"
-	"postgresus-backend/internal/features/restores/models"
-	usecases_postgresql_restore "postgresus-backend/internal/features/restores/usecases/postgresql"
-	"postgresus-backend/internal/features/storages"
-	local_storage "postgresus-backend/internal/features/storages/models/local"
-	"postgresus-backend/internal/util/period"
-	"postgresus-backend/internal/util/tools"
 	"strconv"
 	"testing"
 	"time"
 
+	"github.com/gin-gonic/gin"
 	"github.com/google/uuid"
 	"github.com/jmoiron/sqlx"
 	_ "github.com/lib/pq"
 	"github.com/stretchr/testify/assert"
+
+	"postgresus-backend/internal/config"
+	"postgresus-backend/internal/features/backups/backups"
+	backups_config "postgresus-backend/internal/features/backups/config"
+	"postgresus-backend/internal/features/databases"
+	pgtypes "postgresus-backend/internal/features/databases/databases/postgresql"
+	"postgresus-backend/internal/features/restores"
+	restores_enums "postgresus-backend/internal/features/restores/enums"
+	restores_models "postgresus-backend/internal/features/restores/models"
+	"postgresus-backend/internal/features/storages"
+	users_enums "postgresus-backend/internal/features/users/enums"
+	users_testing "postgresus-backend/internal/features/users/testing"
+	workspaces_controllers "postgresus-backend/internal/features/workspaces/controllers"
+	workspaces_testing "postgresus-backend/internal/features/workspaces/testing"
+	test_utils "postgresus-backend/internal/util/testing"
+	"postgresus-backend/internal/util/tools"
 )
 
 const createAndFillTableQuery = `
@@ -61,7 +66,6 @@ type TestDataItem struct {
 	CreatedAt time.Time `db:"created_at"`
 }
 
-// Main test functions for each PostgreSQL version
 func Test_BackupAndRestorePostgresql_RestoreIsSuccesful(t *testing.T) {
 	env := config.GetEnv()
 	cases := []struct {
@@ -110,143 +114,7 @@ func Test_BackupAndRestorePostgresqlWithEncryption_RestoreIsSuccessful(t *testin
 	}
 }
 
-func testBackupRestoreWithEncryptionForVersion(t *testing.T, pgVersion string, port string) {
-	// Connect to pre-configured PostgreSQL container
-	container, err := connectToPostgresContainer(pgVersion, port)
-	assert.NoError(t, err)
-	defer func() {
-		if container.DB != nil {
-			container.DB.Close()
-		}
-	}()
-
-	_, err = container.DB.Exec(createAndFillTableQuery)
-	assert.NoError(t, err)
-
-	// Prepare data for backup
-	backupID := uuid.New()
-	pgVersionEnum := tools.GetPostgresqlVersionEnum(pgVersion)
-
-	backupDb := &databases.Database{
-		ID:   uuid.New(),
-		Type: databases.DatabaseTypePostgres,
-		Name: "Test Database",
-		Postgresql: &pgtypes.PostgresqlDatabase{
-			Version:  pgVersionEnum,
-			Host:     container.Host,
-			Port:     container.Port,
-			Username: container.Username,
-			Password: container.Password,
-			Database: &container.Database,
-			IsHttps:  false,
-		},
-	}
-
-	storageID := uuid.New()
-	backupConfig := &backups_config.BackupConfig{
-		DatabaseID:       backupDb.ID,
-		IsBackupsEnabled: true,
-		StorePeriod:      period.PeriodDay,
-		BackupInterval:   &intervals.Interval{Interval: intervals.IntervalDaily},
-		StorageID:        &storageID,
-		CpuCount:         1,
-		Encryption:       backups_config.BackupEncryptionEncrypted,
-	}
-
-	storage := &storages.Storage{
-		WorkspaceID:  uuid.New(),
-		Type:         storages.StorageTypeLocal,
-		Name:         "Test Storage",
-		LocalStorage: &local_storage.LocalStorage{},
-	}
-
-	// Make backup
-	progressTracker := func(completedMBs float64) {}
-	metadata, err := usecases_postgresql_backup.GetCreatePostgresqlBackupUsecase().Execute(
-		context.Background(),
-		backupID,
-		backupConfig,
-		backupDb,
-		storage,
-		progressTracker,
-	)
-	assert.NoError(t, err)
-	assert.NotNil(t, metadata)
-
-	// Verify encryption metadata is set
-	assert.Equal(t, backups_config.BackupEncryptionEncrypted, metadata.Encryption)
-	assert.NotNil(t, metadata.EncryptionSalt)
-	assert.NotNil(t, metadata.EncryptionIV)
-
-	// Create new database
-	newDBName := "restoreddb_encrypted"
-	_, err = container.DB.Exec(fmt.Sprintf("DROP DATABASE IF EXISTS %s;", newDBName))
-	assert.NoError(t, err)
-
-	_, err = container.DB.Exec(fmt.Sprintf("CREATE DATABASE %s;", newDBName))
-	assert.NoError(t, err)
-
-	// Connect to the new database
-	newDSN := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=disable",
-		container.Host, container.Port, container.Username, container.Password, newDBName)
-	newDB, err := sqlx.Connect("postgres", newDSN)
-	assert.NoError(t, err)
-	defer newDB.Close()
-
-	// Setup data for restore with encryption metadata
-	completedBackup := &backups.Backup{
-		ID:             backupID,
-		DatabaseID:     backupDb.ID,
-		StorageID:      storage.ID,
-		Status:         backups.BackupStatusCompleted,
-		CreatedAt:      time.Now().UTC(),
-		EncryptionSalt: metadata.EncryptionSalt,
-		EncryptionIV:   metadata.EncryptionIV,
-		Encryption:     metadata.Encryption,
-	}
-
-	restoreID := uuid.New()
-	restore := models.Restore{
-		ID:     restoreID,
-		Backup: completedBackup,
-		Postgresql: &pgtypes.PostgresqlDatabase{
-			Version:  pgVersionEnum,
-			Host:     container.Host,
-			Port:     container.Port,
-			Username: container.Username,
-			Password: container.Password,
-			Database: &newDBName,
-			IsHttps:  false,
-		},
-	}
-
-	// Restore the encrypted backup
-	restoreBackupUC := usecases_postgresql_restore.GetRestorePostgresqlBackupUsecase()
-	err = restoreBackupUC.Execute(backupDb, backupConfig, restore, completedBackup, storage)
-	assert.NoError(t, err)
-
-	// Verify restored table exists
-	var tableExists bool
-	err = newDB.Get(
-		&tableExists,
-		"SELECT EXISTS (SELECT FROM information_schema.tables WHERE table_name = 'test_data')",
-	)
-	assert.NoError(t, err)
-	assert.True(t, tableExists, "Table 'test_data' should exist in restored database")
-
-	// Verify data integrity
-	verifyDataIntegrity(t, container.DB, newDB)
-
-	// Clean up the backup file after the test
-	err = os.Remove(filepath.Join(config.GetEnv().DataFolder, backupID.String()))
-	if err != nil {
-		t.Logf("Warning: Failed to delete backup file: %v", err)
-	}
-}
-
-// Run a test for a specific PostgreSQL version
 func testBackupRestoreForVersion(t *testing.T, pgVersion string, port string) {
-	// Connect to pre-configured PostgreSQL container
 	container, err := connectToPostgresContainer(pgVersion, port)
 	assert.NoError(t, err)
 	defer func() {
@@ -258,55 +126,30 @@ func testBackupRestoreForVersion(t *testing.T, pgVersion string, port string) {
 	_, err = container.DB.Exec(createAndFillTableQuery)
 	assert.NoError(t, err)
 
-	// Prepare data for backup
-	backupID := uuid.New()
+	router := createTestRouter()
+	user := users_testing.CreateTestUser(users_enums.UserRoleMember)
+	workspace := workspaces_testing.CreateTestWorkspace("Test Workspace", user, router)
+
+	storage := storages.CreateTestStorage(workspace.ID)
+
 	pgVersionEnum := tools.GetPostgresqlVersionEnum(pgVersion)
-
-	backupDb := &databases.Database{
-		ID:   uuid.New(),
-		Type: databases.DatabaseTypePostgres,
-		Name: "Test Database",
-		Postgresql: &pgtypes.PostgresqlDatabase{
-			Version:  pgVersionEnum,
-			Host:     container.Host,
-			Port:     container.Port,
-			Username: container.Username,
-			Password: container.Password,
-			Database: &container.Database,
-			IsHttps:  false,
-		},
-	}
-
-	storageID := uuid.New()
-	backupConfig := &backups_config.BackupConfig{
-		DatabaseID:       backupDb.ID,
-		IsBackupsEnabled: true,
-		StorePeriod:      period.PeriodDay,
-		BackupInterval:   &intervals.Interval{Interval: intervals.IntervalDaily},
-		StorageID:        &storageID,
-		CpuCount:         1,
-	}
-
-	storage := &storages.Storage{
-		WorkspaceID:  uuid.New(),
-		Type:         storages.StorageTypeLocal,
-		Name:         "Test Storage",
-		LocalStorage: &local_storage.LocalStorage{},
-	}
-
-	// Make backup
-	progressTracker := func(completedMBs float64) {}
-	_, err = usecases_postgresql_backup.GetCreatePostgresqlBackupUsecase().Execute(
-		context.Background(),
-		backupID,
-		backupConfig,
-		backupDb,
-		storage,
-		progressTracker,
+	database := createDatabaseViaAPI(
+		t, router, "Test Database", workspace.ID,
+		pgVersionEnum, container.Host, container.Port,
+		container.Username, container.Password, container.Database,
+		user.Token,
 	)
-	assert.NoError(t, err)
 
-	// Create new database
+	enableBackupsViaAPI(
+		t, router, database.ID, storage.ID,
+		backups_config.BackupEncryptionNone, user.Token,
+	)
+
+	createBackupViaAPI(t, router, database.ID, user.Token)
+
+	backup := waitForBackupCompletion(t, router, database.ID, user.Token, 5*time.Minute)
+	assert.Equal(t, backups.BackupStatusCompleted, backup.Status)
+
 	newDBName := "restoreddb"
 	_, err = container.DB.Exec(fmt.Sprintf("DROP DATABASE IF EXISTS %s;", newDBName))
 	assert.NoError(t, err)
@@ -314,43 +157,22 @@ func testBackupRestoreForVersion(t *testing.T, pgVersion string, port string) {
 	_, err = container.DB.Exec(fmt.Sprintf("CREATE DATABASE %s;", newDBName))
 	assert.NoError(t, err)
 
-	// Connect to the new database
 	newDSN := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=disable",
 		container.Host, container.Port, container.Username, container.Password, newDBName)
 	newDB, err := sqlx.Connect("postgres", newDSN)
 	assert.NoError(t, err)
 	defer newDB.Close()
 
-	// Setup data for restore
-	completedBackup := &backups.Backup{
-		ID:         backupID,
-		DatabaseID: backupDb.ID,
-		StorageID:  storage.ID,
-		Status:     backups.BackupStatusCompleted,
-		CreatedAt:  time.Now().UTC(),
-	}
+	createRestoreViaAPI(
+		t, router, backup.ID, pgVersionEnum,
+		container.Host, container.Port,
+		container.Username, container.Password, newDBName,
+		user.Token,
+	)
 
-	restoreID := uuid.New()
-	restore := models.Restore{
-		ID:     restoreID,
-		Backup: completedBackup,
-		Postgresql: &pgtypes.PostgresqlDatabase{
-			Version:  pgVersionEnum,
-			Host:     container.Host,
-			Port:     container.Port,
-			Username: container.Username,
-			Password: container.Password,
-			Database: &newDBName,
-			IsHttps:  false,
-		},
-	}
+	restore := waitForRestoreCompletion(t, router, backup.ID, user.Token, 5*time.Minute)
+	assert.Equal(t, restores_enums.RestoreStatusCompleted, restore.Status)
 
-	// Restore the backup
-	restoreBackupUC := usecases_postgresql_restore.GetRestorePostgresqlBackupUsecase()
-	err = restoreBackupUC.Execute(backupDb, backupConfig, restore, completedBackup, storage)
-	assert.NoError(t, err)
-
-	// Verify restored table exists
 	var tableExists bool
 	err = newDB.Get(
 		&tableExists,
@@ -359,17 +181,329 @@ func testBackupRestoreForVersion(t *testing.T, pgVersion string, port string) {
 	assert.NoError(t, err)
 	assert.True(t, tableExists, "Table 'test_data' should exist in restored database")
 
-	// Verify data integrity
 	verifyDataIntegrity(t, container.DB, newDB)
 
-	// Clean up the backup file after the test
-	err = os.Remove(filepath.Join(config.GetEnv().DataFolder, backupID.String()))
+	err = os.Remove(filepath.Join(config.GetEnv().DataFolder, backup.ID.String()))
 	if err != nil {
 		t.Logf("Warning: Failed to delete backup file: %v", err)
 	}
+
+	test_utils.MakeDeleteRequest(
+		t,
+		router,
+		"/api/v1/databases/"+database.ID.String(),
+		"Bearer "+user.Token,
+		http.StatusNoContent,
+	)
+	storages.RemoveTestStorage(storage.ID)
+	workspaces_testing.RemoveTestWorkspace(workspace, router)
+}
+
+func testBackupRestoreWithEncryptionForVersion(t *testing.T, pgVersion string, port string) {
+	container, err := connectToPostgresContainer(pgVersion, port)
+	assert.NoError(t, err)
+	defer func() {
+		if container.DB != nil {
+			container.DB.Close()
+		}
+	}()
+
+	_, err = container.DB.Exec(createAndFillTableQuery)
+	assert.NoError(t, err)
+
+	router := createTestRouter()
+	user := users_testing.CreateTestUser(users_enums.UserRoleMember)
+	workspace := workspaces_testing.CreateTestWorkspace("Test Workspace", user, router)
+
+	storage := storages.CreateTestStorage(workspace.ID)
+
+	pgVersionEnum := tools.GetPostgresqlVersionEnum(pgVersion)
+	database := createDatabaseViaAPI(
+		t, router, "Test Database", workspace.ID,
+		pgVersionEnum, container.Host, container.Port,
+		container.Username, container.Password, container.Database,
+		user.Token,
+	)
+
+	enableBackupsViaAPI(
+		t, router, database.ID, storage.ID,
+		backups_config.BackupEncryptionEncrypted, user.Token,
+	)
+
+	createBackupViaAPI(t, router, database.ID, user.Token)
+
+	backup := waitForBackupCompletion(t, router, database.ID, user.Token, 5*time.Minute)
+	assert.Equal(t, backups.BackupStatusCompleted, backup.Status)
+	assert.Equal(t, backups_config.BackupEncryptionEncrypted, backup.Encryption)
+
+	newDBName := "restoreddb_encrypted"
+	_, err = container.DB.Exec(fmt.Sprintf("DROP DATABASE IF EXISTS %s;", newDBName))
+	assert.NoError(t, err)
+
+	_, err = container.DB.Exec(fmt.Sprintf("CREATE DATABASE %s;", newDBName))
+	assert.NoError(t, err)
+
+	newDSN := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=disable",
+		container.Host, container.Port, container.Username, container.Password, newDBName)
+	newDB, err := sqlx.Connect("postgres", newDSN)
+	assert.NoError(t, err)
+	defer newDB.Close()
+
+	createRestoreViaAPI(
+		t, router, backup.ID, pgVersionEnum,
+		container.Host, container.Port,
+		container.Username, container.Password, newDBName,
+		user.Token,
+	)
+
+	restore := waitForRestoreCompletion(t, router, backup.ID, user.Token, 5*time.Minute)
+	assert.Equal(t, restores_enums.RestoreStatusCompleted, restore.Status)
+
+	var tableExists bool
+	err = newDB.Get(
+		&tableExists,
+		"SELECT EXISTS (SELECT FROM information_schema.tables WHERE table_name = 'test_data')",
+	)
+	assert.NoError(t, err)
+	assert.True(t, tableExists, "Table 'test_data' should exist in restored database")
+
+	verifyDataIntegrity(t, container.DB, newDB)
+
+	err = os.Remove(filepath.Join(config.GetEnv().DataFolder, backup.ID.String()))
+	if err != nil {
+		t.Logf("Warning: Failed to delete backup file: %v", err)
+	}
+
+	test_utils.MakeDeleteRequest(
+		t,
+		router,
+		"/api/v1/databases/"+database.ID.String(),
+		"Bearer "+user.Token,
+		http.StatusNoContent,
+	)
+	storages.RemoveTestStorage(storage.ID)
+	workspaces_testing.RemoveTestWorkspace(workspace, router)
+}
+
+func createTestRouter() *gin.Engine {
+	router := workspaces_testing.CreateTestRouter(
+		workspaces_controllers.GetWorkspaceController(),
+		workspaces_controllers.GetMembershipController(),
+		databases.GetDatabaseController(),
+		backups_config.GetBackupConfigController(),
+		backups.GetBackupController(),
+		restores.GetRestoreController(),
+	)
+	return router
+}
+
+func waitForBackupCompletion(
+	t *testing.T,
+	router *gin.Engine,
+	databaseID uuid.UUID,
+	token string,
+	timeout time.Duration,
+) *backups.Backup {
+	startTime := time.Now()
+	pollInterval := 500 * time.Millisecond
+
+	for {
+		if time.Since(startTime) > timeout {
+			t.Fatalf("Timeout waiting for backup completion after %v", timeout)
+		}
+
+		var response backups.GetBackupsResponse
+		test_utils.MakeGetRequestAndUnmarshal(
+			t,
+			router,
+			fmt.Sprintf("/api/v1/backups?database_id=%s&limit=1", databaseID.String()),
+			"Bearer "+token,
+			http.StatusOK,
+			&response,
+		)
+
+		if len(response.Backups) > 0 {
+			backup := response.Backups[0]
+			if backup.Status == backups.BackupStatusCompleted {
+				return backup
+			}
+			if backup.Status == backups.BackupStatusFailed {
+				t.Fatalf("Backup failed: %v", backup.FailMessage)
+			}
+		}
+
+		time.Sleep(pollInterval)
+	}
+}
+
+func waitForRestoreCompletion(
+	t *testing.T,
+	router *gin.Engine,
+	backupID uuid.UUID,
+	token string,
+	timeout time.Duration,
+) *restores_models.Restore {
+	startTime := time.Now()
+	pollInterval := 500 * time.Millisecond
+
+	for {
+		if time.Since(startTime) > timeout {
+			t.Fatalf("Timeout waiting for restore completion after %v", timeout)
+		}
+
+		var restores []*restores_models.Restore
+		test_utils.MakeGetRequestAndUnmarshal(
+			t,
+			router,
+			fmt.Sprintf("/api/v1/restores/%s", backupID.String()),
+			"Bearer "+token,
+			http.StatusOK,
+			&restores,
+		)
+
+		for _, restore := range restores {
+			if restore.Status == restores_enums.RestoreStatusCompleted {
+				return restore
+			}
+			if restore.Status == restores_enums.RestoreStatusFailed {
+				t.Fatalf("Restore failed: %v", restore.FailMessage)
+			}
+		}
+
+		time.Sleep(pollInterval)
+	}
+}
+
+func createDatabaseViaAPI(
+	t *testing.T,
+	router *gin.Engine,
+	name string,
+	workspaceID uuid.UUID,
+	pgVersion tools.PostgresqlVersion,
+	host string,
+	port int,
+	username string,
+	password string,
+	database string,
+	token string,
+) *databases.Database {
+	request := databases.Database{
+		Name:        name,
+		WorkspaceID: &workspaceID,
+		Type:        databases.DatabaseTypePostgres,
+		Postgresql: &pgtypes.PostgresqlDatabase{
+			Version:  pgVersion,
+			Host:     host,
+			Port:     port,
+			Username: username,
+			Password: password,
+			Database: &database,
+		},
+	}
+
+	w := workspaces_testing.MakeAPIRequest(
+		router,
+		"POST",
+		"/api/v1/databases/create",
+		"Bearer "+token,
+		request,
+	)
+
+	if w.Code != http.StatusCreated {
+		t.Fatalf("Failed to create database. Status: %d, Body: %s", w.Code, w.Body.String())
+	}
+
+	var createdDatabase databases.Database
+	if err := json.Unmarshal(w.Body.Bytes(), &createdDatabase); err != nil {
+		t.Fatalf("Failed to unmarshal database response: %v", err)
+	}
+
+	return &createdDatabase
+}
+
+func enableBackupsViaAPI(
+	t *testing.T,
+	router *gin.Engine,
+	databaseID uuid.UUID,
+	storageID uuid.UUID,
+	encryption backups_config.BackupEncryption,
+	token string,
+) {
+	var backupConfig backups_config.BackupConfig
+	test_utils.MakeGetRequestAndUnmarshal(
+		t,
+		router,
+		fmt.Sprintf("/api/v1/backup-configs/database/%s", databaseID.String()),
+		"Bearer "+token,
+		http.StatusOK,
+		&backupConfig,
+	)
+
+	storage := &storages.Storage{ID: storageID}
+	backupConfig.IsBackupsEnabled = true
+	backupConfig.Storage = storage
+	backupConfig.Encryption = encryption
+
+	test_utils.MakePostRequest(
+		t,
+		router,
+		"/api/v1/backup-configs/save",
+		"Bearer "+token,
+		backupConfig,
+		http.StatusOK,
+	)
+}
+
+func createBackupViaAPI(
+	t *testing.T,
+	router *gin.Engine,
+	databaseID uuid.UUID,
+	token string,
+) {
+	request := backups.MakeBackupRequest{DatabaseID: databaseID}
+	test_utils.MakePostRequest(
+		t,
+		router,
+		"/api/v1/backups",
+		"Bearer "+token,
+		request,
+		http.StatusOK,
+	)
+}
+
+func createRestoreViaAPI(
+	t *testing.T,
+	router *gin.Engine,
+	backupID uuid.UUID,
+	pgVersion tools.PostgresqlVersion,
+	host string,
+	port int,
+	username string,
+	password string,
+	database string,
+	token string,
+) {
+	request := restores.RestoreBackupRequest{
+		PostgresqlDatabase: &pgtypes.PostgresqlDatabase{
+			Version:  pgVersion,
+			Host:     host,
+			Port:     port,
+			Username: username,
+			Password: password,
+			Database: &database,
+		},
+	}
+
+	test_utils.MakePostRequest(
+		t,
+		router,
+		fmt.Sprintf("/api/v1/restores/%s/restore", backupID.String()),
+		"Bearer "+token,
+		request,
+		http.StatusOK,
+	)
 }
 
-// verifyDataIntegrity compares data in the original and restored databases
 func verifyDataIntegrity(t *testing.T, originalDB *sqlx.DB, restoredDB *sqlx.DB) {
 	var originalData []TestDataItem
 	var restoredData []TestDataItem
@@ -382,7 +516,6 @@ func verifyDataIntegrity(t *testing.T, originalDB *sqlx.DB, restoredDB *sqlx.DB)
 
 	assert.Equal(t, len(originalData), len(restoredData), "Should have same number of rows")
 
-	// Only compare data if both slices have elements (to avoid panic)
 	if len(originalData) > 0 && len(restoredData) > 0 {
 		for i := range originalData {
 			assert.Equal(t, originalData[i].ID, restoredData[i].ID, "ID should match")

backend/internal/features/users/repositories/di.go

@@ -1,13 +1,8 @@
 package users_repositories
 
-var secretKeyRepository = &SecretKeyRepository{}
 var userRepository = &UserRepository{}
 var usersSettingsRepository = &UsersSettingsRepository{}
 
-func GetSecretKeyRepository() *SecretKeyRepository {
-	return secretKeyRepository
-}
-
 func GetUserRepository() *UserRepository {
 	return userRepository
 }

backend/internal/features/users/repositories/secret_key_repository.go

@@ -1,34 +0,0 @@
-package users_repositories
-
-import (
-	"errors"
-	user_models "postgresus-backend/internal/features/users/models"
-	"postgresus-backend/internal/storage"
-
-	"github.com/google/uuid"
-	"gorm.io/gorm"
-)
-
-type SecretKeyRepository struct{}
-
-func (r *SecretKeyRepository) GetSecretKey() (string, error) {
-	var secretKey user_models.SecretKey
-
-	if err := storage.GetDb().First(&secretKey).Error; err != nil {
-		// create a new secret key if not found
-		if errors.Is(err, gorm.ErrRecordNotFound) {
-			newSecretKey := user_models.SecretKey{
-				Secret: uuid.New().String() + uuid.New().String(),
-			}
-			if err := storage.GetDb().Create(&newSecretKey).Error; err != nil {
-				return "", errors.New("failed to create new secret key")
-			}
-
-			return newSecretKey.Secret, nil
-		}
-
-		return "", err
-	}
-
-	return secretKey.Secret, nil
-}

backend/internal/features/users/services/di.go

@@ -1,10 +1,13 @@
 package users_services
 
-import users_repositories "postgresus-backend/internal/features/users/repositories"
+import (
+	"postgresus-backend/internal/features/encryption/secrets"
+	users_repositories "postgresus-backend/internal/features/users/repositories"
+)
 
 var userService = &UserService{
 	users_repositories.GetUserRepository(),
-	users_repositories.GetSecretKeyRepository(),
+	secrets.GetSecretKeyService(),
 	settingsService,
 	nil,
 }

backend/internal/features/users/services/user_services.go

@@ -17,6 +17,7 @@ import (
 	"golang.org/x/oauth2/google"
 
 	"postgresus-backend/internal/config"
+	"postgresus-backend/internal/features/encryption/secrets"
 	users_dto "postgresus-backend/internal/features/users/dto"
 	users_enums "postgresus-backend/internal/features/users/enums"
 	users_interfaces "postgresus-backend/internal/features/users/interfaces"
@@ -25,10 +26,10 @@ import (
 )
 
 type UserService struct {
-	userRepository      *users_repositories.UserRepository
-	secretKeyRepository *users_repositories.SecretKeyRepository
-	settingsService     *SettingsService
-	auditLogWriter      users_interfaces.AuditLogWriter
+	userRepository   *users_repositories.UserRepository
+	secretKeyService *secrets.SecretKeyService
+	settingsService  *SettingsService
+	auditLogWriter   users_interfaces.AuditLogWriter
 }
 
 func (s *UserService) SetAuditLogWriter(writer users_interfaces.AuditLogWriter) {
@@ -162,7 +163,7 @@ func (s *UserService) SignIn(
 }
 
 func (s *UserService) GetUserFromToken(token string) (*users_models.User, error) {
-	secretKey, err := s.secretKeyRepository.GetSecretKey()
+	secretKey, err := s.secretKeyService.GetSecretKey()
 	if err != nil {
 		return nil, fmt.Errorf("failed to get secret key: %w", err)
 	}
@@ -221,7 +222,7 @@ func (s *UserService) GetUserFromToken(token string) (*users_models.User, error)
 func (s *UserService) GenerateAccessToken(
 	user *users_models.User,
 ) (*users_dto.SignInResponseDTO, error) {
-	secretKey, err := s.secretKeyRepository.GetSecretKey()
+	secretKey, err := s.secretKeyService.GetSecretKey()
 	if err != nil {
 		return nil, fmt.Errorf("failed to get secret key: %w", err)
 	}

backend/internal/util/encryption/di.go

@@ -1,9 +1,9 @@
 package encryption
 
-import users_repositories "postgresus-backend/internal/features/users/repositories"
+import "postgresus-backend/internal/features/encryption/secrets"
 
 var fieldEncryptor = &SecretKeyFieldEncryptor{
-	users_repositories.GetSecretKeyRepository(),
+	secrets.GetSecretKeyService(),
 }
 
 func GetFieldEncryptor() FieldEncryptor {

backend/internal/util/encryption/secret_key_field_encryptor.go

@@ -8,17 +8,16 @@ import (
 	"encoding/base64"
 	"errors"
 	"fmt"
+	"postgresus-backend/internal/features/encryption/secrets"
 	"strings"
 
-	users_repositories "postgresus-backend/internal/features/users/repositories"
-
 	"github.com/google/uuid"
 )
 
 const encryptedPrefix = "enc:"
 
 type SecretKeyFieldEncryptor struct {
-	secretKeyRepository *users_repositories.SecretKeyRepository
+	secretKeyService *secrets.SecretKeyService
 }
 
 func (e *SecretKeyFieldEncryptor) Encrypt(itemID uuid.UUID, plaintext string) (string, error) {
@@ -30,7 +29,7 @@ func (e *SecretKeyFieldEncryptor) Encrypt(itemID uuid.UUID, plaintext string) (s
 		return plaintext, nil
 	}
 
-	masterKey, err := e.secretKeyRepository.GetSecretKey()
+	masterKey, err := e.secretKeyService.GetSecretKey()
 	if err != nil {
 		return "", fmt.Errorf("failed to get master key: %w", err)
 	}
@@ -82,7 +81,7 @@ func (e *SecretKeyFieldEncryptor) Decrypt(itemID uuid.UUID, ciphertext string) (
 		return "", fmt.Errorf("failed to decode ciphertext: %w", err)
 	}
 
-	masterKey, err := e.secretKeyRepository.GetSecretKey()
+	masterKey, err := e.secretKeyService.GetSecretKey()
 	if err != nil {
 		return "", fmt.Errorf("failed to get master key: %w", err)
 	}

backend/migrations/20251121171746_remove_restore_id_from_postgresql_databases.sql

@@ -0,0 +1,28 @@
+-- +goose Up
+-- +goose StatementBegin
+
+ALTER TABLE postgresql_databases
+    DROP CONSTRAINT IF EXISTS fk_postgresql_databases_restore_id;
+
+DROP INDEX IF EXISTS idx_postgresql_databases_restore_id;
+
+ALTER TABLE postgresql_databases
+    DROP COLUMN IF EXISTS restore_id;
+
+-- +goose StatementEnd
+
+-- +goose Down
+-- +goose StatementBegin
+
+ALTER TABLE postgresql_databases
+    ADD COLUMN restore_id UUID;
+
+CREATE INDEX idx_postgresql_databases_restore_id ON postgresql_databases (restore_id);
+
+ALTER TABLE postgresql_databases
+    ADD CONSTRAINT fk_postgresql_databases_restore_id
+    FOREIGN KEY (restore_id)
+    REFERENCES restores (id)
+    ON DELETE CASCADE;
+
+-- +goose StatementEnd

frontend/src/entity/databases/api/databaseApi.ts

@@ -1,7 +1,9 @@
 import { getApplicationServer } from '../../../constants';
 import RequestOptions from '../../../shared/api/RequestOptions';
 import { apiHelper } from '../../../shared/api/apiHelper';
+import type { CreateReadOnlyUserResponse } from '../model/CreateReadOnlyUserResponse';
 import type { Database } from '../model/Database';
+import type { IsReadOnlyResponse } from '../model/IsReadOnlyResponse';
 
 export const databaseApi = {
   async createDatabase(database: Database) {
@@ -85,4 +87,22 @@ export const databaseApi = {
       )
       .then((res) => res.isUsing);
   },
+
+  async isUserReadOnly(database: Database) {
+    const requestOptions: RequestOptions = new RequestOptions();
+    requestOptions.setBody(JSON.stringify(database));
+    return apiHelper.fetchPostJson<IsReadOnlyResponse>(
+      `${getApplicationServer()}/api/v1/databases/is-readonly`,
+      requestOptions,
+    );
+  },
+
+  async createReadOnlyUser(database: Database) {
+    const requestOptions: RequestOptions = new RequestOptions();
+    requestOptions.setBody(JSON.stringify(database));
+    return apiHelper.fetchPostJson<CreateReadOnlyUserResponse>(
+      `${getApplicationServer()}/api/v1/databases/create-readonly-user`,
+      requestOptions,
+    );
+  },
 };

frontend/src/entity/databases/index.ts

@@ -4,3 +4,5 @@ export { DatabaseType } from './model/DatabaseType';
 export { Period } from './model/Period';
 export { type PostgresqlDatabase } from './model/postgresql/PostgresqlDatabase';
 export { PostgresqlVersion } from './model/postgresql/PostgresqlVersion';
+export { type IsReadOnlyResponse } from './model/IsReadOnlyResponse';
+export { type CreateReadOnlyUserResponse } from './model/CreateReadOnlyUserResponse';

frontend/src/entity/databases/model/CreateReadOnlyUserResponse.ts

@@ -0,0 +1,4 @@
+export interface CreateReadOnlyUserResponse {
+  username: string;
+  password: string;
+}

frontend/src/entity/databases/model/IsReadOnlyResponse.ts

@@ -0,0 +1,3 @@
+export interface IsReadOnlyResponse {
+  isReadOnly: boolean;
+}

frontend/src/features/backups/ui/BackupsComponent.tsx

@@ -281,6 +281,163 @@ export const BackupsComponent = ({ database, isCanManageDBs, scrollContainerRef
     return () => container.removeEventListener('scroll', handleScroll);
   }, [hasMore, isLoadingMore, currentLimit, scrollContainerRef]);
 
+  const renderStatus = (status: BackupStatus, record: Backup) => {
+    if (status === BackupStatus.FAILED) {
+      return (
+        <Tooltip title="Click to see error details">
+          <div
+            className="flex cursor-pointer items-center text-red-600 underline"
+            onClick={() => setShowingBackupError(record)}
+          >
+            <ExclamationCircleOutlined className="mr-2" style={{ fontSize: 16 }} />
+            <div>Failed</div>
+          </div>
+        </Tooltip>
+      );
+    }
+
+    if (status === BackupStatus.COMPLETED) {
+      return (
+        <div className="flex items-center text-green-600">
+          <CheckCircleOutlined className="mr-2" style={{ fontSize: 16 }} />
+          <div>Successful</div>
+          {record.encryption === BackupEncryption.ENCRYPTED && (
+            <Tooltip title="Encrypted">
+              <LockOutlined className="ml-1" style={{ fontSize: 14 }} />
+            </Tooltip>
+          )}
+        </div>
+      );
+    }
+
+    if (status === BackupStatus.DELETED) {
+      return (
+        <div className="flex items-center text-gray-600">
+          <DeleteOutlined className="mr-2" style={{ fontSize: 16 }} />
+          <div>Deleted</div>
+        </div>
+      );
+    }
+
+    if (status === BackupStatus.IN_PROGRESS) {
+      return (
+        <div className="flex items-center font-bold text-blue-600">
+          <SyncOutlined spin />
+          <span className="ml-2">In progress</span>
+        </div>
+      );
+    }
+
+    if (status === BackupStatus.CANCELED) {
+      return (
+        <div className="flex items-center text-gray-600">
+          <CloseCircleOutlined className="mr-2" style={{ fontSize: 16 }} />
+          <div>Canceled</div>
+        </div>
+      );
+    }
+
+    return <span className="font-bold">{status}</span>;
+  };
+
+  const renderActions = (record: Backup) => {
+    return (
+      <div className="flex gap-2 text-lg">
+        {record.status === BackupStatus.IN_PROGRESS && isCanManageDBs && (
+          <div className="flex gap-2">
+            {cancellingBackupId === record.id ? (
+              <SyncOutlined spin />
+            ) : (
+              <Tooltip title="Cancel backup">
+                <CloseCircleOutlined
+                  className="cursor-pointer"
+                  onClick={() => {
+                    if (cancellingBackupId) return;
+                    cancelBackup(record.id);
+                  }}
+                  style={{ color: '#ff0000', opacity: cancellingBackupId ? 0.2 : 1 }}
+                />
+              </Tooltip>
+            )}
+          </div>
+        )}
+
+        {record.status === BackupStatus.COMPLETED && (
+          <div className="flex gap-2">
+            {deletingBackupId === record.id ? (
+              <SyncOutlined spin />
+            ) : (
+              <>
+                {isCanManageDBs && (
+                  <Tooltip title="Delete backup">
+                    <DeleteOutlined
+                      className="cursor-pointer"
+                      onClick={() => {
+                        if (deletingBackupId) return;
+                        setDeleteConfimationId(record.id);
+                      }}
+                      style={{ color: '#ff0000', opacity: deletingBackupId ? 0.2 : 1 }}
+                    />
+                  </Tooltip>
+                )}
+
+                <Tooltip title="Restore from backup">
+                  <CloudUploadOutlined
+                    className="cursor-pointer"
+                    onClick={() => {
+                      setShowingRestoresBackupId(record.id);
+                    }}
+                    style={{
+                      color: '#155dfc',
+                    }}
+                  />
+                </Tooltip>
+
+                <Tooltip title="Download backup file. It can be restored manually via pg_restore (from custom format)">
+                  {downloadingBackupId === record.id ? (
+                    <SyncOutlined spin style={{ color: '#155dfc' }} />
+                  ) : (
+                    <DownloadOutlined
+                      className="cursor-pointer"
+                      onClick={() => {
+                        if (downloadingBackupId) return;
+                        setDownloadingBackupId(record.id);
+                      }}
+                      style={{
+                        opacity: downloadingBackupId ? 0.2 : 1,
+                        color: '#155dfc',
+                      }}
+                    />
+                  )}
+                </Tooltip>
+              </>
+            )}
+          </div>
+        )}
+      </div>
+    );
+  };
+
+  const formatSize = (sizeMb: number) => {
+    if (sizeMb >= 1024) {
+      const sizeGb = sizeMb / 1024;
+      return `${Number(sizeGb.toFixed(2)).toLocaleString()} GB`;
+    }
+    return `${Number(sizeMb?.toFixed(2)).toLocaleString()} MB`;
+  };
+
+  const formatDuration = (durationMs: number) => {
+    const hours = Math.floor(durationMs / 3600000);
+    const minutes = Math.floor((durationMs % 3600000) / 60000);
+    const seconds = Math.floor((durationMs % 60000) / 1000);
+
+    if (hours > 0) {
+      return `${hours}h ${minutes}m ${seconds}s`;
+    }
+
+    return `${minutes}m ${seconds}s`;
+  };
+
   const columns: ColumnsType<Backup> = [
     {
       title: 'Created at',
@@ -299,66 +456,7 @@ export const BackupsComponent = ({ database, isCanManageDBs, scrollContainerRef
       title: 'Status',
       dataIndex: 'status',
       key: 'status',
-      render: (status: BackupStatus, record: Backup) => {
-        if (status === BackupStatus.FAILED) {
-          return (
-            <Tooltip title="Click to see error details">
-              <div
-                className="flex cursor-pointer items-center text-red-600 underline"
-                onClick={() => setShowingBackupError(record)}
-              >
-                <ExclamationCircleOutlined className="mr-2" style={{ fontSize: 16 }} />
-
-                <div>Failed</div>
-              </div>
-            </Tooltip>
-          );
-        }
-
-        if (status === BackupStatus.COMPLETED) {
-          return (
-            <div className="flex items-center text-green-600">
-              <CheckCircleOutlined className="mr-2" style={{ fontSize: 16 }} />
-              <div>Successful</div>
-
-              {record.encryption === BackupEncryption.ENCRYPTED && (
-                <Tooltip title="Encrypted">
-                  <LockOutlined className="ml-1" style={{ fontSize: 14 }} />
-                </Tooltip>
-              )}
-            </div>
-          );
-        }
-
-        if (status === BackupStatus.DELETED) {
-          return (
-            <div className="flex items-center text-gray-600">
-              <DeleteOutlined className="mr-2" style={{ fontSize: 16 }} />
-              <div>Deleted</div>
-            </div>
-          );
-        }
-
-        if (status === BackupStatus.IN_PROGRESS) {
-          return (
-            <div className="flex items-center font-bold text-blue-600">
-              <SyncOutlined spin />
-              <span className="ml-2">In progress</span>
-            </div>
-          );
-        }
-
-        if (status === BackupStatus.CANCELED) {
-          return (
-            <div className="flex items-center text-gray-600">
-              <CloseCircleOutlined className="mr-2" style={{ fontSize: 16 }} />
-              <div>Canceled</div>
-            </div>
-          );
-        }
-
-        return <span className="font-bold">{status}</span>;
-      },
+      render: (status: BackupStatus, record: Backup) => renderStatus(status, record),
       filters: [
         {
           value: BackupStatus.IN_PROGRESS,
@@ -398,112 +496,20 @@ export const BackupsComponent = ({ database, isCanManageDBs, scrollContainerRef
       dataIndex: 'backupSizeMb',
       key: 'backupSizeMb',
       width: 150,
-      render: (sizeMb: number) => {
-        if (sizeMb >= 1024) {
-          const sizeGb = sizeMb / 1024;
-          return `${Number(sizeGb.toFixed(2)).toLocaleString()} GB`;
-        }
-        return `${Number(sizeMb?.toFixed(2)).toLocaleString()} MB`;
-      },
+      render: (sizeMb: number) => formatSize(sizeMb),
     },
     {
       title: 'Duration',
       dataIndex: 'backupDurationMs',
       key: 'backupDurationMs',
       width: 150,
-      render: (durationMs: number) => {
-        const hours = Math.floor(durationMs / 3600000);
-        const minutes = Math.floor((durationMs % 3600000) / 60000);
-        const seconds = Math.floor((durationMs % 60000) / 1000);
-
-        if (hours > 0) {
-          return `${hours}h ${minutes}m ${seconds}s`;
-        }
-
-        return `${minutes}m ${seconds}s`;
-      },
+      render: (durationMs: number) => formatDuration(durationMs),
     },
     {
       title: 'Actions',
       dataIndex: '',
       key: '',
-      render: (_, record: Backup) => {
-        return (
-          <div className="flex gap-2 text-lg">
-            {record.status === BackupStatus.IN_PROGRESS && isCanManageDBs && (
-              <div className="flex gap-2">
-                {cancellingBackupId === record.id ? (
-                  <SyncOutlined spin />
-                ) : (
-                  <Tooltip title="Cancel backup">
-                    <CloseCircleOutlined
-                      className="cursor-pointer"
-                      onClick={() => {
-                        if (cancellingBackupId) return;
-                        cancelBackup(record.id);
-                      }}
-                      style={{ color: '#ff0000', opacity: cancellingBackupId ? 0.2 : 1 }}
-                    />
-                  </Tooltip>
-                )}
-              </div>
-            )}
-
-            {record.status === BackupStatus.COMPLETED && (
-              <div className="flex gap-2">
-                {deletingBackupId === record.id ? (
-                  <SyncOutlined spin />
-                ) : (
-                  <>
-                    {isCanManageDBs && (
-                      <Tooltip title="Delete backup">
-                        <DeleteOutlined
-                          className="cursor-pointer"
-                          onClick={() => {
-                            if (deletingBackupId) return;
-                            setDeleteConfimationId(record.id);
-                          }}
-                          style={{ color: '#ff0000', opacity: deletingBackupId ? 0.2 : 1 }}
-                        />
-                      </Tooltip>
-                    )}
-
-                    <Tooltip title="Restore from backup">
-                      <CloudUploadOutlined
-                        className="cursor-pointer"
-                        onClick={() => {
-                          setShowingRestoresBackupId(record.id);
-                        }}
-                        style={{
-                          color: '#155dfc',
-                        }}
-                      />
-                    </Tooltip>
-
-                    <Tooltip title="Download backup file. It can be restored manually via pg_restore (from custom format)">
-                      {downloadingBackupId === record.id ? (
-                        <SyncOutlined spin style={{ color: '#155dfc' }} />
-                      ) : (
-                        <DownloadOutlined
-                          className="cursor-pointer"
-                          onClick={() => {
-                            if (downloadingBackupId) return;
-                            setDownloadingBackupId(record.id);
-                          }}
-                          style={{
-                            opacity: downloadingBackupId ? 0.2 : 1,
-                            color: '#155dfc',
-                          }}
-                        />
-                      )}
-                    </Tooltip>
-                  </>
-                )}
-              </div>
-            )}
-          </div>
-        );
-      },
+      render: (_, record: Backup) => renderActions(record),
     },
   ];
 
@@ -516,11 +522,11 @@ export const BackupsComponent = ({ database, isCanManageDBs, scrollContainerRef
   }
 
   return (
-    <div className="mt-5 w-full rounded-md bg-white p-5 shadow">
-      <h2 className="text-xl font-bold">Backups</h2>
+    <div className="mt-5 w-full rounded-md bg-white p-3 shadow md:p-5">
+      <h2 className="text-lg font-bold md:text-xl">Backups</h2>
 
       {!isBackupConfigLoading && !backupConfig?.isBackupsEnabled && (
-        <div className="text-red-600">
+        <div className="text-sm text-red-600 md:text-base">
           Scheduled backups are disabled (you can enable it back in the backup configuration)
         </div>
       )}
@@ -535,30 +541,98 @@ export const BackupsComponent = ({ database, isCanManageDBs, scrollContainerRef
           disabled={isMakeBackupRequestLoading}
           loading={isMakeBackupRequestLoading}
         >
-          Make backup right now
+          <span className="md:hidden">Backup now</span>
+          <span className="hidden md:inline">Make backup right now</span>
         </Button>
       </div>
 
-      <div className="mt-5 max-w-[850px]">
-        <Table
-          bordered
-          columns={columns}
-          dataSource={backups}
-          rowKey="id"
-          loading={isBackupsLoading}
-          size="small"
-          pagination={false}
-        />
-        {isLoadingMore && (
-          <div className="mt-2 flex justify-center">
-            <Spin />
-          </div>
-        )}
-        {!hasMore && backups.length > 0 && (
-          <div className="mt-2 text-center text-gray-500">
-            All backups loaded ({totalBackups} total)
-          </div>
-        )}
+      <div className="mt-5 w-full md:max-w-[850px]">
+        {/* Mobile card view */}
+        <div className="md:hidden">
+          {isBackupsLoading ? (
+            <div className="flex justify-center py-8">
+              <Spin />
+            </div>
+          ) : (
+            <div>
+              {backups.map((backup) => (
+                <div
+                  key={backup.id}
+                  className="mb-2 rounded-lg border border-gray-200 bg-white p-4 shadow-sm"
+                >
+                  <div className="space-y-3">
+                    <div className="flex items-start justify-between">
+                      <div>
+                        <div className="text-xs text-gray-500">Created at</div>
+                        <div className="text-sm font-medium">
+                          {dayjs.utc(backup.createdAt).local().format(getUserTimeFormat().format)}
+                        </div>
+                        <div className="text-xs text-gray-500">
+                          ({dayjs.utc(backup.createdAt).local().fromNow()})
+                        </div>
+                      </div>
+                      <div>{renderStatus(backup.status, backup)}</div>
+                    </div>
+
+                    <div className="grid grid-cols-2 gap-4">
+                      <div>
+                        <div className="text-xs text-gray-500">Size</div>
+                        <div className="text-sm font-medium">{formatSize(backup.backupSizeMb)}</div>
+                      </div>
+                      <div>
+                        <div className="text-xs text-gray-500">Duration</div>
+                        <div className="text-sm font-medium">
+                          {formatDuration(backup.backupDurationMs)}
+                        </div>
+                      </div>
+                    </div>
+
+                    <div className="flex items-center justify-end border-t border-gray-200 pt-3">
+                      {renderActions(backup)}
+                    </div>
+                  </div>
+                </div>
+              ))}
+            </div>
+          )}
+
+          {isLoadingMore && (
+            <div className="mt-3 flex justify-center">
+              <Spin />
+            </div>
+          )}
+          {!hasMore && backups.length > 0 && (
+            <div className="mt-3 text-center text-sm text-gray-500">
+              All backups loaded ({totalBackups} total)
+            </div>
+          )}
+          {!isBackupsLoading && backups.length === 0 && (
+            <div className="py-8 text-center text-gray-500">No backups yet</div>
+          )}
+        </div>
+
+        {/* Desktop table view */}
+        <div className="hidden md:block">
+          <Table
+            bordered
+            columns={columns}
+            dataSource={backups}
+            rowKey="id"
+            loading={isBackupsLoading}
+            size="small"
+            pagination={false}
+          />
+          {isLoadingMore && (
+            <div className="mt-2 flex justify-center">
+              <Spin />
+            </div>
+          )}
+          {!hasMore && backups.length > 0 && (
+            <div className="mt-2 text-center text-gray-500">
+              All backups loaded ({totalBackups} total)
+            </div>
+          )}
+        </div>
       </div>
 
       {deleteConfimationId && (

frontend/src/features/backups/ui/EditBackupConfigComponent.tsx

@@ -204,8 +204,8 @@ export const EditBackupConfigComponent = ({
 
   return (
     <div>
-      <div className="mb-1 flex w-full items-center">
-        <div className="min-w-[150px]">Backups enabled</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Backups enabled</div>
         <Switch
           checked={backupConfig.isBackupsEnabled}
           onChange={(checked) => {
@@ -217,13 +217,13 @@ export const EditBackupConfigComponent = ({
 
       {backupConfig.isBackupsEnabled && (
         <>
-          <div className="mt-4 mb-1 flex w-full items-center">
-            <div className="min-w-[150px]">Backup interval</div>
+          <div className="mt-4 mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[150px] sm:mb-0">Backup interval</div>
             <Select
               value={backupInterval?.interval}
               onChange={(v) => saveInterval({ interval: v })}
               size="small"
-              className="max-w-[200px] grow"
+              className="w-full max-w-[200px] grow"
               options={[
                 { label: 'Hourly', value: IntervalType.HOURLY },
                 { label: 'Daily', value: IntervalType.DAILY },
@@ -234,8 +234,8 @@ export const EditBackupConfigComponent = ({
           </div>
 
           {backupInterval?.interval === IntervalType.WEEKLY && (
-            <div className="mb-1 flex w-full items-center">
-              <div className="min-w-[150px]">Backup weekday</div>
+            <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+              <div className="mb-1 min-w-[150px] sm:mb-0">Backup weekday</div>
               <Select
                 value={displayedWeekday}
                 onChange={(localWeekday) => {
@@ -244,15 +244,15 @@ export const EditBackupConfigComponent = ({
                   saveInterval({ weekday: getUtcWeekday(localWeekday, ref) });
                 }}
                 size="small"
-                className="max-w-[200px] grow"
+                className="w-full max-w-[200px] grow"
                 options={weekdayOptions}
               />
             </div>
           )}
 
           {backupInterval?.interval === IntervalType.MONTHLY && (
-            <div className="mb-1 flex w-full items-center">
-              <div className="min-w-[150px]">Backup day of month</div>
+            <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+              <div className="mb-1 min-w-[150px] sm:mb-0">Backup day of month</div>
               <InputNumber
                 min={1}
                 max={31}
@@ -263,21 +263,21 @@ export const EditBackupConfigComponent = ({
                   saveInterval({ dayOfMonth: getUtcDayOfMonth(localDom, ref) });
                 }}
                 size="small"
-                className="max-w-[200px] grow"
+                className="w-full max-w-[200px] grow"
               />
             </div>
           )}
 
           {backupInterval?.interval !== IntervalType.HOURLY && (
-            <div className="mb-1 flex w-full items-center">
-              <div className="min-w-[150px]">Backup time of day</div>
+            <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+              <div className="mb-1 min-w-[150px] sm:mb-0">Backup time of day</div>
               <TimePicker
                 value={localTime}
                 format={timeFormat.format}
                 use12Hours={timeFormat.use12Hours}
                 allowClear={false}
                 size="small"
-                className="max-w-[200px] grow"
+                className="w-full max-w-[200px] grow"
                 onChange={(t) => {
                   if (!t) return;
                   const patch: Partial<Interval> = { timeOfDay: t.utc().format('HH:mm') };
@@ -295,156 +295,168 @@ export const EditBackupConfigComponent = ({
             </div>
           )}
 
-          <div className="mt-4 mb-1 flex w-full items-center">
-            <div className="min-w-[150px]">Retry backup if failed</div>
-            <Switch
-              size="small"
-              checked={backupConfig.isRetryIfFailed}
-              onChange={(checked) => updateBackupConfig({ isRetryIfFailed: checked })}
-            />
-
-            <Tooltip
-              className="cursor-pointer"
-              title="Automatically retry failed backups. Backups can fail due to network failures, storage issues or temporary database unavailability."
-            >
-              <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-            </Tooltip>
-          </div>
-
-          {backupConfig.isRetryIfFailed && (
-            <div className="mb-1 flex w-full items-center">
-              <div className="min-w-[150px]">Max failed tries count</div>
-              <InputNumber
-                min={1}
-                max={10}
-                value={backupConfig.maxFailedTriesCount}
-                onChange={(value) => updateBackupConfig({ maxFailedTriesCount: value || 1 })}
+          <div className="mt-4 mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[150px] sm:mb-0">Retry backup if failed</div>
+            <div className="flex items-center">
+              <Switch
                 size="small"
-                className="max-w-[200px] grow"
+                checked={backupConfig.isRetryIfFailed}
+                onChange={(checked) => updateBackupConfig({ isRetryIfFailed: checked })}
               />
 
               <Tooltip
                 className="cursor-pointer"
-                title="Maximum number of retry attempts for failed backups. You will receive a notification when all tries have failed."
+                title="Automatically retry failed backups. Backups can fail due to network failures, storage issues or temporary database unavailability."
               >
                 <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
               </Tooltip>
             </div>
-          )}
-
-          <div className="mt-5 mb-1 flex w-full items-center">
-            <div className="min-w-[150px]">CPU count</div>
-            <InputNumber
-              min={1}
-              max={16}
-              value={backupConfig.cpuCount}
-              onChange={(value) => updateBackupConfig({ cpuCount: value || 1 })}
-              size="small"
-              className="max-w-[200px] grow"
-            />
-
-            <Tooltip
-              className="cursor-pointer"
-              title="Number of CPU cores to use for restore processing. Higher values may speed up restores, but use more resources."
-            >
-              <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-            </Tooltip>
           </div>
 
-          <div className="mb-1 flex w-full items-center">
-            <div className="min-w-[150px]">Store period</div>
-            <Select
-              value={backupConfig.storePeriod}
-              onChange={(v) => updateBackupConfig({ storePeriod: v })}
-              size="small"
-              className="max-w-[200px] grow"
-              options={[
-                { label: '1 day', value: Period.DAY },
-                { label: '1 week', value: Period.WEEK },
-                { label: '1 month', value: Period.MONTH },
-                { label: '3 months', value: Period.THREE_MONTH },
-                { label: '6 months', value: Period.SIX_MONTH },
-                { label: '1 year', value: Period.YEAR },
-                { label: '2 years', value: Period.TWO_YEARS },
-                { label: '3 years', value: Period.THREE_YEARS },
-                { label: '4 years', value: Period.FOUR_YEARS },
-                { label: '5 years', value: Period.FIVE_YEARS },
-                { label: 'Forever', value: Period.FOREVER },
-              ]}
-            />
+          {backupConfig.isRetryIfFailed && (
+            <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+              <div className="mb-1 min-w-[150px] sm:mb-0">Max failed tries count</div>
+              <div className="flex items-center">
+                <InputNumber
+                  min={1}
+                  max={10}
+                  value={backupConfig.maxFailedTriesCount}
+                  onChange={(value) => updateBackupConfig({ maxFailedTriesCount: value || 1 })}
+                  size="small"
+                  className="w-full max-w-[200px] grow"
+                />
 
-            <Tooltip
-              className="cursor-pointer"
-              title="How long to keep the backups? Make sure you have enough storage space."
-            >
-              <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-            </Tooltip>
+                <Tooltip
+                  className="cursor-pointer"
+                  title="Maximum number of retry attempts for failed backups. You will receive a notification when all tries have failed."
+                >
+                  <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+                </Tooltip>
+              </div>
+            </div>
+          )}
+
+          <div className="mt-5 mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[150px] sm:mb-0">CPU count</div>
+            <div className="flex items-center">
+              <InputNumber
+                min={1}
+                max={16}
+                value={backupConfig.cpuCount}
+                onChange={(value) => updateBackupConfig({ cpuCount: value || 1 })}
+                size="small"
+                className="w-full max-w-[200px] grow"
+              />
+
+              <Tooltip
+                className="cursor-pointer"
+                title="Number of CPU cores to use for restore processing. Higher values may speed up restores, but use more resources."
+              >
+                <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+              </Tooltip>
+            </div>
+          </div>
+
+          <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[150px] sm:mb-0">Store period</div>
+            <div className="flex items-center">
+              <Select
+                value={backupConfig.storePeriod}
+                onChange={(v) => updateBackupConfig({ storePeriod: v })}
+                size="small"
+                className="w-full max-w-[200px] grow"
+                options={[
+                  { label: '1 day', value: Period.DAY },
+                  { label: '1 week', value: Period.WEEK },
+                  { label: '1 month', value: Period.MONTH },
+                  { label: '3 months', value: Period.THREE_MONTH },
+                  { label: '6 months', value: Period.SIX_MONTH },
+                  { label: '1 year', value: Period.YEAR },
+                  { label: '2 years', value: Period.TWO_YEARS },
+                  { label: '3 years', value: Period.THREE_YEARS },
+                  { label: '4 years', value: Period.FOUR_YEARS },
+                  { label: '5 years', value: Period.FIVE_YEARS },
+                  { label: 'Forever', value: Period.FOREVER },
+                ]}
+              />
+
+              <Tooltip
+                className="cursor-pointer"
+                title="How long to keep the backups? Make sure you have enough storage space."
+              >
+                <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+              </Tooltip>
+            </div>
           </div>
 
           <div className="mb-3" />
         </>
       )}
 
-      <div className="mt-2 mb-1 flex w-full items-center">
-        <div className="min-w-[150px]">Storage</div>
-        <Select
-          value={backupConfig.storage?.id}
-          onChange={(storageId) => {
-            if (storageId.includes('create-new-storage')) {
-              setShowCreateStorage(true);
-              return;
-            }
+      <div className="mt-2 mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Storage</div>
+        <div className="flex w-full items-center">
+          <Select
+            value={backupConfig.storage?.id}
+            onChange={(storageId) => {
+              if (storageId.includes('create-new-storage')) {
+                setShowCreateStorage(true);
+                return;
+              }
 
-            const selectedStorage = storages.find((s) => s.id === storageId);
-            updateBackupConfig({ storage: selectedStorage });
+              const selectedStorage = storages.find((s) => s.id === storageId);
+              updateBackupConfig({ storage: selectedStorage });
 
-            if (backupConfig.storage?.id) {
-              setIsShowWarn(true);
-            }
-          }}
-          size="small"
-          className="mr-2 max-w-[200px] grow"
-          options={[
-            ...storages.map((s) => ({ label: s.name, value: s.id })),
-            { label: 'Create new storage', value: 'create-new-storage' },
-          ]}
-          placeholder="Select storage"
-        />
-
-        {backupConfig.storage?.type && (
-          <img
-            src={getStorageLogoFromType(backupConfig.storage.type)}
-            alt="storageIcon"
-            className="ml-1 h-4 w-4"
+              if (backupConfig.storage?.id) {
+                setIsShowWarn(true);
+              }
+            }}
+            size="small"
+            className="mr-2 max-w-[200px] grow"
+            options={[
+              ...storages.map((s) => ({ label: s.name, value: s.id })),
+              { label: 'Create new storage', value: 'create-new-storage' },
+            ]}
+            placeholder="Select storage"
           />
-        )}
+
+          {backupConfig.storage?.type && (
+            <img
+              src={getStorageLogoFromType(backupConfig.storage.type)}
+              alt="storageIcon"
+              className="ml-1 h-4 w-4"
+            />
+          )}
+        </div>
       </div>
 
-      <div className="mb-1 flex w-full items-center">
-        <div className="min-w-[150px]">Encryption</div>
-        <Select
-          value={backupConfig.encryption}
-          onChange={(v) => updateBackupConfig({ encryption: v })}
-          size="small"
-          className="max-w-[200px] grow"
-          options={[
-            { label: 'None', value: BackupEncryption.NONE },
-            { label: 'Encrypt backup files', value: BackupEncryption.ENCRYPTED },
-          ]}
-        />
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Encryption</div>
+        <div className="flex items-center">
+          <Select
+            value={backupConfig.encryption}
+            onChange={(v) => updateBackupConfig({ encryption: v })}
+            size="small"
+            className="w-full max-w-[200px] grow"
+            options={[
+              { label: 'None', value: BackupEncryption.NONE },
+              { label: 'Encrypt backup files', value: BackupEncryption.ENCRYPTED },
+            ]}
+          />
 
-        <Tooltip
-          className="cursor-pointer"
-          title="If backup is encrypted, backup files in your storage (S3, local, etc.) cannot be used directly. You can restore backups through Postgresus or download them unencrypted via the 'Download' button."
-        >
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip
+            className="cursor-pointer"
+            title="If backup is encrypted, backup files in your storage (S3, local, etc.) cannot be used directly. You can restore backups through Postgresus or download them unencrypted via the 'Download' button."
+          >
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
 
       {backupConfig.isBackupsEnabled && (
         <>
-          <div className="mt-4 mb-1 flex w-full items-start">
-            <div className="mt-1 min-w-[150px]">Notifications</div>
+          <div className="mt-4 mb-1 flex w-full flex-col items-start sm:flex-row sm:items-start">
+            <div className="mt-0 mb-1 min-w-[150px] sm:mt-1 sm:mb-0">Notifications</div>
             <div className="flex flex-col space-y-2">
               <Checkbox
                 checked={backupConfig.sendNotificationsOn.includes(

frontend/src/features/databases/ui/CreateDatabaseComponent.tsx

@@ -9,6 +9,7 @@ import {
   databaseApi,
 } from '../../../entity/databases';
 import { EditBackupConfigComponent } from '../../backups';
+import { CreateReadOnlyComponent } from './edit/CreateReadOnlyComponent';
 import { EditDatabaseBaseInfoComponent } from './edit/EditDatabaseBaseInfoComponent';
 import { EditDatabaseNotifiersComponent } from './edit/EditDatabaseNotifiersComponent';
 import { EditDatabaseSpecificDataComponent } from './edit/EditDatabaseSpecificDataComponent';
@@ -41,9 +42,9 @@ export const CreateDatabaseComponent = ({ workspaceId, onCreated, onClose }: Pro
     sendNotificationsOn: [],
   } as Database);
 
-  const [step, setStep] = useState<'base-info' | 'db-settings' | 'backup-config' | 'notifiers'>(
-    'base-info',
-  );
+  const [step, setStep] = useState<
+    'base-info' | 'db-settings' | 'create-readonly-user' | 'backup-config' | 'notifiers'
+  >('base-info');
 
   const createDatabase = async (database: Database, backupConfig: BackupConfig) => {
     setIsCreating(true);
@@ -97,12 +98,25 @@ export const CreateDatabaseComponent = ({ workspaceId, onCreated, onClose }: Pro
         isSaveToApi={false}
         onSaved={(database) => {
           setDatabase({ ...database });
-          setStep('backup-config');
+          setStep('create-readonly-user');
         }}
       />
     );
   }
 
+  if (step === 'create-readonly-user') {
+    return (
+      <CreateReadOnlyComponent
+        database={database}
+        onReadOnlyUserUpdated={(database) => {
+          setDatabase({ ...database });
+        }}
+        onGoBack={() => setStep('db-settings')}
+        onContinue={() => setStep('backup-config')}
+      />
+    );
+  }
+
   if (step === 'backup-config') {
     return (
       <EditBackupConfigComponent

frontend/src/features/databases/ui/DatabaseConfigComponent.tsx

@@ -147,9 +147,9 @@ export const DatabaseConfigComponent = ({
   };
 
   return (
-    <div className="w-full rounded-tr-md rounded-br-md rounded-bl-md bg-white p-5 shadow">
+    <div className="w-full rounded-tr-md rounded-br-md rounded-bl-md bg-white p-3 shadow sm:p-5">
       {!isEditName ? (
-        <div className="mb-5 flex items-center text-2xl font-bold">
+        <div className="mb-5 flex items-center text-xl font-bold sm:text-2xl">
           {database.name}
 
           {isCanManageDBs && (
@@ -162,7 +162,7 @@ export const DatabaseConfigComponent = ({
         <div>
           <div className="flex items-center">
             <Input
-              className="max-w-[250px]"
+              className="max-w-full sm:max-w-[250px]"
               value={editDatabase?.name}
               onChange={(e) => {
                 if (!editDatabase) return;
@@ -174,7 +174,7 @@ export const DatabaseConfigComponent = ({
               size="large"
             />
 
-            <div className="ml-1 flex items-center">
+            <div className="ml-1 flex flex-shrink-0 items-center">
               <Button
                 type="text"
                 className="flex h-6 w-6 items-center justify-center p-0"
@@ -204,7 +204,7 @@ export const DatabaseConfigComponent = ({
       )}
 
       {database.lastBackupErrorMessage && (
-        <div className="max-w-[400px] rounded border border-red-600 px-3 py-3">
+        <div className="mb-4 max-w-full rounded border border-red-600 px-3 py-3 sm:max-w-[400px]">
           <div className="mt-1 flex items-center text-sm font-bold text-red-600">
             <InfoCircleOutlined className="mr-2" style={{ color: 'red' }} />
             Last backup error
@@ -226,8 +226,8 @@ export const DatabaseConfigComponent = ({
         </div>
       )}
 
-      <div className="flex flex-wrap gap-10">
-        <div className="w-[400px]">
+      <div className="flex flex-col gap-6 lg:flex-row lg:flex-wrap lg:gap-10">
+        <div className="w-full lg:w-[400px]">
           <div className="mt-5 flex items-center font-bold">
             <div>Database settings</div>
 
@@ -260,7 +260,7 @@ export const DatabaseConfigComponent = ({
           </div>
         </div>
 
-        <div className="w-[400px]">
+        <div className="w-full lg:w-[400px]">
           <div className="mt-5 flex items-center font-bold">
             <div>Backup config</div>
 
@@ -299,8 +299,8 @@ export const DatabaseConfigComponent = ({
         </div>
       </div>
 
-      <div className="flex flex-wrap gap-10">
-        <div className="w-[400px]">
+      <div className="flex flex-col gap-6 lg:flex-row lg:flex-wrap lg:gap-10">
+        <div className="w-full lg:w-[400px]">
           <div className="mt-5 flex items-center font-bold">
             <div>Healthcheck settings</div>
 
@@ -328,7 +328,7 @@ export const DatabaseConfigComponent = ({
           </div>
         </div>
 
-        <div className="w-[400px]">
+        <div className="w-full lg:w-[400px]">
           <div className="mt-5 flex items-center font-bold">
             <div>Notifiers settings</div>
 
@@ -366,10 +366,10 @@ export const DatabaseConfigComponent = ({
       </div>
 
       {!isEditDatabaseSpecificDataSettings && (
-        <div className="mt-10">
+        <div className="mt-10 flex flex-col gap-2 sm:flex-row sm:gap-0">
           <Button
             type="primary"
-            className="mr-1"
+            className="w-full sm:mr-1 sm:w-auto"
             ghost
             onClick={testConnection}
             loading={isTestingConnection}
@@ -380,7 +380,7 @@ export const DatabaseConfigComponent = ({
 
           <Button
             type="primary"
-            className="mr-1"
+            className="w-full sm:mr-1 sm:w-auto"
             ghost
             onClick={copyDatabase}
             loading={isCopying}
@@ -391,6 +391,7 @@ export const DatabaseConfigComponent = ({
 
           <Button
             type="primary"
+            className="w-full sm:w-auto"
             danger
             onClick={() => setIsShowRemoveConfirm(true)}
             ghost

frontend/src/features/databases/ui/DatabasesComponent.tsx

@@ -4,6 +4,7 @@ import { useEffect, useState } from 'react';
 import { databaseApi } from '../../../entity/databases';
 import type { Database } from '../../../entity/databases';
 import type { WorkspaceResponse } from '../../../entity/workspaces';
+import { useIsMobile } from '../../../shared/hooks';
 import { CreateDatabaseComponent } from './CreateDatabaseComponent';
 import { DatabaseCardComponent } from './DatabaseCardComponent';
 import { DatabaseComponent } from './DatabaseComponent';
@@ -17,6 +18,7 @@ interface Props {
 const SELECTED_DATABASE_STORAGE_KEY = 'selectedDatabaseId';
 
 export const DatabasesComponent = ({ contentHeight, workspace, isCanManageDBs }: Props) => {
+  const isMobile = useIsMobile();
   const [isLoading, setIsLoading] = useState(true);
   const [databases, setDatabases] = useState<Database[]>([]);
   const [searchQuery, setSearchQuery] = useState('');
@@ -44,7 +46,8 @@ export const DatabasesComponent = ({ contentHeight, workspace, isCanManageDBs }:
         setDatabases(databases);
         if (selectDatabaseId) {
           updateSelectedDatabaseId(selectDatabaseId);
-        } else if (!selectedDatabaseId && !isSilent) {
+        } else if (!selectedDatabaseId && !isSilent && !isMobile) {
+          // On desktop, auto-select a database; on mobile, keep it unselected
           const savedDatabaseId = localStorage.getItem(
             `${SELECTED_DATABASE_STORAGE_KEY}_${workspace.id}`,
           );
@@ -87,66 +90,86 @@ export const DatabasesComponent = ({ contentHeight, workspace, isCanManageDBs }:
     database.name.toLowerCase().includes(searchQuery.toLowerCase()),
   );
 
+  // On mobile, show either the list or the database details
+  const showDatabaseList = !isMobile || !selectedDatabaseId;
+  const showDatabaseDetails = selectedDatabaseId && (!isMobile || selectedDatabaseId);
+
   return (
     <>
       <div className="flex grow">
-        <div
-          className="mx-3 w-[250px] min-w-[250px] overflow-y-auto pr-2"
-          style={{ height: contentHeight }}
-        >
-          {databases.length >= 5 && (
-            <>
-              {isCanManageDBs && addDatabaseButton}
+        {showDatabaseList && (
+          <div
+            className="w-full overflow-y-auto md:mx-3 md:w-[250px] md:min-w-[250px] md:pr-2"
+            style={{ height: contentHeight }}
+          >
+            {databases.length >= 5 && (
+              <>
+                {isCanManageDBs && addDatabaseButton}
 
-              <div className="mb-2">
-                <input
-                  placeholder="Search database"
-                  value={searchQuery}
-                  onChange={(e) => setSearchQuery(e.target.value)}
-                  className="w-full border-b border-gray-300 p-1 text-gray-500 outline-none"
-                />
-              </div>
-            </>
-          )}
-
-          {filteredDatabases.length > 0
-            ? filteredDatabases.map((database) => (
-                <DatabaseCardComponent
-                  key={database.id}
-                  database={database}
-                  selectedDatabaseId={selectedDatabaseId}
-                  setSelectedDatabaseId={updateSelectedDatabaseId}
-                />
-              ))
-            : searchQuery && (
-                <div className="mb-4 text-center text-sm text-gray-500">
-                  No databases found matching &quot;{searchQuery}&quot;
+                <div className="mb-2">
+                  <input
+                    placeholder="Search database"
+                    value={searchQuery}
+                    onChange={(e) => setSearchQuery(e.target.value)}
+                    className="w-full border-b border-gray-300 p-1 text-gray-500 outline-none"
+                  />
                 </div>
-              )}
+              </>
+            )}
 
-          {databases.length < 5 && isCanManageDBs && addDatabaseButton}
+            {filteredDatabases.length > 0
+              ? filteredDatabases.map((database) => (
+                  <DatabaseCardComponent
+                    key={database.id}
+                    database={database}
+                    selectedDatabaseId={selectedDatabaseId}
+                    setSelectedDatabaseId={updateSelectedDatabaseId}
+                  />
+                ))
+              : searchQuery && (
+                  <div className="mb-4 text-center text-sm text-gray-500">
+                    No databases found matching &quot;{searchQuery}&quot;
+                  </div>
+                )}
 
-          <div className="mx-3 text-center text-xs text-gray-500">
-            Database - is a thing we are backing up
+            {databases.length < 5 && isCanManageDBs && addDatabaseButton}
+
+            <div className="mx-3 text-center text-xs text-gray-500">
+              Database - is a thing we are backing up
+            </div>
           </div>
-        </div>
+        )}
 
-        {selectedDatabaseId && (
-          <DatabaseComponent
-            contentHeight={contentHeight}
-            databaseId={selectedDatabaseId}
-            onDatabaseChanged={() => {
-              loadDatabases();
-            }}
-            onDatabaseDeleted={() => {
-              const remainingDatabases = databases.filter(
-                (database) => database.id !== selectedDatabaseId,
-              );
-              updateSelectedDatabaseId(remainingDatabases[0]?.id);
-              loadDatabases();
-            }}
-            isCanManageDBs={isCanManageDBs}
-          />
+        {showDatabaseDetails && (
+          <div className="flex w-full flex-col md:flex-1">
+            {isMobile && (
+              <div className="mb-2">
+                <Button
+                  type="default"
+                  onClick={() => updateSelectedDatabaseId(undefined)}
+                  className="w-full"
+                >
+                  ← Back to databases
+                </Button>
+              </div>
+            )}
+
+            <DatabaseComponent
+              contentHeight={isMobile ? contentHeight - 50 : contentHeight}
+              databaseId={selectedDatabaseId}
+              onDatabaseChanged={() => {
+                loadDatabases();
+              }}
+              onDatabaseDeleted={() => {
+                const remainingDatabases = databases.filter(
+                  (database) => database.id !== selectedDatabaseId,
+                );
+                updateSelectedDatabaseId(remainingDatabases[0]?.id);
+                loadDatabases();
+              }}
+              isCanManageDBs={isCanManageDBs}
+            />
+          </div>
         )}
       </div>
 

frontend/src/features/databases/ui/edit/CreateReadOnlyComponent.tsx

@@ -0,0 +1,165 @@
+import { Button, Modal, Spin } from 'antd';
+import { useEffect, useState } from 'react';
+
+import { type Database, databaseApi } from '../../../../entity/databases';
+
+interface Props {
+  database: Database;
+  onReadOnlyUserUpdated: (database: Database) => void;
+
+  onGoBack: () => void;
+  onContinue: () => void;
+}
+
+export const CreateReadOnlyComponent = ({
+  database,
+  onReadOnlyUserUpdated,
+  onGoBack,
+  onContinue,
+}: Props) => {
+  const [isCheckingReadOnlyUser, setIsCheckingReadOnlyUser] = useState(false);
+  const [isCreatingReadOnlyUser, setIsCreatingReadOnlyUser] = useState(false);
+  const [isShowSkipConfirmation, setShowSkipConfirmation] = useState(false);
+
+  const checkReadOnlyUser = async (): Promise<boolean> => {
+    try {
+      const response = await databaseApi.isUserReadOnly(database);
+      return response.isReadOnly;
+    } catch (e) {
+      alert((e as Error).message);
+      return false;
+    }
+  };
+
+  const createReadOnlyUser = async () => {
+    setIsCreatingReadOnlyUser(true);
+
+    try {
+      const response = await databaseApi.createReadOnlyUser(database);
+      database.postgresql!.username = response.username;
+      database.postgresql!.password = response.password;
+      onReadOnlyUserUpdated(database);
+      onContinue();
+    } catch (e) {
+      alert((e as Error).message);
+    }
+
+    setIsCreatingReadOnlyUser(false);
+  };
+
+  const handleSkip = () => {
+    setShowSkipConfirmation(true);
+  };
+
+  const handleSkipConfirmed = () => {
+    setShowSkipConfirmation(false);
+    onContinue();
+  };
+
+  useEffect(() => {
+    const run = async () => {
+      setIsCheckingReadOnlyUser(true);
+
+      const isReadOnly = await checkReadOnlyUser();
+      if (isReadOnly) {
+        // already has a read-only user
+        onContinue();
+      }
+
+      setIsCheckingReadOnlyUser(false);
+    };
+    run();
+  }, []);
+
+  if (isCheckingReadOnlyUser) {
+    return (
+      <div className="flex items-center">
+        <Spin />
+        <span className="ml-3">Checking read-only user...</span>
+      </div>
+    );
+  }
+
+  return (
+    <div>
+      <div className="mb-5">
+        <p className="mb-3 text-lg font-bold">Create a read-only user for Postgresus?</p>
+
+        <p className="mb-2">
+          A read-only user is a PostgreSQL user with limited permissions that can only read data
+          from your database, not modify it. This is recommended for backup operations because:
+        </p>
+
+        <ul className="mb-2 ml-5 list-disc">
+          <li>it prevents accidental data modifications during backup</li>
+          <li>it follows the principle of least privilege</li>
+          <li>it&apos;s a security best practice</li>
+        </ul>
+
+        <p className="mb-2">
+          Postgresus enforce enterprise-grade security (
+          <a href="https://postgresus.com/security" target="_blank" rel="noreferrer">
+            read in details here
+          </a>
+          ). However, it is not possible to be covered from all possible risks.
+        </p>
+
+        <p className="mt-3">
+          <b>Read-only user allows to avoid storing credentials with write access at all</b>. Even
+          in the worst case of hacking, nobody will be able to corrupt your data.
+        </p>
+      </div>
+
+      <div className="mt-5 flex">
+        <Button className="mr-auto" type="primary" ghost onClick={() => onGoBack()}>
+          Back
+        </Button>
+
+        <Button className="mr-2 ml-auto" danger ghost onClick={handleSkip}>
+          Skip
+        </Button>
+
+        <Button
+          type="primary"
+          onClick={createReadOnlyUser}
+          loading={isCreatingReadOnlyUser}
+          disabled={isCreatingReadOnlyUser}
+        >
+          Yes, create read-only user
+        </Button>
+      </div>
+
+      <Modal
+        title="Skip read-only user creation?"
+        open={isShowSkipConfirmation}
+        onCancel={() => setShowSkipConfirmation(false)}
+        footer={null}
+        width={450}
+      >
+        <div className="mb-5">
+          <p className="mb-2">Are you sure you want to skip creating a read-only user?</p>
+
+          <p className="mb-2">
+            Using a user with full permissions for backups is not recommended and may pose security
+            risks. Postgresus is highly recommending you to not skip this step.
+          </p>
+
+          <p>
+            100% protection is never possible. It&apos;s better to be safe in case of 0.01% risk of
+            full hacking. So it is better to follow the secure way with read-only user.
+          </p>
+        </div>
+
+        <div className="flex justify-end">
+          <Button className="mr-2" danger onClick={handleSkipConfirmed}>
+            Yes, I accept risks
+          </Button>
+
+          <Button type="primary" onClick={() => setShowSkipConfirmation(false)}>
+            Let&apos;s continue with the secure way
+          </Button>
+        </div>
+      </Modal>
+    </div>
+  );
+};

frontend/src/features/healthcheck/ui/HealthckeckAttemptsComponent.tsx

@@ -118,16 +118,16 @@ export const HealthckeckAttemptsComponent = ({ database }: Props) => {
   }
 
   return (
-    <div className="w-full rounded-tr-md rounded-br-md rounded-bl-md bg-white p-5 shadow">
-      <h2 className="text-xl font-bold">Healthcheck attempts</h2>
+    <div className="w-full rounded-tr-md rounded-br-md rounded-bl-md bg-white p-3 shadow sm:p-5">
+      <h2 className="text-lg font-bold sm:text-xl">Healthcheck attempts</h2>
 
-      <div className="mt-4 flex items-center gap-2">
-        <span className="mr-2 text-sm font-medium">Period</span>
+      <div className="mt-3 flex flex-col gap-2 sm:mt-4 sm:flex-row sm:items-center">
+        <span className="text-sm font-medium sm:mr-2">Period</span>
         <Select
           size="small"
           value={period}
           onChange={(value) => setPeriod(value)}
-          style={{ width: 120 }}
+          className="w-full sm:w-[120px]"
           options={[
             { value: 'today', label: 'Today' },
             { value: '7d', label: '7 days' },
@@ -137,7 +137,7 @@ export const HealthckeckAttemptsComponent = ({ database }: Props) => {
         />
       </div>
 
-      <div className="mt-5" />
+      <div className="mt-4 sm:mt-5" />
 
       {isLoading ? (
         <div className="flex justify-center">

frontend/src/features/healthcheck/ui/ShowHealthcheckConfigComponent.tsx

@@ -41,31 +41,31 @@ export const ShowHealthcheckConfigComponent = ({ databaseId }: Props) => {
     <div className="space-y-4">
       <div className="mb-1 flex items-center">
         <div className="min-w-[180px]">Is health check enabled</div>
-        <div className="w-[250px]">{healthcheckConfig.isHealthcheckEnabled ? 'Yes' : 'No'}</div>
+        <div>{healthcheckConfig.isHealthcheckEnabled ? 'Yes' : 'No'}</div>
       </div>
 
       {healthcheckConfig.isHealthcheckEnabled && (
         <>
           <div className="mb-1 flex items-center">
             <div className="min-w-[180px]">Notify when unavailable</div>
-            <div className="w-[250px]">
+            <div className="lg:w-[200px]">
               {healthcheckConfig.isSentNotificationWhenUnavailable ? 'Yes' : 'No'}
             </div>
           </div>
 
           <div className="mb-1 flex items-center">
             <div className="min-w-[180px]">Check interval (minutes)</div>
-            <div className="w-[250px]">{healthcheckConfig.intervalMinutes}</div>
+            <div className="lg:w-[200px]">{healthcheckConfig.intervalMinutes}</div>
           </div>
 
           <div className="mb-1 flex items-center">
             <div className="min-w-[180px]">Attempts before down</div>
-            <div className="w-[250px]">{healthcheckConfig.attemptsBeforeConcideredAsDown}</div>
+            <div className="lg:w-[200px]">{healthcheckConfig.attemptsBeforeConcideredAsDown}</div>
           </div>
 
           <div className="mb-1 flex items-center">
             <div className="min-w-[180px]">Store attempts (days)</div>
-            <div className="w-[250px]">{healthcheckConfig.storeAttemptsDays}</div>
+            <div className="lg:w-[200px]">{healthcheckConfig.storeAttemptsDays}</div>
           </div>
         </>
       )}

frontend/src/features/notifiers/ui/NotifiersComponent.tsx

@@ -4,6 +4,7 @@ import { useEffect, useState } from 'react';
 import { notifierApi } from '../../../entity/notifiers';
 import type { Notifier } from '../../../entity/notifiers';
 import type { WorkspaceResponse } from '../../../entity/workspaces';
+import { useIsMobile } from '../../../shared/hooks';
 import { NotifierCardComponent } from './NotifierCardComponent';
 import { NotifierComponent } from './NotifierComponent';
 import { EditNotifierComponent } from './edit/EditNotifierComponent';
@@ -14,21 +15,47 @@ interface Props {
   isCanManageNotifiers: boolean;
 }
 
+const SELECTED_NOTIFIER_STORAGE_KEY = 'selectedNotifierId';
+
 export const NotifiersComponent = ({ contentHeight, workspace, isCanManageNotifiers }: Props) => {
+  const isMobile = useIsMobile();
   const [isLoading, setIsLoading] = useState(true);
   const [notifiers, setNotifiers] = useState<Notifier[]>([]);
+  const [searchQuery, setSearchQuery] = useState('');
 
   const [isShowAddNotifier, setIsShowAddNotifier] = useState(false);
   const [selectedNotifierId, setSelectedNotifierId] = useState<string | undefined>(undefined);
-  const loadNotifiers = () => {
-    setIsLoading(true);
+
+  const updateSelectedNotifierId = (notifierId: string | undefined) => {
+    setSelectedNotifierId(notifierId);
+    if (notifierId) {
+      localStorage.setItem(`${SELECTED_NOTIFIER_STORAGE_KEY}_${workspace.id}`, notifierId);
+    } else {
+      localStorage.removeItem(`${SELECTED_NOTIFIER_STORAGE_KEY}_${workspace.id}`);
+    }
+  };
+
+  const loadNotifiers = (isSilent = false, selectNotifierId?: string) => {
+    if (!isSilent) {
+      setIsLoading(true);
+    }
 
     notifierApi
       .getNotifiers(workspace.id)
       .then((notifiers) => {
         setNotifiers(notifiers);
-        if (!selectedNotifierId) {
-          setSelectedNotifierId(notifiers[0]?.id);
+        if (selectNotifierId) {
+          updateSelectedNotifierId(selectNotifierId);
+        } else if (!selectedNotifierId && !isSilent && !isMobile) {
+          // On desktop, auto-select a notifier; on mobile, keep it unselected
+          const savedNotifierId = localStorage.getItem(
+            `${SELECTED_NOTIFIER_STORAGE_KEY}_${workspace.id}`,
+          );
+          const notifierToSelect =
+            savedNotifierId && notifiers.some((n) => n.id === savedNotifierId)
+              ? savedNotifierId
+              : notifiers[0]?.id;
+          updateSelectedNotifierId(notifierToSelect);
         }
       })
       .catch((e) => alert(e.message))
@@ -37,6 +64,12 @@ export const NotifiersComponent = ({ contentHeight, workspace, isCanManageNotifi
 
   useEffect(() => {
     loadNotifiers();
+
+    const interval = setInterval(() => {
+      loadNotifiers(true);
+    }, 5 * 60_000);
+
+    return () => clearInterval(interval);
   }, []);
 
   if (isLoading) {
@@ -53,45 +86,89 @@ export const NotifiersComponent = ({ contentHeight, workspace, isCanManageNotifi
     </Button>
   );
 
+  const filteredNotifiers = notifiers.filter((notifier) =>
+    notifier.name.toLowerCase().includes(searchQuery.toLowerCase()),
+  );
+
+  // On mobile, show either the list or the notifier details
+  const showNotifierList = !isMobile || !selectedNotifierId;
+  const showNotifierDetails = selectedNotifierId && (!isMobile || selectedNotifierId);
+
   return (
     <>
       <div className="flex grow">
-        <div
-          className="mx-3 w-[250px] min-w-[250px] overflow-y-auto"
-          style={{ height: contentHeight }}
-        >
-          {notifiers.length >= 5 && isCanManageNotifiers && addNotifierButton}
+        {showNotifierList && (
+          <div
+            className="w-full overflow-y-auto md:mx-3 md:w-[250px] md:min-w-[250px] md:pr-2"
+            style={{ height: contentHeight }}
+          >
+            {notifiers.length >= 5 && (
+              <>
+                {isCanManageNotifiers && addNotifierButton}
 
-          {notifiers.map((notifier) => (
-            <NotifierCardComponent
-              key={notifier.id}
-              notifier={notifier}
-              selectedNotifierId={selectedNotifierId}
-              setSelectedNotifierId={setSelectedNotifierId}
-            />
-          ))}
+                <div className="mb-2">
+                  <input
+                    placeholder="Search notifier"
+                    value={searchQuery}
+                    onChange={(e) => setSearchQuery(e.target.value)}
+                    className="w-full border-b border-gray-300 p-1 text-gray-500 outline-none"
+                  />
+                </div>
+              </>
+            )}
 
-          {notifiers.length < 5 && isCanManageNotifiers && addNotifierButton}
+            {filteredNotifiers.length > 0
+              ? filteredNotifiers.map((notifier) => (
+                  <NotifierCardComponent
+                    key={notifier.id}
+                    notifier={notifier}
+                    selectedNotifierId={selectedNotifierId}
+                    setSelectedNotifierId={updateSelectedNotifierId}
+                  />
+                ))
+              : searchQuery && (
+                  <div className="mb-4 text-center text-sm text-gray-500">
+                    No notifiers found matching &quot;{searchQuery}&quot;
+                  </div>
+                )}
 
-          <div className="mx-3 text-center text-xs text-gray-500">
-            Notifier - is a place where notifications will be sent (email, Slack, Telegram, etc.)
+            {notifiers.length < 5 && isCanManageNotifiers && addNotifierButton}
+
+            <div className="mx-3 text-center text-xs text-gray-500">
+              Notifier - is a place where notifications will be sent (email, Slack, Telegram, etc.)
+            </div>
           </div>
-        </div>
+        )}
 
-        {selectedNotifierId && (
-          <NotifierComponent
-            notifierId={selectedNotifierId}
-            onNotifierChanged={() => {
-              loadNotifiers();
-            }}
-            onNotifierDeleted={() => {
-              loadNotifiers();
-              setSelectedNotifierId(
-                notifiers.filter((notifier) => notifier.id !== selectedNotifierId)[0]?.id,
-              );
-            }}
-            isCanManageNotifiers={isCanManageNotifiers}
-          />
+        {showNotifierDetails && (
+          <div className="flex w-full flex-col md:flex-1">
+            {isMobile && (
+              <div className="mb-2">
+                <Button
+                  type="default"
+                  onClick={() => updateSelectedNotifierId(undefined)}
+                  className="w-full"
+                >
+                  ← Back to notifiers
+                </Button>
+              </div>
+            )}
+
+            <NotifierComponent
+              notifierId={selectedNotifierId}
+              onNotifierChanged={() => {
+                loadNotifiers();
+              }}
+              onNotifierDeleted={() => {
+                const remainingNotifiers = notifiers.filter(
+                  (notifier) => notifier.id !== selectedNotifierId,
+                );
+                updateSelectedNotifierId(remainingNotifiers[0]?.id);
+                loadNotifiers();
+              }}
+              isCanManageNotifiers={isCanManageNotifiers}
+            />
+          </div>
         )}
       </div>
 
@@ -111,8 +188,8 @@ export const NotifiersComponent = ({ contentHeight, workspace, isCanManageNotifi
             isShowName
             isShowClose={false}
             onClose={() => setIsShowAddNotifier(false)}
-            onChanged={() => {
-              loadNotifiers();
+            onChanged={(notifier) => {
+              loadNotifiers(false, notifier.id);
               setIsShowAddNotifier(false);
             }}
           />

frontend/src/features/notifiers/ui/edit/EditNotifierComponent.tsx

@@ -208,8 +208,8 @@ export function EditNotifierComponent({
   return (
     <div>
       {isShowName && (
-        <div className="mb-1 flex items-center">
-          <div className="min-w-[130px]">Name</div>
+        <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+          <div className="mb-1 min-w-[150px] sm:mb-0">Name</div>
 
           <Input
             value={notifier?.name || ''}
@@ -224,28 +224,30 @@ export function EditNotifierComponent({
         </div>
       )}
 
-      <div className="mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">Type</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Type</div>
 
-        <Select
-          value={notifier?.notifierType}
-          options={[
-            { label: 'Telegram', value: NotifierType.TELEGRAM },
-            { label: 'Email', value: NotifierType.EMAIL },
-            { label: 'Webhook', value: NotifierType.WEBHOOK },
-            { label: 'Slack', value: NotifierType.SLACK },
-            { label: 'Discord', value: NotifierType.DISCORD },
-            { label: 'Teams', value: NotifierType.TEAMS },
-          ]}
-          onChange={(value) => {
-            setNotifierType(value);
-            setIsUnsaved(true);
-          }}
-          size="small"
-          className="w-full max-w-[250px]"
-        />
+        <div className="flex items-center">
+          <Select
+            value={notifier?.notifierType}
+            options={[
+              { label: 'Telegram', value: NotifierType.TELEGRAM },
+              { label: 'Email', value: NotifierType.EMAIL },
+              { label: 'Webhook', value: NotifierType.WEBHOOK },
+              { label: 'Slack', value: NotifierType.SLACK },
+              { label: 'Discord', value: NotifierType.DISCORD },
+              { label: 'Teams', value: NotifierType.TEAMS },
+            ]}
+            onChange={(value) => {
+              setNotifierType(value);
+              setIsUnsaved(true);
+            }}
+            size="small"
+            className="w-[250px] max-w-[250px]"
+          />
 
-        <img src={getNotifierLogoFromType(notifier?.notifierType)} className="ml-2 h-4 w-4" />
+          <img src={getNotifierLogoFromType(notifier?.notifierType)} className="ml-2 h-4 w-4" />
+        </div>
       </div>
 
       <div className="mt-5" />

frontend/src/features/notifiers/ui/edit/notifiers/EditDiscordNotifierComponent.tsx

@@ -11,31 +11,28 @@ interface Props {
 export function EditDiscordNotifierComponent({ notifier, setNotifier, setUnsaved }: Props) {
   return (
     <>
-      <div className="flex">
-        <div className="w-[130px] max-w-[130px] min-w-[130px] pr-3">Channel webhook URL</div>
-
-        <div className="w-[250px]">
-          <Input
-            value={notifier?.discordNotifier?.channelWebhookUrl || ''}
-            onChange={(e) => {
-              if (!notifier?.discordNotifier) return;
-              setNotifier({
-                ...notifier,
-                discordNotifier: {
-                  ...notifier.discordNotifier,
-                  channelWebhookUrl: e.target.value.trim(),
-                },
-              });
-              setUnsaved();
-            }}
-            size="small"
-            className="w-full"
-            placeholder="1234567890:ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-          />
-        </div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Channel webhook URL</div>
+        <Input
+          value={notifier?.discordNotifier?.channelWebhookUrl || ''}
+          onChange={(e) => {
+            if (!notifier?.discordNotifier) return;
+            setNotifier({
+              ...notifier,
+              discordNotifier: {
+                ...notifier.discordNotifier,
+                channelWebhookUrl: e.target.value.trim(),
+              },
+            });
+            setUnsaved();
+          }}
+          size="small"
+          className="w-full max-w-[250px]"
+          placeholder="1234567890:ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+        />
       </div>
 
-      <div className="ml-[130px] max-w-[250px]">
+      <div className="max-w-[250px] sm:ml-[150px]">
         <div className="mt-1 text-xs text-gray-500">
           <strong>How to get Discord webhook URL:</strong>
           <br />

frontend/src/features/notifiers/ui/edit/notifiers/EditEmailNotifierComponent.tsx

@@ -12,34 +12,39 @@ interface Props {
 export function EditEmailNotifierComponent({ notifier, setNotifier, setUnsaved }: Props) {
   return (
     <>
-      <div className="mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">Target email</div>
-        <Input
-          value={notifier?.emailNotifier?.targetEmail || ''}
-          onChange={(e) => {
-            if (!notifier?.emailNotifier) return;
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Target email</div>
+        <div className="flex items-center">
+          <Input
+            value={notifier?.emailNotifier?.targetEmail || ''}
+            onChange={(e) => {
+              if (!notifier?.emailNotifier) return;
 
-            setNotifier({
-              ...notifier,
-              emailNotifier: {
-                ...notifier.emailNotifier,
-                targetEmail: e.target.value.trim(),
-              },
-            });
-            setUnsaved();
-          }}
-          size="small"
-          className="w-full max-w-[250px]"
-          placeholder="example@gmail.com"
-        />
+              setNotifier({
+                ...notifier,
+                emailNotifier: {
+                  ...notifier.emailNotifier,
+                  targetEmail: e.target.value.trim(),
+                },
+              });
+              setUnsaved();
+            }}
+            size="small"
+            className="w-full max-w-[250px]"
+            placeholder="example@gmail.com"
+          />
 
-        <Tooltip className="cursor-pointer" title="The email where you want to receive the message">
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip
+            className="cursor-pointer"
+            title="The email where you want to receive the message"
+          >
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">SMTP host</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">SMTP host</div>
         <Input
           value={notifier?.emailNotifier?.smtpHost || ''}
           onChange={(e) => {
@@ -60,8 +65,8 @@ export function EditEmailNotifierComponent({ notifier, setNotifier, setUnsaved }
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">SMTP port</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">SMTP port</div>
         <Input
           type="number"
           value={notifier?.emailNotifier?.smtpPort || ''}
@@ -83,8 +88,8 @@ export function EditEmailNotifierComponent({ notifier, setNotifier, setUnsaved }
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">SMTP user</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">SMTP user</div>
         <Input
           value={notifier?.emailNotifier?.smtpUser || ''}
           onChange={(e) => {
@@ -105,8 +110,8 @@ export function EditEmailNotifierComponent({ notifier, setNotifier, setUnsaved }
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">SMTP password</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">SMTP password</div>
         <Input
           type="password"
           value={notifier?.emailNotifier?.smtpPassword || ''}
@@ -128,33 +133,35 @@ export function EditEmailNotifierComponent({ notifier, setNotifier, setUnsaved }
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">From</div>
-        <Input
-          value={notifier?.emailNotifier?.from || ''}
-          onChange={(e) => {
-            if (!notifier?.emailNotifier) return;
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">From</div>
+        <div className="flex items-center">
+          <Input
+            value={notifier?.emailNotifier?.from || ''}
+            onChange={(e) => {
+              if (!notifier?.emailNotifier) return;
 
-            setNotifier({
-              ...notifier,
-              emailNotifier: {
-                ...notifier.emailNotifier,
-                from: e.target.value.trim(),
-              },
-            });
-            setUnsaved();
-          }}
-          size="small"
-          className="w-full max-w-[250px]"
-          placeholder="example@example.com"
-        />
+              setNotifier({
+                ...notifier,
+                emailNotifier: {
+                  ...notifier.emailNotifier,
+                  from: e.target.value.trim(),
+                },
+              });
+              setUnsaved();
+            }}
+            size="small"
+            className="w-full max-w-[250px]"
+            placeholder="example@example.com"
+          />
 
-        <Tooltip
-          className="cursor-pointer"
-          title="Optional. Email address to use as sender. If empty, will use SMTP user or auto-generate from host"
-        >
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip
+            className="cursor-pointer"
+            title="Optional. Email address to use as sender. If empty, will use SMTP user or auto-generate from host"
+          >
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
     </>
   );

frontend/src/features/notifiers/ui/edit/notifiers/EditSlackNotifierComponent.tsx

@@ -11,7 +11,7 @@ interface Props {
 export function EditSlackNotifierComponent({ notifier, setNotifier, setUnsaved }: Props) {
   return (
     <>
-      <div className="mb-1 ml-[130px] max-w-[200px]" style={{ lineHeight: 1 }}>
+      <div className="mb-1 max-w-[250px] sm:ml-[150px]" style={{ lineHeight: 1 }}>
         <a
           className="text-xs !text-blue-600"
           href="https://postgresus.com/notifiers/slack"
@@ -22,54 +22,48 @@ export function EditSlackNotifierComponent({ notifier, setNotifier, setUnsaved }
         </a>
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">Bot token</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Bot token</div>
+        <Input
+          value={notifier?.slackNotifier?.botToken || ''}
+          onChange={(e) => {
+            if (!notifier?.slackNotifier) return;
 
-        <div className="w-[250px]">
-          <Input
-            value={notifier?.slackNotifier?.botToken || ''}
-            onChange={(e) => {
-              if (!notifier?.slackNotifier) return;
-
-              setNotifier({
-                ...notifier,
-                slackNotifier: {
-                  ...notifier.slackNotifier,
-                  botToken: e.target.value.trim(),
-                },
-              });
-              setUnsaved();
-            }}
-            size="small"
-            className="w-full"
-            placeholder="xoxb-..."
-          />
-        </div>
+            setNotifier({
+              ...notifier,
+              slackNotifier: {
+                ...notifier.slackNotifier,
+                botToken: e.target.value.trim(),
+              },
+            });
+            setUnsaved();
+          }}
+          size="small"
+          className="w-full max-w-[250px]"
+          placeholder="xoxb-..."
+        />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">Target chat ID</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Target chat ID</div>
+        <Input
+          value={notifier?.slackNotifier?.targetChatId || ''}
+          onChange={(e) => {
+            if (!notifier?.slackNotifier) return;
 
-        <div className="w-[250px]">
-          <Input
-            value={notifier?.slackNotifier?.targetChatId || ''}
-            onChange={(e) => {
-              if (!notifier?.slackNotifier) return;
-
-              setNotifier({
-                ...notifier,
-                slackNotifier: {
-                  ...notifier.slackNotifier,
-                  targetChatId: e.target.value.trim(),
-                },
-              });
-              setUnsaved();
-            }}
-            size="small"
-            className="w-full"
-            placeholder="C1234567890"
-          />
-        </div>
+            setNotifier({
+              ...notifier,
+              slackNotifier: {
+                ...notifier.slackNotifier,
+                targetChatId: e.target.value.trim(),
+              },
+            });
+            setUnsaved();
+          }}
+          size="small"
+          className="w-full max-w-[250px]"
+          placeholder="C1234567890"
+        />
       </div>
     </>
   );

frontend/src/features/notifiers/ui/edit/notifiers/EditTeamsNotifierComponent.tsx

@@ -27,7 +27,7 @@ export function EditTeamsNotifierComponent({ notifier, setNotifier, setUnsaved }
 
   return (
     <>
-      <div className="mb-1 ml-[130px] max-w-[200px]" style={{ lineHeight: 1 }}>
+      <div className="mb-1 max-w-[250px] sm:ml-[150px]" style={{ lineHeight: 1 }}>
         <a
           className="text-xs !text-blue-600"
           href="https://postgresus.com/notifiers/teams"
@@ -38,25 +38,24 @@ export function EditTeamsNotifierComponent({ notifier, setNotifier, setUnsaved }
         </a>
       </div>
 
-      <div className="flex items-center">
-        <div className="w-[130px] min-w-[130px]">Power Automate URL</div>
-
-        <div className="w-[250px]">
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Power Automate URL</div>
+        <div className="flex items-center">
           <Input
             value={value}
             onChange={onChange}
             size="small"
-            className="w-full"
+            className="w-full max-w-[250px]"
             placeholder="https://prod-00.westeurope.logic.azure.com:443/workflows/....."
           />
-        </div>
 
-        <Tooltip
-          className="cursor-pointer"
-          title="HTTP endpoint from your Power Automate flow (When an HTTP request is received)"
-        >
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip
+            className="cursor-pointer"
+            title="HTTP endpoint from your Power Automate flow (When an HTTP request is received)"
+          >
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
     </>
   );

frontend/src/features/notifiers/ui/edit/notifiers/EditTelegramNotifierComponent.tsx

@@ -27,31 +27,28 @@ export function EditTelegramNotifierComponent({ notifier, setNotifier, setUnsave
 
   return (
     <>
-      <div className="flex items-center">
-        <div className="w-[130px] min-w-[130px]">Bot token</div>
-
-        <div className="w-[250px]">
-          <Input
-            value={notifier?.telegramNotifier?.botToken || ''}
-            onChange={(e) => {
-              if (!notifier?.telegramNotifier) return;
-              setNotifier({
-                ...notifier,
-                telegramNotifier: {
-                  ...notifier.telegramNotifier,
-                  botToken: e.target.value.trim(),
-                },
-              });
-              setUnsaved();
-            }}
-            size="small"
-            className="w-full"
-            placeholder="1234567890:ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-          />
-        </div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Bot token</div>
+        <Input
+          value={notifier?.telegramNotifier?.botToken || ''}
+          onChange={(e) => {
+            if (!notifier?.telegramNotifier) return;
+            setNotifier({
+              ...notifier,
+              telegramNotifier: {
+                ...notifier.telegramNotifier,
+                botToken: e.target.value.trim(),
+              },
+            });
+            setUnsaved();
+          }}
+          size="small"
+          className="w-full max-w-[250px]"
+          placeholder="1234567890:ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+        />
       </div>
 
-      <div className="mb-1 ml-[130px]">
+      <div className="mb-1 sm:ml-[150px]">
         <a
           className="text-xs !text-blue-600"
           href="https://www.siteguarding.com/en/how-to-get-telegram-bot-api-token"
@@ -62,10 +59,9 @@ export function EditTelegramNotifierComponent({ notifier, setNotifier, setUnsave
         </a>
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">Target chat ID</div>
-
-        <div className="w-[250px]">
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Target chat ID</div>
+        <div className="flex items-center">
           <Input
             value={notifier?.telegramNotifier?.targetChatId || ''}
             onChange={(e) => {
@@ -81,20 +77,20 @@ export function EditTelegramNotifierComponent({ notifier, setNotifier, setUnsave
               setUnsaved();
             }}
             size="small"
-            className="w-full"
+            className="w-full max-w-[250px]"
             placeholder="-1001234567890"
           />
-        </div>
 
-        <Tooltip
-          className="cursor-pointer"
-          title="The chat where you want to receive the message (it can be your private chat or a group)"
-        >
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip
+            className="cursor-pointer"
+            title="The chat where you want to receive the message (it can be your private chat or a group)"
+          >
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
 
-      <div className="ml-[130px] max-w-[250px]">
+      <div className="max-w-[250px] sm:ml-[150px]">
         {!isShowHowToGetChatId ? (
           <div
             className="mt-1 cursor-pointer text-xs text-blue-600"
@@ -120,42 +116,42 @@ export function EditTelegramNotifierComponent({ notifier, setNotifier, setUnsave
         )}
       </div>
 
-      <div className="mt-4 mb-1 flex items-center">
-        <div className="w-[130px] min-w-[130px] break-all">Send to group topic</div>
+      <div className="mt-4 mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Send to group topic</div>
+        <div className="flex items-center">
+          <Switch
+            checked={notifier?.telegramNotifier?.isSendToThreadEnabled || false}
+            onChange={(checked) => {
+              if (!notifier?.telegramNotifier) return;
 
-        <Switch
-          checked={notifier?.telegramNotifier?.isSendToThreadEnabled || false}
-          onChange={(checked) => {
-            if (!notifier?.telegramNotifier) return;
+              setNotifier({
+                ...notifier,
+                telegramNotifier: {
+                  ...notifier.telegramNotifier,
+                  isSendToThreadEnabled: checked,
+                  // Clear thread ID if disabling
+                  threadId: checked ? notifier.telegramNotifier.threadId : undefined,
+                },
+              });
+              setUnsaved();
+            }}
+            size="small"
+          />
 
-            setNotifier({
-              ...notifier,
-              telegramNotifier: {
-                ...notifier.telegramNotifier,
-                isSendToThreadEnabled: checked,
-                // Clear thread ID if disabling
-                threadId: checked ? notifier.telegramNotifier.threadId : undefined,
-              },
-            });
-            setUnsaved();
-          }}
-          size="small"
-        />
-
-        <Tooltip
-          className="cursor-pointer"
-          title="Enable this to send messages to a specific thread in a group chat"
-        >
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip
+            className="cursor-pointer"
+            title="Enable this to send messages to a specific thread in a group chat"
+          >
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
 
       {notifier?.telegramNotifier?.isSendToThreadEnabled && (
         <>
-          <div className="mb-1 flex items-center">
-            <div className="w-[130px] min-w-[130px]">Thread ID</div>
-
-            <div className="w-[250px]">
+          <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[150px] sm:mb-0">Thread ID</div>
+            <div className="flex items-center">
               <Input
                 value={notifier?.telegramNotifier?.threadId?.toString() || ''}
                 onChange={(e) => {
@@ -174,22 +170,22 @@ export function EditTelegramNotifierComponent({ notifier, setNotifier, setUnsave
                   setUnsaved();
                 }}
                 size="small"
-                className="w-full"
+                className="w-full max-w-[250px]"
                 placeholder="3"
                 type="number"
                 min="1"
               />
-            </div>
 
-            <Tooltip
-              className="cursor-pointer"
-              title="The ID of the thread where messages should be sent"
-            >
-              <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-            </Tooltip>
+              <Tooltip
+                className="cursor-pointer"
+                title="The ID of the thread where messages should be sent"
+              >
+                <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+              </Tooltip>
+            </div>
           </div>
 
-          <div className="ml-[130px] max-w-[250px]">
+          <div className="max-w-[250px] sm:ml-[150px]">
             <div className="mt-1 text-xs text-gray-500">
               To get the thread ID, go to the thread in your Telegram group, tap on the thread name
               at the top, then tap &ldquo;Thread Info&rdquo;. Copy the thread link and take the last

frontend/src/features/notifiers/ui/edit/notifiers/EditWebhookNotifierComponent.tsx

@@ -13,33 +13,29 @@ interface Props {
 export function EditWebhookNotifierComponent({ notifier, setNotifier, setUnsaved }: Props) {
   return (
     <>
-      <div className="flex items-center">
-        <div className="w-[130px] min-w-[130px]">Webhook URL</div>
-
-        <div className="w-[250px]">
-          <Input
-            value={notifier?.webhookNotifier?.webhookUrl || ''}
-            onChange={(e) => {
-              setNotifier({
-                ...notifier,
-                webhookNotifier: {
-                  ...(notifier.webhookNotifier || { webhookMethod: WebhookMethod.POST }),
-                  webhookUrl: e.target.value.trim(),
-                },
-              });
-              setUnsaved();
-            }}
-            size="small"
-            className="w-full"
-            placeholder="https://example.com/webhook"
-          />
-        </div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Webhook URL</div>
+        <Input
+          value={notifier?.webhookNotifier?.webhookUrl || ''}
+          onChange={(e) => {
+            setNotifier({
+              ...notifier,
+              webhookNotifier: {
+                ...(notifier.webhookNotifier || { webhookMethod: WebhookMethod.POST }),
+                webhookUrl: e.target.value.trim(),
+              },
+            });
+            setUnsaved();
+          }}
+          size="small"
+          className="w-full max-w-[250px]"
+          placeholder="https://example.com/webhook"
+        />
       </div>
 
-      <div className="mt-1 flex items-center">
-        <div className="w-[130px] min-w-[130px]">Method</div>
-
-        <div className="w-[250px]">
+      <div className="mt-1 mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[150px] sm:mb-0">Method</div>
+        <div className="flex items-center">
           <Select
             value={notifier?.webhookNotifier?.webhookMethod || WebhookMethod.POST}
             onChange={(value) => {
@@ -53,20 +49,20 @@ export function EditWebhookNotifierComponent({ notifier, setNotifier, setUnsaved
               setUnsaved();
             }}
             size="small"
-            className="w-full"
+            className="w-full max-w-[250px]"
             options={[
               { value: WebhookMethod.POST, label: 'POST' },
               { value: WebhookMethod.GET, label: 'GET' },
             ]}
           />
-        </div>
 
-        <Tooltip
-          className="cursor-pointer"
-          title="The HTTP method that will be used to call the webhook"
-        >
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip
+            className="cursor-pointer"
+            title="The HTTP method that will be used to call the webhook"
+          >
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
 
       {notifier?.webhookNotifier?.webhookUrl && (

frontend/src/features/notifiers/ui/show/notifier/ShowDiscordNotifierComponent.tsx

@@ -10,7 +10,7 @@ export function ShowDiscordNotifierComponent({ notifier }: Props) {
       <div className="flex">
         <div className="max-w-[110px] min-w-[110px] pr-3">Channel webhook URL</div>
 
-        <div className="w-[250px]">{notifier.webhookNotifier?.webhookUrl.slice(0, 10)}*******</div>
+        <div>{notifier.webhookNotifier?.webhookUrl.slice(0, 10)}*******</div>
       </div>
     </>
   );

frontend/src/features/notifiers/ui/show/notifier/ShowSlackNotifierComponent.tsx

@@ -10,7 +10,7 @@ export function ShowSlackNotifierComponent({ notifier }: Props) {
       <div className="flex items-center">
         <div className="min-w-[110px]">Bot token</div>
 
-        <div className="w-[250px]">*********</div>
+        <div>*********</div>
       </div>
 
       <div className="mb-1 flex items-center">

frontend/src/features/notifiers/ui/show/notifier/ShowTeamsNotifierComponent.tsx

@@ -18,7 +18,7 @@ export function ShowTeamsNotifierComponent({ notifier }: Props) {
     <>
       <div className="flex items-center">
         <div className="min-w-[110px]">Power Automate URL: </div>
-        <div className="w-[250px] break-all">
+        <div className="w-[50px] break-all md:w-[250px]">
           {url ? (
             <>
               <span title={url}>{display}</span>

frontend/src/features/notifiers/ui/show/notifier/ShowTelegramNotifierComponent.tsx

@@ -10,7 +10,7 @@ export function ShowTelegramNotifierComponent({ notifier }: Props) {
       <div className="flex items-center">
         <div className="min-w-[110px]">Bot token</div>
 
-        <div className="w-[250px]">*********</div>
+        <div>*********</div>
       </div>
 
       <div className="mb-1 flex items-center">

frontend/src/features/restores/ui/RestoresComponent.tsx

@@ -1,6 +1,6 @@
-import { ExclamationCircleOutlined, SyncOutlined } from '@ant-design/icons';
+import { CopyOutlined, ExclamationCircleOutlined, SyncOutlined } from '@ant-design/icons';
 import { CheckCircleOutlined } from '@ant-design/icons';
-import { Button, Modal, Spin, Tooltip } from 'antd';
+import { App, Button, Modal, Spin, Tooltip } from 'antd';
 import dayjs from 'dayjs';
 import { useEffect, useRef, useState } from 'react';
 
@@ -16,11 +16,14 @@ interface Props {
 }
 
 export const RestoresComponent = ({ database, backup }: Props) => {
+  const { message } = App.useApp();
+
   const [editingDatabase, setEditingDatabase] = useState<Database>({
     ...database,
     postgresql: database.postgresql
       ? ({
           ...database.postgresql,
+          username: undefined,
           host: undefined,
           port: undefined,
           password: undefined,
@@ -231,9 +234,21 @@ export const RestoresComponent = ({ database, backup }: Props) => {
           title="Restore error details"
           open={!!showingRestoreError}
           onCancel={() => setShowingRestoreError(undefined)}
-          footer={null}
+          footer={
+            <Button
+              icon={<CopyOutlined />}
+              onClick={() => {
+                navigator.clipboard.writeText(showingRestoreError.failMessage || '');
+                message.success('Error message copied to clipboard');
+              }}
+            >
+              Copy
+            </Button>
+          }
         >
-          <div className="text-sm">{showingRestoreError.failMessage}</div>
+          <div className="overflow-y-auto text-sm whitespace-pre-wrap" style={{ height: '400px' }}>
+            {showingRestoreError.failMessage}
+          </div>
         </Modal>
       )}
     </div>

frontend/src/features/settings/ui/AuditLogsComponent.tsx

@@ -7,6 +7,7 @@ import { useCallback, useEffect, useRef, useState } from 'react';
 import { auditLogApi } from '../../../entity/audit-logs/api/auditLogApi';
 import type { AuditLog } from '../../../entity/audit-logs/model/AuditLog';
 import type { GetAuditLogsRequest } from '../../../entity/audit-logs/model/GetAuditLogsRequest';
+import { useIsMobile } from '../../../shared/hooks';
 import { getUserTimeFormat } from '../../../shared/time';
 
 interface Props {
@@ -15,6 +16,7 @@ interface Props {
 
 export function AuditLogsComponent({ scrollContainerRef: externalScrollRef }: Props) {
   const { message } = App.useApp();
+  const isMobile = useIsMobile();
   const [auditLogs, setAuditLogs] = useState<AuditLog[]>([]);
   const [isLoading, setIsLoading] = useState(true);
   const [isLoadingMore, setIsLoadingMore] = useState(false);
@@ -158,6 +160,49 @@ export function AuditLogsComponent({ scrollContainerRef: externalScrollRef }: Pr
     },
   ];
 
+  const renderAuditLogCard = (log: AuditLog) => {
+    const date = dayjs(log.createdAt);
+    const timeFormat = getUserTimeFormat();
+
+    const getUserDisplay = () => {
+      if (!log.userEmail && !log.userName) {
+        return (
+          <span className="inline-block rounded-full bg-gray-100 px-1.5 py-0.5 text-xs font-medium text-gray-600">
+            System
+          </span>
+        );
+      }
+
+      const displayText = log.userName ? `${log.userName} (${log.userEmail})` : log.userEmail;
+
+      return (
+        <span className="inline-block rounded-full bg-blue-100 px-1.5 py-0.5 text-xs font-medium text-blue-800">
+          {displayText}
+        </span>
+      );
+    };
+
+    return (
+      <div key={log.id} className="mb-3 rounded-lg border border-gray-200 bg-white p-3 shadow-sm">
+        <div className="flex items-start justify-between">
+          <div className="flex-1">{getUserDisplay()}</div>
+          <div className="text-right text-xs text-gray-500">
+            <div>{date.format(timeFormat.format)}</div>
+            <div className="text-gray-400">{date.fromNow()}</div>
+          </div>
+        </div>
+        <div className="mt-2 text-sm text-gray-900">{log.message}</div>
+        {log.workspaceName && (
+          <div className="mt-2">
+            <span className="inline-block rounded-full bg-blue-100 px-1.5 py-0.5 text-xs font-medium text-blue-800">
+              {log.workspaceName}
+            </span>
+          </div>
+        )}
+      </div>
+    );
+  };
+
   return (
     <div className="max-w-[1200px]">
       <div className="mb-4 flex items-center justify-between">
@@ -175,16 +220,24 @@ export function AuditLogsComponent({ scrollContainerRef: externalScrollRef }: Pr
         <div className="flex h-64 items-center justify-center">
           <Spin indicator={<LoadingOutlined spin />} size="large" />
         </div>
+      ) : auditLogs.length === 0 ? (
+        <div className="flex h-32 items-center justify-center text-gray-500">
+          No audit logs found.
+        </div>
       ) : (
         <>
-          <Table
-            columns={columns}
-            dataSource={auditLogs}
-            pagination={false}
-            rowKey="id"
-            size="small"
-            className="mb-4"
-          />
+          {isMobile ? (
+            <div>{auditLogs.map(renderAuditLogCard)}</div>
+          ) : (
+            <Table
+              columns={columns}
+              dataSource={auditLogs}
+              pagination={false}
+              rowKey="id"
+              size="small"
+              className="mb-4"
+            />
+          )}
 
           {isLoadingMore && (
             <div className="flex justify-center py-4">
@@ -195,7 +248,7 @@ export function AuditLogsComponent({ scrollContainerRef: externalScrollRef }: Pr
 
           {!hasMore && auditLogs.length > 0 && (
             <div className="py-4 text-center text-sm text-gray-500">
-              All logs loaded ({total} total)
+              All logs loaded ({auditLogs.length} total)
             </div>
           )}
         </>

frontend/src/features/settings/ui/SettingsComponent.tsx

@@ -91,14 +91,14 @@ export function SettingsComponent({ contentHeight }: Props) {
   console.log(`isCloud = ${IS_CLOUD}`);
 
   return (
-    <div className="flex grow pl-3">
+    <div className="flex grow sm:pl-5">
       <div className="w-full">
         <div
           ref={scrollContainerRef}
           className="grow overflow-y-auto rounded bg-white p-5 shadow"
           style={{ height: contentHeight }}
         >
-          <h1 className="text-2xl font-bold">Postgresus Settings</h1>
+          <h1 className="text-2xl font-bold">Postgresus settings</h1>
 
           <div className="mt-6">
             {isLoading ? (
@@ -228,7 +228,7 @@ export function SettingsComponent({ contentHeight }: Props) {
             <div className="group relative">
               <div className="flex items-center rounded-md border border-gray-300 bg-gray-50 px-3 py-2 !font-mono text-sm text-gray-700">
                 <code
-                  className="flex-1 cursor-pointer transition-colors select-all hover:text-blue-600"
+                  className="flex-1 cursor-pointer break-all transition-colors select-all hover:text-blue-600"
                   onClick={() => {
                     window.open(`${getApplicationServer()}/api/v1/system/health`, '_blank');
                   }}

frontend/src/features/storages/ui/StoragesComponent.tsx

@@ -4,6 +4,7 @@ import { useEffect, useState } from 'react';
 import { storageApi } from '../../../entity/storages';
 import type { Storage } from '../../../entity/storages';
 import type { WorkspaceResponse } from '../../../entity/workspaces';
+import { useIsMobile } from '../../../shared/hooks';
 import { StorageCardComponent } from './StorageCardComponent';
 import { StorageComponent } from './StorageComponent';
 import { EditStorageComponent } from './edit/EditStorageComponent';
@@ -14,13 +15,25 @@ interface Props {
   isCanManageStorages: boolean;
 }
 
+const SELECTED_STORAGE_STORAGE_KEY = 'selectedStorageId';
+
 export const StoragesComponent = ({ contentHeight, workspace, isCanManageStorages }: Props) => {
+  const isMobile = useIsMobile();
   const [isLoading, setIsLoading] = useState(true);
   const [storages, setStorages] = useState<Storage[]>([]);
 
   const [isShowAddStorage, setIsShowAddStorage] = useState(false);
   const [selectedStorageId, setSelectedStorageId] = useState<string | undefined>(undefined);
 
+  const updateSelectedStorageId = (storageId: string | undefined) => {
+    setSelectedStorageId(storageId);
+    if (storageId) {
+      localStorage.setItem(`${SELECTED_STORAGE_STORAGE_KEY}_${workspace.id}`, storageId);
+    } else {
+      localStorage.removeItem(`${SELECTED_STORAGE_STORAGE_KEY}_${workspace.id}`);
+    }
+  };
+
   const loadStorages = () => {
     setIsLoading(true);
 
@@ -28,8 +41,16 @@ export const StoragesComponent = ({ contentHeight, workspace, isCanManageStorage
       .getStorages(workspace.id)
       .then((storages: Storage[]) => {
         setStorages(storages);
-        if (!selectedStorageId) {
-          setSelectedStorageId(storages[0]?.id);
+        if (!selectedStorageId && !isMobile) {
+          // On desktop, auto-select a storage; on mobile, keep it unselected
+          const savedStorageId = localStorage.getItem(
+            `${SELECTED_STORAGE_STORAGE_KEY}_${workspace.id}`,
+          );
+          const storageToSelect =
+            savedStorageId && storages.some((s) => s.id === savedStorageId)
+              ? savedStorageId
+              : storages[0]?.id;
+          updateSelectedStorageId(storageToSelect);
         }
       })
       .catch((e: Error) => alert(e.message))
@@ -54,45 +75,66 @@ export const StoragesComponent = ({ contentHeight, workspace, isCanManageStorage
     </Button>
   );
 
+  // On mobile, show either the list or the storage details
+  const showStorageList = !isMobile || !selectedStorageId;
+  const showStorageDetails = selectedStorageId && (!isMobile || selectedStorageId);
+
   return (
     <>
       <div className="flex grow">
-        <div
-          className="mx-3 w-[250px] min-w-[250px] overflow-y-auto"
-          style={{ height: contentHeight }}
-        >
-          {storages.length >= 5 && isCanManageStorages && addStorageButton}
+        {showStorageList && (
+          <div
+            className="w-full overflow-y-auto md:mx-3 md:w-[250px] md:min-w-[250px] md:pr-2"
+            style={{ height: contentHeight }}
+          >
+            {storages.length >= 5 && isCanManageStorages && addStorageButton}
 
-          {storages.map((storage) => (
-            <StorageCardComponent
-              key={storage.id}
-              storage={storage}
-              selectedStorageId={selectedStorageId}
-              setSelectedStorageId={setSelectedStorageId}
-            />
-          ))}
+            {storages.map((storage) => (
+              <StorageCardComponent
+                key={storage.id}
+                storage={storage}
+                selectedStorageId={selectedStorageId}
+                setSelectedStorageId={updateSelectedStorageId}
+              />
+            ))}
 
-          {storages.length < 5 && isCanManageStorages && addStorageButton}
+            {storages.length < 5 && isCanManageStorages && addStorageButton}
 
-          <div className="mx-3 text-center text-xs text-gray-500">
-            Storage - is a place where backups will be stored (local disk, S3, etc.)
+            <div className="mx-3 text-center text-xs text-gray-500">
+              Storage - is a place where backups will be stored (local disk, S3, etc.)
+            </div>
           </div>
-        </div>
+        )}
 
-        {selectedStorageId && (
-          <StorageComponent
-            storageId={selectedStorageId}
-            onStorageChanged={() => {
-              loadStorages();
-            }}
-            onStorageDeleted={() => {
-              loadStorages();
-              setSelectedStorageId(
-                storages.filter((storage) => storage.id !== selectedStorageId)[0]?.id,
-              );
-            }}
-            isCanManageStorages={isCanManageStorages}
-          />
+        {showStorageDetails && (
+          <div className="flex w-full flex-col md:flex-1">
+            {isMobile && (
+              <div className="mb-2">
+                <Button
+                  type="default"
+                  onClick={() => updateSelectedStorageId(undefined)}
+                  className="w-full"
+                >
+                  ← Back to storages
+                </Button>
+              </div>
+            )}
+
+            <StorageComponent
+              storageId={selectedStorageId}
+              onStorageChanged={() => {
+                loadStorages();
+              }}
+              onStorageDeleted={() => {
+                const remainingStorages = storages.filter(
+                  (storage) => storage.id !== selectedStorageId,
+                );
+                updateSelectedStorageId(remainingStorages[0]?.id);
+                loadStorages();
+              }}
+              isCanManageStorages={isCanManageStorages}
+            />
+          </div>
         )}
       </div>
 

frontend/src/features/storages/ui/edit/EditStorageComponent.tsx

@@ -239,8 +239,8 @@ export function EditStorageComponent({
   return (
     <div>
       {isShowName && (
-        <div className="mb-1 flex items-center">
-          <div className="min-w-[110px]">Name</div>
+        <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+          <div className="mb-1 min-w-[110px] sm:mb-0">Name</div>
 
           <Input
             value={storage?.name || ''}
@@ -255,27 +255,29 @@ export function EditStorageComponent({
         </div>
       )}
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Type</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Type</div>
 
-        <Select
-          value={storage?.type}
-          options={[
-            { label: 'Local storage', value: StorageType.LOCAL },
-            { label: 'S3', value: StorageType.S3 },
-            { label: 'Google Drive', value: StorageType.GOOGLE_DRIVE },
-            { label: 'NAS', value: StorageType.NAS },
-            { label: 'Azure Blob Storage', value: StorageType.AZURE_BLOB },
-          ]}
-          onChange={(value) => {
-            setStorageType(value);
-            setIsUnsaved(true);
-          }}
-          size="small"
-          className="w-full max-w-[250px]"
-        />
+        <div className="flex items-center">
+          <Select
+            value={storage?.type}
+            options={[
+              { label: 'Local storage', value: StorageType.LOCAL },
+              { label: 'S3', value: StorageType.S3 },
+              { label: 'Google Drive', value: StorageType.GOOGLE_DRIVE },
+              { label: 'NAS', value: StorageType.NAS },
+              { label: 'Azure Blob Storage', value: StorageType.AZURE_BLOB },
+            ]}
+            onChange={(value) => {
+              setStorageType(value);
+              setIsUnsaved(true);
+            }}
+            size="small"
+            className="w-[250px] max-w-[250px]"
+          />
 
-        <img src={getStorageLogoFromType(storage?.type)} className="ml-2 h-4 w-4" />
+          <img src={getStorageLogoFromType(storage?.type)} className="ml-2 h-4 w-4" />
+        </div>
       </div>
 
       <div className="mt-5" />

frontend/src/features/storages/ui/edit/storages/EditAzureBlobStorageComponent.tsx

@@ -17,8 +17,8 @@ export function EditAzureBlobStorageComponent({ storage, setStorage, setUnsaved
 
   return (
     <>
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Auth method</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Auth method</div>
         <Radio.Group
           value={storage?.azureBlobStorage?.authMethod || 'ACCOUNT_KEY'}
           onChange={(e) => {
@@ -41,40 +41,42 @@ export function EditAzureBlobStorageComponent({ storage, setStorage, setUnsaved
       </div>
 
       {storage?.azureBlobStorage?.authMethod === 'CONNECTION_STRING' && (
-        <div className="mb-1 flex items-center">
-          <div className="min-w-[110px]">Connection</div>
-          <Input.Password
-            value={storage?.azureBlobStorage?.connectionString || ''}
-            onChange={(e) => {
-              if (!storage?.azureBlobStorage) return;
+        <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+          <div className="mb-1 min-w-[110px] sm:mb-0">Connection</div>
+          <div className="flex items-center">
+            <Input.Password
+              value={storage?.azureBlobStorage?.connectionString || ''}
+              onChange={(e) => {
+                if (!storage?.azureBlobStorage) return;
 
-              setStorage({
-                ...storage,
-                azureBlobStorage: {
-                  ...storage.azureBlobStorage,
-                  connectionString: e.target.value.trim(),
-                },
-              });
-              setUnsaved();
-            }}
-            size="small"
-            className="w-full max-w-[250px]"
-            placeholder="DefaultEndpointsProtocol=https;AccountName=..."
-          />
+                setStorage({
+                  ...storage,
+                  azureBlobStorage: {
+                    ...storage.azureBlobStorage,
+                    connectionString: e.target.value.trim(),
+                  },
+                });
+                setUnsaved();
+              }}
+              size="small"
+              className="w-full max-w-[250px]"
+              placeholder="DefaultEndpointsProtocol=https;AccountName=..."
+            />
 
-          <Tooltip
-            className="cursor-pointer"
-            title="Azure Storage connection string from Azure Portal"
-          >
-            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-          </Tooltip>
+            <Tooltip
+              className="cursor-pointer"
+              title="Azure Storage connection string from Azure Portal"
+            >
+              <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+            </Tooltip>
+          </div>
         </div>
       )}
 
       {storage?.azureBlobStorage?.authMethod === 'ACCOUNT_KEY' && (
         <>
-          <div className="mb-1 flex items-center">
-            <div className="min-w-[110px]">Account name</div>
+          <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[110px] sm:mb-0">Account name</div>
             <Input
               value={storage?.azureBlobStorage?.accountName || ''}
               onChange={(e) => {
@@ -95,8 +97,8 @@ export function EditAzureBlobStorageComponent({ storage, setStorage, setUnsaved
             />
           </div>
 
-          <div className="mb-1 flex items-center">
-            <div className="min-w-[110px]">Account key</div>
+          <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[110px] sm:mb-0">Account key</div>
             <Input.Password
               value={storage?.azureBlobStorage?.accountKey || ''}
               onChange={(e) => {
@@ -119,8 +121,8 @@ export function EditAzureBlobStorageComponent({ storage, setStorage, setUnsaved
         </>
       )}
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Container name</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Container name</div>
         <Input
           value={storage?.azureBlobStorage?.containerName || ''}
           onChange={(e) => {
@@ -159,10 +161,43 @@ export function EditAzureBlobStorageComponent({ storage, setStorage, setUnsaved
       {showAdvanced && (
         <>
           {storage?.azureBlobStorage?.authMethod === 'ACCOUNT_KEY' && (
-            <div className="mb-1 flex items-center">
-              <div className="min-w-[110px]">Endpoint</div>
+            <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+              <div className="mb-1 min-w-[110px] sm:mb-0">Endpoint</div>
+              <div className="flex items-center">
+                <Input
+                  value={storage?.azureBlobStorage?.endpoint || ''}
+                  onChange={(e) => {
+                    if (!storage?.azureBlobStorage) return;
+
+                    setStorage({
+                      ...storage,
+                      azureBlobStorage: {
+                        ...storage.azureBlobStorage,
+                        endpoint: e.target.value.trim(),
+                      },
+                    });
+                    setUnsaved();
+                  }}
+                  size="small"
+                  className="w-full max-w-[250px]"
+                  placeholder="https://myaccount.blob.core.windows.net (optional)"
+                />
+
+                <Tooltip
+                  className="cursor-pointer"
+                  title="Custom endpoint URL (optional, leave empty for standard Azure)"
+                >
+                  <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+                </Tooltip>
+              </div>
+            </div>
+          )}
+
+          <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[110px] sm:mb-0">Blob prefix</div>
+            <div className="flex items-center">
               <Input
-                value={storage?.azureBlobStorage?.endpoint || ''}
+                value={storage?.azureBlobStorage?.prefix || ''}
                 onChange={(e) => {
                   if (!storage?.azureBlobStorage) return;
 
@@ -170,52 +205,23 @@ export function EditAzureBlobStorageComponent({ storage, setStorage, setUnsaved
                     ...storage,
                     azureBlobStorage: {
                       ...storage.azureBlobStorage,
-                      endpoint: e.target.value.trim(),
+                      prefix: e.target.value.trim(),
                     },
                   });
                   setUnsaved();
                 }}
                 size="small"
                 className="w-full max-w-[250px]"
-                placeholder="https://myaccount.blob.core.windows.net (optional)"
+                placeholder="my-prefix/ (optional)"
               />
 
               <Tooltip
                 className="cursor-pointer"
-                title="Custom endpoint URL (optional, leave empty for standard Azure)"
+                title="Optional prefix for all blob names (e.g., 'backups/' or 'my_team/')"
               >
                 <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
               </Tooltip>
             </div>
-          )}
-
-          <div className="mb-1 flex items-center">
-            <div className="min-w-[110px]">Blob prefix</div>
-            <Input
-              value={storage?.azureBlobStorage?.prefix || ''}
-              onChange={(e) => {
-                if (!storage?.azureBlobStorage) return;
-
-                setStorage({
-                  ...storage,
-                  azureBlobStorage: {
-                    ...storage.azureBlobStorage,
-                    prefix: e.target.value.trim(),
-                  },
-                });
-                setUnsaved();
-              }}
-              size="small"
-              className="w-full max-w-[250px]"
-              placeholder="my-prefix/ (optional)"
-            />
-
-            <Tooltip
-              className="cursor-pointer"
-              title="Optional prefix for all blob names (e.g., 'backups/' or 'my_team/')"
-            >
-              <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-            </Tooltip>
           </div>
         </>
       )}

frontend/src/features/storages/ui/edit/storages/EditGoogleDriveStorageComponent.tsx

@@ -37,7 +37,7 @@ export function EditGoogleDriveStorageComponent({ storage, setStorage, setUnsave
   return (
     <>
       <div className="mb-2 flex items-center">
-        <div className="min-w-[110px]" />
+        <div className="hidden min-w-[110px] sm:block" />
 
         <div className="text-xs text-blue-600">
           <a href="https://postgresus.com/storages/google-drive" target="_blank" rel="noreferrer">
@@ -46,8 +46,8 @@ export function EditGoogleDriveStorageComponent({ storage, setStorage, setUnsave
         </div>
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Client ID</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Client ID</div>
         <Input
           value={storage?.googleDriveStorage?.clientId || ''}
           onChange={(e: React.ChangeEvent<HTMLInputElement>) => {
@@ -69,8 +69,8 @@ export function EditGoogleDriveStorageComponent({ storage, setStorage, setUnsave
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Client Secret</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Client Secret</div>
         <Input
           value={storage?.googleDriveStorage?.clientSecret || ''}
           onChange={(e: React.ChangeEvent<HTMLInputElement>) => {
@@ -94,8 +94,8 @@ export function EditGoogleDriveStorageComponent({ storage, setStorage, setUnsave
 
       {storage?.googleDriveStorage?.tokenJson && (
         <>
-          <div className="mb-1 flex items-center">
-            <div className="min-w-[110px]">User Token</div>
+          <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[110px] sm:mb-0">User Token</div>
             <Input
               value={storage?.googleDriveStorage?.tokenJson || ''}
               disabled

frontend/src/features/storages/ui/edit/storages/EditNASStorageComponent.tsx

@@ -12,8 +12,8 @@ interface Props {
 export function EditNASStorageComponent({ storage, setStorage, setUnsaved }: Props) {
   return (
     <>
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Host</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Host</div>
         <Input
           value={storage?.nasStorage?.host || ''}
           onChange={(e) => {
@@ -34,8 +34,8 @@ export function EditNASStorageComponent({ storage, setStorage, setUnsaved }: Pro
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Port</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Port</div>
         <InputNumber
           value={storage?.nasStorage?.port}
           onChange={(value) => {
@@ -58,8 +58,8 @@ export function EditNASStorageComponent({ storage, setStorage, setUnsaved }: Pro
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Share</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Share</div>
         <Input
           value={storage?.nasStorage?.share || ''}
           onChange={(e) => {
@@ -80,8 +80,8 @@ export function EditNASStorageComponent({ storage, setStorage, setUnsaved }: Pro
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Username</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Username</div>
         <Input
           value={storage?.nasStorage?.username || ''}
           onChange={(e) => {
@@ -102,8 +102,8 @@ export function EditNASStorageComponent({ storage, setStorage, setUnsaved }: Pro
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Password</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Password</div>
         <Input.Password
           value={storage?.nasStorage?.password || ''}
           onChange={(e) => {
@@ -124,89 +124,98 @@ export function EditNASStorageComponent({ storage, setStorage, setUnsaved }: Pro
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Use SSL</div>
-        <Switch
-          checked={storage?.nasStorage?.useSsl || false}
-          onChange={(checked) => {
-            if (!storage?.nasStorage) return;
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Use SSL</div>
+        <div className="flex items-center">
+          <Switch
+            checked={storage?.nasStorage?.useSsl || false}
+            onChange={(checked) => {
+              if (!storage?.nasStorage) return;
 
-            setStorage({
-              ...storage,
-              nasStorage: {
-                ...storage.nasStorage,
-                useSsl: checked,
-              },
-            });
-            setUnsaved();
-          }}
-          size="small"
-        />
+              setStorage({
+                ...storage,
+                nasStorage: {
+                  ...storage.nasStorage,
+                  useSsl: checked,
+                },
+              });
+              setUnsaved();
+            }}
+            size="small"
+          />
 
-        <Tooltip className="cursor-pointer" title="Enable SSL/TLS encryption for secure connection">
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip
+            className="cursor-pointer"
+            title="Enable SSL/TLS encryption for secure connection"
+          >
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Domain</div>
-        <Input
-          value={storage?.nasStorage?.domain || ''}
-          onChange={(e) => {
-            if (!storage?.nasStorage) return;
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Domain</div>
+        <div className="flex items-center">
+          <Input
+            value={storage?.nasStorage?.domain || ''}
+            onChange={(e) => {
+              if (!storage?.nasStorage) return;
 
-            setStorage({
-              ...storage,
-              nasStorage: {
-                ...storage.nasStorage,
-                domain: e.target.value.trim() || undefined,
-              },
-            });
-            setUnsaved();
-          }}
-          size="small"
-          className="w-full max-w-[250px]"
-          placeholder="WORKGROUP (optional)"
-        />
+              setStorage({
+                ...storage,
+                nasStorage: {
+                  ...storage.nasStorage,
+                  domain: e.target.value.trim() || undefined,
+                },
+              });
+              setUnsaved();
+            }}
+            size="small"
+            className="w-full max-w-[250px]"
+            placeholder="WORKGROUP (optional)"
+          />
 
-        <Tooltip
-          className="cursor-pointer"
-          title="Windows domain name (optional, leave empty if not using domain authentication)"
-        >
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip
+            className="cursor-pointer"
+            title="Windows domain name (optional, leave empty if not using domain authentication)"
+          >
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Path</div>
-        <Input
-          value={storage?.nasStorage?.path || ''}
-          onChange={(e) => {
-            if (!storage?.nasStorage) return;
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Path</div>
+        <div className="flex items-center">
+          <Input
+            value={storage?.nasStorage?.path || ''}
+            onChange={(e) => {
+              if (!storage?.nasStorage) return;
 
-            let pathValue = e.target.value.trim();
-            // Remove leading slash if present
-            if (pathValue.startsWith('/')) {
-              pathValue = pathValue.substring(1);
-            }
+              let pathValue = e.target.value.trim();
+              // Remove leading slash if present
+              if (pathValue.startsWith('/')) {
+                pathValue = pathValue.substring(1);
+              }
 
-            setStorage({
-              ...storage,
-              nasStorage: {
-                ...storage.nasStorage,
-                path: pathValue || undefined,
-              },
-            });
-            setUnsaved();
-          }}
-          size="small"
-          className="w-full max-w-[250px]"
-          placeholder="backups (optional, no leading slash)"
-        />
+              setStorage({
+                ...storage,
+                nasStorage: {
+                  ...storage.nasStorage,
+                  path: pathValue || undefined,
+                },
+              });
+              setUnsaved();
+            }}
+            size="small"
+            className="w-full max-w-[250px]"
+            placeholder="backups (optional, no leading slash)"
+          />
 
-        <Tooltip className="cursor-pointer" title="Subdirectory path within the share (optional)">
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip className="cursor-pointer" title="Subdirectory path within the share (optional)">
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
     </>
   );

frontend/src/features/storages/ui/edit/storages/EditS3StorageComponent.tsx

@@ -18,7 +18,7 @@ export function EditS3StorageComponent({ storage, setStorage, setUnsaved }: Prop
   return (
     <>
       <div className="mb-2 flex items-center">
-        <div className="min-w-[110px]" />
+        <div className="hidden min-w-[110px] sm:block" />
 
         <div className="text-xs text-blue-600">
           <a href="https://postgresus.com/storages/cloudflare-r2" target="_blank" rel="noreferrer">
@@ -27,8 +27,8 @@ export function EditS3StorageComponent({ storage, setStorage, setUnsaved }: Prop
         </div>
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">S3 Bucket</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">S3 Bucket</div>
         <Input
           value={storage?.s3Storage?.s3Bucket || ''}
           onChange={(e) => {
@@ -49,8 +49,8 @@ export function EditS3StorageComponent({ storage, setStorage, setUnsaved }: Prop
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Region</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Region</div>
         <Input
           value={storage?.s3Storage?.s3Region || ''}
           onChange={(e) => {
@@ -71,8 +71,8 @@ export function EditS3StorageComponent({ storage, setStorage, setUnsaved }: Prop
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Access key</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Access key</div>
         <Input.Password
           value={storage?.s3Storage?.s3AccessKey || ''}
           onChange={(e) => {
@@ -93,8 +93,8 @@ export function EditS3StorageComponent({ storage, setStorage, setUnsaved }: Prop
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Secret key</div>
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Secret key</div>
         <Input.Password
           value={storage?.s3Storage?.s3SecretKey || ''}
           onChange={(e) => {
@@ -115,33 +115,35 @@ export function EditS3StorageComponent({ storage, setStorage, setUnsaved }: Prop
         />
       </div>
 
-      <div className="mb-1 flex items-center">
-        <div className="min-w-[110px]">Endpoint</div>
-        <Input
-          value={storage?.s3Storage?.s3Endpoint || ''}
-          onChange={(e) => {
-            if (!storage?.s3Storage) return;
+      <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+        <div className="mb-1 min-w-[110px] sm:mb-0">Endpoint</div>
+        <div className="flex items-center">
+          <Input
+            value={storage?.s3Storage?.s3Endpoint || ''}
+            onChange={(e) => {
+              if (!storage?.s3Storage) return;
 
-            setStorage({
-              ...storage,
-              s3Storage: {
-                ...storage.s3Storage,
-                s3Endpoint: e.target.value.trim(),
-              },
-            });
-            setUnsaved();
-          }}
-          size="small"
-          className="w-full max-w-[250px]"
-          placeholder="https://s3.example.com (optional)"
-        />
+              setStorage({
+                ...storage,
+                s3Storage: {
+                  ...storage.s3Storage,
+                  s3Endpoint: e.target.value.trim(),
+                },
+              });
+              setUnsaved();
+            }}
+            size="small"
+            className="w-full max-w-[250px]"
+            placeholder="https://s3.example.com (optional)"
+          />
 
-        <Tooltip
-          className="cursor-pointer"
-          title="Custom S3-compatible endpoint URL (optional, leave empty for AWS S3)"
-        >
-          <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-        </Tooltip>
+          <Tooltip
+            className="cursor-pointer"
+            title="Custom S3-compatible endpoint URL (optional, leave empty for AWS S3)"
+          >
+            <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+          </Tooltip>
+        </div>
       </div>
 
       <div className="mt-4 mb-3 flex items-center">
@@ -161,62 +163,65 @@ export function EditS3StorageComponent({ storage, setStorage, setUnsaved }: Prop
 
       {showAdvanced && (
         <>
-          <div className="mb-1 flex items-center">
-            <div className="min-w-[110px]">Folder prefix</div>
-            <Input
-              value={storage?.s3Storage?.s3Prefix || ''}
-              onChange={(e) => {
-                if (!storage?.s3Storage) return;
+          <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[110px] sm:mb-0">Folder prefix</div>
+            <div className="flex items-center">
+              <Input
+                value={storage?.s3Storage?.s3Prefix || ''}
+                onChange={(e) => {
+                  if (!storage?.s3Storage) return;
 
-                setStorage({
-                  ...storage,
-                  s3Storage: {
-                    ...storage.s3Storage,
-                    s3Prefix: e.target.value.trim(),
-                  },
-                });
-                setUnsaved();
-              }}
-              size="small"
-              className="w-full max-w-[250px]"
-              placeholder="my-prefix/ (optional)"
-            />
+                  setStorage({
+                    ...storage,
+                    s3Storage: {
+                      ...storage.s3Storage,
+                      s3Prefix: e.target.value.trim(),
+                    },
+                  });
+                  setUnsaved();
+                }}
+                size="small"
+                className="w-full max-w-[250px]"
+                placeholder="my-prefix/ (optional)"
+              />
 
-            <Tooltip
-              className="cursor-pointer"
-              title="Optional prefix for all object keys (e.g., 'backups/' or 'my_team/'). May not work with some S3-compatible storages."
-            >
-              <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-            </Tooltip>
+              <Tooltip
+                className="cursor-pointer"
+                title="Optional prefix for all object keys (e.g., 'backups/' or 'my_team/'). May not work with some S3-compatible storages."
+              >
+                <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+              </Tooltip>
+            </div>
           </div>
 
-          <div className="mb-1 flex items-center">
-            <div className="min-w-[110px]">Virtual host</div>
+          <div className="mb-1 flex w-full flex-col items-start sm:flex-row sm:items-center">
+            <div className="mb-1 min-w-[110px] sm:mb-0">Virtual host</div>
+            <div className="flex items-center">
+              <Checkbox
+                checked={storage?.s3Storage?.s3UseVirtualHostedStyle || false}
+                onChange={(e) => {
+                  if (!storage?.s3Storage) return;
 
-            <Checkbox
-              checked={storage?.s3Storage?.s3UseVirtualHostedStyle || false}
-              onChange={(e) => {
-                if (!storage?.s3Storage) return;
+                  setStorage({
+                    ...storage,
+                    s3Storage: {
+                      ...storage.s3Storage,
+                      s3UseVirtualHostedStyle: e.target.checked,
+                    },
+                  });
+                  setUnsaved();
+                }}
+              >
+                Use virtual-styled domains
+              </Checkbox>
 
-                setStorage({
-                  ...storage,
-                  s3Storage: {
-                    ...storage.s3Storage,
-                    s3UseVirtualHostedStyle: e.target.checked,
-                  },
-                });
-                setUnsaved();
-              }}
-            >
-              Use virtual-styled domains
-            </Checkbox>
-
-            <Tooltip
-              className="cursor-pointer"
-              title="Use virtual-hosted-style URLs (bucket.s3.region.amazonaws.com) instead of path-style (s3.region.amazonaws.com/bucket). May be required if you see COS errors."
-            >
-              <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
-            </Tooltip>
+              <Tooltip
+                className="cursor-pointer"
+                title="Use virtual-hosted-style URLs (bucket.s3.region.amazonaws.com) instead of path-style (s3.region.amazonaws.com/bucket). May be required if you see COS errors."
+              >
+                <InfoCircleOutlined className="ml-2" style={{ color: 'gray' }} />
+              </Tooltip>
+            </div>
           </div>
         </>
       )}

frontend/src/features/users/ui/ProfileComponent.tsx

@@ -197,7 +197,7 @@ export function ProfileComponent({ contentHeight }: Props) {
   };
 
   return (
-    <div className="flex grow pl-3">
+    <div className="flex grow sm:pl-5">
       <div className="w-full">
         <div
           className="grow overflow-y-auto rounded bg-white p-5 shadow"

frontend/src/features/users/ui/UsersComponent.tsx

@@ -9,6 +9,7 @@ import type { ChangeUserRoleRequest } from '../../../entity/users/model/ChangeUs
 import type { ListUsersRequest } from '../../../entity/users/model/ListUsersRequest';
 import type { UserProfile } from '../../../entity/users/model/UserProfile';
 import { UserRole } from '../../../entity/users/model/UserRole';
+import { useIsMobile } from '../../../shared/hooks';
 import { getUserTimeFormat } from '../../../shared/time';
 import { UserAuditLogsSidebarComponent } from './UserAuditLogsSidebarComponent';
 
@@ -29,6 +30,7 @@ const getRoleColor = (role: UserRole): string => {
 
 export function UsersComponent({ contentHeight }: Props) {
   const { message } = App.useApp();
+  const isMobile = useIsMobile();
   const [users, setUsers] = useState<UserProfile[]>([]);
   const [isLoading, setIsLoading] = useState(true);
   const [isLoadingMore, setIsLoadingMore] = useState(false);
@@ -290,8 +292,78 @@ export function UsersComponent({ contentHeight }: Props) {
     },
   ];
 
+  const renderUserCard = (user: UserProfile) => {
+    const date = dayjs(user.createdAt);
+    const timeFormat = getUserTimeFormat();
+
+    return (
+      <div key={user.id} className="mb-3 rounded-lg border border-gray-200 bg-white p-4 shadow-sm">
+        <div className="mb-3 flex items-start justify-between">
+          <div className="flex-1">
+            <div className="font-medium text-gray-900">{user.name}</div>
+            <div className="text-sm text-gray-500">{user.email}</div>
+          </div>
+          <div className="text-right text-xs text-gray-500">
+            <div>{date.format(timeFormat.format)}</div>
+            <div className="text-gray-400">{date.fromNow()}</div>
+          </div>
+        </div>
+
+        <div className="mb-3 flex items-center justify-between">
+          <div className="flex items-center gap-2">
+            <span className="text-sm text-gray-600">Role:</span>
+            <Select
+              value={user.role}
+              onChange={(value) => handleRoleChange(user.id, value)}
+              loading={changingRoleUsers.has(user.id)}
+              disabled={changingRoleUsers.has(user.id)}
+              size="small"
+              className="w-24"
+              style={{
+                color: getRoleColor(user.role),
+              }}
+              options={[
+                {
+                  label: <span style={{ color: getRoleColor(UserRole.ADMIN) }}>Admin</span>,
+                  value: UserRole.ADMIN,
+                },
+                {
+                  label: <span style={{ color: getRoleColor(UserRole.MEMBER) }}>Member</span>,
+                  value: UserRole.MEMBER,
+                },
+              ]}
+            />
+          </div>
+          <div className="flex items-center gap-2">
+            <span className="text-sm text-gray-600">Active:</span>
+            <Switch
+              checked={user.isActive}
+              onChange={() => handleActivationToggle(user.id, user.isActive)}
+              loading={processingUsers.has(user.id)}
+              disabled={processingUsers.has(user.id)}
+              size="small"
+              style={{
+                backgroundColor: user.isActive ? '#155dfc' : undefined,
+              }}
+            />
+          </div>
+        </div>
+
+        <Button
+          type="primary"
+          ghost
+          size="small"
+          onClick={() => handleRowClick(user)}
+          className="w-full"
+        >
+          View audit logs
+        </Button>
+      </div>
+    );
+  };
+
   return (
-    <div className="flex grow pl-3">
+    <div className="flex grow sm:pl-5">
       <div className="w-full">
         <div
           ref={scrollContainerRef}
@@ -311,7 +383,7 @@ export function UsersComponent({ contentHeight }: Props) {
               allowClear
               value={inputValue}
               onChange={(e) => setInputValue(e.target.value)}
-              style={{ width: 400 }}
+              style={{ width: isMobile ? '100%' : 400 }}
             />
           </div>
 
@@ -319,16 +391,24 @@ export function UsersComponent({ contentHeight }: Props) {
             <div className="flex h-64 items-center justify-center">
               <Spin indicator={<LoadingOutlined spin />} size="large" />
             </div>
+          ) : users.length === 0 ? (
+            <div className="flex h-32 items-center justify-center text-gray-500">
+              No users found.
+            </div>
           ) : (
             <>
-              <Table
-                columns={columns}
-                dataSource={users}
-                pagination={false}
-                rowKey="id"
-                size="small"
-                className="mb-4"
-              />
+              {isMobile ? (
+                <div>{users.map(renderUserCard)}</div>
+              ) : (
+                <Table
+                  columns={columns}
+                  dataSource={users}
+                  pagination={false}
+                  rowKey="id"
+                  size="small"
+                  className="mb-4"
+                />
+              )}
 
               {isLoadingMore && (
                 <div className="flex justify-center py-4">
@@ -355,7 +435,7 @@ export function UsersComponent({ contentHeight }: Props) {
           </div>
         }
         placement="right"
-        width={900}
+        width={isMobile ? '100%' : 900}
         onClose={handleDrawerClose}
         open={isDrawerOpen}
       >

frontend/src/features/workspaces/ui/WorkspaceAuditLogsComponent.tsx

@@ -6,6 +6,7 @@ import { useCallback, useEffect, useRef, useState } from 'react';
 
 import type { AuditLog } from '../../../entity/audit-logs/model/AuditLog';
 import { workspaceApi } from '../../../entity/workspaces/api/workspaceApi';
+import { useIsMobile } from '../../../shared/hooks';
 import { getUserShortTimeFormat } from '../../../shared/time';
 
 interface Props {
@@ -18,13 +19,14 @@ export function WorkspaceAuditLogsComponent({
   scrollContainerRef: externalScrollRef,
 }: Props) {
   const { message } = App.useApp();
+  const isMobile = useIsMobile();
   const [auditLogs, setAuditLogs] = useState<AuditLog[]>([]);
   const [isLoading, setIsLoading] = useState(true);
   const [isLoadingMore, setIsLoadingMore] = useState(false);
   const [hasMore, setHasMore] = useState(true);
   const [total, setTotal] = useState(0);
 
-  const pageSize = 50;
+  const pageSize = 10;
 
   const internalScrollRef = useRef<HTMLDivElement>(null);
   const scrollContainerRef = externalScrollRef || internalScrollRef;
@@ -149,6 +151,42 @@ export function WorkspaceAuditLogsComponent({
     },
   ];
 
+  const renderAuditLogCard = (log: AuditLog) => {
+    const date = dayjs(log.createdAt);
+    const timeFormat = getUserShortTimeFormat();
+
+    const getUserDisplay = () => {
+      if (!log.userEmail && !log.userName) {
+        return (
+          <span className="inline-block rounded-full bg-gray-100 px-1.5 py-0.5 text-xs font-medium text-gray-600">
+            System
+          </span>
+        );
+      }
+
+      const displayText = log.userName ? `${log.userName} (${log.userEmail})` : log.userEmail;
+
+      return (
+        <span className="inline-block rounded-full bg-blue-100 px-1.5 py-0.5 text-xs font-medium text-blue-800">
+          {displayText}
+        </span>
+      );
+    };
+
+    return (
+      <div key={log.id} className="mb-3 rounded-lg border border-gray-200 bg-white p-3 shadow-sm">
+        <div className="flex items-start justify-between">
+          <div className="flex-1">{getUserDisplay()}</div>
+          <div className="text-right text-xs text-gray-500">
+            <div>{date.format(timeFormat.format)}</div>
+            <div className="text-gray-400">{date.fromNow()}</div>
+          </div>
+        </div>
+        <div className="mt-2 text-sm text-gray-900">{log.message}</div>
+      </div>
+    );
+  };
+
   if (!workspaceId) {
     return null;
   }
@@ -176,14 +214,18 @@ export function WorkspaceAuditLogsComponent({
         </div>
       ) : (
         <>
-          <Table
-            columns={columns}
-            dataSource={auditLogs}
-            pagination={false}
-            rowKey="id"
-            size="small"
-            className="mb-4"
-          />
+          {isMobile ? (
+            <div>{auditLogs.map(renderAuditLogCard)}</div>
+          ) : (
+            <Table
+              columns={columns}
+              dataSource={auditLogs}
+              pagination={false}
+              rowKey="id"
+              size="small"
+              className="mb-4"
+            />
+          )}
 
           {isLoadingMore && (
             <div className="flex justify-center py-4">
@@ -194,7 +236,7 @@ export function WorkspaceAuditLogsComponent({
 
           {!hasMore && auditLogs.length > 0 && (
             <div className="py-4 text-center text-sm text-gray-500">
-              All logs loaded ({total} total)
+              All logs loaded ({auditLogs.length} total)
             </div>
           )}
         </>

frontend/src/features/workspaces/ui/WorkspaceMembershipComponent.tsx

@@ -37,6 +37,7 @@ import type {
   WorkspaceResponse,
 } from '../../../entity/workspaces';
 import { AddMemberStatusEnum, workspaceMembershipApi } from '../../../entity/workspaces';
+import { useIsMobile } from '../../../shared/hooks';
 import { StringUtils } from '../../../shared/lib';
 import { getUserShortTimeFormat } from '../../../shared/time';
 
@@ -47,6 +48,7 @@ interface Props {
 
 export function WorkspaceMembershipComponent({ workspaceResponse, user }: Props) {
   const { message } = App.useApp();
+  const isMobile = useIsMobile();
 
   const [members, setMembers] = useState<WorkspaceMemberResponse[]>([]);
   const [isLoadingMembers, setIsLoadingMembers] = useState(true);
@@ -401,17 +403,88 @@ export function WorkspaceMembershipComponent({ workspaceResponse, user }: Props)
     },
   ];
 
+  const renderMemberCard = (member: WorkspaceMemberResponse) => {
+    const isCurrentUser = member.userId === user.id || member.email === user.email;
+    const date = dayjs(member.createdAt);
+    const timeFormat = getUserShortTimeFormat();
+
+    return (
+      <div
+        key={member.id}
+        className="mb-3 rounded-lg border border-gray-200 bg-white p-3 shadow-sm"
+      >
+        <div className="flex items-start justify-between">
+          <div className="flex items-center">
+            <UserOutlined className="mr-2 text-gray-400" />
+            <div>
+              <div className="font-medium">{member.name}</div>
+              <div className="text-xs text-gray-500">{member.email}</div>
+            </div>
+          </div>
+          {canManageMembers && member.role !== WorkspaceRole.OWNER && !isCurrentUser && (
+            <Popconfirm
+              title="Remove member"
+              description={`Are you sure you want to remove "${member.email}" from this workspace?`}
+              onConfirm={() => handleRemoveMember(member.userId, member.email)}
+              okText="Remove"
+              cancelText="Cancel"
+              okButtonProps={{ danger: true }}
+            >
+              <Button
+                type="text"
+                size="small"
+                icon={<DeleteOutlined />}
+                danger
+                loading={removingMembers.has(member.userId)}
+                disabled={removingMembers.has(member.userId)}
+              />
+            </Popconfirm>
+          )}
+        </div>
+
+        <div className="mt-3 flex items-center justify-between">
+          <div>
+            <div className="text-xs text-gray-500">Role</div>
+            {canManageMembers && member.role !== WorkspaceRole.OWNER && !isCurrentUser ? (
+              <Select
+                value={member.role}
+                onChange={(newRole) => handleChangeRole(member.userId, newRole)}
+                loading={changingRoleFor === member.userId && isChangingRole}
+                disabled={changingRoleFor === member.userId && isChangingRole}
+                size="small"
+                style={{ width: 110 }}
+                options={[
+                  { label: 'Admin', value: WorkspaceRole.ADMIN },
+                  { label: 'Member', value: WorkspaceRole.MEMBER },
+                  { label: 'Viewer', value: WorkspaceRole.VIEWER },
+                ]}
+              />
+            ) : (
+              <Tag color={getRoleColor(member.role)}>{getRoleDisplayText(member.role)}</Tag>
+            )}
+          </div>
+          <div className="text-right">
+            <div className="text-xs text-gray-500">Joined</div>
+            <div className="text-sm text-gray-600">{date.format(timeFormat.format)}</div>
+            <div className="text-xs text-gray-400">{date.fromNow()}</div>
+          </div>
+        </div>
+      </div>
+    );
+  };
+
   return (
     <div className="max-w-[850px]">
-      <div className="mb-6 flex items-center justify-between">
-        <h2 className="mb-4 text-xl font-bold text-gray-900">Users</h2>
+      <div className="mb-6 flex flex-col gap-3 md:flex-row md:items-center md:justify-between">
+        <h2 className="text-xl font-bold text-gray-900">Users</h2>
 
-        <div className="flex space-x-2">
+        <div className="flex flex-col gap-2 md:flex-row md:space-x-2">
           {canTransferOwnership && (
             <Button
               icon={<SwapOutlined />}
               onClick={() => setIsTransferOwnershipModalOpen(true)}
               disabled={isLoadingMembers || eligibleMembers.length === 0}
+              className="w-full md:w-auto"
             >
               Transfer ownership
             </Button>
@@ -422,7 +495,7 @@ export function WorkspaceMembershipComponent({ workspaceResponse, user }: Props)
               icon={<PlusOutlined />}
               onClick={() => setIsAddMemberModalOpen(true)}
               disabled={isLoadingMembers}
-              className="border-blue-600 bg-blue-600 hover:border-blue-700 hover:bg-blue-700"
+              className="w-full border-blue-600 bg-blue-600 hover:border-blue-700 hover:bg-blue-700 md:w-auto"
             >
               Add member
             </Button>
@@ -442,23 +515,36 @@ export function WorkspaceMembershipComponent({ workspaceResponse, user }: Props)
               : `${members.length} member${members.length !== 1 ? 's' : ''}`}
           </div>
 
-          <Table
-            columns={columns}
-            dataSource={members}
-            pagination={false}
-            rowKey="id"
-            size="small"
-            locale={{
-              emptyText: (
-                <div className="py-8 text-center text-gray-500">
-                  <div className="mb-2">No members found</div>
-                  {canManageMembers && (
-                    <div className="text-sm">Click &quot;Add member&quot; to get started</div>
-                  )}
-                </div>
-              ),
-            }}
-          />
+          {isMobile ? (
+            members.length === 0 ? (
+              <div className="py-8 text-center text-gray-500">
+                <div className="mb-2">No members found</div>
+                {canManageMembers && (
+                  <div className="text-sm">Click &quot;Add member&quot; to get started</div>
+                )}
+              </div>
+            ) : (
+              <div>{members.map(renderMemberCard)}</div>
+            )
+          ) : (
+            <Table
+              columns={columns}
+              dataSource={members}
+              pagination={false}
+              rowKey="id"
+              size="small"
+              locale={{
+                emptyText: (
+                  <div className="py-8 text-center text-gray-500">
+                    <div className="mb-2">No members found</div>
+                    {canManageMembers && (
+                      <div className="text-sm">Click &quot;Add member&quot; to get started</div>
+                    )}
+                  </div>
+                ),
+              }}
+            />
+          )}
         </div>
       )}
 

frontend/src/features/workspaces/ui/WorkspaceSettingsComponent.tsx

@@ -9,6 +9,7 @@ import { WorkspaceRole } from '../../../entity/users/model/WorkspaceRole';
 import { workspaceApi } from '../../../entity/workspaces/api/workspaceApi';
 import type { Workspace } from '../../../entity/workspaces/model/Workspace';
 import type { WorkspaceResponse } from '../../../entity/workspaces/model/WorkspaceResponse';
+import { useIsMobile } from '../../../shared/hooks';
 import { WorkspaceAuditLogsComponent } from './WorkspaceAuditLogsComponent';
 import { WorkspaceMembershipComponent } from './WorkspaceMembershipComponent';
 
@@ -20,6 +21,7 @@ interface Props {
 
 export function WorkspaceSettingsComponent({ workspaceResponse, user, contentHeight }: Props) {
   const { message, modal } = App.useApp();
+  const isMobile = useIsMobile();
   const [workspace, setWorkspace] = useState<Workspace | undefined>(undefined);
   const [isLoading, setIsLoading] = useState(true);
   const [isSaving, setIsSaving] = useState(false);
@@ -163,14 +165,14 @@ export function WorkspaceSettingsComponent({ workspaceResponse, user, contentHei
   };
 
   return (
-    <div className="flex grow pl-3">
+    <div className="flex grow sm:pl-2">
       <div className="w-full">
         <div
           ref={scrollContainerRef}
-          className="grow overflow-y-auto rounded bg-white p-5 shadow"
+          className={`grow overflow-y-auto rounded bg-white shadow ${isMobile ? 'p-3' : 'p-5'}`}
           style={{ height: contentHeight }}
         >
-          <h1 className="mb-6 text-2xl font-bold">Workspace Settings</h1>
+          <h1 className="mb-6 text-2xl font-bold">Workspace settings</h1>
 
           {isLoading || !workspace ? (
             <Spin indicator={<LoadingOutlined spin />} size="large" />
@@ -240,7 +242,9 @@ export function WorkspaceSettingsComponent({ workspaceResponse, user, contentHei
                     <h2 className="mb-4 text-xl font-bold text-gray-900">Danger Zone</h2>
 
                     <div className="rounded-lg border border-red-200 bg-red-50 p-4">
-                      <div className="flex items-start justify-between">
+                      <div
+                        className={`flex ${isMobile ? 'flex-col gap-3' : 'items-start justify-between'}`}
+                      >
                         <div className="flex-1">
                           <div className="font-medium text-red-900">Delete this workspace</div>
                           <div className="mt-1 text-sm text-red-700">
@@ -249,14 +253,14 @@ export function WorkspaceSettingsComponent({ workspaceResponse, user, contentHei
                           </div>
                         </div>
 
-                        <div className="ml-4">
+                        <div className={isMobile ? '' : 'ml-4'}>
                           <Button
                             type="primary"
                             danger
                             onClick={handleDeleteWorkspace}
                             disabled={!canEdit || isDeleting || isSaving}
                             loading={isDeleting}
-                            className="bg-red-600 hover:bg-red-700"
+                            className={`bg-red-600 hover:bg-red-700 ${isMobile ? 'w-full' : ''}`}
                           >
                             {isDeleting ? 'Deleting...' : 'Delete workspace'}
                           </Button>

frontend/src/shared/hooks/index.ts

@@ -1 +1,2 @@
 export { useScreenHeight } from './useScreenHeight';
+export { useIsMobile } from './useIsMobile';

frontend/src/shared/hooks/useIsMobile.tsx

@@ -0,0 +1,26 @@
+import { useEffect, useState } from 'react';
+
+/**
+ * This hook detects if the current device is mobile (screen width <= 768px)
+ * and adjusts dynamically when the window is resized.
+ *
+ * @returns isMobile boolean
+ */
+export function useIsMobile(): boolean {
+  const [isMobile, setIsMobile] = useState<boolean>(false);
+
+  useEffect(() => {
+    const updateIsMobile = () => {
+      setIsMobile(window.innerWidth <= 768);
+    };
+
+    updateIsMobile(); // Set initial value
+    window.addEventListener('resize', updateIsMobile);
+
+    return () => {
+      window.removeEventListener('resize', updateIsMobile);
+    };
+  }, []);
+
+  return isMobile;
+}

frontend/src/widgets/main/MainScreenComponent.tsx

@@ -1,4 +1,4 @@
-import { LoadingOutlined } from '@ant-design/icons';
+import { LoadingOutlined, MenuOutlined } from '@ant-design/icons';
 import { App, Button, Spin, Tooltip } from 'antd';
 import { useEffect, useState } from 'react';
 import GitHubButton from 'react-github-btn';
@@ -7,7 +7,6 @@ import { APP_VERSION } from '../../constants';
 import { type DiskUsage, diskApi } from '../../entity/disk';
 import {
   type UserProfile,
-  UserRole,
   type UsersSettings,
   WorkspaceRole,
   settingsApi,
@@ -24,13 +23,15 @@ import {
   CreateWorkspaceDialogComponent,
   WorkspaceSettingsComponent,
 } from '../../features/workspaces';
-import { useScreenHeight } from '../../shared/hooks';
+import { useIsMobile, useScreenHeight } from '../../shared/hooks';
+import { SidebarComponent } from './SidebarComponent';
 import { WorkspaceSelectionComponent } from './WorkspaceSelectionComponent';
 
 export const MainScreenComponent = () => {
   const { message } = App.useApp();
   const screenHeight = useScreenHeight();
-  const contentHeight = screenHeight - 95;
+  const isMobile = useIsMobile();
+  const contentHeight = screenHeight - (isMobile ? 70 : 95);
 
   const [selectedTab, setSelectedTab] = useState<
     | 'notifiers'
@@ -52,6 +53,7 @@ export const MainScreenComponent = () => {
 
   const [isLoading, setIsLoading] = useState(false);
   const [showCreateWorkspaceDialog, setShowCreateWorkspaceDialog] = useState(false);
+  const [isSidebarOpen, setIsSidebarOpen] = useState(false);
 
   const loadData = async () => {
     setIsLoading(true);
@@ -118,17 +120,89 @@ export const MainScreenComponent = () => {
 
   const isCanManageDBs = selectedWorkspace?.userRole !== WorkspaceRole.VIEWER;
 
+  const tabs = [
+    {
+      text: 'Databases',
+      name: 'databases',
+      icon: '/icons/menu/database-gray.svg',
+      selectedIcon: '/icons/menu/database-white.svg',
+      onClick: () => setSelectedTab('databases'),
+      isAdminOnly: false,
+      marginTop: '0px',
+      isVisible: true,
+    },
+    {
+      text: 'Storages',
+      name: 'storages',
+      icon: '/icons/menu/storage-gray.svg',
+      selectedIcon: '/icons/menu/storage-white.svg',
+      onClick: () => setSelectedTab('storages'),
+      isAdminOnly: false,
+      marginTop: '0px',
+      isVisible: !!selectedWorkspace,
+    },
+    {
+      text: 'Notifiers',
+      name: 'notifiers',
+      icon: '/icons/menu/notifier-gray.svg',
+      selectedIcon: '/icons/menu/notifier-white.svg',
+      onClick: () => setSelectedTab('notifiers'),
+      isAdminOnly: false,
+      marginTop: '0px',
+      isVisible: !!selectedWorkspace,
+    },
+    {
+      text: 'Settings',
+      name: 'settings',
+      icon: '/icons/menu/workspace-settings-gray.svg',
+      selectedIcon: '/icons/menu/workspace-settings-white.svg',
+      onClick: () => setSelectedTab('settings'),
+      isAdminOnly: false,
+      marginTop: '0px',
+      isVisible: !!selectedWorkspace,
+    },
+    {
+      text: 'Profile',
+      name: 'profile',
+      icon: '/icons/menu/profile-gray.svg',
+      selectedIcon: '/icons/menu/profile-white.svg',
+      onClick: () => setSelectedTab('profile'),
+      isAdminOnly: false,
+      marginTop: '25px',
+      isVisible: true,
+    },
+    {
+      text: 'Postgresus settings',
+      name: 'postgresus-settings',
+      icon: '/icons/menu/global-settings-gray.svg',
+      selectedIcon: '/icons/menu/global-settings-white.svg',
+      onClick: () => setSelectedTab('postgresus-settings'),
+      isAdminOnly: true,
+      marginTop: '0px',
+      isVisible: true,
+    },
+    {
+      text: 'Users',
+      name: 'users',
+      icon: '/icons/menu/user-card-gray.svg',
+      selectedIcon: '/icons/menu/user-card-white.svg',
+      onClick: () => setSelectedTab('users'),
+      isAdminOnly: true,
+      marginTop: '0px',
+      isVisible: true,
+    },
+  ];
+
   return (
-    <div style={{ height: screenHeight }} className="bg-[#f5f5f5] p-3">
-      {/* ===================== NAVBAR ===================== */}
-      <div className="mb-3 flex h-[60px] items-center rounded bg-white p-3 shadow">
-        <div className="flex items-center gap-3 hover:opacity-80">
+    <div style={{ height: screenHeight }} className="bg-[#f5f5f5] p-2 md:p-3">
+      <div className="mb-2 flex h-[50px] items-center rounded bg-white px-2 py-2 shadow md:mb-3 md:h-[60px] md:p-3">
+        <div className="flex items-center gap-2 hover:opacity-80 md:gap-3">
           <a href="https://postgresus.com" target="_blank" rel="noreferrer">
-            <img className="h-[40px] w-[40px]" src="/logo.svg" />
+            <img className="h-[30px] w-[30px] md:h-[40px] md:w-[40px]" src="/logo.svg" />
           </a>
         </div>
 
-        <div className="ml-5">
+        <div className="ml-2 flex-1 pr-2 md:ml-5 md:flex-initial md:pr-0">
           {!isLoading && (
             <WorkspaceSelectionComponent
               workspaces={workspaces}
@@ -139,7 +213,24 @@ export const MainScreenComponent = () => {
           )}
         </div>
 
-        <div className="ml-auto flex items-center gap-5">
+        <div className="ml-auto hidden items-center gap-5 md:flex">
+          <a
+            className="!text-black hover:opacity-80"
+            href="https://postgresus.com/installation"
+            target="_blank"
+            rel="noreferrer"
+          >
+            Docs
+          </a>
+
+          <a
+            className="!text-black hover:opacity-80"
+            href="https://postgresus.com/contribute"
+            target="_blank"
+            rel="noreferrer"
+          >
+            Contribute
+          </a>
           <a
             className="!text-black hover:opacity-80"
             href="https://t.me/postgresus_community"
@@ -175,114 +266,30 @@ export const MainScreenComponent = () => {
             </Tooltip>
           )}
         </div>
-      </div>
-      {/* ===================== END NAVBAR ===================== */}
 
+        <div className="mt-1 ml-auto md:hidden">
+          <Button
+            type="text"
+            icon={<MenuOutlined style={{ fontSize: '20px' }} />}
+            onClick={() => setIsSidebarOpen(!isSidebarOpen)}
+          />
+        </div>
+      </div>
       {isLoading ? (
         <div className="flex items-center justify-center py-2" style={{ height: contentHeight }}>
           <Spin indicator={<LoadingOutlined spin />} size="large" />
         </div>
       ) : (
         <div className="relative flex">
-          <div
-            className="max-w-[60px] min-w-[60px] rounded bg-white py-2 shadow"
-            style={{ height: contentHeight }}
-          >
-            {[
-              {
-                text: 'Databases',
-                name: 'databases',
-                icon: '/icons/menu/database-gray.svg',
-                selectedIcon: '/icons/menu/database-white.svg',
-                onClick: () => setSelectedTab('databases'),
-                isAdminOnly: false,
-                marginTop: '0px',
-                isVisible: true,
-              },
-              {
-                text: 'Storages',
-                name: 'storages',
-                icon: '/icons/menu/storage-gray.svg',
-                selectedIcon: '/icons/menu/storage-white.svg',
-                onClick: () => setSelectedTab('storages'),
-                isAdminOnly: false,
-                marginTop: '0px',
-                isVisible: !!selectedWorkspace,
-              },
-              {
-                text: 'Notifiers',
-                name: 'notifiers',
-                icon: '/icons/menu/notifier-gray.svg',
-                selectedIcon: '/icons/menu/notifier-white.svg',
-                onClick: () => setSelectedTab('notifiers'),
-                isAdminOnly: false,
-                marginTop: '0px',
-                isVisible: !!selectedWorkspace,
-              },
-              {
-                text: 'Settings',
-                name: 'settings',
-                icon: '/icons/menu/workspace-settings-gray.svg',
-                selectedIcon: '/icons/menu/workspace-settings-white.svg',
-                onClick: () => setSelectedTab('settings'),
-                isAdminOnly: false,
-                marginTop: '0px',
-                isVisible: !!selectedWorkspace,
-              },
-              {
-                text: 'Profile',
-                name: 'profile',
-                icon: '/icons/menu/profile-gray.svg',
-                selectedIcon: '/icons/menu/profile-white.svg',
-                onClick: () => setSelectedTab('profile'),
-                isAdminOnly: false,
-                marginTop: '25px',
-                isVisible: true,
-              },
-              {
-                text: 'Postgresus settings',
-                name: 'postgresus-settings',
-                icon: '/icons/menu/global-settings-gray.svg',
-                selectedIcon: '/icons/menu/global-settings-white.svg',
-                onClick: () => setSelectedTab('postgresus-settings'),
-                isAdminOnly: true,
-                marginTop: '0px',
-                isVisible: true,
-              },
-              {
-                text: 'Users',
-                name: 'users',
-                icon: '/icons/menu/user-card-gray.svg',
-                selectedIcon: '/icons/menu/user-card-white.svg',
-                onClick: () => setSelectedTab('users'),
-                isAdminOnly: true,
-                marginTop: '0px',
-                isVisible: true,
-              },
-            ]
-              .filter((tab) => !tab.isAdminOnly || user?.role === UserRole.ADMIN)
-              .filter((tab) => tab.isVisible)
-              .map((tab) => (
-                <div key={tab.text} className="flex justify-center">
-                  <div
-                    className={`flex h-[50px] w-[50px] cursor-pointer items-center justify-center rounded select-none ${selectedTab === tab.name ? 'bg-blue-600' : 'hover:bg-blue-50'}`}
-                    onClick={tab.onClick}
-                    style={{ marginTop: tab.marginTop }}
-                  >
-                    <div className="mb-1">
-                      <div className="flex justify-center">
-                        <img
-                          src={selectedTab === tab.name ? tab.selectedIcon : tab.icon}
-                          width={20}
-                          alt={tab.text}
-                          loading="lazy"
-                        />
-                      </div>
-                    </div>
-                  </div>
-                </div>
-              ))}
-          </div>
+          <SidebarComponent
+            isOpen={isSidebarOpen}
+            onClose={() => setIsSidebarOpen(false)}
+            selectedTab={selectedTab}
+            tabs={tabs}
+            user={user}
+            diskUsage={diskUsage}
+            contentHeight={contentHeight}
+          />
 
           {selectedTab === 'profile' && <ProfileComponent contentHeight={contentHeight} />}
 
@@ -292,62 +299,69 @@ export const MainScreenComponent = () => {
 
           {selectedTab === 'users' && <UsersComponent contentHeight={contentHeight} />}
 
-          {workspaces.length === 0 &&
-          (selectedTab === 'databases' ||
+          {(selectedTab === 'databases' ||
             selectedTab === 'storages' ||
             selectedTab === 'notifiers' ||
-            selectedTab === 'settings') ? (
-            <div
-              className="flex grow items-center justify-center rounded pl-5"
-              style={{ height: contentHeight }}
-            >
-              <Button
-                type="primary"
-                size="large"
-                onClick={handleCreateWorkspace}
-                className="border-blue-600 bg-blue-600 hover:border-blue-700 hover:bg-blue-700"
-              >
-                Create workspace
-              </Button>
-            </div>
-          ) : (
+            selectedTab === 'settings') && (
             <>
-              {selectedTab === 'notifiers' && selectedWorkspace && (
-                <NotifiersComponent
-                  contentHeight={contentHeight}
-                  workspace={selectedWorkspace}
-                  isCanManageNotifiers={isCanManageDBs}
-                  key={`notifiers-${selectedWorkspace.id}`}
-                />
-              )}
-              {selectedTab === 'storages' && selectedWorkspace && (
-                <StoragesComponent
-                  contentHeight={contentHeight}
-                  workspace={selectedWorkspace}
-                  isCanManageStorages={isCanManageDBs}
-                  key={`storages-${selectedWorkspace.id}`}
-                />
-              )}
-              {selectedTab === 'databases' && selectedWorkspace && (
-                <DatabasesComponent
-                  contentHeight={contentHeight}
-                  workspace={selectedWorkspace}
-                  isCanManageDBs={isCanManageDBs}
-                  key={`databases-${selectedWorkspace.id}`}
-                />
-              )}
-              {selectedTab === 'settings' && selectedWorkspace && user && (
-                <WorkspaceSettingsComponent
-                  workspaceResponse={selectedWorkspace}
-                  contentHeight={contentHeight}
-                  user={user}
-                  key={`settings-${selectedWorkspace.id}`}
-                />
+              {workspaces.length === 0 ? (
+                <div className="flex-1 md:pl-3">
+                  <div
+                    className="flex grow items-center justify-center rounded"
+                    style={{ height: contentHeight }}
+                  >
+                    <Button
+                      type="primary"
+                      size="large"
+                      onClick={handleCreateWorkspace}
+                      className="border-blue-600 bg-blue-600 hover:border-blue-700 hover:bg-blue-700"
+                    >
+                      Create workspace
+                    </Button>
+                  </div>
+                </div>
+              ) : (
+                <>
+                  <div className="flex-1 md:pl-3">
+                    {selectedTab === 'notifiers' && selectedWorkspace && (
+                      <NotifiersComponent
+                        contentHeight={contentHeight}
+                        workspace={selectedWorkspace}
+                        isCanManageNotifiers={isCanManageDBs}
+                        key={`notifiers-${selectedWorkspace.id}`}
+                      />
+                    )}
+                    {selectedTab === 'storages' && selectedWorkspace && (
+                      <StoragesComponent
+                        contentHeight={contentHeight}
+                        workspace={selectedWorkspace}
+                        isCanManageStorages={isCanManageDBs}
+                        key={`storages-${selectedWorkspace.id}`}
+                      />
+                    )}
+                    {selectedTab === 'databases' && selectedWorkspace && (
+                      <DatabasesComponent
+                        contentHeight={contentHeight}
+                        workspace={selectedWorkspace}
+                        isCanManageDBs={isCanManageDBs}
+                        key={`databases-${selectedWorkspace.id}`}
+                      />
+                    )}
+                    {selectedTab === 'settings' && selectedWorkspace && user && (
+                      <WorkspaceSettingsComponent
+                        workspaceResponse={selectedWorkspace}
+                        contentHeight={contentHeight}
+                        user={user}
+                        key={`settings-${selectedWorkspace.id}`}
+                      />
+                    )}
+                  </div>
+                </>
               )}
             </>
           )}
 
-          <div className="absolute bottom-1 left-2 mb-[0px] text-sm text-gray-400">
+          <div className="absolute bottom-1 left-2 mb-[0px] hidden text-sm text-gray-400 md:block">
             v{APP_VERSION}
           </div>
         </div>

frontend/src/widgets/main/SidebarComponent.tsx

@@ -0,0 +1,219 @@
+import { CloseOutlined } from '@ant-design/icons';
+import { Drawer, Tooltip } from 'antd';
+import { useEffect } from 'react';
+import GitHubButton from 'react-github-btn';
+
+import { type DiskUsage } from '../../entity/disk';
+import { type UserProfile, UserRole } from '../../entity/users';
+import { useIsMobile } from '../../shared/hooks';
+
+interface TabItem {
+  text: string;
+  name: string;
+  icon: string;
+  selectedIcon: string;
+  onClick: () => void;
+  isAdminOnly: boolean;
+  marginTop: string;
+  isVisible: boolean;
+}
+
+interface Props {
+  isOpen: boolean;
+  onClose: () => void;
+  selectedTab: string;
+  tabs: TabItem[];
+  user?: UserProfile;
+  diskUsage?: DiskUsage;
+  contentHeight: number;
+}
+
+export const SidebarComponent = ({
+  isOpen,
+  onClose,
+  selectedTab,
+  tabs,
+  user,
+  diskUsage,
+  contentHeight,
+}: Props) => {
+  const isMobile = useIsMobile();
+
+  // Close sidebar on desktop when it becomes desktop size
+  useEffect(() => {
+    if (!isMobile && isOpen) {
+      onClose();
+    }
+  }, [isMobile, isOpen, onClose]);
+
+  // Prevent background scrolling when mobile sidebar is open
+  useEffect(() => {
+    if (isMobile && isOpen) {
+      document.body.style.overflowY = 'hidden';
+      return () => {
+        document.body.style.overflowY = '';
+      };
+    }
+  }, [isMobile, isOpen]);
+
+  const isUsedMoreThan95Percent =
+    diskUsage && diskUsage.usedSpaceBytes / diskUsage.totalSpaceBytes > 0.95;
+
+  const filteredTabs = tabs
+    .filter((tab) => !tab.isAdminOnly || user?.role === UserRole.ADMIN)
+    .filter((tab) => tab.isVisible);
+
+  const handleTabClick = (tab: TabItem) => {
+    tab.onClick();
+    if (isMobile) {
+      onClose();
+    }
+  };
+
+  if (!isMobile) {
+    return (
+      <div
+        className="max-w-[60px] min-w-[60px] rounded bg-white py-2 shadow"
+        style={{ height: contentHeight }}
+      >
+        <div className="flex h-full flex-col">
+          <div className="flex-1">
+            {filteredTabs.map((tab) => (
+              <div key={tab.text} className="flex justify-center">
+                <div
+                  className={`flex h-[50px] w-[50px] cursor-pointer items-center justify-center rounded select-none ${selectedTab === tab.name ? 'bg-blue-600' : 'hover:bg-blue-50'}`}
+                  onClick={() => handleTabClick(tab)}
+                  style={{ marginTop: tab.marginTop }}
+                >
+                  <div className="mb-1">
+                    <div className="flex justify-center">
+                      <img
+                        src={selectedTab === tab.name ? tab.selectedIcon : tab.icon}
+                        width={20}
+                        alt={tab.text}
+                        loading="lazy"
+                      />
+                    </div>
+                  </div>
+                </div>
+              </div>
+            ))}
+          </div>
+        </div>
+      </div>
+    );
+  }
+
+  return (
+    <Drawer
+      open={isOpen}
+      onClose={onClose}
+      placement="right"
+      width={280}
+      styles={{
+        body: { padding: 0 },
+      }}
+      closable={false}
+      mask={false}
+    >
+      <div className="flex h-full flex-col">
+        {/* Custom Close Button */}
+        <div className="flex justify-end border-b border-gray-200 px-3 py-3">
+          <button
+            onClick={onClose}
+            className="flex h-8 w-8 items-center justify-center rounded hover:bg-gray-100"
+          >
+            <CloseOutlined />
+          </button>
+        </div>
+
+        {/* Navigation Tabs */}
+        <div className="flex-1 overflow-y-auto px-3 py-4">
+          {filteredTabs.map((tab, index) => {
+            const showDivider =
+              index < filteredTabs.length - 1 && filteredTabs[index + 1]?.marginTop !== '0px';
+
+            return (
+              <div key={tab.text}>
+                <div
+                  className={`flex cursor-pointer items-center gap-3 rounded px-3 py-3 select-none ${selectedTab === tab.name ? 'bg-blue-600 text-white' : 'text-gray-700 hover:bg-gray-100'}`}
+                  onClick={() => handleTabClick(tab)}
+                >
+                  <img
+                    src={selectedTab === tab.name ? tab.selectedIcon : tab.icon}
+                    width={24}
+                    alt={tab.text}
+                    loading="lazy"
+                  />
+                  <span className="text-sm font-medium">{tab.text}</span>
+                </div>
+                {showDivider && <div className="my-2 border-t border-gray-200" />}
+              </div>
+            );
+          })}
+        </div>
+
+        {/* Footer Section */}
+        <div className="border-t border-gray-200 bg-gray-50 px-3 py-4">
+          {diskUsage && (
+            <div className="mb-4">
+              <Tooltip title="To make backups locally and restore them, you need to have enough space on your disk. For restore, you need to have same amount of space that the backup size.">
+                <div
+                  className={`cursor-pointer text-xs ${isUsedMoreThan95Percent ? 'text-red-500' : 'text-gray-600'}`}
+                >
+                  <div className="font-medium">Disk Usage</div>
+                  <div className="mt-1">
+                    {(diskUsage.usedSpaceBytes / 1024 ** 3).toFixed(1)} of{' '}
+                    {(diskUsage.totalSpaceBytes / 1024 ** 3).toFixed(1)} GB used (
+                    {((diskUsage.usedSpaceBytes / diskUsage.totalSpaceBytes) * 100).toFixed(1)}%)
+                  </div>
+                </div>
+              </Tooltip>
+            </div>
+          )}
+
+          <div className="space-y-2">
+            <a
+              className="!hover:text-blue-600 block rounded text-sm font-medium !text-gray-700 hover:bg-gray-100"
+              href="https://postgresus.com/installation"
+              target="_blank"
+              rel="noreferrer"
+            >
+              Documentation
+            </a>
+
+            <a
+              className="!hover:text-blue-600 block rounded text-sm font-medium !text-gray-700 hover:bg-gray-100"
+              href="https://postgresus.com/contribute"
+              target="_blank"
+              rel="noreferrer"
+            >
+              Contribute
+            </a>
+
+            <a
+              className="!hover:text-blue-600 block rounded text-sm font-medium !text-gray-700 hover:bg-gray-100"
+              href="https://t.me/postgresus_community"
+              target="_blank"
+              rel="noreferrer"
+            >
+              Community
+            </a>
+
+            <div className="pt-2">
+              <GitHubButton
+                href="https://github.com/RostislavDugin/postgresus"
+                data-icon="octicon-star"
+                data-size="large"
+                data-show-count="true"
+                aria-label="Star RostislavDugin/postgresus on GitHub"
+              >
+                Star on GitHub
+              </GitHubButton>
+            </div>
+          </div>
+        </div>
+      </div>
+    </Drawer>
+  );
+};

frontend/src/widgets/main/WorkspaceSelectionComponent.tsx

@@ -2,6 +2,7 @@ import { Button, Input } from 'antd';
 import { useEffect, useMemo, useRef, useState } from 'react';
 
 import { type WorkspaceResponse } from '../../entity/workspaces';
+import { useIsMobile } from '../../shared/hooks';
 
 interface Props {
   workspaces: WorkspaceResponse[];
@@ -16,6 +17,7 @@ export const WorkspaceSelectionComponent = ({
   onCreateWorkspace,
   onWorkspaceSelect,
 }: Props) => {
+  const isMobile = useIsMobile();
   const [isDropdownOpen, setIsDropdownOpen] = useState(false);
   const [searchValue, setSearchValue] = useState('');
   const dropdownRef = useRef<HTMLDivElement>(null);
@@ -50,59 +52,60 @@ export const WorkspaceSelectionComponent = ({
       <Button
         type="primary"
         onClick={onCreateWorkspace}
+        size={isMobile ? 'small' : 'middle'}
         className="border-blue-600 bg-blue-600 hover:border-blue-700 hover:bg-blue-700"
       >
-        Create workspace
+        {isMobile ? 'Create' : 'Create workspace'}
       </Button>
     );
   }
 
   return (
-    <div className="my-1 w-[250px] select-none" ref={dropdownRef}>
-      <div className="mb-1 text-xs text-gray-400" style={{ lineHeight: 0.7 }}>
+    <div
+      className="my-1 flex-1 select-none md:ml-2 md:w-[250px] md:max-w-[250px]"
+      ref={dropdownRef}
+    >
+      <div className="mb-1 hidden text-xs text-gray-400 md:block" style={{ lineHeight: 0.7 }}>
         Selected workspace
       </div>
 
       <div className="relative">
-        {/* Dropdown Trigger */}
         <div
           className="cursor-pointer rounded bg-gray-100 p-1 px-2 hover:bg-gray-200"
           onClick={() => setIsDropdownOpen(!isDropdownOpen)}
         >
           <div className="flex items-center justify-between text-sm">
-            <div className="max-w-[250px] truncate">
+            <div className="flex-1 truncate pr-1">
               {selectedWorkspace?.name || 'Select a workspace'}
             </div>
             <img
               src="/icons/menu/arrow-down-gray.svg"
               alt="arrow-down"
-              className={`ml-1 transition-transform duration-200 ${isDropdownOpen ? 'rotate-180' : ''}`}
-              width={15}
-              height={15}
+              className={`ml-1 flex-shrink-0 transition-transform duration-200 ${isDropdownOpen ? 'rotate-180' : ''}`}
+              width={isMobile ? 14 : 15}
+              height={isMobile ? 14 : 15}
             />
           </div>
         </div>
 
-        {/* Dropdown Menu */}
         {isDropdownOpen && (
-          <div className="absolute top-full left-0 z-50 mt-1 min-w-full rounded-md border border-gray-200 bg-white shadow-lg">
-            {/* Search Input */}
+          <div className="absolute top-full right-0 left-0 z-50 mt-1 min-w-[250px] rounded-md border border-gray-200 bg-white shadow-lg md:right-auto md:left-0 md:min-w-full">
             <div className="border-b border-gray-100 p-2">
               <Input
                 placeholder="Search workspaces..."
                 value={searchValue}
                 onChange={(e) => setSearchValue(e.target.value)}
                 className="border-0 shadow-none"
+                size={isMobile ? 'small' : 'middle'}
                 autoFocus
               />
             </div>
 
-            {/* Workspace List */}
-            <div className="max-h-[400px] overflow-y-auto">
+            <div className="max-h-[250px] overflow-y-auto md:max-h-[400px]">
               {filteredWorkspaces.map((workspace) => (
                 <div
                   key={workspace.id}
-                  className="max-w-[250px] cursor-pointer truncate px-3 py-2 text-sm hover:bg-gray-50"
+                  className="cursor-pointer truncate px-3 py-2 text-sm hover:bg-gray-50"
                   onClick={() => openWorkspace(workspace)}
                 >
                   {workspace.name}
@@ -114,7 +117,6 @@ export const WorkspaceSelectionComponent = ({
               )}
             </div>
 
-            {/* Create New Workspace Button - Fixed at bottom */}
             <div className="border-t border-gray-100">
               <div
                 className="cursor-pointer px-3 py-2 text-sm text-blue-600 hover:bg-gray-50 hover:text-blue-700"