innovationtreehouse · jee7s · Jun 20, 2026
diff --git a/config.sample.yml b/config.sample.yml
@@ -37,6 +37,16 @@ db:
   # Optional - How often (in ms) the /healthz endpoint checks the DB (default: 14400000 = 4 hours)
   # healthCheckInterval: 14400000
 
+# ---------------------------------------------------------------------
+# Navigation
+# ---------------------------------------------------------------------
+
+# nav:
+  # Optional - How long (in seconds) to cache the sidebar navigation tree (default: 3600 = 1 hour)
+  # A longer TTL means fewer periodic DB queries (helps Aurora Serverless idle/pause);
+  # admin "Flush Cache" forces an immediate refresh.
+  # cacheTTL: 3600
+
 # ---------------------------------------------------------------------
 # Analytics
 # ---------------------------------------------------------------------
@@ -53,6 +63,11 @@ db:
   # Optional - How long (in seconds) to cache deserialized users (default: 14400 = 4 hours, 0 to disable)
   # userCacheTTL: 14400
 
+  # Optional - How long (in seconds) to cache the guest user + its permissions (default: 3600 = 1 hour)
+  # A longer TTL means fewer periodic DB queries on anonymous/crawler traffic; changing group
+  # permissions force-refreshes it immediately.
+  # guestCacheTTL: 3600
+
   # Optional - PostgreSQL / MySQL / MariaDB only:
   # -> Uncomment lines you need below and set `auto` to false
   # -> Full list of accepted options: https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options

diff --git a/dev/build/config.yml b/dev/build/config.yml
@@ -22,7 +22,10 @@ ssl:
 logLevel: $(LOG_LEVEL:info)
 logFormat: $(LOG_FORMAT:default)
 ha: $(HA_ACTIVE)
+nav:
+  cacheTTL: $(NAV_CACHE_TTL:3600)
 analytics:
   cacheTTL: $(ANALYTICS_CACHE_TTL:86400)
 auth:
   userCacheTTL: $(AUTH_USER_CACHE_TTL:14400)
+  guestCacheTTL: $(AUTH_GUEST_CACHE_TTL:3600)
diff --git a/server/app/data.yml b/server/app/data.yml
@@ -58,6 +58,7 @@ defaults:
       verifySSL: true
     nav:
       mode: 'MIXED'
+      cacheTTL: 3600
     theming:
       theme: 'default'
       iconset: 'md'
@@ -74,6 +75,7 @@ defaults:
       tokenExpiration: '30m'
       tokenRenewal: '14d'
       userCacheTTL: 14400
+      guestCacheTTL: 3600
     editShortcuts:
       editFab: true
       editMenuBar: false

diff --git a/server/core/auth.js b/server/core/auth.js
@@ -181,7 +181,7 @@ module.exports = {
       if (!user) {
         if (WIKI.auth.guest.cacheExpiration <= DateTime.utc()) {
           WIKI.auth.guest = await WIKI.models.users.getGuestUser()
-          WIKI.auth.guest.cacheExpiration = DateTime.utc().plus({ minutes: 1 })
+          WIKI.auth.guest.cacheExpiration = DateTime.utc().plus({ seconds: WIKI.config.auth.guestCacheTTL })
         }
         req.user = WIKI.auth.guest
         return next()

diff --git a/server/models/navigation.js b/server/models/navigation.js
@@ -45,7 +45,7 @@ module.exports = class Navigation extends Model {
 
       for (const tree of navTree.config) {
         if (cache) {
-          await WIKI.cache.set(`nav:sidebar:${tree.locale}`, tree.items, 300)
+          await WIKI.cache.set(`nav:sidebar:${tree.locale}`, tree.items, WIKI.config.nav.cacheTTL)
         }
       }
       if (bypassAuth) {