pub fn api_config(_caller: Actor) -> Json<ConfigDto>Expand description
The effective configuration, masked for safe exposure (the agent twin of the Settings screen).
Token-gated via the Actor guard (clean 401 without a token), matching the human
/settings (require_admin) and the write twin PUT /api/config — config is admin-only on
every surface. Secrets are masked regardless (DB password → ***, only the token count is
shown), but the operational config (DB host/user/name, ports, pool/queue tuning) is not for
anonymous eyes.