infra: add optional data volume bind-mount phase#31
Merged
Conversation
Preview torn downThis PR's ephemeral environment was cleaned up.
Reopen the PR if you need to spin it back up. |
![graphite-app[bot]](https://avatars.githubusercontent.com/in/158384?s=60&v=4){kind=small}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
Root disk on prod filled up about a month back, which quietly killed daily B2 backups.
cache.dbis 12GB now, and the backup endpoint writes a full snapshot to local disk before rclone ships it. There wasn't space for that snapshot, so the file never landed, and the upload script kept finding an empty backups dir every morning.We just moved
/var/lib/lyrics-apionto a 50GB Hetzner Cloud Volume and bind-mounted it in place by hand on the box. This commits that change as an idempotent phase so a fresh bootstrap reproduces it.What
infra/phases/11-data-volume.sh. Skipped entirely ifLYRICS_API_VOLUME_IDis unset. If set, it:/mnt/HC_Volume_<id>./var/lib/lyrics-apicontents onto the volume'slyrics-api/subdir. The original is renamed to/var/lib/lyrics-api.pre-volume.<timestamp>rather than deleted, so the operator can verify the migration before reclaiming the space./etc/fstabwithx-systemd.requires-mounts-for=so boot order is explicit (volume mount, then bind).lyrics-api.serviceaddingRequiresMountsFor=/var/lib/lyrics-api. Defense in depth: if the bind ever fails to mount, the service refuses to start instead of silently writing a fresh emptycache.dbto the root disk.Plus the supporting tweaks:
secrets.env.examplegets the newLYRICS_API_VOLUME_IDknob (blank by default), and the README's Manual Steps section calls out the volume as an optional extra at provisioning time.Test plan
LYRICS_API_VOLUME_IDset: phase 11 sets up the bind mount, lyrics-api starts cleanly./var/lib/lyrics-api(the prod case): phase 11 migrates the data, preserves the original at.pre-volume.<timestamp>, restarts the service. Verified manually on prod before this PR.