deemanone/padelnomics
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c0c860766440059430bbd2a05ee01729a1684bc4
padelnomics/padelnomics/litestream.yml
Deeman c0c8607664 fix: migration atomicity + deploy hardening + Litestream R2 
Migration atomicity:
- Remove conn.commit() and executescript() from all up() functions (0000,
  0011, 0012, 0013, 0014, 0015); executescript() issued implicit COMMITs
  which broke the batch-rollback guarantee of the migration runner
- Rewrite 0000 with individual conn.execute() calls (was a single
  executescript block)

Deploy hardening:
- Add pre-migration DB backup step to deploy.sh: saves
  app.db.pre-deploy-<timestamp> in the volume before every migration
- On health-check failure: restore the backup, then stop + exit
- On success: clean up old backups (keep last 3)

Litestream:
- Enable R2 as primary replica in litestream.yml (env-var placeholders)
- Add local /app/data/backups as secondary replica
- docker-compose: add auto-restore on empty volume (sh entrypoint runs
  'litestream restore' before 'litestream replicate' if app.db missing)
- Add LITESTREAM_R2_* vars to .gitlab-ci.yml .env block and .env.example

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-20 10:28:59 +01:00

30 lines
1.1 KiB
YAML
Raw Blame History

# Litestream configuration for SQLite replication
# Primary replica: Cloudflare R2 (off-host disaster recovery)
# Secondary replica: local file backup inside the volume
#
# Set these env vars in .env / GitLab CI variables:
# LITESTREAM_R2_BUCKET e.g. padelnomics-backups
# LITESTREAM_R2_ACCESS_KEY_ID
# LITESTREAM_R2_SECRET_ACCESS_KEY
# LITESTREAM_R2_ENDPOINT e.g. <account-id>.r2.cloudflarestorage.com
#
# Recovery:
# litestream restore -config /etc/litestream.yml /app/data/app.db
# litestream restore -config /etc/litestream.yml -timestamp "2026-01-15T12:00:00Z" /app/data/app.db
dbs:
- path: /app/data/app.db
replicas:
# Primary: Cloudflare R2
- url: s3://${LITESTREAM_R2_BUCKET}/padelnomics/app.db
access-key-id: ${LITESTREAM_R2_ACCESS_KEY_ID}
secret-access-key: ${LITESTREAM_R2_SECRET_ACCESS_KEY}
endpoint: https://${LITESTREAM_R2_ENDPOINT}
retention: 168h
snapshot-interval: 6h
# Secondary: local backup inside the volume (fast local restore)
- path: /app/data/backups
retention: 24h
snapshot-interval: 1h
Reference in New Issue View Git Blame Copy Permalink