diff options
| author | Frederick Muriuki Muriithi | 2024-11-01 01:54:35 -0500 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2024-11-01 01:54:35 -0500 |
| commit | fa8087a7e1847394520c84c759bfc549610a562f (patch) | |
| tree | c7e6e56cce43fc288ad6f1a39f2e181ee31958d8 | |
| parent | 0d4a55f3072020849c04c9267acd93c3099f667e (diff) | |
| download | gn-gemtext-fa8087a7e1847394520c84c759bfc549610a562f.tar.gz | |
Production container: TMPDIR: New issue.
| -rw-r--r-- | issues/genenetwork/containerising-production-issues.gmi | 1 | ||||
| -rw-r--r-- | issues/genenetwork/handle-tmp-dirs-in-container.gmi | 18 |
2 files changed, 19 insertions, 0 deletions
diff --git a/issues/genenetwork/containerising-production-issues.gmi b/issues/genenetwork/containerising-production-issues.gmi index 3803dac..883f52a 100644 --- a/issues/genenetwork/containerising-production-issues.gmi +++ b/issues/genenetwork/containerising-production-issues.gmi @@ -29,3 +29,4 @@ The link above documents the various services that make up the GeneNetwork servi => ./umhet3-samples-timing-slow [ ] Figure out and fix UM-HET3 Samples mappings on Tux04 => ./setup-mailing-on-tux04 [x] Setting up email service on Tux04 => ./virtuoso-shutdown-clears-data [x] Virtuoso seems to lose data on restart +=> ./handle-tmp-dirs-in-container [ ] Handle temporary directories in the container diff --git a/issues/genenetwork/handle-tmp-dirs-in-container.gmi b/issues/genenetwork/handle-tmp-dirs-in-container.gmi new file mode 100644 index 0000000..7636a00 --- /dev/null +++ b/issues/genenetwork/handle-tmp-dirs-in-container.gmi @@ -0,0 +1,18 @@ +# Handle Temporary Directories in the Container + +## Tags + +* status: open +* type: feature +* assigned: fredm +* priority: critical +* keywords: production, container, tux04 +* interested: alexk, aruni, bonfacem, pjotrp, zsloan + +## Description + +The container's temporary directories should be in a large partition on the host to avoid a scenario where the writes fill up one of the smaller drives. + +Currently, we use the `/tmp` directory by default, but we should look into transitioning away from that — `/tmp` is world readable and world writable and therefore needs careful consideration to keep safe. + +Thankfully, we are running our systems within a container, and can bind the container's `/tmp` directory to a non-world-accessible directory, keeping things at least contained. |