Flesh out the filesystem bindings.

1 files changed, 67 insertions, 21 deletions

diff --git a/topics/deploy/setting-up-or-migrating-production-across-machines.gmi b/topics/deploy/setting-up-or-migrating-production-across-machines.gmi
index 4181f8f..45fb085 100644
--- a/topics/deploy/setting-up-or-migrating-production-across-machines.gmi
+++ b/topics/deploy/setting-up-or-migrating-production-across-machines.gmi
@@ -53,7 +53,7 @@ Filesystem bindings could be linked to wildly different paths on different physi
 
 #### /var/genenetwork
 
-This binding must be READ/WRITE within the container.
+This binding must be READWRITE within the container.
 
 The purpose is to hold varying files that are specific to the genenetwork system(s). Examples of the files are:
 
@@ -63,71 +63,117 @@ The purpose is to hold varying files that are specific to the genenetwork system
 
 #### /var/lib/acme
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+This is used to store TLS certificates for the various services within the container by the ACME (Automatic Certificate Management Environment) script.
 
 #### /var/lib/redis
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+This is used by the redis daemon to persist its state(s).
 
 #### /var/lib/virtuoso
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+Used by the virtuoso daemon to save its state, and maybe some log files.
+
+#### /export/data/virtuoso/
+
+This binding must be READONLY within the container. (Really?)
+
+This is used for importing data into virtuoso, say by sharing Turtle (TTL) files within the binding.
+
+---
+At this point the binding is READONLY because any TTL files to load are imported from outside the container. If the transformation of data from MariaDB to TTL form is built into the production containers down the line, then this might change to READWRITE to allow the tranformation tool to write to it.
 
 #### /var/log
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+Allows logs from various services running in the container be accessible in the host system. This is useful for debugging issues with the running systems.
 
 #### /etc/genenetwork
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+Useful for storing various configuration files/data for the service(s) running inside the running container.
 
 #### /var/lib/xapian
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+Stores the processed search indexes for the xapian search system.
 
 #### /var/lib/genenetwork/sqlite/gn-auth
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+The authorisation database is stored here. The directory needs to be writable to avoid permissions issues within the container when attempting to write data into the database.
 
 #### /var/lib/genenetwork/sqlite/genenetwork3
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+This stores various SQLite databases in use with GN3. These are:
+
+* Database for the GNQA system
+* ...
 
 #### /run/mysqld
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+This binding is the link to the host directory that holds the socket file for the running MariaDB instance.
 
 #### /var/lib/gn-docs.git
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
 
-#### /opt/gn/tmp
+* **TODO**: What is this binding for?
 
-* **TODO**: Describe this: Writable? What is this binding for?
+#### /opt/gn/tmp
 
-#### /export/data/virtuoso/
+This binding must be READWRITE within the container.
 
-* **TODO**: Describe this: Writable? What is this binding for?
+Holds temporary files for the various services that run within the container. Some of the generated files from various services are also stored here.
 
-#### /export/data/gn-docs
+**PROPOSAL**: Move all generated files here, or have a dedicated directory for holding generated files?
 
-* **TODO**: Describe this: Writable? What is this binding for?
 
 #### /var/genenetwork/sessions
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+Holds session files for various services within the container. See also the /var/genenetwork binding.
 
 #### /var/lib/genenetwork/uploader
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+**gn-uploader** specific data files. Types of data files that could go here are:
+
+* File uploads
+* (Reusable) Cache files and generated files
+* ... others?
 
 #### /var/lib/genenetwork/sqlite/gn-uploader
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+Holds various SQLite databases used with the **gn-uploader** service, e.g.:
+
+* Background jobs database
+* ...
 
 #### /var/lib/genenetwork/gn-guile
 
-* **TODO**: Describe this: Writable? What is this binding for?
+This binding must be READWRITE within the container.
+
+Various data files for the **gn-guile** service, such as:
+
+* The bare **gn-docs** repository (Previously bound at `/export/data/gn-docs`: now deprecated).
 
 ## Redis