mcdsl

mc/mcdsl

Fork 0

Commit Graph

Author	SHA1	Message	Date
Kyle Isom	4b54e50a0d	Make database chmod best-effort for rootless podman os.Chmod(path, 0600) fails inside rootless podman containers because fchmod is denied in the user namespace. This was fatal — the database wouldn't open, crashing the service. Changed to best-effort: log nothing on failure, database functions correctly without the permission tightening. The file is already protected by the container's volume mount and the host filesystem permissions. Root cause of the 2026-04-03 incident recovery failure — MCR and Metacrypt couldn't start until their databases were deleted and recreated. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-03 09:32:52 -07:00
Kyle Isom	20d8d8d4b4	Set MaxOpenConns(1) to eliminate SQLite SQLITE_BUSY errors Go's database/sql opens multiple connections by default, but SQLite only supports one concurrent writer. Under concurrent load (e.g. parallel blob uploads to MCR), multiple connections compete for the write lock and exceed busy_timeout, causing transient 500 errors. With WAL mode, a single connection still allows concurrent reads from other processes. Go serializes access through the connection pool, eliminating busy errors entirely. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-25 23:28:46 -07:00
Kyle Isom	8b4db22c93	Initial commit: project setup and db package - Project scaffolding: go.mod, Makefile, .golangci.yaml, doc.go - README, ARCHITECTURE, PROJECT_PLAN, PROGRESS documentation - db package: Open (WAL, FK, busy timeout, 0600 permissions), Migrate (sequential, transactional, idempotent), SchemaVersion, Snapshot (VACUUM INTO) - 11 tests covering open, migrate, and snapshot Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-25 14:17:17 -07:00

Author

SHA1

Message

Date

Kyle Isom

4b54e50a0d

Make database chmod best-effort for rootless podman

os.Chmod(path, 0600) fails inside rootless podman containers because
fchmod is denied in the user namespace. This was fatal — the database
wouldn't open, crashing the service.

Changed to best-effort: log nothing on failure, database functions
correctly without the permission tightening. The file is already
protected by the container's volume mount and the host filesystem
permissions.

Root cause of the 2026-04-03 incident recovery failure — MCR and
Metacrypt couldn't start until their databases were deleted and
recreated.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-03 09:32:52 -07:00

Kyle Isom

20d8d8d4b4

Set MaxOpenConns(1) to eliminate SQLite SQLITE_BUSY errors

Go's database/sql opens multiple connections by default, but SQLite
only supports one concurrent writer. Under concurrent load (e.g.
parallel blob uploads to MCR), multiple connections compete for the
write lock and exceed busy_timeout, causing transient 500 errors.

With WAL mode, a single connection still allows concurrent reads
from other processes. Go serializes access through the connection
pool, eliminating busy errors entirely.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-25 23:28:46 -07:00

Kyle Isom

8b4db22c93

Initial commit: project setup and db package

- Project scaffolding: go.mod, Makefile, .golangci.yaml, doc.go
- README, ARCHITECTURE, PROJECT_PLAN, PROGRESS documentation
- db package: Open (WAL, FK, busy timeout, 0600 permissions),
  Migrate (sequential, transactional, idempotent),
  SchemaVersion, Snapshot (VACUUM INTO)
- 11 tests covering open, migrate, and snapshot

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-25 14:17:17 -07:00

3 Commits