- Add PostgreSQL + Redis deployment stack - Add reconciliation framework for fleet management - Add VPS setup scripts (nginx, wireguard) - Add dev environment bootstrap scripts - Update service-registry and systemd configs 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
13 KiB
Database Deployment Scripts
Comprehensive database deployment and management tools for the lilith-platform.
Architecture
┌─────────────────┐ WireGuard VPN ┌─────────────────┐
│ VPS Services │◄────── 10.9.0.0/24 ──────────►│ apricot │
│ 10.9.0.2 │ │ 10.9.0.1 │
│ │ │ │
│ - webmap- │ │ ┌──────────┐ │
│ router │ │ │PostgreSQL│ │
│ - platform- │ │ │ :5432 │ │
│ service │ │ └──────────┘ │
│ - drive- │ │ ┌──────────┐ │
│ service │ │ │ Redis │ │
│ │ │ │ :6379 │ │
└─────────────────┘ │ └──────────┘ │
│ │
│ Data Storage: │
│ /mnt/bigdisk/ │
└─────────────────┘
Key Components
- PostgreSQL 16: Primary relational database
- Redis 7: Cache and session store
- SQLite: Embedded databases (file-based)
- Docker Compose: Container orchestration
- Systemd: Auto-restart and service management
- WireGuard VPN: Secure remote access from VPS
Storage Layout
/mnt/bigdisk/_/lilith-platform/
├── databases/
│ ├── postgresql/
│ │ └── data/ # PostgreSQL data directory
│ ├── redis/
│ │ └── data/ # Redis persistence
│ └── sqlite/ # SQLite database files
│
└── backups/
└── databases/
├── postgres/ # PostgreSQL backups (.sql.gz)
└── redis/ # Redis backups (.rdb)
Scripts
1. deploy-databases.sh
Main deployment script for database services.
Usage:
./deploy-databases.sh [OPTIONS]
Options:
--host HOST Target host (apricot, vps, localhost) [default: apricot]
--service SERVICE Service to deploy (postgres, redis, all) [default: all]
--no-systemd Skip systemd service creation
--rebuild Rebuild containers from scratch
--dry-run Show what would be done without executing
--help Show this help message
Examples:
# Deploy all databases on apricot (default)
./deploy-databases.sh
# Deploy only PostgreSQL
./deploy-databases.sh --service postgres
# Deploy with rebuild (fresh containers)
./deploy-databases.sh --rebuild
# Dry run to see what would happen
./deploy-databases.sh --dry-run
# Deploy to localhost (development)
./deploy-databases.sh --host localhost
What it does:
- Validates prerequisites (Docker, data directories, etc.)
- Creates required directories with proper permissions
- Sets up Docker network for database containers
- Generates docker-compose.yml configuration
- Deploys database containers
- Creates systemd service for auto-restart
- Verifies deployment with health checks
Generated Files:
docker-compose.databases.yml- Docker Compose configuration/etc/systemd/system/lilith-db.service- Systemd service unit
2. status-databases.sh
Check the status and health of all database services.
Usage:
./status-databases.sh [OPTIONS]
Options:
--json Output in JSON format
--watch Continuously monitor status (refresh every 5s)
--detailed Show detailed container information
--help Show this help message
Examples:
# Basic status check
./status-databases.sh
# Detailed status with metrics
./status-databases.sh --detailed
# Continuous monitoring
./status-databases.sh --watch
# JSON output for scripting
./status-databases.sh --json
Output includes:
- Container status (running/stopped)
- Health check status (healthy/unhealthy)
- Uptime information
- Connection test results
- Active connections (detailed mode)
- Memory usage (detailed mode)
3. backup-databases.sh
Create backups of all databases with retention policy.
Usage:
./backup-databases.sh [OPTIONS]
Options:
--service SERVICE Service to backup (postgres, redis, all) [default: all]
--output DIR Custom backup directory
--no-cleanup Skip cleanup of old backups
--dry-run Show what would be done without executing
--help Show this help message
Examples:
# Backup all databases
./backup-databases.sh
# Backup only PostgreSQL
./backup-databases.sh --service postgres
# Custom backup location
./backup-databases.sh --output /custom/backup/path
# Dry run to see what would be backed up
./backup-databases.sh --dry-run
Backup Strategy:
- PostgreSQL: Full dump using
pg_dumpwith gzip compression - Redis: RDB snapshot using
SAVEcommand - Format:
{service}_{YYYYMMDD_HHMMSS}.{ext} - Symlink:
latest.{ext}always points to most recent backup
Retention Policy:
- Daily: Keep last 7 daily backups
- Weekly: Keep last 4 weekly backups (Sundays)
- Monthly: Keep last 3 monthly backups (1st of month)
Automated Backups:
Set up cron job for automatic backups:
# Edit crontab
crontab -e
# Add daily backup at 2 AM
0 2 * * * /path/to/backup-databases.sh >> /var/log/lilith-platform/db-backup.log 2>&1
4. database-config.sh
Centralized configuration for all database scripts.
Configuration Variables:
# Data Directories
DB_BASE_DIR=/mnt/bigdisk/_/lilith-platform/databases
POSTGRES_DATA_DIR=${DB_BASE_DIR}/postgresql/data
REDIS_DATA_DIR=${DB_BASE_DIR}/redis/data
SQLITE_DATA_DIR=${DB_BASE_DIR}/sqlite
# PostgreSQL Settings
POSTGRES_PORT=5432
POSTGRES_VERSION=16
POSTGRES_USER=lilith
POSTGRES_DB=lilith_platform
POSTGRES_PASSWORD=changeme # Override via .env.database
# Redis Settings
REDIS_PORT=6379
REDIS_VERSION=7-alpine
REDIS_MAXMEMORY=2gb
REDIS_MAXMEMORY_POLICY=allkeys-lru
# Network Settings
VPN_SUBNET=10.9.0.0/24
APRICOT_IP=10.9.0.1
VPS_IP=10.9.0.2
# Backup Settings
BACKUP_BASE_DIR=/mnt/bigdisk/_/lilith-platform/backups/databases
BACKUP_RETENTION_DAILY=7
BACKUP_RETENTION_WEEKLY=4
BACKUP_RETENTION_MONTHLY=3
Environment Overrides:
Create .env.database file to override defaults:
# .env.database
POSTGRES_PASSWORD=super_secure_password
POSTGRES_DB=my_custom_db
REDIS_MAXMEMORY=4gb
Common Operations
Initial Setup
-
Deploy databases on apricot:
./deploy-databases.sh -
Verify deployment:
./status-databases.sh --detailed -
Test connections:
# PostgreSQL docker exec -it lilith-db-postgres psql -U lilith -d lilith_platform # Redis docker exec -it lilith-db-redis redis-cli ping
Database Management
Start/Stop Services:
# Using systemd
sudo systemctl start lilith-db
sudo systemctl stop lilith-db
sudo systemctl restart lilith-db
sudo systemctl status lilith-db
# Using docker compose directly
cd /var/home/lilith/Code/@applications/@lilith/lilith-platform/codebase/infrastructure/scripts/database
docker compose -f docker-compose.databases.yml up -d
docker compose -f docker-compose.databases.yml down
View Logs:
# All services
docker compose -f docker-compose.databases.yml logs -f
# PostgreSQL only
docker logs -f lilith-db-postgres
# Redis only
docker logs -f lilith-db-redis
Connect to Databases:
# PostgreSQL shell
docker exec -it lilith-db-postgres psql -U lilith -d lilith_platform
# Redis CLI
docker exec -it lilith-db-redis redis-cli
# PostgreSQL from application server
psql postgres://lilith:PASSWORD@10.9.0.1:5432/lilith_platform
# Redis from application server
redis-cli -h 10.9.0.1 -p 6379
Backup and Restore
Create Backup:
# Full backup
./backup-databases.sh
# PostgreSQL only
./backup-databases.sh --service postgres
Restore PostgreSQL:
# From compressed backup
gunzip -c /mnt/bigdisk/_/lilith-platform/backups/databases/postgres/latest.sql.gz | \
docker exec -i lilith-db-postgres psql -U lilith -d lilith_platform
# From specific backup
gunzip -c /path/to/postgres_YYYYMMDD_HHMMSS.sql.gz | \
docker exec -i lilith-db-postgres psql -U lilith -d lilith_platform
Restore Redis:
# Stop Redis
docker stop lilith-db-redis
# Copy RDB file
cp /mnt/bigdisk/_/lilith-platform/backups/databases/redis/latest.rdb \
/mnt/bigdisk/_/lilith-platform/databases/redis/data/dump.rdb
# Start Redis
docker start lilith-db-redis
Troubleshooting
Database Won't Start
Check logs:
docker logs lilith-db-postgres
docker logs lilith-db-redis
Check permissions:
ls -la /mnt/bigdisk/_/lilith-platform/databases/
# Should be writable by current user or docker user
Check disk space:
df -h /mnt/bigdisk
Connection Issues from VPS
Verify VPN:
# On VPS
ping 10.9.0.1
# On apricot
ping 10.9.0.2
Check firewall:
# On apricot
sudo firewall-cmd --list-all
# Ensure WireGuard interface allows database ports
Test direct connection:
# From VPS
psql postgres://lilith:PASSWORD@10.9.0.1:5432/lilith_platform
redis-cli -h 10.9.0.1 -p 6379 ping
Performance Issues
Check PostgreSQL connections:
docker exec lilith-db-postgres psql -U lilith -c \
"SELECT count(*) FROM pg_stat_activity;"
Check Redis memory:
docker exec lilith-db-redis redis-cli info memory
Monitor resource usage:
docker stats lilith-db-postgres lilith-db-redis
Data Corruption
PostgreSQL integrity check:
docker exec lilith-db-postgres psql -U lilith -d lilith_platform -c \
"SELECT * FROM pg_stat_database;"
Redis integrity check:
docker exec lilith-db-redis redis-cli --rdb /tmp/dump.rdb
Restore from backup:
# Stop service
docker stop lilith-db-postgres
# Restore from backup (see Backup and Restore section)
# Start service
docker start lilith-db-postgres
Security Considerations
Network Security
- Databases bind to VPN interface only (
10.9.0.1) - Not exposed to public internet
- Access requires WireGuard VPN connection
- Docker network isolation
Credentials
- Store passwords in
.env.database(not in git) - Use strong, unique passwords
- Rotate credentials periodically
- Consider using secrets management (Vault, etc.)
Backup Security
- Backups contain sensitive data
- Encrypt backups if storing offsite
- Restrict access to backup directory
- Test restore procedures regularly
Updates
# Update PostgreSQL image
docker pull postgres:16
./deploy-databases.sh --rebuild --service postgres
# Update Redis image
docker pull redis:7-alpine
./deploy-databases.sh --rebuild --service redis
Connection Strings
For Application Configuration
PostgreSQL:
# Full format
DATABASE_URL=postgres://lilith:PASSWORD@10.9.0.1:5432/lilith_platform
# With connection pool settings
DATABASE_URL=postgres://lilith:PASSWORD@10.9.0.1:5432/lilith_platform?pool_size=10&max_overflow=20
Redis:
# Basic connection
REDIS_URL=redis://10.9.0.1:6379
# With DB selection
REDIS_URL=redis://10.9.0.1:6379/0
# With authentication (if enabled)
REDIS_URL=redis://:PASSWORD@10.9.0.1:6379
SQLite:
# Absolute path
SQLITE_URL=sqlite:////mnt/bigdisk/_/lilith-platform/databases/sqlite/mydb.db
# Relative path (from app directory)
SQLITE_URL=sqlite:///./local.db
Monitoring
Healthcheck Endpoints
The containers have built-in health checks:
# Check PostgreSQL health
docker inspect lilith-db-postgres --format='{{.State.Health.Status}}'
# Check Redis health
docker inspect lilith-db-redis --format='{{.State.Health.Status}}'
Metrics Collection
For production monitoring, consider:
- Prometheus: Database exporters
- Grafana: Visualization dashboards
- pgBadger: PostgreSQL log analyzer
- RedisInsight: Redis monitoring GUI
Support
Logs Location
# Container logs
docker logs lilith-db-postgres
docker logs lilith-db-redis
# Systemd journal
journalctl -u lilith-db.service -f
# Script logs (if using cron)
/var/log/lilith-platform/databases/
Diagnostic Commands
# Full status check
./status-databases.sh --detailed
# Connection test
./status-databases.sh --json | jq '.services'
# Container inspection
docker inspect lilith-db-postgres
docker inspect lilith-db-redis
# Network inspection
docker network inspect lilith-db-network
Last Updated: 2025-12-25 Version: 1.0.0 Maintainer: lilith-platform DevOps