Adding Wasabi
This commit is contained in:
@@ -87,6 +87,12 @@ curl -H "Authorization: Bearer <admin-token>" https://your-host/api/metrics
|
||||
- `BACKEND_URL`
|
||||
- `VITE_API_BASE_URL`
|
||||
- `REDIS_URL`
|
||||
- `IMAGE_STORAGE_PROVIDER`
|
||||
- `S3_ENDPOINT`
|
||||
- `S3_REGION`
|
||||
- `S3_BUCKET`
|
||||
- `S3_ACCESS_KEY_ID`
|
||||
- `S3_SECRET_ACCESS_KEY`
|
||||
- `RESCUE_ONBOARDING_WEBHOOK_URL`
|
||||
2. Build and start the production stack:
|
||||
|
||||
@@ -104,6 +110,28 @@ Compose includes a Redis service at `redis://redis:6379` and passes that value t
|
||||
|
||||
Scheduled milestone reminders are enqueued through Redis with a per-date job id, then processed by the worker. This keeps scheduled work out of API containers and prevents duplicate scheduled jobs when the API is scaled horizontally. Redis can also support later shared rate-limit state and short-lived cache entries.
|
||||
|
||||
## Image storage
|
||||
|
||||
FlockPal currently keeps bird photos in Postgres as `photo_data_url`. The schema also has S3 object metadata columns so image storage can move to Wasabi/S3 without changing the bird record contract.
|
||||
|
||||
Set these when Wasabi image storage is ready:
|
||||
|
||||
- `IMAGE_STORAGE_PROVIDER=s3`
|
||||
- `S3_ENDPOINT=https://s3.<wasabi-region>.wasabisys.com`
|
||||
- `S3_REGION=<wasabi-region>`
|
||||
- `S3_BUCKET=<bucket-name>`
|
||||
- `S3_ACCESS_KEY_ID=<access-key>`
|
||||
- `S3_SECRET_ACCESS_KEY=<secret-key>`
|
||||
- `S3_PUBLIC_BASE_URL=<optional CDN or public bucket base URL>`
|
||||
- `S3_KEY_PREFIX=bird-photos`
|
||||
|
||||
Use a dedicated bucket and access key for FlockPal images. Grant only the S3 permissions the app needs for that bucket.
|
||||
|
||||
Bucket settings recommendation:
|
||||
|
||||
- Enable bucket versioning if you want rollback protection from accidental overwrites or deletes. Add a lifecycle policy once upload volume is known because every object version contributes to stored data.
|
||||
- Do not enable Object Lock on the primary app image bucket unless there is a strict legal/compliance retention requirement. Object Lock must be enabled when creating the bucket, depends on versioning, and can make user-requested image deletion or replacement harder.
|
||||
|
||||
## Worker process
|
||||
|
||||
The API container does not run scheduled reminder loops. Background reminders run in the `worker` service so the API can be scaled horizontally without multiple API containers sending duplicate scheduled emails.
|
||||
|
||||
Reference in New Issue
Block a user