From 6a54268476d76809bfe2c5f087235c4fd08b0d75 Mon Sep 17 00:00:00 2001 From: senke Date: Thu, 30 Apr 2026 15:39:30 +0200 Subject: [PATCH] fix(infra): wire AWS_S3_ENABLED + TRACK_STORAGE_BACKEND in prod/staging compose MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The prod and staging compose files were passing AWS_S3_ENDPOINT, AWS_S3_BUCKET, AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY but NOT the two flags that actually activate the routing: - AWS_S3_ENABLED (default false in code → S3 stack skipped) - TRACK_STORAGE_BACKEND (default "local" in code → uploads to disk) So both prod and staging deploys were silently writing track uploads to local disk despite the apparent S3 wiring. With blue/green active/active behind HAProxy, that's an HA bug — uploads on the blue pod aren't visible to green and vice-versa. Set both flags in: - docker-compose.staging.yml backend service (1 instance) - docker-compose.prod.yml backend_blue + backend_green (2 instances, same env block via replace_all) The code already validates on startup that TRACK_STORAGE_BACKEND=s3 requires AWS_S3_ENABLED=true (config.go:1040-1042) so a partial config now fails-loud instead of falling back to local. The S3StorageService is already implemented (services/s3_storage_service.go) and wired into TrackService.UploadTrack via the storageBackend dispatcher (core/track/service.go:432). HLS segment output remains on the hls_*_data volume — that's a separate concern (stream server local write), out of scope for this compose-only fix. Co-Authored-By: Claude Opus 4.7 (1M context) --- docker-compose.prod.yml | 14 ++++++++++++++ docker-compose.staging.yml | 5 +++++ 2 files changed, 19 insertions(+) diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index 0bbe8ad3d..f1054adba 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -181,6 +181,13 @@ services: - AWS_ACCESS_KEY_ID=${S3_ACCESS_KEY:?S3_ACCESS_KEY must be set} - AWS_SECRET_ACCESS_KEY=${S3_SECRET_KEY:?S3_SECRET_KEY must be set} - AWS_REGION=${AWS_REGION:-us-east-1} + # v1.0.10 polish: enable the S3 stack and route track uploads through + # MinIO end-to-end. Without these two flags, defaults (local + + # disabled) win and the AWS_S3_* credentials above are inert. With + # blue/green active/active behind HAProxy, local-disk uploads on + # one pod are invisible to the other — S3 is required for HA. + - AWS_S3_ENABLED=true + - TRACK_STORAGE_BACKEND=s3 - HLS_STREAMING=true - HLS_STORAGE_DIR=/data/hls volumes: @@ -236,6 +243,13 @@ services: - AWS_ACCESS_KEY_ID=${S3_ACCESS_KEY:?S3_ACCESS_KEY must be set} - AWS_SECRET_ACCESS_KEY=${S3_SECRET_KEY:?S3_SECRET_KEY must be set} - AWS_REGION=${AWS_REGION:-us-east-1} + # v1.0.10 polish: enable the S3 stack and route track uploads through + # MinIO end-to-end. Without these two flags, defaults (local + + # disabled) win and the AWS_S3_* credentials above are inert. With + # blue/green active/active behind HAProxy, local-disk uploads on + # one pod are invisible to the other — S3 is required for HA. + - AWS_S3_ENABLED=true + - TRACK_STORAGE_BACKEND=s3 - HLS_STREAMING=true - HLS_STORAGE_DIR=/data/hls volumes: diff --git a/docker-compose.staging.yml b/docker-compose.staging.yml index 6e6a090ad..74e55aa46 100644 --- a/docker-compose.staging.yml +++ b/docker-compose.staging.yml @@ -77,6 +77,11 @@ services: - AWS_ACCESS_KEY_ID=${STAGING_S3_ACCESS_KEY:?STAGING_S3_ACCESS_KEY must be set} - AWS_SECRET_ACCESS_KEY=${STAGING_S3_SECRET_KEY:?STAGING_S3_SECRET_KEY must be set} - AWS_REGION=us-east-1 + # v1.0.10 polish: enable the S3 stack and route track uploads through + # MinIO end-to-end. Without these two flags, defaults (local + + # disabled) win and the AWS_S3_* credentials above are inert. + - AWS_S3_ENABLED=true + - TRACK_STORAGE_BACKEND=s3 - HLS_STREAMING=true - HLS_STORAGE_DIR=/data/hls volumes: