199a8efbfe
Closes the "single-region MinIO" gap. The 4-node EC:2 cluster
tolerates 2 simultaneous drive losses but a regional outage
(network partition, DC fire, operator error wiping the cluster)
remains a single point of data loss.
New Ansible role minio_replication :
- Wrapper script veza-minio-replicate.sh runs `mc mirror --preserve`
from the local cluster to a remote S3-compatible target every 6h
(configurable via OnCalendar).
- Writes textfile-collector metrics on each run :
veza_minio_replication_last_run_timestamp_seconds
veza_minio_replication_last_success_timestamp_seconds
veza_minio_replication_last_duration_seconds
veza_minio_replication_last_status (1/0)
veza_minio_replication_target_bytes
- systemd timer with Persistent=true catches up missed runs after
reboot (this is the disaster-recovery surface, can't afford to
silently skip ticks).
- Idempotent : `mc alias set` re-applies cleanly, `mc mb
--ignore-existing` for the target bucket.
- Refuses to run with vault placeholders to avoid accidental
prod application against bogus credentials.
Why mc mirror, not MinIO native bucket replication : works against
any S3-compatible target (Wasabi, Backblaze B2, AWS S3) with just
an access key, where MinIO BR/SR requires the target to be
MinIO-managed and bidirectionally reachable. mc is the lowest-
common-denominator that lets us decouple from the choice of
target operator.
Alerts in alert_rules.yml veza_minio_backup group :
- MinioReplicationLastFailed (warning, single failed run)
- MinioReplicationStale (CRITICAL, no success in 12h — past RPO)
- MinioReplicationNeverSucceeded (warning, fresh deploy stuck)
- MinioReplicationTargetShrunk (CRITICAL, > 20% drop in 1h —
operator-error guard rail)
Runbook docs/runbooks/minio-replication.md covers triage by alert,
common ops tasks (manual sync, pause, credential rotation), and
the manual restore procedure for DR.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| adr | ||
| archive | ||
| audit-2026-04 | ||
| audits | ||
| runbooks | ||
| testing | ||
| API_REFERENCE.md | ||
| API_VERSIONING_POLICY.md | ||
| BOOT_MODE_STATUS.md | ||
| BUDGETS.md | ||
| BUG_BASH_V0981.md | ||
| CANARY_RELEASE.md | ||
| CHAT_FEATURE_PARITY.md | ||
| CI_E2E.md | ||
| DB_MIGRATIONS_AUDIT_V1.md | ||
| DB_MIGRATIONS_ORIGIN_DIFF.md | ||
| DB_MIGRATIONS_STRATEGY_FINAL.md | ||
| DB_MIGRATIONS_V1_VALIDATION.md | ||
| DB_TRANSACTION_PLAN.md | ||
| DISCOVERY_ALGORITHM.md | ||
| ENV_CONFIG.md | ||
| ENV_VARIABLES.md | ||
| ENVIRONMENT_REAL_SETUP.md | ||
| FEATURE_STATUS.md | ||
| FRONTEND_AUDIT_VISUAL.md | ||
| FRONTEND_DEEP_DIVE_AUDIT.md | ||
| FRONTEND_ROADMAP_SPOTIFY_DISCORD_QUALITY.md | ||
| FRONTEND_SETUP.md | ||
| FRUGALITY.md | ||
| GLOBAL_PROJECT_STATE_2026.md | ||
| GO_NO_GO_CHECKLIST_v1.0.0.md | ||
| GO_NO_GO_CHECKLIST_v2.0.0_PUBLIC.md | ||
| MIGRATION_CONSOLIDATION.md | ||
| MIGRATIONS.md | ||
| MINIMAL_WEB.md | ||
| MONITORING_SETUP.md | ||
| MONOREPO_ORCHESTRATION.md | ||
| ONBOARDING.md | ||
| PAYMENT_E2E_LIVE_REPORT.md | ||
| PAYMENTS_SETUP.md | ||
| PAYOUT_MANUAL.md | ||
| PENTEST_SCOPE_2026.md | ||
| PENTEST_SEND_PACKAGE.md | ||
| PERFORMANCE_BASELINE.md | ||
| PR_READY_CHECKLIST.md | ||
| PRIVACY_POLICY.md | ||
| PRODUCTION_DEPLOYMENT.md | ||
| PROJECT_STATE.md | ||
| PWA_OFFLINE_VERIFICATION.md | ||
| README.md | ||
| RELEASE_NOTES_V2.0.0_RC1.md | ||
| REMOTE_DEV_R720.md | ||
| REPORT_FRONTEND_PHASE1.md | ||
| RGPD_CCPA_VERIFICATION.md | ||
| ROADMAP_V1.0_LAUNCH.md | ||
| ROADMAP_V09XX_TO_V1.md | ||
| RUNBOOK_ROLLBACK.md | ||
| SCOPE_CONTROL.md | ||
| SECRET_ROTATION.md | ||
| SECRETS_AUDIT.md | ||
| SECRETS_VERIFICATION.md | ||
| SECURITY_PRELAUNCH_AUDIT.md | ||
| SECURITY_SCAN_RC1.md | ||
| SOFT_LAUNCH_BETA_2026.md | ||
| SOFT_LAUNCH_BETA_2026_CHECKLIST.md | ||
| STAGING_DEPLOYMENT.md | ||
| STORYBOOK_CONTRACT.md | ||
| STRATEGIE_COUVERTURE_ET_TMT_2025_02.md | ||
| TEST_PROTOCOL_BOOT.md | ||
| TODO_TRIAGE_VEZA.md | ||
| TRANSACTION_TESTS_PHASE3.md | ||
| TRIAGE_REPORT.md | ||
| UUID_DB_CARTOGRAPHY.md | ||
| UUID_DB_MIGRATION_PLAN.md | ||
| V1_LIMITATIONS.md | ||
| V1_MVP_SCOPE.md | ||
| V1_SIGNOFF.md | ||
| VEZA_PROJECT_DOCUMENTATION.md | ||
| VISUAL_TESTING_STRATEGY.md | ||
Documentation Veza
Index de la documentation principale du monorepo.
Démarrage
- Onboarding — Setup, architecture, conventions, troubleshooting
- Frontend Setup — Configuration du frontend React
- Environment Config — Variables d'environnement et connexion Docker
Architecture & Déploiement
- Production Deployment — Déploiement en production
- Monorepo Orchestration — Organisation du monorepo
- Monitoring Setup — Configuration du monitoring
Développement
- Remote Dev R720 — Développement sur serveur R720 via Cursor Remote-SSH
- Scope v0.201 — Périmètre de la version courante (référence prioritaire)
- État du projet — Où en sommes-nous, prochaines étapes
- Contrôle du scope — Processus anti-scope-creep
- Feature Status — Statut des fonctionnalités
- Storybook Contract — Conventions Storybook
- Visual Testing Strategy — Stratégie des tests visuels
- PR Ready Checklist — Checklist avant merge
Base de données & Migrations
- DB Migrations Strategy — Stratégie des migrations
- UUID Migration Plan — Plan de migration UUID
Sécurité & Opérations
- Secrets Verification — Vérification des secrets
- Secret Rotation — Rotation des secrets
- Payments Setup — Configuration des paiements
Remédiation & Progression
- Remediation Progress — Suivi de la remédiation
- Global Project State — État global du projet
Archives
Les audits et rapports historiques sont dans docs/archive/.
Documentation par composant
- Frontend :
apps/web/docs/(FULL_LAYOUT_PAGE, DESIGN_TOKENS, etc.) - Backend :
veza-backend-api/docs/