zzstoatzz.io / relay
declarative relay deployment on hetzner relay-eval.waow.tech
atproto relay
14
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix: move probes to :3000, use immutable image tags

- liveness/readiness probes now hit :3000/_health (concurrent websocket
server) instead of :3001 (single-threaded metrics server that blocks
behind /metrics scrapes)
- deploy pipeline uses git short SHA as image tag instead of mutable
:latest, so rollbacks are deterministic
- pullPolicy: IfNotPresent (tag changes trigger pull)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

zzstoatzz dafbf40b a0a74d1d

+20 -14
+4 -6
deploy/zlay-values.yaml
··· 7 7 main: 8 8 image: 9 9 repository: atcr.io/zzstoatzz.io/zlay 10 - tag: latest 11 - pullPolicy: Never 10 + tag: latest # overridden by `kubectl set image` at deploy time 11 + pullPolicy: IfNotPresent 12 12 env: 13 13 RELAY_PORT: "3000" 14 14 RELAY_METRICS_PORT: "3001" ··· 16 16 RELAY_DATA_DIR: /data/events 17 17 RELAY_RETENTION_HOURS: "12" 18 18 COLLECTION_INDEX_DIR: /data/collection-index 19 - # experiment: disable HTTP keepalive on resolver to test connection reuse retention 20 - RESOLVER_KEEP_ALIVE: "false" 21 19 # glibc malloc tuning: limit internal arenas to reduce fragmentation 22 20 # with ~2,700 threads. default is 8 * num_cpus = 128 arenas. 23 21 MALLOC_ARENA_MAX: "2" ··· 33 31 spec: 34 32 httpGet: 35 33 path: /_health 36 - port: 3001 34 + port: 3000 37 35 initialDelaySeconds: 10 38 36 periodSeconds: 15 39 37 timeoutSeconds: 5 ··· 44 42 memory: 1Gi 45 43 cpu: 1000m 46 44 limits: 47 - memory: 5Gi 45 + memory: 3Gi 48 46 49 47 service: 50 48 zlay:
+16 -8
justfile
··· 358 358 trap "rm -rf $TMPDIR" EXIT 359 359 git clone --depth 1 https://tangled.org/zzstoatzz.io/zlay "$TMPDIR" 360 360 cd "$TMPDIR" 361 - docker build --platform linux/amd64 -t atcr.io/zzstoatzz.io/zlay:latest . 362 - ATCR_AUTO_AUTH=1 docker push atcr.io/zzstoatzz.io/zlay:latest 361 + TAG=$(git rev-parse --short HEAD) 362 + IMAGE="atcr.io/zzstoatzz.io/zlay:${TAG}" 363 + docker build --platform linux/amd64 -t "${IMAGE}" . 364 + ATCR_AUTO_AUTH=1 docker push "${IMAGE}" 365 + echo "==> pushed ${IMAGE}" 363 366 364 367 # build zlay on the server and import into k3s containerd (fast — native x86_64 build) 365 368 zlay-publish-remote: ··· 370 373 cd /opt/zlay 371 374 git pull --ff-only 372 375 373 - echo "==> building binary" 376 + TAG=$(git rev-parse --short HEAD) 377 + IMAGE="atcr.io/zzstoatzz.io/zlay:${TAG}" 378 + 379 + echo "==> building binary (${TAG})" 374 380 zig build -Doptimize=ReleaseSafe -Dtarget=x86_64-linux-gnu 375 381 376 - echo "==> building container image" 377 - buildah bud -t atcr.io/zzstoatzz.io/zlay:latest -f Dockerfile.runtime . 382 + echo "==> building container image (${IMAGE})" 383 + buildah bud -t "${IMAGE}" -f Dockerfile.runtime . 378 384 379 385 echo "==> importing into k3s containerd" 380 - buildah push atcr.io/zzstoatzz.io/zlay:latest docker-archive:/tmp/zlay.tar:atcr.io/zzstoatzz.io/zlay:latest 386 + buildah push "${IMAGE}" docker-archive:/tmp/zlay.tar:"${IMAGE}" 381 387 ctr -n k8s.io images import /tmp/zlay.tar 382 388 rm -f /tmp/zlay.tar 383 389 384 - echo "==> restarting deployment" 385 - kubectl rollout restart deployment/zlay -n zlay 390 + echo "==> updating deployment image" 391 + kubectl set image deployment/zlay -n zlay main="${IMAGE}" 386 392 kubectl rollout status deployment/zlay -n zlay --timeout=120s 393 + 394 + echo "==> deployed ${IMAGE}" 387 395 DEPLOY 388 396 389 397 # deploy zlay to its k3s cluster