From fe58cef568e3e29bc80f4e12afe7c7bf9641bb31 Mon Sep 17 00:00:00 2001
From: eternal-flame-AD <yume@yumechi.jp>
Date: Fri, 1 Nov 2024 04:27:57 -0500
Subject: [PATCH 1/6] draft logical replicate

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
---
 compose.local-db.yml                          | 13 ++++++++++
 compose_example.yml                           | 18 +++++++++++++
 .../1730447062213-logicalReplicatePublish.js  | 26 +++++++++++++++++++
 3 files changed, 57 insertions(+)
 create mode 100644 packages/backend/migration/1730447062213-logicalReplicatePublish.js

diff --git a/compose.local-db.yml b/compose.local-db.yml
index 3835cb23db..5a82da30cd 100644
--- a/compose.local-db.yml
+++ b/compose.local-db.yml
@@ -26,6 +26,19 @@ services:
       test: "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"
       interval: 5s
       retries: 20
+    command: ["-c", "wal_level=logical"]
+
+#   db-publish:
+#     restart: always
+#     image: alpine/socat
+#     ports:
+#       - "5433:5433"
+#     volumes:
+#       - ./replication:/data
+#     command: [
+#         "OPENSSL-LISTEN:5433,openssl-min-proto-version=TLS1.2,cert=/data/certs/server.pub.pem,key=/data/certs/server.key.pem,cafile=/data/certs/ca.pem,fork,reuseaddr",
+#         "TCP4:db:5432"
+#       ]
 
 #  meilisearch:
 #    restart: always
diff --git a/compose_example.yml b/compose_example.yml
index c4964d3d97..98aa5fd18e 100644
--- a/compose_example.yml
+++ b/compose_example.yml
@@ -64,6 +64,24 @@ services:
       test: "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"
       interval: 5s
       retries: 20
+    command: ["-c", "wal_level=logical"]
+
+  db-publish:
+    restart: always
+    image: alpine/socat
+    links:
+      - db
+    networks:
+      - internal_network
+      - external_network
+    ports:
+      - "5433:5433"
+    volumes:
+      - ./replication:/data
+    command: [
+        "OPENSSL-LISTEN:5433,openssl-min-proto-version=TLS1.2,cert=/data/certs/server.pub.pem,key=/data/certs/server.key.pem,cafile=/data/certs/ca.pem,fork,reuseaddr",
+        "TCP4:db:5432"
+      ]
 
 #  mcaptcha:
 #    restart: always
diff --git a/packages/backend/migration/1730447062213-logicalReplicatePublish.js b/packages/backend/migration/1730447062213-logicalReplicatePublish.js
new file mode 100644
index 0000000000..358635d876
--- /dev/null
+++ b/packages/backend/migration/1730447062213-logicalReplicatePublish.js
@@ -0,0 +1,26 @@
+const { MigrationInterface, QueryRunner } = require("typeorm");
+
+module.exports = class LogicalReplicatePublish1730447062213 {
+
+    async up(queryRunner) {
+                await queryRunner.query(
+            [
+                "CREATE PUBLICATION misskey_public",
+                "FOR TABLES IN SCHEMA public",
+                "WITH (publish = 'insert, update, delete')",
+            ].join(' '));
+
+        await queryRunner.query(
+            [
+                "ALTER PUBLICATION misskey_public",
+                "DROP TABLE auth_session, password_reset_request, access_token"
+            ].join(' '));
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(
+            [
+                "DROP PUBLICATION misskey_public"
+            ].join(' '));
+    }
+}
-- 
2.45.2


From 93a9ba815980d0671baa4c632ff27ab8ba22d143 Mon Sep 17 00:00:00 2001
From: eternal-flame-AD <yume@yumechi.jp>
Date: Fri, 1 Nov 2024 18:44:36 -0500
Subject: [PATCH 2/6] consistent ownership

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
---
 compose_example.yml | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/compose_example.yml b/compose_example.yml
index 98aa5fd18e..12554b04fd 100644
--- a/compose_example.yml
+++ b/compose_example.yml
@@ -2,6 +2,8 @@ services:
   nyuukyou:
     build: yume-mods/nyuukyou
     restart: always
+    user: "${MISSKEY_UID}:${MISSKEY_GID}"
+    profiles: [web]
     links:
       - web
     depends_on:
@@ -16,8 +18,14 @@ services:
       - ./nyuukyou:/store
     
   web:
-    build: .
+    build: 
+      context: .
+      args:
+        - UID: "${MISSKEY_UID}"
+        - GID: "${MISSKEY_GID}"
+    profiles: [web]
     restart: always
+    user: "${MISSKEY_UID}:${MISSKEY_GID}"
     links:
       - db
       - redis
@@ -42,6 +50,7 @@ services:
   redis:
     restart: always
     image: redis:7-alpine
+    user: "${MISSKEY_UID}:${MISSKEY_GID}"
     networks:
       - internal_network
     volumes:
@@ -54,6 +63,7 @@ services:
   db:
     restart: always
     image: postgres:15-alpine
+    user: "${MISSKEY_UID}:${MISSKEY_GID}"
     networks:
       - internal_network
     env_file:
@@ -69,6 +79,7 @@ services:
   db-publish:
     restart: always
     image: alpine/socat
+    user: "${MISSKEY_UID}:${MISSKEY_GID}"
     links:
       - db
     networks:
-- 
2.45.2


From 80209385e8c40338fa7dc940048a98cce1255813 Mon Sep 17 00:00:00 2001
From: eternal-flame-AD <yume@yumechi.jp>
Date: Sun, 3 Nov 2024 00:50:33 -0500
Subject: [PATCH 3/6] use custom replication solution

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
---
 compose_example.yml | 30 ++++++++++++++++++++++++------
 1 file changed, 24 insertions(+), 6 deletions(-)

diff --git a/compose_example.yml b/compose_example.yml
index 12554b04fd..7701ff2ec5 100644
--- a/compose_example.yml
+++ b/compose_example.yml
@@ -76,22 +76,40 @@ services:
       retries: 20
     command: ["-c", "wal_level=logical"]
 
-  db-publish:
+  replikey:
     restart: always
-    image: alpine/socat
+    image: l1drm/replikey:latest
+    profiles: [replikey-master]
     user: "${MISSKEY_UID}:${MISSKEY_GID}"
     links:
       - db
+      - redis
     networks:
       - internal_network
       - external_network
     ports:
-      - "5433:5433"
+      - "5443:5443"
     volumes:
-      - ./replication:/data
+      - ./replikey:/etc/replikey:ro
     command: [
-        "OPENSSL-LISTEN:5433,openssl-min-proto-version=TLS1.2,cert=/data/certs/server.pub.pem,key=/data/certs/server.key.pem,cafile=/data/certs/ca.pem,fork,reuseaddr",
-        "TCP4:db:5432"
+        "network",
+        "reverse-proxy",
+        "--listen",
+        "0.0.0.0:5443",
+        "--cert",
+        "/etc/replikey/cert.pem",
+        "--key",
+        "/etc/replikey/key.pem",
+        "--ca",
+        "/etc/replikey/ca.pem",
+        "--redis-sni",
+        "${MTLS_REDIS_SNI}",
+        "--redis-target",
+        "redis:6379",
+        "--postgres-sni",
+        "${MTLS_POSTGRES_SNI}",
+        "--postgres-target",
+        "db:5432",
       ]
 
 #  mcaptcha:
-- 
2.45.2


From 44152f876df7eff1395853564e3f043ee371c388 Mon Sep 17 00:00:00 2001
From: eternal-flame-AD <yume@yumechi.jp>
Date: Sun, 3 Nov 2024 00:57:57 -0500
Subject: [PATCH 4/6] revert migration

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
---
 .../1730447062213-logicalReplicatePublish.js  | 26 -------------------
 1 file changed, 26 deletions(-)
 delete mode 100644 packages/backend/migration/1730447062213-logicalReplicatePublish.js

diff --git a/packages/backend/migration/1730447062213-logicalReplicatePublish.js b/packages/backend/migration/1730447062213-logicalReplicatePublish.js
deleted file mode 100644
index 358635d876..0000000000
--- a/packages/backend/migration/1730447062213-logicalReplicatePublish.js
+++ /dev/null
@@ -1,26 +0,0 @@
-const { MigrationInterface, QueryRunner } = require("typeorm");
-
-module.exports = class LogicalReplicatePublish1730447062213 {
-
-    async up(queryRunner) {
-                await queryRunner.query(
-            [
-                "CREATE PUBLICATION misskey_public",
-                "FOR TABLES IN SCHEMA public",
-                "WITH (publish = 'insert, update, delete')",
-            ].join(' '));
-
-        await queryRunner.query(
-            [
-                "ALTER PUBLICATION misskey_public",
-                "DROP TABLE auth_session, password_reset_request, access_token"
-            ].join(' '));
-    }
-
-    async down(queryRunner) {
-        await queryRunner.query(
-            [
-                "DROP PUBLICATION misskey_public"
-            ].join(' '));
-    }
-}
-- 
2.45.2


From a59688fab470c826becda1f9651043ab766162af Mon Sep 17 00:00:00 2001
From: eternal-flame-AD <yume@yumechi.jp>
Date: Sun, 3 Nov 2024 01:36:32 -0500
Subject: [PATCH 5/6] add slave profile

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
---
 compose_example.yml | 64 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)

diff --git a/compose_example.yml b/compose_example.yml
index 7701ff2ec5..95088f4aba 100644
--- a/compose_example.yml
+++ b/compose_example.yml
@@ -111,6 +111,70 @@ services:
         "--postgres-target",
         "db:5432",
       ]
+  
+  replikey-postgres-slave:
+    restart: always
+    image: l1drm/replikey:latest
+    profiles: [replikey-slave]
+    user: "${MISSKEY_UID}:${MISSKEY_GID}"
+    links:
+      - db
+      - redis
+    networks:
+      - internal_network
+      - external_network
+    ports:
+      # - "4001:4001"
+    volumes:
+      - ./replikey:/etc/replikey:ro
+    command: [
+        "network",
+        "forward-proxy",
+        "--listen",
+        "0.0.0.0:4001",
+        "--sni",
+        "${MTLS_POSTGRES_SNI}",
+        "--target",
+        "db:5432",
+        "--cert",
+        "/etc/replikey/cert.pem",
+        "--key",
+        "/etc/replikey/key.pem",
+        "--ca",
+        "/etc/replikey/ca.pem",
+      ]
+
+  replikey-redis-slave:
+    restart: always
+    image: l1drm/replikey:latest
+    profiles: [replikey-slave]
+    user: "${MISSKEY_UID}:${MISSKEY_GID}"
+    links:
+      - db
+      - redis
+    networks:
+      - internal_network
+      - external_network
+    ports:
+      # - "4002:4002"
+    volumes:
+      - ./replikey:/etc/replikey:ro
+    command: [
+        "network",
+        "forward-proxy",
+        "--listen",
+        "0.0.0.0:4002",
+        "--sni",
+        "${MTLS_REDIS_SNI}",
+        "--target",
+        "redis:6379",
+        "--cert",
+        "/etc/replikey/cert.pem",
+        "--key",
+        "/etc/replikey/key.pem",
+        "--ca",
+        "/etc/replikey/ca.pem",
+      ]
 
 #  mcaptcha:
 #    restart: always
-- 
2.45.2


From 6bd7a8ae639861cc4e18e8c547ba419a5744820d Mon Sep 17 00:00:00 2001
From: eternal-flame-AD <yume@yumechi.jp>
Date: Wed, 6 Nov 2024 02:54:47 -0600
Subject: [PATCH 6/6] revert set wal_level flag

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
---
 compose.local-db.yml | 1 -
 compose_example.yml  | 1 -
 2 files changed, 2 deletions(-)

diff --git a/compose.local-db.yml b/compose.local-db.yml
index 5a82da30cd..ff202ae3e5 100644
--- a/compose.local-db.yml
+++ b/compose.local-db.yml
@@ -26,7 +26,6 @@ services:
       test: "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"
       interval: 5s
       retries: 20
-    command: ["-c", "wal_level=logical"]
 
 #   db-publish:
 #     restart: always
diff --git a/compose_example.yml b/compose_example.yml
index 95088f4aba..33c4a78760 100644
--- a/compose_example.yml
+++ b/compose_example.yml
@@ -74,7 +74,6 @@ services:
       test: "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"
       interval: 5s
       retries: 20
-    command: ["-c", "wal_level=logical"]
 
   replikey:
     restart: always
-- 
2.45.2