diff --git a/helm/gohoarder/templates/_helpers.tpl b/helm/gohoarder/templates/_helpers.tpl index b3232b5..859f65a 100644 --- a/helm/gohoarder/templates/_helpers.tpl +++ b/helm/gohoarder/templates/_helpers.tpl @@ -172,3 +172,17 @@ Trivy cache volume configuration emptyDir: {} {{- end }} {{- end }} + +{{/* +Validate SQLite configuration - SQLite cannot be used with SMB/NFS network storage +*/}} +{{- define "gohoarder.validateSQLiteConfig" -}} +{{- if eq .Values.metadata.backend "sqlite" }} + {{- if .Values.metadata.sqlite.persistence.enabled }} + {{- $storageClass := .Values.metadata.sqlite.persistence.storageClass | default .Values.storage.storageClass }} + {{- if or (contains "smb" ($storageClass | lower)) (contains "cifs" ($storageClass | lower)) (contains "nfs" ($storageClass | lower)) }} + {{- fail "\n\n❌ ERROR: SQLite cannot be used with SMB/CIFS/NFS network storage!\n\nSQLite requires POSIX file locking which is not reliably supported over network filesystems.\nThis will cause 'database is locked' errors and data corruption.\n\nPlease choose ONE of the following solutions:\n\n1. Use PostgreSQL for network storage (RECOMMENDED for production):\n metadata:\n backend: postgresql\n postgresql:\n host: your-postgres-host\n ...\n\n2. Use local storage for SQLite (OK for development):\n metadata:\n sqlite:\n persistence:\n enabled: true\n storageClass: local-path # or another local storage class\n\n3. Disable persistence (data will be lost on pod restart):\n metadata:\n sqlite:\n persistence:\n enabled: false\n\nFor more information, see: https://www.sqlite.org/lockingv3.html\n" }} + {{- end }} + {{- end }} +{{- end }} +{{- end }} diff --git a/helm/gohoarder/templates/deployment-scanner.yaml b/helm/gohoarder/templates/deployment-scanner.yaml index c1182f1..d0fbe92 100644 --- a/helm/gohoarder/templates/deployment-scanner.yaml +++ b/helm/gohoarder/templates/deployment-scanner.yaml @@ -1,4 +1,5 @@ {{- if .Values.security.enabled }} +{{- include "gohoarder.validateSQLiteConfig" . }} apiVersion: apps/v1 kind: Deployment metadata: diff --git a/helm/gohoarder/templates/deployment-server.yaml b/helm/gohoarder/templates/deployment-server.yaml index 9bbd6d4..92dd164 100644 --- a/helm/gohoarder/templates/deployment-server.yaml +++ b/helm/gohoarder/templates/deployment-server.yaml @@ -1,3 +1,4 @@ +{{- include "gohoarder.validateSQLiteConfig" . }} apiVersion: apps/v1 kind: Deployment metadata: diff --git a/helm/gohoarder/values.yaml b/helm/gohoarder/values.yaml index 5db7f39..205f54f 100644 --- a/helm/gohoarder/values.yaml +++ b/helm/gohoarder/values.yaml @@ -273,15 +273,30 @@ storage: # Metadata storage configuration metadata: # Backend: sqlite, postgresql - # For multiple server replicas: postgresql is recommended (sqlite has concurrency limitations) + # + # IMPORTANT: SQLite CANNOT be used with SMB/CIFS/NFS network storage! + # SQLite requires POSIX file locking which causes "database is locked" errors on network filesystems. + # + # Choose your configuration: + # 1. SQLite with local storage (development/single-node only) + # - Set backend: sqlite + # - Set sqlite.persistence.storageClass to a LOCAL storage class (e.g., "local-path") + # - OR set sqlite.persistence.enabled: false to use emptyDir (data lost on pod restart) + # + # 2. PostgreSQL with any storage (RECOMMENDED for production) + # - Set backend: postgresql + # - Configure postgresql settings below + # backend: "sqlite" # SQLite configuration + # WARNING: Do NOT use SMB/CIFS/NFS storage classes with SQLite! sqlite: # Use PVC for SQLite database + # IMPORTANT: storageClass must be LOCAL storage, NOT network storage (smb/nfs) persistence: - enabled: true - storageClass: "" + enabled: false # Changed to false by default - use emptyDir unless you have local storage + storageClass: "" # Must be local-path or similar LOCAL storage class if enabled size: "10Gi" accessMode: "ReadWriteOnce" existingClaim: ""