feat(sync): default SYNC_BASE_PATH to /var/lib/romm/sync

Move the sync staging folder out of ROMM_BASE_PATH so it lives on a dedicated writable mount. This lets the container run with a read-only root filesystem without losing in-flight save uploads, and keeps app-owned state separate from the user-curated library volume. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-06-28 14:56:01 +00:00 · 2026-05-17 09:28:39 -04:00
parent 016cc1ce52
commit 10d3eb2079
4 changed files with 13 additions and 11 deletions
--- a/backend/config/init.py
+++ b/backend/config/init.py
@@ -213,7 +213,7 @@ SCHEDULED_RETROACHIEVEMENTS_PROGRESS_SYNC_CRON: Final[str] = _get_env(
 )

 # SYNC
-SYNC_BASE_PATH: Final[str] = _get_env("SYNC_BASE_PATH", f"{ROMM_BASE_PATH}/sync")
+SYNC_BASE_PATH: Final[str] = _get_env("SYNC_BASE_PATH", "/var/lib/romm/sync")
 ENABLE_SYNC_FOLDER_WATCHER: Final[bool] = safe_str_to_bool(
    _get_env("ENABLE_SYNC_FOLDER_WATCHER")
 )
@@ -226,10 +226,10 @@ SYNC_PUSH_PULL_CRON: Final[str] = _get_env(
    "*/30 * * * *",  # Every 30 minutes
 )
 SYNC_SSH_KEYS_PATH: Final[str] = _get_env(
-    "SYNC_SSH_KEYS_PATH", f"{ROMM_BASE_PATH}/sync/keys"
+    "SYNC_SSH_KEYS_PATH", f"{SYNC_BASE_PATH}/keys"
 )
 SYNC_SSH_KNOWN_HOSTS_PATH: Final[str] = _get_env(
-    "SYNC_SSH_KNOWN_HOSTS_PATH", f"{ROMM_BASE_PATH}/sync/known_hosts"
+    "SYNC_SSH_KNOWN_HOSTS_PATH", f"{SYNC_BASE_PATH}/known_hosts"
 )

 # EMULATION
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -197,9 +197,9 @@ COPY ./docker/gunicorn/logging.conf /etc/gunicorn/logging.conf
 # - Create base directories and make default user/group the owner.
 # - Make nginx configuration files writable by everyone for `envsubst` to work
 RUN addgroup -g 1000 -S romm && adduser -u 1000 -D -S -G romm romm && \
-    mkdir /romm /redis-data && \
-    chown romm:romm /romm /redis-data && \
-    chmod 755 /romm /redis-data && \
+    mkdir -p /romm /redis-data /var/lib/romm/sync && \
+    chown romm:romm /romm /redis-data /var/lib/romm /var/lib/romm/sync && \
+    chmod 755 /romm /redis-data /var/lib/romm /var/lib/romm/sync && \
    chmod -R a+w /etc/nginx/conf.d


@@ -218,7 +218,7 @@ ENV PYTHONUNBUFFERED=1
 ENV PYTHONPATH=/backend

 # Declare the supported volumes
-VOLUME ["/romm/resources", "/romm/library", "/romm/assets", "/romm/config", "/redis-data"]
+VOLUME ["/romm/resources", "/romm/library", "/romm/assets", "/romm/config", "/var/lib/romm/sync", "/redis-data"]

 # Expose non-privileged ports
 EXPOSE 8080 6379/tcp
--- a/docker/init_scripts/init
+++ b/docker/init_scripts/init
@@ -88,7 +88,7 @@ wait_for_gunicorn_socket() {
 	fi
 }

-# Function that runs our main process and creates a corresponding PID file
+# Runs our main process and creates a corresponding PID file
 start_bin_gunicorn() {
 	# cleanup potentially leftover socket
 	rm /tmp/gunicorn.sock -f
@@ -248,16 +248,17 @@ start_bin_watcher() {

 start_bin_sync_watcher() {
 	info_log "Starting sync folder watcher"
+	local sync_base_path="${SYNC_BASE_PATH:-/var/lib/romm/sync}"
 	if [[ ${OTEL_SDK_DISABLED:-false} == "true" ]]; then
 		watchfiles \
 			--target-type command \
 			"python3 sync_watcher.py" \
-			/romm/sync &
+			"${sync_base_path}" &
 	else
 		watchfiles \
 			--target-type command \
 			"opentelemetry-instrument --service_name '${OTEL_SERVICE_NAME_PREFIX-}sync_watcher' python3 sync_watcher.py" \
-			/romm/sync &
+			"${sync_base_path}" &
 	fi
 	SYNC_WATCHER_PID=$!
 	echo "${SYNC_WATCHER_PID}" >/tmp/sync_watcher.pid
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -80,10 +80,11 @@ watchfiles \

 if [[ ${ENABLE_SYNC_FOLDER_WATCHER:-false} == "true" ]]; then
 	echo "Starting sync folder watcher..."
+	SYNC_BASE_PATH="${SYNC_BASE_PATH:-/var/lib/romm/sync}"
 	watchfiles \
 		--target-type command \
 		'uv run python sync_watcher.py' \
-		/app/romm/sync &
+		"${SYNC_BASE_PATH}" &
 fi

 # Start the frontend dev server