docs: update migration docs to reflect migration-based workflow (#56)

gui.do / barazo-deploy

fork atom

Barazo Docker Compose templates for self-hosting barazo.forum

fork atom

Replace outdated drizzle-kit push references with the current
migration-on-startup approach.

authored by

Guido X Jansen and committed by

GitHub 2 weeks ago 89872832 0a4b850c

+5 -3

2 changed files

expand all

docs

security-hardening.md

upgrading.md

+1 -1

docs/security-hardening.md

··· 217 217 | `barazo_app` | DML (SELECT, INSERT, UPDATE, DELETE) | API server | 218 218 | `barazo_readonly` | SELECT only | Search, public endpoints, reporting | 219 219 220 - The API server connects with `barazo_app` -- it cannot modify the schema. During alpha, schema is applied via `drizzle-kit push` at deploy time. In beta, `barazo_migrator` will run proper migrations. 220 + The API server connects with the database user configured in `DATABASE_URL`. On startup, it runs pending Drizzle migrations using a dedicated single-connection client, then opens the main connection pool. In a future hardening phase, migration will use a separate `barazo_migrator` role with DDL privileges, while `barazo_app` will be restricted to DML only. 221 221 222 222 ### Connection Security 223 223

+4 -2

docs/upgrading.md

··· 18 18 ./scripts/smoke-test.sh https://your-domain.com 19 19 ``` 20 20 21 - The database schema is applied via `drizzle-kit push` during deployment. No manual schema step is needed. 21 + Database migrations are applied automatically when the API container starts. The Drizzle migration runner checks for pending migrations and applies them before accepting requests. No manual schema step is needed. 22 + 23 + **Important:** Database migrations are forward-only. If you need to rollback, restore from the pre-upgrade backup. 22 24 23 25 ## Pinned Version Upgrade 24 26 ··· 75 77 76 78 Common breaking changes to watch for: 77 79 - **Environment variable renames** -- update your `.env` file 78 - - **Database schema changes** -- schema is pushed on deploy, but rollback may require the backup 80 + - **Database schema changes** -- migrations run automatically on startup, but rollback requires restoring from the pre-upgrade backup 79 81 - **Caddy configuration changes** -- check if Caddyfile needs updates