set Litestream sync interval with LITESTREAM_SYNC_INTERVAL

README.md

@@ -180,12 +180,14 @@ __GeeseFS variables__
 
 __Litestream variables__
 
-| Variable                              | Default       | Description |
-|---------------------------------------|---------------|-------------|
-| `AGE_SECRET_KEY`                      | n/a, required |             |
-| `LITESTREAM_RETENTION`                | `24h`         |             |
-| `LITESTREAM_RETENTION_CHECK_INTERVAL` | `1h`          |             |
-| `LITESTREAM_VALIDATION_INTERVAL`      | `12h`         |             |
+| Variable                              | Default       | Description                                                                                                                                                                                     |
+|---------------------------------------|---------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `AGE_SECRET_KEY`                      | n/a, required |                                                                                                                                                                                                 |
+| `LITESTREAM_ENABLED`                  | `true`        | Whether to restore and replicate the SQlite database with Litestream. You likely never want to turn this option off, as you will loose your SQlite database on restarts.                        |
+| `LITESTREAM_RETENTION`                | `24h`         | Configure the Litestream retention period. Retention is enforced periodically and can be changed with `LITESTREAM_RETENTION_CHECK_INTERVAL`.                                                    |
+| `LITESTREAM_RETENTION_CHECK_INTERVAL` | `1h`          | The interval at which retention should be applied.                                                                                                                                              |
+| `LITESTREAM_VALIDATION_INTERVAL`      | `12h`         | The interval at which Litestream does a separate restore of the database and validates the result vs. the current database.                                                                     |
+| `LITESTREAM_SYNC_INTERVAL`            | `10s`         | Frequency in which frames are pushed to the replica. Note that Litestream's typical default is `1s`, and increasing this frequency can increase storage costs due to higher API request counts. |
 
 __Maintenance variables__
 

vaultwarden-fly-io/Dockerfile

@@ -17,12 +17,12 @@ RUN apk add age envsubst fuse jq openssl sudo
 COPY --from=litestream /litestream /usr/bin/litestream
 COPY --from=geesefs /geesefs /usr/bin/geesefs
 COPY --from=minio/mc:RELEASE.2024-10-02T08-27-28Z /usr/bin/mc /usr/bin/mc
-RUN echo 'vaultwarden ALL=(ALL) NOPASSWD:SETENV: /usr/bin/geesefs' >> /etc/sudoers
 COPY entrypoint.sh .
 
 # NOTE: I tried to make this work, but mounting a directory with GeeseFS and using the --uid option seems to break
 #       filesystem permissions for the mounted directory entirely (not just the vaultwarden user, even root gets
 #       permission denied errors). So, we run Vaultwarden as root as it can access the GeeseFS mount properly..
+#RUN echo 'vaultwarden ALL=(ALL) NOPASSWD:SETENV: /usr/bin/geesefs' >> /etc/sudoers
 #RUN addgroup -S vaultwarden && adduser -S vaultwarden -G vaultwarden
 #RUN mkdir /mnt/s3 && \
 #    touch /etc/litestream.yml && \

vaultwarden-fly-io/entrypoint.sh

@@ -78,6 +78,8 @@ dbs:
     path: vaultwarden.db
     region: $AWS_REGION
     endpoint: $AWS_ENDPOINT_URL_S3
+    # See https://litestream.io/reference/config/#replica-settings
+    sync-interval: "${LITESTREAM_SYNC_INTERVAL:-10s}"
     # See https://litestream.io/reference/config/#encryption
     age:
       identities: