From 537719032e460572ec6fcf6d71be91c6e0bb305b Mon Sep 17 00:00:00 2001
From: Till JS <tills95@gmail.com>
Date: Tue, 28 Apr 2026 15:02:38 +0200
Subject: [PATCH] infra(macmini): bump squeezed container memory limits
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Mac Mini was running at 99% memory pressure with 8.6 GB swap active —
load was OK but every cold-container request was paying disk-I/O for
swapped pages. Container observations:

  redis      190/192 MB (99 %)  — close to OOM, hot keys evicting
  victoria   227/256 MB (89 %)  — constant GC pressure
  glitchtip  232/256 MB (91 %)
  umami      223/256 MB (87 %)

Each bumped to 384 MB, total +512 MB reservation in the Colima VM.
Headroom for that comes from stopping the Pelias stack (~3 GB freed)
in the same change-window.

Redis additionally gets `--maxmemory 320mb --maxmemory-policy allkeys-lru`
so the daemon evicts its own LRU keys at ~80 % of mem_limit instead of
letting the kernel OOM-kill the whole container. Safe for our usage —
Redis only holds rate-limit counters + sync hot-paths, no critical state.

Pelias stays stopped pending a migration to mana-gpu; mana-geocoding
will need a Nominatim fallback before the migration so the Places
module's address lookup keeps working.
---
 docker-compose.macmini.yml | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/docker-compose.macmini.yml b/docker-compose.macmini.yml
index 8ffb3cb1a..3036f02c0 100644
--- a/docker-compose.macmini.yml
+++ b/docker-compose.macmini.yml
@@ -122,8 +122,13 @@ services:
     image: redis:7-alpine
     container_name: mana-infra-redis
     restart: always
-    mem_limit: 192m
-    command: redis-server --requirepass ${REDIS_PASSWORD:-redis123}
+    mem_limit: 384m
+    # maxmemory ~80% of mem_limit so Redis evicts before the kernel OOM-kills.
+    # allkeys-lru drops least-recently-used keys when full — safe for our
+    # cache-style usage (rate-limit counters, sync hot-paths, no critical state).
+    command:
+      redis-server --requirepass ${REDIS_PASSWORD:-redis123} --maxmemory 320mb
+      --maxmemory-policy allkeys-lru
     volumes:
       - redis_data:/data
     ports:
@@ -1284,7 +1289,7 @@ services:
     image: ghcr.io/umami-software/umami:postgresql-v2.18.0
     container_name: mana-mon-umami
     restart: always
-    mem_limit: 256m
+    mem_limit: 384m
     depends_on:
       postgres:
         condition: service_healthy
@@ -1310,7 +1315,7 @@ services:
     image: victoriametrics/victoria-metrics:v1.99.0
     container_name: mana-mon-victoria
     restart: always
-    mem_limit: 256m
+    mem_limit: 384m
     # Mount the host config dir read-only and point promscrape directly at it,
     # so edits to docker/prometheus/prometheus.yml are picked up by POST /-/reload
     # without a container restart. The previous setup baked a copy into
@@ -1629,7 +1634,7 @@ services:
     image: glitchtip/glitchtip:latest
     container_name: mana-mon-glitchtip
     restart: always
-    mem_limit: 256m
+    mem_limit: 384m
     environment:
       DATABASE_URL: postgres://postgres:${POSTGRES_PASSWORD:-mana123}@postgres:5432/glitchtip
       REDIS_URL: redis://:${REDIS_PASSWORD:-redis123}@redis:6379/1