From f754d4ecbb2a5e1c08b0bc768f0183b1078592ba Mon Sep 17 00:00:00 2001
From: Till JS <tills95@gmail.com>
Date: Tue, 28 Apr 2026 17:31:52 +0200
Subject: [PATCH] chore(infra): provision 2 GiB swap inside Colima VM as OOM
 safety net
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Colima starts its Linux VM with no swap configured. Without swap the
kernel responds to memory pressure by invoking the OOM-killer instead
of paging out cold pages — meaning a transient peak (mana-web Vite
build with 8 GiB heap landing on top of the running container set)
takes down a container instead of just stalling for a few seconds.

The 2026-04-28 Mac Mini RAM audit found:
  - VM allocated:       12 GiB (1 GiB kernel overhead → 11 GiB user)
  - Container RSS:      ~4 GiB pinned
  - Available headroom: ~7.6 GiB
  - mana-web Vite peak: ~8 GiB

That's 400 MiB over the limit during builds, which is why we previously
needed the build-memory-headroom.sh wrapper to pause monitoring (frees
~700 MiB temporarily). Swap is the safer second backstop — Linux only
swaps under actual pressure (used=0 right after creation, confirmed
free -h), and the kernel can fall back to paging cold container memory
to give a build the burst it needs without killing anything.

The new step in migrate-to-colima.sh:
- creates /swap (2 GiB, root-only)
- mkswap + swapon
- persists in /etc/fstab so the VM remounts it on every restart
- idempotent — re-runs are no-ops

Already provisioned on the live VM via:
  ssh mana-server 'colima ssh -- "sudo fallocate -l 2G /swap && \
    sudo chmod 600 /swap && sudo mkswap /swap && sudo swapon /swap"'

Verified: free -h shows Swap: 2.0Gi total / 0B used. Currently dormant.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 scripts/mac-mini/migrate-to-colima.sh | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/scripts/mac-mini/migrate-to-colima.sh b/scripts/mac-mini/migrate-to-colima.sh
index 2dec93e0a..6913550a0 100755
--- a/scripts/mac-mini/migrate-to-colima.sh
+++ b/scripts/mac-mini/migrate-to-colima.sh
@@ -239,6 +239,27 @@ else
         error "Rollback: ./scripts/mac-mini/migrate-to-colima.sh --rollback"
         exit 1
     fi
+
+    # 2 GiB Swap als OOM-Versicherung. Colima startet die VM ohne
+    # Swap; ohne ihn killt der OOM-Killer Container statt zu paginen,
+    # sobald RSS-Spitzen (z.B. mana-web Vite-Build mit 8 GiB Heap)
+    # auf laufende Container treffen. Idempotent — wenn /swap schon
+    # existiert ist es ein no-op.
+    log "Konfiguriere 2 GiB Swap in der Colima-VM"
+    colima ssh -- bash -c '
+        if [ -f /swap ] && grep -q "^/swap " /proc/swaps; then
+            echo "  Swap bereits aktiv — skip"
+            exit 0
+        fi
+        sudo fallocate -l 2G /swap
+        sudo chmod 600 /swap
+        sudo mkswap /swap >/dev/null
+        sudo swapon /swap
+        if ! grep -q "^/swap " /etc/fstab; then
+            echo "/swap none swap sw 0 0" | sudo tee -a /etc/fstab >/dev/null
+        fi
+        echo "  Swap aktiv: $(grep ^/swap /proc/swaps | awk "{print \$3}") KiB"
+    '
 fi
 
 # ============================================