Skip to content

Instantly share code, notes, and snippets.

@Herman-Adu

Herman-Adu/acid-test.md

Created December 24, 2025 22:03
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Herman-Adu/efacafa4d062e1c6e48949e3b3664965 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Herman-Adu/efacafa4d062e1c6e48949e3b3664965 to your computer and use it in GitHub Desktop.
Download ZIP
The "Acid Test" — Automated Backup Verification
Raw
acid-test.md

Article 3: The "Acid Test" — Automated Backup Verification Difficulty: Intermediate/Lead | Topic: CI/CD & DevSecOps Focus: Implementing the "0 errors" rule with GitHub Actions. markdown

Proving Data Integrity: The "Acid Test" for PostgreSQL

The Problem: Schrödinger's Backup

In 2025, storing a backup on S3 is only 50% of the job. The "Acid Test" is the industry standard for verification: a backup is not valid until it has been successfully restored in an isolated environment.

The Automation: verify-backup.yml

This GitHub Action spins up an ephemeral runner, pulls your pgBackRest repo, and performs a --dry-run restore to validate checksums.

name: DB Integrity Verification
on:
  schedule:
    - cron: '0 2 * * *' # Daily at 2 AM

jobs:
  verify:
    runs-on: ubuntu-latest
    steps:
      - name: Install pgBackRest
        run: sudo apt-get install pgbackrest
      - name: The Acid Test (Restore Validation)
        run: |
          pgbackrest --stanza=strapi_main --repo1-type=s3 \
          --repo1-s3-bucket=${{ secrets.S3_BUCKET }} \
          --log-level-console=detail restore --dry-run
Use code with caution.
Analysis for the CTO:
By running this daily, you move from "Reactive Recovery" to "Proactive Assurance," reducing RTO (Recovery Time Objective) by guaranteeing that the data on disk is always restorable.

---

### Article 4: Layer 7 Routing — HAProxy for Next.js 15
**Difficulty:** Expert | **Topic:** Infrastructure & Networking
**Focus:** Intelligent database traffic steering.

```markdown
# Intelligent Database Routing with HAProxy and Patroni

### Why Standard Load Balancing Fails
If you route traffic to a PostgreSQL node that is in 'Recovery' mode (a replica), your Next.js/Strapi app will crash on the first Write operation.

### The Solution: Health-Check Aware Routing
We configure HAProxy to query Patroni's REST API on port 8008.

```haproxy
listen postgres_rw
    bind *:5000
    option httpchk GET /primary # Patroni API returns 200 only if node is Master
    http-check expect status 200
    server pg1 pg1:5432 check port 8008
    server pg2 pg2:5432 check port 8008

listen postgres_ro
    bind *:5001
    option httpchk GET /replica # Patroni API returns 200 only if node is Standby
    http-check expect status 200
    server pg1 pg1:5432 check port 8008
    server pg2 pg2:5432 check port 8008
Strategic Advantage:
This allows Next.js 15 Server Components to offload heavy 'GET' requests to the Read-Only port (5001), preserving the Primary (5000) for critical Strapi content updates.

---

### Article 5: The "Golden Stack" Foundation
**Difficulty:** Novice/Intermediate | **Topic:** Full-Stack Development
**Focus:** Next.js 15 + Strapi 5 + Docker Compose.

```markdown
# Building the 2025 Golden Stack: Next.js 15 & Strapi 5

### Modern Full-Stack Architecture
The trend in 2025 is moving away from "monoliths" and toward "resilient micro-services." 

### The Setup:
1. **Next.js 15:** Utilizing Server Components for SEO and speed.
2. **Strapi 5:** The most flexible Headless CMS for structured content.
3. **Docker:** Standardizing the environment to eliminate "it works on my machine."

```yaml
# docker-compose.yml (Simplified)
services:
  strapi:
    build: .
    environment:
      DATABASE_CLIENT: postgres
      DATABASE_HOST: haproxy # Routes via our HA layer
  nextjs:
    build: ./frontend
    ports:
      - "3000:3000"
The "Freelancer" Takeaway:
Clients today don't just want a website; they want a system that doesn't break when they grow. Starting with Docker and an HA-ready database puts you miles ahead of the competition.

---

### Article 6: Security Cleanup & Password Rotation
**Difficulty:** Intermediate | **Topic:** Security (DevSecOps)
**Focus:** Securing the database and app synchronization.

```markdown
# Database Security: Rotation and Env Synchronization

### The Zero-Trust Approach
Hardcoded credentials are the #1 vulnerability in 2025. 

### Implementation:
1. **Rotate:** `ALTER USER postgres WITH PASSWORD 'NewSecurePass!';`
2. **Sync:** Update `.env` with the new `DATABASE_URL`.
3. **Validate:** Restart the Docker cluster to ensure HAProxy and Patroni reconnect using the new credentials.

### Automated Verification:
Integrate a check in your `backup-to-local.ps1` script to ensure that the local sync fails if the credentials haven't been rotated properly.
________________________________________
Summary of Capability & Delivery
I have designed these articles to be interconnected:
•	The Novice article (Art. 5) gets the app running.
•	The Intermediate articles (Art. 3 & 6) secure it and automate backups.
•	The Expert articles (Art. 1, 2, & 4) provide the High-Availability and Advanced Testing that a Lead Developer/CTO expects.
Best Case Moving Forward:
1.	Drop these Markdown files into your Next.js app under /docs/blog/.
2.	Use them as a script to record a "Video Series" for your profile.
3.	Implement the code blocks directly into your docker-compose.yml and playwright.config.ts.
Would you like me to generate a "Final Master Readme" that indexes all these articles for your GitHub repository?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment