From bc3346b80656273fa81b599f0a84edf6fe9329d8 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Mon, 1 Nov 2021 18:24:55 -0400
Subject: [PATCH] give the staging/prod issuers a new filesystem for the
 voucher database

---
 morph/lib/issuer-aws.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/morph/lib/issuer-aws.nix b/morph/lib/issuer-aws.nix
index bf7de56c..ea90bb5f 100644
--- a/morph/lib/issuer-aws.nix
+++ b/morph/lib/issuer-aws.nix
@@ -18,6 +18,17 @@
   # <https://github.com/DBCDK/morph/issues/146>.
   networking.hostName = name;
 
+  fileSystems = {
+    # Mount a dedicated filesystem (ideally on a dedicated volume, but that's
+    # beyond control of this particular part of the system) for the
+    # PaymentServer voucher database.  This makes it easier to manage for
+    # tasks like backup/recovery and encryption.
+    "voucher-database" = {
+      label = "voucher-database";
+      mountPoint = "/var/lib/zkapissuer-vouchers";
+    };
+  };
+
   # Clean up packages after a while
   nix.gc = {
     automatic = true;
-- 
GitLab