From f160e0c404af965e9892865005849a9f0156da2c Mon Sep 17 00:00:00 2001
From: archipelago <archipelago@localhost>
Date: Sun, 21 Jun 2026 08:23:19 -0400
Subject: [PATCH] fix(reboot): enable podman-restart.service at startup
 (--restart reboot-survival)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Orchestrator-installed backends (immich, btcpay-db, …) run as plain podman
`--restart=unless-stopped` containers until the Phase-3 Quadlet rollout flips
use_quadlet_backends on. Nothing in the codebase enabled the user's
podman-restart.service, so those containers had NO reboot-survival mechanism.
Enable it (idempotent, best-effort) at orchestrator startup so unless-stopped
containers come back after a reboot. Already applied manually on .228 (covers
31 containers incl. immich + btcpay); this codifies it fleet-wide.

The deeper fix (render Quadlet for all orchestrator installs) remains the gated
Phase-3 Quadlet-everywhere rollout.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---
 core/archipelago/src/main.rs | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/core/archipelago/src/main.rs b/core/archipelago/src/main.rs
index c49e72eb..4e2d093d 100644
--- a/core/archipelago/src/main.rs
+++ b/core/archipelago/src/main.rs
@@ -206,6 +206,27 @@ async fn main() -> Result<()> {
                 tracing::error!(error = %e, "prod orchestrator: load_manifests failed at startup");
             }
         }
+        // Reboot-survival safety net for the podman `--restart` path: ensure the
+        // user's podman-restart.service is enabled so `unless-stopped` containers
+        // come back after a reboot even when the Quadlet backend path is off
+        // (orchestrator-installed backends like immich/btcpay run as plain podman
+        // containers until the Phase-3 Quadlet rollout). Idempotent + best-effort.
+        {
+            let out = tokio::process::Command::new("systemctl")
+                .args(["--user", "enable", "--now", "podman-restart.service"])
+                .output()
+                .await;
+            match out {
+                Ok(o) if o.status.success() => {
+                    info!("🔁 podman-restart.service enabled (reboot-survival for --restart containers)")
+                }
+                Ok(o) => tracing::debug!(
+                    "podman-restart.service enable skipped: {}",
+                    String::from_utf8_lossy(&o.stderr).trim()
+                ),
+                Err(e) => tracing::debug!("podman-restart.service enable skipped: {e}"),
+            }
+        }
         // Adoption pass: link existing podman containers back to their
         // manifests so the reconciler doesn't recreate them.
         match tokio::time::timeout(Duration::from_secs(35), prod.adopt_existing()).await {