fix(presets): wire catatonit as PID 1 for mysql and mariadb#383
Merged
Conversation
mysqld in mysql 8.4 (and by extension mariadb, which shares the same daemon entrypoint shape) does not install a SIGTERM handler when it runs as PID 1, so podman stop waits the full grace window and systemctl restart wedges around the 30-90s mark. The fix adds an init flag to CustomService and the preset schema, threads it into the quadlet generator as PodmanArgs=--init, and turns it on for the mysql and mariadb presets. Podman injects catatonit as PID 1, mysqld lands at PID 2 with its normal signal-handling thread intact, podman stop completes cleanly in ~1 second, and lerd service restart returns instead of timing out. The flag is opt-in per preset, postgres, redis, and the rest of the bundled services already handle PID 1 signals correctly so they stay on the existing shape. Addresses #380.
geodro
added a commit
that referenced
this pull request
May 19, 2026
The init field landed on CustomService and the preset schema in #383 so the quadlet generator can wire podman's --init when an image's main process ignores SIGTERM as PID 1, but the MCP service_add tool never picked up the corresponding argument. An agent registering a custom service through the wire couldn't turn the flag on without editing the YAML by hand. service_add now reads init alongside the other CustomService fields and the tool's input schema advertises it, so MCP-driven workflows reach feature parity with the .lerd.yaml path.
Merged
geodro
added a commit
that referenced
this pull request
May 19, 2026
The 1.21.0 line graduates from beta with eight follow-up commits on top of v1.21.0-beta.1. A LAN-exposure audit closes three dashboard endpoints that were reachable on lan:expose installs (raw .env, push-test, an unauthenticated mailpit webhook) and adds path-traversal validation for the new public_dir override (#382). mysql and mariadb pick up catatonit as PID 1 via a new init flag on the preset schema, so podman stop returns in around a second instead of timing out at 30s and lerd service restart stops wedging at the 30-90s mark (#383, closes #380). Host workers stopped via the UI or lerd worker stop no longer resurrect on the next fsnotify event or launchd heal tick, and the same fix puts lerd's bin directory on PATH for npm-spawned subprocesses so wayfinder and friends can find php (#375, #376, closes #381). The PHP-FPM runtime stage gets git back after the multi-stage split in #364 dropped it (#377), restoring VCS-typed composer repositories. Notification clicks land on the right tab now: worker_failed deep-links via the site's primary domain and dump arrivals jump straight to the Dumps sub-tab (#384). The .lerd.yaml container block accepts a target field for multi-stage Containerfiles, with the cache key mixing target in so flipping stages on an unchanged file actually rebuilds (#385, addresses #379), and the MCP service_add tool picks up the matching init argument so agent-driven flows reach feature parity with the YAML path (#386). And a security pass bumps jwt-go to 5.2.2, svelte to 5.55.8, and kysely to 0.28.17 closing one high-severity JWT header-parsing flaw, three medium svelte XSS paths, and one high kysely JSON-path traversal injection (#387).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
mysqldinmysql:8.4doesn't install a SIGTERM handler when it runs as PID 1, sopodman stopwaits the full grace window andsystemctl restartwedges around the 30 to 90 second mark. The same shape affects the mariadb image (mysql fork, same daemon entrypoint).The fix adds an
initflag to the preset schema (via the inlineCustomService), threads it into the quadlet generator asPodmanArgs=--init, and turns it on for the mysql and mariadb presets. Podman injects catatonit as PID 1, mysqld lands at PID 2 with its normal signal-handling thread intact,podman stopcompletes cleanly, andlerd service restartreturns instead of timing out.The flag is opt-in per preset. postgres, redis, and the rest of the bundled services already handle PID 1 signals correctly so they keep the existing shape. Custom services can opt in via
init: truein their.lerd.yaml.Upgrade behaviour: the rendered
.containerfile regenerates on the nextlerd startorlerd install, whichdaemon-reloads systemd. The currently-running mysql container is still on the old shape, so the very next restart pays the old slow path once, and every restart after that is fast. A reboot picks up the new shape without any slow restart.Addresses #380.