fix(P1): GDPR export + Redis eviction policy

F3: BullMQ 5.x rejects custom job IDs containing `:` (collides with internal Redis-key namespacing). GDPR export crashed with "Custom Id cannot contain :". Switched to dash separator. GDPR Article 15 right-to-access now functional. F4: Redis was configured with `allkeys-lru` eviction in both docker-compose.yml and docker-compose.prod.yml. BullMQ explicitly requires `noeviction` — otherwise queue keys can be evicted under memory pressure and jobs vanish silently. Switched to noeviction with comment pointing at the audit finding. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-14 22:39:16 +02:00
parent 85bd0d82e1
commit e469b2b6a6
3 changed files with 9 additions and 3 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -18,7 +18,9 @@ services:

  redis:
    image: redis:7-alpine
-    command: redis-server --requirepass ${REDIS_PASSWORD} --maxmemory 256mb --maxmemory-policy allkeys-lru
+    # BullMQ requires `noeviction` — under memory pressure, allkeys-lru
+    # silently drops queue keys and jobs disappear. See post-audit fix F4.
+    command: redis-server --requirepass ${REDIS_PASSWORD} --maxmemory 256mb --maxmemory-policy noeviction
    volumes:
      - redisdata:/data
    healthcheck: