Set Up Managed Services
Managed services are databases and storage systems that Temps provisions as Docker containers on your server. You create them once, link them to projects, and Temps handles credential generation, networking, environment variable injection, and backups.
Available service types
| Service | Default Image | Use case |
|---|---|---|
| PostgreSQL | gotempsh/postgres-walg:18-bookworm | Primary database with WAL-G streaming backups |
| Redis | gotempsh/redis-walg:8-bookworm | Caching, sessions, pub/sub, and queues |
| MongoDB | gotempsh/mongodb-walg:8.0 | Document database |
| S3 Storage | rustfs/rustfs:1.0.0-alpha.78 | S3-compatible object storage (powered by RustFS) |
Temps also provides higher-level abstractions built on these services:
| Service | Backed by | Purpose |
|---|---|---|
| KV | Redis | Key-value storage accessible via the Temps SDK |
| Blob | RustFS | File/blob storage accessible via the Temps SDK |
Create a service
From the dashboard
- In the sidebar, click Services
- Click Create Service
- Select the service type
- Enter a name and adjust parameters if needed
- Click Create
From the API
curl -X POST "https://your-temps-instance/api/external-services" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "my-postgres",
"service_type": "postgres",
"parameters": {
"port": "5432",
"max_connections": "200"
}
}'
Configuration by service type
PostgreSQL:
| Parameter | Default | Editable after creation |
|---|---|---|
port | Auto-assigned from 5432 | Yes |
docker_image | gotempsh/postgres-walg:18-bookworm | Yes |
max_connections | 100 | Yes |
ssl_mode | disable | Yes |
database | postgres | No (read-only) |
username | postgres | No (read-only) |
password | Auto-generated (16 chars) | No (read-only) |
Redis:
| Parameter | Default | Editable after creation |
|---|---|---|
port | Auto-assigned from 6379 | Yes |
docker_image | gotempsh/redis-walg:8-bookworm | Yes |
password | Auto-generated | No (read-only) |
MongoDB:
| Parameter | Default | Editable after creation |
|---|---|---|
port | Auto-assigned from 27017 | Yes |
docker_image | gotempsh/mongodb-walg:8.0 | Yes |
database | admin | No (read-only) |
username | admin | No (read-only) |
password | Auto-generated | No (read-only) |
S3 / RustFS:
| Parameter | Default | Editable after creation |
|---|---|---|
port | Auto-assigned from 9000 | Yes |
console_port | Auto-assigned from 9001 | Yes |
docker_image | rustfs/rustfs:1.0.0-alpha.78 | Yes |
access_key | Auto-generated | No (read-only) |
secret_key | Auto-generated | No (read-only) |
All ports are bound to 127.0.0.1 only — they are not publicly accessible from outside the server. Application containers communicate with services over the Docker network using container names as hostnames.
Link a service to a project
Linking injects the service's connection credentials as environment variables into your project's containers at deploy time.
From the dashboard
- Open your project
- Click Services in the project sidebar
- Click Link Service
- Select the service
- Click Link
From the API
curl -X POST "https://your-temps-instance/api/external-services/{service_id}/projects" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"project_id": 1
}'
What happens when you link
- Per-project isolation — For PostgreSQL, a dedicated database is created named
{project_slug}_{environment_slug}. For Redis, a database number (0-15) is assigned. For S3, a dedicated bucket is created. - Environment variables — Connection credentials are generated using the Docker container name as the hostname (for internal networking) and injected on the next deploy.
- One per type — Only one service of each type can be linked to a project. To switch PostgreSQL instances, unlink the current one first.
Preview environment variables
To see what variables will be injected without deploying:
# Preview variable names
curl "https://your-temps-instance/api/external-services/{service_id}/preview-environment-names" \
-H "Authorization: Bearer YOUR_TOKEN"
# Preview with masked values
curl "https://your-temps-instance/api/external-services/{service_id}/preview-environment-masked" \
-H "Authorization: Bearer YOUR_TOKEN"
# Get actual values for a project
curl "https://your-temps-instance/api/external-services/{service_id}/projects/{project_id}/environment" \
-H "Authorization: Bearer YOUR_TOKEN"
Unlink a service
curl -X DELETE "https://your-temps-instance/api/external-services/{service_id}/projects/{project_id}" \
-H "Authorization: Bearer YOUR_TOKEN"
Unlinking does not delete the database or data inside the service — it only stops injecting environment variables. You can re-link later.
Import an existing container
If you already have a PostgreSQL or Redis container running on your server, you can import it into Temps instead of creating a new one.
- Go to Services
- Click Import Container
- Temps scans for running Docker containers that match known service types
- Select the container to import
- Provide the connection credentials (Temps cannot read them from the container)
From the API:
# List importable containers
curl "https://your-temps-instance/api/external-services/available-containers" \
-H "Authorization: Bearer YOUR_TOKEN"
# Import one
curl -X POST "https://your-temps-instance/api/external-services/import" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"container_id": "abc123...",
"name": "existing-postgres",
"service_type": "postgres",
"parameters": {
"host": "localhost",
"port": "5432",
"database": "postgres",
"username": "postgres",
"password": "your-existing-password"
}
}'
Manage service lifecycle
Start and stop
Services can be started and stopped independently:
# Stop a service (keeps data)
curl -X POST "https://your-temps-instance/api/external-services/{id}/stop" \
-H "Authorization: Bearer YOUR_TOKEN"
# Start it again
curl -X POST "https://your-temps-instance/api/external-services/{id}/start" \
-H "Authorization: Bearer YOUR_TOKEN"
Stopping a service does not delete any data — the Docker volume persists. Applications linked to a stopped service will fail to connect until the service is started again.
Health check
curl "https://your-temps-instance/api/external-services/{id}/health" \
-H "Authorization: Bearer YOUR_TOKEN"
Delete a service
curl -X DELETE "https://your-temps-instance/api/external-services/{id}" \
-H "Authorization: Bearer YOUR_TOKEN"
Warning: Deleting a service removes the Docker container. Data in the Docker volume may be preserved depending on your Docker configuration, but this should not be relied upon. Always back up important data before deleting a service.
Upgrade a service
To update the Docker image (e.g. from PostgreSQL 17 to 18):
curl -X POST "https://your-temps-instance/api/external-services/{id}/upgrade" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"docker_image": "gotempsh/postgres-walg:18-bookworm"
}'
Or from the dashboard, go to the service details page and click Upgrade.
Major version upgrades (e.g. PostgreSQL 16 to 17) may require data migration. Always back up the service before upgrading. For PostgreSQL, major version upgrades typically require a dump and restore — the Docker image swap alone may not be sufficient.
PostgreSQL HA clusters
A PostgreSQL service can run as a high-availability cluster instead of a single standalone container. Cluster services have topology = "cluster" and service_type = "postgres", and run on the gotempsh/postgres-ha:18-bookworm-walg image. A cluster is made up of a pg_auto_failover monitor plus one or more data members tracked in the service_members table. Applications connect through the cluster's virtual address — <cluster>.temps.local — using a libpq connection string with target_session_attrs=read-write, which always lands writes on the current primary.
Cluster backups and restore use WAL-G physical backups (basebackup plus continuous WAL archiving) rather than the per-engine pg_dump/pg_dumpall path used for standalone services.
Cluster backup
When you back up a cluster (from the service's Backup button or the standard backup API), Temps routes through ExternalServiceManager::backup_postgres_cluster instead of the standalone path. That method:
-
Finds the current writable primary by asking pg_auto_failover for the member whose live state is
primaryorsingle. -
Writes a
/var/lib/postgresql/walg.envcredentials file to every running data member (not the monitor). Writing it everywhere means archiving keeps working after a failover promotes a different member to primary. -
Runs
wal-g backup-push /var/lib/postgresql/pgdataagainst the primary to upload the basebackup to S3. WAL segments are lz4-compressed by default. -
Enables continuous WAL archiving by running, against the primary:
ALTER SYSTEM SET archive_command = '. /var/lib/postgresql/walg.env && wal-g wal-push %p'; ALTER SYSTEM SET archive_mode = 'on'; ALTER SYSTEM SET wal_level = 'replica'; SELECT pg_reload_conf();
Because archive_command is stored in postgresql.auto.conf — which is part of pgdata and is streamed to replicas — the setting survives a failover. A new primary inherits it without an operator re-running anything, so WAL keeps flowing to the same S3 prefix.
WAL archiving doesn't start until the next restart. archive_mode is a postmaster setting that requires a server restart to take effect. Until the primary restarts — either operator-triggered or pg_auto_failover-driven — archive_command is set but the archiver is not yet enabled, so WAL accumulates locally without being shipped to S3. The basebackup itself is already safely on S3; only continuous WAL shipping waits on the restart.
In-place cluster restore
An in-place restore of a cluster backup routes through ExternalServiceManager::restore_postgres_cluster. It first snapshots the existing member topology (names, ordinals, roles, node assignments), then runs in three phases:
| Phase | What it does |
|---|---|
| 1. Teardown | Removes every member: deletes DNS records, force-removes each container, removes each {container}_data volume, drops the role/VIP DNS records, and deletes the service_members rows. The parent external_services row is kept on purpose, so the service URL, credentials, and UI bookmarks survive. |
| 2. Pre-seed primary | Runs a one-shot helper container (same gotempsh/postgres-ha:18-bookworm-walg image, bind-mounting the primary's volume) that runs wal-g backup-fetch "$PGDATA" LATEST, writes recovery.signal, and writes a postgresql.auto.conf with restore_command = '. /var/lib/postgresql/walg-restore.env && wal-g wal-fetch %f %p'. |
| 3. Rebuild | Re-runs initialize_cluster with the original member specs. PostgreSQL recovers from WAL, pg_auto_failover rebuilds the cluster, and replicas re-basebackup from the new primary. |
Because container names derive deterministically from ordinal (postgres-<cluster>-<ordinal>) and the cluster connection string targets <cluster>.temps.local, the rebuilt cluster keeps the same names, ordinals, and DNS. Application connections reconnect transparently once the cluster is back up.
Single-host only in this MVP. If any cluster member has a node_id (i.e. it lives on a remote worker), an in-place restore is refused with: MVP: cluster restore is single-host only (no remote members yet). Move all members to the control plane or wait for the multi-host restore path. Move every member to the control plane first. This restriction applies only to restore — cluster backup has no single-host limitation. Restore is always to the latest backup; the point-in-time recovery_target argument is reserved but currently ignored.