TazPod Sync Daemon

TazPod includes a background synchronization loop so the encrypted vault on disk and in S3 keep following the live RAM session while work is in progress.

Entry Point

The daemon is started from up() in cmd/tazpod/lifecycle.go:

exec.Command("tazpod", "__internal_sync_daemon").Start()

This means every normal tazpod up lifecycle implicitly enables the daemon.

Runtime Behavior

The implementation lives in cmd/tazpod/sync.go.

Verified behavior:

• log file: /tmp/tazpod-sync.log
• interval: 5 * time.Minute
• unlock check: presence of vault.PassCache
• on each cycle:
  1. vault.Save("")
  2. pushVaultInternal()

If the vault is locked, the daemon logs a skip and does nothing.

Important Detail: Unlock Detection

isVaultUnlocked() does not inspect Docker state directly. It checks whether the passphrase cache file exists at vault.PassCache.

So daemon behavior is tied to vault lifecycle, not just to container existence.

Manual Commands vs Daemon Commands

The daemon shares the same primitives as the manual CLI:

• tazpod save
• tazpod pull vault
• tazpod push vault

The difference is that the daemon uses pushVaultInternal() directly and writes to a log file instead of the terminal.

Failure Model

If S3 upload fails:

• the failure is logged
• the daemon keeps running
• the encrypted vault on local disk is still refreshed by vault.Save("")

This preserves local safety first and remote synchronization second.

See Also

• Vault: TazPod Vault Security
• Recovery: TazPod Nomadic Workflow
• Reference: TazPod CLI Reference
• Hub: TazPod Entity