Volumes & Storage

[volumes]# Named volume — managed by niso, persists across restartsdata = { mount = "/data", mode = "rw" }# Tmpfs — ephemeral, RAM-backed, fastcache = { mount = "/cache", tmpfs = true, size = "256M" }# Bind mount — map a host directory into the serviceconfig = { mount = "/config", host = "/etc/my-api", mode = "ro" }

# Create a named volume$ niso volume create app-data# Create with options$ niso volume create app-data --shared --size-limit 10G --encrypted# List volumes$ niso volume list  NAME        SIZE    SERVICES    ENCRYPTED  app-data    245 MB  api (rw)    no  pg-data     1.2 GB  postgres    no# Inspect a volume$ niso volume inspect app-data# Show disk usage breakdown$ niso volume usage# Remove a volume$ niso volume remove app-data# Cleanup unused volumes$ niso volume prune --dry-run$ niso volume prune

# Grant read-write access$ niso volume grant app-data --service api --mode rw# Grant read-only access$ niso volume grant app-data --service cdn --mode ro# View access list$ niso volume access app-data  SERVICE    MODE  api        rw  cdn        ro# Revoke access$ niso volume revoke app-data --service cdn

# Create a snapshot (tar.zst archive)$ niso volume snapshot app-data  Created snapshot: app-data-2026-04-12T10:00:00.tar.zst# Restore from snapshot$ niso volume restore app-data --from app-data-2026-04-12T10:00:00.tar.zst# Export for migration$ niso volume export app-data --output /tmp/app-data-export.tar.zst# Import on another machine$ niso volume import app-data --from /tmp/app-data-export.tar.zst

$ niso volume audit --since 24h  2026-04-12T08:00  api      mount   app-data  rw  2026-04-12T06:00  backup   export  app-data  2026-04-11T22:00  api      mount   app-data  rw

$ niso volume create secrets --encrypted  Created encrypted volume: secrets  Key stored at: /var/lib/niso/keys/secrets.key