huskies: merge 1147 story One-active-gateway invariant via pidfile+flock — prevent double-gateway during restarts

server/src/gateway/mod.rs

@@ -75,6 +75,15 @@ pub fn build_gateway_route(state_arc: Arc<GatewayState>) -> impl poem::Endpoint
 
 /// Start the gateway HTTP server. This is the entry point when `--gateway` is used.
 pub async fn run(config_path: &Path, port: u16) -> Result<(), std::io::Error> {
+    // Enforce one-active-gateway invariant: acquire an exclusive flock on the
+    // pidfile before doing anything else.  A second gateway start while one is
+    // running will fail here with a clear error.  The flock is held for the
+    // lifetime of `_pidfile_guard`; it is released automatically when this
+    // process exits, allowing the next gateway (spawned by the trampoline) to
+    // acquire it.
+    let _pidfile_guard =
+        crate::pidfile::acquire_gateway_pidfile().map_err(std::io::Error::other)?;
+
     let config_dir = config_path
         .parent()
         .unwrap_or(std::path::Path::new("."))