Commit graph

358 commits

Author SHA1 Message Date
Félix Baylac Jacqué
f83fa02193 Add allow_world_readable_secrets option to config file
Sometimes, the secret files permissions checks gets in the way. It's
by no mean complete, it doesn't take the Posix ACLs into account among
other things. Correctly checking the ACLs would be too involving (see
https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/658#issuecomment-7102)
and would likely still fail in some weird chmod settings.

We're adding a new configuration file key allowing the user to disable
this permission check altogether.

The (already existing) env variable counterpart always take precedence
to this config file option. That's useful in cases where the
configuration file is static and cannot be easily altered.

Fixes https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/658

Co-authored-by: Florian Klink <flokli@flokli.de>
2023-10-26 18:25:13 +02:00
networkException
5feb6a1f64
docs: add documentation for specifying token / secret file as environment variables 2023-10-19 03:28:44 +02:00
Alex Auvolat
d24aaba697 doc: update quick start and real world for v0.9.0 2023-10-11 14:49:54 +02:00
Alex Auvolat
b571dcd811 doc: updates to the "migrating to v0.9" page 2023-10-10 15:43:26 +02:00
Alex Auvolat
2448eb7713 upgrade doc: fixes and precisions 2023-10-05 15:29:55 +02:00
Alex Auvolat
6790e24f5a Add migration to v0.9 guide 2023-10-05 15:20:48 +02:00
Alex Auvolat
2e656b541b Merge branch 'main' into next 2023-10-03 18:40:37 +02:00
Alex
1243db87f2 Merge pull request 'Add support for binding to unix domain sockets' (#640) from networkException/garage:unix-sockets into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/640
2023-10-03 16:23:02 +00:00
networkException
6f8a87814b
doc: add documentation for specifying unix socket paths 2023-10-03 17:56:34 +02:00
Florian Klink
cb359b4434 doc: update endpoint_url documentation
Since `awscli` `>=1.29.0` or `>=2.13.0` it is now possible to use the
`AWS_ENDPOINT_URL` environment variable, or the `endpoint_url` config
key to override the endpoint URL. This means, the aws bash function to
wrap with --endpoint-url is not necessary anymore. Update invocations to
reflect that.

https://docs.aws.amazon.com/sdkref/latest/guide/feature-ss-endpoints.html
https://github.com/aws/aws-cli/issues/4454#issuecomment-1626116607
2023-10-02 17:16:11 +03:00
Alex Auvolat
ad82035b98 Merge branch 'main' into next 2023-09-27 13:11:52 +02:00
Alex Auvolat
0e5925fff6 layout doc: reformulate 2023-09-22 16:14:47 +02:00
Alex Auvolat
8d07888fa2 layout doc: write explanations for bizarre scenarios 2023-09-22 16:07:46 +02:00
Alex Auvolat
405aa42b7d layout doc: update old text 2023-09-22 10:06:31 +02:00
Alex Auvolat
b4a0e636d8 new layout doc: add examples of unexpected layout, to explain 2023-09-22 09:49:07 +02:00
Alex Auvolat
95ae09917b add ocp2023 presentation 2023-09-19 14:02:07 +02:00
Alex Auvolat
a7ababb5db doc: update sticker 2023-09-18 16:40:06 +02:00
Alex Auvolat
51abbb02d8 Merge branch 'main' into next 2023-09-11 20:00:02 +02:00
Alex Auvolat
f8b3883611 config: make block_size and sled_cache_capacity expressable as strings 2023-09-11 18:34:59 +02:00
Alex Auvolat
51b9731a08 make lmdb's map_size configurable (fix #628) 2023-09-11 18:03:44 +02:00
Alex Auvolat
eb972a8422 doc: update multi-hdd section 2023-09-07 14:48:36 +02:00
Alex Auvolat
6a067e30ee doc: documentation of rebalance repair 2023-09-07 13:49:12 +02:00
Alex Auvolat
6595efd82f Document multi-hdd support 2023-09-07 13:23:02 +02:00
Alex Auvolat
bca347a1e8 doc: update page on upgradin clusters 2023-09-07 12:52:44 +02:00
Alex Auvolat
d94f1c9178 reference manual: remove obsolete caveat about multipart uploads 2023-08-30 23:27:02 +02:00
Alex Auvolat
5c923d48d7 reference manual: document support for lifecycle configuration 2023-08-30 23:24:28 +02:00
Alex Auvolat
2e90e1c124 Merge branch 'main' into next 2023-08-29 11:32:42 +02:00
Alex Auvolat
51011e68b1 move alpine linux info to binary package page 2023-08-28 12:20:34 +02:00
Alex
a54a1f5616 Merge pull request 'doc: Add information about Alpine Linux package to Quick Start' (#564) from jirutka/garage:alpine into next-0.8
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/564
2023-08-28 10:18:33 +00:00
Alex
d539a56d3a Merge pull request 'Support {s3,web}.root_domains for the Caddy on-demand TLS endpoint (<admin>/check?domain=xx)' (#610) from bug/support-root-domains-on-demand-tls into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/610
2023-08-28 09:18:13 +00:00
Alex
bd50333ade Merge pull request 'reverse-proxy.md: Added caching section for Caddy.' (#614) from jpds/garage:caddy-cache into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/614
2023-08-28 08:51:33 +00:00
Lapineige
47e7f9e122 another typo 2023-08-19 20:29:24 +00:00
Lapineige
5ffcdb4634 fix typo 2023-08-19 15:17:51 +00:00
Jonathan Davies
7f7d85654d backup.md: Added restic-android note. 2023-08-18 18:02:19 +01:00
Jonathan Davies
245a0882e1 reverse-proxy.md: Added caching section for Caddy. 2023-08-16 11:49:52 +01:00
Quentin Dufour
24e533f262
support {s3,web}.root_domains in /check endpoint 2023-08-08 11:05:42 +02:00
Max Justus Spransy
4d7bbf7878 operations/durability-repairs-md: Fix typo 2023-07-24 10:01:48 -07:00
Florian Klink
f0b7a0af3d doc/drafts: fix typo 2023-07-14 14:25:14 +03:00
Florian Klink
194549ca46 doc/book: fix typo 2023-07-14 14:24:40 +03:00
Florian Klink
202d3f0e3c doc/api: fix typo 2023-07-14 14:24:27 +03:00
Jonathan Davies
a5ae566e0b apps/index.md: Fixed endpoint URL example. 2023-06-19 10:15:30 +01:00
Jonathan Davies
185f9e78f3 operations/durability-repairs.md: Added note about randomized scrub times. 2023-06-19 10:15:30 +01:00
Jonathan Davies
fb971a5f01 cookbook/encryption.md: Added Cyberduck note. 2023-06-19 10:15:30 +01:00
Jonathan Davies
6af2cde23f cookbook/encryption.md: Added note on XMPP. 2023-06-19 10:15:30 +01:00
Jonathan Davies
97eb389274 docs/apps: Added ejabberd section. 2023-06-19 10:15:30 +01:00
Alex Auvolat
8ef42c9609 admin docs: reformatting, key admin: add check 2023-06-14 17:19:25 +02:00
Alex Auvolat
a83a092c03 admin: uniformize layout api and improve code 2023-06-14 17:12:37 +02:00
Alex Auvolat
7895f99d3a admin and cli: hide secret keys unless asked 2023-06-14 16:56:15 +02:00
Alex Auvolat
4a82f6380e admin api: move all endpoints to v1/ by default (v0/ still supported) 2023-06-14 14:15:51 +02:00
Alex Auvolat
2c83006608 admin api: fix doc in drafts 2023-06-14 13:54:34 +02:00
Alex Auvolat
35c108b85d admin api: switch GetClusterHealth to camelcase (fix #381 again) 2023-06-14 13:53:19 +02:00
Alex Auvolat
52376d47ca admin api: change cluster status/layout to use lists and not maps (fix #377) 2023-06-14 13:45:27 +02:00
Alex Auvolat
187240e539 Merge branch 'main' into next 2023-06-14 13:02:46 +02:00
Alex Auvolat
9092c71a01 doc: encryption organization 2023-06-14 12:51:47 +02:00
Alex Auvolat
120f8b3bfb doc: better doc on systemd's DynamicUser (fix #430) 2023-06-14 12:39:46 +02:00
Alex Auvolat
39c3738a07 Add a page about encryption (fix #416) 2023-06-14 12:39:46 +02:00
Alex Auvolat
7169ee6ee6 doc: reformulate in monitoring page 2023-06-14 12:39:46 +02:00
Alex Auvolat
dd7533a260 doc: add an operations&maintenance section and move some pages there 2023-06-14 12:39:40 +02:00
Alex Auvolat
9233661967 Add documentation on durability and repair procedures (fix #219) 2023-06-14 11:54:21 +02:00
Alex Auvolat
3aadba724d doc: english improvement 2023-06-14 11:21:56 +02:00
Alex Auvolat
5a186be363 Doc: update goals, add docker alias
Fix #235
2023-06-14 11:09:31 +02:00
Alex Auvolat
90b2d43eb4 Merge branch 'main' into next 2023-06-13 17:14:11 +02:00
Alex Auvolat
511e07ecd4 fix mpu counter (add missing workers) and report info at appropriate places 2023-06-09 16:23:37 +02:00
Alex Auvolat
e7e164a280 Make fsync an option for meta and data 2023-06-09 16:23:21 +02:00
Roberto Hidalgo
32ad4538ee fix references to old config names 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
2d46d24d06 update docs 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
b770504126 simplify code according to feedback 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
6b69404f1a rename mode to consul_http_api 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
fd7dbea5b8 follow feedback, fold into existing feature 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
bd6485565e allow additional ServiceMeta, docs 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
02ba9016ab register consul services against local agent instead of catalog api 2023-05-22 08:57:15 -06:00
Jakub Jirutka
06caa12d49 doc: Add information about Alpine Linux package to Quick Start 2023-05-07 19:28:43 +02:00
Alex Auvolat
fa78d806e3 Merge branch 'main' into next 2023-04-25 12:34:26 +02:00
yuka
04a0063df9 cookbook/real-world: fix typo 2023-04-21 16:46:58 +00:00
arthurlutz
a2a35ac7a8 docs(book/quickstart): adapt aws s3 commands to example
Signed-off-by: arthurlutz <arthurlutz@noreply.localhost>
2023-04-03 06:18:28 +00:00
Jonathan Davies
11b154b33b cli.md: Pointed Cyberduck profile at upstream link. 2023-03-20 10:46:02 +00:00
Jonathan Davies
dc6be39833 doc: cli.md: Added s5cmd example. 2023-03-13 14:15:18 +00:00
vincent
db69267a56 MàJ logo pour autocollants 2023-03-07 21:34:55 +01:00
Jonathan Davies
f056ad569d binary-packages.md: Added. 2023-03-03 18:52:49 +00:00
Baptiste Jonglez
3b22da251d Add documentation on community Ansible roles 2023-03-01 09:24:13 +01:00
wilson
a15eb115c8 docs: fix k2v spec link
Signed-off-by: wilson <wilson@noreply.localhost>
2023-02-26 07:38:44 +00:00
Jonathan Davies
6b8d634cc2 cookbook/reverse-proxy.md: Fixed up Traefik section:
* Renamed my_garage_service -> garage-s3-service.
 * Defined a web service for port 3902.
 * Added a garage-s3 router.
 * Pointed website definition at web service.
 * Use the /health endpoint for loadBalancer health check.
 * Renamed gzip_compress to just compression as traefik v3 will also do
   brotli compression.
2023-02-14 19:03:57 +00:00
Jonathan Davies
ee88ccf2b2 cookbook/reverse-proxy.md: Document how to use healthchecks for caddy. 2023-02-14 18:39:05 +00:00
Jonathan Davies
4c143776bf backup.md: Added section for git-annex. 2023-02-08 22:54:56 +00:00
Alex
c2a9f00a58 Merge pull request 'upgrading.md: Added small note about garage_build_info.' (#501) from jpds/garage:doc-upgrade-buildinfo-metric into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/501
2023-02-06 14:20:00 +00:00
Jonathan Davies
179fda9fb6 upgrading.md: Added small note about garage_build_info. 2023-02-06 12:53:55 +00:00
Alex Auvolat
80e2326998 fixes for pr 499 2023-02-06 12:23:55 +01:00
Alex Auvolat
656b8d42de secrets can be passed directly in config, as file, or as env 2023-02-03 15:27:39 +01:00
Alex Auvolat
8013a5cd58 Change talk links more 2023-01-30 18:51:48 +01:00
Alex Auvolat
2ba9463a8a Raw links to presentations 2023-01-30 18:48:00 +01:00
Alex Auvolat
7f715ba94f zero-downtime migration procedure 2023-01-30 18:41:04 +01:00
Alex Auvolat
44f8b1d71a Reorder reference manual section, move metrics list to there 2023-01-30 18:00:01 +01:00
Alex Auvolat
56384677fa Add links to presentations 2023-01-30 17:48:36 +01:00
Jonathan Davies
5f412abd4e cookbook/reverse-proxy.md: Added on-demand TLS section. 2023-01-30 14:37:55 +00:00
Jonathan Davies
c753a9dfb6 cookbook/monitoring.md: Added new metrics (garage_build_info,
garage_replication_factor, block_compression_level).
2023-01-30 12:54:42 +00:00
Jonathan Davies
ae9c7a2900 cookbook/_index.md: Added link to monitoring documentation. 2023-01-30 12:54:42 +00:00
Jonathan Davies
7ab27f84b8 configuration.md: Corrected OpenTelemetry. 2023-01-30 12:54:42 +00:00
Jonathan Davies
55c369137d gateways.md: -z is a required flag for layout assign. 2023-01-30 12:54:38 +00:00
Jonathan Davies
0c618f8a89 reverse-proxy.md: Corrected web server ports in Caddy example. 2023-01-27 17:52:51 +00:00
Alex
a08e01f17a Merge pull request 'Enable daemonset deployment using the helm chart' (#409) from kaiyou/garage:feat-k8s-daemonset into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/409
2023-01-26 21:07:58 +00:00