Commit graph

202 commits

Author SHA1 Message Date
Alex Auvolat
7228695ee2
config: refactor secret sourcing 2024-01-15 17:18:46 +01:00
Félix Baylac Jacqué
f83fa02193 Add allow_world_readable_secrets option to config file
Sometimes, the secret files permissions checks gets in the way. It's
by no mean complete, it doesn't take the Posix ACLs into account among
other things. Correctly checking the ACLs would be too involving (see
https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/658#issuecomment-7102)
and would likely still fail in some weird chmod settings.

We're adding a new configuration file key allowing the user to disable
this permission check altogether.

The (already existing) env variable counterpart always take precedence
to this config file option. That's useful in cases where the
configuration file is static and cannot be easily altered.

Fixes https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/658

Co-authored-by: Florian Klink <flokli@flokli.de>
2023-10-26 18:25:13 +02:00
networkException
5feb6a1f64
docs: add documentation for specifying token / secret file as environment variables 2023-10-19 03:28:44 +02:00
Alex
1243db87f2 Merge pull request 'Add support for binding to unix domain sockets' (#640) from networkException/garage:unix-sockets into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/640
2023-10-03 16:23:02 +00:00
networkException
6f8a87814b
doc: add documentation for specifying unix socket paths 2023-10-03 17:56:34 +02:00
Florian Klink
cb359b4434 doc: update endpoint_url documentation
Since `awscli` `>=1.29.0` or `>=2.13.0` it is now possible to use the
`AWS_ENDPOINT_URL` environment variable, or the `endpoint_url` config
key to override the endpoint URL. This means, the aws bash function to
wrap with --endpoint-url is not necessary anymore. Update invocations to
reflect that.

https://docs.aws.amazon.com/sdkref/latest/guide/feature-ss-endpoints.html
https://github.com/aws/aws-cli/issues/4454#issuecomment-1626116607
2023-10-02 17:16:11 +03:00
Alex Auvolat
f8b3883611 config: make block_size and sled_cache_capacity expressable as strings 2023-09-11 18:34:59 +02:00
Alex Auvolat
51b9731a08 make lmdb's map_size configurable (fix #628) 2023-09-11 18:03:44 +02:00
Alex Auvolat
51011e68b1 move alpine linux info to binary package page 2023-08-28 12:20:34 +02:00
Alex
a54a1f5616 Merge pull request 'doc: Add information about Alpine Linux package to Quick Start' (#564) from jirutka/garage:alpine into next-0.8
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/564
2023-08-28 10:18:33 +00:00
Alex
d539a56d3a Merge pull request 'Support {s3,web}.root_domains for the Caddy on-demand TLS endpoint (<admin>/check?domain=xx)' (#610) from bug/support-root-domains-on-demand-tls into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/610
2023-08-28 09:18:13 +00:00
Alex
bd50333ade Merge pull request 'reverse-proxy.md: Added caching section for Caddy.' (#614) from jpds/garage:caddy-cache into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/614
2023-08-28 08:51:33 +00:00
Jonathan Davies
7f7d85654d backup.md: Added restic-android note. 2023-08-18 18:02:19 +01:00
Jonathan Davies
245a0882e1 reverse-proxy.md: Added caching section for Caddy. 2023-08-16 11:49:52 +01:00
Quentin Dufour
24e533f262
support {s3,web}.root_domains in /check endpoint 2023-08-08 11:05:42 +02:00
Max Justus Spransy
4d7bbf7878 operations/durability-repairs-md: Fix typo 2023-07-24 10:01:48 -07:00
Florian Klink
194549ca46 doc/book: fix typo 2023-07-14 14:24:40 +03:00
Jonathan Davies
a5ae566e0b apps/index.md: Fixed endpoint URL example. 2023-06-19 10:15:30 +01:00
Jonathan Davies
185f9e78f3 operations/durability-repairs.md: Added note about randomized scrub times. 2023-06-19 10:15:30 +01:00
Jonathan Davies
fb971a5f01 cookbook/encryption.md: Added Cyberduck note. 2023-06-19 10:15:30 +01:00
Jonathan Davies
6af2cde23f cookbook/encryption.md: Added note on XMPP. 2023-06-19 10:15:30 +01:00
Jonathan Davies
97eb389274 docs/apps: Added ejabberd section. 2023-06-19 10:15:30 +01:00
Alex Auvolat
9092c71a01 doc: encryption organization 2023-06-14 12:51:47 +02:00
Alex Auvolat
120f8b3bfb doc: better doc on systemd's DynamicUser (fix #430) 2023-06-14 12:39:46 +02:00
Alex Auvolat
39c3738a07 Add a page about encryption (fix #416) 2023-06-14 12:39:46 +02:00
Alex Auvolat
7169ee6ee6 doc: reformulate in monitoring page 2023-06-14 12:39:46 +02:00
Alex Auvolat
dd7533a260 doc: add an operations&maintenance section and move some pages there 2023-06-14 12:39:40 +02:00
Alex Auvolat
9233661967 Add documentation on durability and repair procedures (fix #219) 2023-06-14 11:54:21 +02:00
Alex Auvolat
3aadba724d doc: english improvement 2023-06-14 11:21:56 +02:00
Alex Auvolat
5a186be363 Doc: update goals, add docker alias
Fix #235
2023-06-14 11:09:31 +02:00
Roberto Hidalgo
32ad4538ee fix references to old config names 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
2d46d24d06 update docs 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
b770504126 simplify code according to feedback 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
6b69404f1a rename mode to consul_http_api 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
fd7dbea5b8 follow feedback, fold into existing feature 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
bd6485565e allow additional ServiceMeta, docs 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
02ba9016ab register consul services against local agent instead of catalog api 2023-05-22 08:57:15 -06:00
Jakub Jirutka
06caa12d49 doc: Add information about Alpine Linux package to Quick Start 2023-05-07 19:28:43 +02:00
yuka
04a0063df9 cookbook/real-world: fix typo 2023-04-21 16:46:58 +00:00
arthurlutz
a2a35ac7a8 docs(book/quickstart): adapt aws s3 commands to example
Signed-off-by: arthurlutz <arthurlutz@noreply.localhost>
2023-04-03 06:18:28 +00:00
Jonathan Davies
11b154b33b cli.md: Pointed Cyberduck profile at upstream link. 2023-03-20 10:46:02 +00:00
Jonathan Davies
dc6be39833 doc: cli.md: Added s5cmd example. 2023-03-13 14:15:18 +00:00
Jonathan Davies
f056ad569d binary-packages.md: Added. 2023-03-03 18:52:49 +00:00
Baptiste Jonglez
3b22da251d Add documentation on community Ansible roles 2023-03-01 09:24:13 +01:00
wilson
a15eb115c8 docs: fix k2v spec link
Signed-off-by: wilson <wilson@noreply.localhost>
2023-02-26 07:38:44 +00:00
Jonathan Davies
6b8d634cc2 cookbook/reverse-proxy.md: Fixed up Traefik section:
* Renamed my_garage_service -> garage-s3-service.
 * Defined a web service for port 3902.
 * Added a garage-s3 router.
 * Pointed website definition at web service.
 * Use the /health endpoint for loadBalancer health check.
 * Renamed gzip_compress to just compression as traefik v3 will also do
   brotli compression.
2023-02-14 19:03:57 +00:00
Jonathan Davies
ee88ccf2b2 cookbook/reverse-proxy.md: Document how to use healthchecks for caddy. 2023-02-14 18:39:05 +00:00
Jonathan Davies
4c143776bf backup.md: Added section for git-annex. 2023-02-08 22:54:56 +00:00
Alex
c2a9f00a58 Merge pull request 'upgrading.md: Added small note about garage_build_info.' (#501) from jpds/garage:doc-upgrade-buildinfo-metric into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/501
2023-02-06 14:20:00 +00:00
Jonathan Davies
179fda9fb6 upgrading.md: Added small note about garage_build_info. 2023-02-06 12:53:55 +00:00