diff options
Diffstat (limited to 'doc/book/cookbook')
| -rw-r--r-- | doc/book/cookbook/binary-packages.md | 15 | ||||
| -rw-r--r-- | doc/book/cookbook/encryption.md | 8 | ||||
| -rw-r--r-- | doc/book/cookbook/reverse-proxy.md | 44 |
3 files changed, 66 insertions, 1 deletions
diff --git a/doc/book/cookbook/binary-packages.md b/doc/book/cookbook/binary-packages.md index 606de2b6..0a6ad8fc 100644 --- a/doc/book/cookbook/binary-packages.md +++ b/doc/book/cookbook/binary-packages.md @@ -7,10 +7,23 @@ Garage is also available in binary packages on: ## Alpine Linux +If you use Alpine Linux, you can simply install the +[garage](https://pkgs.alpinelinux.org/packages?name=garage) package from the +Alpine Linux repositories (available since v3.17): + ```bash -apk install garage +apk add garage ``` +The default configuration file is installed to `/etc/garage.toml`. You can run +Garage using: `rc-service garage start`. If you don't specify `rpc_secret`, it +will be automatically replaced with a random string on the first start. + +Please note that this package is built without Consul discovery, Kubernetes +discovery, OpenTelemetry exporter, and K2V features (K2V will be enabled once +it's stable). + + ## Arch Linux Garage is available in the [AUR](https://aur.archlinux.org/packages/garage). diff --git a/doc/book/cookbook/encryption.md b/doc/book/cookbook/encryption.md index 8d45a0ee..21a5cbc6 100644 --- a/doc/book/cookbook/encryption.md +++ b/doc/book/cookbook/encryption.md @@ -104,5 +104,13 @@ Implementations are very specific to the various applications. Examples: in Matrix are probably encrypted using symmetric encryption, with a key that is distributed in the end-to-end encrypted message that contains the link to the object. +- XMPP: clients normally support either OMEMO / OpenPGP for the E2EE of user + messages. Media files are encrypted per + [XEP-0454](https://xmpp.org/extensions/xep-0454.html). + - Aerogramme: use the user's password as a key to decrypt data in the user's bucket +- Cyberduck: comes with support for + [Cryptomator](https://docs.cyberduck.io/cryptomator/) which allows users to + create client-side vaults to encrypt files in before they are uploaded to a + cloud storage endpoint. diff --git a/doc/book/cookbook/reverse-proxy.md b/doc/book/cookbook/reverse-proxy.md index 9c833ad0..b715193e 100644 --- a/doc/book/cookbook/reverse-proxy.md +++ b/doc/book/cookbook/reverse-proxy.md @@ -378,6 +378,47 @@ admin.garage.tld { But at the same time, the `reverse_proxy` is very flexible. For a production deployment, you should [read its documentation](https://caddyserver.com/docs/caddyfile/directives/reverse_proxy) as it supports features like DNS discovery of upstreams, load balancing with checks, streaming parameters, etc. +### Caching + +Caddy can compiled with a +[cache plugin](https://github.com/caddyserver/cache-handler) which can be used +to provide a hot-cache at the webserver-level for static websites hosted by +Garage. + +This can be configured as follows: + +```caddy +# Caddy global configuration section +{ + # Bare minimum configuration to enable cache. + order cache before rewrite + + cache + + #cache + # allowed_http_verbs GET + # default_cache_control public + # ttl 8h + #} +} + +# Site specific section +https:// { + cache + + #cache { + # timeout { + # backend 30s + # } + #} + + reverse_proxy ... +} +``` + +Caching is a complicated subject, and the reader is encouraged to study the +available options provided by the plugin. + ### On-demand TLS Caddy supports a technique called @@ -428,3 +469,6 @@ https:// { reverse_proxy localhost:3902 192.168.1.2:3902 example.tld:3902 } ``` + +More information on how this endpoint is implemented in Garage is available +in the [Admin API Reference](@/documentation/reference-manual/admin-api.md) page. |