aboutsummaryrefslogtreecommitdiff
path: root/doc/book/cookbook
diff options
context:
space:
mode:
Diffstat (limited to 'doc/book/cookbook')
-rw-r--r--doc/book/cookbook/binary-packages.md15
-rw-r--r--doc/book/cookbook/encryption.md8
-rw-r--r--doc/book/cookbook/reverse-proxy.md44
3 files changed, 66 insertions, 1 deletions
diff --git a/doc/book/cookbook/binary-packages.md b/doc/book/cookbook/binary-packages.md
index 606de2b6..0a6ad8fc 100644
--- a/doc/book/cookbook/binary-packages.md
+++ b/doc/book/cookbook/binary-packages.md
@@ -7,10 +7,23 @@ Garage is also available in binary packages on:
## Alpine Linux
+If you use Alpine Linux, you can simply install the
+[garage](https://pkgs.alpinelinux.org/packages?name=garage) package from the
+Alpine Linux repositories (available since v3.17):
+
```bash
-apk install garage
+apk add garage
```
+The default configuration file is installed to `/etc/garage.toml`. You can run
+Garage using: `rc-service garage start`. If you don't specify `rpc_secret`, it
+will be automatically replaced with a random string on the first start.
+
+Please note that this package is built without Consul discovery, Kubernetes
+discovery, OpenTelemetry exporter, and K2V features (K2V will be enabled once
+it's stable).
+
+
## Arch Linux
Garage is available in the [AUR](https://aur.archlinux.org/packages/garage).
diff --git a/doc/book/cookbook/encryption.md b/doc/book/cookbook/encryption.md
index 8d45a0ee..21a5cbc6 100644
--- a/doc/book/cookbook/encryption.md
+++ b/doc/book/cookbook/encryption.md
@@ -104,5 +104,13 @@ Implementations are very specific to the various applications. Examples:
in Matrix are probably encrypted using symmetric encryption, with a key that is
distributed in the end-to-end encrypted message that contains the link to the object.
+- XMPP: clients normally support either OMEMO / OpenPGP for the E2EE of user
+ messages. Media files are encrypted per
+ [XEP-0454](https://xmpp.org/extensions/xep-0454.html).
+
- Aerogramme: use the user's password as a key to decrypt data in the user's bucket
+- Cyberduck: comes with support for
+ [Cryptomator](https://docs.cyberduck.io/cryptomator/) which allows users to
+ create client-side vaults to encrypt files in before they are uploaded to a
+ cloud storage endpoint.
diff --git a/doc/book/cookbook/reverse-proxy.md b/doc/book/cookbook/reverse-proxy.md
index 9c833ad0..b715193e 100644
--- a/doc/book/cookbook/reverse-proxy.md
+++ b/doc/book/cookbook/reverse-proxy.md
@@ -378,6 +378,47 @@ admin.garage.tld {
But at the same time, the `reverse_proxy` is very flexible.
For a production deployment, you should [read its documentation](https://caddyserver.com/docs/caddyfile/directives/reverse_proxy) as it supports features like DNS discovery of upstreams, load balancing with checks, streaming parameters, etc.
+### Caching
+
+Caddy can compiled with a
+[cache plugin](https://github.com/caddyserver/cache-handler) which can be used
+to provide a hot-cache at the webserver-level for static websites hosted by
+Garage.
+
+This can be configured as follows:
+
+```caddy
+# Caddy global configuration section
+{
+ # Bare minimum configuration to enable cache.
+ order cache before rewrite
+
+ cache
+
+ #cache
+ # allowed_http_verbs GET
+ # default_cache_control public
+ # ttl 8h
+ #}
+}
+
+# Site specific section
+https:// {
+ cache
+
+ #cache {
+ # timeout {
+ # backend 30s
+ # }
+ #}
+
+ reverse_proxy ...
+}
+```
+
+Caching is a complicated subject, and the reader is encouraged to study the
+available options provided by the plugin.
+
### On-demand TLS
Caddy supports a technique called
@@ -428,3 +469,6 @@ https:// {
reverse_proxy localhost:3902 192.168.1.2:3902 example.tld:3902
}
```
+
+More information on how this endpoint is implemented in Garage is available
+in the [Admin API Reference](@/documentation/reference-manual/admin-api.md) page.