aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* [backport-735-v0.8.x] backport changes to custom_requester.rsbackport-735-v0.8.xAlex Auvolat2024-03-011-23/+58
|
* [backport-735-v0.8.x] backport AWS signature verification refactoringAlex Auvolat2024-03-016-255/+431
|
* Merge pull request 'Security: backport #737 to the v0.8.x branch' (#740) ↵Alex2024-03-015-73/+176
|\ | | | | | | | | | | from backport-737-0.8.x into main-0.8.x Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/740
| * [fix-auth-ct-eq] use consant time comparison for awsv4 signature verificationbackport-737-0.8.xAlex Auvolat2024-02-291-3/+3
| |
| * [fix-auth-ct-eq] use argon2 hashing and verification for admin/metrics token ↵Alex Auvolat2024-02-294-70/+173
|/ | | | checking
* Merge pull request 'Backport woodpecker CI to v0.8.x branch' (#741) from ↵Alex2024-02-294-288/+139
|\ | | | | | | | | | | woodpecker-0.8.x into main-0.8.x Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/741
| * [woodpecker-0.8.x] backport woodpecker CI to v0.8.x branchwoodpecker-0.8.xAlex Auvolat2024-02-294-288/+139
|/
* Merge pull request 'Garage v0.8.5' (#687) from rel-0.8.5 into main-0.8.xv0.8.5Alex2024-01-1613-87/+87
|\ | | | | | | Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/687
| * Bump version to 0.8.5Alex Auvolat2024-01-1613-87/+87
|/
* Merge pull request 'monitoring: finer histogram boundaries in prometheus ↵Alex2024-01-151-1/+8
|\ | | | | | | | | | | metrics (fix #531)' (#686) from fix-531 into main-0.8.x Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/686
| * monitoring: finer histogram boundaries in prometheus metrics (fix #531)Alex Auvolat2024-01-151-1/+8
| |
* | Merge pull request '0.8.x: config: refactor secret sourcing' (#685) from ↵Alex2024-01-159-276/+336
|\ \ | |/ |/| | | | | | | secret-sourcing into main-0.8.x Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/685
| * config: additional tests for secret sourcingAlex Auvolat2024-01-151-2/+40
| |
| * config: refactor secret sourcingAlex Auvolat2024-01-159-276/+298
|/
* Merge pull request 'Add allow_world_readable_secrets option to config file' ↵Alex2024-01-152-5/+89
|\ | | | | | | | | | | (#663) from PicNoir/garage:nin/world-readable-conf-file into main-0.8.x Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/663
| * Add allow_world_readable_secrets option to config fileFélix Baylac Jacqué2023-10-262-5/+89
|/ | | | | | | | | | | | | | | | | | | Sometimes, the secret files permissions checks gets in the way. It's by no mean complete, it doesn't take the Posix ACLs into account among other things. Correctly checking the ACLs would be too involving (see https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/658#issuecomment-7102) and would likely still fail in some weird chmod settings. We're adding a new configuration file key allowing the user to disable this permission check altogether. The (already existing) env variable counterpart always take precedence to this config file option. That's useful in cases where the configuration file is static and cannot be easily altered. Fixes https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/658 Co-authored-by: Florian Klink <flokli@flokli.de>
* Merge pull request 's3 api: add missing CORS headers to PostObject responses ↵Alex2023-10-261-3/+10
|\ | | | | | | | | | | (fix #609)' (#656) from fix-cors-post-object into main-0.8.x Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/656
| * s3 api: add missing CORS headers to PostObject responses (fix #609)fix-cors-post-objectAlex Auvolat2023-10-201-3/+10
|/
* Merge pull request 'Add support for specifying `rpc_secret_file`, ↵Alex2023-10-195-25/+57
|\ | | | | | | | | | | `metrics_token_file` and `admin_token_file` using environment variables' (#643) from networkException/garage:token-file-env into main-0.8.x Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/643
| * garage: support specifying token / secret as environment variablesnetworkException2023-10-193-5/+29
| | | | | | | | | | this patch adds support for specifying the `rpc_secret_file`, `metrics_token_file` and `admin_token_file` as environment variables.
| * garage: fix admin-token descriptionnetworkException2023-10-191-1/+1
| |
| * util: move reading secret file into seperate helpernetworkException2023-10-191-16/+19
| | | | | | | | | | | | this patch moves the logic to read a secret file (and check for correct permissions) from `secret_from_file` into a new `read_secret_file` helper.
| * docs: add documentation for specifying token / secret file as environment ↵networkException2023-10-191-3/+8
| | | | | | | | variables
* | Merge pull request 'Move convert_db command into main garage binary' (#645) ↵Alex2023-10-105-30/+32
|\ \ | |/ |/| | | | | | | from convert-db-main-binary into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/645
| * Move convert_db command into main garage binaryconvert-db-main-binaryAlex Auvolat2023-10-105-30/+32
|/
* Merge pull request 'Add support for binding to unix domain sockets' (#640) ↵Alex2023-10-0314-36/+213
|\ | | | | | | | | | | from networkException/garage:unix-sockets into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/640
| * doc: add documentation for specifying unix socket pathsnetworkException2023-10-031-0/+7
| |
| * api: allow custom unix bind mode and use 0o220 for admin servernetworkException2023-10-034-4/+8
| |
| * everywhere: support unix sockets when binding in various placesnetworkException2023-09-296-28/+108
| | | | | | | | | | this patch implements binding to paths as a unix socket for generic server and web server.
| * config: allow using paths for unix domain sockets in various placesnetworkException2023-09-291-4/+5
| | | | | | | | | | | | | | this patch updates the config format to also allow paths in bind addresses for unix domain sockets. this has been added to all apis except rpc.
| * util: add helper sum type for unix and tcp socket addressesnetworkException2023-09-292-0/+45
| | | | | | | | | | this patch introduces a new sum type that can represent either a tcp socket address or a unix domain socket path.
| * cargo: add hyperlocal as a dependencynetworkException2023-09-294-1/+41
| |
* | Merge pull request 'doc: update endpoint_url documentation' (#641) from ↵Alex2023-10-024-8/+11
|\ \ | |/ |/| | | | | | | flokli/garage:aws-endpoint-url into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/641
| * doc: update endpoint_url documentationFlorian Klink2023-10-024-8/+11
|/ | | | | | | | | | | Since `awscli` `>=1.29.0` or `>=2.13.0` it is now possible to use the `AWS_ENDPOINT_URL` environment variable, or the `endpoint_url` config key to override the endpoint URL. This means, the aws bash function to wrap with --endpoint-url is not necessary anymore. Update invocations to reflect that. https://docs.aws.amazon.com/sdkref/latest/guide/feature-ss-endpoints.html https://github.com/aws/aws-cli/issues/4454#issuecomment-1626116607
* Merge pull request 'prez-ocp' (#636) from prez-ocp into mainAlex2023-09-2175-0/+19773
|\ | | | | | | Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/636
| * add ocp2023 presentationprez-ocpAlex Auvolat2023-09-1971-0/+19772
| |
| * doc: update stickerAlex Auvolat2023-09-184-0/+1
|/
* Merge pull request 'Fix multiple shutdown issues' (#633) from fix-shutdown ↵Alex2023-09-122-19/+26
|\ | | | | | | | | | | into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/633
| * fix hang on shutdownAlex Auvolat2023-09-121-9/+9
| |
| * Fix error when none of S3/K2V/WEB/ADMIN server is started (fix #613)Alex Auvolat2023-09-121-10/+17
|/
* Merge pull request 'fix 32-bit build' (#632) from fix-32bit into mainAlex2023-09-111-2/+2
|\ | | | | | | Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/632
| * fix 32-bit buildfix-32bitAlex Auvolat2023-09-111-2/+2
|/
* Merge pull request 'use statvfs instead of mount list to determine free ↵Alex2023-09-114-45/+39
|\ | | | | | | | | | | data/meta space (fix #611)' (#631) from fix-free-space into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/631
| * use statvfs instead of mount list to determine free data/meta space (fix #611)Alex Auvolat2023-09-114-45/+39
|/
* Merge pull request 'make lmdb's map_size configurable (fix #628)' (#630) ↵Alex2023-09-116-12/+81
|\ | | | | | | | | | | from configurable-map-size into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/630
| * config: make block_size and sled_cache_capacity expressable as stringsAlex Auvolat2023-09-117-28/+69
| |
| * make lmdb's map_size configurable (fix #628)Alex Auvolat2023-09-116-2/+30
|/
* Merge pull request 'Revert netapp to 0.5.2 to avoid rmp-serde upgrade that ↵Alex2023-09-0513-123/+100
|\ | | | | | | | | | | breaks things' (#627) from hold-netapp-0.5.2 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/627
| * update version to 0.8.4v0.8.4hold-netapp-0.5.2Alex Auvolat2023-09-0513-89/+88
| |
| * Revert netapp update, hold to version 0.5.2 that uses rmp-serde 0.15Alex Auvolat2023-09-053-38/+16
|/