From 6af2cde23f5229302f122453aa50bf15df7625b4 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Thu, 15 Jun 2023 12:59:21 +0100 Subject: cookbook/encryption.md: Added note on XMPP. --- doc/book/cookbook/encryption.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'doc/book/cookbook') diff --git a/doc/book/cookbook/encryption.md b/doc/book/cookbook/encryption.md index 8d45a0ee..09438549 100644 --- a/doc/book/cookbook/encryption.md +++ b/doc/book/cookbook/encryption.md @@ -104,5 +104,8 @@ Implementations are very specific to the various applications. Examples: in Matrix are probably encrypted using symmetric encryption, with a key that is distributed in the end-to-end encrypted message that contains the link to the object. -- Aerogramme: use the user's password as a key to decrypt data in the user's bucket +- XMPP: clients normally support either OMEMO / OpenPGP for the E2EE of user + messages. Media files are encrypted per + [XEP-0454](https://xmpp.org/extensions/xep-0454.html). +- Aerogramme: use the user's password as a key to decrypt data in the user's bucket -- cgit v1.2.3 From fb971a5f01547516e9850f0fd34e42ad1d67c777 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Thu, 15 Jun 2023 15:42:12 +0100 Subject: cookbook/encryption.md: Added Cyberduck note. --- doc/book/cookbook/encryption.md | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'doc/book/cookbook') diff --git a/doc/book/cookbook/encryption.md b/doc/book/cookbook/encryption.md index 09438549..21a5cbc6 100644 --- a/doc/book/cookbook/encryption.md +++ b/doc/book/cookbook/encryption.md @@ -109,3 +109,8 @@ Implementations are very specific to the various applications. Examples: [XEP-0454](https://xmpp.org/extensions/xep-0454.html). - Aerogramme: use the user's password as a key to decrypt data in the user's bucket + +- Cyberduck: comes with support for + [Cryptomator](https://docs.cyberduck.io/cryptomator/) which allows users to + create client-side vaults to encrypt files in before they are uploaded to a + cloud storage endpoint. -- cgit v1.2.3 From 24e533f2623ac6ebbdac92efa9c08b6092c59daf Mon Sep 17 00:00:00 2001 From: Quentin Dufour Date: Tue, 8 Aug 2023 11:05:42 +0200 Subject: support {s3,web}.root_domains in /check endpoint --- doc/book/cookbook/reverse-proxy.md | 3 +++ 1 file changed, 3 insertions(+) (limited to 'doc/book/cookbook') diff --git a/doc/book/cookbook/reverse-proxy.md b/doc/book/cookbook/reverse-proxy.md index 9c833ad0..5d7355a4 100644 --- a/doc/book/cookbook/reverse-proxy.md +++ b/doc/book/cookbook/reverse-proxy.md @@ -428,3 +428,6 @@ https:// { reverse_proxy localhost:3902 192.168.1.2:3902 example.tld:3902 } ``` + +More information on how this endpoint is implemented in Garage is available +in the [Admin API Reference](@/documentation/reference-manual/admin-api.md) page. -- cgit v1.2.3 From 245a0882e18bb4ed2cb45e60ee13447a123922d6 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Tue, 1 Aug 2023 14:06:37 +0100 Subject: reverse-proxy.md: Added caching section for Caddy. --- doc/book/cookbook/reverse-proxy.md | 41 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) (limited to 'doc/book/cookbook') diff --git a/doc/book/cookbook/reverse-proxy.md b/doc/book/cookbook/reverse-proxy.md index 9c833ad0..bacac2ef 100644 --- a/doc/book/cookbook/reverse-proxy.md +++ b/doc/book/cookbook/reverse-proxy.md @@ -378,6 +378,47 @@ admin.garage.tld { But at the same time, the `reverse_proxy` is very flexible. For a production deployment, you should [read its documentation](https://caddyserver.com/docs/caddyfile/directives/reverse_proxy) as it supports features like DNS discovery of upstreams, load balancing with checks, streaming parameters, etc. +### Caching + +Caddy can compiled with a +[cache plugin](https://github.com/caddyserver/cache-handler) which can be used +to provide a hot-cache at the webserver-level for static websites hosted by +Garage. + +This can be configured as follows: + +```caddy +# Caddy global configuration section +{ + # Bare minimum configuration to enable cache. + order cache before rewrite + + cache + + #cache + # allowed_http_verbs GET + # default_cache_control public + # ttl 8h + #} +} + +# Site specific section +https:// { + cache + + #cache { + # timeout { + # backend 30s + # } + #} + + reverse_proxy ... +} +``` + +Caching is a complicated subject, and the reader is encouraged to study the +available options provided by the plugin. + ### On-demand TLS Caddy supports a technique called -- cgit v1.2.3 From 51011e68b16efc2232606bee47fcdc9e8a11068e Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Mon, 28 Aug 2023 12:20:34 +0200 Subject: move alpine linux info to binary package page --- doc/book/cookbook/binary-packages.md | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'doc/book/cookbook') diff --git a/doc/book/cookbook/binary-packages.md b/doc/book/cookbook/binary-packages.md index 606de2b6..0a6ad8fc 100644 --- a/doc/book/cookbook/binary-packages.md +++ b/doc/book/cookbook/binary-packages.md @@ -7,10 +7,23 @@ Garage is also available in binary packages on: ## Alpine Linux +If you use Alpine Linux, you can simply install the +[garage](https://pkgs.alpinelinux.org/packages?name=garage) package from the +Alpine Linux repositories (available since v3.17): + ```bash -apk install garage +apk add garage ``` +The default configuration file is installed to `/etc/garage.toml`. You can run +Garage using: `rc-service garage start`. If you don't specify `rpc_secret`, it +will be automatically replaced with a random string on the first start. + +Please note that this package is built without Consul discovery, Kubernetes +discovery, OpenTelemetry exporter, and K2V features (K2V will be enabled once +it's stable). + + ## Arch Linux Garage is available in the [AUR](https://aur.archlinux.org/packages/garage). -- cgit v1.2.3