aboutsummaryrefslogtreecommitdiff
path: root/app/garage
diff options
context:
space:
mode:
Diffstat (limited to 'app/garage')
-rw-r--r--app/garage/config/garage.toml14
-rw-r--r--app/garage/deploy/garage.hcl31
-rw-r--r--app/garage/secrets/garage/garage-ca.crt1
-rw-r--r--app/garage/secrets/garage/garage-ca.key1
-rw-r--r--app/garage/secrets/garage/garage.crt1
-rw-r--r--app/garage/secrets/garage/garage.key1
-rw-r--r--app/garage/secrets/garage/rpc_secret1
7 files changed, 13 insertions, 37 deletions
diff --git a/app/garage/config/garage.toml b/app/garage/config/garage.toml
index 481312d..e637cfb 100644
--- a/app/garage/config/garage.toml
+++ b/app/garage/config/garage.toml
@@ -1,24 +1,18 @@
block_size = 1048576
-metadata_dir = "/garage/meta"
-data_dir = "/garage/data"
+metadata_dir = "/meta"
+data_dir = "/data"
replication_mode = "3"
rpc_bind_addr = "[::]:3901"
+rpc_secret = "{{ key "secrets/garage/rpc_secret" | trimSpace }}"
consul_host = "consul.service.2.cluster.deuxfleurs.fr:8500"
-consul_service_name = "garage-rpc"
+consul_service_name = "garage-rpc-self-advertised"
bootstrap_peers = []
-max_concurrent_rpc_requests = 12
-
-[rpc_tls]
-ca_cert = "/garage/garage-ca.crt"
-node_cert = "/garage/garage.crt"
-node_key = "/garage/garage.key"
-
[s3_api]
s3_region = "garage"
api_bind_addr = "[::]:3900"
diff --git a/app/garage/deploy/garage.hcl b/app/garage/deploy/garage.hcl
index ab03e70..758be72 100644
--- a/app/garage/deploy/garage.hcl
+++ b/app/garage/deploy/garage.hcl
@@ -1,5 +1,5 @@
job "garage" {
- datacenters = ["dc1", "belair", "saturne"]
+ datacenters = ["dc1", "saturne", "neptune"]
type = "system"
priority = 80
@@ -25,15 +25,14 @@ job "garage" {
driver = "docker"
config {
advertise_ipv6_address = true
- image = "lxpz/garage_amd64:v0.3.0.2"
+ image = "dxflrs/amd64_garage:v0.4-rc2"
+ command = "/garage"
+ args = [ "server" ]
network_mode = "host"
volumes = [
- "/mnt/storage/garage/data:/garage/data",
- "/mnt/ssd/garage/meta:/garage/meta",
- "secrets/garage.toml:/garage/config.toml",
- "secrets/garage-ca.crt:/garage/garage-ca.crt",
- "secrets/garage.crt:/garage/garage.crt",
- "secrets/garage.key:/garage/garage.key",
+ "/mnt/storage/garage/data:/data",
+ "/mnt/ssd/garage/meta:/meta",
+ "secrets/garage.toml:/etc/garage.toml",
]
logging {
type = "journald"
@@ -45,22 +44,8 @@ job "garage" {
destination = "secrets/garage.toml"
}
- # --- secrets ---
- template {
- data = "{{ key \"secrets/garage/garage-ca.crt\" }}"
- destination = "secrets/garage-ca.crt"
- }
- template {
- data = "{{ key \"secrets/garage/garage.crt\" }}"
- destination = "secrets/garage.crt"
- }
- template {
- data = "{{ key \"secrets/garage/garage.key\" }}"
- destination = "secrets/garage.key"
- }
-
resources {
- memory = 800
+ memory = 1000
cpu = 1000
}
diff --git a/app/garage/secrets/garage/garage-ca.crt b/app/garage/secrets/garage/garage-ca.crt
deleted file mode 100644
index 8488ab6..0000000
--- a/app/garage/secrets/garage/garage-ca.crt
+++ /dev/null
@@ -1 +0,0 @@
-USER_LONG garage-ca.crt (generated with Garage's genkeys.sh script)
diff --git a/app/garage/secrets/garage/garage-ca.key b/app/garage/secrets/garage/garage-ca.key
deleted file mode 100644
index ca3e90c..0000000
--- a/app/garage/secrets/garage/garage-ca.key
+++ /dev/null
@@ -1 +0,0 @@
-USER_LONG garage-ca.key (generated with Garage's genkeys.sh script)
diff --git a/app/garage/secrets/garage/garage.crt b/app/garage/secrets/garage/garage.crt
deleted file mode 100644
index 6044ab8..0000000
--- a/app/garage/secrets/garage/garage.crt
+++ /dev/null
@@ -1 +0,0 @@
-USER_LONG garage.crt (generated with Garage's genkeys.sh script)
diff --git a/app/garage/secrets/garage/garage.key b/app/garage/secrets/garage/garage.key
deleted file mode 100644
index db3cb0e..0000000
--- a/app/garage/secrets/garage/garage.key
+++ /dev/null
@@ -1 +0,0 @@
-USER_LONG garage.key (generated with Garage's genkeys.sh script)
diff --git a/app/garage/secrets/garage/rpc_secret b/app/garage/secrets/garage/rpc_secret
new file mode 100644
index 0000000..d831d53
--- /dev/null
+++ b/app/garage/secrets/garage/rpc_secret
@@ -0,0 +1 @@
+CMD_ONCE openssl rand -hex 32