610af71e36
[backport-735-v0.8.x] backport AWS signature verification refactoring
2024-03-01 13:21:23 +01:00
70899b0e37
[fix-auth-ct-eq] use consant time comparison for awsv4 signature verification
ci/woodpecker/pr/debug Pipeline was successful
ci/woodpecker/push/debug Pipeline was successful
2024-02-29 18:13:41 +01:00
c00a028cc8
[fix-auth-ct-eq] use argon2 hashing and verification for admin/metrics token checking
2024-02-29 18:13:37 +01:00
50643e61bf
Bump version to 0.8.5
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2024-01-16 10:47:33 +01:00
a6421ee5a5
Merge pull request 'monitoring: finer histogram boundaries in prometheus metrics ( fix #531 )' ( #686 ) from fix-531 into main-0.8.x
...
continuous-integration/drone Build is passing
continuous-integration/drone/push Build is passing
Reviewed-on: #686
2024-01-15 16:44:58 +00:00
f512609123
monitoring: finer histogram boundaries in prometheus metrics ( fix #531 )
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2024-01-15 17:33:35 +01:00
97bae7213a
config: additional tests for secret sourcing
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2024-01-15 17:30:30 +01:00
7228695ee2
config: refactor secret sourcing
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2024-01-15 17:18:46 +01:00
f83fa02193
Add allow_world_readable_secrets option to config file
...
continuous-integration/drone/pr Build is passing
Sometimes, the secret files permissions checks gets in the way. It's
by no mean complete, it doesn't take the Posix ACLs into account among
other things. Correctly checking the ACLs would be too involving (see
#658 (comment) )
and would likely still fail in some weird chmod settings.
We're adding a new configuration file key allowing the user to disable
this permission check altogether.
The (already existing) env variable counterpart always take precedence
to this config file option. That's useful in cases where the
configuration file is static and cannot be easily altered.
Fixes #658
Co-authored-by: Florian Klink <flokli@flokli.de>
2023-10-26 18:25:13 +02:00
ac04934dae
s3 api: add missing CORS headers to PostObject responses ( fix #609 )
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
continuous-integration/drone Build is passing
2023-10-20 10:37:48 +02:00
0215b11402
Merge pull request 'Add support for specifying rpc_secret_file
, metrics_token_file
and admin_token_file
using environment variables' ( #643 ) from networkException/garage:token-file-env into main-0.8.x
...
continuous-integration/drone/push Build is passing
Reviewed-on: #643
2023-10-19 09:33:12 +00:00
8599051c49
garage: support specifying token / secret as environment variables
...
continuous-integration/drone/pr Build is passing
this patch adds support for specifying the `rpc_secret_file`,
`metrics_token_file` and `admin_token_file` as environment variables.
2023-10-19 03:39:02 +02:00
4a19ee94bb
garage: fix admin-token description
2023-10-19 03:31:50 +02:00
c99cb58d71
util: move reading secret file into seperate helper
...
this patch moves the logic to read a secret file (and check for correct
permissions) from `secret_from_file` into a new `read_secret_file`
helper.
2023-10-19 03:29:48 +02:00
2d5d7a7031
Move convert_db command into main garage binary
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2023-10-10 12:13:15 +02:00
7907a09acc
api: allow custom unix bind mode and use 0o220 for admin server
2023-10-03 17:31:40 +02:00
8ec6a53b35
everywhere: support unix sockets when binding in various places
...
continuous-integration/drone/pr Build is passing
this patch implements binding to paths as a unix socket for generic
server and web server.
2023-09-29 18:57:44 +02:00
7353038a64
config: allow using paths for unix domain sockets in various places
...
this patch updates the config format to also allow paths in bind
addresses for unix domain sockets.
this has been added to all apis except rpc.
2023-09-29 18:38:30 +02:00
10195f1567
util: add helper sum type for unix and tcp socket addresses
...
this patch introduces a new sum type that can represent either a
tcp socket address or a unix domain socket path.
2023-09-29 18:37:36 +02:00
6086a3fa07
cargo: add hyperlocal as a dependency
2023-09-29 18:37:12 +02:00
91e764a2bf
fix hang on shutdown
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-09-12 14:35:48 +02:00
aa79810596
Fix error when none of S3/K2V/WEB/ADMIN server is started ( fix #613 )
2023-09-12 14:35:19 +02:00
9cfe55ab60
fix 32-bit build
continuous-integration/drone/pr Build was killed
continuous-integration/drone/push Build was killed
continuous-integration/drone Build is passing
2023-09-11 20:01:29 +02:00
d5bb50d738
use statvfs instead of mount list to determine free data/meta space ( fix #611 )
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
continuous-integration/drone Build was killed
2023-09-11 19:08:24 +02:00
f8b3883611
config: make block_size and sled_cache_capacity expressable as strings
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2023-09-11 18:34:59 +02:00
51b9731a08
make lmdb's map_size configurable ( fix #628 )
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2023-09-11 18:03:44 +02:00
51eac97260
update version to 0.8.4
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
continuous-integration/drone Build is failing
2023-09-05 23:28:12 +02:00
e78566591b
Revert netapp update, hold to version 0.5.2 that uses rmp-serde 0.15
continuous-integration/drone/push Build is failing
2023-09-05 23:23:23 +02:00
06369c8f4a
add garage_db dependency in garage_rpc
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
continuous-integration/drone Build was killed
2023-08-28 17:08:21 +02:00
cece1be1bb
bump version to 0.8.3
continuous-integration/drone/pr Build is passing
continuous-integration/drone/tag Build is passing
continuous-integration/drone/push Build is passing
continuous-integration/drone Build is passing
2023-08-28 13:17:26 +02:00
769b6fe054
fix test_website_check_domain
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-08-28 12:40:28 +02:00
e66c78d6ea
integration test: move json_body to root of crate
2023-08-28 12:32:57 +02:00
9b4ce4a8ad
admin api: refactor caddy check api code
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2023-08-28 12:17:10 +02:00
2bbe2da5ad
Merge pull request 'support index on path missing a trailing slash' ( #612 ) from compat/index-without-trailing-slash into main
...
continuous-integration/drone/push Build is passing
Reviewed-on: #612
2023-08-28 10:15:01 +00:00
c5cafa0000
web_server.rs: handle error properly and refactor
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2023-08-28 12:05:14 +02:00
Jonathan Davies
d66d81ae2d
cargo: Updated gethostname v0.2.3 -> v0.4.3.
continuous-integration/drone/pr Build is failing
2023-08-28 09:30:27 +00:00
Jonathan Davies
7d8296ec59
cargo: Updated pretty_env_logger v0.4.0 -> v0.5.0.
2023-08-28 09:30:27 +00:00
Jonathan Davies
f607ac6792
garage/api: cargo: Updated idna dependency to 0.4.
2023-08-28 09:30:27 +00:00
Jonathan Davies
96d1d81ab7
garage/db: cargo: Updated rusqlite to 0.29.
2023-08-28 09:30:27 +00:00
Jonathan Davies
5185701aa8
cargo: Updated:
...
* addr2line v0.19.0 -> v0.20.0
* async-compression v0.4.0 -> v0.4.1
* clap v4.3.8 -> v4.3.19
* hyper v0.14.26 -> v0.14.27
* ipnet v2.7.2 -> v2.8.0
* rmp v0.8.11 -> v0.8.12
* serde v1.0.164 -> v1.0.188
* tokio v1.29.0 -> v1.31.0
* zstd v0.12.3+zstd.1.5.2 -> v0.12.4
* Others in `cargo update`
2023-08-28 09:30:27 +00:00
63da1d2443
support index on path missing a trailing slash
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2023-08-08 15:28:57 +02:00
24e533f262
support {s3,web}.root_domains in /check endpoint
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-08-08 11:05:42 +02:00
Jonathan Davies
59bfc68f2e
post_object.rs: Fixed typos / grammar.
continuous-integration/drone/pr Build is passing
2023-08-01 15:31:39 +01:00
c855284760
src/util: fix typo
continuous-integration/drone/pr Build is passing
2023-07-14 14:25:40 +03:00
b1ca1784a1
src/garage/cli: fix typo
2023-07-14 14:25:33 +03:00
Jonathan Davies
aee0d97f22
cargo: Updated async-compression to 0.4.
continuous-integration/drone/pr Build is failing
2023-06-28 11:17:16 +01:00
e716320b0a
Merge pull request 'cargo: roxmltree-0.18 and aws-sdk-s3-0.28 bump' ( #591 ) from jpds/garage:roxmltree-0.18 into main
...
continuous-integration/drone/push Build is passing
Reviewed-on: #591
2023-06-27 17:20:58 +00:00
e466edbaec
Merge pull request 'introduce dedicated return type for PollRange' ( #590 ) from trinity-1686a/garage:k2v-client-poll-range-result into main
...
continuous-integration/drone/push Build is passing
Reviewed-on: #590
2023-06-27 08:28:26 +00:00
Jonathan Davies
a6da7e588f
tests/bucket.rs: Adjusted as previously used function is now private.
2023-06-26 18:03:43 +01:00
e5835704b7
don't build sqlite by default
...
continuous-integration/drone/pr Build is passing
`bundled-libs` is enabled by default, and causes sqlite to be built too,
even if the sqlite backend isn't enabled.
2023-06-26 11:15:11 +02:00