Commit graph

830 commits

Author SHA1 Message Date
610af71e36
[backport-735-v0.8.x] backport AWS signature verification refactoring 2024-03-01 13:21:23 +01:00
70899b0e37
[fix-auth-ct-eq] use consant time comparison for awsv4 signature verification
All checks were successful
ci/woodpecker/pr/debug Pipeline was successful
ci/woodpecker/push/debug Pipeline was successful
2024-02-29 18:13:41 +01:00
c00a028cc8
[fix-auth-ct-eq] use argon2 hashing and verification for admin/metrics token checking 2024-02-29 18:13:37 +01:00
50643e61bf
Bump version to 0.8.5
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2024-01-16 10:47:33 +01:00
a6421ee5a5 Merge pull request 'monitoring: finer histogram boundaries in prometheus metrics (fix #531)' (#686) from fix-531 into main-0.8.x
All checks were successful
continuous-integration/drone Build is passing
continuous-integration/drone/push Build is passing
Reviewed-on: #686
2024-01-15 16:44:58 +00:00
f512609123
monitoring: finer histogram boundaries in prometheus metrics (fix #531)
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2024-01-15 17:33:35 +01:00
97bae7213a
config: additional tests for secret sourcing
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2024-01-15 17:30:30 +01:00
7228695ee2
config: refactor secret sourcing
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2024-01-15 17:18:46 +01:00
f83fa02193 Add allow_world_readable_secrets option to config file
All checks were successful
continuous-integration/drone/pr Build is passing
Sometimes, the secret files permissions checks gets in the way. It's
by no mean complete, it doesn't take the Posix ACLs into account among
other things. Correctly checking the ACLs would be too involving (see
#658 (comment))
and would likely still fail in some weird chmod settings.

We're adding a new configuration file key allowing the user to disable
this permission check altogether.

The (already existing) env variable counterpart always take precedence
to this config file option. That's useful in cases where the
configuration file is static and cannot be easily altered.

Fixes #658

Co-authored-by: Florian Klink <flokli@flokli.de>
2023-10-26 18:25:13 +02:00
ac04934dae s3 api: add missing CORS headers to PostObject responses (fix #609)
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
continuous-integration/drone Build is passing
2023-10-20 10:37:48 +02:00
0215b11402 Merge pull request 'Add support for specifying rpc_secret_file, metrics_token_file and admin_token_file using environment variables' (#643) from networkException/garage:token-file-env into main-0.8.x
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #643
2023-10-19 09:33:12 +00:00
8599051c49
garage: support specifying token / secret as environment variables
All checks were successful
continuous-integration/drone/pr Build is passing
this patch adds support for specifying the `rpc_secret_file`,
`metrics_token_file` and `admin_token_file` as environment variables.
2023-10-19 03:39:02 +02:00
4a19ee94bb
garage: fix admin-token description 2023-10-19 03:31:50 +02:00
c99cb58d71
util: move reading secret file into seperate helper
this patch moves the logic to read a secret file (and check for correct
permissions) from `secret_from_file` into a new `read_secret_file`
helper.
2023-10-19 03:29:48 +02:00
2d5d7a7031 Move convert_db command into main garage binary
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2023-10-10 12:13:15 +02:00
7907a09acc
api: allow custom unix bind mode and use 0o220 for admin server 2023-10-03 17:31:40 +02:00
8ec6a53b35
everywhere: support unix sockets when binding in various places
All checks were successful
continuous-integration/drone/pr Build is passing
this patch implements binding to paths as a unix socket for generic
server and web server.
2023-09-29 18:57:44 +02:00
7353038a64
config: allow using paths for unix domain sockets in various places
this patch updates the config format to also allow paths in bind
addresses for unix domain sockets.

this has been added to all apis except rpc.
2023-09-29 18:38:30 +02:00
10195f1567
util: add helper sum type for unix and tcp socket addresses
this patch introduces a new sum type that can represent either a
tcp socket address or a unix domain socket path.
2023-09-29 18:37:36 +02:00
6086a3fa07
cargo: add hyperlocal as a dependency 2023-09-29 18:37:12 +02:00
91e764a2bf fix hang on shutdown
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-09-12 14:35:48 +02:00
aa79810596 Fix error when none of S3/K2V/WEB/ADMIN server is started (fix #613) 2023-09-12 14:35:19 +02:00
9cfe55ab60 fix 32-bit build
Some checks reported errors
continuous-integration/drone/pr Build was killed
continuous-integration/drone/push Build was killed
continuous-integration/drone Build is passing
2023-09-11 20:01:29 +02:00
d5bb50d738 use statvfs instead of mount list to determine free data/meta space (fix #611)
Some checks reported errors
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
continuous-integration/drone Build was killed
2023-09-11 19:08:24 +02:00
f8b3883611 config: make block_size and sled_cache_capacity expressable as strings
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2023-09-11 18:34:59 +02:00
51b9731a08 make lmdb's map_size configurable (fix #628)
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2023-09-11 18:03:44 +02:00
51eac97260 update version to 0.8.4
Some checks failed
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
continuous-integration/drone Build is failing
2023-09-05 23:28:12 +02:00
e78566591b Revert netapp update, hold to version 0.5.2 that uses rmp-serde 0.15
Some checks failed
continuous-integration/drone/push Build is failing
2023-09-05 23:23:23 +02:00
06369c8f4a add garage_db dependency in garage_rpc
Some checks reported errors
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
continuous-integration/drone Build was killed
2023-08-28 17:08:21 +02:00
cece1be1bb bump version to 0.8.3
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/tag Build is passing
continuous-integration/drone/push Build is passing
continuous-integration/drone Build is passing
2023-08-28 13:17:26 +02:00
769b6fe054 fix test_website_check_domain
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-08-28 12:40:28 +02:00
e66c78d6ea integration test: move json_body to root of crate 2023-08-28 12:32:57 +02:00
9b4ce4a8ad admin api: refactor caddy check api code
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2023-08-28 12:17:10 +02:00
2bbe2da5ad Merge pull request 'support index on path missing a trailing slash' (#612) from compat/index-without-trailing-slash into main
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #612
2023-08-28 10:15:01 +00:00
c5cafa0000 web_server.rs: handle error properly and refactor
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2023-08-28 12:05:14 +02:00
Jonathan Davies
d66d81ae2d cargo: Updated gethostname v0.2.3 -> v0.4.3.
Some checks failed
continuous-integration/drone/pr Build is failing
2023-08-28 09:30:27 +00:00
Jonathan Davies
7d8296ec59 cargo: Updated pretty_env_logger v0.4.0 -> v0.5.0. 2023-08-28 09:30:27 +00:00
Jonathan Davies
f607ac6792 garage/api: cargo: Updated idna dependency to 0.4. 2023-08-28 09:30:27 +00:00
Jonathan Davies
96d1d81ab7 garage/db: cargo: Updated rusqlite to 0.29. 2023-08-28 09:30:27 +00:00
Jonathan Davies
5185701aa8 cargo: Updated:
* addr2line v0.19.0 -> v0.20.0
 * async-compression v0.4.0 -> v0.4.1
 * clap v4.3.8 -> v4.3.19
 * hyper v0.14.26 -> v0.14.27
 * ipnet v2.7.2 -> v2.8.0
 * rmp v0.8.11 -> v0.8.12
 * serde v1.0.164 -> v1.0.188
 * tokio v1.29.0 -> v1.31.0
 * zstd v0.12.3+zstd.1.5.2 -> v0.12.4
 * Others in `cargo update`
2023-08-28 09:30:27 +00:00
63da1d2443
support index on path missing a trailing slash
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2023-08-08 15:28:57 +02:00
24e533f262
support {s3,web}.root_domains in /check endpoint
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-08-08 11:05:42 +02:00
Jonathan Davies
59bfc68f2e post_object.rs: Fixed typos / grammar.
All checks were successful
continuous-integration/drone/pr Build is passing
2023-08-01 15:31:39 +01:00
c855284760 src/util: fix typo
All checks were successful
continuous-integration/drone/pr Build is passing
2023-07-14 14:25:40 +03:00
b1ca1784a1 src/garage/cli: fix typo 2023-07-14 14:25:33 +03:00
Jonathan Davies
aee0d97f22 cargo: Updated async-compression to 0.4.
Some checks failed
continuous-integration/drone/pr Build is failing
2023-06-28 11:17:16 +01:00
e716320b0a Merge pull request 'cargo: roxmltree-0.18 and aws-sdk-s3-0.28 bump' (#591) from jpds/garage:roxmltree-0.18 into main
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #591
2023-06-27 17:20:58 +00:00
e466edbaec Merge pull request 'introduce dedicated return type for PollRange' (#590) from trinity-1686a/garage:k2v-client-poll-range-result into main
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #590
2023-06-27 08:28:26 +00:00
Jonathan Davies
a6da7e588f tests/bucket.rs: Adjusted as previously used function is now private. 2023-06-26 18:03:43 +01:00
e5835704b7 don't build sqlite by default
All checks were successful
continuous-integration/drone/pr Build is passing
`bundled-libs` is enabled by default, and causes sqlite to be built too,
even if the sqlite backend isn't enabled.
2023-06-26 11:15:11 +02:00