From 7fc001a92f2587a8d725d23b53b10e4df5fed7f2 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Tue, 26 Oct 2021 14:14:41 +0200
Subject: [PATCH] Migration to garage 0.4

---
 app/garage/config/garage.toml           | 14 ++++--------
 app/garage/deploy/garage.hcl            | 29 ++++++-------------------
 app/garage/secrets/garage/garage-ca.crt |  1 -
 app/garage/secrets/garage/garage-ca.key |  1 -
 app/garage/secrets/garage/garage.crt    |  1 -
 app/garage/secrets/garage/garage.key    |  1 -
 app/garage/secrets/garage/rpc_secret    |  1 +
 7 files changed, 12 insertions(+), 36 deletions(-)
 delete mode 100644 app/garage/secrets/garage/garage-ca.crt
 delete mode 100644 app/garage/secrets/garage/garage-ca.key
 delete mode 100644 app/garage/secrets/garage/garage.crt
 delete mode 100644 app/garage/secrets/garage/garage.key
 create mode 100644 app/garage/secrets/garage/rpc_secret

diff --git a/app/garage/config/garage.toml b/app/garage/config/garage.toml
index 481312d..e637cfb 100644
--- a/app/garage/config/garage.toml
+++ b/app/garage/config/garage.toml
@@ -1,24 +1,18 @@
 block_size = 1048576
 
-metadata_dir = "/garage/meta"
-data_dir = "/garage/data"
+metadata_dir = "/meta"
+data_dir = "/data"
 
 replication_mode = "3"
 
 rpc_bind_addr = "[::]:3901"
+rpc_secret = "{{ key "secrets/garage/rpc_secret" | trimSpace }}"
 
 consul_host = "consul.service.2.cluster.deuxfleurs.fr:8500"
-consul_service_name = "garage-rpc"
+consul_service_name = "garage-rpc-self-advertised"
 
 bootstrap_peers = []
 
-max_concurrent_rpc_requests = 12
-
-[rpc_tls]
-ca_cert = "/garage/garage-ca.crt"
-node_cert = "/garage/garage.crt"
-node_key = "/garage/garage.key"
-
 [s3_api]
 s3_region = "garage"
 api_bind_addr = "[::]:3900"
diff --git a/app/garage/deploy/garage.hcl b/app/garage/deploy/garage.hcl
index ab03e70..01d5123 100644
--- a/app/garage/deploy/garage.hcl
+++ b/app/garage/deploy/garage.hcl
@@ -25,15 +25,14 @@ job "garage" {
       driver = "docker"
       config {
         advertise_ipv6_address = true
-        image = "lxpz/garage_amd64:v0.3.0.2"
+        image = "dxflrs/amd64_garage:v0.4-rc1"
+        command = "/garage"
+        args = [ "server" ]
         network_mode = "host"
         volumes = [
-          "/mnt/storage/garage/data:/garage/data",
-          "/mnt/ssd/garage/meta:/garage/meta",
-          "secrets/garage.toml:/garage/config.toml",
-          "secrets/garage-ca.crt:/garage/garage-ca.crt",
-          "secrets/garage.crt:/garage/garage.crt",
-          "secrets/garage.key:/garage/garage.key",
+          "/mnt/storage/garage/data:/data",
+          "/mnt/ssd/garage/meta:/meta",
+          "secrets/garage.toml:/etc/garage.toml",
         ]
         logging {
           type = "journald"
@@ -45,22 +44,8 @@ job "garage" {
         destination = "secrets/garage.toml"
       }
 
-      # --- secrets ---
-      template {
-        data = "{{ key \"secrets/garage/garage-ca.crt\" }}" 
-        destination = "secrets/garage-ca.crt"
-      }
-      template {
-        data = "{{ key \"secrets/garage/garage.crt\" }}" 
-        destination = "secrets/garage.crt"
-      }
-      template {
-        data = "{{ key \"secrets/garage/garage.key\" }}" 
-        destination = "secrets/garage.key"
-      }
-
       resources {
-        memory = 800
+        memory = 1500
         cpu = 1000
       }
 
diff --git a/app/garage/secrets/garage/garage-ca.crt b/app/garage/secrets/garage/garage-ca.crt
deleted file mode 100644
index 8488ab6..0000000
--- a/app/garage/secrets/garage/garage-ca.crt
+++ /dev/null
@@ -1 +0,0 @@
-USER_LONG garage-ca.crt (generated with Garage's genkeys.sh script)
diff --git a/app/garage/secrets/garage/garage-ca.key b/app/garage/secrets/garage/garage-ca.key
deleted file mode 100644
index ca3e90c..0000000
--- a/app/garage/secrets/garage/garage-ca.key
+++ /dev/null
@@ -1 +0,0 @@
-USER_LONG garage-ca.key (generated with Garage's genkeys.sh script)
diff --git a/app/garage/secrets/garage/garage.crt b/app/garage/secrets/garage/garage.crt
deleted file mode 100644
index 6044ab8..0000000
--- a/app/garage/secrets/garage/garage.crt
+++ /dev/null
@@ -1 +0,0 @@
-USER_LONG garage.crt (generated with Garage's genkeys.sh script)
diff --git a/app/garage/secrets/garage/garage.key b/app/garage/secrets/garage/garage.key
deleted file mode 100644
index db3cb0e..0000000
--- a/app/garage/secrets/garage/garage.key
+++ /dev/null
@@ -1 +0,0 @@
-USER_LONG garage.key (generated with Garage's genkeys.sh script)
diff --git a/app/garage/secrets/garage/rpc_secret b/app/garage/secrets/garage/rpc_secret
new file mode 100644
index 0000000..d831d53
--- /dev/null
+++ b/app/garage/secrets/garage/rpc_secret
@@ -0,0 +1 @@
+CMD_ONCE openssl rand -hex 32