From 289521886bc5819790c92da6cdf24898aacbaf58 Mon Sep 17 00:00:00 2001 From: Trinity Pointard Date: Sat, 29 May 2021 21:22:15 +0200 Subject: [PATCH] make most changes suggested during install-party --- doc/book/src/cookbook/recovering.md | 2 +- doc/book/src/getting_started/02_test_deployment.md | 4 ++-- .../src/getting_started/03_real_world_deployment.md | 10 +++++----- doc/book/src/getting_started/05_cluster.md | 2 +- src/garage/cli.rs | 2 +- src/rpc/rpc_client.rs | 10 +++++++--- 6 files changed, 17 insertions(+), 13 deletions(-) diff --git a/doc/book/src/cookbook/recovering.md b/doc/book/src/cookbook/recovering.md index fcb0b7d8..2d8f4b80 100644 --- a/doc/book/src/cookbook/recovering.md +++ b/doc/book/src/cookbook/recovering.md @@ -92,7 +92,7 @@ Then, replace the broken node by the new one, using: ``` garage node configure --replace \ - -c -d -t + -c -z -t ``` Garage will then start synchronizing all required data on the new node. diff --git a/doc/book/src/getting_started/02_test_deployment.md b/doc/book/src/getting_started/02_test_deployment.md index 16f40dce..c8296fcc 100644 --- a/doc/book/src/getting_started/02_test_deployment.md +++ b/doc/book/src/getting_started/02_test_deployment.md @@ -72,7 +72,7 @@ Use the following command to start Garage in a docker container: ``` docker run -d \ -p 3901:3901 -p 3902:3902 -p 3900:3900 \ - -v ./config.toml:/garage/config.toml \ + -v $PWD/garage.toml:/garage/garage.toml \ lxpz/garage_amd64:v0.3.0 ``` @@ -82,7 +82,7 @@ at launch time. For instance: ``` docker run -d \ -p 3901:3901 -p 3902:3902 -p 3900:3900 \ - -v ./config.toml:/garage/config.toml \ + -v $PWD/garage.toml:/garage/garage.toml \ -e RUST_LOG=garage=info \ lxpz/garage_amd64:v0.3.0 ``` diff --git a/doc/book/src/getting_started/03_real_world_deployment.md b/doc/book/src/getting_started/03_real_world_deployment.md index 81b929c1..9fd97303 100644 --- a/doc/book/src/getting_started/03_real_world_deployment.md +++ b/doc/book/src/getting_started/03_real_world_deployment.md @@ -12,7 +12,7 @@ You first need to generate TLS certificates to encrypt traffic between Garage no To generate your TLS certificates, run on your machine: ``` -wget https://git.deuxfleurs.fr/Deuxfleurs/garage/raw/branch/master/genkeys.sh +wget https://git.deuxfleurs.fr/Deuxfleurs/garage/raw/branch/main/genkeys.sh chmod +x genkeys.sh ./genkeys.sh ``` @@ -49,13 +49,13 @@ For our example, we will suppose the following infrastructure with IPv6 connecti On each machine, we will have a similar setup, especially you must consider the following folders/files: - - `/etc/garage/config.toml`: Garage daemon's configuration (see below) + - `/etc/garage/garage.toml`: Garage daemon's configuration (see below) - `/etc/garage/pki/`: Folder containing Garage certificates, must be generated on your computer and copied on the servers - `/var/lib/garage/meta/`: Folder containing Garage's metadata, put this folder on a SSD if possible - `/var/lib/garage/data/`: Folder containing Garage's data, this folder will grows and must be on a large storage, possibly big HDDs. - `/etc/systemd/system/garage.service`: Service file to start garage at boot automatically (defined below, not required if you use docker) -A valid `/etc/garage/config.toml` for our cluster would be: +A valid `/etc/garage/garage.toml` for our cluster would be: ```toml metadata_dir = "/var/lib/garage/meta" @@ -103,7 +103,7 @@ docker run \ --restart always \ --network host \ -v /etc/garage/pki:/etc/garage/pki \ - -v /etc/garage/config.toml:/garage/config.toml \ + -v /etc/garage/garage.toml:/garage/garage.toml \ -v /var/lib/garage/meta:/var/lib/garage/meta \ -v /var/lib/garage/data:/var/lib/garage/data \ lxpz/garage_amd64:v0.3.0 @@ -130,7 +130,7 @@ Wants=network-online.target [Service] Environment='RUST_LOG=garage=info' 'RUST_BACKTRACE=1' -ExecStart=/usr/local/bin/garage server -c /etc/garage/config.toml +ExecStart=/usr/local/bin/garage server -c /etc/garage/garage.toml [Install] WantedBy=multi-user.target diff --git a/doc/book/src/getting_started/05_cluster.md b/doc/book/src/getting_started/05_cluster.md index 83beb662..ac6fc9fd 100644 --- a/doc/book/src/getting_started/05_cluster.md +++ b/doc/book/src/getting_started/05_cluster.md @@ -11,7 +11,7 @@ As this part is not relevant for a test cluster, you can use this three-liner to ```bash garagectl status | grep UNCONFIGURED | grep -Po '^[0-9a-f]+' | while read id; do - garagectl node configure -d dc1 -c 1 $id + garagectl node configure -z dc1 -c 1 $id done ``` diff --git a/src/garage/cli.rs b/src/garage/cli.rs index 0ddb5a1c..d44256b9 100644 --- a/src/garage/cli.rs +++ b/src/garage/cli.rs @@ -125,7 +125,7 @@ pub enum BucketOperation { #[structopt(name = "allow")] Allow(PermBucketOpt), - /// Allow key to read or write to bucket + /// Deny key from reading or writing to bucket #[structopt(name = "deny")] Deny(PermBucketOpt), diff --git a/src/rpc/rpc_client.rs b/src/rpc/rpc_client.rs index 5ed43d44..806c7e69 100644 --- a/src/rpc/rpc_client.rs +++ b/src/rpc/rpc_client.rs @@ -279,9 +279,13 @@ impl RpcHttpClient { tls_config: &Option, ) -> Result { let method = if let Some(cf) = tls_config { - let ca_certs = tls_util::load_certs(&cf.ca_cert)?; - let node_certs = tls_util::load_certs(&cf.node_cert)?; - let node_key = tls_util::load_private_key(&cf.node_key)?; + let ca_certs = tls_util::load_certs(&cf.ca_cert).map_err(|e| { + Error::Message(format!("Failed to open CA certificate file: {:?}", e)) + })?; + let node_certs = tls_util::load_certs(&cf.node_cert) + .map_err(|e| Error::Message(format!("Failed to open certificate file: {:?}", e)))?; + let node_key = tls_util::load_private_key(&cf.node_key) + .map_err(|e| Error::Message(format!("Failed to open private key file: {:?}", e)))?; let mut config = rustls::ClientConfig::new();