Merge pull request 'Properly return HTTP 204 when deleting non-existent object (fix #227)' (#384) from deleteobject-204 into main

Reviewed-on: Deuxfleurs/garage#384

.drone.yml

@@ -2,68 +2,26 @@
 kind: pipeline
 name: default
 
-workspace:
-  base: /drone/garage
-
-volumes:
-- name: nix_store
-  host:
-    path: /var/lib/drone/nix
-- name: nix_config
-  temp: {}
-
-environment:
-  HOME: /drone/garage
+node:
+  nix-daemon: 1
 
 steps:
-  - name: setup nix
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+  - name: check formatting
+    image: nixpkgs/nix:nixos-22.05
     commands:
-      - cp nix/nix.conf /etc/nix/nix.conf
-      - nix-build --no-build-output --no-out-link shell.nix --arg release false  -A inputDerivation
-
-  - name: code quality
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
-    commands:
-      - nix-shell --arg release false --run "cargo fmt -- --check"
-      - nix-shell --arg release false --run "cargo clippy -- --deny warnings"
+      - nix-shell --attr rust --run "cargo fmt -- --check"
 
   - name: build
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     commands:
-      - nix-build --no-build-output --option log-lines 100 --argstr target x86_64-unknown-linux-musl --arg release false --argstr git_version $DRONE_COMMIT
+      - nix-build --no-build-output --attr clippy.amd64 --argstr git_version ${DRONE_TAG:-$DRONE_COMMIT}
 
   - name: unit + func tests
-    image: nixpkgs/nix:nixos-21.05
+    image: nixpkgs/nix:nixos-22.05
     environment:
       GARAGE_TEST_INTEGRATION_EXE: result/bin/garage
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
     commands:
-      - |
-        nix-build \
-          --no-build-output \
-          --option log-lines 100 \
-          --argstr target x86_64-unknown-linux-musl \
-          --argstr compileMode test
+      - nix-build --no-build-output --attr test.amd64
       - ./result/bin/garage_api-*
       - ./result/bin/garage_model-*
       - ./result/bin/garage_rpc-*
@@ -73,16 +31,11 @@ steps:
       - ./result/bin/garage-*
       - ./result/bin/integration-*
 
-  - name: smoke-test
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+  - name: integration tests
+    image: nixpkgs/nix:nixos-22.05
     commands:
-      - nix-build --no-build-output --argstr target x86_64-unknown-linux-musl --arg release false --argstr git_version $DRONE_COMMIT
-      - nix-shell --arg release false --run ./script/test-smoke.sh || (cat /tmp/garage.log; false)
+      - nix-build --no-build-output --attr clippy.amd64 --argstr git_version ${DRONE_TAG:-$DRONE_COMMIT}
+      - nix-shell --attr integration --run ./script/test-smoke.sh || (cat /tmp/garage.log; false)
 
 trigger:
   event:
@@ -92,78 +45,39 @@ trigger:
   - tag
   - cron
 
-node:
-  nix: 1
-
 ---
 kind: pipeline
 type: docker
-name: release-linux-x86_64
+name: release-linux-amd64
 
-volumes:
-- name: nix_store
-  host:
-    path: /var/lib/drone/nix
-- name: nix_config
-  temp: {}
-
-environment:
-  TARGET: x86_64-unknown-linux-musl
+node:
+  nix-daemon: 1
 
 steps:
-  - name: setup nix
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
-    commands:
-      - cp nix/nix.conf /etc/nix/nix.conf
-      - nix-build --no-build-output --no-out-link shell.nix -A inputDerivation
-
   - name: build
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     commands:
-      - nix-build --no-build-output --argstr target $TARGET --arg release true --argstr git_version $DRONE_COMMIT
+      - nix-build --no-build-output --attr pkgs.amd64.release --argstr git_version ${DRONE_TAG:-$DRONE_COMMIT}
+      - nix-shell --attr rust --run "./script/not-dynamic.sh result/bin/garage"
 
   - name: integration
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     commands:
-      - nix-shell --run ./script/test-smoke.sh || (cat /tmp/garage.log; false)
+      - nix-shell --attr integration --run ./script/test-smoke.sh || (cat /tmp/garage.log; false)
 
   - name: push static binary
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     environment:
       AWS_ACCESS_KEY_ID:
         from_secret: garagehq_aws_access_key_id
       AWS_SECRET_ACCESS_KEY:
         from_secret: garagehq_aws_secret_access_key
+      TARGET: "x86_64-unknown-linux-musl"
     commands:
-      - nix-shell --arg rust false --arg integration false --run "to_s3"
+      - nix-shell --attr release --run "to_s3"
 
   - name: docker build and publish
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     environment:
       DOCKER_AUTH:
         from_secret: docker_auth
@@ -174,7 +88,7 @@ steps:
       - mkdir -p /kaniko/.docker
       - echo $DOCKER_AUTH > /kaniko/.docker/config.json
       - export CONTAINER_TAG=${DRONE_TAG:-$DRONE_COMMIT}
-      - nix-shell --arg rust false --arg integration false --run "to_docker"
+      - nix-shell --attr release --run "to_docker"
 
 
 trigger:
@@ -182,78 +96,39 @@ trigger:
   - promote
   - cron
 
-node:
-  nix: 1
-
 ---
 kind: pipeline
 type: docker
-name: release-linux-i686
+name: release-linux-i386
 
-volumes:
-- name: nix_store
-  host:
-    path: /var/lib/drone/nix
-- name: nix_config
-  temp: {}
-
-environment:
-  TARGET: i686-unknown-linux-musl
+node:
+  nix-daemon: 1
 
 steps:
-  - name: setup nix
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
-    commands:
-      - cp nix/nix.conf /etc/nix/nix.conf
-      - nix-build --no-build-output --no-out-link shell.nix -A inputDerivation
-
   - name: build
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     commands:
-      - nix-build --no-build-output --argstr target $TARGET --arg release true --argstr git_version $DRONE_COMMIT
+      - nix-build --no-build-output --attr pkgs.i386.release --argstr git_version ${DRONE_TAG:-$DRONE_COMMIT}
+      - nix-shell --attr rust --run "./script/not-dynamic.sh result/bin/garage"
 
   - name: integration
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     commands:
-      - nix-shell --run ./script/test-smoke.sh || (cat /tmp/garage.log; false)
+      - nix-shell --attr integration --run ./script/test-smoke.sh || (cat /tmp/garage.log; false)
 
   - name: push static binary
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     environment:
       AWS_ACCESS_KEY_ID:
         from_secret: garagehq_aws_access_key_id
       AWS_SECRET_ACCESS_KEY:
         from_secret: garagehq_aws_secret_access_key
+      TARGET: "i686-unknown-linux-musl"
     commands:
-      - nix-shell --arg rust false --arg integration false --run "to_s3"
+      - nix-shell --attr release --run "to_s3"
 
   - name: docker build and publish
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     environment:
       DOCKER_AUTH:
         from_secret: docker_auth
@@ -264,75 +139,41 @@ steps:
       - mkdir -p /kaniko/.docker
       - echo $DOCKER_AUTH > /kaniko/.docker/config.json
       - export CONTAINER_TAG=${DRONE_TAG:-$DRONE_COMMIT}
-      - nix-shell --arg rust false --arg integration false --run "to_docker"
+      - nix-shell --attr release --run "to_docker"
 
 trigger:
   event:
   - promote
   - cron
 
-node:
-  nix: 1
-
 ---
 kind: pipeline
 type: docker
-name: release-linux-aarch64
+name: release-linux-arm64
 
-volumes:
-- name: nix_store
-  host:
-    path: /var/lib/drone/nix
-- name: nix_config
-  temp: {}
-
-environment:
-  TARGET: aarch64-unknown-linux-musl
+node:
+  nix-daemon: 1
 
 steps:
-  - name: setup nix
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
-    commands:
-      - cp nix/nix.conf /etc/nix/nix.conf
-      - nix-build --no-build-output --no-out-link ./shell.nix --arg rust false --arg integration false -A inputDerivation
-
   - name: build
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     commands:
-      - nix-build --no-build-output --argstr target $TARGET --arg release true --argstr git_version $DRONE_COMMIT
+      - nix-build --no-build-output --attr pkgs.arm64.release --argstr git_version ${DRONE_TAG:-$DRONE_COMMIT}
+      - nix-shell --attr rust --run "./script/not-dynamic.sh result/bin/garage"
 
   - name: push static binary
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     environment:
       AWS_ACCESS_KEY_ID:
         from_secret: garagehq_aws_access_key_id
       AWS_SECRET_ACCESS_KEY:
         from_secret: garagehq_aws_secret_access_key
+      TARGET: "aarch64-unknown-linux-musl"
     commands:
-      - nix-shell --arg rust false --arg integration false --run "to_s3"
+      - nix-shell --attr release --run "to_s3"
 
   - name: docker build and publish
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     environment:
       DOCKER_AUTH:
         from_secret: docker_auth
@@ -343,75 +184,41 @@ steps:
       - mkdir -p /kaniko/.docker
       - echo $DOCKER_AUTH > /kaniko/.docker/config.json
       - export CONTAINER_TAG=${DRONE_TAG:-$DRONE_COMMIT}
-      - nix-shell --arg rust false --arg integration false --run "to_docker"
+      - nix-shell --attr release --run "to_docker"
 
 trigger:
   event:
   - promote
   - cron
 
-node:
-  nix: 1
-
 ---
 kind: pipeline
 type: docker
-name: release-linux-armv6l
+name: release-linux-arm
 
-volumes:
-- name: nix_store
-  host:
-    path: /var/lib/drone/nix
-- name: nix_config
-  temp: {}
-
-environment:
-  TARGET: armv6l-unknown-linux-musleabihf
+node:
+  nix-daemon: 1
 
 steps:
-  - name: setup nix
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
-    commands:
-      - cp nix/nix.conf /etc/nix/nix.conf
-      - nix-build --no-build-output --no-out-link --arg rust false --arg integration false -A inputDerivation
-
   - name: build
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     commands:
-      - nix-build --no-build-output --argstr target $TARGET --arg release true --argstr git_version $DRONE_COMMIT
+      - nix-build --no-build-output --attr pkgs.arm.release --argstr git_version ${DRONE_TAG:-$DRONE_COMMIT}
+      - nix-shell --attr rust --run "./script/not-dynamic.sh result/bin/garage"
 
   - name: push static binary
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     environment:
       AWS_ACCESS_KEY_ID:
         from_secret: garagehq_aws_access_key_id
       AWS_SECRET_ACCESS_KEY:
         from_secret: garagehq_aws_secret_access_key
+      TARGET: "armv6l-unknown-linux-musleabihf"
     commands:
-      - nix-shell --arg integration false --arg rust false --run "to_s3"
+      - nix-shell --attr release --run "to_s3"
 
   - name: docker build and publish
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
-    - name: nix_config
-      path: /etc/nix
+    image: nixpkgs/nix:nixos-22.05
     environment:
       DOCKER_AUTH:
         from_secret: docker_auth
@@ -422,32 +229,24 @@ steps:
       - mkdir -p /kaniko/.docker
       - echo $DOCKER_AUTH > /kaniko/.docker/config.json
       - export CONTAINER_TAG=${DRONE_TAG:-$DRONE_COMMIT}
-      - nix-shell --arg rust false --arg integration false --run "to_docker"
+      - nix-shell --attr release --run "to_docker"
 
 trigger:
   event:
   - promote
   - cron
 
-node:
-  nix: 1
-
 ---
 kind: pipeline
 type: docker
 name: refresh-release-page
 
-volumes:
-- name: nix_store
-  host:
-    path: /var/lib/drone/nix
+node:
+  nix-daemon: 1
 
 steps:
   - name: refresh-index
-    image: nixpkgs/nix:nixos-21.05
-    volumes:
-    - name: nix_store
-      path: /nix
+    image: nixpkgs/nix:nixos-22.05
     environment:
       AWS_ACCESS_KEY_ID:
         from_secret: garagehq_aws_access_key_id
@@ -455,24 +254,21 @@ steps:
         from_secret: garagehq_aws_secret_access_key
     commands:
       - mkdir -p /etc/nix && cp nix/nix.conf /etc/nix/nix.conf
-      - nix-shell --arg integration false --arg rust false --run "refresh_index"
+      - nix-shell --attr release --run "refresh_index"
 
 depends_on:
-  - release-linux-x86_64
-  - release-linux-i686
-  - release-linux-aarch64
-  - release-linux-armv6l
+  - release-linux-amd64
+  - release-linux-i386
+  - release-linux-arm64
+  - release-linux-arm
 
 trigger:
   event:
   - promote
   - cron
 
-node:
-  nix: 1
-
 ---
 kind: signature
-hmac: 3fc19d6f9a3555519c8405e3281b2e74289bb802f644740d5481d53df3a01fa4
+hmac: 362639b4c9541ad9bd06ff7f72b5235b2b0216bcb16eececd25285b6fe94ba6f
 
 ...

Cargo.toml

@@ -1,16 +1,20 @@
 [workspace]
+resolver = "2"
 members = [
+	"src/db",
 	"src/util",
 	"src/rpc",
 	"src/table",
 	"src/block",
 	"src/model",
-	"src/admin",
 	"src/api",
 	"src/web",
-	"src/garage"
+	"src/garage",
+	"src/k2v-client",
 ]
 
+default-members = ["src/garage"]
+
 [profile.dev]
 lto = "off"
 

Makefile

@@ -1,13 +1,27 @@
-.PHONY: doc all release shell
+.PHONY: doc all release shell run1 run2 run3
 
 all:
-	clear; cargo build --features k2v
-
-doc:
-	cd doc/book; mdbook build
+	clear; cargo build
 
 release:
 	nix-build --arg release true
 
 shell:
 	nix-shell
+
+# ----
+
+run1:
+	RUST_LOG=garage=debug ./target/debug/garage -c tmp/config1.toml server
+run1rel:
+	RUST_LOG=garage=debug ./target/release/garage -c tmp/config1.toml server
+
+run2:
+	RUST_LOG=garage=debug ./target/debug/garage -c tmp/config2.toml server
+run2rel:
+	RUST_LOG=garage=debug ./target/release/garage -c tmp/config2.toml server
+
+run3:
+	RUST_LOG=garage=debug ./target/debug/garage -c tmp/config3.toml server
+run3rel:
+	RUST_LOG=garage=debug ./target/release/garage -c tmp/config3.toml server

default.nix

@@ -1,147 +1,33 @@
 {
   system ? builtins.currentSystem,
-  release ? false,
-  target ? "x86_64-unknown-linux-musl",
-  compileMode ? null,
   git_version ? null,
 }:
 
 with import ./nix/common.nix;
 
 let 
-  crossSystem = { config = target; };
-in let
-  log = v: builtins.trace v v;
+  pkgs = import pkgsSrc { };
+  compile = import ./nix/compile.nix;
+  build_debug_and_release = (target: {
+    debug = (compile { inherit target git_version; release = false; }).workspace.garage { compileMode = "build"; }; 
+    release = (compile { inherit target git_version; release = true; }).workspace.garage { compileMode = "build"; }; 
+  });
+  test = (rustPkgs: pkgs.symlinkJoin {
+    name ="garage-tests";
+    paths = builtins.map (key: rustPkgs.workspace.${key} { compileMode = "test"; }) (builtins.attrNames rustPkgs.workspace);
+  });
 
-  pkgs = import pkgsSrc {
-    inherit system crossSystem;
-    overlays = [ cargo2nixOverlay ];
+in {
+  pkgs = {
+    amd64 = build_debug_and_release "x86_64-unknown-linux-musl";
+    i386 = build_debug_and_release "i686-unknown-linux-musl";
+    arm64 = build_debug_and_release "aarch64-unknown-linux-musl";
+    arm = build_debug_and_release "armv6l-unknown-linux-musleabihf";
   };
-
-
-  /*
-   Rust and Nix triples are not the same. Cargo2nix has a dedicated library
-   to convert Nix triples to Rust ones. We need this conversion as we want to
-   set later options linked to our (rust) target in a generic way. Not only
-   the triple terminology is different, but also the "roles" are named differently.
-   Nix uses a build/host/target terminology where Nix's "host" maps to Cargo's "target".
-  */
-  rustTarget = log (pkgs.rustBuilder.rustLib.rustTriple pkgs.stdenv.hostPlatform);
-
-  /*
-   Cargo2nix is built for rustOverlay which installs Rust from Mozilla releases.
-   We want our own Rust to avoid incompatibilities, like we had with musl 1.2.0.
-   rustc was built with musl < 1.2.0 and nix shipped musl >= 1.2.0 which lead to compilation breakage.
-   So we want a Rust release that is bound to our Nix repository to avoid these problems.
-   See here for more info: https://musl.libc.org/time64.html
-   Because Cargo2nix does not support the Rust environment shipped by NixOS,
-   we emulate the structure of the Rust object created by rustOverlay.
-   In practise, rustOverlay ships rustc+cargo in a single derivation while
-   NixOS ships them in separate ones. We reunite them with symlinkJoin.
-   */
-  rustChannel = pkgs.symlinkJoin {
-    name ="rust-channel";
-    paths = [ 
-      pkgs.rustPlatform.rust.rustc
-      pkgs.rustPlatform.rust.cargo
-    ];
+  test = {
+    amd64 = test (compile { inherit git_version; target = "x86_64-unknown-linux-musl"; });
   };
-
-  /*
-   Cargo2nix provides many overrides by default, you can take inspiration from them:
-   https://github.com/cargo2nix/cargo2nix/blob/master/overlay/overrides.nix
-
-   You can have a complete list of the available options by looking at the overriden object, mkcrate:
-   https://github.com/cargo2nix/cargo2nix/blob/master/overlay/mkcrate.nix
-  */
-  overrides = pkgs.rustBuilder.overrides.all ++ [
-    /*
-     [1] We need to alter Nix hardening to be able to statically compile: PIE,
-     Position Independent Executables seems to be supported only on amd64. Having
-     this flags set either make our executables crash or compile as dynamic on many platforms.
-     In the following section codegenOpts, we reactive it for the supported targets
-     (only amd64 curently) through the `-static-pie` flag. PIE is a feature used
-     by ASLR, which helps mitigate security issues.
-     Learn more about Nix Hardening: https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/cc-wrapper/add-hardening.sh
-
-     [2] We want to inject the git version while keeping the build deterministic.
-     As we do not want to consider the .git folder as part of the input source,
-     we ask the user (the CI often) to pass the value to Nix.
-    */
-    (pkgs.rustBuilder.rustLib.makeOverride {
-      name = "garage";
-      overrideAttrs = drv:
-        /* [1] */ { hardeningDisable = [ "pie" ]; }
-        //
-        /* [2] */ (if git_version != null then {
-          preConfigure = ''
-            ${drv.preConfigure or ""}
-            export GIT_VERSION="${git_version}"
-          '';
-        } else {});
-    })
-
-    /*
-     We ship some parts of the code disabled by default by putting them behind a flag.
-     It speeds up the compilation (when the feature is not required) and released crates have less dependency by default (less attack surface, disk space, etc.).
-     But we want to ship these additional features when we release Garage.
-     In the end, we chose to exclude all features from debug builds while putting (all of) them in the release builds.
-     Currently, the only feature of Garage is kubernetes-discovery from the garage_rpc crate.
-    */
-    (pkgs.rustBuilder.rustLib.makeOverride {
-      name = "garage_rpc";
-      overrideArgs = old:
-        {
-          features = if release then [ "kubernetes-discovery" ] else [];
-        };
-    })
-  ];
-
-  packageFun = import ./Cargo.nix;
-
-  /*
-    We compile fully static binaries with musl to simplify deployment on most systems.
-    When possible, we reactivate PIE hardening (see above).
-
-    Also, if you set the RUSTFLAGS environment variable, the following parameters will
-    be ignored.
-
-    For more information on static builds, please refer to Rust's RFC 1721.
-    https://rust-lang.github.io/rfcs/1721-crt-static.html#specifying-dynamicstatic-c-runtime-linkage
-  */
-
-  codegenOpts = {
-   "armv6l-unknown-linux-musleabihf" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* compile as dynamic with static-pie */
-   "aarch64-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* segfault with static-pie */
-   "i686-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* segfault with static-pie */
-   "x86_64-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static-pie" ];
+  clippy = {
+    amd64 = (compile { inherit git_version; compiler = "clippy"; }).workspace.garage { compileMode = "build"; } ;
   };
-
-  /*
-   The following definition is not elegant as we use a low level function of Cargo2nix
-   that enables us to pass our custom rustChannel object. We need this low level definition
-   to pass Nix's Rust toolchains instead of Mozilla's one.
-
-   target is mandatory but must be kept to null to allow cargo2nix to set it to the appropriate value
-   for each crate.
-  */ 
-  rustPkgs = pkgs.rustBuilder.makePackageSet {
-    inherit packageFun rustChannel release codegenOpts;
-    packageOverrides = overrides;
-    target = null;
-
-    buildRustPackages = pkgs.buildPackages.rustBuilder.makePackageSet {
-      inherit rustChannel packageFun codegenOpts;
-      packageOverrides = overrides;
-      target = null;
-    };
-  };
-
-
-in
-  if compileMode == "test"
-    then pkgs.symlinkJoin {
-      name ="garage-tests";
-      paths = builtins.map (key: rustPkgs.workspace.${key} { inherit compileMode; }) (builtins.attrNames rustPkgs.workspace);
-    }
-    else rustPkgs.workspace.garage { inherit compileMode; }
+}

doc/book/connect/backup.md

@@ -17,6 +17,61 @@ If you still want to use Borg, you can use it with `rclone mount`.
 
 ## Restic
 
+Create your key and bucket:
+
+```bash
+garage key new my-key
+garage bucket create backup
+garage bucket allow backup --read --write --key my-key
+```
+
+Then register your Key ID and Secret key in your environment:
+
+```bash
+export AWS_ACCESS_KEY_ID=GKxxx
+export AWS_SECRET_ACCESS_KEY=xxxx
+```
+
+Configure restic from environment too:
+
+```bash
+export RESTIC_REPOSITORY="s3:http://localhost:3900/backups"
+
+echo "Generated password (save it safely): $(openssl rand -base64 32)"
+export RESTIC_PASSWORD=xxx # copy paste your generated password here
+```
+
+Do not forget to save your password safely (in your password manager or print it). It will be needed to decrypt your backups.
+
+Now you can use restic:
+
+```bash
+# Initialize the bucket, must be run once
+restic init
+
+# Backup your PostgreSQL database
+# (We suppose your PostgreSQL daemon is stopped for all commands)
+restic backup /var/lib/postgresql
+
+# Show backup history
+restic snapshots
+
+# Backup again your PostgreSQL database, it will be faster as only changes will be uploaded
+restic backup /var/lib/postgresql
+
+# Show backup history (again)
+restic snapshots
+
+# Restore a backup
+# (79766175 is the ID of the snapshot you want to restore)
+mv /var/lib/postgresql /var/lib/postgresql.broken
+restic restore 79766175 --target /var/lib/postgresql
+```
+
+Restic has way more features than the ones presented here.
+You can discover all of them by accessing its documentation from the link below.
+
+
 *External links:* [Restic Documentation > Amazon S3](https://restic.readthedocs.io/en/stable/030_preparing_a_new_repo.html#amazon-s3)
 
 ## Duplicity

doc/book/connect/websites.md

@@ -3,7 +3,7 @@ title = "Websites (Hugo, Jekyll, Publii...)"
 weight = 10
 +++
 
-Garage is also suitable to host static websites.
+Garage is also suitable [to host static websites](@/documentation/cookbook/exposing-websites.md).
 While they can be deployed with traditional CLI tools, some static website generators have integrated options to ease your workflow.
 
 | Name | Status | Note |

doc/book/cookbook/from-source.md

@@ -20,6 +20,24 @@ sudo apt-get update
 sudo apt-get install build-essential
 ```
 
+## Using source from the Gitea repository (recommended)
+
+The primary location for Garage's source code is the
+[Gitea repository](https://git.deuxfleurs.fr/Deuxfleurs/garage).
+
+Clone the repository and build Garage with the following commands:
+
+```bash
+git clone https://git.deuxfleurs.fr/Deuxfleurs/garage.git
+cd garage
+cargo build
+```
+
+Be careful, as this will make a debug build of Garage, which will be extremely slow!
+To make a release build, invoke `cargo build --release` (this takes much longer).
+
+The binaries built this way are found in `target/{debug,release}/garage`.
+
 ## Using source from `crates.io`
 
 Garage's source code is published on `crates.io`, Rust's official package repository.
@@ -39,21 +57,20 @@ sudo cp $HOME/.cargo/bin/garage /usr/local/bin/garage
 ```
 
 
-## Using source from the Gitea repository
+## Selecting features to activate in your build
 
-The primary location for Garage's source code is the
-[Gitea repository](https://git.deuxfleurs.fr/Deuxfleurs/garage).
-
-Clone the repository and build Garage with the following commands:
-
-```bash
-git clone https://git.deuxfleurs.fr/Deuxfleurs/garage.git
-cd garage
-cargo build
-```
-
-Be careful, as this will make a debug build of Garage, which will be extremely slow!
-To make a release build, invoke `cargo build --release` (this takes much longer).
-
-The binaries built this way are found in `target/{debug,release}/garage`.
+Garage supports a number of compilation options in the form of Cargo features,
+which can be used to provide builds adapted to your system and your use case.
+The following features are available:
 
+| Feature | Enabled | Description |
+| ------- | ------- | ----------- |
+| `bundled-libs` | BY DEFAULT | Use bundled version of sqlite3, zstd, lmdb and libsodium |
+| `system-libs` | optional | Use system version of sqlite3, zstd, lmdb and libsodium if available (exclusive with `bundled-libs`, build using `cargo build --no-default-features --features system-libs`) |
+| `k2v` | optional | Enable the experimental K2V API (if used, all nodes on your Garage cluster must have it enabled as well) |
+| `kubernetes-discovery` | optional | Enable automatic registration and discovery of cluster nodes through the Kubernetes API |
+| `metrics` | BY DEFAULT | Enable collection of metrics in Prometheus format on the admin API |
+| `telemetry-otlp` | optional | Enable collection of execution traces using OpenTelemetry |
+| `sled` | BY DEFAULT | Enable using Sled to store Garage's metadata |
+| `lmdb` | optional | Enable using LMDB to store Garage's metadata |
+| `sqlite` | optional | Enable using Sqlite3 to store Garage's metadata |

doc/book/cookbook/reverse-proxy.md

@@ -100,7 +100,7 @@ server {
 }
 ```
 
-## Exposing the web endpoint
+### Exposing the web endpoint
 
 To better understand the logic involved, you can refer to the [Exposing buckets as websites](/cookbook/exposing_websites.html) section.
 Otherwise, the configuration is very similar to the S3 endpoint.
@@ -140,6 +140,165 @@ server {
 
 @TODO
 
-## Traefik
+## Traefik v2
+
+We will see in this part how to set up a reverse proxy with [Traefik](https://docs.traefik.io/).
+
+Here is [a basic configuration file](https://doc.traefik.io/traefik/https/acme/#configuration-examples):
+
+```toml
+[entryPoints]
+  [entryPoints.web]
+    address = ":80"
+
+  [entryPoints.websecure]
+    address = ":443"
+
+[certificatesResolvers.myresolver.acme]
+  email = "your-email@example.com"
+  storage = "acme.json"
+  [certificatesResolvers.myresolver.acme.httpChallenge]
+    # used during the challenge
+    entryPoint = "web"
+```
+
+### Add Garage service
+
+To add Garage on Traefik you should declare a new service using its IP address (or hostname) and port:
+
+```toml
+[http.services]
+  [http.services.my_garage_service.loadBalancer]
+    [[http.services.my_garage_service.loadBalancer.servers]]
+      url = "http://xxx.xxx.xxx.xxx"
+      port = 3900
+```
+
+It's possible to declare multiple Garage servers as back-ends:
+
+```toml
+[http.services]
+    [[http.services.my_garage_service.loadBalancer.servers]]
+      url = "http://xxx.xxx.xxx.xxx"
+      port = 3900
+    [[http.services.my_garage_service.loadBalancer.servers]]
+      url = "http://yyy.yyy.yyy.yyy"
+      port = 3900
+    [[http.services.my_garage_service.loadBalancer.servers]]
+      url = "http://zzz.zzz.zzz.zzz"
+      port = 3900
+```
+
+Traefik can remove unhealthy servers automatically with [a health check configuration](https://doc.traefik.io/traefik/routing/services/#health-check):
+
+```
+[http.services]
+  [http.services.my_garage_service.loadBalancer]
+    [http.services.my_garage_service.loadBalancer.healthCheck]
+      path = "/"
+      interval = "60s"
+      timeout = "5s"
+```
+
+### Adding a website
+
+To add a new website, add the following declaration to your Traefik configuration file:
+
+```toml
+[http.routers]
+  [http.routers.my_website]
+    rule = "Host(`yoururl.example.org`)"
+    service = "my_garage_service"
+    entryPoints = ["web"]
+```
+
+Enable HTTPS access to your website with the following configuration section ([documentation](https://doc.traefik.io/traefik/https/overview/)):
+
+```toml
+...
+    entryPoints = ["websecure"]
+    [http.routers.my_website.tls]
+      certResolver = "myresolver"
+...
+```
+
+### Adding gzip compression
+
+Add the following configuration section [to compress response](https://doc.traefik.io/traefik/middlewares/http/compress/) using [gzip](https://developer.mozilla.org/en-US/docs/Glossary/GZip_compression) before sending them to the client:
+
+```toml
+[http.routers]
+  [http.routers.my_website]
+    ...
+    middlewares = ["gzip_compress"]
+    ...
+[http.middlewares]
+  [http.middlewares.gzip_compress.compress]
+```
+
+### Add caching response
+
+Traefik's caching middleware is only available on [entreprise version](https://doc.traefik.io/traefik-enterprise/middlewares/http-cache/), however the freely-available [Souin plugin](https://github.com/darkweak/souin#tr%C3%A6fik-container) can also do the job. (section to be completed)
+
+### Complete example
+
+```toml
+[entryPoints]
+  [entryPoints.web]
+    address = ":80"
+
+  [entryPoints.websecure]
+    address = ":443"
+
+[certificatesResolvers.myresolver.acme]
+  email = "your-email@example.com"
+  storage = "acme.json"
+  [certificatesResolvers.myresolver.acme.httpChallenge]
+    # used during the challenge
+    entryPoint = "web"
+
+[http.routers]
+  [http.routers.my_website]
+    rule = "Host(`yoururl.example.org`)"
+    service = "my_garage_service"
+    middlewares = ["gzip_compress"]
+    entryPoints = ["websecure"]
+
+[http.services]
+  [http.services.my_garage_service.loadBalancer]
+    [http.services.my_garage_service.loadBalancer.healthCheck]
+      path = "/"
+      interval = "60s"
+      timeout = "5s"
+    [[http.services.my_garage_service.loadBalancer.servers]]
+      url = "http://xxx.xxx.xxx.xxx"
+    [[http.services.my_garage_service.loadBalancer.servers]]
+      url = "http://yyy.yyy.yyy.yyy"
+    [[http.services.my_garage_service.loadBalancer.servers]]
+      url = "http://zzz.zzz.zzz.zzz"
+
+[http.middlewares]
+  [http.middlewares.gzip_compress.compress]
+```
+
+## Caddy
+
+Your Caddy configuration can be as simple as:
+
+```caddy
+s3.garage.tld, *.s3.garage.tld {
+	reverse_proxy localhost:3900 192.168.1.2:3900 example.tld:3900
+}
+
+*.web.garage.tld {
+	reverse_proxy localhost:3902 192.168.1.2:3900 example.tld:3900
+}
+
+admin.garage.tld {
+	reverse_proxy localhost:3903
+}
+```
+
+But at the same time, the `reverse_proxy` is very flexible.
+For a production deployment, you should [read its documentation](https://caddyserver.com/docs/caddyfile/directives/reverse_proxy) as it supports features like DNS discovery of upstreams, load balancing with checks, streaming parameters, etc.
 
-@TODO

doc/book/quick-start/_index.md

@@ -249,16 +249,6 @@ mc alias set \
   --api S3v4
 ```
 
-You must also add an environment variable to your configuration to
-inform MinIO of our region (`garage` by default, corresponding to the `s3_region` parameter
-in the configuration file).
-The best way is to add the following snippet to your `$HOME/.bash_profile`
-or `$HOME/.bashrc` file:
-
-```bash
-export MC_REGION=garage
-```
-
 ### Use `mc`
 
 You can not list buckets from `mc` currently.

doc/book/reference-manual/admin-api.md

@@ -0,0 +1,644 @@
++++
+title = "Administration API"
+weight = 16
++++
+
+The Garage administration API is accessible through a dedicated server whose
+listen address is specified in the `[admin]` section of the configuration
+file (see [configuration file
+reference](@/documentation/reference-manual/configuration.md))
+
+**WARNING.** At this point, there is no comittement to stability of the APIs described in this document.
+We will bump the version numbers prefixed to each API endpoint at each time the syntax
+or semantics change, meaning that code that relies on these endpoint will break
+when changes are introduced.
+
+The Garage administration API was introduced in version 0.7.2, this document
+does not apply to older versions of Garage.
+
+
+## Access control
+
+The admin API uses two different tokens for acces control, that are specified in the config file's `[admin]` section:
+
+- `metrics_token`: the token for accessing the Metrics endpoint (if this token
+  is not set in the config file, the Metrics endpoint can be accessed without
+  access control);
+
+- `admin_token`: the token for accessing all of the other administration
+  endpoints (if this token is not set in the config file, access to these
+  endpoints is disabled entirely).
+
+These tokens are used as simple HTTP bearer tokens. In other words, to
+authenticate access to an admin API endpoint, add the following HTTP header
+to your request:
+
+```
+Authorization: Bearer <token>
+```
+
+## Administration API endpoints
+
+### Metrics-related endpoints
+
+#### Metrics `GET /metrics`
+
+Returns internal Garage metrics in Prometheus format.
+
+### Cluster operations
+
+#### GetClusterStatus `GET /v0/status`
+
+Returns the cluster's current status in JSON, including:
+
+- ID of the node being queried and its version of the Garage daemon
+- Live nodes
+- Currently configured cluster layout
+- Staged changes to the cluster layout
+
+Example response body:
+
+```json
+{
+  "node": "ec79480e0ce52ae26fd00c9da684e4fa56658d9c64cdcecb094e936de0bfe71f",
+  "garage_version": "git:v0.8.0",
+  "knownNodes": {
+    "ec79480e0ce52ae26fd00c9da684e4fa56658d9c64cdcecb094e936de0bfe71f": {
+      "addr": "10.0.0.11:3901",
+      "is_up": true,
+      "last_seen_secs_ago": 9,
+      "hostname": "node1"
+    },
+    "4a6ae5a1d0d33bf895f5bb4f0a418b7dc94c47c0dd2eb108d1158f3c8f60b0ff": {
+      "addr": "10.0.0.12:3901",
+      "is_up": true,
+      "last_seen_secs_ago": 1,
+      "hostname": "node2"
+    },
+    "23ffd0cdd375ebff573b20cc5cef38996b51c1a7d6dbcf2c6e619876e507cf27": {
+      "addr": "10.0.0.21:3901",
+      "is_up": true,
+      "last_seen_secs_ago": 7,
+      "hostname": "node3"
+    },
+    "e2ee7984ee65b260682086ec70026165903c86e601a4a5a501c1900afe28d84b": {
+      "addr": "10.0.0.22:3901",
+      "is_up": true,
+      "last_seen_secs_ago": 1,
+      "hostname": "node4"
+    }
+  },
+  "layout": {
+    "version": 12,
+    "roles": {
+      "ec79480e0ce52ae26fd00c9da684e4fa56658d9c64cdcecb094e936de0bfe71f": {
+        "zone": "dc1",
+        "capacity": 4,
+        "tags": [
+          "node1"
+        ]
+      },
+      "4a6ae5a1d0d33bf895f5bb4f0a418b7dc94c47c0dd2eb108d1158f3c8f60b0ff": {
+        "zone": "dc1",
+        "capacity": 6,
+        "tags": [
+          "node2"
+        ]
+      },
+      "23ffd0cdd375ebff573b20cc5cef38996b51c1a7d6dbcf2c6e619876e507cf27": {
+        "zone": "dc2",
+        "capacity": 10,
+        "tags": [
+          "node3"
+        ]
+      }
+    },
+    "stagedRoleChanges": {
+      "e2ee7984ee65b260682086ec70026165903c86e601a4a5a501c1900afe28d84b": {
+        "zone": "dc2",
+        "capacity": 5,
+        "tags": [
+          "node4"
+        ]
+      }
+    }
+  }
+}
+```
+
+#### ConnectClusterNodes `POST /v0/connect`
+
+Instructs this Garage node to connect to other Garage nodes at specified addresses.
+
+Example request body:
+
+```json
+[
+    "ec79480e0ce52ae26fd00c9da684e4fa56658d9c64cdcecb094e936de0bfe71f@10.0.0.11:3901",
+    "4a6ae5a1d0d33bf895f5bb4f0a418b7dc94c47c0dd2eb108d1158f3c8f60b0ff@10.0.0.12:3901"
+]
+```
+
+The format of the string for a node to connect to is: `<node ID>@<ip address>:<port>`, same as in the `garage node connect` CLI call.
+
+Example response:
+
+```json
+[
+    {
+        "success": true,
+        "error": null
+    },
+    {
+        "success": false,
+        "error": "Handshake error"
+    }
+]
+```
+
+#### GetClusterLayout `GET /v0/layout`
+
+Returns the cluster's current layout in JSON, including:
+
+- Currently configured cluster layout
+- Staged changes to the cluster layout
+
+(the info returned by this endpoint is a subset of the info returned by GetClusterStatus)
+
+Example response body:
+
+```json
+{
+  "version": 12,
+  "roles": {
+    "ec79480e0ce52ae26fd00c9da684e4fa56658d9c64cdcecb094e936de0bfe71f": {
+      "zone": "dc1",
+      "capacity": 4,
+      "tags": [
+        "node1"
+      ]
+    },
+    "4a6ae5a1d0d33bf895f5bb4f0a418b7dc94c47c0dd2eb108d1158f3c8f60b0ff": {
+      "zone": "dc1",
+      "capacity": 6,
+      "tags": [
+        "node2"
+      ]
+    },
+    "23ffd0cdd375ebff573b20cc5cef38996b51c1a7d6dbcf2c6e619876e507cf27": {
+      "zone": "dc2",
+      "capacity": 10,
+      "tags": [
+        "node3"
+      ]
+    }
+  },
+  "stagedRoleChanges": {
+    "e2ee7984ee65b260682086ec70026165903c86e601a4a5a501c1900afe28d84b": {
+      "zone": "dc2",
+      "capacity": 5,
+      "tags": [
+        "node4"
+      ]
+    }
+  }
+}
+```
+
+#### UpdateClusterLayout `POST /v0/layout`
+
+Send modifications to the cluster layout. These modifications will
+be included in the staged role changes, visible in subsequent calls
+of `GetClusterLayout`. Once the set of staged changes is satisfactory,
+the user may call `ApplyClusterLayout` to apply the changed changes,
+or `Revert ClusterLayout` to clear all of the staged changes in
+the layout.
+
+Request body format:
+
+```json
+{
+  <node_id>: {
+    "capacity": <new_capacity>,
+    "zone": <new_zone>,
+    "tags": [
+      <new_tag>,
+      ...
+    ]
+  },
+  <node_id_to_remove>: null,
+  ...
+}
+```
+
+Contrary to the CLI that may update only a subset of the fields
+`capacity`, `zone` and `tags`, when calling this API all of these
+values must be specified.
+
+
+#### ApplyClusterLayout `POST /v0/layout/apply`
+
+Applies to the cluster the layout changes currently registered as
+staged layout changes.
+
+Request body format:
+
+```json
+{
+  "version": 13
+}
+```
+
+Similarly to the CLI, the body must include the version of the new layout
+that will be created, which MUST be 1 + the value of the currently
+existing layout in the cluster.
+
+#### RevertClusterLayout `POST /v0/layout/revert`
+
+Clears all of the staged layout changes.
+
+Request body format:
+
+```json
+{
+  "version": 13
+}
+```
+
+Reverting the staged changes is done by incrementing the version number
+and clearing the contents of the staged change list.
+Similarly to the CLI, the body must include the incremented
+version number, which MUST be 1 + the value of the currently
+existing layout in the cluster.
+
+
+### Access key operations
+
+#### ListKeys `GET /v0/key`
+
+Returns all API access keys in the cluster.
+
+Example response:
+
+```json
+[
+  {
+    "id": "GK31c2f218a2e44f485b94239e",
+    "name": "test"
+  },
+  {
+    "id": "GKe10061ac9c2921f09e4c5540",
+    "name": "test2"
+  }
+]
+```
+
+#### CreateKey `POST /v0/key`
+
+Creates a new API access key.
+
+Request body format:
+
+```json
+{
+    "name": "NameOfMyKey"
+}
+```
+
+#### ImportKey `POST /v0/key/import`
+
+Imports an existing API key.
+
+Request body format:
+
+```json
+{
+    "accessKeyId": "GK31c2f218a2e44f485b94239e",
+    "secretAccessKey": "b892c0665f0ada8a4755dae98baa3b133590e11dae3bcc1f9d769d67f16c3835",
+    "name": "NameOfMyKey"
+}
+```
+
+#### GetKeyInfo `GET /v0/key?id=<acces key id>`
+#### GetKeyInfo `GET /v0/key?search=<pattern>`
+
+Returns information about the requested API access key.
+
+If `id` is set, the key is looked up using its exact identifier (faster).
+If `search` is set, the key is looked up using its name or prefix
+of identifier (slower, all keys are enumerated to do this).
+
+Example response:
+
+```json
+{
+  "name": "test",
+  "accessKeyId": "GK31c2f218a2e44f485b94239e",
+  "secretAccessKey": "b892c0665f0ada8a4755dae98baa3b133590e11dae3bcc1f9d769d67f16c3835",
+  "permissions": {
+    "createBucket": false
+  },
+  "buckets": [
+    {
+      "id": "70dc3bed7fe83a75e46b66e7ddef7d56e65f3c02f9f80b6749fb97eccb5e1033",
+      "globalAliases": [
+        "test2"
+      ],
+      "localAliases": [],
+      "permissions": {
+        "read": true,
+        "write": true,
+        "owner": false
+      }
+    },
+    {
+      "id": "d7452a935e663fc1914f3a5515163a6d3724010ce8dfd9e4743ca8be5974f995",
+      "globalAliases": [
+        "test3"
+      ],
+      "localAliases": [],
+      "permissions": {
+        "read": true,
+        "write": true,
+        "owner": false
+      }
+    },
+    {
+      "id": "e6a14cd6a27f48684579ec6b381c078ab11697e6bc8513b72b2f5307e25fff9b",
+      "globalAliases": [],
+      "localAliases": [
+        "test"
+      ],
+      "permissions": {
+        "read": true,
+        "write": true,
+        "owner": true
+      }
+    },
+    {
+      "id": "96470e0df00ec28807138daf01915cfda2bee8eccc91dea9558c0b4855b5bf95",
+      "globalAliases": [
+        "alex"
+      ],
+      "localAliases": [],
+      "permissions": {
+        "read": true,
+        "write": true,
+        "owner": true
+      }
+    }
+  ]
+}
+```
+
+#### DeleteKey `DELETE /v0/key?id=<acces key id>`
+
+Deletes an API access key.
+
+#### UpdateKey `POST /v0/key?id=<acces key id>`
+
+Updates information about the specified API access key.
+
+Request body format:
+
+```json
+{
+    "name": "NameOfMyKey",
+    "allow": {
+        "createBucket": true,
+    },
+    "deny": {}
+}
+```
+
+All fields (`name`, `allow` and `deny`) are optionnal.
+If they are present, the corresponding modifications are applied to the key, otherwise nothing is changed.
+The possible flags in `allow` and `deny` are: `createBucket`.
+
+
+### Bucket operations
+
+#### ListBuckets `GET /v0/bucket`
+
+Returns all storage buckets in the cluster.
+
+Example response:
+
+```json
+[
+  {
+    "id": "70dc3bed7fe83a75e46b66e7ddef7d56e65f3c02f9f80b6749fb97eccb5e1033",
+    "globalAliases": [
+      "test2"
+    ],
+    "localAliases": []
+  },
+  {
+    "id": "96470e0df00ec28807138daf01915cfda2bee8eccc91dea9558c0b4855b5bf95",
+    "globalAliases": [
+      "alex"
+    ],
+    "localAliases": []
+  },
+  {
+    "id": "d7452a935e663fc1914f3a5515163a6d3724010ce8dfd9e4743ca8be5974f995",
+    "globalAliases": [
+      "test3"
+    ],
+    "localAliases": []
+  },
+  {
+    "id": "e6a14cd6a27f48684579ec6b381c078ab11697e6bc8513b72b2f5307e25fff9b",
+    "globalAliases": [],
+    "localAliases": [
+      {
+        "accessKeyId": "GK31c2f218a2e44f485b94239e",
+        "alias": "test"
+      }
+    ]
+  }
+]
+```
+
+#### GetBucketInfo `GET /v0/bucket?id=<bucket id>`
+#### GetBucketInfo `GET /v0/bucket?globalAlias=<alias>`
+
+Returns information about the requested storage bucket.
+
+If `id` is set, the bucket is looked up using its exact identifier.
+If `globalAlias` is set, the bucket is looked up using its global alias.
+(both are fast)
+
+Example response:
+
+```json
+{
+    "id": "afa8f0a22b40b1247ccd0affb869b0af5cff980924a20e4b5e0720a44deb8d39",
+        "globalAliases": [],
+        "websiteAccess": false,
+        "websiteConfig": null,
+        "keys": [
+        {
+            "accessKeyId": "GK31c2f218a2e44f485b94239e",
+            "name": "Imported key",
+            "permissions": {
+                "read": true,
+                "write": true,
+                "owner": true
+            },
+            "bucketLocalAliases": [
+                "debug"
+            ]
+        }
+        ],
+        "objects": 14827,
+        "bytes": 13189855625,
+        "unfinshedUploads": 0,
+        "quotas": {
+            "maxSize": null,
+            "maxObjects": null
+        }
+}
+```
+
+#### CreateBucket `POST /v0/bucket`
+
+Creates a new storage bucket.
+
+Request body format:
+
+```json
+{
+    "globalAlias": "NameOfMyBucket"
+}
+```
+
+OR
+
+```json
+{
+    "localAlias": {
+        "accessKeyId": "GK31c2f218a2e44f485b94239e",
+        "alias": "NameOfMyBucket",
+        "allow": {
+            "read": true,
+            "write": true,
+            "owner": false
+        }
+    }
+}
+```
+
+OR
+
+```json
+{}
+```
+
+Creates a new bucket, either with a global alias, a local one,
+or no alias at all.
+
+Technically, you can also specify both `globalAlias` and `localAlias` and that would create
+two aliases, but I don't see why you would want to do that.
+
+#### DeleteBucket `DELETE /v0/bucket?id=<bucket id>`
+
+Deletes a storage bucket. A bucket cannot be deleted if it is not empty.
+
+Warning: this will delete all aliases associated with the bucket!
+
+#### UpdateBucket `PUT /v0/bucket?id=<bucket id>`
+
+Updates configuration of the given bucket.
+
+Request body format:
+
+```json
+{
+    "websiteAccess": {
+        "enabled": true,
+        "indexDocument": "index.html",
+        "errorDocument": "404.html"
+    },
+    "quotas": {
+        "maxSize": 19029801,
+        "maxObjects": null,
+    }
+}
+```
+
+All fields (`websiteAccess` and `quotas`) are optionnal.
+If they are present, the corresponding modifications are applied to the bucket, otherwise nothing is changed.
+
+In `websiteAccess`: if `enabled` is `true`, `indexDocument` must be specified.
+The field `errorDocument` is optional, if no error document is set a generic
+error message is displayed when errors happen. Conversely, if `enabled` is
+`false`, neither `indexDocument` nor `errorDocument` must be specified.
+
+In `quotas`: new values of `maxSize` and `maxObjects` must both be specified, or set to `null`
+to remove the quotas. An absent value will be considered the same as a `null`. It is not possible
+to change only one of the two quotas.
+
+### Operations on permissions for keys on buckets
+
+#### BucketAllowKey `POST /v0/bucket/allow`
+
+Allows a key to do read/write/owner operations on a bucket.
+
+Request body format:
+
+```json
+{
+    "bucketId": "e6a14cd6a27f48684579ec6b381c078ab11697e6bc8513b72b2f5307e25fff9b",
+    "accessKeyId": "GK31c2f218a2e44f485b94239e",
+    "permissions": {
+        "read": true,
+        "write": true,
+        "owner": true
+    },
+}
+```
+
+Flags in `permissions` which have the value `true` will be activated.
+Other flags will remain unchanged.
+
+#### BucketDenyKey `POST /v0/bucket/deny`
+
+Denies a key from doing read/write/owner operations on a bucket.
+
+Request body format:
+
+```json
+{
+    "bucketId": "e6a14cd6a27f48684579ec6b381c078ab11697e6bc8513b72b2f5307e25fff9b",
+    "accessKeyId": "GK31c2f218a2e44f485b94239e",
+    "permissions": {
+        "read": false,
+        "write": false,
+        "owner": true
+    },
+}
+```
+
+Flags in `permissions` which have the value `true` will be deactivated.
+Other flags will remain unchanged.
+
+
+### Operations on bucket aliases
+
+#### GlobalAliasBucket `PUT /v0/bucket/alias/global?id=<bucket id>&alias=<global alias>`
+
+Empty body. Creates a global alias for a bucket.
+
+#### GlobalUnaliasBucket `DELETE /v0/bucket/alias/global?id=<bucket id>&alias=<global alias>`
+
+Removes a global alias for a bucket.
+
+#### LocalAliasBucket `PUT /v0/bucket/alias/local?id=<bucket id>&accessKeyId=<access key ID>&alias=<local alias>`
+
+Empty body. Creates a local alias for a bucket in the namespace of a specific access key.
+
+#### LocalUnaliasBucket `DELETE /v0/bucket/alias/local?id=<bucket id>&accessKeyId<access key ID>&alias=<local alias>`
+
+Removes a local alias for a bucket in the namespace of a specific access key.
+

doc/book/reference-manual/configuration.md

@@ -10,6 +10,7 @@ metadata_dir = "/var/lib/garage/meta"
 data_dir = "/var/lib/garage/data"
 
 block_size = 1048576
+block_manager_background_tranquility = 2
 
 replication_mode = "3"
 
@@ -47,6 +48,8 @@ root_domain = ".web.garage"
 
 [admin]
 api_bind_addr = "0.0.0.0:3903"
+metrics_token = "cacce0b2de4bc2d9f5b5fdff551e01ac1496055aed248202d415398987e35f81"
+admin_token = "ae8cb40ea7368bbdbb6430af11cca7da833d3458a5f52086f4e805a570fb5c2a"
 trace_sink = "http://localhost:4317"
 ```
 
@@ -84,6 +87,17 @@ files will remain available. This however means that chunks from existing files
 will not be deduplicated with chunks from newly uploaded files, meaning you
 might use more storage space that is optimally possible.
 
+### `block_manager_background_tranquility`
+
+This parameter tunes the activity of the background worker responsible for
+resyncing data blocks between nodes. The higher the tranquility value is set,
+the more the background worker will wait between iterations, meaning the load
+on the system (including network usage between nodes) will be reduced. The
+minimal value for this parameter is `0`, where the background worker will
+allways work at maximal throughput to resynchronize blocks. The default value
+is `2`, where the background worker will try to spend at most 1/3 of its time
+working, and 2/3 sleeping in order to reduce system load.
+
 ### `replication_mode`
 
 Garage supports the following replication modes:
@@ -326,10 +340,24 @@ Garage has a few administration capabilities, in particular to allow remote moni
 ### `api_bind_addr`
 
 If specified, Garage will bind an HTTP server to this port and address, on
-which it will listen to requests for administration features. Currently,
-this endpoint only exposes Garage metrics in the Prometheus format at
-`/metrics`. This endpoint is not authenticated. In the future, bucket and
-access key management might be possible by REST calls to this endpoint.
+which it will listen to requests for administration features.
+See [administration API reference](@/documentation/reference-manual/admin-api.md) to learn more about these features.
+
+### `metrics_token` (since version 0.7.2)
+
+The token for accessing the Metrics endpoint. If this token is not set in
+the config file, the Metrics endpoint can be accessed without access
+control.
+
+You can use any random string for this value. We recommend generating a random token with `openssl rand -hex 32`.
+
+### `admin_token` (since version 0.7.2)
+
+The token for accessing all of the other administration endpoints.  If this
+token is not set in the config file, access to these endpoints is disabled
+entirely.
+
+You can use any random string for this value. We recommend generating a random token with `openssl rand -hex 32`.
 
 ### `trace_sink`
 

doc/book/reference-manual/k2v.md

@@ -0,0 +1,58 @@
++++
+title = "K2V"
+weight = 30
++++
+
+Starting with version 0.7.2, Garage introduces an optionnal feature, K2V,
+which is an alternative storage API designed to help efficiently store
+many small values in buckets (in opposition to S3 which is more designed
+to store large blobs).
+
+K2V is currently disabled at compile time in all builds, as the
+specification is still subject to changes. To build a Garage version with
+K2V, the Cargo feature flag `k2v` must be activated.  Special builds with
+the `k2v` feature flag enabled can be obtained from our download page under
+"Extra builds": such builds can be identified easily as their tag name ends
+with `-k2v` (example: `v0.7.2-k2v`).
+
+The specification of the K2V API can be found
+[here](https://git.deuxfleurs.fr/Deuxfleurs/garage/src/branch/k2v/doc/drafts/k2v-spec.md).
+This document also includes a high-level overview of K2V's design.
+
+The K2V API uses AWSv4 signatures for authentification, same as the S3 API.
+The AWS region used for signature calculation is always the same as the one
+defined for the S3 API in the config file.
+
+## Enabling and using K2V
+
+To enable K2V, download and run a build that has the `k2v` feature flag
+enabled, or produce one yourself. Then, add the following section to your
+configuration file:
+
+```toml
+[k2v_api]
+api_bind_addr = "<ip>:<port>"
+```
+
+Please select a port number that is not already in use by another API
+endpoint (S3 api, admin API) or by the RPC server.
+
+We provide an early-stage K2V client library for Rust which can be imported by adding the following to your `Cargo.toml` file:
+
+```toml
+k2v-client = { git = "https://git.deuxfleurs.fr/Deuxfleurs/garage.git" }
+```
+
+There is also a simple CLI utility which can be built from source in the
+following way:
+
+```sh
+git clone https://git.deuxfleurs.fr/Deuxfleurs/garage.git
+cd garage/src/k2v-client
+cargo build --features cli --bin k2v-cli
+```
+
+The CLI utility is self-documented, run `k2v-cli --help` to learn how to use
+it. There is also a short README.md in the `src/k2v-client` folder with some
+instructions.
+

doc/book/reference-manual/s3-compatibility.md

@@ -3,24 +3,46 @@ title = "S3 Compatibility status"
 weight = 20
 +++
 
-## Endpoint implementation
+## DISCLAIMER
 
-All APIs that are missing on Garage will return a 501 Not Implemented.
-Some `x-amz-` headers are not implemented.
+**The compatibility list for other platforms is given only for informational
+purposes and based on available documentation.** They are sometimes completed,
+in a best effort approach, with the source code and inputs from maintainers
+when documentation is lacking. We are not proactively monitoring new versions
+of each software: check the modification history to know when the page has been
+updated for the last time. Some entries will be inexact or outdated. For any
+serious decision, you must make your own tests.
+**The official documentation of each project can be accessed by clicking on the
+project name in the column header.**
 
-*The compatibility list for other platforms is given only for information purposes and based on available documentation. Some entries might be inexact. Feel free to open a PR to fix this table. Minio is missing because they do not provide a public S3 compatibility list.*
+Feel free to open a PR to suggest fixes this table. Minio is missing because they do not provide a public S3 compatibility list.
 
-### Features
+## Update history
+
+- 2022-02-07 - First version of this page
+- 2022-05-25 - Many Ceph S3 endpoints are not documented but implemented. Following a notification from the Ceph community, we added them.
+
+
+
+## High-level features
 
 | Feature                      | Garage                           | [Openstack Swift](https://docs.openstack.org/swift/latest/s3_compat.html) | [Ceph Object Gateway](https://docs.ceph.com/en/latest/radosgw/s3/) | [Riak CS](https://docs.riak.com/riak/cs/2.1.1/references/apis/storage/s3/index.html) | [OpenIO](https://docs.openio.io/latest/source/arch-design/s3_compliancy.html) |
 |------------------------------|----------------------------------|-----------------|---------------|---------|-----|
-| [signature v2](https://docs.aws.amazon.com/general/latest/gr/signature-version-2.html) (deprecated) | ❌ Missing | ✅ |  ❌ | ✅ | ✅ |
+| [signature v2](https://docs.aws.amazon.com/general/latest/gr/signature-version-2.html) (deprecated) | ❌ Missing | ✅ |  ✅ | ✅ | ✅ |
 | [signature v4](https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html) |  ✅ Implemented |  ✅ |  ✅ | ❌ | ✅ |
 | [URL path-style](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#path-style-access) (eg. `host.tld/bucket/key`) |  ✅ Implemented | ✅ |  ✅ | ❓| ✅ |
 | [URL vhost-style](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#virtual-hosted-style-access) URL (eg. `bucket.host.tld/key`) |  ✅ Implemented | ❌| ✅| ✅ | ✅ |
 | [Presigned URLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html) |  ✅ Implemented | ❌|  ✅ | ✅ |  ✅(❓) |
 
-*Note:* OpenIO does not says if it supports presigned URLs. Because it is part of signature v4 and they claim they support it without additional precisions, we suppose that OpenIO supports presigned URLs.
+*Note:* OpenIO does not says if it supports presigned URLs. Because it is part
+of signature v4 and they claim they support it without additional precisions,
+we suppose that OpenIO supports presigned URLs.
+
+
+## Endpoint implementation
+
+All endpoints that are missing on Garage will return a 501 Not Implemented.
+Some `x-amz-` headers are not implemented.
 
 ### Core endoints
 
@@ -37,13 +59,17 @@ Some `x-amz-` headers are not implemented.
 | [DeleteObjects](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjects.html)                | ✅ Implemented                      |  ✅  | ✅ | ✅ | ✅ |
 | [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)                    | ✅ Implemented                      |  ✅ | ✅ | ✅ | ✅ |
 | [ListObjects](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html)                  | ✅ Implemented (see details below)   | ✅ | ✅ |  ✅ | ❌|
-| [ListObjectsV2](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html)                | ✅ Implemented                      | ❌| ❌| ❌| ✅ |
-| [PostObject](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectPOST.html) (compatibility API)                   |  ❌ Missing                      | ❌| ✅ | ❌| ❌|
+| [ListObjectsV2](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html)                | ✅ Implemented                      | ❌|  ✅  | ❌| ✅ |
+| [PostObject](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectPOST.html)                  | ✅ Implemented                      | ❌| ✅ | ❌| ❌|
 | [PutObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)                    | ✅ Implemented                      | ✅ | ✅ | ✅ | ✅ |
 
-**ListObjects:** Implemented, but there isn't a very good specification of what `encoding-type=url` covers so there might be some encoding bugs. In our implementation the url-encoded fields are in the same in ListObjects as they are in ListObjectsV2.
+**ListObjects:** Implemented, but there isn't a very good specification of what
+`encoding-type=url` covers so there might be some encoding bugs. In our
+implementation the url-encoded fields are in the same in ListObjects as they
+are in ListObjectsV2.
 
-*Note: Ceph API documentation is incomplete and miss at least HeadBucket and UploadPartCopy, but these endpoints are documented in [Red Hat Ceph Storage - Chapter 2. Ceph Object Gateway and the S3 API](https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/4/html/developer_guide/ceph-object-gateway-and-the-s3-api)*
+*Note: Ceph API documentation is incomplete and lacks at least HeadBucket and UploadPartCopy,
+but these endpoints are documented in [Red Hat Ceph Storage - Chapter 2. Ceph Object Gateway and the S3 API](https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/4/html/developer_guide/ceph-object-gateway-and-the-s3-api)*
 
 ### Multipart Upload endpoints
 
@@ -67,13 +93,13 @@ For more information, please refer to our [issue tracker](https://git.deuxfleurs
 | [DeleteBucketWebsite](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketWebsite.html)          | ✅ Implemented                      | ❌| ❌| ❌| ❌|
 | [GetBucketWebsite](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketWebsite.html)             | ✅ Implemented                      |  ❌ | ❌| ❌| ❌|
 | [PutBucketWebsite](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html)             | ⚠ Partially implemented (see below)| ❌| ❌| ❌| ❌|
-| [DeleteBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketCors.html)             | ✅ Implemented                      |  ❌| ❌| ❌| ✅ |
-| [GetBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketCors.html)                | ✅ Implemented                      |  ❌ | ❌| ❌| ✅ |
-| [PutBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html)                | ✅ Implemented                      | ❌| ❌| ❌| ✅ |
+| [DeleteBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketCors.html)             | ✅ Implemented                      |  ❌|  ✅ | ❌| ✅ |
+| [GetBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketCors.html)                | ✅ Implemented                      |  ❌ |  ✅ | ❌| ✅ |
+| [PutBucketCors](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html)                | ✅ Implemented                      | ❌|  ✅ | ❌| ✅ |
 
 **PutBucketWebsite:** Implemented, but only stores the index document suffix and the error document path. Redirects are not supported.
 
-*Note: Ceph radosgw has some support for static websites but it is different from Amazon one plus it does not implement its configuration endpoints.*
+*Note: Ceph radosgw has some support for static websites but it is different from the Amazon one. It also does not implement its configuration endpoints.*
 
 ### ACL, Policies endpoints
 
@@ -83,27 +109,27 @@ See Garage CLI reference manual to learn how to use Garage's permission system.
 
 | Endpoint                     | Garage                           | [Openstack Swift](https://docs.openstack.org/swift/latest/s3_compat.html) | [Ceph Object Gateway](https://docs.ceph.com/en/latest/radosgw/s3/) | [Riak CS](https://docs.riak.com/riak/cs/2.1.1/references/apis/storage/s3/index.html) | [OpenIO](https://docs.openio.io/latest/source/arch-design/s3_compliancy.html) |
 |------------------------------|----------------------------------|-----------------|---------------|---------|-----|
-| [DeleteBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketPolicy.html) | ❌ Missing | ❌| ❌| ✅ | ❌|
-| [GetBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicy.html) | ❌ Missing | ❌| ❌| ⚠ | ❌|
-| [GetBucketPolicyStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html) | ❌ Missing | ❌| ❌| ❌| ❌|
-| [PutBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketPolicy.html) | ❌ Missing | ❌| ❌| ⚠ | ❌|
+| [DeleteBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketPolicy.html) | ❌ Missing | ❌|  ✅ | ✅ | ❌|
+| [GetBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicy.html) | ❌ Missing | ❌|  ✅ | ⚠ | ❌|
+| [GetBucketPolicyStatus](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
+| [PutBucketPolicy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketPolicy.html) | ❌ Missing | ❌|  ✅ | ⚠ | ❌|
 | [GetBucketAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAcl.html) | ❌ Missing | ✅ | ✅ | ✅ | ✅ |
 | [PutBucketAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAcl.html) | ❌ Missing | ✅ | ✅ | ✅ | ✅ |
 | [GetObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) | ❌ Missing | ✅ | ✅ | ✅ | ✅ |
 | [PutObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html) | ❌ Missing | ✅ | ✅ | ✅ | ✅ |
 
-*Notes:* Ceph claims that it supports bucket policies but does not implement any Policy endpoints. They probably refer to their own permission system. Riak CS only supports a subset of the policy configuration.
+*Notes:* Riak CS only supports a subset of the policy configuration.
 
 ### Versioning, Lifecycle endpoints
 
-Garage does not support (yet) object versioning.
+Garage does not (yet) support object versioning.
 If you need this feature, please [share your use case in our dedicated issue](https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/166).
 
 | Endpoint                     | Garage                           | [Openstack Swift](https://docs.openstack.org/swift/latest/s3_compat.html) | [Ceph Object Gateway](https://docs.ceph.com/en/latest/radosgw/s3/) | [Riak CS](https://docs.riak.com/riak/cs/2.1.1/references/apis/storage/s3/index.html) | [OpenIO](https://docs.openio.io/latest/source/arch-design/s3_compliancy.html) |
 |------------------------------|----------------------------------|-----------------|---------------|---------|-----|
 | [DeleteBucketLifecycle](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) | ❌ Missing | ❌| ✅| ❌| ✅|
-| [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) | ❌ Missing | ❌| ⚠ | ❌| ✅|
-| [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) | ❌ Missing | ❌| ⚠ | ❌| ✅|
+| [GetBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) | ❌ Missing | ❌| ✅ | ❌| ✅|
+| [PutBucketLifecycleConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) | ❌ Missing | ❌| ✅ | ❌| ✅|
 | [GetBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html)          | ❌ Stub (see below)       | ✅| ✅ | ❌| ✅|
 | [ListObjectVersions](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectVersions.html) | ❌ Missing | ❌| ✅ | ❌| ✅|
 | [PutBucketVersioning](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html) | ❌ Missing | ❌| ✅| ❌| ✅|
@@ -111,8 +137,6 @@ If you need this feature, please [share your use case in our dedicated issue](ht
 
 **GetBucketVersioning:** Stub implementation (Garage does not yet support versionning so this always returns "versionning not enabled").
 
-*Note: Ceph only supports `Expiration`, `NoncurrentVersionExpiration` and `AbortIncompleteMultipartUpload` on its Lifecycle endpoints.*
- 
 ### Replication endpoints
 
 Please open an issue if you have a use case for replication.
@@ -123,7 +147,10 @@ Please open an issue if you have a use case for replication.
 | [GetBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
 | [PutBucketReplication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html) | ❌ Missing | ❌| ⚠ | ❌| ❌|
 
-*Note: Ceph documentation briefly says that Ceph supports [replication though the S3 API](https://docs.ceph.com/en/latest/radosgw/multisite-sync-policy/#s3-replication-api) but with some limitations. Additionaly, replication endpoints are not documented in the S3 compatibility page so I don't know what kind of support we can expect.*
+*Note: Ceph documentation briefly says that Ceph supports
+[replication through the S3 API](https://docs.ceph.com/en/latest/radosgw/multisite-sync-policy/#s3-replication-api)
+but with some limitations.
+Additionaly, replication endpoints are not documented in the S3 compatibility page so I don't know what kind of support we can expect.*
 
 ### Locking objects
 
@@ -135,8 +162,8 @@ Amazon defines a concept of [object locking](https://docs.aws.amazon.com/AmazonS
 | [PutObjectLegalHold](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectLegalHold.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
 | [GetObjectRetention](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectRetention.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
 | [PutObjectRetention](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectRetention.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
-| [GetObjectLockConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLockConfiguration.html) | ❌ Missing | ❌| ❌| ❌| ❌|
-| [PutObjectLockConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectLockConfiguration.html) | ❌ Missing | ❌| ❌| ❌| ❌|
+| [GetObjectLockConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLockConfiguration.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
+| [PutObjectLockConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectLockConfiguration.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
 
 ### (Server-side) encryption
 
@@ -145,9 +172,9 @@ Please open an issue if you have a use case.
 
 | Endpoint                     | Garage                           | [Openstack Swift](https://docs.openstack.org/swift/latest/s3_compat.html) | [Ceph Object Gateway](https://docs.ceph.com/en/latest/radosgw/s3/) | [Riak CS](https://docs.riak.com/riak/cs/2.1.1/references/apis/storage/s3/index.html) | [OpenIO](https://docs.openio.io/latest/source/arch-design/s3_compliancy.html) |
 |------------------------------|----------------------------------|-----------------|---------------|---------|-----|
-| [DeleteBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html) | ❌ Missing | ❌| ❌| ❌| ❌|
-| [GetBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html) | ❌ Missing | ❌| ❌| ❌| ❌|
-| [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) | ❌ Missing | ❌| ❌| ❌| ❌|
+| [DeleteBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
+| [GetBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
+| [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
 
 ### Misc endpoints
 
@@ -155,13 +182,13 @@ Please open an issue if you have a use case.
 |------------------------------|----------------------------------|-----------------|---------------|---------|-----|
 | [GetBucketNotificationConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
 | [PutBucketNotificationConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotificationConfiguration.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
-| [DeleteBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html) | ❌ Missing | ❌| ❌| ❌| ✅ |
-| [GetBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html) | ❌ Missing | ❌| ❌| ❌| ✅ |
-| [PutBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) | ❌ Missing | ❌| ❌| ❌| ✅ |
-| [DeleteObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html) | ❌ Missing | ❌| ❌| ❌| ✅ |
-| [GetObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) | ❌ Missing | ❌| ❌| ❌| ✅ |
-| [PutObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html) | ❌ Missing | ❌| ❌| ❌| ✅ |
-| [GetObjectTorrent](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTorrent.html) | ❌ Missing | ❌| ❌| ❌| ❌|
+| [DeleteBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html) | ❌ Missing | ❌| ✅ | ❌| ✅ |
+| [GetBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html) | ❌ Missing | ❌| ✅ | ❌| ✅ |
+| [PutBucketTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) | ❌ Missing | ❌| ✅ | ❌| ✅ |
+| [DeleteObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html) | ❌ Missing | ❌| ✅ | ❌| ✅ |
+| [GetObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) | ❌ Missing | ❌| ✅ | ❌| ✅ |
+| [PutObjectTagging](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html) | ❌ Missing | ❌| ✅ | ❌| ✅ |
+| [GetObjectTorrent](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTorrent.html) | ❌ Missing | ❌| ✅ | ❌| ❌|
 
 ### Vendor specific endpoints
 

doc/drafts/k2v-spec.md

@@ -195,6 +195,10 @@ TO UNDERSTAND IN ORDER TO USE IT CORRECTLY.**
 
 ## API Endpoints
 
+**Remark.** Example queries and responses here are given in JSON5 format
+for clarity. However the actual K2V API uses basic JSON so all examples
+and responses need to be translated.
+
 ### Operations on single items
 
 **ReadItem: `GET /<bucket>/<partition key>?sort_key=<sort key>`**
@@ -370,8 +374,11 @@ HTTP/1.1 204 NO CONTENT
 **ReadIndex: `GET /<bucket>?start=<start>&end=<end>&limit=<limit>`**
 
 Lists all partition keys in the bucket for which some triplets exist, and gives
-for each the number of triplets (or an approximation thereof, this value is
-    asynchronously updated, and thus eventually consistent).
+for each the number of triplets, total number of values (which might be bigger
+than the number of triplets in case of conflicts), total number of bytes of
+these values, and number of triplets that are in a state of conflict.
+The values returned are an approximation of the true counts in the bucket,
+as these values are asynchronously updated, and thus eventually consistent.
 
 Query parameters:
 
@@ -426,11 +433,41 @@ HTTP/1.1 200 OK
   limit: null,
   reverse: false,
   partitionKeys: [
-    { pk: "keys", n: 3043 },
-    { pk: "mailbox:INBOX", n: 42 },
-    { pk: "mailbox:Junk", n: 2991 },
-    { pk: "mailbox:Trash", n: 10 },
-    { pk: "mailboxes", n: 3 },
+    {
+      pk: "keys",
+      entries: 3043,
+      conflicts: 0,
+      values: 3043,
+      bytes: 121720,
+    },
+    {
+      pk: "mailbox:INBOX",
+      entries: 42,
+      conflicts: 1,
+      values: 43,
+      bytes: 142029,
+    },
+    {
+      pk: "mailbox:Junk",
+      entries: 2991
+      conflicts: 0,
+      values: 2991,
+      bytes: 12019322,
+    },
+    {
+      pk: "mailbox:Trash",
+      entries: 10,
+      conflicts: 0,
+      values: 10,
+      bytes: 32401,
+    },
+    {
+      pk: "mailboxes",
+      entries: 3,
+      conflicts: 0,
+      values: 3,
+      bytes: 3019,
+    },
   ],
   more: false,
   nextStart: null,

doc/talks/2022-06-23-stack/.gitignore

@@ -0,0 +1,14 @@
+*
+
+!assets
+
+!.gitignore
+!*.svg
+!*.png
+!*.jpg
+!*.tex
+!Makefile
+!.gitignore
+!assets/*.drawio.pdf
+
+!talk.pdf

doc/talks/2022-06-23-stack/Makefile

@@ -0,0 +1,5 @@
+talk.pdf: talk.tex assets/consistent_hashing_1.pdf assets/consistent_hashing_2.pdf assets/consistent_hashing_3.pdf assets/consistent_hashing_4.pdf assets/garage_tables.pdf assets/deuxfleurs.pdf
+	pdflatex talk.tex
+
+assets/%.pdf: assets/%.svg
+	inkscape -D -z --file=$^ --export-pdf=$@

doc/talks/2022-06-23-stack/assets/deuxfleurs.svg

@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   viewBox="0 0 70.424515 70.300102"
+   version="1.1"
+   id="svg8"
+   sodipodi:docname="logo.svg"
+   inkscape:version="1.1 (c68e22c387, 2021-05-23)"
+   inkscape:export-filename="/home/quentin/Documents/dev/deuxfleurs/site/src/img/logo.png"
+   inkscape:export-xdpi="699.30194"
+   inkscape:export-ydpi="699.30194"
+   width="70.424515"
+   height="70.300102"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:svg="http://www.w3.org/2000/svg">
+  <defs
+     id="defs12" />
+  <sodipodi:namedview
+     id="namedview10"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageshadow="2"
+     inkscape:pageopacity="0.0"
+     inkscape:pagecheckerboard="0"
+     showgrid="false"
+     inkscape:zoom="12.125"
+     inkscape:cx="43.092783"
+     inkscape:cy="48.082474"
+     inkscape:window-width="3072"
+     inkscape:window-height="1659"
+     inkscape:window-x="0"
+     inkscape:window-y="0"
+     inkscape:window-maximized="1"
+     inkscape:current-layer="svg8" />
+  <g
+     id="g79969"
+     transform="translate(-0.827,34.992103)">
+    <path
+       fill="#ffffff"
+       d="m 15.632,34.661 c -0.799,-0.597 -1.498,-1.484 -2.035,-2.592 l -0.228,-0.47 -0.46,0.249 c -0.975,0.528 -1.913,0.858 -2.744,0.969 L 9.963,29.061 6.327,30.029 C 6.17,29.175 6.202,28.142 6.423,27.007 L 6.526,26.482 5.994,26.416 C 4.752,26.262 3.688,25.891 2.89,25.336 L 4.411,22.419 1.423,20.896 C 1.742,19.952 2.371,19.014 3.257,18.161 L 3.634,17.798 3.255,17.438 C 2.452,16.674 1.847,15.884 1.485,15.127 L 4.995,13.774 2.95,10.615 C 3.69,10.213 4.643,9.929 5.739,9.783 L 6.258,9.715 6.167,9.201 C 5.952,7.99 5.995,6.863 6.291,5.913 l 3.308,0.523 0.524,-3.308 c 0.988,0.013 2.08,0.326 3.164,0.907 L 13.749,4.283 13.975,3.81 C 14.454,2.807 15.019,1.986 15.628,1.406 L 18,4.326 20.372,1.406 c 0.609,0.58 1.175,1.401 1.653,2.404 l 0.226,0.473 0.462,-0.247 C 23.798,3.455 24.891,3.142 25.877,3.13 L 26.4,6.438 29.71,5.913 c 0.296,0.951 0.34,2.078 0.124,3.288 l -0.092,0.515 0.518,0.069 c 1.095,0.145 2.048,0.43 2.788,0.832 l -2.046,3.156 3.511,1.355 c -0.361,0.757 -0.966,1.547 -1.77,2.311 l -0.379,0.36 0.377,0.363 c 0.888,0.854 1.516,1.793 1.835,2.736 l -2.984,1.52 1.521,2.984 c -0.812,0.574 -1.871,0.964 -3.094,1.134 l -0.518,0.072 0.096,0.514 c 0.201,1.089 0.226,2.083 0.073,2.909 l -3.634,-0.97 -0.204,3.757 c -0.83,-0.11 -1.768,-0.44 -2.742,-0.968 l -0.459,-0.249 -0.228,0.47 c -0.539,1.107 -1.237,1.994 -2.036,2.591 L 18,32.293 Z"
+       id="path2" />
+    <path
+       d="M 7.092,10.678 C 6.562,9.189 6.394,7.708 6.66,6.478 l 2.368,0.375 0.987,0.156 0.157,-0.988 0.375,-2.368 C 11.808,3.78 13.16,4.396 14.409,5.359 14.527,5.022 14.653,4.696 14.791,4.392 13.24,3.257 11.568,2.629 10.061,2.629 9.938,2.629 9.816,2.633 9.695,2.642 L 9.184,5.865 5.96,5.354 C 5.36,6.841 5.395,8.769 6.045,10.747 6.38,10.71 6.729,10.686 7.092,10.678 Z M 21.593,5.359 c 1.248,-0.962 2.6,-1.578 3.86,-1.705 l 0.376,2.368 0.156,0.988 0.987,-0.157 2.369,-0.376 c 0.266,1.23 0.098,2.71 -0.432,4.2 0.361,0.009 0.711,0.032 1.046,0.07 C 30.606,8.769 30.64,6.841 30.04,5.353 L 26.815,5.865 26.304,2.641 c -0.12,-0.008 -0.242,-0.012 -0.365,-0.012 -1.507,0 -3.179,0.628 -4.73,1.762 0.14,0.306 0.266,0.631 0.384,0.968 z M 7.368,27 h 0.035 c 0.067,0 0.157,-0.604 0.26,-0.947 -0.098,0.004 -0.197,0.046 -0.294,0.046 -1.496,0 -2.826,-0.303 -3.83,-0.89 L 4.628,23.081 5.082,22.194 4.191,21.742 2.055,20.654 C 2.563,19.503 3.57,18.404 4.873,17.511 4.586,17.292 4.312,17.07 4.063,16.842 2.376,18.059 1.217,19.597 0.828,21.152 l 2.908,1.483 -1.482,2.843 C 3.475,26.501 5.303,27 7.368,27 Z m 27.806,-5.846 c -0.39,-1.555 -1.548,-3.093 -3.234,-4.311 -0.25,0.228 -0.523,0.451 -0.81,0.669 1.304,0.893 2.31,1.992 2.817,3.145 l -2.136,1.088 -0.891,0.453 0.454,0.892 1.089,2.137 c -1.004,0.587 -2.332,0.904 -3.828,0.904 -0.099,0 -0.199,-0.01 -0.299,-0.013 0.103,0.344 0.192,0.683 0.26,1.011 l 0.039,0.002 c 2.066,0 3.892,-0.563 5.112,-1.587 l -1.482,-2.908 z m -12.653,9.182 c -0.447,1.517 -1.181,2.812 -2.119,3.651 L 18.707,32.293 18,31.586 l -0.707,0.707 -1.695,1.694 c -0.938,-0.839 -1.673,-2.136 -2.12,-3.652 -0.296,0.206 -0.593,0.397 -0.886,0.563 0.636,1.98 1.741,3.559 3.1,4.409 L 18,33 l 2.308,2.308 c 1.358,-0.851 2.464,-2.428 3.101,-4.408 -0.295,-0.168 -0.591,-0.359 -0.888,-0.564 z"
+       fill="#ea596e"
+       id="path4" />
+    <path
+       fill="#ea596e"
+       d="m 20.118,5.683 c 0.426,1.146 0.748,2.596 0.841,4.284 l 0.2,3.683 3.564,-0.946 c 1.32,-0.351 2.655,-0.536 3.86,-0.536 0.16,0 0.318,0.003 0.474,0.01 l -1.827,2.819 3.139,1.211 c -0.958,0.759 -2.237,1.514 -3.814,2.123 l -3.441,1.328 2.001,3.099 c 0.918,1.42 1.509,2.782 1.838,3.96 L 23.709,25.853 23.527,29.21 C 22.508,28.533 21.395,27.55 20.329,26.237 L 18,23.374 15.672,26.236 c -1.066,1.312 -2.179,2.295 -3.198,2.972 l -0.18,-3.354 -3.248,0.864 c 0.329,-1.178 0.921,-2.54 1.839,-3.961 L 12.889,19.658 9.447,18.33 C 7.87,17.721 6.591,16.967 5.633,16.208 L 8.768,15 6.941,12.177 c 0.155,-0.006 0.313,-0.01 0.473,-0.01 1.206,0 2.541,0.185 3.861,0.536 l 3.564,0.947 0.202,-3.683 c 0.092,-1.688 0.415,-3.138 0.84,-4.284 L 18,8.292 20.118,5.683 M 20.308,0.692 18,3.533 15.692,0.692 C 13.703,2.224 12.271,5.684 12.046,9.804 10.429,9.374 8.854,9.167 7.414,9.167 c -2.11,0 -3.929,0.445 -5.161,1.289 l 1.989,3.073 -3.415,1.316 c 0.842,2.366 3.69,4.797 7.54,6.283 -2.241,3.465 -3.116,7.106 -2.407,9.516 l 3.537,-0.941 0.196,3.654 c 2.512,-0.07 5.703,-2.027 8.307,-5.228 2.603,3.201 5.796,5.158 8.306,5.228 l 0.198,-3.655 3.535,0.943 c 0.71,-2.411 -0.165,-6.05 -2.404,-9.517 3.849,-1.485 6.696,-3.918 7.538,-6.283 l -3.415,-1.318 1.99,-3.07 c -1.233,-0.844 -3.053,-1.29 -5.164,-1.29 -1.438,0 -3.013,0.207 -4.63,0.636 C 23.729,5.684 22.297,2.224 20.308,0.692 Z"
+       id="path6" />
+  </g>
+  <g
+     id="g79964"
+     transform="translate(-1.043816,35.993714)">
+    <path
+       fill="#ffffff"
+       d="m 51.92633,-2.0247139 c -0.799,-0.597 -1.498,-1.484 -2.035,-2.592 l -0.228,-0.47 -0.46,0.249 c -0.975,0.528 -1.913,0.858 -2.744,0.969 l -0.202,-3.7560001 -3.636,0.968 c -0.157,-0.854 -0.125,-1.887 0.096,-3.022 l 0.103,-0.525 -0.532,-0.066 c -1.242,-0.154 -2.306,-0.525 -3.104,-1.08 l 1.521,-2.917 -2.988,-1.523 c 0.319,-0.944 0.948,-1.882 1.834,-2.735 l 0.377,-0.363 -0.379,-0.36 c -0.803,-0.764 -1.408,-1.554 -1.77,-2.311 l 3.51,-1.353 -2.045,-3.159 c 0.74,-0.402 1.693,-0.686 2.789,-0.832 l 0.519,-0.068 -0.091,-0.514 c -0.215,-1.211 -0.172,-2.338 0.124,-3.288 l 3.308,0.523 0.524,-3.308 c 0.988,0.013 2.08,0.326 3.164,0.907 l 0.462,0.248 0.226,-0.473 c 0.479,-1.003 1.044,-1.824 1.653,-2.404 l 2.372,2.92 2.372,-2.92 c 0.609,0.58 1.175,1.401 1.653,2.404 l 0.226,0.473 0.462,-0.247 c 1.085,-0.581 2.178,-0.894 3.164,-0.906 l 0.523,3.308 3.31,-0.525 c 0.296,0.951 0.34,2.078 0.124,3.288 l -0.092,0.515 0.518,0.069 c 1.095,0.145 2.048,0.43 2.788,0.832 l -2.046,3.156 3.511,1.355 c -0.361,0.757 -0.966,1.547 -1.77,2.311 l -0.379,0.36 0.377,0.363 c 0.888,0.854 1.516,1.793 1.835,2.736 l -2.984,1.52 1.521,2.984 c -0.812,0.574 -1.871,0.964 -3.094,1.134 l -0.518,0.072 0.096,0.514 c 0.201,1.089 0.226,2.083 0.073,2.909 l -3.634,-0.97 -0.204,3.7570001 c -0.83,-0.11 -1.768,-0.44 -2.742,-0.968 l -0.459,-0.249 -0.228,0.47 c -0.539,1.107 -1.237,1.994 -2.036,2.591 l -2.367,-2.369 z"
+       id="path2-9" />
+    <path
+       d="m 43.38633,-26.007714 c -0.53,-1.489 -0.698,-2.97 -0.432,-4.2 l 2.368,0.375 0.987,0.156 0.157,-0.988 0.375,-2.368 c 1.261,0.127 2.613,0.743 3.862,1.706 0.118,-0.337 0.244,-0.663 0.382,-0.967 -1.551,-1.135 -3.223,-1.763 -4.73,-1.763 -0.123,0 -0.245,0.004 -0.366,0.013 l -0.511,3.223 -3.224,-0.511 c -0.6,1.487 -0.565,3.415 0.085,5.393 0.335,-0.037 0.684,-0.061 1.047,-0.069 z m 14.501,-5.319 c 1.248,-0.962 2.6,-1.578 3.86,-1.705 l 0.376,2.368 0.156,0.988 0.987,-0.157 2.369,-0.376 c 0.266,1.23 0.098,2.71 -0.432,4.2 0.361,0.009 0.711,0.032 1.046,0.07 0.651,-1.978 0.685,-3.906 0.085,-5.394 l -3.225,0.512 -0.511,-3.224 c -0.12,-0.008 -0.242,-0.012 -0.365,-0.012 -1.507,0 -3.179,0.628 -4.73,1.762 0.14,0.306 0.266,0.631 0.384,0.968 z m -14.225,21.641 h 0.035 c 0.067,0 0.157,-0.604 0.26,-0.947 -0.098,0.004 -0.197,0.046 -0.294,0.046 -1.496,0 -2.826,-0.303 -3.83,-0.89 l 1.089,-2.128 0.454,-0.887 -0.891,-0.452 -2.136,-1.088 c 0.508,-1.151 1.515,-2.25 2.818,-3.143 -0.287,-0.219 -0.561,-0.441 -0.81,-0.669 -1.687,1.217 -2.846,2.755 -3.235,4.31 l 2.908,1.483 -1.482,2.843 c 1.221,1.023 3.049,1.522 5.114,1.522 z m 27.806,-5.846 c -0.39,-1.555 -1.548,-3.093 -3.234,-4.311 -0.25,0.228 -0.523,0.451 -0.81,0.669 1.304,0.893 2.31,1.992 2.817,3.145 l -2.136,1.088 -0.891,0.453 0.454,0.892 1.089,2.137 c -1.004,0.587 -2.332,0.904 -3.828,0.904 -0.099,0 -0.199,-0.01 -0.299,-0.013 0.103,0.344 0.192,0.683 0.26,1.011 l 0.039,0.002 c 2.066,0 3.892,-0.563 5.112,-1.587 l -1.482,-2.908 z m -12.653,9.182 c -0.447,1.5170001 -1.181,2.8120001 -2.119,3.6510001 l -1.695,-1.694 -0.707,-0.707 -0.707,0.707 -1.695,1.694 c -0.938,-0.839 -1.673,-2.136 -2.12,-3.6520001 -0.296,0.2060001 -0.593,0.3970001 -0.886,0.5630001 0.636,1.98 1.741,3.559 3.1,4.409 l 2.308,-2.307 2.308,2.308 c 1.358,-0.851 2.464,-2.428 3.101,-4.408 -0.295,-0.168 -0.591,-0.359 -0.888,-0.5640001 z"
+       fill="#ea596e"
+       id="path4-3" />
+    <path
+       fill="#ea596e"
+       d="m 56.41233,-31.002714 c 0.426,1.146 0.748,2.596 0.841,4.284 l 0.2,3.683 3.564,-0.946 c 1.32,-0.351 2.655,-0.536 3.86,-0.536 0.16,0 0.318,0.003 0.474,0.01 l -1.827,2.819 3.139,1.211 c -0.958,0.759 -2.237,1.514 -3.814,2.123 l -3.441,1.328 2.001,3.099 c 0.918,1.42 1.509,2.782 1.838,3.96 l -3.244,-0.865 -0.182,3.357 c -1.019,-0.677 -2.132,-1.66 -3.198,-2.973 l -2.329,-2.863 -2.328,2.862 c -1.066,1.312 -2.179,2.295 -3.198,2.972 l -0.18,-3.354 -3.248,0.864 c 0.329,-1.178 0.921,-2.54 1.839,-3.961 l 2.004,-3.099 -3.442,-1.328 c -1.577,-0.609 -2.856,-1.363 -3.814,-2.122 l 3.135,-1.208 -1.827,-2.823 c 0.155,-0.006 0.313,-0.01 0.473,-0.01 1.206,0 2.541,0.185 3.861,0.536 l 3.564,0.947 0.202,-3.683 c 0.092,-1.688 0.415,-3.138 0.84,-4.284 l 2.119,2.609 2.118,-2.609 m 0.19,-4.991 -2.308,2.841 -2.308,-2.841 c -1.989,1.532 -3.421,4.992 -3.646,9.112 -1.617,-0.43 -3.192,-0.637 -4.632,-0.637 -2.11,0 -3.929,0.445 -5.161,1.289 l 1.989,3.073 -3.415,1.316 c 0.842,2.366 3.69,4.797 7.54,6.283 -2.241,3.465 -3.116,7.106 -2.407,9.5160001 l 3.537,-0.9410001 0.196,3.6540001 c 2.512,-0.07 5.703,-2.027 8.307,-5.2280001 2.603,3.2010001 5.796,5.1580001 8.306,5.2280001 l 0.198,-3.6550001 3.535,0.9430001 c 0.71,-2.4110001 -0.165,-6.0500001 -2.404,-9.5170001 3.849,-1.485 6.696,-3.918 7.538,-6.283 l -3.415,-1.318 1.99,-3.07 c -1.233,-0.844 -3.053,-1.29 -5.164,-1.29 -1.438,0 -3.013,0.207 -4.63,0.636 -0.225,-4.119 -1.657,-7.579 -3.646,-9.111 z"
+       id="path6-6" />
+  </g>
+  <text
+     xml:space="preserve"
+     style="font-style:normal;font-weight:normal;font-size:42.6667px;line-height:1.25;font-family:sans-serif;fill:#ea596e;fill-opacity:1;stroke:none"
+     x="2.2188232"
+     y="31.430677"
+     id="text46212"><tspan
+       sodipodi:role="line"
+       id="tspan46210"
+       x="2.2188232"
+       y="31.430677"
+       style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:42.6667px;font-family:'TeX Gyre Termes';-inkscape-font-specification:'TeX Gyre Termes'">D</tspan></text>
+  <text
+     xml:space="preserve"
+     style="font-style:normal;font-weight:normal;font-size:42.6667px;line-height:1.25;font-family:sans-serif;fill:#ea596e;fill-opacity:1;stroke:none"
+     x="41.347008"
+     y="67.114784"
+     id="text46212-1"><tspan
+       sodipodi:role="line"
+       id="tspan46210-5"
+       x="41.347008"
+       y="67.114784"
+       style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:42.6667px;font-family:'TeX Gyre Termes';-inkscape-font-specification:'TeX Gyre Termes'">F</tspan></text>
+</svg>

doc/talks/2022-06-23-stack/assets/garage_tables.svg

@@ -0,0 +1,537 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   width="850"
+   height="480"
+   viewBox="0 0 224.89584 127"
+   version="1.1"
+   id="svg8"
+   inkscape:version="1.2 (dc2aedaf03, 2022-05-15)"
+   sodipodi:docname="garage_tables.svg"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:dc="http://purl.org/dc/elements/1.1/">
+  <defs
+     id="defs2">
+    <marker
+       style="overflow:visible"
+       id="marker1262"
+       refX="0"
+       refY="0"
+       orient="auto"
+       inkscape:stockid="Arrow1Mend"
+       inkscape:isstock="true">
+      <path
+         transform="matrix(-0.4,0,0,-0.4,-4,0)"
+         style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1pt;stroke-opacity:1"
+         d="M 0,0 5,-5 -12.5,0 5,5 Z"
+         id="path1260" />
+    </marker>
+    <marker
+       style="overflow:visible"
+       id="Arrow1Mend"
+       refX="0"
+       refY="0"
+       orient="auto"
+       inkscape:stockid="Arrow1Mend"
+       inkscape:isstock="true"
+       inkscape:collect="always">
+      <path
+         transform="matrix(-0.4,0,0,-0.4,-4,0)"
+         style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1pt;stroke-opacity:1"
+         d="M 0,0 5,-5 -12.5,0 5,5 Z"
+         id="path965" />
+    </marker>
+    <marker
+       style="overflow:visible"
+       id="Arrow1Lend"
+       refX="0"
+       refY="0"
+       orient="auto"
+       inkscape:stockid="Arrow1Lend"
+       inkscape:isstock="true">
+      <path
+         transform="matrix(-0.8,0,0,-0.8,-10,0)"
+         style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1pt;stroke-opacity:1"
+         d="M 0,0 5,-5 -12.5,0 5,5 Z"
+         id="path959" />
+    </marker>
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="0.98994949"
+     inkscape:cx="429.31483"
+     inkscape:cy="289.40871"
+     inkscape:document-units="mm"
+     inkscape:current-layer="layer1"
+     inkscape:document-rotation="0"
+     showgrid="false"
+     units="px"
+     inkscape:window-width="1678"
+     inkscape:window-height="993"
+     inkscape:window-x="0"
+     inkscape:window-y="0"
+     inkscape:window-maximized="1"
+     inkscape:showpageshadow="2"
+     inkscape:pagecheckerboard="0"
+     inkscape:deskcolor="#d1d1d1" />
+  <metadata
+     id="metadata5">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title />
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Layer 1"
+     inkscape:groupmode="layer"
+     id="layer1">
+    <text
+       xml:space="preserve"
+       style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+       x="39.570904"
+       y="38.452755"
+       id="text2025"><tspan
+         sodipodi:role="line"
+         id="tspan2023"
+         x="39.570904"
+         y="38.452755"
+         style="font-size:5.64444px;stroke-width:0.264583" /></text>
+    <text
+       xml:space="preserve"
+       style="font-style:normal;font-weight:normal;font-size:10.5833px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+       x="101.95796"
+       y="92.835831"
+       id="text2139"><tspan
+         sodipodi:role="line"
+         id="tspan2137"
+         x="101.95796"
+         y="92.835831"
+         style="stroke-width:0.264583"> </tspan></text>
+    <g
+       id="g2316"
+       transform="translate(-11.455511,1.5722486)">
+      <g
+         id="g2277">
+        <rect
+           style="fill:none;stroke:#000000;stroke-width:0.8;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+           id="rect833"
+           width="47.419891"
+           height="95.353409"
+           x="18.534418"
+           y="24.42766" />
+        <rect
+           style="fill:none;stroke:#000000;stroke-width:0.799999;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+           id="rect833-3"
+           width="47.419891"
+           height="86.973076"
+           x="18.534418"
+           y="32.807987" />
+        <text
+           xml:space="preserve"
+           style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+           x="32.250839"
+           y="29.894743"
+           id="text852"><tspan
+             sodipodi:role="line"
+             id="tspan850"
+             x="32.250839"
+             y="29.894743"
+             style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">Object</tspan></text>
+      </g>
+      <g
+         id="g2066"
+         transform="translate(-2.1807817,-3.0621439)">
+        <g
+           id="g1969"
+           transform="matrix(0.12763631,0,0,0.12763631,0.7215051,24.717273)"
+           style="fill:#ff6600;fill-opacity:1;stroke:none;stroke-opacity:1">
+          <path
+             style="fill:#ff6600;fill-opacity:1;stroke:none;stroke-width:0.264583;stroke-opacity:1"
+             d="m 203.71837,154.80038 c -1.11451,3.75057 -2.45288,5.84095 -5.11132,7.98327 -2.2735,1.83211 -4.66721,2.65982 -8.09339,2.79857 -2.59227,0.10498 -2.92868,0.0577 -5.02863,-0.70611 -3.99215,-1.45212 -7.1627,-4.65496 -8.48408,-8.57046 -1.28374,-3.80398 -0.61478,-8.68216 1.64793,-12.01698 0.87317,-1.28689 3.15089,-3.48326 4.18771,-4.03815 l 0.53332,-28.51234 5.78454,-5.09197 6.95158,6.16704 -3.21112,3.49026 3.17616,3.45499 -3.17616,3.40822 2.98973,3.28645 -3.24843,3.3829 4.49203,4.58395 0.0516,5.69106 c 1.06874,0.64848 3.81974,3.24046 4.69548,4.56257 0.452,0.68241 1.06834,2.0197 1.36962,2.97176 0.62932,1.98864 0.88051,5.785 0.47342,7.15497 z m -10.0406,2.32604 c -0.88184,-3.17515 -4.92402,-3.78864 -6.75297,-1.02492 -0.58328,0.8814 -0.6898,1.28852 -0.58362,2.23056 0.26492,2.35041 2.45434,3.95262 4.60856,3.37255 1.19644,-0.32217 2.39435,-1.44872 2.72875,-2.56621 0.30682,-1.02529 0.30686,-0.9045 -7.9e-4,-2.01198 z"
+             id="path1971"
+             sodipodi:nodetypes="ssscsscccccccccccssscsssscc" />
+        </g>
+        <text
+           xml:space="preserve"
+           style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+           x="28.809687"
+           y="44.070885"
+           id="text852-9"><tspan
+             sodipodi:role="line"
+             id="tspan850-4"
+             x="28.809687"
+             y="44.070885"
+             style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">bucket </tspan></text>
+      </g>
+      <g
+         id="g2066-7"
+         transform="translate(-2.1807817,6.2627616)">
+        <g
+           id="g1969-8"
+           transform="matrix(0.12763631,0,0,0.12763631,0.7215051,24.717273)"
+           style="fill:#ff6600;fill-opacity:1;stroke:none;stroke-opacity:1">
+          <path
+             style="fill:#4040ff;fill-opacity:1;stroke:none;stroke-width:0.264583;stroke-opacity:1"
+             d="m 203.71837,154.80038 c -1.11451,3.75057 -2.45288,5.84095 -5.11132,7.98327 -2.2735,1.83211 -4.66721,2.65982 -8.09339,2.79857 -2.59227,0.10498 -2.92868,0.0577 -5.02863,-0.70611 -3.99215,-1.45212 -7.1627,-4.65496 -8.48408,-8.57046 -1.28374,-3.80398 -0.61478,-8.68216 1.64793,-12.01698 0.87317,-1.28689 3.15089,-3.48326 4.18771,-4.03815 l 0.53332,-28.51234 5.78454,-5.09197 6.95158,6.16704 -3.21112,3.49026 3.17616,3.45499 -3.17616,3.40822 2.98973,3.28645 -3.24843,3.3829 4.49203,4.58395 0.0516,5.69106 c 1.06874,0.64848 3.81974,3.24046 4.69548,4.56257 0.452,0.68241 1.06834,2.0197 1.36962,2.97176 0.62932,1.98864 0.88051,5.785 0.47342,7.15497 z m -10.0406,2.32604 c -0.88184,-3.17515 -4.92402,-3.78864 -6.75297,-1.02492 -0.58328,0.8814 -0.6898,1.28852 -0.58362,2.23056 0.26492,2.35041 2.45434,3.95262 4.60856,3.37255 1.19644,-0.32217 2.39435,-1.44872 2.72875,-2.56621 0.30682,-1.02529 0.30686,-0.9045 -7.9e-4,-2.01198 z"
+             id="path1971-4"
+             sodipodi:nodetypes="ssscsscccccccccccssscsssscc" />
+        </g>
+        <text
+           xml:space="preserve"
+           style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+           x="28.809687"
+           y="44.070885"
+           id="text852-9-5"><tspan
+             sodipodi:role="line"
+             id="tspan850-4-0"
+             x="28.809687"
+             y="44.070885"
+             style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">file path </tspan></text>
+        <path
+           style="fill:#ff6600;fill-opacity:1;stroke:none;stroke-width:0.0337704;stroke-opacity:1"
+           d="m 174.20027,104.45585 c -0.14225,0.47871 -0.31308,0.74552 -0.65239,1.01896 -0.29018,0.23384 -0.5957,0.33949 -1.03301,0.3572 -0.33087,0.0134 -0.37381,0.007 -0.64184,-0.0901 -0.50954,-0.18534 -0.91422,-0.59414 -1.08287,-1.0939 -0.16385,-0.48552 -0.0785,-1.10816 0.21033,-1.5338 0.11145,-0.16426 0.40217,-0.44459 0.53451,-0.51542 l 0.0681,-3.639207 0.73832,-0.64992 0.88727,0.787138 -0.40986,0.445484 0.4054,0.440982 -0.4054,0.435013 0.3816,0.41947 -0.41461,0.43178 0.57334,0.58508 0.007,0.72639 c 0.13641,0.0828 0.48753,0.4136 0.59931,0.58235 0.0577,0.0871 0.13636,0.25778 0.17481,0.3793 0.0803,0.25382 0.11239,0.73838 0.0604,0.91323 z m -1.28154,0.29689 c -0.11256,-0.40526 -0.62849,-0.48357 -0.86193,-0.13082 -0.0745,0.1125 -0.088,0.16447 -0.0745,0.2847 0.0338,0.3 0.31326,0.5045 0.58822,0.43046 0.15271,-0.0411 0.30561,-0.1849 0.34829,-0.32754 0.0392,-0.13086 0.0392,-0.11544 -1e-4,-0.2568 z"
+           id="path1971-3"
+           sodipodi:nodetypes="ssscsscccccccccccssscsssscc" />
+        <text
+           xml:space="preserve"
+           style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+           x="177.8474"
+           y="104.05132"
+           id="text852-9-6"><tspan
+             sodipodi:role="line"
+             id="tspan850-4-7"
+             x="177.8474"
+             y="104.05132"
+             style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">= partition key </tspan></text>
+        <path
+           style="fill:#4040ff;fill-opacity:1;stroke:none;stroke-width:0.0337704;stroke-opacity:1"
+           d="m 174.20027,113.78076 c -0.14225,0.47871 -0.31308,0.74552 -0.65239,1.01895 -0.29018,0.23385 -0.5957,0.33949 -1.03301,0.3572 -0.33087,0.0134 -0.37381,0.007 -0.64184,-0.0901 -0.50954,-0.18534 -0.91422,-0.59414 -1.08287,-1.0939 -0.16385,-0.48553 -0.0785,-1.10816 0.21033,-1.53381 0.11145,-0.16425 0.40217,-0.44459 0.53451,-0.51541 l 0.0681,-3.63921 0.73832,-0.64992 0.88727,0.78714 -0.40986,0.44548 0.4054,0.44098 -0.4054,0.43502 0.3816,0.41947 -0.41461,0.43178 0.57334,0.58508 0.007,0.72638 c 0.13641,0.0828 0.48753,0.4136 0.59931,0.58235 0.0577,0.0871 0.13636,0.25779 0.17481,0.37931 0.0803,0.25382 0.11239,0.73837 0.0604,0.91323 z m -1.28154,0.29689 c -0.11256,-0.40527 -0.62849,-0.48357 -0.86193,-0.13082 -0.0745,0.1125 -0.088,0.16446 -0.0745,0.2847 0.0338,0.3 0.31326,0.5045 0.58822,0.43046 0.15271,-0.0411 0.30561,-0.18491 0.34829,-0.32754 0.0392,-0.13087 0.0392,-0.11545 -1e-4,-0.2568 z"
+           id="path1971-4-5"
+           sodipodi:nodetypes="ssscsscccccccccccssscsssscc" />
+        <text
+           xml:space="preserve"
+           style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+           x="177.8474"
+           y="113.37622"
+           id="text852-9-5-3"><tspan
+             sodipodi:role="line"
+             id="tspan850-4-0-5"
+             x="177.8474"
+             y="113.37622"
+             style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">= sort key </tspan></text>
+      </g>
+      <g
+         id="g2161"
+         transform="translate(-62.264403,-59.333115)">
+        <g
+           id="g2271"
+           transform="translate(0,67.042823)">
+          <rect
+             style="fill:none;stroke:#000000;stroke-width:0.799999;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+             id="rect833-6"
+             width="39.008453"
+             height="16.775949"
+             x="84.896881"
+             y="90.266838" />
+          <rect
+             style="fill:none;stroke:#000000;stroke-width:0.799999;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+             id="rect833-3-1"
+             width="39.008453"
+             height="8.673645"
+             x="84.896881"
+             y="98.369141" />
+          <text
+             xml:space="preserve"
+             style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+             x="89.826942"
+             y="96.212921"
+             id="text852-0"><tspan
+               sodipodi:role="line"
+               id="tspan850-6"
+               x="89.826942"
+               y="96.212921"
+               style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">Version 1</tspan></text>
+          <text
+             xml:space="preserve"
+             style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+             x="89.826942"
+             y="104.71013"
+             id="text852-0-3"><tspan
+               sodipodi:role="line"
+               id="tspan850-6-2"
+               x="89.826942"
+               y="104.71013"
+               style="font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';fill:#4d4d4d;stroke-width:0.264583">deleted</tspan></text>
+        </g>
+      </g>
+      <g
+         id="g2263"
+         transform="translate(0,-22.791204)">
+        <g
+           id="g2161-1"
+           transform="translate(-62.264403,-10.910843)">
+          <rect
+             style="fill:none;stroke:#000000;stroke-width:0.799999;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+             id="rect833-6-5"
+             width="39.008453"
+             height="36.749603"
+             x="84.896881"
+             y="90.266838" />
+          <rect
+             style="fill:none;stroke:#000000;stroke-width:0.799999;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+             id="rect833-3-1-5"
+             width="39.008453"
+             height="28.647301"
+             x="84.896881"
+             y="98.369141" />
+          <text
+             xml:space="preserve"
+             style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+             x="89.826942"
+             y="96.212921"
+             id="text852-0-4"><tspan
+               sodipodi:role="line"
+               id="tspan850-6-7"
+               x="89.826942"
+               y="96.212921"
+               style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">Version 2</tspan></text>
+          <text
+             xml:space="preserve"
+             style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+             x="89.826942"
+             y="104.71013"
+             id="text852-0-3-6"><tspan
+               sodipodi:role="line"
+               id="tspan850-6-2-5"
+               x="89.826942"
+               y="104.71013"
+               style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';fill:#000000;stroke-width:0.264583">id</tspan></text>
+        </g>
+        <text
+           xml:space="preserve"
+           style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+           x="27.56254"
+           y="100.34132"
+           id="text852-0-3-6-6"><tspan
+             sodipodi:role="line"
+             id="tspan850-6-2-5-9"
+             x="27.56254"
+             y="100.34132"
+             style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';fill:#000000;stroke-width:0.264583">size</tspan></text>
+        <text
+           xml:space="preserve"
+           style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+           x="27.56254"
+           y="106.90263"
+           id="text852-0-3-6-6-3"><tspan
+             sodipodi:role="line"
+             id="tspan850-6-2-5-9-7"
+             x="27.56254"
+             y="106.90263"
+             style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';fill:#000000;stroke-width:0.264583">MIME type</tspan></text>
+        <text
+           xml:space="preserve"
+           style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+           x="27.56254"
+           y="111.92816"
+           id="text852-0-3-6-6-3-4"><tspan
+             sodipodi:role="line"
+             id="tspan850-6-2-5-9-7-5"
+             x="27.56254"
+             y="111.92816"
+             style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';fill:#000000;stroke-width:0.264583">...</tspan></text>
+      </g>
+    </g>
+    <g
+       id="g898"
+       transform="translate(-6.2484318,29.95006)">
+      <rect
+         style="fill:none;stroke:#000000;stroke-width:0.799999;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+         id="rect833-7"
+         width="47.419891"
+         height="44.007515"
+         x="95.443573"
+         y="24.42766" />
+      <rect
+         style="fill:none;stroke:#000000;stroke-width:0.799999;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+         id="rect833-3-4"
+         width="47.419891"
+         height="35.627186"
+         x="95.443573"
+         y="32.807987" />
+      <text
+         xml:space="preserve"
+         style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+         x="107.46638"
+         y="29.894743"
+         id="text852-4"><tspan
+           sodipodi:role="line"
+           id="tspan850-3"
+           x="107.46638"
+           y="29.894743"
+           style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">Version</tspan></text>
+      <path
+         style="fill:#ff6600;fill-opacity:1;stroke:none;stroke-width:0.0337704;stroke-opacity:1"
+         d="m 102.90563,41.413279 c -0.14226,0.478709 -0.31308,0.745518 -0.65239,1.018956 -0.29019,0.233843 -0.59571,0.339489 -1.03301,0.357199 -0.33087,0.0134 -0.37381,0.0074 -0.64184,-0.09013 -0.50954,-0.185343 -0.914221,-0.594142 -1.082877,-1.093901 -0.163852,-0.485526 -0.07847,-1.108159 0.210335,-1.533803 0.111448,-0.164254 0.402172,-0.444591 0.534502,-0.515415 l 0.0681,-3.63921 0.73832,-0.64992 0.88727,0.787138 -0.40985,0.445484 0.40539,0.440982 -0.40539,0.435013 0.3816,0.41947 -0.41462,0.431781 0.57335,0.585078 0.007,0.726386 c 0.13641,0.08277 0.48753,0.413601 0.59931,0.58235 0.0577,0.0871 0.13636,0.257787 0.17481,0.379304 0.0803,0.253823 0.11239,0.738377 0.0604,0.913234 z m -1.28155,0.296888 c -0.11255,-0.405265 -0.62848,-0.483569 -0.86192,-0.130817 -0.0744,0.112498 -0.088,0.164461 -0.0745,0.2847 0.0338,0.299998 0.31326,0.504498 0.58822,0.43046 0.15271,-0.04112 0.3056,-0.184909 0.34828,-0.327542 0.0392,-0.130864 0.0392,-0.115447 -1e-4,-0.256801 z"
+         id="path1971-0"
+         sodipodi:nodetypes="ssscsscccccccccccssscsssscc" />
+      <text
+         xml:space="preserve"
+         style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+         x="104.99195"
+         y="41.008743"
+         id="text852-9-7"><tspan
+           sodipodi:role="line"
+           id="tspan850-4-8"
+           x="104.99195"
+           y="41.008743"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">id </tspan></text>
+      <text
+         xml:space="preserve"
+         style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+         x="104.99195"
+         y="49.168018"
+         id="text852-9-7-6"><tspan
+           sodipodi:role="line"
+           id="tspan850-4-8-8"
+           x="104.99195"
+           y="49.168018"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">h(block 1)</tspan></text>
+      <text
+         xml:space="preserve"
+         style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+         x="104.99195"
+         y="56.583336"
+         id="text852-9-7-6-8"><tspan
+           sodipodi:role="line"
+           id="tspan850-4-8-8-4"
+           x="104.99195"
+           y="56.583336"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">h(block 2)</tspan></text>
+      <text
+         xml:space="preserve"
+         style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+         x="104.99195"
+         y="64.265732"
+         id="text852-9-7-6-3"><tspan
+           sodipodi:role="line"
+           id="tspan850-4-8-8-1"
+           x="104.99195"
+           y="64.265732"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">...</tspan></text>
+    </g>
+    <g
+       id="g898-3"
+       transform="translate(75.777779,38.888663)">
+      <rect
+         style="fill:none;stroke:#000000;stroke-width:0.799999;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+         id="rect833-7-6"
+         width="47.419891"
+         height="29.989157"
+         x="95.443573"
+         y="24.42766" />
+      <rect
+         style="fill:none;stroke:#000000;stroke-width:0.799999;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+         id="rect833-3-4-7"
+         width="47.419891"
+         height="21.608831"
+         x="95.443573"
+         y="32.807987" />
+      <text
+         xml:space="preserve"
+         style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+         x="102.11134"
+         y="29.894743"
+         id="text852-4-5"><tspan
+           sodipodi:role="line"
+           id="tspan850-3-3"
+           x="102.11134"
+           y="29.894743"
+           style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">Data block</tspan></text>
+      <path
+         style="fill:#ff6600;fill-opacity:1;stroke:none;stroke-width:0.0337704;stroke-opacity:1"
+         d="m 102.90563,41.413279 c -0.14226,0.478709 -0.31308,0.745518 -0.65239,1.018956 -0.29019,0.233843 -0.59571,0.339489 -1.03301,0.357199 -0.33087,0.0134 -0.37381,0.0074 -0.64184,-0.09013 -0.50954,-0.185343 -0.914221,-0.594142 -1.082877,-1.093901 -0.163852,-0.485526 -0.07847,-1.108159 0.210335,-1.533803 0.111448,-0.164254 0.402172,-0.444591 0.534502,-0.515415 l 0.0681,-3.63921 0.73832,-0.64992 0.88727,0.787138 -0.40985,0.445484 0.40539,0.440982 -0.40539,0.435013 0.3816,0.41947 -0.41462,0.431781 0.57335,0.585078 0.007,0.726386 c 0.13641,0.08277 0.48753,0.413601 0.59931,0.58235 0.0577,0.0871 0.13636,0.257787 0.17481,0.379304 0.0803,0.253823 0.11239,0.738377 0.0604,0.913234 z m -1.28155,0.296888 c -0.11255,-0.405265 -0.62848,-0.483569 -0.86192,-0.130817 -0.0744,0.112498 -0.088,0.164461 -0.0745,0.2847 0.0338,0.299998 0.31326,0.504498 0.58822,0.43046 0.15271,-0.04112 0.3056,-0.184909 0.34828,-0.327542 0.0392,-0.130864 0.0392,-0.115447 -1e-4,-0.256801 z"
+         id="path1971-0-5"
+         sodipodi:nodetypes="ssscsscccccccccccssscsssscc" />
+      <text
+         xml:space="preserve"
+         style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+         x="104.99195"
+         y="41.008743"
+         id="text852-9-7-62"><tspan
+           sodipodi:role="line"
+           id="tspan850-4-8-9"
+           x="104.99195"
+           y="41.008743"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">hash </tspan></text>
+      <text
+         xml:space="preserve"
+         style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+         x="104.99195"
+         y="49.168018"
+         id="text852-9-7-6-1"><tspan
+           sodipodi:role="line"
+           id="tspan850-4-8-8-2"
+           x="104.99195"
+           y="49.168018"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">data</tspan></text>
+    </g>
+    <path
+       style="fill:none;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1;marker-end:url(#Arrow1Mend)"
+       d="M 42.105292,69.455903 89.563703,69.317144"
+       id="path954"
+       sodipodi:nodetypes="cc" />
+    <path
+       style="fill:none;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1;marker-end:url(#marker1262)"
+       d="m 134.32612,77.363197 38.12618,0.260865"
+       id="path1258"
+       sodipodi:nodetypes="cc" />
+    <text
+       xml:space="preserve"
+       style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+       x="8.6727352"
+       y="16.687063"
+       id="text852-3"><tspan
+         sodipodi:role="line"
+         id="tspan850-67"
+         x="8.6727352"
+         y="16.687063"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">Objects table </tspan></text>
+    <text
+       xml:space="preserve"
+       style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+       x="89.190445"
+       y="16.687063"
+       id="text852-3-5"><tspan
+         sodipodi:role="line"
+         id="tspan850-67-3"
+         x="89.190445"
+         y="16.687063"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">Versions table </tspan></text>
+    <text
+       xml:space="preserve"
+       style="font-style:normal;font-weight:normal;font-size:5.64444px;line-height:1.25;font-family:sans-serif;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.264583"
+       x="174.55702"
+       y="16.687063"
+       id="text852-3-56"><tspan
+         sodipodi:role="line"
+         id="tspan850-67-2"
+         x="174.55702"
+         y="16.687063"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:5.64444px;font-family:'Liberation Mono';-inkscape-font-specification:'Liberation Mono Bold';stroke-width:0.264583">Blocks table</tspan></text>
+  </g>
+</svg>

doc/talks/2022-06-23-stack/talk.tex

@@ -0,0 +1,480 @@
+%\nonstopmode
+\documentclass[aspectratio=169]{beamer}
+\usepackage[utf8]{inputenc}
+% \usepackage[frenchb]{babel}
+\usepackage{amsmath}
+\usepackage{mathtools}
+\usepackage{breqn}
+\usepackage{multirow}
+\usetheme{boxes}
+\usepackage{graphicx}
+\usepackage{adjustbox}
+%\useoutertheme[footline=authortitle,subsection=false]{miniframes}
+%\useoutertheme[footline=authorinstitute,subsection=false]{miniframes}
+\useoutertheme{infolines}
+\setbeamertemplate{headline}{}
+
+\beamertemplatenavigationsymbolsempty
+
+\definecolor{TitleOrange}{RGB}{255,137,0}
+\setbeamercolor{title}{fg=TitleOrange}
+\setbeamercolor{frametitle}{fg=TitleOrange}
+
+\definecolor{ListOrange}{RGB}{255,145,5}
+\setbeamertemplate{itemize item}{\color{ListOrange}$\blacktriangleright$}
+
+\definecolor{verygrey}{RGB}{70,70,70}
+\setbeamercolor{normal text}{fg=verygrey}
+
+
+\usepackage{tabu}
+\usepackage{multicol}
+\usepackage{vwcol}
+\usepackage{stmaryrd}
+\usepackage{graphicx}
+
+\usepackage[normalem]{ulem}
+
+\title{Introducing Garage}
+\subtitle{a new storage platform for self-hosted geo-distributed clusters}
+\author{Deuxfleurs Association}
+\date{IMT Atlantique, 2022-06-23}
+
+\begin{document}
+
+\begin{frame}
+	\centering
+	\includegraphics[width=.3\linewidth]{../../sticker/Garage.pdf}
+	\vspace{1em}
+
+	{\large\bf Deuxfleurs Association}
+	\vspace{1em}
+
+	\url{https://garagehq.deuxfleurs.fr/}
+
+	Matrix channel: \texttt{\#garage:deuxfleurs.fr}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Who we are}
+	\begin{columns}[t]
+		\begin{column}{.2\textwidth}
+			\centering
+			\adjincludegraphics[width=.4\linewidth, valign=t]{assets/alex.jpg}
+		\end{column}
+		\begin{column}{.6\textwidth}
+			\textbf{Alex Auvolat}\\
+			PhD at Inria, team WIDE; co-founder of Deuxfleurs
+		\end{column}
+		\begin{column}{.2\textwidth}
+			~
+		\end{column}
+	\end{columns}
+	\vspace{1em}
+
+	\begin{columns}[t]
+		\begin{column}{.2\textwidth}
+			~
+		\end{column}
+		\begin{column}{.6\textwidth}
+			\textbf{Quentin Dufour}\\
+			PhD at Inria, team WIDE; co-founder of Deuxfleurs
+		\end{column}
+		\begin{column}{.2\textwidth}
+			\centering
+			\adjincludegraphics[width=.5\linewidth, valign=t]{assets/quentin.jpg}
+		\end{column}
+	\end{columns}
+	\vspace{2em}
+
+	\begin{columns}[t]
+		\begin{column}{.2\textwidth}
+			\centering
+			\adjincludegraphics[width=.5\linewidth, valign=t]{assets/deuxfleurs.pdf}
+		\end{column}
+		\begin{column}{.6\textwidth}
+			\textbf{Deuxfleurs}\\
+			A non-profit self-hosting collective,\\
+			member of the CHATONS network
+		\end{column}
+		\begin{column}{.2\textwidth}
+			\centering
+			\adjincludegraphics[width=.7\linewidth, valign=t]{assets/logo_chatons.png}
+		\end{column}
+	\end{columns}
+
+\end{frame}
+
+\begin{frame}
+	\frametitle{Our objective at Deuxfleurs}
+	
+	\begin{center}
+		\textbf{Promote self-hosting and small-scale hosting\\
+			as an alternative to large cloud providers}
+	\end{center}
+	\vspace{2em}
+	\visible<2->{
+		Why is it hard?
+	}
+	\visible<3->{
+		\vspace{2em}
+		\begin{center}
+			\textbf{\underline{Resilience}}\\
+			{\footnotesize (we want good uptime/availability with low supervision)}
+		\end{center}
+	}
+\end{frame}
+
+\begin{frame}
+	\frametitle{How to make a \underline{stable} system}
+
+	Enterprise-grade systems typically employ:
+	\vspace{1em}
+	\begin{itemize}
+		\item RAID
+		\item Redundant power grid + UPS
+		\item Redundant Internet connections
+		\item Low-latency links
+		\item ... 
+	\end{itemize}
+	\vspace{1em}
+	$\to$ it's costly and only worth it at DC scale
+\end{frame}
+
+\begin{frame}
+	\frametitle{How to make a \underline{resilient} system}
+
+	\only<1,4-5>{
+		Instead, we use:
+		\vspace{1em}
+		\begin{itemize}
+			\item \textcolor<2->{gray}{Commodity hardware (e.g. old desktop PCs)}
+				\vspace{.5em}
+			\item<4-> \textcolor<5->{gray}{Commodity Internet (e.g. FTTB, FTTH) and power grid}
+				\vspace{.5em}
+			\item<5-> \textcolor<6->{gray}{\textbf{Geographical redundancy} (multi-site replication)}
+		\end{itemize}
+	}
+	\only<2>{
+		\begin{center}
+			\includegraphics[width=.8\linewidth]{assets/atuin.jpg}
+		\end{center}
+	}
+	\only<3>{
+		\begin{center}
+			\includegraphics[width=.8\linewidth]{assets/neptune.jpg}
+		\end{center}
+	}
+	\only<6>{
+		\begin{center}
+			\includegraphics[width=.5\linewidth]{assets/inframap.jpg}
+		\end{center}
+	}
+\end{frame}
+
+\begin{frame}
+	\frametitle{How to make this happen}
+	\begin{center}
+		\only<1>{\includegraphics[width=.8\linewidth]{assets/slide1.png}}%
+		\only<2>{\includegraphics[width=.8\linewidth]{assets/slide2.png}}%
+		\only<3>{\includegraphics[width=.8\linewidth]{assets/slide3.png}}%
+	\end{center}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Distributed file systems are slow}
+	File systems are complex, for example:
+	\vspace{1em}
+	\begin{itemize}
+		\item Concurrent modification by several processes
+			\vspace{1em}
+		\item Folder hierarchies
+			\vspace{1em}
+		\item Other requirements of the POSIX spec
+	\end{itemize}
+	\vspace{1em}
+	Coordination in a distributed system is costly
+
+	\vspace{1em}
+	Costs explode with commodity hardware / Internet connections\\
+	{\small (we experienced this!)}
+\end{frame}
+
+\begin{frame}
+	\frametitle{A simpler solution: object storage}
+	Only two operations:
+	\vspace{1em}
+	\begin{itemize}
+		\item Put an object at a key
+			\vspace{1em}
+		\item Retrieve an object from its key
+	\end{itemize}
+	\vspace{1em}
+	{\footnotesize (and a few others)}
+
+	\vspace{1em}
+	Sufficient for many applications!
+\end{frame}
+
+\begin{frame}
+	\frametitle{A simpler solution: object storage}
+		\begin{center}
+			\includegraphics[width=.2\linewidth]{../2020-12-02_wide-team/img/Amazon-S3.jpg}
+			\hspace{5em}
+			\includegraphics[width=.2\linewidth]{assets/minio.png}
+		\end{center}
+		\vspace{1em}
+	S3: a de-facto standard, many compatible applications
+
+	\vspace{1em}
+
+	MinIO is self-hostable but not suited for geo-distributed deployments
+\end{frame}
+
+
+\begin{frame}
+	\frametitle{But what is Garage, exactly?}
+	\textbf{Garage is a self-hosted drop-in replacement for the Amazon S3 object store}\\
+	\vspace{.5em}
+	that implements resilience through geographical redundancy on commodity hardware
+		\begin{center}
+			\includegraphics[width=.8\linewidth]{assets/garageuses.png}
+		\end{center}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Overview}
+	\begin{center}
+		\only<1>{\includegraphics[width=.45\linewidth]{assets/garage2a.drawio.pdf}}%
+		\only<2>{\includegraphics[width=.45\linewidth]{assets/garage2b.drawio.pdf}}%
+	\end{center}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Garage is \emph{location-aware}}
+	\begin{center}
+		\includegraphics[width=\linewidth]{assets/location-aware.png}
+	\end{center}
+	\vspace{2em}
+	Garage replicates data on different zones when possible
+\end{frame}
+
+\begin{frame}
+	\frametitle{Garage is \emph{location-aware}}
+		\begin{center}
+			\includegraphics[width=.8\linewidth]{assets/map.png}
+		\end{center}
+\end{frame}
+
+\begin{frame}
+	\frametitle{How to spread files over different cluster nodes?}
+	\textbf{Consistent hashing (DynamoDB):}
+	\vspace{1em}
+
+	\begin{center}
+	\only<1>{\includegraphics[width=.45\columnwidth]{assets/consistent_hashing_1.pdf}}%
+	\only<2>{\includegraphics[width=.45\columnwidth]{assets/consistent_hashing_2.pdf}}%
+	\only<3>{\includegraphics[width=.45\columnwidth]{assets/consistent_hashing_3.pdf}}%
+	\only<4>{\includegraphics[width=.45\columnwidth]{assets/consistent_hashing_4.pdf}}%
+	\end{center}
+\end{frame}
+
+\begin{frame}
+	\frametitle{How to spread files over different cluster nodes?}
+	\textbf{Issues with consistent hashing:}
+	\vspace{1em}
+	\begin{itemize}
+		\item Doesn't dispatch data based on geographical location of nodes
+			\vspace{1em}
+		\item<2-> Geographically aware adaptation, try 1:\\
+			data quantities not well balanced between nodes
+			\vspace{1em}
+		\item<3-> Geographically aware adaptation, try 2:\\
+			too many reshuffles when adding/removing nodes
+	\end{itemize}
+\end{frame}
+
+\begin{frame}
+	\frametitle{How to spread files over different cluster nodes?}
+	\textbf{Garage's method: build an index table}
+	\vspace{1em}
+
+	Realization: we can actually precompute an optimal solution
+	\vspace{1em}
+
+	\visible<2->{
+		\begin{center}
+		\begin{tabular}{|l|l|l|l|}
+			\hline
+			\textbf{Partition} & \textbf{Node 1} & \textbf{Node 2} & \textbf{Node 3} \\
+			\hline
+			\hline
+			Partition 0 & Io (jupiter) & Drosera (atuin) & Courgette (neptune) \\
+			\hline
+			Partition 1 & Datura (atuin) & Courgette (neptune) & Io (jupiter) \\
+			\hline
+			Partition 2 & Io(jupiter) & Celeri (neptune) & Drosera (atuin) \\
+			\hline
+			\hspace{1em}$\vdots$ & \hspace{1em}$\vdots$ & \hspace{1em}$\vdots$ & \hspace{1em}$\vdots$ \\
+			\hline
+			Partition 255 & Concombre (neptune) & Io (jupiter) & Drosera (atuin) \\
+			\hline
+		\end{tabular}
+		\end{center}
+	}
+	\vspace{1em}
+	\visible<3->{
+		The index table is built centrally using an optimal* algorithm,\\
+		then propagated to all nodes\\
+		\hfill\footnotesize *not yet optimal but will be soon
+	}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Garage's internal data structures}
+	\centering
+	\includegraphics[width=.75\columnwidth]{assets/garage_tables.pdf}
+\end{frame}
+
+%\begin{frame}
+%	\frametitle{Garage's architecture}
+%	\begin{center}
+%		\includegraphics[width=.35\linewidth]{assets/garage.drawio.pdf}
+%	\end{center}
+%\end{frame}
+
+\begin{frame}
+	\frametitle{Garage is \emph{coordination-free}:}
+	\begin{itemize}
+		\item No Raft or Paxos
+			\vspace{1em}
+		\item Internal data types are CRDTs
+			\vspace{1em}
+		\item All nodes are equivalent (no master/leader/index node)
+	\end{itemize}
+			\vspace{2em}
+	$\to$ less sensitive to higher latencies between nodes
+\end{frame}
+
+\begin{frame}
+	\frametitle{Consistency model}
+	\begin{itemize}
+		\item Not ACID (not required by S3 spec) / not linearizable
+			\vspace{1em}
+		\item \textbf{Read-after-write consistency}\\
+			{\footnotesize (stronger than eventual consistency)}
+	\end{itemize}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Impact on performances}
+		\begin{center}
+			\includegraphics[width=.8\linewidth]{assets/endpoint-latency-dc.png}
+		\end{center}
+\end{frame}
+
+
+\begin{frame}
+	\frametitle{An ever-increasing compatibility list}
+		\begin{center}
+			\includegraphics[width=.7\linewidth]{assets/compatibility.png}
+		\end{center}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Further plans for Garage}
+	\begin{center}
+		\only<1>{\includegraphics[width=.8\linewidth]{assets/slideB1.png}}%
+		\only<2>{\includegraphics[width=.8\linewidth]{assets/slideB2.png}}%
+		\only<3>{\includegraphics[width=.8\linewidth]{assets/slideB3.png}}%
+	\end{center}
+\end{frame}
+
+\begin{frame}
+	\frametitle{K2V Design}
+	\begin{itemize}
+		\item A new, custom, minimal API
+			\vspace{1em}
+		\item<2-> Exposes the partitoning mechanism of Garage\\
+			K2V = partition key / sort key / value (like Dynamo)
+			\vspace{1em}
+		\item<3-> Coordination-free, CRDT-friendly (inspired by Riak)\\
+			\vspace{1em}
+		\item<4-> Cryptography-friendly: values are binary blobs
+	\end{itemize}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Application: an e-mail storage server}
+	\begin{center}
+		\only<1>{\includegraphics[width=.9\linewidth]{assets/aerogramme.png}}%
+	\end{center}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Aerogramme data model}
+	\begin{center}
+		\only<1>{\includegraphics[width=.4\linewidth]{assets/aerogramme_datatype.drawio.pdf}}%
+		\only<2->{\includegraphics[width=.9\linewidth]{assets/aerogramme_keys.drawio.pdf}\vspace{1em}}%
+	\end{center}
+	\visible<3->{Aerogramme encrypts all stored values for privacy\\
+	(Garage server administrators can't read your mail)}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Different deployment scenarios}
+	\begin{center}
+		\only<1>{\includegraphics[width=.9\linewidth]{assets/aerogramme_components1.drawio.pdf}}%
+		\only<2>{\includegraphics[width=.9\linewidth]{assets/aerogramme_components2.drawio.pdf}}%
+	\end{center}
+\end{frame}
+
+\begin{frame}
+	\frametitle{A new model for building resilient software}
+	\begin{itemize}
+		\item Design a data model suited to K2V\\
+			{\footnotesize (see Cassandra docs on porting SQL data models to Cassandra)}
+			\vspace{1em}
+			\begin{itemize}
+				\item Use CRDTs or other eventually consistent data types (see e.g. Bayou)
+					\vspace{1em}
+				\item Store opaque binary blobs to provide End-to-End Encryption\\
+			\end{itemize}
+			\vspace{1em}
+		\item Store big blobs (files) in S3
+			\vspace{1em}
+		\item Let Garage manage sharding, replication, failover, etc.
+	\end{itemize}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Research perspectives}
+	\begin{itemize}
+		\item Write about Garage's global architecture \emph{(paper in progress)}
+			\vspace{1em}
+		\item Measure and improve Garage's performances
+			\vspace{1em}
+		\item Discuss the optimal layout algorithm, provide proofs
+			\vspace{1em}
+		\item Write about our proposed architecture for (E2EE) apps over K2V+S3
+	\end{itemize}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Where to find us}
+	\begin{center}
+			\includegraphics[width=.25\linewidth]{../../logo/garage_hires.png}\\
+			\vspace{-1em}
+		\url{https://garagehq.deuxfleurs.fr/}\\
+		\url{mailto:garagehq@deuxfleurs.fr}\\
+		\texttt{\#garage:deuxfleurs.fr} on Matrix
+
+		\vspace{1.5em}
+			\includegraphics[width=.06\linewidth]{assets/rust_logo.png}
+			\includegraphics[width=.13\linewidth]{assets/AGPLv3_Logo.png}
+	\end{center}
+\end{frame}
+
+\end{document}
+
+%% vim: set ts=4 sw=4 tw=0 noet spelllang=en :

nix/common.nix

@@ -4,18 +4,16 @@ rec {
    */
   pkgsSrc = fetchTarball {
     # As of 2021-10-04
-    url ="https://github.com/NixOS/nixpkgs/archive/b27d18a412b071f5d7991d1648cfe78ee7afe68a.tar.gz";
+    url = "https://github.com/NixOS/nixpkgs/archive/b27d18a412b071f5d7991d1648cfe78ee7afe68a.tar.gz";
     sha256 = "1xy9zpypqfxs5gcq5dcla4bfkhxmh5nzn9dyqkr03lqycm9wg5cr";
   };
   cargo2nixSrc = fetchGit {
-    # As of 2022-03-17
-    url = "https://github.com/superboum/cargo2nix";
-    ref = "main";
-    rev = "bcbf3ba99e9e01a61eb83a24624419c2dd9dec64";
+    # As of 2022-08-29, stacking two patches: superboum@dedup_propagate and Alexis211@fix_fetchcrategit
+    url = "https://github.com/Alexis211/cargo2nix";
+    ref = "fix_fetchcrategit";
+    rev = "4b31c0cc05b6394916d46e9289f51263d81973b9";
   };
 
-
-
   /*
    * Shared objects
    */

nix/compile.nix

@@ -0,0 +1,244 @@
+{
+  system ? builtins.currentSystem,
+  target ? null,
+  compiler ? "rustc",
+  release ? false,
+  git_version ? null,
+}:
+
+with import ./common.nix;
+
+let
+  log = v: builtins.trace v v;
+
+  pkgs = import pkgsSrc {
+    inherit system; 
+    ${ if target == null then null else "crossSystem" } = { config = target; };
+    overlays = [ cargo2nixOverlay ];
+  };
+
+  /*
+   Rust and Nix triples are not the same. Cargo2nix has a dedicated library
+   to convert Nix triples to Rust ones. We need this conversion as we want to
+   set later options linked to our (rust) target in a generic way. Not only
+   the triple terminology is different, but also the "roles" are named differently.
+   Nix uses a build/host/target terminology where Nix's "host" maps to Cargo's "target".
+  */
+  rustTarget = log (pkgs.rustBuilder.rustLib.rustTriple pkgs.stdenv.hostPlatform);
+
+  /*
+   Cargo2nix is built for rustOverlay which installs Rust from Mozilla releases.
+   We want our own Rust to avoid incompatibilities, like we had with musl 1.2.0.
+   rustc was built with musl < 1.2.0 and nix shipped musl >= 1.2.0 which lead to compilation breakage.
+   So we want a Rust release that is bound to our Nix repository to avoid these problems.
+   See here for more info: https://musl.libc.org/time64.html
+   Because Cargo2nix does not support the Rust environment shipped by NixOS,
+   we emulate the structure of the Rust object created by rustOverlay.
+   In practise, rustOverlay ships rustc+cargo in a single derivation while
+   NixOS ships them in separate ones. We reunite them with symlinkJoin.
+   */
+  rustChannel = {
+    rustc = pkgs.symlinkJoin {
+      name = "rust-channel";
+      paths = [ 
+        pkgs.rustPlatform.rust.cargo
+        pkgs.rustPlatform.rust.rustc
+      ];
+    };
+    clippy = pkgs.symlinkJoin {
+      name = "clippy-channel";
+      paths = [ 
+        pkgs.rustPlatform.rust.cargo
+        pkgs.rustPlatform.rust.rustc
+        pkgs.clippy
+      ];
+    };
+  }.${compiler};
+
+  clippyBuilder = pkgs.writeScriptBin "clippy" ''
+    #!${pkgs.stdenv.shell}
+    . ${cargo2nixSrc + "/overlay/utils.sh"}
+    isBuildScript=
+    args=("$@")
+    for i in "''${!args[@]}"; do
+      if [ "xmetadata=" = "x''${args[$i]::9}" ]; then
+        args[$i]=metadata=$NIX_RUST_METADATA
+      elif [ "x--crate-name" = "x''${args[$i]}" ] && [ "xbuild_script_" = "x''${args[$i+1]::13}" ]; then
+        isBuildScript=1
+      fi
+    done
+    if [ "$isBuildScript" ]; then
+      args+=($NIX_RUST_BUILD_LINK_FLAGS)
+    else
+      args+=($NIX_RUST_LINK_FLAGS)
+    fi
+    touch invoke.log
+    echo "''${args[@]}" >>invoke.log
+
+    exec ${rustChannel}/bin/clippy-driver --deny warnings "''${args[@]}"
+  '';
+
+  buildEnv = (drv: {
+    rustc = drv.setBuildEnv;
+    clippy = ''
+      ${drv.setBuildEnv or "" }
+      echo
+      echo --- BUILDING WITH CLIPPY ---
+      echo 
+
+      export RUSTC=${clippyBuilder}/bin/clippy
+    '';
+  }.${compiler});
+
+  /*
+   Cargo2nix provides many overrides by default, you can take inspiration from them:
+   https://github.com/cargo2nix/cargo2nix/blob/master/overlay/overrides.nix
+
+   You can have a complete list of the available options by looking at the overriden object, mkcrate:
+   https://github.com/cargo2nix/cargo2nix/blob/master/overlay/mkcrate.nix
+  */
+  overrides = pkgs.rustBuilder.overrides.all ++ [
+    /*
+     [1] We add some logic to compile our crates with clippy, it provides us many additional lints
+
+     [2] We need to alter Nix hardening to make static binaries: PIE,
+     Position Independent Executables seems to be supported only on amd64. Having
+     this flag set either 1. make our executables crash or 2. compile as dynamic on some platforms.
+     Here, we deactivate it. Later (find `codegenOpts`), we reactivate it for supported targets
+     (only amd64 curently) through the `-static-pie` flag.
+     PIE is a feature used by ASLR, which helps mitigate security issues.
+     Learn more about Nix Hardening at: https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/cc-wrapper/add-hardening.sh
+
+     [3] We want to inject the git version while keeping the build deterministic.
+     As we do not want to consider the .git folder as part of the input source,
+     we ask the user (the CI often) to pass the value to Nix.
+
+     [4] We ship some parts of the code disabled by default by putting them behind a flag.
+     It speeds up the compilation (when the feature is not required) and released crates have less dependency by default (less attack surface, disk space, etc.).
+     But we want to ship these additional features when we release Garage.
+     In the end, we chose to exclude all features from debug builds while putting (all of) them in the release builds.
+
+     [5] We don't want libsodium-sys and zstd-sys to try to use pkgconfig to build against a system library.
+     However the features to do so get activated for some reason (due to a bug in cargo2nix?),
+     so disable them manually here.
+    */
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "garage";
+      overrideAttrs = drv:
+        (if git_version != null then {
+          /* [3] */ preConfigure = ''
+            ${drv.preConfigure or ""}
+            export GIT_VERSION="${git_version}"
+          '';
+        } else {})
+        //
+      {
+        /* [1] */ setBuildEnv = (buildEnv drv);
+        /* [2] */ hardeningDisable = [ "pie" ];
+      };
+      overrideArgs = old: {
+        /* [4] */ features = [ "bundled-libs" "sled" ]
+          ++ (if release then [ "kubernetes-discovery" "telemetry-otlp" "metrics" "lmdb" "sqlite" ] else []);
+      };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "garage_rpc";
+      overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "garage_db";
+      overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "garage_util";
+      overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "garage_table";
+      overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "garage_block";
+      overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "garage_model";
+      overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "garage_api";
+      overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "garage_web";
+      overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "k2v-client";
+      overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "libsodium-sys";
+      overrideArgs = old: {
+        features = [ ]; /* [5] */
+      };
+    })
+
+    (pkgs.rustBuilder.rustLib.makeOverride {
+      name = "zstd-sys";
+      overrideArgs = old: {
+        features = [ ]; /* [5] */
+      };
+    })
+  ];
+
+  packageFun = import ../Cargo.nix;
+
+  /*
+    We compile fully static binaries with musl to simplify deployment on most systems.
+    When possible, we reactivate PIE hardening (see above).
+
+    Also, if you set the RUSTFLAGS environment variable, the following parameters will
+    be ignored.
+
+    For more information on static builds, please refer to Rust's RFC 1721.
+    https://rust-lang.github.io/rfcs/1721-crt-static.html#specifying-dynamicstatic-c-runtime-linkage
+  */
+
+  codegenOpts = {
+   "armv6l-unknown-linux-musleabihf" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* compile as dynamic with static-pie */
+   "aarch64-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* segfault with static-pie */
+   "i686-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* segfault with static-pie */
+   "x86_64-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static-pie" ];
+  };
+
+in
+  /*
+   The following definition is not elegant as we use a low level function of Cargo2nix
+   that enables us to pass our custom rustChannel object. We need this low level definition
+   to pass Nix's Rust toolchains instead of Mozilla's one.
+
+   target is mandatory but must be kept to null to allow cargo2nix to set it to the appropriate value
+   for each crate.
+  */ 
+  pkgs.rustBuilder.makePackageSet {
+    inherit packageFun rustChannel release codegenOpts;
+    packageOverrides = overrides;
+    target = null;
+
+    buildRustPackages = pkgs.buildPackages.rustBuilder.makePackageSet {
+      inherit rustChannel packageFun codegenOpts;
+      packageOverrides = overrides;
+      target = null;
+    };
+  }

nix/nix.conf

@@ -1,4 +1,9 @@
 substituters = https://cache.nixos.org https://nix.web.deuxfleurs.fr
 trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix.web.deuxfleurs.fr:eTGL6kvaQn6cDR/F9lDYUIP9nCVR/kkshYfLDJf1yKs=
 max-jobs = auto
-cores = 4
+cores = 0
+log-lines = 200
+filter-syscalls = false
+sandbox = false
+keep-outputs = true
+keep-derivations = true

script/dev-cluster.sh

@@ -11,7 +11,7 @@ PATH="${GARAGE_DEBUG}:${GARAGE_RELEASE}:${NIX_RELEASE}:$PATH"
 FANCYCOLORS=("41m" "42m" "44m" "45m" "100m" "104m")
 
 export RUST_BACKTRACE=1 
-export RUST_LOG=garage=info,garage_api=debug
+export RUST_LOG=garage=info,garage_api=debug,netapp=trace
 MAIN_LABEL="\e[${FANCYCOLORS[0]}[main]\e[49m"
 
 WHICH_GARAGE=$(which garage || exit 1)

script/not-dynamic.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+set -e
+
+if [ "$#" -ne 1 ]; then
+    echo "[fail] usage: $0 binary"
+    exit 2
+fi
+
+if file $1 | grep 'dynamically linked' 2>&1; then
+    echo "[fail] $1 is dynamic"
+    exit 1
+fi
+echo "[ok] $1 is probably static"

shell.nix

@@ -1,8 +1,5 @@
 {
   system ? builtins.currentSystem,
-  rust ? true,
-  integration ? true,
-  release ? true,
 }:
 
 with import ./nix/common.nix;
@@ -16,9 +13,59 @@ let
   winscp = (import ./nix/winscp.nix) pkgs;
 
 in
+  {
 
-pkgs.mkShell {
-  shellHook = ''
+    /* --- Rust Shell ---
+     * Use it to compile Garage
+     */
+    rust = pkgs.mkShell {
+      shellHook = ''
+function refresh_toolchain {
+  nix copy \
+    --to 's3://nix?endpoint=garage.deuxfleurs.fr&region=garage&secret-key=/etc/nix/signing-key.sec' \
+    $(nix-store -qR \
+      $(nix-build --quiet --no-build-output --no-out-link nix/toolchain.nix))
+}
+      '';
+
+      nativeBuildInputs = [
+        #pkgs.rustPlatform.rust.rustc
+        pkgs.rustPlatform.rust.cargo
+        #pkgs.clippy
+        pkgs.rustfmt
+        #pkgs.perl
+        #pkgs.protobuf
+        #pkgs.pkg-config
+        #pkgs.openssl
+        pkgs.file
+        #cargo2nix.packages.x86_64-linux.cargo2nix
+      ];
+    };
+
+    /* --- Integration shell ---
+     * Use it to test Garage with common S3 clients
+     */
+    integration = pkgs.mkShell {
+      nativeBuildInputs = [
+        winscp
+        pkgs.s3cmd
+        pkgs.awscli2
+        pkgs.minio-client
+        pkgs.rclone
+        pkgs.socat
+        pkgs.psmisc
+        pkgs.which
+        pkgs.openssl
+        pkgs.curl
+        pkgs.jq
+      ];
+    };
+
+    /* --- Release shell ---
+     * A shell built to make releasing easier
+     */
+    release = pkgs.mkShell {
+      shellHook = ''
 function to_s3 {
   aws \
       --endpoint-url https://garage.deuxfleurs.fr \
@@ -62,43 +109,12 @@ function refresh_index {
       result/share/_releases.html \
       s3://garagehq.deuxfleurs.fr/
 }
+        '';
+      nativeBuildInputs = [
+        pkgs.awscli2
+        kaniko 
+      ];
+    };
+  }
 
-function refresh_toolchain {
-  nix copy \
-    --to 's3://nix?endpoint=garage.deuxfleurs.fr&region=garage&secret-key=/etc/nix/signing-key.sec' \
-    $(nix-store -qR \
-      $(nix-build --quiet --no-build-output --no-out-link nix/toolchain.nix))
-}
-  '';
 
-  nativeBuildInputs = 
-   (if rust then [
-     pkgs.rustPlatform.rust.rustc
-     pkgs.rustPlatform.rust.cargo
-     pkgs.clippy
-     pkgs.rustfmt
-     pkgs.perl
-     pkgs.protobuf
-     cargo2nix.packages.x86_64-linux.cargo2nix
-    ] else [])
-   ++
-   (if integration then [
-     winscp
-     pkgs.s3cmd
-     pkgs.awscli2
-     pkgs.minio-client
-     pkgs.rclone
-     pkgs.socat
-     pkgs.psmisc
-     pkgs.which
-     pkgs.openssl
-     pkgs.curl
-     pkgs.jq
-    ] else [])
-   ++
-   (if release then [ 
-     pkgs.awscli2
-     kaniko 
-    ] else [])
-   ;
-}

src/admin/Cargo.toml

@@ -1,29 +0,0 @@
-[package]
-name = "garage_admin"
-version = "0.7.0"
-authors = ["Maximilien Richer <code@mricher.fr>"]
-edition = "2018"
-license = "AGPL-3.0"
-description = "Administration and metrics REST HTTP server for Garage"
-repository = "https://git.deuxfleurs.fr/Deuxfleurs/garage"
-
-[lib]
-path = "lib.rs"
-
-# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
-
-[dependencies]
-garage_util = { version = "0.7.0", path = "../util" }
-
-hex = "0.4"
-
-futures = "0.3"
-futures-util = "0.3"
-http = "0.2"
-hyper = "0.14"
-tracing = "0.1.30"
-
-opentelemetry = { version = "0.17", features = [ "rt-tokio" ] }
-opentelemetry-prometheus = "0.10"
-opentelemetry-otlp = "0.10"
-prometheus = "0.13"

src/admin/lib.rs

@@ -1,6 +0,0 @@
-//! Crate for handling the admin and metric HTTP APIs
-#[macro_use]
-extern crate tracing;
-
-pub mod metrics;
-pub mod tracing_setup;

src/admin/metrics.rs

@@ -1,146 +0,0 @@
-use std::convert::Infallible;
-use std::net::SocketAddr;
-use std::sync::Arc;
-use std::time::SystemTime;
-
-use futures::future::*;
-use hyper::{
-	header::CONTENT_TYPE,
-	service::{make_service_fn, service_fn},
-	Body, Method, Request, Response, Server,
-};
-
-use opentelemetry::{
-	global,
-	metrics::{BoundCounter, BoundValueRecorder},
-	trace::{FutureExt, TraceContextExt, Tracer},
-	Context,
-};
-use opentelemetry_prometheus::PrometheusExporter;
-
-use prometheus::{Encoder, TextEncoder};
-
-use garage_util::error::Error as GarageError;
-use garage_util::metrics::*;
-
-// serve_req on metric endpoint
-async fn serve_req(
-	req: Request<Body>,
-	admin_server: Arc<AdminServer>,
-) -> Result<Response<Body>, hyper::Error> {
-	debug!("Receiving request at path {}", req.uri());
-	let request_start = SystemTime::now();
-
-	admin_server.metrics.http_counter.add(1);
-
-	let response = match (req.method(), req.uri().path()) {
-		(&Method::GET, "/metrics") => {
-			let mut buffer = vec![];
-			let encoder = TextEncoder::new();
-
-			let tracer = opentelemetry::global::tracer("garage");
-			let metric_families = tracer.in_span("admin/gather_metrics", |_| {
-				admin_server.exporter.registry().gather()
-			});
-
-			encoder.encode(&metric_families, &mut buffer).unwrap();
-			admin_server
-				.metrics
-				.http_body_gauge
-				.record(buffer.len() as u64);
-
-			Response::builder()
-				.status(200)
-				.header(CONTENT_TYPE, encoder.format_type())
-				.body(Body::from(buffer))
-				.unwrap()
-		}
-		_ => Response::builder()
-			.status(404)
-			.body(Body::from("Not implemented"))
-			.unwrap(),
-	};
-
-	admin_server
-		.metrics
-		.http_req_histogram
-		.record(request_start.elapsed().map_or(0.0, |d| d.as_secs_f64()));
-	Ok(response)
-}
-
-// AdminServer hold the admin server internal admin_server and the metric exporter
-pub struct AdminServer {
-	exporter: PrometheusExporter,
-	metrics: AdminServerMetrics,
-}
-
-// GarageMetricadmin_server holds the metrics counter definition for Garage
-// FIXME: we would rather have that split up among the different libraries?
-struct AdminServerMetrics {
-	http_counter: BoundCounter<u64>,
-	http_body_gauge: BoundValueRecorder<u64>,
-	http_req_histogram: BoundValueRecorder<f64>,
-}
-
-impl AdminServer {
-	/// init initilialize the AdminServer and background metric server
-	pub fn init() -> AdminServer {
-		let exporter = opentelemetry_prometheus::exporter().init();
-		let meter = global::meter("garage/admin_server");
-		AdminServer {
-			exporter,
-			metrics: AdminServerMetrics {
-				http_counter: meter
-					.u64_counter("admin.http_requests_total")
-					.with_description("Total number of HTTP requests made.")
-					.init()
-					.bind(&[]),
-				http_body_gauge: meter
-					.u64_value_recorder("admin.http_response_size_bytes")
-					.with_description("The metrics HTTP response sizes in bytes.")
-					.init()
-					.bind(&[]),
-				http_req_histogram: meter
-					.f64_value_recorder("admin.http_request_duration_seconds")
-					.with_description("The HTTP request latencies in seconds.")
-					.init()
-					.bind(&[]),
-			},
-		}
-	}
-	/// run execute the admin server on the designated HTTP port and listen for requests
-	pub async fn run(
-		self,
-		bind_addr: SocketAddr,
-		shutdown_signal: impl Future<Output = ()>,
-	) -> Result<(), GarageError> {
-		let admin_server = Arc::new(self);
-		// For every connection, we must make a `Service` to handle all
-		// incoming HTTP requests on said connection.
-		let make_svc = make_service_fn(move |_conn| {
-			let admin_server = admin_server.clone();
-			// This is the `Service` that will handle the connection.
-			// `service_fn` is a helper to convert a function that
-			// returns a Response into a `Service`.
-			async move {
-				Ok::<_, Infallible>(service_fn(move |req| {
-					let tracer = opentelemetry::global::tracer("garage");
-					let span = tracer
-						.span_builder("admin/request")
-						.with_trace_id(gen_trace_id())
-						.start(&tracer);
-
-					serve_req(req, admin_server.clone())
-						.with_context(Context::current_with_span(span))
-				}))
-			}
-		});
-
-		let server = Server::bind(&bind_addr).serve(make_svc);
-		let graceful = server.with_graceful_shutdown(shutdown_signal);
-		info!("Admin server listening on http://{}", bind_addr);
-
-		graceful.await?;
-		Ok(())
-	}
-}

src/api/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "garage_api"
-version = "0.7.0"
+version = "0.8.0"
 authors = ["Alex Auvolat <alex@adnab.me>"]
 edition = "2018"
 license = "AGPL-3.0"
@@ -14,25 +14,25 @@ path = "lib.rs"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-garage_model = { version = "0.7.0", path = "../model" }
-garage_table = { version = "0.7.0", path = "../table" }
-garage_block = { version = "0.7.0", path = "../block" }
-garage_util = { version = "0.7.0", path = "../util" }
-garage_rpc = { version = "0.7.0", path = "../rpc" }
+garage_model = { version = "0.8.0", path = "../model" }
+garage_table = { version = "0.8.0", path = "../table" }
+garage_block = { version = "0.8.0", path = "../block" }
+garage_util = { version = "0.8.0", path = "../util" }
+garage_rpc = { version = "0.8.0", path = "../rpc" }
 
 async-trait = "0.1.7"
 base64 = "0.13"
 bytes = "1.0"
 chrono = "0.4"
-crypto-mac = "0.10"
+crypto-common = "0.1"
 err-derive = "0.3"
 hex = "0.4"
-hmac = "0.10"
+hmac = "0.12"
 idna = "0.2"
 tracing = "0.1.30"
-md-5 = "0.9"
+md-5 = "0.10"
 nom = "7.1"
-sha2 = "0.9"
+sha2 = "0.10"
 
 futures = "0.3"
 futures-util = "0.3"
@@ -54,6 +54,9 @@ quick-xml = { version = "0.21", features = [ "serialize" ] }
 url = "2.1"
 
 opentelemetry = "0.17"
+opentelemetry-prometheus = { version = "0.10", optional = true }
+prometheus = { version = "0.13", optional = true }
 
 [features]
 k2v = [ "garage_util/k2v", "garage_model/k2v" ]
+metrics = [ "opentelemetry-prometheus", "prometheus" ]

src/api/admin/api_server.rs

@@ -0,0 +1,206 @@
+use std::net::SocketAddr;
+use std::sync::Arc;
+
+use async_trait::async_trait;
+
+use futures::future::Future;
+use http::header::{ACCESS_CONTROL_ALLOW_METHODS, ACCESS_CONTROL_ALLOW_ORIGIN, ALLOW};
+use hyper::{Body, Request, Response};
+
+use opentelemetry::trace::SpanRef;
+
+#[cfg(feature = "metrics")]
+use opentelemetry_prometheus::PrometheusExporter;
+#[cfg(feature = "metrics")]
+use prometheus::{Encoder, TextEncoder};
+
+use garage_model::garage::Garage;
+use garage_util::error::Error as GarageError;
+
+use crate::generic_server::*;
+
+use crate::admin::bucket::*;
+use crate::admin::cluster::*;
+use crate::admin::error::*;
+use crate::admin::key::*;
+use crate::admin::router::{Authorization, Endpoint};
+
+pub struct AdminApiServer {
+	garage: Arc<Garage>,
+	#[cfg(feature = "metrics")]
+	exporter: PrometheusExporter,
+	metrics_token: Option<String>,
+	admin_token: Option<String>,
+}
+
+impl AdminApiServer {
+	pub fn new(garage: Arc<Garage>) -> Self {
+		let cfg = &garage.config.admin;
+		let metrics_token = cfg
+			.metrics_token
+			.as_ref()
+			.map(|tok| format!("Bearer {}", tok));
+		let admin_token = cfg
+			.admin_token
+			.as_ref()
+			.map(|tok| format!("Bearer {}", tok));
+		Self {
+			garage,
+			#[cfg(feature = "metrics")]
+			exporter: opentelemetry_prometheus::exporter().init(),
+			metrics_token,
+			admin_token,
+		}
+	}
+
+	pub async fn run(
+		self,
+		bind_addr: SocketAddr,
+		shutdown_signal: impl Future<Output = ()>,
+	) -> Result<(), GarageError> {
+		let region = self.garage.config.s3_api.s3_region.clone();
+		ApiServer::new(region, self)
+			.run_server(bind_addr, shutdown_signal)
+			.await
+	}
+
+	fn handle_options(&self, _req: &Request<Body>) -> Result<Response<Body>, Error> {
+		Ok(Response::builder()
+			.status(204)
+			.header(ALLOW, "OPTIONS, GET, POST")
+			.header(ACCESS_CONTROL_ALLOW_METHODS, "OPTIONS, GET, POST")
+			.header(ACCESS_CONTROL_ALLOW_ORIGIN, "*")
+			.body(Body::empty())?)
+	}
+
+	fn handle_metrics(&self) -> Result<Response<Body>, Error> {
+		#[cfg(feature = "metrics")]
+		{
+			use opentelemetry::trace::Tracer;
+
+			let mut buffer = vec![];
+			let encoder = TextEncoder::new();
+
+			let tracer = opentelemetry::global::tracer("garage");
+			let metric_families = tracer.in_span("admin/gather_metrics", |_| {
+				self.exporter.registry().gather()
+			});
+
+			encoder
+				.encode(&metric_families, &mut buffer)
+				.ok_or_internal_error("Could not serialize metrics")?;
+
+			Ok(Response::builder()
+				.status(200)
+				.header(http::header::CONTENT_TYPE, encoder.format_type())
+				.body(Body::from(buffer))?)
+		}
+		#[cfg(not(feature = "metrics"))]
+		Err(Error::bad_request(
+			"Garage was built without the metrics feature".to_string(),
+		))
+	}
+}
+
+#[async_trait]
+impl ApiHandler for AdminApiServer {
+	const API_NAME: &'static str = "admin";
+	const API_NAME_DISPLAY: &'static str = "Admin";
+
+	type Endpoint = Endpoint;
+	type Error = Error;
+
+	fn parse_endpoint(&self, req: &Request<Body>) -> Result<Endpoint, Error> {
+		Endpoint::from_request(req)
+	}
+
+	async fn handle(
+		&self,
+		req: Request<Body>,
+		endpoint: Endpoint,
+	) -> Result<Response<Body>, Error> {
+		let expected_auth_header =
+			match endpoint.authorization_type() {
+				Authorization::MetricsToken => self.metrics_token.as_ref(),
+				Authorization::AdminToken => match &self.admin_token {
+					None => return Err(Error::forbidden(
+						"Admin token isn't configured, admin API access is disabled for security.",
+					)),
+					Some(t) => Some(t),
+				},
+			};
+
+		if let Some(h) = expected_auth_header {
+			match req.headers().get("Authorization") {
+				None => return Err(Error::forbidden("Authorization token must be provided")),
+				Some(v) => {
+					let authorized = v.to_str().map(|hv| hv.trim() == h).unwrap_or(false);
+					if !authorized {
+						return Err(Error::forbidden("Invalid authorization token provided"));
+					}
+				}
+			}
+		}
+
+		match endpoint {
+			Endpoint::Options => self.handle_options(&req),
+			Endpoint::Metrics => self.handle_metrics(),
+			Endpoint::GetClusterStatus => handle_get_cluster_status(&self.garage).await,
+			Endpoint::ConnectClusterNodes => handle_connect_cluster_nodes(&self.garage, req).await,
+			// Layout
+			Endpoint::GetClusterLayout => handle_get_cluster_layout(&self.garage).await,
+			Endpoint::UpdateClusterLayout => handle_update_cluster_layout(&self.garage, req).await,
+			Endpoint::ApplyClusterLayout => handle_apply_cluster_layout(&self.garage, req).await,
+			Endpoint::RevertClusterLayout => handle_revert_cluster_layout(&self.garage, req).await,
+			// Keys
+			Endpoint::ListKeys => handle_list_keys(&self.garage).await,
+			Endpoint::GetKeyInfo { id, search } => {
+				handle_get_key_info(&self.garage, id, search).await
+			}
+			Endpoint::CreateKey => handle_create_key(&self.garage, req).await,
+			Endpoint::ImportKey => handle_import_key(&self.garage, req).await,
+			Endpoint::UpdateKey { id } => handle_update_key(&self.garage, id, req).await,
+			Endpoint::DeleteKey { id } => handle_delete_key(&self.garage, id).await,
+			// Buckets
+			Endpoint::ListBuckets => handle_list_buckets(&self.garage).await,
+			Endpoint::GetBucketInfo { id, global_alias } => {
+				handle_get_bucket_info(&self.garage, id, global_alias).await
+			}
+			Endpoint::CreateBucket => handle_create_bucket(&self.garage, req).await,
+			Endpoint::DeleteBucket { id } => handle_delete_bucket(&self.garage, id).await,
+			Endpoint::UpdateBucket { id } => handle_update_bucket(&self.garage, id, req).await,
+			// Bucket-key permissions
+			Endpoint::BucketAllowKey => {
+				handle_bucket_change_key_perm(&self.garage, req, true).await
+			}
+			Endpoint::BucketDenyKey => {
+				handle_bucket_change_key_perm(&self.garage, req, false).await
+			}
+			// Bucket aliasing
+			Endpoint::GlobalAliasBucket { id, alias } => {
+				handle_global_alias_bucket(&self.garage, id, alias).await
+			}
+			Endpoint::GlobalUnaliasBucket { id, alias } => {
+				handle_global_unalias_bucket(&self.garage, id, alias).await
+			}
+			Endpoint::LocalAliasBucket {
+				id,
+				access_key_id,
+				alias,
+			} => handle_local_alias_bucket(&self.garage, id, access_key_id, alias).await,
+			Endpoint::LocalUnaliasBucket {
+				id,
+				access_key_id,
+				alias,
+			} => handle_local_unalias_bucket(&self.garage, id, access_key_id, alias).await,
+		}
+	}
+}
+
+impl ApiEndpoint for Endpoint {
+	fn name(&self) -> &'static str {
+		Endpoint::name(self)
+	}
+
+	fn add_span_attributes(&self, _span: SpanRef<'_>) {}
+}

src/api/admin/bucket.rs

@@ -0,0 +1,580 @@
+use std::collections::HashMap;
+use std::sync::Arc;
+
+use hyper::{Body, Request, Response, StatusCode};
+use serde::{Deserialize, Serialize};
+
+use garage_util::crdt::*;
+use garage_util::data::*;
+use garage_util::time::*;
+
+use garage_table::*;
+
+use garage_model::bucket_alias_table::*;
+use garage_model::bucket_table::*;
+use garage_model::garage::Garage;
+use garage_model::permission::*;
+use garage_model::s3::object_table::*;
+
+use crate::admin::error::*;
+use crate::admin::key::ApiBucketKeyPerm;
+use crate::common_error::CommonError;
+use crate::helpers::{json_ok_response, parse_json_body};
+
+pub async fn handle_list_buckets(garage: &Arc<Garage>) -> Result<Response<Body>, Error> {
+	let buckets = garage
+		.bucket_table
+		.get_range(
+			&EmptyKey,
+			None,
+			Some(DeletedFilter::NotDeleted),
+			10000,
+			EnumerationOrder::Forward,
+		)
+		.await?;
+
+	let res = buckets
+		.into_iter()
+		.map(|b| {
+			let state = b.state.as_option().unwrap();
+			ListBucketResultItem {
+				id: hex::encode(b.id),
+				global_aliases: state
+					.aliases
+					.items()
+					.iter()
+					.filter(|(_, _, a)| *a)
+					.map(|(n, _, _)| n.to_string())
+					.collect::<Vec<_>>(),
+				local_aliases: state
+					.local_aliases
+					.items()
+					.iter()
+					.filter(|(_, _, a)| *a)
+					.map(|((k, n), _, _)| BucketLocalAlias {
+						access_key_id: k.to_string(),
+						alias: n.to_string(),
+					})
+					.collect::<Vec<_>>(),
+			}
+		})
+		.collect::<Vec<_>>();
+
+	Ok(json_ok_response(&res)?)
+}
+
+#[derive(Serialize)]
+#[serde(rename_all = "camelCase")]
+struct ListBucketResultItem {
+	id: String,
+	global_aliases: Vec<String>,
+	local_aliases: Vec<BucketLocalAlias>,
+}
+
+#[derive(Serialize)]
+#[serde(rename_all = "camelCase")]
+struct BucketLocalAlias {
+	access_key_id: String,
+	alias: String,
+}
+
+#[derive(Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct ApiBucketQuotas {
+	max_size: Option<u64>,
+	max_objects: Option<u64>,
+}
+
+pub async fn handle_get_bucket_info(
+	garage: &Arc<Garage>,
+	id: Option<String>,
+	global_alias: Option<String>,
+) -> Result<Response<Body>, Error> {
+	let bucket_id = match (id, global_alias) {
+		(Some(id), None) => parse_bucket_id(&id)?,
+		(None, Some(ga)) => garage
+			.bucket_helper()
+			.resolve_global_bucket_name(&ga)
+			.await?
+			.ok_or_else(|| HelperError::NoSuchBucket(ga.to_string()))?,
+		_ => {
+			return Err(Error::bad_request(
+				"Either id or globalAlias must be provided (but not both)",
+			));
+		}
+	};
+
+	bucket_info_results(garage, bucket_id).await
+}
+
+async fn bucket_info_results(
+	garage: &Arc<Garage>,
+	bucket_id: Uuid,
+) -> Result<Response<Body>, Error> {
+	let bucket = garage
+		.bucket_helper()
+		.get_existing_bucket(bucket_id)
+		.await?;
+
+	let counters = garage
+		.object_counter_table
+		.table
+		.get(&bucket_id, &EmptyKey)
+		.await?
+		.map(|x| x.filtered_values(&garage.system.ring.borrow()))
+		.unwrap_or_default();
+
+	let mut relevant_keys = HashMap::new();
+	for (k, _) in bucket
+		.state
+		.as_option()
+		.unwrap()
+		.authorized_keys
+		.items()
+		.iter()
+	{
+		if let Some(key) = garage
+			.key_table
+			.get(&EmptyKey, k)
+			.await?
+			.filter(|k| !k.is_deleted())
+		{
+			if !key.state.is_deleted() {
+				relevant_keys.insert(k.clone(), key);
+			}
+		}
+	}
+	for ((k, _), _, _) in bucket
+		.state
+		.as_option()
+		.unwrap()
+		.local_aliases
+		.items()
+		.iter()
+	{
+		if relevant_keys.contains_key(k) {
+			continue;
+		}
+		if let Some(key) = garage.key_table.get(&EmptyKey, k).await? {
+			if !key.state.is_deleted() {
+				relevant_keys.insert(k.clone(), key);
+			}
+		}
+	}
+
+	let state = bucket.state.as_option().unwrap();
+
+	let quotas = state.quotas.get();
+	let res =
+		GetBucketInfoResult {
+			id: hex::encode(&bucket.id),
+			global_aliases: state
+				.aliases
+				.items()
+				.iter()
+				.filter(|(_, _, a)| *a)
+				.map(|(n, _, _)| n.to_string())
+				.collect::<Vec<_>>(),
+			website_access: state.website_config.get().is_some(),
+			website_config: state.website_config.get().clone().map(|wsc| {
+				GetBucketInfoWebsiteResult {
+					index_document: wsc.index_document,
+					error_document: wsc.error_document,
+				}
+			}),
+			keys: relevant_keys
+				.into_iter()
+				.map(|(_, key)| {
+					let p = key.state.as_option().unwrap();
+					GetBucketInfoKey {
+						access_key_id: key.key_id,
+						name: p.name.get().to_string(),
+						permissions: p
+							.authorized_buckets
+							.get(&bucket.id)
+							.map(|p| ApiBucketKeyPerm {
+								read: p.allow_read,
+								write: p.allow_write,
+								owner: p.allow_owner,
+							})
+							.unwrap_or_default(),
+						bucket_local_aliases: p
+							.local_aliases
+							.items()
+							.iter()
+							.filter(|(_, _, b)| *b == Some(bucket.id))
+							.map(|(n, _, _)| n.to_string())
+							.collect::<Vec<_>>(),
+					}
+				})
+				.collect::<Vec<_>>(),
+			objects: counters.get(OBJECTS).cloned().unwrap_or_default(),
+			bytes: counters.get(BYTES).cloned().unwrap_or_default(),
+			unfinshed_uploads: counters
+				.get(UNFINISHED_UPLOADS)
+				.cloned()
+				.unwrap_or_default(),
+			quotas: ApiBucketQuotas {
+				max_size: quotas.max_size,
+				max_objects: quotas.max_objects,
+			},
+		};
+
+	Ok(json_ok_response(&res)?)
+}
+
+#[derive(Serialize)]
+#[serde(rename_all = "camelCase")]
+struct GetBucketInfoResult {
+	id: String,
+	global_aliases: Vec<String>,
+	website_access: bool,
+	#[serde(default)]
+	website_config: Option<GetBucketInfoWebsiteResult>,
+	keys: Vec<GetBucketInfoKey>,
+	objects: i64,
+	bytes: i64,
+	unfinshed_uploads: i64,
+	quotas: ApiBucketQuotas,
+}
+
+#[derive(Serialize)]
+#[serde(rename_all = "camelCase")]
+struct GetBucketInfoWebsiteResult {
+	index_document: String,
+	error_document: Option<String>,
+}
+
+#[derive(Serialize)]
+#[serde(rename_all = "camelCase")]
+struct GetBucketInfoKey {
+	access_key_id: String,
+	name: String,
+	permissions: ApiBucketKeyPerm,
+	bucket_local_aliases: Vec<String>,
+}
+
+pub async fn handle_create_bucket(
+	garage: &Arc<Garage>,
+	req: Request<Body>,
+) -> Result<Response<Body>, Error> {
+	let req = parse_json_body::<CreateBucketRequest>(req).await?;
+
+	if let Some(ga) = &req.global_alias {
+		if !is_valid_bucket_name(ga) {
+			return Err(Error::bad_request(format!(
+				"{}: {}",
+				ga, INVALID_BUCKET_NAME_MESSAGE
+			)));
+		}
+
+		if let Some(alias) = garage.bucket_alias_table.get(&EmptyKey, ga).await? {
+			if alias.state.get().is_some() {
+				return Err(CommonError::BucketAlreadyExists.into());
+			}
+		}
+	}
+
+	if let Some(la) = &req.local_alias {
+		if !is_valid_bucket_name(&la.alias) {
+			return Err(Error::bad_request(format!(
+				"{}: {}",
+				la.alias, INVALID_BUCKET_NAME_MESSAGE
+			)));
+		}
+
+		let key = garage
+			.key_helper()
+			.get_existing_key(&la.access_key_id)
+			.await?;
+		let state = key.state.as_option().unwrap();
+		if matches!(state.local_aliases.get(&la.alias), Some(_)) {
+			return Err(Error::bad_request("Local alias already exists"));
+		}
+	}
+
+	let bucket = Bucket::new();
+	garage.bucket_table.insert(&bucket).await?;
+
+	if let Some(ga) = &req.global_alias {
+		garage
+			.bucket_helper()
+			.set_global_bucket_alias(bucket.id, ga)
+			.await?;
+	}
+
+	if let Some(la) = &req.local_alias {
+		garage
+			.bucket_helper()
+			.set_local_bucket_alias(bucket.id, &la.access_key_id, &la.alias)
+			.await?;
+
+		if la.allow.read || la.allow.write || la.allow.owner {
+			garage
+				.bucket_helper()
+				.set_bucket_key_permissions(
+					bucket.id,
+					&la.access_key_id,
+					BucketKeyPerm {
+						timestamp: now_msec(),
+						allow_read: la.allow.read,
+						allow_write: la.allow.write,
+						allow_owner: la.allow.owner,
+					},
+				)
+				.await?;
+		}
+	}
+
+	bucket_info_results(garage, bucket.id).await
+}
+
+#[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct CreateBucketRequest {
+	global_alias: Option<String>,
+	local_alias: Option<CreateBucketLocalAlias>,
+}
+
+#[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct CreateBucketLocalAlias {
+	access_key_id: String,
+	alias: String,
+	#[serde(default)]
+	allow: ApiBucketKeyPerm,
+}
+
+pub async fn handle_delete_bucket(
+	garage: &Arc<Garage>,
+	id: String,
+) -> Result<Response<Body>, Error> {
+	let helper = garage.bucket_helper();
+
+	let bucket_id = parse_bucket_id(&id)?;
+
+	let mut bucket = helper.get_existing_bucket(bucket_id).await?;
+	let state = bucket.state.as_option().unwrap();
+
+	// Check bucket is empty
+	if !helper.is_bucket_empty(bucket_id).await? {
+		return Err(CommonError::BucketNotEmpty.into());
+	}
+
+	// --- done checking, now commit ---
+	// 1. delete authorization from keys that had access
+	for (key_id, perm) in bucket.authorized_keys() {
+		if perm.is_any() {
+			helper
+				.set_bucket_key_permissions(bucket.id, key_id, BucketKeyPerm::NO_PERMISSIONS)
+				.await?;
+		}
+	}
+	// 2. delete all local aliases
+	for ((key_id, alias), _, active) in state.local_aliases.items().iter() {
+		if *active {
+			helper
+				.unset_local_bucket_alias(bucket.id, key_id, alias)
+				.await?;
+		}
+	}
+	// 3. delete all global aliases
+	for (alias, _, active) in state.aliases.items().iter() {
+		if *active {
+			helper.purge_global_bucket_alias(bucket.id, alias).await?;
+		}
+	}
+
+	// 4. delete bucket
+	bucket.state = Deletable::delete();
+	garage.bucket_table.insert(&bucket).await?;
+
+	Ok(Response::builder()
+		.status(StatusCode::NO_CONTENT)
+		.body(Body::empty())?)
+}
+
+pub async fn handle_update_bucket(
+	garage: &Arc<Garage>,
+	id: String,
+	req: Request<Body>,
+) -> Result<Response<Body>, Error> {
+	let req = parse_json_body::<UpdateBucketRequest>(req).await?;
+	let bucket_id = parse_bucket_id(&id)?;
+
+	let mut bucket = garage
+		.bucket_helper()
+		.get_existing_bucket(bucket_id)
+		.await?;
+
+	let state = bucket.state.as_option_mut().unwrap();
+
+	if let Some(wa) = req.website_access {
+		if wa.enabled {
+			state.website_config.update(Some(WebsiteConfig {
+				index_document: wa.index_document.ok_or_bad_request(
+					"Please specify indexDocument when enabling website access.",
+				)?,
+				error_document: wa.error_document,
+			}));
+		} else {
+			if wa.index_document.is_some() || wa.error_document.is_some() {
+				return Err(Error::bad_request(
+					"Cannot specify indexDocument or errorDocument when disabling website access.",
+				));
+			}
+			state.website_config.update(None);
+		}
+	}
+
+	if let Some(q) = req.quotas {
+		state.quotas.update(BucketQuotas {
+			max_size: q.max_size,
+			max_objects: q.max_objects,
+		});
+	}
+
+	garage.bucket_table.insert(&bucket).await?;
+
+	bucket_info_results(garage, bucket_id).await
+}
+
+#[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct UpdateBucketRequest {
+	website_access: Option<UpdateBucketWebsiteAccess>,
+	quotas: Option<ApiBucketQuotas>,
+}
+
+#[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct UpdateBucketWebsiteAccess {
+	enabled: bool,
+	index_document: Option<String>,
+	error_document: Option<String>,
+}
+
+// ---- BUCKET/KEY PERMISSIONS ----
+
+pub async fn handle_bucket_change_key_perm(
+	garage: &Arc<Garage>,
+	req: Request<Body>,
+	new_perm_flag: bool,
+) -> Result<Response<Body>, Error> {
+	let req = parse_json_body::<BucketKeyPermChangeRequest>(req).await?;
+
+	let bucket_id = parse_bucket_id(&req.bucket_id)?;
+
+	let bucket = garage
+		.bucket_helper()
+		.get_existing_bucket(bucket_id)
+		.await?;
+	let state = bucket.state.as_option().unwrap();
+
+	let key = garage
+		.key_helper()
+		.get_existing_key(&req.access_key_id)
+		.await?;
+
+	let mut perm = state
+		.authorized_keys
+		.get(&key.key_id)
+		.cloned()
+		.unwrap_or(BucketKeyPerm::NO_PERMISSIONS);
+
+	if req.permissions.read {
+		perm.allow_read = new_perm_flag;
+	}
+	if req.permissions.write {
+		perm.allow_write = new_perm_flag;
+	}
+	if req.permissions.owner {
+		perm.allow_owner = new_perm_flag;
+	}
+
+	garage
+		.bucket_helper()
+		.set_bucket_key_permissions(bucket.id, &key.key_id, perm)
+		.await?;
+
+	bucket_info_results(garage, bucket.id).await
+}
+
+#[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct BucketKeyPermChangeRequest {
+	bucket_id: String,
+	access_key_id: String,
+	permissions: ApiBucketKeyPerm,
+}
+
+// ---- BUCKET ALIASES ----
+
+pub async fn handle_global_alias_bucket(
+	garage: &Arc<Garage>,
+	bucket_id: String,
+	alias: String,
+) -> Result<Response<Body>, Error> {
+	let bucket_id = parse_bucket_id(&bucket_id)?;
+
+	garage
+		.bucket_helper()
+		.set_global_bucket_alias(bucket_id, &alias)
+		.await?;
+
+	bucket_info_results(garage, bucket_id).await
+}
+
+pub async fn handle_global_unalias_bucket(
+	garage: &Arc<Garage>,
+	bucket_id: String,
+	alias: String,
+) -> Result<Response<Body>, Error> {
+	let bucket_id = parse_bucket_id(&bucket_id)?;
+
+	garage
+		.bucket_helper()
+		.unset_global_bucket_alias(bucket_id, &alias)
+		.await?;
+
+	bucket_info_results(garage, bucket_id).await
+}
+
+pub async fn handle_local_alias_bucket(
+	garage: &Arc<Garage>,
+	bucket_id: String,
+	access_key_id: String,
+	alias: String,
+) -> Result<Response<Body>, Error> {
+	let bucket_id = parse_bucket_id(&bucket_id)?;
+
+	garage
+		.bucket_helper()
+		.set_local_bucket_alias(bucket_id, &access_key_id, &alias)
+		.await?;
+
+	bucket_info_results(garage, bucket_id).await
+}
+
+pub async fn handle_local_unalias_bucket(
+	garage: &Arc<Garage>,
+	bucket_id: String,
+	access_key_id: String,
+	alias: String,
+) -> Result<Response<Body>, Error> {
+	let bucket_id = parse_bucket_id(&bucket_id)?;
+
+	garage
+		.bucket_helper()
+		.unset_local_bucket_alias(bucket_id, &access_key_id, &alias)
+		.await?;
+
+	bucket_info_results(garage, bucket_id).await
+}
+
+// ---- HELPER ----
+
+fn parse_bucket_id(id: &str) -> Result<Uuid, Error> {
+	let id_hex = hex::decode(&id).ok_or_bad_request("Invalid bucket id")?;
+	Ok(Uuid::try_from(&id_hex).ok_or_bad_request("Invalid bucket id")?)
+}

src/api/admin/cluster.rs

@@ -0,0 +1,193 @@
+use std::collections::HashMap;
+use std::net::SocketAddr;
+use std::sync::Arc;
+
+use hyper::{Body, Request, Response, StatusCode};
+use serde::{Deserialize, Serialize};
+
+use garage_util::crdt::*;
+use garage_util::data::*;
+
+use garage_rpc::layout::*;
+
+use garage_model::garage::Garage;
+
+use crate::admin::error::*;
+use crate::helpers::{json_ok_response, parse_json_body};
+
+pub async fn handle_get_cluster_status(garage: &Arc<Garage>) -> Result<Response<Body>, Error> {
+	let res = GetClusterStatusResponse {
+		node: hex::encode(garage.system.id),
+		garage_version: garage_util::version::garage_version(),
+		garage_features: garage_util::version::garage_features(),
+		db_engine: garage.db.engine(),
+		known_nodes: garage
+			.system
+			.get_known_nodes()
+			.into_iter()
+			.map(|i| {
+				(
+					hex::encode(i.id),
+					KnownNodeResp {
+						addr: i.addr,
+						is_up: i.is_up,
+						last_seen_secs_ago: i.last_seen_secs_ago,
+						hostname: i.status.hostname,
+					},
+				)
+			})
+			.collect(),
+		layout: get_cluster_layout(garage),
+	};
+
+	Ok(json_ok_response(&res)?)
+}
+
+pub async fn handle_connect_cluster_nodes(
+	garage: &Arc<Garage>,
+	req: Request<Body>,
+) -> Result<Response<Body>, Error> {
+	let req = parse_json_body::<Vec<String>>(req).await?;
+
+	let res = futures::future::join_all(req.iter().map(|node| garage.system.connect(node)))
+		.await
+		.into_iter()
+		.map(|r| match r {
+			Ok(()) => ConnectClusterNodesResponse {
+				success: true,
+				error: None,
+			},
+			Err(e) => ConnectClusterNodesResponse {
+				success: false,
+				error: Some(format!("{}", e)),
+			},
+		})
+		.collect::<Vec<_>>();
+
+	Ok(json_ok_response(&res)?)
+}
+
+pub async fn handle_get_cluster_layout(garage: &Arc<Garage>) -> Result<Response<Body>, Error> {
+	let res = get_cluster_layout(garage);
+
+	Ok(json_ok_response(&res)?)
+}
+
+fn get_cluster_layout(garage: &Arc<Garage>) -> GetClusterLayoutResponse {
+	let layout = garage.system.get_cluster_layout();
+
+	GetClusterLayoutResponse {
+		version: layout.version,
+		roles: layout
+			.roles
+			.items()
+			.iter()
+			.filter(|(_, _, v)| v.0.is_some())
+			.map(|(k, _, v)| (hex::encode(k), v.0.clone()))
+			.collect(),
+		staged_role_changes: layout
+			.staging
+			.items()
+			.iter()
+			.filter(|(k, _, v)| layout.roles.get(k) != Some(v))
+			.map(|(k, _, v)| (hex::encode(k), v.0.clone()))
+			.collect(),
+	}
+}
+
+#[derive(Serialize)]
+#[serde(rename_all = "camelCase")]
+struct GetClusterStatusResponse {
+	node: String,
+	garage_version: &'static str,
+	garage_features: Option<&'static [&'static str]>,
+	db_engine: String,
+	known_nodes: HashMap<String, KnownNodeResp>,
+	layout: GetClusterLayoutResponse,
+}
+
+#[derive(Serialize)]
+struct ConnectClusterNodesResponse {
+	success: bool,
+	error: Option<String>,
+}
+
+#[derive(Serialize)]
+#[serde(rename_all = "camelCase")]
+struct GetClusterLayoutResponse {
+	version: u64,
+	roles: HashMap<String, Option<NodeRole>>,
+	staged_role_changes: HashMap<String, Option<NodeRole>>,
+}
+
+#[derive(Serialize)]
+struct KnownNodeResp {
+	addr: SocketAddr,
+	is_up: bool,
+	last_seen_secs_ago: Option<u64>,
+	hostname: String,
+}
+
+pub async fn handle_update_cluster_layout(
+	garage: &Arc<Garage>,
+	req: Request<Body>,
+) -> Result<Response<Body>, Error> {
+	let updates = parse_json_body::<UpdateClusterLayoutRequest>(req).await?;
+
+	let mut layout = garage.system.get_cluster_layout();
+
+	let mut roles = layout.roles.clone();
+	roles.merge(&layout.staging);
+
+	for (node, role) in updates {
+		let node = hex::decode(node).ok_or_bad_request("Invalid node identifier")?;
+		let node = Uuid::try_from(&node).ok_or_bad_request("Invalid node identifier")?;
+
+		layout
+			.staging
+			.merge(&roles.update_mutator(node, NodeRoleV(role)));
+	}
+
+	garage.system.update_cluster_layout(&layout).await?;
+
+	Ok(Response::builder()
+		.status(StatusCode::OK)
+		.body(Body::empty())?)
+}
+
+pub async fn handle_apply_cluster_layout(
+	garage: &Arc<Garage>,
+	req: Request<Body>,
+) -> Result<Response<Body>, Error> {
+	let param = parse_json_body::<ApplyRevertLayoutRequest>(req).await?;
+
+	let layout = garage.system.get_cluster_layout();
+	let layout = layout.apply_staged_changes(Some(param.version))?;
+	garage.system.update_cluster_layout(&layout).await?;
+
+	Ok(Response::builder()
+		.status(StatusCode::OK)
+		.body(Body::empty())?)
+}
+
+pub async fn handle_revert_cluster_layout(
+	garage: &Arc<Garage>,
+	req: Request<Body>,
+) -> Result<Response<Body>, Error> {
+	let param = parse_json_body::<ApplyRevertLayoutRequest>(req).await?;
+
+	let layout = garage.system.get_cluster_layout();
+	let layout = layout.revert_staged_changes(Some(param.version))?;
+	garage.system.update_cluster_layout(&layout).await?;
+
+	Ok(Response::builder()
+		.status(StatusCode::OK)
+		.body(Body::empty())?)
+}
+
+type UpdateClusterLayoutRequest = HashMap<String, Option<NodeRole>>;
+
+#[derive(Deserialize)]
+struct ApplyRevertLayoutRequest {
+	version: u64,
+}

src/api/admin/error.rs

@@ -0,0 +1,97 @@
+use err_derive::Error;
+use hyper::header::HeaderValue;
+use hyper::{Body, HeaderMap, StatusCode};
+
+pub use garage_model::helper::error::Error as HelperError;
+
+use crate::common_error::CommonError;
+pub use crate::common_error::{CommonErrorDerivative, OkOrBadRequest, OkOrInternalError};
+use crate::generic_server::ApiError;
+use crate::helpers::CustomApiErrorBody;
+
+/// Errors of this crate
+#[derive(Debug, Error)]
+pub enum Error {
+	#[error(display = "{}", _0)]
+	/// Error from common error
+	Common(CommonError),
+
+	// Category: cannot process
+	/// The API access key does not exist
+	#[error(display = "Access key not found: {}", _0)]
+	NoSuchAccessKey(String),
+
+	/// In Import key, the key already exists
+	#[error(
+		display = "Key {} already exists in data store. Even if it is deleted, we can't let you create a new key with the same ID. Sorry.",
+		_0
+	)]
+	KeyAlreadyExists(String),
+}
+
+impl<T> From<T> for Error
+where
+	CommonError: From<T>,
+{
+	fn from(err: T) -> Self {
+		Error::Common(CommonError::from(err))
+	}
+}
+
+impl CommonErrorDerivative for Error {}
+
+impl From<HelperError> for Error {
+	fn from(err: HelperError) -> Self {
+		match err {
+			HelperError::Internal(i) => Self::Common(CommonError::InternalError(i)),
+			HelperError::BadRequest(b) => Self::Common(CommonError::BadRequest(b)),
+			HelperError::InvalidBucketName(n) => Self::Common(CommonError::InvalidBucketName(n)),
+			HelperError::NoSuchBucket(n) => Self::Common(CommonError::NoSuchBucket(n)),
+			HelperError::NoSuchAccessKey(n) => Self::NoSuchAccessKey(n),
+		}
+	}
+}
+
+impl Error {
+	fn code(&self) -> &'static str {
+		match self {
+			Error::Common(c) => c.aws_code(),
+			Error::NoSuchAccessKey(_) => "NoSuchAccessKey",
+			Error::KeyAlreadyExists(_) => "KeyAlreadyExists",
+		}
+	}
+}
+
+impl ApiError for Error {
+	/// Get the HTTP status code that best represents the meaning of the error for the client
+	fn http_status_code(&self) -> StatusCode {
+		match self {
+			Error::Common(c) => c.http_status_code(),
+			Error::NoSuchAccessKey(_) => StatusCode::NOT_FOUND,
+			Error::KeyAlreadyExists(_) => StatusCode::CONFLICT,
+		}
+	}
+
+	fn add_http_headers(&self, header_map: &mut HeaderMap<HeaderValue>) {
+		use hyper::header;
+		header_map.append(header::CONTENT_TYPE, "application/json".parse().unwrap());
+	}
+
+	fn http_body(&self, garage_region: &str, path: &str) -> Body {
+		let error = CustomApiErrorBody {
+			code: self.code().to_string(),
+			message: format!("{}", self),
+			path: path.to_string(),
+			region: garage_region.to_string(),
+		};
+		Body::from(serde_json::to_string_pretty(&error).unwrap_or_else(|_| {
+			r#"
+{
+	"code": "InternalError",
+	"message": "JSON encoding of error failed"
+}
+			"#
+			.into()
+		}))
+	}
+}

src/api/admin/key.rs

@@ -0,0 +1,256 @@
+use std::collections::HashMap;
+use std::sync::Arc;
+
+use hyper::{Body, Request, Response, StatusCode};
+use serde::{Deserialize, Serialize};
+
+use garage_table::*;
+
+use garage_model::garage::Garage;
+use garage_model::key_table::*;
+
+use crate::admin::error::*;
+use crate::helpers::{json_ok_response, parse_json_body};
+
+pub async fn handle_list_keys(garage: &Arc<Garage>) -> Result<Response<Body>, Error> {
+	let res = garage
+		.key_table
+		.get_range(
+			&EmptyKey,
+			None,
+			Some(KeyFilter::Deleted(DeletedFilter::NotDeleted)),
+			10000,
+			EnumerationOrder::Forward,
+		)
+		.await?
+		.iter()
+		.map(|k| ListKeyResultItem {
+			id: k.key_id.to_string(),
+			name: k.params().unwrap().name.get().clone(),
+		})
+		.collect::<Vec<_>>();
+
+	Ok(json_ok_response(&res)?)
+}
+
+#[derive(Serialize)]
+struct ListKeyResultItem {
+	id: String,
+	name: String,
+}
+
+pub async fn handle_get_key_info(
+	garage: &Arc<Garage>,
+	id: Option<String>,
+	search: Option<String>,
+) -> Result<Response<Body>, Error> {
+	let key = if let Some(id) = id {
+		garage.key_helper().get_existing_key(&id).await?
+	} else if let Some(search) = search {
+		garage
+			.key_helper()
+			.get_existing_matching_key(&search)
+			.await?
+	} else {
+		unreachable!();
+	};
+
+	key_info_results(garage, key).await
+}
+
+pub async fn handle_create_key(
+	garage: &Arc<Garage>,
+	req: Request<Body>,
+) -> Result<Response<Body>, Error> {
+	let req = parse_json_body::<CreateKeyRequest>(req).await?;
+
+	let key = Key::new(&req.name);
+	garage.key_table.insert(&key).await?;
+
+	key_info_results(garage, key).await
+}
+
+#[derive(Deserialize)]
+struct CreateKeyRequest {
+	name: String,
+}
+
+pub async fn handle_import_key(
+	garage: &Arc<Garage>,
+	req: Request<Body>,
+) -> Result<Response<Body>, Error> {
+	let req = parse_json_body::<ImportKeyRequest>(req).await?;
+
+	let prev_key = garage.key_table.get(&EmptyKey, &req.access_key_id).await?;
+	if prev_key.is_some() {
+		return Err(Error::KeyAlreadyExists(req.access_key_id.to_string()));
+	}
+
+	let imported_key = Key::import(&req.access_key_id, &req.secret_access_key, &req.name);
+	garage.key_table.insert(&imported_key).await?;
+
+	key_info_results(garage, imported_key).await
+}
+
+#[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct ImportKeyRequest {
+	access_key_id: String,
+	secret_access_key: String,
+	name: String,
+}
+
+pub async fn handle_update_key(
+	garage: &Arc<Garage>,
+	id: String,
+	req: Request<Body>,
+) -> Result<Response<Body>, Error> {
+	let req = parse_json_body::<UpdateKeyRequest>(req).await?;
+
+	let mut key = garage.key_helper().get_existing_key(&id).await?;
+
+	let key_state = key.state.as_option_mut().unwrap();
+
+	if let Some(new_name) = req.name {
+		key_state.name.update(new_name);
+	}
+	if let Some(allow) = req.allow {
+		if allow.create_bucket {
+			key_state.allow_create_bucket.update(true);
+		}
+	}
+	if let Some(deny) = req.deny {
+		if deny.create_bucket {
+			key_state.allow_create_bucket.update(false);
+		}
+	}
+
+	garage.key_table.insert(&key).await?;
+
+	key_info_results(garage, key).await
+}
+
+#[derive(Deserialize)]
+struct UpdateKeyRequest {
+	name: Option<String>,
+	allow: Option<KeyPerm>,
+	deny: Option<KeyPerm>,
+}
+
+pub async fn handle_delete_key(garage: &Arc<Garage>, id: String) -> Result<Response<Body>, Error> {
+	let mut key = garage.key_helper().get_existing_key(&id).await?;
+
+	key.state.as_option().unwrap();
+
+	garage.key_helper().delete_key(&mut key).await?;
+
+	Ok(Response::builder()
+		.status(StatusCode::NO_CONTENT)
+		.body(Body::empty())?)
+}
+
+async fn key_info_results(garage: &Arc<Garage>, key: Key) -> Result<Response<Body>, Error> {
+	let mut relevant_buckets = HashMap::new();
+
+	let key_state = key.state.as_option().unwrap();
+
+	for id in key_state
+		.authorized_buckets
+		.items()
+		.iter()
+		.map(|(id, _)| id)
+		.chain(
+			key_state
+				.local_aliases
+				.items()
+				.iter()
+				.filter_map(|(_, _, v)| v.as_ref()),
+		) {
+		if !relevant_buckets.contains_key(id) {
+			if let Some(b) = garage.bucket_table.get(&EmptyKey, id).await? {
+				if b.state.as_option().is_some() {
+					relevant_buckets.insert(*id, b);
+				}
+			}
+		}
+	}
+
+	let res = GetKeyInfoResult {
+		name: key_state.name.get().clone(),
+		access_key_id: key.key_id.clone(),
+		secret_access_key: key_state.secret_key.clone(),
+		permissions: KeyPerm {
+			create_bucket: *key_state.allow_create_bucket.get(),
+		},
+		buckets: relevant_buckets
+			.into_iter()
+			.map(|(_, bucket)| {
+				let state = bucket.state.as_option().unwrap();
+				KeyInfoBucketResult {
+					id: hex::encode(bucket.id),
+					global_aliases: state
+						.aliases
+						.items()
+						.iter()
+						.filter(|(_, _, a)| *a)
+						.map(|(n, _, _)| n.to_string())
+						.collect::<Vec<_>>(),
+					local_aliases: state
+						.local_aliases
+						.items()
+						.iter()
+						.filter(|((k, _), _, a)| *a && *k == key.key_id)
+						.map(|((_, n), _, _)| n.to_string())
+						.collect::<Vec<_>>(),
+					permissions: key_state
+						.authorized_buckets
+						.get(&bucket.id)
+						.map(|p| ApiBucketKeyPerm {
+							read: p.allow_read,
+							write: p.allow_write,
+							owner: p.allow_owner,
+						})
+						.unwrap_or_default(),
+				}
+			})
+			.collect::<Vec<_>>(),
+	};
+
+	Ok(json_ok_response(&res)?)
+}
+
+#[derive(Serialize)]
+#[serde(rename_all = "camelCase")]
+struct GetKeyInfoResult {
+	name: String,
+	access_key_id: String,
+	secret_access_key: String,
+	permissions: KeyPerm,
+	buckets: Vec<KeyInfoBucketResult>,
+}
+
+#[derive(Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct KeyPerm {
+	#[serde(default)]
+	create_bucket: bool,
+}
+
+#[derive(Serialize)]
+#[serde(rename_all = "camelCase")]
+struct KeyInfoBucketResult {
+	id: String,
+	global_aliases: Vec<String>,
+	local_aliases: Vec<String>,
+	permissions: ApiBucketKeyPerm,
+}
+
+#[derive(Serialize, Deserialize, Default)]
+pub(crate) struct ApiBucketKeyPerm {
+	#[serde(default)]
+	pub(crate) read: bool,
+	#[serde(default)]
+	pub(crate) write: bool,
+	#[serde(default)]
+	pub(crate) owner: bool,
+}

src/api/admin/mod.rs

@@ -0,0 +1,7 @@
+pub mod api_server;
+mod error;
+mod router;
+
+mod bucket;
+mod cluster;
+mod key;

src/api/admin/router.rs

@@ -0,0 +1,145 @@
+use std::borrow::Cow;
+
+use hyper::{Method, Request};
+
+use crate::admin::error::*;
+use crate::router_macros::*;
+
+pub enum Authorization {
+	MetricsToken,
+	AdminToken,
+}
+
+router_match! {@func
+
+/// List of all Admin API endpoints.
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub enum Endpoint {
+	Options,
+	Metrics,
+	GetClusterStatus,
+	ConnectClusterNodes,
+	// Layout
+	GetClusterLayout,
+	UpdateClusterLayout,
+	ApplyClusterLayout,
+	RevertClusterLayout,
+	// Keys
+	ListKeys,
+	CreateKey,
+	ImportKey,
+	GetKeyInfo {
+		id: Option<String>,
+		search: Option<String>,
+	},
+	DeleteKey {
+		id: String,
+	},
+	UpdateKey {
+		id: String,
+	},
+	// Buckets
+	ListBuckets,
+	CreateBucket,
+	GetBucketInfo {
+		id: Option<String>,
+		global_alias: Option<String>,
+	},
+	DeleteBucket {
+		id: String,
+	},
+	UpdateBucket {
+		id: String,
+	},
+	// Bucket-Key Permissions
+	BucketAllowKey,
+	BucketDenyKey,
+	// Bucket aliases
+	GlobalAliasBucket {
+		id: String,
+		alias: String,
+	},
+	GlobalUnaliasBucket {
+		id: String,
+		alias: String,
+	},
+	LocalAliasBucket {
+		id: String,
+		access_key_id: String,
+		alias: String,
+	},
+	LocalUnaliasBucket {
+		id: String,
+		access_key_id: String,
+		alias: String,
+	},
+}}
+
+impl Endpoint {
+	/// Determine which S3 endpoint a request is for using the request, and a bucket which was
+	/// possibly extracted from the Host header.
+	/// Returns Self plus bucket name, if endpoint is not Endpoint::ListBuckets
+	pub fn from_request<T>(req: &Request<T>) -> Result<Self, Error> {
+		let uri = req.uri();
+		let path = uri.path();
+		let query = uri.query();
+
+		let mut query = QueryParameters::from_query(query.unwrap_or_default())?;
+
+		let res = router_match!(@gen_path_parser (req.method(), path, query) [
+			OPTIONS _ => Options,
+			GET "/metrics" => Metrics,
+			GET "/v0/status" => GetClusterStatus,
+			POST "/v0/connect" => ConnectClusterNodes,
+			// Layout endpoints
+			GET "/v0/layout" => GetClusterLayout,
+			POST "/v0/layout" => UpdateClusterLayout,
+			POST "/v0/layout/apply" => ApplyClusterLayout,
+			POST "/v0/layout/revert" => RevertClusterLayout,
+			// API key endpoints
+			GET "/v0/key" if id => GetKeyInfo (query_opt::id, query_opt::search),
+			GET "/v0/key" if search => GetKeyInfo (query_opt::id, query_opt::search),
+			POST "/v0/key" if id => UpdateKey (query::id),
+			POST "/v0/key" => CreateKey,
+			POST "/v0/key/import" => ImportKey,
+			DELETE "/v0/key" if id => DeleteKey (query::id),
+			GET "/v0/key" => ListKeys,
+			// Bucket endpoints
+			GET "/v0/bucket" if id => GetBucketInfo (query_opt::id, query_opt::global_alias),
+			GET "/v0/bucket" if global_alias => GetBucketInfo (query_opt::id, query_opt::global_alias),
+			GET "/v0/bucket" => ListBuckets,
+			POST "/v0/bucket" => CreateBucket,
+			DELETE "/v0/bucket" if id => DeleteBucket (query::id),
+			PUT "/v0/bucket" if id => UpdateBucket (query::id),
+			// Bucket-key permissions
+			POST "/v0/bucket/allow" => BucketAllowKey,
+			POST "/v0/bucket/deny" => BucketDenyKey,
+			// Bucket aliases
+			PUT "/v0/bucket/alias/global" => GlobalAliasBucket (query::id, query::alias),
+			DELETE "/v0/bucket/alias/global" => GlobalUnaliasBucket (query::id, query::alias),
+			PUT "/v0/bucket/alias/local" => LocalAliasBucket (query::id, query::access_key_id, query::alias),
+			DELETE "/v0/bucket/alias/local" => LocalUnaliasBucket (query::id, query::access_key_id, query::alias),
+		]);
+
+		if let Some(message) = query.nonempty_message() {
+			debug!("Unused query parameter: {}", message)
+		}
+
+		Ok(res)
+	}
+	/// Get the kind of authorization which is required to perform the operation.
+	pub fn authorization_type(&self) -> Authorization {
+		match self {
+			Self::Metrics => Authorization::MetricsToken,
+			_ => Authorization::AdminToken,
+		}
+	}
+}
+
+generateQueryParameters! {
+	"id" => id,
+	"search" => search,
+	"globalAlias" => global_alias,
+	"alias" => alias,
+	"accessKeyId" => access_key_id
+}

src/api/common_error.rs

@@ -0,0 +1,177 @@
+use err_derive::Error;
+use hyper::StatusCode;
+
+use garage_util::error::Error as GarageError;
+
+/// Errors of this crate
+#[derive(Debug, Error)]
+pub enum CommonError {
+	// ---- INTERNAL ERRORS ----
+	/// Error related to deeper parts of Garage
+	#[error(display = "Internal error: {}", _0)]
+	InternalError(#[error(source)] GarageError),
+
+	/// Error related to Hyper
+	#[error(display = "Internal error (Hyper error): {}", _0)]
+	Hyper(#[error(source)] hyper::Error),
+
+	/// Error related to HTTP
+	#[error(display = "Internal error (HTTP error): {}", _0)]
+	Http(#[error(source)] http::Error),
+
+	// ---- GENERIC CLIENT ERRORS ----
+	/// Proper authentication was not provided
+	#[error(display = "Forbidden: {}", _0)]
+	Forbidden(String),
+
+	/// Generic bad request response with custom message
+	#[error(display = "Bad request: {}", _0)]
+	BadRequest(String),
+
+	// ---- SPECIFIC ERROR CONDITIONS ----
+	// These have to be error codes referenced in the S3 spec here:
+	// https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList
+	/// The bucket requested don't exists
+	#[error(display = "Bucket not found: {}", _0)]
+	NoSuchBucket(String),
+
+	/// Tried to create a bucket that already exist
+	#[error(display = "Bucket already exists")]
+	BucketAlreadyExists,
+
+	/// Tried to delete a non-empty bucket
+	#[error(display = "Tried to delete a non-empty bucket")]
+	BucketNotEmpty,
+
+	// Category: bad request
+	/// Bucket name is not valid according to AWS S3 specs
+	#[error(display = "Invalid bucket name: {}", _0)]
+	InvalidBucketName(String),
+}
+
+impl CommonError {
+	pub fn http_status_code(&self) -> StatusCode {
+		match self {
+			CommonError::InternalError(
+				GarageError::Timeout
+				| GarageError::RemoteError(_)
+				| GarageError::Quorum(_, _, _, _),
+			) => StatusCode::SERVICE_UNAVAILABLE,
+			CommonError::InternalError(_) | CommonError::Hyper(_) | CommonError::Http(_) => {
+				StatusCode::INTERNAL_SERVER_ERROR
+			}
+			CommonError::BadRequest(_) => StatusCode::BAD_REQUEST,
+			CommonError::Forbidden(_) => StatusCode::FORBIDDEN,
+			CommonError::NoSuchBucket(_) => StatusCode::NOT_FOUND,
+			CommonError::BucketNotEmpty | CommonError::BucketAlreadyExists => StatusCode::CONFLICT,
+			CommonError::InvalidBucketName(_) => StatusCode::BAD_REQUEST,
+		}
+	}
+
+	pub fn aws_code(&self) -> &'static str {
+		match self {
+			CommonError::Forbidden(_) => "AccessDenied",
+			CommonError::InternalError(
+				GarageError::Timeout
+				| GarageError::RemoteError(_)
+				| GarageError::Quorum(_, _, _, _),
+			) => "ServiceUnavailable",
+			CommonError::InternalError(_) | CommonError::Hyper(_) | CommonError::Http(_) => {
+				"InternalError"
+			}
+			CommonError::BadRequest(_) => "InvalidRequest",
+			CommonError::NoSuchBucket(_) => "NoSuchBucket",
+			CommonError::BucketAlreadyExists => "BucketAlreadyExists",
+			CommonError::BucketNotEmpty => "BucketNotEmpty",
+			CommonError::InvalidBucketName(_) => "InvalidBucketName",
+		}
+	}
+
+	pub fn bad_request<M: ToString>(msg: M) -> Self {
+		CommonError::BadRequest(msg.to_string())
+	}
+}
+
+pub trait CommonErrorDerivative: From<CommonError> {
+	fn internal_error<M: ToString>(msg: M) -> Self {
+		Self::from(CommonError::InternalError(GarageError::Message(
+			msg.to_string(),
+		)))
+	}
+
+	fn bad_request<M: ToString>(msg: M) -> Self {
+		Self::from(CommonError::BadRequest(msg.to_string()))
+	}
+
+	fn forbidden<M: ToString>(msg: M) -> Self {
+		Self::from(CommonError::Forbidden(msg.to_string()))
+	}
+}
+
+/// Trait to map error to the Bad Request error code
+pub trait OkOrBadRequest {
+	type S;
+	fn ok_or_bad_request<M: AsRef<str>>(self, reason: M) -> Result<Self::S, CommonError>;
+}
+
+impl<T, E> OkOrBadRequest for Result<T, E>
+where
+	E: std::fmt::Display,
+{
+	type S = T;
+	fn ok_or_bad_request<M: AsRef<str>>(self, reason: M) -> Result<T, CommonError> {
+		match self {
+			Ok(x) => Ok(x),
+			Err(e) => Err(CommonError::BadRequest(format!(
+				"{}: {}",
+				reason.as_ref(),
+				e
+			))),
+		}
+	}
+}
+
+impl<T> OkOrBadRequest for Option<T> {
+	type S = T;
+	fn ok_or_bad_request<M: AsRef<str>>(self, reason: M) -> Result<T, CommonError> {
+		match self {
+			Some(x) => Ok(x),
+			None => Err(CommonError::BadRequest(reason.as_ref().to_string())),
+		}
+	}
+}
+
+/// Trait to map an error to an Internal Error code
+pub trait OkOrInternalError {
+	type S;
+	fn ok_or_internal_error<M: AsRef<str>>(self, reason: M) -> Result<Self::S, CommonError>;
+}
+
+impl<T, E> OkOrInternalError for Result<T, E>
+where
+	E: std::fmt::Display,
+{
+	type S = T;
+	fn ok_or_internal_error<M: AsRef<str>>(self, reason: M) -> Result<T, CommonError> {
+		match self {
+			Ok(x) => Ok(x),
+			Err(e) => Err(CommonError::InternalError(GarageError::Message(format!(
+				"{}: {}",
+				reason.as_ref(),
+				e
+			)))),
+		}
+	}
+}
+
+impl<T> OkOrInternalError for Option<T> {
+	type S = T;
+	fn ok_or_internal_error<M: AsRef<str>>(self, reason: M) -> Result<T, CommonError> {
+		match self {
+			Some(x) => Ok(x),
+			None => Err(CommonError::InternalError(GarageError::Message(
+				reason.as_ref().to_string(),
+			))),
+		}
+	}
+}

src/api/generic_server.rs

@@ -5,9 +5,11 @@ use async_trait::async_trait;
 
 use futures::future::Future;
 
+use hyper::header::HeaderValue;
 use hyper::server::conn::AddrStream;
 use hyper::service::{make_service_fn, service_fn};
 use hyper::{Body, Request, Response, Server};
+use hyper::{HeaderMap, StatusCode};
 
 use opentelemetry::{
 	global,
@@ -19,26 +21,31 @@ use opentelemetry::{
 use garage_util::error::Error as GarageError;
 use garage_util::metrics::{gen_trace_id, RecordDuration};
 
-use crate::error::*;
-
 pub(crate) trait ApiEndpoint: Send + Sync + 'static {
 	fn name(&self) -> &'static str;
 	fn add_span_attributes(&self, span: SpanRef<'_>);
 }
 
+pub trait ApiError: std::error::Error + Send + Sync + 'static {
+	fn http_status_code(&self) -> StatusCode;
+	fn add_http_headers(&self, header_map: &mut HeaderMap<HeaderValue>);
+	fn http_body(&self, garage_region: &str, path: &str) -> Body;
+}
+
 #[async_trait]
 pub(crate) trait ApiHandler: Send + Sync + 'static {
 	const API_NAME: &'static str;
 	const API_NAME_DISPLAY: &'static str;
 
 	type Endpoint: ApiEndpoint;
+	type Error: ApiError;
 
-	fn parse_endpoint(&self, r: &Request<Body>) -> Result<Self::Endpoint, Error>;
+	fn parse_endpoint(&self, r: &Request<Body>) -> Result<Self::Endpoint, Self::Error>;
 	async fn handle(
 		&self,
 		req: Request<Body>,
 		endpoint: Self::Endpoint,
-	) -> Result<Response<Body>, Error>;
+	) -> Result<Response<Body>, Self::Error>;
 }
 
 pub(crate) struct ApiServer<A: ApiHandler> {
@@ -142,13 +149,11 @@ impl<A: ApiHandler> ApiServer<A> {
 				Ok(x)
 			}
 			Err(e) => {
-				let body: Body = Body::from(e.aws_xml(&self.region, uri.path()));
-				let mut http_error_builder = Response::builder()
-					.status(e.http_status_code())
-					.header("Content-Type", "application/xml");
+				let body: Body = e.http_body(&self.region, uri.path());
+				let mut http_error_builder = Response::builder().status(e.http_status_code());
 
 				if let Some(header_map) = http_error_builder.headers_mut() {
-					e.add_headers(header_map)
+					e.add_http_headers(header_map)
 				}
 
 				let http_error = http_error_builder.body(body)?;
@@ -163,7 +168,7 @@ impl<A: ApiHandler> ApiServer<A> {
 		}
 	}
 
-	async fn handler_stage2(&self, req: Request<Body>) -> Result<Response<Body>, Error> {
+	async fn handler_stage2(&self, req: Request<Body>) -> Result<Response<Body>, A::Error> {
 		let endpoint = self.api_handler.parse_endpoint(&req)?;
 		debug!("Endpoint: {}", endpoint.name());
 

src/api/helpers.rs

@@ -1,11 +1,8 @@
+use hyper::{Body, Request, Response};
 use idna::domain_to_unicode;
+use serde::{Deserialize, Serialize};
 
-use garage_util::data::*;
-
-use garage_model::garage::Garage;
-use garage_model::key_table::Key;
-
-use crate::error::*;
+use crate::common_error::{CommonError as Error, *};
 
 /// What kind of authorization is required to perform a given action
 #[derive(Debug, Clone, PartialEq, Eq)]
@@ -50,7 +47,7 @@ pub fn authority_to_host(authority: &str) -> Result<String, Error> {
 	let mut iter = authority.chars().enumerate();
 	let (_, first_char) = iter
 		.next()
-		.ok_or_else(|| Error::BadRequest("Authority is empty".to_string()))?;
+		.ok_or_else(|| Error::bad_request("Authority is empty".to_string()))?;
 
 	let split = match first_char {
 		'[' => {
@@ -58,7 +55,7 @@ pub fn authority_to_host(authority: &str) -> Result<String, Error> {
 			match iter.next() {
 				Some((_, ']')) => iter.next(),
 				_ => {
-					return Err(Error::BadRequest(format!(
+					return Err(Error::bad_request(format!(
 						"Authority {} has an illegal format",
 						authority
 					)))
@@ -71,7 +68,7 @@ pub fn authority_to_host(authority: &str) -> Result<String, Error> {
 	let authority = match split {
 		Some((i, ':')) => Ok(&authority[..i]),
 		None => Ok(authority),
-		Some((_, _)) => Err(Error::BadRequest(format!(
+		Some((_, _)) => Err(Error::bad_request(format!(
 			"Authority {} has an illegal format",
 			authority
 		))),
@@ -79,28 +76,6 @@ pub fn authority_to_host(authority: &str) -> Result<String, Error> {
 	authority.map(|h| domain_to_unicode(h).0)
 }
 
-#[allow(clippy::ptr_arg)]
-pub async fn resolve_bucket(
-	garage: &Garage,
-	bucket_name: &String,
-	api_key: &Key,
-) -> Result<Uuid, Error> {
-	let api_key_params = api_key
-		.state
-		.as_option()
-		.ok_or_internal_error("Key should not be deleted at this point")?;
-
-	if let Some(Some(bucket_id)) = api_key_params.local_aliases.get(bucket_name) {
-		Ok(*bucket_id)
-	} else {
-		Ok(garage
-			.bucket_helper()
-			.resolve_global_bucket_name(bucket_name)
-			.await?
-			.ok_or(Error::NoSuchBucket)?)
-	}
-}
-
 /// Extract the bucket name and the key name from an HTTP path and possibly a bucket provided in
 /// the host header of the request
 ///
@@ -132,7 +107,7 @@ pub fn parse_bucket_key<'a>(
 		None => (path, None),
 	};
 	if bucket.is_empty() {
-		return Err(Error::BadRequest("No bucket specified".to_string()));
+		return Err(Error::bad_request("No bucket specified"));
 	}
 	Ok((bucket, key))
 }
@@ -163,6 +138,20 @@ pub fn key_after_prefix(pfx: &str) -> Option<String> {
 	None
 }
 
+pub async fn parse_json_body<T: for<'de> Deserialize<'de>>(req: Request<Body>) -> Result<T, Error> {
+	let body = hyper::body::to_bytes(req.into_body()).await?;
+	let resp: T = serde_json::from_slice(&body).ok_or_bad_request("Invalid JSON")?;
+	Ok(resp)
+}
+
+pub fn json_ok_response<T: Serialize>(res: &T) -> Result<Response<Body>, Error> {
+	let resp_json = serde_json::to_string_pretty(res).map_err(garage_util::error::Error::from)?;
+	Ok(Response::builder()
+		.status(hyper::StatusCode::OK)
+		.header(http::header::CONTENT_TYPE, "application/json")
+		.body(Body::from(resp_json))?)
+}
+
 #[cfg(test)]
 mod tests {
 	use super::*;
@@ -298,3 +287,11 @@ mod tests {
 		);
 	}
 }
+
+#[derive(Serialize)]
+pub(crate) struct CustomApiErrorBody {
+	pub(crate) code: String,
+	pub(crate) message: String,
+	pub(crate) region: String,
+	pub(crate) path: String,
+}

src/api/k2v/api_server.rs

@@ -1,3 +1,4 @@
+use std::net::SocketAddr;
 use std::sync::Arc;
 
 use async_trait::async_trait;
@@ -7,13 +8,12 @@ use hyper::{Body, Method, Request, Response};
 
 use opentelemetry::{trace::SpanRef, KeyValue};
 
-use garage_table::util::*;
 use garage_util::error::Error as GarageError;
 
 use garage_model::garage::Garage;
 
-use crate::error::*;
 use crate::generic_server::*;
+use crate::k2v::error::*;
 
 use crate::signature::payload::check_payload_signature;
 use crate::signature::streaming::*;
@@ -37,20 +37,13 @@ pub(crate) struct K2VApiEndpoint {
 impl K2VApiServer {
 	pub async fn run(
 		garage: Arc<Garage>,
+		bind_addr: SocketAddr,
+		s3_region: String,
 		shutdown_signal: impl Future<Output = ()>,
 	) -> Result<(), GarageError> {
-		if let Some(cfg) = &garage.config.k2v_api {
-			let bind_addr = cfg.api_bind_addr;
-
-			ApiServer::new(
-				garage.config.s3_api.s3_region.clone(),
-				K2VApiServer { garage },
-			)
+		ApiServer::new(s3_region, K2VApiServer { garage })
 			.run_server(bind_addr, shutdown_signal)
 			.await
-		} else {
-			Ok(())
-		}
 	}
 }
 
@@ -60,6 +53,7 @@ impl ApiHandler for K2VApiServer {
 	const API_NAME_DISPLAY: &'static str = "K2V";
 
 	type Endpoint = K2VApiEndpoint;
+	type Error = Error;
 
 	fn parse_endpoint(&self, req: &Request<Body>) -> Result<K2VApiEndpoint, Error> {
 		let (endpoint, bucket_name) = Endpoint::from_request(req)?;
@@ -83,13 +77,14 @@ impl ApiHandler for K2VApiServer {
 
 		// The OPTIONS method is procesed early, before we even check for an API key
 		if let Endpoint::Options = endpoint {
-			return handle_options_s3api(garage, &req, Some(bucket_name)).await;
+			return Ok(handle_options_s3api(garage, &req, Some(bucket_name))
+				.await
+				.ok_or_bad_request("Error handling OPTIONS")?);
 		}
 
 		let (api_key, mut content_sha256) = check_payload_signature(&garage, "k2v", &req).await?;
-		let api_key = api_key.ok_or_else(|| {
-			Error::Forbidden("Garage does not support anonymous access yet".to_string())
-		})?;
+		let api_key = api_key
+			.ok_or_else(|| Error::forbidden("Garage does not support anonymous access yet"))?;
 
 		let req = parse_streaming_body(
 			&api_key,
@@ -99,13 +94,14 @@ impl ApiHandler for K2VApiServer {
 			"k2v",
 		)?;
 
-		let bucket_id = resolve_bucket(&garage, &bucket_name, &api_key).await?;
+		let bucket_id = garage
+			.bucket_helper()
+			.resolve_bucket(&bucket_name, &api_key)
+			.await?;
 		let bucket = garage
-			.bucket_table
-			.get(&EmptyKey, &bucket_id)
-			.await?
-			.filter(|b| !b.state.is_deleted())
-			.ok_or(Error::NoSuchBucket)?;
+			.bucket_helper()
+			.get_existing_bucket(bucket_id)
+			.await?;
 
 		let allowed = match endpoint.authorization_type() {
 			Authorization::Read => api_key.allow_read(&bucket_id),
@@ -115,9 +111,7 @@ impl ApiHandler for K2VApiServer {
 		};
 
 		if !allowed {
-			return Err(Error::Forbidden(
-				"Operation is not allowed for this key.".to_string(),
-			));
+			return Err(Error::forbidden("Operation is not allowed for this key."));
 		}
 
 		// Look up what CORS rule might apply to response.
@@ -125,7 +119,8 @@ impl ApiHandler for K2VApiServer {
 		// are always preflighted, i.e. the browser should make
 		// an OPTIONS call before to check it is allowed
 		let matching_cors_rule = match *req.method() {
-			Method::GET | Method::HEAD | Method::POST => find_matching_cors_rule(&bucket, &req)?,
+			Method::GET | Method::HEAD | Method::POST => find_matching_cors_rule(&bucket, &req)
+				.ok_or_internal_error("Error looking up CORS rule")?,
 			_ => None,
 		};
 

src/api/k2v/batch.rs

@@ -12,7 +12,8 @@ use garage_model::garage::Garage;
 use garage_model::k2v::causality::*;
 use garage_model::k2v::item_table::*;
 
-use crate::error::*;
+use crate::helpers::*;
+use crate::k2v::error::*;
 use crate::k2v::range::read_range;
 
 pub async fn handle_insert_batch(
@@ -20,9 +21,7 @@ pub async fn handle_insert_batch(
 	bucket_id: Uuid,
 	req: Request<Body>,
 ) -> Result<Response<Body>, Error> {
-	let body = hyper::body::to_bytes(req.into_body()).await?;
-	let items: Vec<InsertBatchItem> =
-		serde_json::from_slice(&body).ok_or_bad_request("Invalid JSON")?;
+	let items = parse_json_body::<Vec<InsertBatchItem>>(req).await?;
 
 	let mut items2 = vec![];
 	for it in items {
@@ -52,9 +51,7 @@ pub async fn handle_read_batch(
 	bucket_id: Uuid,
 	req: Request<Body>,
 ) -> Result<Response<Body>, Error> {
-	let body = hyper::body::to_bytes(req.into_body()).await?;
-	let queries: Vec<ReadBatchQuery> =
-		serde_json::from_slice(&body).ok_or_bad_request("Invalid JSON")?;
+	let queries = parse_json_body::<Vec<ReadBatchQuery>>(req).await?;
 
 	let resp_results = futures::future::join_all(
 		queries
@@ -91,7 +88,7 @@ async fn handle_read_batch_query(
 
 	let (items, more, next_start) = if query.single_item {
 		if query.prefix.is_some() || query.end.is_some() || query.limit.is_some() || query.reverse {
-			return Err(Error::BadRequest("Batch query parameters 'prefix', 'end', 'limit' and 'reverse' must not be set when singleItem is true.".into()));
+			return Err(Error::bad_request("Batch query parameters 'prefix', 'end', 'limit' and 'reverse' must not be set when singleItem is true."));
 		}
 		let sk = query
 			.start
@@ -149,9 +146,7 @@ pub async fn handle_delete_batch(
 	bucket_id: Uuid,
 	req: Request<Body>,
 ) -> Result<Response<Body>, Error> {
-	let body = hyper::body::to_bytes(req.into_body()).await?;
-	let queries: Vec<DeleteBatchQuery> =
-		serde_json::from_slice(&body).ok_or_bad_request("Invalid JSON")?;
+	let queries = parse_json_body::<Vec<DeleteBatchQuery>>(req).await?;
 
 	let resp_results = futures::future::join_all(
 		queries
@@ -188,7 +183,7 @@ async fn handle_delete_batch_query(
 
 	let deleted_items = if query.single_item {
 		if query.prefix.is_some() || query.end.is_some() {
-			return Err(Error::BadRequest("Batch query parameters 'prefix' and 'end' must not be set when singleItem is true.".into()));
+			return Err(Error::bad_request("Batch query parameters 'prefix' and 'end' must not be set when singleItem is true."));
 		}
 		let sk = query
 			.start

src/api/k2v/error.rs

@@ -0,0 +1,135 @@
+use err_derive::Error;
+use hyper::header::HeaderValue;
+use hyper::{Body, HeaderMap, StatusCode};
+
+use garage_model::helper::error::Error as HelperError;
+
+use crate::common_error::CommonError;
+pub use crate::common_error::{CommonErrorDerivative, OkOrBadRequest, OkOrInternalError};
+use crate::generic_server::ApiError;
+use crate::helpers::CustomApiErrorBody;
+use crate::signature::error::Error as SignatureError;
+
+/// Errors of this crate
+#[derive(Debug, Error)]
+pub enum Error {
+	#[error(display = "{}", _0)]
+	/// Error from common error
+	Common(CommonError),
+
+	// Category: cannot process
+	/// Authorization Header Malformed
+	#[error(display = "Authorization header malformed, expected scope: {}", _0)]
+	AuthorizationHeaderMalformed(String),
+
+	/// The object requested don't exists
+	#[error(display = "Key not found")]
+	NoSuchKey,
+
+	/// Some base64 encoded data was badly encoded
+	#[error(display = "Invalid base64: {}", _0)]
+	InvalidBase64(#[error(source)] base64::DecodeError),
+
+	/// The client sent a header with invalid value
+	#[error(display = "Invalid header value: {}", _0)]
+	InvalidHeader(#[error(source)] hyper::header::ToStrError),
+
+	/// The client asked for an invalid return format (invalid Accept header)
+	#[error(display = "Not acceptable: {}", _0)]
+	NotAcceptable(String),
+
+	/// The request contained an invalid UTF-8 sequence in its path or in other parameters
+	#[error(display = "Invalid UTF-8: {}", _0)]
+	InvalidUtf8Str(#[error(source)] std::str::Utf8Error),
+}
+
+impl<T> From<T> for Error
+where
+	CommonError: From<T>,
+{
+	fn from(err: T) -> Self {
+		Error::Common(CommonError::from(err))
+	}
+}
+
+impl CommonErrorDerivative for Error {}
+
+impl From<HelperError> for Error {
+	fn from(err: HelperError) -> Self {
+		match err {
+			HelperError::Internal(i) => Self::Common(CommonError::InternalError(i)),
+			HelperError::BadRequest(b) => Self::Common(CommonError::BadRequest(b)),
+			HelperError::InvalidBucketName(n) => Self::Common(CommonError::InvalidBucketName(n)),
+			HelperError::NoSuchBucket(n) => Self::Common(CommonError::NoSuchBucket(n)),
+			e => Self::Common(CommonError::BadRequest(format!("{}", e))),
+		}
+	}
+}
+
+impl From<SignatureError> for Error {
+	fn from(err: SignatureError) -> Self {
+		match err {
+			SignatureError::Common(c) => Self::Common(c),
+			SignatureError::AuthorizationHeaderMalformed(c) => {
+				Self::AuthorizationHeaderMalformed(c)
+			}
+			SignatureError::InvalidUtf8Str(i) => Self::InvalidUtf8Str(i),
+			SignatureError::InvalidHeader(h) => Self::InvalidHeader(h),
+		}
+	}
+}
+
+impl Error {
+	/// This returns a keyword for the corresponding error.
+	/// Here, these keywords are not necessarily those from AWS S3,
+	/// as we are building a custom API
+	fn code(&self) -> &'static str {
+		match self {
+			Error::Common(c) => c.aws_code(),
+			Error::NoSuchKey => "NoSuchKey",
+			Error::NotAcceptable(_) => "NotAcceptable",
+			Error::AuthorizationHeaderMalformed(_) => "AuthorizationHeaderMalformed",
+			Error::InvalidBase64(_) => "InvalidBase64",
+			Error::InvalidHeader(_) => "InvalidHeaderValue",
+			Error::InvalidUtf8Str(_) => "InvalidUtf8String",
+		}
+	}
+}
+
+impl ApiError for Error {
+	/// Get the HTTP status code that best represents the meaning of the error for the client
+	fn http_status_code(&self) -> StatusCode {
+		match self {
+			Error::Common(c) => c.http_status_code(),
+			Error::NoSuchKey => StatusCode::NOT_FOUND,
+			Error::NotAcceptable(_) => StatusCode::NOT_ACCEPTABLE,
+			Error::AuthorizationHeaderMalformed(_)
+			| Error::InvalidBase64(_)
+			| Error::InvalidHeader(_)
+			| Error::InvalidUtf8Str(_) => StatusCode::BAD_REQUEST,
+		}
+	}
+
+	fn add_http_headers(&self, header_map: &mut HeaderMap<HeaderValue>) {
+		use hyper::header;
+		header_map.append(header::CONTENT_TYPE, "application/json".parse().unwrap());
+	}
+
+	fn http_body(&self, garage_region: &str, path: &str) -> Body {
+		let error = CustomApiErrorBody {
+			code: self.code().to_string(),
+			message: format!("{}", self),
+			path: path.to_string(),
+			region: garage_region.to_string(),
+		};
+		Body::from(serde_json::to_string_pretty(&error).unwrap_or_else(|_| {
+			r#"
+{
+	"code": "InternalError",
+	"message": "JSON encoding of error failed"
+}
+			"#
+			.into()
+		}))
+	}
+}

src/api/k2v/index.rs

@@ -10,9 +10,9 @@ use garage_rpc::ring::Ring;
 use garage_table::util::*;
 
 use garage_model::garage::Garage;
-use garage_model::k2v::counter_table::{BYTES, CONFLICTS, ENTRIES, VALUES};
+use garage_model::k2v::item_table::{BYTES, CONFLICTS, ENTRIES, VALUES};
 
-use crate::error::*;
+use crate::k2v::error::*;
 use crate::k2v::range::read_range;
 
 pub async fn handle_read_index(

src/api/k2v/item.rs

@@ -10,7 +10,7 @@ use garage_model::garage::Garage;
 use garage_model::k2v::causality::*;
 use garage_model::k2v::item_table::*;
 
-use crate::error::*;
+use crate::k2v::error::*;
 
 pub const X_GARAGE_CAUSALITY_TOKEN: &str = "X-Garage-Causality-Token";
 

src/api/k2v/mod.rs

@@ -1,4 +1,5 @@
 pub mod api_server;
+mod error;
 mod router;
 
 mod batch;

src/api/k2v/range.rs

@@ -7,8 +7,8 @@ use std::sync::Arc;
 use garage_table::replication::TableShardedReplication;
 use garage_table::*;
 
-use crate::error::*;
 use crate::helpers::key_after_prefix;
+use crate::k2v::error::*;
 
 /// Read range in a Garage table.
 /// Returns (entries, more?, nextStart)
@@ -31,7 +31,7 @@ where
 		(None, Some(s)) => (Some(s.clone()), false),
 		(Some(p), Some(s)) => {
 			if !s.starts_with(p) {
-				return Err(Error::BadRequest(format!(
+				return Err(Error::bad_request(format!(
 					"Start key '{}' does not start with prefix '{}'",
 					s, p
 				)));
@@ -74,7 +74,11 @@ where
 				}
 			}
 			if let Some(e) = end {
-				if entry.sort_key() == e {
+				let is_finished = match enumeration_order {
+					EnumerationOrder::Forward => entry.sort_key() >= e,
+					EnumerationOrder::Reverse => entry.sort_key() <= e,
+				};
+				if is_finished {
 					return Ok((entries, false, None));
 				}
 			}

src/api/k2v/router.rs

@@ -1,4 +1,4 @@
-use crate::error::*;
+use crate::k2v::error::*;
 
 use std::borrow::Cow;
 
@@ -62,7 +62,7 @@ impl Endpoint {
 			.unwrap_or((path.to_owned(), ""));
 
 		if bucket.is_empty() {
-			return Err(Error::BadRequest("Missing bucket name".to_owned()));
+			return Err(Error::bad_request("Missing bucket name"));
 		}
 
 		if *req.method() == Method::OPTIONS {
@@ -83,7 +83,7 @@ impl Endpoint {
 			Method::PUT => Self::from_put(partition_key, &mut query)?,
 			Method::DELETE => Self::from_delete(partition_key, &mut query)?,
 			_ if req.method() == method_search => Self::from_search(partition_key, &mut query)?,
-			_ => return Err(Error::BadRequest("Unknown method".to_owned())),
+			_ => return Err(Error::bad_request("Unknown method")),
 		};
 
 		if let Some(message) = query.nonempty_message() {

src/api/lib.rs

@@ -2,16 +2,16 @@
 #[macro_use]
 extern crate tracing;
 
-pub mod error;
-pub use error::Error;
+pub mod common_error;
 
 mod encoding;
-mod generic_server;
+pub mod generic_server;
 pub mod helpers;
 mod router_macros;
 /// This mode is public only to help testing. Don't expect stability here
 pub mod signature;
 
+pub mod admin;
 #[cfg(feature = "k2v")]
 pub mod k2v;
 pub mod s3;

src/api/router_macros.rs

@@ -23,6 +23,29 @@ macro_rules! router_match {
             _ => None
         }
     }};
+	(@gen_path_parser ($method:expr, $reqpath:expr, $query:expr)
+	 [
+	 $($meth:ident $path:pat $(if $required:ident)? => $api:ident $(($($conv:ident :: $param:ident),*))?,)*
+	 ]) => {{
+		{
+			use Endpoint::*;
+			match ($method, $reqpath) {
+				$(
+					(&Method::$meth, $path) if true $(&& $query.$required.is_some())? => $api {
+						$($(
+							$param: router_match!(@@parse_param $query, $conv, $param),
+						)*)?
+					},
+				)*
+				(m, p) => {
+					return Err(Error::bad_request(format!(
+						"Unknown API endpoint: {} {}",
+						m, p
+					)))
+				}
+			}
+		}
+	}};
     (@gen_parser ($keyword:expr, $key:ident, $query:expr, $header:expr),
         key: [$($kw_k:ident $(if $required_k:ident)? $(header $header_k:expr)? => $api_k:ident $(($($conv_k:ident :: $param_k:ident),*))?,)*],
         no_key: [$($kw_nk:ident $(if $required_nk:ident)? $(if_header $header_nk:expr)? => $api_nk:ident $(($($conv_nk:ident :: $param_nk:ident),*))?,)*]) => {{
@@ -55,7 +78,7 @@ macro_rules! router_match {
                 )*)?
             }),
             )*
-            (kw, _) => Err(Error::BadRequest(format!("Invalid endpoint: {}", kw)))
+            (kw, _) => Err(Error::bad_request(format!("Invalid endpoint: {}", kw)))
         }
     }};
 
@@ -74,14 +97,14 @@ macro_rules! router_match {
             .take()
             .map(|param| param.parse())
             .transpose()
-            .map_err(|_| Error::BadRequest("Failed to parse query parameter".to_owned()))?
+            .map_err(|_| Error::bad_request("Failed to parse query parameter"))?
     }};
     (@@parse_param $query:expr, parse, $param:ident) => {{
         // extract and parse mandatory query parameter
         // both missing and un-parseable parameters are reported as errors
         $query.$param.take().ok_or_bad_request("Missing argument for endpoint")?
             .parse()
-            .map_err(|_| Error::BadRequest("Failed to parse query parameter".to_owned()))?
+            .map_err(|_| Error::bad_request("Failed to parse query parameter"))?
     }};
     (@func
     $(#[$doc:meta])*
@@ -150,7 +173,7 @@ macro_rules! generateQueryParameters {
                                 false
                             } else if v.as_ref().is_empty() {
                                 if res.keyword.replace(k).is_some() {
-                                    return Err(Error::BadRequest("Multiple keywords".to_owned()));
+                                    return Err(Error::bad_request("Multiple keywords"));
                                 }
                                 continue;
                             } else {
@@ -160,7 +183,7 @@ macro_rules! generateQueryParameters {
                         }
                     };
                     if repeated {
-                        return Err(Error::BadRequest(format!(
+                        return Err(Error::bad_request(format!(
                             "Query parameter repeated: '{}'",
                             k
                         )));

src/api/s3/api_server.rs

@@ -1,21 +1,21 @@
+use std::net::SocketAddr;
 use std::sync::Arc;
 
 use async_trait::async_trait;
 
 use futures::future::Future;
 use hyper::header;
-use hyper::{Body, Method, Request, Response};
+use hyper::{Body, Request, Response};
 
 use opentelemetry::{trace::SpanRef, KeyValue};
 
-use garage_table::util::*;
 use garage_util::error::Error as GarageError;
 
 use garage_model::garage::Garage;
 use garage_model::key_table::Key;
 
-use crate::error::*;
 use crate::generic_server::*;
+use crate::s3::error::*;
 
 use crate::signature::payload::check_payload_signature;
 use crate::signature::streaming::*;
@@ -44,16 +44,13 @@ pub(crate) struct S3ApiEndpoint {
 impl S3ApiServer {
 	pub async fn run(
 		garage: Arc<Garage>,
+		addr: SocketAddr,
+		s3_region: String,
 		shutdown_signal: impl Future<Output = ()>,
 	) -> Result<(), GarageError> {
-		let addr = garage.config.s3_api.api_bind_addr;
-
-		ApiServer::new(
-			garage.config.s3_api.s3_region.clone(),
-			S3ApiServer { garage },
-		)
-		.run_server(addr, shutdown_signal)
-		.await
+		ApiServer::new(s3_region, S3ApiServer { garage })
+			.run_server(addr, shutdown_signal)
+			.await
 	}
 
 	async fn handle_request_without_bucket(
@@ -75,6 +72,7 @@ impl ApiHandler for S3ApiServer {
 	const API_NAME_DISPLAY: &'static str = "S3";
 
 	type Endpoint = S3ApiEndpoint;
+	type Error = Error;
 
 	fn parse_endpoint(&self, req: &Request<Body>) -> Result<S3ApiEndpoint, Error> {
 		let authority = req
@@ -122,9 +120,8 @@ impl ApiHandler for S3ApiServer {
 		}
 
 		let (api_key, mut content_sha256) = check_payload_signature(&garage, "s3", &req).await?;
-		let api_key = api_key.ok_or_else(|| {
-			Error::Forbidden("Garage does not support anonymous access yet".to_string())
-		})?;
+		let api_key = api_key
+			.ok_or_else(|| Error::forbidden("Garage does not support anonymous access yet"))?;
 
 		let req = parse_streaming_body(
 			&api_key,
@@ -148,13 +145,14 @@ impl ApiHandler for S3ApiServer {
 			return handle_create_bucket(&garage, req, content_sha256, api_key, bucket_name).await;
 		}
 
-		let bucket_id = resolve_bucket(&garage, &bucket_name, &api_key).await?;
+		let bucket_id = garage
+			.bucket_helper()
+			.resolve_bucket(&bucket_name, &api_key)
+			.await?;
 		let bucket = garage
-			.bucket_table
-			.get(&EmptyKey, &bucket_id)
-			.await?
-			.filter(|b| !b.state.is_deleted())
-			.ok_or(Error::NoSuchBucket)?;
+			.bucket_helper()
+			.get_existing_bucket(bucket_id)
+			.await?;
 
 		let allowed = match endpoint.authorization_type() {
 			Authorization::Read => api_key.allow_read(&bucket_id),
@@ -164,19 +162,10 @@ impl ApiHandler for S3ApiServer {
 		};
 
 		if !allowed {
-			return Err(Error::Forbidden(
-				"Operation is not allowed for this key.".to_string(),
-			));
+			return Err(Error::forbidden("Operation is not allowed for this key."));
 		}
 
-		// Look up what CORS rule might apply to response.
-		// Requests for methods different than GET, HEAD or POST
-		// are always preflighted, i.e. the browser should make
-		// an OPTIONS call before to check it is allowed
-		let matching_cors_rule = match *req.method() {
-			Method::GET | Method::HEAD | Method::POST => find_matching_cors_rule(&bucket, &req)?,
-			_ => None,
-		};
+		let matching_cors_rule = find_matching_cors_rule(&bucket, &req)?;
 
 		let resp = match endpoint {
 			Endpoint::HeadObject {
@@ -221,7 +210,7 @@ impl ApiHandler for S3ApiServer {
 				.await
 			}
 			Endpoint::PutObject { key } => {
-				handle_put(garage, req, bucket_id, &key, content_sha256).await
+				handle_put(garage, req, &bucket, &key, content_sha256).await
 			}
 			Endpoint::AbortMultipartUpload { key, upload_id } => {
 				handle_abort_multipart_upload(garage, bucket_id, &key, &upload_id).await
@@ -235,7 +224,7 @@ impl ApiHandler for S3ApiServer {
 					garage,
 					req,
 					&bucket_name,
-					bucket_id,
+					&bucket,
 					&key,
 					&upload_id,
 					content_sha256,
@@ -309,7 +298,7 @@ impl ApiHandler for S3ApiServer {
 					)
 					.await
 				} else {
-					Err(Error::BadRequest(format!(
+					Err(Error::bad_request(format!(
 						"Invalid endpoint: list-type={}",
 						list_type
 					)))

src/api/s3/bucket.rs

@@ -8,13 +8,13 @@ use garage_model::bucket_table::Bucket;
 use garage_model::garage::Garage;
 use garage_model::key_table::Key;
 use garage_model::permission::BucketKeyPerm;
-use garage_model::s3::object_table::ObjectFilter;
 use garage_table::util::*;
 use garage_util::crdt::*;
 use garage_util::data::*;
 use garage_util::time::*;
 
-use crate::error::*;
+use crate::common_error::CommonError;
+use crate::s3::error::*;
 use crate::s3::xml as s3_xml;
 use crate::signature::verify_signed_content;
 
@@ -130,7 +130,7 @@ pub async fn handle_create_bucket(
 
 	if let Some(location_constraint) = cmd {
 		if location_constraint != garage.config.s3_api.s3_region {
-			return Err(Error::BadRequest(format!(
+			return Err(Error::bad_request(format!(
 				"Cannot satisfy location constraint `{}`: buckets can only be created in region `{}`",
 				location_constraint,
 				garage.config.s3_api.s3_region
@@ -158,12 +158,12 @@ pub async fn handle_create_bucket(
 		// otherwise return a forbidden error.
 		let kp = api_key.bucket_permissions(&bucket_id);
 		if !(kp.allow_write || kp.allow_owner) {
-			return Err(Error::BucketAlreadyExists);
+			return Err(CommonError::BucketAlreadyExists.into());
 		}
 	} else {
 		// Create the bucket!
 		if !is_valid_bucket_name(&bucket_name) {
-			return Err(Error::BadRequest(format!(
+			return Err(Error::bad_request(format!(
 				"{}: {}",
 				bucket_name, INVALID_BUCKET_NAME_MESSAGE
 			)));
@@ -228,18 +228,8 @@ pub async fn handle_delete_bucket(
 		// Delete bucket
 
 		// Check bucket is empty
-		let objects = garage
-			.object_table
-			.get_range(
-				&bucket_id,
-				None,
-				Some(ObjectFilter::IsData),
-				10,
-				EnumerationOrder::Forward,
-			)
-			.await?;
-		if !objects.is_empty() {
-			return Err(Error::BucketNotEmpty);
+		if !garage.bucket_helper().is_bucket_empty(bucket_id).await? {
+			return Err(CommonError::BucketNotEmpty.into());
 		}
 
 		// --- done checking, now commit ---
@@ -305,7 +295,6 @@ fn parse_create_bucket_xml(xml_bytes: &[u8]) -> Option<Option<String>> {
 
 	let mut ret = None;
 	for item in cbc.children() {
-		println!("{:?}", item);
 		if item.has_tag_name("LocationConstraint") {
 			if ret != None {
 				return None;

src/api/s3/copy.rs

@@ -5,9 +5,12 @@ use std::time::{Duration, SystemTime, UNIX_EPOCH};
 use futures::{stream, stream::Stream, StreamExt, TryFutureExt};
 use md5::{Digest as Md5Digest, Md5};
 
+use bytes::Bytes;
 use hyper::{Body, Request, Response};
 use serde::Serialize;
 
+use garage_rpc::netapp::bytes_buf::BytesBuf;
+use garage_rpc::rpc_helper::OrderTag;
 use garage_table::*;
 use garage_util::data::*;
 use garage_util::time::*;
@@ -18,8 +21,8 @@ use garage_model::s3::block_ref_table::*;
 use garage_model::s3::object_table::*;
 use garage_model::s3::version_table::*;
 
-use crate::error::*;
-use crate::helpers::{parse_bucket_key, resolve_bucket};
+use crate::helpers::parse_bucket_key;
+use crate::s3::error::*;
 use crate::s3::put::{decode_upload_id, get_headers};
 use crate::s3::xml::{self as s3_xml, xmlns_tag};
 
@@ -201,8 +204,8 @@ pub async fn handle_upload_part_copy(
 			let mut ranges = http_range::HttpRange::parse(range_str, source_version_meta.size)
 				.map_err(|e| (e, source_version_meta.size))?;
 			if ranges.len() != 1 {
-				return Err(Error::BadRequest(
-					"Invalid x-amz-copy-source-range header: exactly 1 range must be given".into(),
+				return Err(Error::bad_request(
+					"Invalid x-amz-copy-source-range header: exactly 1 range must be given",
 				));
 			} else {
 				ranges.pop().unwrap()
@@ -230,8 +233,8 @@ pub async fn handle_upload_part_copy(
 			// This is only for small files, we don't bother handling this.
 			// (in AWS UploadPartCopy works for parts at least 5MB which
 			// is never the case of an inline object)
-			return Err(Error::BadRequest(
-				"Source object is too small (minimum part size is 5Mb)".into(),
+			return Err(Error::bad_request(
+				"Source object is too small (minimum part size is 5Mb)",
 			));
 		}
 		ObjectVersionData::FirstBlock(_meta, _first_block_hash) => (),
@@ -250,7 +253,7 @@ pub async fn handle_upload_part_copy(
 	// Check this part number hasn't yet been uploaded
 	if let Some(dv) = dest_version {
 		if dv.has_part_number(part_number) {
-			return Err(Error::BadRequest(format!(
+			return Err(Error::bad_request(format!(
 				"Part number {} has already been uploaded",
 				part_number
 			)));
@@ -305,13 +308,18 @@ pub async fn handle_upload_part_copy(
 	// if and only if the block returned is a block that already existed
 	// in the Garage data store (thus we don't need to save it again).
 	let garage2 = garage.clone();
+	let order_stream = OrderTag::stream();
 	let source_blocks = stream::iter(blocks_to_copy)
-		.flat_map(|(block_hash, range_to_copy)| {
+		.enumerate()
+		.flat_map(|(i, (block_hash, range_to_copy))| {
 			let garage3 = garage2.clone();
 			stream::once(async move {
-				let data = garage3.block_manager.rpc_get_block(&block_hash).await?;
+				let data = garage3
+					.block_manager
+					.rpc_get_block(&block_hash, Some(order_stream.order(i as u64)))
+					.await?;
 				match range_to_copy {
-					Some(r) => Ok((data[r].to_vec(), None)),
+					Some(r) => Ok((data.slice(r), None)),
 					None => Ok((data, Some(block_hash))),
 				}
 			})
@@ -413,10 +421,13 @@ async fn get_copy_source(
 	let copy_source = percent_encoding::percent_decode_str(copy_source).decode_utf8()?;
 
 	let (source_bucket, source_key) = parse_bucket_key(&copy_source, None)?;
-	let source_bucket_id = resolve_bucket(garage, &source_bucket.to_string(), api_key).await?;
+	let source_bucket_id = garage
+		.bucket_helper()
+		.resolve_bucket(&source_bucket.to_string(), api_key)
+		.await?;
 
 	if !api_key.allow_read(&source_bucket_id) {
-		return Err(Error::Forbidden(format!(
+		return Err(Error::forbidden(format!(
 			"Reading from bucket {} not allowed for this key",
 			source_bucket
 		)));
@@ -536,8 +547,8 @@ impl CopyPreconditionHeaders {
 			(None, None, None, Some(ims)) => v_date > *ims,
 			(None, None, None, None) => true,
 			_ => {
-				return Err(Error::BadRequest(
-					"Invalid combination of x-amz-copy-source-if-xxxxx headers".into(),
+				return Err(Error::bad_request(
+					"Invalid combination of x-amz-copy-source-if-xxxxx headers",
 				))
 			}
 		};
@@ -550,13 +561,13 @@ impl CopyPreconditionHeaders {
 	}
 }
 
-type BlockStreamItemOk = (Vec<u8>, Option<Hash>);
+type BlockStreamItemOk = (Bytes, Option<Hash>);
 type BlockStreamItem = Result<BlockStreamItemOk, garage_util::error::Error>;
 
 struct Defragmenter<S: Stream<Item = BlockStreamItem>> {
 	block_size: usize,
 	block_stream: Pin<Box<stream::Peekable<S>>>,
-	buffer: Vec<u8>,
+	buffer: BytesBuf,
 	hash: Option<Hash>,
 }
 
@@ -565,7 +576,7 @@ impl<S: Stream<Item = BlockStreamItem>> Defragmenter<S> {
 		Self {
 			block_size,
 			block_stream,
-			buffer: vec![],
+			buffer: BytesBuf::new(),
 			hash: None,
 		}
 	}
@@ -583,7 +594,7 @@ impl<S: Stream<Item = BlockStreamItem>> Defragmenter<S> {
 
 			if self.buffer.is_empty() {
 				let (next_block, next_block_hash) = self.block_stream.next().await.unwrap()?;
-				self.buffer = next_block;
+				self.buffer.extend(next_block);
 				self.hash = next_block_hash;
 			} else if self.buffer.len() + peeked_next_block.len() > self.block_size {
 				break;
@@ -594,11 +605,11 @@ impl<S: Stream<Item = BlockStreamItem>> Defragmenter<S> {
 			}
 		}
 
-		Ok((std::mem::take(&mut self.buffer), self.hash.take()))
+		Ok((self.buffer.take_all(), self.hash.take()))
 	}
 }
 
-#[derive(Debug, Serialize, PartialEq)]
+#[derive(Debug, Serialize, PartialEq, Eq)]
 pub struct CopyObjectResult {
 	#[serde(rename = "LastModified")]
 	pub last_modified: s3_xml::Value,
@@ -606,7 +617,7 @@ pub struct CopyObjectResult {
 	pub etag: s3_xml::Value,
 }
 
-#[derive(Debug, Serialize, PartialEq)]
+#[derive(Debug, Serialize, PartialEq, Eq)]
 pub struct CopyPartResult {
 	#[serde(serialize_with = "xmlns_tag")]
 	pub xmlns: (),
@@ -651,7 +662,6 @@ mod tests {
 			last_modified: s3_xml::Value("2011-04-11T20:34:56.000Z".into()),
 			etag: s3_xml::Value("\"9b2cf535f27731c974343645a3985328\"".into()),
 		};
-		println!("{}", to_xml_with_header(&v)?);
 
 		assert_eq!(to_xml_with_header(&v)?, expected_retval);
 

src/api/s3/cors.rs

@@ -9,13 +9,12 @@ use hyper::{header::HeaderName, Body, Method, Request, Response, StatusCode};
 
 use serde::{Deserialize, Serialize};
 
-use crate::error::*;
+use crate::s3::error::*;
 use crate::s3::xml::{to_xml_with_header, xmlns_tag, IntValue, Value};
 use crate::signature::verify_signed_content;
 
 use garage_model::bucket_table::{Bucket, CorsRule as GarageCorsRule};
 use garage_model::garage::Garage;
-use garage_table::*;
 use garage_util::data::*;
 
 pub async fn handle_get_cors(bucket: &Bucket) -> Result<Response<Body>, Error> {
@@ -48,14 +47,11 @@ pub async fn handle_delete_cors(
 	bucket_id: Uuid,
 ) -> Result<Response<Body>, Error> {
 	let mut bucket = garage
-		.bucket_table
-		.get(&EmptyKey, &bucket_id)
-		.await?
-		.ok_or(Error::NoSuchBucket)?;
+		.bucket_helper()
+		.get_existing_bucket(bucket_id)
+		.await?;
 
-	let param = bucket
-		.params_mut()
-		.ok_or_internal_error("Bucket should not be deleted at this point")?;
+	let param = bucket.params_mut().unwrap();
 
 	param.cors_config.update(None);
 	garage.bucket_table.insert(&bucket).await?;
@@ -78,14 +74,11 @@ pub async fn handle_put_cors(
 	}
 
 	let mut bucket = garage
-		.bucket_table
-		.get(&EmptyKey, &bucket_id)
-		.await?
-		.ok_or(Error::NoSuchBucket)?;
+		.bucket_helper()
+		.get_existing_bucket(bucket_id)
+		.await?;
 
-	let param = bucket
-		.params_mut()
-		.ok_or_internal_error("Bucket should not be deleted at this point")?;
+	let param = bucket.params_mut().unwrap();
 
 	let conf: CorsConfiguration = from_reader(&body as &[u8])?;
 	conf.validate()?;
@@ -119,12 +112,7 @@ pub async fn handle_options_s3api(
 		let helper = garage.bucket_helper();
 		let bucket_id = helper.resolve_global_bucket_name(&bn).await?;
 		if let Some(id) = bucket_id {
-			let bucket = garage
-				.bucket_table
-				.get(&EmptyKey, &id)
-				.await?
-				.filter(|b| !b.state.is_deleted())
-				.ok_or(Error::NoSuchBucket)?;
+			let bucket = garage.bucket_helper().get_existing_bucket(id).await?;
 			handle_options_for_bucket(req, &bucket)
 		} else {
 			// If there is a bucket name in the request, but that name
@@ -185,7 +173,7 @@ pub fn handle_options_for_bucket(
 		}
 	}
 
-	Err(Error::Forbidden("This CORS request is not allowed.".into()))
+	Err(Error::forbidden("This CORS request is not allowed."))
 }
 
 pub fn find_matching_cors_rule<'a>(

src/api/s3/delete.rs

@@ -8,7 +8,7 @@ use garage_util::time::*;
 use garage_model::garage::Garage;
 use garage_model::s3::object_table::*;
 
-use crate::error::*;
+use crate::s3::error::*;
 use crate::s3::xml as s3_xml;
 use crate::signature::verify_signed_content;
 
@@ -64,14 +64,13 @@ pub async fn handle_delete(
 	bucket_id: Uuid,
 	key: &str,
 ) -> Result<Response<Body>, Error> {
-	let (_deleted_version, delete_marker_version) =
-		handle_delete_internal(&garage, bucket_id, key).await?;
-
-	Ok(Response::builder()
-		.header("x-amz-version-id", hex::encode(delete_marker_version))
-		.status(StatusCode::NO_CONTENT)
-		.body(Body::from(vec![]))
-		.unwrap())
+	match handle_delete_internal(&garage, bucket_id, key).await {
+		Ok(_) | Err(Error::NoSuchKey) => Ok(Response::builder()
+			.status(StatusCode::NO_CONTENT)
+			.body(Body::from(vec![]))
+			.unwrap()),
+		Err(e) => Err(e),
+	}
 }
 
 pub async fn handle_delete_objects(

src/api/s3/error.rs

@@ -2,34 +2,24 @@ use std::convert::TryInto;
 
 use err_derive::Error;
 use hyper::header::HeaderValue;
-use hyper::{HeaderMap, StatusCode};
+use hyper::{Body, HeaderMap, StatusCode};
 
 use garage_model::helper::error::Error as HelperError;
-use garage_util::error::Error as GarageError;
 
+use crate::common_error::CommonError;
+pub use crate::common_error::{CommonErrorDerivative, OkOrBadRequest, OkOrInternalError};
+use crate::generic_server::ApiError;
 use crate::s3::xml as s3_xml;
+use crate::signature::error::Error as SignatureError;
 
 /// Errors of this crate
 #[derive(Debug, Error)]
 pub enum Error {
-	// Category: internal error
-	/// Error related to deeper parts of Garage
-	#[error(display = "Internal error: {}", _0)]
-	InternalError(#[error(source)] GarageError),
-
-	/// Error related to Hyper
-	#[error(display = "Internal error (Hyper error): {}", _0)]
-	Hyper(#[error(source)] hyper::Error),
-
-	/// Error related to HTTP
-	#[error(display = "Internal error (HTTP error): {}", _0)]
-	Http(#[error(source)] http::Error),
+	#[error(display = "{}", _0)]
+	/// Error from common error
+	Common(CommonError),
 
 	// Category: cannot process
-	/// No proper api key was used, or the signature was invalid
-	#[error(display = "Forbidden: {}", _0)]
-	Forbidden(String),
-
 	/// Authorization Header Malformed
 	#[error(display = "Authorization header malformed, expected scope: {}", _0)]
 	AuthorizationHeaderMalformed(String),
@@ -38,22 +28,10 @@ pub enum Error {
 	#[error(display = "Key not found")]
 	NoSuchKey,
 
-	/// The bucket requested don't exists
-	#[error(display = "Bucket not found")]
-	NoSuchBucket,
-
 	/// The multipart upload requested don't exists
 	#[error(display = "Upload not found")]
 	NoSuchUpload,
 
-	/// Tried to create a bucket that already exist
-	#[error(display = "Bucket already exists")]
-	BucketAlreadyExists,
-
-	/// Tried to delete a non-empty bucket
-	#[error(display = "Tried to delete a non-empty bucket")]
-	BucketNotEmpty,
-
 	/// Precondition failed (e.g. x-amz-copy-source-if-match)
 	#[error(display = "At least one of the preconditions you specified did not hold")]
 	PreconditionFailed,
@@ -80,10 +58,6 @@ pub enum Error {
 	#[error(display = "Invalid UTF-8: {}", _0)]
 	InvalidUtf8String(#[error(source)] std::string::FromUtf8Error),
 
-	/// Some base64 encoded data was badly encoded
-	#[error(display = "Invalid base64: {}", _0)]
-	InvalidBase64(#[error(source)] base64::DecodeError),
-
 	/// The client sent invalid XML data
 	#[error(display = "Invalid XML: {}", _0)]
 	InvalidXml(String),
@@ -96,19 +70,34 @@ pub enum Error {
 	#[error(display = "Invalid HTTP range: {:?}", _0)]
 	InvalidRange(#[error(from)] (http_range::HttpRangeParseError, u64)),
 
-	/// The client sent an invalid request
-	#[error(display = "Bad request: {}", _0)]
-	BadRequest(String),
-
-	/// The client asked for an invalid return format (invalid Accept header)
-	#[error(display = "Not acceptable: {}", _0)]
-	NotAcceptable(String),
-
 	/// The client sent a request for an action not supported by garage
 	#[error(display = "Unimplemented action: {}", _0)]
 	NotImplemented(String),
 }
 
+impl<T> From<T> for Error
+where
+	CommonError: From<T>,
+{
+	fn from(err: T) -> Self {
+		Error::Common(CommonError::from(err))
+	}
+}
+
+impl CommonErrorDerivative for Error {}
+
+impl From<HelperError> for Error {
+	fn from(err: HelperError) -> Self {
+		match err {
+			HelperError::Internal(i) => Self::Common(CommonError::InternalError(i)),
+			HelperError::BadRequest(b) => Self::Common(CommonError::BadRequest(b)),
+			HelperError::InvalidBucketName(n) => Self::Common(CommonError::InvalidBucketName(n)),
+			HelperError::NoSuchBucket(n) => Self::Common(CommonError::NoSuchBucket(n)),
+			e => Self::bad_request(format!("{}", e)),
+		}
+	}
+}
+
 impl From<roxmltree::Error> for Error {
 	fn from(err: roxmltree::Error) -> Self {
 		Self::InvalidXml(format!("{}", err))
@@ -121,89 +110,71 @@ impl From<quick_xml::de::DeError> for Error {
 	}
 }
 
-impl From<HelperError> for Error {
-	fn from(err: HelperError) -> Self {
+impl From<SignatureError> for Error {
+	fn from(err: SignatureError) -> Self {
 		match err {
-			HelperError::Internal(i) => Self::InternalError(i),
-			HelperError::BadRequest(b) => Self::BadRequest(b),
+			SignatureError::Common(c) => Self::Common(c),
+			SignatureError::AuthorizationHeaderMalformed(c) => {
+				Self::AuthorizationHeaderMalformed(c)
+			}
+			SignatureError::InvalidUtf8Str(i) => Self::InvalidUtf8Str(i),
+			SignatureError::InvalidHeader(h) => Self::InvalidHeader(h),
 		}
 	}
 }
 
 impl From<multer::Error> for Error {
 	fn from(err: multer::Error) -> Self {
-		Self::BadRequest(err.to_string())
+		Self::bad_request(err)
 	}
 }
 
 impl Error {
-	/// Get the HTTP status code that best represents the meaning of the error for the client
-	pub fn http_status_code(&self) -> StatusCode {
-		match self {
-			Error::NoSuchKey | Error::NoSuchBucket | Error::NoSuchUpload => StatusCode::NOT_FOUND,
-			Error::BucketNotEmpty | Error::BucketAlreadyExists => StatusCode::CONFLICT,
-			Error::PreconditionFailed => StatusCode::PRECONDITION_FAILED,
-			Error::Forbidden(_) => StatusCode::FORBIDDEN,
-			Error::NotAcceptable(_) => StatusCode::NOT_ACCEPTABLE,
-			Error::InternalError(
-				GarageError::Timeout
-				| GarageError::RemoteError(_)
-				| GarageError::Quorum(_, _, _, _),
-			) => StatusCode::SERVICE_UNAVAILABLE,
-			Error::InternalError(_) | Error::Hyper(_) | Error::Http(_) => {
-				StatusCode::INTERNAL_SERVER_ERROR
-			}
-			Error::InvalidRange(_) => StatusCode::RANGE_NOT_SATISFIABLE,
-			Error::NotImplemented(_) => StatusCode::NOT_IMPLEMENTED,
-			_ => StatusCode::BAD_REQUEST,
-		}
-	}
-
 	pub fn aws_code(&self) -> &'static str {
 		match self {
+			Error::Common(c) => c.aws_code(),
 			Error::NoSuchKey => "NoSuchKey",
-			Error::NoSuchBucket => "NoSuchBucket",
 			Error::NoSuchUpload => "NoSuchUpload",
-			Error::BucketAlreadyExists => "BucketAlreadyExists",
-			Error::BucketNotEmpty => "BucketNotEmpty",
 			Error::PreconditionFailed => "PreconditionFailed",
 			Error::InvalidPart => "InvalidPart",
 			Error::InvalidPartOrder => "InvalidPartOrder",
 			Error::EntityTooSmall => "EntityTooSmall",
-			Error::Forbidden(_) => "AccessDenied",
 			Error::AuthorizationHeaderMalformed(_) => "AuthorizationHeaderMalformed",
 			Error::NotImplemented(_) => "NotImplemented",
-			Error::InternalError(
-				GarageError::Timeout
-				| GarageError::RemoteError(_)
-				| GarageError::Quorum(_, _, _, _),
-			) => "ServiceUnavailable",
-			Error::InternalError(_) | Error::Hyper(_) | Error::Http(_) => "InternalError",
-			_ => "InvalidRequest",
+			Error::InvalidXml(_) => "MalformedXML",
+			Error::InvalidRange(_) => "InvalidRange",
+			Error::InvalidUtf8Str(_) | Error::InvalidUtf8String(_) | Error::InvalidHeader(_) => {
+				"InvalidRequest"
+			}
+		}
+	}
+}
+
+impl ApiError for Error {
+	/// Get the HTTP status code that best represents the meaning of the error for the client
+	fn http_status_code(&self) -> StatusCode {
+		match self {
+			Error::Common(c) => c.http_status_code(),
+			Error::NoSuchKey | Error::NoSuchUpload => StatusCode::NOT_FOUND,
+			Error::PreconditionFailed => StatusCode::PRECONDITION_FAILED,
+			Error::InvalidRange(_) => StatusCode::RANGE_NOT_SATISFIABLE,
+			Error::NotImplemented(_) => StatusCode::NOT_IMPLEMENTED,
+			Error::AuthorizationHeaderMalformed(_)
+			| Error::InvalidPart
+			| Error::InvalidPartOrder
+			| Error::EntityTooSmall
+			| Error::InvalidXml(_)
+			| Error::InvalidUtf8Str(_)
+			| Error::InvalidUtf8String(_)
+			| Error::InvalidHeader(_) => StatusCode::BAD_REQUEST,
 		}
 	}
 
-	pub fn aws_xml(&self, garage_region: &str, path: &str) -> String {
-		let error = s3_xml::Error {
-			code: s3_xml::Value(self.aws_code().to_string()),
-			message: s3_xml::Value(format!("{}", self)),
-			resource: Some(s3_xml::Value(path.to_string())),
-			region: Some(s3_xml::Value(garage_region.to_string())),
-		};
-		s3_xml::to_xml_with_header(&error).unwrap_or_else(|_| {
-			r#"
-<?xml version="1.0" encoding="UTF-8"?>
-<Error>
-	<Code>InternalError</Code>
-	<Message>XML encoding of error failed</Message>
-</Error>
-			"#
-			.into()
-		})
-	}
-
-	pub fn add_headers(&self, header_map: &mut HeaderMap<HeaderValue>) {
+	fn add_http_headers(&self, header_map: &mut HeaderMap<HeaderValue>) {
 		use hyper::header;
+
+		header_map.append(header::CONTENT_TYPE, "application/xml".parse().unwrap());
+
 		#[allow(clippy::single_match)]
 		match self {
 			Error::InvalidRange((_, len)) => {
@@ -217,68 +188,23 @@ impl Error {
 			_ => (),
 		}
 	}
-}
 
-/// Trait to map error to the Bad Request error code
-pub trait OkOrBadRequest {
-	type S;
-	fn ok_or_bad_request<M: AsRef<str>>(self, reason: M) -> Result<Self::S, Error>;
-}
-
-impl<T, E> OkOrBadRequest for Result<T, E>
-where
-	E: std::fmt::Display,
-{
-	type S = T;
-	fn ok_or_bad_request<M: AsRef<str>>(self, reason: M) -> Result<T, Error> {
-		match self {
-			Ok(x) => Ok(x),
-			Err(e) => Err(Error::BadRequest(format!("{}: {}", reason.as_ref(), e))),
-		}
-	}
-}
-
-impl<T> OkOrBadRequest for Option<T> {
-	type S = T;
-	fn ok_or_bad_request<M: AsRef<str>>(self, reason: M) -> Result<T, Error> {
-		match self {
-			Some(x) => Ok(x),
-			None => Err(Error::BadRequest(reason.as_ref().to_string())),
-		}
-	}
-}
-
-/// Trait to map an error to an Internal Error code
-pub trait OkOrInternalError {
-	type S;
-	fn ok_or_internal_error<M: AsRef<str>>(self, reason: M) -> Result<Self::S, Error>;
-}
-
-impl<T, E> OkOrInternalError for Result<T, E>
-where
-	E: std::fmt::Display,
-{
-	type S = T;
-	fn ok_or_internal_error<M: AsRef<str>>(self, reason: M) -> Result<T, Error> {
-		match self {
-			Ok(x) => Ok(x),
-			Err(e) => Err(Error::InternalError(GarageError::Message(format!(
-				"{}: {}",
-				reason.as_ref(),
-				e
-			)))),
-		}
-	}
-}
-
-impl<T> OkOrInternalError for Option<T> {
-	type S = T;
-	fn ok_or_internal_error<M: AsRef<str>>(self, reason: M) -> Result<T, Error> {
-		match self {
-			Some(x) => Ok(x),
-			None => Err(Error::InternalError(GarageError::Message(
-				reason.as_ref().to_string(),
-			))),
-		}
+	fn http_body(&self, garage_region: &str, path: &str) -> Body {
+		let error = s3_xml::Error {
+			code: s3_xml::Value(self.aws_code().to_string()),
+			message: s3_xml::Value(format!("{}", self)),
+			resource: Some(s3_xml::Value(path.to_string())),
+			region: Some(s3_xml::Value(garage_region.to_string())),
+		};
+		Body::from(s3_xml::to_xml_with_header(&error).unwrap_or_else(|_| {
+			r#"
+<?xml version="1.0" encoding="UTF-8"?>
+<Error>
+	<Code>InternalError</Code>
+	<Message>XML encoding of error failed</Message>
+</Error>
+			"#
+			.into()
+		}))
 	}
 }

src/api/s3/get.rs

@@ -7,9 +7,9 @@ use http::header::{
 	ACCEPT_RANGES, CONTENT_LENGTH, CONTENT_RANGE, CONTENT_TYPE, ETAG, IF_MODIFIED_SINCE,
 	IF_NONE_MATCH, LAST_MODIFIED, RANGE,
 };
-use hyper::body::Bytes;
 use hyper::{Body, Request, Response, StatusCode};
 
+use garage_rpc::rpc_helper::{netapp::stream::ByteStream, OrderTag};
 use garage_table::EmptyKey;
 use garage_util::data::*;
 
@@ -17,7 +17,7 @@ use garage_model::garage::Garage;
 use garage_model::s3::object_table::*;
 use garage_model::s3::version_table::*;
 
-use crate::error::*;
+use crate::s3::error::*;
 
 const X_AMZ_MP_PARTS_COUNT: &str = "x-amz-mp-parts-count";
 
@@ -210,8 +210,8 @@ pub async fn handle_get(
 
 	match (part_number, parse_range_header(req, last_v_meta.size)?) {
 		(Some(_), Some(_)) => {
-			return Err(Error::BadRequest(
-				"Cannot specify both partNumber and Range header".into(),
+			return Err(Error::bad_request(
+				"Cannot specify both partNumber and Range header",
 			));
 		}
 		(Some(pn), None) => {
@@ -242,10 +242,15 @@ pub async fn handle_get(
 			Ok(resp_builder.body(body)?)
 		}
 		ObjectVersionData::FirstBlock(_, first_block_hash) => {
-			let read_first_block = garage.block_manager.rpc_get_block(first_block_hash);
+			let order_stream = OrderTag::stream();
+
+			let read_first_block = garage
+				.block_manager
+				.rpc_get_block_streaming(first_block_hash, Some(order_stream.order(0)));
 			let get_next_blocks = garage.version_table.get(&last_v.uuid, &EmptyKey);
 
-			let (first_block, version) = futures::try_join!(read_first_block, get_next_blocks)?;
+			let (first_block_stream, version) =
+				futures::try_join!(read_first_block, get_next_blocks)?;
 			let version = version.ok_or(Error::NoSuchKey)?;
 
 			let mut blocks = version
@@ -254,24 +259,26 @@ pub async fn handle_get(
 				.iter()
 				.map(|(_, vb)| (vb.hash, None))
 				.collect::<Vec<_>>();
-			blocks[0].1 = Some(first_block);
+			blocks[0].1 = Some(first_block_stream);
 
 			let body_stream = futures::stream::iter(blocks)
-				.map(move |(hash, data_opt)| {
+				.enumerate()
+				.map(move |(i, (hash, stream_opt))| {
 					let garage = garage.clone();
 					async move {
-						if let Some(data) = data_opt {
-							Ok(Bytes::from(data))
+						if let Some(stream) = stream_opt {
+							stream
 						} else {
 							garage
 								.block_manager
-								.rpc_get_block(&hash)
+								.rpc_get_block_streaming(&hash, Some(order_stream.order(i as u64)))
 								.await
-								.map(Bytes::from)
+								.unwrap_or_else(|e| error_stream(i, e))
 						}
 					}
 				})
-				.buffered(2);
+				.buffered(2)
+				.flatten();
 
 			let body = hyper::body::Body::wrap_stream(body_stream);
 			Ok(resp_builder.body(body)?)
@@ -302,9 +309,9 @@ async fn handle_get_range(
 				let body: Body = Body::from(bytes[begin as usize..end as usize].to_vec());
 				Ok(resp_builder.body(body)?)
 			} else {
-				None.ok_or_internal_error(
+				Err(Error::internal_error(
 					"Requested range not present in inline bytes when it should have been",
-				)
+				))
 			}
 		}
 		ObjectVersionData::FirstBlock(_meta, _first_block_hash) => {
@@ -422,40 +429,79 @@ fn body_from_blocks_range(
 		all_blocks.len(),
 		4 + ((end - begin) / std::cmp::max(all_blocks[0].1.size as u64, 1024)) as usize,
 	));
-	let mut true_offset = 0;
+	let mut block_offset: u64 = 0;
 	for (_, b) in all_blocks.iter() {
-		if true_offset >= end {
+		if block_offset >= end {
 			break;
 		}
 		// Keep only blocks that have an intersection with the requested range
-		if true_offset < end && true_offset + b.size > begin {
-			blocks.push((*b, true_offset));
+		if block_offset < end && block_offset + b.size > begin {
+			blocks.push((*b, block_offset));
 		}
-		true_offset += b.size;
+		block_offset += b.size as u64;
 	}
 
+	let order_stream = OrderTag::stream();
 	let body_stream = futures::stream::iter(blocks)
-		.map(move |(block, true_offset)| {
+		.enumerate()
+		.map(move |(i, (block, block_offset))| {
 			let garage = garage.clone();
 			async move {
-				let data = garage.block_manager.rpc_get_block(&block.hash).await?;
-				let data = Bytes::from(data);
-				let start_in_block = if true_offset > begin {
-					0
-				} else {
-					begin - true_offset
-				};
-				let end_in_block = if true_offset + block.size < end {
-					block.size
-				} else {
-					end - true_offset
-				};
-				Result::<Bytes, Error>::Ok(
-					data.slice(start_in_block as usize..end_in_block as usize),
-				)
+				garage
+					.block_manager
+					.rpc_get_block_streaming(&block.hash, Some(order_stream.order(i as u64)))
+					.await
+					.unwrap_or_else(|e| error_stream(i, e))
+					.scan(block_offset, move |chunk_offset, chunk| {
+						let r = match chunk {
+							Ok(chunk_bytes) => {
+								let chunk_len = chunk_bytes.len() as u64;
+								let r = if *chunk_offset >= end {
+									// The current chunk is after the part we want to read.
+									// Returning None here will stop the scan, the rest of the
+									// stream will be ignored
+									None
+								} else if *chunk_offset + chunk_len <= begin {
+									// The current chunk is before the part we want to read.
+									// We return a None that will be removed by the filter_map
+									// below.
+									Some(None)
+								} else {
+									// The chunk has an intersection with the requested range
+									let start_in_chunk = if *chunk_offset > begin {
+										0
+									} else {
+										begin - *chunk_offset
+									};
+									let end_in_chunk = if *chunk_offset + chunk_len < end {
+										chunk_len
+									} else {
+										end - *chunk_offset
+									};
+									Some(Some(Ok(chunk_bytes
+										.slice(start_in_chunk as usize..end_in_chunk as usize))))
+								};
+								*chunk_offset += chunk_bytes.len() as u64;
+								r
+							}
+							Err(e) => Some(Some(Err(e))),
+						};
+						futures::future::ready(r)
+					})
+					.filter_map(futures::future::ready)
 			}
 		})
-		.buffered(2);
+		.buffered(2)
+		.flatten();
 
 	hyper::body::Body::wrap_stream(body_stream)
 }
+
+fn error_stream(i: usize, e: garage_util::error::Error) -> ByteStream {
+	Box::pin(futures::stream::once(async move {
+		Err(std::io::Error::new(
+			std::io::ErrorKind::Other,
+			format!("Could not get block {}: {}", i, e),
+		))
+	}))
+}