change rpc_secret to rpc_secret_file

.drone.yml

@@ -2,39 +2,37 @@
 kind: pipeline
 name: deploy to swarm-test.autonomic.zone
 steps:
-- name: deployment
-  image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
-  settings:
-    host: swarm-test.autonomic.zone
-    stack: garage
-    generate_secrets: true
-    purge: true
-    deploy_key:
-      from_secret: drone_ssh_swarm_test
-    networks:
-    - proxy
-    compose: "compose.yml"
-  environment:
-    DOMAIN: garage.swarm-test.autonomic.zone
-    STACK_NAME: garage
-    LETS_ENCRYPT_ENV: production
-    SECRET_RPC_SECRET_VERSION: v1
+  - name: deployment
+    image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
+    settings:
+      host: swarm-test.autonomic.zone
+      stack: example_com  # UPDATE ME
+      generate_secrets: true
+      purge: true
+      deploy_key:
+        from_secret: drone_ssh_swarm_test
+      networks:
+        - proxy
+    environment:
+      DOMAIN: example.swarm-test.autonomic.zone # UPDATE ME
+      STACK_NAME: example_com  # UPDATE ME
+      LETS_ENCRYPT_ENV: production
 trigger:
   branch:
-  - main
+    - main
 ---
 kind: pipeline
 name: generate recipe catalogue
 steps:
-- name: release a new version
-  image: plugins/downstream
-  settings:
-    server: https://build.coopcloud.tech
-    token:
-      from_secret: drone_abra-bot_token
-    fork: true
-    repositories:
-    - toolshed/auto-recipes-catalogue-json
+  - name: release a new version
+    image: plugins/downstream
+    settings:
+      server: https://build.coopcloud.tech
+      token:
+        from_secret: drone_abra-bot_token
+      fork: true
+      repositories:
+        - coop-cloud/auto-recipes-catalogue-json
 
 trigger:
   event: tag

.env.sample

@@ -6,11 +6,6 @@ LETS_ENCRYPT_ENV=production
 COMPOSE_FILE="compose.yml"
 
 SECRET_RPC_SECRET_VERSION=v1 # length=64 charset=hex
-SECRET_ADMIN_TOKEN_SECRET_VERSION=v1 # length=64 charset=hex
-SECRET_METRICS_TOKEN_SECRET_VERSION=v1 # length=64 charset=hex
-
-#COMPOSE_FILE="$COMPOSE_FILE:compose.monitoring.yml"
-#MONITORING_ENABLED=true
 
 # Changing the replication factor after initial deployment is not 
 # supported and requires deleting the existing cluster layout metadata.

README.md

@@ -1,4 +1,4 @@
-# Garage
+# garage
 
 > An open-source distributed object storage service tailored for selfhosting at a small-to-medium scale.
 
@@ -10,7 +10,7 @@
 * **Healthcheck**: No
 * **Backups**: No
 * **Email**: N/A
-* **Tests**: Yes
+* **Tests**: No
 * **SSO**: N/A
 
 <!-- endmetadata -->
@@ -52,43 +52,7 @@ You can optionally add this alias to your `.bashrc` (or similar) file to avoid h
 ### Garage Quick Start Guide
 Once `garage status` works, you can follow the guide here: https://garagehq.deuxfleurs.fr/documentation/quick-start/#checking-that-garage-runs-correctly
 
-## Monitoring
 
-### Enabling
-
-By default monitoring is disabled and must be enabled in your config.
-
-To enable, set `MONITORING` to `true` and uncomment the line `#COMPOSE_FILE="$COMPOSE_FILE:compose.monitoring.yml"`.
-
-> If you've deployed garage before ver `0.0.2+v2.3.0` then you will need to add the following lines to your config:
-> ```
-> MONITORING_DOMAIN=monitoring.garage.example.com
-> SECRET_ADMIN_TOKEN_SECRET_VERSION=v1 # length=64 charset=hex
-> SECRET_METRICS_TOKEN_SECRET_VERSION=v1 # length=64 charset=hex
-> 
-> #COMPOSE_FILE="$COMPOSE_FILE:compose.monitoring.yml"
-> MONITORING="true"
-> ```
-
-If you're using the
-[monitoring-ng](https://recipes.coopcloud.tech/monitoring-ng) recipe,
-insert the `metrics_token` with the value of `basic_auth`:
-
-```sh
-abra app secret insert garage.example.coop v1 metrics_token BASIC_AUTH
-```
-
-### Deploying
-
-Now, undeploy the service, generate the new secrets, and finally re-deploy:
-```
-abra app undeploy <app-domain>
-abra app secret generate --all <app-domain>
-abra app deploy <app-domain>
-```
-### Utilizing metrics
-
-Within your chosen monitoring software (ie. Telegraf, Prometheus, etc.), you'll need to make sure it interprets the correct scheme (https), and point it at <app-domain>/metrics as the monitoring endpoint. The secret you copied earlier called metrics_token will be used to authenticate the request.
 
 ## Backups
 

abra.sh

@@ -1 +1 @@
-export GARAGE_CONF_VERSION=v7
+export GARAGE_CONF_VERSION=v5

compose.monitoring.yml

@@ -1,29 +0,0 @@
----
-version: "3.8"
-
-services:
-  app:
-    secrets:
-      - source: metrics_token
-        mode: 0600
-      - source: admin_token
-        mode: 0600
-    deploy:
-      labels:
-        - "traefik.http.routers.${STACK_NAME}-metrics.rule=Host(`${DOMAIN}`) && Path(`/metrics`)"
-        - "traefik.http.routers.${STACK_NAME}-metrics.entrypoints=web-secure"
-        - "traefik.http.routers.${STACK_NAME}-metrics.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "traefik.http.routers.${STACK_NAME}-metrics.service=${STACK_NAME}-metrics"
-        - "traefik.http.services.${STACK_NAME}-metrics.loadbalancer.server.port=3903"
-        - "prometheus.io/scrape=true"
-        - "prometheus.io/port=3903"
-        - "prometheus.io/path=/metrics"
-        - "prometheus.io/auth=bearer"
-
-secrets:
-  admin_token:
-    name: ${STACK_NAME}_admin_token_${SECRET_ADMIN_TOKEN_SECRET_VERSION}
-    external: true
-  metrics_token:
-    name: ${STACK_NAME}_metrics_token_${SECRET_METRICS_TOKEN_SECRET_VERSION}
-    external: true

compose.yml

@@ -9,8 +9,7 @@ services:
       - source: garage_conf
         target: /etc/garage.toml
     secrets:
-      - source: rpc_secret
-        mode: 0600
+      - rpc_secret
     networks:
       - proxy
       - internal
@@ -23,23 +22,16 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "traefik.http.routers.${STACK_NAME}.service=${STACK_NAME}"
         - "traefik.tcp.routers.${STACK_NAME}-rpc.rule=HostSNI(`*`)"
         - "traefik.tcp.routers.${STACK_NAME}-rpc.entrypoints=garage-rpc"
         - "traefik.tcp.services.${STACK_NAME}-rpc.loadbalancer.server.port=3901"
-        - "coop-cloud.${STACK_NAME}.version=0.0.2+v2.3.0"
+        - "coop-cloud.${STACK_NAME}.version=0.0.1+2.1.0"
         - "backupbot.backup=true"
         - "backupbot.backup.pre-hook=/garage meta snapshot --all"
         - "backupbot.backup.path=/var/lib/garage/meta/snapshots/,/var/lib/garage/meta/cluster_layout,/var/lib/garage/meta/data_layout,/var/lib/garage/meta/node_key,/var/lib/garage/meta/node_key.pub"
     volumes:
       - "${LOCAL_FOLDER_META:-meta}:/var/lib/garage/meta"
       - "${LOCAL_FOLDER_DATA:-data}:/var/lib/garage/data"
-    healthcheck:
-      test: ["CMD", "/garage", "status"]
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 10s
 
 networks:
   proxy:

garage.toml.tmpl

@@ -15,7 +15,7 @@ compression_level = 2
 rpc_bind_addr = "[::]:3901"
 rpc_public_addr = "{{ env "DOMAIN" }}:3901"
 rpc_addr = "[::]:3901"
-rpc_secret_file = "/run/secrets/rpc_secret"
+rpc_secret_file = /run/secrets/rpc_secret
 
 {{ if ne (env "BOOTSTRAP_ID") "" }}
 bootstrap_peers = [
@@ -27,11 +27,3 @@ bootstrap_peers = [
 s3_region = "garage"
 api_bind_addr = "[::]:3900"
 root_domain = ".s3.garage"
-
-{{ if eq (env "MONITORING_ENABLED") "true" }}
-[admin]
-api_bind_addr = "[::]:3903"
-admin_token_file = "/run/secrets/admin_token"
-metrics_require_token = true
-metrics_token_file = "/run/secrets/metrics_token"
-{{ end }}