garage: Garage 2.2 TOML schema and deploy permissions

Align etc/garage.f*.toml with garage-2.2.0 (metadata_dir, data_dir, rpc_secret, rpc_bind_addr, rpc_public_addr per host, s3_api/admin, replication_factor). Bind RPC on 0.0.0.0:3901 so IPv4 LAN peers can reach nodes on FreeBSD. Install config as root:garage 640 so the rc.d garage user can read garage.toml. Made-with: Cursor
author: Paul Buetow <paul@buetow.org> 2026-04-08 10:54:17 +0300
committer: Paul Buetow <paul@buetow.org> 2026-04-08 10:54:17 +0300
commit: 9eb13d33b7136a3f4f55b4f8fb2caea51770efd5 (patch)
tree: d9801aa1cbfc3b75408ebbf8a43986557c601955 /f3s
parent: ec7ae97d99e1230242951567bb7a021701818fbb (diff)
4 files changed, 50 insertions, 34 deletions
diff --git a/f3s/garage/Rexfile b/f3s/garage/Rexfile
index 0343c5c..5154ad2 100644
--- a/f3s/garage/Rexfile
+++ b/f3s/garage/Rexfile
@@ -61,7 +61,8 @@ task 'garage_deploy',
       group   => 'paul',
       mode    => '600';
 
-    run "doas install -o root -g wheel -m 600 $tmp " . GARAGE_ETC;
+    # garage runs as user `garage` (see rc.d); config must be group-readable
+    run "doas install -o root -g garage -m 640 $tmp " . GARAGE_ETC;
     run "rm -f $tmp";
     run 'doas service garage restart';
   };
diff --git a/f3s/garage/etc/garage.f0.toml b/f3s/garage/etc/garage.f0.toml
index 6c4c2ad..0569054 100644
--- a/f3s/garage/etc/garage.f0.toml
+++ b/f3s/garage/etc/garage.f0.toml
@@ -1,16 +1,21 @@
-[metadata]
-path = "/var/db/garage/meta"
-auto_snapshot_interval = "6h"
+replication_factor = 3
+consistency_mode = "consistent"
 
-[data]
-path = [
+metadata_dir = "/var/db/garage/meta"
+data_dir = [
   { path = "/var/db/garage/data", capacity = "23G" }
 ]
+metadata_auto_snapshot_interval = "6h"
 
-[rpc]
-bind_addr = "[::]:3901"
-secret = "__RPC_SECRET__"
+db_engine = "lmdb"
 
-[api]
-s3_bind_addr = "[::]:3900"
-admin_bind_addr = "[::]:3903"
+rpc_secret = "__RPC_SECRET__"
+rpc_bind_addr = "0.0.0.0:3901"
+rpc_public_addr = "192.168.1.130:3901"
+
+[s3_api]
+api_bind_addr = "[::]:3900"
+s3_region = "garage"
+
+[admin]
+api_bind_addr = "[::]:3903"
diff --git a/f3s/garage/etc/garage.f1.toml b/f3s/garage/etc/garage.f1.toml
index 6c4c2ad..13b6d04 100644
--- a/f3s/garage/etc/garage.f1.toml
+++ b/f3s/garage/etc/garage.f1.toml
@@ -1,16 +1,21 @@
-[metadata]
-path = "/var/db/garage/meta"
-auto_snapshot_interval = "6h"
+replication_factor = 3
+consistency_mode = "consistent"
 
-[data]
-path = [
+metadata_dir = "/var/db/garage/meta"
+data_dir = [
   { path = "/var/db/garage/data", capacity = "23G" }
 ]
+metadata_auto_snapshot_interval = "6h"
 
-[rpc]
-bind_addr = "[::]:3901"
-secret = "__RPC_SECRET__"
+db_engine = "lmdb"
 
-[api]
-s3_bind_addr = "[::]:3900"
-admin_bind_addr = "[::]:3903"
+rpc_secret = "__RPC_SECRET__"
+rpc_bind_addr = "0.0.0.0:3901"
+rpc_public_addr = "192.168.1.131:3901"
+
+[s3_api]
+api_bind_addr = "[::]:3900"
+s3_region = "garage"
+
+[admin]
+api_bind_addr = "[::]:3903"
diff --git a/f3s/garage/etc/garage.f2.toml b/f3s/garage/etc/garage.f2.toml
index 6c4c2ad..c31ee72 100644
--- a/f3s/garage/etc/garage.f2.toml
+++ b/f3s/garage/etc/garage.f2.toml
@@ -1,16 +1,21 @@
-[metadata]
-path = "/var/db/garage/meta"
-auto_snapshot_interval = "6h"
+replication_factor = 3
+consistency_mode = "consistent"
 
-[data]
-path = [
+metadata_dir = "/var/db/garage/meta"
+data_dir = [
   { path = "/var/db/garage/data", capacity = "23G" }
 ]
+metadata_auto_snapshot_interval = "6h"
 
-[rpc]
-bind_addr = "[::]:3901"
-secret = "__RPC_SECRET__"
+db_engine = "lmdb"
 
-[api]
-s3_bind_addr = "[::]:3900"
-admin_bind_addr = "[::]:3903"
+rpc_secret = "__RPC_SECRET__"
+rpc_bind_addr = "0.0.0.0:3901"
+rpc_public_addr = "192.168.1.132:3901"
+
+[s3_api]
+api_bind_addr = "[::]:3900"
+s3_region = "garage"
+
+[admin]
+api_bind_addr = "[::]:3903"
author	Paul Buetow <paul@buetow.org>	2026-04-08 10:54:17 +0300
committer	Paul Buetow <paul@buetow.org>	2026-04-08 10:54:17 +0300
commit	9eb13d33b7136a3f4f55b4f8fb2caea51770efd5 (patch)
tree	d9801aa1cbfc3b75408ebbf8a43986557c601955 /f3s
parent	ec7ae97d99e1230242951567bb7a021701818fbb (diff)