From 9eb13d33b7136a3f4f55b4f8fb2caea51770efd5 Mon Sep 17 00:00:00 2001 From: Paul Buetow Date: Wed, 8 Apr 2026 10:54:17 +0300 Subject: garage: Garage 2.2 TOML schema and deploy permissions Align etc/garage.f*.toml with garage-2.2.0 (metadata_dir, data_dir, rpc_secret, rpc_bind_addr, rpc_public_addr per host, s3_api/admin, replication_factor). Bind RPC on 0.0.0.0:3901 so IPv4 LAN peers can reach nodes on FreeBSD. Install config as root:garage 640 so the rc.d garage user can read garage.toml. Made-with: Cursor --- f3s/garage/Rexfile | 3 ++- f3s/garage/etc/garage.f0.toml | 27 ++++++++++++++++----------- f3s/garage/etc/garage.f1.toml | 27 ++++++++++++++++----------- f3s/garage/etc/garage.f2.toml | 27 ++++++++++++++++----------- 4 files changed, 50 insertions(+), 34 deletions(-) diff --git a/f3s/garage/Rexfile b/f3s/garage/Rexfile index 0343c5c..5154ad2 100644 --- a/f3s/garage/Rexfile +++ b/f3s/garage/Rexfile @@ -61,7 +61,8 @@ task 'garage_deploy', group => 'paul', mode => '600'; - run "doas install -o root -g wheel -m 600 $tmp " . GARAGE_ETC; + # garage runs as user `garage` (see rc.d); config must be group-readable + run "doas install -o root -g garage -m 640 $tmp " . GARAGE_ETC; run "rm -f $tmp"; run 'doas service garage restart'; }; diff --git a/f3s/garage/etc/garage.f0.toml b/f3s/garage/etc/garage.f0.toml index 6c4c2ad..0569054 100644 --- a/f3s/garage/etc/garage.f0.toml +++ b/f3s/garage/etc/garage.f0.toml @@ -1,16 +1,21 @@ -[metadata] -path = "/var/db/garage/meta" -auto_snapshot_interval = "6h" +replication_factor = 3 +consistency_mode = "consistent" -[data] -path = [ +metadata_dir = "/var/db/garage/meta" +data_dir = [ { path = "/var/db/garage/data", capacity = "23G" } ] +metadata_auto_snapshot_interval = "6h" -[rpc] -bind_addr = "[::]:3901" -secret = "__RPC_SECRET__" +db_engine = "lmdb" -[api] -s3_bind_addr = "[::]:3900" -admin_bind_addr = "[::]:3903" +rpc_secret = "__RPC_SECRET__" +rpc_bind_addr = "0.0.0.0:3901" +rpc_public_addr = "192.168.1.130:3901" + +[s3_api] +api_bind_addr = "[::]:3900" +s3_region = "garage" + +[admin] +api_bind_addr = "[::]:3903" diff --git a/f3s/garage/etc/garage.f1.toml b/f3s/garage/etc/garage.f1.toml index 6c4c2ad..13b6d04 100644 --- a/f3s/garage/etc/garage.f1.toml +++ b/f3s/garage/etc/garage.f1.toml @@ -1,16 +1,21 @@ -[metadata] -path = "/var/db/garage/meta" -auto_snapshot_interval = "6h" +replication_factor = 3 +consistency_mode = "consistent" -[data] -path = [ +metadata_dir = "/var/db/garage/meta" +data_dir = [ { path = "/var/db/garage/data", capacity = "23G" } ] +metadata_auto_snapshot_interval = "6h" -[rpc] -bind_addr = "[::]:3901" -secret = "__RPC_SECRET__" +db_engine = "lmdb" -[api] -s3_bind_addr = "[::]:3900" -admin_bind_addr = "[::]:3903" +rpc_secret = "__RPC_SECRET__" +rpc_bind_addr = "0.0.0.0:3901" +rpc_public_addr = "192.168.1.131:3901" + +[s3_api] +api_bind_addr = "[::]:3900" +s3_region = "garage" + +[admin] +api_bind_addr = "[::]:3903" diff --git a/f3s/garage/etc/garage.f2.toml b/f3s/garage/etc/garage.f2.toml index 6c4c2ad..c31ee72 100644 --- a/f3s/garage/etc/garage.f2.toml +++ b/f3s/garage/etc/garage.f2.toml @@ -1,16 +1,21 @@ -[metadata] -path = "/var/db/garage/meta" -auto_snapshot_interval = "6h" +replication_factor = 3 +consistency_mode = "consistent" -[data] -path = [ +metadata_dir = "/var/db/garage/meta" +data_dir = [ { path = "/var/db/garage/data", capacity = "23G" } ] +metadata_auto_snapshot_interval = "6h" -[rpc] -bind_addr = "[::]:3901" -secret = "__RPC_SECRET__" +db_engine = "lmdb" -[api] -s3_bind_addr = "[::]:3900" -admin_bind_addr = "[::]:3903" +rpc_secret = "__RPC_SECRET__" +rpc_bind_addr = "0.0.0.0:3901" +rpc_public_addr = "192.168.1.132:3901" + +[s3_api] +api_bind_addr = "[::]:3900" +s3_region = "garage" + +[admin] +api_bind_addr = "[::]:3903" -- cgit v1.2.3