Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Support single node instance persistance and auth
Server changes: * Optional listening on unix domain socket. * Local system root detection and auto authentication on UDS connection. * TLS support. tigris_server2 is started with TLS and tests are run through TLS on it. Due to cmux limitations it can only be routed to HTTP or GRPC, so there is an option added to control this `server.tls_http` * Test server configs moved to `test/config/server.{test,test2}.yaml` Teste secrets move to `test/config/keys/*`. Single node instance improvement made as part of `tigrisdata/tigris-local` container. The service is configured and started using `scripts/service-local.sh` in the container. The follwing configuration available: * TIGRIS_BOOTSTRAP_LOCAL_AUTH - initialize authentication on first instance start. It creates necessary tokens, users, namespaces for server <-> gotrue interconnection. * TIGRIS_LOCAL_PERSISTENCE initializes FDB in ssd mode vs memory. * TIGRIS_LOCAL_GENERATE_ADMIN_TOKEN produces admin user token in the data directory (./user_admin_token.txt). This not necessary on unix compatible system, where we can detect container owner by peer. * TIGRIS_SKIP_LOCAL_AUTH allows to temporary disable authenticaion on already initialized system. * TIGRIS_LOCAL_DEBUG can be set to enable debug logging in `./init.log` Bootstrap can only be initiated if the data directory is empty, it's noop otherwise. ``` docker run -e TIGRIS_BOOTSTRAP_LOCAL_AUTH=1 \ -e TIGRIS_LOCAL_PERSISTENCE=1 \ -e TIGRIS_LOCAL_GENERATE_ADMIN_TOKEN=1 \ --name my-tigris -v $TMPDIR:/var/lib/tigris \ -d -p $HOST_PORT:8081 tigrisdata/tigris-local ``` This is the structure of the persistence volume: ``` /var/lib/tigris/ ├── foundationdb │ ├── data │ │ ├── coordination-0.fdq │ │ ├── coordination-1.fdq │ │ ├── log2-V_6-3c801d05cd47c75a120e968dce9187a9.sqlite │ │ ├── log2-V_6-3c801d05cd47c75a120e968dce9187a9.sqlite-wal │ │ ├── logqueue-V_6-3c801d05cd47c75a120e968dce9187a9-0.fdq │ │ ├── processId │ │ ├── storage-1b4c5b99aff541f54264fa55e20b84b3.sqlite │ │ └── storage-1b4c5b99aff541f54264fa55e20b84b3.sqlite-wal │ └── logs │ └── trace.127.0.0.1.4500.1685517319.uq6Q1t.1.31.xml ├── gotrue │ ├── config │ │ ├── key │ │ ├── key_pem.pub │ │ └── key.pub │ ├── data │ └── logs │ ├── stderr │ └── stdout ├── initialized ├── init.log ├── server │ ├── config │ │ └── server.yaml │ ├── data │ ├── logs │ │ ├── stderr │ │ └── stdout │ └── unix.sock ├── typesense │ ├── config │ │ └── typesense-server.ini │ ├── data │ │ ├── db │ │ │ ├── 000234.log │ │ │ ├── 000236.sst │ │ │ ├── archive │ │ │ │ ├── 000005.log │ │ │ │ └── 000232.log │ │ │ ├── CURRENT │ │ │ ├── IDENTITY │ │ │ ├── LOCK │ │ │ ├── LOG │ │ │ ├── MANIFEST-000004 │ │ │ └── OPTIONS-000007 │ │ ├── meta │ │ │ ├── 000015.log │ │ │ ├── archive │ │ │ ├── CURRENT │ │ │ ├── IDENTITY │ │ │ ├── LOCK │ │ │ ├── LOG │ │ │ ├── LOG.old.1685517292544545 │ │ │ ├── LOG.old.1685517319188484 │ │ │ ├── MANIFEST-000014 │ │ │ ├── OPTIONS-000012 │ │ │ └── OPTIONS-000017 │ │ └── state │ │ ├── log │ │ │ ├── log_inprogress_00000000000000000001 │ │ │ └── log_meta │ │ ├── meta │ │ │ └── raft_meta │ │ └── snapshot │ │ └── snapshot_00000000000000000482 │ │ ├── db_snapshot │ │ │ ├── 000231.sst │ │ │ ├── CURRENT │ │ │ ├── MANIFEST-000004 │ │ │ └── OPTIONS-000007 │ │ └── __raft_snapshot_meta │ └── logs │ └── typesense.log └── user_admin_token.txt ```
- Loading branch information