encrypt

package
v0.0.0-...-4ba1123 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 15, 2024 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Overview

Package encrypt registers the "encrypt" blobserver storage type which stores all blobs and metadata with age encryption into other wrapped storage targets (e.g. localdisk, s3, remote, google).

An encrypt storage target is configured with two other storage targets: one to hold encrypted blobs, and one to hold encrypted metadata about the encrypted blobs. On start-up, all the metadata blobs are read to discover the plaintext blobrefs.

Encryption is currently always age. See code for metadata formats and configuration details, which are currently subject to change.

The low-level config requires 'keyFile' to be set.

Example low-level config: 

"/storage-encrypted/": {
    "handler": "storage-encrypt",
    "handlerArgs": {
        "I_AGREE": "that encryption support hasn't been peer-reviewed, isn't finished, and its format might change.",
        "keyFile": "/path/to/keyfile",
        "blobs": "/blobs-storage/",
        "meta": "/meta-storage/",
        "metaIndex": {
            "file": "/path/to/index.leveldb",
            "type": "leveldb"
        },
    }
},

Index

Constants

View Source 
const (
	// FullMetaBlobSize is the number of lines at which we stop compacting a meta blob.
	FullMetaBlobSize = 10 * 1000 // ~ 512kB
	// SmallMetaCountLimit is the number of small meta that triggers compaction.
	SmallMetaCountLimit = 100 // 100 rounds to make a full = ~ 26MB bw waste
)

Variables

This section is empty.

Functions

This section is empty.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.