micropelago/isle
3
0
Fork 0
Code Issues 1 Pull Requests Projects Releases 5 Activity

5 Releases 5 Tags

RSS Feed
  • v0.0.2 3980dc6083
    Compare

    v0.0.2 Stable

    mediocregopher released this 2024-07-15 17:39:35 +00:00 | 17 commits to main since this release

    ⚠️ ALPHA RELEASE ⚠️ All 0.0.x releases are considered alpha. Future 0.0.x releases will likely contain backwards incompatible changes which may require resetting your network. Expect bugs and missing features.

    Changelog

    This release focuses on two major changes

    • A complete refactoring of the daemon and CLI. The daemon now serves RPC requests over a unix socket, and all interaction with other CLI commands is done via that socket. This is a similar architecture as docker uses, and the primary benifit is that it allows isle to run as its own (non-root) system user, and other non-root users retain the ability to interact with it. Previously one had to be the same user as the isle daemon in order to interact with it, which blocked any eventual path towards a GUI.

    • A rethinking of the admin bundle and secrets in general. The isle daemon now manages secrets itself, without the user needing to manage an admin "bundle" like before. This drastically improves usability at a moderate security cost. The new system also paves the way for move fine-grained permissions, and automatic distribution of secrets to other hosts. For example, in the future not all hosts will be given the garage RPC key in the initial boostrap. Instead, if a host wants to provide storage, someone else who is already providing storage will be able to grant them that ability. This allows for better quality control in larger networks.

    Other major changes

    • Garage has been updated to v1.0.0. This release includes an improved network topology algorithm and storage engines. Hopefully, being a v1 release, there won't be further backwards incompatible changes between garage versions.

    • The release artifacts now include pacman packages for archlinux and archlinux-based distros. The isle package will automatically set up an isle user and install the isle systemd service.

    • Addition of the AGPLv3 license.

    • A lot of CLI commands have been moved, renamed, or otherwise modified. The in-repo documentation has been updated accordingly.

    • A new isle nebula create-cert command has been introduced. This allows for generating just the nebula certificate for a host based on a nebula public key. The primary use-case is for usage of the nebula mobile app with an isle network, at least until there is a micropelago mobile app.

    Minor changes

    • Fix minio-client creating config directory in user's home.

    • Most non-human editable files are now stored in JSON rather than YAML. This was mostly motivated by json.RawMessage being available in go's standard library, while the popular go YAML library doesn't have an equivalent.

    • Host data is stored in garage and the bootstrap file in a much cleaner way, especially with respect to signed/validated data.

    • Use XDG_STATE_HOME rather than XDG_DATA_HOME for storing bootstrap and secrets data.

    • Input validation on the CLI is now more comprehensive and consistent.

    Changes on the development side

    • Moved go code into its own sub-directory, to improve delineation with other parts like the nix code.

    • Introduction of a simple end-to-end testing framework. The framework is currently just based on bash scripts, but could probably be improved with some containerization. Nonetheless it has helped me tremendously in terms of development velocity.

    • Nixpkgs was updated to 24.05, which resulted in the go toolchain being updated to 1.22.

    Download

    🔗 Pre-built binaries and packages for this release can be found here.

    Downloads