Skip to content

Commit

Permalink
chore: change the default config for rpm and deb (#884)
Browse files Browse the repository at this point in the history
Signed-off-by: Gaius <[email protected]>
  • Loading branch information
gaius-qi authored Dec 5, 2024
1 parent 47e38cb commit 31edec8
Show file tree
Hide file tree
Showing 3 changed files with 123 additions and 72 deletions.
16 changes: 8 additions & 8 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 8 additions & 8 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ members = [
]

[workspace.package]
version = "0.1.122"
version = "0.1.123"
authors = ["The Dragonfly Developers"]
homepage = "https://d7y.io/"
repository = "https://github.com/dragonflyoss/client.git"
Expand All @@ -22,13 +22,13 @@ readme = "README.md"
edition = "2021"

[workspace.dependencies]
dragonfly-client = { path = "dragonfly-client", version = "0.1.122" }
dragonfly-client-core = { path = "dragonfly-client-core", version = "0.1.122" }
dragonfly-client-config = { path = "dragonfly-client-config", version = "0.1.122" }
dragonfly-client-storage = { path = "dragonfly-client-storage", version = "0.1.122" }
dragonfly-client-backend = { path = "dragonfly-client-backend", version = "0.1.122" }
dragonfly-client-util = { path = "dragonfly-client-util", version = "0.1.122" }
dragonfly-client-init = { path = "dragonfly-client-init", version = "0.1.122" }
dragonfly-client = { path = "dragonfly-client", version = "0.1.123" }
dragonfly-client-core = { path = "dragonfly-client-core", version = "0.1.123" }
dragonfly-client-config = { path = "dragonfly-client-config", version = "0.1.123" }
dragonfly-client-storage = { path = "dragonfly-client-storage", version = "0.1.123" }
dragonfly-client-backend = { path = "dragonfly-client-backend", version = "0.1.123" }
dragonfly-client-util = { path = "dragonfly-client-util", version = "0.1.123" }
dragonfly-client-init = { path = "dragonfly-client-init", version = "0.1.123" }
thiserror = "1.0"
dragonfly-api = "=2.0.173"
reqwest = { version = "0.12.4", features = ["stream", "native-tls", "default-tls", "rustls-tls"] }
Expand Down
163 changes: 107 additions & 56 deletions ci/dfdaemon.yaml
Original file line number Diff line number Diff line change
@@ -1,44 +1,74 @@
# bose prints log.
# verbose prints log to stdout.
verbose: true

log:
# Specify the logging level [trace, debug, info, warn, error]
level: info

# host is the host configuration for dfdaemon.
host:
## idc is the idc of the host.
# idc is the idc of the host.
idc: ''
## location is the location of the host.
# location is the location of the host.
location: ''
## hostname is the hostname of the host.
# hostname: ""
## ip is the advertise ip of the host.
# ip: ""
# # hostname is the hostname of the host.
# hostname: ""
# # ip is the advertise ip of the host.
# ip: ""

server:
# pluginDir is the directory to store plugins.
pluginDir: /var/lib/dragonfly/plugins/dfdaemon/
# cacheDir is the directory to store cache files.
cacheDir: /var/cache/dragonfly/dfdaemon/

download:
server:
# -- socketPath is the unix socket path for dfdaemon GRPC service.
# socketPath is the unix socket path for dfdaemon GRPC service.
socketPath: /var/run/dragonfly/dfdaemon.sock
# -- rateLimit is the default rate limit of the download speed in KiB/MiB/GiB per second, default is 10GiB/s.
# rateLimit is the default rate limit of the download speed in KiB/MiB/GiB per second, default is 10GiB/s.
rateLimit: 10GiB
# -- pieceTimeout is the timeout for downloading a piece from source.
# pieceTimeout is the timeout for downloading a piece from source.
pieceTimeout: 30s
# -- concurrentPieceCount is the number of concurrent pieces to download.
# concurrentPieceCount is the number of concurrent pieces to download.
concurrentPieceCount: 10

upload:
server:
# -- port is the port to the grpc server.
# port is the port to the grpc server.
port: 4000
## ip is the listen ip of the grpc server.
# ip: ""
# -- rateLimit is the default rate limit of the upload speed in KiB/MiB/GiB per second, default is 10GiB/s.
# # ip is the listen ip of the grpc server.
# ip: ""
# # CA certificate file path for mTLS.
# caCert: /etc/ssl/certs/ca.crt
# # GRPC server certificate file path for mTLS.
# cert: /etc/ssl/certs/server.crt
# # GRPC server key file path for mTLS.
# key: /etc/ssl/private/server.pem
#
# # Client configuration for remote peer's upload server.
# client:
# # CA certificate file path for mTLS.
# caCert: /etc/ssl/certs/ca.crt
# # GRPC client certificate file path for mTLS.
# cert: /etc/ssl/certs/client.crt
# # GRPC client key file path for mTLS.
# key: /etc/ssl/private/client.pem
# disableShared indicates whether disable to share data for other peers.
disableShared: false
# rateLimit is the default rate limit of the upload speed in KiB/MiB/GiB per second, default is 10GiB/s.
rateLimit: 10GiB

manager:
# addrs is manager addresses.
addrs: []
# addr is manager address.
addr: http://manager-service:65003
# # CA certificate file path for mTLS.
# caCert: /etc/ssl/certs/ca.crt
# # GRPC client certificate file path for mTLS.
# cert: /etc/ssl/certs/client.crt
# # GRPC client key file path for mTLS.
# key: /etc/ssl/private/client.pem

scheduler:
# announceInterval is the interval to announce peer to the scheduler.
# Announcer will provide the scheduler with peer information for scheduling,
Expand All @@ -51,18 +81,21 @@ scheduler:
maxScheduleCount: 5
# enableBackToSource indicates whether enable back-to-source download, when the scheduling failed.
enableBackToSource: true
# # CA certificate file path for mTLS.
# caCert: /etc/ssl/certs/ca.crt
# # GRPC client certificate file path for mTLS.
# cert: /etc/ssl/certs/client.crt
# # GRPC client key file path for mTLS.
# key: /etc/ssl/private/client.pem

seedPeer:
# enable indicates whether enable seed peer.
enable: true
# type is the type of seed peer.
type: super
# clusterID is the cluster id of the seed peer cluster.
clusterID: 1
# keepaliveInterval is the interval to keep alive with manager.
keepaliveInterval: 15s
enable: false

dynconfig:
# refreshInterval is the interval to refresh dynamic configuration from manager.
refreshInterval: 1m

storage:
# dir is the directory to store task's metadata and content.
dir: /var/lib/dragonfly/
Expand All @@ -72,6 +105,7 @@ storage:
writeBufferSize: 131072
# readBufferSize is the buffer size for reading piece from disk, default is 128KB.
readBufferSize: 131072

gc:
# interval is the interval to do gc.
interval: 900s
Expand All @@ -84,30 +118,43 @@ gc:
# distLowThresholdPercent is the low threshold percent of the disk usage.
# If the disk usage is less than the threshold, dfdaemon will stop gc.
distLowThresholdPercent: 60

proxy:
server:
# port is the port to the proxy server.
port: 4001
## ip is the listen ip of the proxy server.
# ip: ""
## caCert is the root CA cert path with PEM format for the proxy server to generate the server cert.
## If ca_cert is empty, proxy will generate a smaple CA cert by rcgen::generate_simple_self_signed.
## When client requests via the proxy, the client should not verify the server cert and set
## insecure to true. If ca_cert is not empty, proxy will sign the server cert with the CA cert. If openssl is installed,
## you can use openssl to generate the root CA cert and make the system trust the root CA cert.
## Then set the ca_cert and ca_key to the root CA cert and key path. Dfdaemon generates the server cert
## and key, and signs the server cert with the root CA cert. When client requests via the proxy,
## the proxy can intercept the request by the server cert.
# caCert: ""
## caKey is the root CA key path with PEM format for the proxy server to generate the server cert.
## If ca_key is empty, proxy will generate a smaple CA key by rcgen::generate_simple_self_signed.
## When client requests via the proxy, the client should not verify the server cert and set
## insecure to true. If ca_key is not empty, proxy will sign the server cert with the CA cert. If openssl is installed,
## you can use openssl to generate the root CA cert and make the system trust the root CA cert.
## Then set the ca_cert and ca_key to the root CA cert and key path. Dfdaemon generates the server cert
## and key, and signs the server cert with the root CA cert. When client requests via the proxy,
## the proxy can intercept the request by the server cert.
# caKey: ""
# # ip is the listen ip of the proxy server.
# ip: ""
# # caCert is the root CA cert path with PEM format for the proxy server to generate the server cert.
# # If ca_cert is empty, proxy will generate a smaple CA cert by rcgen::generate_simple_self_signed.
# # When client requests via the proxy, the client should not verify the server cert and set
# # insecure to true. If ca_cert is not empty, proxy will sign the server cert with the CA cert. If openssl is installed,
# # you can use openssl to generate the root CA cert and make the system trust the root CA cert.
# # Then set the ca_cert and ca_key to the root CA cert and key path. Dfdaemon generates the server cert
# # and key, and signs the server cert with the root CA cert. When client requests via the proxy,
# # the proxy can intercept the request by the server cert.
#
# caCert: ""
# # caKey is the root CA key path with PEM format for the proxy server to generate the server cert.
# # If ca_key is empty, proxy will generate a smaple CA key by rcgen::generate_simple_self_signed.
# # When client requests via the proxy, the client should not verify the server cert and set
# # insecure to true. If ca_key is not empty, proxy will sign the server cert with the CA cert. If openssl is installed,
# # you can use openssl to generate the root CA cert and make the system trust the root CA cert.
# # Then set the ca_cert and ca_key to the root CA cert and key path. Dfdaemon generates the server cert
# # and key, and signs the server cert with the root CA cert. When client requests via the proxy,
# # the proxy can intercept the request by the server cert.
#
# caKey: ""
# # basic_auth is the basic auth configuration for HTTP proxy in dfdaemon. If basic_auth is not
# # empty, the proxy will use the basic auth to authenticate the client by Authorization
# # header. The value of the Authorization header is "Basic base64(username:password)", refer
# # to https://en.wikipedia.org/wiki/Basic_access_authentication.
# basicAuth:
# # username is the username for basic auth.
# username: "admin"
# # password is the password for basic auth.
# password: "dragonfly"
#
# rules is the list of rules for the proxy server.
# regex is the regex of the request url.
# useTLS indicates whether use tls for the proxy backend.
Expand All @@ -117,6 +164,9 @@ proxy:
# http://example.com/xyz?Expires=e1&Signature=s1&ns=docker.io and http://example.com/xyz?Expires=e2&Signature=s2&ns=docker.io
# will generate the same task id.
# Default value includes the filtered query params of s3, gcs, oss, obs, cos.
# `X-Dragonfly-Use-P2P` header can instead of the regular expression of the rule. If the value is "true",
# the request will use P2P technology to distribute the content. If the value is "false",
# but url matches the regular expression in rules. The request will also use P2P technology to distribute the content.
rules:
- regex: 'blobs/sha256.*'
# useTLS: false
Expand All @@ -128,26 +178,27 @@ proxy:
# configuration to pull the image. The `X-Dragonfly-Registry` header can instead of the default address
# of registry mirror.
addr: https://index.docker.io
## certs is the client certs path with PEM format for the registry.
## If registry use self-signed cert, the client should set the
## cert for the registry mirror.
# certs: ""
# # cert is the client cert path with PEM format for the registry.
# # If registry use self-signed cert, the client should set the
# # cert for the registry mirror.
# cert: ""
# disableBackToSource indicates whether disable to download back-to-source when download failed.
disableBackToSource: false
# prefetch pre-downloads full of the task when download with range request.
# X-Dragonfly-Prefetch priority is higher than prefetch in config.
# If the value is "true", the range request will prefetch the entire file.
# If the value is "false", the range request will fetch the range content.
prefetch: false
# -- readBufferSize is the buffer size for reading piece from disk, default is 32KB.
# readBufferSize is the buffer size for reading piece from disk, default is 32KB.
readBufferSize: 32768
security:
# enable indicates whether enable security.
enable: false

metrics:
server:
# port is the port to the metrics server.
port: 4002
## ip is the listen ip of the metrics server.
# ip: ""
## tracing is the tracing configuration for dfdaemon.
# # ip is the listen ip of the metrics server.
# ip: ""
# # tracing is the tracing configuration for dfdaemon.
# tracing:
## addr is the address to report tracing log.
# # addr is the address to report tracing log.
# addr: ""

0 comments on commit 31edec8

Please sign in to comment.