geesawra.industries / Allegedly
forked from microcosm.blue/Allegedly
Server tools to backfill, tail, mirror, and verify PLC logs
fork atom
Rust 90.4%
Other 9.6%
111 2 3

Clone this repository

https://tangled.org/geesawra.industries/Allegedly
git@tangled.org:geesawra.industries/Allegedly

For self-hosted knots, clone URLs may differ based on your setup.

Download tar.gz
readme.md

Allegedly#

Some public ledger tools and services for servers

Allegedly can

  • Tail PLC ops to stdout: allegedly tail | jq

  • Export PLC ops to weekly gzipped bundles: allegdly bundle --dest ./some-folder

  • Dump bundled ops to stdout FAST: allegedly backfill --source-workers 6 | pv -l > /ops-unordered.jsonl

  • Wrap the reference PLC server and run it as a mirror, copying ops from upstream:

    allegedly mirror \
  --wrap "http://127.0.0.1:3000" \
  --wrap-pg "postgresql://user:pass@pg-host:5432/plc-db"

  • Wrap a plc server, maximalist edition:

    # put sensitive values in environment so they don't leak via process name.
export ALLEGEDLY_WRAP_PG="postgresql://user:pass@pg-host:5432/plc-db"

# sudo to bind :80 + :443 for acme tls, but it's better to give user net cap.
# will try to autoprovision cert for "plc.wtf" from letsencrypt staging.
sudo allegedly mirror \
  --upstream "https://plc.directory" \
  --wrap "http://127.0.0.1:3000" \
  --wrap-pg-cert "/opt/allegedly/postgres-cert.pem" \
  --acme-domain "plc.wtf" \
  --acme-domain "alt.plc.wtf" \
  --experimental-acme-domain "experimental.plc.wtf" \
  --acme-cache-path ./acme-cache \
  --acme-directory-url "https://acme-staging-v02.api.letsencrypt.org/directory" \
  --acme-ipv6 \
  --experimental-write-upstream

  • Reverse-proxy to any PLC server, terminating TLS and forwarding writes upstream

    sudo allegedly wrap \
  --wrap "http://127.0.0.1:3000" \
  --acme-ipv6 \
  --acme-cache-path ./acme-cache \
  --acme-domain "plc.wtf" \
  --experimental-acme-domain "experimental.plc.wtf" \
  --experimental-write-upstream \
  --upstream "https://plc.wtf" \

add --help to any command for more info about it

install#

cargo install allegedly

the version on crates might be behind while new features are under development. to install the latest from source:

  • make sure you have rust/rustup set up

  • clone the repo

  • install

    cargo install --path . --bin allegedly

future improvements#

existing stuff#

  • signals and shutdown handling
  • monitoring of the various tasks
  • health check pings
  • expose metrics/tracing
  • read-only flag for mirror wrapper
  • bundle: write directly to s3-compatible object storage
  • helpers for automating periodic bundle runs

new things#

  • experimental: websocket version of /export

  • experimental: accept writes by forwarding them upstream

  • experimental: serve a tlog

  • experimental: embed a log database directly for fast and efficient mirroring

  • experimental: support multiple upstreams?

  • new command todo: zip or check or diff: compare two plc logs over some time range

  • new command to consider: scatter or something: broadcast plc writes to multiple upstreams

if you have an idea for a new command, open a request!

license#

This work is dual-licensed under MIT and Apache 2.0. You can choose between one of them if you use this work.

SPDX-License-Identifier: MIT OR Apache-2.0