Novij Storage

C++ Storage-нода для Novij Protocol: Debian-пакет, persistent heartbeat, status sidecar и safe sync.

C++ Storage node for Novij Protocol: Debian package, persistent heartbeat, status sidecar, and safe sync.

RU EN

Последняя версияLatest: 0.6.06.171529

Стабильная версияStable: 0.6.06.171529

Установка

Install

Последняя:

Latest:

curl -fsSL https://packages.novij.tech/storage/install.sh | sudo bash

Стабильная:

Stable:

curl -fsSL https://packages.novij.tech/storage/install.sh | sudo env NOVIJ_PACKAGE_CHANNEL=stable bash

Релизы

Releases

latest

stable

Команды

Commands

novij-storagectl setup init --domain storage.example.com --relay-url https://hinata-rl.novij.tech --bootstrap-storage https://sakura-st.novij.tech
Создаёт безопасный first-run config и не стартует сервисы без signed auth/key material.Creates safe first-run config and does not start services without signed auth/key material.
novij-storagectl install-auth challenge --domain storage.example.com --relay-url https://hinata-rl.novij.tech
Печатает challenge для owner-signed install authorization.Prints the challenge for owner-signed install authorization.
novij-storagectl install-auth verify --file /etc/novij/storage/install-authorization.json --owner-pubkey-file /etc/novij/storage/owner.pubkey --pq-cli /usr/share/novij/storage/bin/ntp_pq_cli
Проверяет owner-signed authorization перед запуском systemd units.Verifies owner-signed authorization before starting systemd units.
novij-storagectl doctor --json
Показывает состояние config, binaries и prerequisites.Shows config, binaries, and prerequisite state.
novij-storagectl sync status --json
Показывает локальный status sidecar/sync inventory.Shows local status sidecar and sync inventory.
novij-storagectl sync peers --json
Показывает peers из config/Relay discovery.Shows peers from config and Relay discovery.
novij-storagectl sync audit --dry-run --auto-peers --json
Read-only сравнение inventory с активными peers.Read-only inventory comparison with active peers.
novij-storagectl sync pull --missing-only --execute --auto-peers --json
Безопасно скачивает только отсутствующие blocks; overwrite/delete запрещены.Safely downloads only missing blocks; overwrite/delete are forbidden.
systemctl status novij-storage novij-storage-heartbeat novij-storage-sync.timer --no-pager -l
Проверяет production services.Checks production services.

Частые сценарии

Common Scenarios

1. Установка пакета 1. Package install

Installer добавляет apt source storage package site и ставит novij-storage. Services остаются disabled, пока не пройдёт signed install authorization.

The installer adds the storage package apt source and installs novij-storage. Services stay disabled until signed install authorization passes.

curl -fsSL https://packages.novij.tech/storage/install.sh | sudo bash
2. First-run setup с доменом 2. First-run setup with domain

Команда пишет только package-owned paths и optional nginx config file. Она не включает чужие nginx sites, не делает reload и не меняет firewall.

The command writes only package-owned paths and an optional nginx config file. It does not enable other nginx sites, reload nginx, or change firewall rules.

sudo novij-storagectl setup init \
  --domain storage.example.com \
  --relay-url https://hinata-rl.novij.tech \
  --bootstrap-storage https://sakura-st.novij.tech \
  --install-auth-file /path/to/install-authorization.json \
  --owner-pubkey-file /path/to/owner.pubkey \
  --node-key-path /etc/novij/storage/private/storage_node.key.ntp \
  --passphrase-file /etc/novij/storage/private/storage-node.passphrase \
  --write-nginx
3. Что нужно до старта services 3. Required before services start
install-authorization.jsonowner-signed authorization для конкретного домена и Relay URL.owner-signed authorization for the exact domain and Relay URL.
owner.pubkeypublic key владельца; private key в пакет/репозиторий не кладётся.owner public key; private key is never stored in the package or repository.
storage node keyключ текущей storage-ноды и root-only passphrase file.current storage node key and root-only passphrase file.
ntp_pq_clipackaged verifier /usr/share/novij/storage/bin/ntp_pq_cli для owner-signed auth.Packaged verifier /usr/share/novij/storage/bin/ntp_pq_cli for owner-signed auth.
4. Обновление из packages 4. Upgrade from packages

Upgrade сохраняет config, node identity, heartbeat identity и block data.

Upgrade preserves config, node identity, heartbeat identity, and block data.

sudo apt-get update
sudo apt-get install --only-upgrade -y novij-storage
sudo systemctl status novij-storage --no-pager -l
sudo systemctl status novij-storage-heartbeat --no-pager -l
sudo systemctl status novij-storage-sync.timer --no-pager -l
5. Синхронизация с другими storage nodes 5. Sync with other storage nodes

pull-missing скачивает только отсутствующие ciphertext blocks. Conflicts маркируются, overwrite/delete не выполняются.

pull-missing downloads only missing ciphertext blocks. Conflicts are marked; overwrite/delete are not performed.

sudo novij-storagectl sync audit --dry-run --auto-peers --json
sudo novij-storagectl sync pull --missing-only --execute --auto-peers --json
6. Read-only live checks 6. Read-only live checks 
curl -fsS https://storage.example.com/healthz
curl -fsS https://storage.example.com/readyz
curl -fsS https://hinata-rl.novij.tech/healthz
curl -fsS https://hinata-rl.novij.tech/readyz