Enseada

A Cloud native multi-package registry

[!WARNING] Enseada is still under initial development. Some of the features and characteristics described in this document may still be missing.

Enseada is a modern, fast and scalable package registry, designed from the ground up to run in elastic, container-based environments and to be highly available and distributed.

It leverages scalability by using natively distributed technologies.

Check out the official documentation for a complete manual of operation.

Features

• Multiple package repositories
• Multiple storage backends
• Strong authentication based on OAuth 2.0 tokens
• Flexible ACL engine to manage user permissions
• Complete management API
• CDN and caching friendly

The registry itself is written in Rust, a fast, resource efficient and statically compiled programming language built for safety and speed.

CouchDB is used as the primary datastore, containing information about repositories, users and access control. CouchDB is a web-native database written in Erlang and based on web technologies like HTTP and JSON.

Enseada stores packages in distributed and fault-tolerant object storage services. See Supported storage providers for the complete list.

Supported package repositories

Enseada is a multi-package registry, meaning it can support a large number of package formats and registry APIs.

At the moment, the following formats are supported:

• Docker
• Maven 2/3
• NPM (planned, coming soon)
• RubyGems (planned, coming soon)
• Rust crates (planned, coming soon)
• Go module proxy (planned, coming soon)

Supported storage providers

The storage engine used by Enseada provides pluggable backends, allowing to easily support multiple storage providers. See the configuration guide for how to setup the storage layer.

At the moment, the following providers are supported:

• S3 compatible (AWS S3, Minio, DigitalOcean Spaces, Scaleway Object Storage, Ceph, etc)

HTTPS and HTTP/2 support

Enseada has full support for strict HTTPS, enabling it is very simple.

Passing the environment value ENSEADA_TLS=true will turn on HTTPS on the entire application (with HSTS enabled). This will require two additional environment variables.

## The path to the key file
ENSEADA_TLS_KEY_PATH=nil

## The path to the certificate file
ENSEADA_TLS_CERT_PATH=nil

The private key must be either an RSA or PKCS8 key. Both the certificate and the key must be in PEM format.

When HTTPS is active, Enseada switches automatically to HTTP/2 if supported by the client.

Build

Enseada is built as a statically linked executable. However, it needs a few native libraries to build the executable, in particular libclang and LLVM. On Debian they can be installed with apt install build-essential llvm-dev libclang-dev. These libraries are not needed to run the executable.

You need a stable build of the Rust compiler and standard library to build the binary. You can install one using rustup.

Standard cargo commands work perfectly fine. For example, cargo run will compile and start the server.

Enseada is also packaged as a Docker image. Build one with docker build -t myname/enseada:latest .

Web UI

Enseada comes with a management web UI. To build it from sources, NodeJS and Yarn are required.

Execute the following commands to build the static assets.

# Install all dependencies
yarn install

# Build and recompile on change for development (all stylesheets, no minification)
yarn watch

# Build for production (minimal stylesheets, minification, sourcemaps)
yarn build

Enseada will pick them up on its own.

Local Database

A local CouchDB instance can be started using the provided docker-compose.yml file. Simply run docker-compose up -d to start it in background, it will be available on http://localhost:5984 and will persist data in a Docker volume.

Upon first run, the database server is uninitialized. Please run the initialization setup for single node deployment by visiting http://localhost:5984/_utils/#setup and following the instructions.

Local Minio Server

A local Minio server can be started using the provided docker-compose.yml file. Simply run docker-compose up -d to start it in background, it will be available on http://localhost:9000 and will persist data in a Docker volume.

Upon first run no bucket is present. Create a new one and configure the name in the appropriate environment variable in the Enseada configuration.

Security Policy

If you want to report a security vulnerability, please follow the steps which we have defined for you in our security policy.

Chat

Need some help or want to have a chat? Join our Discord server!

License

This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/.