Documentation
¶
Overview ¶
Package backend maps a configured database to a concrete open: each backend knows how to build a sqlite.Config (and, for vault, vault.Options) and open the single shared handle the registry fans clients through.
Index ¶
- func All(dbs []config.Database, sec secret.Resolver, dataDir string) (map[string]Backend, error)
- func InstallSlowLog(threshold time.Duration, redactParams bool, log *slog.Logger)
- func SetConnMode(ctx context.Context, sc *sql.Conn, readOnly bool) error
- type Backend
- type OfflineCompacter
- type OnlineReclaimer
- type Pather
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func All ¶
All builds the name→Backend map for a database set (the config seeds, plus any meta-store entries the daemon reconciles in).
func InstallSlowLog ¶
InstallSlowLog registers a per-connection profile trace (via RegisterAutoHook, once per process) that logs every statement whose execution time reaches threshold to log. Bound parameters are redacted by default — the traced SQL is the unexpanded text (`?` placeholders), so no values are logged unless redactParams is false, which asks SQLite to expand the parameters into the SQL.
It must be called before the first connection opens (like installSecurity), and is first-call-wins per process (a sync.Once guards the global trace registration) — reconfiguring the threshold on a config reload is out of scope. threshold<=0 logs every statement (the general/query log).
func SetConnMode ¶
SetConnMode puts the sqlite connection underlying sc into read-only mode (or restores the base mode). It is the connection-level layer of read-only enforcement, beneath the capability check in the handler; the caller MUST restore the base mode (SetConnMode(ctx, sc, false)) before the connection returns to the pool, or a later borrower would inherit read-only state.
Two mechanisms, together comprehensive: the denyWrites authorizer rejects DML/DDL at statement-compile time (a clean SQLITE_AUTH, so a write hidden in a multi-statement script is caught), and PRAGMA query_only blocks every write to the database file at run time — including a header-writing PRAGMA like user_version that the action-code authorizer never sees — so enforcement does not depend on enumerating every write action.
Types ¶
type Backend ¶
type Backend interface {
Open(ctx context.Context) (*sqlite.DB, error)
Kind() string
ReadOnly() bool
}
Backend opens exactly one *sqlite.DB for a logical database. Open is called once per process by the registry; a single Close on the returned handle tears down the pool and any VFS the open registered.
ctx is reserved: the upstream sqlite/vault Open calls are context-free, so it cannot cancel the open itself today — the registry uses ctx to bound the wait for a concurrent open (see registry.Get). It stays in the signature for a future context-aware upstream open.
type OfflineCompacter ¶
type OfflineCompacter interface {
CompactOffline() error
}
OfflineCompacter is implemented by the vault backend: CompactOffline rewrites the (closed, registry-reserved) container densely, preserving its keyslot.
type OnlineReclaimer ¶
type OnlineReclaimer interface {
CompactOnline(maxBytes int64) (int64, error)
Trim(maxBytes int64) (int64, error)
}
OnlineReclaimer is implemented by the vault backend: the ops that run against the LIVE container (the handle must be open in this process) to return freed space to the OS without unmounting. Bytes reclaimed is reported.