diff --git a/services/postprocessing/README.md b/services/postprocessing/README.md new file mode 100644 index 000000000..bb127cd66 --- /dev/null +++ b/services/postprocessing/README.md @@ -0,0 +1,29 @@ +# Postprocessing service + +The `postprocessing` service handles coordination of asynchronous postprocessing. + +## Postprocessing functionality + +The storageprovider service (`storage-users`) can be configured to do asynchronous postprocessing by setting the `STORAGE_USERS_OCIS_ASYNC_UPLOADS` envvar to true. +If this is the case, the storageprovider will initiate an asynchronous postprocessing after he has reveived all bytes of an upload. The `postprocessing` service will then +coordinate various postprocessing steps (like e.g. scan the file for viruses). During postprocessing the file will be in a `processing` state during which only limited actions are available. + +## Prerequisites for using `postprocessing` service + +In the storageprovider (`storage-users`) set `STORAGE_USERS_OCIS_ASYNC_UPLOADS` envvar to `true`. Configuring any postprocessing step will require an additional service to be enabled and configured. +For example to use `virusscan` step one needs to have an enabled and configured `antivirus` service. + +All of this functionality will need an event system to be configured for all services: `ocis` ships with +`nats` enabled by default. + +## Postprocessing steps + +As of now ocis allows two different postprocessing steps to be enabled via envvar + +### Virus scanning + +Can be set via envvar `POSTPROCESSING_VIRUSSCAN`. This means that each upload is virus scanned during postprocessing. `antivirus` service is needed for this to work. + +### Delay + +Can be set via envvar `POSTPROCESSING_DELAY`. This step will just sleep for the configured amount of time. Intended for testing postprocessing functionality. NOT RECOMMENDED on productive systems. diff --git a/services/postprocessing/pkg/config/config.go b/services/postprocessing/pkg/config/config.go index 72a2ee38c..c7bb9d69d 100644 --- a/services/postprocessing/pkg/config/config.go +++ b/services/postprocessing/pkg/config/config.go @@ -32,7 +32,7 @@ type Events struct { Endpoint string `yaml:"endpoint" env:"POSTPROCESSING_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture."` Cluster string `yaml:"cluster" env:"POSTPROCESSING_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system."` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;SEARCH_EVENTS_TLS_INSECURE" desc:"Whether the ocis server should skip the client certificate verification during the TLS handshake."` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SEARCH_EVENTS_TLS_INSECURE will be seen as false."` + TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;POSTPROCESSING_EVENTS_TLS_INSECURE" desc:"Whether the ocis server should skip the client certificate verification during the TLS handshake."` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided POSTPROCESSING_EVENTS_TLS_INSECURE will be seen as false."` EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;POSTPROCESSING_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services."` }