Bubble documentation
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

encryption.md 3.6 KiB

4 jaren geleden
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071
  1. # Encryption
  2. ## Database
  3. Bubble supports column-level encryption. Columns are encrypted with a symmetric key defined by the `BUBBLE_DB_ENCRYPTION_KEY`
  4. environment variable, set in the [Bubble environment file](env_file.md).
  5. ### Rekeying the Database
  6. Rekeying the database means to change the encryption key. This is accomplished by setting up a second, empty database and
  7. then running a "rekey" command that reads all data from a source database using that database's encryption key, then writing
  8. all the data into the new empty database using a new encryption key.
  9. * Stop the Bubble API server
  10. * Backup the Bubble database
  11. `pg_dump -U bubble bubble | gzip > /path/to/backup.tgz`
  12. * Create a new PostgreSQL database with the same schema as the source database, but no data, for example, if the source database is named `bubble` and the destination database is named `new_bubble`, you would run:
  13. `createdb new_bubble && pg_dump --schema-only -U bubble bubble | psql -U bubble new_bubble`
  14. * Run the rekey command to read all data from the source database, and write to the destination database:
  15. ```code
  16. ./bubble/bin/bubble rekey \
  17. --jar ${BUBBLE_JAR} \
  18. --db-user ${DB_USER} \
  19. --db-password "${DB_PASS}" \
  20. --from-db ${FROM_DB} \
  21. --from-key "${FROM_KEY}" \
  22. --to-db ${TO_DB} \
  23. --to-key "${TO_KEY}"
  24. The shell variables above are:
  25. BUBBLE_JAR : path to the Bubble API JAR file
  26. DB_USER : name of the PostgreSQL user, usually bubble
  27. DB_PASS : password for the PostgreSQL user. To use an env var, prefix with @, for example @PGPASSWORD
  28. FROM_DB : name of the source database, typically bubble
  29. FROM_KEY : encryption key for the source database (or env var if prefixed with @), typically @BUBBLE_DB_ENCRYPTION_KEY
  30. TO_DB : name of the destination database, for example new_bubble
  31. TO_KEY : encryption key for the destination database
  32. ```
  33. * The rekeying is now complete. Drop the old database, and rename the new database. You may need to become the postgres user to run these commands.
  34. `dropdb bubble && psql -c 'ALTER DATABASE new_bubble RENAME TO bubble'`
  35. * Restart the Bubble API server
  36. ## Redis
  37. Redis values are encrypted with a symmetric key, defined by the `BUBBLE_REDIS_ENCRYPTION_KEY` environment variable,
  38. set in the [Bubble environment file](env_file.md).
  39. ### Rekeying Redis
  40. Because only temporary data is stored in redis, there is a very simple rekey procedure:
  41. * Stop the Bubble API server
  42. * Flush all Redis data: `redis-cli flushall` OR `echo flushall | nc 127.0.0.1 6379`
  43. * Set a new encryption key (set a new value for `BUBBLE_REDIS_ENCRYPTION_KEY` in the bubble env file)
  44. * Restart the Bubble API server
  45. ## Cloud Storage
  46. All data stored in cloud storage (which include backups) is encrypted locally using a key that is specific to that
  47. particular cloud storage. The key is generated automatically prior to first use.
  48. If an upstream Sage Node is providing access to the cloud storage, it will not be able to see any of the data being read or written.
  49. The file names or "keys" to the data itself are not encrypted, so these names would be visible to the Sage.
  50. Bubble does not include any sensitive information in filenames stored in cloud storage.
  51. ### Rekeying Cloud Storage
  52. To rekey cloud storage, one would create a new cloud storage service with a different prefix path, then copy all the data
  53. from the old service to the new service, then delete all the data stored via the old service.
  54. TODO: document the procedure for rekeying a cloud storage service