Vault is a distributed information keeping system that runs on top of CouchDB. It is a Java daemon that syncs between multiple vaults.

Vault can run standalone as a pure CouchApp

1. Install CouchDB
2. Go to Futon's replicator page
3. Replicate from http://stevearm.iriscouch.org/vault-release to local vault
4. Replicate from http://stevearm.iriscouch.org/vaultdb-release to local vaultdb
5. You've now got an unconfigured local vault. Go to the install page to set it up

Sentinel is a java daemon that syncs vaults automatically in the background for you.

1. Create a folder somewhere (c:/vault)
2. Download the newest vault.jar from the releases page into that folder
3. Create a CouchDB user with admin rights for Vault to use
4. Edit CouchDB's local.ini file:
   • Ensure the [couchdb] section has a uuid property (this should already exist on any modern version of CouchDB. If it doesn't, set it to the vaultId value in http://localhost:5984/vault/id)
   • Add a [vault] section at the bottom and add the following keys
     • username (required)
     • password (required)
   • Add a line to the os_daemons section of local.ini
     • Windows: vault = java -cp c:/vault/vault.jar com.horsefire.vault.CouchMain c:/vault
     • Linux: vault = java -cp /opt/vault/vault.jar com.horsefire.vault.CouchMain /opt/vault

Once you've added that line, CouchDB will keep Sentinel running, and Sentinel will read everything it needs from CouchDB's config using the api, and keep syncing.

Vault is licenced under Apache Licence 2.0. It contains libraries licenced under:

• Apache Licence 2.0 (Gson, Guava, Joda-Time, JCommander, LightCouch)
• Gnu Lesser General Public Licence LGPL (Logback)
• MIT Licences (AngularJS, AngularUI, Bootstrap, SLF4J, QR Code Generator, cornercouch)

As the LGPL libraries were not modified in any way, they can be released under non-GPL licences.

Apparently port 5995 is unassigned. If/when I get discovery protocols working and/or need a port for the sentinel to listen on, use this.

A user adds new vaults, installs/adds new apps, and updates connection information from a CouchApp directly against the vault db.

The sentinel needs to perform the following responsibilities, and needs to do it using only the data in the Data Structure section below.

Vault should make sure the following are always true:

• There is publicly readable database called vault
• The vault db has an entry id with this vault's id
• There is non-publicly readable database called vaultdb
• The vaultdb db has an entry for this CouchDB's uuid
• The vaultdb entry for this CouchDB should have an accurate username, password, signature, and sentinel version

• Periodically sync with other vaults
  1. Iterate through all vaults with an addressable block, in priority order
  2. Check the signature. If it does not match, skip vault
  3. Sync each database my vault has that the remote vault should have

• Trigger workers of installed apps
  1. Listen to the _changes feed for each installed app, watching for a changed to the worker entry
  2. If the "triggered" time is before the "started", do "run the worker" (see below)
  3. Update the "started" time to now
  4. Start the worker
  5. When the worker ends, update the "worker_finished" to now

Vault db entry for each vault

• id: vault_id
• type: vault
• name: string
• signature: object
• dbs: array of database_name
• addressable: object (this only exists if vault is externally accessable) ** host: string ** port: int ** priority: int ** enabled: boolean

Vault db entry for each app

• id: random
• type: app
• name: string
• db: database_name
• ui: entry point (if _design/ui/index.html then: "ui/index.html")
• worker: id for tracking and triggering worker times ** optional, but if specified, look for worker.jar in ui, and run with: --db --host --port --username --password

Worker trigger db entry for each app

• triggered: timestamp (when someone requested the worker to run)
• started: timestamp (last time started)
• finished: timestamp (last time finished)