Fork me on GitHub
#datomic
<
2017-10-30
>
steveb8n00:10:49

Docs say that the client API doesn't support partitioning in the but I want to use this feature. Does anyone know there's a way to do this without the peer API?

marshall12:10:23

@steveb8n you can set the default partition in the transactor properties file : http://docs.datomic.com/transactions.html#default-partition

marshall12:10:34

Note that this behavior won’t be supported in Datomic Cloud

misha12:10:44

Greetings! Is there anything to read about encryption and datomic? or should I just put scrambled values in, and that's it?

marshall12:10:40

@bmaddy We’re shooting for this quarter. We’re working out the final arrangements with AWS Marketplace, but unfortunately I don’t have a specific timeline

misha12:10:40

no idea yet. Just figuring out what my options are for either entire db encryption, or per-user, or partial data per user ones

marshall12:10:17

@misha several storages provide their own transparent encryption (i.e. postgres and other sql options for sure)

marshall12:10:31

@misha Datomic Cloud will have all data encrypted by default

marshall12:10:08

if you need to use something like Dynamo, which doesn’t have transparent encryption, then yes, you’ll need to handle it in your application

marshall12:10:33

If you’re running in your own datacenter, you can also do something like OS-level whole-disk encryption

marshall12:10:44

but of course if you’re using a storage service that’s less feasible

misha12:10:26

I'll read about postgres encryption options, thank you @marshall

misha13:10:12

but will os-level encryption protect only "offline" data? I mean, as soon as data gets into application memory – anyone with repl access to process will essentially have anything in plain text

misha13:10:44

as a service provider, I don't want to know the contents of the data too. Structure – yes, actual values – no. Does this limit my options to "store encrypted strings, or even encrypted edn entities, where applicable"?

bmaddy13:10:18

Nice. I'm looking forward to checking it out. Thanks @marshall!

marshall13:10:17

@misha I think yes, generally if you don’t want any part of your application to interpret the data until it hits the ‘edge’ you’ll need to handle that encryption yourself

jjfine21:10:31

hey, this is my first attempt using the since filter an i'm getting the following error:

jjfine21:10:47

message: processing clause: [$since ?n :alert/acked _], message: Cannot resolve key: $since

favila21:10:19

or is like rules, each subclause clause must have the same db

favila21:10:27

try ($since or ...)

jjfine21:10:37

ahh cool thanks

favila21:10:42

and take the explicit db out of each subclause

jjfine21:10:21

worked! thanks

favila21:10:05

> As with rules, src-vars are not currently supported within the clauses of or, but are supported on the or clause as a whole at top level.

favila21:10:15

syntax is (src-var? 'or' (clause | and-clause)+)

favila21:10:45

that src-var? bit is referring to the db

favila21:10:20

there's no explicit example so it takes a bit to connect it together

steveb8n22:10:19

@marshall thanks. so as I move towards clients and cloud, I should just pull out all partitioning (storage locality) code. Is there a replacement for storage locality or is this just because it doesn’t make that much difference? BTW I’m happy to simplify by ripping it out but wondering if performance will suffer