Skip to content
ALTCHA ALTCHA ALTCHA

Turbolite

ALTCHA Sentinel supports Turbolite, an S3-backed database designed for cloud-native deployments.

Automatic database migrations, snapshots, and point-in-time recovery (PITR) are fully supported.

Key Features

  • S3-backed single source of truth
  • No persistent volumes required; new instances automatically recover from S3
  • Supports multi-node deployments through leader election to ensure a single writer
  • Built-in encryption-at-rest support

Enabling Turbolite

To enable Turbolite, configure the TURBOLITE_URL environment variable:

TURBOLITE_URL=https://localhost/?bucket=my-bucket&prefix=main

Database migrations are applied automatically when the application starts.

Encryption at Rest

Database encryption can be enabled by specifying the encryptionKey URL parameter in TURBOLITE_URL:

TURBOLITE_URL=https://localhost/?bucket=my-bucket&prefix=main&encryptionKey=5e884898da28047151d0e56f8dc62927

The encryption key must be exactly 32 bytes long.

Built-in Redis Store

The built-in Redis-compatible key-value store can also use Turbolite as its storage backend, enabling persistent shared state across multiple nodes.

To enable Turbolite for the built-in KV store, configure the following environment variables:

EXOTDB_REDIS_STORAGE=turbolite
TURBOLITE_REDIS_URL=https://localhost/?bucket=my-bucket&prefix=redis

Leader Election

Turbolite supports only a single writer at a time. Multiple nodes writing to the same database object can corrupt the database.

To ensure that only one Sentinel instance acts as the writer in a multi-node deployment, configure the built-in S3-backed leader elector:

CLUSTER_ELECTOR_S3_URL=https://localhost/?bucket=my-bucket

In most Kubernetes and Docker deployments, the advertised HTTP and Redis addresses are detected automatically. To override them, configure:

  • CLUSTER_ADVERTISE_HTTP_ADDR
  • CLUSTER_ADVERTISE_REDIS_ADDR

Supported S3 Providers

Turbolite supports most S3-compatible object storage services.

Credentials can be provided through the standard AWS environment variables:

  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_REGION

Alternatively, credentials can be embedded in the URL using the username:password@host format.

AWS S3

AWS S3 Express is recommended for the lowest latency.

TURBOLITE_URL=https://s3express-euw1-az3.eu-west-1.amazonaws.com/?bucket=my-bucket--euw1-az3--x-s3&prefix=main

Cloudflare R2

TURBOLITE_URL=https://abcdef123.eu.r2.cloudflarestorage.com/?bucket=my-bucket&prefix=main

Tigris

TURBOLITE_URL=https://t3.storage.dev/?bucket=my-bucket&prefix=main

Garage

TURBOLITE_URL=http://localhost/?bucket=my-bucket&prefix=main

URL Parameters

ParameterDescription
bucketS3 bucket name.
encryptionKeyOptional database encryption key. Must be 32 bytes long.
prefixOptional path prefix within the bucket.
regionAWS region. Defaults to auto for non-AWS endpoints.

Required S3 Permissions

The following S3 permissions are required:

  • s3:GetObject
  • s3:PutObject
  • s3:DeleteObject
  • s3:ListBucket