Sentinel. The terminal panel
that sees inside your Guardian-DB
Guardian-DB is a library. Today every interaction goes through Rust code. The Sentinel TUI turns the database into something operators and developers can inspect, manage and monitor visually. Stores, EventLog, key-value, access control, keys, the P2P network, events and blobs, straight from the terminal, with no code to write for each query.
A complete cockpit for your P2P database
Nine screens cover the whole of Guardian-DB. Inspection is complete and several write actions are already available. Everything goes through a secure Admin RPC, so you can attach to a live instance without fighting over the storage lock.
Stores Dashboard
An overview of EventLog, Key-Value and Document stores: metrics, filter by type, sync status and per-store detail.
EventLog Inspector
Browse CRDT entries, search by payload/author/clock, and view heads, divergences, branch diffs and the merge timeline.
Key-Value Inspector
Browse keys with previews, JSON detail, inline editing, create/delete, search and export, replicating to peers.
Access Control
List controllers (Simple/Guardian/Iroh), view permissions by role, grant/revoke keys and create new controllers with a wizard.
Replication Monitor
Peers online/offline, syncs/min, average duration, aggregate throughput, an activity sparkline and alerts for stalled peers.
Network Topology
An ASCII star graph: direct vs. relay links, real per-edge latency, global and per-peer p95/p99, and n0 relay status.
Keystore
Admin-managed keys: active vs. rotated, generate/rotate, export the public key. The secret is never shown.
EventBus Explorer
A live stream of internal events: follow/pause, filter by type, search, counts, events/s, a 60s sparkline and top peers.
Blob Browser
BLAKE3 blobs with real size, complete/partial status, preview, disk usage and add/export/delete operations.
Run Sentinel in two modes
The TUI lives behind the sentinel feature.
Choose between opening the database directly (embedded) or attaching to an instance that's already running (RPC).
Embedded mode
The panel owns the data-dir (holds the redb lock). Ideal for quickly inspecting a local database.
RPC mode
A server keeps the database open and the panel connects over the socket, without fighting for the lock. Ideal for live production instances.
Authentication
Protect write actions with a token (--token or GUARDIAN_ADMIN_TOKEN) in RPC mode.
# The TUI becomes the owner of the data-dir (redb lock).
cargo run --features sentinel --bin guardian-sentinel -- --data-dir ./my_db
# 1) Start the server: it owns the storage and serves the Admin RPC on the socket.
cargo run --features sentinel --bin guardian-sentinel-server -- \
--addr 127.0.0.1:15433 --data-dir ./guardian_data --token secret
# 2) In another terminal, attach the panel to the live instance (no lock contention).
cargo run --features sentinel --bin guardian-sentinel -- --connect 127.0.0.1:15433
Keyboard shortcuts
Inspect your database now
Sentinel makes Guardian-DB usable for people who don't write Rust: wizards instead of raw flags, confirmation for destructive actions and contextual help on every screen. Clone the repo and run the TUI in seconds.