Sentinel. The terminal panel
that sees inside your Guardian-DB

Guardian-DB is a library. Today every interaction goes through Rust code. The Sentinel TUI turns the database into something operators and developers can inspect, manage and monitor visually. Stores, EventLog, key-value, access control, keys, the P2P network, events and blobs, straight from the terminal, with no code to write for each query.

What Sentinel does

A complete cockpit for your P2P database

Nine screens cover the whole of Guardian-DB. Inspection is complete and several write actions are already available. Everything goes through a secure Admin RPC, so you can attach to a live instance without fighting over the storage lock.

F1

Stores Dashboard

An overview of EventLog, Key-Value and Document stores: metrics, filter by type, sync status and per-store detail.

EventLog Inspector

Browse CRDT entries, search by payload/author/clock, and view heads, divergences, branch diffs and the merge timeline.

Key-Value Inspector

Browse keys with previews, JSON detail, inline editing, create/delete, search and export, replicating to peers.

F4

Access Control

List controllers (Simple/Guardian/Iroh), view permissions by role, grant/revoke keys and create new controllers with a wizard.

F3

Replication Monitor

Peers online/offline, syncs/min, average duration, aggregate throughput, an activity sparkline and alerts for stalled peers.

F2

Network Topology

An ASCII star graph: direct vs. relay links, real per-edge latency, global and per-peer p95/p99, and n0 relay status.

F5

Keystore

Admin-managed keys: active vs. rotated, generate/rotate, export the public key. The secret is never shown.

F7

EventBus Explorer

A live stream of internal events: follow/pause, filter by type, search, counts, events/s, a 60s sparkline and top peers.

F6

Blob Browser

BLAKE3 blobs with real size, complete/partial status, preview, disk usage and add/export/delete operations.

How to use

Run Sentinel in two modes

The TUI lives behind the sentinel feature. Choose between opening the database directly (embedded) or attaching to an instance that's already running (RPC).

1

Embedded mode

The panel owns the data-dir (holds the redb lock). Ideal for quickly inspecting a local database.

2

RPC mode

A server keeps the database open and the panel connects over the socket, without fighting for the lock. Ideal for live production instances.

3

Authentication

Protect write actions with a token (--token or GUARDIAN_ADMIN_TOKEN) in RPC mode.

embedded mode — the panel opens the data-dir
# The TUI becomes the owner of the data-dir (redb lock).
cargo run --features sentinel --bin guardian-sentinel -- --data-dir ./my_db
RPC mode — server + attached panel
# 1) Start the server: it owns the storage and serves the Admin RPC on the socket.
cargo run --features sentinel --bin guardian-sentinel-server -- \
      --addr 127.0.0.1:15433 --data-dir ./guardian_data --token secret

# 2) In another terminal, attach the panel to the live instance (no lock contention).
cargo run --features sentinel --bin guardian-sentinel -- --connect 127.0.0.1:15433

Keyboard shortcuts

F1–F7Navigate between the main screens
EnterOpen the detail of the selected item
/Open the search field / live filter
↑ ↓Move through the list; PgUp/PgDn scrolls by block
TabToggle panels / filters
rManually refresh the data
?Contextual help for the current screen
EscGo back (or clear the active search)
qQuit the application
Get your hands on the terminal

Inspect your database now

Sentinel makes Guardian-DB usable for people who don't write Rust: wizards instead of raw flags, confirmation for destructive actions and contextual help on every screen. Clone the repo and run the TUI in seconds.

Guardian Sentinel · The inspection, management and monitoring TUI for Guardian-DB.

Built in Rust · Ratatui · Powered by Iroh. Dual-licensed MIT / Apache-2.0.