From c804a1c91e11422b47cca2fcc5af7017864a2bca Mon Sep 17 00:00:00 2001 From: oluceps Date: Fri, 15 Nov 2024 00:41:22 +0800 Subject: [PATCH] + docs trival --- doc/src/SUMMARY.md | 14 ++++++++------ doc/src/advanced.md | 6 ++++++ doc/src/develop.md | 25 +++++++++++++++++++++++++ doc/src/faq.md | 5 +++++ doc/src/intro.md | 13 +++++++++++++ doc/src/nix-apps.md | 23 +++++++++++++++++++++++ doc/src/workflow.md | 2 ++ justfile | 5 +++++ 8 files changed, 87 insertions(+), 6 deletions(-) create mode 100644 doc/src/develop.md create mode 100644 doc/src/intro.md create mode 100644 doc/src/nix-apps.md create mode 100644 doc/src/workflow.md diff --git a/doc/src/SUMMARY.md b/doc/src/SUMMARY.md index dd5463c..ebbe3d0 100644 --- a/doc/src/SUMMARY.md +++ b/doc/src/SUMMARY.md @@ -1,10 +1,12 @@ # Summary - - -- [Prerequisits](prerequisits.md) -- [setup](setup.md) +- [Intro](./intro.md) +- [Prerequisits](./prerequisits.md) +- [setup](./setup.md) - [flake Option](./flake-option.md) - [nixos Option](./nixos-option.md) -- [Advanced](advanced.md) -- [FaQ](faq.md) +- [Nix Apps](./nix-apps.md) +- [Workflow](./workflow.md) +- [Development](./develop.md) +- [Advanced](./advanced.md) +- [FaQ](./faq.md) diff --git a/doc/src/advanced.md b/doc/src/advanced.md index e69de29..872f8fa 100644 --- a/doc/src/advanced.md +++ b/doc/src/advanced.md @@ -0,0 +1,6 @@ +``` +/|、 +(˙、.7 +|、~ヽ +じしf_,)ノ +``` diff --git a/doc/src/develop.md b/doc/src/develop.md new file mode 100644 index 0000000..485a410 --- /dev/null +++ b/doc/src/develop.md @@ -0,0 +1,25 @@ +# Development + +## DevShell + +```bash +nix develop +``` + +## Test + +For testing basic functions with virtual machine: + +```bash +nix run github:nix-community/nixos-anywhere -- --flake .#tester --vm-test +``` + +Run full test with `just full-test` + +## Format + +This repo follows `nixfmt-rfc-style` style, reformat with running `nixfmt .`. + +## Lint + +Lint with statix. diff --git a/doc/src/faq.md b/doc/src/faq.md index e69de29..6421e4b 100644 --- a/doc/src/faq.md +++ b/doc/src/faq.md @@ -0,0 +1,5 @@ +# Frequent Asked Questions + +1. rebooting deploy failed with could not found ssh private key, but it indeed just there. + + Check if using `root on tmpfs`, and modify [hostKeys](https://oluceps.github.io/vaultix/nixos-option.html#hostkeys) path to Absolute path string to your REAL private key location (not bind mounted or symlinked etc.) diff --git a/doc/src/intro.md b/doc/src/intro.md new file mode 100644 index 0000000..3f9a4a1 --- /dev/null +++ b/doc/src/intro.md @@ -0,0 +1,13 @@ +# Vaultix + +### Secret management for NixOS. + +This project is highly inspired by [agenix-rekey](https://github.com/oddlama/agenix-rekey) and [sops-nix](https://github.com/Mic92/sops-nix). Based on rust [age](https://docs.rs/age/latest/age) crate. + ++ Support Template ++ Age Plugin Compatible ++ Support PIV Card (Yubikey) ++ Support identity with passphrase ++ Compatible with `userborn` module option ++ No Bash + diff --git a/doc/src/nix-apps.md b/doc/src/nix-apps.md new file mode 100644 index 0000000..e11220c --- /dev/null +++ b/doc/src/nix-apps.md @@ -0,0 +1,23 @@ +# Nix Apps + +Provided user friendly cli tools: + + +## renc + +This is needed every time the host key or secret content changed. + +The wrapped vaultix will decrypt cipher content to plaintext and encrypt it with target host public key, finally stored in `cache`. + +```bash +nix run .#vaultix.app.x86_64-linux.renc +``` + +## edit + +This will decrypt and open file with `$EDITOR`. Will encrypt it after editing finished. + +```bash +nix run .#vaultix.app.x86_64-linux.edit -- ./secrets/some.age +``` + diff --git a/doc/src/workflow.md b/doc/src/workflow.md new file mode 100644 index 0000000..4b3f989 --- /dev/null +++ b/doc/src/workflow.md @@ -0,0 +1,2 @@ +# TODO +Common used workflow with vaultix diff --git a/justfile b/justfile index 798b3e4..df8d50c 100644 --- a/justfile +++ b/justfile @@ -13,3 +13,8 @@ clean-exist-deploy: sudo umount /run/vaultix.d sudo rm -r /run/vaultix.d sudo rm -r /run/vaultix +full-test: + #!/usr/bin/env nu + cargo test + cargo fuzz run --all-features fuzz_parser_1 -- -max_len=256 -runs=16777216 + nix run github:nix-community/nixos-anywhere -- --flake .#tester --vm-test