aboutsummaryrefslogtreecommitdiff
path: root/src/Technique/Développement
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2020-10-21 14:02:05 +0200
committerQuentin Dufour <quentin@deuxfleurs.fr>2020-10-21 14:02:05 +0200
commitd516fe5a3822e5114ae1ca4d45cbc6eb9fad4eec (patch)
tree4a68e135aa0072b268b2dd21c5b045454742c45f /src/Technique/Développement
parentc21124b02ed124057708de4ce0a9ed3bfb284c11 (diff)
downloadsite-d516fe5a3822e5114ae1ca4d45cbc6eb9fad4eec.tar.gz
site-d516fe5a3822e5114ae1ca4d45cbc6eb9fad4eec.zip
WIP Garage
Diffstat (limited to 'src/Technique/Développement')
-rw-r--r--src/Technique/Développement/Garage.md75
1 files changed, 75 insertions, 0 deletions
diff --git a/src/Technique/Développement/Garage.md b/src/Technique/Développement/Garage.md
index 49bd4c6..e352758 100644
--- a/src/Technique/Développement/Garage.md
+++ b/src/Technique/Développement/Garage.md
@@ -2,6 +2,81 @@
Store pile of bytes in your garage.
+## Quickstart on an existing deployment
+
+First, chances are that your garage deployment is secured by TLS.
+All your commands must be prefixed with their certificates.
+I will define an alias once and for all to ease future commands.
+Please adapt the path of the binary and certificates to your installation!
+
+```
+alias grg="/garage/garage --ca-cert /secrets/garage-ca.crt --client-cert /secrets/garage.crt --client-key /secrets/garage.key"
+```
+
+Now we can check that everything is going well by checking our cluster status:
+
+```
+grg status
+```
+
+Don't forget that `help` command and `--help` subcommands can help you anywhere, the CLI tool is self-documented! Two examples:
+
+```
+grg help
+grg bucket allow --help
+```
+
+Fine, now let's create a bucket (we imagine that you want to deploy nextcloud):
+
+```
+grg bucket create nextcloud-bucket
+```
+
+Check that everything went well:
+
+```
+grg bucket list
+grg bucket info nextcloud-bucket
+```
+
+Now we will generate an API key to access this bucket.
+Note that API keys are independent of buckets: one key can access multiple buckets, multiple keys can access one bucket.
+
+Now, let's start by creating a key only for our PHP application:
+
+```
+grg key new --name nextcloud-app-key
+```
+
+You will have the following output (this one is fake, `key_id` and `secret_key` were generated with openssl CLI tool):
+
+```
+Key { key_id: "GK3515373e4c851ebaad366558", secret_key: "7d37d093435a41f2aab8f13c19ba067d9776c90215f56614adad6ece597dbb34", name: "nextcloud-app-key", name_timestamp: 1603280506694, deleted: false, authorized_buckets: [] }
+```
+
+Check that everything works as intended (be careful, info works only with your key identifier and not with its friendly name!):
+
+```
+grg key list
+grg key info GK3515373e4c851ebaad366558
+```
+
+Now that we have a bucket and a key, we need to give permissions to the key on the bucket!
+
+```
+grg bucket allow --read --write nextcloud-bucket --key GK3515373e4c851ebaad366558
+```
+
+You can check at any times allowed keys on your bucket with:
+
+```
+grg bucket info nextcloud-bucket
+```
+
+Now, let's move to the S3 API!
+
+
+
## Context
Data storage is critical: it can lead to data loss if done badly and/or on hardware failure.