1
0
Fork 0
forked from pub-solar/infra

docs: more garage CLI usage, avoid leaking secret

This commit is contained in:
teutat3s 2024-10-23 20:53:05 +02:00
parent 0ae6bc637b
commit 08f5c5ce67
Signed by untrusted user: teutat3s
GPG key ID: 4FA1D3FA524F22C1

View file

@ -4,29 +4,64 @@
Requirements: Requirements:
- `garage` RPC credentials, in the shared keepass, search for 'garage rpc secret'.
- [Setup WireGuard](./administrative-access.md#ssh-access) for hosts: `trinkgenossin`, optionally: `delite`, `blue-shell` - [Setup WireGuard](./administrative-access.md#ssh-access) for hosts: `trinkgenossin`, optionally: `delite`, `blue-shell`
``` ```
ssh barkeeper@trinkgenossin.wg.pub.solar ssh barkeeper@trinkgenossin.wg.pub.solar
```
export GARAGE_RPC_SECRET=<secret-in-keepass> ```
# Add a few spaces to avoid leaking the secret to the shell history
export GARAGE_RPC_SECRET=<secret-in-keepass>
```
Now, you can run the following command to check the cluster status:
```
garage status
```
Command to list all existing buckets:
```
garage bucket list
```
Creating a new bucket and access keys:
```
garage bucket create <bucket-name> garage bucket create <bucket-name>
garage key create <bucket-name>-key garage key create <bucket-name>-key
garage bucket allow <bucket-name> --read --write --key <bucket-name>-key garage bucket allow <bucket-name> --read --write --key <bucket-name>-key
``` ```
Docs: https://garagehq.deuxfleurs.fr/documentation/quick-start/#creating-buckets-and-keys Full example for `mastodon` bucket:
```
garage bucket create mastodon
garage key create mastodon-key
garage bucket allow mastodon --read --write --key mastodon-key
```
Then [setup your favourite S3 client](https://garagehq.deuxfleurs.fr/documentation/connect/cli/) Then [setup your favourite S3 client](https://garagehq.deuxfleurs.fr/documentation/connect/cli/)
or use the bucket with any [S3 compatible software](https://garagehq.deuxfleurs.fr/documentation/connect/). or use the bucket with any [S3 compatible software](https://garagehq.deuxfleurs.fr/documentation/connect/).
Further reading:
- https://garagehq.deuxfleurs.fr/documentation/quick-start/
- https://garagehq.deuxfleurs.fr/documentation/connect/
- https://garagehq.deuxfleurs.fr/documentation/connect/apps/#mastodon
### Notes on manual setup steps ### Notes on manual setup steps
``` ```
ssh barkeeper@trinkgenossin.wg.pub.solar ssh barkeeper@trinkgenossin.wg.pub.solar
export GARAGE_RPC_SECRET=<secret-in-keepass> # Add a few spaces to avoid leaking the secret to the shell history
export GARAGE_RPC_SECRET=<secret-in-keepass>
# Uses the default config /etc/garage.toml # Uses the default config /etc/garage.toml
garage node id garage node id