forked from pub-solar/infra
docs: more garage CLI usage, avoid leaking secret
This commit is contained in:
parent
0ae6bc637b
commit
08f5c5ce67
|
@ -4,28 +4,63 @@
|
|||
|
||||
Requirements:
|
||||
|
||||
- `garage` RPC credentials, in the shared keepass, search for 'garage rpc secret'.
|
||||
- [Setup WireGuard](./administrative-access.md#ssh-access) for hosts: `trinkgenossin`, optionally: `delite`, `blue-shell`
|
||||
|
||||
```
|
||||
ssh barkeeper@trinkgenossin.wg.pub.solar
|
||||
```
|
||||
|
||||
```
|
||||
# Add a few spaces to avoid leaking the secret to the shell history
|
||||
export GARAGE_RPC_SECRET=<secret-in-keepass>
|
||||
```
|
||||
|
||||
Now, you can run the following command to check the cluster status:
|
||||
|
||||
```
|
||||
garage status
|
||||
```
|
||||
|
||||
Command to list all existing buckets:
|
||||
|
||||
```
|
||||
garage bucket list
|
||||
```
|
||||
|
||||
Creating a new bucket and access keys:
|
||||
|
||||
```
|
||||
garage bucket create <bucket-name>
|
||||
garage key create <bucket-name>-key
|
||||
garage bucket allow <bucket-name> --read --write --key <bucket-name>-key
|
||||
```
|
||||
|
||||
Docs: https://garagehq.deuxfleurs.fr/documentation/quick-start/#creating-buckets-and-keys
|
||||
Full example for `mastodon` bucket:
|
||||
|
||||
```
|
||||
garage bucket create mastodon
|
||||
|
||||
garage key create mastodon-key
|
||||
|
||||
garage bucket allow mastodon --read --write --key mastodon-key
|
||||
```
|
||||
|
||||
Then [setup your favourite S3 client](https://garagehq.deuxfleurs.fr/documentation/connect/cli/)
|
||||
or use the bucket with any [S3 compatible software](https://garagehq.deuxfleurs.fr/documentation/connect/).
|
||||
|
||||
Further reading:
|
||||
|
||||
- https://garagehq.deuxfleurs.fr/documentation/quick-start/
|
||||
- https://garagehq.deuxfleurs.fr/documentation/connect/
|
||||
- https://garagehq.deuxfleurs.fr/documentation/connect/apps/#mastodon
|
||||
|
||||
### Notes on manual setup steps
|
||||
|
||||
```
|
||||
ssh barkeeper@trinkgenossin.wg.pub.solar
|
||||
|
||||
# Add a few spaces to avoid leaking the secret to the shell history
|
||||
export GARAGE_RPC_SECRET=<secret-in-keepass>
|
||||
|
||||
# Uses the default config /etc/garage.toml
|
||||
|
|
Loading…
Reference in a new issue