1
0
Fork 0
forked from pub-solar/infra

Merge pull request 'docs: more garage CLI usage, avoid leaking secret' (#246) from docs-garage into main

Reviewed-on: pub-solar/infra#246
Reviewed-by: hensoko <hensoko@noreply.git.pub.solar>
This commit is contained in:
teutat3s 2024-11-06 14:39:53 +00:00
commit cf39137340
Signed by: pub.solar gitea
GPG key ID: F0332B04B7054873

View file

@ -4,29 +4,64 @@
Requirements:
- `garage` RPC credentials, in the shared keepass, search for 'garage rpc secret'.
- [Setup WireGuard](./administrative-access.md#ssh-access) for hosts: `trinkgenossin`, optionally: `delite`, `blue-shell`
```
ssh barkeeper@trinkgenossin.wg.pub.solar
```
export GARAGE_RPC_SECRET=<secret-in-keepass>
```
# Add a few spaces to avoid leaking the secret to the shell history
export GARAGE_RPC_SECRET=<secret-in-keepass>
```
Now, you can run the following command to check the cluster status:
```
garage status
```
Command to list all existing buckets:
```
garage bucket list
```
Creating a new bucket and access keys:
```
garage bucket create <bucket-name>
garage key create <bucket-name>-key
garage bucket allow <bucket-name> --read --write --key <bucket-name>-key
```
Docs: https://garagehq.deuxfleurs.fr/documentation/quick-start/#creating-buckets-and-keys
Full example for `mastodon` bucket:
```
garage bucket create mastodon
garage key create mastodon-key
garage bucket allow mastodon --read --write --key mastodon-key
```
Then [setup your favourite S3 client](https://garagehq.deuxfleurs.fr/documentation/connect/cli/)
or use the bucket with any [S3 compatible software](https://garagehq.deuxfleurs.fr/documentation/connect/).
Further reading:
- https://garagehq.deuxfleurs.fr/documentation/quick-start/
- https://garagehq.deuxfleurs.fr/documentation/connect/
- https://garagehq.deuxfleurs.fr/documentation/connect/apps/#mastodon
### Notes on manual setup steps
```
ssh barkeeper@trinkgenossin.wg.pub.solar
export GARAGE_RPC_SECRET=<secret-in-keepass>
# Add a few spaces to avoid leaking the secret to the shell history
export GARAGE_RPC_SECRET=<secret-in-keepass>
# Uses the default config /etc/garage.toml
garage node id