From 08b5c143348f89320d9a62623fbc7a9c08a1c3f0 Mon Sep 17 00:00:00 2001
From: c0repwn3r <core@coredoes.dev>
Date: Wed, 21 Jun 2023 09:40:27 -0400
Subject: [PATCH] basic tfcli docs

---
 docs/tfcli/getting_started.md | 27 +++++++++++
 docs/tfcli/index.md           |  8 +++-
 docs/tfcli/qrh.md             | 89 +++++++++++++++++++++++++++++++++++
 3 files changed, 123 insertions(+), 1 deletion(-)
 create mode 100644 docs/tfcli/getting_started.md
 create mode 100644 docs/tfcli/qrh.md

diff --git a/docs/tfcli/getting_started.md b/docs/tfcli/getting_started.md
new file mode 100644
index 0000000..f1e3ac3
--- /dev/null
+++ b/docs/tfcli/getting_started.md
@@ -0,0 +1,27 @@
+# Getting Started Guide - tfcli
+
+This guide will walk you through the process of setting up a new `trifid-api` organization and enrolling your first host, from scratch, using the `trifid` stack and a `trifid-api` server.
+
+This guide assumes you already have a `trifid-api` server set up, but you have *not* created a user account or organization yet. If you have, the [Quick Reference Handbook](./qrh.md) may be of more use to you.
+
+If you don't have a `trifid-api` server set up, or need help configuring it, consider checking out the [`trifid-api` Getting Started Guide](../trifid-api/getting_started.md) or the [`trifid-api` Quick Reference Handbook](../trifid-api/qrh.md).
+
+## Installing `tfcli`
+
+The first step to using `tfcli` is installing it. We recommend you do this via `cargo`, rust's package manager, as it is the most fool-proof way to quickly ensure that the program is installed correctly.
+
+Run the following command:
+
+```shell
+cargo install tfcli
+```
+
+This will install the `tfcli` binary to your Cargo `bin/` directory. You'll need to ensure that this directory is on your `PATH` - doing so is outside the scope of this guide.
+
+## Creating your account
+
+The first step in setting up your `trifid-api` account is creating it! This, like all other tasks, can be done via the `tfcli` program. You'll need the following on hand:
+
+- An email address (you don't need access to the mailbox though)
+- Access to the `trifid-api` server logs to get the login token
+- 
\ No newline at end of file
diff --git a/docs/tfcli/index.md b/docs/tfcli/index.md
index 61f309c..c2731f2 100644
--- a/docs/tfcli/index.md
+++ b/docs/tfcli/index.md
@@ -4,4 +4,10 @@
 
 <div class="alert alert-warning">
   <strong>Notice</strong>: `tfcli` does not implement a DNClient-compatible VPN client. It only allows management. For a VPN client, check out tfclient instead.
-</div>
\ No newline at end of file
+</div>
+
+`tfcli` is a feature-complete comand-line client and supports all features that `trifid-api` does, including some feature additions not available on the normal Defined Networking client.
+
+## Getting Started
+
+Please check out the [Getting Started Guide](./getting_started.md) to learn how to create a organization from scratch and enroll your first host using the `tfcli` program.
\ No newline at end of file
diff --git a/docs/tfcli/qrh.md b/docs/tfcli/qrh.md
new file mode 100644
index 0000000..581627e
--- /dev/null
+++ b/docs/tfcli/qrh.md
@@ -0,0 +1,89 @@
+# `tfcli` Quick Reference Handbook
+
+## Configuring the Server URL
+
+`tfcli` needs a server URL to be able to contact the API server. This can be configured in three ways, from most optimal to least optimal:
+
+1. The file in `$CONFIG/tfcli-server-url.conf` can have it's contents set to the base URL of the server you would like to use
+2. You can set the environment variable `TFCLI_SERVER` to the base URL
+3. You can provide the `-s/--server` argument immediately after `tfcli`, before your management command. For example: `tfcli --server https://your-server.your-domain.com network list`
+
+## Account Management
+
+These commands provide a means of managing your account and credentials on the `trifid-api` server.
+
+### Create Account
+
+Create a new account on the designated server.
+
+**Usage:** `tfcli account create --email <EMAIL>` 
+
+### Log Into Existing Account
+
+Log into an existing account on the designated server.
+
+**Usage:** `tfcli account login --email <EMAIL>`
+
+### Authenticate with Magic Link Token
+
+Log into your account with a magic-link token acquired via email or the trifid-api logs
+
+**Usage:** `tfcli account magic-link --magic-link-token <MAGIC_LINK_TOKEN>`
+
+### Setup TOTP
+
+Create a new TOTP authenticator on this account to enable authorizing with 2fa and performing all management tasks
+
+**Usage:** `tfcli account mfa-setup`
+
+### Finish setting up TOTP
+
+Finish creating a new TOTP authenticator by inputting the code shown on your authenticator app
+
+**Usage:** `tfcli account mfa-setup-finish --code <CODE> --token <TOKEN>`
+
+### Authenticate with TOTP
+
+Create a new short-lived authentication token by inputting the code shown on your authenticator app
+
+**Usage:** `tfcli account mfa --code <CODE>`
+
+Re-run this command if you get an "Unauthorized" error.
+
+## Network Management
+
+### List Networks
+
+### Lookup Network
+
+## Organization Management
+
+### Create organization
+
+## Role Management
+
+### Create role
+
+### List roles
+
+### Lookup role
+
+### Delete role
+
+### Update role
+
+## Host Management
+
+### Create host
+
+### List hosts
+
+### Lookup hosts
+
+### Delete host
+
+### Update host
+
+### Block host
+
+### Enroll/re-enroll host
\ No newline at end of file