basic tfcli docs
This commit is contained in:
parent
63da940d0d
commit
08b5c14334
|
@ -0,0 +1,27 @@
|
||||||
|
# Getting Started Guide - tfcli
|
||||||
|
|
||||||
|
This guide will walk you through the process of setting up a new `trifid-api` organization and enrolling your first host, from scratch, using the `trifid` stack and a `trifid-api` server.
|
||||||
|
|
||||||
|
This guide assumes you already have a `trifid-api` server set up, but you have *not* created a user account or organization yet. If you have, the [Quick Reference Handbook](./qrh.md) may be of more use to you.
|
||||||
|
|
||||||
|
If you don't have a `trifid-api` server set up, or need help configuring it, consider checking out the [`trifid-api` Getting Started Guide](../trifid-api/getting_started.md) or the [`trifid-api` Quick Reference Handbook](../trifid-api/qrh.md).
|
||||||
|
|
||||||
|
## Installing `tfcli`
|
||||||
|
|
||||||
|
The first step to using `tfcli` is installing it. We recommend you do this via `cargo`, rust's package manager, as it is the most fool-proof way to quickly ensure that the program is installed correctly.
|
||||||
|
|
||||||
|
Run the following command:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
cargo install tfcli
|
||||||
|
```
|
||||||
|
|
||||||
|
This will install the `tfcli` binary to your Cargo `bin/` directory. You'll need to ensure that this directory is on your `PATH` - doing so is outside the scope of this guide.
|
||||||
|
|
||||||
|
## Creating your account
|
||||||
|
|
||||||
|
The first step in setting up your `trifid-api` account is creating it! This, like all other tasks, can be done via the `tfcli` program. You'll need the following on hand:
|
||||||
|
|
||||||
|
- An email address (you don't need access to the mailbox though)
|
||||||
|
- Access to the `trifid-api` server logs to get the login token
|
||||||
|
-
|
|
@ -5,3 +5,9 @@
|
||||||
<div class="alert alert-warning">
|
<div class="alert alert-warning">
|
||||||
<strong>Notice</strong>: `tfcli` does not implement a DNClient-compatible VPN client. It only allows management. For a VPN client, check out tfclient instead.
|
<strong>Notice</strong>: `tfcli` does not implement a DNClient-compatible VPN client. It only allows management. For a VPN client, check out tfclient instead.
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
`tfcli` is a feature-complete comand-line client and supports all features that `trifid-api` does, including some feature additions not available on the normal Defined Networking client.
|
||||||
|
|
||||||
|
## Getting Started
|
||||||
|
|
||||||
|
Please check out the [Getting Started Guide](./getting_started.md) to learn how to create a organization from scratch and enroll your first host using the `tfcli` program.
|
|
@ -0,0 +1,89 @@
|
||||||
|
# `tfcli` Quick Reference Handbook
|
||||||
|
|
||||||
|
## Configuring the Server URL
|
||||||
|
|
||||||
|
`tfcli` needs a server URL to be able to contact the API server. This can be configured in three ways, from most optimal to least optimal:
|
||||||
|
|
||||||
|
1. The file in `$CONFIG/tfcli-server-url.conf` can have it's contents set to the base URL of the server you would like to use
|
||||||
|
2. You can set the environment variable `TFCLI_SERVER` to the base URL
|
||||||
|
3. You can provide the `-s/--server` argument immediately after `tfcli`, before your management command. For example: `tfcli --server https://your-server.your-domain.com network list`
|
||||||
|
|
||||||
|
## Account Management
|
||||||
|
|
||||||
|
These commands provide a means of managing your account and credentials on the `trifid-api` server.
|
||||||
|
|
||||||
|
### Create Account
|
||||||
|
|
||||||
|
Create a new account on the designated server.
|
||||||
|
|
||||||
|
**Usage:** `tfcli account create --email <EMAIL>`
|
||||||
|
|
||||||
|
### Log Into Existing Account
|
||||||
|
|
||||||
|
Log into an existing account on the designated server.
|
||||||
|
|
||||||
|
**Usage:** `tfcli account login --email <EMAIL>`
|
||||||
|
|
||||||
|
### Authenticate with Magic Link Token
|
||||||
|
|
||||||
|
Log into your account with a magic-link token acquired via email or the trifid-api logs
|
||||||
|
|
||||||
|
**Usage:** `tfcli account magic-link --magic-link-token <MAGIC_LINK_TOKEN>`
|
||||||
|
|
||||||
|
### Setup TOTP
|
||||||
|
|
||||||
|
Create a new TOTP authenticator on this account to enable authorizing with 2fa and performing all management tasks
|
||||||
|
|
||||||
|
**Usage:** `tfcli account mfa-setup`
|
||||||
|
|
||||||
|
### Finish setting up TOTP
|
||||||
|
|
||||||
|
Finish creating a new TOTP authenticator by inputting the code shown on your authenticator app
|
||||||
|
|
||||||
|
**Usage:** `tfcli account mfa-setup-finish --code <CODE> --token <TOKEN>`
|
||||||
|
|
||||||
|
### Authenticate with TOTP
|
||||||
|
|
||||||
|
Create a new short-lived authentication token by inputting the code shown on your authenticator app
|
||||||
|
|
||||||
|
**Usage:** `tfcli account mfa --code <CODE>`
|
||||||
|
|
||||||
|
Re-run this command if you get an "Unauthorized" error.
|
||||||
|
|
||||||
|
## Network Management
|
||||||
|
|
||||||
|
### List Networks
|
||||||
|
|
||||||
|
### Lookup Network
|
||||||
|
|
||||||
|
## Organization Management
|
||||||
|
|
||||||
|
### Create organization
|
||||||
|
|
||||||
|
## Role Management
|
||||||
|
|
||||||
|
### Create role
|
||||||
|
|
||||||
|
### List roles
|
||||||
|
|
||||||
|
### Lookup role
|
||||||
|
|
||||||
|
### Delete role
|
||||||
|
|
||||||
|
### Update role
|
||||||
|
|
||||||
|
## Host Management
|
||||||
|
|
||||||
|
### Create host
|
||||||
|
|
||||||
|
### List hosts
|
||||||
|
|
||||||
|
### Lookup hosts
|
||||||
|
|
||||||
|
### Delete host
|
||||||
|
|
||||||
|
### Update host
|
||||||
|
|
||||||
|
### Block host
|
||||||
|
|
||||||
|
### Enroll/re-enroll host
|
Loading…
Reference in New Issue