basic tfcli docs

2023-06-21 09:40:27 -04:00 · 2023-06-21 09:40:27 -04:00 · 08b5c14334
parent 63da940d0d
commit 08b5c14334
3 changed files with 123 additions and 1 deletions
--- a/docs/tfcli/getting_started.md
+++ b/docs/tfcli/getting_started.md
@ -0,0 +1,27 @@
+# Getting Started Guide - tfcli
+
+This guide will walk you through the process of setting up a new `trifid-api` organization and enrolling your first host, from scratch, using the `trifid` stack and a `trifid-api` server.
+
+This guide assumes you already have a `trifid-api` server set up, but you have *not* created a user account or organization yet. If you have, the [Quick Reference Handbook](./qrh.md) may be of more use to you.
+
+If you don't have a `trifid-api` server set up, or need help configuring it, consider checking out the [`trifid-api` Getting Started Guide](../trifid-api/getting_started.md) or the [`trifid-api` Quick Reference Handbook](../trifid-api/qrh.md).
+
+## Installing `tfcli`
+
+The first step to using `tfcli` is installing it. We recommend you do this via `cargo`, rust's package manager, as it is the most fool-proof way to quickly ensure that the program is installed correctly.
+
+Run the following command:
+
+```shell
+cargo install tfcli
+```
+
+This will install the `tfcli` binary to your Cargo `bin/` directory. You'll need to ensure that this directory is on your `PATH` - doing so is outside the scope of this guide.
+
+## Creating your account
+
+The first step in setting up your `trifid-api` account is creating it! This, like all other tasks, can be done via the `tfcli` program. You'll need the following on hand:
+
+- An email address (you don't need access to the mailbox though)
+- Access to the `trifid-api` server logs to get the login token
+- 
--- a/docs/tfcli/index.md
+++ b/docs/tfcli/index.md
@ -4,4 +4,10 @@

 <div class="alert alert-warning">
  <strong>Notice</strong>: `tfcli` does not implement a DNClient-compatible VPN client. It only allows management. For a VPN client, check out tfclient instead.
-</div>
+</div>
+
+`tfcli` is a feature-complete comand-line client and supports all features that `trifid-api` does, including some feature additions not available on the normal Defined Networking client.
+
+## Getting Started
+
+Please check out the [Getting Started Guide](./getting_started.md) to learn how to create a organization from scratch and enroll your first host using the `tfcli` program.
--- a/docs/tfcli/qrh.md
+++ b/docs/tfcli/qrh.md
@ -0,0 +1,89 @@
+# `tfcli` Quick Reference Handbook
+
+## Configuring the Server URL
+
+`tfcli` needs a server URL to be able to contact the API server. This can be configured in three ways, from most optimal to least optimal:
+
+1. The file in `$CONFIG/tfcli-server-url.conf` can have it's contents set to the base URL of the server you would like to use
+2. You can set the environment variable `TFCLI_SERVER` to the base URL
+3. You can provide the `-s/--server` argument immediately after `tfcli`, before your management command. For example: `tfcli --server https://your-server.your-domain.com network list`
+
+## Account Management
+
+These commands provide a means of managing your account and credentials on the `trifid-api` server.
+
+### Create Account
+
+Create a new account on the designated server.
+
+**Usage:** `tfcli account create --email <EMAIL>` 
+
+### Log Into Existing Account
+
+Log into an existing account on the designated server.
+
+**Usage:** `tfcli account login --email <EMAIL>`
+
+### Authenticate with Magic Link Token
+
+Log into your account with a magic-link token acquired via email or the trifid-api logs
+
+**Usage:** `tfcli account magic-link --magic-link-token <MAGIC_LINK_TOKEN>`
+
+### Setup TOTP
+
+Create a new TOTP authenticator on this account to enable authorizing with 2fa and performing all management tasks
+
+**Usage:** `tfcli account mfa-setup`
+
+### Finish setting up TOTP
+
+Finish creating a new TOTP authenticator by inputting the code shown on your authenticator app
+
+**Usage:** `tfcli account mfa-setup-finish --code <CODE> --token <TOKEN>`
+
+### Authenticate with TOTP
+
+Create a new short-lived authentication token by inputting the code shown on your authenticator app
+
+**Usage:** `tfcli account mfa --code <CODE>`
+
+Re-run this command if you get an "Unauthorized" error.
+
+## Network Management
+
+### List Networks
+
+### Lookup Network
+
+## Organization Management
+
+### Create organization
+
+## Role Management
+
+### Create role
+
+### List roles
+
+### Lookup role
+
+### Delete role
+
+### Update role
+
+## Host Management
+
+### Create host
+
+### List hosts
+
+### Lookup hosts
+
+### Delete host
+
+### Update host
+
+### Block host
+
+### Enroll/re-enroll host