From 27bf92d2cd8fbc862dd1aec54d77c3dd10fec273 Mon Sep 17 00:00:00 2001
From: core <core@coredoes.dev>
Date: Mon, 9 Oct 2023 11:35:19 -0400
Subject: [PATCH] docs work

---
 .../installing_trifid_api/compiling.mdx       | 52 ++++++++++++++
 .../installing_trifid_api/configuring.mdx     | 71 +++++++++++++++++++
 2 files changed, 123 insertions(+)
 create mode 100644 docs/docs/trifid-api/installing_trifid_api/compiling.mdx
 create mode 100644 docs/docs/trifid-api/installing_trifid_api/configuring.mdx

diff --git a/docs/docs/trifid-api/installing_trifid_api/compiling.mdx b/docs/docs/trifid-api/installing_trifid_api/compiling.mdx
new file mode 100644
index 0000000..3a94ce4
--- /dev/null
+++ b/docs/docs/trifid-api/installing_trifid_api/compiling.mdx
@@ -0,0 +1,52 @@
+---
+sidebar_position: 2
+---
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+import CodeBlock from '@theme/CodeBlock';
+import Admonition from '@theme/Admonition';
+
+# Compiling trifid-api
+
+:::info
+You must have the Rust toolchain installed and a proper Postgres setup *prior* to compiling trifid-api. Follow the instructions [here](./dependencies.mdx) to do so.
+:::
+
+trifid-api is currently only distributed via Cargo, the Rust package manager. Download and compile trifid-api with the command:
+
+```
+cargo install trifid-api
+```
+
+:::note
+This command may take a very long time to complete (upwards of an hour!) depending on your system. Grab a cup of coffee and wait until it is complete.
+:::
+
+Once complete, follow the additional instructions below depending on your system:
+
+<Tabs groupId="os">
+    <TabItem value="win" label="Windows">
+        <Admonition>
+            It is recommended that you use macOS or Linux for a production deployment.
+        </Admonition>
+        No extra work is needed. The trifid-api binary will be located at: <CodeBlock>C:\Users\yourUser\.cargo\bin\trifid-api</CodeBlock>
+    </TabItem>
+    <TabItem value="osx" label="macOS">
+        <CodeBlock>
+            sudo cp ~/.cargo/bin/trifid-api /usr/local/bin
+        </CodeBlock>
+    </TabItem>
+    <TabItem value="lin" label="Linux">
+        <CodeBlock>
+            sudo cp ~/.cargo/bin/trifid-api /usr/local/bin
+        </CodeBlock>
+    </TabItem>
+</Tabs>
+
+Run `trifid-api` in a terminal and ensure it produces something along the lines of the following output:
+
+```
+ERROR [trifid_api::config] Unable to read config file
+```
+
+If this is showing, you are ready to create your configuration file!
\ No newline at end of file
diff --git a/docs/docs/trifid-api/installing_trifid_api/configuring.mdx b/docs/docs/trifid-api/installing_trifid_api/configuring.mdx
new file mode 100644
index 0000000..0ee5d82
--- /dev/null
+++ b/docs/docs/trifid-api/installing_trifid_api/configuring.mdx
@@ -0,0 +1,71 @@
+---
+sidebar_position: 3
+---
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+import CodeBlock from '@theme/CodeBlock';
+import Admonition from '@theme/Admonition';
+
+# Configuring trifid-api
+
+For trifid-api to run, it needs a configuration file telling it how to run and giving it some basic settings it can't get from the database.
+
+## Generating the application key
+
+trifid-api encrypts some sensitive key material with AES-256 before saving it to the database, so you must generate a secure application key for it to use.
+
+trifid-api expects a **32-byte hex-encoded random key.** A good way of generating this, if you have openssl installed, is `openssl rand -hex 32`.
+
+Keep this value on hand! It is the only way to recover CA keys from the database if your config is destroyed.
+
+:::danger
+Never share this key with anyone!
+:::
+
+:::danger
+**Never change the application key on a running instance!** It will render all existing CAs permanently unusable and will require manual database intervention and a re-enrollment of every single host attached to the instance to fix.
+:::
+
+## Creating the configuration file
+
+trifid-api uses a TOML config file, located in different places depending on your platform. Create this file, and open it with your favorite editor:
+
+<Tabs groupId="os">
+    <TabItem value="win" label="Windows">
+        <Admonition>
+            It is recommended that you use macOS or Linux for a production deployment.
+        </Admonition>
+        trifid-api will attempt to load the config from a file called config.toml in the same folder as the executable.
+    </TabItem>
+    <TabItem value="osx" label="macOS">
+        <CodeBlock>
+            /etc/trifid/config.toml
+        </CodeBlock>
+    </TabItem>
+    <TabItem value="lin" label="Linux">
+        <CodeBlock>
+            /etc/trifid/config.toml
+        </CodeBlock>
+    </TabItem>
+</Tabs>
+
+Once you have opened the file, copy this basic configuration in and change to fit your settings:
+
+```toml
+[database]
+url = "<YOUR_POSTGRES_CONNURL_HERE>"
+sqlx_logging = false
+
+[server]
+bind = "0.0.0.0:8080"
+
+[tokens]
+
+[crypto]
+data_encryption_key = "<YOUR_APPLICATION_KEY_HERE>"
+local_keystore_directory = "./data"
+```
+
+:::info
+Change <YOUR_POSTGRES_CONNURL_HERE> to your Postgres connection url that you got from [configuring the database](/docs/trifid-api/installing_trifid_api/dependencies#creating-the-database), and change `<YOUR_APPLICATION_KEY_HERE>` to the application key you got from [generating it](/docs/trifid-api/installing_trifid_api/configuring#generating-the-application-key).
+:::
\ No newline at end of file