From 31d6611d79c6b6fcbf84a397859a51f3b676ca99 Mon Sep 17 00:00:00 2001 From: c0repwn3r Date: Wed, 26 Jul 2023 17:05:47 -0400 Subject: [PATCH] readme updates --- README.md | 43 ++++++++++++++++++------------------------- 1 file changed, 18 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 581a97f..446a0b7 100644 --- a/README.md +++ b/README.md @@ -4,36 +4,29 @@ trifid is an open-souce reimplementation of the [Defined Networking](https://def It includes a reimplementation of the [API Server](https://api.defined.net), the [Web UI](https://admin.defined.net), `dnclient`, `nebula-cert` and `dnapi` - all fully API-compatible with the original versions. -We also include a Rust library for interacting with keys and certificates in the Nebula PKI. Find it in `trifid-pki/`, or on crates.rs as `trifid-pki`. +In addition to this, we include a command-line tool `tfcli` for interfacing with the DN [management API](https://docs.defined.net/api/defined-networking-api/), fully compatible with the upstream API or a third-party API implementation such as `trifid-api`. + +We also include a Rust library for interacting with keys and certificates in the Nebula PKI. Find it in `trifid-pki/`, or on crates.rs as `trifid-pki`. This library is an implementation of the Nebula PKI system that is mostly feature-complete, with the exception of non-Curve25519 cryptography, which is currently unsupported. Want to make your own Defined Networking client? Check out `dnapi-rs`! `dnapi-rs` is a Rust port of the official `dnapi` Go library, to allow for easy interactions with Defined Networking-compatible API servers. Find it in `dnapi-rs/`, or on crates.rs as `dnapi-rs`. The API implementation is tested with the official dnclient implementaiton, and the dnclient implementation is tested with the official API server, to ensure complete feature parity between the two. -The original Web UI does **not** work with trifid-api quite yet, as we haven't finished reverse engineering that API. Feature table below: - -# Features - -trifid-api feature table: - -| Feature | trifid-api | api.defined.net | -|---------------------------------------------|--------------|-----------------| -| Enroll in sites with dnclient | Yes | Yes | -| Automatic config update polling by dnclient | Yes | Yes | -| Group-based firewalling | Yes | Yes | -| All config features | Yes | Not officially | -| SSO authentication | Not yet | Yes | -| Open-source server | Yes | No | - -tfclient feature table: - -| Feature | tfclient | dnclient | -|----------------------------------------------|----------|----------| -| Enroll in trifid-api/api.defined.net sites | Yes | Yes | -| Automatic VPN profile setup | Yes | Yes | -| Poll the API server for config updates | Yes | Yes | -| Secure Ed25519 signing for API communication | Yes | Yes | - # Documentation Documentation work is underway. You can find a link to all documentation on the main project page [here](https://hub.e3t.cc/~core/trifid). + +# Supported Platforms + +tfclient is designed to be self-contained and as cross-platform as possible. Where possible, tfclient can be completley self-contained and fully functional on so-called "Tier 1" supported platforms. On other platforms, tfclient itself works great, but due to limitations of the platform cannot properly link with nebula, and thus needs to be broken out into two components - tfclient, to fetch config from the API, and nebula, running entirely separately, running off of that config. These platforms are known as "Tier 2" platforms. + +In addition, not all clients support connecting to trifid-api. Both tfclient support tiers and trifid-api connectivity capability are listed below. + +| Operating System / Architecture | tfclient support tier | trifid-api compatible? | +|---------------------------------|-----------------------------------|-------------------------------------| +| Windows (all architectures) | Tier 2 - external nebula required | Yes (tfclient/dnclient) | +| Darwin (OSX, MacOS) | Tier 2 - untested, maybe T1 | Yes (tfclient/dnclient) | +| FreeBSD (amd64) | Tier 1 - untested | Yes (tfclient/dnclient) | +| Linux (most architectures) | Tier 1 | Yes (tfclient/dnclient) | +| Android | Unsupported | No (almost - help wanted! see docs) | +| iOS | Unsupported | No (almost - help wanted! see docs) |