yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

use shellSession everywhere for markdown

Browse Source
This commit is contained in:
Jörg Thalheim
2023-09-26 15:49:45 +02:00
parent 87aa063e86
commit 5ea6c7790f
2 changed files with 22 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
docs/quickstart.md
View File

@@ -10,7 +10,7 @@ $ nix shell git+https://git.clan.lol/clan/clan-core
2. Then use the following commands to initialize a new clan-flake: 2. Then use the following commands to initialize a new clan-flake:
``` ```shellSession
$ mkdir ./my-flake $ mkdir ./my-flake
$ cd ./my-flake $ cd ./my-flake
$ clan create $ clan create
@@ -40,7 +40,7 @@ $ clan machines list
my-machine my-machine
``` ```
## configure your machine ## Configure your machine
In this example we crate a user named `my-user` that is allowed to login to the machine In this example we crate a user named `my-user` that is allowed to login to the machine
@@ -66,8 +66,8 @@ Absolutely, let's break down the migration step by step, explaining each action
1. **Backup Your Current Configuration**: Always start by making a backup of your current NixOS configuration to ensure you can revert if needed. 1. **Backup Your Current Configuration**: Always start by making a backup of your current NixOS configuration to ensure you can revert if needed.
```shell ```shellSession
cp -r /etc/nixos ~/nixos-backup $ cp -r /etc/nixos ~/nixos-backup
``` ```
2. **Update Flake Inputs**: Add a new input for the `clan-core` dependency: 2. **Update Flake Inputs**: Add a new input for the `clan-core` dependency:
@@ -132,8 +132,8 @@ Absolutely, let's break down the migration step by step, explaining each action
4. **Rebuild and Switch**: Rebuild your NixOS configuration using the updated flake: 4. **Rebuild and Switch**: Rebuild your NixOS configuration using the updated flake:
```shell ```shellSession
sudo nixos-rebuild switch --flake . $ sudo nixos-rebuild switch --flake .
``` ```
- This command rebuilds and switches to the new configuration. Make sure to include the `--flake .` argument to use the current directory as the flake source. - This command rebuilds and switches to the new configuration. Make sure to include the `--flake .` argument to use the current directory as the flake source.
@@ -142,8 +142,8 @@ Absolutely, let's break down the migration step by step, explaining each action
6. **Reboot**: If everything is fine, you can reboot your system to apply the changes: 6. **Reboot**: If everything is fine, you can reboot your system to apply the changes:
```shell ```shellSession
sudo reboot $ sudo reboot
``` ```
7. **Verify**: After the reboot, confirm that your system is running with the new configuration, and all services and applications are functioning as expected. 7. **Verify**: After the reboot, confirm that your system is running with the new configuration, and all services and applications are functioning as expected.

28
docs/secrets-management.md
View File

@@ -9,7 +9,7 @@ integrates with [sops-nix](https://github.com/Mic92/sops-nix) on NixOS machines.
To begin, generate a key pair: To begin, generate a key pair:
```console ```shellSession
$ clan secrets key generate $ clan secrets key generate
``` ```
@@ -27,7 +27,7 @@ user with your user name)
Next, add your public key to the Clan flake repository: Next, add your public key to the Clan flake repository:
```console ```shellSession
$ clan secrets users add <your_username> <your_public_key> $ clan secrets users add <your_username> <your_public_key>
``` ```
@@ -42,7 +42,7 @@ sops/
Now, to set your first secret: Now, to set your first secret:
```console ```shellSession
$ clan secrets set mysecret $ clan secrets set mysecret
Paste your secret: Paste your secret:
``` ```
@@ -51,13 +51,13 @@ Note: As you type your secret, keypresses won't be displayed. Press Enter to sav
Retrieve the stored secret: Retrieve the stored secret:
```console ```shellSession
$ clan secrets get mysecret $ clan secrets get mysecret
``` ```
And list all secrets like this: And list all secrets like this:
```console ```shellSession
$ clan secrets list $ clan secrets list
``` ```
@@ -79,19 +79,19 @@ By default, secrets are encrypted with your key to ensure readability.
New machines in Clan come with age keys stored in `./sops/machines/<machine_name>`. To list these machines: New machines in Clan come with age keys stored in `./sops/machines/<machine_name>`. To list these machines:
```console ```shellSession
$ clan secrets machines list $ clan secrets machines list
``` ```
For existing machines, add their keys: For existing machines, add their keys:
```console ```shellSession
$ clan secrets machines add <machine_name> <age_key> $ clan secrets machines add <machine_name> <age_key>
``` ```
To fetch an age key from an SSH host key: To fetch an age key from an SSH host key:
```console ```shellSession
$ ssh-keyscan <domain_name> | nix shell nixpkgs#ssh-to-age -c ssh-to-age $ ssh-keyscan <domain_name> | nix shell nixpkgs#ssh-to-age -c ssh-to-age
``` ```
@@ -99,13 +99,13 @@ $ ssh-keyscan <domain_name> | nix shell nixpkgs#ssh-to-age -c ssh-to-age
By default, secrets are encrypted for your key. To specify which users and machines can access a secret: By default, secrets are encrypted for your key. To specify which users and machines can access a secret:
```console ```shellSession
$ clan secrets set --machine <machine1> --machine <machine2> --user <user1> --user <user2> <secret_name> $ clan secrets set --machine <machine1> --machine <machine2> --user <user1> --user <user2> <secret_name>
``` ```
You can add machines/users to existing secrets without modifying the secret: You can add machines/users to existing secrets without modifying the secret:
```console ```shellSession
$ clan secrets machines add-secret <machine_name> <secret_name> $ clan secrets machines add-secret <machine_name> <secret_name>
``` ```
@@ -117,19 +117,19 @@ For convenience, Clan CLI allows group creation to simplify access management. H
Assign users to a new group, e.g., `admins`: Assign users to a new group, e.g., `admins`:
```console ```shellSession
$ clan secrets groups add admins <username> $ clan secrets groups add admins <username>
``` ```
2. **Listing Groups**: 2. **Listing Groups**:
```console ```shellSession
$ clan secrets groups list $ clan secrets groups list
``` ```
3. **Assigning Secrets to Groups**: 3. **Assigning Secrets to Groups**:
```console ```shellSession
$ clan secrets groups add-secret <group_name> <secret_name> $ clan secrets groups add-secret <group_name> <secret_name>
``` ```
@@ -162,7 +162,7 @@ commonly allows to put all secrets in a yaml or json documents.
If you already happend to use sops-nix, you can migrate by using the `clan secrets import-sops` command by importing these documents: If you already happend to use sops-nix, you can migrate by using the `clan secrets import-sops` command by importing these documents:
```console ```shellSession
% clan secrets import-sops --prefix matchbox- --group admins --machine matchbox nixos/matchbox/secrets/secrets.yaml % clan secrets import-sops --prefix matchbox- --group admins --machine matchbox nixos/matchbox/secrets/secrets.yaml
``` ```