2021-03-17 13:44:14 +00:00
|
|
|
# Create buckets and keys
|
2021-03-17 14:44:29 +00:00
|
|
|
|
2021-03-17 21:06:37 +00:00
|
|
|
*We use a command named `garagectl` which is in fact an alias you must define as explained in the [Control the daemon](./daemon.md) section.*
|
2021-03-17 14:44:29 +00:00
|
|
|
|
2021-03-17 21:06:37 +00:00
|
|
|
In this section, we will suppose that we want to create a bucket named `nextcloud-bucket`
|
|
|
|
that will be accessed through a key named `nextcloud-app-key`.
|
2021-03-17 14:44:29 +00:00
|
|
|
|
|
|
|
Don't forget that `help` command and `--help` subcommands can help you anywhere, the CLI tool is self-documented! Two examples:
|
|
|
|
|
|
|
|
```
|
2021-03-17 21:06:37 +00:00
|
|
|
garagectl help
|
|
|
|
garagectl bucket allow --help
|
2021-03-17 14:44:29 +00:00
|
|
|
```
|
|
|
|
|
2021-03-17 21:06:37 +00:00
|
|
|
## Create a bucket
|
|
|
|
|
2021-03-17 14:44:29 +00:00
|
|
|
Fine, now let's create a bucket (we imagine that you want to deploy nextcloud):
|
|
|
|
|
|
|
|
```
|
2021-03-17 21:06:37 +00:00
|
|
|
garagectl bucket create nextcloud-bucket
|
2021-03-17 14:44:29 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
Check that everything went well:
|
|
|
|
|
|
|
|
```
|
2021-03-17 21:06:37 +00:00
|
|
|
garagectl bucket list
|
|
|
|
garagectl bucket info nextcloud-bucket
|
2021-03-17 14:44:29 +00:00
|
|
|
```
|
|
|
|
|
2021-03-17 21:06:37 +00:00
|
|
|
## Create an API key
|
|
|
|
|
2021-03-17 14:44:29 +00:00
|
|
|
Now we will generate an API key to access this bucket.
|
|
|
|
Note that API keys are independent of buckets: one key can access multiple buckets, multiple keys can access one bucket.
|
|
|
|
|
|
|
|
Now, let's start by creating a key only for our PHP application:
|
|
|
|
|
|
|
|
```
|
2021-03-17 21:06:37 +00:00
|
|
|
garagectl key new --name nextcloud-app-key
|
2021-03-17 14:44:29 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
You will have the following output (this one is fake, `key_id` and `secret_key` were generated with the openssl CLI tool):
|
|
|
|
|
2021-03-17 21:06:37 +00:00
|
|
|
```javascript
|
|
|
|
Key {
|
|
|
|
key_id: "GK3515373e4c851ebaad366558",
|
|
|
|
secret_key: "7d37d093435a41f2aab8f13c19ba067d9776c90215f56614adad6ece597dbb34",
|
|
|
|
name: "nextcloud-app-key",
|
|
|
|
name_timestamp: 1603280506694,
|
|
|
|
deleted: false,
|
|
|
|
authorized_buckets: []
|
|
|
|
}
|
2021-03-17 14:44:29 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
Check that everything works as intended (be careful, info works only with your key identifier and not with its friendly name!):
|
|
|
|
|
|
|
|
```
|
2021-03-17 21:06:37 +00:00
|
|
|
garagectl key list
|
|
|
|
garagectl key info GK3515373e4c851ebaad366558
|
2021-03-17 14:44:29 +00:00
|
|
|
```
|
|
|
|
|
2021-03-17 21:06:37 +00:00
|
|
|
## Allow a key to access a bucket
|
|
|
|
|
2021-03-17 14:44:29 +00:00
|
|
|
Now that we have a bucket and a key, we need to give permissions to the key on the bucket!
|
|
|
|
|
|
|
|
```
|
2021-03-17 21:06:37 +00:00
|
|
|
garagectl bucket allow \
|
|
|
|
--read \
|
|
|
|
--write
|
|
|
|
nextcloud-bucket \
|
|
|
|
--key GK3515373e4c851ebaad366558
|
2021-03-17 14:44:29 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
You can check at any times allowed keys on your bucket with:
|
|
|
|
|
|
|
|
```
|
2021-03-17 21:06:37 +00:00
|
|
|
garagectl bucket info nextcloud-bucket
|
2021-03-17 14:44:29 +00:00
|
|
|
```
|
|
|
|
|