diff --git a/README.md b/README.md index 63cebfa..4ced314 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,37 @@ git clone https:///coulomb/railliance-hosts.git cd railiance-hosts ``` +## 📦 Prerequisites +To use RailianceHosts, make sure you have the following tools installed on your workstation: + +- **Git** → for version control +- **age** → for key management and encryption ([Install guide](docs/age-keys.md)) +- **SOPS** → for managing encrypted secrets ([SOPS GitHub](https://github.com/getsops/sops)) +- **Terraform** → for provisioning infrastructure ([Terraform Downloads](https://developer.hashicorp.com/terraform/downloads)) +- **Ansible** → for server configuration ([Ansible Installation Guide](https://docs.ansible.com/ansible/latest/installation_guide/)) +- **Make** → to run the included `Makefile` tasks + +### Example installation (Ubuntu/Debian) + +```bash +# System tools +sudo apt update +sudo apt install -y git make ansible + +# Terraform +sudo apt install -y wget unzip +wget https://releases.hashicorp.com/terraform/1.9.5/terraform_1.9.5_linux_amd64.zip +unzip terraform_1.9.5_linux_amd64.zip +sudo mv terraform /usr/local/bin/ + +# age +sudo apt install age + +# SOPS Get the latest release (example: v3.10.2 — check GitHub for updates) +wget https://github.com/getsops/sops/releases/download/v3.10.2/sops_3.10.2_amd64.deb +sudo apt install ./sops_3.10.2_amd64.deb +``` ## 🔑 Secrets Management diff --git a/docs/age-keys.md b/docs/age-keys.md index 469cc0b..54bc84e 100644 --- a/docs/age-keys.md +++ b/docs/age-keys.md @@ -5,15 +5,33 @@ You need to create your own **age keypair**, add the public key to the repo, and --- +## 0. Install Age & Sops + +First, make sure **age** is installed on your workstation. + +```bash +sudo apt update +sudo apt install age +age --version +``` + +To install Sops grab the binary release and install it. + +```bash +wget https://github.com/getsops/sops/releases/download/v3.10.2/sops_3.10.2_amd64.deb +sudo apt install ./sops_3.10.2_amd64.deb +``` + + ## 1. Generate an Age Keypair On your workstation, run: ```bash -age-keygen -o ~/.config/age/key.txt +age-keygen -o ~/.config/sops/age/key.txt ``` -- This creates a new keypair and stores it at `~/.config/age/key.txt`. +- This creates a new keypair and stores it at `~/.config/sops/age/key.txt`. - The private key must **never** be committed to Git. Keep it safe (e.g., in your password manager or vault). - The public key looks like this: