Merge pull request #12 from rapidrecast/docs-update-0.2.0

Add some docs

Author: phughk

content/docs/_index.md

@@ -14,4 +14,5 @@ seo:
   noindex: false # false (default) or true
 ---
 
-Index of docs.
+Bear with me while I set up branding and then format this better.
+

content/docs/guides/_index.md

@@ -1,6 +1,6 @@
 ---
 title: "Guides"
-description: ""
+description: "Guides for how to achieve common tasks"
 summary: ""
 date: 2023-09-07T16:06:50+02:00
 lastmod: 2023-09-07T16:06:50+02:00
@@ -14,4 +14,6 @@ seo:
   noindex: false # false (default) or true
 ---
 
-Index of the guides.
+Guides lead you through a specific task you want to accomplish.
+
+If there is a guide you would like, please open a ticket on the [repository](https://github.com/rapidrecast/www.rapidrecast.io/issues/new).

content/docs/guides/example.md

@@ -0,0 +1,75 @@
+---
+title: "Launching RapidRecast"
+description: "How you can launch RapidRecast and the options available."
+summary: ""
+date: 2023-09-07T16:04:48+02:00
+lastmod: 2023-09-07T16:04:48+02:00
+draft: false
+weight: 810
+toc: true
+seo:
+  title: "" # custom title (optional)
+  description: "" # custom description (recommended)
+  canonical: "" # custom canonical URL (optional)
+  noindex: false # false (default) or true
+---
+
+# Downloading RapidRecast
+
+Pick up the latest release from the [Releases Page](http://localhost:1313/releases/).
+
+Download for the appropriate platform from the table at the bottom of the release page.
+
+Unpack wherever is convenient for you, for example `~/local/bin`.
+
+# Starting RapidRecast
+
+Once you have downloaded and unpacked RapidRecast, you should be able to run it immediately with this command.
+
+```bash
+# (Optional) configure logging
+export RUST_LOG=rapidrecast=trace,info
+# Start RapidRecast
+rapidrecast -p 0.0.0.0:0 -a 127.0.0.1:0
+```
+
+The above command creates an HTTP protocol and an Admin API on any available port.
+The `0.0.0.0` binding means that it is accessible on any network interface (such as the internet, if the firewall allows it).
+We do not want the Admin API accessible from anyone outside our computer though - so we have set the bind to be `127.0.0.1`.
+Only you can access it from your computer that way.
+
+Exposing the Admin API to the internet is considered safe, assuming the login credentials are secure.
+
+# Protocols available
+
+RapidRecast exposes protocols on CLI provided ports.
+
+## Admin Protocol
+
+RapidRecast provides a way to remotely configure its behaviour and state.
+
+To make the Admin Protocol available, you provide the CLI with the `-a` or `--admin-bind` parameter.
+
+For example `rapidrecast -a 127.0.0.1:8080` will make the admin protocol available on port 8080 on your computer only, but not to outside networks.
+
+## Service Protocols
+
+**Service Protocols** are the protocols that users of the service interact with.
+They are entirely programmable from the admin API and console.
+
+In the current latest release the available protocols are:
+
+| Protocol | CLI args                             | Example          |
+|----------|--------------------------------------|------------------|
+| HTTP 1.1 | `-p <bind>` and `--http-bind <bind>` | `-p 127.0.0.1:0` |
+
+
+# Admin credentials
+
+To access the admin API, you need to use admin credentials.
+
+In the early days of RapidRecast, the admin credentials are hardcoded to `admin` and `admin-password`.
+
+Once logged in as an admin, you can create users and roles fitting the permissions you would like to use.
+
+To read more about Policies and Roles, see the [RBAC Guide]({{< ref "/docs/guides/rbac.md" >}}).

content/docs/guides/launching.md

@@ -0,0 +1,73 @@
+---
+title: "Role-Based Access Control (RBAC)"
+description: "How the Authorization system works in RapidRecast."
+summary: ""
+date: 2023-09-07T16:04:48+02:00
+lastmod: 2023-09-07T16:04:48+02:00
+draft: false
+weight: 810
+toc: true
+seo:
+  title: "" # custom title (optional)
+  description: "" # custom description (recommended)
+  canonical: "" # custom canonical URL (optional)
+  noindex: false # false (default) or true
+---
+
+# Role-Based Access Control (RBAC)
+
+
+Role-Based Access Control (RBAC) is a method of restricting what users can do on your system.
+
+The general idea is that every time you do something, you are acting as a Subject (User or Role).
+When you are acting as a Subject, you are acting on some resource; this is the Object.
+Finally, there is a definition of what you are trying to do with the Object. This is the Action.
+
+## What are Policies and Subject-Object-Action?
+
+RBAC is a system of handling permissions where you define Policies.
+A Policy is a 3-tuple of Subject, Object, and Action.
+
+As a _hypothetical_ example, this is how you would allow Hugh to Write to Topic1:
+
+```
+Hugh, Topic1, Write
+```
+
+The above is completely incorrect syntax, but it highlights the idea of the RBAC system in place.
+
+To revoke permission, you would remove the Policy.
+A user is given permission if any single policy affecting them (or their roles) allows it.
+
+## What are Roles?
+
+A Role is a Subject, just like a User.
+
+In the existing implementation of RapidRecast, there is no difference between Roles and Users.
+That means Users can belong to other Users and inherit the same permissions.
+Under such circumstances, if Users remain in the system after the parent User is deleted, the parent User effectively becomes a Role.
+The Role can be renamed.
+
+### Pre-defined Roles in RapidRecast
+
+There are 2 Users that are pre-defined in RapidRecast:
+- `admin`
+- `anon`
+
+The password for `admin` is `admin-password`.
+
+The `anon` account is not allowed to have a password.
+
+### Existing Objects
+
+The full Objects list can be found in the [RBAC Reference]({{< ref "/docs/reference/rbac/_index.md#objects" >}}).
+
+### Existing Actions
+
+The full Actions list can be found in the [RBAC Reference]({{< ref "/docs/reference/rbac/_index.md#actions" >}}).
+
+### Defining a Policy
+
+You can define a policy using the policy API.
+
+

content/docs/guides/rbac.md

@@ -1,6 +1,6 @@
 ---
-title: "Reference"
-description: ""
+title: "Product Reference"
+description: "The Product Reference is the primary documentation where you should find everything you want"
 summary: ""
 date: 2023-09-07T16:12:37+02:00
 lastmod: 2023-09-07T16:12:37+02:00
@@ -12,6 +12,6 @@ sidebar:
 seo:
   title: "" # custom title (optional)
   description: "" # custom description (recommended)
-  canonical: "" # custom canonical URL (optional)
+  canonical: "ref" # custom canonical URL (optional)
   noindex: false # false (default) or true
 ---

content/docs/reference/_index.md

@@ -0,0 +1,20 @@
+---
+title: "Admin API Reference"
+description: "The Admin API is used to configure and manage RapidRecast"
+summary: ""
+date: 2023-09-07T16:12:37+02:00
+lastmod: 2023-09-07T16:12:37+02:00
+draft: false
+weight: 900
+toc: true
+sidebar:
+  collapsed: true
+seo:
+  title: "" # custom title (optional)
+  description: "" # custom description (recommended)
+  canonical: "" # custom canonical URL (optional)
+  noindex: false # false (default) or true
+---
+
+The API endpoints are available on the admin protocol.
+

content/docs/reference/api/_index.md

@@ -0,0 +1,23 @@
+---
+title: "Auth"
+description: "Auth endpoint handles"
+summary: ""
+date: 2023-09-07T16:12:37+02:00
+lastmod: 2023-09-07T16:12:37+02:00
+draft: false
+weight: 900
+toc: true
+sidebar:
+  collapsed: true
+seo:
+  title: "" # custom title (optional)
+  description: "" # custom description (recommended)
+  canonical: "" # custom canonical URL (optional)
+  noindex: false # false (default) or true
+---
+
+| Method | Path                | Description                                      | Body |
+| --- |---------------------|--------------------------------------------------|------|
+| `POST` | `/api/v1/auth` | Generate a JWT token from HTTP Basic Auth header | None |
+
+{{< interactive/curl-auth interactive-id >}}

content/docs/reference/api/auth.md

@@ -0,0 +1,23 @@
+---
+title: "Policy"
+description: "Policy endpoint handles"
+summary: ""
+date: 2023-09-07T16:12:37+02:00
+lastmod: 2023-09-07T16:12:37+02:00
+draft: false
+weight: 900
+toc: true
+sidebar:
+  collapsed: true
+seo:
+  title: "" # custom title (optional)
+  description: "" # custom description (recommended)
+  canonical: "" # custom canonical URL (optional)
+  noindex: false # false (default) or true
+---
+
+| Method | Path             | Description                                      | Request Body  | Response Body  |
+|--------|------------------|--------------------------------------------------|---------------|----------------|
+| `POST` | `/api/v1/policy` | Generate a JWT token from HTTP Basic Auth header | PolicyRequest | PolicyResponse |
+
+

content/docs/reference/api/policy.md

@@ -0,0 +1,17 @@
+---
+title: "CLI Reference"
+description: "The Command Line Interface reference covers all things to do with the binary."
+summary: ""
+date: 2023-09-07T16:12:37+02:00
+lastmod: 2023-09-07T16:12:37+02:00
+draft: false
+weight: 900
+toc: true
+sidebar:
+  collapsed: true
+seo:
+  title: "" # custom title (optional)
+  description: "" # custom description (recommended)
+  canonical: "" # custom canonical URL (optional)
+  noindex: false # false (default) or true
+---

content/docs/reference/cli.md

@@ -0,0 +1,22 @@
+---
+title: "Admin Console Reference"
+description: "The Admin Console is the user interface for managing RapidRecast"
+summary: ""
+date: 2023-09-07T16:12:37+02:00
+lastmod: 2023-09-07T16:12:37+02:00
+draft: false
+weight: 900
+toc: true
+sidebar:
+  collapsed: true
+seo:
+  title: "" # custom title (optional)
+  description: "" # custom description (recommended)
+  canonical: "" # custom canonical URL (optional)
+  noindex: false # false (default) or true
+---
+
+Admin Console text.
+
+You can access the console with the credentials `admin` and `admin-password`.
+This is conveniently provided through [this link](http://admin:[email protected]).

content/docs/reference/console/_index.md

@@ -0,0 +1,40 @@
+---
+title: "RBAC Reference"
+description: "Role-Based Access Control (RBAC) covers all the concepts related to permissions within RapidRecast."
+summary: ""
+date: 2023-09-07T16:12:37+02:00
+lastmod: 2023-09-07T16:12:37+02:00
+draft: false
+weight: 900
+toc: true
+sidebar:
+  collapsed: true
+seo:
+  title: "" # custom title (optional)
+  description: "" # custom description (recommended)
+  canonical: "" # custom canonical URL (optional)
+  noindex: false # false (default) or true
+---
+
+See the [RBAC Guide]({{< ref "/docs/guides/rbac.md" >}}) for a more detailed explanation of RBAC in RapidRecast.
+
+# Subjects
+
+# Objects
+
+The following Objects can be used in Policies:
+
+| Object                                 | Description                                     |
+|----------------------------------------|-------------------------------------------------|
+| `topic-any:default-namespace`          | Any topic that can be pushed and consumed from. |
+| `topic:default-namespace:<topic-name>` | A specific topic by name.                       |
+
+# Actions
+
+The following Actions can be used in Policies:
+- `Create`, whenever a resource is being created
+- `Update`, whenever a resource is being updated
+- `Delete`, whenever a resource is being deleted
+- `List`, whenever metadata about a resource is being listed
+- `Read`, whenever a resource is being read from
+- `Write`, whenever a resource is being written to