Skip to content

Facts

manage facts

Usage: clan facts

Commands

This subcommand provides an interface to facts of clan machines. Facts are artifacts that a service can generate. There are public and secret facts. Public facts can be referenced by other machines directly. Public facts can include: ip addresses, public keys. Secret facts can include: passwords, private keys.

A service is an included clan-module that implements facts generation functionality. For example the zerotier module will generate private and public facts. In this case the public fact will be the resulting zerotier-ip of the machine. The secret fact will be the zerotier-identity-secret, which is used by zerotier to prove the machine has control of the zerotier-ip.

Examples

$ clan facts generate

Will generate facts for all machines.

$ clan facts generate --service [SERVICE] --regenerate

Will regenerate facts, if they are already generated for a specific service. This is especially useful for resetting certain passwords while leaving the rest of the facts for a machine in place.

For more detailed information, visit: https://docs.clan.lol/getting-started/secrets/

Facts check

Usage: clan facts check

Positional arguments

  1. machine: The machine to check secrets for
Options
  • --service: the service to check
  • --debug: Enable debug logging
  • --option: <('name', 'value')> Nix option to set
  • --flake: <PATH> path to the flake where the clan resides in, can be a remote flake or local, can be set through the [CLAN_DIR] environment variable

Facts generate

Usage: clan facts generate

Positional arguments

  1. machines: machine to generate facts for. if empty, generate facts for all machines
Options
  • --service: service to generate facts for, if empty, generate facts for every service
  • --regenerate, --no-regenerate: whether to regenerate facts for the specified machine
  • --debug: Enable debug logging
  • --option: <('name', 'value')> Nix option to set
  • --flake: <PATH> path to the flake where the clan resides in, can be a remote flake or local, can be set through the [CLAN_DIR] environment variable

Facts list

Usage: clan facts list

Positional arguments

  1. machine: The machine to print facts for
Options
  • --debug: Enable debug logging
  • --option: <('name', 'value')> Nix option to set
  • --flake: <PATH> path to the flake where the clan resides in, can be a remote flake or local, can be set through the [CLAN_DIR] environment variable

Facts upload

Usage: clan facts upload

Positional arguments

  1. machine: The machine to upload secrets to
Options
  • --debug: Enable debug logging
  • --option: <('name', 'value')> Nix option to set
  • --flake: <PATH> path to the flake where the clan resides in, can be a remote flake or local, can be set through the [CLAN_DIR] environment variable