Expand description
This crate is the ‘library’ part of RustyVault, a Rust and real free replica of Hashicorp Vault. RustyVault is focused on identity-based secrets management and works in two ways independently:
- A standalone application serving secrets management via RESTful API;
- A Rust crate that provides same features for other application to integrate.
This document is only about the crate part of RustyVault. For the first working mode, please go to RustyVault’s RESTful API documentation, which documents all RustyVault’s RESTful API. Users can use an HTTP client tool (curl, e.g.) to send commands to a running RustyVault server and then have relevant secret management features.
The second working mode, which works as a typical Rust crate called rusty_vault, allows Rust
application developers to integrate RustyVault easily into their own applications to have the
ability of secrets management such as secure key/vaule storage, public key cryptography, data
encryption and so forth.
This is the official documentation of crate rusty_vault, and it’s mainly for developers.
Once again, if you are looking for how to use the RustyVault server via a set of RESTful API,
then you may prefer the RustyVault’s RESTful API documentation.
Modules§
- api
- The
rusty_vault::apimodule which contains code useful for interacting with a RustyVault server. - cli
- The
rusty_vault::climodule is used to serve the RustyVault application. This module basically accepts options from command-line and starts a server up. - context
- The
rusty_vault::contextmodule is intent to provide a generic key value storage. This module is currently not used by any other part ofcrate::rusty_vault. - core
- The
rusty_vault::coremodule implements several key functions that are in charge of the whole process of RustyVault. For instance, to seal or unseal the RustyVault we have theseal()andunseal()functions in this module. Also, thehandle_request()function in this module is to route an API call to its correct backend and get the result back to the caller. - errors
- The
rusty_vault::errorsmodule defines an enumeration of various error code, and implements neccessary traits against it. - handler
- The
rusty_vault::handlermodule basically defines theHandlertrait. - http
- This module handles almost everything related to RustyVault’s HTTP(S) server, including basic
connection, HTTP request reading, HTTP response writing, data encoding/decoding, TLS stuffs, etc.
This module utilize
actix_webcrate as the underlying provider. - logical
- The
rusty_vault::logicalis a low level module that defines ‘backend’ and relevant data structures such asPath,Request, etc and traits. - metrics
- The
rusty_vault::metricsmodule instruments RustyVault with Prometheus, allowing it to capture performance metrics. - module_
manager - RustyVault is consisted of many modules. Modules are the real components that implement the
features that users need. All modules in RustyVault are managed by
rusty_vault::module_manager. - modules
rusty_vault::modulescontains a set of real RustyVault modules. Each sub module needs to implement therusty_vault::modules::Moduletrait defined here and then the module could be added to module manager.- mount
- Simply speaking, the
rusty_vault::mountmodule manages the relationship between a ‘path’ and the real RustyVault module which is responsible for that feature. In RustyVault, everything is exposed to outside by RESTful API, which is defined by ‘path’. - router
- The
rusty_vault::routermodule contains the functions that are used to do the routing work. All router entries are organized in a Trie structure which is suitable for locating prefix. The core router is the final ‘glue’ that mounts the pieces together for RustyVault’s API. - shamir
- A Shamir threshold algorithm implementaion which is used to derive the RustyVault master key.
- storage
- This module manages all storage related code by defining a ‘barrier’ concept and a ‘backend’ concept.
- utils
- Miscellaneous public handy functions are collected here, such as cryptography tools, uuid generator, etc.
Macros§
- new_
fields - new_
logical_ backend - new_
path - new_
secret - rv_
error_ response - rv_
error_ response_ status - rv_
error_ string
Constants§
- BUILD_
TIME - Build timestamp in UTC
- EXIT_
CODE_ INSUFFICIENT_ PARAMS - Exit code when insufficient params are passed via CLI
- EXIT_
CODE_ LOAD_ CONFIG_ FAILURE - Exit code when loading configuration from file fails
- EXIT_
CODE_ OK - Exit ok
- EXIT_
CODE_ SERVER_ ABORTED - Exit code when server aborted
- EXIT_
CODE_ SERVER_ EXIT_ UNEXPECTEDLY - Exit code when server exits unexpectedly
- VERSION
- rusty_vault version