The Rugged TUF Server
Tutorials
Set up local environment
My first TUF repo
Initialize root metadata
How-to guides
Deploying Rugged
Prepare your Rugged Runbook repository
Generate Root Keys
Sign root metadata
Maintenance
Update threshold after initialization
Backup & Restore
Change Hashed Bin Count
Rotate Keys
Development
Update documentation
Generated documentation
Testing
Writing tests
Test Celery Workers
Use Satis
Build container images
Prepare a release
Background information
TUF for Humans
Security ceremonies
Initial Deployment Ceremony
Key rotation
Architecture
Workflows
Packaging Workflow
Packaging Workflow (w/ Monitor)
Operating Environments
Packaging environment
Targets Worker
Snapshot Worker
Timestamp Worker
Monitor Worker
Admin Environment
System Requirements
Docker images
History
Community
Trademarks
Privacy
Hosting Requirements
Reference guides
The Update Framework
Docker images
Components & Tools
PHP-TUF Composer Plugin
PHP-TUF Library
Python TUF
Celery Task Queue
Click (CLI)
Satis
Commands
Config
Test Steps
API Docs
Glossary
Features
More
Gitlab repo
Contributors
Clear History
Built with the
Harmony
theme for
Hugo
.
Edit this page
Reference guides
> Features
Features
Feature: A test worker to validate queue/RPC architecture.
Feature: A worker to dispatch `add-targets` tasks based on monitoring a directory for target files.
Feature: A worker to dispatch `add-targets` tasks based on monitoring a directory for target files.
Feature: A worker to dispatch `add-targets` tasks based on monitoring a directory for target files.
Feature: A worker to sign TUF repo snapshot metadata.
Feature: A worker to sign TUF repo targets metadata.
Feature: A worker to sign TUF repo timestamp metadata.
Feature: Basic manual backup and restore procedures.
Feature: Command option to add targets to the TUF repository locally.
Feature: Command option to remove targets from the TUF repository locally.
Feature: Command to add a verification key to partial root metadata.
Feature: Command to add signatures to partial root metadata.
Feature: Command to add targets to the TUF repository.
Feature: Command to change the number of hashed bins in a running repo.
Feature: Command to deploy completed root metadata.
Feature: Command to generate keys for Rugged TUF locally.
Feature: Command to generate keys for Rugged TUF on the root worker.
Feature: Command to initialize Rugged TUF repository locally.
Feature: Command to initialize Rugged TUF repository w/ existing root metadata.
Feature: Command to initialize Rugged TUF repository.
Feature: Command to pause processing of scheduled tasks.
Feature: Command to print monitor-worker status.
Feature: Command to print repo status.
Feature: Command to print Rugged config.
Feature: Command to print Rugged logs.
Feature: Command to refresh metadata expiry periods.
Feature: Command to refresh metadata expiry periods.
Feature: Command to remove a verification key from partial root metadata.
Feature: Command to remove targets to the TUF repository.
Feature: Command to reset processing of stuck add-targets tasks.
Feature: Command to reset the refreshing expiring flag.
Feature: Command to resume processing of scheduled tasks.
Feature: Command to show information about partial root metadata.
Feature: Commands to generate signable root metadata.
Feature: Commands to generate signed root metadata.
Feature: Configurable metadata expiry per role.
Feature: Configurable signature thresholds per role.
Feature: Configurable task timeouts.
Feature: Decrease the number of hashed bins in a running repo.
Feature: Delete targets once they have been signed.
Feature: Ensure tests are running against latest code.
Feature: Ensure that we have a modern OpenSSL.
Feature: Fast test to quickly flag when something has broken.
Feature: Flag to print debug messages.
Feature: Generated keys do not have deprecated `keyid_hash_algorithms` data.
Feature: Hashed bins are reasonably performant.
Feature: Hashed bins are reasonably performant.
Feature: Hashed bins using the root-worker.
Feature: Hashed bins.
Feature: Host headers in command output can be disabled.
Feature: Increase the number of hashed bins in a running repo.
Feature: Initialize partial root metadata for HSM signing.
Feature: Initialize partial root metadata for update HSM signing.
Feature: Local Composer package repository
Feature: Metadata expiry periods are refreshed automatically.
Feature: Metadata expiry timestamp is updated consistently.
Feature: Monitor worker is resilient to network instability.
Feature: Refresh expiry tasks on the monitor-worker are resilient to network instability.
Feature: Root signature thresholds are respected
Feature: Root signature thresholds can be changed.
Feature: Root worker to run privileged operations.
Feature: Rotate keys.
Feature: Rotate online keys.
Feature: Scheduled tasks respect pause/resume commands.
Feature: Scheduled tasks work well together.
Feature: Script allows config file to specify credentials to connect to the queue worker.
Feature: Script allows specifying credentials to connect to the queue worker.
Feature: Script to ping a queue worker.
Feature: Signing keys are isolated from one another in separate environments.
Feature: Stale sempahores are reset automatically.
Feature: Support for HSM-based root keys.
Feature: Testing tools
Feature: The TUF Composer plugin requires initial TUF root metadata.
Feature: The TUF Composer plugin validates TUF metadata.
Feature: The TUF Composer plugin validates TUF metadata.
Feature: The TUF Composer plugin works with Satis repositories.
Feature: Validate TUF repository keys.
Feature: Validate TUF repository metadata.
Feature: Validate TUF targets metadata.
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Rugged TUF Server is a trademark of Consensus Enterprises.