-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #111 from Thymis-io/docs/overhaul
Add documentation
- Loading branch information
Showing
26 changed files
with
297 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
# API | ||
|
||
The Thymis frontend communicates with the controller backend through a REST API. | ||
|
||
We provide a OpenAPI specification for the API, which can be found at the `/docs`/`/openapi.json` endpoint of the controller. |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
# Architecture | ||
|
||
The Thymis platform provides a scalable and secure solution for IoT device management using the power of declarative system configuration provided by NixOS. The architecture is divided into three main components: | ||
|
||
## Frontend/Dashboard (within User-Agent/Browser) | ||
|
||
The frontend of Thymis is built using **SvelteKit** and **TypeScript**, offering a responsive web-based interface for interacting with the platform. This user-friendly dashboard allows administrators to provision, configure, and monitor connected devices. | ||
|
||
The interface communicates with the backend controller using a REST API, allowing for actions like editing device states and triggering specific operations on the connected devices. | ||
|
||
## Thymis Controller | ||
|
||
The Thymis Controller is the core component of the platform, responsible for managing the devices and orchestrating the interactions between the frontend and the devices. | ||
|
||
The controller is implemented using **FastAPI** and **Python**, providing a REST API for the frontend to interact with. It also communicates with the devices using SSH, as well as facilitating communication with devices using the **Thymis Agent**. | ||
|
||
Within the controller, two stores of information are maintained: | ||
|
||
- **Repository**: Stores the device states as a JSON file (`state.json`), which is then converted into **NixOS configurations** by the Thymis Controller. The resulting configurations are stored alongside the `state.json` file. The repository is backed by a Git repository, allowing for versioning and history tracking of device configurations. | ||
- **Database**: Manages device metadata, including registered devices and their connection details. This enables the Thymis Controller to efficiently handle device interactions and status updates. | ||
|
||
## Device Layer | ||
|
||
Thymis supports the management of various devices, ranging from Raspberry Pi boards to larger servers. Each device can run specific applications defined by the user, ensuring flexibility in deployment. | ||
|
||
We provide an optional **Thymis Agent** that can be installed on devices to facilitate secure communication and configuration management. The agent registers devices with the controller and ensures that the devices are in a known state. | ||
|
||
Devices can run user-specified applications, such as Docker containers, or any other software that enhances the functionality and automation of the IoT setup. | ||
|
||
## Technologies in Use | ||
|
||
- **SvelteKit**: Frontend framework for creating a dynamic and reactive web interface. | ||
- **FastAPI**: Backend framework for managing device configurations and data. | ||
- **NixOS**: Declarative system configuration tool for ensuring consistency and stability in deployments. | ||
|
||
![Thymis Architecture Diagram](./architecture.jpg) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
# Development |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
# Extensions (Under Development) | ||
|
||
In the **External Repositories** section of the sidebar, you can add external repositories to the Repository managed by Thymis. | ||
|
||
<div class="warning"> | ||
The format of external repositories is still under active development, and we are working on improving the process of adding and managing external repositories in the Thymis controller. | ||
Extensions may need to be updated to reflect future changes in the format of external repositories. | ||
</div> | ||
|
||
We are handling external repositories using the **Nix Flake** system. This allows you to add repositories from various sources, such as GitHub, GitLab, or any other Git repository. | ||
|
||
If a repository is added to the Thymis controller, and contains the string "contains thymis modules" in the `README.md` file, the Thymis controller will automatically detect the repository as a Thymis module repository. | ||
|
||
It will be added to the `PYTHONPATH` of the Thymis controller, and the modules will be available for use in the Thymis controller. | ||
|
||
The current format of an external repository is as follows: | ||
|
||
``` | ||
. | ||
├── README.md | ||
├── pyproject.toml # Optional | ||
├── poetry.lock # Optional | ||
├── flake.nix | ||
└── python_module_name | ||
├── __init__.py | ||
└── modules.py | ||
``` | ||
|
||
The `pyproject.toml` and `poetry.lock` files are optional and can be used to manage dependencies for the module during development. | ||
|
||
The `modules.py` file should contain subclasses of `thymis_controller.modules.Module` that define the module's functionality. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
# Usage | ||
|
||
Before diving into specific features, make sure that your Thymis setup is up and running. If you haven’t already, please refer to the [Getting Started guide](getting_started.md) to set up the Thymis environment and install necessary dependencies. | ||
|
||
## Scenarios | ||
|
||
### 1. Provisioning a New Device | ||
Provisioning devices is at the core of Thymis. This involves creating a disk or SD card image with your desired NixOS configuration and deploying it to your target devices. Detailed steps can be found in the [Provisioning a new device](usage/provisioning.md) section. | ||
|
||
### 2. Adding an Existing NixOS Device | ||
If you already have a NixOS device that you want to manage with Thymis, you can easily add it to the Thymis controller. This allows you to monitor and update the device configuration remotely. Learn how to add an existing device in the [Adding an existing NixOS device](usage/existing_device.md) guide. | ||
|
||
### 3. System Configuration | ||
Thymis leverages NixOS’s declarative configuration, making it easy to manage and update device settings consistently. Learn more about setting up and modifying your device configurations in the [System Configuration](usage/system_configuration.md) guide. | ||
|
||
### 4. Terminal Usage | ||
For more advanced control, you can directly interact with your devices via the terminal interface. This section provides instructions on how to access your devices remotely, execute commands, and troubleshoot issues using terminal commands. More details are available in the [Terminal Usage](usage/terminal.md) guide. | ||
|
||
### 5. VNC Usage | ||
Thymis supports remote graphical access to your devices using VNC. This feature is useful when you need to interact with a device’s GUI remotely. The [VNC Usage](usage/vnc.md) section explains how to set up and use VNC for your devices. | ||
|
||
## Tips for Effective Use | ||
|
||
- **Regular Updates**: Regularly check for updates to Thymis and its modules to ensure that your deployments benefit from the latest features and security patches. | ||
- **Device Grouping**: Use the device tagging feature to group similar devices, which makes managing large fleets of devices more straightforward. | ||
|
||
## Additional Resources | ||
|
||
- **Extensions (Under Development)**: If you're interested in expanding Thymis’s capabilities, head to the [Extensions](extensions.md) section to learn how to create and integrate custom extensions. | ||
- **API Documentation**: For developers looking to interact with Thymis programmatically, the [API](api.md) page provides detailed information on available endpoints and how to use them. |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
# Adding an existing NixOS device | ||
|
||
If you already have a NixOS device that you want to manage with Thymis, you can easily add it to the Thymis controller. This allows you to monitor and update the device configuration remotely. | ||
|
||
## Prerequisites | ||
|
||
Before adding an existing device to Thymis, make sure that you have the following: | ||
|
||
- A running Thymis controller | ||
- SSH access to the device you want to add | ||
- The device's IP address or hostname | ||
|
||
## Steps to Add an Existing Device | ||
|
||
To add an existing NixOS device to Thymis, follow these steps: | ||
|
||
### Step 1: Access the Thymis Dashboard | ||
|
||
1. Open your web browser and navigate to the Thymis dashboard. | ||
2. Log in with your credentials. | ||
|
||
![Thymis Login-Screen](thymis-login-screen.png) | ||
|
||
### Step 2: Add a New Device | ||
|
||
1. Click on the **Devices** tab in the sidebar. | ||
2. Select **Create New Device**. | ||
3. Fill in the required details, such as the device name, hardware model, as well as tags to associate with the device. | ||
|
||
![Thymis create device screen](thymis-create-device.png) | ||
|
||
### Step 3: Configure your device to accept connections from the Thymis controller | ||
|
||
The Thymis controller has a deployment key that allows it to connect to devices and deploy configurations. In most configurations the public key should be in `/var/lib/thymis/id_thymis.pub`. | ||
|
||
Access this file and add the public key to the device's root user's `authorized_keys`. | ||
On NixOS, this option can be added to the `configuration.nix` file: | ||
|
||
```nix | ||
{ | ||
users.users.root.openssh.authorizedKeys.keys = [ | ||
"ssh-ed25519 ... thymis-controller" | ||
] | ||
} | ||
``` | ||
|
||
Deploy the new configuration to the device. | ||
|
||
### Step 4: Add the device to Thymis | ||
|
||
1. In the **Devices** tab, select **View Details** for the device you just created. | ||
2. Select **Set Hostkey** and enter the device's IP address or hostname. | ||
3. Click **Scan For Public Key** to retrieve and save the device's public key. | ||
4. Click **Create** to associate the device with the Thymis controller. | ||
|
||
![Edit Hostkey](edit-hostkey.png) | ||
|
||
### Step 5: Deploy Thymis-managed configuration to the device | ||
|
||
1. Click on **Deploy** to push the Thymis-managed configuration to the device. | ||
2. The device will now be managed by Thymis and can be updated remotely. | ||
|
||
Congratulations! You have successfully added an existing NixOS device to Thymis. You can now manage and update the device configuration from the Thymis dashboard. |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
# Provisioning a New Device | ||
|
||
Provisioning a new device with Thymis involves creating a fully-configured disk or SD card image for your NixOS system. This process ensures that each device boots up with the exact configuration specified, making deployments quick and consistent. | ||
|
||
## Step 1: Access the Thymis Dashboard | ||
1. Open your web browser and navigate to the Thymis dashboard. | ||
2. Log in with your credentials. | ||
|
||
![Thymis Login-Screen](thymis-login-screen.png) | ||
|
||
## Step 2: Create a New Device Profile! | ||
1. Click on the **Devices** tab in the sidebar. | ||
2. Select **Create New Device**. | ||
3. Fill in the required details, such as the device name, hardware model, as well as tags to associate with the device. | ||
|
||
![Thymis create device screen](thymis-create-device.png) | ||
|
||
## Step 3: Configure the Device Settings | ||
1. In the **Devices** tab, select **View Details** for the device you just created. | ||
2. Click on **Core Device Configuration** to access the device configuration interface. | ||
3. Use the graphical interface to set up the NixOS modules and services you want to include in your device's image. | ||
4. Save the configuration when done. | ||
|
||
![Device configuration interface](device-configuration.png) | ||
|
||
## Step 4: Generate the Disk/SD Card Image | ||
1. Once your device settings are configured, navigate back to the device details page. | ||
2. Click on **Download Replacement Image** to generate the disk or SD card image for your device. | ||
3. A task is created to generate the image. Wait for the task to complete. | ||
3. Download the generated image to your local machine. | ||
|
||
![Generate image screenshot](generate-image.png) | ||
|
||
## Step 5: Deploy the Image to Your Device | ||
1. Use a tool like [**USBImager**](https://bztsrc.gitlab.io/usbimager/) or **dd** to write the downloaded image onto your target disk or SD card. | ||
2. Insert the disk or SD card into your device and power it on. | ||
|
||
![Image flashing with USBImager](flashing-image.png) | ||
|
||
## Step 6: Insert the Disk/SD Card into Your Device and Power On | ||
1. Insert the disk or SD card into your device. | ||
2. Power on the device and wait for it to boot up. | ||
3. The device should now be running with the configuration you specified. | ||
|
||
Congratulations! You have successfully provisioned a new device with Thymis. For more information on managing your devices and configurations, refer to the [System Configuration](system_configuration.md) guide. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# System Configuration | ||
|
||
![Configuration](device-configuration.png) | ||
|
||
In the configuration interface, you can set up NixOS modules and services to include in your device's configuration. | ||
|
||
## Adding Modules | ||
|
||
To add a module to your device's configuration, click on the **Plus** icon below your device's modules list. This will open a dialog where you can search for the module you want to add. | ||
|
||
![Add Module](add-module.png) | ||
|
||
If you want to include custom NixOS module code, use the **Custom Module** option. | ||
This will add a new module to your device's configuration, where you can paste your custom NixOS module code. | ||
|
||
![Custom Module](custom-module.png) | ||
|
||
## Configuring Modules | ||
|
||
To configure a module, click on the module's name in the list. | ||
In the middle pane, you can set the module's options and parameters. | ||
Notice that un-configured options are marked with a pencil icon on the right side of the option. | ||
Filled-in options are marked with an X icon, which you can click to remove the options content. |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
# Terminal Usage | ||
|
||
There are two ways to interact with your devices via the terminal: | ||
|
||
1. Terminal tab in the Sidebar | ||
2. Device Details page | ||
|
||
## Terminal Tab | ||
|
||
1. Select your device in the sidebar. | ||
2. Click on the **Terminal** tab in the sidebar. | ||
|
||
![Terminal Tab](terminal-tab.png) | ||
|
||
You will be presented with a terminal interface to interact with your device. | ||
|
||
## Device Details Page | ||
|
||
1. Select your device in the sidebar. | ||
2. Click on the **Details** sidebar tab. | ||
|
||
On the device details page, a small terminal interface is available at the bottom of the page. | ||
|
||
![Device Details Terminal](device-details-terminal.png) |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
# VNC Usage | ||
|
||
The built-in Kiosk module provides a VNC server that allows you to view and interact with the device's screen. | ||
|
||
When you enable the VNC server within the Kiosk module, the device will start a VNC server that you can connect to using a VNC client. | ||
|
||
There are two places where you can interact with the device's screen: | ||
|
||
## 1. VNC tab in the Sidebar | ||
|
||
1. Select your device or tag in the sidebar. | ||
2. Click on the **VNC** tab in the sidebar. | ||
|
||
![VNC Tab](vnc-tab.png) | ||
|
||
You will be presented with a VNC interface to interact with your device or all devices with the selected tag. | ||
|
||
## 2. Device Details Page | ||
|
||
1. Select your device in the sidebar. | ||
2. Click on the **Details** sidebar tab. | ||
|
||
On the device details page, a VNC interface is available at the bottom of the page. | ||
|
||
![Device Details VNC](device-details-terminal.png) |