Expand description
Operator subcommands of the nixfleet umbrella binary. Each module
exposes a pub struct Args (derived from clap::Args, not Parser) and a
pub fn run(args: Args) -> Result<()> handler.
Modulesยง
- derive_
pubkey - Operator helper: ed25519 private key file -> base64 public key.
- mint_
operator_ cert - Operator-side helper: mints a clientAuth-EKU X.509 cert from the offline fleet root CA. Pure offline crypto, no network access.
- mint_
token - Operator-side bootstrap-token minter. Signs a
TokenClaimsblock with the org root key, derives the host fingerprint from either fleet.resolved or a flag override.