🔒 Safeguard CLI

A secure file and credential management CLI tool with collections and tags for organization.

Features

• 🔐 Secure File Management: Upload, download, and manage encrypted files
• 🗂️ Collections: Organize files and credentials in hierarchical collections
• 🏷️ Tags: Cross-cutting organization with auto-created tags
• 🔑 Credential Storage: Secure credential management with encryption
• 🔍 Advanced Search: Find files and credentials by collections, tags, or content
• 🌈 Rich CLI: Colored output, progress bars, and intuitive commands
• 🔗 API Integration: Works with Secret File Server API

Installation

Using Cargo (Recommended)

cargo install safeguard

Download Binary

Download pre-built binaries from GitHub Releases:

# macOS/Linux one-liner
curl -sSL https://raw.githubusercontent.com/yourusername/secret-file-server/main/install.sh | bash

Manual Download

• Linux x86_64: safeguard-linux-x86_64
• macOS Intel: safeguard-macos-x86_64
• macOS Apple Silicon: safeguard-macos-aarch64
• Windows: safeguard-windows-x86_64.exe

Quick Start

# Configure server
safeguard config set server http://api.example.com

# Upload a file with organization
safeguard file upload document.pdf --collection "Important Docs" --tags "work,2024"

# List files with filtering
safeguard files --collection "Important Docs" --tags "work"

# Create and manage credentials
safeguard creds create db-password --collection "Production" --tags "database,critical"

# Search across everything
safeguard search "database" --collections "Production" --tags "critical"

Commands

File Management

safeguard upload <file>              # Upload file
safeguard download <file-id>         # Download file
safeguard files                      # List files
safeguard files --collection "Docs"  # Filter by collection
safeguard files --tags "work,urgent" # Filter by tags

Collections (Hierarchical Organization)

safeguard collection create "AWS Production"
safeguard collection list --tree
safeguard collection show <collection-id>
safeguard collection delete <collection-id>

Tags (Cross-cutting Organization)

safeguard tag list --with-counts
safeguard tag set-color "urgent" "#ff0000"
safeguard tag delete "old-tag"

Credentials

safeguard creds create <name>           # Create credential
safeguard creds list                    # List credentials
safeguard creds get <cred-id>          # Get credential details
safeguard creds reveal <cred-id>       # Reveal credential value
safeguard creds delete <cred-id>       # Delete credential

Organization

safeguard organize file <file-id> --collection "New Collection" --add-tags "new-tag"
safeguard organize cred <cred-id> --tags "tag1,tag2"  # Replace all tags

Search

safeguard search "query" --collections "Prod,Dev" --tags "urgent"
safeguard search --tags "database" --created-after "2024-01-01"

Configuration

The CLI stores configuration in:

• Linux: ~/.config/safeguard/config.toml
• macOS: ~/Library/Application Support/safeguard/config.toml
• Windows: %APPDATA%/safeguard/config.toml

Example configuration:

[server]
url = "https://api.safeguard.example.com"
api_key = "your-api-key"

[client]
no_color = false
output_format = "table"  # table, json, yaml

Environment Variables

• LOCKSMITH_SERVER_URL: Override server URL
• LOCKSMITH_API_KEY: Override API key
• NO_COLOR: Disable colored output

Key Features

Collections (Explicit Creation)

Collections must be created explicitly and support hierarchical nesting:

safeguard collection create "Company Docs"
safeguard collection create "HR Docs" --parent "Company Docs"

Tags (Auto-Creation)

Tags are automatically created when referenced:

# These tags are created automatically if they don't exist
safeguard upload file.pdf --tags "confidential,2024,quarterly-report"

Smart Organization

• Collections: Hierarchical structure for logical grouping
• Tags: Flexible cross-cutting categorization
• Search: Advanced filtering by multiple dimensions
• Breadcrumbs: Clear navigation paths

Security

• End-to-end encryption for files and credentials
• Secure credential storage using system keychain
• API key authentication with automatic refresh
• No sensitive data stored in plain text

Development

# Clone repository
git clone https://github.com/yourusername/secret-file-server.git
cd secret-file-server/client

# Run from source
cargo run -- --help

# Run tests
cargo test

# Build release
cargo build --release

Examples

Complete File Organization Workflow

# Create hierarchical collections
safeguard collection create "Projects"
safeguard collection create "Project Alpha" --parent "Projects"

# Upload file with full organization
safeguard upload presentation.pptx \
  --collection "Project Alpha" \
  --tags "presentation,q4,client-facing"

# Find files across multiple dimensions
safeguard search "alpha" --collections "Projects" --tags "q4"

Credential Management

# Store database credentials
safeguard creds create prod-db \
  --collection "Production" \
  --tags "database,postgresql,critical"

# Organized credential listing
safeguard creds list --collection "Production" --tags "critical"

# Secure credential reveal
safeguard creds reveal prod-db  # Prompts for confirmation

License

This project is licensed under the MIT License - see the LICENSE file for details.

Contributing

Contributions are welcome! Please see CONTRIBUTING.md for guidelines.

Support

• 📖 Documentation
• 🐛 Issue Tracker
• 💬 Discussions