From a705e5e7837c1d3e05b8799f6d73dac863b65d87 Mon Sep 17 00:00:00 2001 From: Greg Parris Date: Sat, 25 Mar 2017 12:51:12 -0500 Subject: [PATCH 01/74] Typo corrections and tweaks to commands' help info * Normalize "X arguments expected" messages * Use "Vault" when referring to the product and "vault" when referring to an instance of the product * Various minor tweaks to improve readability and/or provide clarity --- command/audit_disable.go | 8 ++++---- command/auth.go | 4 ++-- command/auth_disable.go | 4 ++-- command/auth_enable.go | 2 +- command/generate-root.go | 6 +++--- command/init.go | 8 ++++---- command/list.go | 2 +- command/mount.go | 4 ++-- command/mount_tune.go | 2 +- command/path_help.go | 4 ++-- command/rekey.go | 6 +++--- command/remount.go | 6 +++--- command/renew.go | 2 +- command/revoke.go | 2 +- command/seal.go | 6 +++--- command/server.go | 8 ++++---- command/ssh.go | 10 +++++----- command/token_create.go | 6 +++--- command/token_revoke.go | 2 +- command/unmount.go | 2 +- command/unseal.go | 4 ++-- command/unwrap.go | 2 +- 22 files changed, 50 insertions(+), 50 deletions(-) diff --git a/command/audit_disable.go b/command/audit_disable.go index 1d2dd91358..31c4457287 100644 --- a/command/audit_disable.go +++ b/command/audit_disable.go @@ -58,12 +58,12 @@ Usage: vault audit-disable [options] id Disable an audit backend. - Once the audit backend is disabled, no more audit logs will be sent to + Once the audit backend is disabled no more audit logs will be sent to it. The data associated with the audit backend isn't affected. - The "id" parameter should map to the id used with "audit-enable". If - no specific ID was specified, then it is the name of the backend (the - type of the backend). + The "id" parameter should map to the "path" used in "audit-enable". If + no path was provided to "audit-enable" you should use the backend + type (e.g. "file"). General Options: ` + meta.GeneralOptionsUsage() diff --git a/command/auth.go b/command/auth.go index 6ea2a0fe9c..2af8780f6c 100644 --- a/command/auth.go +++ b/command/auth.go @@ -312,7 +312,7 @@ func (c *AuthCommand) Help() string { helpText := ` Usage: vault auth [options] [auth-information] - Authenticate with Vault with the given token or via any supported + Authenticate with Vault using the given token or via any supported authentication backend. By default, the -method is assumed to be token. If not supplied via the @@ -399,7 +399,7 @@ func (h *tokenAuthHandler) Help() string { help := ` No method selected with the "-method" flag, so the "auth" command assumes you'll be using raw token authentication. For this, specify the token to -authenticate as as the parameter to "vault auth". Example: +authenticate as the parameter to "vault auth". Example: vault auth 123456 diff --git a/command/auth_disable.go b/command/auth_disable.go index 63ab21cbfb..621ce5907c 100644 --- a/command/auth_disable.go +++ b/command/auth_disable.go @@ -58,10 +58,10 @@ Usage: vault auth-disable [options] path Disable an already-enabled auth provider. - Once the auth provider is disabled, that path cannot be used anymore + Once the auth provider is disabled its path can no longer be used to authenticate. All access tokens generated via the disabled auth provider will be revoked. This command will block until all tokens are revoked. - If the command is exited early, the tokens will still be revoked. + If the command is exited early the tokens will still be revoked. General Options: ` + meta.GeneralOptionsUsage() diff --git a/command/auth_enable.go b/command/auth_enable.go index c7b8422ed3..81c7cce215 100644 --- a/command/auth_enable.go +++ b/command/auth_enable.go @@ -82,7 +82,7 @@ General Options: ` + meta.GeneralOptionsUsage() + ` Auth Enable Options: - -description= Human-friendly description of the purpose for the + -description= Human-friendly description of the purpose of the auth provider. This shows up in the auth -methods command. -path= Mount point for the auth provider. This defaults diff --git a/command/generate-root.go b/command/generate-root.go index 07c550096a..f01329426d 100644 --- a/command/generate-root.go +++ b/command/generate-root.go @@ -295,12 +295,12 @@ Usage: vault generate-root [options] [key] 'generate-root' is used to create a new root token. - Root generation can only be done when the Vault is already unsealed. The + Root generation can only be done when the vault is already unsealed. The operation is done online, but requires that a threshold of the current unseal keys be provided. - One (and only one) of the following must be provided at attempt - initialization time: + One (and only one) of the following must be provided when initializing the + root generation attempt: 1) A 16-byte, base64-encoded One Time Password (OTP) provided in the '-otp' flag; the token is XOR'd with this value before it is returned once the final diff --git a/command/init.go b/command/init.go index 4ed9e67879..4c638dc6eb 100644 --- a/command/init.go +++ b/command/init.go @@ -245,11 +245,11 @@ func (c *InitCommand) runInit(check bool, initRequest *api.InitRequest) int { c.Ui.Output(fmt.Sprintf( "\n"+ "Vault initialized with %d keys and a key threshold of %d. Please\n"+ - "securely distribute the above keys. When the Vault is re-sealed,\n"+ + "securely distribute the above keys. When the vault is re-sealed,\n"+ "restarted, or stopped, you must provide at least %d of these keys\n"+ "to unseal it again.\n\n"+ "Vault does not store the master key. Without at least %d keys,\n"+ - "your Vault will remain permanently sealed.", + "your vault will remain permanently sealed.", initRequest.SecretShares, initRequest.SecretThreshold, initRequest.SecretThreshold, @@ -301,10 +301,10 @@ Usage: vault init [options] Initialize a new Vault server. This command connects to a Vault server and initializes it for the - first time. This sets up the initial set of master keys and sets up the + first time. This sets up the initial set of master keys and the backend data store structure. - This command can't be called on an already-initialized Vault. + This command can't be called on an already-initialized Vault server. General Options: ` + meta.GeneralOptionsUsage() + ` diff --git a/command/list.go b/command/list.go index f3ddebdc9d..71bf388c90 100644 --- a/command/list.go +++ b/command/list.go @@ -28,7 +28,7 @@ func (c *ListCommand) Run(args []string) int { args = flags.Args() if len(args) != 1 || len(args[0]) == 0 { - c.Ui.Error("read expects one argument") + c.Ui.Error("list expects one argument") flags.Usage() return 1 } diff --git a/command/mount.go b/command/mount.go index e6267233f4..eb2b53a671 100644 --- a/command/mount.go +++ b/command/mount.go @@ -32,7 +32,7 @@ func (c *MountCommand) Run(args []string) int { if len(args) != 1 { flags.Usage() c.Ui.Error(fmt.Sprintf( - "\nMount expects one argument: the type to mount.")) + "\nmount expects one argument: the type to mount.")) return 1 } @@ -95,7 +95,7 @@ Mount Options: the mount. This shows up in the mounts command. -path= Mount point for the logical backend. This - defauls to the type of the mount. + defaults to the type of the mount. -default-lease-ttl= Default lease time-to-live for this backend. If not specified, uses the global default, or diff --git a/command/mount_tune.go b/command/mount_tune.go index c90fa781b2..e1efdd241d 100644 --- a/command/mount_tune.go +++ b/command/mount_tune.go @@ -28,7 +28,7 @@ func (c *MountTuneCommand) Run(args []string) int { if len(args) != 1 { flags.Usage() c.Ui.Error(fmt.Sprintf( - "\n'mount-tune' expects one arguments: the mount path")) + "\nmount-tune expects one arguments: the mount path")) return 1 } diff --git a/command/path_help.go b/command/path_help.go index 27d1313c5f..6eed9607d8 100644 --- a/command/path_help.go +++ b/command/path_help.go @@ -40,7 +40,7 @@ func (c *PathHelpCommand) Run(args []string) int { if strings.Contains(err.Error(), "Vault is sealed") { c.Ui.Error(`Error: Vault is sealed. -The path-help command requires the Vault to be unsealed so that +The path-help command requires the vault to be unsealed so that mount points of secret backends are known.`) } else { c.Ui.Error(fmt.Sprintf( @@ -67,7 +67,7 @@ Usage: vault path-help [options] path providers provide built-in help. This command looks up and outputs that help. - The command requires that the Vault be unsealed, because otherwise + The command requires that the vault be unsealed, because otherwise the mount points of the backends are unknown. General Options: diff --git a/command/rekey.go b/command/rekey.go index 90f4596f8c..16022be725 100644 --- a/command/rekey.go +++ b/command/rekey.go @@ -194,11 +194,11 @@ func (c *RekeyCommand) Run(args []string) int { c.Ui.Output(fmt.Sprintf( "\n"+ "Vault rekeyed with %d keys and a key threshold of %d. Please\n"+ - "securely distribute the above keys. When the Vault is re-sealed,\n"+ + "securely distribute the above keys. When the vault is re-sealed,\n"+ "restarted, or stopped, you must provide at least %d of these keys\n"+ "to unseal it again.\n\n"+ "Vault does not store the master key. Without at least %d keys,\n"+ - "your Vault will remain permanently sealed.", + "your vault will remain permanently sealed.", shares, threshold, threshold, @@ -361,7 +361,7 @@ Usage: vault rekey [options] [key] a new set of unseal keys or to change the number of shares and the required threshold. - Rekey can only be done when the Vault is already unsealed. The operation + Rekey can only be done when the vault is already unsealed. The operation is done online, but requires that a threshold of the current unseal keys be provided. diff --git a/command/remount.go b/command/remount.go index 47d591beea..649c47b0f2 100644 --- a/command/remount.go +++ b/command/remount.go @@ -24,7 +24,7 @@ func (c *RemountCommand) Run(args []string) int { if len(args) != 2 { flags.Usage() c.Ui.Error(fmt.Sprintf( - "\nRemount expects two arguments: the from and to path")) + "\nremount expects two arguments: the from and to path")) return 1 } @@ -62,8 +62,8 @@ Usage: vault remount [options] from to This command remounts a secret backend that is already mounted to a new path. All the secrets from the old path will be revoked, but - the Vault data associated with the backend will be preserved (such - as configuration data). + the Vault data associated with the backend (such as configuration) + will be preserved. Example: vault remount secret/ generic/ diff --git a/command/renew.go b/command/renew.go index 37b97943ae..6a3eafe52a 100644 --- a/command/renew.go +++ b/command/renew.go @@ -26,7 +26,7 @@ func (c *RenewCommand) Run(args []string) int { if len(args) < 1 || len(args) >= 3 { flags.Usage() c.Ui.Error(fmt.Sprintf( - "\nRenew expects at least one argument: the lease ID to renew")) + "\nrenew expects at least one argument: the lease ID to renew")) return 1 } diff --git a/command/revoke.go b/command/revoke.go index f5730d6b46..50933ada42 100644 --- a/command/revoke.go +++ b/command/revoke.go @@ -26,7 +26,7 @@ func (c *RevokeCommand) Run(args []string) int { if len(args) != 1 { flags.Usage() c.Ui.Error(fmt.Sprintf( - "\nRevoke expects one argument: the ID to revoke")) + "\nrevoke expects one argument: the ID to revoke")) return 1 } leaseId := args[0] diff --git a/command/seal.go b/command/seal.go index 10d69a0d73..033c164587 100644 --- a/command/seal.go +++ b/command/seal.go @@ -36,7 +36,7 @@ func (c *SealCommand) Run(args []string) int { } func (c *SealCommand) Synopsis() string { - return "Seals the vault server" + return "Seals the Vault server" } func (c *SealCommand) Help() string { @@ -47,8 +47,8 @@ Usage: vault seal [options] Sealing a vault tells the Vault server to stop responding to any access operations until it is unsealed again. A sealed vault throws away - its master key to unlock the data, so it physically is blocked from - responding to operations again until the Vault is unsealed again with + its master key to unlock the data, so it is physically blocked from + responding to operations again until the vault is unsealed with the "unseal" command or via the API. This command is idempotent, if the vault is already sealed it does nothing. diff --git a/command/server.go b/command/server.go index 6687b6b3be..3744a3637d 100644 --- a/command/server.go +++ b/command/server.go @@ -564,12 +564,12 @@ CLUSTER_SYNTHESIS_COMPLETE: core.SetClusterListenerAddrs(clusterAddrs) core.SetClusterSetupFuncs(vault.WrapHandlerForClustering(handler, c.logger)) - // If we're in dev mode, then initialize the core + // If we're in Dev mode, then initialize the core if dev { init, err := c.enableDev(core, devRootTokenID) if err != nil { c.Ui.Output(fmt.Sprintf( - "Error initializing dev mode: %s", err)) + "Error initializing Dev mode: %s", err)) return 1 } @@ -675,7 +675,7 @@ func (c *ServerCommand) enableDev(core *vault.Core, rootTokenID string) (*vault. return nil, err } if !unsealed { - return nil, fmt.Errorf("failed to unseal Vault for dev mode") + return nil, fmt.Errorf("failed to unseal Vault for Dev mode") } isLeader, _, err := core.Leader() @@ -974,7 +974,7 @@ Usage: vault server [options] with "vault unseal" or the API before this server can respond to requests. This must be done for every server. - If the server is being started against a storage backend that has + If the server is being started against a storage backend that is brand new (no existing Vault data in it), it must be initialized with "vault init" or the API first. diff --git a/command/ssh.go b/command/ssh.go index e27bdaf187..53ba653c38 100644 --- a/command/ssh.go +++ b/command/ssh.go @@ -278,15 +278,15 @@ func (c *SSHCommand) Help() string { helpText := ` Usage: vault ssh [options] username@ip - Establishes an SSH connection with the target machine. + Establishes a SSH connection with the target machine. - This command generates a key and uses it to establish an SSH + This command generates a key and uses it to establish a SSH connection with the target machine. This operation requires - that SSH backend is mounted and at least one 'role' be registed - with vault at priori. + that the SSH backend is mounted and at least one 'role' is + registered with Vault beforehand. For setting up SSH backends with one-time-passwords, installation - of agent in target machines is required. + of vault-ssh-helper on target machines is required. See [https://github.com/hashicorp/vault-ssh-agent] General Options: diff --git a/command/token_create.go b/command/token_create.go index 4c17b83718..f8d8c59265 100644 --- a/command/token_create.go +++ b/command/token_create.go @@ -120,7 +120,7 @@ General Options: Token Options: -id="7699125c-d8...." The token value that clients will use to authenticate - with vault. If not provided this defaults to a 36 + with Vault. If not provided this defaults to a 36 character UUID. A root token is required to specify the ID of a token. @@ -151,8 +151,8 @@ Token Options: up in the audit log. This can be specified multiple times. - -orphan If specified, the token will have no parent. Only - This prevents the new token from being revoked with + -orphan If specified, the token will have no parent. This + prevents the new token from being revoked with your token. Requires a root/sudo token to use. -no-default-policy If specified, the token will not have the "default" diff --git a/command/token_revoke.go b/command/token_revoke.go index de3252ce41..a308e63421 100644 --- a/command/token_revoke.go +++ b/command/token_revoke.go @@ -99,7 +99,7 @@ Usage: vault token-revoke [options] [token|accessor] Token can be revoked using the token accessor. This can be done by setting the '-accessor' flag. Note that when '-accessor' flag is set, '-mode' should not be set for 'orphan' or 'path'. This is because, - a token accessor always revokes the token along with it's child tokens. + a token accessor always revokes the token along with its child tokens. General Options: ` + meta.GeneralOptionsUsage() + ` diff --git a/command/unmount.go b/command/unmount.go index bf2f7d9d3e..b04e532a39 100644 --- a/command/unmount.go +++ b/command/unmount.go @@ -23,7 +23,7 @@ func (c *UnmountCommand) Run(args []string) int { if len(args) != 1 { flags.Usage() c.Ui.Error(fmt.Sprintf( - "\nUnmount expects one argument: the path to unmount")) + "\nunmount expects one argument: the path to unmount")) return 1 } diff --git a/command/unseal.go b/command/unseal.go index 722d6b0005..2dfb9476de 100644 --- a/command/unseal.go +++ b/command/unseal.go @@ -97,7 +97,7 @@ func (c *UnsealCommand) Run(args []string) int { } func (c *UnsealCommand) Synopsis() string { - return "Unseals the vault server" + return "Unseals the Vault server" } func (c *UnsealCommand) Help() string { @@ -105,7 +105,7 @@ func (c *UnsealCommand) Help() string { Usage: vault unseal [options] [key] Unseal the vault by entering a portion of the master key. Once all - portions are entered, the Vault will be unsealed. + portions are entered, the vault will be unsealed. Every Vault server initially starts as sealed. It cannot perform any operation except unsealing until it is sealed. Secrets cannot be accessed diff --git a/command/unwrap.go b/command/unwrap.go index 5194028be8..5a21920eb5 100644 --- a/command/unwrap.go +++ b/command/unwrap.go @@ -37,7 +37,7 @@ func (c *UnwrapCommand) Run(args []string) int { case 1: tokenID = args[0] default: - c.Ui.Error("Unwrap expects zero or one argument (the ID of the wrapping token)") + c.Ui.Error("unwrap expects zero or one argument (the ID of the wrapping token)") flags.Usage() return 1 } From 158cce6cca7268e762e842d0d5fdd28651852484 Mon Sep 17 00:00:00 2001 From: Vishal Nayak Date: Wed, 29 Mar 2017 10:27:27 -0700 Subject: [PATCH 02/74] s3: use pooled transport for http client (#2481) --- physical/s3.go | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/physical/s3.go b/physical/s3.go index 088ddb8dea..8271be76d5 100644 --- a/physical/s3.go +++ b/physical/s3.go @@ -4,6 +4,7 @@ import ( "bytes" "fmt" "io" + "net/http" "os" "sort" "strconv" @@ -18,15 +19,17 @@ import ( "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/s3" "github.com/hashicorp/errwrap" + cleanhttp "github.com/hashicorp/go-cleanhttp" "github.com/hashicorp/vault/helper/awsutil" + "github.com/hashicorp/vault/helper/consts" ) // S3Backend is a physical backend that stores data // within an S3 bucket. type S3Backend struct { - bucket string - client *s3.S3 - logger log.Logger + bucket string + client *s3.S3 + logger log.Logger permitPool *PermitPool } @@ -77,10 +80,16 @@ func newS3Backend(conf map[string]string, logger log.Logger) (Backend, error) { return nil, err } + pooledTransport := cleanhttp.DefaultPooledTransport() + pooledTransport.MaxIdleConnsPerHost = consts.ExpirationRestoreWorkerCount + s3conn := s3.New(session.New(&aws.Config{ Credentials: creds, - Endpoint: aws.String(endpoint), - Region: aws.String(region), + HTTPClient: &http.Client{ + Transport: pooledTransport, + }, + Endpoint: aws.String(endpoint), + Region: aws.String(region), })) _, err = s3conn.HeadBucket(&s3.HeadBucketInput{Bucket: &bucket}) @@ -101,9 +110,9 @@ func newS3Backend(conf map[string]string, logger log.Logger) (Backend, error) { } s := &S3Backend{ - client: s3conn, - bucket: bucket, - logger: logger, + client: s3conn, + bucket: bucket, + logger: logger, permitPool: NewPermitPool(maxParInt), } return s, nil From da4fefd00e7143b699d77fc85b2ccfb74cfc4d8d Mon Sep 17 00:00:00 2001 From: vishalnayak Date: Wed, 29 Mar 2017 10:31:38 -0700 Subject: [PATCH 03/74] changelog++ --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 97a44ced44..37e4527b89 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ IMPROVEMENTS: * storage/s3: Support `max_parallel` option to limit concurrent outstanding requests [GH-2466] + * storage/s3: Use pooled transport for http client [GH-2481] BUG FIXES: From a7f7035b88c0759d11d62b306da930ac72ca37be Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Wed, 29 Mar 2017 19:04:39 -0400 Subject: [PATCH 04/74] Add new colored header styles --- website/Gemfile | 2 +- website/Gemfile.lock | 4 +- website/Makefile | 2 +- website/packer.json | 2 +- website/source/404.html.erb | 5 -- website/source/404.html.md | 14 ++++ website/source/assets/images/logo-text.svg | 43 ++--------- website/source/assets/images/logo.svg | 1 - .../source/assets/stylesheets/_buttons.scss | 77 +++++++------------ website/source/assets/stylesheets/_demo.scss | 2 +- .../source/assets/stylesheets/_downloads.scss | 22 +++--- .../source/assets/stylesheets/_global.scss | 2 +- .../source/assets/stylesheets/_header.scss | 33 ++++---- website/source/assets/stylesheets/_home.scss | 62 ++++++++++++++- website/source/assets/stylesheets/_logos.scss | 43 +++++++++++ .../source/assets/stylesheets/_variables.scss | 63 +++++++++------ .../assets/stylesheets/application.scss | 21 ++--- website/source/downloads.html.erb | 2 +- website/source/index.html.erb | 18 ++--- website/source/layouts/_sidebar.erb | 2 +- website/source/layouts/downloads.erb | 16 ++-- website/source/layouts/inner.erb | 16 ++-- website/source/layouts/layout.erb | 26 ++----- 23 files changed, 262 insertions(+), 216 deletions(-) delete mode 100644 website/source/404.html.erb create mode 100644 website/source/404.html.md delete mode 100644 website/source/assets/images/logo.svg create mode 100644 website/source/assets/stylesheets/_logos.scss diff --git a/website/Gemfile b/website/Gemfile index 24926e6fd1..405a8c9926 100644 --- a/website/Gemfile +++ b/website/Gemfile @@ -1,3 +1,3 @@ source "https://rubygems.org" -gem "middleman-hashicorp", "0.3.18" +gem "middleman-hashicorp", "0.3.22" diff --git a/website/Gemfile.lock b/website/Gemfile.lock index 502823760a..229218ac9f 100644 --- a/website/Gemfile.lock +++ b/website/Gemfile.lock @@ -77,7 +77,7 @@ GEM rack (>= 1.4.5, < 2.0) thor (>= 0.15.2, < 2.0) tilt (~> 1.4.1, < 2.0) - middleman-hashicorp (0.3.18) + middleman-hashicorp (0.3.22) bootstrap-sass (~> 3.3) builder (~> 3.2) middleman (~> 3.4) @@ -151,7 +151,7 @@ PLATFORMS ruby DEPENDENCIES - middleman-hashicorp (= 0.3.18) + middleman-hashicorp (= 0.3.22) BUNDLED WITH 1.14.6 diff --git a/website/Makefile b/website/Makefile index 0a80966c76..0e83eb946c 100644 --- a/website/Makefile +++ b/website/Makefile @@ -1,4 +1,4 @@ -VERSION?="0.3.18" +VERSION?="0.3.22" website: @echo "==> Starting website in Docker..." diff --git a/website/packer.json b/website/packer.json index ac5c88ad00..35de632323 100644 --- a/website/packer.json +++ b/website/packer.json @@ -8,7 +8,7 @@ "builders": [ { "type": "docker", - "image": "hashicorp/middleman-hashicorp:0.3.18", + "image": "hashicorp/middleman-hashicorp:0.3.22", "discard": "true", "run_command": ["-d", "-i", "-t", "{{ .Image }}", "/bin/sh"] } diff --git a/website/source/404.html.erb b/website/source/404.html.erb deleted file mode 100644 index e7dcdc5a2b..0000000000 --- a/website/source/404.html.erb +++ /dev/null @@ -1,5 +0,0 @@ ---- -noindex: true ---- - -

Page Not Found

diff --git a/website/source/404.html.md b/website/source/404.html.md new file mode 100644 index 0000000000..e99ce088b3 --- /dev/null +++ b/website/source/404.html.md @@ -0,0 +1,14 @@ +--- +layout: "inner" +page_title: "Not Found" +noindex: true +description: |- + Page not found! +--- + +# Page Not Found + +Sorry, the page you tried to visit does not exist. This could be our fault, +and if so we will fix that up right away. + +Please go back, or go back to get back on track. diff --git a/website/source/assets/images/logo-text.svg b/website/source/assets/images/logo-text.svg index 5f91693d24..9af5c45082 100644 --- a/website/source/assets/images/logo-text.svg +++ b/website/source/assets/images/logo-text.svg @@ -1,38 +1,7 @@ - - - HashiCorp Vault - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + diff --git a/website/source/assets/images/logo.svg b/website/source/assets/images/logo.svg deleted file mode 100644 index 040f7e21b5..0000000000 --- a/website/source/assets/images/logo.svg +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/website/source/assets/stylesheets/_buttons.scss b/website/source/assets/stylesheets/_buttons.scss index 787366280f..e1037e818b 100755 --- a/website/source/assets/stylesheets/_buttons.scss +++ b/website/source/assets/stylesheets/_buttons.scss @@ -1,60 +1,37 @@ -.v-btn { - box-shadow: 2px 3px 2px rgba(0,0,0,0.08); +.button { + background: $button-background; + border: 1px solid $button-font-color; + box-shadow: 3px 4px 0 rgba(0,0,0,0.1); + color: $button-font-color; display: inline-block; - background-color: $white; - color: $black; - border: 1px solid $black; + font-family: $button-font-family; + font-size: $button-font-size; + font-weight: $button-font-weight; + letter-spacing: 1px; + margin-bottom: 4px; + padding: 10px 30px; + text-transform: uppercase; text-decoration: none; - @include transition(color .3s ease-in-out); - &.lrg { - font-size: 18px; - padding: 10px 50px; - } - - &.sml { - font-size: 15px; - line-height: 1; - padding: 8px 30px; - } - - &.blue { - color: $blue; - border: 1px solid $blue; - } - - &.gray { - font-weight: 300; - color: $gray; - border: 1px solid $light-gray; - } - - &.terminal { - padding-left: 52px; - padding-right: 30px; - margin-left: 12px; - background: image-url('icon-terminal.png') 16px center no-repeat; - @include img-retina("icon-terminal.png", "icon-terminal@2x.png", 26px, 25px); - } - - &.started { - margin-bottom: 12px; - } - - &:hover, &:active, &:focus { + &:hover, + &:active, + &:focus { text-decoration: none; - @include transition(color .3s ease-in-out); + } - &.blue { - color: darken($blue, 8%); - } + &:hover { + background: $button-font-color; + border: 1px solid $button-font-color; + color: $button-background; + } - &.black { - color: lighten($black, 50%); - } + &.primary { + background: $button-primary-background; + border: 1px solid darken($button-primary-background, 5%); + color: $button-primary-font-color; - &.gray { - color: $black; + &:hover { + background: lighten($button-primary-background, 5%); } } } diff --git a/website/source/assets/stylesheets/_demo.scss b/website/source/assets/stylesheets/_demo.scss index 966caf0abc..f68280fd33 100644 --- a/website/source/assets/stylesheets/_demo.scss +++ b/website/source/assets/stylesheets/_demo.scss @@ -45,7 +45,7 @@ max-width: 800px; min-width: 400px; margin: 0 auto; - background-color: darken($blue, 28%); + background-color: darken($vault-blue, 28%); code { background: none; diff --git a/website/source/assets/stylesheets/_downloads.scss b/website/source/assets/stylesheets/_downloads.scss index 155c448059..97a4dfc66b 100644 --- a/website/source/assets/stylesheets/_downloads.scss +++ b/website/source/assets/stylesheets/_downloads.scss @@ -8,21 +8,22 @@ body.layout-downloads { } .download { + align-items: center; border-bottom: 1px solid #b2b2b2; - padding-bottom: 15px; - margin-top: 10px; - margin-bottom: 10px; + display: flex; + padding: 15px; .details { - padding-left: 95px; + padding-left: 20px; h2 { - margin-top: 30px; + margin-top: 4px; + border: none; } ul { padding-left: 0px; - margin-top: 8px; + margin: -8px 0 0 0; } li { @@ -39,7 +40,7 @@ body.layout-downloads { } .icon { - img { + svg { width: 75px; } } @@ -52,12 +53,7 @@ body.layout-downloads { .poweredby { margin-top: 20px; - - img { - display: block; - margin: 0 auto; - width: 122px; - } + text-align: center; } } } diff --git a/website/source/assets/stylesheets/_global.scss b/website/source/assets/stylesheets/_global.scss index 07cfe6f02e..3b69c05ddc 100755 --- a/website/source/assets/stylesheets/_global.scss +++ b/website/source/assets/stylesheets/_global.scss @@ -16,7 +16,7 @@ body { min-height: 100%; } -h1, h2, h3, h4, h5, h5 { +h1, h2, h3, h4, h5 { font-family: $font-family-klavika; -webkit-font-smoothing: antialiased; } diff --git a/website/source/assets/stylesheets/_header.scss b/website/source/assets/stylesheets/_header.scss index 4a985d7a8b..dde70d7d66 100755 --- a/website/source/assets/stylesheets/_header.scss +++ b/website/source/assets/stylesheets/_header.scss @@ -1,5 +1,6 @@ #header { - // Hamburger menu + background: $header-background-color; + .navbar-toggle { height: $header-height; margin: 0; @@ -7,44 +8,42 @@ border-radius: 0; .icon-bar { - border: 1px solid $black; + border: 1px solid $white; border-radius: 0; } } - // Logo .navbar-brand { display: block; margin: 0; padding: 0; - .logo { - color: $header-link-color; - display: inline-block; - font-family: $font-family-klavika; - font-weight: $font-weight-bold; - font-size: 0; + a { + display: flex; + align-items: center; height: $header-height; line-height: $header-height; - width: 200px; - padding-left: 64px; - background: image-url('logo-text.svg') 0 0 no-repeat; - background-position: left center; - &:hover, &:focus, &:active { - outline: 0; - text-decoration: none; + svg.logo { + transition: opacity 0.15s ease-in-out; + @extend svg.logo.white; + + &:hover, &:focus, &:active { + opacity: 0.6; + outline: 0; + text-decoration: none; + } } } } - // Nav ul.nav { li { a { color: $header-link-color; font-size: $header-font-size; font-family: $font-family-open-sans; + font-weight: $font-weight-bold; height: $header-height; line-height: $header-height; padding: 0 10px; diff --git a/website/source/assets/stylesheets/_home.scss b/website/source/assets/stylesheets/_home.scss index 5409715d85..823719fdbe 100755 --- a/website/source/assets/stylesheets/_home.scss +++ b/website/source/assets/stylesheets/_home.scss @@ -1,4 +1,60 @@ #page-home { + // Override the main header + #header { + background: $home-header-background-color; + + .navbar-toggle { + .icon-bar { + border: 1px solid $home-header-link-color; + } + } + + .navbar-brand { + a { + svg.logo { + @extend svg.logo.color; + } + } + } + + ul.nav { + li { + a { + color: $home-header-link-color; + + &:hover, &:focus, &:active { + background-color: transparent; + color: $home-header-link-color-hover; + + svg { + fill: $home-header-link-color-hover; + } + } + + svg { + fill: $home-header-link-color; + } + } + } + } + } + + .button { + &.terminal { + padding-left: 52px; + padding-right: 30px; + margin-left: 12px; + background-image: image-url('icon-terminal.png'); + background-position: 16px center; + background-repeat: no-repeat; + @include img-retina("icon-terminal.png", "icon-terminal@2x.png", 26px, 25px); + } + + &.started { + margin-bottom: 12px; + } + } + #container { margin-top: 140px; position: relative; @@ -27,7 +83,7 @@ } h2.features-header { - color: $blue; + color: $vault-blue; display: inline-block; font-size: 44px; font-weight: 600; @@ -92,8 +148,8 @@ @include img-retina("bg-icons.png", "bg-icons@2x.png", 669px, 260px); background: image-url("bg-icons.png") center center no-repeat; background-position: center center; - border-top: 1px solid $faint-gray; - border-bottom: 1px solid $faint-gray; + border-top: 1px solid $gray-darker; + border-bottom: 1px solid $gray-darker; padding: 140px 0; p { diff --git a/website/source/assets/stylesheets/_logos.scss b/website/source/assets/stylesheets/_logos.scss new file mode 100644 index 0000000000..3ee70170dc --- /dev/null +++ b/website/source/assets/stylesheets/_logos.scss @@ -0,0 +1,43 @@ +svg.logo { + &.color { + opacity: 1.0; + + path.text { + fill: $black; + opacity: 1.0; + } + + path.v { + fill: $black; + opacity: 1.0; + } + + path.squares { + fill: $white; + opacity: 1.0; + } + } + + // The default logo class is the colored version + @extend .color; + + &.white { + opacity: 1.0; + + path.text { + fill: $white; + } + + path.v { + fill: $white; + } + + path.squares { + fill: $vault-gray; + } + + path.front { + opacity: 0.7; + } + } +} diff --git a/website/source/assets/stylesheets/_variables.scss b/website/source/assets/stylesheets/_variables.scss index 18b6619c52..b1d23b1c04 100755 --- a/website/source/assets/stylesheets/_variables.scss +++ b/website/source/assets/stylesheets/_variables.scss @@ -1,21 +1,25 @@ // Colors -$white: #FFFFFF; -$black: #000000; -$gray: #929199; -$light-gray: #C2C1C7; -$faint-gray: #E3E3EA; -$dark-blue: #00ABE0; -$blue: #00BFE0; -$light-black: #242424; -$orange: #E78C5B; -$green: #5BE764; -$gray-darker: #555555; -$gray: #777777; -$gray-light: #939393; -$gray-lighter: #979797; -$red: #DD4E58; -$red-dark: #C5454E; -$purple: #822FF7; +// $white: #FFFFFF; +// $black: #000000; +// $gray: #929199; +// $light-gray: #C2C1C7; +// $faint-gray: #E3E3EA; +// $dark-blue: #00ABE0; +// $blue: #00BFE0; +// $light-black: #242424; +// $orange: #E78C5B; +// $green: #5BE764; +// $gray-darker: #555555; +// $gray: #777777; +// $gray-light: #939393; +// $gray-lighter: #979797; +// $red: #DD4E58; +// $red-dark: #C5454E; +// $purple: #822FF7; + + + + // Colors $white: #FFFFFF; @@ -28,6 +32,7 @@ $vagrant-blue: #1563FF; $vagrant-blue-dark: #104EB2; $vault-black: #000000; $vault-blue: #00ABE0; +$vault-gray: #919FA8; // Typography $font-family-klavika: 'klavika-web', 'Open Sans', "Helvetica Neue", Helvetica, Arial, sans-serif; @@ -41,6 +46,11 @@ $font-weight-bold: 600; $body-font-color: $gray-darker; $body-link-color: $vault-blue; +// Home +$home-header-background-color: transparent; +$home-header-link-color: $gray-darker; +$home-header-link-color-hover: $black; + // Sidebar $sidebar-background-color: $white; $sidebar-font-size: $font-size - 2; @@ -51,17 +61,22 @@ $sidebar-font-family: $font-family-open-sans; $sidebar-font-weight: $font-weight-reg; // Header +$header-background-color: $vault-gray; $header-font-size: $font-size - 2; -$header-link-color: $body-font-color; -$header-link-color-hover: $black; - -// Header $header-height: 92px; -$header-font-size: $font-size - 2; -$header-link-color: $body-font-color; -$header-link-color-hover: $black; +$header-link-color: rgba($white, 0.85); +$header-link-color-hover: $white; // Footer $footer-font-size: $font-size - 2; $footer-link-color: $body-font-color; $footer-link-color-hover: $black; + +// Button +$button-background: $white; +$button-font-color: #7b8A8E; +$button-font-family: $font-family-klavika; +$button-font-size: $font-size; +$button-font-weight: $font-weight-bold; +$button-primary-background: $vault-gray; +$button-primary-font-color: $white; diff --git a/website/source/assets/stylesheets/application.scss b/website/source/assets/stylesheets/application.scss index 5b5d2ebbd0..02f67b2a32 100755 --- a/website/source/assets/stylesheets/application.scss +++ b/website/source/assets/stylesheets/application.scss @@ -3,34 +3,35 @@ @import url("//fonts.googleapis.com/css?family=Open+Sans:400,600"); -// Core variables and mixins -@import '_variables'; - -//Global Site -@import '_global'; - -//Mega Nav +// Mega Nav @import 'hashicorp/mega-nav'; // Anchor links @import 'hashicorp/anchor-links'; +// Core variables and mixins +@import '_variables'; + // Sidebar @import 'hashicorp/sidebar'; +//Global Site +@import '_global'; + // Components @import '_header'; @import '_footer'; -@import '_buttons'; @import '_inner'; -@import '_latest'; +@import '_buttons'; +@import '_syntax'; +@import '_logos'; // Pages @import '_community'; @import '_docs'; @import '_downloads'; @import '_home'; -@import '_syntax'; +@import '_latest'; // Demo @import '_demo'; diff --git a/website/source/downloads.html.erb b/website/source/downloads.html.erb index 2abc4c5dd2..fd73d17fa7 100644 --- a/website/source/downloads.html.erb +++ b/website/source/downloads.html.erb @@ -55,7 +55,7 @@ description: |-
- <%= image_tag "fastly_logo.png" %> + <%= inline_svg "fastly.svg", height: 50 %>
diff --git a/website/source/index.html.erb b/website/source/index.html.erb index b41ae37f4a..e168af9507 100644 --- a/website/source/index.html.erb +++ b/website/source/index.html.erb @@ -12,12 +12,12 @@ description: |-
- " alt="Vault" height="80"> + <%= inline_svg "logo-text.svg", height: 120, class: "logo" %> A tool for managing secrets
@@ -52,7 +52,7 @@ description: |- secrets.

- Learn more + Learn more
@@ -71,7 +71,7 @@ description: |- rolling is easy to enforce.

- Learn more + Learn more
@@ -89,14 +89,14 @@ description: |- trace the lifetime and origin of any secret.

- Learn more + Learn more
- Get Started with Vault + Get Started with Vault

Completely free and open source.

@@ -113,7 +113,7 @@ description: |- We are pleased to announce the release of Vault v0.6.5. This release includes several new features, improvements, and bug fixes.

- Read more + Read more
@@ -122,7 +122,7 @@ description: |- Listen to the recording with Adam Stacoviak on the popular Changelog podcast to talk about modern secrets management.

- Listen + Listen
diff --git a/website/source/layouts/_sidebar.erb b/website/source/layouts/_sidebar.erb index 39e502941c..257f15767e 100644 --- a/website/source/layouts/_sidebar.erb +++ b/website/source/layouts/_sidebar.erb @@ -2,7 +2,7 @@