Solivram/solivram

GitHub: Solivram/solivram

一个纯Rust编写的后量子分布式安全基础设施节点,集成高可用集群、X.509 PKI、主权DNS和端到端加密能力。

Stars: 0 | Forks: 0

# solivram

solivram logo

![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg) ![Version](https://img.shields.io/badge/version-0.1.0-blue) ![Rust](https://img.shields.io/badge/built%20with-Rust-orange) ![Origine](https://img.shields.io/badge/origine-France-blue) ![Stars](https://img.shields.io/github/stars/Solivram/solivram?style=social)

🇫🇷 Français  ·  🇬🇧 English

Télécharger

**作者** : Jenka Nauta — 法国 **版本** : 0.1.0 — 2026-03-14 **类型** : 服务器 / Daemon **Releases** : [solivram-releases](https://github.com/Solivram/solivram-releases/releases) ## 类别 `安全` · `分布式基础设施` · `Post-Quantum Cryptography` · `Rust` ## 主要功能 | 模块 | 描述 | |--------|-------------| | **Cluster Raft HA** | 选举、复制、快照、动态成员管理 | | **内部 PKI X.509** | 根 CA、中间 CA、叶子证书、CRL | | **主权 DNS + DNSSEC** | 双重 P-256 + ML-DSA-65 | | **PQC 混合** | ML-KEM-768 (封装) + ML-DSA-65 (签名) | | **REST API** | Axum — Bearer 认证、5 种角色 RBAC、速率限制、CORS | | **加密存储** | redb + AES-256-GCM + 密钥轮换 | | **反向代理 HA** | 熔断器、动态后端 | | **端到端加密 (E2E)** | ML-KEM-768 + AES-256-GCM,客户端之间端到端加密 | | **节点间信任** | 信任信号、管理员 API 接受/撤销 | | **原生 GUI** | egui 界面 | | **安全会话** | TTL 1小时 + 2FA TOTP RFC 6238 | ## 目标受众 - 寻求 Rust 生产级基础设施的 DevOps / SRE 团队 - 需要可审计内部 CA 的 PKI 企业 - 后量子密码学 (PQC) 研究人员 - 要求高可用性和合规性的 B2B SaaS 发行商 ## 示例 — 认证机构 认证机构部署 solivram 用于: - 管理其 PKI X.509 (根 CA、中间 CA、叶子证书、CRL) - 使用 AES-256-GCM 存储密钥并自动轮换 - 通过 ML-DSA-65 进行后量子签名 - 通过角色 (管理员 / 操作员 / 监督员 / 读者 / 访客) 控制访问,并启用 2FA TOTP RFC 6238 - 通过多节点 Raft 集群确保高可用性 - 通过 REST API Bearer + RBAC 审计每项操作 ## 系统要求 - **OS** : Debian 11+ / Ubuntu 20.04+ (amd64 x86-64) - **架构** : 仅限 x86-64 ``` uname -m # doit afficher x86_64 ``` ## 安装 ``` curl -LO https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/solivram_0.1.0_amd64.deb && sudo dpkg -i solivram_0.1.0_amd64.deb solivram --help ``` **依赖项** : `libwayland-client0` · `libudev1` · `libasound2` · `libgcc-s1` · `libc6` · `libffi8` · `libcap2` ``` sudo setcap cap_net_bind_service=+ep /usr/bin/solivram ``` ## 签名验证 ``` solivram identity:verify # ✅ P-256 有效 | ✅ ML-DSA 有效 ``` **P-256 公钥:** ``` 04fa81886487fa97a92bf77756252ffbb17cfdec1ca55131e7bf94920a14f00faf6af84fb9680f1d3c367cba6c09fa17dc1e2edd3005173ed599fcc091973a3091 ``` ## 首次启动 ``` solivram --config /etc/solivram/default.toml headless solivram --config /etc/solivram/default.toml api ``` ## 卸载 ``` sudo dpkg -r solivram ``` ## 文档 | 文档 | 法语 | English | |----------|----------|---------| | **警告与映射** | [Solivram_Mise_En_Garde_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Mise_En_Garde_FR.pdf) | [Solivram_Warning_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Warning_EN.pdf) | | **快速入门** | [Solivram_Quickstart_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Quickstart_FR.pdf) | [Solivram_Quickstart_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Quickstart_EN.pdf) | | **概述** | [Solivram_Overview_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Overview_FR.pdf) | [Solivram_Overview_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Overview_EN.pdf) | | **管理员指南** | [Solivram_Guide_Admin_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Guide_Admin_FR.pdf) | [Solivram_Guide_Admin_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Guide_Admin_EN.pdf) | | **生产环境配置** | [Solivram_Config_Prod_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Config_Prod_FR.pdf) | [Solivram_Config_Prod_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Config_Prod_EN.pdf) | | **完整配置** | [Solivram_Config_Prod_full_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Config_Prod_full_FR.pdf) | [Solivram_Config_Prod_full_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Config_Prod_full_EN.pdf) | | **异常 hot-reload security_level** | [FR](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Exception_Hot_Reload_Security_Level_FR.pdf) | [EN](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Exception_Hot_Reload_Security_Level_EN.pdf) | | **路线图 v0.2.0** | [Solivram_Roadmap_v0.2.0_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Roadmap_v0.2.0_FR.pdf) | [Solivram_Roadmap_v0.2.0_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Roadmap_v0.2.0_EN.pdf) | ## 常见问题 **Q: 使用 solivram 需要安装 Rust 吗?** 不需要。`.deb` 软件包包含已编译的二进制文件。Rust 仅在从源码编译时需要。 **Q: Solivram 可以在 ARM / Raspberry Pi 上运行吗?** 暂不支持。v0.1.0 版本仅支持 amd64 (x86-64) 架构。 **Q: 二进制文件是否经过签名?** 是的。Solivram 包含可通过 `solivram identity:verify` 验证的 P-256 + ML-DSA-65 身份。 **Q: 如何更新 solivram?** ``` curl -LO https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/solivram_0.1.0_amd64.deb && sudo dpkg -i solivram_0.1.0_amd64.deb ``` ## 行业推介 | 行业 | 法语 | English | |---------|----------|---------| | 国防 | [Pitch_Defense_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Defense_FR.pdf) | [Pitch_Defense_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Defense_EN.pdf) | | 医疗 | [Pitch_Sante_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Sante_FR.pdf) | [Pitch_Healthcare_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Healthcare_EN.pdf) | | 金融 | [Pitch_Finance_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Finance_FR.pdf) | [Pitch_Finance_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Finance_EN.pdf) | | AI 代理 | [Pitch_Agents_IA_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Agents_IA_FR.pdf) | [Pitch_Agents_IA_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Agents_IA_EN.pdf) | | 能源 / 工业 | [Pitch_Energie_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Energie_FR.pdf) | [Pitch_Energy_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Energy_EN.pdf) | | 行政机构 | [Pitch_Admin_FR.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Admin_FR.pdf) | [Pitch_Admin_EN.pdf](https://github.com/Solivram/solivram-releases/releases/download/v0.1.0/Solivram_Pitch_Admin_EN.pdf) | *solivram — Jenka Nauta — 法国 — 2026*
标签:AES-256-GCM, API 网关, Axum, DNSSEC, ML-DSA-65, ML-KEM-768, PKI X.509, Raft 集群, Rust, Streamlit, 主权 DNS, 信任管理, 分布式系统, 分布式节点, 反向代理, 可视化界面, 后量子密码学, 响应大小分析, 域名收集, 抗量子计算, 数字证书, 数据加密, 服务器守护进程, 混合加密, 端到端加密, 网络安全, 网络流量审计, 蓝队防御, 访问控制, 隐私保护, 零信任架构, 高可用基础设施