{"id":25815305,"url":"https://github.com/capeprivacy/nitrogen","last_synced_at":"2025-07-04T18:39:36.300Z","repository":{"id":62370789,"uuid":"553781784","full_name":"capeprivacy/nitrogen","owner":"capeprivacy","description":"Nitrogen is a tool for deploying web services to AWS Nitro Enclaves.","archived":false,"fork":false,"pushed_at":"2023-07-20T13:11:25.000Z","size":212279,"stargazers_count":90,"open_issues_count":2,"forks_count":12,"subscribers_count":7,"default_branch":"main","last_synced_at":"2025-05-20T09:04:47.590Z","etag":null,"topics":["aws","confidential-computing","docker","nitro-enclaves","security"],"latest_commit_sha":null,"homepage":"https://capeprivacy.com/nitrogen","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/capeprivacy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-10-18T19:01:48.000Z","updated_at":"2025-03-11T13:57:53.000Z","dependencies_parsed_at":"2025-02-28T04:41:49.441Z","dependency_job_id":"b8d4102a-7767-4934-abe2-bf81a5817094","html_url":"https://github.com/capeprivacy/nitrogen","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/capeprivacy/nitrogen","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capeprivacy%2Fnitrogen","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capeprivacy%2Fnitrogen/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capeprivacy%2Fnitrogen/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capeprivacy%2Fnitrogen/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/capeprivacy","download_url":"https://codeload.github.com/capeprivacy/nitrogen/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capeprivacy%2Fnitrogen/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261095027,"owners_count":23108758,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","confidential-computing","docker","nitro-enclaves","security"],"created_at":"2025-02-28T04:19:47.331Z","updated_at":"2025-06-24T14:38:50.015Z","avatar_url":"https://github.com/capeprivacy.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"./media/nitrogen-logo.svg\" alt=\"Nitrogen logo\" width=\"400\"\u003e\n\u003c/div\u003e\n\n# Nitrogen CLI\n\n[![Discord](https://img.shields.io/discord/1027271440061435975.svg?logo=discord)](https://discord.gg/S8WMGUg8ab)\n\nNitrogen is a tool for deploying web services to AWS Nitro Enclaves. Given a dockerfile and an ssh key, Nitrogen will spin up an EC2, configure the network, and build and deploy your web service. You get back a hostname that's ready to go. Nitrogen is fully open source and it comes with pre-built scripts for deploying popular services like Nginx, Redis, and MongoDB.\n\n## Install\n\nNitrogen can easily be installed with the following:\n\nFor Linux or Mac:\n\n```\n$ curl -fsSL https://raw.githubusercontent.com/capeprivacy/nitrogen/main/install.sh | sh\n```\n\nFor Windows Powershell\n\n```\n$ iex (irm https://raw.githubusercontent.com/capeprivacy/nitrogen/main/install.ps1)\n```\n\n_Note: An AWS account is required. If you have AWS cli configured you can [retrieve your credentials](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html#cli-configure-files-where) with `cat ~/.aws/credentials`. See [troubleshooting](https://github.com/capeprivacy/nitrogen#troubleshooting) if your AWS account uses MFA_\n\n```bash\nexport AWS_ACCESS_KEY_ID=\u003cYOUR ACCESS KEY\u003e\nexport AWS_SECRET_ACCESS_KEY=\u003cYOUR SECRET\u003e\n```\n\n## Commands\n\n- `nitrogen setup \u003cstack_name\u003e \u003cssh_public_key\u003e`\n- `nitrogen build \u003cdockerfile_directory\u003e`\n- `nitrogen deploy \u003cstack_name\u003e \u003cssh_private_key\u003e`\n- `nitrogen logs \u003cstack_name\u003e \u003cssh_private_key\u003e`\n- `nitrogen delete \u003cstack_name\u003e`\n\n## Features\n\n- Spins up any enclave supported EC2 instance type (with Nitro Enclaves enabled)\n- Creates a security group for a specified port.\n- Sets up SSH.\n- Runs a socat proxy from public internet (TCP) into the nitro enclave (VSOCK).\n- Builds any Dockerfile into an Enclave Image File (EIF).\n- Deploys any EIF and launches a nitro enclave.\n\n## Examples\n\n### Nginx Example\n\n```sh\n$ nitrogen setup nitrogen-test ~/.ssh/id_rsa.pub --instance-type m5n.16xlarge\n\u003e  INFO nitrogen: Spinning up enclave instance 'nitrogen-test'.\n\u003e  INFO nitrogen::commands::setup: Successfully created enclave instance. stack_id=\"arn:aws:cloudformation:us-east-1:657861442343:stack/nitrogen-test/c93c7c80-5581-11ed-8a2b-0e2f3ffeccf1\"\n\u003e  INFO nitrogen: User enclave information: name=\"nitrogen-test\" instance_id=\"i-07daa284594ff02bc\" public_ip=\"44.197.181.14\" availability_zone=\"us-east-1b\" public_dns=\"ec2-44-197-181-14.compute-1.amazonaws.com\"\n```\n\n```sh\n$ nitrogen build examples/nginx/\n\u003e Filename: nitrogen.eif\n```\n\n```sh\n$ nitrogen deploy nitrogen-test ~/.ssh/id_rsa\n\u003e EIF is now running public_dns=\"ec2-1-234-56-789.compute-1.amazonaws.com:5000\"\n```\n\n```sh\n$ curl http://ec2-1-234-56-789.compute-1.amazonaws.com:5000/\n\u003e \u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n    \u003chead\u003e\n        \u003ctitle\u003eHello Nitrogen!\u003c/title\u003e\n    \u003c/head\u003e\n\u003c/html\u003e\n```\n\n### Nginx TLS Examples\n\nSee [here](examples/nginx-tls/README.md).\n\n## Troubleshooting\n\nIf you have permissions issues and your aws account has MFA enabled then attempt to use a session token before running `setup`.\n\n```\naws sts get-session-token --serial-number arn:aws:iam::\u003cAWS ACCOUNT NUMBER\u003e:mfa/\u003cUSER NAME\u003e --token-code \u003cCODE\u003e\n```\n\nExport the values printed from the above command:\n\n```\nexport AWS_ACCESS_KEY_ID=\nexport AWS_SECRET_ACCESS_KEY=\nexport AWS_SESSION_TOKEN=\n```\n\nYou can also use a helper script in this library called `sts.sh`. Warning: this will unset any AWS environment variables related to auth\nthat you have already set in your shell.\n\n```\n. sts.sh \u003cACCOUNT\u003e \u003cUSER NAME\u003e \u003cCODE\u003e\n```\nIf you wish to deploy the enclave in debug mode, use the \"--debug-mode\" flag during deploy. \nYou can then log into the instance and view the enclave console, or use the `nitrogen logs` command.\n## Contributors\n\nThank you to [@kalebpace](https://github.com/kalebpace) for contributing the name for the [nitrogen crate](https://crates.io/crates/nitrogen).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcapeprivacy%2Fnitrogen","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcapeprivacy%2Fnitrogen","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcapeprivacy%2Fnitrogen/lists"}