# DistGuard (v0.0.1 - Pre-Alpha)

This package is under active development. Check the repository at [DistGuard](https://github.com/nortosem/dist-guard) for development progress.

---

### Vision

By default, Elixir node communication is unencrypted. `DistGuard` secures Elixir/Erlang node communication by automating the creation of a private, project-specific Certificate Authority (CA). Through a set of simple Mix tasks, it configures your release to use mutual TLS for all inter-node traffic, adopting a zero-trust security model by default.

`DistGuard` is for **internal node security only**. It is not a replacement for public CAs like Let's Encrypt and should not be used for client-facing HTTPS traffic.

### Planned Features

*   A `mix dist_guard.init` task for one-command project setup.
*   Automatic generation of a secure `openssl.cnf` and management of keys/certificates.
*   A `Config.Provider` for seamless integration with `mix release`.
*   High-performance, secure-by-default TLS 1.3 configurations.

### Prerequisites

*   **Erlang/OTP 28.0.1+:** This package will only support modern OTP versions.
*   **OpenSSL 3.0.0+:** `DistGuard` will use the `openssl` command-line tool.

### Installation (Future)

Once a stable version is released, you will be able to install the package by adding `dist_guard` to your list of dependencies in `mix.exs`:

```elixir
def deps do
  [
    {:dist_guard, "~> 0.1.0"}
  ]
end
```
Documentation can be found at https://hexdocs.pm/dist_guard.