Add missing README information to centralized repo docs

dobby-coder[bot] · claude · dobby-coder[bot] · commit 87e1cbfc0e8a · 2026-04-14T11:33:08.000Z
Audited all 16 repo READMEs against their centralized docs pages and added missing content: - pdf-signature: frontend setup, backend configuration table, build/run commands - cryptify: backend configuration table with all config options, build/run commands including running the built binary - postguard: unaudited warning, prerequisites (Rust 1.90+, Docker, wasm-pack), WASM build instructions, Docker Compose dev environment, PKG server setup with key generation and CLI flags, environment variables, CLI usage examples (encrypt/decrypt), Docusaurus site reference, funding section - postguard-fallback: dependency version table (Rust 1.57, NGINX 1.21, PostgreSQL 12, Mailhog 1.0), IRMA/irmaseal documentation links - postguard-website: Docker stopping commands, docker-compose build Resolves feedback on #8. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
diff --git a/docs/repos/cryptify.md b/docs/repos/cryptify.md
@@ -42,17 +42,38 @@ When developing locally, change the `baseurl` constant in `FileProvider.ts` to `
 
 #### Backend
 
-Requires Rust:
+Requires Rust.
+
+##### Configuration
+
+The backend needs a configuration file. See `conf/` for examples (`config.toml` for production, `config.dev.toml` for development).
+
+| Option | Description |
+|---|---|
+| `server_url` | Public URL of the service |
+| `address` | Bind address (e.g. `0.0.0.0`) |
+| `data_dir` | Directory for file storage |
+| `email_from` | Sender address for email notifications |
+| `smtp_url` | SMTP server hostname |
+| `smtp_port` | SMTP server port |
+| `smtp_tls` | Enable TLS for SMTP (default: `false`) |
+| `smtp_username` | SMTP username (optional) |
+| `smtp_password` | SMTP password (optional) |
+| `allowed_origins` | CORS allowed origins (regex) |
+| `pkg_url` | PostGuard PKG server URL |
+
+##### Building and running
 
 ```bash
 # Development (with auto-reload)
-env ROCKET_ENV=development ROCKET_CONFIG=conf/Rocket.toml cargo watch -x run
+env ROCKET_ENV=development ROCKET_CONFIG=conf/config.dev.toml cargo watch -x run
 
 # Production build
 env ROCKET_ENV=production cargo build --release
-```
 
-The backend needs a `ROCKET_CONFIG` environment variable pointing to the configuration file. See the example in `conf/`.
+# Run the built binary
+env ROCKET_CONFIG=conf/config.toml ./target/release/cryptify-backend
+```
 
 ### Electron Packaging
 
diff --git a/docs/repos/pdf-signature.md b/docs/repos/pdf-signature.md
@@ -2,13 +2,13 @@
 
 [GitHub](https://github.com/encryption4all/pdf-signature) · Rust + TypeScript · PDF Signing
 
-PDF signing and signature verification utility. Used within the PostGuard ecosystem for signing PDF documents with identity-based signatures.
+PDF signing and signature verification utility. Used within the PostGuard ecosystem for signing PDF documents with identity-based signatures. This is a fork of [Cryptify](/repos/cryptify) with the same architecture.
 
 ## Architecture
 
 The repository is structured similarly to [Cryptify](/repos/cryptify), with a Rust backend and TypeScript frontend:
 
-- **Backend** (`cryptify-back-end/`): Rust service handling PDF operations
+- **Backend** (`cryptify-back-end/`): Rust (Rocket) service handling PDF operations, file storage, and email notifications
 - **Frontend** (`cryptify-front-end/`): TypeScript web interface
 
 ## Development
@@ -23,9 +23,59 @@ docker-compose -f docker-compose.dev.yml up
 docker-compose up
 ```
 
-### Manual Setup
+### Frontend (manual)
 
-See the Cryptify development instructions for the general pattern. The backend requires Rust and the frontend requires Node.js.
+Requires Node.js and Rust.
+
+```bash
+cd cryptify-front-end
+npm install
+npm run start    # development server
+npm run build    # production build
+```
+
+When developing locally, change the `baseurl` constant in `FileProvider.ts` to `http://localhost:3000` so the frontend uses the local backend.
+
+Cryptify/pdf-signature can also be packaged as a desktop app:
+
+```bash
+cd cryptify-front-end
+npm run dist-electron
+```
+
+### Backend (manual)
+
+The backend needs a configuration file. See `conf/` for examples.
+
+#### Configuration
+
+The configuration file (`conf/config.toml` or `conf/config.dev.toml`) controls:
+
+| Option | Description |
+|---|---|
+| `server_url` | Public URL of the service |
+| `address` | Bind address (e.g. `0.0.0.0`) |
+| `data_dir` | Directory for file storage |
+| `email_from` | Sender address for email notifications |
+| `smtp_url` | SMTP server hostname |
+| `smtp_port` | SMTP server port |
+| `smtp_credentials` | SMTP username and password (optional) |
+| `allowed_origins` | CORS allowed origins (regex) |
+| `pkg_url` | PostGuard PKG server URL |
+
+#### Building and running
+
+```bash
+# Build
+env ROCKET_ENV=development cargo build
+env ROCKET_ENV=production cargo build --release
+
+# Run (pass the config file path)
+env ROCKET_CONFIG=conf/config.dev.toml ./target/debug/cryptify-backend
+
+# Development with auto-reload
+env ROCKET_ENV=development ROCKET_CONFIG=conf/config.dev.toml cargo watch -x run
+```
 
 ## Releasing
 
diff --git a/docs/repos/postguard-fallback.md b/docs/repos/postguard-fallback.md
@@ -13,6 +13,8 @@ Both the backend and frontend are written in Rust:
 
 Supporting services: NGINX (reverse proxy), PostgreSQL (database), Mailhog (email testing).
 
+For background on the IRMA/Yivi protocol, see the [IRMA documentation](https://irma.app/docs/what-is-irma/). The PostGuard encryption protocol is described in the [irmaseal design document](https://github.com/Wassasin/irmaseal/blob/master/docs/design.md).
+
 ## Development
 
 ### Docker (recommended)
@@ -30,6 +32,17 @@ docker-compose up
 
 The application is available at `http://tguard.localhost`.
 
+### Dependencies
+
+The Docker setup includes all required software. For manual development, the following versions are used:
+
+| Dependency | Version |
+|---|---|
+| Rust | 1.57+ |
+| NGINX | 1.21 |
+| PostgreSQL | 12 |
+| Mailhog | 1.0 |
+
 ### Manual Setup
 
 Requires:
diff --git a/docs/repos/postguard-website.md b/docs/repos/postguard-website.md
@@ -30,6 +30,19 @@ docker-compose -f docker-compose.prod.yml up
 # Access at http://localhost
 ```
 
+### Stopping Services
+
+```bash
+docker-compose down                          # development
+docker-compose -f docker-compose.prod.yml down  # production
+```
+
+### Building with Docker
+
+```bash
+docker-compose build
+```
+
 ### Manual (without Docker)
 
 ```bash
diff --git a/docs/repos/postguard.md b/docs/repos/postguard.md
@@ -2,6 +2,10 @@
 
 [GitHub](https://github.com/encryption4all/postguard) · Rust · Core library and services
 
+::: warning
+This implementation has not been audited. Use at your own risk.
+:::
+
 The main PostGuard repository. It contains the core encryption library, the Private Key Generator (PKG) server, WebAssembly bindings for browsers, a command-line client, and FFI bindings for native language integration.
 
 ## Workspace Structure
@@ -10,7 +14,7 @@ The repository is a Rust workspace with five crates:
 
 | Crate | Description |
 |---|---|
-| `pg-core` | Core library: metadata management, binary serialization, streaming encryption (with a WebCrypto-backed WASM backend under the `web` and `stream` features) |
+| `pg-core` | Core library: metadata management, binary serialization, streaming encryption. Supports a native Rust backend (`rust` feature) and a WebCrypto-backed WASM backend (`web` + `stream` features). |
 | `pg-pkg` | HTTP API server (Actix-web) that runs a Private Key Generator instance |
 | `pg-wasm` | WebAssembly bindings via `wasm-pack`, used by the JavaScript SDK |
 | `pg-cli` | Command-line tool for encrypting and decrypting files |
@@ -36,12 +40,27 @@ A typical session:
 
 ### Prerequisites
 
-- [Rust](https://www.rust-lang.org/tools/install) (stable)
+- [Rust](https://www.rust-lang.org/tools/install) 1.90+ (stable)
+- [Docker & Docker Compose](https://docs.docker.com/) for the development environment (PostgreSQL + Yivi server)
+- [wasm-pack](https://rustwasm.github.io/wasm-pack/) (only for building the WASM bindings)
 
 ### Building
 
 ```bash
+# Full workspace
 cargo build --release
+
+# Individual crates
+cargo build --release -p pg-core
+cargo build --release --bin pg-cli
+cargo build --release --bin pg-pkg
+```
+
+### WASM Bindings
+
+```bash
+cd pg-wasm
+wasm-pack build --release -d pkg/ --out-name index --scope e4a --target bundler
 ```
 
 ### Testing
@@ -58,12 +77,65 @@ wasm-pack test --release --headless --chrome ./pg-wasm
 wasm-pack test --release --headless --firefox ./pg-wasm
 ```
 
+### Development Environment
+
+Docker Compose starts PostgreSQL and a Yivi (IRMA) server:
+
+```bash
+docker-compose up
+```
+
 ### Running the PKG Server
 
 ```bash
-cargo run -p pg-pkg --release
+# Generate master key pair (run once)
+cargo run --release --bin pg-pkg gen
+
+# Start the server
+cargo run --release --bin pg-pkg server \
+  -t <irma_server_token> \
+  -i <irma_server_url> \
+  -d <postgres_connection_string>
+```
+
+When using Docker Compose for local development:
+
+```bash
+cargo run --release --bin pg-pkg server \
+  -d postgres://devuser:devpassword@localhost/devdb \
+  -t <irma_token> \
+  -i http://localhost:8088
 ```
 
+#### PKG Environment Variables
+
+| Variable | Description |
+|---|---|
+| `IRMA_SERVER` | Yivi/IRMA server URL (default: `https://is.yivi.app`) |
+| `DATABASE_URL` | PostgreSQL connection string |
+| `RUST_LOG` | Log level (`debug`, `info`, `warn`, `error`) |
+
+### Using the CLI
+
+#### Encrypt a file
+
+```bash
+cargo run --bin pg-cli enc \
+  -i '{"recipient@example.com": [{"t": "pbdf.sidn-pbdf.email.email", "v": "recipient@example.com"}]}' \
+  --pub-sign-id '[{"t": "pbdf.gemeente.personalData.fullname"}]' \
+  myfile.txt
+```
+
+This starts a Yivi session (displays a QR code) to obtain signing keys, then encrypts `myfile.txt` into `myfile.txt.enc`.
+
+#### Decrypt a file
+
+```bash
+cargo run --bin pg-cli dec myfile.txt.enc
+```
+
+The CLI shows the recipient policies in the header, prompts you to select your identity, and starts a Yivi session to obtain your decryption key.
+
 ## Releasing
 
 This repository uses [Release-plz](https://release-plz.ieni.dev/) for automated versioning and releases. When changes are merged to `main`, Release-plz creates a release PR. Merging that PR triggers:
@@ -81,3 +153,11 @@ This repository uses [Release-plz](https://release-plz.ieni.dev/) for automated
 | `build.yml` | Push/PR | Formatting checks, tests for all workspace members |
 | `delivery.yml` | Push to main | Release-plz, Docker build, FFI compilation, npm publish |
 | `docs.yml` | Push to main | Deploys API docs to GitHub Pages |
+
+## Docusaurus Site
+
+The repository contains a [Docusaurus](https://docusaurus.io/) documentation site in the `website/` directory, deployed to [encryption4all.github.io/postguard](https://encryption4all.github.io/postguard/). It covers the architecture, encryption/decryption flow, Yivi integration, PKG server API, and WASM bindings in detail. The content from that site has been consolidated into this centralized documentation.
+
+## Funding
+
+Development of PostGuard was initially funded by the [Next Generation Internet initiative (NGI0)](https://nlnet.nl/NGI0/) and [NLnet](https://nlnet.nl/). The project is currently funded by a 4-year project from [NWO](https://www.nwo.nl/) under the name "Encryption 4 All".
