diff options
| -rw-r--r-- | .gitignore | 2 | ||||
| -rw-r--r-- | Vagrantfile | 27 | ||||
| -rwxr-xr-x | vagrant/configure-leap.sh | 83 | ||||
| -rwxr-xr-x | vagrant/install-platform.pp | 19 | ||||
| -rw-r--r-- | vagrant/offlineimaprc.example.org | 24 | ||||
| -rw-r--r-- | vagrant/vagrant.config | 12 |
6 files changed, 166 insertions, 1 deletions
@@ -1,2 +1,2 @@ -.reviewboardrc +/.vagrant /puppet/modules/site_custom diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 00000000..4a91c459 --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,27 @@ +Vagrant.configure("2") do |config| + config.vm.define :node1 do |config| + + # Please verify the sha512 sum of the downloaded box before importing it into vagrant ! + # see https://leap.se/en/docs/platform/details/development#Verify.vagrantbox.download + # for details + + config.vm.box = "leap-wheezy" + config.vm.box_url = "https://downloads.leap.se/platform/vagrant/virtualbox/leap-wheezy.box" + #config.vm.network :private_network, ip: "10.5.5.102" + config.vm.provider "virtualbox" do |v| + v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] + v.name = "node1" + end + + config.vm.provision "puppet" do |puppet| + puppet.manifests_path = "./vagrant" + puppet.module_path = "./puppet/modules" + puppet.manifest_file = "install-platform.pp" + puppet.options = "--verbose" + end + config.vm.provision "shell", path: "vagrant/configure-leap.sh" + + config.ssh.username = "vagrant" + + end +end diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh new file mode 100755 index 00000000..9541e194 --- /dev/null +++ b/vagrant/configure-leap.sh @@ -0,0 +1,83 @@ +#!/bin/bash + + +. /vagrant/vagrant/vagrant.config + +#OPTS='--no-color' +OPTS='' +PROVIDERDIR='/srv/leap/configuration' +NODE='node1' +LEAP='/usr/local/bin/leap' + +echo '===============================================' +echo 'configuring leap' +echo '===============================================' + +# purge $PROVIDERDIR so this script can be run multiple times +[ -e $PROVIDERDIR ] && rm -rf $PROVIDERDIR +mkdir $PROVIDERDIR +cd $PROVIDERDIR + +$LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform=/vagrant . +echo -e '\n@log = "/var/log/leap/deploy.log"' >> Leapfile + +if [ ! -e /root/.ssh/id_rsa ]; then + ssh-keygen -f /root/.ssh/id_rsa -P '' + cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys +fi + +mkdir -p $PROVIDERDIR/files/nodes/$NODE +sh -c "cat /etc/ssh/ssh_host_rsa_key.pub | cut -d' ' -f1,2 >> $PROVIDERDIR/files/nodes/$NODE/${NODE}_ssh.pub" + +$LEAP $OPTS add-user --self +$LEAP $OPTS cert ca +$LEAP $OPTS cert csr +$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" services:"$services" tags:production +echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json + +$LEAP $OPTS compile + +git init +git add . +git commit -m'configured provider' + +$LEAP $OPTS node init $NODE +if [ $? -eq 1 ]; then + echo 'node init failed' + exit 1 +fi + +$LEAP $OPTS -v 2 deploy +if [ $? -eq 1 ]; then + echo 'deploy failed' + exit 1 +fi + +set +e +git add . +git commit -m'initialized and deployed provider' +set -e + +echo '===============================================' +echo 'testing the platform' +echo '===============================================' + +$LEAP $OPTS -v 2 test --continue + +echo '===============================================' +echo 'setting node to demo-mode' +echo '===============================================' +postconf -e default_transport='error: in demo mode' + +sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config +/etc/init.d/ssh reload + +# add users: testadmin and testuser with passwords "hallo123" +curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testuser&user%5Bpassword_salt%5D=7d4880237a038e0e&user%5Bpassword_verifier%5D=b98dc393afcd16e5a40fb57ce9cddfa6a978b84be326196627c111d426cada898cdaf3a6427e98b27daf4b0ed61d278bc856515aeceb2312e50c8f816659fcaa4460d839a1e2d7ffb867d32ac869962061368141c7571a53443d58dc84ca1fca34776894414c1090a93e296db6cef12c2cc3f7a991b05d49728ed358fd868286" +curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testadmin&user%5Bpassword_salt%5D=ece1c457014d8282&user%5Bpassword_verifier%5D=9654d93ab409edf4ff1543d07e08f321107c3fd00de05c646c637866a94f28b3eb263ea9129dacebb7291b3374cc6f0bf88eb3d231eb3a76eed330a0e8fd2a5c477ed2693694efc1cc23ae83c2ae351a21139701983dd595b6c3225a1bebd2a4e6122f83df87606f1a41152d9890e5a11ac3749b3bfcf4407fc83ef60b4ced68" + +echo -e '\n\n\n' +echo 'You are now ready to use your provider. Please update your /etc/hosts with following dns overrides:' + +$LEAP list --print ip_address,domain.full,dns.aliases | sed 's/,//g' | cut -d' ' -f 2- + diff --git a/vagrant/install-platform.pp b/vagrant/install-platform.pp new file mode 100755 index 00000000..012a0eb0 --- /dev/null +++ b/vagrant/install-platform.pp @@ -0,0 +1,19 @@ +class {'apt': } +File['/etc/apt/preferences'] -> + Exec['refresh_apt'] -> + Package <| ( title != 'lsb' ) |> + +package { [ 'rsync', 'ruby-hiera-puppet', 'git', 'ruby1.9.1-dev', 'rake', 'jq' ]: + ensure => installed +} + +package { 'leap_cli': + ensure => latest, + provider => 'gem', + require => Package['ruby1.9.1-dev'] +} + +file { [ '/srv/leap', '/srv/leap/configuration', '/var/log/leap' ]: + ensure => directory +} + diff --git a/vagrant/offlineimaprc.example.org b/vagrant/offlineimaprc.example.org new file mode 100644 index 00000000..3d119634 --- /dev/null +++ b/vagrant/offlineimaprc.example.org @@ -0,0 +1,24 @@ +# WARNING: Use offlineimap *only* for testing/debugging, +# because it will save the mails *decrypted* locally to +# your disk ! + +[general] +accounts = testuser@example.org + +[Account testuser@example.org] +localrepository = testuser@example.org_local +remoterepository = testuser@example.org_remote + +[Repository testuser@example.org_local] +type = Maildir +localfolders = /tmp/offlineimap.testuser@example.org + +[Repository testuser@example.org_remote] +type = IMAP +remotehost = localhost +remoteuser = testuser@example.org +remoteport = 1984 +ssl = no +remotepass = every_pw_works_here + + diff --git a/vagrant/vagrant.config b/vagrant/vagrant.config new file mode 100644 index 00000000..ae124246 --- /dev/null +++ b/vagrant/vagrant.config @@ -0,0 +1,12 @@ +# config values used by configure-leap.sh +provider_domain='example.org' +provider_name='Leap Example Provider' +contacts="no-reply@$provider_domain" + +# serivces that get configured +# note that the "openvpn" service does currently *not* work +# in a vagrant setup, +# see https://leap.se/en/docs/platform/troubleshooting/known-issues#Special.Environments +services='webapp,mx,couchdb,soledad,monitor' + + |