diff options
Diffstat (limited to 'vagrant/configure-leap.sh')
| -rwxr-xr-x | vagrant/configure-leap.sh | 73 |
1 files changed, 41 insertions, 32 deletions
diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 9541e194..9ddee039 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -1,13 +1,7 @@ #!/bin/bash -. /vagrant/vagrant/vagrant.config - -#OPTS='--no-color' -OPTS='' -PROVIDERDIR='/srv/leap/configuration' -NODE='node1' -LEAP='/usr/local/bin/leap' +. /vagrant/vagrant/vagrant.config echo '===============================================' echo 'configuring leap' @@ -15,48 +9,61 @@ echo '===============================================' # purge $PROVIDERDIR so this script can be run multiple times [ -e $PROVIDERDIR ] && rm -rf $PROVIDERDIR -mkdir $PROVIDERDIR + +mkdir -p $PROVIDERDIR +chown ${USER}:${USER} ${PROVIDERDIR} cd $PROVIDERDIR $LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform=/vagrant . -echo -e '\n@log = "/var/log/leap/deploy.log"' >> Leapfile +echo -e '\n@log = "./deploy.log"' >> Leapfile -if [ ! -e /root/.ssh/id_rsa ]; then - ssh-keygen -f /root/.ssh/id_rsa -P '' - cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys +if [ ! -e /home/${USER}/.ssh/id_rsa ]; then + $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' + [ -d /root/.ssh ] || mkdir /root/.ssh + cat /home/${USER}/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys fi -mkdir -p $PROVIDERDIR/files/nodes/$NODE +$SUDO mkdir -p ${PROVIDERDIR}/files/nodes/${NODE} sh -c "cat /etc/ssh/ssh_host_rsa_key.pub | cut -d' ' -f1,2 >> $PROVIDERDIR/files/nodes/$NODE/${NODE}_ssh.pub" +chown ${USER}:${USER} ${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub $LEAP $OPTS add-user --self $LEAP $OPTS cert ca $LEAP $OPTS cert csr -$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" services:"$services" tags:production +$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" couch.mode:plain services:"$services" tags:production echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json $LEAP $OPTS compile -git init -git add . -git commit -m'configured provider' +$GIT init +$GIT add . +$GIT commit -m'configured provider' -$LEAP $OPTS node init $NODE +$LEAP $OPTS node init $NODE if [ $? -eq 1 ]; then echo 'node init failed' exit 1 fi +# couchrest gem does currently not install on jessie +# https://leap.se/code/issues/7754 +# workaround is to install rake as gem +gem install rake + $LEAP $OPTS -v 2 deploy -if [ $? -eq 1 ]; then - echo 'deploy failed' - exit 1 -fi -set +e -git add . -git commit -m'initialized and deployed provider' -set -e +$GIT add . +$GIT commit -m'initialized and deployed provider' + +# Vagrant: leap_mx fails to start on jessie +# https://leap.se/code/issues/7755 +# Workaround: we stop and start leap-mx after deploy and +# before testing + +service leap-mx stop +service leap-mx start + + echo '===============================================' echo 'testing the platform' @@ -69,15 +76,17 @@ echo 'setting node to demo-mode' echo '===============================================' postconf -e default_transport='error: in demo mode' -sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config -/etc/init.d/ssh reload - # add users: testadmin and testuser with passwords "hallo123" curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testuser&user%5Bpassword_salt%5D=7d4880237a038e0e&user%5Bpassword_verifier%5D=b98dc393afcd16e5a40fb57ce9cddfa6a978b84be326196627c111d426cada898cdaf3a6427e98b27daf4b0ed61d278bc856515aeceb2312e50c8f816659fcaa4460d839a1e2d7ffb867d32ac869962061368141c7571a53443d58dc84ca1fca34776894414c1090a93e296db6cef12c2cc3f7a991b05d49728ed358fd868286" curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testadmin&user%5Bpassword_salt%5D=ece1c457014d8282&user%5Bpassword_verifier%5D=9654d93ab409edf4ff1543d07e08f321107c3fd00de05c646c637866a94f28b3eb263ea9129dacebb7291b3374cc6f0bf88eb3d231eb3a76eed330a0e8fd2a5c477ed2693694efc1cc23ae83c2ae351a21139701983dd595b6c3225a1bebd2a4e6122f83df87606f1a41152d9890e5a11ac3749b3bfcf4407fc83ef60b4ced68" -echo -e '\n\n\n' -echo 'You are now ready to use your provider. Please update your /etc/hosts with following dns overrides:' +echo -e '\n===========================================================================================================\n\n' +echo -e 'You are now ready to use your local LEAP provider.\n' +echo 'If you want to use the *Bitmask client* with your provider, please update your /etc/hosts with following dns overrides:' -$LEAP list --print ip_address,domain.full,dns.aliases | sed 's/,//g' | cut -d' ' -f 2- +$LEAP list --print ip_address,domain.full,dns.aliases | sed 's/^.* //' | sed 's/, null//g' | tr -d '\]\[",' +echo 'Please see https://leap.se/en/docs/platform/tutorials/vagrant#use-the-bitmask-client-to-do-an-initial-soledad-sync for more details how to use and test your LEAP provider.' +echo -e "\nIf you don't want to use the Bitmask client, please ignore the above instructions.\n" +echo -e 'The LEAP webapp is now available at https://localhost:4443\n' +echo -e 'Please add an exception in your browser dialog to allow the self-signed certificate.\n' |