diff options
Diffstat (limited to 'vagrant')
-rwxr-xr-x | vagrant/configure-leap.sh | 83 | ||||
-rwxr-xr-x | vagrant/install-platform.pp | 36 | ||||
-rw-r--r-- | vagrant/offlineimaprc.example.org | 24 | ||||
-rw-r--r-- | vagrant/vagrant.config | 12 |
4 files changed, 155 insertions, 0 deletions
diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh new file mode 100755 index 00000000..9541e194 --- /dev/null +++ b/vagrant/configure-leap.sh @@ -0,0 +1,83 @@ +#!/bin/bash + + +. /vagrant/vagrant/vagrant.config + +#OPTS='--no-color' +OPTS='' +PROVIDERDIR='/srv/leap/configuration' +NODE='node1' +LEAP='/usr/local/bin/leap' + +echo '===============================================' +echo 'configuring leap' +echo '===============================================' + +# purge $PROVIDERDIR so this script can be run multiple times +[ -e $PROVIDERDIR ] && rm -rf $PROVIDERDIR +mkdir $PROVIDERDIR +cd $PROVIDERDIR + +$LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform=/vagrant . +echo -e '\n@log = "/var/log/leap/deploy.log"' >> Leapfile + +if [ ! -e /root/.ssh/id_rsa ]; then + ssh-keygen -f /root/.ssh/id_rsa -P '' + cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys +fi + +mkdir -p $PROVIDERDIR/files/nodes/$NODE +sh -c "cat /etc/ssh/ssh_host_rsa_key.pub | cut -d' ' -f1,2 >> $PROVIDERDIR/files/nodes/$NODE/${NODE}_ssh.pub" + +$LEAP $OPTS add-user --self +$LEAP $OPTS cert ca +$LEAP $OPTS cert csr +$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" services:"$services" tags:production +echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json + +$LEAP $OPTS compile + +git init +git add . +git commit -m'configured provider' + +$LEAP $OPTS node init $NODE +if [ $? -eq 1 ]; then + echo 'node init failed' + exit 1 +fi + +$LEAP $OPTS -v 2 deploy +if [ $? -eq 1 ]; then + echo 'deploy failed' + exit 1 +fi + +set +e +git add . +git commit -m'initialized and deployed provider' +set -e + +echo '===============================================' +echo 'testing the platform' +echo '===============================================' + +$LEAP $OPTS -v 2 test --continue + +echo '===============================================' +echo 'setting node to demo-mode' +echo '===============================================' +postconf -e default_transport='error: in demo mode' + +sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config +/etc/init.d/ssh reload + +# add users: testadmin and testuser with passwords "hallo123" +curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testuser&user%5Bpassword_salt%5D=7d4880237a038e0e&user%5Bpassword_verifier%5D=b98dc393afcd16e5a40fb57ce9cddfa6a978b84be326196627c111d426cada898cdaf3a6427e98b27daf4b0ed61d278bc856515aeceb2312e50c8f816659fcaa4460d839a1e2d7ffb867d32ac869962061368141c7571a53443d58dc84ca1fca34776894414c1090a93e296db6cef12c2cc3f7a991b05d49728ed358fd868286" +curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testadmin&user%5Bpassword_salt%5D=ece1c457014d8282&user%5Bpassword_verifier%5D=9654d93ab409edf4ff1543d07e08f321107c3fd00de05c646c637866a94f28b3eb263ea9129dacebb7291b3374cc6f0bf88eb3d231eb3a76eed330a0e8fd2a5c477ed2693694efc1cc23ae83c2ae351a21139701983dd595b6c3225a1bebd2a4e6122f83df87606f1a41152d9890e5a11ac3749b3bfcf4407fc83ef60b4ced68" + +echo -e '\n\n\n' +echo 'You are now ready to use your provider. Please update your /etc/hosts with following dns overrides:' + +$LEAP list --print ip_address,domain.full,dns.aliases | sed 's/,//g' | cut -d' ' -f 2- + diff --git a/vagrant/install-platform.pp b/vagrant/install-platform.pp new file mode 100755 index 00000000..465ca78a --- /dev/null +++ b/vagrant/install-platform.pp @@ -0,0 +1,36 @@ +class {'apt': } +File['/etc/apt/preferences'] -> + Exec['refresh_apt'] -> + Package <| ( title != 'lsb' ) |> + +package { [ 'rsync', 'ruby-hiera-puppet', 'git', 'ruby1.9.1-dev', 'rake', 'jq' ]: + ensure => installed +} + +file { '/etc/gemrc': + content => "---\n:sources:\n - https://rubygems.org/" +} + +vcsrepo { '/srv/leap/leap_cli': + ensure => present, + force => true, + revision => 'develop', + provider => 'git', + source => 'https://leap.se/git/leap_cli.git', + owner => 'root', + group => 'root', + notify => Exec['install_leap_cli'], + require => Package['git'] +} + +exec { 'install_leap_cli': + command => '/usr/bin/rake build && /usr/bin/rake install', + cwd => '/srv/leap/leap_cli', + refreshonly => true, + require => [ Package['ruby1.9.1-dev'], File['/etc/gemrc'], Package['rake'] ] +} + +file { [ '/srv/leap', '/srv/leap/configuration', '/var/log/leap' ]: + ensure => directory +} + diff --git a/vagrant/offlineimaprc.example.org b/vagrant/offlineimaprc.example.org new file mode 100644 index 00000000..3d119634 --- /dev/null +++ b/vagrant/offlineimaprc.example.org @@ -0,0 +1,24 @@ +# WARNING: Use offlineimap *only* for testing/debugging, +# because it will save the mails *decrypted* locally to +# your disk ! + +[general] +accounts = testuser@example.org + +[Account testuser@example.org] +localrepository = testuser@example.org_local +remoterepository = testuser@example.org_remote + +[Repository testuser@example.org_local] +type = Maildir +localfolders = /tmp/offlineimap.testuser@example.org + +[Repository testuser@example.org_remote] +type = IMAP +remotehost = localhost +remoteuser = testuser@example.org +remoteport = 1984 +ssl = no +remotepass = every_pw_works_here + + diff --git a/vagrant/vagrant.config b/vagrant/vagrant.config new file mode 100644 index 00000000..ae124246 --- /dev/null +++ b/vagrant/vagrant.config @@ -0,0 +1,12 @@ +# config values used by configure-leap.sh +provider_domain='example.org' +provider_name='Leap Example Provider' +contacts="no-reply@$provider_domain" + +# serivces that get configured +# note that the "openvpn" service does currently *not* work +# in a vagrant setup, +# see https://leap.se/en/docs/platform/troubleshooting/known-issues#Special.Environments +services='webapp,mx,couchdb,soledad,monitor' + + |