From 0d1755e1dd05100128282ae8f31434795ce279d6 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 9 Sep 2015 11:54:28 +0200 Subject: use vagrant user for configuring provider with leap_cli (new leap_cli version complain when called by root) we don't need to enable ssh pw auth because we're now using the vagrant user that has ssh key-based auth configured already. Change-Id: I5e28e6f5c71724573ff11def5b96142e8eb8b185 --- vagrant/configure-leap.sh | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 9541e194..e0476739 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -1,13 +1,15 @@ #!/bin/bash -. /vagrant/vagrant/vagrant.config +. /vagrant/vagrant/vagrant.config #OPTS='--no-color' OPTS='' -PROVIDERDIR='/srv/leap/configuration' +USER='vagrant' NODE='node1' -LEAP='/usr/local/bin/leap' +SUDO="sudo -u ${USER}" +PROVIDERDIR="/home/${USER}/leap/configuration" +LEAP="$SUDO /usr/local/bin/leap" echo '===============================================' echo 'configuring leap' @@ -15,19 +17,22 @@ echo '===============================================' # purge $PROVIDERDIR so this script can be run multiple times [ -e $PROVIDERDIR ] && rm -rf $PROVIDERDIR -mkdir $PROVIDERDIR + +mkdir -p $PROVIDERDIR +chown ${USER}:${USER} ${PROVIDERDIR} cd $PROVIDERDIR $LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform=/vagrant . -echo -e '\n@log = "/var/log/leap/deploy.log"' >> Leapfile +$SUDO echo -e '\n@log = "/var/log/leap/deploy.log"' >> Leapfile -if [ ! -e /root/.ssh/id_rsa ]; then - ssh-keygen -f /root/.ssh/id_rsa -P '' - cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys +if [ ! -e /home/${USER}/.ssh/id_rsa ]; then + $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' + cat /home/${USER}/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys fi -mkdir -p $PROVIDERDIR/files/nodes/$NODE +$SUDO mkdir -p ${PROVIDERDIR}/files/nodes/${NODE} sh -c "cat /etc/ssh/ssh_host_rsa_key.pub | cut -d' ' -f1,2 >> $PROVIDERDIR/files/nodes/$NODE/${NODE}_ssh.pub" +chown ${USER}:${USER} ${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub $LEAP $OPTS add-user --self $LEAP $OPTS cert ca @@ -41,7 +46,7 @@ git init git add . git commit -m'configured provider' -$LEAP $OPTS node init $NODE +$LEAP $OPTS node init $NODE if [ $? -eq 1 ]; then echo 'node init failed' exit 1 @@ -69,9 +74,6 @@ echo 'setting node to demo-mode' echo '===============================================' postconf -e default_transport='error: in demo mode' -sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config -/etc/init.d/ssh reload - # add users: testadmin and testuser with passwords "hallo123" curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testuser&user%5Bpassword_salt%5D=7d4880237a038e0e&user%5Bpassword_verifier%5D=b98dc393afcd16e5a40fb57ce9cddfa6a978b84be326196627c111d426cada898cdaf3a6427e98b27daf4b0ed61d278bc856515aeceb2312e50c8f816659fcaa4460d839a1e2d7ffb867d32ac869962061368141c7571a53443d58dc84ca1fca34776894414c1090a93e296db6cef12c2cc3f7a991b05d49728ed358fd868286" curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testadmin&user%5Bpassword_salt%5D=ece1c457014d8282&user%5Bpassword_verifier%5D=9654d93ab409edf4ff1543d07e08f321107c3fd00de05c646c637866a94f28b3eb263ea9129dacebb7291b3374cc6f0bf88eb3d231eb3a76eed330a0e8fd2a5c477ed2693694efc1cc23ae83c2ae351a21139701983dd595b6c3225a1bebd2a4e6122f83df87606f1a41152d9890e5a11ac3749b3bfcf4407fc83ef60b4ced68" -- cgit v1.2.3 From 7af30ee28ee492f77244b83b342d0ab8688a28d1 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 9 Sep 2015 13:51:19 +0200 Subject: Don't exit after failed deploy Sometimes only trivial things fail that doesn't affect basic functionallity. Change-Id: I9d9d1a531a11e6eeee6fd823a51bb02e99771ec2 --- vagrant/configure-leap.sh | 5 ----- 1 file changed, 5 deletions(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index e0476739..332bdddf 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -53,10 +53,6 @@ if [ $? -eq 1 ]; then fi $LEAP $OPTS -v 2 deploy -if [ $? -eq 1 ]; then - echo 'deploy failed' - exit 1 -fi set +e git add . @@ -82,4 +78,3 @@ echo -e '\n\n\n' echo 'You are now ready to use your provider. Please update your /etc/hosts with following dns overrides:' $LEAP list --print ip_address,domain.full,dns.aliases | sed 's/,//g' | cut -d' ' -f 2- - -- cgit v1.2.3 From 04290d038eaf02d666c406d489c2442aa9b1e50b Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 23 Dec 2015 17:09:10 +0100 Subject: Vagrant: use couchdb, create .ssh dir --- vagrant/configure-leap.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 332bdddf..5915ec94 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -27,6 +27,7 @@ $SUDO echo -e '\n@log = "/var/log/leap/deploy.log"' >> Leapfile if [ ! -e /home/${USER}/.ssh/id_rsa ]; then $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' + mkdir /root/.ssh cat /home/${USER}/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys fi @@ -37,7 +38,7 @@ chown ${USER}:${USER} ${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub $LEAP $OPTS add-user --self $LEAP $OPTS cert ca $LEAP $OPTS cert csr -$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" services:"$services" tags:production +$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" services:"$services" couch.master:true couch.pwhash_alg:pbkdf2 tags:production echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json $LEAP $OPTS compile -- cgit v1.2.3 From c6cb5ad672edc977c52537558a00a9c3f78d4b4e Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 23 Dec 2015 18:56:04 +0100 Subject: Vagrant Workaround for #7754 and #7755 --- vagrant/configure-leap.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 5915ec94..00811144 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -53,6 +53,11 @@ if [ $? -eq 1 ]; then exit 1 fi +# couchrest gem does currently not install on jessie +# https://leap.se/code/issues/7754 +# workaround is to install rake as gem +gem install rake + $LEAP $OPTS -v 2 deploy set +e @@ -60,6 +65,16 @@ git add . git commit -m'initialized and deployed provider' set -e +# Vagrant: leap_mx fails to start on jessie +# https://leap.se/code/issues/7755 +# Workaround: we stop and start leap-mx after deploy and +# before testing + +service leap-mx stop +service leap-mx start + + + echo '===============================================' echo 'testing the platform' echo '===============================================' -- cgit v1.2.3 From 98b38f15839eeee43a0c817de081a3beb494efaa Mon Sep 17 00:00:00 2001 From: Folker Bernitt Date: Tue, 12 Jan 2016 10:53:03 +0100 Subject: Run git as user, not root --- vagrant/configure-leap.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 00811144..96344400 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -10,6 +10,7 @@ NODE='node1' SUDO="sudo -u ${USER}" PROVIDERDIR="/home/${USER}/leap/configuration" LEAP="$SUDO /usr/local/bin/leap" +GIT="$SUDO git" echo '===============================================' echo 'configuring leap' @@ -43,9 +44,9 @@ echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json $LEAP $OPTS compile -git init -git add . -git commit -m'configured provider' +$GIT init +$GIT add . +$GIT commit -m'configured provider' $LEAP $OPTS node init $NODE if [ $? -eq 1 ]; then @@ -61,8 +62,8 @@ gem install rake $LEAP $OPTS -v 2 deploy set +e -git add . -git commit -m'initialized and deployed provider' +$GIT add . +$GIT commit -m'initialized and deployed provider' set -e # Vagrant: leap_mx fails to start on jessie -- cgit v1.2.3 From e10c5487c9b40261eafea8f3efba23a4e3ff1d16 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 24 Feb 2016 11:33:01 +0100 Subject: [feat] Don't set couch.master anymore, defaults to plain couchdb --- vagrant/configure-leap.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 96344400..a3b540bd 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -39,7 +39,7 @@ chown ${USER}:${USER} ${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub $LEAP $OPTS add-user --self $LEAP $OPTS cert ca $LEAP $OPTS cert csr -$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" services:"$services" couch.master:true couch.pwhash_alg:pbkdf2 tags:production +$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" services:"$services" tags:production echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json $LEAP $OPTS compile -- cgit v1.2.3 From e0690adba67a1b43c6ec03df0b558a0cf0f56dd8 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 24 Feb 2016 12:10:40 +0100 Subject: Set couch.mode:plain until this will be the default --- vagrant/configure-leap.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index a3b540bd..b22756de 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -39,7 +39,7 @@ chown ${USER}:${USER} ${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub $LEAP $OPTS add-user --self $LEAP $OPTS cert ca $LEAP $OPTS cert csr -$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" services:"$services" tags:production +$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" couch.mode:plain services:"$services" tags:production echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json $LEAP $OPTS compile -- cgit v1.2.3 From 81501eae66c9b46283b16cb83e4037938655094d Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 16:12:24 +0100 Subject: dont set custom log destination --- vagrant/configure-leap.sh | 1 - 1 file changed, 1 deletion(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index b22756de..61ffeab7 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -24,7 +24,6 @@ chown ${USER}:${USER} ${PROVIDERDIR} cd $PROVIDERDIR $LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform=/vagrant . -$SUDO echo -e '\n@log = "/var/log/leap/deploy.log"' >> Leapfile if [ ! -e /home/${USER}/.ssh/id_rsa ]; then $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' -- cgit v1.2.3 From 3dd636c26f6491f61e8cbe103be2765c3d31d4d4 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 17:43:58 +0100 Subject: re-enable deploy logging --- vagrant/configure-leap.sh | 1 + 1 file changed, 1 insertion(+) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 61ffeab7..41841f24 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -24,6 +24,7 @@ chown ${USER}:${USER} ${PROVIDERDIR} cd $PROVIDERDIR $LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform=/vagrant . +echo -e '\n@log = "../deploy.log"' >> Leapfile if [ ! -e /home/${USER}/.ssh/id_rsa ]; then $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' -- cgit v1.2.3 From fea4ba86622b891550144c5f434d430e0a4bb4c8 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 17:44:56 +0100 Subject: dont break on errors --- vagrant/configure-leap.sh | 2 -- 1 file changed, 2 deletions(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 41841f24..35b3f861 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -61,10 +61,8 @@ gem install rake $LEAP $OPTS -v 2 deploy -set +e $GIT add . $GIT commit -m'initialized and deployed provider' -set -e # Vagrant: leap_mx fails to start on jessie # https://leap.se/code/issues/7755 -- cgit v1.2.3 From 7478e1c4018406f424a5b1140f62970fef6e61f8 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 18:08:39 +0100 Subject: use provider dir as log location --- vagrant/configure-leap.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 35b3f861..8751c763 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -24,7 +24,7 @@ chown ${USER}:${USER} ${PROVIDERDIR} cd $PROVIDERDIR $LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform=/vagrant . -echo -e '\n@log = "../deploy.log"' >> Leapfile +echo -e '\n@log = "./deploy.log"' >> Leapfile if [ ! -e /home/${USER}/.ssh/id_rsa ]; then $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' -- cgit v1.2.3 From c161ce8236386bfcb5c86b62e3a1fc6bd9c0cd1b Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 26 Feb 2016 13:32:52 +0100 Subject: only create /root/.ssh if it doesnt exist --- vagrant/configure-leap.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 8751c763..08752128 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -28,7 +28,7 @@ echo -e '\n@log = "./deploy.log"' >> Leapfile if [ ! -e /home/${USER}/.ssh/id_rsa ]; then $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' - mkdir /root/.ssh + [ -d /root/.ssh ] || mkdir /root/.ssh cat /home/${USER}/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys fi -- cgit v1.2.3 From afa566259c69f7e788b7847a8fcfaf57ea1bff58 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 1 Mar 2016 11:00:38 +0100 Subject: [vagrant] Update instructions how to use the new provider --- vagrant/configure-leap.sh | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 08752128..531713a0 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -89,7 +89,11 @@ postconf -e default_transport='error: in demo mode' curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testuser&user%5Bpassword_salt%5D=7d4880237a038e0e&user%5Bpassword_verifier%5D=b98dc393afcd16e5a40fb57ce9cddfa6a978b84be326196627c111d426cada898cdaf3a6427e98b27daf4b0ed61d278bc856515aeceb2312e50c8f816659fcaa4460d839a1e2d7ffb867d32ac869962061368141c7571a53443d58dc84ca1fca34776894414c1090a93e296db6cef12c2cc3f7a991b05d49728ed358fd868286" curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testadmin&user%5Bpassword_salt%5D=ece1c457014d8282&user%5Bpassword_verifier%5D=9654d93ab409edf4ff1543d07e08f321107c3fd00de05c646c637866a94f28b3eb263ea9129dacebb7291b3374cc6f0bf88eb3d231eb3a76eed330a0e8fd2a5c477ed2693694efc1cc23ae83c2ae351a21139701983dd595b6c3225a1bebd2a4e6122f83df87606f1a41152d9890e5a11ac3749b3bfcf4407fc83ef60b4ced68" -echo -e '\n\n\n' -echo 'You are now ready to use your provider. Please update your /etc/hosts with following dns overrides:' +echo -e '\n===========================================================================================================\n\n' +echo -e 'You are now ready to use your local LEAP provider.\n' +echo 'If you want to use the *Bitmask client* with your provider, please update your /etc/hosts with following dns overrides:' -$LEAP list --print ip_address,domain.full,dns.aliases | sed 's/,//g' | cut -d' ' -f 2- +$LEAP leap list --print ip_address,domain.full,dns.aliases | sed 's/^.* //' | sed 's/, null//g' | tr -d '\]\[",' + +echo 'Please see https://leap.se/en/docs/platform/tutorials/vagrant#use-the-bitmask-client-to-do-an-initial-soledad-sync for more details how to use and test your LEAP provider.' +echo -e "\nIf you don't want to use the Bitmask client, please ignore the above instructions.\n" -- cgit v1.2.3 From 3137b588f886886e862c3da7c39ca27158a1f640 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 1 Mar 2016 11:04:27 +0100 Subject: [vagrant] Show link to webapp --- vagrant/configure-leap.sh | 1 + 1 file changed, 1 insertion(+) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 531713a0..bf07f3a6 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -97,3 +97,4 @@ $LEAP leap list --print ip_address,domain.full,dns.aliases | sed 's/^.* //' | s echo 'Please see https://leap.se/en/docs/platform/tutorials/vagrant#use-the-bitmask-client-to-do-an-initial-soledad-sync for more details how to use and test your LEAP provider.' echo -e "\nIf you don't want to use the Bitmask client, please ignore the above instructions.\n" +echo -e 'The LEAP webapp is now available at https://localhost:4443\n' -- cgit v1.2.3 From e6e0b2b9c5cad7f7a66b0aedaf3ab67438eedf2d Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 7 Mar 2016 12:23:05 +0100 Subject: [vagrant] Vagrant now can deploy a pixelated box By default, a leap_platform-only box will get started. To start the pixelated box, use `vagrant up pixelated`. --- vagrant/configure-leap.sh | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) (limited to 'vagrant/configure-leap.sh') diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index bf07f3a6..9ddee039 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -3,15 +3,6 @@ . /vagrant/vagrant/vagrant.config -#OPTS='--no-color' -OPTS='' -USER='vagrant' -NODE='node1' -SUDO="sudo -u ${USER}" -PROVIDERDIR="/home/${USER}/leap/configuration" -LEAP="$SUDO /usr/local/bin/leap" -GIT="$SUDO git" - echo '===============================================' echo 'configuring leap' echo '===============================================' @@ -93,8 +84,9 @@ echo -e '\n===================================================================== echo -e 'You are now ready to use your local LEAP provider.\n' echo 'If you want to use the *Bitmask client* with your provider, please update your /etc/hosts with following dns overrides:' -$LEAP leap list --print ip_address,domain.full,dns.aliases | sed 's/^.* //' | sed 's/, null//g' | tr -d '\]\[",' +$LEAP list --print ip_address,domain.full,dns.aliases | sed 's/^.* //' | sed 's/, null//g' | tr -d '\]\[",' echo 'Please see https://leap.se/en/docs/platform/tutorials/vagrant#use-the-bitmask-client-to-do-an-initial-soledad-sync for more details how to use and test your LEAP provider.' echo -e "\nIf you don't want to use the Bitmask client, please ignore the above instructions.\n" echo -e 'The LEAP webapp is now available at https://localhost:4443\n' +echo -e 'Please add an exception in your browser dialog to allow the self-signed certificate.\n' -- cgit v1.2.3