1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
|
@title = 'Command Line Reference'
The command "leap" can be used to manage a bevy of servers running the LEAP platform from the comfort of your own home.
# Global Options
* `--log FILE`
Override default log file
Default Value: None
* `-v|--verbose LEVEL`
Verbosity level 0..2
Default Value: 1
* `--help`
Show this message
* `--version`
Display version number and exit
* `--yes`
Skip prompts and assume "yes"
# leap add-user USERNAME
Adds a new trusted sysadmin
**Options**
* `--pgp-pub-key arg`
OpenPGP public key file for this new user
Default Value: None
* `--ssh-pub-key arg`
SSH public key file for this new user
Default Value: None
* `--self`
lets you choose among your public keys
# leap cert
Manage X.509 certificates
## leap cert ca
Creates two Certificate Authorities (one for validating servers and one for validating clients).
See see what values are used in the generation of the certificates (like name and key size), run `leap inspect provider` and look for the "ca" property. To see the details of the created certs, run `leap inspect <file>`.
## leap cert csr
Creates a CSR for use in buying a commercial X.509 certificate.
The CSR created is for the for the provider's primary domain. The properties used for this CSR come from `provider.ca.server_certificates`.
## leap cert dh
Creates a Diffie-Hellman parameter file.
## leap cert update <node-filter>
Creates or renews a X.509 certificate/key pair for a single node or all nodes, but only if needed.
This command will a generate new certificate for a node if some value in the node has changed that is included in the certificate (like hostname or IP address), or if the old certificate will be expiring soon. Sometimes, you might want to force the generation of a new certificate, such as in the cases where you have changed a CA parameter for server certificates, like bit size or digest hash. In this case, use --force. If <node-filter> is empty, this command will apply to all nodes.
**Options**
* `--force`
Always generate new certificates
# leap clean
Removes all files generated with the "compile" command.
# leap compile
Compiles node configuration files into hiera files used for deployment.
# leap deploy FILTER
Apply recipes to a node or set of nodes.
The FILTER can be the name of a node, service, or tag.
**Options**
* `--tags TAG[,TAG]`
Specify tags to pass through to puppet (overriding the default).
Default Value: leap_base,leap_service
* `--fast`
Makes the deploy command faster by skipping some slow steps. A "fast" deploy can be used safely if you recently completed a normal deploy.
# leap help command
Shows a list of commands or help for one command
Gets help for the application or its commands. Can also list the commands in a way helpful to creating a bash-style completion function
**Options**
* `-c`
List commands one per line, to assist with shell completion
# leap inspect FILE
Prints details about a file. Alternately, the argument FILE can be the name of a node, service or tag.
# leap list [FILTER]
List nodes and their classifications
Prints out a listing of nodes, services, or tags. If present, the FILTER can be a list of names of nodes, services, or tags. If the name is prefixed with +, this acts like an AND condition. For example:
`leap list node1 node2` matches all nodes named "node1" OR "node2"
`leap list openvpn +local` matches all nodes with service "openvpn" AND tag "local"
**Options**
* `--print arg`
What attributes to print (optional)
Default Value: None
# leap local
Manage local virtual machines.
This command provides a convient way to manage Vagrant-based virtual machines. If FILTER argument is missing, the command runs on all local virtual machines. The Vagrantfile is automatically generated in 'test/Vagrantfile'. If you want to run vagrant commands manually, cd to 'test'.
## leap local destroy [FILTER]
Destroys the virtual machine(s), reclaiming the disk space
## leap local reset [FILTER]
Resets virtual machine(s) to the last saved snapshot
## leap local save [FILTER]
Saves the current state of the virtual machine as a new snapshot
## leap local start [FILTER]
Starts up the virtual machine(s)
## leap local status [FILTER]
Print the status of local virtual machine(s)
## leap local stop [FILTER]
Shuts down the virtual machine(s)
# leap new DIRECTORY
Creates a new provider instance in the specified directory, creating it if necessary.
**Options**
* `--contacts arg`
Default email address contacts.
Default Value: None
* `--domain arg`
The primary domain of the provider.
Default Value: None
* `--name arg`
The name of the provider.
Default Value: None
* `--platform arg`
File path of the leap_platform directory.
Default Value: None
# leap node
Node management
## leap node add NAME [SEED]
Create a new configuration file for a node named NAME.
If specified, the optional argument SEED can be used to seed values in the node configuration file.
The format is property_name:value.
For example: `leap node add web1 ip_address:1.2.3.4 services:webapp`.
To set nested properties, property name can contain '.', like so: `leap node add web1 ssh.port:44`
Separeate multiple values for a single property with a comma, like so: `leap node add mynode services:webapp,dns`
**Options**
* `--local`
Make a local testing node (by automatically assigning the next available local IP address). Local nodes are run as virtual machines on your computer.
## leap node init FILTER
Bootstraps a node or nodes, setting up SSH keys and installing prerequisite packages
This command prepares a server to be used with the LEAP Platform by saving the server's SSH host key, copying the authorized_keys file, and installing packages that are required for deploying. Node init must be run before deploying to a server, and the server must be running and available via the network. This command only needs to be run once, but there is no harm in running it multiple times.
**Options**
* `--echo`
If set, passwords are visible as you type them (default is hidden)
## leap node mv OLD_NAME NEW_NAME
Renames a node file, and all its related files.
## leap node rm NAME
Removes all the files related to the node named NAME.
# leap ssh NAME
Log in to the specified node with an interactive shell.
# leap test
Run tests.
## leap test init
Creates files needed to run tests.
## leap test run
Run tests.
Default Command: run
|
