From 0cd17667db523f3ca3a2815a270cc7b443979ddd Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 23 Dec 2016 00:27:18 +0100 Subject: More slides for platform workshop --- platform-workshop/slides.md | 263 +++++++++++++++++++++++++++++++++++++++++--- platform-workshop/todo.md | 29 +++++ 2 files changed, 274 insertions(+), 18 deletions(-) diff --git a/platform-workshop/slides.md b/platform-workshop/slides.md index 3c0de3f..201aacb 100644 --- a/platform-workshop/slides.md +++ b/platform-workshop/slides.md @@ -19,7 +19,33 @@ please start right away with downloading the Kwadronaut (LEAP), Varac (Pixelated, LEAP), Zara (Pixelated) ```note -Why two projects ? +We'll briefly explain both projects later +``` + +--- + +## What to expect + +- Have a LEAP provider installed, for real or for testing +- Focus on encrypted email (no VPN) +- Install Pixelated Webmail on top (optional) + +```note +- Rush through the first part, then show more details during deploy phase (~20 mins) +``` + +--- + +## Prerequisites + +- Have a working (!) Vagrant setup +- Or a remote sever/VM installed with fresh Debian stable OS +- A public/private ssh keypair to login your host + +```notes +- We cannot help you / debug your vagrant issues here +- Otherwise, please pair with your neighbour + ``` --- @@ -29,6 +55,7 @@ Why two projects ? - "Provider in a box" - VPN - Encrypted email +- Strict client encryption ```note - VPN: Cirumvent censorship, surveillance and geoblocking @@ -37,9 +64,22 @@ Why two projects ? --- +## Bitmask Client + +TODO: image + +- Formerly Python/Twisted +- Currently rewritten with Python/Javascript +- Only for Ubuntu/Debian Linux (VPN+Email) or Android (VPN) +- Windows and MacOS coming soon (with your help even faster!) + +--- + ## Pixelated - Encrypted Webmail on top of LEAP +- No installation hassle +- Private key will be unlocked on server --- @@ -53,47 +93,234 @@ Requires Vagrant and Virtualbox or other hypervisor | Physical or paravirtualize --- +# Tutorials + +## Vagrant + +- https://leap.se/en/docs/platform/tutorials/vagrant -# Vagrant +## Single node email provider + +- https://leap.se/en/docs/platform/tutorials/quick-start +- https://leap.se/en/docs/platform/tutorials/single-node-email + +--- + +# Install pre-requisites + +- Install leap-cli on your workstation/laptop, NOT on the server ! + +## Debian & Ubuntu + +``` +$ sudo apt-get install git ruby ruby-dev rsync openssh-client openssl rake make bzip2 +``` + +## Mac OS + +``` +$ brew install ruby-install +$ ruby-install ruby +``` + +```notes +- `workstation$` indicates this command should be run on your laptop +``` + +--- + +## Install the LEAP command-line utility + + +``` +$ sudo gem install leap_cli + +$ leap --version +leap 1.9, ruby 2.3.1 +... + +``` + +--- + +# Create a provider instance + +Use `example.org` for testing, or pick your own domain. + +``` +$ mkdir -p ~/leap/example.org +$ cd ~/leap/example.org +``` + +``` +$ leap new . +The primary domain of the provider: |example.org| +The name of the provider: |Example| +File path of the leap_platform directory: |/home/varac/leap_platform| +Default email address contacts: |root@example.org| +The platform directory "/home/varac/leap/leap_platform" does not exist. +Do you want me to create it by cloning from the +git repository https://leap.se/git/leap_platform.git? y +... +``` ```note -We'll show the vagrant installation, -and go through it step by step. ``` --- +# Add your ssh key + + +``` +$ leap add-user varac --self +``` + +--- + +# SSL certificates + +Create SSL certificate authority, to self-sign host certificates: + +``` +$ leap cert ca +$ leap cert csr +``` + +--- + +# Option A: Add and existing remote server + + +``` +$ leap node add wildebeest ip_address:0.1.2.3 services:webapp,couchdb,soledad,mx +``` + +```notes + +``` + +--- + +# Option B: Create a new server in the cloud + +- Currently works only with AWS ec2 +- `cloud.json` needed for AWS config and credentials +- https://leap.se/en/docs/platform/guide/virtual-machines for details + +``` +$ leap vm key-register +$ leap vm add wildebeest services:webapp,couchdb,soledad,mx +$ leap vm status +``` + +```notes +- Only reocmmended for testing + + cp ~/leap/git/bitmask/cloud.json . + grep -v 'aws_' cloud.json + +- Takes 4 mins to finish - questions ? +- Otherwise show next slide while bootstrapping VM, + and help out with vagrant +``` + + +--- + +# Option C: Add your local vagrant node + +``` +$ leap node add --local wildebeest services:webapp,couchdb,soledad +$ leap local start wildebeest +$ leap local status +``` + +--- + +# Time to deploy ! + +``` +$ leap list + +$ leap node init wildebeest +$ leap deploy wildebeest +``` + +```notes +- Takes ~ 15 min to finish +- Time for a little platform presentation +``` + +--- + +# Test that things worked correctly + +``` +$ leap test +``` + +--- + +# Setup DNS + + +--- + +# Start bitmask + +... + +--- + + # Install Pixelated - see https://github.com/pixelated/puppet-pixelated for details ``` -vagrant ssh - -cd /home/vagrant/leap/configuration/ -mkdir -p files/puppet/modules -git clone https://github.com/pixelated/puppet-pixelated.git files/puppet/modules/pixelated +$ mkdir -p files/puppet/modules +$ git clone https://github.com/pixelated/puppet-pixelated.git files/puppet/modules/pixelated -mkdir -p files/puppet/modules/custom/manifests -echo 'class custom { include ::pixelated::dispatcher }' > files/puppet/modules/custom/manifests/init.pp +$ mkdir -p files/puppet/modules/custom/manifests +$ echo 'class custom { include ::pixelated }' > files/puppet/modules/custom/manifests/init.pp -leap deploy -leap deploy -leap test +$ leap deploy wildebeest +$ leap test wildebeest ``` --- -### Local with Vagrant +# Use Pixelated -- https://leap.se/en/docs/platform/tutorials/vagrant +- Register a user at https://example.org +- Login at https://example.org:8080/ + +``` +Show: +- Mail to myself +- Mail to/from other workshop participants +- Mail from outside (ssh cat) +... +``` -### Remote Server +--- -- https://leap.se/en/docs/platform/tutorials/single-node-email +# Try more + +- LEAP: https://mail.bitmask.net (email) and https://demo.bitmask.net (VPN) +- Pixelated: https://try.pixelated-project.org/ (no outbound mail) --- +# Thanks! + +- https://leap.se +- https://pixelated-project.org/ + +Please consider to contribute - any help with QA or other is appreciated ! +:heart: + diff --git a/platform-workshop/todo.md b/platform-workshop/todo.md index e8cec88..f96971e 100644 --- a/platform-workshop/todo.md +++ b/platform-workshop/todo.md @@ -1,5 +1,34 @@ # CSS - make headers smaller +- make code block font bigger +# Images +- for Bitmask, Pixelated + +# Prepare quick bitmask demo + +- After we deployed the provider we should show some Bitmask/Thunderbird magic + +# Logistics for workshop + +- Have slides online available +- One beamer for command line, one for browser ? + + +# Update Docuementation + +- https://leap.se/en/docs/platform/guide/virtual-machines `leap vm start mynode` not needed anymore +- Pixelated: https://github.com/pixelated/puppet-pixelated#2-adding-pixelated-to-your-existing-leap-configuration use service instead of custom class + +# Issues + +- `leap new` should not checkout master, but latest stable tag + +## Pixelated + +- leap compile hosts/zone should output pixelated entries +- Not signed/not encrypted mail +- Long waiting for mail to myself +- -- cgit v1.2.3