MAAS

Merge ~andreserl/maas:add_candid_setup_script into maas:master

  1. Git
  2. lp:~andreserl/maas
  3. add_candid_setup_script
  4. Merge into master
Proposed by Andres Rodriguez
Status: Merged
Approved by: Andres Rodriguez
Approved revision: bb6eb1e6964143f1f672348b6c9ec33575279b93
Merge reported by: MAAS Lander
Merged at revision: not available
Proposed branch: ~andreserl/maas:add_candid_setup_script
Merge into: maas:master
Diff against target: 100 lines (+94/-0)
1 file modified
utilities/candid-setup.sh (+94/-0)
Reviewer Review Type Date Requested Status
Alberto Donato (community) Approve
MAAS Lander Approve
Review via email: mp+354263@code.launchpad.net

Commit message

Add utility script to configure candid for testing purposes

To post a comment you must log in.
Revision history for this message
MAAS Lander (maas-lander) wrote :

UNIT TESTS
-b add_candid_setup_script lp:~andreserl/maas/+git/maas into -b master lp:~maas-committers/maas

STATUS: SUCCESS
COMMIT: bb6eb1e6964143f1f672348b6c9ec33575279b93

review: Approve
Revision history for this message
Alberto Donato (ack) wrote :

+1

review: Approve
Revision history for this message
MAAS Lander (maas-lander) wrote :

UNABLE TO START LANDING

STATUS: MISSING COMMIT MESSAGE

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/utilities/candid-setup.sh b/utilities/candid-setup.sh
2new file mode 100755
3index 0000000..1bb4d2a
4--- /dev/null
5+++ b/utilities/candid-setup.sh
6@@ -0,0 +1,94 @@
7+#!/bin/bash -e
8+#
9+# Helper script to install and configur a test LDAP server.
10+
11+FQDN="$(hostname -f)"
12+HOSTNAME="$(hostname)"
13+ADMIN_PASS="pass"
14+
15+CERT_NAME="${1:-$HOSTNAME}"
16+CERT_DIR="$PWD/certs"
17+
18+install_candid() {
19+ echo "Installing candid & postgresql"
20+ apt-get install candid postgresql -y
21+}
22+
23+create_candid_database() {
24+ echo "Creating candid PostgreSQL user & database"
25+ sudo -u postgres bash -c "psql -c \"CREATE USER candid WITH PASSWORD '$ADMIN_PASS';\""
26+ su postgres -c "createdb candid -O candid"
27+}
28+
29+create_candid_admin_creds() {
30+ echo "Creating admin.agent and service.keys"
31+ export CANDID_URL="https://$FQDN:8081"
32+ candid put-agent -f admin.agent --admin
33+ candid put-agent -f service.keys --admin
34+}
35+
36+create_candid_config() {
37+ echo "Creating candid config.yaml"
38+ SERVICE_PUBLIC_KEY=$(cat service.keys | grep public | cut -d"\"" -f 4)
39+ SERVICE_PRIVATE_KEY=$(cat service.keys | grep private | cut -d"\"" -f 4)
40+ AGENT_PUBLIC_KEY=$(cat admin.agent | grep public | cut -d"\"" -f 4)
41+ KEY_PEM=$(cat "$CERT_DIR"/"$HOSTNAME".key | sed -E -e 's/^/ /')
42+ CA_PEM=$(cat "$CERT_DIR"/ca.crt | sed -E -e 's/^/ /')
43+ CERT_PEM=$(sed -n '/^---*/,/*/{p}' "$CERT_DIR/"$HOSTNAME".crt" | sed -E -e 's/^/ /')
44+
45+ cat << EOF > config.yaml
46+listen-address: :8081
47+location: 'https://$FQDN:8081'
48+storage:
49+ type: postgres
50+ connection-string: dbname=candid user=candid password=$ADMIN_PASS
51+private-key: $SERVICE_PRIVATE_KEY
52+public-key: $SERVICE_PUBLIC_KEY
53+access-log: access.log
54+private-addr: localhost
55+admin-agent-public-key: $AGENT_PUBLIC_KEY
56+resource-path: /usr/share/candid
57+tls-cert: |
58+$CERT_PEM
59+$CA_PEM
60+tls-key: |
61+$KEY_PEM
62+identity-providers:
63+ - type: ldap
64+ name: ldap
65+ domain: ldap
66+ url: ldap://$FQDN/dc=example,dc=com
67+ dn: cn=admin,dc=example,dc=com
68+ password: $ADMIN_PASS
69+ user-query-filter: (objectClass=account)
70+ user-query-attrs:
71+ id: uid
72+ email: mail
73+ display-name: displayName
74+ group-query-filter: (&(objectClass=groupOfNames)(member={{.User}}))
75+EOF
76+}
77+
78+restart_candid() {
79+ echo "Copying configuration to /etc/candid/ & restarting"
80+ sudo cp config.yaml /etc/candid/
81+ sudo systemctl restart candid.service
82+}
83+
84+create_maas_credentials() {
85+ echo "Including certificates and creating MAAS credentials"
86+ export CANDID_URL="https://$FQDN:8081"
87+ ## TODO: This should live with ldap setup.
88+ mkdir -p /usr/share/ca-certificates/candid
89+ cp $CERT_DIR/*.crt /usr/share/ca-certificates/candid/
90+ sudo dpkg-reconfigure ca-certificates
91+
92+ candid put-agent -a admin.agent -f maas.agent grouplist@candid
93+}
94+
95+install_candid
96+create_candid_database
97+create_candid_admin_creds
98+create_candid_config
99+restart_candid
100+create_maas_credentials

Subscribers

People subscribed via source and target branches