1 ### Documentation for configuration options
5 # (required) Base domain for infra system installation.
8 # (required) Hostname or IP address of the infra system.
11 # Additional packages that should be installed.
14 # How to connect to the signer backend.
16 # Either the name for the serial device or "self" to indicate that a signer container should be set up.
21 # Run a command in the infra system, accepting additional ssh-options.
23 ssh -i vm-key "$to" "$@"
26 # Install nre-files to the target system.
28 # * Extract all "signer-server" to modules/cassiopeia_signer/files in the target system.
29 # * Extract all "signer-client" to modules/cassiopeia_client/files in the target system.
30 # * Extract all "gigi" to modules/ner/files in the target system.
31 function install_nre {
32 ./installNRE "$targetHost"
35 # Configure variables for puppet.
37 # The default implementation prompts the user for all required variables.
39 ssh_target -t 'bash conf-puppet --force'
40 ssh_target 'sed -i "s%\$signerLocation = '".*'"'%\$signerLocation = '"'$signerLocation'"'%" environments/production/manifests/ip.pp'
43 # Reset a vm to its base snapshot.
45 # The default implementation asks the user to do so.
46 function do_reset_vm {
47 read -rp "Please reset your VM and confirm by pressing enter." _
50 # Execute the gigi bootstrapping process. By default the process interacts with the user.
52 # This function can be overridden to execute "execute-bootstrap-user-auto" in order to automate this bootstrapping process.
53 # Make sure to provide "bootstrapper_details" to provide the necessary answers.
54 # To fully automate bootstrapping, you need to provide a way to extract the activation link (see "read_activation_link").
55 function execute-bootstrap-user {
56 ssh_target -t 'bash bootstrap-user'
59 # Obtain the activation link in the variable "$link".
61 # This is required for activating the first bootstrappers account.
62 # This is only required for automated bootstrap user.
63 function read_activation_link {
64 read -rp "Link: " link
68 # Assign to the variable "admin_email" the email address of the gigi user account that should issue certificates for the system.
69 function read_admin_email {
70 read -rp "Gigi user account email for certificates: " admin_email
73 # Assign to the variable "admin_password" the password of the gigi user account that should issue certificates for the system.
74 function read_admin_password {
75 read -rsp "Gigi password: " admin_password
78 # Connect to gigi using $1 as local url part, the remaining args as additional curl arguments, "root.crt" as root certificate, "$folder/cookie-jar" as cookie-jar.
82 curl -s --cacert root.crt -b $folder/cookie-jar "https://www.$domain/$url" "$@"
85 # Connect via ssh into the "hop" container.
87 ssh -i admin-key -p 2222 "admin@$to" "$@"