Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

A helper to synchronize HA SSH keys for OTP #43

Open
wants to merge 4 commits into
base: develop
Choose a base branch
from
Open

A helper to synchronize HA SSH keys for OTP #43

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a1c620e
A helper to synchronize HA SSH keys for OTP
majes-git Oct 25, 2021
1d699ee
Fixed some wordings
majes-git Oct 27, 2021
4888fa5
Building pyz is for development only
majes-git Oct 28, 2021
9f18ee3
Copy py file rather than hard linking (which may fail)
majes-git Oct 28, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 50 additions & 0 deletions helper/sync-ha-ssh-keys/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# t128-sync-ha-ssh-keys.pyz
This application ensures ssh keys for HA Session Smart Routers (SSR) are synchronized during OTP installation.

## Setup
An OTP installation requires a quickstart file, which can be downloaded from the SSR conductor.

During the first boot from internal disk the bootstrap process can incorporate a USB drive connected to the router.
This USB drive must have the label `BOOTSTRAP` and the downloaded quickstart file has to be named `bootstrap.quickstart`.
Additionally two scripts can be triggered during the bootstrap process. `pre-bootstrap` runs as the first action prior to the default actions (setting the node name, copy config file to disk, ...) `post-bootstrap` runs as the last action before the router is rebooted and becomes active.

The `t128-sync-ha-ssh-keys.pyz` and its systemd service can be installed by the `post-bootstrap` script, which is part of this repository:

On macOS:

```
$ disk=/dev/disk<n>
$ target=/Volumes/BOOTSTRAP
$ diskutil eraseDisk FAT32 BOOTSTRAP MBR $disk
$ cp ~/Downloads/my-sample-router.quickstart $target/bootstrap.quickstart
$ cd sync-ha-ssh-keys
$ cp post-bootstrap $target/
$ diskutil eject $disk
```

On Linux:

```
$ disk=/dev/disk<n>
$ target=/mnt
$ sudo mkfs.vfat -F32 -n BOOTSTRAP $disk || sudo mkfs.ext4 -L BOOTSTRAP $disk
$ sudo mount $disk $target
$ sudo cp ~/Downloads/my-sample-router.quickstart $target/bootstrap.quickstart
$ cd sync-ha-ssh-keys
$ sudo cp post-bootstrap $target/
$ sudo umount $target
```

Details on the bootstrap process can be found [here](https://docs.128technology.com/docs/intro_otp_iso_install).

## Build .pyz Files (development only)
The .pyz files are [compressed python archives](https://docs.python.org/3/library/zipapp.html) (similar to .jar files in the Java universe) which allow to execute the main python script inside the archive, but at the same time split up modules into separate files/folders.

The source code comes with a shell script `create_pyz.bash` that creates the archive from the sources files.

```
$ cd sync-ha-ssh-keys
$ bash create_pyz.bash
```

Done.
12 changes: 12 additions & 0 deletions helper/sync-ha-ssh-keys/create_pyz.bash
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
#!/bin/bash

tmpfile=$(mktemp -d) || exit 1
script=$(ls -1 *.py | sed -n '1s/\.py//p')
cp $script.py $tmpfile/__main__.py
python3 -m pip install -r requirements.txt --target $tmpfile
python3 -m zipapp --python "/usr/bin/env python3" --output $script.pyz $tmpfile
rm -r $tmpfile

sed -n '1,/^base64/p' post-bootstrap.skel > post-bootstrap
gzip -c9 $script.pyz | base64 >> post-bootstrap
echo EOF >> post-bootstrap
Loading