diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-06-16 20:50:32 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-06-16 20:50:32 +0300 |
commit | 46f4d44d9565798249e59ab506a325333564de9f (patch) | |
tree | 30b993a500c1a8486a27204e16d362956d58fd36 /install.mdwn | |
parent | fa2b83d6fc44271a49695454738819b0a669130d (diff) | |
download | ick.liw.fi-46f4d44d9565798249e59ab506a325333564de9f.tar.gz |
Add: create token signing key
Diffstat (limited to 'install.mdwn')
-rw-r--r-- | install.mdwn | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/install.mdwn b/install.mdwn index 932fb84..65f9f27 100644 --- a/install.mdwn +++ b/install.mdwn @@ -53,7 +53,8 @@ You will need to generate some of the secrets: * a worker SSH key (shared between all workers) * at least one Qvisqve client secret hash and salt (ideally for each worker) -* optionally, a self-signe TLS certificate, unless you use Let's +* a JWT token signing key for Qvisqve +* optionally, a self-signed TLS certificate, unless you use Let's Encrypt (instructions for generating that would be nice, please help) @@ -103,6 +104,15 @@ that, giving it a different secret than for the workers. You will be using this secret to interact with ick yourself. +## Generate a Qvisqve token signing key + +* `../qvisqve/generate-rsa-key token.key` + +This will generate files `token.key` (secret key) and `token.key.pub` +(public key). Put their contents as values for the variables +`qvisqve_token_private_key` (private) and `qvisqve_token_public_key` +(public). + # Run Ansible * Create a file called `hosts` with contents like the following: |