summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--INSTALL85
1 files changed, 1 insertions, 84 deletions
diff --git a/INSTALL b/INSTALL
index 1edc221..7e2b5fd 100644
--- a/INSTALL
+++ b/INSTALL
@@ -1,87 +1,4 @@
INSTALL ick2
=============================================================================
-The easy way to install ick2 is to use the script below. To prepare:
-
-* Install ansible, pass, git, and have or create a PGP key pair.
-* Clone git://git.liw.fi/ick2
-* Clone git://git.liw.fi/ick2-ansible
-* Clone git://git.qvarnlabs.net/debian-ansible
-* Create a VM. Should contain Debian stretch.
- * edit `ick-ansible/hosts` to change the `ick2` line to
- append `ansible_ssh_host=192.168.42.42`, where 192.168.42.42 is
- the actual address of the VM (not needed if the VM is accessible
- using the name `ick2`)
- * also edit edit `ick2.yml` to set `remote_user` to a username that
- can do sudo without a password, and that you can access via ssh,
- without a password (not needed if the user is `ansible`)
-* Save the script below into setup.sh and run it: Change the
- FINGEPRINT line to refer to your PGP fingerprint. You need to give
- it paths to the three git checkouts.
-
- ./setup.sh "PATH/TO/ick2" "PATH/TO/ick2-ansible" \
- "PATH/TO/debian-ansible/roles/"
-
-* This should set up the VM to run the Ick2 controller and a worker.
- It may take a while.
-* Create `~/.config/icktool/icktool.yaml`:
-
- config:
- controller: https://192.168.42.42
- token-private-key-cmd: pass show ick2/token_key
- verify-tls: no
-
-* Verify: in the ick2 checkout, run:
-
- export PASSWORD_STORE_DIR=passwords
- ./icktool --controller https://192.168.42.42 version
- ./icktool --controller https://192.168.42.42 token
-
- Where 192.168.42.42 is again the address of the VM. The version command
- should report the version number, the token command should write a
- line of what looks like garbage, but is actually a JWT token.
-
-Alternatively, you can add code.liw.fi/debian to your APT sources
-list, and install the ick2 package, and do the configuration manually.
-See the roles/ick-controller/tasks/main.yml file in the ick2-ansible
-repository for details. The script sets up a self-signed TLS
-certificate and a token signing key. These get stored in a new pass(1)
-password store, by the script.
-
-
-Setup.py
------------------------------------------------------------------------------
-
- #!/bin/sh
-
- set -eu
-
- SRC="$1"
- PLAYBOOKS="$2"
- export ANSIBLE_ROLES_PATH="$3"
-
- export FINGERPRINT='DBE5439D97D8262664A1B01844E17740B8611E9C'
- export PASSWORD_STORE_DIR="$(pwd)/passwords"
-
- ssh-keygen -N '' -f worker_manager_key
- "$SRC/generate-rsa-key" token_key
-
- openssl req -subj '/CN=domain.com/O=My Company Name LTD./C=US' -new \
- -newkey rsa:2048 -days 365 -nodes -x509 \
- -keyout ick2.key -out ick2.crt
- cat ick2.key ick2.crt > ick.pem
-
- if [ ! -e "$PASSWORD_STORE_DIR" ]
- then
- pass init "$FINGERPRINT"
-
- pass insert -m ick2/wm_ssh_key < worker_manager_key
- pass insert -m ick2/wm_ssh_key_pub < worker_manager_key.pub
-
- pass insert -m ick2/token_key < token_key
- pass insert -m ick2/token_key.pub < token_key.pub
-
- pass insert -m ick2/ick.pem < ick.pem
- fi
-
- (cd "$PLAYBOOKS" && ansible-playbook -i hosts ick2.yml)
+See <https://ick.liw.fi/install/> instead.