@@ -136,8 +136,8 @@ | |||||
- name: Install refresh_bubble_ssh_keys monitor | - name: Install refresh_bubble_ssh_keys monitor | ||||
copy: | copy: | ||||
src: "refresh_bubble_ssh_keys.sh" | |||||
dest: "/usr/local/sbin/refresh_bubble_ssh_keys.sh" | |||||
src: "refresh_bubble_ssh_keys_monitor.sh" | |||||
dest: "/usr/local/sbin/refresh_bubble_ssh_keys_monitor.sh" | |||||
owner: root | owner: root | ||||
group: root | group: root | ||||
mode: 0500 | mode: 0500 | ||||
@@ -154,7 +154,7 @@ public class StandardNetworkService implements NetworkService { | |||||
final AccountPlan accountPlan = accountPlanDAO.findByAccountAndNetwork(account.getUuid(), network.getUuid()); | final AccountPlan accountPlan = accountPlanDAO.findByAccountAndNetwork(account.getUuid(), network.getUuid()); | ||||
// ensure AccountPlan has been paid for | |||||
// ensure AccountPlan is enabled | |||||
if (!accountPlan.enabled()) { | if (!accountPlan.enabled()) { | ||||
progressMeter.error(METER_ERROR_PLAN_NOT_ENABLED); | progressMeter.error(METER_ERROR_PLAN_NOT_ENABLED); | ||||
return die("newNode: accountPlan is not enabled: "+accountPlan.getUuid()); | return die("newNode: accountPlan is not enabled: "+accountPlan.getUuid()); | ||||
@@ -271,6 +271,14 @@ public class StandardNetworkService implements NetworkService { | |||||
// write jar file | // write jar file | ||||
copyFile(bubbleJar, new File(bubbleFilesDir, "bubble.jar")); | copyFile(bubbleJar, new File(bubbleFilesDir, "bubble.jar")); | ||||
// write SSH key, if present | |||||
if (network.hasSshKey()) { | |||||
final File sshPubKeyFile = new File(bubbleFilesDir, "admin_ssh_key.pub"); | |||||
final AccountSshKey sshKey = sshKeyDAO.findByAccountAndId(network.getAccount(), network.getSshKey()); | |||||
if (sshKey == null) throw invalidEx("err.sshPublicKey.notFound"); | |||||
toFile(sshPubKeyFile, sshKey.getSshPublicKey()); | |||||
} | |||||
// write scripts | // write scripts | ||||
final File scriptsDir = mkdirOrDie(new File(bubbleFilesDir, "scripts")); | final File scriptsDir = mkdirOrDie(new File(bubbleFilesDir, "scripts")); | ||||
for (String script : BUBBLE_SCRIPTS) { | for (String script : BUBBLE_SCRIPTS) { | ||||
@@ -34,9 +34,15 @@ if [[ ! -f "${ID_FILE}" ]] ; then | |||||
ssh-keygen -t rsa -q -N '' -f ${ID_FILE} || die "Error generating RSA key" | ssh-keygen -t rsa -q -N '' -f ${ID_FILE} || die "Error generating RSA key" | ||||
fi | fi | ||||
# this is now the only authorized key. lockout the node that started us. | |||||
# lockout the node that started us | |||||
cat "${PUB_FILE}" > "${AUTH_KEYS}" || die "Error updating ${AUTH_KEYS} file" | cat "${PUB_FILE}" > "${AUTH_KEYS}" || die "Error updating ${AUTH_KEYS} file" | ||||
# add admin ssh key, if one was given | |||||
ADMIN_PUB_KEY="${ANSIBLE_DIR}/roles/bubble/files/admin_ssh_key.pub" | |||||
if [[ -f "${ADMIN_PUB_KEY}" ]] ; then | |||||
cat "${ADMIN_PUB_KEY}" >> "${AUTH_KEYS}" | |||||
fi | |||||
sudo apt-get update -y && apt-get upgrade -y || die "Error in apt update / upgrade" | sudo apt-get update -y && apt-get upgrade -y || die "Error in apt update / upgrade" | ||||
sudo apt-get -y install python3 python3-pip virtualenv || die "Error apt installing python3 or python3-pip" | sudo apt-get -y install python3 python3-pip virtualenv || die "Error apt installing python3 or python3-pip" | ||||
sudo pip3 install setuptools psycopg2-binary || die "Error pip3 installing setuptools or psycopg2-binary" | sudo pip3 install setuptools psycopg2-binary || die "Error pip3 installing setuptools or psycopg2-binary" | ||||
@@ -1 +1 @@ | |||||
Subproject commit 1ad306cdb3dbc9e56bf9068d438b5e0ca0ed1c37 | |||||
Subproject commit a162bffedf67175135d1d57a67d8b4a643c72522 |