Commit 94bcb0e9 authored by Lu Xu's avatar Lu Xu 👀

add openssh

parent df1005cc
...@@ -16,7 +16,7 @@ ...@@ -16,7 +16,7 @@
[template] [template]
filename = instance.cfg filename = instance.cfg
md5sum = f882763ff40fb9ffbedec191f0be359b md5sum = 1126f7398bdfc09d92488c46493f59e4
[amarisoft-stats.jinja2.py] [amarisoft-stats.jinja2.py]
_update_hash_filename_ = amarisoft-stats.jinja2.py _update_hash_filename_ = amarisoft-stats.jinja2.py
...@@ -36,7 +36,7 @@ md5sum = b34fe47a73890097fbc6ea6374aeb38d ...@@ -36,7 +36,7 @@ md5sum = b34fe47a73890097fbc6ea6374aeb38d
[lopcomm-rrh-software.jinja2.py] [lopcomm-rrh-software.jinja2.py]
_update_hash_filename_ = lopcomm-rrh-software.jinja2.py _update_hash_filename_ = lopcomm-rrh-software.jinja2.py
md5sum = 2ef31f3d2482250a377d305dda07cb02 md5sum = 1fa3c835c5cd70c8eedb64ddf2b337f5
[template-enb] [template-enb]
_update_hash_filename_ = instance-enb.jinja2.cfg _update_hash_filename_ = instance-enb.jinja2.cfg
......
...@@ -11,6 +11,10 @@ recipe = slapos.cookbook:mkdirectory ...@@ -11,6 +11,10 @@ recipe = slapos.cookbook:mkdirectory
software = ${buildout:directory} software = ${buildout:directory}
home = $${buildout:directory} home = $${buildout:directory}
etc = $${:home}/etc etc = $${:home}/etc
var = $${:home}/var
bin = $${:home}/bin
run = $${:var}/run
service = $${:etc}/service
[slap-configuration] [slap-configuration]
recipe = slapos.cookbook:slapconfiguration.serialised recipe = slapos.cookbook:slapconfiguration.serialised
...@@ -326,3 +330,57 @@ context = ...@@ -326,3 +330,57 @@ context =
section slap_configuration slap-configuration section slap_configuration slap-configuration
key slapparameter_dict slap-configuration:configuration key slapparameter_dict slap-configuration:configuration
# Deploy openssh-server
[sshd-port]
recipe = slapos.cookbook:free_port
minimum = 22222
maximum = 22231
ip = $${slap-configuration:ipv6-random}
[sshd-config]
recipe = slapos.recipe.template:jinja2
output = $${directory:etc}/sshd.conf
path_pid = $${directory:run}/sshd.pid
inline =
PidFile $${:path_pid}
Port $${sshd-port:port}
ListenAddress $${slap-configuration:ipv6-random}
Protocol 2
HostKey $${sshd-ssh-host-rsa-key:output}
HostKey $${sshd-ssh-host-ecdsa-key:output}
PasswordAuthentication no
PubkeyAuthentication yes
AuthorizedKeysFile $${buildout:directory}/.ssh/authorized_keys
Subsystem sftp ${openssh:location}/libexec/sftp-server
[sshd-service]
recipe = slapos.cookbook:wrapper
command-line = ${openssh:location}/sbin/sshd -D -e -f $${sshd-config:output}
hash-existing-files = $${buildout:directory}/buildout.cfg
wrapper-path = $${directory:service}/sshd
environment =
HOME=$${directory:home}
[sshd-add-authorized-key]
recipe = slapos.cookbook:dropbear.add_authorized_key
home = $${buildout:directory}
key = $${slap-parameter:user-authorized-key}
[sshd-ssh-keygen-base]
recipe = plone.recipe.command
output = $${directory:etc}/$${:_buildout_section_name_}
command = ${openssh-output:keygen} -f $${:output} -N '' $${:extra-args}
[sshd-ssh-host-rsa-key]
<=sshd-ssh-keygen-base
extra-args=-t rsa
[sshd-ssh-host-ecdsa-key]
<=sshd-ssh-keygen-base
extra-args=-t ecdsa -b 521
[sshd-promise]
<= monitor-promise-base
promise = check_socket_listening
name = sshd.py
config-host = $${slap-network-information:global-ipv6}
config-port = $${sshd-port:port}
...@@ -108,6 +108,7 @@ if __name__ == '__main__': ...@@ -108,6 +108,7 @@ if __name__ == '__main__':
if active_slot_build_version in "{{ firmware_name }}": if active_slot_build_version in "{{ firmware_name }}":
nc.logger.info("Running slot's build-version is already updated. Skipping install.") nc.logger.info("Running slot's build-version is already updated. Skipping install.")
else: else:
nc.logger.info("Currrent build version: %s" % active_slot_build_version)
# Install software in the non-active slot # Install software in the non-active slot
install_rpc_xml = f""" install_rpc_xml = f"""
<software-install xmlns="urn:o-ran:software-management:1.0"> <software-install xmlns="urn:o-ran:software-management:1.0">
......
...@@ -13,6 +13,7 @@ extends = ...@@ -13,6 +13,7 @@ extends =
../../component/pygolang/buildout.cfg ../../component/pygolang/buildout.cfg
../../component/git/buildout.cfg ../../component/git/buildout.cfg
../../component/dnsmasq/buildout.cfg ../../component/dnsmasq/buildout.cfg
../../component/openssh/buildout.cfg
parts += parts +=
template template
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment