I've created for that purpose, a basic bash script for your local (Linux) PC which supports Debian/Ubuntu as remote hosts. It allows you to generate family certificates locally, to deploy new family routers by SSH and to keep those routers updated.
To install requirements on your local computer (Ubuntu), run:
Code: Select all
apt install ansible openssl openjdk-8-jdk libbcprov-javaUsage
- Generate family certificates:
Script will ask you for your family name, and create the following files:Code: Select all
./family-manager keygen- keystore/family-<family_name>.ks
- certificates/family/<family_name>.crt
- .config
- Edit .config file if you need to. Available settings:
- BECOME, set to BECOME=yes if you use a regular user with sudo on a remote host
- PYTHON2, set to PYTHON2=yes if remote host doesn't have python3 (e.g. Debian 8)
- ANSIBLE_HOST_KEY_CHECKING, set to ANSIBLE_HOST_KEY_CHECKING=False, if you want to skip SSH fingerprints verification for every remote host
- Deploy to remote hosts:
There are two ways to specify remote hosts list:
- As a comma separated list, like:
Code: Select all
./family-manager deploy 123.4.5.6,some.hostname.com,other.host.name - As Ansible inventory file, which has special .ini syntax:
Example inventory.ini contents:Code: Select all
./family-manager deploy inventory.ini
Code: Select all
[all] 123.4.5.6 some.hostname.com other.host.name
- As a comma separated list, like:
- Update your nodes periodically:
Code: Select all
./family-manager update 123.4.5.6,some.hostname.com,other.host.name
or
Note: you can have one inventory file for maintaining your family, and use other temporary files when deploying new routers.Code: Select all
./family-manager update inventory.ini
