github.com/choria-io/go-choria@v0.28.1-0.20240416190746-b3bf9c7d5a45/internal/fs/ddl/cache/agent/choria_provision.ddl (about) 1 -- Copyright (c) 2024, R.I. Pienaar and the Choria Project contributors 2 -- 3 -- SPDX-License-Identifier: Apache-2.0 4 5 -- Copyright (c) 2024, R.I. Pienaar and the Choria Project contributors 6 -- 7 -- SPDX-License-Identifier: Apache-2.0 8 9 metadata :name => "choria_provision", 10 :description => "Choria Provisioner", 11 :author => "R.I.Pienaar <rip@devco.net>", 12 :license => "Apache-2.0", 13 :version => "0.28.0", 14 :url => "https://choria.io", 15 :timeout => 20 16 17 18 action "configure", :description => "Configure the Choria Server" do 19 display :failed 20 21 input :action_policies, 22 :prompt => "Action Policy Documents", 23 :description => "Map of Action Policy documents indexed by file name", 24 :type => :hash, 25 :optional => true 26 27 28 input :ca, 29 :prompt => "CA Bundle", 30 :description => "PEM text block for the CA", 31 :type => :string, 32 :validation => '^-----BEGIN CERTIFICATE-----', 33 :maxlength => 20480, 34 :optional => true 35 36 37 input :certificate, 38 :prompt => "Certificate", 39 :description => "PEM text block for the certificate", 40 :type => :string, 41 :validation => '^-----BEGIN CERTIFICATE-----', 42 :maxlength => 10240, 43 :optional => true 44 45 46 input :config, 47 :prompt => "Configuration", 48 :description => "The configuration to apply to this node", 49 :type => :string, 50 :validation => '^{.+}$', 51 :maxlength => 2048, 52 :optional => false 53 54 55 input :ecdh_public, 56 :prompt => "ECDH Public Key", 57 :description => "Required when sending a private key", 58 :type => :string, 59 :validation => '.', 60 :maxlength => 64, 61 :optional => true 62 63 64 input :key, 65 :prompt => "PEM text block for the private key", 66 :description => "A RSA private key", 67 :type => :string, 68 :validation => '-----BEGIN RSA PRIVATE KEY-----', 69 :maxlength => 10240, 70 :optional => true 71 72 73 input :opa_policies, 74 :prompt => "Open Policy Agent Policy Documents", 75 :description => "Map of Open Policy Agent Policy documents indexed by file name", 76 :type => :hash, 77 :optional => true 78 79 80 input :server_jwt, 81 :prompt => "Server JWT", 82 :description => "JWT file used to identify the server to the broker for ed25519 based authentication", 83 :type => :string, 84 :validation => '.', 85 :maxlength => 2048, 86 :optional => true 87 88 89 input :ssldir, 90 :prompt => "SSL Dir", 91 :description => "Directory for storing the certificate in", 92 :type => :string, 93 :validation => '.', 94 :maxlength => 500, 95 :optional => true 96 97 98 input :token, 99 :prompt => "Token", 100 :description => "Authentication token to pass to the server", 101 :type => :string, 102 :validation => '.', 103 :maxlength => 128, 104 :optional => true 105 106 107 108 109 output :message, 110 :description => "Status message from the Provisioner", 111 :type => "string", 112 :display_as => "Message" 113 114 end 115 116 action "gen25519", :description => "Generates a new ED25519 keypair" do 117 display :always 118 119 input :nonce, 120 :prompt => "Nonce", 121 :description => "Single use token to be signed by the private key being generated", 122 :type => :string, 123 :validation => '.', 124 :maxlength => 64, 125 :optional => false 126 127 128 input :token, 129 :prompt => "Token", 130 :description => "Authentication token to pass to the server", 131 :type => :string, 132 :validation => '.', 133 :maxlength => 128, 134 :optional => false 135 136 137 138 139 output :directory, 140 :description => "The directory where server.key and server.pub is written to", 141 :type => "string", 142 :display_as => "Directory" 143 144 output :public_key, 145 :description => "The ED255519 public key hex encoded", 146 :type => "string", 147 :display_as => "Public Key" 148 149 output :signature, 150 :description => "The signature of the nonce made using the new private key, hex encoded", 151 :type => "string", 152 :display_as => "Signature" 153 154 end 155 156 action "gencsr", :description => "Request a CSR from the Choria Server" do 157 display :always 158 159 input :C, 160 :prompt => "Country", 161 :description => "Country Code", 162 :type => :string, 163 :validation => '^[A-Z]{2}$', 164 :maxlength => 2, 165 :optional => true 166 167 168 input :L, 169 :prompt => "Locality", 170 :description => "Locality or municipality (such as city or town name)", 171 :type => :string, 172 :validation => '^[\w\s-]+$', 173 :maxlength => 50, 174 :optional => true 175 176 177 input :O, 178 :prompt => "Organization", 179 :description => "Organization", 180 :type => :string, 181 :validation => '^[\w\s-]+$', 182 :maxlength => 50, 183 :optional => true 184 185 186 input :OU, 187 :prompt => "Organizational Unit", 188 :description => "Organizational Unit", 189 :type => :string, 190 :validation => '^[\w\s-]+$', 191 :maxlength => 50, 192 :optional => true 193 194 195 input :ST, 196 :prompt => "State", 197 :description => "State", 198 :type => :string, 199 :validation => '^[\w\s-]+$', 200 :maxlength => 50, 201 :optional => true 202 203 204 input :cn, 205 :prompt => "Common Name", 206 :description => "The certificate Common Name to place in the CSR", 207 :type => :string, 208 :validation => '^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$', 209 :maxlength => 80, 210 :optional => true 211 212 213 input :token, 214 :prompt => "Token", 215 :description => "Authentication token to pass to the server", 216 :type => :string, 217 :validation => '.', 218 :maxlength => 128, 219 :optional => false 220 221 222 223 224 output :csr, 225 :description => "PEM text block for the CSR", 226 :type => "string", 227 :display_as => "CSR" 228 229 output :public_key, 230 :description => "PEM text block of the public key that made the CSR", 231 :type => "string", 232 :display_as => "Public Key" 233 234 output :ssldir, 235 :description => "SSL directory as determined by the server", 236 :type => "string", 237 :display_as => "SSL Dir" 238 239 end 240 241 action "jwt", :description => "Re-enable provision mode in a running Choria Server" do 242 display :always 243 244 input :token, 245 :prompt => "Token", 246 :description => "Authentication token to pass to the server", 247 :type => :string, 248 :validation => '.', 249 :maxlength => 128, 250 :optional => false 251 252 253 254 255 output :ecdh_public, 256 :description => "The ECDH public key for calculating shared secrets", 257 :type => "string", 258 :display_as => "ECDH Public Key" 259 260 output :jwt, 261 :description => "The contents of the JWT token", 262 :type => "string", 263 :display_as => "JWT Token" 264 265 end 266 267 action "reprovision", :description => "Reenable provision mode in a running Choria Server" do 268 display :always 269 270 input :token, 271 :prompt => "Token", 272 :description => "Authentication token to pass to the server", 273 :type => :string, 274 :validation => '.', 275 :maxlength => 128, 276 :optional => false 277 278 279 280 281 output :message, 282 :description => "Status message from the Provisioner", 283 :type => "string", 284 :display_as => "Message" 285 286 end 287 288 action "restart", :description => "Restart the Choria Server" do 289 display :failed 290 291 input :splay, 292 :prompt => "Splay time", 293 :description => "The configuration to apply to this node", 294 :type => :number, 295 :optional => true 296 297 298 input :token, 299 :prompt => "Token", 300 :description => "Authentication token to pass to the server", 301 :type => :string, 302 :validation => '.', 303 :maxlength => 128, 304 :optional => false 305 306 307 308 309 output :message, 310 :description => "Status message from the Provisioner", 311 :type => "string", 312 :display_as => "Message" 313 314 end 315 316 action "release_update", :description => "Performs an in-place binary update and restarts Choria" do 317 display :always 318 319 input :repository, 320 :prompt => "Repository URL", 321 :description => "HTTP(S) server hosting the update repository", 322 :type => :string, 323 :validation => '^http(s*)://', 324 :maxlength => 512, 325 :optional => false 326 327 328 input :token, 329 :prompt => "Token", 330 :description => "Authentication token to pass to the server", 331 :type => :string, 332 :validation => '.', 333 :maxlength => 128, 334 :optional => false 335 336 337 input :version, 338 :prompt => "Version to update to", 339 :description => "Package version to update to", 340 :type => :string, 341 :validation => '.+', 342 :maxlength => 32, 343 :optional => false 344 345 346 347 348 output :message, 349 :description => "Status message from the Provisioner", 350 :type => "string", 351 :display_as => "Message" 352 353 end 354 355 action "shutdown", :description => "Shut the Choria Server down cleanly" do 356 display :failed 357 358 input :token, 359 :prompt => "Token", 360 :description => "Authentication token to pass to the server", 361 :type => :string, 362 :validation => '.', 363 :maxlength => 128, 364 :optional => false 365 366 367 368 369 output :message, 370 :description => "Status message from the Provisioner", 371 :type => "string", 372 :display_as => "Message" 373 374 end 375