github.com/choria-io/go-choria@v0.28.1-0.20240416190746-b3bf9c7d5a45/internal/fs/ddl/cache/agent/choria_provision.json (about) 1 { 2 "$schema": "https://choria.io/schemas/mcorpc/ddl/v1/agent.json", 3 "metadata": { 4 "name": "choria_provision", 5 "description": "Choria Provisioner", 6 "author": "R.I.Pienaar <rip@devco.net>", 7 "license": "Apache-2.0", 8 "version": "0.28.0", 9 "url": "https://choria.io", 10 "timeout": 20 11 }, 12 "actions": [ 13 { 14 "action": "configure", 15 "input": { 16 "token": { 17 "prompt": "Token", 18 "description": "Authentication token to pass to the server", 19 "type": "string", 20 "default": "", 21 "optional": true, 22 "validation": ".", 23 "maxlength": 128 24 }, 25 "config": { 26 "prompt": "Configuration", 27 "description": "The configuration to apply to this node", 28 "type": "string", 29 "default": null, 30 "optional": false, 31 "validation": "^{.+}$", 32 "maxlength": 2048 33 }, 34 "certificate": { 35 "prompt": "Certificate", 36 "description": "PEM text block for the certificate", 37 "type": "string", 38 "default": null, 39 "optional": true, 40 "validation": "^-----BEGIN CERTIFICATE-----", 41 "maxlength": 10240 42 }, 43 "ca": { 44 "prompt": "CA Bundle", 45 "description": "PEM text block for the CA", 46 "type": "string", 47 "default": null, 48 "optional": true, 49 "validation": "^-----BEGIN CERTIFICATE-----", 50 "maxlength": 20480 51 }, 52 "ssldir": { 53 "prompt": "SSL Dir", 54 "description": "Directory for storing the certificate in", 55 "type": "string", 56 "default": null, 57 "optional": true, 58 "validation": ".", 59 "maxlength": 500 60 }, 61 "key": { 62 "description": "A RSA private key", 63 "prompt": "PEM text block for the private key", 64 "type": "string", 65 "default": null, 66 "optional": true, 67 "validation": "-----BEGIN RSA PRIVATE KEY-----", 68 "maxlength": 10240 69 }, 70 "ecdh_public": { 71 "prompt": "ECDH Public Key", 72 "description": "Required when sending a private key", 73 "type": "string", 74 "default": "", 75 "optional": true, 76 "maxlength": 64, 77 "validation": "." 78 }, 79 "action_policies": { 80 "prompt": "Action Policy Documents", 81 "description": "Map of Action Policy documents indexed by file name", 82 "type": "hash", 83 "default": {}, 84 "optional": true 85 }, 86 "opa_policies": { 87 "prompt": "Open Policy Agent Policy Documents", 88 "description": "Map of Open Policy Agent Policy documents indexed by file name", 89 "type": "hash", 90 "default": {}, 91 "optional": true 92 }, 93 "server_jwt": { 94 "description": "JWT file used to identify the server to the broker for ed25519 based authentication", 95 "prompt": "Server JWT", 96 "type": "string", 97 "default": "", 98 "optional": true, 99 "maxlength": 2048, 100 "validation": "." 101 } 102 }, 103 "output": { 104 "message": { 105 "description": "Status message from the Provisioner", 106 "display_as": "Message", 107 "type": "string", 108 "default": null 109 } 110 }, 111 "display": "failed", 112 "description": "Configure the Choria Server" 113 }, 114 { 115 "action": "gen25519", 116 "display": "always", 117 "description": "Generates a new ED25519 keypair", 118 "input": { 119 "token": { 120 "prompt": "Token", 121 "description": "Authentication token to pass to the server", 122 "type": "string", 123 "default": "", 124 "optional": false, 125 "validation": ".", 126 "maxlength": 128 127 }, 128 "nonce": { 129 "prompt": "Nonce", 130 "description": "Single use token to be signed by the private key being generated", 131 "type": "string", 132 "default": "", 133 "optional": false, 134 "validation": ".", 135 "maxlength": 64 136 } 137 }, 138 "output": { 139 "public_key": { 140 "description": "The ED255519 public key hex encoded", 141 "display_as": "Public Key", 142 "type": "string", 143 "default": "" 144 }, 145 "directory": { 146 "description": "The directory where server.key and server.pub is written to", 147 "display_as": "Directory", 148 "type": "string", 149 "default": "" 150 }, 151 "signature": { 152 "description": "The signature of the nonce made using the new private key, hex encoded", 153 "display_as": "Signature", 154 "type": "string", 155 "default": "" 156 } 157 } 158 }, 159 { 160 "action": "gencsr", 161 "input": { 162 "token": { 163 "prompt": "Token", 164 "description": "Authentication token to pass to the server", 165 "type": "string", 166 "default": "", 167 "optional": false, 168 "validation": ".", 169 "maxlength": 128 170 }, 171 "cn": { 172 "prompt": "Common Name", 173 "description": "The certificate Common Name to place in the CSR", 174 "type": "string", 175 "default": null, 176 "optional": true, 177 "validation": "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$", 178 "maxlength": 80 179 }, 180 "C": { 181 "prompt": "Country", 182 "description": "Country Code", 183 "type": "string", 184 "default": null, 185 "optional": true, 186 "validation": "^[A-Z]{2}$", 187 "maxlength": 2 188 }, 189 "L": { 190 "prompt": "Locality", 191 "description": "Locality or municipality (such as city or town name)", 192 "type": "string", 193 "default": null, 194 "optional": true, 195 "validation": "^[\\w\\s-]+$", 196 "maxlength": 50 197 }, 198 "O": { 199 "prompt": "Organization", 200 "description": "Organization", 201 "type": "string", 202 "default": null, 203 "optional": true, 204 "validation": "^[\\w\\s-]+$", 205 "maxlength": 50 206 }, 207 "OU": { 208 "prompt": "Organizational Unit", 209 "description": "Organizational Unit", 210 "type": "string", 211 "default": null, 212 "optional": true, 213 "validation": "^[\\w\\s-]+$", 214 "maxlength": 50 215 }, 216 "ST": { 217 "prompt": "State", 218 "description": "State", 219 "type": "string", 220 "default": null, 221 "optional": true, 222 "validation": "^[\\w\\s-]+$", 223 "maxlength": 50 224 } 225 }, 226 "output": { 227 "csr": { 228 "description": "PEM text block for the CSR", 229 "display_as": "CSR", 230 "type": "string", 231 "default": null 232 }, 233 "public_key": { 234 "description": "PEM text block of the public key that made the CSR", 235 "display_as": "Public Key", 236 "type": "string", 237 "default": null 238 }, 239 "ssldir": { 240 "description": "SSL directory as determined by the server", 241 "display_as": "SSL Dir", 242 "type": "string", 243 "default": null 244 } 245 }, 246 "display": "always", 247 "description": "Request a CSR from the Choria Server" 248 }, 249 { 250 "action": "jwt", 251 "input": { 252 "token": { 253 "prompt": "Token", 254 "description": "Authentication token to pass to the server", 255 "type": "string", 256 "default": "", 257 "optional": false, 258 "validation": ".", 259 "maxlength": 128 260 } 261 }, 262 "output": { 263 "jwt": { 264 "description": "The contents of the JWT token", 265 "display_as": "JWT Token", 266 "type": "string", 267 "default": "" 268 }, 269 "ecdh_public": { 270 "description": "The ECDH public key for calculating shared secrets", 271 "display_as": "ECDH Public Key", 272 "type": "string", 273 "default": "" 274 } 275 }, 276 "display": "always", 277 "description": "Re-enable provision mode in a running Choria Server" 278 }, 279 { 280 "action": "reprovision", 281 "input": { 282 "token": { 283 "prompt": "Token", 284 "description": "Authentication token to pass to the server", 285 "type": "string", 286 "default": "", 287 "optional": false, 288 "validation": ".", 289 "maxlength": 128 290 } 291 }, 292 "output": { 293 "message": { 294 "description": "Status message from the Provisioner", 295 "display_as": "Message", 296 "type": "string", 297 "default": null 298 } 299 }, 300 "display": "always", 301 "description": "Reenable provision mode in a running Choria Server" 302 }, 303 { 304 "action": "restart", 305 "input": { 306 "token": { 307 "prompt": "Token", 308 "description": "Authentication token to pass to the server", 309 "type": "string", 310 "default": "", 311 "optional": false, 312 "validation": ".", 313 "maxlength": 128 314 }, 315 "splay": { 316 "prompt": "Splay time", 317 "description": "The configuration to apply to this node", 318 "type": "number", 319 "default": null, 320 "optional": true 321 } 322 }, 323 "output": { 324 "message": { 325 "description": "Status message from the Provisioner", 326 "display_as": "Message", 327 "type": "string", 328 "default": null 329 } 330 }, 331 "display": "failed", 332 "description": "Restart the Choria Server" 333 }, 334 { 335 "action": "release_update", 336 "input": { 337 "token": { 338 "prompt": "Token", 339 "description": "Authentication token to pass to the server", 340 "type": "string", 341 "default": "", 342 "optional": false, 343 "validation": ".", 344 "maxlength": 128 345 }, 346 "repository": { 347 "prompt": "Repository URL", 348 "description": "HTTP(S) server hosting the update repository", 349 "type": "string", 350 "default": "", 351 "optional": false, 352 "validation": "^http(s*)://", 353 "maxlength": 512 354 }, 355 "version": { 356 "prompt": "Version to update to", 357 "description": "Package version to update to", 358 "type": "string", 359 "default": "", 360 "optional": false, 361 "validation": ".+", 362 "maxlength": 32 363 } 364 }, 365 "output": { 366 "message": { 367 "description": "Status message from the Provisioner", 368 "display_as": "Message", 369 "type": "string", 370 "default": null 371 } 372 }, 373 "display": "always", 374 "description": "Performs an in-place binary update and restarts Choria" 375 }, 376 { 377 "action": "shutdown", 378 "input": { 379 "token": { 380 "prompt": "Token", 381 "description": "Authentication token to pass to the server", 382 "type": "string", 383 "default": "", 384 "optional": false, 385 "validation": ".", 386 "maxlength": 128 387 } 388 }, 389 "output": { 390 "message": { 391 "description": "Status message from the Provisioner", 392 "display_as": "Message", 393 "type": "string", 394 "default": null 395 } 396 }, 397 "display": "failed", 398 "description": "Shut the Choria Server down cleanly" 399 } 400 ] 401 }