Feature/trace-collector-service #12
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| #!/bin/bash | ||
| set -e | ||
|
|
||
| # Variables | ||
| SITE="{{ site }}" | ||
| SITE_CLEAN=$(echo "$SITE" | sed 's#^/##; s#/#_#g') # Eg. /edu/memphis get converted to edu_memphis | ||
| SSH_DIR="/root/.ssh" | ||
| PRIVATE_KEY="$SSH_DIR/id_rsa" | ||
| PUBLIC_KEY="$SSH_DIR/id_rsa.pub" | ||
| PUBKEY_EXPORT_PATH="/file-server/trace-collector-pubkey/id_rsa.pub" | ||
|
There was a problem hiding this comment. Just set this to the directory instead of the file name, it seems simpler. The file name should just be the standard one used by openssh (e.g. The same applies to the previous two variables. Specifying the file name seems pointless unless there's a way to pass a different identity to the container. If we don't have a use case for this, just keep it simple and use the default openssh naming conventions. There was a problem hiding this comment. The file name has been referenced multiple times in the script: Checking existence, non-interactive generation with the file name specified, and during copying. Should we keep the private and public key variables? The export path I believe can just be a directory name. There was a problem hiding this comment.
If you prefer to use a variable, that's fine. But one variable for the private key should be enough, the public key name should always be privatekey +
On second thought, we should really avoid using a dot in the NDN name of the pubkey (e.g. There was a problem hiding this comment.
False. There was a problem hiding this comment.
Sure. |
||
|
|
||
| # Ensure permissions | ||
| mkdir -p "$SSH_DIR" | ||
| chmod 700 "$SSH_DIR" | ||
|
Comment on lines
+12
to
+14
There was a problem hiding this comment. ssh-keygen should already take care of this, no? |
||
|
|
||
| # Generate SSH key pair if not already present | ||
| if [[ ! -f "$PRIVATE_KEY" || ! -f "$PUBLIC_KEY" ]]; then | ||
| echo "[trace-collector] No SSH key pair found. Generating a new one..." | ||
| ssh-keygen -t rsa -b 4096 -N "" -f "$PRIVATE_KEY" | ||
|
There was a problem hiding this comment. can we use ed25519 instead of rsa? |
||
| else | ||
| echo "[trace-collector] SSH key pair already exists." | ||
| fi | ||
|
|
||
| # Always export the public key | ||
| mkdir -p "$(dirname "$PUBKEY_EXPORT_PATH")" | ||
| cp "$PUBLIC_KEY" "$PUBKEY_EXPORT_PATH" | ||
| echo "[trace-collector] Public key copied to $PUBKEY_EXPORT_PATH" | ||
|
|
||
| # Run | ||
| echo "[trace-collector] Starting trace collector..." | ||
| exec python3.10 /app/scheduler.py --site "$SITE_CLEAN" | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is there an actual dependency on the file server?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I put this there I think from a documentary perspective, there is no actual dependency. It should be just
nfd.