2021-04-20 21:31:37 +00:00
|
|
|
# Adding a Host to the Network
|
|
|
|
|
|
|
|
This document guides an admin through adding a single host to the network. Keep
|
|
|
|
in mind that the steps described here must be done for _each_ host the user
|
|
|
|
wishes to add.
|
|
|
|
|
2022-11-05 10:50:11 +00:00
|
|
|
There are two ways for a user to add a host to the cryptic network.
|
2021-04-20 21:31:37 +00:00
|
|
|
|
|
|
|
- If the user is savy enough to obtain their own `cryptic-net` binary, they can
|
2022-11-02 13:34:40 +00:00
|
|
|
do so. The admin can then generate a `bootstrap.yml` file for their host,
|
2021-04-20 21:31:37 +00:00
|
|
|
give that to the user, and the user can run `cryptic-net daemon` using that
|
|
|
|
bootstrap file.
|
|
|
|
|
|
|
|
- If the user is not so savy, the admin can generate a custom `cryptic-net`
|
2022-11-02 13:34:40 +00:00
|
|
|
binary with the `bootstrap.yml` embedded into it. The user can be given this
|
2021-04-20 21:31:37 +00:00
|
|
|
binary and run `cryptic-net daemon` without any configuration on their end.
|
|
|
|
|
|
|
|
From the admin's perspective the only difference between these cases is one
|
|
|
|
extra step.
|
|
|
|
|
|
|
|
## Step 1: Choose Hostname
|
|
|
|
|
|
|
|
The user will need to provide you with a name for their host. The name should
|
|
|
|
conform to the following rules:
|
|
|
|
|
|
|
|
* It should only contain lowercase letters, numbers, and hyphens.
|
|
|
|
|
|
|
|
* It should begin with a letter.
|
|
|
|
|
|
|
|
* It should end with a letter or number.
|
|
|
|
|
2022-10-30 00:22:03 +00:00
|
|
|
## Step 2: Choose IP
|
2021-04-20 21:31:37 +00:00
|
|
|
|
|
|
|
The admin should choose an IP for the host. The IP you choose for the new host
|
2022-10-30 00:22:03 +00:00
|
|
|
should be one which is not yet used by any other host, and which is in subnet
|
|
|
|
which was configured when creating the network.
|
2021-04-20 21:31:37 +00:00
|
|
|
|
2022-11-02 13:34:40 +00:00
|
|
|
## Step 3: Create a `bootstrap.yml` File
|
2021-04-20 21:31:37 +00:00
|
|
|
|
2022-11-02 13:02:21 +00:00
|
|
|
Access to an `admin.yml` file is required for this step.
|
2021-04-20 21:31:37 +00:00
|
|
|
|
2022-11-02 13:34:40 +00:00
|
|
|
To create a `bootstrap.yml` file for the new host, the admin should perform the
|
2021-04-20 21:31:37 +00:00
|
|
|
following command from their own host:
|
|
|
|
|
|
|
|
```
|
2022-11-05 15:41:14 +00:00
|
|
|
cryptic-net hosts create-bootstrap \
|
2022-11-05 11:34:49 +00:00
|
|
|
--hostname <name> \
|
2022-10-30 00:22:03 +00:00
|
|
|
--ip <ip> \
|
2022-11-02 13:02:21 +00:00
|
|
|
--admin-path <path to admin.yml> \
|
2022-11-02 13:34:40 +00:00
|
|
|
> bootstrap.yml
|
2021-04-20 21:31:37 +00:00
|
|
|
```
|
|
|
|
|
2022-11-02 13:34:40 +00:00
|
|
|
The resulting `bootstrap.yml` file should be treated as a secret file that is
|
|
|
|
shared only with the user it was generated for. The `bootstrap.yml` file should
|
2021-04-20 21:31:37 +00:00
|
|
|
not be re-used between hosts either.
|
|
|
|
|
|
|
|
If the user already has access to a `cryptic-net` binary then the new
|
2022-11-02 13:34:40 +00:00
|
|
|
`bootstrap.yml` file can be given to them as-is, and they can proceed with
|
2021-04-20 21:31:37 +00:00
|
|
|
running their host's `cryptic-net daemon`.
|
|
|
|
|
2022-11-02 13:02:21 +00:00
|
|
|
### Encrypted `admin.yml`
|
2021-04-20 21:31:37 +00:00
|
|
|
|
2022-11-02 13:02:21 +00:00
|
|
|
If `admin.yml` is kept in an encrypted format on disk (it should be!) then the
|
2022-11-05 15:41:14 +00:00
|
|
|
decrypted form can be piped into `create-bootstrap` over stdin. For example, if
|
2022-11-02 13:02:21 +00:00
|
|
|
GPG is being used to secure `admin.yml` then the following could be used to
|
2022-11-02 13:34:40 +00:00
|
|
|
generate a `bootstrap.yml`:
|
2021-04-20 21:31:37 +00:00
|
|
|
|
|
|
|
```
|
2022-11-05 15:41:14 +00:00
|
|
|
gpg -d <path to admin.yml.gpg> | cryptic-net hosts create-bootstrap \
|
2022-11-05 11:34:49 +00:00
|
|
|
--hostname <name> \
|
2022-10-30 00:22:03 +00:00
|
|
|
--ip <ip> \
|
2021-04-20 21:31:37 +00:00
|
|
|
--admin-path - \
|
2022-11-02 13:34:40 +00:00
|
|
|
> bootstrap.yml
|
2021-04-20 21:31:37 +00:00
|
|
|
```
|
|
|
|
|
2022-11-02 13:02:21 +00:00
|
|
|
Note that the value of `--admin-path` is `-`, indicating that `admin.yml` should
|
2021-04-20 21:31:37 +00:00
|
|
|
be read from stdin.
|
|
|
|
|
|
|
|
## Step 4: Optionally, Build Binary
|
|
|
|
|
2022-11-02 13:34:40 +00:00
|
|
|
If you wish to embed the `bootstrap.yml` into a custom binary for the user (to
|
2021-04-20 21:31:37 +00:00
|
|
|
make installation _extremely_ easy for them) then you can run the following:
|
|
|
|
|
|
|
|
```
|
2022-11-02 13:34:40 +00:00
|
|
|
nix-build --arg bootstrap <path to bootstrap.yml> -A appImage
|
2021-04-20 21:31:37 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
The resulting binary can be found in the `result` directory which is created.
|
2022-10-30 00:22:03 +00:00
|
|
|
|
2022-11-02 13:34:40 +00:00
|
|
|
This binary should be treated like a `bootstrap.yml` in terms of its uniqueness
|
2022-10-30 00:22:03 +00:00
|
|
|
and sensitivity.
|