Server with public API to manage ssh/gpg public keys for the support user of each FIWARE Lab node.
This project is part of FIWARE.
Any feedback on this documentation is highly welcome, including bugs, typos or things you think should be included but are not. You can use github issues to provide feedback.
Aiakos is a service developed to store the public keys corresponding to each FIWARE Lab node in order to secure the access to the virtual machines instantiated in the FIWARE Lab. The description of all this process and why we need to do it can be found in the Generating support keys.
To upload new/modified a gpg key to the server. You should send a POST like this:
curl --request POST \ --url http://aiakoshost/v1/support \ --header 'accept: text/plain' \ --header 'content-type: text/plain' \ --header 'x-auth-token: 201dd9a13de844db905cb4f617cbc17d' \ --data '-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1\n\nmQENBFWnVCYBCADPeDMbTOkCM4MPbUMvtbAtGbUDnH3AHyZCEZZuyjeExATfT0Au\n-----END PGP PUBLIC KEY BLOCK-----'
The result of this operation is a text/plain response with the generated key:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1 mQENBFWnVCYBCADPeDMbTOkCM4MPbUMvtbAtGbUDnH3AHyZCEZZuyjeExATfT0Au -----END PGP PUBLIC KEY BLOCK-----
Please have a look at the API Reference Documentation section below for more description and operations.
Refer to the documentation of your Linux distribution to set up the URL of the
repository where FIWARE packages are available (and update cache, if needed).
Currently, http://repositories.lab.fiware.org/repo/rpm/x86_64
Then, use the package tool to install fiware-aiakos
:
$ sudo yum install fiware-aiakos
Although some options can be specified from the command line, as a general rule the use of a configuration file is preferable:
/etc/sysconfig/aiakos.yml
(when running system service){installation_path}/config/aiakos.yml
(when running manually)
Such configuration file is self-documented, so you will find a description of every configuration option there.
After installing and configuring the service, you can execute the service with the following command:
$ sudo service fiware-aiakos start
And to stop the service, run:
$ sudo service fiware-aiakos stop
In order to test the service is running, run:
$ curl http://localhost:3000/v1/support/example/sshkey
The key files for aiakos are stored in the folder /opt/fiware-aiakos/lib/public/keys. The naming must be <region_name>.sshkey and <region_name>.gpgkey (lowercase is mandatory)
The test
target is used for running the unit tests in the component:
$ cd fiware-aiakos $ grunt test
Use the script provided for generate the package for the OS used:
$ tools/build/package.sh
You can use this Dockerfile to launch/execute the Docker image and container:
$ docker build -t fiwareaiakos . $ docker run -p 3000:3000 -d fiwareaiakos
(c) 2015 Telefónica I+D, Apache License 2.0