diff --git a/net/README.md b/net/README.md index 4e7cc48bf5..ef8c089671 100644 --- a/net/README.md +++ b/net/README.md @@ -81,8 +81,9 @@ $ ./net.sh start -f "cuda" ### How to interact with a CD testnet deployed by ci/testnet-deploy.sh -**AWS-Specific Extra Setup**: Follow the steps in `scripts/add-solana-user-authorized_keys.sh`, -then redeploy the testnet before continuing in this section. +**AWS-Specific Extra Setup**: Follow the steps in +`scripts/solana-user-authorized_keys.sh`, then redeploy the testnet +before continuing in this section. Taking **master-testnet-solana-com** as an example, configure your workspace for the testnet using: diff --git a/net/gce.sh b/net/gce.sh index e30cf8c555..36c85db7fd 100755 --- a/net/gce.sh +++ b/net/gce.sh @@ -630,7 +630,7 @@ $( cat \ disable-background-upgrades.sh \ create-solana-user.sh \ - add-solana-user-authorized_keys.sh \ + add-testnet-solana-user-authorized_keys.sh \ install-certbot.sh \ install-earlyoom.sh \ install-libssl-compatability.sh \ diff --git a/net/scripts/add-datacenter-solana-user-authorized_keys.sh b/net/scripts/add-datacenter-solana-user-authorized_keys.sh new file mode 100755 index 0000000000..91a19dabbc --- /dev/null +++ b/net/scripts/add-datacenter-solana-user-authorized_keys.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash +set -ex + +[[ $(uname) = Linux ]] || exit 1 +[[ $USER = root ]] || exit 1 + +[[ -d /home/solana/.ssh ]] || mkdir -p /home/solana/.ssh + +cd "$(dirname "$0")" + +# shellcheck source=net/scripts/solana-user-authorized_keys.sh +source solana-user-authorized_keys.sh + +# solana-user-authorized_keys.sh defines the public keys for users that should +# automatically be granted access to ALL datacenter nodes. +for i in "${!SOLANA_USERS[@]}"; do + echo "environment=\"SOLANA_USER=${SOLANA_USERS[i]}\" ${SOLANA_PUBKEYS[i]}" >> /solana-authorized_keys +done + +sudo -u solana mv /solana-authorized_keys /home/solana/.ssh/authorized_keys diff --git a/net/scripts/add-solana-user-authorized_keys.sh b/net/scripts/add-solana-user-authorized_keys.sh deleted file mode 100755 index 86c6afc4e2..0000000000 --- a/net/scripts/add-solana-user-authorized_keys.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/env bash -set -ex - -[[ $(uname) = Linux ]] || exit 1 -[[ $USER = root ]] || exit 1 - -[[ -d /home/solana/.ssh ]] || exit 1 - -# /solana-authorized_keys contains the public keys for users that should -# automatically be granted access to ALL testnets. -# -# To add an entry into this list: -# 1. Run: ssh-keygen -t ecdsa -N '' -f ~/.ssh/id-solana-testnet -# 2. Inline ~/.ssh/id-solana-testnet.pub below -cat > /solana-authorized_keys <> /home/solana/.ssh/authorized_keys -" diff --git a/net/scripts/add-testnet-solana-user-authorized_keys.sh b/net/scripts/add-testnet-solana-user-authorized_keys.sh new file mode 100755 index 0000000000..57864e8b0c --- /dev/null +++ b/net/scripts/add-testnet-solana-user-authorized_keys.sh @@ -0,0 +1,22 @@ +#!/usr/bin/env bash +set -ex + +[[ $(uname) = Linux ]] || exit 1 +[[ $USER = root ]] || exit 1 + +[[ -d /home/solana/.ssh ]] || exit 1 + +cd "$(dirname "$0")" + +# shellcheck source=net/scripts/solana-user-authorized_keys.sh +source solana-user-authorized_keys.sh + +# solana-user-authorized_keys.sh defines the public keys for users that should +# automatically be granted access to ALL testnets. +for key in "${SOLANA_PUBKEYS[@]}"; do + echo "$key" >> /solana-authorized_keys +done + +sudo -u solana bash -c " + cat /solana-authorized_keys >> /home/solana/.ssh/authorized_keys +" diff --git a/net/scripts/solana-user-authorized_keys.sh b/net/scripts/solana-user-authorized_keys.sh new file mode 100644 index 0000000000..456e84bbc1 --- /dev/null +++ b/net/scripts/solana-user-authorized_keys.sh @@ -0,0 +1,40 @@ +#!/usr/bin/env bash +# Contains the public keys for users that should automatically be granted access +# to ALL testnets and datacenter nodes. +# +# To add an entry into this list: +# 1. Run: ssh-keygen -t ecdsa -N '' -f ~/.ssh/id-solana-testnet +# 2. Add an entry to SOLANA_USERS with your username +# 3. Add an entry to SOLANA_PUBKEYS with the contents of ~/.ssh/id-solana-testnet.pub +# +# If you need multiple keys with your username, repeatedly add your username to SOLANA_USERS, once per key + +SOLANA_USERS=() +SOLANA_PUBKEYS=() + +SOLANA_USERS+=('mvines') +SOLANA_PUBKEYS+=('ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFBNwLw0i+rI312gWshojFlNw9NV7WfaKeeUsYADqOvM2o4yrO2pPw+sgW8W+/rPpVyH7zU9WVRgTME8NgFV1Vc=') + +SOLANA_USERS+=('sathish') +SOLANA_PUBKEYS+=('ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGqZAwAZeBl0buOMz4FpUYrtpwk1L5aGKlbd7lI8dpbSx5WVRPWCVKhWzsGMtDUIfmozdzJouk1LPyihghTDgsE=') + +SOLANA_USERS+=('carl') +SOLANA_PUBKEYS+=('ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOk4jgcX/VWSk3j//wXeIynSQjsOt+AjYXM/XZUMa7R1Q8lfIJGK/qHLBP86CMXdpyEKJ5i37QLYOL+0VuRy0CI=') + +SOLANA_USERS+=('jack') +SOLANA_PUBKEYS+=('ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEB6YLY4oCfm0e1qPswbzryw0hQEMiVDcUxOwT4bdBbui/ysKGQlVY8bO6vET1Te8EYHz5W4RuPfETbcHmw6dr4=') + +SOLANA_USERS+=('trent') +SOLANA_PUBKEYS+=('ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEZC/APgZTM1Y/EfNnCHr+BQN+SN4KWfpyGkwMg+nXdC trent@fry') + +SOLANA_USERS+=('tristan') +SOLANA_PUBKEYS+=('ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ9VNoG7BLPNbyr4YLf3M2LfQycvFclvi/giXvTpLp0b tristan@TristanSolanaMacBook.local') + +SOLANA_USERS+=('dan') +SOLANA_PUBKEYS+=('ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKMl07qHaMCmnvRKBCmahbBAR6GTWkR5BVe8jdzDJ7xzjXLZlf1aqfaOjt5Cu2VxvW7lUtpJQGLJJiMnWuD4Zmc= dan@Dans-MBP.local') + +SOLANA_USERS+=('greg') +SOLANA_PUBKEYS+=('ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG3eu2c7DZS+FE3MZmtU+nv1nn9RqW0lno0gyKpGtxT7 greg@solana.com') + +SOLANA_USERS+=('tyera') +SOLANA_PUBKEYS+=('ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDSWMrqTMsML19cDKmxhfwkDfMWwpcVSYJ49cYkZYpZfTvFjV/Wdbpklo0+fp98i5AzfNYnvl0oxVpFg8A8dpYk=')