diff options
| author | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2014-12-09 18:22:33 +0000 |
|---|---|---|
| committer | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2014-12-09 18:24:07 +0000 |
| commit | 7983e10564ff73c4587a7ca4ad25ef90c3b94098 (patch) | |
| tree | c505a04560165c1610394411e8a0426e0800516b | |
| parent | 9ad39f3398d3f436b4d7f8ee057b3aea7e2d2c1b (diff) | |
| download | infrastructure-7983e10564ff73c4587a7ca4ad25ef90c3b94098.tar.gz | |
Add standard cloud-config script for baserock.org infrastructure
This contains the public keys of the Baserock Ops team, who are
collectively reponsible for maintainance and security updates for the
baserock.org instances.
I added a note to the README.mdwn too.
| -rw-r--r-- | README.mdwn | 14 | ||||
| -rw-r--r-- | baserock-ops-team.cloud-config | 16 |
2 files changed, 26 insertions, 4 deletions
diff --git a/README.mdwn b/README.mdwn index 119f89a3..cc32a371 100644 --- a/README.mdwn +++ b/README.mdwn @@ -160,7 +160,13 @@ To deploy the production version: Deployment to DataCentred ------------------------- -The Packer tool requires a floating IP to be available at the time a system is -being deployed to OpenStack. Currently 85.199.252.152 should be used for this. -If you specify a floating IP that is in use by an existing instance, you will -steal it for your own instance and probably break one of our web services. +When instantiating a machine that will be public, remember that all operators +who are responsible for security updates and maintenance must be given access +to the machine. This can be done using a post-creation customisation script +that injecting all of their SSH keys: the Baserock Ops team use the file +`baserock-ops-team.cloud-config` from this repo. + +The the Packer tool requires a floating IP to be available at the time a system +is being deployed to OpenStack. Currently 85.199.252.152 should be used for +this. If you specify a floating IP that is in use by an existing instance, you +will steal it for your own instance and probably break one of our web services. diff --git a/baserock-ops-team.cloud-config b/baserock-ops-team.cloud-config new file mode 100644 index 00000000..750ba6aa --- /dev/null +++ b/baserock-ops-team.cloud-config @@ -0,0 +1,16 @@ +#cloud-config + +# The contents of this cloud-config script should be included in the +# post-creation 'customisation script' for every instance in the public +# baserock.org infrastructure. It gives access to all members the Baserock Ops +# team, so that any member of the team can deploy security updates. + +ssh_authorized_keys: + # Pedro Alvarez + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPuirtOH8D/6iNAb3DE079FcTmDlDgusVBJ2FC0O/FHSxwAgNwHhUbCxHAcO/N+HICSvDmjp16Ki0ti2ZxfworG88shPiMOGQfuJaRv1X15AV7NsO80Llsqy/x8X+WdA5iwpUyKM011vv/pS/DhSCHJFJ/vQFgox12HQSKZuzGIOupCiZfHES5t5oEPAcoQYCC0hO4ZevyeO0ZixrOGf/iyXHyb2BoQJAehixt28YOfdaW7Z29SssCGf7QvtADYg+vF5Tazln51vp1M+fo1oF0aa/VLN3gYuf+BI6x6sEc4N/ZQaCR5+oBP3/gIVlIwOOftzC9G+l6PBOS4368nZTv pedro.alvarez@codethink.co.uk + + # Francisco Redondo Marchena + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOZHTTBcWTN99IptDR2DlNZ30XaK9fhTxzeYm2ZFKKmTcyls7rO4D51+OkAKQpW50SABcw2we4T94WmEHPmC+Se6cNN4OYTT71PYQQAc6rQ5IeNRj5DcAQj3WaZvyF1qFXsTQ1ZYWP8D/2gQ9rEhImBHDAuX+bFKgup/4D7Y0fOsVLGBrO0rIYB6Cxgt6rnHWrrFO/8foL/SKDQpJP/fLD+Zf37m0XSsd3M3Q5fegtoSq3YEXaqRdVB119bUL4AovgZJ30+aC9ei3ff1ASqgQLVMmMdLaqrzKAfwtBKKdLnPJYviKjcDhXxY6fykZIsEymi0Zg3CRh9c5HlUY3Pofr francisco.marchena@codethink.co.uk + + # Sam Thursfield + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCkDPLAg9ueRzIVdPbfsGboXbnd7HIwQ9oiFh1JP8NvyZ0ZWejmY7m5k6FOTDBp70Rwx1/6+rzLyCsbT5SN+rK0Ywl145A09jODRt2PWZ3ddsUDfXTY7Ycu3MLOsyjIiY5o9zhSmu+/pU90TlvlE16TFUPnyc4PDqI1DALCUf7OxDVihcecn4Fhd0XQI8FBM/c47CjvyD2g+xr2b5Qa7eCfBEFTCqpQegDOQN3Hlq1t1VLLXv+srcQkI+uh4wseJ3GcQ4T/+6w6axlGd6a2v8IjKALxveCKyI5bHirKTMJZg+BCulb+ucoafbRbLcNpmrEVfhUE5O4/ffBExaEiwni1 sam.thursfield@codethink.co.uk |