diff --git a/ic-os/boundary-guestos/context/README.adoc b/ic-os/boundary-guestos/context/README.adoc index a235505e96c..6de8f7c3d5a 100644 --- a/ic-os/boundary-guestos/context/README.adoc +++ b/ic-os/boundary-guestos/context/README.adoc @@ -46,7 +46,7 @@ serve as a guide on how to add further actions. === ssh key generation -The `setup-ssh-keys` (and corresponding shell script) service performs one of +The `generate-host-ssh-keys` (and corresponding shell script) service performs one of two things: If this is the first boot ever (on a newly installed system), it generates ssh keys and stashes them away in a location that is preserved across reboots and in the future upgrades. diff --git a/ic-os/boundary-guestos/docs/Boot.adoc b/ic-os/boundary-guestos/docs/Boot.adoc index f733bfee990..20749c09e96 100644 --- a/ic-os/boundary-guestos/docs/Boot.adoc +++ b/ic-os/boundary-guestos/docs/Boot.adoc @@ -53,7 +53,7 @@ Relevant information can be found in the guestos link:../../guestos/docs/Boot.ad == Set up ssh host keys -Service: `setup-ssh-keys.service`, script: `/opt/ic/bin/setup-ssh-keys.sh`, +Service: `generate-host-ssh-keys.service`, script: `/opt/ic/bin/generate-host-ssh-keys.sh`, depends on `/boot/config` mount. This checks if ssh host keys for the system exist in the `config` partition diff --git a/ic-os/components/boundary-guestos.bzl b/ic-os/components/boundary-guestos.bzl index c50bc72457b..3019d8fc082 100644 --- a/ic-os/components/boundary-guestos.bzl +++ b/ic-os/components/boundary-guestos.bzl @@ -57,7 +57,7 @@ component_files = { Label("boundary-guestos/etc/systemd/system/setup-lvs.service"): "/etc/systemd/system/setup-lvs.service", Label("boundary-guestos/etc/systemd/system/setup-nftables.service"): "/etc/systemd/system/setup-nftables.service", Label("boundary-guestos/etc/systemd/system/setup-ssh-user-keys.service"): "/etc/systemd/system/setup-ssh-user-keys.service", - Label("boundary-guestos/etc/systemd/system/setup-ssh-keys.service"): "/etc/systemd/system/setup-ssh-keys.service", + Label("boundary-guestos/etc/systemd/system/generate-host-ssh-keys.service"): "/etc/systemd/system/generate-host-ssh-keys.service", Label("boundary-guestos/etc/systemd/system/setup-var-log.service"): "/etc/systemd/system/setup-var-log.service", Label("boundary-guestos/etc/systemd/system/setup-vector.service"): "/etc/systemd/system/setup-vector.service", Label("boundary-guestos/etc/systemd/system/setup-version-metric.service"): "/etc/systemd/system/setup-version-metric.service", @@ -87,7 +87,7 @@ component_files = { Label("boundary-guestos/opt/ic/bin/setup-lvs.sh"): "/opt/ic/bin/setup-lvs.sh", Label("boundary-guestos/opt/ic/bin/setup-nftables.sh"): "/opt/ic/bin/setup-nftables.sh", Label("boundary-guestos/opt/ic/bin/setup-ssh-user-keys.sh"): "/opt/ic/bin/setup-ssh-user-keys.sh", - Label("boundary-guestos/opt/ic/bin/setup-ssh-keys.sh"): "/opt/ic/bin/setup-ssh-keys.sh", + Label("boundary-guestos/opt/ic/bin/generate-host-ssh-keys.sh"): "/opt/ic/bin/generate-host-ssh-keys.sh", Label("boundary-guestos/opt/ic/bin/setup-var-encryption.sh"): "/opt/ic/bin/setup-var-encryption.sh", Label("boundary-guestos/opt/ic/bin/setup-var-log.sh"): "/opt/ic/bin/setup-var-log.sh", Label("boundary-guestos/opt/ic/bin/setup-vector.sh"): "/opt/ic/bin/setup-vector.sh", diff --git a/ic-os/components/boundary-guestos/etc/systemd/system/setup-ssh-keys.service b/ic-os/components/boundary-guestos/etc/systemd/system/setup-ssh-keys.service index b96b685dee3..fc87e3faf42 100644 --- a/ic-os/components/boundary-guestos/etc/systemd/system/setup-ssh-keys.service +++ b/ic-os/components/boundary-guestos/etc/systemd/system/setup-ssh-keys.service @@ -8,7 +8,7 @@ Before=ssh.service [Service] Type=oneshot RemainAfterExit=true -ExecStart=/opt/ic/bin/setup-ssh-keys.sh +ExecStart=/opt/ic/bin/generate-host-ssh-keys.sh [Install] WantedBy=multi-user.target diff --git a/ic-os/components/guestos.bzl b/ic-os/components/guestos.bzl index a0e4d1542dc..ee80623a666 100644 --- a/ic-os/components/guestos.bzl +++ b/ic-os/components/guestos.bzl @@ -140,8 +140,8 @@ component_files = { # ssh Label("ssh/provision-ssh-keys.sh"): "/opt/ic/bin/provision-ssh-keys.sh", - Label("ssh/setup-ssh-keys/setup-ssh-keys.sh"): "/opt/ic/bin/setup-ssh-keys.sh", - Label("ssh/setup-ssh-keys/setup-ssh-keys.service"): "/etc/systemd/system/setup-ssh-keys.service", + Label("ssh/generate-host-ssh-keys/generate-host-ssh-keys.sh"): "/opt/ic/bin/generate-host-ssh-keys.sh", + Label("ssh/generate-host-ssh-keys/generate-host-ssh-keys.service"): "/etc/systemd/system/generate-host-ssh-keys.service", Label("ssh/setup-ssh-user-keys/setup-ssh-user-keys.sh"): "/opt/ic/bin/setup-ssh-user-keys.sh", Label("ssh/setup-ssh-user-keys/setup-ssh-user-keys.service"): "/etc/systemd/system/setup-ssh-user-keys.service", Label("ssh/read-ssh-keys.sh"): "/opt/ic/bin/read-ssh-keys.sh", diff --git a/ic-os/components/hostos.bzl b/ic-os/components/hostos.bzl index e531122eee7..1f42a3d5635 100644 --- a/ic-os/components/hostos.bzl +++ b/ic-os/components/hostos.bzl @@ -85,8 +85,8 @@ component_files = { Label("networking/hosts"): "/etc/hosts", # ssh - Label("ssh/setup-ssh-keys/setup-ssh-keys.sh"): "/opt/ic/bin/setup-ssh-keys.sh", - Label("ssh/setup-ssh-keys/setup-ssh-keys.service"): "/etc/systemd/system/setup-ssh-keys.service", + Label("ssh/generate-host-ssh-keys/generate-host-ssh-keys.sh"): "/opt/ic/bin/generate-host-ssh-keys.sh", + Label("ssh/generate-host-ssh-keys/generate-host-ssh-keys.service"): "/etc/systemd/system/generate-host-ssh-keys.service", Label("ssh/setup-ssh-user-keys/setup-ssh-user-keys.sh"): "/opt/ic/bin/setup-ssh-user-keys.sh", Label("ssh/setup-ssh-user-keys/setup-ssh-user-keys.service"): "/etc/systemd/system/setup-ssh-user-keys.service", Label("ssh/deploy-updated-ssh-account-keys/deploy-updated-ssh-account-keys.sh"): "/opt/ic/bin/deploy-updated-ssh-account-keys.sh", diff --git a/ic-os/components/init/README.adoc b/ic-os/components/init/README.adoc index d7daa555fe6..5b79ee3587c 100644 --- a/ic-os/components/init/README.adoc +++ b/ic-os/components/init/README.adoc @@ -6,7 +6,7 @@ serve as a guide on how to add further actions. == ssh key generation -The +ssh/setup-ssh-keys+ (and corresponding shell script) service performs one of +The +ssh/generate-host-ssh-keys+ (and corresponding shell script) service performs one of two things: If this is the first boot ever (on a newly installed system), it generates ssh keys and stashes them away in a location that is preserved across upgrades. On first boot after an upgrade, it integrates the keys from their diff --git a/ic-os/components/ssh/setup-ssh-keys/setup-ssh-keys.service b/ic-os/components/ssh/generate-host-ssh-keys/generate-host-ssh-keys.service similarity index 84% rename from ic-os/components/ssh/setup-ssh-keys/setup-ssh-keys.service rename to ic-os/components/ssh/generate-host-ssh-keys/generate-host-ssh-keys.service index b96b685dee3..fc87e3faf42 100644 --- a/ic-os/components/ssh/setup-ssh-keys/setup-ssh-keys.service +++ b/ic-os/components/ssh/generate-host-ssh-keys/generate-host-ssh-keys.service @@ -8,7 +8,7 @@ Before=ssh.service [Service] Type=oneshot RemainAfterExit=true -ExecStart=/opt/ic/bin/setup-ssh-keys.sh +ExecStart=/opt/ic/bin/generate-host-ssh-keys.sh [Install] WantedBy=multi-user.target diff --git a/ic-os/components/ssh/setup-ssh-keys/setup-ssh-keys.sh b/ic-os/components/ssh/generate-host-ssh-keys/generate-host-ssh-keys.sh similarity index 100% rename from ic-os/components/ssh/setup-ssh-keys/setup-ssh-keys.sh rename to ic-os/components/ssh/generate-host-ssh-keys/generate-host-ssh-keys.sh diff --git a/ic-os/guestos/docs/Boot.adoc b/ic-os/guestos/docs/Boot.adoc index dda4ac3dcc3..d3b7ab1f4f7 100644 --- a/ic-os/guestos/docs/Boot.adoc +++ b/ic-os/guestos/docs/Boot.adoc @@ -111,7 +111,7 @@ system will set up its own +/var+ filesystem correctly again. == Set up ssh host keys -Service: +setup-ssh-keys.service+, script: +/opt/ic/bin/setup-ssh-keys.sh+, +Service: +generate-host-ssh-keys.service+, script: +/opt/ic/bin/generate-host-ssh-keys.sh+, depends on +/boot/config+ mount. This checks if ssh host keys for the system exist in the +config+ partition