From 70efff892cf091d9c479c5801937642376469435 Mon Sep 17 00:00:00 2001 From: Boris Glimcher <36732377+glimchb@users.noreply.github.com> Date: Tue, 4 Jun 2024 18:06:46 -0400 Subject: [PATCH] fix(sztp): bring config files Signed-off-by: Boris Glimcher <36732377+glimchb@users.noreply.github.com> --- sztp/my-configuration.xml | 3 + sztp/my-post-configuration-script.sh | 2 + sztp/my-pre-configuration-script.sh | 2 + sztp/sztpd.running.json.template | 183 +++++++++++++++++++++++++++ 4 files changed, 190 insertions(+) create mode 100644 sztp/my-configuration.xml create mode 100644 sztp/my-post-configuration-script.sh create mode 100644 sztp/my-pre-configuration-script.sh create mode 100644 sztp/sztpd.running.json.template diff --git a/sztp/my-configuration.xml b/sztp/my-configuration.xml new file mode 100644 index 0000000..6b1c638 --- /dev/null +++ b/sztp/my-configuration.xml @@ -0,0 +1,3 @@ + + + diff --git a/sztp/my-post-configuration-script.sh b/sztp/my-post-configuration-script.sh new file mode 100644 index 0000000..9de18c6 --- /dev/null +++ b/sztp/my-post-configuration-script.sh @@ -0,0 +1,2 @@ +#!/bin/bash +echo "inside the post-configuration-script..." diff --git a/sztp/my-pre-configuration-script.sh b/sztp/my-pre-configuration-script.sh new file mode 100644 index 0000000..7b13c2a --- /dev/null +++ b/sztp/my-pre-configuration-script.sh @@ -0,0 +1,2 @@ +#!/bin/bash +echo "inside the pre-configuration-script..." diff --git a/sztp/sztpd.running.json.template b/sztp/sztpd.running.json.template new file mode 100644 index 0000000..81b6ee1 --- /dev/null +++ b/sztp/sztpd.running.json.template @@ -0,0 +1,183 @@ +{ + "wn-sztpd-1:transport": { + "listen": { + "endpoint": [ + { + "name": "default startup endpoint", + "use-for": "wn-app:native-interface", + "http": { + "tcp-server-parameters": { + "local-address": "$SZTPD_INIT_ADDR", + "local-port": $SZTPD_NBI_PORT + } + } + }, + { + "name": "rfc8572-interface", + "use-for": "wn-sztpd-0:rfc8572-interface", + "https": { + "tcp-server-parameters": { + "local-address": "$SZTPD_INIT_ADDR", + "local-port": $SZTPD_SBI_PORT + }, + "tls-server-parameters": { + "server-identity": { + "certificate": { + "reference": { + "asymmetric-key": "sbi-server-end-entity-key", + "certificate": "sbi-server-end-entity-cert" + } + } + }, + "client-authentication": { + "ca-certs": { + "local-truststore-reference": "my-device-identity-ca-certs" + } + } + }, + "http-server-parameters": {}, + "restconf-server-parameters": {} + } + } + ] + } + }, + "wn-sztpd-1:admin-accounts":{ + "admin-account": [ + { + "email-address": "my-admin@example.com", + "password": "$0$my-secret", + "access": "unrestricted" + } + ] + }, + "wn-sztpd-1:keystore": { + "asymmetric-keys": { + "asymmetric-key": [ + { + "name": "sbi-server-end-entity-key", + "public-key-format": "ietf-crypto-types:subject-public-key-info-format", + "public-key": "$SBI_PUB_KEY_B64", + "private-key-format": "ietf-crypto-types:ec-private-key-format", + "cleartext-private-key": "$SBI_PRI_KEY_B64", + "certificates": { + "certificate": [ + { + "name": "sbi-server-end-entity-cert", + "cert-data": "$SBI_EE_CERT_B64" + } + ] + } + } + ] + } + }, + "wn-sztpd-1:truststore": { + "certificate-bags": { + "certificate-bag": [ + { + "name": "my-device-identity-ca-certs", + "description": "A set of TA certs that can be used to authenticate device client certs.", + "certificate": [ + { + "name": "my-device-identity-ca-cert-circa-2020", + "cert-data": "$CLIENT_CERT_TA_B64" + } + ] + } + ] + } + }, + "wn-sztpd-1:device-types": { + "device-type": [ + { + "name": "my-device-type", + "identity-certificates": { + "verification": { + "local-truststore-reference": { + "certificate-bag": "my-device-identity-ca-certs", + "certificate": "my-device-identity-ca-cert-circa-2020" + } + }, + "serial-number-extraction": "wn-x509-c2n:serial-number" + } + } + ] + }, + "wn-sztpd-1:devices": { + "device": [ + { + "serial-number": "my-serial-number", + "device-type": "my-device-type", + "activation-code": "$0$my-secret", + "response-manager": { + "matched-response": [ + { + "name": "catch-all-response", + "response": { + "conveyed-information": { + "onboarding-information": { + "reference": "my-onboarding-information" + } + } + } + } + ] + } + } + ] + }, + "wn-sztpd-1:boot-images": { + "boot-image": [ + { + "name": "my-boot-image.img", + "download-uri": [ + "http://web:80/my-boot-image.img", + "ftp://web:82/my-boot-image.img" + ], + "image-verification": [ + { + "hash-algorithm": "ietf-sztp-conveyed-info:sha-256", + "hash-value": "$BOOT_IMG_HASH_VAL" + } + ] + } + ] + }, + "wn-sztpd-1:scripts": { + "pre-configuration-script": [ + { + "name": "my-pre-configuration-script", + "script": "$PRE_SCRIPT_B64" + } + ], + "post-configuration-script": [ + { + "name": "my-post-configuration-script", + "script": "$POST_SCRIPT_B64" + } + ] + }, + "wn-sztpd-1:configurations": { + "configuration": [ + { + "name": "my-configuration", + "configuration-handling": "merge", + "config": "$CONFIG_B64" + } + ] + }, + "wn-sztpd-1:conveyed-information-responses": { + "onboarding-information-response": [ + { + "name": "my-onboarding-information", + "onboarding-information": { + "boot-image": "my-boot-image.img", + "pre-configuration-script": "my-pre-configuration-script", + "configuration": "my-configuration", + "post-configuration-script": "my-post-configuration-script" + } + } + ] + } +}