Skip to content

Getting Started with Digital Rebar Provision for Regular Human Beings

Notifications You must be signed in to change notification settings

avanier/drp_getting_started

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 

Repository files navigation

Getting Started with Digital Rebar Provision for Regular Human Beings

Digital Rebar Provision is a wonderful piece of software, but while the documentation is abundant, it's definitely overwhelming for first time users. To boot, drpcli is less than obvious to use. This snippet will help you get started by walking you through the following:

  • Create a new superuser
  • Get a token for said user
  • Set the password for said user
  • Delete the default user

✨ Magical Copy-Pasta! 🍝

# drpcli expects you to configure some things with json,
# since not everything is controllable with cli flags

# Start by downloading `drpcli`
# Yes, this is VERY insecure. This is only to be used on locally hosted instances.
wget --no-check-certificate https://${endpoint_ip}:8092/files/drpcli.amd64.linux
chmod +x drpcli.amd64.linux
mv drpcli.amd64.linux ~/.local/bin/drpcli

# Let's get a sense for the default user schema
drpcli -E "https://${endpoint_ip}:8092" \
  -U 'rocketskates' \
  -P 'r0cketsk8ts' \
  users show rocketskates | jq .

# Let's craft a stub superuser of our own
read -r -d '' RD_USERDEF << EOF
{
  "Name": "$(whoami)",
  "Roles": [
    "superuser"
  ]
}
EOF

drpcli -E "https://${endpoint_ip}:8092" \
  -U 'rocketskates' \
  -P 'r0cketsk8ts' \
  users create - <<< "${RD_USERDEF}"

# We create a folder to store our token
mkdir -vp "${HOME}/.drpcli"
chmod 700 "${HOME}/.drpcli"

# Set the password for our new user
drpcli -E "https://${endpoint_ip}:8092" \
  -U 'rocketskates' \
  -P 'r0cketsk8ts' \
  users password "$(whoami)" "${my_password}"

# We get a token for the newly created user
drpcli -E "https://${endpoint_ip}:8092" \
  -U "$(whoami)" \
  -P "${my_password}" \
  users token "$(whoami)" | jq -r .Token > "${HOME}/.drpcli/token"

# Set proper permz on that token
chmod 600 "${HOME}/.drpcli/token"

# Get rid of the default user
drpcli -E "https://${endpoint_ip}:8092" \
  -T "$(cat ${HOME}/.drpcli/token)" \
  users destroy rocketskates

To keep going, follow the official guide from here.

Takeaways

drpcli is a well documented tool from an API point of view. What's not documented is de#tent, and best practice. From the snippet above, it should be fairly obvious this is a system that is easy to automate, but harder to bootstrap since it's not designed to be used exclusively by humans.

Happy scripting fellow sysadmins!

About

Getting Started with Digital Rebar Provision for Regular Human Beings

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published