Conventions
Roverd looks for some information stored in files on disk. The following are the conventions for filenames and their contents which roverd assumes.
System Path | Type | Description |
---|---|---|
/etc/roverd/roverd.yaml | YAML file | Main runtime configuration of the rover's pipeline, validated by roverd. |
/etc/rover | Text file | Simple read-only file generated by ansible which has id , rover_name and password_hash separated by newlines |
/home/debix/.rover/ | Directory | Main configuration directory containing all services and source code. More detailed information below. |
The /etc/roverd/roverd.yaml
File
Contains the main run-time configuration of the rover. Currently only consists of list of enabled services.
The ~/.rover
Directory
We assume by default all rovers are used with the default debix
user which means that the placing the .rover
directory into the home directory of this user will never change. This directory contains all services on the system, regardless of whether they are enabled or not. Each service is fully qualified through the following directory hierarchy:
~/.rover/{author}/{service}/{version}/
- author - For example, all service provided by the ase team will have the github organization name here, so the author in this case would be "vu-ase".
- service - The name of a service, for example "controller".
- version - The SemVer of the service, for example "0.1.0".
The /etc/rover
File
12
zenith
e887ecf790605da0544a71b29fe91f21a44a0ec2d5934d77a06831a7d0afc2fa
This static file is created during the ansible setup and never changes. The id and name of the rover are on the first and second line respectively. They both serve as unique identifiers of a rover in the fleet. On the third line is a sha256
digest of the string of the user's password. This can be generated with the following bash command echo -n "some-passord" | sha256sum | cut -d ' ' -f 1
The hash is checked by roverd for all web authentication. This file should be read-only and must be protected with elevated privileges.
NOTE: The user and password is setup statically "at birth" which means that this file does not reflect any runtime changes made to the password. Thus, the password should not be changed, ever.