summaryrefslogtreecommitdiff
path: root/website/bugs/setup-subcommand-for-monkeysphere-server.mdwn
blob: a074d9e0b73ea6164fc66d823dc57ec80835312b (plain)

[[meta title="proposed new monkeysphere-server subcommand: setup" ]]

What if everything that's done in the package post-installation scripts (aside from maybe the creation of the monkeysphere user itself) was done with a single call to something like

monkeysphere-server setup

This would make things more obvious to folks installing from source directly, and put less maintenance load on porters. The end of monkeysphere-server setup could also invoke monkeysphere-server diagnostics to get the admin pointed in the right direction.

Think of this as a sort of automated "Getting Started" documentation.

Of course, a hypothetical full setup command would do things like gen-key, auto-modify sshd_config, etc. We wouldn't want to do those things automatically without the guiding hand of the local sysadmin.

But perhaps we could even smooth that process with:

monkeysphere-server setup --full

I'd like to know what other folks think about these possibilities. Would either of these be useful? Are they confusing? Could they be clarified?

--dkg


I'm not sure how I feel about this idea. I feel like it should just be the job of the package to setup the initial server environment. I don't really feel like the admin should have to worry about it. But then again, I can sort of see it from the point of view of someone just installing from source (but who the hell really does that anymore anyway?).

I'm also sort of mixed about the setup --full idea as well. At first I thought that it wasn't a good idea, and that I didn't like the idea of monkeysphere monkeying around with the config files of other packages (ie. ssh). However, once I started to think about setting up monkeysphere on lots of servers, I started to think that it's maybe a good idea. It might be good to have a single command that would just end with the server being on the monkeysphere:

  • generate the server key
  • modify sshd to point to it
  • restart ssh
  • publish the key to the keyserver

So I'm starting to think that this might be a good idea. Also curious what other think.

-- jrollins