|
Xdev Host Manager
authored
a day ago
|
1
|
# Madagascar Local Authority
|
|
Xdev Host Manager
authored
2 days ago
|
2
|
|
|
Xdev Host Manager
authored
a day ago
|
3
|
Local authority for Madagascar hosts, DNS manifests, work orders, and host certificates.
|
|
Xdev Host Manager
authored
2 days ago
|
4
|
|
|
|
5
|
This project lives on jumper and is the local source for:
|
|
|
6
|
|
|
|
7
|
- `config/hosts.yaml` - git-versioned host registry
|
|
|
8
|
- `config/local-hosts.tsv` - DNS manifest exported for local resolvers
|
|
Xdev Host Manager
authored
a day ago
|
9
|
- `config/work-orders.yaml` - confirmable operational changes
|
|
Xdev Host Manager
authored
2 days ago
|
10
|
- `scripts/host_manager.pl` - Perl-only web app
|
|
Xdev Host Manager
authored
a day ago
|
11
|
- `scripts/sync_local_hosts.sh` - local DNS sync to jumper and as01
|
|
Xdev Host Manager
authored
2 days ago
|
12
|
- `scripts/ca_manager.sh` - local OpenSSL CA helper for host certificates
|
|
Xdev Host Manager
authored
2 days ago
|
13
|
|
|
|
14
|
The public `xdev.ro` zone is maintained in the separate DNS public-zone repository.
|
|
|
15
|
|
|
|
16
|
Runtime path:
|
|
|
17
|
|
|
|
18
|
```text
|
|
|
19
|
/usr/local/xdev-host-manager
|
|
|
20
|
```
|
|
|
21
|
|
|
|
22
|
Secrets live outside git in `/etc/xdev/host-manager.env`.
|
|
Xdev Host Manager
authored
2 days ago
|
23
|
|
|
Xdev Host Manager
authored
a day ago
|
24
|
The product name is **Madagascar Local Authority**. The technical service, Unix user, repository path, and environment files still use `host-manager`.
|
|
|
25
|
|
|
Xdev Host Manager
authored
2 days ago
|
26
|
The web UI is OTP-protected for all registry data, downloads, exports, and writes. Automation should consume this repository through git with dedicated read-only keys, not through unauthenticated HTTP.
|
|
Xdev Host Manager
authored
2 days ago
|
27
|
|
|
Xdev Host Manager
authored
a day ago
|
28
|
The default internal domain is `madagascar.xdev.ro`. Short aliases are derived automatically from FQDNs, so `autonas01.madagascar.xdev.ro` also publishes `autonas01` without declaring it separately.
|
|
|
29
|
|
|
Xdev Host Manager
authored
a day ago
|
30
|
Name removals with operational impact go through a Work Order. A WO records intent first; the operational checklist must be completed before confirmation can update `hosts.yaml`, mark the WO as confirmed, and regenerate `local-hosts.tsv`. Resolver sync remains an explicit operator step.
|
|
Xdev Host Manager
authored
a day ago
|
31
|
|
|
Xdev Host Manager
authored
2 days ago
|
32
|
The local host CA stores private material outside git under `var/ca`. Initialize it on jumper with:
|
|
|
33
|
|
|
|
34
|
```bash
|
|
|
35
|
sudo scripts/ca_manager.sh init
|
|
|
36
|
```
|