diff --git a/.gitignore b/.gitignore index dde0e34a..ac7489ec 100644 --- a/.gitignore +++ b/.gitignore @@ -139,3 +139,10 @@ secret.py # PyCharm .idea/ +/manager/director-shell-keys/ +/orchestrator/director-shell-keys/ +/mysql-data/ +/postgres-data/ +/postgres-manager-data/ +/redis-data/ +/registry-data/ diff --git a/config/Dockerfile.manager b/config/Dockerfile.manager new file mode 100644 index 00000000..15fe7484 --- /dev/null +++ b/config/Dockerfile.manager @@ -0,0 +1,28 @@ +FROM python:3.8.10 + +RUN groupadd director && \ + useradd -g director director && \ + usermod -a -G director www-data && \ + mkdir -p /var/www/director && \ + cd /var/www/director && \ + chown director:director /var/www/director && \ + chmod 750 /var/www/director + +USER director + +WORKDIR /var/www/director + +COPY manager/requirements.txt manager/ + +RUN pip install -r manager/requirements.txt + +COPY scripts/ manager/scripts/ +RUN mkdir -p /etc/director-shell-keys/ && \ + ./manager/scripts/generate-rsa-key.py 4096 /etc/director-shell-keys/shell-signing-token-pubkey.pem /etc/director-shell-keys/shell-signing-token-privkey.pem && \ + ./manager/scripts/generate-rsa-key.py 4096 /etc/director-shell-keys/shell-encryption-token-pubkey.pem /etc/director-shell-keys/shell-encryption-token-privkey.pem + +COPY manager/ /var/www/director/manager/ + +ENV PYTHONUNBUFFERED=1 + +ENTRYPOINT ["sh", "start.sh"] diff --git a/config/Dockerfile.orchestrator b/config/Dockerfile.orchestrator new file mode 100644 index 00000000..854bd818 --- /dev/null +++ b/config/Dockerfile.orchestrator @@ -0,0 +1,30 @@ +FROM python:3.8.10 + +RUN apt-get update && apt-get install -y supervisor +RUN mkdir -p /var/log/supervisor + +COPY orchestrator/supervisord.conf /etc/supervisor/conf.d/supervisord.conf +COPY orchestrator/requirements.txt orchestrator/ + +RUN groupadd director && \ + useradd -g director director && \ + usermod -a -G director www-data && \ + mkdir -p /var/www/director && \ + cd /var/www/director && \ + chown director:director /var/www/director && \ + chmod 750 /var/www/director && \ + pip install -r orchestrator/requirements.txt + +USER director + +WORKDIR /var/www/director + +# RUN pip install -r orchestrator/requirements.txt + +COPY scripts/ orchestrator/scripts/ + +COPY orchestrator/ orchestrator/ + +ENV PYTHONUNBUFFERED=1 +# ENTRYPOINT ["sh", "start.sh"] +CMD ["/usr/bin/supervisord"] diff --git a/config/Dockerfile.router b/config/Dockerfile.router new file mode 100644 index 00000000..d08b5d87 --- /dev/null +++ b/config/Dockerfile.router @@ -0,0 +1,12 @@ +FROM python:3.8.10 + +COPY manager/requirements.txt /manager/ + +RUN pip install -r /manager/requirements.txt + +COPY router/ /router/ + +WORKDIR /router + +ENV PYTHONUNBUFFERED=1 +ENTRYPOINT ["sh", "start.sh"] diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 00000000..4ad617c6 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,105 @@ +services: + manager-celery: + build: + context: . + dockerfile: config/Dockerfile.manager + volumes: + - ./manager:/var/www/director/manager:z + - /var/run/docker.sock:/var/run/docker.sock + - ./shared/directorutil:/var/www/director/manager/directorutil:z + - ./shared/director-shell-keys/:/manager/director-shell-keys/:z + environment: + - CELERY=1 + depends_on: + - redis + - registry + - manager-postgres + - postgres + - mysql + manager-web: + build: + context: . + dockerfile: config/Dockerfile.manager + ports: + - 8080:8080 + volumes: + - ./manager:/var/www/director/manager:z + - /var/run/docker.sock:/var/run/docker.sock + - ./shared/directorutil:/var/www/director/manager/directorutil:z + - ./shared/director-shell-keys/:/manager/director-shell-keys/:z + depends_on: + - redis + - registry + - manager-postgres + - postgres + - mysql + orchestrator: + build: + context: . + dockerfile: config/Dockerfile.orchestrator + ports: + - "5000:5000" + - "5010:5010" + volumes: + - ./orchestrator:/var/www/director/orchestrator:z + - /var/run/docker.sock:/var/run/docker.sock + - ./shared/directorutil:/var/www/director/orchestrator/directorutil:z + - ./shared/director-shell-keys/:/etc/director-shell-keys/ + depends_on: + - redis + - registry + - postgres + - mysql + router: + build: + context: . + dockerfile: config/Dockerfile.manager + volumes: + - ./manager:/manager:z + - /var/run/docker.sock:/var/run/docker.sock + - ./shared/directorutil:/router/directorutil:z + depends_on: + - redis + - registry + - postgres + - mysql + redis: + image: redis:alpine + ports: + - "6379" + registry: + image: registry:2 + ports: + - "5002:5000" + volumes: + - ./registry-data:/var/lib/registry + manager-postgres: + image: postgres:9.6-alpine + ports: + - "5432" + volumes: + - ./postgres-manager-data:/var/lib/postgresql/data + environment: + POSTGRES_USER: manager + POSTGRES_PASSWORD: pwd + POSTGRES_DB: manager + postgres: + image: postgres:9.6-alpine + ports: + - 5432:5432 + volumes: + - ./postgres-data:/var/lib/postgresql/data + environment: + POSTGRES_USER: director + POSTGRES_PASSWORD: director + POSTGRES_DB: director-postgres + mysql: + image: mysql:5.7 + ports: + - 3306:3306 + volumes: + - ./mysql-data:/var/lib/mysql + environment: + MYSQL_USER: director + MYSQL_PASSWORD: director + MYSQL_DATABASE: director-mysql diff --git a/manager/director/settings/secret_dev.py b/manager/director/settings/secret_dev.py index 8c4e5077..316f0d45 100644 --- a/manager/director/settings/secret_dev.py +++ b/manager/director/settings/secret_dev.py @@ -4,7 +4,7 @@ DEBUG = True -REDIS_HOST = "127.0.0.1" +REDIS_HOST = "redis" REDIS_PORT = "6379" CHANNELS_REDIS_DB = 0 @@ -25,7 +25,7 @@ DATABASES = { "default": { "ENGINE": "django.db.backends.postgresql", - "HOST": "127.0.0.1", + "HOST": "manager-postgres", "PORT": "5432", "NAME": "manager", "USER": "manager", @@ -40,9 +40,9 @@ DATABASES["default"]["ENGINE"] = "django.db.backends.sqlite3" DATABASES["default"]["NAME"] = ":memory:" -DIRECTOR_APPSERVER_HOSTS = ["localhost:5000"] +DIRECTOR_APPSERVER_HOSTS = ["orchestrator:5000"] -DIRECTOR_APPSERVER_WS_HOSTS = ["localhost:5010"] +DIRECTOR_APPSERVER_WS_HOSTS = ["orchestrator:5010"] SITE_URL_FORMATS: Dict[Optional[str], str] = { None: "http://127.0.0.1:8081/{}/", diff --git a/manager/directorutil b/manager/directorutil deleted file mode 120000 index 3c3e28b0..00000000 --- a/manager/directorutil +++ /dev/null @@ -1 +0,0 @@ -../shared/directorutil \ No newline at end of file diff --git a/manager/requirements.txt b/manager/requirements.txt new file mode 100644 index 00000000..ee45e251 --- /dev/null +++ b/manager/requirements.txt @@ -0,0 +1,75 @@ +aioredis==1.3.1 +amqp==5.0.6 +asgiref==3.3.4 +async-timeout==3.0.1 +attrs==20.3.0 +autobahn==21.3.1 +automat==20.2.0 +backcall==0.2.0 +billiard==3.6.4.0 +bleach==3.3.0 +celery==5.0.5 +certifi==2020.12.5 +cffi==1.14.5 +channels==3.0.3 +channels-redis==3.2.0 +chardet==4.0.0 +click==7.1.2 +click-didyoumean==0.0.3 +click-plugins==1.1.1 +click-repl==0.1.6 +constantly==15.1.0 +cryptography==3.4.7 +daphne==3.0.1 +decorator==5.0.5 +defusedxml==0.7.1 +django==2.2.20 +django-extensions==3.1.2 +django-redis-cache==3.0.0 +hiredis==2.0.0 +hyperlink==21.0.0 +idna==2.10 +importlib-metadata==3.10.0 +incremental==21.3.0 +ipython==7.22.0 +ipython-genutils==0.2.0 +jedi==0.18.0 +kombu==5.0.2 +markdown==3.3.4 +msgpack==1.0.2 +oauthlib==3.1.0 +packaging==20.9 +parso==0.8.2 +pexpect==4.8.0 +pickleshare==0.7.5 +prompt-toolkit==3.0.18 +psycopg2==2.8.6 +ptyprocess==0.7.0 +pyasn1==0.4.8 +pyasn1-modules==0.2.8 +pycparser==2.20 +pycryptodome==3.10.1 +pygments==2.8.1 +pyjwt==2.0.1 +pyopenssl==20.0.1 +pyparsing==2.4.7 +python3-openid==3.2.0 +pytz==2021.1 +redis==3.5.3 +requests==2.25.1 +requests-oauthlib==1.3.0 +service-identity==18.1.0 +six==1.15.0 +social-auth-app-django==4.0.0 +social-auth-core==4.1.0 +sqlparse==0.4.1 +traitlets==5.0.5 +twisted==21.2.0 +txaio==21.2.1 +urllib3==1.26.4 +vine==5.0.0 +wcwidth==0.2.5 +webencodings==0.5.1 +websockets==8.1 +zipp==3.4.1 +zope.interface==5.3.0 diff --git a/manager/scripts/update-db.py b/manager/scripts/update-db.py new file mode 100644 index 00000000..fe87a018 --- /dev/null +++ b/manager/scripts/update-db.py @@ -0,0 +1,37 @@ +from director.apps.sites.models import DatabaseHost + +remove_databases = [ + {'hostname': 'postgres', 'port': 5432}, + {'hostname': 'mysql', 'port': 3306}, +] +for data in remove_databases: + DatabaseHost.objects.filter(**data).delete() + +databases = [ + { + 'hostname': 'postgres', + 'port': 5432, + 'dbms': 'postgres', + 'admin_hostname': 'localhost', + 'admin_port': 5433, + 'admin_username': 'postgres', + 'admin_password': 'pwd', + }, + { + 'hostname': 'mysql', + 'port': 3306, + 'dbms': 'mysql', + 'admin_hostname': '127.0.0.1', + 'admin_port': 3307, + 'admin_username': 'root', + 'admin_password': 'pwd', + }, +] + +for data in databases: + q = DatabaseHost.objects.filter(hostname=data['hostname'], port=data['port']) + if q.exists(): + assert q.count() == 1, 'Please delete duplicate DatabaseHosts' + q.update(**data) + else: + DatabaseHost.objects.create(**data) diff --git a/manager/start.sh b/manager/start.sh new file mode 100644 index 00000000..3641e394 --- /dev/null +++ b/manager/start.sh @@ -0,0 +1,10 @@ +#!/bin/bash +cp -r /etc/director-shell-keys/* /manager/director-shell-keys/ + +if [ $CELERY ]; then + exec celery -A director worker --pool solo +else + python3 manage.py migrate + python3 manage.py shell < scripts/update-db.py + exec python3 manage.py runserver 0.0.0.0:8080 +fi diff --git a/orchestrator/requirements.txt b/orchestrator/requirements.txt new file mode 100644 index 00000000..ba26c727 --- /dev/null +++ b/orchestrator/requirements.txt @@ -0,0 +1,19 @@ +certifi==2020.12.5 +chardet==4.0.0 +click==7.1.2 +docker==4.4.4 +flask==1.1.2 +gunicorn==20.1.0 +idna==2.10 +itsdangerous==1.1.0 +jinja2==2.11.3 +markupsafe==1.1.1 +mysqlclient==2.0.3 +psycopg2==2.8.6 +pycryptodome==3.10.1 +requests==2.25.1 +six==1.15.0 +urllib3==1.26.4 +websocket-client==0.58.0 +websockets==8.1 +werkzeug==1.0.1 diff --git a/orchestrator/supervisord.conf b/orchestrator/supervisord.conf new file mode 100644 index 00000000..4cf8b5fb --- /dev/null +++ b/orchestrator/supervisord.conf @@ -0,0 +1,17 @@ +[supervisord] +nodaemon=true +logfile=/dev/null +logfile_maxbytes=0 + +[program:server] +environment=FLASK_APP=orchestrator.app,FLASK_ENV=development +command=flask run --host 0.0.0.0 +stdout_logfile=/dev/fd/1 +stdout_logfile_maxbytes=0 +redirect_stderr=true + +[program:wsserver] +command=python -m orchestrator.ws -b 0.0.0.0 +stdout_logfile=/dev/fd/1 +stdout_logfile_maxbytes=0 +redirect_stderr=true diff --git a/shared/director-shell-keys/shell-encryption-token-privkey.pem b/shared/director-shell-keys/shell-encryption-token-privkey.pem new file mode 100644 index 00000000..28ee4130 --- /dev/null +++ b/shared/director-shell-keys/shell-encryption-token-privkey.pem @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAs2sQCWA55NcU6daz0gi1J4M5dlw+2mK/KCCuAdWXTjvswEfj +CyN30C97IIRVIuiTdL9Z4PqZCpid0c6rau0eFNTpjnhOjl3dteylUJQ+8eNLabKa +7j0vnWott+7VxZBQZoevrTOv+orpfW0xMQ8hXHH+RVgyxTWMs4VekTRdoY1NoAhz +dW2vOcb7dBu8QHGO/10M/XSFbxHTL8susluMQAEpvDHeNYNRdPqKkIHahXqlsgAW +c842mzR5bSnS5snb41dM/7hhUU9CCqOTQsQIugYDN34vrh7vP9Dsm8EoTOSmVrPZ +/v3JNectRPpdDkL1ulOW0ZFUtHmgtru/JN3t8H+l8lC8ZDDTxnRfGhn/QVwJwmn5 +CU9GDUFBbMMhemew/gmd3IKc+dr9CA8VQo9BHobeeVn2YKassi96PmlwZtuZe7Bt +zul+JioVYJwujgWmXHcJjJoi9cMvkd45wqKC9NGJwi76XduRcc76jF2K2zZNO4xj +878ywJVd57wOrrZz7GymyWqfUvusIrSFZWz+2dsLUaWeLtjtlATA8KAFN9AxKvBQ +ua2ZjB6LPyzPotQ35LteedS/yp70RXZ750F6ImQ2i44xn1n9QtLr7ph1caM9XP2R +arz4QWN+PXs54qqICgGDCZzKbJabcZiTrrkSwsHvhCJGKgaL3lYDJxc6rF8CAwEA +AQKCAgAv72NF9gERvEsYnKXHcE8iAuPH1SZvx2EmEfEbiVrW6pi62Jn24F+C7iSZ +z/FFFdlLoFIdkyZvV84Wf35532chjq7lwwvN6pMxJ0wVpr3Yd28vCqptC0jc6EDV +uwg/M+rfMdJEVqJmMFXojlNNtaqmncge880AtmlkjzXwWorHfk6meouKbKcbqyeE +YmKd3xki7dPqJYb+4UbIpqLPwTjL4uOpJbOmHXMWa1e4+xCMh/OcBnz5LLeXKOJm +QX3Y7kaCy1DFo5fQlvngiMpv1Js2RCP44AxSG261YJbOmEExpgcw8/VCtMBc1+pW +2wMgq9AmG24YiJkWbMZ8+9U6PtbybzweIMBsOIHHFney4fcJoOqSFp/oJjrDUwF2 ++sJfNlT6FPCgRT3yhbgAACmqjiT9QqWjnnpzpkygTnAfhMU5uIegWhLLrZK1agcn +w1yc7czDtJXW3k3T4lT+4bzenYH9NO85nZr37p/f+1sApquDKj9u7fxqHWaqAFcP +7NUYQZZlkS3utortAAFTcs9SgdfKu8Y8wr92GBHwgzIVluReBH3mdwaM8K7YzmAD +1uGktFqaRTxoiXir33YG0Io0tyBWLkFkYjU2fBTVhzwNfii+yxThd8mQUqjJjLJk +Ij/asNkZ8duZJmbWEfbhoZMarML4IGgYkQgCSI3nktzJSlf1/QKCAQEAz4AyYx1G +gcp92JysgSHJi58Nz36klMvlb1xvWKJ3o99dYSGXo7CovEEmIYT2Wc9HvF5blya5 +kUa7LTpx4HnEQ31a79/+fM7W6gRb7IbvidYAQHDAaxkfZIKC3bdNqDP7Y3YiVO+T +oPQB2o+NMt4MrgVrsjiJcB6hyyMzGYR9YQP5FwWOZmYcYaNhnI4JuhvwXyLuOynU +moxONk2muafIu1vflJCVqwfI0+LYhcfcDDKdoVpzwjY9wV/6P9zoMoR1IdtrHcDO +em//jBlVrSyrlYxzdTR45XlwEHJGiVFiyVytsw5YxG/apbfpHfa0Rw/AvVnyWpm7 +pdPkCbj8KN1XAwKCAQEA3VqL/YVPmYAGEtrgQc7F3fecnYxqrVHjuGnvgE4Tca9H +FCfy4VUTwTwQ1B8OxLCQHOWBp52gVR5JIceWt8/JydKACgrcW15KHW3epJxVwwr1 +qpTqny7iITosgMXS29DNbElgXxTVcu3fBjvB45vqP8/Y1nkMox8JN5c6eUe0PoZI +Aj+S1fCZapBELEU1XG4g7Kt6b62aF24bv4sOwn5vGvmc1xynOhCrjUHmX14aTx47 +vIddPC5e9k3iVM4Zq6I13aIjGUVjyq0a3T0Rm/xcDnEE84KKQFadfLdmvzQ6XOCq +shKoygaYzQwJxvVt80kI+MoaDpq+LwF5SfeS0O34dQKCAQB835lzLFsSINo7UY4+ +6CZyb/XPuVcydMJOkkIwBRYa+IEpwx2O1PG22T4pTeszgRqase5MuHFUjEx4m4OM +o7sJIpdnZFWypoePra/kWBAv0ymznicuTKAnzKMU6wtA/od7A80FcGhXpIC5F0rS +Ie9fisOVLZEIeGbF6RkHckRB7jIpOJ7J4QmTeM91d8VCyy2NE2hrEnFv0KAA7ho4 +AFE8771NmvV3R+gEG7BSUkSK0qsqP1UKu7nOdgQUCs1yGWSkS3fbH/0ikeQoW9bD +sO5RwYR6NGnNL5fRTfRFD0V0COI/r5KcJPRgZp1T+vPjEAfd7BN9kqbq1OmXMEwQ +C6QhAoIBAQC+ORIUzHubbmnJyk7uPsPL/P6aZhFG4RjRYjhwCqirCfYLXEldW7+e +UAAmSopmfVVbf9/sK4mdnGk8nkjnram7xypBdxPncSBAKisrSy5obwKvlUoLgj7S +TyvvfhG21bmzVVt8WmsUWVdQBAqbj2G/dN7jcSNrC0DghRW7I+PB16QKSpflQt6U +tWXgpZk11W519OdDEe1aNUWjVd1ZR04z4E7ojbcoLys+OWPAkR4K3/B2E94L2c3B +3SyjtHpbBQtFbBC9puQbSKfNeK2pXzW9M2MN4SDuKYEtrG6f4kJFjs0iOubSttiZ +Xb8JO+FBMYKESyoZYuINgza4WgnRgrABAoIBAFcek7Q96Ksh77lFqoBdLyGvQTVm +asEFFE84LMi1r4buiOVY8Wp2Z9qTuYYjElszKeRz92RXzOFVBKFzkjnb+fNQYc8o +2owRT/nIAMd+JBnOa6vu+VBsDiDNeGIW/1ZFG3Y+oKthYFcwkZ+W7cHjXxle4XD4 +ayewSnVncsWCCNhfh165QGxkIii0vUBjo65tT9QJxKa6L+Y4mfYcQ5cxcEKtB4Pw +yJ/BsHsHArWB4N+UW8qhjPu9/5bg4ljvz7T7xBPqqcYYlLh7MfdY6yB4yftdVTiz +gdEyDbfQYplsfY3fMSxP67AwQ0dG5PCsfOeM+O8OXw7bYWVZVj4uc71IIb8= +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/shared/director-shell-keys/shell-encryption-token-pubkey.pem b/shared/director-shell-keys/shell-encryption-token-pubkey.pem new file mode 100644 index 00000000..77213fa2 --- /dev/null +++ b/shared/director-shell-keys/shell-encryption-token-pubkey.pem @@ -0,0 +1,14 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs2sQCWA55NcU6daz0gi1 +J4M5dlw+2mK/KCCuAdWXTjvswEfjCyN30C97IIRVIuiTdL9Z4PqZCpid0c6rau0e +FNTpjnhOjl3dteylUJQ+8eNLabKa7j0vnWott+7VxZBQZoevrTOv+orpfW0xMQ8h +XHH+RVgyxTWMs4VekTRdoY1NoAhzdW2vOcb7dBu8QHGO/10M/XSFbxHTL8susluM +QAEpvDHeNYNRdPqKkIHahXqlsgAWc842mzR5bSnS5snb41dM/7hhUU9CCqOTQsQI +ugYDN34vrh7vP9Dsm8EoTOSmVrPZ/v3JNectRPpdDkL1ulOW0ZFUtHmgtru/JN3t +8H+l8lC8ZDDTxnRfGhn/QVwJwmn5CU9GDUFBbMMhemew/gmd3IKc+dr9CA8VQo9B +HobeeVn2YKassi96PmlwZtuZe7Btzul+JioVYJwujgWmXHcJjJoi9cMvkd45wqKC +9NGJwi76XduRcc76jF2K2zZNO4xj878ywJVd57wOrrZz7GymyWqfUvusIrSFZWz+ +2dsLUaWeLtjtlATA8KAFN9AxKvBQua2ZjB6LPyzPotQ35LteedS/yp70RXZ750F6 +ImQ2i44xn1n9QtLr7ph1caM9XP2Rarz4QWN+PXs54qqICgGDCZzKbJabcZiTrrkS +wsHvhCJGKgaL3lYDJxc6rF8CAwEAAQ== +-----END PUBLIC KEY----- \ No newline at end of file diff --git a/shared/director-shell-keys/shell-signing-token-privkey.pem b/shared/director-shell-keys/shell-signing-token-privkey.pem new file mode 100644 index 00000000..38adb984 --- /dev/null +++ b/shared/director-shell-keys/shell-signing-token-privkey.pem @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAxxJLO8RA+bP6u2YZNZjn8+pfDpaOJAeBOWYZUJ7jrDmOZEab +q4surW/6aKA2QcDSNguDjiM7Cplbqstu2Pu6KPYAWOL3hN/timuBKbCRqlN6D8Gw +zDsMEawQaJ5Lg3Hr4JNriuiUUINJrXqm23c7vLmhJKAsFYL/zwkMipU9WTpELgvk +Os79CcJrTL/Sxof9qW5lY9IoVC2+E4I2Mc6sLR6+wetbO3f+w2MtN7CRsM+Uw2up +8IbzCkXomUIQTwfFIg3YPxpH9cWSbKzzp20E6SBhoVc2E3o4JEO5EAfnwo+rv/F1 +iRG81DQqulbl+uGV5KD6qwq4mABr2qJdeQAw0FIHy8xWJc7XxGXDfWlMXLpouM9r +vjTzkUYKX6E5XfLfAw6+xEJyvLf7rEPDn6frxz+eYPV/xO+o2W6ofEqNbzWjvTg9 +zq1cKPhBHRaQ0KbKZlDuOBixjFEW5y8ysxSGBn3W4i1ucB4kgBE4cQtdeezGfsr5 +uPGIEmXwAKGnowNa+vRZcup3fDfecAzrlmG5ObwfP7x6W0kb+pWvR4yvpHKCHcep +n2zxZDkqmsZrhs/wH8HbyCH6NZ35eqMAr27tKlCKaBm52H7mm9QU3vev9MVmGDHZ +QCZZZSLrqlf5IB1bm/XbnWDcNGtDy1/CZnPHZnV6ysmp8QJd+jz+64AWKU8CAwEA +AQKCAf9kcQEvUVYh/IKwYFNX4k57mJqy7EPLlKh0IuT4SIhB3XMlenq7kv4k2YWp +mdcbq1kPlmpKInx9BzkOc+ukj14zoeuK7aRK5rEeUMpavpFrNF3h6q3Js1aOPsKz +W9W9/JIxktrau37EdiQ2jiv3j7Fpsj9xZgotexXsNXnzx65XLDmPrMWlkR/Foigs +EUfH49WY0fAA7Yhrm1N22bwpD/N6Jd5u+XvkBXywGNo3vwnDVvk4S0TzQc5e4JGm +F4R4W53wu2DgdeIuSgFsfoHGzWWCOqmyk3jgBZ/4rDLeY8lhNsbxkbg78IyAhScJ +3c6BRvuE37RE7fk1YwEIJI6vqT5MTyacRVbK6bk9+2aBdA/UwopCgniYntVJt7KX +qWE1wLvaZurToz6hEbj7sno2zElo/xicgRum/YnJ87/IDzoHLn87W1MuslqDyDOK +gJXuZu5XuVnIinJKweQbeCY/ig23FIc+BcLctlyDOMWPbvLc8YyLayEkkXJmxpG9 +4K081aJcNAaPInZ2oRHE2780wY6cuPMIjdGcoywZjI5h33MaIomq/dnEGGIA4iwn +SywhBhhZPpt9OATQNKNzxV4EP5ez5eJqQEN4T4cs8lZvF0nyg5CvTqE4oB2GXJOr +JTu8mdeEuDFknsRaejTmkR9dy2tWZB6q+0wfzqalO/ge0fy9AoIBAQDaITSjgY0/ +WtmHKFzuNbXoSs6pYIPIuVazyRtgKraitrRYmKpfoOmHBsVZ+rys/LVolCO7aIDj +9DP//Fjyxa3z0SLvpelC4radElSr/kfTEgPTQpv5UKfiw7OA58zDiSzuncnBtfni +RXeehCFJikTCq56fEq0pfzdnuJM/8+pwrVDjvxybFLNPv7RaiGlN5IVYNobKMQ1G +KfOJ0vzuPx5GnnjYnJ4+kta3TaMA7jHiPiXZMeSgWXUy3j6W95zGHNM0fOeO54rE +sx23EcNmR8L7avOwV0lw8jx6cj3mI1G2U3iYrAuHqymPitVMauDGqJ643/wfGYvo +b/b9rgETvyobAoIBAQDpogrtePiD5P3zdtDVIfq+4hZQMqg9IaLaSzj4xZOPsNnW +pSb9bzC2CkTiQ/FMhZ1V3xVjm2orCfoDkpIMx+loa7amn2p+OPHsGKvvcPkpN2d4 +AHz0+Nd5hgJovxKJNIAbdTxTRRPZpxfO9iW63teRAnSNALCNDzEYs0OJLA9s8fxO +mXyj57XlaZaDczvvom0lr7rr+Qm4uGlfyJuwR50gYY6+dOBBkDxheSMcYRPL43J2 +yiChUrtZXVEJa5mIOc9dnTuREvBt5o4E31bWVUpLHMWgQ86QZofWMAg/KPNljgMz +ef/iyLZ41kV4tHmeWaVtvgjureoDlT/sghdvGXDdAoIBAQDG5uCI9+lEjCMvC68x +x+hIGW65JDkHH3ngFtHPryM63D83Sn6RFLndVl8+3VSOqSECa5LpoTFmq5d/JSw2 +s+sbGOkyfadmRjUepUhwTT5RSWwTh/mSLeno7WsRcE1XQA6ox1jiOn3RxmZ9NR7l +YB+zI6tQgkdEP6zV94jOGCz+8guAoRQElausXLKomxrq3CZ7eb0PQgtIn5hjZPEe +jo+c9YRcgPQLOvpvy2uHvavfEayRkN1ZGjm0WNPZ9ZAPVtmAUyUTOi9fjbTa6mez +LFyvxabQdceSJlDflqy63hn0l8iv7rHU1E7hhUdal1q/y6JwEk5kTXc2TGJ8j96L +kxVhAoIBAHqWFqvBpIv4FDOx7SNXv+x2ToTn/5SL2Jo3i/4kFSf5AGP6pfmmZOWv +f7NFORAQr5xGAEASZOOOSYukVVO1dUff9Kd6z/LIyE88JsLtAR9aPcUeZHJZOx49 +bXgugXhSfsFpgyyh+ydh4EEssGFb2bnxktwFN53cEcPHE7Ge170vP1ayfE64Hp3w +CBSS2ykCjciPa0GzmyE8SbYDWYVmHhDGf5J5Ws2r87KlUAHtAekiP4YKypI7Cah7 +KTELLzTmOGMDRCT7zgGsTmpKEZNGj0PYJe3QhksIMU/2Re11/DgWCqHw6o3BCNVg +gHU0JPgsS3vIkYFC6Z3VqwPawpb9v1UCggEBANCCoecbdyd8M34FgJ/GQz0Q+cx7 +rfFtOxjqetjUXBzIpoj8P3lSWgszMrW2vqvIUYDVLfB0bwy2dlVg7V6dA1duy8R2 +pgVJhSgHVM9M+NPHA0cGuaykAnoL/U6SIZdq3gluguA/ioGFQWuOePexwl8wmb+H +uEKqxcXHjgutoUDJdGBANnC55Gco1AFkaQMoLvQa9b0zWFWY5LsVd1IeZ52ITct/ +i1F2+zRmB2tkrc58FwBv7fpMwtu3EdPN/VCffZX9wg/sLiysKVPFBDODciXG07v6 +WWeOzWdZdIn3Mr2GRVbXKITCqoCpJGt9Wh1Lb0vzKg1eZlGeyhmt/lNIdoc= +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/shared/director-shell-keys/shell-signing-token-pubkey.pem b/shared/director-shell-keys/shell-signing-token-pubkey.pem new file mode 100644 index 00000000..99e7a364 --- /dev/null +++ b/shared/director-shell-keys/shell-signing-token-pubkey.pem @@ -0,0 +1,14 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxxJLO8RA+bP6u2YZNZjn +8+pfDpaOJAeBOWYZUJ7jrDmOZEabq4surW/6aKA2QcDSNguDjiM7Cplbqstu2Pu6 +KPYAWOL3hN/timuBKbCRqlN6D8GwzDsMEawQaJ5Lg3Hr4JNriuiUUINJrXqm23c7 +vLmhJKAsFYL/zwkMipU9WTpELgvkOs79CcJrTL/Sxof9qW5lY9IoVC2+E4I2Mc6s +LR6+wetbO3f+w2MtN7CRsM+Uw2up8IbzCkXomUIQTwfFIg3YPxpH9cWSbKzzp20E +6SBhoVc2E3o4JEO5EAfnwo+rv/F1iRG81DQqulbl+uGV5KD6qwq4mABr2qJdeQAw +0FIHy8xWJc7XxGXDfWlMXLpouM9rvjTzkUYKX6E5XfLfAw6+xEJyvLf7rEPDn6fr +xz+eYPV/xO+o2W6ofEqNbzWjvTg9zq1cKPhBHRaQ0KbKZlDuOBixjFEW5y8ysxSG +Bn3W4i1ucB4kgBE4cQtdeezGfsr5uPGIEmXwAKGnowNa+vRZcup3fDfecAzrlmG5 +ObwfP7x6W0kb+pWvR4yvpHKCHcepn2zxZDkqmsZrhs/wH8HbyCH6NZ35eqMAr27t +KlCKaBm52H7mm9QU3vev9MVmGDHZQCZZZSLrqlf5IB1bm/XbnWDcNGtDy1/CZnPH +ZnV6ysmp8QJd+jz+64AWKU8CAwEAAQ== +-----END PUBLIC KEY----- \ No newline at end of file