infra
/
kubernetes
1
0
Fork 0
Code Pull Requests 4 Activity
241 Commits
9 Branches
0 Tags
3.5 MiB
Commit Graph

9 Commits (7b8b11111e1d6c8f84e889a44489f5b413c66f4e)

Author SHA1 Message Date
Dustin aedd4df9f6 sshca: Add machine ID for Toad 2024-05-22 15:20:09 -05:00
Dustin 5c34fdb1c6 sshca: Add Machine UUID for nvr2.p.b 2024-04-05 12:26:51 -05:00
Dustin a395d176bc sshca: Set group principals for Server Admins 
Members of the *Server Admins* group need to be able to log in to
machines using their respective privileged accounts for e.g.
provisioning or emergencies.
 2024-02-02 21:02:40 -06:00
Dustin 2cd4a8b097 sshca: Configure user CA 
SSHCA now supports issuing user certificates.  It uses OpenID Connect to
authenticate requests, and issues certificates based on the user's ID
token.
 2024-02-01 09:02:11 -06:00
Dustin a5d186b461 sshca: Add update-machine-ids script 
The `update-machine-ids.sh` shell script helps update the `sshca-data`
SealedSecret with the current contents of the `machine-ids.json` file
(stored locally, not tracked in Git).
 2024-01-25 20:42:47 -06:00
Dustin 7eae328a2c sshca: Add machine ID for serial1.p.b 2024-01-25 20:41:54 -06:00
Dustin 89516ebf55 sshca: Add machine ID for nut0 2024-01-13 09:51:13 -06:00
Dustin 4cec66fc13 sshca: Add machine IDs for nvr1, k8s-aarch64-n1 2024-01-07 21:16:37 -06:00
Dustin fe2a84a222 sshca: Deploy SSH CA service 
[sshca] is a simple web service I wrote to automatically create signed
SSH certificates for hosts' public keys.  It authenticates hosts by
their machine UUID, which it can find using the libvirt API.

[sshca]: https://git.pyrocufflink.net/dustin/sshca
 2023-11-10 14:22:31 -06:00