{ "$schema": "https://choria.io/schemas/mcorpc/ddl/v1/agent.json", "metadata": { "name": "choria_provision", "description": "Choria Provisioner", "author": "R.I.Pienaar ", "license": "Apache-2.0", "version": "0.27.0", "url": "https://choria.io", "timeout": 20 }, "actions": [ { "action": "configure", "input": { "token": { "prompt": "Token", "description": "Authentication token to pass to the server", "type": "string", "default": "", "optional": true, "validation": ".", "maxlength": 128 }, "config": { "prompt": "Configuration", "description": "The configuration to apply to this node", "type": "string", "default": null, "optional": false, "validation": "^{.+}$", "maxlength": 2048 }, "certificate": { "prompt": "Certificate", "description": "PEM text block for the certificate", "type": "string", "default": null, "optional": true, "validation": "^-----BEGIN CERTIFICATE-----", "maxlength": 10240 }, "ca": { "prompt": "CA Bundle", "description": "PEM text block for the CA", "type": "string", "default": null, "optional": true, "validation": "^-----BEGIN CERTIFICATE-----", "maxlength": 20480 }, "ssldir": { "prompt": "SSL Dir", "description": "Directory for storing the certificate in", "type": "string", "default": null, "optional": true, "validation": ".", "maxlength": 500 }, "key": { "description": "A RSA private key", "prompt": "PEM text block for the private key", "type": "string", "default": null, "optional": true, "validation": "-----BEGIN RSA PRIVATE KEY-----", "maxlength": 10240 }, "ecdh_public": { "prompt": "ECDH Public Key", "description": "Required when sending a private key", "type": "string", "default": "", "optional": true, "maxlength": 64, "validation": "." }, "action_policies": { "prompt": "Action Policy Documents", "description": "Map of Action Policy documents indexed by file name", "type": "hash", "default": {}, "optional": true }, "opa_policies": { "prompt": "Open Policy Agent Policy Documents", "description": "Map of Open Policy Agent Policy documents indexed by file name", "type": "hash", "default": {}, "optional": true }, "server_jwt": { "description": "JWT file used to identify the server to the broker for ed25519 based authentication", "prompt": "Server JWT", "type": "string", "default": "", "optional": true, "maxlength": 2048, "validation": "." } }, "output": { "message": { "description": "Status message from the Provisioner", "display_as": "Message", "type": "string", "default": null } }, "display": "failed", "description": "Configure the Choria Server" }, { "action": "gen25519", "display": "always", "description": "Generates a new ED25519 keypair", "input": { "token": { "prompt": "Token", "description": "Authentication token to pass to the server", "type": "string", "default": "", "optional": false, "validation": ".", "maxlength": 128 }, "nonce": { "prompt": "Nonce", "description": "Single use token to be signed by the private key being generated", "type": "string", "default": "", "optional": false, "validation": ".", "maxlength": 64 } }, "output": { "public_key": { "description": "The ED255519 public key hex encoded", "display_as": "Public Key", "type": "string", "default": "" }, "directory": { "description": "The directory where server.key and server.pub is written to", "display_as": "Directory", "type": "string", "default": "" }, "signature": { "description": "The signature of the nonce made using the new private key, hex encoded", "display_as": "Signature", "type": "string", "default": "" } } }, { "action": "gencsr", "input": { "token": { "prompt": "Token", "description": "Authentication token to pass to the server", "type": "string", "default": "", "optional": false, "validation": ".", "maxlength": 128 }, "cn": { "prompt": "Common Name", "description": "The certificate Common Name to place in the CSR", "type": "string", "default": null, "optional": true, "validation": "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$", "maxlength": 80 }, "C": { "prompt": "Country", "description": "Country Code", "type": "string", "default": null, "optional": true, "validation": "^[A-Z]{2}$", "maxlength": 2 }, "L": { "prompt": "Locality", "description": "Locality or municipality (such as city or town name)", "type": "string", "default": null, "optional": true, "validation": "^[\\w\\s-]+$", "maxlength": 50 }, "O": { "prompt": "Organization", "description": "Organization", "type": "string", "default": null, "optional": true, "validation": "^[\\w\\s-]+$", "maxlength": 50 }, "OU": { "prompt": "Organizational Unit", "description": "Organizational Unit", "type": "string", "default": null, "optional": true, "validation": "^[\\w\\s-]+$", "maxlength": 50 }, "ST": { "prompt": "State", "description": "State", "type": "string", "default": null, "optional": true, "validation": "^[\\w\\s-]+$", "maxlength": 50 } }, "output": { "csr": { "description": "PEM text block for the CSR", "display_as": "CSR", "type": "string", "default": null }, "public_key": { "description": "PEM text block of the public key that made the CSR", "display_as": "Public Key", "type": "string", "default": null }, "ssldir": { "description": "SSL directory as determined by the server", "display_as": "SSL Dir", "type": "string", "default": null } }, "display": "always", "description": "Request a CSR from the Choria Server" }, { "action": "jwt", "input": { "token": { "prompt": "Token", "description": "Authentication token to pass to the server", "type": "string", "default": "", "optional": false, "validation": ".", "maxlength": 128 } }, "output": { "jwt": { "description": "The contents of the JWT token", "display_as": "JWT Token", "type": "string", "default": "" }, "ecdh_public": { "description": "The ECDH public key for calculating shared secrets", "display_as": "ECDH Public Key", "type": "string", "default": "" } }, "display": "always", "description": "Re-enable provision mode in a running Choria Server" }, { "action": "reprovision", "input": { "token": { "prompt": "Token", "description": "Authentication token to pass to the server", "type": "string", "default": "", "optional": false, "validation": ".", "maxlength": 128 } }, "output": { "message": { "description": "Status message from the Provisioner", "display_as": "Message", "type": "string", "default": null } }, "display": "always", "description": "Reenable provision mode in a running Choria Server" }, { "action": "restart", "input": { "token": { "prompt": "Token", "description": "Authentication token to pass to the server", "type": "string", "default": "", "optional": false, "validation": ".", "maxlength": 128 }, "splay": { "prompt": "Splay time", "description": "The configuration to apply to this node", "type": "number", "default": null, "optional": true } }, "output": { "message": { "description": "Status message from the Provisioner", "display_as": "Message", "type": "string", "default": null } }, "display": "failed", "description": "Restart the Choria Server" }, { "action": "release_update", "input": { "token": { "prompt": "Token", "description": "Authentication token to pass to the server", "type": "string", "default": "", "optional": false, "validation": ".", "maxlength": 128 }, "repository": { "prompt": "Repository URL", "description": "HTTP(S) server hosting the update repository", "type": "string", "default": "", "optional": false, "validation": "^http(s*)://", "maxlength": 512 }, "version": { "prompt": "Version to update to", "description": "Package version to update to", "type": "string", "default": "", "optional": false, "validation": ".+", "maxlength": 32 } }, "output": { "message": { "description": "Status message from the Provisioner", "display_as": "Message", "type": "string", "default": null } }, "display": "always", "description": "Performs an in-place binary update and restarts Choria" }, { "action": "shutdown", "input": { "token": { "prompt": "Token", "description": "Authentication token to pass to the server", "type": "string", "default": "", "optional": false, "validation": ".", "maxlength": 128 } }, "output": { "message": { "description": "Status message from the Provisioner", "display_as": "Message", "type": "string", "default": null } }, "display": "failed", "description": "Shut the Choria Server down cleanly" } ] }