.

1b5784ce · Kirill Smelkov · 7c019af2 · 1b5784ce · 1b5784ce · 1b5784ce
Commit 1b5784ce authored Dec 26, 2023 by Kirill Smelkov
5 changed files
--- a/software/ors-amarisoft/buildout.hash.cfg
+++ b/software/ors-amarisoft/buildout.hash.cfg
@@ -16,7 +16,7 @@

 [template]
 filename = instance.cfg
-md5sum = 8a4504fa1666a5e12bfb173754474b51
+md5sum = 5bde9db385ca028fd954a81cb3016ff6

 [template-ors]
 filename = instance-ors.cfg
@@ -28,7 +28,7 @@ md5sum = 7be5ebdb7fd13c342b9c7b54c9ba346f

 [ru_libinstance.jinja2.cfg]
 _update_hash_filename_ = ru/libinstance.jinja2.cfg
-md5sum = c6e0c6f8b224c4a5fff4dc2d02c7f153
+md5sum = f4530d8c5117c881407432cc50f02788

 [ru_sdr_libinstance.jinja2.cfg]
 _update_hash_filename_ = ru/sdr/libinstance.jinja2.cfg
@@ -36,7 +36,7 @@ md5sum = 7cd5331db13a8a901cb1b55a4596cf50

 [ru_lopcomm_libinstance.jinja2.cfg]
 _update_hash_filename_ = ru/lopcomm/libinstance.jinja2.cfg
-md5sum = 3cdf26e872670b0409f4456d9f6a5ebe
+md5sum = 87b7e5ebec49d0451739f287921d9cf8

 [ru_sunwave_libinstance.jinja2.cfg]
 _update_hash_filename_ = ru/sunwave/libinstance.jinja2.cfg
@@ -84,7 +84,7 @@ md5sum = 52da9fe3a569199e35ad89ae1a44c30e

 [template-enb]
 _update_hash_filename_ = instance-enb.jinja2.cfg
-md5sum = b1bbe8fbb919a531736401fd93b2919d
+md5sum = 6434819165cefda0ed9f9ecd46f39e46

 [template-ors-enb]
 _update_hash_filename_ = instance-ors-enb.jinja2.cfg

--- a/software/ors-amarisoft/instance-enb.jinja2.cfg
+++ b/software/ors-amarisoft/instance-enb.jinja2.cfg
 # instance-enb implements eNB/gNB service.

-{# XXX temp hack #}
-{% set ru = "zzz" %}
-
 [buildout]
 parts =
  directory
@@ -12,15 +9,8 @@ parts =
 {% if slapparameter_dict.get('xlog_fluentbit_forward_host') %}
  xlog-fluentbit-service
 {% endif %}
-# XXX -> ru/lopcomm
-{% if ru == "lopcomm" %}
-  sshd-service
-  sshd-add-authorized-key
-  sshd-promise
-{% endif %}

  check-baseband-latency.py
-  check-amarisoft-stats-log.py
  monitor-base
  publish-connection-information

@@ -188,66 +178,6 @@ wrapper-path = ${directory:service}/${:_buildout_section_name_}
 hash-files = ${:fluentbit-config}
 {% endif %}

-[user-info]
-recipe = slapos.cookbook:userinfo
-
-# Deploy openssh-server
-# XXX just unroll sftp server inside ru/lopcomm/software via paramiko ?
-[sshd-port]
-recipe = slapos.cookbook:free_port
-minimum = 22222
-maximum = 22231
-ip = ${slap-configuration:ipv6-random}
-
-[sshd-config]
-recipe = slapos.recipe.template:jinja2
-output = ${directory:etc}/sshd.conf
-path_pid = ${directory:run}/sshd.pid
-inline =
-  PidFile ${:path_pid}
-  Port ${sshd-port:port}
-  ListenAddress ${slap-configuration:ipv6-random}
-  Protocol 2
-  HostKey ${sshd-ssh-host-rsa-key:output}
-  HostKey ${sshd-ssh-host-ecdsa-key:output}
-  PasswordAuthentication no
-  PubkeyAuthentication yes
-  HostKeyAlgorithms ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521
-  AuthorizedKeysFile ${buildout:directory}/.ssh/authorized_keys
-  Subsystem sftp {{ openssh_location }}/libexec/sftp-server
-
-[sshd-service]
-recipe = slapos.cookbook:wrapper
-command-line = {{ openssh_location }}/sbin/sshd -D -e -f ${sshd-config:output}
-wrapper-path = ${directory:service}/sshd
-hash-files = ${sshd-config:output}
-environment =
-  HOME=${directory:home}
-
-[sshd-add-authorized-key]
-recipe = slapos.cookbook:dropbear.add_authorized_key
-home = ${buildout:directory}
-key = {{ slapparameter_dict.get("user-authorized-key", '') }}
-
-[sshd-ssh-keygen-base]
-recipe = plone.recipe.command
-output = ${directory:etc}/${:_buildout_section_name_}
-command = {{ openssh_output_keygen }} -f ${:output} -N '' ${:extra-args}
-
-[sshd-ssh-host-rsa-key]
-<=sshd-ssh-keygen-base
-extra-args=-t rsa
-[sshd-ssh-host-ecdsa-key]
-<=sshd-ssh-keygen-base
-extra-args=-t ecdsa -b 521
-
-[sshd-promise]
-<= monitor-promise-base
-promise = check_socket_listening
-name = sshd.py
-config-host = ${slap-configuration:ipv6-random}
-config-port = ${sshd-port:port}
-
 [config-base]
 recipe = slapos.recipe.template:jinja2
 extensions = jinja2.ext.do
@@ -298,13 +228,6 @@ peer-list = XXX
 peer-cell-list = XXX


-{% if ru == "lopcomm" %}
-ssh-command = ssh ${user-info:pw-name}@${slap-configuration:ipv6-random} -p ${sshd-port:port}
-ssh-url = ssh://${user-info:pw-name}@[${slap-configuration:ipv6-random}]:${sshd-port:port}
-ru-firmware = {{ru_lopcomm_firmware_filename}}
-ru-ipv6 = ${slap-configuration:tap-ipv6-gateway}
-{% endif %}
-
 [monitor-instance-parameter]
 {% if slapparameter_dict.get("name", None) %}
 monitor-title = {{ slapparameter_dict['name'] | string }}

--- a/software/ors-amarisoft/instance.cfg
+++ b/software/ors-amarisoft/instance.cfg
@@ -211,6 +211,8 @@ extra-context =
    raw netcapdo ${netcapdo:exe}
    raw ru_dnsmasq_template   ${ru_dnsmasq.jinja2.cfg:target}
    raw dnsmasq_location ${dnsmasq:location}
+    raw openssh_location ${openssh:location}
+    raw openssh_output_keygen ${openssh-output:keygen}

 [ue-db-config]
 recipe = slapos.recipe.template:jinja2

--- a/software/ors-amarisoft/ru/libinstance.jinja2.cfg
+++ b/software/ors-amarisoft/ru/libinstance.jinja2.cfg
@@ -53,6 +53,7 @@ config-stats-period = {{ slapparameter_dict.get("enb_stats_fetch_period", 60) }}
 {%-   set rudrv_dict = namespace(sdr=rudrv_sdr,
                                 lopcomm=rudrv_lopcomm,
                                 sunwave=rudrv_sunwave) %}
+{%-   set rudrv_init = {} %}

 {#-   split slapos tap interface for each RU that needs its own tap.
      fallback to non-split approach for ntap <= 1 to avoid hard-dependecy on setcap/tapsplit
@@ -207,6 +208,10 @@ config-max-rx-sample-db = {{ slapparameter_dict.get("max_rx_sample_db", 0) }}

 {#-     driver-specific part #}
 {%-     set rudrv = rudrv_dict[ru.ru_type] %}
+{%-     if not rudrv_init.get(ru.ru_type) %}
+{{        rudrv.buildout()  }}
+{%-       do rudrv_init.update({ru.ru_type: 1}) %}
+{%-     endif %}
 {{      rudrv.buildout_iru(iru, iru_icell_list) }}

 {#-     publish information about RU  #}
@@ -219,6 +224,9 @@ enb = {{ root }}
 {%-       do iru_icell_ref_list.append(J(jref_of_shared(icell)))  %}
 {%-     endfor  %}
 cell-list = {{ iru_icell_ref_list | join(', ') }}
+{%-     if ru.ru_link_type == 'cpri'  %}
+ipv6 = ${vtap.{{ ru.cpri_link._tap }}:gateway}
+{%-     endif %}
 # XXX +error

 {%-   endfor %}

--- a/software/ors-amarisoft/ru/lopcomm/libinstance.jinja2.cfg
+++ b/software/ors-amarisoft/ru/lopcomm/libinstance.jinja2.cfg
@@ -26,7 +26,7 @@ extensions = jinja2.ext.do
 _logbase = ${directory:var}/log/{{ru_ref}}-software
 log-output = ${:_logbase}.log
 software-reply-json-log-output = ${:_logbase}-reply.json.log
-remote-file-path = sftp://${user-info:pw-name}@[${slap-configuration:ipv6-random}]:${sshd-port:port}{{ru_lopcomm_firmware_path}}
+remote-file-path = sftp://${user-info:pw-name}@[${sshd-service:ipv6}]:${sshd-service:port}{{ru_lopcomm_firmware_path}}
 is_firmware_updated = ${directory:etc}/{{ru_ref}}.is_firmware_updated
 context =
  section directory directory
@@ -226,4 +226,75 @@ hash-files =

 {%- endif %}

+
+{#- amend RU-published information with Lopcomm-specific bits #}
+[{{ 'publish-%s' % ru_ref }}]
+firmware = {{ru_lopcomm_firmware_filename}}
+ssh-command = ssh ${user-info:pw-name}@${sshd-service:ipv6} -p ${sshd-service:port}
+ssh-url = ssh://${user-info:pw-name}@[${sshd-service:ipv6}]:${sshd-service:port}
+
+{%- endmacro  %}
+
+
+{%- macro buildout()  %}
+
+# deploy openssh-server for software upgrade
+[user-info]
+recipe = slapos.cookbook:userinfo
+
+[sshd-port]
+recipe = slapos.cookbook:free_port
+minimum = 22222
+maximum = 22231
+ip = ${slap-configuration:ipv6-random}
+
+[sshd-config]
+recipe = slapos.recipe.template:jinja2
+output = ${directory:etc}/sshd.conf
+path_pid = ${directory:run}/sshd.pid
+inline =
+  PidFile ${:path_pid}
+  Port ${sshd-port:port}
+  ListenAddress ${slap-configuration:ipv6-random}
+  Protocol 2
+  HostKey ${sshd-ssh-host-rsa-key:output}
+  HostKey ${sshd-ssh-host-ecdsa-key:output}
+  PasswordAuthentication no
+  PubkeyAuthentication yes
+  HostKeyAlgorithms ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521
+  AuthorizedKeysFile ${buildout:directory}/.ssh/authorized_keys
+  Subsystem sftp {{ openssh_location }}/libexec/sftp-server
+
+{{ part('sshd-service') }}
+recipe = slapos.cookbook:wrapper
+command-line = {{ openssh_location }}/sbin/sshd -D -e -f ${sshd-config:output}
+wrapper-path = ${directory:service}/sshd
+hash-files = ${sshd-config:output}
+environment =
+  HOME=${directory:home}
+ipv6 = ${sshd-port:ip}
+port = ${sshd-port:port}
+
+{{ part('sshd-add-authorized-key') }}
+recipe = slapos.cookbook:dropbear.add_authorized_key
+home = ${buildout:directory}
+key = {{ slapparameter_dict.get("user-authorized-key", '') }}
+
+[sshd-ssh-keygen-base]
+recipe = plone.recipe.command
+output = ${directory:etc}/${:_buildout_section_name_}
+command = {{ openssh_output_keygen }} -f ${:output} -N '' ${:extra-args}
+
+[sshd-ssh-host-rsa-key]
+<=sshd-ssh-keygen-base
+extra-args=-t rsa
+[sshd-ssh-host-ecdsa-key]
+<=sshd-ssh-keygen-base
+extra-args=-t ecdsa -b 521
+
+{{ promise('sshd') }}
+promise = check_socket_listening
+config-host = ${sshd-service:ipv6}
+config-port = ${sshd-service:port}
+
 {%- endmacro  %}