What if everything that's done in the package post-installation scripts (aside from maybe the creation of the monkeysphere user itself) was done with a single call to something like
monkeysphere-server setup
This would make things more obvious to folks installing from source
directly, and put less maintenance load on porters. The end of
monkeysphere-server setup could also invoke monkeysphere-server
diagnostics to get the admin pointed in the right direction.
Think of this as a sort of automated "Getting Started" documentation.
Of course, a hypothetical full setup command would do things like
gen-key, auto-modify sshd_config, etc. We wouldn't want to do
those things automatically without the guiding hand of the local
sysadmin.
But perhaps we could even smooth that process with:
monkeysphere-server setup --full
I'd like to know what other folks think about these possibilities. Would either of these be useful? Are they confusing? Could they be clarified?
--dkg
I'm not sure how I feel about this idea. I feel like it should just be the job of the package to setup the initial server environment. I don't really feel like the admin should have to worry about it. But then again, I can sort of see it from the point of view of someone just installing from source (but who the hell really does that anymore anyway?).
I'm also sort of mixed about the setup --full idea as well. At first I thought that it wasn't a good idea, and that I didn't like the idea of monkeysphere monkeying around with the config files of other packages (ie. ssh). However, once I started to think about setting up monkeysphere on lots of servers, I started to think that it's maybe a good idea. It might be good to have a single command that would just end with the server being on the monkeysphere:
- generate the server key
- modify sshd to point to it
- restart ssh
- publish the key to the keyserver
So I'm starting to think that this might be a good idea. Also curious what other think.
-- jrollins