File Layout
Layout and Config Files for On-Premise Deployment (v1)
<code class="dcode">{env}</code> is the organization name.
<code class="dcode">HEADSPIN_HOME</code> env var is set to:
1. <code class="dcode">$HOME/headspinio-unifiedcontroller/{env}-unifiedcontroller</code> on unfiedcontroller.
2. <code class="dcode">$HOME/headspinio-pboxagent/{env}-pboxagent/</code> on each proxy server.
When adding a new user to run HeadSpin, <code class="dcode">headspinio-pboxagent</code> needs to be copied entirely into the new user <code class="dcode">$HOME</code>.
Currently the cert must always be named <code class="dcode">star_headspin_io</code> even after migrating to a new domain, e.g. <code class="dcode">*.{domain}</code>. We will change this in the future so that the cert will be named <code class="dcode">star_{domain}</code> where <code class="dcode">{domain}</code> is inferred from the host name.
1. Unified Controller
User <code class="dcode">ubuntu</code> by default. Requires Ubuntu Server 16.04 or 18.04.
2. Proxy Box
User <code class="dcode">hs</code> by default. Requires Ubuntu Server 16.04 for Android devices and MacOS 10.15+ for iOS devices.
Files of interest
Environment notes
- Do not install <code class="dcode">adb</code> from apt. HeadSpin uses a custom <code class="dcode">adb</code> binary and socket.
Notes
SSH keys
- <code class="dcode">$UNIFIED_CONTROLLER:$HOME/.ssh/authorized_keys</code> -- Add <code class="dcode">headspin_id_rsa.pub</code> here
- <code class="dcode">$PROXY_BOX:$HOME/.ssh/authorized_keys</code> -- Add <code class="dcode">pbox_id_rsa.pub</code> here
- <code class="dcode">$UNIFIED_CONTROLLER:$HOME/headspinio-root/{org}/.pbox_id_rsa</code>
- <code class="dcode">$UNIFIED_CONTROLLER:$HOME/headspinio-root/{org}/keys-{org}-red/pbox_id_rsa{,.pub}</code>
- <code class="dcode">$UNIFIED_CONTROLLER:$HOME/headspinio-root/{org}/keys-{org}-red/headspin_id_rsa{,.pub}</code>
SSL Certs
- <code class="dcode">$UNIFIED_CONTROLLER:$HOME/headspinio-root/{org}/keys-{org}-red/star_headspin_io/star_headspin_io{.key,.pem}</code>
- <code class="dcode">$PROXY_BOX:/STF_CERT_PATH/star_headspin_io{.key,.pem}</code>
Universal Controller units (Linux)
- <code class="dcode">supervisorctl start headspin</code>
- <code class="dcode">supervisorctl stop headspin</code>
Proxy Box units (Linux)
- <code class="dcode">systemctl stop stf.slice</code>
- <code class="dcode">systemctl start stf</code>
Proxy Box units (macOS)
- <code class="dcode">cd $HEADSPIN_HOME</code>
- <code class="dcode">./bin/controlfreak launchd stop</code>
- <code class="dcode">./bin/controlfreak launchd start</code>
host_stf.yml
host_controlfreak.yml
<code class="dcode">secret</code> is a uuid4 (RFC4122 section 4.4). In Python this can be generated with <code class="dcode">import uuid; uuid.uuid4()</code>
