make fabric procedure the official robot proc

eab16ad7 · anarcat · 92b2db85 · eab16ad7
Unverified Commit eab16ad7 authored 4 years ago by anarcat
--- a/tsa/howto/new-machine-hetzner-robot.mdwn
+++ b/tsa/howto/new-machine-hetzner-robot.mdwn
@@ -30,8 +30,54 @@ able to proceed with the install.
 Ordering physical servers from Hetzner can be very fast: we've seen 2
 minutes turn around times.

-Install
-------
+Semi-automated install
+----------------------
+
+At this point you should have received an email from Hetzner with a
+subject like:
+
+    Subject: Your ordered SX62 server
+
+It should contain the SSH fingerprint, and IP address of the new host
+which we'll use below. The machine can be bootstrapped with a basic
+Debian installer with the [[Fabric]] code in the `tsa-misc` git
+repository. Here's an example of a commandline:
+
+    ./install -H root@88.99.194.57 \
+              --fingerprint 0d:4a:c0:85:c4:e1:fe:03:15:e0:99:fe:7d:cc:34:f7 \
+              --verbose \
+              hetzner-robot \
+              --fqdn=HOSTNAME.torproject.org \
+              --fai-disk-config=installer/disk-config/gnt-fsn-NVMe \
+              --package-list=installer/packages \
+              --post-scripts-dir=installer/post-scripts/
+
+Taking that apart:
+
+ * `-H root@88.99.194.57`: the IP address provided by Hetzner in the
+   confirmation email
+ * `--fingerprint`: the ed25519 MD5 fingerprint from the same email
+ * `--verbose`: important for now because otherwise the job is silent
+   except for errors, which could be confusing
+ * `hetzner-robot`: the install job type (only robot supported for now)
+ * `--fqdn=HOSTNAME.torproject.org`: the Fully Qualified Domain Name
+   to set on the machine, it is used in a few places, but the
+   `hostname` is correctly set to the `HOSTNAME` part only
+ * `--fai-disk-config=installer/disk-config/gnt-fsn-NVMe`: the disk
+   configuration, in [fai-setup-storage(8)](https://manpages.debian.org/setup-storage.8) format
+ * `--package-list=installer/packages`: the base packages to isntall
+ * `--post-scripts-dir=installer/post-scripts/`: post-install scripts,
+   magic glue that does everything
+ 
+The last two are passed to `grml-debootstrap` and should rarely be
+changed (although they could be coverted in to Fabric tasks
+themselves).
+
+See [[new-machine]] for post-install configuration steps, then follow
+[[new-machine-mandos]] for setting up the mandos client on this host.
+
+Manual install procedure
+------------------------

 At this point you should have received an email from Hetzner with a
 subject like:
@@ -233,32 +279,5 @@ which we'll use below.

        reboot

-Semi-automated install
----------------------
-
-The above procedure was automated using [[Fabric]] in the `tsa-misc`
-git repository. This still remains to be documented better, but the
-magic commandline for fsn-node-05 was:
-
-    ./install -H root@88.99.194.57 --fingerprint 0d:4a:c0:85:c4:e1:fe:03:15:e0:99:fe:7d:cc:34:f7 --verbose hetzner-robot fsn-node-05.torproject.org installer/disk-config/gnt-fsn-NVMe installer/packages installer/post-scripts/
-
-Taking that apart:
-
- * `-H root@88.99.194.57`: that's the IP address provided by Hetzner
-   in the confirmation email
- * `--fingerprint`: the ed25519 fingerprint from the same email
- * `hetzner-robot`: the install job type
- * `fsn-node-05.torproject.org`: the hostname to set on the machine
- * `installer/disk-config/gnt-fsn-NVMe`: the disk configuration
- * `installer/packages`: the base packages to isntall
- * `isntaller/post-scripts/`: post-install scripts
- 
-The last two are passed to grml-debootstrap and should rarely be
-changed (although they could be coverted in to Fabric tasks
-themselves).
-
-Configuration
-------------
-
 See [[new-machine]] for post-install configuration steps, then
 follow [[new-machine-mandos]] for setting up the mandos client on this host.