testnet/detee-cli
3
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Compare commits

base: testnet:66b6639091dda37c7f5f05dd0816764893134230
Branches Tags
testnet:main
testnet:detee-api
testnet:remove_uuid
testnet:fix_airdrop_token_decimal
testnet:detee-api-remove-uuid
testnet:detee-api-remove-uuid_bak
testnet:fix_injector
...
compare: testnet:df731f4fec4790f52361bc9af915b9c7027b1e06
Branches Tags
testnet:main
testnet:detee-api
testnet:remove_uuid
testnet:fix_airdrop_token_decimal
testnet:detee-api-remove-uuid
testnet:detee-api-remove-uuid_bak
testnet:fix_injector

5 Commits
66b6639091 ... df731f4fec

Author SHA1 Message Date
Noor
df731f4fec
custom config and key paths for detee-api 
Allows to specify custom paths for the configuration file and wallet key by using the `DETEE_API_USER_PATH` environment variable.
 2025-07-06 02:55:59 +05:30
ghe0
f7df59e068
fix injector based on new version of snpguest 2025-07-04 20:13:36 +03:00
ghe0
156853dc7e
bump kernel to 6.15.4 and upgrade all distros 2025-07-04 03:21:42 +03:00
ghe0
dc316c0ad5
include public ip in price calculation 2025-07-03 00:58:01 +03:00
ghe0
c486bc049c
remove IPv6 till we get some servers with support 2025-07-02 19:09:23 +03:00
4 changed files with 79 additions and 51 deletions
Show Stats Expand all files Collapse all files

22
scripts/detee-cli_injector.sh
View File

@ -31,6 +31,17 @@ if [[ -z "${VM_HOSTNAME}" ]]; then
VM_HOSTNAME="detee-vm" VM_HOSTNAME="detee-vm"
fi fi
if [[ "$LOG_LEVEL" == "DEBUG" ]]; then
echo Environment variables:
env | grep \
-e SERVER_ADDR \
-e SSH_KEY_FILE \
-e DETEE_INSTALL_URL \
-e DETEE_INSTALL_SHA \
-e MEASUREMENT \
-e VM_HOSTNAME
fi
server="$SERVER_ADDR" server="$SERVER_ADDR"
ssh_pubkey_dir="${HOME}/.detee/cli/vms/ssh" ssh_pubkey_dir="${HOME}/.detee/cli/vms/ssh"
cert_dir="${HOME}/.detee/cli/vms/certs" cert_dir="${HOME}/.detee/cli/vms/certs"
@ -95,7 +106,7 @@ report_crt_hash=$( snpguest display report "$server_report" \
echo_blue "The hash in the report is $report_crt_hash" echo_blue "The hash in the report is $report_crt_hash"
if [[ "$crt_hash" != "$report_crt_hash" ]]; then if [[ "${crt_hash,,}" != "${report_crt_hash,,}" ]]; then
echo The hash of the certificate does not match the hash from the report. Exiting. echo The hash of the certificate does not match the hash from the report. Exiting.
exit 2 exit 2
fi fi
@ -122,19 +133,20 @@ mkdir -p "$amd_certs_dir"
ln -fs "${cert_dir}/ask-milan.pem" "${amd_certs_dir}/ask.pem" ln -fs "${cert_dir}/ask-milan.pem" "${amd_certs_dir}/ask.pem"
ln -fs "${cert_dir}/ark-milan.pem" "${amd_certs_dir}/ark.pem" ln -fs "${cert_dir}/ark-milan.pem" "${amd_certs_dir}/ark.pem"
[[ -f "${vcek_path}" ]] || { [[ -f "${vcek_path}" ]] || {
snpguest fetch vcek pem milan "$amd_certs_dir" "$server_report" || { snpguest fetch vcek --processor-model milan pem "$amd_certs_dir" "$server_report" || {
# You are probably wondering what this weird shit is doing here. # You are probably wondering what this weird shit is doing here.
# The AMD API for VCEK has throttling, and this scripts needs to run in parallel. # The AMD API for VCEK has throttling, and this scripts needs to run in parallel.
sleep 10 sleep 10
[[ -f "${vcek_path}" ]] || { [[ -f "${vcek_path}" ]] || {
snpguest fetch vcek pem milan "$amd_certs_dir" "$server_report" snpguest fetch vcek --processor-model milan pem "$amd_certs_dir" "$server_report"
} }
} }
mv "${amd_certs_dir}/vcek.pem" "${vcek_path}" mv "${amd_certs_dir}/vcek.pem" "${vcek_path}"
} }
ln -fs "${vcek_path}" "${amd_certs_dir}/vcek.pem" ln -fs "${vcek_path}" "${amd_certs_dir}/vcek.pem"
snpguest verify certs "$amd_certs_dir" snpguest verify certs "$amd_certs_dir"
snpguest verify attestation "$amd_certs_dir" "$server_report" echo snpguest verify attestation "$amd_certs_dir" "$server_report"
snpguest verify attestation --processor-model milan "$amd_certs_dir" "$server_report"
echo_yellow "The attestation got verified based on the CA from AMD for the Milan generation!" echo_yellow "The attestation got verified based on the CA from AMD for the Milan generation!"
echo_blue "Verifying if measurement is $MEASUREMENT..." echo_blue "Verifying if measurement is $MEASUREMENT..."
@ -144,7 +156,7 @@ guest_measurement=$( snpguest display report "$server_report" \
echo_blue "The guests's measurement is $guest_measurement" echo_blue "The guests's measurement is $guest_measurement"
if [[ "$guest_measurement" != "$MEASUREMENT" ]]; then if [[ "${guest_measurement,,}" != "${MEASUREMENT,,}" ]]; then
echo_red "The measurement of the server does not match." echo_red "The measurement of the server does not match."
echo_yellow "Please use this project to get your measurement: https://github.com/virtee/sev-snp-measure" echo_yellow "Please use this project to get your measurement: https://github.com/virtee/sev-snp-measure"
echo_yellow "After that, please sepcify the measurement ast the MEASUREMENT environment variable." echo_yellow "After that, please sepcify the measurement ast the MEASUREMENT environment variable."

16
src/config.rs
View File

@ -196,14 +196,30 @@ impl Config {
} }
fn config_path() -> Result<String, Error> { fn config_path() -> Result<String, Error> {
match std::env::var("DETEE_API_USER_PATH") {
Ok(user_path) => {
let config_path = format!("{user_path}/cli-config.yaml");
Ok(config_path)
}
_ => {
let config_path = Self::cli_dir_path()? + ("/cli-config.yaml"); let config_path = Self::cli_dir_path()? + ("/cli-config.yaml");
Ok(config_path) Ok(config_path)
} }
}
}
fn detee_wallet_key_path() -> Result<String, Error> { fn detee_wallet_key_path() -> Result<String, Error> {
match std::env::var("DETEE_API_USER_PATH") {
Ok(user_path) => {
let config_path = format!("{user_path}/secret_detee_wallet_key");
Ok(config_path)
}
_ => {
let config_path = Self::cli_dir_path()? + ("/secret_detee_wallet_key"); let config_path = Self::cli_dir_path()? + ("/secret_detee_wallet_key");
Ok(config_path) Ok(config_path)
} }
}
}
fn load_config_from_file() -> Result<Self, Error> { fn load_config_from_file() -> Result<Self, Error> {
Ok(serde_yaml::from_str(&std::fs::read_to_string(Self::config_path()?)?)?) Ok(serde_yaml::from_str(&std::fs::read_to_string(Self::config_path()?)?)?)

18
src/snp/deploy.rs
View File

@ -170,15 +170,6 @@ impl Request {
let memory_mib = vcpus * memory_per_cpu as u32; let memory_mib = vcpus * memory_per_cpu as u32;
let disk_size_mib = vcpus * disk_per_cpu as u32; let disk_size_mib = vcpus * disk_per_cpu as u32;
let nanocredits = super::calculate_nanocredits(
vcpus,
memory_mib,
disk_size_mib,
node.public_ipv4,
self.hours,
node.price,
);
let (extra_ports, public_ipv4): (Vec<u32>, bool) = match &self.ipv4 { let (extra_ports, public_ipv4): (Vec<u32>, bool) = match &self.ipv4 {
IPv4Config::PublishPorts(vec) => (vec.to_vec(), false), IPv4Config::PublishPorts(vec) => (vec.to_vec(), false),
IPv4Config::PublicIPv4 => (Vec::new(), true), IPv4Config::PublicIPv4 => (Vec::new(), true),
@ -193,6 +184,15 @@ impl Request {
), ),
}; };
let nanocredits = super::calculate_nanocredits(
vcpus,
memory_mib,
disk_size_mib,
public_ipv4,
self.hours,
node.price,
);
let brain_req = proto::NewVmReq { let brain_req = proto::NewVmReq {
uuid: String::new(), uuid: String::new(),
hostname: self.hostname.clone(), hostname: self.hostname.clone(),

66
src/snp/mod.rs
View File

@ -391,8 +391,8 @@ pub struct NodeOffer {
pub disk: u64, pub disk: u64,
#[tabled(rename = "Public IPv4", display_with = "display_ip_support")] #[tabled(rename = "Public IPv4", display_with = "display_ip_support")]
pub ipv4: bool, pub ipv4: bool,
#[tabled(rename = "Public IPv6", display_with = "display_ip_support")] // #[tabled(rename = "Public IPv6", display_with = "display_ip_support")]
pub ipv6: bool, // pub ipv6: bool,
#[tabled(rename = "cost/h")] #[tabled(rename = "cost/h")]
pub cost_h: f64, pub cost_h: f64,
#[tabled(rename = "cost/m")] #[tabled(rename = "cost/m")]
@ -449,7 +449,7 @@ pub fn print_node_offers(location: Location) -> Result<Vec<NodeOffer>, Error> {
cost_h: price_per_hour, cost_h: price_per_hour,
cost_m: price_per_month, cost_m: price_per_month,
ipv4: node.public_ipv4, ipv4: node.public_ipv4,
ipv6: node.public_ipv6, // ipv6: node.public_ipv6,
}); });
} }
} }
@ -481,35 +481,45 @@ pub fn calculate_nanocredits(
lazy_static! { lazy_static! {
static ref DEFAULT_DTRFS: Dtrfs = Dtrfs { static ref DEFAULT_DTRFS: Dtrfs = Dtrfs {
name: "dtrfs-6.14.2-arch1-1".to_string(), name: "dtrfs-6.15.4-arch2-1".to_string(),
vendor: "ghe0".to_string(), vendor: "ghe0".to_string(),
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.14.2-arch1-1.cpio.gz".to_string(), dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.15.4-arch2-1.cpio.gz".to_string(),
dtrfs_sha: "d207644ee60d54009b6ecdfb720e2ec251cde31774dd249fcc7435aca0377990".to_string(), dtrfs_sha: "dfde2c360341d9c7622c0f0e5200bb8ed9343cb9302ea5a06523d41705b0e4f9".to_string(),
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.14.2-arch1-1".to_string(), kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.15.4-arch2-1".to_string(),
kernel_sha: "e765e56166ef321b53399b9638584d1279821dbe3d46191c1f66bbaa075e7919".to_string() kernel_sha: "01581fba284c237131ee8d6662e3fde4ebbd55c496fcae2979448360ac3f05b0".to_string()
}; };
static ref DEFAULT_ARCHLINUX: Distro = Distro { static ref DEFAULT_ARCHLINUX: Distro = Distro {
name: "archlinux_2025-04-03".to_string(), name: "archlinux_2025-07-04".to_string(),
vendor: "gheorghe".to_string(), vendor: "gheorghe".to_string(),
template_url: "http://registry.detee.ltd/detee_arch_2025-04-03.fsa".to_string(), template_url: "http://registry.detee.ltd/detee_arch_2025-07-04.fsa".to_string(),
template_sha: "7fdb19d9325c63d246140c984dc3764538f6ea329ed877e947993ea7bc8c2067" template_sha: "af86b01e71b75328b2df4d7f0fda36f69b4ae68d20ed1ce3351da1f77a4eb260"
.to_string() .to_string()
}; };
static ref DEFAULT_UBUNTU: Distro = Distro { static ref DEFAULT_UBUNTU: Distro = Distro {
name: "ubuntu_2025-04-03".to_string(), name: "ubuntu_2025-07-04".to_string(),
vendor: "gheorghe".to_string(), vendor: "gheorghe".to_string(),
template_url: "http://registry.detee.ltd/detee_ubuntu_2025-04-03.fsa".to_string(), template_url: "http://registry.detee.ltd/detee_ubuntu_2025-07-04.fsa".to_string(),
template_sha: "324895a7a1788e43253cf9699aa446df1a5519fe072917cedcc4ed356546e34a" template_sha: "291aa82bfee3fd997724cfe8f2b2454c2e73b37120d5008bbdc60a669a13a591"
.to_string() .to_string()
}; };
static ref DEFAULT_FEDORA: Distro = Distro { static ref DEFAULT_FEDORA: Distro = Distro {
name: "fedora_2025-04-03".to_string(), name: "fedora_2025-07-04".to_string(),
vendor: "gheorghe".to_string(), vendor: "gheorghe".to_string(),
template_url: "http://registry.detee.ltd/detee_fedora_2025-04-03.fsa".to_string(), template_url: "http://registry.detee.ltd/detee_fedora_2025-07-04.fsa".to_string(),
template_sha: "75a98c3744552bbf5f8e9c6a271cd0f382e1d9a846f5d577767b39293b8efda9" template_sha: "43adbf96ab43efd07179bf8c2d2f529870d89a20d173a68915095df4fb632ccf"
.to_string() .to_string()
}; };
static ref ALTERNATIVE_INIT: Vec<Dtrfs> = vec![ static ref ALTERNATIVE_INIT: Vec<Dtrfs> = vec![
Dtrfs {
name: "dtrfs-6.14.2-arch1-1".to_string(),
vendor: "ghe0".to_string(),
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.14.2-arch1-1.cpio.gz".to_string(),
dtrfs_sha: "d207644ee60d54009b6ecdfb720e2ec251cde31774dd249fcc7435aca0377990"
.to_string(),
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.14.2-arch1-1".to_string(),
kernel_sha: "e765e56166ef321b53399b9638584d1279821dbe3d46191c1f66bbaa075e7919"
.to_string()
},
Dtrfs { Dtrfs {
name: "dtrfs-6.13.7-arch1-1".to_string(), name: "dtrfs-6.13.7-arch1-1".to_string(),
vendor: "ghe0".to_string(), vendor: "ghe0".to_string(),
@ -520,30 +530,20 @@ lazy_static! {
kernel_sha: "469a89668d2f5744b3f80417fcf0a4ce0140fcb78f1e8834ef8e3668eecc934c" kernel_sha: "469a89668d2f5744b3f80417fcf0a4ce0140fcb78f1e8834ef8e3668eecc934c"
.to_string() .to_string()
}, },
Dtrfs {
name: "dtrfs-6.13.8-arch1-1".to_string(),
vendor: "ghe0".to_string(),
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.13.8-arch1-1.cpio.gz".to_string(),
dtrfs_sha: "b5f408d00e2b93dc594fed3a7f2466a9878802ff1c7ae502247471cd06728a45"
.to_string(),
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.13.8-arch1-1".to_string(),
kernel_sha: "e49c8587287b21df7600c04326fd7393524453918c14d67f73757dc769a13542"
.to_string()
},
]; ];
static ref ALTERNATIVE_DISTROS: Vec<Distro> = vec![ static ref ALTERNATIVE_DISTROS: Vec<Distro> = vec![
Distro { Distro {
name: "archlinux_2025-02-21".to_string(), name: "archlinux_2025-04-03".to_string(),
vendor: "gheorghe".to_string(), vendor: "gheorghe".to_string(),
template_url: "http://registry.detee.ltd/detee_arch_2025-02-21.fsa".to_string(), template_url: "http://registry.detee.ltd/detee_arch_2025-04-03.fsa".to_string(),
template_sha: "257edbf1e3b949b895c422befc8890c85dfae1ad3d35661010c9aaa173ba9fc4" template_sha: "7fdb19d9325c63d246140c984dc3764538f6ea329ed877e947993ea7bc8c2067"
.to_string() .to_string()
}, },
Distro { Distro {
name: "ubuntu_2025-02-28".to_string(), name: "ubuntu_2025-04-03".to_string(),
vendor: "gheorghe".to_string(), vendor: "gheorghe".to_string(),
template_url: "http://registry.detee.ltd/detee_ubuntu_2025-02-28.fsa".to_string(), template_url: "http://registry.detee.ltd/detee_ubuntu_2025-04-03.fsa".to_string(),
template_sha: "faa8bd38d02ca9b6ee69d7f5128ed9ccab42bdbfa69f688b9947e8e5c9e5d133" template_sha: "324895a7a1788e43253cf9699aa446df1a5519fe072917cedcc4ed356546e34a"
.to_string() .to_string()
}, },
Distro { Distro {