testnet/detee-cli
3
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Compare commits

base: testnet:df731f4fec4790f52361bc9af915b9c7027b1e06
Branches Tags
testnet:main
testnet:detee-api
testnet:remove_uuid
testnet:fix_airdrop_token_decimal
testnet:detee-api-remove-uuid
testnet:detee-api-remove-uuid_bak
testnet:fix_injector
..
compare: testnet:66b6639091dda37c7f5f05dd0816764893134230
Branches Tags
testnet:main
testnet:detee-api
testnet:remove_uuid
testnet:fix_airdrop_token_decimal
testnet:detee-api-remove-uuid
testnet:detee-api-remove-uuid_bak
testnet:fix_injector

1 Commits
df731f4fec ... 66b6639091

Author SHA1 Message Date
Noor
66b6639091
custom config and key paths for detee-api 
Allows to specify custom paths for the configuration file and wallet key by using the `DETEE_API_USER_PATH` environment variable.
 2025-07-04 18:13:30 +05:30
3 changed files with 47 additions and 59 deletions
Show Stats Expand all files Collapse all files

22
scripts/detee-cli_injector.sh
View File

@ -31,17 +31,6 @@ if [[ -z "${VM_HOSTNAME}" ]]; then
VM_HOSTNAME="detee-vm" VM_HOSTNAME="detee-vm"
fi fi
if [[ "$LOG_LEVEL" == "DEBUG" ]]; then
echo Environment variables:
env | grep \
-e SERVER_ADDR \
-e SSH_KEY_FILE \
-e DETEE_INSTALL_URL \
-e DETEE_INSTALL_SHA \
-e MEASUREMENT \
-e VM_HOSTNAME
fi
server="$SERVER_ADDR" server="$SERVER_ADDR"
ssh_pubkey_dir="${HOME}/.detee/cli/vms/ssh" ssh_pubkey_dir="${HOME}/.detee/cli/vms/ssh"
cert_dir="${HOME}/.detee/cli/vms/certs" cert_dir="${HOME}/.detee/cli/vms/certs"
@ -106,7 +95,7 @@ report_crt_hash=$( snpguest display report "$server_report" \
echo_blue "The hash in the report is $report_crt_hash" echo_blue "The hash in the report is $report_crt_hash"
if [[ "${crt_hash,,}" != "${report_crt_hash,,}" ]]; then if [[ "$crt_hash" != "$report_crt_hash" ]]; then
echo The hash of the certificate does not match the hash from the report. Exiting. echo The hash of the certificate does not match the hash from the report. Exiting.
exit 2 exit 2
fi fi
@ -133,20 +122,19 @@ mkdir -p "$amd_certs_dir"
ln -fs "${cert_dir}/ask-milan.pem" "${amd_certs_dir}/ask.pem" ln -fs "${cert_dir}/ask-milan.pem" "${amd_certs_dir}/ask.pem"
ln -fs "${cert_dir}/ark-milan.pem" "${amd_certs_dir}/ark.pem" ln -fs "${cert_dir}/ark-milan.pem" "${amd_certs_dir}/ark.pem"
[[ -f "${vcek_path}" ]] || { [[ -f "${vcek_path}" ]] || {
snpguest fetch vcek --processor-model milan pem "$amd_certs_dir" "$server_report" || { snpguest fetch vcek pem milan "$amd_certs_dir" "$server_report" || {
# You are probably wondering what this weird shit is doing here. # You are probably wondering what this weird shit is doing here.
# The AMD API for VCEK has throttling, and this scripts needs to run in parallel. # The AMD API for VCEK has throttling, and this scripts needs to run in parallel.
sleep 10 sleep 10
[[ -f "${vcek_path}" ]] || { [[ -f "${vcek_path}" ]] || {
snpguest fetch vcek --processor-model milan pem "$amd_certs_dir" "$server_report" snpguest fetch vcek pem milan "$amd_certs_dir" "$server_report"
} }
} }
mv "${amd_certs_dir}/vcek.pem" "${vcek_path}" mv "${amd_certs_dir}/vcek.pem" "${vcek_path}"
} }
ln -fs "${vcek_path}" "${amd_certs_dir}/vcek.pem" ln -fs "${vcek_path}" "${amd_certs_dir}/vcek.pem"
snpguest verify certs "$amd_certs_dir" snpguest verify certs "$amd_certs_dir"
echo snpguest verify attestation "$amd_certs_dir" "$server_report" snpguest verify attestation "$amd_certs_dir" "$server_report"
snpguest verify attestation --processor-model milan "$amd_certs_dir" "$server_report"
echo_yellow "The attestation got verified based on the CA from AMD for the Milan generation!" echo_yellow "The attestation got verified based on the CA from AMD for the Milan generation!"
echo_blue "Verifying if measurement is $MEASUREMENT..." echo_blue "Verifying if measurement is $MEASUREMENT..."
@ -156,7 +144,7 @@ guest_measurement=$( snpguest display report "$server_report" \
echo_blue "The guests's measurement is $guest_measurement" echo_blue "The guests's measurement is $guest_measurement"
if [[ "${guest_measurement,,}" != "${MEASUREMENT,,}" ]]; then if [[ "$guest_measurement" != "$MEASUREMENT" ]]; then
echo_red "The measurement of the server does not match." echo_red "The measurement of the server does not match."
echo_yellow "Please use this project to get your measurement: https://github.com/virtee/sev-snp-measure" echo_yellow "Please use this project to get your measurement: https://github.com/virtee/sev-snp-measure"
echo_yellow "After that, please sepcify the measurement ast the MEASUREMENT environment variable." echo_yellow "After that, please sepcify the measurement ast the MEASUREMENT environment variable."

18
src/snp/deploy.rs
View File

@ -170,6 +170,15 @@ impl Request {
let memory_mib = vcpus * memory_per_cpu as u32; let memory_mib = vcpus * memory_per_cpu as u32;
let disk_size_mib = vcpus * disk_per_cpu as u32; let disk_size_mib = vcpus * disk_per_cpu as u32;
let nanocredits = super::calculate_nanocredits(
vcpus,
memory_mib,
disk_size_mib,
node.public_ipv4,
self.hours,
node.price,
);
let (extra_ports, public_ipv4): (Vec<u32>, bool) = match &self.ipv4 { let (extra_ports, public_ipv4): (Vec<u32>, bool) = match &self.ipv4 {
IPv4Config::PublishPorts(vec) => (vec.to_vec(), false), IPv4Config::PublishPorts(vec) => (vec.to_vec(), false),
IPv4Config::PublicIPv4 => (Vec::new(), true), IPv4Config::PublicIPv4 => (Vec::new(), true),
@ -184,15 +193,6 @@ impl Request {
), ),
}; };
let nanocredits = super::calculate_nanocredits(
vcpus,
memory_mib,
disk_size_mib,
public_ipv4,
self.hours,
node.price,
);
let brain_req = proto::NewVmReq { let brain_req = proto::NewVmReq {
uuid: String::new(), uuid: String::new(),
hostname: self.hostname.clone(), hostname: self.hostname.clone(),

66
src/snp/mod.rs
View File

@ -391,8 +391,8 @@ pub struct NodeOffer {
pub disk: u64, pub disk: u64,
#[tabled(rename = "Public IPv4", display_with = "display_ip_support")] #[tabled(rename = "Public IPv4", display_with = "display_ip_support")]
pub ipv4: bool, pub ipv4: bool,
// #[tabled(rename = "Public IPv6", display_with = "display_ip_support")] #[tabled(rename = "Public IPv6", display_with = "display_ip_support")]
// pub ipv6: bool, pub ipv6: bool,
#[tabled(rename = "cost/h")] #[tabled(rename = "cost/h")]
pub cost_h: f64, pub cost_h: f64,
#[tabled(rename = "cost/m")] #[tabled(rename = "cost/m")]
@ -449,7 +449,7 @@ pub fn print_node_offers(location: Location) -> Result<Vec<NodeOffer>, Error> {
cost_h: price_per_hour, cost_h: price_per_hour,
cost_m: price_per_month, cost_m: price_per_month,
ipv4: node.public_ipv4, ipv4: node.public_ipv4,
// ipv6: node.public_ipv6, ipv6: node.public_ipv6,
}); });
} }
} }
@ -481,45 +481,35 @@ pub fn calculate_nanocredits(
lazy_static! { lazy_static! {
static ref DEFAULT_DTRFS: Dtrfs = Dtrfs { static ref DEFAULT_DTRFS: Dtrfs = Dtrfs {
name: "dtrfs-6.15.4-arch2-1".to_string(), name: "dtrfs-6.14.2-arch1-1".to_string(),
vendor: "ghe0".to_string(), vendor: "ghe0".to_string(),
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.15.4-arch2-1.cpio.gz".to_string(), dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.14.2-arch1-1.cpio.gz".to_string(),
dtrfs_sha: "dfde2c360341d9c7622c0f0e5200bb8ed9343cb9302ea5a06523d41705b0e4f9".to_string(), dtrfs_sha: "d207644ee60d54009b6ecdfb720e2ec251cde31774dd249fcc7435aca0377990".to_string(),
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.15.4-arch2-1".to_string(), kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.14.2-arch1-1".to_string(),
kernel_sha: "01581fba284c237131ee8d6662e3fde4ebbd55c496fcae2979448360ac3f05b0".to_string() kernel_sha: "e765e56166ef321b53399b9638584d1279821dbe3d46191c1f66bbaa075e7919".to_string()
}; };
static ref DEFAULT_ARCHLINUX: Distro = Distro { static ref DEFAULT_ARCHLINUX: Distro = Distro {
name: "archlinux_2025-07-04".to_string(), name: "archlinux_2025-04-03".to_string(),
vendor: "gheorghe".to_string(), vendor: "gheorghe".to_string(),
template_url: "http://registry.detee.ltd/detee_arch_2025-07-04.fsa".to_string(), template_url: "http://registry.detee.ltd/detee_arch_2025-04-03.fsa".to_string(),
template_sha: "af86b01e71b75328b2df4d7f0fda36f69b4ae68d20ed1ce3351da1f77a4eb260" template_sha: "7fdb19d9325c63d246140c984dc3764538f6ea329ed877e947993ea7bc8c2067"
.to_string() .to_string()
}; };
static ref DEFAULT_UBUNTU: Distro = Distro { static ref DEFAULT_UBUNTU: Distro = Distro {
name: "ubuntu_2025-07-04".to_string(), name: "ubuntu_2025-04-03".to_string(),
vendor: "gheorghe".to_string(), vendor: "gheorghe".to_string(),
template_url: "http://registry.detee.ltd/detee_ubuntu_2025-07-04.fsa".to_string(), template_url: "http://registry.detee.ltd/detee_ubuntu_2025-04-03.fsa".to_string(),
template_sha: "291aa82bfee3fd997724cfe8f2b2454c2e73b37120d5008bbdc60a669a13a591" template_sha: "324895a7a1788e43253cf9699aa446df1a5519fe072917cedcc4ed356546e34a"
.to_string() .to_string()
}; };
static ref DEFAULT_FEDORA: Distro = Distro { static ref DEFAULT_FEDORA: Distro = Distro {
name: "fedora_2025-07-04".to_string(), name: "fedora_2025-04-03".to_string(),
vendor: "gheorghe".to_string(), vendor: "gheorghe".to_string(),
template_url: "http://registry.detee.ltd/detee_fedora_2025-07-04.fsa".to_string(), template_url: "http://registry.detee.ltd/detee_fedora_2025-04-03.fsa".to_string(),
template_sha: "43adbf96ab43efd07179bf8c2d2f529870d89a20d173a68915095df4fb632ccf" template_sha: "75a98c3744552bbf5f8e9c6a271cd0f382e1d9a846f5d577767b39293b8efda9"
.to_string() .to_string()
}; };
static ref ALTERNATIVE_INIT: Vec<Dtrfs> = vec![ static ref ALTERNATIVE_INIT: Vec<Dtrfs> = vec![
Dtrfs {
name: "dtrfs-6.14.2-arch1-1".to_string(),
vendor: "ghe0".to_string(),
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.14.2-arch1-1.cpio.gz".to_string(),
dtrfs_sha: "d207644ee60d54009b6ecdfb720e2ec251cde31774dd249fcc7435aca0377990"
.to_string(),
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.14.2-arch1-1".to_string(),
kernel_sha: "e765e56166ef321b53399b9638584d1279821dbe3d46191c1f66bbaa075e7919"
.to_string()
},
Dtrfs { Dtrfs {
name: "dtrfs-6.13.7-arch1-1".to_string(), name: "dtrfs-6.13.7-arch1-1".to_string(),
vendor: "ghe0".to_string(), vendor: "ghe0".to_string(),
@ -530,20 +520,30 @@ lazy_static! {
kernel_sha: "469a89668d2f5744b3f80417fcf0a4ce0140fcb78f1e8834ef8e3668eecc934c" kernel_sha: "469a89668d2f5744b3f80417fcf0a4ce0140fcb78f1e8834ef8e3668eecc934c"
.to_string() .to_string()
}, },
Dtrfs {
name: "dtrfs-6.13.8-arch1-1".to_string(),
vendor: "ghe0".to_string(),
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.13.8-arch1-1.cpio.gz".to_string(),
dtrfs_sha: "b5f408d00e2b93dc594fed3a7f2466a9878802ff1c7ae502247471cd06728a45"
.to_string(),
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.13.8-arch1-1".to_string(),
kernel_sha: "e49c8587287b21df7600c04326fd7393524453918c14d67f73757dc769a13542"
.to_string()
},
]; ];
static ref ALTERNATIVE_DISTROS: Vec<Distro> = vec![ static ref ALTERNATIVE_DISTROS: Vec<Distro> = vec![
Distro { Distro {
name: "archlinux_2025-04-03".to_string(), name: "archlinux_2025-02-21".to_string(),
vendor: "gheorghe".to_string(), vendor: "gheorghe".to_string(),
template_url: "http://registry.detee.ltd/detee_arch_2025-04-03.fsa".to_string(), template_url: "http://registry.detee.ltd/detee_arch_2025-02-21.fsa".to_string(),
template_sha: "7fdb19d9325c63d246140c984dc3764538f6ea329ed877e947993ea7bc8c2067" template_sha: "257edbf1e3b949b895c422befc8890c85dfae1ad3d35661010c9aaa173ba9fc4"
.to_string() .to_string()
}, },
Distro { Distro {
name: "ubuntu_2025-04-03".to_string(), name: "ubuntu_2025-02-28".to_string(),
vendor: "gheorghe".to_string(), vendor: "gheorghe".to_string(),
template_url: "http://registry.detee.ltd/detee_ubuntu_2025-04-03.fsa".to_string(), template_url: "http://registry.detee.ltd/detee_ubuntu_2025-02-28.fsa".to_string(),
template_sha: "324895a7a1788e43253cf9699aa446df1a5519fe072917cedcc4ed356546e34a" template_sha: "faa8bd38d02ca9b6ee69d7f5128ed9ccab42bdbfa69f688b9947e8e5c9e5d133"
.to_string() .to_string()
}, },
Distro { Distro {