Checkpoint

svn path=/myrpki/README; revision=2818

8 files changed, 76 insertions, 7 deletions

diff --git a/myrpki/README b/myrpki/README
index 2d015a02..0f7a3040 100644
--- a/myrpki/README
+++ b/myrpki/README
@@ -248,7 +248,29 @@ The [current] steps are:
    instructions there to build the RFC-3779-aware OpenSSL code and
    associated Python extension module.
 
-5) Run myirbe.py -b to set up the initial BPKI structure needed to run
+5) Next, you need to set up the MySQL databases that rpkid et al will
+   use.  The MySQL database, username, and password values all need to
+   match the ones you specified in myrpki.conf.  This is one of the
+   tasks a setup script should handle, but until that is written,
+   you'll have to do this by hand in the mysql command line tool:
+
+   $ mysql -u root -p
+   mysql> CREATE DATABASE irdb_database;
+   mysql> CREATE DATABASE rpki_database;
+   mysql> GRANT all ON irdb_database.* TO irdb_user@localhost IDENTIFIED BY 'irdb_password';
+   mysql> GRANT all ON rpki_database.* TO rpki_user@localhost IDENTIFIED BY 'rpki_password';
+   mysql> COMMIT;
+   mysql> quit
+
+   If you are running pubd, you will also have to do:
+
+   $ mysql -u root -p
+   mysql> CREATE DATABASE pubd_database;
+   mysql> GRANT all ON pubd_database.* TO pubd_user@localhost IDENTIFIED BY 'pubd_password';
+   mysql> COMMIT;
+   mysql> quit
+
+6) Run myirbe.py -b to set up the initial BPKI structure needed to run
    your daemons:
 
    $ python $top/myrpki/myirbe.py -b
@@ -259,22 +281,27 @@ The [current] steps are:
    that it has updated the BPKI and that you need to (re)start daemons
    now.
 
-[missing step -- sql setup]
+7) If you are running your own publication repository (that is, if you
+   are running pubd), you will also need to set up an rsyncd server or
+   configure your existing one to serve pubd's output.  There's a
+   sample config file in $top/myrpki/examples/rsyncd.conf, but you may
+   need to do something more complicated if you are already running
+   rsyncd for other purposes.  See the rsync(1) and rsyncd.conf(5)
+   manual pages for more details.
 
-[missing step -- rsyncd setup -- include sample config in myrpki/examples?]
-
-6) Start the daemons.  You can use $top/myrpki/start-servers.sh to do
+8) Start the daemons.  You can use $top/myrpki/start-servers.sh to do
    this, or write your own script.
 
    If you intend to run pubd, you should make sure that the directory
    you specified as publication-base in the [pubd] section exists and
-   is writable by the userid that will be running pubd.
+   is writable by the userid that will be running pubd, and should
+   also make sure to start rsyncd.
 
    [start-servers.sh should be replaced by a python script that
    understands myprki.conf so that it can figure out whether to run
    pubd and rootd from the config file.]
 
-7) Run myirbe.py again, twice, this time with no arguments.
+9) Run myirbe.py again, twice, this time with no arguments.
 
    $ python $top/myrpki/myirbe.py
    $ python $top/myrpki/myirbe.py
diff --git a/myrpki/examples/asns.csv b/myrpki/examples/asns.csv
index a545f68f..804cf839 100644
--- a/myrpki/examples/asns.csv
+++ b/myrpki/examples/asns.csv
@@ -1,3 +1,5 @@
+# $Id$
+#
 # Syntax: <child_handle> <asn>
 #
 # NB: Comment lines are not allowed in these files, this one is only
diff --git a/myrpki/examples/children.csv b/myrpki/examples/children.csv
index 6ce6dd80..da29e8b5 100644
--- a/myrpki/examples/children.csv
+++ b/myrpki/examples/children.csv
@@ -1,3 +1,5 @@
+# $Id$
+#
 # Syntax: <child_handle> <validitydate> <bpki_cert_filename>
 #
 # NB: Comment lines are not allowed in these files, this one is only
diff --git a/myrpki/examples/parents.csv b/myrpki/examples/parents.csv
index f1f8171c..f92eddeb 100644
--- a/myrpki/examples/parents.csv
+++ b/myrpki/examples/parents.csv
@@ -1,3 +1,5 @@
+# $Id$
+#
 # Syntax: <parent_handle> <service_uri> <cms_bpki_cert_filename> <https_bpki_cert_filename> <myhandle>	<sia_base>
 #
 # NB: Comment lines are not allowed in these files, this one is only
diff --git a/myrpki/examples/prefixes.csv b/myrpki/examples/prefixes.csv
index ccb90d41..160f9339 100644
--- a/myrpki/examples/prefixes.csv
+++ b/myrpki/examples/prefixes.csv
@@ -1,3 +1,5 @@
+# $Id$
+#
 # Syntax: <child_handle> <prefix>/<length>
 #     or: <child_handle> <min>-<max>
 #
diff --git a/myrpki/examples/pubclients.csv b/myrpki/examples/pubclients.csv
index a521a77d..6336a1a6 100644
--- a/myrpki/examples/pubclients.csv
+++ b/myrpki/examples/pubclients.csv
@@ -1,3 +1,5 @@
+# $Id$
+#
 # Syntax: <client_handle> <bpki_cert_filename> <sia_base>
 #
 # NB: Comment lines are not allowed in these files, this one is only
diff --git a/myrpki/examples/roas.csv b/myrpki/examples/roas.csv
index 423a3a1b..4343ada0 100644
--- a/myrpki/examples/roas.csv
+++ b/myrpki/examples/roas.csv
@@ -1,3 +1,5 @@
+# $Id$
+#
 # Syntax: <prefix>/<length>-<maxlength> <asn> <group>
 #
 # NB: Comment lines are not allowed in these files, this one is only
diff --git a/myrpki/examples/rsyncd.conf b/myrpki/examples/rsyncd.conf
new file mode 100644
index 00000000..d0a9cd97
--- /dev/null
+++ b/myrpki/examples/rsyncd.conf
@@ -0,0 +1,30 @@
+# $Id$
+#
+# Sample rsyncd.conf file for use with pubd.  You may need to
+# customize this for the conventions on your system.  See the rsync
+# and rsyncd.conf manual pages for a complete explanation of how to
+# configure rsyncd, this is just a simple configuration to get you
+# started.
+#
+# There are two parameters in the following which you should set to
+# appropriate values for your system:
+#
+# "myname" is the rsync module name to configure, as in
+# "rsync://rpki.example.org/myname/"
+#
+# "/some/where/publication" is the absolute pathname of the directory
+# where you told pubd to place its outputs (see the publication_base
+# parameter in the [pubd] section of myrpki.conf)
+#
+# You may need to adjust other parameters for your system environment.
+
+pid file	= /var/run/rsyncd.pid
+uid		= nobody
+gid		= nobody
+
+[myname]
+    use chroot		= no
+    read only		= yes
+    transfer logging	= yes
+    path		= /some/where/publication
+    comment		= RPKI Testbed