Okay. I think I’ve fixed the identified problems with rhyzome-api now, and I’ve taken the nice little PKI setup script you made and simplified it a bit while making it more verbose. We don’t need to generate Intermediate certs.
I’m working on a script to automate an asciicinema screencast now. This will also prove as a test for the setup instructions.
Will follow up here once I’m ready for you to try again.
Talk to you Monday at the earliest, I guess. Have a good weekend.
Good morning, I’m updating the repositories.
Still JWT on EG and failing to read the private key with updated conf:
( how )% ♥ ./rhyzome-grpc
INFO[2021-12-06T10:02:48+01:00]/home/how/src/dream/rhyzome-api/config/config.go Load() successfully read config from rhyzome-api.json
DEBU[2021-12-06T10:02:48+01:00]/home/how/src/dream/rhyzome-api/config/config.go Load() config as loaded: {HTTPBind::8080 GRPCBind::9090 DB:dbname=rhyzome host=/var/run/postgresql sslmode=disable PKI:{Cert:/home/how/.step/certificates/example.crt Key:/home/how/.step/certificates/example.key CA:/home/how/.step/certificates/root_ca.crt} Keycloak:{JWKS:https://auth.entanglement.garden/auth/realms/entanglement.garden/protocol/openid-connect/certs ResourceScope:} DisableAuthz:true}
FATA[2021-12-06T10:02:48+01:00]/home/how/src/dream/rhyzome-api/grpcserver/server.go ReloadCertificates() error loading grpc TLS key pair:tls: failed to parse private key
libvirt-headers does not seem to exist in Debian. I would assume libvirt-dev.( how )% ♥ go build -o rhyzome-libvirt cmd/rhyzome/main.go
package cmd/rhyzome/main.go is not in GOROOT (/usr/lib/go-1.15/src/cmd/rhyzome/main.go)
I’m stuck to the same place as last week, except I’m supposed to meet with Mirko today, tomorrow, or Wednesday.
I hit the same private key problem. Here is the private key it fails to parse:
DEBU[2021-12-06T10:33:18+01:00]/home/how/src/dream/rhyzome-openwrt/grpcclient/grpcclient.go Connect() connecting to grpc server in 2s
DEBU[2021-12-06T10:33:20+01:00]/home/how/src/dream/rhyzome-openwrt/grpcclient/grpcclient.go connect() loading x509 pair from /home/how/.step/certificates/example.crt and /home/how/.step/certificates/example.key
ERRO[2021-12-06T10:33:20+01:00]/home/how/src/dream/rhyzome-openwrt/grpcclient/grpcclient.go connect() error loading x509 pair: tls: failed to parse private key
ERRO[2021-12-06T10:33:20+01:00]/home/how/src/dream/rhyzome-openwrt/grpcclient/grpcclient.go Connect() error connecting to grpc server: tls: failed to parse private key
( how )% cat example.key
-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,2aea2a9b80cff9dfe77e09d329cfcbbb
r9nfwB+3ttLzQUOnahzU+UQ5FCPQtgnPUvz92xCpfgtccKHab8b9iJ1yzuyW/i90
AY9shWC3nZ/RXk3rabwWMv5LnYj7n3ZzMcbiC/x0rpM83hxFuLxmnB0teYZVVnD2
zKtNDelrmSF5H7Ap+lhR4zLraU2Y71gF4SBcAn/ujRo=
-----END EC PRIVATE KEY-----
@dvn, I’m waiting on the mumble, I think it’s better if we can talk while working so we can fix all this faster.
Was not online this morning. Would love to get on a call with you in 15 mins.
The screencast is added to the top post of this thread and it’s generated using this script:
Congrats, I am quite amzed that we reach this point and it gives me hope for the future.