search

cfm / terraform-metal-securedrop-staging

Terraform module for standing up a SecureDrop staging environment at Equinix Metal (fka Packet)
MIT License
0 stars 2 forks source link

correct use of staging versus production Molecule scenarios #5

Closed cfm closed 2 years ago

cfm commented 2 years ago

Towards #3:

  1. Default to setting up a proper SecureDrop staging environment via make build-debs && make staging.
  2. Offer "expert" instructions for using this setup as the basis for a production VM environment, installed from the preconfigured Tails domain.

Testing

  1. [ ] terraform destroy if you already have an sd-staging box running.
  2. [ ] terraform apply
  3. [ ] Wait ~20 minutes for cloud-init to complete make build-debs && make staging.
  4. [ ] Confirm that app-staging is fully configured by checking for the expected onion services:

    The web interfaces and SSH are available over Tor. A copy of the the Onion URLs for Source and Journalist Interfaces, as well as SSH access, are written to the Vagrant host’s install_files/ansible-base directory.

eloquence commented 2 years ago

Nit above aside (and using the new Tails image pulled in via #6), this worked perfectly for me. Here's the Tails VM accessing SI and JI set up via prod VMs (this server is now destroyed):

Screenshot from 2021-12-16 00-26-30

cfm commented 2 years ago

Thanks for testing, @eloquence!