Skip to main content

Secure Zero Touch Provisioning Daemon (SZTPD)

Project description

Secure Zero Touch Provisioning Daemon (SZTPD)

Installation

pip install sztpd

Overview

SZTPD implements the Bootstrap Server defined in RFC 8572: Secure Zero Touch Provisioning (SZTP).

  • RESTCONF-based interface for programmatic administrative control.
  • Plugins and webhooks enable policy-driven dynamic responses.
  • Single-tenant and multi-tenant deployment modes.
  • A variety of databases backends for flexibility
  • In-memory database supported for ephemeral use-cases (e.g., SDN)

Usage

$ sztpd --help
usage: sztpd [-h] [-v] [-d] [-c CACERT] [-k KEY] database-url

SZTPD implements the "bootstrap server" defined in RFC 8572.

positional arguments:
  database-url          see below for details.

optional arguments:
  -h, --help            show this help message and exit
  -v, --version         show version number and exit.
  -d, --debug           increase debug output level up to 3x (e.g., -ddd)
  -c CACERT, --cacert CACERT
                        path to trust anchor certificates used to authenticate
                        the database (see below for details).
  -k KEY, --key KEY     path to pkcs#12 used to authenticate into the database
                        (see below for details).

Exit status code: 0 on success, non-0 on error.  Error output goes to stderr.

The "cacert" argument is a filepath to a PEM file that contains one or more X.509
certificates.  The list of certificates must be ordered from the certificate of
the issuer to the database's certificate to the self-signed root certificate.

The "key" argument is a filepath to a PEM file that contains a PKCS#12, encoding
both its private key and end-entity certificate.

The "database-url" argument has the form "<dialect>:<dialect-specific-path>".
Three dialects are supported: "sqlite", "postgresql", and "mysql+pymysql".
The dialect-specific-path for each of these is described below.

For the "sqlite" dialect, dialect-specific-path follows the format "///<sqlite-path>",
where sqlite-path can be one of:

  :memory:    - an in-memory database (only useful for testing)
  <filepath>  - an OS-specific filepath to a persisted database file

  Examples:

    $ sztpd sqlite:///:memory:                      (memory)
    $ sztpd sqlite:///relative/path/to/sztpd.db     (unix)
    $ sztpd sqlite:////absolute/path/to/sztpd.db    (unix)
    $ sztpd sqlite:///C:\path\to\sztpd.db           (windows)

For both the "postgresql" and "mysql+pymysql" dialects, the dialect-specific-path
follows the format "//<user>:<passwd>@<host>:<port>/<database-name>".

  Examples:

    The following two examples assume the database is called "sztpd" and
    that the database server listens on the loopback address with no TLS.

      $ sztpd postgresql://user:pass@localhost:5432/sztpd
      $ sztpd mysql+pymysql://user:pass@localhost:3306/sztpd

Please see the documentation for more information.

Documentation

Please see SZTPD Documentation.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sztpd-0.0.2.tar.gz (116.1 kB view details)

Uploaded Source

File details

Details for the file sztpd-0.0.2.tar.gz.

File metadata

  • Download URL: sztpd-0.0.2.tar.gz
  • Upload date:
  • Size: 116.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.21.0 setuptools/47.3.1 requests-toolbelt/0.9.1 tqdm/4.31.1 CPython/3.7.6

File hashes

Hashes for sztpd-0.0.2.tar.gz
Algorithm Hash digest
SHA256 6fd54d1e5d798bbba5fc90820d24682abfb4384c14590f10144b3650c99a7420
MD5 ed8b8a6daa1f73e7737e9f052e8a61e1
BLAKE2b-256 6649ea637f1931df0c5e454691a9940880369fd1f715fecf4b436d24cefecdf2

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page