diff --git a/infrastructure/AWS/README.md b/infrastructure/AWS/README.md index cde806f..73fd80b 100644 --- a/infrastructure/AWS/README.md +++ b/infrastructure/AWS/README.md @@ -48,6 +48,7 @@ This directory contains Terraform configuration files for deploying infrastructu - Create a file named `secret.auto.tfvars` (not committed to git) and set sensitive variables like: ```hcl rhino_agent_id = "" + rhino_enroll_secret = "" rhino_package_registry_user = "" rhino_package_registry_password = "" ``` diff --git a/infrastructure/AWS/main.tf b/infrastructure/AWS/main.tf index 3b5e163..86bbf00 100644 --- a/infrastructure/AWS/main.tf +++ b/infrastructure/AWS/main.tf @@ -481,8 +481,9 @@ resource "aws_instance" "main" { } user_data = format( - "#!/bin/bash\ncurl -fsS --proto '=https' https://activate.rhinohealth.com | sudo RHINO_AGENT_ID='%s' PACKAGE_REGISTRY_USER='%s' PACKAGE_REGISTRY_PASSWORD='%s' SKIP_HW_CHECK=True bash -", + "#!/bin/bash\ncurl -fsS --proto '=https' https://activate.rhinohealth.com | sudo RHINO_AGENT_ID='%s' FLEET_ENROLL_SECRET='%s' PACKAGE_REGISTRY_USER='%s' PACKAGE_REGISTRY_PASSWORD='%s' SKIP_HW_CHECK=True bash -", var.rhino_agent_id, + var.rhino_enroll_secret, var.rhino_package_registry_user, var.rhino_package_registry_password ) diff --git a/infrastructure/AWS/variables.tf b/infrastructure/AWS/variables.tf index 7fd30d0..3a672c3 100644 --- a/infrastructure/AWS/variables.tf +++ b/infrastructure/AWS/variables.tf @@ -66,6 +66,12 @@ variable "rhino_agent_id" { } # --- Sensitive Variables --- +variable "rhino_enroll_secret" { + description = "The Fleet Enrollment Secret" + type = string + sensitive = true +} + variable "rhino_package_registry_user" { description = "The user for the Rhino Health package registry." type = string diff --git a/infrastructure/Azure/README.md b/infrastructure/Azure/README.md index 9eeea92..aafda3b 100644 --- a/infrastructure/Azure/README.md +++ b/infrastructure/Azure/README.md @@ -43,6 +43,7 @@ This directory contains Terraform configuration files for deploying infrastructu - Create a file named `secret.auto.tfvars` (not committed to git) and set sensitive variables like: ```hcl rhino_agent_id = "" + rhino_enroll_secret = "" rhino_package_registry_user = "" rhino_package_registry_password = "" ``` diff --git a/infrastructure/Azure/main.tf b/infrastructure/Azure/main.tf index 343763f..70f3898 100644 --- a/infrastructure/Azure/main.tf +++ b/infrastructure/Azure/main.tf @@ -384,8 +384,9 @@ resource "azurerm_linux_virtual_machine" "main" { } custom_data = base64encode(format( - "#!/bin/bash\ncurl -fsS --proto '=https' https://activate.rhinohealth.com | sudo RHINO_AGENT_ID='%s' PACKAGE_REGISTRY_USER='%s' PACKAGE_REGISTRY_PASSWORD='%s' SKIP_HW_CHECK=True bash -", + "#!/bin/bash\ncurl -fsS --proto '=https' https://activate.rhinohealth.com | sudo RHINO_AGENT_ID='%s' FLEET_ENROLL_SECRET='%s' PACKAGE_REGISTRY_USER='%s' PACKAGE_REGISTRY_PASSWORD='%s' SKIP_HW_CHECK=True bash -", var.rhino_agent_id, + var.rhino_enroll_secret, var.rhino_package_registry_user, var.rhino_package_registry_password )) diff --git a/infrastructure/Azure/variables.tf b/infrastructure/Azure/variables.tf index aeda460..3c6cc96 100644 --- a/infrastructure/Azure/variables.tf +++ b/infrastructure/Azure/variables.tf @@ -89,6 +89,12 @@ variable "rhino_agent_id" { sensitive = true } +variable "rhino_enroll_secret" { + description = "The Fleet Enrollment Secret" + type = string + sensitive = true +} + variable "rhino_package_registry_user" { description = "The user for the Rhino Health package registry." type = string diff --git a/infrastructure/GCP/README.md b/infrastructure/GCP/README.md index 60367f7..4642f58 100644 --- a/infrastructure/GCP/README.md +++ b/infrastructure/GCP/README.md @@ -40,6 +40,7 @@ This directory contains Terraform configuration files for deploying infrastructu - Create a file named `secret.auto.tfvars` (not committed to git) and set sensitive variables like: ```hcl rhino_agent_id = "" + rhino_enroll_secret = "" rhino_package_registry_user = "" rhino_package_registry_password = "" ``` diff --git a/infrastructure/GCP/main.tf b/infrastructure/GCP/main.tf index 432413f..67b3ac9 100644 --- a/infrastructure/GCP/main.tf +++ b/infrastructure/GCP/main.tf @@ -232,8 +232,9 @@ resource "google_compute_instance" "main" { # metadata_startup_script = file("${path.module}/install.sh") metadata_startup_script = format( - "#! /bin/bash\ncurl -fsS --proto '=https' https://activate.rhinohealth.com | sudo RHINO_AGENT_ID='%s' PACKAGE_REGISTRY_USER='%s' PACKAGE_REGISTRY_PASSWORD='%s' SKIP_HW_CHECK=True bash -", + "#!/bin/bash\ncurl -fsS --proto '=https' https://activate.rhinohealth.com | sudo RHINO_AGENT_ID='%s' FLEET_ENROLL_SECRET='%s' PACKAGE_REGISTRY_USER='%s' PACKAGE_REGISTRY_PASSWORD='%s' SKIP_HW_CHECK=True bash -", var.rhino_agent_id, + var.rhino_enroll_secret, var.rhino_package_registry_user, var.rhino_package_registry_password ) @@ -275,4 +276,4 @@ resource "google_project_iam_audit_config" "all" { audit_log_config { log_type = "DATA_WRITE" } -} \ No newline at end of file +} diff --git a/infrastructure/GCP/variables.tf b/infrastructure/GCP/variables.tf index ed9d754..35997ff 100644 --- a/infrastructure/GCP/variables.tf +++ b/infrastructure/GCP/variables.tf @@ -55,6 +55,12 @@ variable "rhino_agent_id" { sensitive = true } +variable "rhino_enroll_secret" { + description = "The Fleet Enrollment Secret" + type = string + sensitive = true +} + variable "rhino_package_registry_user" { description = "The user for the Rhino Health package registry." type = string