[Freeipa-devel] [RFC] IPA "firstboot" UI

Mark McLoughlin markmc at redhat.com
Fri Jan 25 18:12:44 UTC 2008 

Hi,
	I wanted to get people's feedback on a proposal I have to replace the
questions currently asked on the command line by ipa-server-install with
a "firstboot" type web UI.

	The basic idea would be that you'd run ipa-server-install with no
arguments and then use the firstboot web UI to configure the realm name,
administrator password and hostname (if needed).

	The reason I'm looking to do this is for an IPA appliance - the first
time a user boots the appliance they would use this UI instead of
running ipa-server-install. However, I think this is a much model for
first-time configuration for IPA as a whole.

	The changes I'm proposing to support this include:

  - ipa-server-install will set up the directory server, apache and the 
    web UI

  - The realm name, hostname, etc. configuration should be stored in 
    the directory server in cn=config,dc=IPA

  - The web UI will merely modify this configuration in the directory

  - A daemon will run as root, watch the directory for any 
    configuration changes and apply those changes to the system

  - So, e.g. the firstboot UI code will set the ipaRealmName attribute 
    and the daemon will create that realm

  - In the future a UI will also be added to support changing the realm 
    name at a later stage

  - Also in the future I hope to be able to add some system 
    configuration to the UI e.g. timezone, networking etc. and this 
    would be implemented using the same mechanism

	I've uploaded my rough patches for people to look at rather than
spamming the list, but I lamely failed to quickly publish these patches
as a nice mercurial repo which could be easily used with mq, so here's
how to apply them:

  $> hg clone http://hg.fedoraproject.org/hg/freeipa ipa-firstboot
  $> mkdir -p ipa-firstboot/.hg/patches
  $> cd ipa-firstboot/.hg/patches
  $> wget http://markmc.fedorapeople.org/ipa/ipa-firstboot-patches/series
  $> grep '^[^#]' series | xargs -i wget http://markmc.fedorapeople.org/ipa/ipa-firstboot-patches/{}
  $> hg qpush -a

	To try it out, run ipa-server-install and login connect to
http://master.example.com/firstboot

	I've also posted a TODO list here:

  http://markmc.fedorapeople.org/ipa/ipa-firstboot-patches/TODO

	Any and all feedback welcome ... I'm hoping to have this in 1.2.

Thanks,
Mark.

More information about the Freeipa-devel mailing list