安全零接触配置守护程序(SZTPD)
sztpd的Python项目详细描述
安全零接触配置守护程序(SZTPD)
安装
pip install sztpd
概述
SZTPD实现Bootstrap Server 在RFC 8572: Secure Zero Touch Provisioning (SZTP)中定义。在
- ^用于编程管理控制的基于{a3}的接口。在
- 插件和webhook支持策略驱动的动态响应。在
- 单租户和多租户部署模式。在
- 多种数据库后端以提高灵活性
- 支持短暂用例的内存数据库(如SDN)
使用
$ sztpd --help
usage: sztpd [-h] [-v] [-C CACERT] [-c CERT] [-k KEY] database-url
SZTPD implements the "bootstrap server" defined in RFC 8572.
positional arguments:
database-url see below for details.
optional arguments:
-h, --help show this help message and exit
-v, --version show version number and exit.
-C CACERT, --cacert CACERT
path to certificates used to authenticate the database
(see below for details).
-c CERT, --cert CERT path to cert used to authenticate SZTPD to the
database (see below for details).
-k KEY, --key KEY path to key used to authenticate SZTPD to the database
(see below for details).
Exit status code: 0 on success, non-0 on error. Error output goes to stderr.
The "cacert" argument is a filepath to a PEM file that contains one or more X.509
CA certificates used to authenticate the RDBMS's TLS certificate.
The "key" and "cert" arguments are each a filepath to a PEM file that contains
the key and certificate that SZTPD should use to authenticate itself to the
RDBMS. These parameters must be specified together, and must be specified
in conjunction with the "cacert" parameter.
The "database-url" argument has the form "<dialect>:<dialect-specific-path>".
Three dialects are supported: "sqlite", "postgresql", and "mysql+pymysql".
The <dialect-specific-path> for each of these is described below.
For the "sqlite" dialect, <dialect-specific-path> follows the format
"///<sqlite-path>", where <sqlite-path> can be one of:
:memory: - an in-memory database (only useful for testing)
<filepath> - an OS-specific filepath to a persisted database file
Examples:
$ sztpd sqlite:///:memory: (memory)
$ sztpd sqlite:///relative/path/to/sztpd.db (unix)
$ sztpd sqlite:////absolute/path/to/sztpd.db (unix)
$ sztpd sqlite:///C:\path\to\sztpd.db (windows)
For both the "postgresql" and "mysql+pymysql" dialects, <dialect-specific-path>
follows the format "//<user>[:<passwd>]@<host>:<port>/<database-name>".
Examples:
The following two examples assume the database is called "sztpd" and
that the database server listens on the loopback address with no TLS.
$ sztpd mysql+pymysql://user:pass@localhost:3306/sztpd
$ sztpd postgresql://user:pass@localhost:5432/sztpd
Please see the documentation for more information.
- 项目
标签: