m/n/c/{cluster,roleserve}: implement Join Flow This implements Join Flow for: - Registered nodes attempting to re-join the cluster. - Nodes bootstrapping the cluster. See: Cluster Lifecycle and Integrity design document Change-Id: I74ab98fdec650c4f6aa59e34a16c0f95745dc0e9 Reviewed-on: https://review.monogon.dev/c/monogon/+/556 Reviewed-by: Sergiusz Bazanski <serge@monogon.tech>

commit: 2930e9966deca2ebcb9b497d4d133ffb6258ed87 [log] [tgz]
author: Mateusz Zalega <mateusz@monogon.tech> Mon Apr 25 12:52:35 2022 +0200
committer: Mateusz Zalega <mateusz@monogon.tech> Tue May 03 12:11:19 2022 +0000
tree: f992bedb41005e2430ae768e83ef8d62c51298ae
parent: 312a2274d58020ef8afdc6f83d9c4e76ce8c59c2 [diff] [blame]
diff --git a/metropolis/proto/private/private.proto b/metropolis/proto/private/private.proto
index a09b0d3..c682311 100644
--- a/metropolis/proto/private/private.proto
+++ b/metropolis/proto/private/private.proto

@@ -67,4 +67,10 @@
     // the data partition. The NUK and CUK are generated on bootstrap and
     // registration.
     bytes node_unlock_key = 1;
+    // join_key is an ED25519 private key generated during registration. The
+    // public part is shared with Curator to authenticate the join procedure.
+    bytes join_key = 2;
+    // cluster_ca is the X509 CA certificate of the cluster set during
+    // registration and used by nodes joining the cluster.
+    bytes cluster_ca = 3;
 }
commit	2930e9966deca2ebcb9b497d4d133ffb6258ed87	[log] [tgz]
author	Mateusz Zalega <mateusz@monogon.tech>	Mon Apr 25 12:52:35 2022 +0200
committer	Mateusz Zalega <mateusz@monogon.tech>	Tue May 03 12:11:19 2022 +0000
tree	f992bedb41005e2430ae768e83ef8d62c51298ae
parent	312a2274d58020ef8afdc6f83d9c4e76ce8c59c2 [diff] [blame]