ipfs · jbenet · Jul 2, 2015 · Jul 2, 2015 · Jul 2, 2015
diff --git a/solarnet/roles/common/tasks/main.yml b/solarnet/roles/common/tasks/main.yml
@@ -1,4 +1,6 @@
 ---
+- authorized_key: 'user=root key="{{ item }}"'
+  with_items: "{{ authorized_keys }}"
 - command: apt-get install -y mosh vim htop screen bridge-utils build-essential autoconf libtool bison flex nodejs
 - file:
     src: /usr/bin/nodejs

diff --git a/solarnet/secrets.yml.example b/solarnet/secrets.yml.example
@@ -1,4 +1,29 @@
 ---
-cjdns_identities: {}
-cjdns_udp_interfaces: []
-metrics_whitelist: []
+# root ssh keys deployed to each host
+authorized_keys:
+- "ssh-ed25519 AAAACfoobar1234 some-name"
+
+# the cryptographic and network identity of each host with the cjdns role
+# each of them will also be allowed to access /debug on others.
+cjdns_identities:
+  some_ansible_hostname:
+    private_key: the-cjdns-private-key
+    ipv6: fc12::3456
+
+# interfaces for incoming and outgoing UDP peering
+# it's useful to add a comment with contact/location information for each peer
+cjdns_udp_interfaces:
+- bind: 0.0.0.0:54321
+  peers:
+  - connect_to: 1.2.3.4:65432
+    public_key: the-peers-public-key.k
+    password: the-password
+- bind: [::]:54321
+  peers:
+  - connect_to: [1234::56]:65432
+    public_key: the-peers-public-key.k
+    password: the-password
+
+# additional hosts allowed to access /debug
+metrics_whitelist:
+- fc65::4321