deploy-guide: add become-conn parameter to manager (#168)

Signed-off-by: Christian Berendt <[email protected]>
osism · Nov 22, 2023 · 9d7a70d · 9d7a70d
1 parent f325c7d
commit 9d7a70d
Showing 1 changed file with 17 additions and 4 deletions.
diff --git a/docs/guides/deploy-guide/bootstrap.md b/docs/guides/deploy-guide/bootstrap.md
@@ -9,7 +9,8 @@ Before the nodes can be bootstrapped, they must all have already been provisione
 The guide for this can be found in the section
 [Provisioning of management and control plane nodes](./provisioning)
 
-The following steps are applied to bootstrap all nodes. After the completion of the bootstrap, the nodes are already ready for use.
+The following steps are applied to bootstrap all nodes. After the completion of the bootstrap,
+the nodes are already ready for use.
 
 1. Create operator user.
 
@@ -20,11 +21,23 @@ The following steps are applied to bootstrap all nodes. After the completion of
    * The operator public SSH key has to be added in advance on all nodes to `authorized_keys` file
      of the user specified with `-u`. This key is stored as `operator_public_key` in the file
      `environments/configuration.yml`.
-   * Alternatively (not recommended), the password can be stored in plain text in a file `/opt/configuration/secrets/osism_password`.
-     The parameter `--conn-pass-file /opt/configuration/secrets/osism_password` must then also be specified:
+
+     Alternatively (not recommended), the password can be stored in plain text in a file `/opt/configuration/secrets/conn_password`.
+     The parameter `--conn-pass-file /opt/configuration/secrets/conn_password` must then also be specified:
+
+     ```
+     osism apply operator -u osism \
+       --conn-pass-file /opt/configuration/secrets/conn_password
+     ```
+
+   * It is important that this user has sudo rights with `NOPASSWD`.
+
+     Alternatively (not recommended), the password can be stored in plain text in a file `/opt/configuration/secrets/become_password`.
+     The parameter `--become-pass-file /opt/configuration/secrets/become_password` must then also be specified:
 
      ```
-     osism apply operator -u osism --conn-pass-file /opt/configuration/secrets/osism_password
+     osism apply operator -u osism \
+       --become-pass-file /opt/configuration/secrets/become_password
      ```
 
    * When using the [osism/node-image](https://github.com/osism/node-image) the user is `osism` and the password of this