I want to fully automate the setup of Pritunl on an AWS EC2 instance using Terraform. After deployment, when accessing the Pritunl web UI, it requires manually retrieving the setup key and default credentials from the instance and entering them into the web UI. How can I automate this process so that the setup key is entered automatically, and the default credentials are retrieved, updated with a new password, and provided as Terraform outputs?
There is a community developed Pritunl Terraform provider. The setup key is only used to prevent a new Pritunl server open to the internet from being configured without authorization from the web console. The MongoDB URI can be set either from running sudo pritunl set-mongodb or directly in /etc/pritunl.conf. The default password would need to be retrieved from the command sudo pritunl default-password.
I’m using the following commands in userdata to automate the setup and avoid manual entry from the web UI:
SETUP_KEY=$(sudo pritunl setup-key)
sudo pritunl setup-key "$SETUP_KEY"
sudo pritunl set-mongodb "mongodb://localhost:27017/pritunl"
ADMIN_USERNAME="admin"
ADMIN_PASSWORD="SuperSecurePassword123"
sudo pritunl set app.username "$ADMIN_USERNAME"
sudo pritunl set app.password "$ADMIN_PASSWORD"
However, it’s still not working. Does Pritunl require manual configuration from the web UI, or is there another way to automate this setup?
There is no setup-key command that takes the setup key as an argument. The setup-key command does not need to be run when configuring the server from the CLI.
There are no CLI commands to set the username or password.
So, does this mean there’s no way to automate the manual process of setting up the setup key and default password from the web UI? Do we have to manually run those commands in the CLI, then copy and paste them into the web UI? Is this the only option?
The setup key is a temporary key used on for the initial web browser configuration, if the configuration is done manually on the server there is no setup key. The only correct commands are sudo pritunl set-mongodb "mongodb://localhost:27017/pritunl" then sudo systemctl start pritunl wait several seconds for the system to initialize then run sudo pritunl default-password.