This guide provides instructions on how to install QBO on a bare-metal HOST running Debian 12 and configure the HOST as a LINK or an ORIGIN. Follow the steps below and ensure all prerequisites are met before proceeding.
Overall Flow
Definitions
Term
Definition
Notes
HOST
A bare-metal server
Any AMD64 or ARM64 hardware.
ORIGIN
The first HOST configured and deployed with the QBO API
The first HOST configured and deployed with the QBO API. The ORIGIN manages the cloud (e.g., .cloud.qbo.io) and provisions LINKs. It can either be user-managed or QBO-managed.
LINK
A bare-metal server configured as a LINK using the QBO API
LINKs connect to the ORIGIN cloud and are self-provisioned by the ORIGIN.
Example: 435161597188-k1hqld6ouhve09i7jovbrk811dla8n76.apps.googleusercontent.com — OAuth 2.0 credentials required for authentication during API interactions.
Example: o-221241c9.cloud.qbo.io — The authorized origin for OAuth 2.0 client requests.
Notes:
[1] AMD64: Refers to 64-bit x86 architecture. [2] Firefox and Chrome-based browsers: Ensure the browser is updated to the latest version for compatibility with the web console. Firefox has limited support for WebRTC, which may restrict functionality when using QBO’s Plasma Workstation.
GitHub Project
Create a classic token if you don’t already have one, or generate any other token that allows access to the install repository.
To clone the repository containing the QBO configuration and setup scripts, use the following command:
git clone https://github.com/alexeadem/install.git cd install
Configuration Files
Below is a description of the configuration files, how to obtain them, and their relevance for LINK or ORIGIN deployments.
Before proceeding, please ensure you have an env file. If you don’t have one, contact the QBO account team to obtain it at [email protected].
A script used for ORIGIN and LINK configuration and deployment, as described in this document. It uses a wizard-based configuration to generate the necessary configuration files from the env file.
Public authentication credentials required to authenticate with the QBO web console. This file is obtained from the Google API and Services section in the Google Cloud Console.
Contains QBO registry authentication credentials, used to retrieve API, CLI, SHELL, and instance images. If you are using QBO registries, these credentials will be provided by the QBO account team.
LINK user service account. This key is provided by the QBO account team if using QBO managed ORIGIN and should be set as a variable in the env file. If you are using your own ORIGIN, you can create a user with link level permissions by an admin user and use that service account to populate the link.json file.
Contains the Google Cloud DNS Service Account credentials, which can be obtained from the Google Cloud Console. See below for instructions.
QBO Configuration Script
The qbo script will help you to configure the system for the QBO API deployment in LINK or ORIGIN mode. It uses a wizard-based configuration to generate the necessary configuration files above from the env file.
Here is a sample of usage:
./qbo >>> qbo start api -- start api -C { domain } -- * required valid domain name. example: cloud.qbo.io -c -- start clean -r -- build type. default: prod -T -- tag. default: latest -t { link | origin } -- API mode. default: link >>> qbo stop api -- stop api api >>> qbo attach terminal -- attach api. (CTRL-p, CTL-q) to exit >>> qbo logs api -- get api logs -f -- follow logs -j -- output json -e -- output vi >>> qbo test host -- test HOST compatibility >>> qbo configure api -- configure API in mode LINK or ORIGIN -C { domain } -- * required valid domain name. example: cloud.qbo.io -r { prod |stage } -- configure build type. default: prod -t { link | origin } -- configure link or origin. default: link -c -- clean previous configuration >>> qbo configure host -- configure host or API -C { domain } -- * required valid domain name. example: cloud.qbo.io -r { prod |stage } -- configure build type. default: prod -a -- all -u -- update -p -- apparmor -h -- hostname -U -- user -m -- motd -e -- vim -v -- ipvsadm -i -- iptables -d -- docker -R -- registry -x -- nvidia -s -- ssh -I -- images
The following command can perform compatibility tests before any installation
./qbo test host HOSTNAME: fenestra.cloud.qbo.io ARCH: x86_64 ------------------------------------------------------------------------------- <Press any key to continue> | <CTRL+C to exit>
Host Configuration
The following command will perform all host-level configurations to set up the host as either ORIGIN or LINK:
ORIGIN configuration: The -C option should specify your cloud domain name. cloud.qbo.io is used here as an example.
LINK configuration: The -C option should specify cloud.qbo.io if you do not manage an ORIGIN and are using a QBO managed ORIGIN. Otherwise, you should specify the domain name of your ORIGIN.
./qbo configure host -C cloud.qbo.io -a >>> cloud.qbo.io CLOUD: *.cloud.qbo.io TYPE: link IMAGE: eadem/api:latest BUILD: prod _ALL: 1 CLEAN: 0 ------------------------------------------------------------------------------- <Press any key to continue> | <CTRL+C to exit>
Upon successful configuration the API is ready to host the API in mode LINK or ORIGIN.
This is the end of any command run as root. Any other command from now on should be run as user qbo.
User Level Configuration
SSH Access
If you’ve replaced the default public key id_rsa.pub, use your private key to access the system; otherwise, use the provided id_rsa private key from the repository.
Before logging out as the root user and closing the session, start a new session using the qbo user from another SSH shell session. All subsequent commands must be executed as the qbo user.
The qbo script will automatically add a public SSH key to the authorized_hosts file. The host can then only be accessed using the corresponding private key, as password authentication will be disabled.
Key Permissions
If necessary, change the permissions of the private key file using the following command:
chmod 600 id_rsa
Start a new shell session using the IP address of the host:
ssh -i id_rsa qbo@$IP
LINK
If you are configuring an ORIGIN, go to this section: QBO ORIGIN.
Google Cloud Client ID
For a QBO managed ORIGIN, the client_id will be provided in the env file by the QBO account team. In this case, proceed to the next section.
For an user-managed ORIGIN, retrieve the client_id from the Google Cloud Console under Google API & Services. You can either set it manually in your env file or provide it during the wizard setup. The wizard will generate an iam.json file containing the client_id.
QBO API
Before proceeding, ensure the following prerequisites are completed:
Prerequisite
Notes
[✓]
env file configured
The environment file with IAM, LINK, and REGISTRY variables should be properly set. If the env file is not in the root folder of the repository and was provided separately, copy it to the root directory of the repository.
You should have an active SSH connection under the qbo user
[✓]
Github repo
As the qbo user, clone the repository into /home/qbo
LINK Configuration
The following command will configure the API in LINK mode (-t link) using the domain cloud.qbo.io (-C cloud.qbo.io). A wizard will start, guiding you through the process of configuring the API in LINK mode.
If you have your own ORIGIN, you should specify the ORIGIN‘s domain name. Otherwise, use QBO’s ORIGIN: cloud.qbo.io.
./qbo configure api -C cloud.qbo.io -c
>>> cloud.qbo.io CLOUD: *.cloud.qbo.io TYPE: link IMAGE: eadem/api:latest BUILD: prod _ALL: 0 CLEAN: 1 ------------------------------------------------------------------------------- <Press any key to continue> | <CTRL+C to exit> [WARNING]: The environment file containing authentication credentials was not found. These credentials are necessary to run QBO inlink mode. Contact the QBO account team at [email protected] to obtain the file, or enter the credentials manually using this wizard. <Press any key to continue> | <CTRL+C to exit>
registry.json
>>> registry.json Enter QBO Registry Credentials (prod): [INFO]: Input in JSON format < { "user": "qbo", "auth": "git.qbo.io", "token": "glpat-h7hsw1_tGCDFUU7tyBq2", "repo": "cloud", "hostname": "registry.qbo.io", "type": "gitlab" }
{ "user": "qbo", "auth": "git.qbo.io", "token": "glpat-h7hsw1_tGCDFUU7tyBq2", "repo": "cloud", "hostname": "registry.qbo.io", "type": "gitlab" } <Press any key to continue> | <CTRL+C to exit>
id_rsa.pub
>>> id_rsa.pub Enter SSH Id RSA Public Key: [INFO]: The 'qbo' script will automatically add a public SSH key to the 'authorized_hosts' file. The host can then only be accessed using the corresponding private key, as password authentication will be disabled. < ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAABCAQCmAu9Svd4MwTrse5ouXvMED2jUGgbynbQs3VxG9kB0tb3RycrL923VrA+amh+YN8VGgphk/b7TxnWR5l26VfMqIv2CmXwi7OTqmUN6I4WQQsFnkU0v5lPtMp5Wl0CvWG6l6woYT9p2lblB6XoiLAnMrlHJ6xSzGJP8Wj0IVIrU54DGhI23IJhrOHBOGEcpIPc9qbmt47CB7jF+fYXjkFxOjYIMWkoMncuq+D/8/kbilZ4sbXF0hBrNYL0xN3g36ce0p/jE/525PxRuzaYOuf3oGeqFFd8BjQfENFiPn3x2In3x9mTzUYKkniedC5PuWuP4BkwI6/yfDs63HqzH4NPz5XqOKzlxwAN8co9xdOjt4v3zIUpLPJ2KTdh00quQMXITu+Ew4hnbRpoJDGu9Gra9Hw2osUMeVhLawfiu9PFaa0ysEzzi4lvZJZzV57VPoJpZD9H9hQDp6ixaNgWckQI6csAeOFrVSpYnleVjVzspyYfRQaikcZRUn3S4NOQT/gOtbqIlZsKwth51gBOhIgerknDcfY8ykXtYvJ6GqgEu+yzbJt8tXEbaEOYqNnH1WundqfouyqqnlgtzV4ac+RcGx6UDl/Ift3i1/IVwJP4dIdlgcrp+KMKWJ/uxIPFHy8QUlhTlnJyzqHmZUy5bVRP/zPFnJ0GyXjF2BXma2Y+xVw== [email protected] ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAABCAQCmAu9Svd4MwTrse5ouXvMED2jUGgbynbQs3VxG9kB0tb3RycrL923VrA+amh+YN8VGgphk/b7TxnWR5l26VfMqIv2CmXwi7OTqmUN6I4WQQsFnkU0v5lPtMp5Wl0CvWG6l6woYT9p2lblB6XoiLAnMrlHJ6xSzGJP8Wj0IVIrU54DGhI23IJhrOHBOGEcpIPc9qbmt47CB7jF+fYXjkFxOjYIMWkoMncuq+D/8/kbilZ4sbXF0hBrNYL0xN3g36ce0p/jE/525PxRuzaYOuf3oGeqFFd8BjQfENFiPn3x2In3x9mTzUYKkniedC5PuWuP4BkwI6/yfDs63HqzH4NPz5XqOKzlxwAN8co9xdOjt4v3zIUpLPJ2KTdh00quQMXITu+Ew4hnbRpoJDGu9Gra9Hw2osUMeVhLawfiu9PFaa0ysEzzi4lvZJZzV57VPoJpZD9H9hQDp6ixaNgWckQI6csAeOFrVSpYnleVjVzspyYfRQaikcZRUn3S4NOQT/gOtbqIlZsKwth51gBOhIgerknDcfY8ykXtYvJ6GqgEu+yzbJt8tXEbaEOYqNnH1WundqfouyqqnlgtzV4ac+RcGx6UDl/Ift3i1/IVwJP4dIdlgcrp+KMKWJ/uxIPFHy8QUlhTlnJyzqHmZUy5bVRP/zPFnJ0GyXjF2BXma2Y+xVw== [email protected] <Press any key to continue> | <CTRL+C to exit>
iam.json
>>> iam.json Enter Google Authentication Client ID: [INFO]: Your Client ID can be found under 'API & Services'in the Google Cloud Console. Visit https://console.cloud.google.com/apis/credentials to locate it. It is required to authenticate your application with Google services. Example: '1234567890-abcdefg.apps.googleusercontent.com'. < 618979529734-pba2m5leob2ouggj12153nkuvvnou681.apps.googleusercontent.com { "client_id": "618979529734-pba2m5leob2ouggj12153nkuvvnou681.apps.googleusercontent.com", "provider": "google" } <Press any key to continue> | <CTRL+C to exit>
link.json
>>> link.json Enter QBO LINK Service Account: [INFO]: You should have received a QBO LINK service account from the QBO account team, or it should be available in your env file. If you haven't received it, please contact [email protected] for assistance. < { "provider": "qbo", "type": "service_account", "qbo_uid": { "crv": "P-521", "kty": "EC", "x": "AZEZgwvTKsXodvyWvwQ_jkQBIxL5\6S-6yJBIAxpZEeDMn3ZAUsnAhpl7B-q9NJRs9zs7v3itfXRQeSjxLSjmSx4as", "y": "AGCSspCH7gJfMZ71OM1spca_Z8-GRtPynd5G_H5fXj-Nivn-BOpRx9ws_wmPLPLcpxhS0O7mUlgGH_LZgH0wrA3W" }, "qbo_aux": "72605773-5885-4c43-90cd-1d06abddc4d7", "qbo_port": 443, "qbo_host": "origin.cloud.qbo.io", "qbo_user": "[email protected]" } { "provider": "qbo", "type": "service_account", "qbo_uid": { "crv": "P-521", "kty": "EC", "x": "AZEZgwvTKsXodvyWvwQ_jkQBIxL5\6S-6yJBIAxpZEeDMn3ZAUsnAhpl7B-q9NJRs9zs7v3itfXRQeSjxLSjmSx4as", "y": "AGCSspCH7gJfMZ71OM1spca_Z8-GRtPynd5G_H5fXj-Nivn-BOpRx9ws_wmPLPLcpxhS0O7mUlgGH_LZgH0wrA3W" }, "qbo_aux": "72605773-5885-4c43-90cd-1d06abddc4d7", "qbo_port": 443, "qbo_host": "origin.cloud.qbo.io", "qbo_user": "[email protected]" } <Press any key to continue> | <CTRL+C to exit>
ls ./cloud.qbo.io/prod/ iam.json id_rsa.pub link.json registry.json
Start LINK
Once the LINK wizard configuration is completed, the configuration files will be generated under cloud.qbo.io (or under your ORIGIN‘s domain name if you are not using QBO’s), and they will be read when the API starts.
The following command will start the LINK with notice-level logging (-l notice), perform a clean install (-c) which will delete and prune previous Docker images and configurations, and set the default build type to prod (-r prod).
./qbo start api -C cloud.qbo.io -lnotice -t origin -c CLOUD: *.cloud.qbo.io TYPE: origin IMAGE: eadem/api:latest BUILD: prod ------------------------------------------------------------------------------- <Press any key to continue> | <CTRL+C to exit>
Note that this configuration is needed for ORIGIN deployments only.
Add a zone on the Google Cloud DNS console.
Save your zone name. It will use in your in your dns.json to fill in the zone field
DNS Configuration Once the zone is created, a set of Google DNS records will be generated. Use these DNS entries to delegate your domain by adding the provided NS records to your DNS provider.
Add the following NS records in your DNS provider.
The DNS provider for the domain _.qbo.io may differ from the _.cloud.qbo.io zone managed by Google DNS.”
Note that this configuration is needed for ORIGIN deployments only.
To allow authentication from the Origin, add an OAuth client ID under API & Services.
Google Cloud Client ID
Once completed, you can fill in your iam.json configuration from the Google console under Google API and Services.
Google Cloud DNS Service Account
Note that this configuration is needed for ORIGIN deployments only.
Below is an example of the service account configuration obtained when adding an API key to the Google Service account:
Note that zone and provider are added as part of the Service Account configuration in dns.json
QBO API
Before proceeding, ensure the following prerequisites are completed:
Prerequisite
Notes
[✓]
env file configured
The environment file with IAM, KEY, and REGISTRY variables should be properly set. If the env file is not in the root folder of the repository and was provided separately, copy it to the root directory of the repository.
You should have an active SSH connection under the qbo user
[✓]
Github repo
As the qbo user, clone the repository into /home/qbo
ORIGIN Configuration
The following command will configure the API in ORIGIN mode (-t origin) using the domain cloud.qbo.io (-C cloud.qbo.io). A wizard will start, guiding you through the process of configuring the API in ORIGIN mode.
cloud.qbo.io is provided as an example; you should use your own domain name.
./qbo configure api -C cloud.qbo.io -c -t origin
>>> cloud.qbo.io CLOUD: *.cloud.qbo.io TYPE: origin IMAGE: eadem/api:latest BUILD: prod _ALL: 0 CLEAN: 1 ------------------------------------------------------------------------------- <Press any key to continue> | <CTRL+C to exit> [WARNING]: The environment file containing authentication credentials was not found. These credentials are necessary to run QBO in origin mode. Contact the QBO account team at [email protected] to obtain the file, or enter the credentials manually using this wizard. <Press any key to continue> | <CTRL+C to exit>
registry.json
>>> registry.json Enter QBO Registry Credentials (prod): [INFO]: Input in JSON format < { "user": "qbo", "auth": "git.qbo.io", "token": "glpat-h6hsw1_tGCDFUU7tyAq2", "repo": "cloud", "hostname": "registry.qbo.io", "type": "gitlab" }
{ "user": "qbo", "auth": "git.qbo.io", "token": "glpat-h6hsw1_tGCDFUU7tyAq2", "repo": "cloud", "hostname": "registry.qbo.io", "type": "gitlab" } <Press any key to continue> | <CTRL+C to exit>
id_rsa.pub
>>> id_rsa.pub Enter SSH Id RSA Public Key: [INFO]: The 'qbo' script will automatically add a public SSH key to the 'authorized_hosts' file. The host can then only be accessed using the corresponding private key, as password authentication will be disabled. < ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAABCAQCmAu9Svd4MwTrse5ouXvMED2jUGgbynbQs3VxG9kB0tb3RycrL923VrA+amh+YN8VGgphk/b7TxnWR5l26VfMqIv2CmXwi7OTqmUN6I4WQQsFnkU0v5lPtMp5Wl0CvWG6l6woYT9p2lblB6XoiLAnMrlHJ6xSzGJP8Wj0IVIrU54DGhI23IJhrOHBOGEcpIPc9qbmt47CB7jF+fYXjkFxOjYIMWkoMncuq+D/8/kbilZ4sbXF0hBrNYL1xN3g35ce0p/jE/525PxRuzaYOuf3oGeqFFd8BjQfENFiPn3x2In3x9mTzUYKkniedC5PuWuP4BkwI6/yfDs63HqzH4NPz5XqOKzlxwAN8co9xdOjt4v3zIUpLPJ2KTdh00quQMXITu+Ew4hnbRpoJDGu9Gra9Hw2osUMeVhLawfiu9PFaa0ysEzzi4lvZJZzV57VPoJpZD9H9hQDp6ixaNgWckQI6csAeOFrVSpYnleVjVzspyYfRQaikcZRUn3S4NOQT/gOtbqIlZsKwth51gBOhIgerknDcfY8ykXtYvJ6GqgEu+yzbJt8tXEbaEOYqNnH1WundqfouyqqnlgtzV4ac+RcGx6UDl/Ift3i1/IVwJP4dIdlgcrp+KMKWJ/uxIPFHy8QUlhTlnJyzqHmZUy5bVRP/zPFnJ0GyXjF2BXma2Y+xVw== [email protected] ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAABCAQCmAu9Svd4MwTrse5ouXvMED2jUGgbynbQs3VxG9kB0tb3RycrL923VrA+amh+YN8VGgphk/b7TxnWR5l26VfMqIv2CmXwi7OTqmUN6I4WQQsFnkU0v5lPtMp5Wl0CvWG6l6woYT9p2lblB6XoiLAnMrlHJ6xSzGJP8Wj0IVIrU54DGhI23IJhrOHBOGEcpIPc9qbmt47CB7jF+fYXjkFxOjYIMWkoMncuq+D/8/kbilZ4sbXF0hBrNYL1xN3g35ce0p/jE/525PxRuzaYOuf3oGeqFFd8BjQfENFiPn3x2In3x9mTzUYKkniedC5PuWuP4BkwI6/yfDs63HqzH4NPz5XqOKzlxwAN8co9xdOjt4v3zIUpLPJ2KTdh00quQMXITu+Ew4hnbRpoJDGu9Gra9Hw2osUMeVhLawfiu9PFaa0ysEzzi4lvZJZzV57VPoJpZD9H9hQDp6ixaNgWckQI6csAeOFrVSpYnleVjVzspyYfRQaikcZRUn3S4NOQT/gOtbqIlZsKwth51gBOhIgerknDcfY8ykXtYvJ6GqgEu+yzbJt8tXEbaEOYqNnH1WundqfouyqqnlgtzV4ac+RcGx6UDl/Ift3i1/IVwJP4dIdlgcrp+KMKWJ/uxIPFHy8QUlhTlnJyzqHmZUy5bVRP/zPFnJ0GyXjF2BXma2Y+xVw== [email protected] <Press any key to continue> | <CTRL+C to exit>
iam.json
>>> iam.json Enter Google Authentication Client ID: [INFO]: Your Client ID can be found under 'API & Services'in the Google Cloud Console. Visit https://console.cloud.google.com/apis/credentials to locate it. It is required to authenticate your application with Google services. Example: '1234567890-abcdefg.apps.googleusercontent.com'. < 618979529734-pba2m5leob2ouggj12153nkuvvnou681.apps.googleusercontent.com { "client_id": "618979529734-pba2m5leob2ouggj12153nkuvvnou681.apps.googleusercontent.com", "provider": "google" } <Press any key to continue> | <CTRL+C to exit>
{ "crv": "P-521", "kty": "EC", "x": "AfZNaIVMIGh6Qc5WuaWxwa0xHwriJ_d1bTemKtdl208oAkeB2xbhXHSc3QY6RUWHK511glnTRAzP3htAFWPioPck", "y": "ATkunpTXycJj9ZHI2jTJAoYhsb7U-TJlZhXORpkPPo35Wh35dEbzizwgVwIzUxbNgm_pdp1BZKyDJrR86ZnJHbyq", "u": "eyJhbGciOiJFQ0RILUVTIiwgImVuYyI6IkEyNTZDQkMtSFM1MTIiLCAiZXBrIjp7ImNydiI6IlAtNTIxIiwia3R5IjoiRUMiLCJ4IjoiQVE0M1NMV3RvVnpRY1IyNF95bUhHS2xkbTlJdGdHMUJUMnlMdUN0ZHNfYklUSWJubFVHOXNPZWQ4LTdJVWhCWUllS1NUVmozZ3ZLNEF0VVUxM09FVDItSiIsInkiOiJBR0htcUNEX0oxLWFhRG5LQTVWbkxwa01jdEFHb1dKX2l1QS1qT2JKTkpIcmo4UG1FWDdzR0ZHanNKOVZMOXhqZm9ycmJnSUtwQ3NHYkVneF91UzBfU01HIn19..OW77Md5cELnCwL44CAMBlA.oiTQA528L7d7qs6hALbICPSL9d_W2e0znafHDklX2yDwELsKFiJxbhM1TL0B3JTmlmMYOaAcCBwjWSJMO3qVkg.SCkcPO4TVQH7xv21Z7Iwh5W56Tad_SQUJu4KmdWElyM", "ipse": "o-5b92876f.acme.cloud" } <Press any key to continue> | <CTRL+C to exit>
acme.json
>>> acme.json Enter ACME Country: US [INFO]: The 'Country' field specifies the country where your organization is based. Enter a valid two-letter country code as per the ISO 3166-1 standard. For example, 'US'for the United States or 'GB'for the United Kingdom < Enter ACME Locality: San Francisco [INFO]: The 'Locality' field specifies the city or locality of your organization. Example: San Francisco < Enter ACME Organizaton: [INFO]: The 'Organization' field identifies your organization within the certificate. Example: Acme Technologies LLC < qbo Organization name is valid. Organization name is valid. Enter ACME State: { CA } [INFO]: The 'State' field specifies the state, province, or region where your organization is located. Enter the full name of the state or its appropriate abbreviation. For example, 'California' or 'CA'for California in the United States, 'Ontario' or 'ON'for Ontario in Canada. < Enter ACME Email: < [email protected] { "provider": "letsencrypt", "type": "dns-01", "auth-path": "/tmp/qbo/acme/live/cloud.qbo.io/auth.jwk", "cert-path": "/tmp/qbo/acme/live/cloud.qbo.io/fullchain.pem", "key-path": "/tmp/qbo/acme/live/cloud.qbo.io/privkey.pem", "directory-url": "https://acme-v02.api.letsencrypt.org/directory", "country": "US", "state": "CA", "locality": "San Francisco", "organization": "qbo", "common-name": "*.cloud.qbo.io", "email": "[email protected]" } <Press any key to continue> | <CTRL+C to exit>
dns.json
>>> dns.json Enter Google Cloud DNS Zone Name: [INFO]: You can find your DNS Zone Name in the Google Cloud Console at: https://console.cloud.google.com/net-services/dns/zones. Please ensure the zone name corresponds to the correct DNS configuration for your project. < eadem Enter Google Cloud DNS Service Account: [INFO]: You can find your DNS Cloud Service Account under 'IAM & Admin'in the Google Cloud Console: https://console.cloud.google.com/iam-admin/serviceaccounts < { "type": "service_account", "project_id": "eadem", "private_key_id": "710d5070481253a8036f5635b42fff9ccacafb97", "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDxyms7gXZfAREA\ngIkPGbq8BDXpTNxC4L90jgZj7acGH+NNdY8VhMyBlE0cgPwdqaNqubEqKCwLMXWV\n60Z9sohdwlF/1IO2xvxiSuAMJUwWlTPhzUvP1eLghW0bco8Anj7OkODNJbOefZRe\nGyIvhGtCYlOdqCSYq6WuQmfT0QUwoMC3XL0f6YYb8uV5du0RCDNgkVlsezxsy7DM\nlTYo4xFLcC+HDaHl4vO9n/WuRxjbQVsdyrhQi5xlhz4QCG2O8RY8+bAvvwt5pGg+\n9pui6OCPkdDn2TnmRocsorBRotKiHSMaqkFIXCEHOycU/TmL5hcxn2U7vxpvO4NY\nRYe5kyWLAgMBAAECggEAJCwou7fECjWCIiWYm5o5TfyBRjxZ7WVrLxg6S4PXy3pE\nyqdONyVtZOtXV+7SCOwChyptn0VwRWJqWXnfy1lEvmYeRDX6WINPabMS7q47wlsi\n7mKEt3yjmvxLFOKgEzMZaVTSVM6RnyHhauy7QgmY9E76fGkVxINVX4sOtmkcUihI\nB3WKB7VSV0PMbXR50fD8dJSFRDx1wPmemJhjkgAM14tlEaSYBbdu2h3e1DIcbpX3\nhYe6uSsfCNmG7bVThalaQSWcPzKzk/EX/2/PK5D7cWidU6hhBNiOyKlej+i27Zo9\nOQ0yGuXl8YZVtD8zJMzmDCVrUiXYJ01zs2ylOK8g3QKBgQD992I8hv0xsfLhCO+z\n2JrxmoyINQ0Or5LZU8/RMsPLgS6DpmOLzQz8kiwR/U1yBevQ+NJ5kwALE4cuhVw6\ndilD4eDE7kOLGmMjmVrcGX6La9rUOOESp4uqqvp8m2EGS2hBrQjkoNGKuwjxiGQY\nXdFJDxIKDHNCAA8mD+3PI+EmpQKBgQDzuhNmIMDu0OXS0rTAwxC5YkBaZOitGDhl\nXQrKqh/glV0VnGT0XgRB74yrb0G57ZE5r2ND5l95j4B29YXm0D7mkLtUbDTRflkY\ndEPAzm8zseJ+dVnrV35i2iQx2c/vStXCGeVthPU9SgI2UT0RJe8HAJwEoHe+CGMA\nHFMOd2yUbwKBgQCqbvNJJVoTmJUjOgkLC6jnzMzUt618lo0ZNeq4PLYzAw2BIg+a\nCVDWyw2yQOhRRfH8eo9dMS6NQFyu9qZvQU7uFE7wOemwF1RC1q6oGJ/Y1tezJjy9\ndR0Aut+A8hFJ1R8xO/tE2zvkOyKEXQC3bXZ+7hMwFSzgNQP1iikQosZ9VQKBgFA6\nb0pN+9RhFVYJoBBX5bhwfCiFUQYxk9biArxlteqSoDqN6bl6/UHLHe4MyIDwj76C\nWlWujr0QHMSL25D3+cyh1dhbaiOPyLpBA1CDY52Lr7fa30eV3HejwQhb35OweZ7U\nMW6Utrl/FC1XHpf3ebA/Zhwryl7WmegeasS3URmnAoGBALoup0j8VY3lyu814E3b\nQ1zsiqcJnSEZVqoYYe4gOqsmJt7fpOSZC8WMwEbwYS/qcZRN5GfSX090V7LqlmES\npM28LOKHy3jd3aHan4TmoWlkkgE9bTz+TpHbfos4lbRheRc6FY6A6cM6QyXuhJBb\n1tZOXoXpXH3K9A/gH3+CuyW9\n-----END PRIVATE KEY-----\n", "client_email": "[email protected]", "client_id": "104697797075099706139", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/eadem%40eadem.iam.gserviceaccount.com", "universe_domain": "googleapis.com" }
ls cloud.qbo.io/prod/ acme.json dns.json iam.json id_rsa.pub key.json registry.json
Start ORIGIN
Once the ORIGIN wizard configuration is completed, the configuraton files will be generated under cloud.qbo.io in this example and read when the API starts. The following command will start the ORIGIN with notice level logging -lnotice, perform a clean install (which will delete and prune previous Docker images) -c, and prod.
cloud.qbo.io is provided just an example and you should use your own domain name
./qbo start api -C cloud.qbo.io -lnotice -t origin -c CLOUD: *.cloud.qbo.io TYPE: origin IMAGE: eadem/api:latest BUILD: prod ------------------------------------------------------------------------------- <Press any key to continue> | <CTRL+C to exit>
Google Cloud Authorized JavaScript Origin
Note that this configuration is needed for ORIGIN deployments only.
The URL should begin with o-, and you must use the complete URL, for example: https://o-5b92876f.acme.cloud
Web Console Access
You can access the LINK or ORIGIN console through the assigned domain name using a Chrome-based browser.
Before utilizing the QCE or QKE engines, a network must be added for QBO to use. Execute the following command in the QBO web terminal to add the network:
