Bootstrap Offline (Post-Launch)

[fboucquez]

The first version of offline mode. This feature is targeted for exchanges and supernodes owners that don't want to enter any private key in an online machine. The node configuration will be created offline.

This PR requires the voting key native implementation to be merged https://github.com/nemtech/symbol-bootstrap/pull/177

Changes:

• Certificate generation uses a locally installed openssl command (offline). If openssl is not available or fails, it falls back to use docker images (online).
• Added Offline/Online descriptions to each command.
• Added PKG zip distributions of bootstra+nodejs so it's easier to send bootstrap to an offline machine in a pendrive.
• Added --offline to config so it doesn't fallback to docker images, or fails when docker images are required (nemgen tool)

Future Bootstrap offline guide (@segfaultxavi ):

1. Download zip distribution from s3

• https://symbol-bootstrap.s3-eu-west-1.amazonaws.com/dist/v0.4.5/symbol-bootstrap-v0.4.5-darwin-x64.tar.gz
• https://symbol-bootstrap.s3-eu-west-1.amazonaws.com/dist/v0.4.5/symbol-bootstrap-v0.4.5-linux-arm.tar.gz
• https://symbol-bootstrap.s3-eu-west-1.amazonaws.com/dist/v0.4.5/symbol-bootstrap-v0.4.5-linux-x64.tar.gz
• https://symbol-bootstrap.s3-eu-west-1.amazonaws.com/dist/v0.4.5/symbol-bootstrap-v0.4.5-win32-x64.tar.gz
• https://symbol-bootstrap.s3-eu-west-1.amazonaws.com/dist/v0.4.5/symbol-bootstrap-v0.4.5-win32-x86.tar.gz
• https://symbol-bootstrap.s3-eu-west-1.amazonaws.com/dist/v0.4.5/symbol-bootstrap-v0.4.5.tar.gz

(ATM, only Linux, and Mac will work until we fix issue #1 )

2. Copy zip into Pendrive
3. Copy and unzip bootstrap into the offline machine. Probably add symbol-bootstrap bin into the PATH.
4. Create and encrypt the Bootstrap custom preset specifying the keys to be used in the configuration. This will be improved with the wizard allowing the import of a paper wallet offline or the direct to encrypted form prompt of private/public keys. https://github.com/nemtech/symbol-bootstrap/issues/103
5. Run bootstrap config --offline (and compose if the online node can use docker compose) in the offline machine
6. Zip target folder with or without the addreses.yml and presets files. If you don't have those files, it's not possible to run bootstrap commands on the online machine, like --upgrade. Note that bootstrap will only request private keys when necessary, so main account should be only asked on the offline config command (if the target folder hasn't been reset)
7. Copy target zip to a Pendrive then to the online node machine (like AWS or a cloud provider).
8. Run the node with a) symbol-bootstrap start/run b) docker-compose up (if addresses and preset files are excluded) or c) barebone from the compiled source without using docker (for exchanges and supernodes that cannot use docker at all)

The user most likely want to use a custom preset (step 3) like described in https://github.com/nemtech/symbol-bootstrap/blob/dev/docs/presetGuides.md#never-stored-main-private-key

Note that the node admin doesn't need to compile and copy catapult C++ tools for the offline configuration. So if the node admin wants, he/she can run offline config (without docker) and online docker-compose up without even downloading catapult source code.

We will be able to remove the OpenSSL command and Linux/Mac OS requirement for the config --offline mode after implementing https://github.com/nemtech/symbol-bootstrap/issues/1.

Fixes https://github.com/nemtech/symbol-bootstrap/issues/170 Related to forge agent certificate https://github.com/nemtech/symbol-bootstrap/pull/173 Related to wizard https://github.com/nemtech/symbol-bootstrap/issues/103

[fboucquez]

@Wayonb , do you have a mac right? Could you unzip and run the mac distro?

https://symbol-bootstrap.s3-eu-west-1.amazonaws.com/dist/v0.4.5/symbol-bootstrap-v0.4.5-darwin-x64.tar.gz

Is bootstrap creating the certificate using your local openssl (no warnings on config)?