Update Sq docs

ansible/plays/provision/mac_square.yml

@@ -13,6 +13,7 @@
   vars:
     install_homebrew_apps_password: "{{ become }}"
     install_homebrew_fonts: true
+    install_ssh: false # rely on Square ssh config and keys
     dockitems_to_persist:
 
     dockitems_to_remove:

ansible/plays/provision/mac_terminal.yml

@@ -28,3 +28,4 @@
   vars:
     install_homebrew_packages: true
     install_homebrew_fonts: true
+    install_ssh: true

ansible/roles/ssh/files/config

@@ -8,10 +8,12 @@ AddressFamily inet
 Host * !github.com
   CertificateFile ~/.ssh/id_ed25519-cert.pub
 
+Host 192.168.*,*.alxdr.ca,*.adrw.xyz
+  IdentityFile ~/.ssh/id_rsa
+
 Host *
   AddKeysToAgent yes
   ChallengeResponseAuthentication yes
-  # IdentityFile ~/.ssh/id_rsa
   IdentityFile ~/.ssh/id_ed25519
   HashKnownHosts yes
   PasswordAuthentication no

docs/square.md

@@ -1,28 +1,30 @@
 ## Square Setup
 
 ```
-$ ./bootstrap.sh -p mac_square -r -b /opt/homebrew -v -s adrw
+$ ./bootstrap.sh -p mac_square -r -v -s adrw
 ```
 
 ## Steps
 
+- Login to VPN
+- Follow steps in go/ssh to create new SSH key, and add to Github and Registry
+- Follow steps in [go/cashmobileguide](https://cash-mobile-guide.squarecloudservices.com/android/setup/) to do sq-bootstrap, ssh config, java
 - Use quick start command from README to run bootstrap with the above options
-- Follow steps in go/ssh to create new SSH key, and add to Bitbucket, Github, and Registry
-- Rerun bootstrap which now should succeed (especially for the Square specific parts that require Bitbucket access)
-- Run `$ babushka cacerts java mysql`
-- Manually import square-primary-g2 cert
-  - `cd ~/.babushka/deps/cacerts`
-  - `sudo keytool -import -noprompt -storepass changeit -cacerts -alias square-service-authority -file square-primary-g2.pem`
-  - The presence of the certificate can be verified using the keytool:
-    `keytool -list -v -storepass changeit -keystore '/Library/Java/JavaVirtualMachines/<JRE/JDK>/Contents/Home/lib/security/cacerts' | grep 'SHA1: 02:8C:D8:2A:FC:79:3D:18:83:80:DF:48:1C:5F:F3:D1:72:A0:69:C1'`
-- Install `rvm` [instructions](https://rvm.io/)
-  ```
-  gpg2 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
-  \curl -sSL https://get.rvm.io | bash -s stable --auto-dotfiles
-  rvm install 2.6
-  rvm use --default 2.6
-  ```
-- Install `config_files` to get all default Square CLI tools, Ruby Gems, and configuration
+- Below steps may not be needed because of sq-boostrap
+  - Run `$ babushka cacerts java mysql`
+  - Manually import square-primary-g2 cert
+    - `cd ~/.babushka/deps/cacerts`
+    - `sudo keytool -import -noprompt -storepass changeit -cacerts -alias square-service-authority -file square-primary-g2.pem`
+    - The presence of the certificate can be verified using the keytool:
+      `keytool -list -v -storepass changeit -keystore '/Library/Java/JavaVirtualMachines/<JRE/JDK>/Contents/Home/lib/security/cacerts' | grep 'SHA1: 02:8C:D8:2A:FC:79:3D:18:83:80:DF:48:1C:5F:F3:D1:72:A0:69:C1'`
+  - Install `rvm` [instructions](https://rvm.io/)
+    ```
+    gpg2 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
+    \curl -sSL https://get.rvm.io | bash -s stable --auto-dotfiles
+    rvm install 2.6
+    rvm use --default 2.6
+    ```
+- (Optional) Install `config_files` to get all default Square CLI tools, Ruby Gems, and configuration
 - Manuall download Mac App Store apps (Byword, Affinity, Microsoft Office...)
 - polyrepo
   - polyrepo init