Changes

From SME Server
Jump to navigationJump to search
4 bytes removed ,  02:06, 27 August 2023
Line 21: Line 21:  
In our build, we will have only 2 servers.  
 
In our build, we will have only 2 servers.  
   −
* hub - which will run the hub, web, build daemon and def|Yum repository daemon  
+
* hub - which will run the hub, web and dnf|Yum repository daemon
 
* build server - there can be multiple of these, but we'll just do 1 to start with
 
* build server - there can be multiple of these, but we'll just do 1 to start with
   Line 46: Line 46:  
</syntaxhighlight>I installed and configured some basic tools and settings to help manage and debug the server (Cockpit can be accessed at http://<ip address or name>:9090)<syntaxhighlight lang="bash">
 
</syntaxhighlight>I installed and configured some basic tools and settings to help manage and debug the server (Cockpit can be accessed at http://<ip address or name>:9090)<syntaxhighlight lang="bash">
 
systemctl enable --now cockpit.socket
 
systemctl enable --now cockpit.socket
 +
systemctl start cockpit.socket
 
dnf config-manager --set-enabled powertools
 
dnf config-manager --set-enabled powertools
 
dnf install epel-release
 
dnf install epel-release
Line 179: Line 180:  
koji_make_cert.sh kojid
 
koji_make_cert.sh kojid
 
koji_make_cert.sh kojiadmin
 
koji_make_cert.sh kojiadmin
</syntaxhighlight>Now we create the koji administration user (kojiadmin) and set up the certs.
  −
  −
We need to be the kojiadmin user to get the right permissions when we copy over the required certs, so...<syntaxhighlight lang="bash">
  −
useradd kojiadmin
  −
su - kojiadmin
  −
mkdir ~/.koji
  −
cp /etc/pki/koji/kojiadmin.pem ~/.koji/client.crt  # NOTE: It is IMPORTANT you use the PEM and NOT the CRT
  −
cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/clientca.crt
  −
cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/serverca.crt
  −
exit
   
</syntaxhighlight>
 
</syntaxhighlight>
   
====== Koji Hub ======
 
====== Koji Hub ======
 
Install koji hub and pre-requisites<syntaxhighlight lang="bash">
 
Install koji hub and pre-requisites<syntaxhighlight lang="bash">
Line 332: Line 322:  
;certificate of the CA that issued the HTTP server certificate
 
;certificate of the CA that issued the HTTP server certificate
 
serverca = ~/.koji/serverca.crt
 
serverca = ~/.koji/serverca.crt
</syntaxhighlight>Log in as kojiadmin and test the connection<syntaxhighlight lang="bash">
+
</syntaxhighlight>Now we create the koji administration user (kojiadmin) and set up the certs.
 +
 
 +
We need to be the kojiadmin user to get the right permissions when we copy over the required certs, so...<syntaxhighlight lang="bash">
 +
useradd kojiadmin
 
su - kojiadmin
 
su - kojiadmin
 +
mkdir ~/.koji
 +
cp /etc/pki/koji/kojiadmin.pem ~/.koji/client.crt  # NOTE: It is IMPORTANT you use the PEM and NOT the CRT
 +
cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/clientca.crt
 +
cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/serverca.crt
 +
chmod 0600 ~/.koji/*.crt
 +
</syntaxhighlight>Test the connection<syntaxhighlight lang="bash">
 
koji moshimoshi
 
koji moshimoshi
 
</syntaxhighlight>you should see<syntaxhighlight lang="bash">
 
</syntaxhighlight>you should see<syntaxhighlight lang="bash">
381

edits

Navigation menu