Line 21: |
Line 21: |
| In our build, we will have only 2 servers. | | In our build, we will have only 2 servers. |
| | | |
− | * hub - which will run the hub, web, build daemon and def|Yum repository daemon | + | * hub - which will run the hub, web and dnf|Yum repository daemon |
| * build server - there can be multiple of these, but we'll just do 1 to start with | | * build server - there can be multiple of these, but we'll just do 1 to start with |
| | | |
Line 46: |
Line 46: |
| </syntaxhighlight>I installed and configured some basic tools and settings to help manage and debug the server (Cockpit can be accessed at http://<ip address or name>:9090)<syntaxhighlight lang="bash"> | | </syntaxhighlight>I installed and configured some basic tools and settings to help manage and debug the server (Cockpit can be accessed at http://<ip address or name>:9090)<syntaxhighlight lang="bash"> |
| systemctl enable --now cockpit.socket | | systemctl enable --now cockpit.socket |
| + | systemctl start cockpit.socket |
| dnf config-manager --set-enabled powertools | | dnf config-manager --set-enabled powertools |
| dnf install epel-release | | dnf install epel-release |
Line 179: |
Line 180: |
| koji_make_cert.sh kojid | | koji_make_cert.sh kojid |
| koji_make_cert.sh kojiadmin | | koji_make_cert.sh kojiadmin |
− | </syntaxhighlight>Now we create the koji administration user (kojiadmin) and set up the certs.
| |
− |
| |
− | We need to be the kojiadmin user to get the right permissions when we copy over the required certs, so...<syntaxhighlight lang="bash">
| |
− | useradd kojiadmin
| |
− | su - kojiadmin
| |
− | mkdir ~/.koji
| |
− | cp /etc/pki/koji/kojiadmin.pem ~/.koji/client.crt # NOTE: It is IMPORTANT you use the PEM and NOT the CRT
| |
− | cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/clientca.crt
| |
− | cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/serverca.crt
| |
− | exit
| |
| </syntaxhighlight> | | </syntaxhighlight> |
− |
| |
| ====== Koji Hub ====== | | ====== Koji Hub ====== |
| Install koji hub and pre-requisites<syntaxhighlight lang="bash"> | | Install koji hub and pre-requisites<syntaxhighlight lang="bash"> |
Line 332: |
Line 322: |
| ;certificate of the CA that issued the HTTP server certificate | | ;certificate of the CA that issued the HTTP server certificate |
| serverca = ~/.koji/serverca.crt | | serverca = ~/.koji/serverca.crt |
− | </syntaxhighlight>Log in as kojiadmin and test the connection<syntaxhighlight lang="bash"> | + | </syntaxhighlight>Now we create the koji administration user (kojiadmin) and set up the certs. |
| + | |
| + | We need to be the kojiadmin user to get the right permissions when we copy over the required certs, so...<syntaxhighlight lang="bash"> |
| + | useradd kojiadmin |
| su - kojiadmin | | su - kojiadmin |
| + | mkdir ~/.koji |
| + | cp /etc/pki/koji/kojiadmin.pem ~/.koji/client.crt # NOTE: It is IMPORTANT you use the PEM and NOT the CRT |
| + | cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/clientca.crt |
| + | cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/serverca.crt |
| + | chmod 0600 ~/.koji/*.crt |
| + | </syntaxhighlight>Test the connection<syntaxhighlight lang="bash"> |
| koji moshimoshi | | koji moshimoshi |
| </syntaxhighlight>you should see<syntaxhighlight lang="bash"> | | </syntaxhighlight>you should see<syntaxhighlight lang="bash"> |