384
edits
Changes
From SME Server
Jump to navigationJump to search→Hub/Web Server
Line 21:
Line 21:
</syntaxhighlight>Now we create the koji administration user (kojiadmin) and set up the certs.
−We need to be the kojiadmin user to get the right permissions when we copy over the required certs, so...<syntaxhighlight lang="bash">
−useradd kojiadmin
−su - kojiadmin
−mkdir ~/.koji
−cp /etc/pki/koji/kojiadmin.pem ~/.koji/client.crt # NOTE: It is IMPORTANT you use the PEM and NOT the CRT
−cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/clientca.crt
−cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/serverca.crt
−exit
In our build, we will have only 2 servers.
In our build, we will have only 2 servers.
−* hub - which will run the hub, web, build daemon and def|Yum repository daemon
+* hub - which will run the hub, web and dnf|Yum repository daemon
* build server - there can be multiple of these, but we'll just do 1 to start with
* build server - there can be multiple of these, but we'll just do 1 to start with
Line 46:
Line 46:
</syntaxhighlight>I installed and configured some basic tools and settings to help manage and debug the server (Cockpit can be accessed at http://<ip address or name>:9090)<syntaxhighlight lang="bash">
</syntaxhighlight>I installed and configured some basic tools and settings to help manage and debug the server (Cockpit can be accessed at http://<ip address or name>:9090)<syntaxhighlight lang="bash">
systemctl enable --now cockpit.socket
systemctl enable --now cockpit.socket
+systemctl start cockpit.socket
dnf config-manager --set-enabled powertools
dnf config-manager --set-enabled powertools
dnf install epel-release
dnf install epel-release
Line 179:
Line 180:
koji_make_cert.sh kojid
koji_make_cert.sh kojid
koji_make_cert.sh kojiadmin
koji_make_cert.sh kojiadmin
−</syntaxhighlight>
</syntaxhighlight>
−====== Koji Hub ======
====== Koji Hub ======
Install koji hub and pre-requisites<syntaxhighlight lang="bash">
Install koji hub and pre-requisites<syntaxhighlight lang="bash">
Line 332:
Line 322:
;certificate of the CA that issued the HTTP server certificate
;certificate of the CA that issued the HTTP server certificate
serverca = ~/.koji/serverca.crt
serverca = ~/.koji/serverca.crt
−</syntaxhighlight>Log in as kojiadmin and test the connection<syntaxhighlight lang="bash">
+</syntaxhighlight>Now we create the koji administration user (kojiadmin) and set up the certs.
+We need to be the kojiadmin user to get the right permissions when we copy over the required certs, so...<syntaxhighlight lang="bash">
+useradd kojiadmin
su - kojiadmin
su - kojiadmin
+mkdir ~/.koji
+cp /etc/pki/koji/kojiadmin.pem ~/.koji/client.crt # NOTE: It is IMPORTANT you use the PEM and NOT the CRT
+cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/clientca.crt
+cp /etc/pki/koji/koji_ca_cert.crt ~/.koji/serverca.crt
+chmod 0600 ~/.koji/*.crt
+</syntaxhighlight>Test the connection<syntaxhighlight lang="bash">
koji moshimoshi
koji moshimoshi
</syntaxhighlight>you should see<syntaxhighlight lang="bash">
</syntaxhighlight>you should see<syntaxhighlight lang="bash">
