Changes

From SME Server
Jump to navigationJump to search
344 bytes removed ,  03:38, 26 September 2023
Line 29: Line 29:     
== Install ==
 
== Install ==
{{Note box|1=You can run everything (the hub, web and build) on the one server, just add build=<Hub FQDN> to the install-koji-farm.sh line.}}
+
{{Note box|1=You can run everything (the hub, web and build) on the one server, just run the script without any parameters.}}
    
Create your hub, web and build servers (Rocky 8 minimal install).
 
Create your hub, web and build servers (Rocky 8 minimal install).
Line 46: Line 46:  
./install-koji-farm.sh
 
./install-koji-farm.sh
 
</syntaxhighlight>
 
</syntaxhighlight>
The install-koji-farm.sh script will accept multiple parameters (up to a total of 7)<syntaxhighlight lang="bash">
+
The install-koji-farm.sh script will accept multiple parameters<syntaxhighlight lang="bash">
 
install-koji-farm.sh [web=<web FQDN> | build=<build FQDN> | debug]
 
install-koji-farm.sh [web=<web FQDN> | build=<build FQDN> | debug]
 
</syntaxhighlight>
 
</syntaxhighlight>
    
* web=<FQDN> - defaults to hub FQDN
 
* web=<FQDN> - defaults to hub FQDN
* build=<FQDN> - multiple allowed. If you want an All-in-One server (all services ion the one server), enter the Hub FQDN here
+
*build=<FQDN> - multiple allowed.
* debug - will list each line executed, plus lots of other gunk (very noisy)
+
*debug - will list each line executed, plus lots of other gunk (very noisy)
    
You will be prompted for various items
 
You will be prompted for various items
   −
* values for your ssl certificates (e.g. Country, State, City, Organization, Organisational Unit)
+
*values for your ssl certificates (e.g. Country, State, City, Organization, Organisational Unit)
 
* For the web server (unless it's the hub)
 
* For the web server (unless it's the hub)
** to accept the build server signature
+
**to accept the build server signature
** for the root password on the Hub server
+
**for the root password on the web server
*For each Build server (It will loop until a blank input)
+
*For each build server
** If you haven't passed build=<FQDN> as a parameter, the Build server FQDN (pressing enter for the first loop will use the Hub FQDN as an all-in-one server).
+
**to accept the build server signature
** to accept the build server signature
+
**for the root password on the build server
** for the root password on the Hub server
      
The web interface will be available via http://<your hub server>/koji
 
The web interface will be available via http://<your hub server>/koji
   −
=== Additional Build Servers ===
+
===Additional Build Servers===
 +
 
      Line 74: Line 74:  
</syntaxhighlight>
 
</syntaxhighlight>
   −
=== Additional Users ===
+
===Additional Users===
You can add end Users via<syntaxhighlight lang="bash">
+
You can add end Users via
 +
<syntaxhighlight lang="bash">
 
koji-add-user.sh <User Name> [ permission=<permission> | debug ]
 
koji-add-user.sh <User Name> [ permission=<permission> | debug ]
</syntaxhighlight>This will add them into the db and generate ssl CLI and browser keys, which will be bundled up in a tgz file at /etc/pki/koji/bundle/koji-\<User Name\>-bundle.tgz.
+
</syntaxhighlight>
 +
This will add them into the db and generate ssl CLI and browser keys, which will be bundled up in a tgz file at /etc/pki/koji/bundle/koji-<User Name>-bundle.tgz.
   −
This bundle should be extracted in their home (~) directory and will create a .koji directory with config and keys.<syntaxhighlight lang="bash">
+
This bundle should be extracted in their home (~) directory and will create a .koji directory containing config and keys.
 +
<syntaxhighlight lang="bash">
 
cd ~
 
cd ~
 
tar -zxf koji-<User Name>-bundle.tgz
 
tar -zxf koji-<User Name>-bundle.tgz
 
</syntaxhighlight>
 
</syntaxhighlight>
   −
=== The long way ===
+
===The long way ===
   −
===== Hub/Web Server =====
+
=====Hub/Web Server=====
 
OS: Rocky 8.8-minimal
 
OS: Rocky 8.8-minimal
   Line 116: Line 119:  
</syntaxhighlight>
 
</syntaxhighlight>
   −
===== SSL preparations =====
+
=====SSL preparations=====
 
We'll be using ssl certificates so let's create the koji ssl working directories and edit the koji ssl config file
 
We'll be using ssl certificates so let's create the koji ssl working directories and edit the koji ssl config file
   Line 209: Line 212:  
openssl req -config ssl.cnf -new -x509 -days 3650 -key private/koji_ca_cert.key -out koji_ca_cert.crt -extensions v3_ca
 
openssl req -config ssl.cnf -new -x509 -days 3650 -key private/koji_ca_cert.key -out koji_ca_cert.crt -extensions v3_ca
 
</syntaxhighlight>You will have to enter your details, but make sure the commonName is the full server name (e.g. koji.koozali.org).
 
</syntaxhighlight>You will have to enter your details, but make sure the commonName is the full server name (e.g. koji.koozali.org).
 +
      Line 241: Line 245:  
koji_make_cert.sh kojiadmin
 
koji_make_cert.sh kojiadmin
 
</syntaxhighlight>
 
</syntaxhighlight>
====== Koji Hub ======
+
====== Koji Hub======
 
Install koji hub and pre-requisites<syntaxhighlight lang="bash">
 
Install koji hub and pre-requisites<syntaxhighlight lang="bash">
 
dnf install koji-hub mod_ssl
 
dnf install koji-hub mod_ssl
Line 248: Line 252:  
dnf install koji
 
dnf install koji
 
</syntaxhighlight>
 
</syntaxhighlight>
====== POSTGRES setup ======
+
======POSTGRES setup======
 
As root we need to do the initial config<syntaxhighlight lang="bash">
 
As root we need to do the initial config<syntaxhighlight lang="bash">
 
postgresql-setup --initdb --unit postgresql
 
postgresql-setup --initdb --unit postgresql
Line 294: Line 298:  
</syntaxhighlight>
 
</syntaxhighlight>
   −
===== Koji hub setup =====
+
=====Koji hub setup=====
 
We can now set up the hub itself.
 
We can now set up the hub itself.
   Line 340: Line 344:  
</syntaxhighlight>
 
</syntaxhighlight>
   −
===== Create the koji skeleton file system =====
+
=====Create the koji skeleton file system=====
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
 
cd /mnt
 
cd /mnt
Line 356: Line 360:  
firewall-cmd --reload
 
firewall-cmd --reload
 
</syntaxhighlight>
 
</syntaxhighlight>
===== Koji CLI client =====
+
===== Koji CLI client=====
 
Let's configure the cli client. The system setting is in /etc/koji.conf, individual user settings can be set in ~/.koji/config<syntaxhighlight lang="bash">
 
Let's configure the cli client. The system setting is in /etc/koji.conf, individual user settings can be set in ~/.koji/config<syntaxhighlight lang="bash">
 
nano /etc/koji.conf
 
nano /etc/koji.conf
Line 403: Line 407:  
</syntaxhighlight>
 
</syntaxhighlight>
   −
===== Koji Web Service =====
+
=====Koji Web Service=====
 
Install the koji web components<syntaxhighlight lang="bash">
 
Install the koji web components<syntaxhighlight lang="bash">
 
dnf install koji-web mod_ssl
 
dnf install koji-web mod_ssl
Line 451: Line 455:  
</syntaxhighlight>
 
</syntaxhighlight>
   −
==== Koji Build Servers ====
+
====Koji Build Servers====
 
For this exercise I only created 1 build server. You can have as many as you like...
 
For this exercise I only created 1 build server. You can have as many as you like...
   Line 462: Line 466:  
FQDN: build1.koozali.org
 
FQDN: build1.koozali.org
   −
===== Koji Hub setup for build server =====
+
=====Koji Hub setup for build server=====
 
First off, set up some items on the koji hub for your build server/s
 
First off, set up some items on the koji hub for your build server/s
   Line 494: Line 498:  
</syntaxhighlight>
 
</syntaxhighlight>
   −
===== Build Server setup =====
+
=====Build Server setup=====
 
You'll need to set up your network: You can do this during the install or post install (ensure network activated, IP address, FQDN, Gateway, DNS)  
 
You'll need to set up your network: You can do this during the install or post install (ensure network activated, IP address, FQDN, Gateway, DNS)  
  
381

edits

Navigation menu