Line 29: |
Line 29: |
| | | |
| == Install == | | == Install == |
− | {{Note box|1=You can run everything (the hub, web and build) on the one server, just add build=<Hub FQDN> to the install-koji-farm.sh line.}} | + | {{Note box|1=You can run everything (the hub, web and build) on the one server, just run the script without any parameters.}} |
| | | |
| Create your hub, web and build servers (Rocky 8 minimal install). | | Create your hub, web and build servers (Rocky 8 minimal install). |
Line 46: |
Line 46: |
| ./install-koji-farm.sh | | ./install-koji-farm.sh |
| </syntaxhighlight> | | </syntaxhighlight> |
− | The install-koji-farm.sh script will accept multiple parameters (up to a total of 7)<syntaxhighlight lang="bash"> | + | The install-koji-farm.sh script will accept multiple parameters<syntaxhighlight lang="bash"> |
| install-koji-farm.sh [web=<web FQDN> | build=<build FQDN> | debug] | | install-koji-farm.sh [web=<web FQDN> | build=<build FQDN> | debug] |
| </syntaxhighlight> | | </syntaxhighlight> |
| | | |
| * web=<FQDN> - defaults to hub FQDN | | * web=<FQDN> - defaults to hub FQDN |
− | * build=<FQDN> - multiple allowed. If you want an All-in-One server (all services ion the one server), enter the Hub FQDN here | + | *build=<FQDN> - multiple allowed. |
− | * debug - will list each line executed, plus lots of other gunk (very noisy) | + | *debug - will list each line executed, plus lots of other gunk (very noisy) |
| | | |
| You will be prompted for various items | | You will be prompted for various items |
| | | |
− | * values for your ssl certificates (e.g. Country, State, City, Organization, Organisational Unit) | + | *values for your ssl certificates (e.g. Country, State, City, Organization, Organisational Unit) |
| * For the web server (unless it's the hub) | | * For the web server (unless it's the hub) |
− | ** to accept the build server signature | + | **to accept the build server signature |
− | ** for the root password on the Hub server | + | **for the root password on the web server |
− | *For each Build server (It will loop until a blank input) | + | *For each build server |
− | ** If you haven't passed build=<FQDN> as a parameter, the Build server FQDN (pressing enter for the first loop will use the Hub FQDN as an all-in-one server).
| + | **to accept the build server signature |
− | ** to accept the build server signature | + | **for the root password on the build server |
− | ** for the root password on the Hub server | |
| | | |
| The web interface will be available via http://<your hub server>/koji | | The web interface will be available via http://<your hub server>/koji |
| | | |
− | === Additional Build Servers === | + | ===Additional Build Servers=== |
| + | |
| | | |
| | | |
Line 74: |
Line 74: |
| </syntaxhighlight> | | </syntaxhighlight> |
| | | |
− | === Additional Users === | + | ===Additional Users=== |
− | You can add end Users via<syntaxhighlight lang="bash"> | + | You can add end Users via |
| + | <syntaxhighlight lang="bash"> |
| koji-add-user.sh <User Name> [ permission=<permission> | debug ] | | koji-add-user.sh <User Name> [ permission=<permission> | debug ] |
− | </syntaxhighlight>This will add them into the db and generate ssl CLI and browser keys, which will be bundled up in a tgz file at /etc/pki/koji/bundle/koji-\<User Name\>-bundle.tgz. | + | </syntaxhighlight> |
| + | This will add them into the db and generate ssl CLI and browser keys, which will be bundled up in a tgz file at /etc/pki/koji/bundle/koji-<User Name>-bundle.tgz. |
| | | |
− | This bundle should be extracted in their home (~) directory and will create a .koji directory with config and keys.<syntaxhighlight lang="bash"> | + | This bundle should be extracted in their home (~) directory and will create a .koji directory containing config and keys. |
| + | <syntaxhighlight lang="bash"> |
| cd ~ | | cd ~ |
| tar -zxf koji-<User Name>-bundle.tgz | | tar -zxf koji-<User Name>-bundle.tgz |
| </syntaxhighlight> | | </syntaxhighlight> |
| | | |
− | === The long way === | + | ===The long way === |
| | | |
− | ===== Hub/Web Server ===== | + | =====Hub/Web Server===== |
| OS: Rocky 8.8-minimal | | OS: Rocky 8.8-minimal |
| | | |
Line 116: |
Line 119: |
| </syntaxhighlight> | | </syntaxhighlight> |
| | | |
− | ===== SSL preparations ===== | + | =====SSL preparations===== |
| We'll be using ssl certificates so let's create the koji ssl working directories and edit the koji ssl config file | | We'll be using ssl certificates so let's create the koji ssl working directories and edit the koji ssl config file |
| | | |
Line 209: |
Line 212: |
| openssl req -config ssl.cnf -new -x509 -days 3650 -key private/koji_ca_cert.key -out koji_ca_cert.crt -extensions v3_ca | | openssl req -config ssl.cnf -new -x509 -days 3650 -key private/koji_ca_cert.key -out koji_ca_cert.crt -extensions v3_ca |
| </syntaxhighlight>You will have to enter your details, but make sure the commonName is the full server name (e.g. koji.koozali.org). | | </syntaxhighlight>You will have to enter your details, but make sure the commonName is the full server name (e.g. koji.koozali.org). |
| + | |
| | | |
| | | |
Line 241: |
Line 245: |
| koji_make_cert.sh kojiadmin | | koji_make_cert.sh kojiadmin |
| </syntaxhighlight> | | </syntaxhighlight> |
− | ====== Koji Hub ====== | + | ====== Koji Hub====== |
| Install koji hub and pre-requisites<syntaxhighlight lang="bash"> | | Install koji hub and pre-requisites<syntaxhighlight lang="bash"> |
| dnf install koji-hub mod_ssl | | dnf install koji-hub mod_ssl |
Line 248: |
Line 252: |
| dnf install koji | | dnf install koji |
| </syntaxhighlight> | | </syntaxhighlight> |
− | ====== POSTGRES setup ====== | + | ======POSTGRES setup====== |
| As root we need to do the initial config<syntaxhighlight lang="bash"> | | As root we need to do the initial config<syntaxhighlight lang="bash"> |
| postgresql-setup --initdb --unit postgresql | | postgresql-setup --initdb --unit postgresql |
Line 294: |
Line 298: |
| </syntaxhighlight> | | </syntaxhighlight> |
| | | |
− | ===== Koji hub setup ===== | + | =====Koji hub setup===== |
| We can now set up the hub itself. | | We can now set up the hub itself. |
| | | |
Line 340: |
Line 344: |
| </syntaxhighlight> | | </syntaxhighlight> |
| | | |
− | ===== Create the koji skeleton file system ===== | + | =====Create the koji skeleton file system===== |
| <syntaxhighlight lang="bash"> | | <syntaxhighlight lang="bash"> |
| cd /mnt | | cd /mnt |
Line 356: |
Line 360: |
| firewall-cmd --reload | | firewall-cmd --reload |
| </syntaxhighlight> | | </syntaxhighlight> |
− | ===== Koji CLI client ===== | + | ===== Koji CLI client===== |
| Let's configure the cli client. The system setting is in /etc/koji.conf, individual user settings can be set in ~/.koji/config<syntaxhighlight lang="bash"> | | Let's configure the cli client. The system setting is in /etc/koji.conf, individual user settings can be set in ~/.koji/config<syntaxhighlight lang="bash"> |
| nano /etc/koji.conf | | nano /etc/koji.conf |
Line 403: |
Line 407: |
| </syntaxhighlight> | | </syntaxhighlight> |
| | | |
− | ===== Koji Web Service ===== | + | =====Koji Web Service===== |
| Install the koji web components<syntaxhighlight lang="bash"> | | Install the koji web components<syntaxhighlight lang="bash"> |
| dnf install koji-web mod_ssl | | dnf install koji-web mod_ssl |
Line 451: |
Line 455: |
| </syntaxhighlight> | | </syntaxhighlight> |
| | | |
− | ==== Koji Build Servers ==== | + | ====Koji Build Servers==== |
| For this exercise I only created 1 build server. You can have as many as you like... | | For this exercise I only created 1 build server. You can have as many as you like... |
| | | |
Line 462: |
Line 466: |
| FQDN: build1.koozali.org | | FQDN: build1.koozali.org |
| | | |
− | ===== Koji Hub setup for build server ===== | + | =====Koji Hub setup for build server===== |
| First off, set up some items on the koji hub for your build server/s | | First off, set up some items on the koji hub for your build server/s |
| | | |
Line 494: |
Line 498: |
| </syntaxhighlight> | | </syntaxhighlight> |
| | | |
− | ===== Build Server setup ===== | + | =====Build Server setup===== |
| You'll need to set up your network: You can do this during the install or post install (ensure network activated, IP address, FQDN, Gateway, DNS) | | You'll need to set up your network: You can do this during the install or post install (ensure network activated, IP address, FQDN, Gateway, DNS) |
| | | |