setup_guide.md file updated with gpg keys featuers

58b8c9e9 · Bashir · 5aee73d3 · 58b8c9e9
Commit 58b8c9e9 authored Jan 20, 2021 by Bashir
Hide whitespace changes
Inline Side-by-side

Showing with 23 additions and 2 deletions

setup_guide.md aptly/setup_guide.md +23 -2

No files found.
--- a/aptly/setup_guide.md
+++ b/aptly/setup_guide.md
@@ -7,6 +7,16 @@
 - Debian

 # Current setup (Read carefully)
+
+First run the aptly continer and note down the network name of the aptly container. That network name must be updated into the gitlab-runner container docker compose file like below:
+```
+networks:
+  default:
+    external:
+      # Name of the aptly container's network
+      name: aptly_default   # Verify this every time
+```
+
 The current setup allows to setup aptly with gitlab to create a self-sufficient
 Debian repo hosting system.
 As of writing this document, the setup is being done on an internal machine
@@ -46,11 +56,19 @@ On Aptly container:
 2. Create `/opt/watchdog` and then `/opt/watchdog/watches.
 3. After any successful package build, publish the repos again.
 4. ssh public key copied from gitlab-runner container 
-   should be placed under /root/.ssh/authorized_hosts
+   should be placed under /root/.ssh/authorized_keys
   make sure the permission of the authorized_hosts file by running 
-   `$ chmod 600 authorized_hosts`
+   `$ chmod 600 authorized_keys`
 5. Make sure the ssh service is running if not start it by
   `service ssh start`
+6. Enable ssh-keybased access from ssh configuration file so that gitlab-runner can connect with aptly container via ssh.
+7. If you are using external gpg key which are created on any other machine than we must import that keys via below method so we need to change the directory where we have these files and then need to run below comand and if promted for passowrd then enter the passphrase which we used to create the gpg key pair on the other machine:
+   For private key import -  `gpg --import private.key`
+   For public key import - `gpg --import public.key`
+   For trustowner key import - `gpg --import-trustowner trustowner.key`
+8. We must copy the public key file to /opt/aptly/public/aptly_repo_signing.key  file (if we are using an external gpg key pair with our setup) as this would let the client to download the file to install the key into their machine.
+
+Note: If in case you face any issue while importing the keys then consider to update the version of gpg(GnuPG) tool.		


 On GitLab container:
@@ -69,7 +87,10 @@ On GitLab container:
 4. switch to gitlab-runner user and create a sshkey by running
   `$ ssh-keygen`
 5. copy the public key to aptly container 
+6. Just to verify that ssh thing is working fine switch to gitlab-runner user and run below command:
+   `ssh root@aptly`

+After performing these essential steps on both the containers then we are good to go with aptly repo & snapshot create and publish.

 ## Things to take care of
 1. Make sure there is only one GPG key on the system.