Prepare Trove Accounts
Set up ssh keys
Your Trove will need four different ssh keys to run. To generate these, run the following commands:
mkdir ssh_keys && cd ssh_keys
ssh-keygen -t rsa -b 2048 -f lorry.key -C lorry@$TROVE_HOST -N ''
ssh-keygen -t rsa -b 2048 -f worker.key -C worker@$TROVE_HOST -N ''
ssh-keygen -t rsa -b 2048 -f id_rsa -C trove-admin@$TROVE_HOST
Note:
-Nis used here to set the passphrase to the empty string: of the keys we're generating here, only thetrove-adminkey should have a passphrase.
worker.key is needed when the Trove is used as part of the Distbuild
distributed build system. In this setup the users of the Trove request builds
which are then executed by Distbuild worker nodes. The worker nodes need read
access to the Trove's repos, and they use the worker key to authenticate
themselves with the Trove.
trove-admin.key is for use by the Trove admin user, who is responsible for
managing the Trove's users and projects.
Note: you should keep these keys somewhere safe, you will need the worker keys if you later decide to deploy a distbuild network with your Trove.
Set up the upstream Trove user
If you want your Trove to be able to mirror private content from the upstream Trove then you will need to create a user on the upstream Trove with read access to all the projects you want to mirror in your downstream Trove, if you just want to mirror public content then you can safely skip this step.
You can add a user to the upstream Trove with Gitano using the following command:
ssh git@upstream.trove user add upstreamtroveuser \
upstreamtroveuser@example.com \
"Downstream Trove (<trove id>)"
You will also need to add the lorry.key public key you generated above to the
upstream Trove.
ssh git@upstream.trove as upstreamtroveuser \
sshkey add trove-id < ssh_keys/lorry.key.pub
Now the upstream Trove can be accessed by lorry as the user you just created.