setting up a tangled.sh knot, draft 1

@oppili.bsky.social · 12d ago · plaintext · 52 loc · raw · 0 comments
1setting up a knot (until we dockerize/nix it):23grab binaries:4--------------56    git clone https://tangled.sh/@tangled.sh/core; cd core78    go build ./cmd/knotserver    # serves your git repos9    go build ./cmd/keyfetch      # exposes pubkeys to sshd10    go build ./cmd/repoguard     # enforces RBAC rules etc on your knot111213setting up knotserver:14----------------------1516you need to configure these env vars:1718    KNOT_REPO_SCAN_PATH=/home/git          # create a `git` user preferably19    KNOT_SERVER_HOSTNAME=knot.my.domain20    APPVIEW_ENDPOINT=https://tangled.sh21    KNOT_SERVER_SECRET=<you will get a secret in a later step>22    KNOT_SERVER_INTERNAL_LISTEN_ADDR=127.0.0.1:544423    KNOT_SERVER_LISTEN_ADDR=127.0.0.1:5555242526setting up keyfetch:27--------------------2829add this to your /etc/ssh/sshd_config:3031    Match User git32        AuthorizedKeysCommand /path/to/bin/keyfetch33        AuthorizedKeysCommandUser nobody343536setting up repoguard:37---------------------3839keyfetch looks for the repoguard binary in /home/git/repoguard by default.40you can plop it in there.414243finally, head to tangled.sh:4445- click on your handle on the topbar > knots > enter your KNOT_SERVER_HOSTNAME,46  and hit register. you will see a secret key.47- plug the secret key into KNOT_SERVER_SECRET above and start your knotserver48- back on tangled.sh, click on `initialize`, and if everything went okay, you should see 49  "check success"50- now, you can hit the `+` on the topbar, and you should see your knot as an available51  destination for your repo!52