2
1
Fork 0
mirror of https://git.savannah.gnu.org/git/gnuboot.git synced 2025-01-07 16:17:41 +01:00
gnuboot/website-build/README
Adrien 'neox' Bourmault e4d60c72d3
website-build/README: fix ssh configuration for deployment
The previous configuration was more complicated and required two steps each
time one tried to deploy the website. The new configuration makes use of
the ProxyJump feature to allow deploying in only one step.

Signed-off-by: Adrien 'neox' Bourmault <neox@gnu.org>
GNUtoo: fixed line over 80 characters.
Acked-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-11-30 18:51:22 +01:00

98 lines
3.6 KiB
Text

== Introduction ==
This project enables to easily build and deploy the GNU Boot website
with very few commands.
If you want to test your own modifications, you either need to use the
configure options to use external repositories that have your
modifications, or you could also modify the build.sh script to use
different git repositories and/or revisions.
== Local deployments ==
Here's how to deploy the website in a local webserver:
$ ./autogen.sh
$ ./configure
$ make test
Then you can point a browser to http://localhost:8080/software/gnuboot/web/
== Deployment on https://gnu.org/software/gnuboot/ ==
The deployment to https://gnu.org/software/gnuboot/ uses rsync. As
gnu.org machine is behind a firewall, so you need to workaround
that.
A way to do that is to get a shell account on fencepost.gnu.org, and
use SSH to forward the connection to gnu.org. This can be done with
something like that in your SSH configuration:
Host fencepost.gnu.org
User USERNAME
Host gnu.org
User wwwcvs
ProxyJump fencepost.gnu.org
In the example above you will need to adjust the fencepost USERNAME,
and modify it to suit your SSH setup if needed (for instance if you
use keys in different locations, etc). Of course, you'll have to get
access to gnu.org ssh server too.
See https://www.gnu.org/software/README.accounts.html for more details
about Fencepost accounts, the SSH fingerprints, etc.
For gnu.org, it's easier if you use an ED25519 key for gnu.org as I
have the fingerprints below. See [1] for other options.
To check that everything is setup you can then SSH into gnu.org:
$ ssh gnu.org
The authenticity of host '[127.0.0.1]:2224 ([127.0.0.1]:2224)' can't be established.
ED25519 key fingerprint is SHA256:pmCf0NrBzSSYfg6DdgmlMzPWZzGpXXcPEz6LP1+o5Jc.
This host key is known by the following other names/addresses:
~/.ssh/known_hosts:306: [127.0.0.1]:4444
Are you sure you want to continue connecting (yes/no/[fingerprint])?
You can then confirm by pasting the fingerprint like that[2]:
Are you sure you want to continue connecting (yes/no/[fingerprint])? SHA256:pmCf0NrBzSSYfg6DdgmlMzPWZzGpXXcPEz6LP1+o5Jc
Warning: Permanently added '[127.0.0.1]:2224' (ED25519) to the list of known hosts.
Note that it is normal for the connection to gnu.org to block at this
point. You can exit it with the Ctrl+D or Ctrl+C key combinations.
At this point everything is setup.
To deploy the website, use the following commands from the website-build
directory:
$ ./autogen.sh
$ ./configure
$ make deploy
Then you can point a browser to https://gnu.org/software/gnuboot/web/
References:
-----------
[1]If you want to use RSA the easiest way is probably to contact the
FSF system administrator that will install your key on #fsfsys and
also ask that person for the server fingerprint. In that case it
would be a good idea to also contribute a patch to add the
fingerprint here.
[2]The 'SHA256:pmCf0NrBzSSYfg6DdgmlMzPWZzGpXXcPEz6LP1+o5Jc'
fingerprint was confirmed to me the 24 October 2023 on the #fsfsys
IRC channel on liberachat by Ian Kelling, a system administrator
that has access to the gnu.org machine: "18:07 < iank> i see that
SHA256:pmCf0NrBzSSYfg6DdgmlMzPWZzGpXXcPEz6LP1+o5Jc exists on the
server".
== Dependencies ==
* autoconf
* automake
* coreutils
* guix
* lighttpd: optional: for testing the website if you don't have Guix.
* make
* tar
== License ==
This project is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.