Tech:Private Git: Difference between revisions
Jump to navigation
Jump to search
Content added Content deleted
imported>Addshore No edit summary |
imported>Addshore No edit summary |
||
Line 7: | Line 7: | ||
; Files stored |
; Files stored |
||
Only ops can commit to the repo via the root user. |
|||
The keypairs for the user 'git' are stored in the repo along with Orain's SSL cert and private key. The ansible variable file is also stored in the repo. Any files that should not be public but need to be available for either general or ansible operations can be stored. Only ops can commit to the repo via the root user. |
Revision as of 17:09, 27 March 2015
Orain's private git repo is stored on prod7 and is read-only by the user 'git' and commit only to the user 'root'.
- User 'git'
The git user is used to automatically update /root/private on all Orain servers and the account is authenticated via ssh by a private key stored in the private git repo (along with the public key as well). Ansible uses one of the keypairs from the private repo to authenticate to prod7 in order to download the latest code.
- Files stored
Only ops can commit to the repo via the root user.