this string has no description
alexia.starlightnet.work
tangled-knot-nogit.md
edited
1To get tangled.org's `knot server`/knotserver working without using
2the `git` user on a host, i.e because it's already taken by another
3piece of software (think `forgejo`), we have to do some additional
4steps in addition to their configuration guide.
5
6First off, when it tells you to create a new user, replace `git` with
7another user like `tangled` in the `useradd` command. I.e:
8
9```
10# useradd tangled
11```
12
13Then, when you're told to add a bit of configuration to your SSH
14Daemon Config, be sure to use something like this:
15
16```
17sudo tee /etc/ssh/sshd_config.d/authorized_keys_command.conf <<EOF
18Match User tangled
19 AuthorizedKeysCommand /usr/local/bin/knot keys -o authorized-keys -git-dir /home/tangled -log-dir /home/tangled/log
20 AuthorizedKeysCommandUser nobody
21EOF
22```
23
24Of course, making sure that `/home/tangled` and `User tangled` is
25replaced by your username of choice.
26
27Then, reload sshd as per usual. On systemd-powered systems this is
28done via `sudo systemctl reload sshd` or `sudo systemctl reload ssh`
29depending on what the service is named.
30
31Then, in your `$HOME/.knot.env` (with $HOME being from your preferred
32username), be sure to set `KNOT_REPO_SCAN_PATH=/home/git` accordingly.
33
34From there, also edit the systemd service to use your preferred user,
35i.e just replace `User=git` and any mention of `/home/git`.
36
37This *should* give you a working knotserver without using the `git`
38user.
39
40## NOTES
41
42Do note that you must use `tangled@knot.example.com...` or whatever
43your username is to push/pull.