The Fedora-ARM koji system uese HongKongIRAQ,an x86_64 system, as the Koji hub.

Setting Up a Koji primarily supports Kerberos and SSL Certificate authentication. For basic koji command line access, plain user/pass combinations are possible. However, kojiweb does not support plain user/pass authentication. Furthermore, once either Kerberos or SSL Certificate authentication is enabled so that kojiweb will work, the plain user/pass method will stop working entirely. As such plain user/pass authentication is a stop gap measure at best unless you intend to never setup a fully functional kojiweb instance.Build System

The Kerberos credentials of the initial admin user will be necessary Koji components may live on separate resources as long as all resources are able to bootstrap the user databasecommunicate.To understand koji configuration is an important in project.

1.[http://fedoraproject.org/wiki/Koji/ServerHowTo#Koji_Authentication_Selection Setting up * SSL Certificates for and authentication]via certificates* Creating a database in PostgreSQL and importing a schema* Working with psql* Apache configuration* Koji web and Koji hub

'''Second stagePackages'''

* httpd* mod_ssl* postgresql-server* mod_python (>= 3.3.1.Create Databasefor Kerberos authentication)

yum install postgresqlOn the builder (koji-serverbuilder)

3.Start On the Postgresql service with:Bootrapping the Koji build environment

The next steps is to create a user named “koji”, set up Postgresql and populate the schemaGoals for each release:

useradd koji passwd '''release 0.1 -d koji su - postgres createuser koji Shall the new role be a superuser? (y/n) n Shall the new role be allowed to create databases? (y/n) n Shall the new role be allowed to create more new roles?(y/n) nKoji Certificates '''

* Koji Hub ConfigurationCertificate generation* Generate CA* Generate the koji component certificates and the admin certificate* Copy certificates into ~/.koji for kojiadmin

After successfully installing '''release 0.2 - PostgreSQL and configuring Postgresql the next step is the Koji Hub.koji hub'''

In order for the Koji Hub to work Apache should be installed as well as a few additional modules'''release 0.2-1'''

{| class="wikitable" border="1"| yum install koji-hub httpd mod_ssl mod_python|'''release 0.2-2'''| |-| |-| Then edit the Apache conf file – ‘/etc/httpd/conf/httpd.conf’ and change the “MaxRequestsPerChild” to 100'''2.Koji hub'''|-| On IRAQ these setting were already in place as Apache was running and configured.|-| |-| Next edit the ‘/etc/* Install koji-hub/hub.conf’ file and add the following lines:|-* Required Configuration| DBName = koji* Optional Configuration|-* SELinux Configuration| DBUser = koji* Koji filesystem skeleton |-| DBHost = localhost|* 0.3 -'''Koji Web'''| KojiDir = /mnt/koji|'''release 0.3-1'''| LoginCreatesUser = On|-| KojiWebURL = http://iraq'''1.proximity.on.ca/kojikojiweb '''|-| Since we are using SSL for authentication, also add|* Install Koji-Web| * Required Configuration|-* Optional Configuration| DNUsernameComponent = CN|-| ProxyDNs = "/C=CA/ST=Ontario/O=Seneca CDOT/OU=/CN=kojiweb/emailAddress="|-| |-| And in the ‘/etc/httpd/conf'''2.d/kojihub.conf’ uncomment the following lines:Koji Builder'''|-| * Install kojid|-* Required Configuration| <Location /kojihub>* Optional Configuration (SSL certificates)|-| SSLOptions +StdEnvVars|-| </Location>|-| |-| Using * Add the Koji certificates, we need to add host entry for the following lines to ‘/etc/httpd/conf.d/ssl.conf’, under the section ‘VirtualHost _default_:443′:|-| |-| SSLCertificateFile /etc/pki/koji/certs/kojihub.crt|-| SSLCertificateKeyFile /etc/pki/koji/certs/kojihub.key|-| SSLCertificateChainFile /etc/pki/koji/koji_ca_cert.crt|-| SSLCACertificateFile /etc/pki/koji/koji_ca_cert.crt|-| SSLVerifyClient require|-| SSLVerifyDepth 10|-| Even though SE Linux is not currently in use on IRAQ,|-| it may be in the future. In order to allow Apache to connect builder to the Postgresql database run * Add the following command as root:|-| |-| setsebool -P httpd_can_network_connect_db 1|-| To allow Koji to work, a skeleton filesystem needs host to be created and the ownershipcreaterepo channel|-* A note on capacity| changed so Apache can write to it as required. The following commands were executed:* Start Kojid |-| |-| mkdir -p /mnt/koji/{packages,repos,work,scratch}|-| chown -R apache'''3.apache /mnt/koji|-| Then edited the kojira''/etc/koji.conf' file and changed the following lines:|-| * Install kojira|-* Required Configuration| ;url of XMLRPC server* Optional Configuration|-| server = http://iraqong.proximity.on.ca/koji|-| ;url of package download site|-| pkgurl = http://iraq.proximity.on.ca/packages|-| ;path to * Add the koji top directory|-| topdir = /mnt/koji|-| ;configuration user entry for SSL athentication|-| ;client certificate|-| cert = ~/.koji/client.crt|-| ;certificate of the CA that issued the client certificate|-| ca = ~/.koji/clientca.crt|-| ;certificate of the CA that issued the HTTP server certificate|-| serverca = ~/.koji/serverca.crt|-| After this is competed, the final step is the addition of the user and builder accounts. First add the kojira account and grant repo privileges with the following command( this should be done before running kojira for the first time) :|-| |-| su - kojiadmin|-| koji add-user kojira|-* Start Kojira| koji grant-permission repo kojira|-| |-| Then add as many builders as required using the following commands editing where required (this should also be done prior to running kojid on each host):|-| |-| koji add-host arm-001-001 arm|-| koji add-host arm-001-002 arm|-| koji add-host arm-001-003 arm|-| |-| == Project Plan ==|-| |-| Goals for each '''release:|-| * 0.1 3- 2'''Koji Certificates '''|-| Koji Hub setup - Certificates/security|-| * 0.2 - '''Koji Hub setup and Koji Database2. Test kojiweb'''|-| Koji Hub Setup- Configuration|-* User account| To setup PostgreSQL for use with Koji|-| * 0.3 - '''Koji Web'''Build packages|-| Build software with koji hub|-| == Project News ==|-| |-| 1,November I will do Project Plan 0.1- I set up Koji Certificates|-| |-| 5,November I did build and create Koji Certifacation on IRAQ server.|-| |-| 19,November I set up Koji Database.|-| |-| 26,November I set Setting up Postgresql server for Koji hub Configurationpart 1 |-6,Dec Setting up Postgresql server for Koji part two| |-16,Dev setting up Koji hub and Koji web,| == Resources ==|-| |-| [http://zenit.senecac.on.ca/wiki/index.php/Fedora_Arm_Secondary_Architecture/Koji_Certificates How to get koji certificate?]|-| |-| [http://zenit.senecac.on.ca/wiki/index.php/CDOT_Development_Systems Configuration of CDOT_Development system]|-| |-| [http://fedoraproject.org/wiki/Koji How To Setting up and Using Koji on Fedora]|-| |-| [http://developer.postgresql.org/pgdocs/postgres/index.html PostgreSQL9.1 devel Document]|-| |-| [http://fedoraproject.org/wiki/Koji/ServerHowTo#PostgreSQL_Server PostgreSQL_Server]|-| [http://fedoraproject.org/wiki/Koji/ServerBootstrap importing packages and preparing Koji to run builds] |}[http://fedoraproject.org/wiki/Koji/ExternalRepoServerBootstrap External Repos and preparing Koji to run builds]