On 2009-07-25 03:53:23 AM, Jesse Keating wrote:
There is a bridge that clients communicate with (and I'm thinking of forcing this through an ssh tunnel through bastion) and that interacts with koji. There is also the server itself that has the gpg keys on it and does the signing action. The server initiates a connection to the bridge, so only the bridge has to listen for connections.
I think I have this mostly setup right, but I'd like some more eyes on it before I commit. Thanks!
Looks excellent to me, my only two comments are that you might want to make the files:
/var/lib/sigul/.fedora-server-ca.cert /var/lib/sigul/.fedora.cert
require => Package["sigul"],
as well since they require the /var/lib/sigul directory (which I assume is provided by the package).
Thanks, Ricky