From ccd759da45c38f86a80c9b06fd7b1b177dcf398c Mon Sep 17 00:00:00 2001 From: adtpdn Date: Thu, 2 Jul 2026 01:18:54 +0800 Subject: [PATCH] Add SSH clone tutorial for tailnet users via README --- GIT_CLONE_TUTORIAL.md | 43 ++++++++++++++++++++++++++++++++++++++++++ README.md | 44 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+) create mode 100644 GIT_CLONE_TUTORIAL.md diff --git a/GIT_CLONE_TUTORIAL.md b/GIT_CLONE_TUTORIAL.md new file mode 100644 index 0000000..6bc58ba --- /dev/null +++ b/GIT_CLONE_TUTORIAL.md @@ -0,0 +1,43 @@ +# Cloning from any tailnet machine + +## Prerequisites +- The remote machine must be on your tailnet (registered + can ping `100.85.x.x`) +- You must have an account on the Gitea instance (`http://git.klud.top`) +- You must have an SSH key on the remote machine (`ssh-keygen` if you don't) + +## Step 1: Add your SSH key to Gitea +1. Open `http://git.klud.top/user/settings/keys` in browser +2. Paste the content of `~/.ssh/id_ed25519.pub` (or `id_rsa.pub`) +3. Click "Add Key" + +## Step 2: Test SSH reachability +```bash +ssh -T git@thunderobot -p 222 +# Expected output: "Hello from Gitea!\n\nPlease come over!" +# If asked about fingerprint, type "yes" and press Enter +``` + +## Step 3: Clone a repo +```bash +# Using tea CLI +tea repos clone --git-protocol ssh danchie/tekton + +# Or plain git +git clone git@thunderobot:222/danchie/tekton.git +``` + +## Troubleshooting +- `ssh: connect to host thunderobot port 222: Connection refused` + → Ensure the remote machine has `tailscale ping thunderobot` resolving to `100.93.226.13` + → Ensure the host's port `222` is reachable from the remote (it's bound to `0.0.0.0:222` in Docker) + +- `Permission denied (publickey)` + → Your SSH key wasn't added via Gitea web UI + → Run `ssh-add ~/.ssh/id_ed25519` if you use an agent + +- `Host key verification failed` + → Run `ssh -T git@thunderobot -p 222` interactively once to accept the fingerprint + +## HTTPS is disabled +`DISABLE_HTTP_GIT = true` is set on the server. All clones MUST use SSH. +If you need to fetch via HTTPS for CI or other non-ssh environments, this must be remapped. \ No newline at end of file diff --git a/README.md b/README.md index 71e89ca..25c94c7 100644 --- a/README.md +++ b/README.md @@ -3,3 +3,47 @@ > Full developer documentation lives in this repo's **wiki** (sidebar link). > > See in particular: [Skin Creation Workflow](./Skin-Creation-Workflow), [Nakama Deployment](./Nakama-Deployment), and [Patch Release Workflow](./Patch-Release-Workflow). + +# Cloning from any tailnet machine + +## Prerequisites +- The remote machine must be on your tailnet (registered + can ping `100.85.x.x`) +- You must have an account on the Gitea instance (`http://git.klud.top`) +- You must have an SSH key on the remote machine (`ssh-keygen` if you don't) + +## Step 1: Add your SSH key to Gitea +1. Open `http://git.klud.top/user/settings/keys` in browser +2. Paste the content of `~/.ssh/id_ed25519.pub` (or `id_rsa.pub`) +3. Click "Add Key" + +## Step 2: Test SSH reachability +```bash +ssh -T git@thunderobot -p 222 +# Expected output: "Hello from Gitea!\n\nPlease come over!" +# If asked about fingerprint, type "yes" and press Enter +``` + +## Step 3: Clone a repo +```bash +# Using tea CLI +tea repos clone --git-protocol ssh danchie/tekton + +# Or plain git +git clone git@thunderobot:222/danchie/tekton.git +``` + +## Troubleshooting +- `ssh: connect to host thunderobot port 222: Connection refused` + → Ensure the remote machine has `tailscale ping thunderobot` resolving to `100.93.226.13` + → Ensure the host's port `222` is reachable from the remote (it's bound to `0.0.0.0:222` in Docker) + +- `Permission denied (publickey)` + → Your SSH key wasn't added via Gitea web UI + → Run `ssh-add ~/.ssh/id_ed25519` if you use an agent + +- `Host key verification failed` + → Run `ssh -T git@thunderobot -p 222` interactively once to accept the fingerprint + +## HTTPS is disabled +`DISABLE_HTTP_GIT = true` is set on the server. All clones MUST use SSH. +If you need to fetch via HTTPS for CI or other non-ssh environments, this must be remapped. \ No newline at end of file