# Cloning from any tailnet machine ## Prerequisites - The remote machine must be on your tailnet (registered + can ping `100.85.x.x`) - You must have an account on the Gitea instance (`http://git.klud.top`) - You must have an SSH key on the remote machine (`ssh-keygen` if you don't) ## Step 1: Add your SSH key to Gitea 1. Open `http://git.klud.top/user/settings/keys` in browser 2. Paste the content of `~/.ssh/id_ed25519.pub` (or `id_rsa.pub`) 3. Click "Add Key" ## Step 2: Test SSH reachability ```bash ssh -T git@thunderobot -p 222 # Expected output: "Hello from Gitea!\n\nPlease come over!" # If asked about fingerprint, type "yes" and press Enter ``` ## Step 3: Clone a repo ```bash # Using tea CLI tea repos clone --git-protocol ssh danchie/tekton # Or plain git git clone git@thunderobot:222/danchie/tekton.git ``` ## Troubleshooting - `ssh: connect to host thunderobot port 222: Connection refused` → Ensure the remote machine has `tailscale ping thunderobot` resolving to `100.93.226.13` → Ensure the host's port `222` is reachable from the remote (it's bound to `0.0.0.0:222` in Docker) - `Permission denied (publickey)` → Your SSH key wasn't added via Gitea web UI → Run `ssh-add ~/.ssh/id_ed25519` if you use an agent - `Host key verification failed` → Run `ssh -T git@thunderobot -p 222` interactively once to accept the fingerprint ## HTTPS is disabled `DISABLE_HTTP_GIT = true` is set on the server. All clones MUST use SSH. If you need to fetch via HTTPS for CI or other non-ssh environments, this must be remapped.