Files
tekton/GIT_CLONE_TUTORIAL.md
T
adtpdn ccd759da45
CI / Run Tests (push) Failing after 3s
CI / Export Windows (push) Has been skipped
CI / Export Linux (push) Has been skipped
CI / Export Android (push) Has been skipped
Test Suite / Unit Tests (GUT) (push) Failing after 2s
Test Suite / Integration Tests (push) Failing after 2s
Test Suite / Code Style Check (push) Failing after 2s
Test Suite / Security Scan (push) Failing after 58s
CI / Create Release (push) Has been skipped
Add SSH clone tutorial for tailnet users via README
2026-07-02 01:18:54 +08:00

43 lines
1.5 KiB
Markdown

# Cloning from any tailnet machine
## Prerequisites
- The remote machine must be on your tailnet (registered + can ping `100.85.x.x`)
- You must have an account on the Gitea instance (`http://git.klud.top`)
- You must have an SSH key on the remote machine (`ssh-keygen` if you don't)
## Step 1: Add your SSH key to Gitea
1. Open `http://git.klud.top/user/settings/keys` in browser
2. Paste the content of `~/.ssh/id_ed25519.pub` (or `id_rsa.pub`)
3. Click "Add Key"
## Step 2: Test SSH reachability
```bash
ssh -T git@thunderobot -p 222
# Expected output: "Hello from Gitea!\n\nPlease come over!"
# If asked about fingerprint, type "yes" and press Enter
```
## Step 3: Clone a repo
```bash
# Using tea CLI
tea repos clone --git-protocol ssh danchie/tekton
# Or plain git
git clone git@thunderobot:222/danchie/tekton.git
```
## Troubleshooting
- `ssh: connect to host thunderobot port 222: Connection refused`
→ Ensure the remote machine has `tailscale ping thunderobot` resolving to `100.93.226.13`
→ Ensure the host's port `222` is reachable from the remote (it's bound to `0.0.0.0:222` in Docker)
- `Permission denied (publickey)`
→ Your SSH key wasn't added via Gitea web UI
→ Run `ssh-add ~/.ssh/id_ed25519` if you use an agent
- `Host key verification failed`
→ Run `ssh -T git@thunderobot -p 222` interactively once to accept the fingerprint
## HTTPS is disabled
`DISABLE_HTTP_GIT = true` is set on the server. All clones MUST use SSH.
If you need to fetch via HTTPS for CI or other non-ssh environments, this must be remapped.