Manually configure git when syncing templates (#3243)

* Manually add Git config for template sync Without these steps, `sudo -u foreman git config --global` fails with this error: error: could not lock config file /usr/share/foreman/.gitconfig: Permission denied * Minor edits and clarifications --------- Co-authored-by: Maximilian Kolb <[email protected]> (cherry picked from commit 9db6c8b)
theforeman · Sep 3, 2024 · cfd432d · cfd432d
1 parent 763d727
commit cfd432d
Showing 1 changed file with 24 additions and 5 deletions.
diff --git a/...es/common/modules/proc_synchronizing-templates-with-an-existing-repository.adoc b/...es/common/modules/proc_synchronizing-templates-with-an-existing-repository.adoc
@@ -4,25 +4,44 @@
 Use this procedure to synchronize templates between your {ProjectServer} and an existing repository.
 
 .Procedure
-. If you want to use HTTPS to connect to the repository and you use a self-signed certificate authentication on your Git server, validate the certificate:
+. If you want to use HTTPS to connect to the repository and you use a self-signed certificate authority (CA) on your Git server:
+.. Create a new directory under the `/usr/share/foreman/` directory to store the Git configuration for the certificate:
 +
 [options="nowrap" subs="+quotes,verbatim,attributes"]
 ----
-# sudo -u foreman git config --global http.sslCAPath _Path_To_My_Certificate_
+# mkdir --parents /usr/share/foreman/.config/git
 ----
-. If you want to use SSH to connect to the repository, perform the following steps:
+.. Create a file named `config` in the new directory:
++
+[options="nowrap" subs="+quotes,verbatim,attributes"]
+----
+# touch /usr/share/foreman/.config/git/config
+----
+.. Allow the `foreman` user access to the `.config` directory:
++
+[options="nowrap" subs="+quotes,verbatim,attributes"]
+----
+# chown --recursive foreman /usr/share/foreman/.config
+----
+.. Update the Git global configuration for the `foreman` user with the path to your self-signed CA certificate:
++
+[options="nowrap" subs="+quotes,verbatim,attributes"]
+----
+# sudo --user foreman git config --global http.sslCAPath _Path_To_CA_Certificate_
+----
+. If you want to use SSH to connect to the repository:
 .. Create an SSH key pair if you do not already have it.
 Do not specify a passphrase.
 +
 ----
-# sudo -u foreman ssh-keygen
+# sudo --user foreman ssh-keygen
 ----
 .. Configure your version control server with the public key from your {Project}, which resides in `/usr/share/foreman/.ssh/id_rsa.pub`.
 .. Accept the Git SSH host key as the `foreman` user:
 +
 [subs="+quotes"]
 ----
-# sudo -u foreman ssh _git.example.com_
+# sudo --user foreman ssh _git.example.com_
 ----
 . Configure the TemplateSync plug-in settings on a *TemplateSync* tab.
 .. Change the *Branch* setting to match the target branch on a Git server.