Обновить How to get own build host

How-to-get-own-build-host.md

@@ -79,3 +79,51 @@ add path to file tar2fs from mkimage-profiles, instead of WHEEL_USERS can be you
 7. Check access to taishan and ftp-mirror
 
 
+Build own cloud forge on taishan
+
+1. Create virtual user (for exam. cloud-builder) on taishan who will be cloud forge vms owner
+2. Add it to wheel and vm group and add to it ssh key which you will go to builder vm with
+3. Run vm on vml from aarch64 qcow2 image (-i path to image, name exam. builder) and set to its config special static port
+
+> vml create -i ~/images/alt --minimum-disk-size 64G --memory 8G builder
+
+> vim  ~/vml/builder/vml.tml 
+    ssh.port-user-network = 33201
+
+4. Install programs on vm-builder
+
+> apt-get update && apt-get install git podman git-core bash-completion vim-console mkimage mkimage-preinstall hasher qemu-img kpartx
+
+5. Create virtual user (for exam. cloud-builder) and add  ssh key which you will go to builder vm with to root and cloud-builder users on vm. Check including cloud-builder to wheel and user-named groups
+
+> useradd -U -p cloud-builder123 cloud-builder
+
+> usermod -a -G wheel cloud-builder
+
+> vim ~/.ssh/authorized_keys
+
+> vim /home/cloud-builder/.ssh/authorized_keys
+
+6. Add users for hasher
+
+> hasher-useradd cloud-builder
+
+7. Set config for hasher
+
+> vim /etc/hasher-priv/system 
+prefix=~:/tmp/.private
+allowed_mountpoints=/proc,/dev/pts
+
+8. Check working status of hasher, command must work
+
+> hsh --initroot-only ~/hasher
+
+9. Check static builder vm port
+
+> cat ~/vml/builder/alt-dev/.vml/cache/port
+
+9. Check go to builder vm on taishan from your host by ssh-key-having user
+
+> ssh root@127.0.0.1 -p 33201 -o IdentitiesOnly=yes -i ~/.ssh/id_ed25519_builder -o ProxyCommand="ssh cloud-builder@taishan -W %h:%p"
+
+> ssh cloud-builder@127.0.0.1 -p 33201 -o IdentitiesOnly=yes -i ~/.ssh/id_ed25519_builder -o ProxyCommand="ssh cloud-builder@taishan -W %h:%p"