mirror of
https://github.com/ostreedev/ostree.git
synced 2025-01-09 01:18:35 +03:00
docs: Add authenticated-repos.md
Document options for accessing repositories that require authentication.
This commit is contained in:
Colin Walters
parent
13be0786bb
commit
d4adb79539
28
docs/authenticated-repos.md
Normal file
28
docs/authenticated-repos.md
Normal file
@ -0,0 +1,28 @@
|
||||
---
|
||||
nav_order: 9
|
||||
---
|
||||
|
||||
# Handling access to authenticated remote repositories
|
||||
{: .no_toc }
|
||||
|
||||
1. TOC
|
||||
{:toc}
|
||||
|
||||
|
||||
There is no default concept of an "ostree server"; ostree expects to talk to a generic webserver, so any tool and technique applicable for generic HTTP can also apply to fetching content via OSTree's builtin HTTP client.
|
||||
|
||||
## Using mutual TLS
|
||||
|
||||
The `tls-client-cert-path` and `tls-client-key-path` expose the underlying HTTP code for [mutual TLS](https://en.wikipedia.org/wiki/Mutual_authentication).
|
||||
|
||||
Each device can be provisioned with a secret key which grants it access to the webserver.
|
||||
|
||||
## Using basic authentication
|
||||
|
||||
The client supports HTTP `basic` authentication, but this has well-known management drawbacks.
|
||||
|
||||
## Using cookies
|
||||
|
||||
Since [this pull request](https://github.com/ostreedev/ostree/pull/531) ostree supports adding cookies to a remote configuration. This can be used with e.g. [Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-cookies.html).
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user