ostree/docs/authenticated-repos.md
Colin Walters d4adb79539 docs: Add authenticated-repos.md
Document options for accessing repositories that require authentication.
2023-09-27 14:02:55 -04:00

1.0 KiB

nav_order
9

Handling access to authenticated remote repositories

{: .no_toc }

  1. TOC {:toc}

There is no default concept of an "ostree server"; ostree expects to talk to a generic webserver, so any tool and technique applicable for generic HTTP can also apply to fetching content via OSTree's builtin HTTP client.

Using mutual TLS

The tls-client-cert-path and tls-client-key-path expose the underlying HTTP code for mutual TLS.

Each device can be provisioned with a secret key which grants it access to the webserver.

Using basic authentication

The client supports HTTP basic authentication, but this has well-known management drawbacks.

Using cookies

Since this pull request ostree supports adding cookies to a remote configuration. This can be used with e.g. Amazon CloudFront.