Loading tools/signing/machines-setup/README.md 0 → 100644 +37 −0 Original line number Diff line number Diff line This directory contains the scripts used to setup the signing machines. It handles everything in the setup, except installation of the signing keys, which is done manually. # Deploying changes on the signing machines To deploy changes on the signing machines you need: * access to the `root` account (either running `su -` and entering the `root` password, or having your ssh key in `~root/.ssh/authorized_keys`) * access to the `setup` account via ssh (the `setup-signing-machine` script should be updated to add your key there) Deploying changes to the signing machines is done with the following two scripts: * upload-tbb-to-signing-machine * setup-signing-machine ## upload-tbb-to-signing-machine This script should be run from your local machine (from which you access the signing machine). It will create a tarball of tor-browser-build from the `HEAD` commit, upload it to the signing machine and extract it in the `/signing` directory. In addition it will download and upload to the signing machine the tools used in the signing process. Before running the script you may edit the line `signing_machine='linux-signer'` to change the hostname of the signing machine. ## setup-signing-machine This script should be run on the signing machine as root. It will install required packages, create user accounts and setup signing tools. After running `upload-tbb-to-signing-machine`, open a root shell on the signing machine and run `/signing/tor-browser-build/tools/signing/machines-setup/setup-signing-machine`. Loading
tools/signing/machines-setup/README.md 0 → 100644 +37 −0 Original line number Diff line number Diff line This directory contains the scripts used to setup the signing machines. It handles everything in the setup, except installation of the signing keys, which is done manually. # Deploying changes on the signing machines To deploy changes on the signing machines you need: * access to the `root` account (either running `su -` and entering the `root` password, or having your ssh key in `~root/.ssh/authorized_keys`) * access to the `setup` account via ssh (the `setup-signing-machine` script should be updated to add your key there) Deploying changes to the signing machines is done with the following two scripts: * upload-tbb-to-signing-machine * setup-signing-machine ## upload-tbb-to-signing-machine This script should be run from your local machine (from which you access the signing machine). It will create a tarball of tor-browser-build from the `HEAD` commit, upload it to the signing machine and extract it in the `/signing` directory. In addition it will download and upload to the signing machine the tools used in the signing process. Before running the script you may edit the line `signing_machine='linux-signer'` to change the hostname of the signing machine. ## setup-signing-machine This script should be run on the signing machine as root. It will install required packages, create user accounts and setup signing tools. After running `upload-tbb-to-signing-machine`, open a root shell on the signing machine and run `/signing/tor-browser-build/tools/signing/machines-setup/setup-signing-machine`.
