···

       
18
       
18
       
 
       
5. Knot is now ready for reverse proxy from `KNOT_SERVER_HOSTNAME:443` to local port 5555

     

       
19
       
19
       
 
       
   (knot verification will not work over HTTP port 80!)

     

       
20
       
20
       
 
       


     

       
21
       
21
       
-
       
<!--

     

       
22
       
22
       
-
       
Once the container is up, the Git repositories directory

     

       
23
       
23
       
-
       
needs to be specified explicitly as `/home/git/repositories` in `AuthorizedKeysCommand`

     

       
24
       
24
       
-
       
(see [knot-hosting](https://tangled.sh/@tangled.sh/core/blob/master/docs/knot-hosting.md#repositories)).

     

       
25
       
25
       
-
       
Create the file `/etc/ssh/sshd_config.d/authorized_keys_command.conf` with the following:

     

       
26
       
26
       
-
       


     

       
27
       
27
       
-
       
```

     

       
28
       
28
       
-
       
Match User git

     

       
29
       
29
       
-
       
  AuthorizedKeysCommand /usr/bin/knot keys -o authorized-keys -git-dir /home/git/repositories

     

       
30
       
30
       
-
       
  AuthorizedKeysCommandUser nobody

     

       
31
       
31
       
-
       
```

     

       
32
       
32
       
-
       


     

       
33
       
33
       
-
       
(This should probably be done in the Dockerfile when building the image.)

     

       
34
       
34
       
-
       
-->

     

       
35
       
35
       
-
       


     

       
36
       
21
       
 
       
## Repository troubleshooting

     

       
37
       
22
       
 
       


     

       
38
       
23
       
 
       
* SSH keys must be added to Tangled *after* the knot is created for it to pick them up.