1) Should not be accessible from the internet directly on any ports. NATing is fine if that's easier. 2) Needs to be able to connect to the internet. 3) Just needs to pull from internet, sign, and push to the internet, so a small machines is good.
So, 1 CPU, 1G of ram, 10G of disk ?
Sounds good. Does it GPG signing need anything more in terms of CPU?
Signing consumes very little CPU. 1 CPU, 1G ram is more than enough. You may want more disk to keep an archive of the signed packages. Might come in handy if you ever want to compare what's on d.g.o.
We will not store anything on that VM, no ? (since it will not be accessible for the internet). And we can surely get a log of what was signed to not be forced to keep all data.
So I installed the VM, and it can be accessed by ansible for later configuration.
So the VM was created, anything more needed on that ?
Nope. Closing. I'll open a new one if we need anything more on it.