create a separate couchdb.yml.admin that contains the couchdb admin privileges, putting the unprivileged ones in as user webapp in couchdb.yml. This allows us to migrate the couchdb design docs on deployment, but use an unprivileged user the remainder of the time

author: Micah Anderson <micah@riseup.net> 2013-03-19 17:41:37 -0400
committer: Micah Anderson <micah@riseup.net> 2013-03-19 17:55:31 -0400
commit: 9c1c74c359f80cf0e61b62befee0ec5cc04ab4c3 (patch)
tree: 285f2dc12c2635ba754bccba6822e67f25a29e48 /provider_base/services/webapp.json
parent: 01434dcd78746f530f218a7ed8ed37b7b1d5ce71 (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json
index 477d5f17..0288a0cd 100644
--- a/provider_base/services/webapp.json
+++ b/provider_base/services/webapp.json
@@ -2,9 +2,8 @@
   "webapp": {
     "modules": ["user", "billing", "help"],
     "couchdb_hosts": "= hostnames nodes[:services => :couchdb][:local => local]",
-    // NOTE: this is bad, but pending a fix to https://leap.se/code/issues/1163
-    // before we can use user "webapp"
-    "couchdb_user": "= global.services[:couchdb].couch.users[:admin]",
+    "couchdb_admin_user": "= global.services[:couchdb].couch.users[:admin]",
+    "couchdb_webapp_user": "= global.services[:couchdb].couch.users[:webapp]",
     "favicon": "= file_path 'branding/favicon.ico'",
     "tail_scss": "= file_path 'branding/tail.scss'",
     "head_scss": "= file_path 'branding/head.scss'",
author	Micah Anderson <micah@riseup.net>	2013-03-19 17:41:37 -0400
committer	Micah Anderson <micah@riseup.net>	2013-03-19 17:55:31 -0400
commit	9c1c74c359f80cf0e61b62befee0ec5cc04ab4c3 (patch)
tree	285f2dc12c2635ba754bccba6822e67f25a29e48 /provider_base/services/webapp.json
parent	01434dcd78746f530f218a7ed8ed37b7b1d5ce71 (diff)