summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2013-03-06 12:29:45 +0100
committerAzul <azul@leap.se>2013-03-06 12:29:45 +0100
commit1f874dc62e0d0add285f6ab5ff1b6d8fccaa1912 (patch)
treea600e87a58f00df1b28f874e3b235f3d19210ee5
parentf70366e27aaac985c876d1d0260d7aab8b7ed8b5 (diff)
updated deploy documentation
INSTALL is mostly for development and we do not include couch security advices in there
-rw-r--r--DEPLOY.md19
1 files changed, 16 insertions, 3 deletions
diff --git a/DEPLOY.md b/DEPLOY.md
index 8ef2a7a..f61301c 100644
--- a/DEPLOY.md
+++ b/DEPLOY.md
@@ -9,8 +9,8 @@ These instructions are targeting a Debian GNU/Linux system. You might need to ch
The following packages need to be installed:
* git
-* ruby1.8
-* rubygems1.8
+* ruby1.9
+* rubygems1.9
* couchdb (if you want to use a local couch)
### Setup Capistrano ###
@@ -25,5 +25,18 @@ run `cap deploy` to deploy to the server.
Please make sure your deploy includes the following files:
-* config/cert
* public/config/provider.json
+* config/couchdb.yml
+
+## Couch Security ##
+
+We recommend against using an admin user for running the webapp. To avoid this couch design documents need to be created ahead of time and the auto update mechanism needs to be disabled.
+Take a look at test/setup_couch.sh for an example of securing the couch. After securing the couch migrations need to be run with admin permissions. The before_script block in .travis.yml illustrates how to do this:
+
+```
+mv test/config/couchdb.yml.admin config/couchdb.yml # use admin privileges
+bundle exec rake couchrest:migrate_with_proxies # run the migrations
+bundle exec rake couchrest:migrate_with_proxies # looks like this needs to run twice
+mv test/config/couchdb.yml.user config/couchdb.yml # drop admin privileges
+```
+