blob: bf7fb27889f6ac1f1203c5c0270ff619d71aec36 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
Tapicero - Creating per user databases on the couch for soledad
------------------------------------------------------------
``tapicero`` is a daemon that creates per user databases when users are added to the LEAP Platform. It watches the changes made to the users database and creates new databases accordingly. This way soledad does not need admin privileges.
"Tapicero" is spanish for upholsterer - the person who creates your couch.
Installation
---------------------
Prerequisites:
sudo apt-get install ruby ruby-dev couchdb
# for development, you will also need git, bundle, and rake.
From source:
git clone git://leap.se/tapicero
cd tapicero
bundle
rake build
sudo rake install
From gem:
sudo gem install tapicero
Running
--------------------
Run in foreground to see if it works:
tapicero run -- test/config/config.yaml
create a new record in the users database
observe /var/log/syslog or the logfile you specified
Run as a deamon:
tapicero start
tapicero stop
Run once and then exit:
tapicero --run-once
This will create per user databases for all users created since
the last run and then exit.
Running tests
---------------------
To run the tests:
rake
You can run with `rake DEBUG=1` if you want more verbose output. To run a particular test:
DEBUG=1 ruby test/integration/failure_test.rb
Flags
---------------------
--run-once:
process the existing users and then exit
--rerun:
also work on users that have been processed before
--overwrite-security:
write the security settings even if the user database already has some
Combining these flags you can migrate the security settings of all existing per user databases.
Configuration
---------------------
``tapicero`` reads the following configurations files, in this order:
* ``$(tapicero_source)/config/default.yaml``
* ``/etc/leap/tapicero.yaml``
* Any file passed to ARGV like so ``tapicero start -- /etc/tapicero.yaml``
For development on a couch with admin party you can probably leave all other options at their default values. For production you will need to set the credentials to an admin user so tapicero can create databases.
The default options and some explanation can be found in `config/default.yaml`.
Rake Tasks
----------------------------
rake -T
rake build # Build tapicero-x.x.x.gem into the pkg directory
rake install # Install tapicero-x.x.x.gem into either system-wide or user gems
rake test # Run tests
rake uninstall # Uninstall tapicero-x.x.x.gem from either system-wide or user gems
Development
--------------------
For development and debugging you might want to run the programm directly without
the deamon wrapper. You can do this like this:
ruby -I lib lib/tapicero.rb
Changes
--------------------
0.6.1
UPGRADING: the config option 'seq_file' is no long used, now 'seq_dir' is used
(defaults to "/var/run/tapicero").
* prevent username and password from leaking in processlist
* support for tmp_users database
0.6.0
* do not log error if the db or design doc already exists
(since another tapicero instance probably created it)
* pid now created successfully on server boot
* don't die when couchdb is restarted
License
--------------------
This program is written in Ruby and is distributed under the following license:
> GNU Affero General Public License
> Version 3.0 or higher
> http://www.gnu.org/licenses/agpl-3.0.html
Tapicero is copyright 2014 LEAP Encryption Access Project.
|