Commit Graph

77 Commits

Author SHA1 Message Date
Rigel Kent e883399fa6 Precisions and security enhancements to the production guide (#287)
- added precisions and suggestions about how to generate Let's Encrypt certificates. Users have reported their installations didn't work when the problem came from missing certificates (false positives).
- security defaults of Nginx follow the basic robustness principle "be conservative in what you send, be liberal in what you accept", which isn't enough with modern security standards, so we should be picky with the cipher suites we use, among other things. Extra comments (especially for the TLS1.3 protocol support parameter) make the requirement of a recent Nginx installation obvious, and the downgrade alternative remains clear to the system administrator.

All in all, we should aknowledge users will most often copy and paste the configuration files. Making them secure by default may force a few users to read their configuration, but on the long run we are making the fediverse more secure.

Since I've come to modify a bit the Nginx config in `support/doc/production.md`, I've merged it with the template so that they stay consistent.
2018-02-14 11:11:49 +01:00
SVNET Libre 1007a0185f Update Guide for upgrade procedure (#281) (#291) 2018-02-14 11:03:39 +01:00
Chocobozzz 1185c246c5
Add warning in production guide 2018-02-09 13:38:19 +01:00
Chocobozzz f529f9835e
Fix "things went wrong" documentation 2018-02-08 09:52:57 +01:00
Valvin 09c93c2031 update yarn installation command (#267)
on ubuntu `sudo -u` doesn't set homedirectory of the targeted user althought debian does. it requires the option `-H`. I think with this option it works in both case.
2018-02-01 08:55:17 +01:00
Chocobozzz 4805cff179
Fix migrations 2018-01-29 11:58:07 +01:00
Chocobozzz 4df6a1b8e1
Move docker do in support/doc 2018-01-29 11:23:38 +01:00
kaiyou e8395f027b Add production Alpine and Debian Stretch Docker images (#225)
* First pass at a (swarm-compatible) docker image

Uses an existing traefik server as a https reverse proxy.

* Add example config for a Docker swarm deployment

* Point to traefik config for docker compose setup

* Clarify that traefik is needed for the example config

* Use node:8-stretch base image and don't install yarn

(The base image already contains yarn.)

* Initial commit for an Alpine Docker image

* Fix docker volume path

* Merge #213 and #225 and move files around

* Remove unnecessary dependencies from the alpine build

* Update Dockerfiles to match install path, config path, etc.

* Update the configuration in the example compose file

* Update the configuration in the example swarm file

* Remove the declared networks and volumes from the compose example, which are not strictly required

* Update attachment path in the documentation

* Display traefik as a suggestion and not a required dependency

* Update the Docker ignored files

* Fix typos reported in #225

* Move production Dockerfiles to a production directory

* Add the redis configuration settings

* Add Docker files to the dockerignore

* Make the signup limit configurable
2018-01-29 08:52:20 +01:00
Chocobozzz ce487e1e3b
Upgrade clearer in production guide 2018-01-26 10:50:05 +01:00
Thomas Citharel 15dbc134bd typos (#246)
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2018-01-25 08:13:19 +01:00
Chocobozzz 59c48d49c5
Peertube home in /var/www instead of /home 2018-01-23 09:00:23 +01:00
Thomas Citharel e5203ffa12 Improve docs (#232)
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2018-01-23 08:53:15 +01:00
Chocobozzz 451ce9642c
Add commander in dependencies instead of dev dep 2018-01-22 09:42:42 +01:00
Chocobozzz 23e27dd535
Add ability to configure log level 2018-01-19 13:58:13 +01:00
Chocobozzz c7a9f34f72
Add SQL backup/restore commands in production guide 2018-01-19 10:30:35 +01:00
Chocobozzz 2e866cc75d
Don't serve previews with nginx
We need to maintain a cache in the node process
2018-01-18 18:45:27 +01:00
Chocobozzz 5668bf2e51
nginx optimizations 2018-01-18 17:45:49 +01:00
taziden 9625507fec fix 2 other typos (#209) 2018-01-17 11:47:45 +01:00
taziden a5c57bf33e fix typo in production guide (#208) 2018-01-17 11:34:26 +01:00
Chocobozzz fd206f0b2d
Add ability to update some configuration keys 2018-01-17 10:41:27 +01:00
Chocobozzz e28d531fc5
Overwrite on upgrade when unziping 2018-01-16 09:32:29 +01:00
Chocobozzz 48cf691d5e
Fix upgrade command 2018-01-16 08:53:01 +01:00
Chocobozzz 2d13b29965
Remove npm run upgrade
Use command from production.md instead
2018-01-15 18:23:17 +01:00
Chocobozzz d2000ca6e7
Update production guide
Use release that already contains build files. It requires a specific
directories tree but I think it would be fine.
2018-01-15 18:07:08 +01:00
Chocobozzz 6b2ef589ed
Prepare production workflow 2018-01-15 11:28:41 +01:00
Chocobozzz afe8176799
Some markdown fixes 2018-01-12 18:55:45 +01:00
Chocobozzz 63bfad7ec9
Try to improve documentations/readme 2018-01-12 18:07:41 +01:00