adding cargo run for all db systems

neil 2020-11-01 15:27:49 +00:00
parent 8b49810eeb
commit d7354eb595
1 changed files with 9 additions and 4 deletions

@ -114,15 +114,20 @@ Now your Nextcloud instance should be ready. Let's move on to sncf.
- `admin_username` and `admin_password` are plaintext credentials for the admin acount you just created.
- You are advised to enable `debug_mode` at least during the first days in production. The debug mode won't slow down sncf, but will help you to understand when something's wrong by printing a *lot* of data to stdout.
9. Compile (`cargo run --release`) and run sncf.
9. Compile and run sncf.
- sncf requires the following packages to be installed (on a Debian-based system):
- `libsqlite3-0` if you're using SQLite
- `libpq5` if you're using PostgreSQL
- `libmysql++-dev` if you're using MySQL / MariaDB.
- Compile and run using Cargo. You may need to [install Rust](https://rustup.rs/) beforehand..
- `cargo run --no-default-features --features sqlite` for SQLite
- `cargo run` for PostgreSQL
- `cargo run --no-default-features --features mysql` for MySQL / MariaDB.
10. Route through sncf instead of Nextcloud.
- [reverse-proxy only] Route your public-facing address to sncf instead of Nextcloud.
- [reverse-proxy only] [optional] You might want to set up direct access to Nextcloud without going through sncf, for technical purposes. You can do that on a secret port or route (not `/admin/`, though). Be sure to strenghten this access (at least with basic auth) to avoid transforming it into a backdoor for evil people.
10. Open a browser in private navigation mode.
11. Open a browser in private navigation mode.
- Try accessing `https://<sncf_url>/`. It should display the main page.
- Try accessing `https://<sncf_url>/link`. It should generate an administration link. If you're already logged in as admin it will directly redirect you to Forms. So please try in private navigation mode.
- Try accessing your administration link. It should redirect you to Forms.
@ -130,10 +135,10 @@ Now your Nextcloud instance should be ready. Let's move on to sncf.
- If one of those steps fail, check the error message from sncf and try fixing the problem. Check if your version of sncf is compatible with Nextcloud's and Nextcloud Forms'.
- If you think it's a bug, please file an issue with all the debug log, configuration, environment setup and error messages you can.
11. **Important**: Configure a fail2ban instance.
12. **Important**: Configure a fail2ban instance.
- There is currently no built-in rate-limiter or protection mechanism for `/link` and `/admin/{admin_token}` pages. This is being discussed in #8 and #9.
- One request to `/link` without cookie means **one created account on Nextcloud**.
- To lower the risk of getting DoS'd, you should restrict those two routes to a few access per day and per IP.
- You can try 5 requests to `/link` per 48h and 12 requests to `/admin/{admin_token}` per 24h. If it's too restrictive, adjust it.
12. [reverse-proxy only] When you're good to go, remove the basic auth from your configuration to let people in.
13. [reverse-proxy only] When you're good to go, remove the basic auth from your configuration to let people in.