diff options
| -rw-r--r-- | README.md | 40 |
1 files changed, 26 insertions, 14 deletions
@@ -1,34 +1,44 @@ -## Installing +## Installing in production + +### Build image ``` docker build --no-cache=true -t ndn-pwman . ``` -Make a `secret.txt` file and add a random 50 character secret in a data dir. +### Add secret +Make a `secret.txt` file and add a random 50 character secret in a data dir. This is just an example. ``` 6dxjpk*+-ywfxxi#_wmpzon@-p6hwwh9z)7q0t)h7zy*tdz20x ``` -Migrate db if necessary. + +### Migrate database + +If running for the first time or if changes has been made to the database scheme you should run the django migrate script. You should store the database in a volume. ``` docker run --rm -ti -v $(pwd)/data:/opt/pwman ndn-pwman migrate ``` -Then run a collect static: +### Collect statics + +You need to server the static content using either apache or nginx. +To export the static files use the same data dir as you did for the database, and run the `collectstatic` command. ``` docker run --rm --ti ndn-pwman -v $(pwd)/data:/opt/pwman collectstatic ``` -You need a useradmin keytab file, and the admin password for our ldap. ## Running pwman +You need a useradmin keytab file, and the admin password for our ldap. + ``` - docker run --rm -ti --name pwman -e LDAP_PASSWORD="1234secrets" -v useradmin.keytab:/etc/useradmin.keytab ndn-pwman server + docker run --rm -ti --name pwman -e LDAP_PASSWORD="1234secrets" -v /etc/useradmin.keytab:/etc/useradmin.keytab:ro -v $(pwd)/data:/opt/pwman ndn-pwman server ``` @@ -42,11 +52,13 @@ docker run --rm -ti ndn-pwman shell ## Environement variables -- LDAP_URL -- LDAP_USER -- LDAP_PASSWORD -- KERBEROS_SCRIPT -- DEBUG_MODE -- SECRET_KEY_FILE -- SECRET_KEY -- DATA_DIR - defaults to `/opt/pwman` +Required veriables marked with a `*` + +- LDAP_URL - defaults to `ldaps://ldap.norud.net` +- LDAP_USER - defaults to `cn=admin,dc=nordu,dc=net` +- LDAP_PASSWORD* +- KERBEROS_SCRIPT - `/opt/pwman/kerberos.pl` +- DEBUG_MODE - defaults to `False` +- SECRET_KEY_FILE - use a file containing a secret. Will overwrite SECRET_KEY if present. Defaults to `DATA_DIR/secret.txt` +- SECRET_KEY - random 50 characters (including specials) +- DATA_DIR - defaults to `/opt/pwman`, where the database, static files etc will be stored. |