Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add some notes on getting started on developing for buildomat #53

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

labbott
Copy link

@labbott labbott commented Mar 7, 2024

No description provided.

Copy link
Member

@iximeow iximeow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i took pretty much the same notes as i was setting up buildomat myself earlier, so generally +1 for getting a DEVELOPING.md in. i left a few notes here too, if you want i'm happy to push another commit or two or we can do whatever - either way we should probably just merge this

- Edit `server.toml` to add the token to the `admin` line

- Create a factory `buildomat admin factory create factory_name` this will
spit out a `FACTORY_TOKEN` which needs to go in a factory TOML file
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

aha, i was wondering what you were doing that you got here but didn't mention factory TOMLs themselves, then i found #52 :)

secret = "<ADD TOKEN>"
admin = "<ADD TOKEN>"
```
- run `buildomat -p user.toml admin user create admin`. This will spit out an `ADMIN_TOKEN`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fwiw i don't think the token created here is particularly special for admin purposes, it's just a user token. by setting the server's admin.token and client's profile.default.admin to this token, we'll also happen to set that same user token as the administrative key (... and if you were to accidentally delete the admin user then whoops the key's dead)

so, i see how this works, but it's probably better to pick a decent secret administrative token (e.g. dd if=/dev/urandom bs=64 count=1 | base64 -) that is distinct from any user token?

(i also think it might be good to create an admin user with all privileges when setting up the database, whose token is admin.token, then collapsing the distinction between "secret admin token" and "user token". but that's a Josh conversation i'll bring up elsewhere :D)

Comment on lines +60 to +61
nginx is available on illumos and easy to setup as a reverse proxy to
redirect requests to your `buildomat-server`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'm running the server with -b 0.0.0.0:9979 😎 but nginx definitely seems like the thing to get important things like TLS

@jclulow jclulow self-requested a review January 10, 2025 01:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants