-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add some notes on getting started on developing for buildomat #53
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i took pretty much the same notes as i was setting up buildomat myself earlier, so generally +1 for getting a DEVELOPING.md in. i left a few notes here too, if you want i'm happy to push another commit or two or we can do whatever - either way we should probably just merge this
- Edit `server.toml` to add the token to the `admin` line | ||
|
||
- Create a factory `buildomat admin factory create factory_name` this will | ||
spit out a `FACTORY_TOKEN` which needs to go in a factory TOML file |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
aha, i was wondering what you were doing that you got here but didn't mention factory TOMLs themselves, then i found #52 :)
secret = "<ADD TOKEN>" | ||
admin = "<ADD TOKEN>" | ||
``` | ||
- run `buildomat -p user.toml admin user create admin`. This will spit out an `ADMIN_TOKEN` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fwiw i don't think the token created here is particularly special for admin purposes, it's just a user token. by setting the server's admin.token
and client's profile.default.admin
to this token, we'll also happen to set that same user token as the administrative key (... and if you were to accidentally delete the admin user then whoops the key's dead)
so, i see how this works, but it's probably better to pick a decent secret administrative token (e.g. dd if=/dev/urandom bs=64 count=1 | base64 -
) that is distinct from any user token?
(i also think it might be good to create an admin
user with all privileges when setting up the database, whose token is admin.token
, then collapsing the distinction between "secret admin token" and "user token". but that's a Josh conversation i'll bring up elsewhere :D)
nginx is available on illumos and easy to setup as a reverse proxy to | ||
redirect requests to your `buildomat-server` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i'm running the server with -b 0.0.0.0:9979
😎 but nginx definitely seems like the thing to get important things like TLS
No description provided.