[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] branch master updated: mention caveats
|
From: |
gnunet |
|
Subject: |
[taler-docs] branch master updated: mention caveats |
|
Date: |
Sun, 24 Jan 2021 16:04:46 +0100 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new d27be29 mention caveats
d27be29 is described below
commit d27be298fbbc186fc2c96d5ad74a74c557603051
Author: Florian Dold <florian@dold.me>
AuthorDate: Sun Jan 24 16:04:41 2021 +0100
mention caveats
---
libeufin/nexus-tutorial.rst | 20 ++++++++++++++++----
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/libeufin/nexus-tutorial.rst b/libeufin/nexus-tutorial.rst
index 95c2e76..1e3deb9 100644
--- a/libeufin/nexus-tutorial.rst
+++ b/libeufin/nexus-tutorial.rst
@@ -190,10 +190,21 @@ Use the following command to run the nexus service:
$ libeufin-nexus serve --port 5001
By default, the SQLite3 database ``/tmp/libeufin-nexus.sqlite3`` will be used.
+The database can be specified as a JDBC connection URI with the
+``--db-conn-string=$DBCONN`` option. Only *SQLite* and *PostgreSQL (only via
+TCP)* are supported right now.
+
+.. warning::
+
+ For production-grade deployments of LibEuFin, we do not recommend
specifying the
+ secret database credentials via command line arguments, as can will expose
+ those credentials to other users.
+
+ Instead, the DB connection string should be specified in an environment
variable
+ (which can be set in the systemd unit via an ``EnvironmentFile`` option)
+ once LibEuFin supports this (see the corresponding
+ `bug tracker entry <https://bugs.gnunet.org/view.php?id=6720>`__).
-We recommend using the ``--db-conn-string=$DBCONN`` option. It instructs Nexus
-to reach the database addressed by the JDBC connection URI. Only *SQLite* and
-*PostgreSQL (only via TCP)* are supported right now.
For example:
@@ -212,7 +223,8 @@ to create less privileged users is offered.
.. note::
- Privilege separation is not fully implemented yet.
+ User and permissions management in LibEuFin is still under development.
+ In particular, permissions for non-superusers are very limited at the moment.
The command line interface needs the following three values
to be defined in the environment: ``LIBEUFIN_NEXUS_URL``,
``LIBEUFIN_NEXUS_USERNAME``,
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-docs] branch master updated: mention caveats,
gnunet <=