Browse Source

Additions to help in examples.

1) updated information on how to ensure that passwords are hidden even wehn KeePass is opened.
2) added docker.txt which goes into details about sysadm of docker.
devel
Jonathan Rosenbaum 10 years ago
parent
commit
6754c9a324
  1. 61
      examples/docker.txt
  2. 44
      examples/secure-terminals.txt

61
examples/docker.txt

@ -0,0 +1,61 @@
DOCKER
Assuming you have installed docker on a server,
it is much easier to setup YBDB with the docker image at
https://registry.hub.docker.com/u/bikebike/ybdb/ or build
a customized version from the source code at https://github.com/fspc/ybdb .
As part of Positive Spin's project to determine which software would best
fit our needs, docker demos were created from all known existing F/OSS
community bike shop software at http://bikebike.wvcompletestreets.org .
CUSTOMIZE
If you want to build your own image to use at a Community Bike Shop,
you will most likely want to setup ssl for the http server, create
self-signed certificates and a htpasswd file (see secure-terminals.txt),
and edit populate.sql and database_functions.php. These changes will
need to be reflected in the Dockerfile.
Never forget, if you make changes to any Community Bike Shop code,
merge your changes back into the main project so that all collectives
may benefit from the awesomeness of Free Software.
WHAT NEXT?
You will want to keep regular backups, have scripts that start/stop the container, and
monitor the main docker process.
BACKUPS
Redundancy is great. Save backups to at least two locations.
Obviously, the "YB" Database is the most important thing to backup,
and Docker makes backing up a container easy.
START/STOP SCRIPTS
Example of the standard upstart script used to start/stop bikebike docker containers:
description "Positive O Spin's container"
author "Jonathan Rosenbaum <gnuser@gmail.com>"
start on started docker
stop on runlevel [016]
respawn
exec start-stop-daemon --start --make-pidfile --pidfile /var/run/pos.pid --exec /usr/bin/docker start pos
MONITOR DOCKER PROCESS
Because docker container processes are children processes that change,
only the main docker pidfile is monitored by monit.
check process docker
with pidfile /var/run/docker.pid
start = "/sbin/start docker"
stop = "/sbin/stop docker"

44
examples/secure-terminals.txt

@ -32,28 +32,40 @@ TERMINAL AUTOMATION AND SECURITY
Firefox (IceWeasel):
1. Download KeePass v2 zip - http://keepass.info/download.html
2. Unzip in ~/KeePass
3. cd ~/KeePass; mkdir plugins
4. In Debian/Ubuntu: apt-get install mono-runtime mono-devel
5. Install KeeFox extension from https://addons.mozilla.org/en-us/firefox/addon/keefox/
6. KeeFox will tell you where to copy KeePassRPC.plgx from into the plugins directory
3. sudo chown root:root ~/KeePass; sudo chmod 0755 ~/KeePass;
4. cd ~/KeePass; mkdir plugins
5. mv KeePass.config.xml KeePass.config.enforced.xml
6. sudo chown root:root KeePass.config.enforced.xml
7. sudo chmod 0444 KeePass.config.enforced.xml
8. Most importantly in KeePass.config.enforced.xml change true to
<UnhidePasswords>false</UnhidePasswords> so that passwords cannot be seen.
9. In Debian/Ubuntu: apt-get install mono-runtime mono-devel
10. Install KeeFox extension from https://addons.mozilla.org/en-us/firefox/addon/keefox/
11. KeeFox will tell you where to copy KeePassRPC.plgx from into the plugins directory
Usually somewhere under ~/.mozilla/firefox/*default/extensions/keefox*
7. When setting up password database for KeePass use only a key file.
8. Add the url along with username and password in the database.
9. Once the login is working properly for the htpasswd setup for apache,
12. When setting up password database for KeePass use only a key file.
13. Add the url along with username and password in the database.
14. Once the login is working properly for the htpasswd setup for apache,
the whole process can be completely automated in KeeFox options.
10. In Firefox (IceWeasel) Preferences -> General use "When IceWeasel starts: Show my windows and tabs from the last time"
15. In Firefox (IceWeasel) Preferences -> General use "When IceWeasel starts: Show my windows and tabs from the last time"
Chrome:
1. Download KeePass zip - http://keepass.info/download.html
2. Unzip in ~/KeePass
3. When setting up password database for KeePass use only a key file.
4. Add the url along with username and password in the database.
5. In Debian/Ubuntu: apt-get install mono-runtime mono-devel
7. Install extension chromeIPass
8. Install keepasshttp as explained at https://github.com/pfn/keepasshttp/ (put KeePassHttp.plgx in ~/KeePass)
9. Follow the directions chromeIPass gives you, creating an identifier
10. Good idea to restart chrome.
11. In Chrome Settings "On Startup Continue where you left off"
3. sudo chown root:root ~/KeePass; sudo chmod 0755 ~/KeePass;
4. mv KeePass.config.xml KeePass.config.enforced.xml
5. sudo chown root:root KeePass.config.enforced.xml
6. sudo chmod 0444 KeePass.config.enforced.xml
7. Most importantly in KeePass.config.enforced.xml change true to
<UnhidePasswords>false</UnhidePasswords> so that passwords cannot be seen.
8. When setting up password database for KeePass use only a key file.
9. Add the url along with username and password in the database.
10. In Debian/Ubuntu: apt-get install mono-runtime mono-devel
11. Install extension chromeIPass
12. Install keepasshttp as explained at https://github.com/pfn/keepasshttp/ (put KeePassHttp.plgx in ~/KeePass)
13. Follow the directions chromeIPass gives you, creating an identifier
14. Good idea to restart chrome.
15. In Chrome Settings "On Startup Continue where you left off"
DESKTOP STARTUP

Loading…
Cancel
Save