As a user of CouchDB, I'm still hoping you folks will find some time to writeup a terse 'how to secure CouchDB' article in the 2.0 release cycle. I know it is not a matter for the home page (nice preview by the way), but the clear, concise and canonical set of instructions is needed. Specifically, how-to correctly shutdown 5984 port (in favor of SSL on 6984), how to turn of admin-party. Also whether to modify default.ini/local.ini on the server side instead of by cURL scripts on the client side. Secondarily in the article, perhaps provide links to the likes of https://hub.docker.com/r/klaemo/couchdb-ssl/ and an explanation as to why NGinx for SSL is a stronger choice than Erlang's built in one.
Context: I'm nervous about deploying CouchDB for real workloads, even inside internal networks, and I am sure I am not alone. The likes of http://www.dailydot.com/layer8/154-million-voter-files-exposed-l2/ just serve to reinforce those nerves. A page in the new website publishing a single post-installation script to run that locks CouchDB would be perfect :) Regards, - Paul On Thu, Sep 15, 2016 at 4:41 AM, Jan Lehnardt <[email protected]> wrote: > *nudge* > > This needs more reviews, pls <3 > > Best > Jan > -- > > > On 03 Sep 2016, at 15:03, Jan Lehnardt <[email protected]> wrote: > > > > Hey everybody, > > > > I’ve started a modest website update for the upcoming 2.0 release: > > > > - new logo > > - removed textured linen background, moved to flat grey > > - new top-level marketing slogans (wip) > > - new intro texts (wip) > > - new 2.0 download section (final links TBD) > > - I kept the 1.6.1/1.7.0 section, because people will want to be > > able to keep downloading that > > - improved load time by serving JIRA “Submit a Bug” JavaScript include > > from the same host as opposed to live from JIRA which tends to take > > a few seconds. This might need updating on JIRA updates, but these > > are rare. > > - improved “small screen” menu drop-down > > > > > > Preview here: http://jan.prima.de/couchdb-2.0/ > > > > Branch here: https://github.com/apache/couchdb-www/tree/2.0 > > > > > > > > TODO (needs your help): > > > > - I don’t know my way around @2x images in web design and I think the > new logo needs some treatment, would appreciate any designer here taking a > lead on this. Feel free to just commit on that branch. > > > > - finalise marketing slogans and description updates. Bikeshed away > (within reason, the main direction has been decided upon a while ago). > > > > - I’d like to add a few pointers to different CouchDB use-case scenarios > that highlight the awesomeness of our replication. I think the easiest of > these is a short blog post series that then can be linked to from the main > website (as opposed to introduce more sections into the single-page, or > changing from single- to multi-page). My thinking here is that we want to > cover the following scenarios at least: > > > > 1. 3+ node CouchDB cluster, replication for inter-node updates > > > > 2. 3+ cloud locations, a cluster in each, for geo-distribution (closer > to users, and fault tolerance) > > > > 3. cloud location + 1000s+ of mobile / web clients (w/ PouchDB and > Couchbase Lite), highlight Offline First (offlinefirst.org) strength > > > > 4. distributed office locations (think London, New York, Tokio), all > end-users with low-latency connections to CouchDB, all data syncing in the > background, easy to open new offices, etc. > > > > 5. eHealth Africa Ebola Response. Essentially 3. but more concrete, > with focus on regions with challenging network infrastructure c.f. > https://www.youtube.com/watch?v=1sLjWlWvCsc&spfreload=10 > > > > 6+. <your ideas here> > > > > Optional / later: > > - npmjs.com case study (they heavily rely on CouchDB and replication) > > - some big data client of Cloudant’s would be nice ;) > > > > All of these would just be a couple of paragraphs long, nothing too > in-depth, but with nice diagrams showing all the components and data flow. > > > > Who’d be up for helping with these? I’ll send you one of the sweet, > exclusive CouchDB 2.0 coffee mugs :) > > > > // CC Jenn, would you able to coordinate this again? > > > > These shouldn’t take long to write, and I’m sure we can get 3 or 4 > together until next Thursday, so they can go out with the 2.0 release. > > > > What do you think? > > > > Best > > Jan > > -- > > > > -- > Professional Support for Apache CouchDB: > https://neighbourhood.ie/couchdb-support/ > >
