On 2019-07-08 15:53, ermouth wrote: >> disabling clustering (i.e., setting Q=N=1) > > Let’s start with this one, because it’s about installation process. To set > q=1 you should install Couch manually. Built-in installer sets up q=8 for > single node setup.
And why is q=8 *always* right for a single-node install? To me, it's not. n=1 is a universal truth for a single-node install, though, which was fixed about a year ago. We can't know at install time if you're installing on a Raspberry Pi or a single, beefy server. That said, I'd support a new option at install time for a "iot" config, which tuned things as small as possible. There's an open ticket to document these settings, which is the first step: https://github.com/apache/couchdb-documentation/issues/278 Once we have that, we can automate making those settings available at install time. We only make any of these choices in the Debian/Ubuntu installer, by the way. I believe CentOS/RedHat lacks the ability to do user-driven postinst questions, and it was simply never coded in the Mac or Windows installers. PRs to add that functionality to those platforms welcome, but we should keep the selections available parallel across platforms if at all possible. HOWEVER: Adding a `etc/local.d/50-my-defaults.ini` file with the `[cluster] q=1` line is trivial. Surely you're doing other config changes when you set up your iot devices. Why not plop this file onto the machine and restart CouchDB before using it? > Also, as for our experience, protecting Couch admin from administering by > hard-disabling write for some _config/*/* endpoints, is a mistake. This > kind of role separation isn’t reasonable for single-node scenario (which > often is ‘I gonna make something small’). Which endpoints specifically? Are you talking about using _config endpoints to reconfigure view servers remotely? Because that's been widely exploited on the Internet, judging from all the reports we get about bitcoin miners being installed on various people's machines. We had little choice to stem the tide of CVEs than to change the entire view server setup process. The security team got tired of playing whac-a-mole. -Joan
