## Overview In the 1.x era of CouchDB, many parts of the core systems were managed via the config system. This is mostly due to in the early days, no good standard patterns for what Erlang apps looked like were obvious. This has changed now.
In addition, being able to change core parts of the database, including what code modules to load when and where, and which OS binaries to run when and where, opened us up to [a]( http://docs.couchdb.org/en/stable/cve/2017-12635.html) [set]( http://docs.couchdb.org/en/stable/cve/2017-12636.html) of [security]( http://docs.couchdb.org/en/stable/cve/2018-11769.html) [vulnerabilities]( http://docs.couchdb.org/en/stable/cve/2018-8007.html), that we want to close once and for all with this PR by no longer allowing runtime configuration of core system parts. Specifically: - `daemons` - `[httpd] default_handler` -`httpd_global_handlers` -`httpd_db_handlers` -`httpd_design_handlers` - `vhost_global_handlers` - `redirect_vhost_handler` - `os_daemons` - `query_servers` - `native_query_servers` This patch retains the ability to configure an existing CouchDB installation to, say, add a third party query server, but it’ll require console access to the server and restarting CouchDB from said console. * * * ## Details CouchDB ships with two default query_servers (javascript and coffeescript) as well as one default native_query_server (query aka mango). These used to be configured in default.ini in these sections: ``` [query_servers] javascript = {{prefix}}/bin/couchjs {{prefix}}/share/server/main.js coffeescript = {{prefix}}/bin/couchjs {{prefix}}/share/server/main-coffee.js ; enable mango query engine [native_query_servers] query = {mango_native_proc, start_link, []} ; erlang query server ; erlang = {couch_native_process, start_link, []} ``` This allowed end-users post-install and even runtime-changes to which query servers are enabled and where their binaries live. This patch changes things, so only a post-install, but not at-runtime changes are possible from now on. This still allows people to configure their CouchDB to run a third- party query server like the somewhat popular Python query server, but it changes the way the setup is done. Query Servers The javascript and coffeescript query servers continue to be enabled by default. Setup differences have been moved from default.ini to the couchdb and couchdb.cmd start scripts respectively. Additional query servers can now be configured using environment variables: ``` export COUCHDB_QUERY_SERVER_PYTHON="/path/to/python/query/server.py with args" couchdb ``` Where the last segment in the environment variable matches the usual lowercase(!) query language in the design doc `language` field. Multiple query servers can be configured by using more environment variables. Native Query Servers The mango query server continues to be enabled by default. The erlang query server continues to be disabled by default. This patch adds a `[native_query_servers] enable_erlang_query_server = BOOL` setting (defaults to `"false"`) to enable the erlang query server. If the legacy configuration for enabling the query server is detected, that is counted as a `true` setting as well, so existing configurations continue to work just fine. Windows Since the setting of the `./configure` time `PREFIX` happens during `make release`, I had to adapt the `couchdb` and `couchdb.cmd` scripts to have the correct env vars set and the `PREFIX` replaced there. I did this to the best of my abilities and research, but this needs review from the Windows team (Hi Joan! :). OS Daemons Although deprecated in 2.2.0, we’re keeping support for this until 3.x, but the configuration changes analogous to query servers. Previously, configuration looked like this: ``` [os_daemons] name = /path/to/daemon with args ``` With this patch, setup looks like this: ``` COUCHDB_OS_DAEMON_NAME="/path/to/daemon with args" couchdb ``` Multiple OS Daemons can be started with multiple env vars. The final segment in the env var becomes the daemon identifier inside CouchDB as lowercase(!). ## Testing recommendations `make check` as well as following the instructions above for configuring third party query servers and/or `os_daemons` as well as enabling the erlang query server. ## Checklist - [x] Code is written and works correctly; - [x] Changes are covered by tests; - [x] Documentation reflects the changes; [ Full content available at: https://github.com/apache/couchdb/pull/1602 ] This message was relayed via gitbox.apache.org for [email protected]
