As a user of CouchDB, I'm still hoping you folks will find some time to
writeup a terse 'how to secure CouchDB' article in the 2.0 release cycle. I
know it is not a matter for the home page (nice preview by the way), but
the clear, concise and canonical set of instructions is needed.
Specifically, how-to correctly shutdown 5984 port (in favor of SSL on 6984),
how to turn of admin-party. Also whether to modify default.ini/local.ini on
the server side instead of by cURL scripts on the client side. Secondarily
in the article, perhaps provide links to the likes of
https://hub.docker.com/r/klaemo/couchdb-ssl/ and an explanation as to why
NGinx for SSL is a stronger choice than Erlang's built in one.

Context: I'm nervous about deploying CouchDB for real workloads, even
inside internal networks, and I am sure I am not alone. The likes of
http://www.dailydot.com/layer8/154-million-voter-files-exposed-l2/ just
serve to reinforce those nerves.  A page in the new website publishing a
single post-installation script to run that locks CouchDB would be perfect
:)

Regards,

- Paul



On Thu, Sep 15, 2016 at 4:41 AM, Jan Lehnardt <j...@apache.org> wrote:

> *nudge*
>
> This needs more reviews, pls <3
>
> Best
> Jan
> --
>
> > On 03 Sep 2016, at 15:03, Jan Lehnardt <j...@apache.org> wrote:
> >
> > Hey everybody,
> >
> > I’ve started a modest website update for the upcoming 2.0 release:
> >
> > - new logo
> > - removed textured linen background, moved to flat grey
> > - new top-level marketing slogans (wip)
> > - new intro texts (wip)
> > - new 2.0 download section (final links TBD)
> >  - I kept the 1.6.1/1.7.0 section, because people will want to be
> >    able to keep downloading that
> > - improved load time by serving JIRA “Submit a Bug” JavaScript include
> >  from the same host as opposed to live from JIRA which tends to take
> >  a few seconds. This might need updating on JIRA updates, but these
> >  are rare.
> > - improved “small screen” menu drop-down
> >
> >
> >    Preview here: http://jan.prima.de/couchdb-2.0/
> >
> >    Branch here: https://github.com/apache/couchdb-www/tree/2.0
> >
> >
> >
> > TODO (needs your help):
> >
> > - I don’t know my way around @2x images in web design and I think the
> new logo needs some treatment, would appreciate any designer here taking a
> lead on this. Feel free to just commit on that branch.
> >
> > - finalise marketing slogans and description updates. Bikeshed away
> (within reason, the main direction has been decided upon a while ago).
> >
> > - I’d like to add a few pointers to different CouchDB use-case scenarios
> that highlight the awesomeness of our replication. I think the easiest of
> these is a short blog post series that then can be linked to from the main
> website (as opposed to introduce more sections into the single-page, or
> changing from single- to multi-page). My thinking here is that we want to
> cover the following scenarios at least:
> >
> >  1. 3+ node CouchDB cluster, replication for inter-node updates
> >
> >  2. 3+ cloud locations, a cluster in each, for geo-distribution (closer
> to users, and fault tolerance)
> >
> >  3. cloud location + 1000s+ of mobile / web clients  (w/ PouchDB and
> Couchbase Lite), highlight Offline First (offlinefirst.org) strength
> >
> >  4. distributed office locations (think London, New York, Tokio), all
> end-users with low-latency connections to CouchDB, all data syncing in the
> background, easy to open new offices, etc.
> >
> >  5. eHealth Africa Ebola Response. Essentially 3. but more concrete,
> with focus on regions with challenging network infrastructure c.f.
> https://www.youtube.com/watch?v=1sLjWlWvCsc&spfreload=10
> >
> >  6+. <your ideas here>
> >
> >  Optional / later:
> >    - npmjs.com case study (they heavily rely on CouchDB and replication)
> >    - some big data client of Cloudant’s would be nice ;)
> >
> > All of these would just be a couple of paragraphs long, nothing too
> in-depth, but with nice diagrams showing all the components and data flow.
> >
> > Who’d be up for helping with these? I’ll send you one of the sweet,
> exclusive CouchDB 2.0 coffee mugs :)
> >
> > // CC Jenn, would you able to coordinate this again?
> >
> > These shouldn’t take long to write, and I’m sure we can get 3 or 4
> together until next Thursday, so they can go out with the 2.0 release.
> >
> > What do you think?
> >
> > Best
> > Jan
> > --
> >
>
> --
> Professional Support for Apache CouchDB:
> https://neighbourhood.ie/couchdb-support/
>
>

Reply via email to