Manybubbles has uploaded a new change for review. https://gerrit.wikimedia.org/r/221647
Change subject: Update installation instructions ...................................................................... Update installation instructions Make sure to call out dynamic scripting and that we're working towards not needing it any more. Change-Id: I0618fddfb19046a513823b69741999bca8a756d3 --- M README M elasticsearch.yml 2 files changed, 15 insertions(+), 6 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/CirrusSearch refs/changes/47/221647/1 diff --git a/README b/README index 68fcbf8..1bfa7c0 100644 --- a/README +++ b/README @@ -3,13 +3,12 @@ Installation ------------ -Get Elasticsearch up and running somewhere. 1.3.2 and above are all fine. +Get Elasticsearch up and running somewhere. 1.3.2 and above are all fine though soon it'll be 1.6+. -Optional: CirrusSearch makes use of sandboxed dynamic scripts in Elasticsearch. For most -functions the sandbox is fine but some advanced features (source regular expression search) -require relaxing the sandbox some. To do this add the contents of elasticsearch.yml located -in this directory to the elasticsearch.yml that came with Elasticsearch and restart -Elasticsearch. +CirrusSearch still uses dynamic scripts. Its very close to not needing them any more - probably by +August 2015 it won't. Anyway, for now you'll have to reenable dynamic scripting in Elasticsearch. Do +that by adding the contents of the elasticsearch.yml file in this directory to the elasticsearch.yml +file that comes with your installation. Place the CirrusSearch extension in your extensions directory. Make sure you have the curl php library installed (sudo apt-get install php5-curl in Debian.) diff --git a/elasticsearch.yml b/elasticsearch.yml index 98bd6bc..bf5c6d4 100644 --- a/elasticsearch.yml +++ b/elasticsearch.yml @@ -1,3 +1,13 @@ +## +# Turn dynamic scripting back on +## +# CirrusSearch needs dynamic scripting currently. +script.disable_dynamic: false +## But turning dynamic scripting on is a security vulnerability if the server +## is accessible to the world. Turn off global accessibility. +network.host: "127.0.0.1" + + # The default sandbox for Groovy is too restrictive for Cirrus. This adds a # few more allowed invocations. script.groovy.sandbox.class_whitelist: -- To view, visit https://gerrit.wikimedia.org/r/221647 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I0618fddfb19046a513823b69741999bca8a756d3 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/CirrusSearch Gerrit-Branch: master Gerrit-Owner: Manybubbles <[email protected]> _______________________________________________ MediaWiki-commits mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
