Hi Geoff, I don't know whether this is relevant for the Docker case but we store the local.ini file with the hashed password in S3 for the servers we use. When we recreate the servers in our cluster the cloud-init scripts copy across the local.ini file with the hashed password in it.
Cheers, Simon -----Original Message----- From: Joan Touzet [mailto:[email protected]] Sent: Friday, 21 July 2017 12:31 PM To: [email protected] Subject: Re: Running a CouchDB 2.0 Cluster in Production on AWS with Docker Hi Geoff, I describe one approach in the Chef CouchDB cookbook: https://github.com/wohali/couchdb-cookbook "One way is by downloading and extracting CouchDB's source code, changing into the dev/ directory, and running the following one-liner, replacing MYPASSWORD with your desired password:" python -c 'import uuid;from pbkdf2 import pbkdf2_hex;password="MYPASSWORD";salt=uuid.uuid4().hex;iterations=10;print("-pbkdf2-{},{},{}".format(pbkdf2_hex(password,salt,iterations,20),salt,iterations))' -Joan ----- Original Message ----- From: "Geoffrey Cox" <[email protected]> To: "user" <[email protected]> Sent: Thursday, 20 July, 2017 11:53:13 PM Subject: Running a CouchDB 2.0 Cluster in Production on AWS with Docker Hi, I finally got around to writing a post on how we are running a CouchDB 2.0 cluster in production on AWS <https://medium.com/@redgeoff/running-a-couchdb-2-0-cluster-in-production-on-aws-with-docker-50f745d4bdbc>. I hope this helps others to bootstrap their projects. For the community, is there a command line tool or a simple command line script that can be written to generate the pbkdf2 hash of a password given the clear text password and secret? I know you can start a CouchDB node with a clear text password in the local.ini file and then have it create the hashed value, but this is a bit roundabout. If you have any feedback, please send it my way. Thanks! Geoff Disclaimer: This message contains confidential information and is intended only for the individual(s) named. If you are not the named addressee you should not disseminate, distribute or copy this email. Please immediately delete it and all copies of it from your system, destroy any hard copies of it, and notify the sender. Email transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. To the maximum extent permitted by law, Immersive Technologies Pty. Ltd. does not accept liability for any errors or omissions in the contents of this message which arise as a result of email transmission.
