Explain keyfile loading in INSTALL.md
This commit is contained in:
parent
f6cbc1eb8a
commit
a8bb43255f
1 changed files with 24 additions and 0 deletions
24
INSTALL.md
24
INSTALL.md
|
@ -119,10 +119,34 @@ such as sudo):
|
||||||
|
|
||||||
$ sudo setcap CAP_NET_BIND_SERVICE=+ep `stack exec which vervis`
|
$ sudo setcap CAP_NET_BIND_SERVICE=+ep `stack exec which vervis`
|
||||||
|
|
||||||
|
Vervis uses various key files for cryptography and other data generation, and
|
||||||
|
once these key files are created, they shouldn't change. For some of them, it's
|
||||||
|
*critical* they don't change, because some usage or interpretation of data in
|
||||||
|
the PostgreSQL database depends on them. For this reason, by default, key file
|
||||||
|
loading happens as follows: When Vervis runs for the first time (this is
|
||||||
|
checked by detecting that the database is empty, no tables), it generates and
|
||||||
|
writes key files, and it's an error if any of them already exist. Otherwise, on
|
||||||
|
the next time(s) Vervis runs, it requires all key files to exist, and an error
|
||||||
|
is raised if any are missing.
|
||||||
|
|
||||||
|
If you're running Vervis for the first time, i.e. the database is still empty,
|
||||||
|
and for some reason you'd like Vervis to load some existing key files, while
|
||||||
|
generating the rest, run this:
|
||||||
|
|
||||||
|
$ touch _keyfile_import_existing
|
||||||
|
|
||||||
Run.
|
Run.
|
||||||
|
|
||||||
$ stack exec vervis
|
$ stack exec vervis
|
||||||
|
|
||||||
|
When you update Vervis to a newer version, it's possible the software now uses
|
||||||
|
some new key files, and Vervis will raise an error about those key files
|
||||||
|
missing in the filesystem. You can ask Vervis to generate missing files, and
|
||||||
|
load the rest as usual:
|
||||||
|
|
||||||
|
$ touch _keyfile_write_missing
|
||||||
|
$ stack exec vervis
|
||||||
|
|
||||||
Browse to `http://localhost:3000` and have fun!
|
Browse to `http://localhost:3000` and have fun!
|
||||||
|
|
||||||
`yesod devel` is another way to run the application, useful for rapid
|
`yesod devel` is another way to run the application, useful for rapid
|
||||||
|
|
Loading…
Reference in a new issue