Commit ca6b38c5 authored by jz143's avatar jz143
Browse files

open port 444

parent 8d1a89b4
......@@ -13,6 +13,10 @@ cap production deploy
### Run worker on signing server
1. Git clone this repository
2. Gather config files. Most files should be identical to production web app server, except that the MySQL username is `'appstore_sign'@''`, which allows remote usage but with fewer privileges.
scp config/database.yml config/secrets.yml config/settings.local.yml
# be sure to edit config/database.yml on signing server to use the remote MySQL user
3. Set up a crontab:
......@@ -30,7 +34,7 @@ unix:///home/appstore/appstore/shared/tmp/sockets/puma.sock
* Logrotate
* Logrotate (seems like Logger has rotation capability)
* Only keep most recent 3 app versions
* Add ability for app owner to test the app, app version before marking them as 'Published'
* API for app authors to get latest version info from Duke App Store and prompt users to update their apps
......@@ -42,6 +42,9 @@ ip6tables -A OUTPUT -p ipv6-icmp --icmpv6-type echo-reply -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT
# Open 444 for staging access
iptables -A INPUT -p tcp --dport 444 -m conntrack --ctstate NEW -j ACCEPT
# (IPv4-only) Allow access to MySQL and Redis from Mac worker
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment