Commit ca6b38c5 authored by jz143's avatar jz143

open port 444

parent 8d1a89b4
......@@ -13,6 +13,10 @@ cap production deploy
### Run worker on signing server
1. Git clone this repository
2. Gather config files. Most files should be identical to production web app server, except that the MySQL username is `'appstore_sign'@'152.3.124.119'`, which allows remote usage but with fewer privileges.
```
scp config/database.yml config/secrets.yml config/settings.local.yml appstore@appstore-mac.colab.managed.jiehan.org:~/appstore_sign/config/
# be sure to edit config/database.yml on signing server to use the remote MySQL user
```
3. Set up a crontab:
```
@reboot
......@@ -30,7 +34,7 @@ unix:///home/appstore/appstore/shared/tmp/sockets/puma.sock
```
## TODO
* Logrotate
* Logrotate (seems like Logger has rotation capability)
* Only keep most recent 3 app versions
* Add ability for app owner to test the app, app version before marking them as 'Published'
* API for app authors to get latest version info from Duke App Store and prompt users to update their apps
......
......@@ -42,6 +42,9 @@ ip6tables -A OUTPUT -p ipv6-icmp --icmpv6-type echo-reply -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT
# Open 444 for staging access
iptables -A INPUT -p tcp --dport 444 -m conntrack --ctstate NEW -j ACCEPT
# (IPv4-only) Allow access to MySQL and Redis from Mac worker
ALLOW_IP_ADDRESS=152.3.124.119
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment