Fossil SCM
Assorted refinements to the new pre- and post-activation advice sections in www/server/index.html: nix passive voice, add a few details, add some links to related docs, etc. Also fixed a CSS indenting problem preventing correct use of <p> in <li>, then made use of the new freedom in these sections' numbered lists.
Commit
b5c2c9bf3102ed35c09f1725d5926c1ade0f918f40f965e513a2cc25eea790fa
Parent
3e183bfad836ac9…
1 file changed
+63
-55
+63
-55
| --- www/server/index.html | ||
| +++ www/server/index.html | ||
| @@ -3,10 +3,14 @@ | ||
| 3 | 3 | <style type="text/css"> |
| 4 | 4 | p { |
| 5 | 5 | margin-left: 4em; |
| 6 | 6 | margin-right: 3em; |
| 7 | 7 | } |
| 8 | + | |
| 9 | + li p { | |
| 10 | + margin-left: 0; | |
| 11 | + } | |
| 8 | 12 | |
| 9 | 13 | h2 { |
| 10 | 14 | margin-left: 1em; |
| 11 | 15 | } |
| 12 | 16 | |
| @@ -62,42 +66,42 @@ | ||
| 62 | 66 | on a host running other services without getting in the way. |
| 63 | 67 | |
| 64 | 68 | <p>This article is a quick-reference guide for setting up your own |
| 65 | 69 | Fossil server, with links to more detailed instructions specific to |
| 66 | 70 | particular systems, should you want extra help.</p> |
| 71 | + | |
| 67 | 72 | |
| 68 | 73 | <h2 id="prep">Repository Prep</h2> |
| 69 | 74 | |
| 70 | -<p> | |
| 71 | -Prior to launching a server on a Fossil repository, it is best to | |
| 72 | -prepare the repository to be served. The easiest way to do this | |
| 73 | -is to run the <a href="$ROOT/help?cmd=ui"><tt>fossil ui</tt></a> command | |
| 74 | -on a workstation and then visit the "Setup" menu. | |
| 75 | -Minimum preparation actions include:</p> | |
| 75 | +<p>Prior to serving a Fossil repository to others, consider running <a | |
| 76 | +href="$ROOT/help?cmd=ui"><tt>fossil ui</tt></a> locally and taking these | |
| 77 | +minimum recommended preparation steps:</p> | |
| 76 | 78 | |
| 77 | 79 | <ol> |
| 78 | -<li> | |
| 79 | -Ensure that you have an administrator user account and password | |
| 80 | -configured. Visit the Setup/Users page to accomplish this.</p></li> | |
| 81 | -<li> | |
| 82 | -Visit the Setup/Security-Audit page to verify that other | |
| 83 | -security-related permissions and settings are as you want them. | |
| 84 | -You might want to configure the repository to be completely private | |
| 85 | -for the initial upload and server activatation, then open access up to | |
| 86 | -the public as part of the | |
| 87 | -<a href="#postsetup">post-activation configuration refinement</a> | |
| 88 | -stage. | |
| 89 | -</p></li> | |
| 80 | + <li><p>Fossil creates only one user in a <a | |
| 81 | + href="$ROOT/help?cmd=new">new repository</a> and gives it the <a | |
| 82 | + href="../admin-v-setup.md">all-powerful Setup capability</a>. (“s”) | |
| 83 | + The default random password for that user is fairly strong against | |
| 84 | + remote attack, but because that user has so much power, you might want | |
| 85 | + to give it an even stronger password under Admin → Users.</a></li> | |
| 86 | + | |
| 87 | + <li><p>Run the Admin → Security-Audit tool to verify that other | |
| 88 | + security-related permissions and settings are as you want them. | |
| 89 | + Consider clicking the “Take it private” link on that page to lock down | |
| 90 | + the security on that site to a level appropriate to a private | |
| 91 | + repository, even if you will eventually want some public service. It's | |
| 92 | + better to start from a secure position and open up service | |
| 93 | + feature-by-feature as necessary than it is to start from a fully open | |
| 94 | + position and lock down features one by one to achieve a secure | |
| 95 | + stance.</p></li> | |
| 90 | 96 | </ol> |
| 91 | 97 | |
| 92 | -<p> | |
| 93 | -Additional configuration can be accomplished after the server is up | |
| 94 | -and running. Once the preliminary configuration is completed | |
| 95 | -upload the repository database file to the server and proceed to | |
| 96 | -activate the server using one or more of the techniques described | |
| 97 | -in the next two sections. | |
| 98 | -</p> | |
| 98 | +<p>With the repository secured, it is safe to upload a copy of the | |
| 99 | +repository file to your server and proceed with server setup, below. | |
| 100 | +Further configuration steps can wait until <a href="#postsetup">after | |
| 101 | +the server is running</a>.</p> | |
| 102 | + | |
| 99 | 103 | |
| 100 | 104 | <h2 id="methods">Activation Methods</h2> |
| 101 | 105 | |
| 102 | 106 | <p>There are basically four ways to run a Fossil server:</p> |
| 103 | 107 | |
| @@ -260,47 +264,51 @@ | ||
| 260 | 264 | href="windows/iis.md">IIS</a>, Apache, etc.</p> |
| 261 | 265 | |
| 262 | 266 | <p>We welcome <a href="../contribute.wiki">contributions</a> to fill gaps |
| 263 | 267 | (<font size="-2">❌</font>) in the table above.</p> |
| 264 | 268 | </noscript> |
| 269 | + | |
| 265 | 270 | |
| 266 | 271 | <h2 id="postsetup">Post-Activation Configuration</h2> |
| 267 | 272 | |
| 268 | -<p>After the server is up and running, additional configuration | |
| 269 | -fine-tuning can be accomplished by logging in as an administrator | |
| 270 | -and visiting the Setup menu. Pay particular attention to the | |
| 271 | -"Setup/Security-Audit" page to ensure that you have not mistakenly | |
| 272 | -configured the server in a way that might expose information that you | |
| 273 | -want to keep private. Other post-activation steps include the following:</p> | |
| 273 | +<p>After the server is up and running, log into it as the Setup user and | |
| 274 | +visit the Admin menu to finish configuring that repository for | |
| 275 | +service:</p> | |
| 274 | 276 | |
| 275 | 277 | <ol> |
| 276 | -<li> | |
| 277 | -Add additional users accounts so that all team members have appropriate | |
| 278 | -check-in and check-out access to the repository.</li> | |
| 279 | -<li> | |
| 280 | -Modify the look-and-feel of site by customizing the skin. | |
| 281 | -<li> | |
| 282 | -If the repository includes <a href="../embeddeddoc.wiki">embedded | |
| 283 | -documentation</a> then perhaps activate the search feature so that | |
| 284 | -visitors can do full-text search on your documentation. | |
| 285 | -<li> | |
| 286 | -Connect the repository to an email server so that it can send email | |
| 287 | -notifications of new check-ins or other repository activate. | |
| 288 | -<li> | |
| 289 | -Turn on the various logging features. | |
| 290 | -<li> | |
| 291 | -If you locked down the repository as completely private prior to | |
| 292 | -upload, you might want to open up access to the public once you get | |
| 293 | -everything working. Or, keep the repository private, according to | |
| 294 | -your needs. | |
| 278 | + <li><p>Add user accounts for your other team members. Use the | |
| 279 | + pre-defined user capabilities to define access policies rather than | |
| 280 | + give out those same set of capabilities redundantly to each | |
| 281 | + user.</p></li> | |
| 282 | + | |
| 283 | + <li><p>Test access to the repository from each category of non-Setup | |
| 284 | + user that you created. You may have to give your user categories some | |
| 285 | + overlooked capabilities, particularly if you followed <a | |
| 286 | + href="#prep">our earlier advice</a> to take the repository private | |
| 287 | + prior to setting up the server.</p></li> | |
| 288 | + | |
| 289 | + <li><p>Modify the repository's look and feel by <a | |
| 290 | + href="../customskin.md">customizing the skin</a>.</p></li> | |
| 291 | + | |
| 292 | + <li><p>If the repository includes <a | |
| 293 | + href="../embeddeddoc.wiki">embedded documentation</a>, consider | |
| 294 | + activating the search feature (Admin → Search) so that visitors can do | |
| 295 | + full-text search on your documentation.</p></li> | |
| 296 | + | |
| 297 | + <li><p>Now that others can be making changes to the repository, | |
| 298 | + consider monitoring them via <a href="../alerts.md">email alerts</a> | |
| 299 | + or the <a href="$ROOT/help?cmd=/timeline.rss">timeline RSS | |
| 300 | + feed</a>.</p></li> | |
| 301 | + | |
| 302 | + <li><p>Turn on the various logging features.</p></li> | |
| 295 | 303 | </ol> |
| 296 | 304 | |
| 297 | -<p> | |
| 298 | -After any signification configuration change, it is a good idea to | |
| 299 | -revisit the Setup/Security-Audit page just to double-check that you | |
| 300 | -have not created any security problems in your installation. | |
| 301 | -</p> | |
| 305 | +<p>Reload the Admin → Security-Audit page occasionally during this | |
| 306 | +process to double check that you have not mistakenly configured the | |
| 307 | +server in a way that might expose information that you want to keep | |
| 308 | +private.</p> | |
| 309 | + | |
| 302 | 310 | |
| 303 | 311 | <h2 id="more">Further Details</h2> |
| 304 | 312 | |
| 305 | 313 | <ul> |
| 306 | 314 | <li><a id="chroot" href="../chroot.md" >The Server Chroot Jail</a> |
| 307 | 315 |
| --- www/server/index.html | |
| +++ www/server/index.html | |
| @@ -3,10 +3,14 @@ | |
| 3 | <style type="text/css"> |
| 4 | p { |
| 5 | margin-left: 4em; |
| 6 | margin-right: 3em; |
| 7 | } |
| 8 | |
| 9 | h2 { |
| 10 | margin-left: 1em; |
| 11 | } |
| 12 | |
| @@ -62,42 +66,42 @@ | |
| 62 | on a host running other services without getting in the way. |
| 63 | |
| 64 | <p>This article is a quick-reference guide for setting up your own |
| 65 | Fossil server, with links to more detailed instructions specific to |
| 66 | particular systems, should you want extra help.</p> |
| 67 | |
| 68 | <h2 id="prep">Repository Prep</h2> |
| 69 | |
| 70 | <p> |
| 71 | Prior to launching a server on a Fossil repository, it is best to |
| 72 | prepare the repository to be served. The easiest way to do this |
| 73 | is to run the <a href="$ROOT/help?cmd=ui"><tt>fossil ui</tt></a> command |
| 74 | on a workstation and then visit the "Setup" menu. |
| 75 | Minimum preparation actions include:</p> |
| 76 | |
| 77 | <ol> |
| 78 | <li> |
| 79 | Ensure that you have an administrator user account and password |
| 80 | configured. Visit the Setup/Users page to accomplish this.</p></li> |
| 81 | <li> |
| 82 | Visit the Setup/Security-Audit page to verify that other |
| 83 | security-related permissions and settings are as you want them. |
| 84 | You might want to configure the repository to be completely private |
| 85 | for the initial upload and server activatation, then open access up to |
| 86 | the public as part of the |
| 87 | <a href="#postsetup">post-activation configuration refinement</a> |
| 88 | stage. |
| 89 | </p></li> |
| 90 | </ol> |
| 91 | |
| 92 | <p> |
| 93 | Additional configuration can be accomplished after the server is up |
| 94 | and running. Once the preliminary configuration is completed |
| 95 | upload the repository database file to the server and proceed to |
| 96 | activate the server using one or more of the techniques described |
| 97 | in the next two sections. |
| 98 | </p> |
| 99 | |
| 100 | <h2 id="methods">Activation Methods</h2> |
| 101 | |
| 102 | <p>There are basically four ways to run a Fossil server:</p> |
| 103 | |
| @@ -260,47 +264,51 @@ | |
| 260 | href="windows/iis.md">IIS</a>, Apache, etc.</p> |
| 261 | |
| 262 | <p>We welcome <a href="../contribute.wiki">contributions</a> to fill gaps |
| 263 | (<font size="-2">❌</font>) in the table above.</p> |
| 264 | </noscript> |
| 265 | |
| 266 | <h2 id="postsetup">Post-Activation Configuration</h2> |
| 267 | |
| 268 | <p>After the server is up and running, additional configuration |
| 269 | fine-tuning can be accomplished by logging in as an administrator |
| 270 | and visiting the Setup menu. Pay particular attention to the |
| 271 | "Setup/Security-Audit" page to ensure that you have not mistakenly |
| 272 | configured the server in a way that might expose information that you |
| 273 | want to keep private. Other post-activation steps include the following:</p> |
| 274 | |
| 275 | <ol> |
| 276 | <li> |
| 277 | Add additional users accounts so that all team members have appropriate |
| 278 | check-in and check-out access to the repository.</li> |
| 279 | <li> |
| 280 | Modify the look-and-feel of site by customizing the skin. |
| 281 | <li> |
| 282 | If the repository includes <a href="../embeddeddoc.wiki">embedded |
| 283 | documentation</a> then perhaps activate the search feature so that |
| 284 | visitors can do full-text search on your documentation. |
| 285 | <li> |
| 286 | Connect the repository to an email server so that it can send email |
| 287 | notifications of new check-ins or other repository activate. |
| 288 | <li> |
| 289 | Turn on the various logging features. |
| 290 | <li> |
| 291 | If you locked down the repository as completely private prior to |
| 292 | upload, you might want to open up access to the public once you get |
| 293 | everything working. Or, keep the repository private, according to |
| 294 | your needs. |
| 295 | </ol> |
| 296 | |
| 297 | <p> |
| 298 | After any signification configuration change, it is a good idea to |
| 299 | revisit the Setup/Security-Audit page just to double-check that you |
| 300 | have not created any security problems in your installation. |
| 301 | </p> |
| 302 | |
| 303 | <h2 id="more">Further Details</h2> |
| 304 | |
| 305 | <ul> |
| 306 | <li><a id="chroot" href="../chroot.md" >The Server Chroot Jail</a> |
| 307 |
| --- www/server/index.html | |
| +++ www/server/index.html | |
| @@ -3,10 +3,14 @@ | |
| 3 | <style type="text/css"> |
| 4 | p { |
| 5 | margin-left: 4em; |
| 6 | margin-right: 3em; |
| 7 | } |
| 8 | |
| 9 | li p { |
| 10 | margin-left: 0; |
| 11 | } |
| 12 | |
| 13 | h2 { |
| 14 | margin-left: 1em; |
| 15 | } |
| 16 | |
| @@ -62,42 +66,42 @@ | |
| 66 | on a host running other services without getting in the way. |
| 67 | |
| 68 | <p>This article is a quick-reference guide for setting up your own |
| 69 | Fossil server, with links to more detailed instructions specific to |
| 70 | particular systems, should you want extra help.</p> |
| 71 | |
| 72 | |
| 73 | <h2 id="prep">Repository Prep</h2> |
| 74 | |
| 75 | <p>Prior to serving a Fossil repository to others, consider running <a |
| 76 | href="$ROOT/help?cmd=ui"><tt>fossil ui</tt></a> locally and taking these |
| 77 | minimum recommended preparation steps:</p> |
| 78 | |
| 79 | <ol> |
| 80 | <li><p>Fossil creates only one user in a <a |
| 81 | href="$ROOT/help?cmd=new">new repository</a> and gives it the <a |
| 82 | href="../admin-v-setup.md">all-powerful Setup capability</a>. (“s”) |
| 83 | The default random password for that user is fairly strong against |
| 84 | remote attack, but because that user has so much power, you might want |
| 85 | to give it an even stronger password under Admin → Users.</a></li> |
| 86 | |
| 87 | <li><p>Run the Admin → Security-Audit tool to verify that other |
| 88 | security-related permissions and settings are as you want them. |
| 89 | Consider clicking the “Take it private” link on that page to lock down |
| 90 | the security on that site to a level appropriate to a private |
| 91 | repository, even if you will eventually want some public service. It's |
| 92 | better to start from a secure position and open up service |
| 93 | feature-by-feature as necessary than it is to start from a fully open |
| 94 | position and lock down features one by one to achieve a secure |
| 95 | stance.</p></li> |
| 96 | </ol> |
| 97 | |
| 98 | <p>With the repository secured, it is safe to upload a copy of the |
| 99 | repository file to your server and proceed with server setup, below. |
| 100 | Further configuration steps can wait until <a href="#postsetup">after |
| 101 | the server is running</a>.</p> |
| 102 | |
| 103 | |
| 104 | <h2 id="methods">Activation Methods</h2> |
| 105 | |
| 106 | <p>There are basically four ways to run a Fossil server:</p> |
| 107 | |
| @@ -260,47 +264,51 @@ | |
| 264 | href="windows/iis.md">IIS</a>, Apache, etc.</p> |
| 265 | |
| 266 | <p>We welcome <a href="../contribute.wiki">contributions</a> to fill gaps |
| 267 | (<font size="-2">❌</font>) in the table above.</p> |
| 268 | </noscript> |
| 269 | |
| 270 | |
| 271 | <h2 id="postsetup">Post-Activation Configuration</h2> |
| 272 | |
| 273 | <p>After the server is up and running, log into it as the Setup user and |
| 274 | visit the Admin menu to finish configuring that repository for |
| 275 | service:</p> |
| 276 | |
| 277 | <ol> |
| 278 | <li><p>Add user accounts for your other team members. Use the |
| 279 | pre-defined user capabilities to define access policies rather than |
| 280 | give out those same set of capabilities redundantly to each |
| 281 | user.</p></li> |
| 282 | |
| 283 | <li><p>Test access to the repository from each category of non-Setup |
| 284 | user that you created. You may have to give your user categories some |
| 285 | overlooked capabilities, particularly if you followed <a |
| 286 | href="#prep">our earlier advice</a> to take the repository private |
| 287 | prior to setting up the server.</p></li> |
| 288 | |
| 289 | <li><p>Modify the repository's look and feel by <a |
| 290 | href="../customskin.md">customizing the skin</a>.</p></li> |
| 291 | |
| 292 | <li><p>If the repository includes <a |
| 293 | href="../embeddeddoc.wiki">embedded documentation</a>, consider |
| 294 | activating the search feature (Admin → Search) so that visitors can do |
| 295 | full-text search on your documentation.</p></li> |
| 296 | |
| 297 | <li><p>Now that others can be making changes to the repository, |
| 298 | consider monitoring them via <a href="../alerts.md">email alerts</a> |
| 299 | or the <a href="$ROOT/help?cmd=/timeline.rss">timeline RSS |
| 300 | feed</a>.</p></li> |
| 301 | |
| 302 | <li><p>Turn on the various logging features.</p></li> |
| 303 | </ol> |
| 304 | |
| 305 | <p>Reload the Admin → Security-Audit page occasionally during this |
| 306 | process to double check that you have not mistakenly configured the |
| 307 | server in a way that might expose information that you want to keep |
| 308 | private.</p> |
| 309 | |
| 310 | |
| 311 | <h2 id="more">Further Details</h2> |
| 312 | |
| 313 | <ul> |
| 314 | <li><a id="chroot" href="../chroot.md" >The Server Chroot Jail</a> |
| 315 |