src/configuring.rst - couchdb-documentation - Git at Google

 .. Licensed under the Apache License, Version 2.0 (the "License"); you may not
 .. use this file except in compliance with the License. You may obtain a copy of
 .. the License at
 ..
 ..   http://www.apache.org/licenses/LICENSE-2.0
 ..
 .. Unless required by applicable law or agreed to in writing, software
 .. distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 .. WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 .. License for the specific language governing permissions and limitations under
 .. the License.

 .. _configuring:

 ===================
 Configuring CouchDB
 ===================

 .. todo:: Configuring CouchDB

 CouchDB Configuration Files
 ===========================

 .. todo:: CouchDB Configuration Files

 Configuration File Locations
 ============================

 CouchDB reads files from the following locations, in the following
 order.

 1. ``PREFIX/default.ini``

 2. ``PREFIX/default.d/*``

 3. ``PREFIX/local.ini``

 4. ``PREFIX/local.d/*``

 Settings in successive documents override the settings in earlier
 entries. For example, setting the ``bind_address`` parameter in
 ``local.ini`` would override any setting in ``default.ini``.

 .. warning::
    The ``default.ini`` file may be overwritten during an upgrade or
    re-installation, so localised changes should be made to the
    ``local.ini`` file or files within the ``local.d`` directory.

 .. _update-notifications:

 Update Notifications
 ====================

 .. todo:: Update Notifications


 MochiWeb Server Options
 =======================

 Server options for the MochiWeb component of CouchDB can be added to the
 configuration files. Settings should be added to the ``server_options``
 option of the ``[httpd]`` section of ``local.ini``. For example:

 .. code-block:: ini

     [httpd]
     server_options = [{backlog, 128}, {acceptor_pool_size, 16}]

 Socket Options Configuration Setting
 ====================================

 The socket options for the listening socket in CouchDB can now be set
 within the CouchDB configuration file. The setting should be added to
 the ``[httpd]`` section of the file using the option name
 ``socket_options``. The specification is as a list of tuples. For
 example:

 .. code-block:: ini

     [httpd]
     socket_options = [{recbuf, 262144}, {sndbuf, 262144}, {nodelay, true}]

 The options supported are a subset of full options supported by the
 TCP/IP stack. A list of the supported options are provided in the
 `Erlang inet`_ documentation.

 .. _Erlang inet: http://www.erlang.org/doc/man/inet.html#setopts-2

 ``vhosts`` definitions
 ======================

 Similar to the rewrites section of a ``_design`` document, the
 ``vhosts`` system uses variables in the form of ``:varname`` or wildcards in
 the form of asterisks. The variable results can be output into the
 resulting path as they are in the rewriter.


 Configuring Server Administrators
 =================================

 A default CouchDB install provides admin-level access to all connecting users.
 This configuration is known as ``Admin Party``, and is not recommended for
 in-production usage. You can crash the party simply by creating the first
 admin account. CouchDB server administrators and passwords are not stored
 in the ``_users`` database, but in the ``local.ini`` file, which should be
 appropriately secured and readable only by system administrators.

 .. code-block:: ini

     [admins]
     ;admin = mysecretpassword
     admin = -hashed-6d3c30241ba0aaa4e16c6ea99224f915687ed8cd,7f4a3e05e0cbc6f48a0035e3508eef90
     architect = -pbkdf2-43ecbd256a70a3a2f7de40d2374b6c3002918834,921a12f74df0c1052b3e562a23cd227f,10000

 Administrators can be added directly to the ``[admins]`` section, and when
 CouchDB is restarted, the passwords will be salted and encrypted. By using
 the HTTP, administrator accounts may be created immediately without needing
 a restart, nor of storing the plaintext password temporarily. The HTTP
 ``_config/admins`` endpoint supports querying, deleting or creating new
 administrator accounts:

 .. code-block:: bash

     shell> GET /_config/admins HTTP/1.1
         Accept: application/json
         Host: localhost:5984

     HTTP/1.1 200 OK
         Cache-Control: must-revalidate
         Content-Length: 196
         Content-Type: application/json
         Date: Fri, 30 Nov 2012 11:37:18 GMT
         Server: CouchDB/1.3.0 (Erlang OTP/R15B02)

 .. code-block:: json

         {
             "admin": "-hashed-6d3c30241ba0aaa4e16c6ea99224f915687ed8cd,7f4a3e05e0cbc6f48a0035e3508eef90",
             "architect": "-pbkdf2-43ecbd256a70a3a2f7de40d2374b6c3002918834,921a12f74df0c1052b3e562a23cd227f,10000"
         }

 Further details are available in ``security_``, including configuring the
 work factor for ``PBKDF2``, and the algorithm itself at
 `PBKDF2 (RFC-2898) <http://tools.ietf.org/html/rfc2898>`_.

 .. versionadded::
     1.3.0 ``PBKDF2`` server-side hashed salted password support added,
     now as a synchronous call for the ``_config/admins`` API.
	.. Licensed under the Apache License, Version 2.0 (the "License"); you may not
	.. use this file except in compliance with the License. You may obtain a copy of
	.. the License at
	..
	.. http://www.apache.org/licenses/LICENSE-2.0
	..
	.. Unless required by applicable law or agreed to in writing, software
	.. distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
	.. WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
	.. License for the specific language governing permissions and limitations under
	.. the License.

	.. _configuring:

	===================
	Configuring CouchDB
	===================

	.. todo:: Configuring CouchDB

	CouchDB Configuration Files
	===========================

	.. todo:: CouchDB Configuration Files

	Configuration File Locations
	============================

	CouchDB reads files from the following locations, in the following
	order.

	1. ``PREFIX/default.ini``

	2. ``PREFIX/default.d/*``

	3. ``PREFIX/local.ini``

	4. ``PREFIX/local.d/*``

	Settings in successive documents override the settings in earlier
	entries. For example, setting the ``bind_address`` parameter in
	``local.ini`` would override any setting in ``default.ini``.

	.. warning::
	The ``default.ini`` file may be overwritten during an upgrade or
	re-installation, so localised changes should be made to the
	``local.ini`` file or files within the ``local.d`` directory.

	.. _update-notifications:

	Update Notifications
	====================

	.. todo:: Update Notifications


	MochiWeb Server Options
	=======================

	Server options for the MochiWeb component of CouchDB can be added to the
	configuration files. Settings should be added to the ``server_options``
	option of the ``[httpd]`` section of ``local.ini``. For example:

	.. code-block:: ini

	[httpd]
	server_options = [{backlog, 128}, {acceptor_pool_size, 16}]

	Socket Options Configuration Setting
	====================================

	The socket options for the listening socket in CouchDB can now be set
	within the CouchDB configuration file. The setting should be added to
	the ``[httpd]`` section of the file using the option name
	``socket_options``. The specification is as a list of tuples. For
	example:

	.. code-block:: ini

	[httpd]
	socket_options = [{recbuf, 262144}, {sndbuf, 262144}, {nodelay, true}]

	The options supported are a subset of full options supported by the
	TCP/IP stack. A list of the supported options are provided in the
	`Erlang inet`_ documentation.

	.. _Erlang inet: http://www.erlang.org/doc/man/inet.html#setopts-2

	``vhosts`` definitions
	======================

	Similar to the rewrites section of a ``_design`` document, the
	``vhosts`` system uses variables in the form of ``:varname`` or wildcards in
	the form of asterisks. The variable results can be output into the
	resulting path as they are in the rewriter.


	Configuring Server Administrators
	=================================

	A default CouchDB install provides admin-level access to all connecting users.
	This configuration is known as ``Admin Party``, and is not recommended for
	in-production usage. You can crash the party simply by creating the first
	admin account. CouchDB server administrators and passwords are not stored
	in the ``_users`` database, but in the ``local.ini`` file, which should be
	appropriately secured and readable only by system administrators.

	.. code-block:: ini

	[admins]
	;admin = mysecretpassword
	admin = -hashed-6d3c30241ba0aaa4e16c6ea99224f915687ed8cd,7f4a3e05e0cbc6f48a0035e3508eef90
	architect = -pbkdf2-43ecbd256a70a3a2f7de40d2374b6c3002918834,921a12f74df0c1052b3e562a23cd227f,10000

	Administrators can be added directly to the ``[admins]`` section, and when
	CouchDB is restarted, the passwords will be salted and encrypted. By using
	the HTTP, administrator accounts may be created immediately without needing
	a restart, nor of storing the plaintext password temporarily. The HTTP
	``_config/admins`` endpoint supports querying, deleting or creating new
	administrator accounts:

	.. code-block:: bash

	shell> GET /_config/admins HTTP/1.1
	Accept: application/json
	Host: localhost:5984

	HTTP/1.1 200 OK
	Cache-Control: must-revalidate
	Content-Length: 196
	Content-Type: application/json
	Date: Fri, 30 Nov 2012 11:37:18 GMT
	Server: CouchDB/1.3.0 (Erlang OTP/R15B02)

	.. code-block:: json

	{
	"admin": "-hashed-6d3c30241ba0aaa4e16c6ea99224f915687ed8cd,7f4a3e05e0cbc6f48a0035e3508eef90",
	"architect": "-pbkdf2-43ecbd256a70a3a2f7de40d2374b6c3002918834,921a12f74df0c1052b3e562a23cd227f,10000"
	}

	Further details are available in ``security_``, including configuring the
	work factor for ``PBKDF2``, and the algorithm itself at
	`PBKDF2 (RFC-2898) <http://tools.ietf.org/html/rfc2898>`_.

	.. versionadded::
	1.3.0 ``PBKDF2`` server-side hashed salted password support added,
	now as a synchronous call for the ``_config/admins`` API.