-
Notifications
You must be signed in to change notification settings - Fork 19
Production
This page has some collected information about how the app runs in production. Obviously since this is a public wiki, don't put anything here that should remain private.
We are running on Debian jessie.
There is an init script at /etc/init.d/sudo-humans, which starts the app using psy.
The app runs as user sudohumans and listens locally on port 5000. It doesn't need to write to many file system locations, so the source code of the running app is owned by a separate user, sudohumans-src, and is only writable by that user. Most of the source tree can be world-readable. The notable exception to this is settings.js, which contains a private Stripe API key. To prevent exposure of the private API key, the permissions of settings.js need to be 0640 with owner sudohumans-src and group sudohumans.
$ sudo /home/sudohumans/sudo-humans/scripts/deploy