openbsd-ports/mail/archiveopteryx/pkg
2011-06-02 13:41:36 +00:00
..
aox.rc Make use of rcexec in rc_start. 2011-03-20 09:19:25 +00:00
DESCR Import archiveopteryx 3.1.3: 2011-01-09 09:36:21 +00:00
PLIST Sanitize some @unexec/@extraunexec calls to rm: move them up in the 2011-05-11 12:57:47 +00:00
README Add a consistent header that substitutes FULLPKGNAME for the READMEs. 2011-06-02 13:41:36 +00:00

$OpenBSD: README,v 1.2 2011/06/02 13:41:39 ajacoutot Exp $

+-----------------------------------------------------------------------
| Running ${FULLPKGNAME} on OpenBSD
+-----------------------------------------------------------------------

Archiveopteryx is now installed, and sample configuration files were
created in ${SYSCONFDIR}/archiveopteryx.conf and ${SYSCONFDIR}/aoxsuper.conf

Before using it, you will need to create PostgreSQL users and database,
and you'll need to set aox db user password in archiveopteryx.conf,
and aoxsuper db user password in aoxsuper.conf.

Database initialisation
=======================
Assuming you have an administrative account named `postgres',
you can create the aox/aoxsuper users and archiveopteryx database like
this:

createuser -U postgres --pwprompt --no-superuser --no-createdb \
	--no-createrole aox
createuser -U postgres --pwprompt --no-superuser --no-createdb \
	--no-createrole aoxsuper
createdb -U postgres -T template0 -E UTF8 -O aoxsuper archiveopteryx

Now load the database schema:

psql -U postgres archiveopteryx -f - <<PSQL;
\set ON_ERROR_STOP
SET SESSION AUTHORIZATION aoxsuper;
SET client_min_messages TO 'ERROR';
\i ${TRUEPREFIX}/libexec/archiveopteryx/schema.pg
\i ${TRUEPREFIX}/libexec/archiveopteryx/flag-names
\i ${TRUEPREFIX}/libexec/archiveopteryx/field-names
\i ${TRUEPREFIX}/libexec/archiveopteryx/downgrades
PSQL

Grant privileges to user 'aox':

aox grant privileges aox

If performing an upgrade, you might need to update schema with:

aox upgrade schema

Certificate generation
======================
By default, archiveopteryx uses TLS (unless use-tls is set to no), so it
needs an ssl certificate file in /etc/ssl/archiveopteryx.pem containing
both private key and signed certificate to function properly. If you
don't already have one, edit /etc/ssl/archiveopteryx-openssl.conf to fit
your needs (only CA field is mandatory) and generate a self-signed
certificate with the following command:

openssl req -config /etc/ssl/archiveopteryx-openssl.conf -x509 -days \
	1764 -newkey rsa -nodes -keyout /etc/ssl/archiveopteryx.pem \
	-out /etc/ssl/archiveopteryx.pem

Startup/Shutdown configuration
==============================
Make sure to startup archiveopteryx after your DB server.
aox show status can give you the status of processes.

Now refer to http://www.archiveopteryx.org/ for more fine-tuned
configuration.