Commit c5c1ab9b authored by ale's avatar ale

Document configuration parameters

parent a5c1112b
Pipeline #658 passed with stages
in 3 minutes and 16 seconds
......@@ -26,7 +26,7 @@ a specific device and an account if one is in possession of the
server-side log database (only partially mitigated by the fact that
the cookie is encrypted).
## API
# API
The server exports an API over HTTP/HTTPS, all requests should be made
using the POST method and an *application/json* Content-Type. The
......@@ -36,7 +36,7 @@ will similarly be JSON-encoded.
The API is split into two conceptually separate sets, the *log* API
and the *analysis* API.
### Log API
## Log API
`/api/add_log` (*AddLogRequest*)
......@@ -59,3 +59,25 @@ and the *analysis* API.
Returns information about a device, whether we have seen it before,
if the localization information matches the historical trend, etc.
# Configuration
The configuration is contained in a YAML-encoded file, normally
`/etc/user-meta-server.yml` (this can be changed using the
*--config* command-line flag).
The known attributes are:
* `db_uri` is the database URI. As currently only the *sqlite3* driver
is supported, this is just the path to the database file.
* `http_server` specifies standard parameters for the HTTP server:
* `tls` contains the server-side TLS configuration:
* `cert` is the path to the server certificate
* `key` is the path to the server's private key
* `ca` is the path to the CA used to validate clients
* `acl` specifies TLS-based access controls, a list of entries
with the following attributes:
* `path` is a regular expression to match the request URL path
* `cn` is a regular expression that must match the CommonName
part of the subject of the client certificate
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment