X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/908261de15c98553a4200f01aff1f26ef57c8fb8..cc952178056bf6d29471f6986306fb673dcf394a:/doc/install/install-sso.html.textile.liquid
diff --git a/doc/install/install-sso.html.textile.liquid b/doc/install/install-sso.html.textile.liquid
index 1a3e4b380a..b2a4f671a3 100644
--- a/doc/install/install-sso.html.textile.liquid
+++ b/doc/install/install-sso.html.textile.liquid
@@ -3,6 +3,11 @@ layout: default
navsection: installguide
title: Install the Single Sign On (SSO) server
...
+{% comment %}
+Copyright (C) The Arvados Authors. All rights reserved.
+
+SPDX-License-Identifier: CC-BY-SA-3.0
+{% endcomment %}
h2(#dependencies). Install prerequisites
@@ -77,85 +82,16 @@ There are other configuration options in @/etc/arvados/sso/application.yml@. See
h2(#database). Set up the database
-If PostgreSQL was newly installed as a dependency of the @arvados-sso-server@ package, you will need to start the service.
-
-On a Debian-based system:
-
-
-~$ sudo service postgresql start
-
-
-
-On a Red Hat-based system, we also need to initialize the database system:
-
-
-~$ sudo service postgresql initdb
-~$ sudo service postgresql start
-
-
-
-{% include 'notebox_begin' %}
-
-If you are installing on CentOS6, you will need to modify PostgreSQL's configuration to allow password authentication for local users. The default configuration allows 'ident' only. The following commands will make the configuration change, and restart PostgreSQL for it to take effect.
-
-
-~$ sudo sed -i -e "s/127.0.0.1\/32 ident/127.0.0.1\/32 md5/" /var/lib/pgsql/data/pg_hba.conf
-~$ sudo sed -i -e "s/::1\/128 ident/::1\/128 md5/" /var/lib/pgsql/data/pg_hba.conf
-~$ sudo service postgresql restart
-
-
-{% include 'notebox_end' %}
-
-
-Next, generate a new database password. Nobody ever needs to memorize it or type it, so make a strong one:
-
-
-~$ ruby -e 'puts rand(2**128).to_s(36)'
-abcdefghijklmnopqrstuvwxyz012345689
-
-
-Configure the SSO server to connect to your database by updating @/etc/arvados/sso/database.yml@. Replace the @xxxxxxxx@ database password placeholder with the new password you generated above. Be sure to update the @production@ section.
+Configure the SSO server to connect to your database by updating @/etc/arvados/sso/database.yml@. Replace the @xxxxxxxx@ database password placeholder with the "password you generated during database setup":install-postgresql.html#sso. Be sure to update the @production@ section.
~$ editor /etc/arvados/sso/database.yml
-Create a new database user with permission to create its own databases.
-
-
-~$ sudo -u postgres createuser --createdb --encrypted -R -S --pwprompt arvados_sso
-Enter password for new role: paste-database-password-you-generated
-Enter it again: paste-database-password-you-generated
-
-
-Rails will take care of creating the database, based on the information from @/etc/arvados/sso/database.yml@.
-
-Alternatively, if the database user you intend to use for the SSO server should not be allowed to create new databases, the user and the database can be created like this:
-
-
-~$ sudo -u postgres createuser --encrypted -R -S --pwprompt arvados_sso
-Enter password for new role: paste-database-password-you-generated
-Enter it again: paste-database-password-you-generated
-~$ sudo -u postgres createdb arvados_sso_production -E UTF8 -O arvados_sso -T template0
-
-
h2(#reconfigure_package). Reconfigure the package
-Now that the @/etc/arvados/sso/application.yml@ and @/etc/arvados/sso/database.yml@ files have been updated, we need to reconfigure our installed package. Doing so will create and/or initialize the database and precompile the assets.
-
-On a Debian-based system:
-
-
-~$ sudo dpkg-reconfigure arvados-sso-server
-
-
-
-On a Red Hat-based system, we need to reinstall the package instead:
-
-
-~$ sudo yum reinstall arvados-sso-server
-
-
+{% assign railspkg = "arvados-sso-server" %}
+{% include 'install_rails_reconfigure' %}
h2(#client). Create arvados-server client
@@ -300,14 +236,12 @@ In order to use Google+ authentication, you must use the "---YOUR---CLIENT---ID---HERE--"-
google_oauth2_client_secret: "---YOUR---CLIENT---SECRET---HERE--"-
-
-