-
-
Save mamiysr/043f21395aa9b2c6697c0b3ef1147312 to your computer and use it in GitHub Desktop.
CouchDB 2.0 on Ubuntu 16.04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # See also: http://docs.couchdb.org/en/latest/cluster/index.html | |
| # Before you can add nodes to form a cluster, you have to have them listen on a public ip address | |
| # and set up an admin user (use same admin:password for all nodes). | |
| # Do this, once per node: | |
| # If you have installed couchdb in /opt (else change the Path) | |
| cd /opt/couchdb/etc | |
| cp local.ini local.ini.orig | |
| cp vm.args vm.args.orig | |
| nano local.ini | |
| # Make the following changes to local.ini | |
| # Choose one of the ports for each node: 15984 or 25984 or 35984 | |
| # --- local.ini --- | |
| [chttpd] | |
| bind_address = 0.0.0.0 | |
| port = 15984 | |
| [admins] | |
| admin = password | |
| # --- end local.ini --- | |
| nano vm.args | |
| # Change the line -name couchdb: use the relevant individual IP address of CouchDB node | |
| # Let all user names be the same e.g.: couchdb (actually I am not sure about this, perhaps they may have different names) | |
| # --- vm.args --- | |
| -name couchdb@<your-ip-address> | |
| # --- end --- | |
| # Restart couchdb: Refer to the install file below | |
| service couchdb stop | |
| service couchdb start | |
| # Now follow: http://docs.couchdb.org/en/latest/cluster/setup.html#the-cluster-setup-api | |
| # See also: http://docs.couchdb.org/en/latest/cluster/nodes.html | |
| # Note here: to delete a doc you need the revision number of the document, thus | |
| # | |
| # curl -X GET "http://sinan:anna2211@localhost:5986/_nodes/_all_docs" | |
| # | |
| # That returns something like: {...{"id":"couchdb@<one_of_your-ip-addresses>","key":"couchdb@<one_of_your-ip-addresses>","value":{"rev":"1-967a00dff5e02add41819138abb3284d"}} | |
| # | |
| # curl -X DELETE "http://localhost:5986/_nodes/couchdb@<one_of_your-ip-addresses>?rev=1-967a00dff5e02add41819138abb3284d" -d {} | |
| # When this works you can setup load balancer and SSL |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; (a) Update the file: /opt/couchdb/etc/local.ini (or where it is placed on your installation of choice, here it is /opt) | |
| ; $ cp local.ini local.ini.orig" make the changes to the local.ini (copy) file | |
| ; | |
| ; (b) Remember to restart couchdb after changing the configuration file (unless it is done automatically via Fauxton): | |
| ; $ service couchdb stop | |
| ; $ service couchdb start | |
| ; (c) The below configuration is good for e.g. going through nginx load balancer with ssl | |
| ; (d) It also works with: https://github.com/nolanlawson/pouchdb-authentication | |
| ; To use couchdb | |
| ; $ curl http://your_admin_username:your_admin_password@localhost:5984/_utils | |
| ; CouchDB Configuration Settings | |
| ; Custom settings should be made in this file. They will override settings | |
| ; in default.ini, but unlike changes made to default.ini, this file won't be | |
| ; overwritten on server upgrade. | |
| [couchdb] | |
| ;max_document_size = 4294967296 ; bytes | |
| ;os_process_timeout = 5000 | |
| max_dbs_open = 1024 | |
| ; WARNING: use your own uuid number from the default local.ini (not this one!!!) | |
| uuid = d8d71e73f8fe69c821b848d5f4c685af | |
| [couch_peruser] | |
| ; If enabled, couch_peruser ensures that a private per-user database | |
| ; exists for each document in _users. These databases are writable only | |
| ; by the corresponding user. Databases are in the following form: | |
| ; userdb-{hex encoded username} | |
| enable = true | |
| ; If set to true and a user is deleted, the respective database gets | |
| ; deleted as well. | |
| ;delete_dbs = true | |
| [chttpd] | |
| ; Single-node: use e.g. 5984 | |
| ; Cluster: use e.g. 15984 for the first node, 25984 for the second node, 35984 for the third node | |
| port = 5984 | |
| ; IMPORTANT: bind_address settings see: http://docs.couchdb.org/en/latest/config/http.html | |
| bind_address = 0.0.0.0 | |
| socket_options = [{recbuf, 262144}, {sndbuf, 262144}, {nodelay, true}] | |
| [httpd] | |
| ; NOTE that this only configures the "backend" node-local port, not the | |
| ; "frontend" clustered port. You probably don't want to change anything in | |
| ; this section. | |
| ; Uncomment next line to trigger basic-auth popup on unauthorized requests. | |
| WWW-Authenticate = Basic realm="administrator" | |
| ; Uncomment next line to set the configuration modification whitelist. Only | |
| ; whitelisted values may be changed via the /_config URLs. To allow the admin | |
| ; to change this value over HTTP, remember to include {httpd,config_whitelist} | |
| ; itself. Excluding it from the list would require editing this file to update | |
| ; the whitelist. | |
| ;config_whitelist = [{httpd,config_whitelist}, {log,level}, {etc,etc}] | |
| server_options = [{backlog, 128}, {acceptor_pool_size, 16}] | |
| socket_options = [{recbuf, 262144}, {sndbuf, 262144}, {nodelay, true}] | |
| enable_cors = true | |
| ; 3 minutes = 3 * 60 * 1000 = 180000 | |
| changes_timeout = 180000 | |
| x_forwarded_host = X-Forwarded-Host | |
| x_forwarded_proto = X-Forwarded-Proto | |
| x_forwarded_ssl = X-Forwarded-Ssl | |
| ;Note that writer = stderr fits (seems to) with the systemd startup script described in the couchdb installation part in this documentation | |
| ;[log] | |
| ;level = debug | |
| writer = stderr | |
| level = warning | |
| [query_servers] | |
| ;nodejs = /usr/local/bin/couchjs-node /path/to/couchdb/share/server/main.js | |
| [httpd_global_handlers] | |
| ;_google = {couch_httpd_proxy, handle_proxy_req, <<"http://www.google.com">>} | |
| [couch_httpd_auth] | |
| ; If you set this to true, you should also uncomment the WWW-Authenticate line | |
| ; above. If you don't configure a WWW-Authenticate header, CouchDB will send | |
| ; Basic realm="server" in order to prevent you getting logged out. | |
| require_valid_user = true | |
| ; WARNING: use your own secret number from the default local.ini (not this one!!!) | |
| secret = f52f991eb7dd2033544cd8a9cc9e58e1 | |
| allow_persistent_cookies = true | |
| ; 14 days = 14 * 24 * 60 * 60 = 1209600 seconds | |
| timeout = 1209600 | |
| auth_cache_size = 1000 | |
| [os_daemons] | |
| ; For any commands listed here, CouchDB will attempt to ensure that | |
| ; the process remains alive. Daemons should monitor their environment | |
| ; to know when to exit. This can most easily be accomplished by exiting | |
| ; when stdin is closed. | |
| ;foo = /path/to/command -with args | |
| [daemons] | |
| ; enable SSL support by uncommenting the following line and supply the PEM's below. | |
| ; the default ssl port CouchDB listens on is 6984 | |
| ; httpsd = {chttpd, start_link, [https]} | |
| [ssl] | |
| ;cert_file = /full/path/to/server_cert.pem | |
| ;key_file = /full/path/to/server_key.pem | |
| ;password = somepassword | |
| ; set to true to validate peer certificates | |
| ;verify_ssl_certificates = false | |
| ; Set to true to fail if the client does not send a certificate. Only used if verify_ssl_certificates is true. | |
| ;fail_if_no_peer_cert = false | |
| ; Path to file containing PEM encoded CA certificates (trusted | |
| ; certificates used for verifying a peer certificate). May be omitted if | |
| ; you do not want to verify the peer. | |
| ;cacert_file = /full/path/to/cacertf | |
| ; The verification fun (optional) if not specified, the default | |
| ; verification fun will be used. | |
| ;verify_fun = {Module, VerifyFun} | |
| ; maximum peer certificate depth | |
| ;ssl_certificate_max_depth = 1 | |
| ; | |
| ; Reject renegotiations that do not live up to RFC 5746. | |
| ;secure_renegotiate = true | |
| ; The cipher suites that should be supported. | |
| ; Can be specified in erlang format "{ecdhe_ecdsa,aes_128_cbc,sha256}" | |
| ; or in OpenSSL format "ECDHE-ECDSA-AES128-SHA256". | |
| ;ciphers = ["ECDHE-ECDSA-AES128-SHA256", "ECDHE-ECDSA-AES128-SHA"] | |
| ; The SSL/TLS versions to support | |
| ;tls_versions = [tlsv1, 'tlsv1.1', 'tlsv1.2'] | |
| ; To enable Virtual Hosts in CouchDB, add a vhost = path directive. All requests to | |
| ; the Virual Host will be redirected to the path. In the example below all requests | |
| ; to http://example.com/ are redirected to /database. | |
| ; If you run CouchDB on a specific port, include the port number in the vhost: | |
| ; example.com:5984 = /database | |
| [vhosts] | |
| ;example.com = /database/ | |
| [update_notification] | |
| ;unique notifier name=/full/path/to/exe -with "cmd line arg" | |
| ; To create an admin account uncomment the '[admins]' section below and add a | |
| ; line in the format 'username = password'. When you next start CouchDB, it | |
| ; will change the password to a hash (so that your passwords don't linger | |
| ; around in plain-text files). You can add more admin accounts with more | |
| ; 'username = password' lines. Don't forget to restart CouchDB after | |
| ; changing this. | |
| [admins] | |
| ; WARNING: UPDATE THIS!!! | |
| ; Cluster: use the same admin user and password on all Cluster nodes | |
| admin1 = mysecretpassword1 | |
| admin2 = mysecretpassword2 | |
| [replicator] | |
| ; adjust this to your situation | |
| ; 3 minutes = 3 * 60 * 1000 = 180000 | |
| connection_timeout = 180000 | |
| use_checkpoints = true | |
| worker_batch_size = 2000 | |
| [compactions] | |
| _default = [{db_fragmentation,"70%"},{view_fragmentation,"60%"},{from,"00:00"},{to,"06:00"}] | |
| [cors] | |
| ; See also https://github.com/pouchdb/add-cors-to-couchdb | |
| ; Note: the Fauxton cors settings are slightly different | |
| origins = * | |
| credentials = true | |
| headers = accept, authorization, content-type, origin, cookie, referer, x-csrf-token | |
| methods = GET, OPTIONS, HEAD, PUT, POST, DELETE, TRACE |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Installed and tested on updated Ubuntu 16.04 Desktop and on updated server | |
| # CouchDB 2.0 version: "Commits on Dec 20, 2016" on https://github.com/apache/couchdb | |
| # Cluster i.e. more than one CouchDB node (server, instance): Install CouchDB on each node | |
| # Warning: run all the below as sudo or as root (I may not have written sudo everywhere needed) | |
| ## *** Ensure nodejs and npm are installed. These are used for Fauxton *** | |
| # Possibly update these | |
| # run this command and if it says “install” in the right column - “node” is on your system: | |
| sudo pkg --get-selections | grep node | |
| # to remove eventual old node package, run: | |
| sudo apt-get remove --purge nodejs npm | |
| # https://github.com/nodesource/distributions#debinstall | |
| curl -sL https://deb.nodesource.com/setup_7.x | sudo -E bash - | |
| # This installs both npm and nodejs (node), and creates symbolic link from node to nodejs | |
| sudo apt-get install nodejs | |
| # check versions of nodejs and npm | |
| nodejs -v | |
| which nodejs | |
| npm -v | |
| which npm | |
| # Possibly install to ensure updated versions: for Fauxton | |
| sudo npm install graceful-fs minimatch uuid coffee-script jshint node-gyp node-ninja tough-cookie babel-cli -g | |
| # *** Refer to: *** | |
| # http://docs.couchdb.org/en/latest/install/unix.html | |
| # https://github.com/apache/couchdb/blob/master/INSTALL.Unix.md | |
| sudo apt-get update | |
| sudo apt-get -y install build-essential pkg-config erlang libicu-dev libmozjs185-dev libcurl4-openssl-dev rebar | |
| # Remove old files (assumed in /usr/local/src), if any | |
| cd /usr/local/src | |
| rm -fR couchdb | |
| # get latest version of couchdb | |
| git clone https://github.com/apache/couchdb.git | |
| cd couchdb | |
| # For all configuration options. | |
| ./configure --help | |
| # If help2man, python and python sphinx are not installed then disable documentation build | |
| # configure takes a while but when final ends with the text: "You have configured Apache CouchDB, time to relax. Relax." | |
| ./configure --disable-docs | |
| # First try: make release | |
| # If problems e.g. try the below, and then again: make release | |
| touch THANKS | |
| touch /usr/lib/erlang/man/man1/x86_64-linux-gnu-gcov-tool.1.gz | |
| touch /usr/lib/erlang/man/man1/gcov-tool.1.gz | |
| # This takes a while, please be patient. This ends with text: | |
| # "You can now copy the rel/couchdb directory anywhere on your system. | |
| # Start CouchDB with ./bin/couchdb from within that directory." | |
| # If problems see above, and also: http://docs.couchdb.org/en/latest/install/troubleshooting.html | |
| make release | |
| # *** user-registration-and-security *** | |
| adduser --disabled-login --disabled-password --no-create-home --gecos "" couchdb | |
| # Copy the built couchdb release to /opt | |
| # Note: if you prefer another couchdb install location than /opt then that is fine, just adjust where relevant below | |
| cp -R /usr/local/src/couchdb/rel/couchdb /opt | |
| chown -R couchdb:couchdb /opt/couchdb | |
| # Change the permission of the CouchDB directories by running | |
| find /opt/couchdb -type d -exec chmod 0770 {} \; | |
| # Update the permissions for your .ini files | |
| chmod 0644 /opt/couchdb/etc/* | |
| # *** You can start the CouchDB server by running *** | |
| # Note: Ctrl-C to stop the couchdb | |
| # Warning: After a short trial run stop couchdb and ensure that couchdb runs as: user couchdb, when doing setup, whether single-node or cluster | |
| cd /opt/couchdb/bin | |
| ./couchdb | |
| # Try the installation | |
| # | |
| # Ubuntu server: use curl through another terminal window to the server: curl http://localhost:5984 | |
| # | |
| # Ubuntu Desktop: directly in browser on the Desktop: | |
| # http://127.0.0.1:5984/_utils/index.html | |
| # http://localhost:5984/_utils/index.html#verifyinstall | |
| # *** setup the system via Fauxton: single-node or cluster | |
| # See also: http://docs.couchdb.org/en/latest/cluster/index.html | |
| # Cluster setup can be quite teasing, but does not have to be, I will try to give a few hints below | |
| # *** systemd startup script *** | |
| # Alternative: runit startup script, see: http://docs.couchdb.org/en/latest/install/unix.html#running-as-a-daemon | |
| # From: https://wiki.ubuntu.com/systemd | |
| # This results in systemd being installed alongside upstart | |
| apt-get -y install systemd libpam-systemd systemd-ui | |
| # From: https://www.jamescoyle.net/how-to/2527-add-systemd-startup-script-for-couchdb ([Install] section is missing!) | |
| # couchdb.service is a new file. Make it: | |
| nano /etc/systemd/system/couchdb.service | |
| --- file start (do not include this line) --- | |
| [Unit] | |
| Description=Couchdb service | |
| After=network.target | |
| [Service] | |
| Type=simple | |
| User=couchdb | |
| ExecStart=/opt/couchdb/bin/couchdb -o /dev/stdout -e /dev/stderr | |
| Restart=always | |
| [Install] | |
| WantedBy=multi-user.target | |
| --- file end (do not include this line) --- | |
| # This enables CouchDB automatically after reboot | |
| systemctl daemon-reload | |
| systemctl start couchdb.service | |
| systemctl enable couchdb.service | |
| # Logging: see more about journalctl elsewhere. This shows the latest 500 logs. | |
| journalctl -u couchdb.service | tail -n 500 | |
| # *** update the configuration file, see above example of a configuration of local.ini *** | |
| service couchdb stop | |
| # update local.ini | |
| service couchdb start | |
| # Final note: If you run into a lot of trouble, you may want to start over again, simply delete the couchdb installation | |
| # and make a new a copy, this only takes a few minutes. To delete do: | |
| # To delete couchdb | |
| cd /opt | |
| rm -fR couchdb | |
| # Then start from here again, see above: cp -R /usr/local/src/couchdb/rel/couchdb /opt | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment