# HG changeset patch # User wenzelm # Date 1576522499 -3600 # Node ID 8d21cba3bad46f158199084dfa31c3d319f5095b # Parent 16e3662217e99a2ab4a62e0405470225bf3a3817 tuned documentation; diff -r 16e3662217e9 -r 8d21cba3bad4 src/Doc/System/Phabricator.thy --- a/src/Doc/System/Phabricator.thy Mon Dec 16 19:54:31 2019 +0100 +++ b/src/Doc/System/Phabricator.thy Mon Dec 16 19:54:59 2019 +0100 @@ -37,7 +37,7 @@ \<^item> Phabricator development \<^url>\https://secure.phabricator.com\ \<^item> Wikimedia development \<^url>\https://phabricator.wikimedia.org\ - \<^item> Blender development \<^url>\https://developer.blender.org/\ + \<^item> Blender development \<^url>\https://developer.blender.org\ \<^item> Mercurial development \<^url>\https://phab.mercurial-scm.org\ \<^item> Isabelle development \<^url>\https://isabelle-dev.sketis.net\ @@ -61,11 +61,11 @@ For production use, a proper \<^emph>\Virtual Server\ or \<^emph>\Root Server\ product from a hosting provider will be required, including an Internet Domain Name - (a pseudo sub-domain in the style of Apache is sufficient). + (\secref{sec:phabricator-domain}). Initial experimentation also works on a local host, e.g.\ via VirtualBox\<^footnote>\\<^url>\https://www.virtualbox.org\\. The public domain \<^verbatim>\lvh.me\ is - used below: it maps arbitrary subdomains to \<^verbatim>\localhost\. + used by default: it maps arbitrary subdomains to \<^verbatim>\localhost\. All administrative commands need to be run as \<^verbatim>\root\ user (e.g.\ via \<^verbatim>\sudo\). Note that Isabelle refers to user-specific configuration in the @@ -81,8 +81,8 @@ Isabelle can manage multiple named Phabricator installations: this allows to separate administrative responsibilities, e.g.\ different approaches to user management for different projects. Subsequently we always use the default - name ``\<^verbatim>\vcs\'': it will appear in file and directory locations, internal - database names and URLs. + name ``\<^verbatim>\vcs\'': the name will appear in file and directory locations, + internal database names and URLs. The initial setup works as follows (with full Linux package upgrade): @@ -90,8 +90,8 @@ After installing many packages, cloning the Phabricator distribution, initializing the MySQL database and Apache, the tool prints an URL for - further configuration. The following needs to be provided by the web - interface: + further configuration. Now the following needs to be provided by the web + interface. \<^item> An initial user that will get administrator rights. There is no need to create a special \<^verbatim>\admin\ account. Instead, a regular user that will take @@ -105,8 +105,8 @@ Alternatively, Phabricator can delegate the responsibility of authentication to big corporations like Google and Facebook, but these can - be ignored. Genuine self-hosting means to manage users directly, without - outsourcing of authentication. + be easily ignored. Genuine self-hosting means to manage users directly, + without outsourcing of authentication. \<^item> A proper password for the administrator can now be set, e.g.\ by the following command: @@ -120,14 +120,14 @@ Auth Provider is already active. \<^item> The list of Phabricator \<^bold>\Setup Issues\ should be studied with some - care, to make sure that no serious problems are remaining. The request to - lock the configuration can be fulfilled as follows: + care, to make sure that no serious problems are remaining. For example, + the request to lock the configuration can be fulfilled as follows: @{verbatim [display] \ isabelle phabricator bin/auth lock\} \<^medskip> A few other Setup Issues might be relevant as well, e.g.\ the timezone of the server. Some more exotic points can be ignored: Phabricator - provides careful explanations about what it thinks could be wrong, always + provides careful explanations about what it thinks could be wrong, while leaving some room for interpretation. \ @@ -167,7 +167,7 @@ \<^verbatim>\isabelle phabricator_setup_mail\. \<^medskip> - This is how to query the current mail configuration: + The effective mail configuration can be queried like this: @{verbatim [display] \ isabelle phabricator bin/config get cluster.mailers\} \ @@ -179,20 +179,20 @@ SSH configuration is optional, but important to access hosted repositories with public-key authentication. - The subsequent configuration is convenient, but also ambitious: it takes - away the standard port 22 from the operating system and assigns it to - Isabelle/Phabricator: + The subsequent configuration is convenient (and ambitious): it takes away + the standard port 22 from the operating system and assigns it to + Isabelle/Phabricator. @{verbatim [display] \ isabelle phabricator_setup_ssh -p 22 -q 222\} Afterwards, remote login to the server host needs to use that alternative - port 222. If there is a problem with it, the administrator can usually - connect to a remote console via some web interface of the virtual server + port 222. If there is a problem connecting again, the administrator can + usually access a remote console via some web interface of the virtual server provider. \<^medskip> The following alternative is more modest: it uses port 2222 for Phabricator, - and retains port 22 for the operating system: + and retains port 22 for the operating system. @{verbatim [display] \ isabelle phabricator_setup_ssh -p 2222 -q 22\} @@ -202,7 +202,7 @@ \ -subsection \Public domain name and HTTPS configuration\ +subsection \Public domain name and HTTPS configuration \label{sec:phabricator-domain}\ text \ So far the Phabricator server has been accessible only on \<^verbatim>\localhost\ (via @@ -229,15 +229,16 @@ \<^verbatim>\vcs.example.org\. \<^item> Inform Phabricator about its new domain name like this: - @{verbatim [display] \ isabelle phabricator bin/config set + @{verbatim [display] \ isabelle phabricator bin/config set \ phabricator.base-uri https://vcs.example.org\} - \<^item> Visit the website \<^verbatim>\https://vcs.example.org\ and continue Phabricator - configuration as described before. The following options are particularly - relevant for a public website: + \<^item> Visit the website \<^verbatim>\https://vcs.example.org\ and configure Phabricator + as described before. The following options are particularly relevant for a + public website: \<^item> \<^emph>\Auth Provider / Username/Password\: disable \<^emph>\Allow Registration\ to - avoid arbitrary registrants; users can be invited via email instead. + avoid uncontrolled registrants; users can still be invited via email + instead. \<^item> Enable \<^verbatim>\policy.allow-public\ to allow read-only access to resources, without requiring user registration. @@ -258,7 +259,7 @@ \<^enum> Multiple \<^emph>\MySQL databases\ with a common prefix derived from the installation name --- the same name is used as database user name. - The Linux root user may invoke \<^verbatim>\/usr/local/bin/isabelle-phabricator-dump\ + The root user may invoke \<^verbatim>\/usr/local/bin/isabelle-phabricator-dump\ to create a complete database dump within the root directory. Afterwards it is sufficient to make a conventional \<^bold>\file-system backup\ of everything. To restore the database state, see the explanations on \<^verbatim>\mysqldump\ in @@ -275,12 +276,12 @@ works as follows. Run on the first installation root directory: @{verbatim [display] \ phabricator/bin/storage dump > dump1.sql - phabricator/bin/storage renamespace --from phabricator_vcs + phabricator/bin/storage renamespace --from phabricator_vcs \ --to phabricator_xyz --input dump1.sql --output dump2.sql\} - Now run on the second installation root directory: + Them run on the second installation root directory: @{verbatim [display] \ phabricator/bin/storage destroy - phabricator/bin/storage shell < dump2.sql\} + phabricator/bin/storage shell < .../dump2.sql\} Local configuration in \<^verbatim>\phabricator/config/local/\ and hosted repositories need to be treated separately within the file-system. For the latter @@ -368,8 +369,8 @@ subsection \\<^verbatim>\isabelle phabricator_setup\\ text \ - The @{tool_def phabricator_setup} installs a fresh Phabricator instance on - Ubuntu 18.04 LTS: + The @{tool_def phabricator_setup} tool installs a fresh Phabricator instance + on Ubuntu 18.04 LTS: @{verbatim [display] \Usage: isabelle phabricator_setup [OPTIONS] Options are: @@ -401,7 +402,7 @@ \<^medskip> Option \<^verbatim>\-U\ ensures a full update of system packages, before installing - further packages required by Phabricator. This might require to reboot. + further packages required by Phabricator. This might require a reboot. Option \<^verbatim>\-M:\ installs a standard Mercurial release from source: this works better than the package provided by Ubuntu 18.04. Alternatively, an explicit @@ -430,8 +431,8 @@ subsection \\<^verbatim>\isabelle phabricator_setup_mail\\ text \ - The @{tool_def phabricator_setup_mail} provides mail configuration for an - existing Phabricator installation: + The @{tool_def phabricator_setup_mail} tool provides mail configuration for + an existing Phabricator installation: @{verbatim [display] \Usage: isabelle phabricator_setup_mail [OPTIONS] Options are: @@ -472,7 +473,7 @@ subsection \\<^verbatim>\isabelle phabricator_setup_ssh\\ text \ - The @{tool_def phabricator_setup_ssh} configures a special SSH service + The @{tool_def phabricator_setup_ssh} tool configures a special SSH service for all Phabricator installations: @{verbatim [display] \Usage: isabelle phabricator_setup_ssh [OPTIONS]