Page MenuHomePhabricator

[Docs] Document how to deploy identity service
ClosedPublic

Authored by jon on Jul 19 2023, 7:08 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Oct 27, 4:09 PM
Unknown Object (File)
Oct 3 2024, 12:24 AM
Unknown Object (File)
Sep 28 2024, 12:23 AM
Unknown Object (File)
Sep 28 2024, 12:23 AM
Unknown Object (File)
Sep 28 2024, 12:23 AM
Unknown Object (File)
Sep 28 2024, 12:23 AM
Unknown Object (File)
Sep 28 2024, 12:19 AM
Unknown Object (File)
Sep 25 2024, 9:55 PM
Subscribers

Details

Summary

Document how to deploy identity service, so that if another member
needs to address the deployment, they don't need to reverse engineer the actions.

https://linear.app/comm/issue/ENG-4420

Depends on D8580

Test Plan

N/A. documentation

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

varun requested changes to this revision.Jul 23 2023, 8:40 AM
varun added inline comments.
docs/nix_services_deployment.md
5 ↗(On Diff #28876)
7 ↗(On Diff #28876)
9 ↗(On Diff #28876)
23 ↗(On Diff #28876)
25 ↗(On Diff #28876)
27 ↗(On Diff #28876)
This revision now requires changes to proceed.Jul 23 2023, 8:40 AM
jon marked 6 inline comments as done.

Address feedback

This revision is now accepted and ready to land.Jul 25 2023, 12:36 PM
This revision was landed with ongoing or failed builds.Jul 27 2023, 7:50 AM
This revision was automatically updated to reflect the committed changes.

Going forward, please make sure I do a final review of docs diffs before they're landed. It's unfortunately the case that my review is still required to get things right...

docs/nix_services_deployment.md
17
  1. Typo here ("Passwor" should be "Password")
  2. "without requiring the password credentials to be stored on the server" this is a weird statement. Standard password hashing doesn't "store" passwords directly on the server either. Both OPAQUE and standard password hashing store something derived from a password on the server. The point of OPAQUE isn't about preventing a server from STORING plaintext credentials, but rather from preventing a server from ACCESSING plaintext credentials.
jon added inline comments.
docs/nix_services_deployment.md
17