From 55a17664990d1e0d9ada7e8554352889175e0390 Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Tue, 20 Sep 2022 23:44:40 +0000 Subject: [PATCH] --- devdocs/todo.txt | 39 ++++++++----------- dist/ayinit.sh | 2 +- docs/8.0/ayanova/docs/adm-attachments.md | 14 +++++++ .../ayanova/docs/ay-start-form-attachments.md | 8 ++-- docs/8.0/ayanova/mkdocs.yml | 2 +- 5 files changed, 36 insertions(+), 29 deletions(-) diff --git a/devdocs/todo.txt b/devdocs/todo.txt index e57721f4..07b72ca1 100644 --- a/devdocs/todo.txt +++ b/devdocs/todo.txt @@ -2,10 +2,16 @@ -TODO: Get minimum server size vs user count so can sell it properly +todo: test devops as production server with automated backups, upload a range of attachments, simulate crash and restore etc, run load test then backup etc see disk space consumption and make sure + backup works adn restore works as this is obvsiouly critical. + IN PROGRESS: set devops to backup at 10pm tonight + Tommorrow morning download backup, erase all data, restore it, document the process for subscription server + Also check the docs I must have documetned it there but if not then document that shit +CLIENT CHANGS TO DO NOW + STRIP OUT METRICS (maybe some of them for both types, just not working or accurate, the db and file size stuff is useful if working properly) OPS - subscriptions don't need almost all of ops nor should they have it, is any info leaking that shouldn't go through it remove with a machete (tied to build type) DOCS - ops section of docs not relevant to subscribers, add "PERPETUAL BUILD ONLY" maybe at top or something? @@ -13,37 +19,24 @@ METRIC WE DO NEED just a simple value showing storage space available for subscribers maybe usage over time? but surface outside of OPS tree in menu, in admin? backup? -todo: should alert users if low on disk space in dedicated subscription volume +todo: should alert users if low on disk space in dedicated subscription volume + in central location maybe server information or license page or whatever todo: Seeding, maybe just offer one size of seeding for trialers, there's no real use to us to offer more levels for marketing or testing people just want to try all features, v7 only had 20 workorders Keep ability for us for load testing etc, but don't offer it in the UI - + YES DO THIS FOR PERPETUAL AS WELL AS SUBSCRIPTION, CHECK DOCS TO MAKE SURE IT"S NOT MENTIONED ANYMORE todo: on a night run with full generation see how big the db actually gets, it's surprisingly time consuming to erase it right now during testing note this is important to see over time how big it gets with a continual heavy load -todo: test devops as production server with automated backups, upload a range of attachments, simulate crash and restore etc, run load test then backup etc see disk space consumption and make sure - backup works adn restore works as this is obvsiouly critical. +todo: document subscription server maximum attachment is 25mb unless they ask us to change it, actually for a subscriptin we might want to decrease that +maybe more like 5mb or something?? Need to look into it +But overall that would be a good thing to be able to show in the User interface if possible...hmmm..how to do that is tricky +can it read the nginx config file? Not likely. Maybe the config file can return a value + -TODO: Make soem SSH keys pre uploaded to DO for customers in actual usage, can't use the same key for all customers so maybe document the process of -how to make a key quickly and do that -todo: backup service pricing and product code for sales in shareit - This is where we backup their data for them to spaces "off server" for a fee - this needs to be a zip file that only takes the most recent backup file available - and we need an alerting system to check if it's working, so do it manually at first - otherwise they have chosent NOT to pay for backup service so they must download a copy of their backup - maybe it's a charge per gb? Or flat cost since spaces is relatively cheap - Needs a unique zip backup code for each site following a system of some kind - maybe each customer gets a unique value that is not guessable by anyone and used for their db account etc - - -todo: Need a place to store secrets, maybe in rockfish itself makes the most sense, but how secure is that? - it needs to be secure enough to store customer ssh passwords and db password and backup zip password - hashicorp vault thing? Rockfish queries it for the password or is this just indirection but not really secure? - In the mean time I need a system for right now, keepass maybe sb for personal stuff only as it's online and have a - separate keepass db that is only in one file not put online with the secrets in it here locally and backed up the wazoo todo: v8-migrate MUST open up server again and not leave locked , morrow had thought migration was done then couldn't login said it was erasing database @@ -54,7 +47,7 @@ todo: v8 migrate MUST have a warning to *NOT* login as superuser during migratio TODO: Migration doesn't indicate there was an error properly, it's the same dsiplay at the end regardless, it should *NOT* show export completed like normal if there was an issue todo: v8-migrate may encounter parts with no part number which will break migration if part number is the primary identifier going into name (and vice versa if the setting for part name is using v7 name and is empthy etc). For purposes of successful migration it should check at the last moment before sending if the part name in v8 will be empty and substitute a temporary value - +Actually, any bloody thing without a name should do this shouldn't it? Why not? diff --git a/dist/ayinit.sh b/dist/ayinit.sh index 29c874c7..3db4aa62 100644 --- a/dist/ayinit.sh +++ b/dist/ayinit.sh @@ -1,6 +1,6 @@ #!/bin/bash -# 1) create new droplet **DO NOT PICK IPV6 just the monitoring option** +# 1) create new droplet **DO NOT PICK IPV6 just the monitoring option** if trial use anytrial.onayanova.com SSH key if production make a unique key, add to keepass biz # 2) immediately set subdomain name in networking # 3) Add droplet into v8trial-standard-firewall # 4) check DNS available using https://letsdebug.net/ diff --git a/docs/8.0/ayanova/docs/adm-attachments.md b/docs/8.0/ayanova/docs/adm-attachments.md index 03d5f6a1..8a27164c 100644 --- a/docs/8.0/ayanova/docs/adm-attachments.md +++ b/docs/8.0/ayanova/docs/adm-attachments.md @@ -30,6 +30,20 @@ The files are _not_ stored under their original name but rather re-named accordi 2. save disk space by ensuring that identical files are only stored once 3. secure the file names themeselves which may contain sensitive information +## Maximum attachment size + +AyaNova has a hard limit of 10GB for a single attachment however the actual maximum may be a lot less depending on the network configuration and what software lies between AyaNova and the end user. + +For example when using NGINX as a reverse proxy in front of AyaNova the setting `client_max_body_size ` controls how large of an upload is possible and defaults to 1MB. Our [example NGINX configuration](ops-install-linux-server.md#configure-nginx-site-for-ayanova) shows a default of 25MB. + +IIS has the `maxAllowedContentLength` setting and Apache has it's own `LimitRequestBody` directive which may need to be configured optimially when used as a reverse proxy in front of AyaNova. + +A good security and mistake prevention measure when using a proxy server is to set the maximum attachment size only as large as absolutely necessary for your Users. + +## Troubleshooting failures to attach + +If a file can not be attached and there is no error message it's very likely an intermediary software package such as a reverse proxy with a limit set causing a [maximum attachment size issue](#maximum-attachment-size). To determine this try attaching a very small file and confirm if it will attach to the same object. + ## Menu options #### Start attachment maintenance job diff --git a/docs/8.0/ayanova/docs/ay-start-form-attachments.md b/docs/8.0/ayanova/docs/ay-start-form-attachments.md index 17963955..b89afc93 100644 --- a/docs/8.0/ayanova/docs/ay-start-form-attachments.md +++ b/docs/8.0/ayanova/docs/ay-start-form-attachments.md @@ -18,10 +18,10 @@ An attachment is _not_ a part of the normal [edit form](ay-start-edit-forms.md) When a business object with attachments is deleted in AyaNova, **all** it's attachments are also deleted with it. If you want to preserve attachments before deleting an object they can be either downloaded then re-uploaded or [moved](adm-attachments.md) to a different object by someone with administrator level access. -More information about how attachments are processed at the server can be found in the [administrator attachments guide](adm-attachments.md). - AyaNova has a hard limit of 10gb per attachment but depending on the device / browser and any intermediate web server software between the back end AyaNova server and the user's device there could be further limitations. +More information about how attachments are processed at the server can be found in the [administrator attachments guide](adm-attachments.md). + There are two tabs in the attachment control: ![control attachment tabs](img/control-attachment-panes.png) @@ -71,7 +71,7 @@ For example on an Android phone: ![control attachment Android upload](img/control-attachment-android-chooser.png) -If you were to choose "Camera" the device's camera would open and allow you to take a picture and accept it with the checkmark button Android displays beneath the photo; the photo's file name would appear in the AyaNova upload control ready to be uploaded by clicking on the Upload button. +If you were to choose "Camera" the device's camera would open and allow you to take a picture and accept it with the checkmark button Android displays beneath the photo; the photo's file name would appear in the AyaNova upload control ready to be uploaded by clicking on the Upload button. Note that each brand, model and operating system level of each device will have it's own particular options depending upon what is available and the camera / video / microphone access rights given to the browser in the device. @@ -105,4 +105,4 @@ If you see this error in the log it's likely not AyaNova restricting the upload Web browsers are not good at handling and displaying this error which is why the log needs to be checked as internally AyaNova will track and log communication errors. -A short cut to test if this is the problem is to upload a small file well under 1mb and see if that works where larger files do not. If this is the case it's likely a 413 issue. +A short cut to test if this is the problem is to upload a small file well under 1mb and see if that works where larger files do not. If this is the case it's likely a 413 issue. diff --git a/docs/8.0/ayanova/mkdocs.yml b/docs/8.0/ayanova/mkdocs.yml index 03b941d9..a3f2e23b 100644 --- a/docs/8.0/ayanova/mkdocs.yml +++ b/docs/8.0/ayanova/mkdocs.yml @@ -7,7 +7,7 @@ theme: site_name: AyaNova manual site_dir: '../../../server/AyaNova/wwwroot/docs' strict: true -copyright: Copyright © 2022 Ground Zero Tech-Works Inc. REV-2022-09-19 +copyright: Copyright © 2022 Ground Zero Tech-Works Inc. REV-2022-09-20 extra: generator: false # Extensions