# Licensed under the Apache License, Version 2.0 (the "License"); you may not # use this file except in compliance with the License. You may obtain a copy of # the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations under # the License. # Each node in the system must have a unique name. These are specified through # the Erlang -name flag, which takes the form: # # -name nodename@ # # or # # -name nodename@ # # CouchDB recommends the following values for this flag: # # 1. If this is a single node, not in a cluster, use: # -name couchdb@127.0.0.1 # # 2. If DNS is configured for this host, use the FQDN, such as: # -name couchdb@my.host.domain.com # # 3. If DNS isn't configured for this host, use IP addresses only, such as: # -name couchdb@192.168.0.1 # # Do not rely on tricks with /etc/hosts or libresolv to handle anything # other than the above 3 approaches correctly. They will not work reliably. # # Multiple CouchDBs running on the same machine can use couchdb1@, couchdb2@, # etc. -name couchdb@127.0.0.1 # All nodes must share the same magic cookie for distributed Erlang to work. # Comment out this line if you synchronized the cookies by other means (using # the ~/.erlang.cookie file, for example). -setcookie monster # Tell kernel and SASL not to log anything -kernel error_logger silent -sasl sasl_error_logger false # Use kernel poll functionality if supported by emulator +K true # Start a pool of asynchronous IO threads +A 16 # Comment this line out to enable the interactive Erlang shell on startup +Bd -noinput # Force use of the smp scheduler, fixes #1296 -smp enable # Set maximum SSL session lifetime to reap terminated replication readers -ssl session_lifetime 300 ## TLS Distribution ## Use TLS for connections between Erlang cluster members. ## http://erlang.org/doc/apps/ssl/ssl_distribution.html ## ## Generate Cert(PEM) File ## This is just an example command to generate a certfile (PEM). ## This is not an endorsement of specific expiration limits, key sizes, or algorithms. ## $ openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem ## $ cat key.pem cert.pem > dev/erlserver.pem && rm key.pem cert.pem ## ## Generate a Config File (couch_ssl_dist.conf) ## [{server, ## [{certfile, ""}, ## {secure_renegotiate, true}]}, ## {client, ## [{secure_renegotiate, true}]}]. ## ## CouchDB recommends the following values for no_tls flag: ## 1. Use TCP only, set to true, such as: ## -couch_dist no_tls true ## 2. Use TLS only, set to false, such as: ## -couch_dist no_tls false ## 3. Specify which node to use TCP, such as: ## -couch_dist no_tls \"*@127.0.0.1\" ## ## To ensure search works, make sure to set 'no_tls' option for the clouseau node. ## By default that would be "clouseau@127.0.0.1". ## Don't forget to override the paths to point to your certificate(s) and key(s)! ## #-proto_dist couch #-couch_dist no_tls \"clouseau@127.0.0.1\" #-ssl_dist_optfile # Set a well-known cluster port -kernel inet_dist_listen_min 9100 -kernel inet_dist_listen_max 9100