| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899 |
- # Licensed under the Apache License, Version 2.0 (the "License"); you may not
- # use this file except in compliance with the License. You may obtain a copy of
- # the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- # License for the specific language governing permissions and limitations under
- # the License.
- # Each node in the system must have a unique name. These are specified through
- # the Erlang -name flag, which takes the form:
- #
- # -name nodename@<FQDN>
- #
- # or
- #
- # -name nodename@<IP-ADDRESS>
- #
- # CouchDB recommends the following values for this flag:
- #
- # 1. If this is a single node, not in a cluster, use:
- # -name couchdb@127.0.0.1
- #
- # 2. If DNS is configured for this host, use the FQDN, such as:
- # -name couchdb@my.host.domain.com
- #
- # 3. If DNS isn't configured for this host, use IP addresses only, such as:
- # -name couchdb@192.168.0.1
- #
- # Do not rely on tricks with /etc/hosts or libresolv to handle anything
- # other than the above 3 approaches correctly. They will not work reliably.
- #
- # Multiple CouchDBs running on the same machine can use couchdb1@, couchdb2@,
- # etc.
- -name couchdb@127.0.0.1
- # All nodes must share the same magic cookie for distributed Erlang to work.
- # Comment out this line if you synchronized the cookies by other means (using
- # the ~/.erlang.cookie file, for example).
- -setcookie monster
- # Tell kernel and SASL not to log anything
- -kernel error_logger silent
- -sasl sasl_error_logger false
- # Use kernel poll functionality if supported by emulator
- +K true
- # Start a pool of asynchronous IO threads
- +A 16
- # Comment this line out to enable the interactive Erlang shell on startup
- +Bd -noinput
- # Force use of the smp scheduler, fixes #1296
- -smp enable
- # Set maximum SSL session lifetime to reap terminated replication readers
- -ssl session_lifetime 300
- ## TLS Distribution
- ## Use TLS for connections between Erlang cluster members.
- ## http://erlang.org/doc/apps/ssl/ssl_distribution.html
- ##
- ## Generate Cert(PEM) File
- ## This is just an example command to generate a certfile (PEM).
- ## This is not an endorsement of specific expiration limits, key sizes, or algorithms.
- ## $ openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
- ## $ cat key.pem cert.pem > dev/erlserver.pem && rm key.pem cert.pem
- ##
- ## Generate a Config File (couch_ssl_dist.conf)
- ## [{server,
- ## [{certfile, "</path/to/erlserver.pem>"},
- ## {secure_renegotiate, true}]},
- ## {client,
- ## [{secure_renegotiate, true}]}].
- ##
- ## CouchDB recommends the following values for no_tls flag:
- ## 1. Use TCP only, set to true, such as:
- ## -couch_dist no_tls true
- ## 2. Use TLS only, set to false, such as:
- ## -couch_dist no_tls false
- ## 3. Specify which node to use TCP, such as:
- ## -couch_dist no_tls \"*@127.0.0.1\"
- ##
- ## To ensure search works, make sure to set 'no_tls' option for the clouseau node.
- ## By default that would be "clouseau@127.0.0.1".
- ## Don't forget to override the paths to point to your certificate(s) and key(s)!
- ##
- #-proto_dist couch
- #-couch_dist no_tls \"clouseau@127.0.0.1\"
- #-ssl_dist_optfile <path/to/couch_ssl_dist.conf>
- # Set a well-known cluster port
- -kernel inet_dist_listen_min 9100
- -kernel inet_dist_listen_max 9100
|
