Commit Graph

233 Commits

Author SHA1 Message Date
Tim Abbott 0d04724da6 docs: Clarify push notification service privacy model.
This just makes what was already said there a lot more explicit.
2019-03-21 16:49:10 -07:00
Tim Abbott 0a17a2acaa docs: Recommend using an SSD for the Zulip database.
This is sorta common knowledge for folks who have managed databases,
but not everyone has.
2019-03-10 13:51:52 -07:00
Tim Abbott 0e2dc873ba docs: Explain options for preventing changes during export.
This makes it a bit clearer that one doesn't need to deactivate a
realm just to export data.
2019-03-04 11:38:02 -08:00
Tim Abbott 066ca0353d docs: Fix export/import manage.py instructions typos.
Fixes #11755.
2019-03-02 13:04:22 -08:00
Tim Abbott 216d2ec1bf production: Add optional support for submitting usage statistics.
See documentation for details.
2019-02-26 17:35:10 -08:00
Anders Kaseorg ce01a4c5a3 backup: Add Zulip, OS, and PostgreSQL version to the tarball.
==> zulip-backup/os-version <==
    Ubuntu trusty

    ==> zulip-backup/postgres-version <==
    90324

    ==> zulip-backup/zulip-version <==
    2.0.0-rc1+git
    2.0.0-rc1-50-gbf169b8-dirty

Documentation added by tabbott.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-02-14 15:11:57 -08:00
Vishnu Ks 949d098e99 management: Add tooling for transfering local uploads to s3.
This solves a common migration problem for folks who cut corners when
first setting up Zulip.

Fixes #11294.
2019-02-14 14:31:46 -08:00
Anders Kaseorg e0a51948d9 script: Add ready-to-run tooling for doing backups.
Based on an initial version by Tim Abbott (#11204).

Fixes #552.
2019-02-11 17:30:37 -08:00
Tim Abbott e3bc788660 docs: Announce deprecation of Ubuntu Trusty. 2019-02-11 16:10:12 -08:00
xiaomingplus 5120d97633 docs: Remove confusing comment from boto example.
The boto config file format should have comments on a separate line.

here is the docs:

http://boto.cloudhackers.com/en/latest/boto_config_tut.html#details
2019-02-11 15:01:18 -08:00
Tim Abbott a46640b325 docs: Document restricting access to an LDAP group. 2019-02-11 11:40:57 -08:00
Rishi Gupta 7adc7ed490 docs: Update mobile-push-notifications to discourage legacy signup. 2019-02-06 11:53:39 -08:00
Tim Abbott e91f22c416 docs: Reorganize and simplifiy LDAP data synchronization docs. 2019-02-05 10:37:04 -08:00
Harshit Bansal 2abe325147 docs: Add documentation for the new custom profile data sync feature.
Fixes: #10976.
2019-02-05 10:25:50 -08:00
Tim Abbott 001ec76e1f export: Document /etc/zulip when discussing server migrations. 2019-02-02 23:22:22 -08:00
Tim Abbott df436a55b4 scripts: Recommend apt update after enabling universe.
One needs to manually do an apt update after add-apt-repository, or it
won't actually work.
2019-01-26 12:29:05 -08:00
Tim Abbott 7824ce32a0 docs: Advertise HipChat/Slack import tools in installer docs.
This should help avoid confusion about when to use the import tools.
2019-01-16 15:15:01 -08:00
Tim Abbott f9b60b4803 docs: Update some notes about Tornado scalability. 2019-01-16 11:26:57 -08:00
Anders Kaseorg 25d6107a4f docs: Avoid hardcoded /tmp paths in miscellaneous documentation.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-01-15 16:16:12 -08:00
Harshit Bansal 71761bc2da ldap: Add a setting to automatically deactivate non_matching users.
Fixes: #11151.
2019-01-13 19:04:09 -08:00
Tim Abbott 40884dbb1d docs: Document active directory values for AUTH_LDAP_USER_SEARCH.
Fixes #10019.
2019-01-08 16:28:51 -08:00
Tim Abbott 534bf8f806 docs: Make more clear how installing from Git works.
The previous discussion made it sound like this did a development
environment installation.
2019-01-07 19:16:59 -08:00
Aastha a65cb91cc1 docs: Add nginx reload documentation.
This adds reference for reloading nginx when the certificates are
replaced so that the server works with the new certificates instead of
the old ones.

Fixes: #4849.
2019-01-04 14:30:26 -08:00
Tim Abbott 5d550145bd docs: Document need for zulip group for some nagios checks. 2019-01-02 10:22:48 -08:00
Tim Abbott af1c7a9573 docs: Improve documentation for adding a new authentication backend.
Now that we have the Azure Active Directory integration cleaned up and
merged, we can nicely link to it as an example.
2018-12-18 16:49:01 -08:00
seresheim 49dbd85a89 auth: Add support for Azure Active Directory authentication.
This takes advantage of all of our work on making the
python-social-auth integration reusable for other authentication
backends.
2018-12-18 16:39:03 -08:00
Tim Abbott d815e5a299 docs: Document how to sync additional fields in LDAP.
This probably isn't something folks will use a lot, but it is a
question we get.

Fixes #9710.
2018-12-13 16:24:15 -08:00
Tim Abbott 626e191201 ldap: Add support for automatic user deactivation/reactivation.
As part of this, extend our documentation on synchronizing data from
Active Directory.
2018-12-13 16:24:15 -08:00
Tim Abbott 5dd646f33f ldap: Add support for syncing avatar images from LDAP.
This should make life a lot more convenient for organizations that use
the LDAP integration and have their avatars in LDAP already.

This hasn't been end-to-end tested against LDAP yet, so there may be
some minor revisions, but fundamentally, it works, has automated
tests, and should be easy to maintain.

Fixes #286.
2018-12-13 13:39:22 -08:00
Tim Abbott e92e982342 docs: Add a troubleshooting note about cookies on root domain. 2018-12-12 12:08:25 -08:00
Joshua Pan 441dca0eaf email: Support delivery email in email change system. 2018-12-06 17:43:26 -08:00
Tim Abbott a4a25c3e14 docs: Expand security model documentation to cover guests.
This is a pretty minor update, just clarifying the discussion of what
types of users exist.
2018-12-05 17:25:12 -08:00
Anders Kaseorg 9ba860b4f2 Avoid double redirects to /login and then to /login/.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2018-12-04 16:12:58 -08:00
Tim Abbott 250a2b5164 docs: Fix documentation details for boto configuration.
This fixes a couple key gaps in our documentation of the #9376
workaround.
2018-12-04 13:28:13 -08:00
Tim Abbott e8742f1dd5 docs: Expand documentation for running management commands. 2018-12-03 09:16:05 -08:00
Tim Abbott 1303f8df20 docs: Fix missing quotes in `su zulip -c` documentation.
This fixes an actual user-facing issue in our mobile push
notifications documentation (where we were incorrectly failing to
quote the argument to `./manage.py register_server` making it not
work), as well as preventing future similar issues from occurring
again via a linter rule.
2018-11-30 12:12:27 -08:00
Tim Abbott 72db5d5a48 docs: Document how to setup system postfix email with Zulip. 2018-11-30 12:06:25 -08:00
Tim Abbott df5475996f docs: Add prod auth docs link to dev auth docs.
This should be helpful for folks working on things like a Facebook
OAuth2 integration.
2018-11-29 20:45:02 -08:00
Tim Abbott 0932a27647 docs: Move generic reverse proxy notes further down. 2018-11-28 15:53:54 -08:00
Igor Posledov 7aed0a2a66 docs: Add nginx reverse proxy basic config example. 2018-11-28 15:52:06 -08:00
Bruce 604364eb65 docs: Document how to use Zulip behind an haproxy reverse proxy.
With significant rearrangement by tabbott to have more common text
between different proxy implementations.
2018-11-28 13:56:26 -08:00
Tim Abbott f1f60bc9bb docs: Document how to use AWS SIGv4 with boto.
This is required in some AWS regions.

The right long-term fix is to move to boto3 which doesn't have this
problem.

Allows us to downgrade the priority of #9376.
2018-11-28 12:25:45 -08:00
Tim Abbott 51950ad352 docs: Fix accidental repeat bullet #1 in S3 backend documentation.
Due to missing indentation, the numbering was resetting to 1 rather
than continuing to 6.
2018-11-28 12:19:37 -08:00
Tim Abbott 5f3c8be6d1 docs: Fix some broken links in security model doc.
Apparently, we haven't been running test-documentation in production
of late.
2018-11-28 09:49:39 -08:00
Tim Abbott f1c65975ad docs: Clarify preparatory process for data import.
You need a Zulip server running the a matching version, and no longer
need to do an upgrade from master before using established import tools.
2018-11-14 17:02:33 -08:00
Tim Abbott a2371a96b7 docs: Clarify push registration for running manage.py correctly.
We've had several users get errors running this because they ran it as
a bash script; fix this my making the command super explicit.
2018-11-14 13:07:04 -08:00
Tim Abbott 8ab26df9f0 docs: Link to setup-certbot multiple hostname support. 2018-11-13 12:55:24 -08:00
Rohitt Vashishtha 95ba947f13 setup-cerbot: Allow issuing certificates for multiple domains.
This commit allows specifying Subject Alternative Names to issue certs
for multiple domains using certbot. The first name passed to certbot-auto
becomes the common name for the certificate; common name and the other
names are then added to the SAN field. All of these arguments are now
positional. Also read the following for the certbot syntax reference:

https://community.letsencrypt.org/t/how-to-specify-subject-name-on-san/

Fixes #10674.
2018-11-13 12:47:31 -08:00
Tim Abbott 2f36211fde docs: Document need to enable Universe repository on Ubuntu. 2018-10-31 11:53:24 -07:00
Rishi Gupta 39c56b3ba9 docs: Update security-model.md.
Tweaked by tabbott to fix a few typos and purge use of "realm".
2018-10-19 15:40:36 -07:00
Rishi Gupta f14ed03707 docs: Update import instructions in export-and-import. 2018-10-18 16:22:31 -07:00
Tim Abbott 50be5ceae3 docs: Document our now-official production Docker image. 2018-10-16 15:27:03 -07:00
Tim Abbott 3039f11dd4 docs: Document installing Zulip from GitHub.
This has been unofficially supported for a long time, and is handy for
common use cases, so worth documenting.
2018-10-16 15:19:51 -07:00
Tim Abbott 05b29ea47c docs: Remove production overview page.
This page didn't really add any value over the "Installation" page
after the refactorings we've done in recent time.
2018-10-16 15:10:28 -07:00
Greg Price cbb6692882 prod docs: Say exactly how to test the SSL cert chain.
Users continue to run into this and get confused, certain that there's
no certificate problem.
2018-10-03 16:03:05 -07:00
Rishi Gupta 0d1907fb71 user docs: Add test-mobile-notifications. 2018-09-28 12:09:33 -07:00
Tim Abbott 5064d9dd8a import: Remove documentation of --import-into-nonempty.
This is now the default behavior.
2018-09-27 14:14:51 -07:00
Tim Abbott 41b18c7067 docs: Clean up LDAP docs a bit more.
In particular, this improves:
* The explanation of how data is mapped into Zulip
* The explanation of what is printed out by `manage.py query_ldap`
* Makes sure users create their first account with EmailAuthBackend.
2018-09-27 13:38:14 -07:00
Tim Abbott a943e55863 docs: Move LDAP documentation out of plug-and-play section.
Also update the links to this section.
2018-09-27 13:38:14 -07:00
Greg Price a612049ac4 docs: Expand on LDAP config; try to clarify "username" concept.
The term "username" confusingly refers both to the Django concept of
"username" (meaning "the name the user types into the login form") and
a concept the admin presumably already has in their existing
environment; which may or may not be the same thing, and in fact this
is where we document the admin's choice of whether and how they should
correspond.  The Django concept in particular isn't obvious, and is
counterintuitive when it means something like an email address.

Explicitly explain the Django "username" concept, under the name of
"Zulip username" to take responsibility for our choice of how it's
exposed in the settings interface.  Then use an explicit qualifier,
like "LDAP username", whenever referring to some other notion of
username.  And make a pass over this whole side of the instructions,
in particular for consistent handling of these concepts.
2018-09-27 13:20:10 -07:00
Greg Price 6f23d2f691 docs: Make a pass over LDAP config/setup docs.
Expand on a few things that tend to confuse people (especially the
`%(user)s` thing); move the `LDAPSearchUnion` example out to docs;
adjust the instructions to fit a bit better in their new docs/ home.
2018-09-27 13:20:10 -07:00
Greg Price e7737c6342 docs: Move prose LDAP instructions out of settings template.
This makes it easier to iterate on these, and to expand supplemental
information (like troubleshooting, or unusual configurations) without
further straining the already-dauntingly-long settings.py.

It also makes it easier to consult the instructions while editing the
secrets file, or testing things, etc. -- most admins will find it more
natural to keep a browser open somewhere than a second terminal.
2018-09-27 13:20:10 -07:00
Greg Price 9dbb5561b1 docs: Use `sudo -s` to get a root shell without changing directory.
The `-i` is for "initial", creating a login shell -- which means
cd'ing to root's homedir.  That defeats the line after this one.
2018-09-25 13:15:06 -07:00
Rishi Gupta a04d1e3d98 docs: Update intros to production install pages.
We should cut to the chase where we can.
2018-08-21 11:32:16 -07:00
Tim Abbott c6bbb9a8d4 docs: Improve cross-linking between export/import and backups.
Now that we have nice documentation for our export/import tools, we've
been seeing a lot of users trying to use that as their primary backup
process.  Let's correct this.
2018-08-07 14:50:38 -07:00
Tim Abbott 3cbdb1efc7 docs: Document that minify-js can OOM kill during an upgrade. 2018-08-03 15:13:40 -07:00
Tim Abbott f336f58b81 docs: Expand documentation of running Zulip behind a reverse proxy. 2018-08-02 08:38:56 -07:00
Tim Abbott 35cb7528f9 models: Add new UserMessage flag active_mobile_push_notification.
This flag is used to track which user/message pairs correspond to an
active mobile push notification, that should potentially be cleared
when the user reads the message.

This flag should never appear on a message that is also marked as
read; eventually we may want a cron job to check for that condition.

We include a partial index on UserMessage for this flag.
2018-08-01 16:51:56 -07:00
Shubham Padia bf6dc4472b models: Add is_private flag to UserMessage and add index for it.
The is_private flag is intended to be set if recipient type is
'private'(1) or 'huddle'(3), otherwise i.e if it is 'stream'(2), it
should be unset.

This commit adds a database index for the is_private flag (which we'll
need to use it). That index is used to reset the flag if it was
already set. The already set flags were due to a previous removal of
is_me_message flag for which the values were not cleared out.

For now, the is_private flag is always 0 since the really hard part of
this migration is clearing the unspecified previous state; future
commits will fully implement it actually doing something.

History: Migration rewritten significantly by tabbott to ensure it
runs in only 3 minutes on chat.zulip.org.  A key detail in making that
work was to ensure that we use the new index for the queries to find
rows to update (which currently requires the `order_by` and `limit`
clauses).
2018-07-30 15:43:55 -07:00
Tim Abbott b53463d6a4 docs: Remove use of multi-line 'su zulip' in docs.
It turns out this confused people into trying to run both pieces in
one line.
2018-07-30 13:38:55 -07:00
Rishi Gupta 5e7fd3a3cf docs: Move server import and export from /help to readthedocs. 2018-07-27 10:37:50 -07:00
Aditya Bansal 9b485f3ef4 auth: Fix bug with subdomains and GitHub auth causing apparent logouts.
This adds a new settings, SOCIAL_AUTH_SUBDOMAIN, which specifies which
domain should be used for GitHub auth and other python-social-auth
backends.

If one is running a single-realm Zulip server like chat.zulip.org, one
doesn't need to use this setting, but for multi-realm servers using
social auth, this fixes an annoying bug where the session cookie that
python-social-auth sets early in the auth process on the root domain
ends up masking the session cookie that would have been used to
determine a user is logged in.  The end result was that logging in
with GitHub on one domain on a multi-realm server like zulipchat.com
would appear to log you out from all the others!

We fix this by moving python-social-auth to a separate subdomain.

Fixes: #9847.
2018-07-10 16:49:00 +05:30
Tim Abbott ddc2ef2ce8 docs: Point Docker users to the Docker upgrade docs.
The normal instructions don't make sense for the Docker image.
2018-07-01 06:58:44 -07:00
Jack Zhang 781e995865 docs: Fix typos in mobile-push-notifications. 2018-06-30 13:48:01 -07:00
Vishnu Ks 0212113569 docs: Document ADD_TOKENS_TO_NOREPLY_ADDRESS in email.md.
Rewritten and moved by tabbott.
2018-06-23 12:03:30 -07:00
Eeshan Garg 0a43e5e257 Replace all user-facing references to "invite-only" with "private".
Fixes #9611.
2018-06-12 13:37:45 -04:00
Tim Abbott 427c43723c docs: Document disabling unattended-upgrades.
I don't think this is exactly the right place to document this, but
I'm not sure there's a better one without some restructuring this page
in general (which would probably have value).

Fixes #8769.
2018-06-05 08:45:42 -07:00
Tim Abbott 40635beb23 docs: Document production support for Debian Stretch and Ubuntu Bionic.
Fixes #9197.
2018-06-05 08:09:29 -07:00
Tim Abbott b7af4c2162 docs: Update multiple organization docs to clarify root domain story.
Previously, we made it seem like it was a good idea to use a subdomain
and a root domain at the same time.
2018-05-31 12:18:41 -07:00
Sampriti Panda 018a33ff7c send_test_email: Send email from NOREPLY address as well.
Tweaked by tabbott to also set different subject lines, to make it
easier to see that one got 2 emails.
2018-05-27 22:18:44 -07:00
Abhigyan Khaund fda786952e documentation: Migrate all CZO stream links to new stream URL style
This includes changes like changing CZO stream URLs from new.20members
to 95-new-members.
2018-05-24 15:15:34 -07:00
Tim Abbott d6fb47385b docs: Clean up the instructions for installing from Git.
This is now much more common, and deserves clearer discussion.
2018-05-23 14:34:28 -07:00
Tim Abbott 9aee4c8c8e docs: Add production documentation on deployment options.
This describes the basics of installing Zulip in more complex
production environments using multiple services.

Fixes #1235.
2018-05-22 11:31:48 -07:00
Tim Abbott f8fcbbb672 docs: Update security model docs for new stream history feature. 2018-05-20 14:38:51 -07:00
Tim Abbott 0364ba8986 docs: Recommend Mailgun over Sendgrid for email setup. 2018-05-17 07:28:08 -07:00
Tim Abbott faa2cd9597 docs: Clarify setup documentation for S3 backend. 2018-05-17 07:20:07 -07:00
Tim Abbott 0ac8de2b47 docs: Document new configuration option for production nginx. 2018-05-17 07:14:18 -07:00
Tim Abbott e63541e616 docs: Extract documentation for file upload backends.
This moves the documentation for this feature out of
prod_settings_template.py, so that we can edit it more easily.

We also add a bucket policy, which is part of what one would want to
use this in production.

This addresses much, but not all, of #9361.
2018-05-16 15:00:54 -07:00
Tim Abbott 828104e020 docs: Document the REALM_HOSTS feature. 2018-05-16 07:02:13 -07:00
Tim Abbott cfd22c6832 zilencer: Clean up logic around mobile push notifications signup.
This fixes exceptions when sending PMs in development (where we were
trying to connect to the localhost push bouncer, which we weren't
authorized for, but even if we were, it wouldn't work, since there's
no APNS/GCM certs).

At the same time, we also set and order of operations that ensures one
has the opportunity to adjust the server URL before submitting
anything to us.
2018-05-05 16:42:00 -07:00
Tim Abbott 43098a6f7c zilencer: Add automated signup system for push notifications.
Based on an initial version by Rishi Gupta.

Fixes #7325.
2018-05-03 21:27:49 -07:00
Rishi Gupta cf735042b7 docs: Make minor fixes to mobile-push-notifications.html. 2018-04-23 12:37:29 -07:00
Tim Abbott f90b765824 docs: Document what's involved in doing your own push notifications.
We've had a few folks ask about this recently, and it seemed like it'd
be good to cover this a bit more explicitly.
2018-04-21 21:42:24 -07:00
Tim Abbott e53c0fe273 docs: Further clarify privacy details for push notifications. 2018-04-19 14:20:57 -07:00
Greg Price 21045d8cf0 prod docs: Call out more the need for a chained cert bundle.
This is kind of easy to gloss over, especially with the framing
as a "format"; surely if things work at all, the file format
must have been right, right?  It's really a bit more substantive
than that; say so and also add a bit more description.
2018-04-16 11:34:23 -07:00
Axel Tietje 8f984be457 docs: Fix typo in production docs. 2018-04-12 09:19:26 -07:00
Greg Price 6396b3aef7 docs/production: Make an editing pass through the SMTP doc.
In addition to many small edits for formatting and clarity, a few more
significant changes:

* In the main instructions, refer specifically to restarting the
  server and to testing that the config works.

* Add SendGrid to the recommended list, as it seems like people
  give it a somewhat stronger reputation these days than Mailgun.

* Discuss EMAIL_USE_TLS and EMAIL_PORT along with host, user, and
  password in the "free services" section.  Though those bullets feel
  kind of duplicative to me already.
2018-04-05 21:24:48 -07:00
Greg Price b9f1f9c0ae docs/production: Reorganize SMTP docs a bit.
Let's get right to the point of how to configure SMTP once you know
what you want.  That section is pretty short anyway; and we can have
a first step direct the reader to our suggestions if they don't know
what service they want to use.

Also adjust the hierarchy of the headings: group the various
alternative email services under one heading, and group
troubleshooting together under an independent heading.

Also correct what we say about EMAIL_PORT: the Django default is
apparently 25, so if the provider *does* use the usual port 587
then we'll need the port to be set.
2018-04-05 21:24:48 -07:00
YJDave 93ee0aace7 stream settings: Allow realm admins to remove others from any stream.
This will allow realm admins to remove others from private stream to
which the realm administrator is not subscribed; this is important for
managing those streams, because previously nobody could remove users
from private streams that didn't have any realm administrators
subscribed.
2018-03-13 14:59:09 -07:00
YJDave 2031118545 stream settings: Allow realm admins to access all private stream subs.
This will allow realm admins to access subscribers of unsubscribed
private stream.  This is a preparatory commit for letting realm admins
remove those users.
2018-03-13 14:59:09 -07:00
YJDave 37f9d5c193 stream settings: Allow realm admins to update any stream name & description.
This will allow realm admins to update the names and descriptions of
private streams even if they are not subscribed, which fixes the buggy
behavior that previously nobody could(!).
2018-03-13 14:59:09 -07:00
Greg Price e022b9e7ea install docs: Cut SSL cert from requirements summary.
The summary already has a qualifier that basically says it shouldn't
matter for most people -- making it simultaneously the most
complicated bullet there, and among the least likely to matter.

And in fact, this requirement shouldn't matter for *anyone* when first
experimenting with Zulip.  If certbot won't work in a given admin's
environment, and the available ways to get a cert aren't convenient,
they can always let the installer generate a self-signed cert to get
going, and circle back to the issue later.

So, make that option clear in the main requirements text, and then
just cut the whole bullet from the summary.
2018-03-06 19:43:02 -08:00
Greg Price d99ec6426d install docs: Move requirements tl;dr to requirements doc.
This further reduces the wall of text on the install instructions.
Simultaneously it lightens up the pressure on this summary to be quite
so terse; expand a couple of items into multiple bullets (yet with
fewer words!) for greater readability.
2018-03-06 19:43:02 -08:00
Greg Price c1d5364077 install docs: Consolidate follow-up steps.
Now down to just 4 steps!

This version tries to prioritize: just two items that we really want
all admins to look at even if they aren't already mentally committed
to running a big production service and reading all the docs.
Namely, the two required in order to really try out Zulip effectively
with one's colleagues.
2018-03-06 19:43:02 -08:00
Greg Price 526e301177 install docs: Tighten "create organization" step.
The screenshots weren't doing much good without being embedded in the
text... and in fact, looking at them for I think the first time,
they're badly out of date with the app.  So cut them.

We might add screenshots later, but on the other hand if we do a good
job with the forms themselves, they should be superfluous.
2018-03-06 19:43:02 -08:00
Greg Price 4edc121b49 install docs: Move background details to after main flow too.
This further shortens the wall of text inside the instructions.

Note that thanks to embedded reST, we now have the power to provide
custom anchors at section headings!  Which in particular means this
link won't break if we later tweak the wording of this heading.
2018-03-06 19:43:02 -08:00
Greg Price 53f80336ee install docs: Consolidate troubleshooting at bottom.
This helps shorten the wall of text between the start of the
instructions and the end.  Conversely, now that there are fewer
followup steps, the troubleshooting section at the end isn't so
far away to point.
2018-03-06 19:43:02 -08:00
Greg Price 0505036965 install docs: Reduce prose in requirements bullets. 2018-03-06 19:43:02 -08:00
Greg Price f22712e8e8 install: Go straight through by default.
This flips the experimental `--express` option to be the default.

We retain the old behavior, where the script exits before
`initialize-database`, as an option `--no-init-db`; it might be useful
in e.g. a migration scenario (from a Zulip install elsewhere, or
another chat system) where the admin wants to set up the database
separately.

The install instructions are adjusted to match, getting shorter by two
steps and a bunch of words.  I think this opens up opportunities to
refactor the text to simplify things further, too, but leaving that
for another commit.

Also tweak the "production" test suite to match.
2018-03-06 19:43:02 -08:00
Tim Abbott c732313c36 docs: Rename customize.html to settings.html.
This is a better description of what this is for.
2018-02-19 09:55:49 -08:00
Aditya Bansal efe8545303 local-uploads: Start running authentication checks on file requests.
From here on we start to authenticate uploaded file request before
serving this files in production. This involves allowing NGINX to
pass on these file requests to Django for authentication and then
serve these files by making use on internal redirect requests having
x-accel-redirect field. The redirection on requests and loading
of x-accel-redirect param is handled by django-sendfile.

NOTE: This commit starts to authenticate these requests for Zulip
servers running platforms either Ubuntu Xenial (16.04) or above.

Fixes: #320 and #291 partially.
2018-02-16 05:06:37 +05:30
Tim Abbott ddf83f65ce docs: Update dead references to puppet/zulip_internal.
This was renamed in the codebase to puppet/zulip_ops months ago.
2018-02-12 16:00:56 -08:00
Greg Price edfa3eabfd docs: Use `orphan` to directly exclude pages from toctree.
This is what the Sphinx docs recommend when you actually don't want
the page to be included in navigation:
  http://www.sphinx-doc.org/en/stable/markup/toctree.html
And now that we have `eval_rst`, we're able to take advantage of it!

One difference between doing this and the old way of making "hidden"
toctree entries is that with the latter, the "previous" and "next"
links at the bottom of each page would thread through the hidden
entries; which gets kind of confusing when they don't appear in the nav.
2018-01-24 14:37:17 -08:00
Greg Price 5a2b001c18 docs: Fix a bit of confusion over past vs. present.
The careful testing with dozens of realms was a discrete thing
that happened, not a general state that the tool was in;
certainly not the last state it was known to be in, as the rest
of the sentence explains how it hasn't been so carefully tested
since then.  So "as of" doesn't fit.
2018-01-24 14:37:17 -08:00
Greg Price da626c176f docs: ssl-certificates: 2017 is no longer the present.
Tweak this wording so it stays true and time-appropriate indefinitely.
2018-01-24 14:37:17 -08:00
Greg Price 6aa7a1b8d2 install docs: Document streamlined self-signed-cert flow.
This is easy now, so make it known to admins who are looking for a
fast path for a test install.

Also totally cut the painfully complicated steps for generating a
self-signed cert by hand.  Anyone who actually wants that can find a
hundred explanations on the Web, or can look at our script if they
want to specifically mirror how we do it (which is mercifully much
simpler than this.)
2018-01-23 18:08:52 -08:00
Greg Price c27f36a82a install: Rename generate-self-signed-cert.
This script generates one certificate.
2018-01-23 18:08:52 -08:00
Greg Price bd9340b4db docs: Warn on development version of install instructions. 2018-01-23 10:57:50 -08:00
Greg Price 2bf5d0074c docs: Update ETA for Let's Encrypt wildcard support.
It's now January 2018, so we can delete this caveat, right?
Not quite yet -- the original post we link to now has an
update saying 2018-02-27.  Let's make it less specific,
in case the date changes again.
2018-01-23 10:57:50 -08:00
Greg Price cdd35816fe docs: Link back to install step in SSL doc. 2018-01-23 10:57:50 -08:00
Greg Price 8fd98133d8 docs: Tweak discussion of SSL certs in prod requirements. 2018-01-23 10:57:50 -08:00
Greg Price 0cf0c51cad docs: Revise description of main install step.
Bulleted information instead of prose, huzzah!  Also I think we need
to explain the options a bit right here, or at least link to where
they're documented somewhere.  (If the list gets much longer, we'll
want to shift toward the latter.)

Also reorganize existing information a bit, and clean up a couple
of nits.
2018-01-23 10:57:50 -08:00
Greg Price bcc1456f55 docs: Tighten sub-headings in SSL certs doc.
What I really want is to give these sections nice stable slugs
to put on the anchors and use as the URL fragment, independent of
any wording tweaks on the text headings.  But I don't think we
have that feature with Markdown and our current docs infrastructure.

At least for Certbot, the brevity helps make this heading clearer
than the previous one.
2018-01-23 10:57:50 -08:00
Greg Price 93b957eaae docs: Revise explanation of manual SSL cert install.
Change a bit of prose to bullets.  Also lead with the "If you ..."
that helps readers skim past this section.
2018-01-23 10:57:50 -08:00
Tim Abbott 21d8ff14b4 docs: Update documentation to recommend certbot. 2018-01-23 10:57:50 -08:00
Greg Price e68f426286 docs/production: Revise doc on authentication methods.
Hopefully this version makes it somewhat clearer how the different
methods relate to each other, how to choose between them, what
`ZulipRemoteUserBackend` is for, and how the latter works.
2018-01-18 17:45:03 -08:00
XavierCooney 5409a98039 docs: Fix typo in multiple-organizations.md. 2017-12-31 09:11:30 -05:00
Greg Price c2cd76b69e docs: Note need to log out and in again on push notifs setup.
This often surprises people, so mention it up front.

(Also it'd probably be good to add some code to make this step
unnecessary.)
2017-11-29 13:32:02 -08:00
David Rosa Tamsen 84384196f2 docs: Exclude files from TOC warnings and navigation sidebar.
Sphinx was displaying "WARNING: document isn't included in any toctree"
for files we just don't want in the TOC. We can hide them from the index,
but the rtd theme defaults to display hidden index entries in the nav bar.

This commit excludes these files from such warnings, and patches layout.html
so that hidden index entries stay hidden from the navigation sidebar.

This commit also moves password-strength.md under docs/production and
adds it as a hidden entry in production/index.rst.

Fixes #7417.
2017-11-22 10:59:14 -08:00
Greg Price 0b543bfc0e docs: Rewrite certbot discussion, to enjoy the new automation.
This doesn't touch the main path through the install docs; that will
see a broader rewrite soon as we make outbound email optional for a
nascent server, make the hostname and admin email into mandatory
installer flags, and then radically simplify the instructions by
removing mandatory editing of `settings.py` and folding most of what's
left into the installer.
2017-11-20 15:52:07 -08:00
Balaji2198 1f43252903 docs: Update TOC in production to include SSL and email.
This adds a few missing entries to the TOC, which hadn't made sense
back when Zulip's ReadTheDocs didn't have the new collapsing feature.

Tweaked by tabbott to also give the SSL certificates doc an
appropriate title for its new role.
2017-11-20 10:21:02 -08:00
Greg Price 011114397b docs: Fix some Markdown links missing a close-paren.
These were just introduced today.
2017-11-16 11:43:19 -08:00
David Rosa Tamsen 7072fa5b37 docs: Reorganize developer docs to improve navigation.
This commit helps reduce clutter on the navigation sidebar.
Creates new directories and moves relevant files into them.
Modifies index.rst, symlinks, and image paths accordingly.

This commit also enables expandable/collapsible navigation items,
renames files in docs/development and docs/production,
modifies /tools/test-documentation so that it overrides a theme setting,
Also updates links to other docs, file paths in the codebase that point
to developer documents, and files that should be excluded from lint tests.

Note that this commit does not update direct links to
zulip.readthedocs.io in the codebase; those will be resolved in an
upcoming follow-up commit (it'll be easier to verify all the links
once this is merged and ReadTheDocs is updated).

Fixes #5265.
2017-11-16 09:45:08 -08:00