From 32672fad543d6319e772e301ff882945ff0530eb Mon Sep 17 00:00:00 2001 From: Marion Date: Mon, 20 Jan 2025 15:36:22 -0800 Subject: [PATCH] update docs for production deployment --- docs/src/content/docs/deployment/production.mdx | 4 +++- docs/src/content/docs/deployment/user-roles.mdx | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/src/content/docs/deployment/production.mdx b/docs/src/content/docs/deployment/production.mdx index 09ea2e078..f5f50a348 100644 --- a/docs/src/content/docs/deployment/production.mdx +++ b/docs/src/content/docs/deployment/production.mdx @@ -54,7 +54,7 @@ The following default settings in the `.env` file should be changed when deployi | value in prod environment | Notes | |------------------------------------------------------------------------------------------|---------------| | `CANDIG_DOMAIN=` | Update to correct prod domain | -| `CANDIG_INTERNAL_DOMAIN=${CANDIG_DOMAIN}` or `internal ip address` | Some sites have needed to change this to `127.0.0.1` | +| `CANDIG_INTERNAL_DOMAIN=${CANDIG_DOMAIN}` or `internal ip address` | Some sites have needed to change this to `127.0.0.1` | | `CANDIG_AUTH_DOMAIN=` | Update to correct prod auth domain | | `CANDIG_SITE_LOCATION=` | e.g. UHN, BC-Dev The name of your site, should be unique within a federation. | | `CANDIG_DEBUG_MODE=0` | Turn off DEBUG mode | @@ -71,6 +71,8 @@ The following default settings in the `.env` file should be changed when deployi | `TYK_ANALYTICS_FROM_EMAIL=YOUR-ADMIN-EMAIL@email.ca` | Update to a relevant email addresss | | `TYK_USE_SSL=true` | ensure tyk uses SSL | | `CANDIG_DATA_PORTAL_URL=https://${CANDIG_DOMAIN}:${CANDIG_DATA_PORTAL_PORT}/data-portal` | ensure dataportal url has https | +| `CANDIG_DATA_PORTAL_SUPPORT_EMAIL=YOUR_SITE_ADMIN_SUPPORT_EMAIL` | Update the value to a valid email that will deal with user requests to access to the portal | +| `DIR_PERMISSIONS=775` | You may not need to change the default here but be aware that this gives anyone in the group of the person that deployed the current instance the ability to recompose services and rebuild the stack | ### Setting location information diff --git a/docs/src/content/docs/deployment/user-roles.mdx b/docs/src/content/docs/deployment/user-roles.mdx index 14453fa7c..56645e5ab 100644 --- a/docs/src/content/docs/deployment/user-roles.mdx +++ b/docs/src/content/docs/deployment/user-roles.mdx @@ -16,7 +16,7 @@ Team members and Authorized users are similar in that they can only be granted a A summary of what each user role can do in CanDIG is in the table below. The full technical breakdown of which endpoints each user can access is controlled through opa and is found in [`paths.json`](https://github.com/CanDIG/candig-opa/blob/develop/defaults/paths.json) | Role | Register a new program | Edit authorized users in an existing program | ingest/delete data | view ingested data | -|---------------|-------------------------------------------------------|----------------------------------------------------------------------------|----------------------------------------------------------------------------|----------------------------------------------------------------------------| +|-----------------|-------------------------------------------------------|----------------------------------------------------------------------------|----------------------------------------------------------------------------|----------------------------------------------------------------------------| | Site admin | | | | | | Site curator | | | | | | Program curator | | (authorized programs) | (authorized programs) | (authorized programs) |