From 0d2184037a88971496555d6e2b4eb36f796c2124 Mon Sep 17 00:00:00 2001 From: Thomas Waldmann Date: Fri, 8 Nov 2013 01:52:52 +0100 Subject: [PATCH] docs enhancements --- README.rst | 8 +++++--- docs/admin.rst | 6 ++++++ docs/project.rst | 3 +++ docs/security.rst | 6 +++--- setup.py | 2 +- 5 files changed, 18 insertions(+), 7 deletions(-) diff --git a/README.rst b/README.rst index f119507..93c64aa 100644 --- a/README.rst +++ b/README.rst @@ -21,10 +21,12 @@ Features * Easy and simple web interface. * Multiple Hosts per user * Add own domains / nameservers (public or only for yourself) -* Supports IP v4 and v6 +* Supports IP v4 and v6, SSL. +* Login with local or remote accounts (google, github, bitbucket, ... + accounts - everything supported by python-social-auth package) * Manual IP updates via web interface -* Shows time since last update via api +* Shows time since last update via api, whether it used SSL or not * Made with security in mind -* No nagging, no spamming, trying to not annoy users +* No nagging, no spamming - trying not to annoy users * Free and Open Source Software * Made with Python and Django diff --git a/docs/admin.rst b/docs/admin.rst index 0526b20..d3ae131 100644 --- a/docs/admin.rst +++ b/docs/admin.rst @@ -63,6 +63,11 @@ to the outside world. Make sure your static files really work. +Since version 1.6, Django has a nice deployment checklist (make sure stuff +applies to the django version YOU use): + +https://docs.djangoproject.com/en/1.6/howto/deployment/checklist/ + Configuration ============= @@ -89,6 +94,7 @@ Users who are in the "staff" group (like the one initially created when creating admin interface (see "Admin" in the same menu as "Logout"). But be careful, the Django admin lets you do all sorts of stuff, admins are allowed to shoot themselves. +Only give Django admin access ("staff" group membership) to highly trusted admins of the service. Software updates / upgrades diff --git a/docs/project.rst b/docs/project.rst index 0bed529..1b01579 100644 --- a/docs/project.rst +++ b/docs/project.rst @@ -15,6 +15,9 @@ The initial version of the nsupdate.info software was developed in 48h in the Dj Project site ============ +Source code repository, issue tracker (bugs, ideas about enhancements, todo, +feedback, ...), link to documentation is all there: + https://github.com/nsupdate-info/nsupdate.info diff --git a/docs/security.rst b/docs/security.rst index 34b1e4f..483c15c 100644 --- a/docs/security.rst +++ b/docs/security.rst @@ -89,12 +89,12 @@ update client also. Nameserver Update Key (backend, RFC 2136) ----------------------------------------- -We currently store this key (which is basically a base64 encoded shared secret) -"as is". +We currently store this key (which is basically a base64 encoded shared secret, +one per dynamic zone) "as is" into the database ("Domain" records there). This is somehow critical, but also hard to do better - encryption would only help very little here as we would need to decrypt the update key before using it, -so we would need the unlocked key of that encryption mechanism on the same machine. +so we would need the unlocked decryption key on the same machine. Make sure no unauthorized person gets that key or he/she will be able to update ANY record in the respective zone / nameserver directly (without going over diff --git a/setup.py b/setup.py index ad5d58e..bf9a606 100644 --- a/setup.py +++ b/setup.py @@ -38,7 +38,7 @@ setup( zip_safe=False, platforms='any', install_requires=[ - 'django >1.5.3, <1.6', # 1.5.3 has the session serializer configurable + 'django >1.5.3, <1.6', # 1.5.3 has the session serializer configurable 'dnspython', 'south', 'django-bootstrap-form',