From 423293baec3047731f1b3cb7775e6273ab20d867 Mon Sep 17 00:00:00 2001
From: Jaxom99 <30865395+Jaxom99@users.noreply.github.com>
Date: Fri, 26 Oct 2018 14:52:41 +0200
Subject: [PATCH] Create app_my_webapp

Explain config for non-interactive STFP login
---
 app_my_webapp | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 app_my_webapp

diff --git a/app_my_webapp b/app_my_webapp
new file mode 100644
index 00000000..1af5c124
--- /dev/null
+++ b/app_my_webapp
@@ -0,0 +1,14 @@
+# My_webapp documentation
+In addition to the Readme.md of the app, here are some useful tips.
+## non-interactive login
+This app creates a new user with very limited rights : use of sftp, and access to a `/var/www/my_webapp(__#)` directory. Password login is enabled, with a Chroot to the directory. This forces you to update the contents of the website by hand, with a login and a password input.
+To allow non-interactive login, you must follow those steps :
+- Enable public-key login in `/etc/ssh/sshd_config`, on the server
+- Create a public/private key pair for your script, on your "redacting" computer
+- Copy the public key in `/var/www/my_webapp(__#)/.ssh/authorized_keys`
+- Adjust the owner of the file and directory to the `webapp#` user
+- you may now login without a password input, using  `sftp -b`, `lftp` of other sftp-enabled clients.
+
+NB : The port number to use for sftp connexions is the one used for SSH, specified in `/etc/ssh/sshd_config`.
+
+This setup then allows for auto-update scripts of the site contents. (For example with the Pelican makefile : `make ftp_upload`)