From 8486f3be044e279c7c2a0b735c35f9591d840d61 Mon Sep 17 00:00:00 2001
From: realaravinth <realaravinth@batsense.net>
Date: Sun, 30 May 2021 20:06:13 +0530
Subject: [PATCH] configuration instructions

---
 README.md             | 38 ++---------------------------
 docs/CONFIGURATION.md | 57 +++++++++++++++++++++++++++++++++++++++++++
 docs/DEPLOYMENT.md    |  2 ++
 3 files changed, 61 insertions(+), 36 deletions(-)
 create mode 100644 docs/CONFIGURATION.md

diff --git a/README.md b/README.md
index 5491b582..4a3b52e1 100644
--- a/README.md
+++ b/README.md
@@ -90,7 +90,7 @@ It takes a while to build the image so please be patient :)
 
 ## Development:
 
-See [HADCKING.md](./docs/HACKING.md)
+See [HACKING.md](./docs/HACKING.md)
 
 ## Deployment:
 
@@ -98,38 +98,4 @@ See [DEPLOYMENT.md](./docs/DEPLOYMET.md)
 
 ## Configuration:
 
-Guard is highly configurable.
-Configuration is applied/merged in the following order:
-
-1. path to configuration file passed in via `GUARD_CONFIG`
-2. `./config/default.toml`
-3. `/etc/guard/config.toml`
-4. environment variables.
-
-### Setup
-
-#### Environment variables:
-
-Setting environment variables are optional. The configuration files have
-all the necessary parameters listed. By setting environment variables,
-you will be overriding the values set in the configuration files.
-
-##### Database:
-
-| Name                      | Value                                  |
-| ------------------------- | -------------------------------------- |
-| `GUARD_DATEBASE_PASSWORD` | Postgres password                      |
-| `GUARD_DATEBASE_NAME`     | Postgres database name                 |
-| `GUARD_DATEBASE_PORT`     | Postgres port                          |
-| `GUARD_DATEBASE_HOSTNAME` | Postgres hostmane                      |
-| `GUARD_DATEBASE_USERNAME` | Postgres username                      |
-| `GUARD_DATEBASE_POOL`     | Postgres database connection pool size |
-
-##### Server:
-
-| Name                                | Value                                               |
-| ----------------------------------- | --------------------------------------------------- |
-| `GUARD_SERVER_PORT` (or) `PORT`\*\* | The port on which you want wagon to listen to       |
-| `GUARD_SERVER_IP`                   | The IP address on which you want wagon to listen to |
-| `GUARD_SERVER_STATIC_FILES_DIR`     | Path to directory containing static files           |
-| `GUARD_CONFIG`                      | Path to config file                                 |
+See [CONFIGURATION.md](./docs/CONFIGURATION.md)
diff --git a/docs/CONFIGURATION.md b/docs/CONFIGURATION.md
new file mode 100644
index 00000000..5af91734
--- /dev/null
+++ b/docs/CONFIGURATION.md
@@ -0,0 +1,57 @@
+# Configuration
+
+Guard is highly configurable.
+
+Configuration is applied/merged in the following order:
+
+1. path to configuration file passed in via `GUARD_CONFIG`
+2. `./config/default.toml`
+3. `/etc/guard/config.toml`
+4. environment variables.
+
+## Setup
+
+### Environment variables:
+
+Setting environment variables are optional. The configuration files have
+all the necessary parameters listed. By setting environment variables,
+you will be overriding the values set in the configuration files.
+
+#### Database:
+
+| Name                                 | Value                                                         |
+| ------------------------------------ | ------------------------------------------------------------- |
+| `GUARD_DATEBASE_PASSWORD`            | Postgres password                                             |
+| `GUARD_DATEBASE_NAME`                | Postgres database name                                        |
+| `GUARD_DATEBASE_PORT`                | Postgres port                                                 |
+| `GUARD_DATEBASE_HOSTNAME`            | Postgres hostmane                                             |
+| `GUARD_DATEBASE_USERNAME`            | Postgres username                                             |
+| `GUARD_DATEBASE_POOL`                | Postgres database connection pool size                        |
+| `DATABSE_URL` (overrides above vars) | databse URL in `postgres://user:pass@host:port/dbname` format |
+
+#### Server:
+
+| Name                                  | Value                                               |
+| ------------------------------------- | --------------------------------------------------- |
+| `GUARD_SERVER_PORT`                   | The port on which you want guard to listen to       |
+| `PORT`(overrides `GUARD_SERVER_PORT`) | The port on which you want guard to listen to       |
+| `GUARD_SERVER_IP`                     | The IP address on which you want guard to listen to |
+| `GUARD_SERVER_DOMAIN`                 | Domain under which guard will be\*                  |
+| `GUARD_SERVER_COOKIE_SECRET`          | Cookie secret, must be long and random              |
+| `GUARD_SERVER_ALLOW_REGISTRATION`     | `bool` that controls                                |  | registration |
+
+\* Authentication doesn't work without `GUARD_DOMAIN` set to the correct
+domain
+
+### Configuration file location:
+
+| Name           | Value               |
+| -------------- | ------------------- |
+| `GUARD_CONFIG` | Path to config file |
+
+### Proof of work:
+
+| Name             | Value                                                                                   |
+| ---------------- | --------------------------------------------------------------------------------------- |
+| `GUARD_POW_SALT` | Salt has to be long and random                                                          |
+| `GUARD_POW_GC`   | Garbage collection duration in seconds, requires tuning but 30 is a good starting point |
diff --git a/docs/DEPLOYMENT.md b/docs/DEPLOYMENT.md
index cd398be8..9db3c191 100644
--- a/docs/DEPLOYMENT.md
+++ b/docs/DEPLOYMENT.md
@@ -1,5 +1,7 @@
 # Deployment instructions:
 
+See [CONFIGURATION.md](./CONFIGURATION.md) for configuration instructions 
+
 There are three ways to deploy mCaptcha:
 
 1. Docker