CONFIGURATION¶
Basic configuration update¶
To update basic configuration (server name, database connection, languages, or set workers number or timeout), run:
sudo dpkg-reconfigure geotrek-admin
The basic configuration is stored in /opt/geotrek-admin/var/conf/env
file, not to be changed manually.
This file also contains the PostgreSQL authentification details, if you need to access your Geotrek-admin database.
NGINX configuration¶
NGINX configuration is controlled by Geotrek-admin and will be erased at each upgrade.
Do not modify /etc/nginx/sites-available/geotrek.conf
or /etc/nginx/sites-enable/geotrek.conf
.
Modify /opt/geotrek-admin/var/conf/nginx.conf.in
instead. To update nginx.conf
, then run:
sudo dpkg-reconfigure geotrek-admin
Users management¶
Geotrek-admin relies on Django authentication and permissions system. Users belong to groups. Permissions can be assigned at user or group-level.
The whole configuration of user, groups and permissions is available in the AdminSite, if you did not enable External authent (see below).
By default four groups are created:
- Readers
- Path managers
- Trek managers
- Editor
Once the application is installed, it is possible to modify the default permissions of these existing groups, create new ones etc…
If you want to allow the users to access the AdminSite, give them the staff status using the dedicated checkbox.
Database users¶
It is not safe to use the geotrek
user in QGIS, or to give its password to
many collaborators.
A wise approach, is to create a read-only user, or with specific permissions.
With pgAdmin, you can create database users like this:
CREATE ROLE lecteur LOGIN;
ALTER USER lecteur PASSWORD 'passfacile';
GRANT CONNECT ON DATABASE geotrekdb TO lecteur;
And give them permissions by schema :
GRANT USAGE ON SCHEMA public TO lecteur;
GRANT USAGE ON SCHEMA geotrek TO lecteur;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO lecteur;
GRANT SELECT ON ALL TABLES IN SCHEMA geotrek TO lecteur;
You can also create groups, etc. See PostgreSQL documentation.