git-annex/doc/tips/remote_webapp_setup.mdwn

Here's the scenario: You have a remote server you can ssh into,
and you want to use the git-annex webapp there, displaying back on your local
web browser.

Sure, no problem! It can even be done securely!

Let's start by making the git-annex repository on the remote server.

	git init annex
	cd annex
	git annex init

Now, you need to generate a private key and a certificate for HTTPS.
These files are stored in `.git/annex/privkey.pem` and 
`.git/annex/certificate.pem` inside the git repository. Here's
one way to generate those files, using a self-signed certificate:

	(umask 077 ; openssl genrsa -out .git/annex/privkey.pem 4096)
	openssl req -new -x509 -key .git/annex/privkey.pem > .git/annex/certificate.pem

With those files in place, git-annex will automatically only accept HTTPS
connections. That's good, since HTTP connections are not secure over the
big bad internet.

All that remains is to make the webapp listen on the external interface
of the server. Normally, for security, git-annex only listens on localhost.
Tell it what hostname to listen on:

	git config annex.listen host.example.com

(If your hostname doesn't work, its IP address certianly will..)

When you run the webapp configured like that, it'll print out the
URL to use to open it. You can paste that into your web browser.

	git annex webapp
	http://host.example.com:42232/?auth=ea7857ad...

Notice that the URL has a big jumble of letters at the end -- this is a
secret token that the webapp uses to verify you're you. So random attackers
can't find your webapp and do bad things with it.

If you like, you can make the server run `git annex assistant --autostart`
on boot.

To automate opening the remote server's webapp in your local browser,
just run this:

	firefox "$(ssh host.example.com git annex webapp)"