From e4f58e8066a43bddbd6095467b093783305c3c9b Mon Sep 17 00:00:00 2001 From: Gunnstein Lye Date: Mon, 2 May 2022 15:00:27 +0200 Subject: [PATCH 1/3] Add instructions on encoding database password --- docs/getting_started/install_ez_platform.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/docs/getting_started/install_ez_platform.md b/docs/getting_started/install_ez_platform.md index 0f401423c4..6c2add1796 100644 --- a/docs/getting_started/install_ez_platform.md +++ b/docs/getting_started/install_ez_platform.md @@ -175,6 +175,20 @@ or `DATABASE_URL=postgresql://user:password@host:port/database_name`. +!!! tip "Encoding database password" + + The password entered in `DATABASE_URL` must either be URL encoded, or not contain any special characters that would require URL encoding. + + #### Alternative 1: URL encoding + + This involves two steps. First, the password must be URL encoded. This can for instance be done with PHP's `urlencode()` function. This converts e.g. a password like `(/!=#Ƥ*;%?[` to `%28%2F%21%3D%23%C3%86%C2%A4%2A%3B%25%3F%5B`. + + Second, you must remove `resolve:` from `doctrine.dbal.url` in `config/packages/doctrine.yaml`. That means changing `%env(resolve:DATABASE_URL)%` to `%env(DATABASE_URL)%`. + + #### Alternative 2: Avoid special characters + + If your password only contains letters a-z, A-Z, and numbers 0-9, you don't need to do any encoding. You can either create your password that way, in which case it is a good idea to make it longer to maintain entropy, keeping the password hard to guess for an attacker. Or, you can for instance convert your password with `bin2hex()`, so that e.g. `(/!=#Ƥ*;%?[` becomes `282f213d23c386c2a42a3b253f5b`. The output from bin2hex is limited to 0-9 and a-f. As you can see this more than doubles the length, keeping entropy similar. + Choose a [secret]([[= symfony_doc =]]/reference/configuration/framework.html#secret) and provide it in the `APP_SECRET` parameter in `.env`. It should be a random string, made up of at least 32 characters, numbers, and symbols. From c0adc96cf526372a30cf30b85916e9491c9892be Mon Sep 17 00:00:00 2001 From: DominikaK Date: Wed, 4 May 2022 11:10:38 +0200 Subject: [PATCH 2/3] Move tip to troubleshooting --- docs/getting_started/install_ez_platform.md | 12 ++---------- docs/getting_started/troubleshooting.md | 14 ++++++++++++++ 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/docs/getting_started/install_ez_platform.md b/docs/getting_started/install_ez_platform.md index 6c2add1796..11748743a5 100644 --- a/docs/getting_started/install_ez_platform.md +++ b/docs/getting_started/install_ez_platform.md @@ -178,16 +178,8 @@ or !!! tip "Encoding database password" The password entered in `DATABASE_URL` must either be URL encoded, or not contain any special characters that would require URL encoding. - - #### Alternative 1: URL encoding - - This involves two steps. First, the password must be URL encoded. This can for instance be done with PHP's `urlencode()` function. This converts e.g. a password like `(/!=#Ƥ*;%?[` to `%28%2F%21%3D%23%C3%86%C2%A4%2A%3B%25%3F%5B`. - - Second, you must remove `resolve:` from `doctrine.dbal.url` in `config/packages/doctrine.yaml`. That means changing `%env(resolve:DATABASE_URL)%` to `%env(DATABASE_URL)%`. - - #### Alternative 2: Avoid special characters - - If your password only contains letters a-z, A-Z, and numbers 0-9, you don't need to do any encoding. You can either create your password that way, in which case it is a good idea to make it longer to maintain entropy, keeping the password hard to guess for an attacker. Or, you can for instance convert your password with `bin2hex()`, so that e.g. `(/!=#Ƥ*;%?[` becomes `282f213d23c386c2a42a3b253f5b`. The output from bin2hex is limited to 0-9 and a-f. As you can see this more than doubles the length, keeping entropy similar. + + For more information, see [Encoding database password](troubleshooting.md#encoding-database-password). Choose a [secret]([[= symfony_doc =]]/reference/configuration/framework.html#secret) and provide it in the `APP_SECRET` parameter in `.env`. diff --git a/docs/getting_started/troubleshooting.md b/docs/getting_started/troubleshooting.md index d2a5c779cb..96e3278afd 100644 --- a/docs/getting_started/troubleshooting.md +++ b/docs/getting_started/troubleshooting.md @@ -2,6 +2,20 @@ This page lists potential problems that you may encounter while installing, configuring, and running [[= product_name =]]. +## Encoding database password + +The password entered in `DATABASE_URL` must either be URL encoded, or not contain any special characters that would require URL encoding. + +#### Alternative 1: URL encoding + +This involves two steps. First, the password must be URL encoded. This can for instance be done with PHP's `urlencode()` function. This converts e.g. a password like `(/!=#Ƥ*;%?[` to `%28%2F%21%3D%23%C3%86%C2%A4%2A%3B%25%3F%5B`. + +Second, you must remove `resolve:` from `doctrine.dbal.url` in `config/packages/doctrine.yaml`. That means changing `%env(resolve:DATABASE_URL)%` to `%env(DATABASE_URL)%`. + +#### Alternative 2: Avoid special characters + +If your password only contains letters a-z, A-Z, and numbers 0-9, you don't need to do any encoding. You can either create your password that way, in which case it is a good idea to make it longer to maintain entropy, keeping the password hard to guess for an attacker. Or, you can for instance convert your password with `bin2hex()`, so that e.g. `(/!=#Ƥ*;%?[` becomes `282f213d23c386c2a42a3b253f5b`. The output from bin2hex is limited to 0-9 and a-f. As you can see this more than doubles the length, keeping entropy similar. + ## Enable swap on systems with limited RAM If you have problems installing [[= product_name =]] on a system with limited RAM (for example 1GB or 2GB), enable swap. From ddf13a617ea4d6d58080ef1cf2e114ddd74ff70b Mon Sep 17 00:00:00 2001 From: DominikaK Date: Wed, 4 May 2022 11:26:25 +0200 Subject: [PATCH 3/3] Proofing --- docs/getting_started/troubleshooting.md | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/docs/getting_started/troubleshooting.md b/docs/getting_started/troubleshooting.md index 96e3278afd..872ba1dfea 100644 --- a/docs/getting_started/troubleshooting.md +++ b/docs/getting_started/troubleshooting.md @@ -4,17 +4,24 @@ This page lists potential problems that you may encounter while installing, conf ## Encoding database password -The password entered in `DATABASE_URL` must either be URL encoded, or not contain any special characters that would require URL encoding. +The password entered in `DATABASE_URL` during installation must either be URL encoded, +or not contain any special characters that would require URL encoding. -#### Alternative 1: URL encoding +### URL encoding -This involves two steps. First, the password must be URL encoded. This can for instance be done with PHP's `urlencode()` function. This converts e.g. a password like `(/!=#Ƥ*;%?[` to `%28%2F%21%3D%23%C3%86%C2%A4%2A%3B%25%3F%5B`. +Using URL encoding involves two steps. First, the password must be URL encoded. This can for instance be done with PHP's `urlencode()` function. +For example, this function converts a password like `(/!=#Ƥ*;%?[` to `%28%2F%21%3D%23%C3%86%C2%A4%2A%3B%25%3F%5B`. -Second, you must remove `resolve:` from `doctrine.dbal.url` in `config/packages/doctrine.yaml`. That means changing `%env(resolve:DATABASE_URL)%` to `%env(DATABASE_URL)%`. +Second, you must remove `resolve:` from `doctrine.dbal.url` in `config/packages/doctrine.yaml`. +That means changing `%env(resolve:DATABASE_URL)%` to `%env(DATABASE_URL)%`. -#### Alternative 2: Avoid special characters +### Avoid special characters -If your password only contains letters a-z, A-Z, and numbers 0-9, you don't need to do any encoding. You can either create your password that way, in which case it is a good idea to make it longer to maintain entropy, keeping the password hard to guess for an attacker. Or, you can for instance convert your password with `bin2hex()`, so that e.g. `(/!=#Ƥ*;%?[` becomes `282f213d23c386c2a42a3b253f5b`. The output from bin2hex is limited to 0-9 and a-f. As you can see this more than doubles the length, keeping entropy similar. +If your password only contains letters a-z, A-Z, and numbers 0-9, you don't need to do any encoding. +You can either create your password that way, in which case it is a good idea to make it longer to maintain entropy, +keeping the password hard to guess for an attacker. +Or, you can for instance convert your password with `bin2hex()`, so that e.g. `(/!=#Ƥ*;%?[` becomes `282f213d23c386c2a42a3b253f5b`. +The output from `bin2hex` is limited to 0-9 and a-f. This more than doubles the length of the password, keeping entropy similar. ## Enable swap on systems with limited RAM