From 031b6f54b88602e4b74ed654f206bfa9b81a8b44 Mon Sep 17 00:00:00 2001 From: Caen Jones Date: Tue, 25 Nov 2025 19:35:14 -0500 Subject: [PATCH 1/2] Update production.rst --- .../source/container/running/production.rst | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/doc/sphinx-guides/source/container/running/production.rst b/doc/sphinx-guides/source/container/running/production.rst index 723e4d31298..0bd7a65bebb 100644 --- a/doc/sphinx-guides/source/container/running/production.rst +++ b/doc/sphinx-guides/source/container/running/production.rst @@ -1,6 +1,12 @@ Production ========== +.. _production-security-warning: + +The :doc:`demo` tutorial is **NOT SECURE BY DEFAULT**. It uses public, hardcoded passwords and secrets for demonstration purposes only. + +If you use the demo as a structural template, you MUST replace all default secrets before deploying your instance. Failure to do so will result in a vulnerable production environment. + .. contents:: |toctitle| :local: @@ -11,7 +17,7 @@ As of Dataverse 6.8, when we introduced image tagging per version (see the :ref: The images and the documentation is not perfect, of course. -For now, we recommend following the :doc:`demo` tutorial. It will help you learn how to configure and secure your installation. Not that instead of "latest" you might want to select a specific version. Again see :ref:`app-image-supported-tags`. +For now, we recommend following the :doc:`demo` as a structural template. Note that instead of "latest" you might want to select a specific version. Again see :ref:`app-image-supported-tags`. The Dataverse guides were originally written with a non-Docker installation in mind so we'd like rewrite them with both Docker and non-Docker in mind. This is a big job, obviously. 😅 We know we'd like to write more about ports. We'd like to explain `how to set up Rserve `_. Etc., etc. @@ -30,4 +36,4 @@ Please try the images (see :doc:`demo`) and give feedback (see :ref:`helping-con Alternatives ------------ -The traditional (non-Docker) installation method is described in the :doc:`/installation/index`. \ No newline at end of file +The traditional (non-Docker) installation method is described in the :doc:`/installation/index`. From c6c0a9796c4ef47964a35f09dc6bd5a881a349b0 Mon Sep 17 00:00:00 2001 From: Caen Jones Date: Tue, 25 Nov 2025 19:43:01 -0500 Subject: [PATCH 2/2] fixed security warning for demo tutorial usage --- doc/sphinx-guides/source/container/running/production.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/doc/sphinx-guides/source/container/running/production.rst b/doc/sphinx-guides/source/container/running/production.rst index 0bd7a65bebb..786851267e9 100644 --- a/doc/sphinx-guides/source/container/running/production.rst +++ b/doc/sphinx-guides/source/container/running/production.rst @@ -3,9 +3,11 @@ Production .. _production-security-warning: -The :doc:`demo` tutorial is **NOT SECURE BY DEFAULT**. It uses public, hardcoded passwords and secrets for demonstration purposes only. +.. warning:: -If you use the demo as a structural template, you MUST replace all default secrets before deploying your instance. Failure to do so will result in a vulnerable production environment. + The :doc:`demo` tutorial is **NOT SECURE BY DEFAULT**. It uses public, hardcoded passwords and secrets for demonstration purposes only. + + If you use the demo as a structural template, you MUST replace all default secrets before deploying your instance. Failure to do so will result in a vulnerable production environment. .. contents:: |toctitle| :local: