For an Amazon EC2 installation, the server is preconfigured, so this structure is not important, except for the SSL setup for https, which is handled by the certificate-tool.py script.
The InfinityDB Server has a simple structure. Just download from the shop at boilerbay.com the InfinityDB Server trial distribution zip and expand into somewhere like ~/infdb and download the seed database zip, and expand the seed into an infinitydb-home directory. Then, launch. These trials expire after a few months, and long-term deployments are on Amazon Web Services Elastic Computing Cloud. If you need other environments, such as private servers, laptops, and so on, contact us at email@example.com. The InfinityDB Embedded and InfinityDB Encrypted versions do not need any of this structure, and are licensed separately.
The Home Directory
The home directory contains multiple database files, web assets, and the security-related files. It has the structure below, and it normally just goes in ~/infinitydb-home. Permissions will vary for the directories based on sensitivity.
|data/default||meta-data.infdb||Contains all system configuration information except web configuration including: database names and their associated file names, user names and password hashes, roles, and permission grants between roles and databases. Databases may also be declared remote or given relative or absolute paths. Meta-data.infdb is a regular InfinityDB Encrypted file that is only modified via the admin pages within the server.|
demo_writeable.infdb, further infinitydb files
|Any InfinityDB database files can be placed here, manually copied in or created by the administration web page. There is no limitation on the contents or structure of the files. A convenient way to backup is to manually copy the default subdirectory into another subdirectory under data. All files here may be listed and accessed by the web-based database browser by permitted or database owner users.|
|web/default||web assets||All html, js, css, images, and other static web files. Some of these are specific to the server. There is no limit to these, and they show up in the root of the server’s web site. Putting application code in a subdirectory would be good. Access is public, but Servlets may be protected by user credentials. Future versions may make static access protectable also.|
|web/default/WEB_INF||web.xml||A configuration file in the standard format for Servlets. It determines mainly the Servlet paths within the site’s URLS. The Servlets are provided as code within the Server’s JVM with class names configured here. There are predefined Servlets under the special infinitydb URL path prefix for administration and data browsing.|
|key-store||.keystore.p12||The server’s SSL private key file or other backup or alternative private key files in standard pkcs#12 format. If the server is launched in http mode, this is ignored. You can use OpenSSL on these or use certificate-tool.py. Note the initial dot.|
|key-store-password||.keystore.p12.password||A file containing the private key file password. This directory will have tight permissions. Note the initial dot.|
|Trust stores in Java’s native .jks format, standard pkcs#12 .p12 format, or .pem base64 format, which is unencrypted. This is used when declaring a database remote, i.e. existing on a different server. The trust store in $JAVA_HOME/lib/security/cacerts is used by default, however. This cacerts is a copy from JDK10. Custom stores may be added.|
|trust-store-password||cacerts.password||Passwords for trust stores. Permissions can be set tightly here. cacerts.password defaults to ‘changeit’, the common value.|
|meta-data-password/default||meta-data-password||Current password of metadata.infdb. This is the master password, so it will have tight permissions. The subdirectory corresponds to the data/default or other backup so multiple passwords can be kept. This is currently static, but will be dynamic later, such as through the admin web page.|
|logs||log.txt||Standard out and standard err from the server process. This will currently accumulate, and should be deleted occasionally manually. Pipe to /dev/null to prevent that for now.|
Please send feedback to firstname.lastname@example.org.