Hey, I'm working on ansible scripts for an automatic deployment of GNU Health. At some points I'm changing things where I think it would be better to change it in the official packages/documentation.
1) Logging in the systemd service regarding both the wikibooks documentation and the shipped script when downloading from https://ftp.gnu.org/gnu/health/ The line "ExecStart=/home/gnuhealth/start_gnuhealth.sh" could be changed into "ExecStart=/home/gnuhealth/start_gnuhealth.sh --logconf /home/gnuhealth/gnuhealth/tryton/server/config/gnuhealth_log.conf" 2) When installing Thalamus via pip in etc/thalamus_uwsgi.ini the line "plugins = http,python" is missing 3) For venv and http vs. https in uwsgi it's somehow a matter of taste what to use. In my oppinion it's better to only use http as internal port when running Thalamus as a non privileged user (and then use a https reverse proxy for remote access). Before I edited the documentation it was suggested to put cert&key in /opt/gnuhealth/certs/ and this path is already part of the shipped thalamus_uwsgi.ini. But I think the non privileged user should not have access to the private key and as far as I know nginx & apache2 are already designed in a way where privileges are only used to access the private key and privileged ports but drop those privileges directly afterwards. And the private key can stay in a directory where other users don't have read permissions. Thus I propose to change "https = ..." into "http = 0.0.0.0:8080". 4) Talking about downloads from https://ftp.gnu.org/gnu/health/ above... I was wondering what is the current suggested way of installing the hmis node and for exmaple the crypto plugin, downloading from this link or using pip? Greets Gerald
