From 3532fdc8a4256a0862564546bc03eb61376b3ca2 Mon Sep 17 00:00:00 2001
From: Patrick Jentsch <p.jentsch@uni-bielefeld.de>
Date: Tue, 7 Jan 2020 15:07:08 +0100
Subject: [PATCH] Add information about securing the docker API in README

---
 README.md | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index d9a742da..ff9c3a8b 100644
--- a/README.md
+++ b/README.md
@@ -20,8 +20,7 @@ As a last step texts can be loaded into an information retrieval system to query
 
 1. **Create Docker swarm:**
 The generated computational workload is handled by a [Docker](https://docs.docker.com/) swarm. A swarm is a group of machines that are running Docker and joined into a cluster. It consists out of two different kinds of members, managers and workers. Currently it is not possible to specify a dedicated Docker host, instead Opaque expects the executing system to be a swarm manager of a cluster with at least one dedicated worker machine. The swarm setup process is described best in the [Docker documentation](https://docs.docker.com/engine/swarm/swarm-tutorial/).
-
-2. **Create a network storage**
+2. **Create a network storage:**
 A shared network space is necessary so that all swarm members have access to all the data. To achieve this a [Samba](https://www.samba.org/) can be used.
 ``` bash
 # Example: Create a Samba share via Docker
@@ -36,25 +35,22 @@ $ docker run \
       -s storage.nopaque;/srv/nopaque/storage;no;no;no;nopaque \
       -u nopaque;nopaque
 
-
 # Mount the Samba share on all swarm member nodes with the following code
 $ sudo mkdir /mnt/nopaque
 $ sudo mount --types cifs --options gid=${USER},password=nopaque,uid=${USER},user=nopaque,vers=3.0 //<YOUR IP>/storage.nopaque /mnt/nopaque
 ```
-
 3. **Download Opaque**
 ``` bash
 $ git clone https://gitlab.ub.uni-bielefeld.de/sfb1288inf/opaque.git
 $ cd opaque
 $ docker-compose pull
 ```
-
-4. **Configure your instance**
+4. **Configure your instance:**
+For production environments it is recommended to activate and secure the Docker HTTP API. You can read more [here](https://gitlab.ub.uni-bielefeld.de/sfb1288inf/opaque_daemon).
 ``` bash
 $ cp nopaque.env.tpl nopaque.env
 $ <YOUR EDITOR> nopaque.env # Fill out the empty variables within this file.
 ```
-
 5. **Start your instance**
 ``` bash
 # Execute the following 3 steps only on first startup