How to transition prototype iOS app to internet securely?


#1

I have an iOS app that uses Couchbase-Lite-iOS to sync with an CouchDB server running on my local network. The app has been through the prototyping stage and now I’d like to transition to an alpha version running over the internet with a few selected users. However, searching through the docs and the web I haven’t found a description of what I need to do to make this transition in a secure way and which will put me in position to do a scaled up beta with hundreds or thousands of users. I’ll probably try to do this on AWS as I have used it a few times before.

Currently, in my app I simply pass “http://blah” with my IP/port to createPullReplication and createPushReplication, but I don’t want to do this on the open internet. I’m not at all clear on what best practices I need to be following with this tech. Are there any good articles or examples that cover this kind of thing? If not, can anyone give a rough overview of what’s needed? Thanks!


#2

You’ll want to set up a Couchbase Server and Sync Gateway on an AWS instance. Be sure to enable SSL — you’ll need to acquire a signed SSL cert for your domain, and configure the Sync Gateway to use it. Then you just change the replication URL in your client app to https://mydomain/mydb.

I don’t know much about setting up the server on AWS, but I’ll ask someone who does to comment here…


#3

Hey Fran_Costella, I wrote up a blog post on running Couchbase Server + Sync Gateway on AWS:

http://tleyden.github.io/blog/2014/12/15/running-a-sync-gateway-cluster-under-coreos-on-aws/

At the bottom under the “references” section, there is a link to a YouTube screencast that walks through it.

Please give it a shot and let me know if you have any questions.


#4

Great, thanks Jens! I’ll set something like this locally before trying it on AWS. I paid no attention to Sync Gateway when I started out, so I’ll have to get into some detail on that.

It might be useful to add a bit of information about deployment permutations, or links to articles, to the readme file, I’m sure I’m not the only one to want this info at some point and that’s the first place to look.


#5

Hi, Traun. Thanks for the link, I just had a quick glance and will try to configure one as soon as I get a chance. I note that you say it is “experimental”, so what part of it is, and what is the non-experimental way to do it?

Thanks for taking the time to share, it helps a great deal to see how to deploy a working system.


#6

I’m running Couchbase Server inside of a Docker container, which is essentially “unchartered territory” in terms of running production servers. I have worked with the support team on this, but it’s not an “officially supported” approach yet. For example, there could be bottlenecks introduced due to misconfiguration. You’d want to do your own performance testing to make sure it meets your requirements first.

There is currently an effort underway for Couchbase to produce officially supported Docker images, but I don’t have a date on when that is scheduled to happen.