Update deployment page

Author: satterly

_build/doctrees/authentication.doctree

@@ -280,3 +280,9 @@ For those situations where it is not possible to group users in this
 way it is possible to selectively allow access on a per-user basis. How
 this is done depends on whether you are using Google, GitHub or GitLab
 as OAuth2 provider for user login.
+
+
+.. _user roles:
+
+User Roles
+----------

_build/doctrees/customer-views.doctree

@@ -6,7 +6,11 @@ Deployment
 WSGI Server
 -----------
 
-There are many ways to deploy Alerta. It can be run as ``alertad`` during development or testing but when run in a production environment, it should `always be deployed`_ as a WSGI application. See the list of `real world`_ examples below for different ways to run Alerta as a WSGI application.
+There are many ways to deploy Alerta. It can be run as ``alertad``
+during development or testing but when run in a production environment,
+it should `always be deployed`_ as a WSGI application. See the list
+of `real world`_ examples below for different ways to run Alerta as
+a WSGI application.
 
 .. _always be deployed: http://flask.pocoo.org/docs/0.10/deploying/
 .. _WSGI: http://www.fullstackpython.com/wsgi-servers.html
@@ -16,17 +20,24 @@ There are many ways to deploy Alerta. It can be run as ``alertad`` during develo
 Web Proxy
 ---------
 
-Running the Alerta API behind a web proxy can greatly simplify the Web UI setup which means you can completely `avoid`_ the potential for any cross-origin issues.
+Running the Alerta API behind a web proxy can greatly simplify the
+Web UI setup which means you can completely `avoid`_ the potential
+for any cross-origin issues.
 
 .. _avoid: http://oskarhane.com/avoid-cors-with-nginx-proxy_pass/
 
-Also, if you run the API on an HTTPS/SSL endpoint then it can reduce the possibility of `mixed content`_ errors when a web application hosted on a HTTP endpoint tries to access resources on an HTTPS endpoint.
+Also, if you run the API on an HTTPS/SSL endpoint then it can
+reduce the possibility of `mixed content`_ errors when a web
+application hosted on a HTTP endpoint tries to access resources
+on an HTTPS endpoint.
 
 .. _mixed content: https://developer.mozilla.org/en-US/docs/Security/MixedContent/How_to_fix_website_with_mixed_content
 
 **Example API configuration (extract)**
 
-This example nginx server is configured to serve the web UI from the root ``/`` path and reverse-proxy API requests to ``/api`` to the WSGI application running on port 8080::
+This example nginx server is configured to serve the web UI from
+the root ``/`` path and reverse-proxy API requests to ``/api`` to
+the WSGI application running on port 8080::
 
     server {
 
@@ -50,24 +61,29 @@ This example nginx server is configured to serve the web UI from the root ``/``
             server localhost:8080 fail_timeout=0;
     }
 
-The web UI configuration file :file:`config.js` for this setup would simply be ``/api`` for the ``endpoint`` value, as follows::
+The web UI configuration file :file:`config.js` for this setup would
+simply be ``/api`` for the ``endpoint`` value, as follows::
 
     'use strict';
+
     angular.module('config', [])
       .constant('config', {
         'endpoint'    : "/api",
         'provider'    : "basic"
-      })
-      .constant('colors', {});
+      });
 
 .. _static website:
 
 Static Website
 --------------
 
-The Alerta web UI is just a directory of static assets that can be served from any location. An easy and cheap way to serve the web UI is from an `Amazon S3 bucket`_ as a static website.
+The Alerta web UI is just a directory of static assets that can be
+served from any location. An easy and cheap way to serve the web UI
+is from an `Amazon S3 bucket`_ as a static website.
 
-.. note:: Serving the Alerta web UI from a static web hosting site **will not work** unless that domain is listed in the ``CORS_ORIGINS`` Alerta API server configuration settings.
+.. note:: Serving the Alerta web UI from a static web hosting site
+          **will not work** unless that domain is listed in the
+          ``CORS_ORIGINS`` Alerta API server configuration settings.
 
 .. _Amazon S3 bucket: http://docs.aws.amazon.com/AmazonS3/latest/dev/website-hosting-custom-domain-walkthrough.html
 
@@ -76,39 +92,52 @@ The Alerta web UI is just a directory of static assets that can be served from a
 Authentication & SSL
 --------------------
 
-Alerta supports several authentication mechanisms for both the API and the web UI and some key features of the web UI, like :ref:`watching alerts <watched alerts>`, are only available if authentication is enabled.
+Alerta supports several authentication mechanisms for both the API
+and the web UI and some key features of the web UI, like
+:ref:`watching alerts <watched alerts>`, are only available if
+authentication is enabled.
 
-The API can be secured using :ref:`API keys` and the web UI can be secured using :ref:`Basic Auth <basic auth>` or an :ref:`OAuth <oauth2>` provider from either Google or Github.
+The API can be secured using :ref:`API keys` and the web UI can
+be secured using :ref:`Basic Auth <basic auth>` or an :ref:`OAuth <oauth2>`
+provider from either Google or Github.
 
-If you plan to make the web UI accessible from a public URL it is strongly advised to :ref:`enforce authentication <Authentication>` and use HTTPS/SSL connections to the Alerta API to protect private alert data.
+If you plan to make the web UI accessible from a public URL it is
+strongly advised to :ref:`enforce authentication <Authentication>`
+and use HTTPS/SSL connections to the Alerta API to protect private
+alert data.
 
 .. _auth_cv:
 
 Authorisation & Customer Views
 ------------------------------
 
-To restrict access to certain features use roles and customer views.
-
-
-
+To restrict access to certain features use :ref:`roles <user roles>`
+and :ref:`customer views <customer views>`.
 
 .. _scalability:
 
 Scalability
 -----------
 
-Alerta can scale horizontally, in the same way any other web application scales horizontally -- a load balancer handles the HTTP requests and distributes those requests between all available application servers.
+Alerta can scale horizontally, in the same way any other web
+application scales horizontally -- a load balancer handles the
+HTTP requests and distributes those requests between all available
+application servers.
 
 .. _scale horizontally: https://blog.openshift.com/best-practices-for-horizontal-application-scaling/
 
-.. note:: If using multiple API servers ensure the same ``SECRET_KEY`` is used across all servers otherwise there will be problems with web UI user logins.
+.. note:: If using multiple API servers ensure the same ``SECRET_KEY``
+          is used across all servers otherwise there will be problems
+          with web UI user logins.
 
 .. _high availability:
 
 High Availability
 -----------------
 
-To achieve high system availability the Alerta API should be deployed to scale out :ref:`horizontally <scalability>` and the MongoDB database should be deployed as a `replica set`_.
+To achieve high system availability the Alerta API should be
+deployed to scale out :ref:`horizontally <scalability>` and
+the MongoDB database should be deployed as a `replica set`_.
 
 .. _replica set: http://docs.mongodb.org/manual/tutorial/deploy-replica-set/#overview
 
@@ -117,32 +146,53 @@ To achieve high system availability the Alerta API should be deployed to scale o
 House Keeping
 -------------
 
-There are some jobs that should be run periodically to keep the Alerta console clutter free. To timeout *expired* alerts and delete old *closed* alerts run a contributed MongoDB script_ called :file:`housekeepingAlerts.js` at regular intervals via ``cron``.
+There are some jobs that should be run periodically to keep the
+Alerta console clutter free. To timeout *expired* alerts and
+delete old *closed* alerts run a contributed MongoDB script_
+called :file:`housekeepingAlerts.js` at regular intervals
+via ``cron``.
 
 .. _script: https://github.com/guardian/alerta/blob/master/contrib/mongo/housekeepingAlerts.js
 
 .. _stale heartbeats:
 
-:ref:`Heartbeats <heartbeats>` can be sent from any source to ensure that a system is 'alive'. To generate alerts for stale heartbeats the ``alerta`` command-line tool can be used::
+:ref:`Heartbeats <heartbeats>` can be sent from any source to
+ensure that a system is 'alive'. To generate alerts for stale
+heartbeats the ``alerta`` command-line tool can be used::
 
     $ alerta heartbeats --alert
 
-Again, this should be run at regular intervals via ``cron`` or some other scheduler.
+Again, this should be run at regular intervals via ``cron`` or
+some other scheduler.
 
 .. _metrics:
 
 Management & Metrics
 --------------------
 
-Use the management endpoint :file:`/management/status` to keep track of realtime statistics on the performance of the Alerta API like alert counts and average processing time. For convenience, these statistics can be viewed in the *About* page of the Alerta web UI or using the `alerta` command-line tool :ref:`status <cli_status>` command.
+Use the management endpoint :file:`/management/status` to keep
+track of realtime statistics on the performance of the Alerta API
+like alert counts and average processing time. For convenience,
+these statistics can be viewed in the *About* page of the Alerta
+web UI or using the ``alerta`` command-line tool
+:ref:`status <cli_status>` command.
 
 Web UI Analytics
 ----------------
 
-Google analytics can be used to track usage of the Alerta web UI console. Just create a new tracking code with the `Google analytics`_ console and replace the ``@@TRACKING_ID`` placeholder in the `index.html` file during deployment of the web UI::
+Google analytics can be used to track usage of the Alerta web UI
+console. Just create a new tracking code with the `Google analytics`_
+console and add it to the ``config.js`` web console configuration
+file::
 
-    $ export GOOGLE_TRACKING_ID=UA-xxxxxxxx-x
-    $ sed -i s/@@TRACKING_ID/${GOOGLE_TRACKING_ID}/ index.html
+    'use strict';
+
+    angular.module('config', [])
+      .constant('config', {
+        'endpoint'    : "/api",
+        'provider'    : "basic",
+        'tracking_id' : "UA-NNNNNN-N"  // Google Analytics tracking ID
+      });
 
 .. _Google analytics: https://analytics.google.com/analytics/web/
 
@@ -151,7 +201,9 @@ Google analytics can be used to track usage of the Alerta web UI console. Just c
 Real World Examples
 -------------------
 
-Below are several different examples of how to run Alerta in production from a Debian `vagrant box`_, an `AWS EC2 instance`_, `RedHat Openshift PaaS`_ to a `Docker container`_.
+Below are several different examples of how to run Alerta in production
+from a Debian `vagrant box`_, an `AWS EC2 instance`_,
+`RedHat Openshift PaaS`_ to a `Docker container`_.
 
 .. _vagrant box: https://docs.vagrantup.com/v2/boxes.html
 .. _AWS EC2 instance: https://aws.amazon.com/ec2/

_build/doctrees/deployment.doctree

@@ -51,7 +51,7 @@ The API Explorer website can be used to query for, and send alerts to, the http:
    authentication
    configuration
    deployment
-   customerviews
+   customer-views
    conventions
    development
    Tutorials <tutorials>

_build/doctrees/environment.pickle

@@ -299,6 +299,9 @@ <h3>GitLab OAuth2<a class="headerlink" href="#gitlab-oauth2" title="Permalink to
 this is done depends on whether you are using Google, GitHub or GitLab
 as OAuth2 provider for user login.</p>
 </div>
+<div class="section" id="user-roles">
+<span id="id7"></span><h2>User Roles<a class="headerlink" href="#user-roles" title="Permalink to this headline">¶</a></h2>
+</div>
 </div>
 
 
@@ -367,11 +370,12 @@ <h3>Navigation</h3>
 <li class="toctree-l2"><a class="reference internal" href="#oauth2-authentication">OAuth2 Authentication</a></li>
 <li class="toctree-l2"><a class="reference internal" href="#api-keys">API Keys</a></li>
 <li class="toctree-l2"><a class="reference internal" href="#user-authorisation">User Authorisation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#user-roles">User Roles</a></li>
 </ul>
 </li>
 <li class="toctree-l1"><a class="reference internal" href="configuration.html">Configuration</a></li>
 <li class="toctree-l1"><a class="reference internal" href="deployment.html">Deployment</a></li>
-<li class="toctree-l1"><a class="reference internal" href="customerviews.html">Customer Views</a></li>
+<li class="toctree-l1"><a class="reference internal" href="customer-views.html">Customer Views</a></li>
 <li class="toctree-l1"><a class="reference internal" href="conventions.html">Conventions</a></li>
 <li class="toctree-l1"><a class="reference internal" href="development.html">Development</a></li>
 <li class="toctree-l1"><a class="reference internal" href="tutorials.html">Tutorials</a></li>