inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2025-07-02 03:30:54 +00:00
Code Activity

Add docs for governance and security (#9360)

Browse Source 
* add docs for governance and security

* fix formatting

* rename page

* add thread modell info

* fix list rendering

* Add links to the thread modell throughout the docs

* add link to devsecops

* fix thread / threat

* fix path

* text fixes
This commit is contained in:
Matthias Mair
2025-03-25 00:57:46 +01:00
committed by GitHub
parent a6e4742ce4
commit b397affa57
8 changed files with 144 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/docs/start/bare_prod.md
View File

@ -100,6 +100,11 @@ In addition to the InvenTree server, you will need a method of delivering static
!!! info "Read More"
Refer to the [proxy server documentation](./processes.md#proxy-server) for more details
### Check your security posture
It is recommended to check the [threat modelling inputs](../concepts/threat_model.md) to ensure that your InvenTree installation is set up in the way that it is assumed in the software design.
### Next Steps
You (or your system administrator) may wish to perform further steps such as placing the InvenTree server behind a [reverse proxy](./processes.md#proxy-server) such as [caddy](https://caddyserver.com/), or [nginx](https://www.nginx.com/).

4
docs/docs/start/docker_install.md
View File

@ -185,6 +185,10 @@ This will export database records to the file `data.json` in your mounted volume
## Further Configuration
### Check your security posture
It is recommended to check the [threat modelling inputs](../concepts/threat_model.md) to ensure that your InvenTree installation is set up in the way that it is assumed in the software design.
### Custom Domain
By default, the InvenTree server is accessible at [http://inventree.localhost](http://inventree.localhost). If you wish to use a custom domain, you can edit the `.env` environment file to specify the domain name.

3
docs/docs/start/intro.md
View File

@ -20,6 +20,9 @@ To quickly jump to a specific installation method, refer to the following links:
!!! success "Docker Recommended"
The recommended method of installing InvenTree is to follow our [docker setup guide](./docker.md). InvenTree provides out-of-the-box support for docker and docker compose, which provides a simple, reliable and repeatable pipeline for integration into your production environment.
!!! warning "Important Security Considerations"
We provide documentation around the security posture that is assumed by the InvenTree project in the software design. Assessing this is a *critical* part of the setup process, and should be read carefully before deploying InvenTree in a production environment. You can read more about the [threat modelling inputs here](../concepts/threat_model.md).
!!! info "Further Reading"
For more information on the InvenTree tech stack, continue reading below!