From 617534cd1cd2333b9ac9ff56d33cc1f579400738 Mon Sep 17 00:00:00 2001
From: forest <forest.n.johnson@gmail.com>
Date: Wed, 21 Jul 2021 13:53:02 -0500
Subject: [PATCH] add Configuration-type-stuff that lives in the database

---
 README.md             |  1 +
 docs/architecture.md  |  2 ++
 docs/configuration.md | 18 ++++++++++++++++++
 3 files changed, 21 insertions(+)

diff --git a/README.md b/README.md
index 41444a9..6b0352c 100644
--- a/README.md
+++ b/README.md
@@ -34,6 +34,7 @@ Interested in learning more? How about a trip to the the `docs/` folder:
   - [With docker-compose](./docs/local-set-up.md#docker_compose)
 - [**Configuring `capsul-flask`**](./docs/configuration.md)
   - [Example configuration from capsul.org (production)](./docs/configuration.md#example)
+  - [Configuration-type-stuff that lives in the database ](./docs/configuration.md#config_that_lives_in_db)
   - [Loading variables from files (docker secrets)](./docs/configuration.md#docker_secrets)
 - [**`capsul-flask`'s relationship to its Database Server**](./docs/database.md)
   - [Database schema management (schema versions)](./docs/database.md#schema_management)
diff --git a/docs/architecture.md b/docs/architecture.md
index 9f3c8d0..9588606 100644
--- a/docs/architecture.md
+++ b/docs/architecture.md
@@ -2,6 +2,8 @@
 
 The "Hub" runs the web application and talks to the Postrges database, while the "Spoke"s are responsible for creating/managing virtual machines. One instance of the capsul-flask application can run in hub mode and spoke mode at the same time. 
 
+The Hub and the Spoke must be configured to communicate securely with each-other over HTTPS. They both have to be able to dial each-other directly.  The URLs / auth tokens they use are configured both in the config file (`HUB_URL`, `SPOKE_HOST_ID`, `SPOKE_HOST_TOKEN` and `HUB_TOKEN`) and in the database (the `id`, `https_url`, and `token` columns in the `hosts` table).
+
 ![](images/hub-and-spoke1.png)
 
 This diagram was created with https://app.diagrams.net/.
diff --git a/docs/configuration.md b/docs/configuration.md
index a4efbc4..51ff7ee 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -63,6 +63,24 @@ BTCPAY_URL="https://beeteeceepae2.cyberia.club"
 BTCPAY_PRIVATE_KEY='-----BEGIN EC PRIVATE KEY-----\n<redacted>\n-----END EC PRIVATE KEY-----'
 ```
 
+## <a name="config_that_lives_in_db"></a>Configuration-type-stuff that lives in the database 
+
+  - `hosts` table:
+    - `id` (corresponds to `SPOKE_HOST_ID` in the config)
+    - `https_url`
+    - `token` (corresponds to `SPOKE_HOST_TOKEN` in the config)
+  - `os_images` table:
+    - `id` 
+    - `template_image_file_name`
+    - `description`
+    - `deprecated`
+  - `vm_sizes` table:
+    - `id` 
+    - `dollars_per_month`
+    - `memory_mb`
+    - `vcpus`
+    - `bandwidth_gb_per_month`
+    
 ## <a name="docker_secrets"></a>Loading variables from files (docker secrets)
 
 To support [Docker Secrets](https://docs.docker.com/engine/swarm/secrets/), you can also load secret values from files – for example, to load `MAIL_PASSWORD` from `/run/secrets/mail_password`, set