Absolutely not. There are parts of the installation that you could make read-only in theory, but any application needs caches, temporary working spaces and somewhere to write logs. Additionally, JIRA (and most of the other Atlassian apps) need places for data, thumbnails, indices, and and and.
Untangling what parts might be ok if made read only is a big task, and frankly not worth it. If someone has access to the file system to take advantage of read/write files, they've probably already got admin or even root and don't need JIRA to do their bad things.
Fair enough. I'm not worried about malicious access. I would like to ensure that the configuration is uniform across all instances and deploying from version control to a read-only directory is a technique I like to achieve this.
I agree the application needs to write logs, attachments, lucene indices, and temporary files. I was just curious if that could be configured to be separate from configuration directories (e.g. dbconfig.xml. server.xml, or setenv.sh).
I'm John Allspaw, co-founder of Adaptive Capacity Labs, where we help teams use their incidents to learn and improve. We bring research-driven methods and approaches to drive effective inciden...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs