So I'm working on a Redmine deployment that has two web servers and one back end MySQL database.
The plan is to stick one inside our network and do LDAP integrated logins.
The other one goes out on our DMZ and will use the shared MySQL database for auth (only Redmine defined logins).
The only issue so far I've theoretically ran into is the /files folder, all files that get uploaded go to this folder. So I have some possible ideas:
- Set up a sync between the two folders (no clue as to the limitations of this as the folders get crowded).
- Proxy the internal Redmine (so LDAP doesn't have to be available on the DMZ, however if the internal Redmine has a security exploit we can run into issues).
- Set up some kind of mounted drive over NFS/links to the DMZ system, so all files get stored out there...
Any other ideas? We're currently running people into our VPN but I don't really like having outsiders in our network like that.