From a6de59c962c86ec2eebee47d00109c23362877f6 Mon Sep 17 00:00:00 2001
From: Christian Weiske <cweiske@cweiske.de>
Date: Fri, 13 Sep 2013 21:08:39 +0200
Subject: [PATCH] add readme

---
 .gitignore     |  1 +
 README.rst     | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++
 doc/README.rst | 24 -----------------
 3 files changed, 71 insertions(+), 24 deletions(-)
 create mode 100644 README.rst
 delete mode 100644 doc/README.rst

diff --git a/.gitignore b/.gitignore
index d041e45..d1e93ef 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 /data/config.php
+/README.html
diff --git a/README.rst b/README.rst
new file mode 100644
index 0000000..51541bc
--- /dev/null
+++ b/README.rst
@@ -0,0 +1,70 @@
+****************
+OUYA image store
+****************
+
+Browse images on your OUYA by hosting an OUYA game store that delivers
+image folders as games.
+
+
+============
+Requirements
+============
+
+- Web server (e.g. Apache 2.2)
+- PHP 5.4+
+- OpenSSL
+- Access to your DNS server
+
+
+=====
+Setup
+=====
+1. Create a SSL certificate authority, install its root cert on your OUYA
+   (advanced settings, security, install from SD card)
+2. Create an SSL certificate for ``*.ouya.tv``, sign it with your CA certificate.
+   See the `SSL certificate generation`_ instructions below
+3. Create a virtual host in Apache, set the server name to ``devs.ouya.tv``
+   and alias to ``www.ouya.tv`` and ``status.ouya.tv``.
+   Let it use the generated certificate.
+   Point the document root to the ``ouya-imagestore/www/`` folder.
+   Make sure it's the only SSL host, or the first vhost with SSL
+   (OUYA does not support SNI).
+4. Copy ``data/config.php.dist`` to ``data/config.php`` and change the
+   ``basedir`` variable to a folder that contains subfolders with images.
+5. In your DNS server, set ``devs.ouya.tv``, ``www.ouya.tv`` and
+   ``status.ouya.tv`` to the apache machine's IP.
+6. Power up your OUYA. Start the store ("Discover").
+
+You will see your image folders with a preview image each.
+Opening the "game" folder displays all images as game screenshots.
+
+
+
+SSL certificate generation
+==========================
+First, generate your own certificate authority (CA)::
+
+  $ cd doc
+  $ openssl genrsa -out rootCA.key 2048
+  $ openssl req -x509 -new -nodes -key rootCA.key -days 1024 -out rootCA.pem
+
+Then, create a certificate and sign it with your CA's key::
+
+  $ openssl req -new -x509 -nodes -config ouya.tv-cert-req.cnf -out selfcert-ouya.tv.pem -keyout selfcert-ouya.tv.key -days 730
+
+  $ openssl genrsa -out selfcert-ouya.tv.key 1024
+  $ openssl req -new -config ouya.tv-cert-req.cnf -key selfcert-ouya.tv.key -out selfcert-ouya.tv.csr
+  $ openssl x509 -req -in selfcert-ouya.tv.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out selfcert-ouya.tv.crt -days 730 -extfile ouya.tv-cert-req.cnf
+
+Verify CSR::
+
+  $ openssl req -text -noout -verify -in selfcert-ouya.tv.csr
+
+Verify certificate::
+
+  $ openssl x509 -in selfcert-ouya.tv.crt -text -noout
+
+Note that the OUYA store application does not use SNI (Server Name Indication).
+This means that your server's ``*.ouya.tv`` must be delivered first when no
+host name is indicated by the client, thus the vhost has to be the first
+of all in the configuration.
diff --git a/doc/README.rst b/doc/README.rst
deleted file mode 100644
index 8e51fca..0000000
--- a/doc/README.rst
+++ /dev/null
@@ -1,24 +0,0 @@
-Generate web server SSL certificate
-===================================
-::
-
-  $ openssl req -new -x509 -nodes -config ouya.tv-cert-req.cnf -out selfcert-ouya.tv.pem -keyout selfcert-ouya.tv.key -days 730
-
-  $ openssl genrsa -out selfcert-ouya.tv.key 1024
-  $ openssl req -new -config ouya.tv-cert-req.cnf -key selfcert-ouya.tv.key -out selfcert-ouya.tv.csr
-  $ openssl x509 -req -in selfcert-ouya.tv.csr -CA ~/.mitmproxy/mitmproxy-ca.pem -CAkey ~/.mitmproxy/mitmproxy-ca.pem -CAcreateserial -out selfcert-ouya.tv.crt -days 730 -extfile ouya.tv-cert-req.cnf
-
-Verify CSR::
-
-  $ openssl req -text -noout -verify -in selfcert-ouya.tv.csr
-
-Verify certificate::
-
-  $ openssl x509 -in selfcert-ouya.tv.crt -text -noout
-
-Then install the certificate in your web server.
-
-Note that the OUYA store application does not use SNI (Server Name Indication).
-This means that your server's *.ouya.tv must be delivered first when no
-host name is indicated by the client, thus the vhost has to be the first
-of all in the configuration.
-- 
2.30.2