Dev: Add documentation for how to use configuration properly
Created by: slimsag
- Do not rely on
conf.Getorconf.Watchin a synchronous way. - Bad configuration should NEVER take down a process. It is assumed if a process goes down, it is because of a bug, not because of bad configuration. In the worst case, bad configuration should just cause the process to do nothing until configuration is fixed. This is important because in a single-container docker image a process going down means all of sourcegraph is restarted, including the management console. If bad config takes down a process, it inherently takes down the management console, thus making it impossible to fix the config easily.
- Missing configuration should always lead to stricter security: e.g. if no authentication is provided, Sourcegraph should become 100% locked down.
- Things go in critical if they can break the sourcegraph instance or lock you out of it. Otherwise they go in site config.