The current implementation of FleetDM doesn't support Docker secrets for supplying the MySQL password and JWT key. This PR provides the ability for a file path to read in secrets. The goal of this PR is to avoid storing secrets in a static config or in an environment variable.
Example config for Docker:
```yaml
mysql:
address: mysql:3306
database: fleet
username: fleet
password_path: /run/secrets/mysql-fleetdm-password
redis:
address: redis:6379
server:
address: 0.0.0.0:8080
cert: /run/secrets/fleetdm-tls-cert
key: /run/secrets/fleetdm-tls-key
auth:
jwt_key_path: /run/secrets/fleetdm-jwt-key
filesystem:
status_log_file: /var/log/osquery/status.log
result_log_file: /var/log/osquery/result.log
enable_log_rotation: true
logging:
json: true
```
This PR includes the Deployment section of the documentation restructure #144.
- Changes include the addition of 3 overarching folders/sections named Deployment, Using fleet, and Contribution guide. Each folder includes new files for the subsections.
- Move the copy from the appropriate files into the new files in the Deployment folder. Removed old files. A detailed outline of the exact old files can be found in the linked issue above.
- Add navigation to the top of each file via links to anchors in the markdown.
The naming convention for each folder and file is up for discussion. I chose to use number prefixes (1, 2, 3) to order the folders and files. This way we have control over the order when viewing on GitHub.
2020-12-24 14:00:22 -08:00
Renamed from docs/infrastructure/configuring-the-fleet-binary.md (Browse further)
