From 1b2b9df6c75917333a9b3477682d3b290b920a83 Mon Sep 17 00:00:00 2001 From: Katrina Prosise Date: Wed, 15 May 2024 07:40:08 -0400 Subject: [PATCH] Add missing token scopes for wireguard oauth Info was added to what was assumed to be the appropriate spot; will need to be reviewed, and possibly expanded upon. QA steps: checked rendered output in browser. Edited doc with linters. No related issue/task, quick-fix to a Customer Success request. Signed-off-by: Katrina Prosise --- source/reference-manual/remote-access/wireguard.rst | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/source/reference-manual/remote-access/wireguard.rst b/source/reference-manual/remote-access/wireguard.rst index 0ed7ec091..779d316fe 100644 --- a/source/reference-manual/remote-access/wireguard.rst +++ b/source/reference-manual/remote-access/wireguard.rst @@ -60,6 +60,10 @@ It will look something like:: Creating systemd service factory-vpn-andy-corp.service Service is running. Logs can be viewed with: journalctl -fu factory-vpn-andy-corp.service +You will create two tokens. +Token 1, a short-lived token with ``devices:read-update`` to update factory. +Token 2, long-term token with ``devices:read``. + The daemon keeps track of connected devices by putting entries into ``/etc/hosts``. This is so they can be easily referenced from the server.