You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to understand guvnor's permission model.
In particular, I'd like each app I run to be run as a separate user and control all of the apps from my guvnor-web main user. I'd also like to be able to create other web accounts to enable access/control to specific apps or servers.
At first, I assumed that adding all of my servers' remoteconfigs to guvnor-web-hosts with the root user and secret would simply enable "root" access to all of my servers. Of course, this is not true.
I see that in guvnor-web-users, there are hashed passwords for a user for logging into the web interface, and "secrets" for the per-user-host configurations.
Setting the user and secret to match each remote machine's (not running guvnor-web) guvnor instance's guv remoteconfig enabled me to control the other server. I had to play around with this a bunch to get this to work. It was not clear from the documentation where each password/secret needs be used.
Is this the expected way to enable control from guvnor-web? This doesn't seem to enable any level of granularity on the permissions for other guvnor-web users accessing restricted sets of apps on other servers.
I'm probably missing some trick to make this all work well. Any clarification would be greatly appreciated. The documentation available on this subject is quite confusing and seemingly incomplete.
The text was updated successfully, but these errors were encountered:
I'm trying to understand guvnor's permission model.
In particular, I'd like each app I run to be run as a separate user and control all of the apps from my guvnor-web main user. I'd also like to be able to create other web accounts to enable access/control to specific apps or servers.
At first, I assumed that adding all of my servers'
remoteconfigs toguvnor-web-hostswith the root user and secret would simply enable "root" access to all of my servers. Of course, this is not true.I see that in
guvnor-web-users, there are hashed passwords for a user for logging into the web interface, and "secrets" for the per-user-host configurations.Setting the user and secret to match each remote machine's (not running guvnor-web) guvnor instance's
guv remoteconfigenabled me to control the other server. I had to play around with this a bunch to get this to work. It was not clear from the documentation where each password/secret needs be used.Is this the expected way to enable control from guvnor-web? This doesn't seem to enable any level of granularity on the permissions for other guvnor-web users accessing restricted sets of apps on other servers.
I'm probably missing some trick to make this all work well. Any clarification would be greatly appreciated. The documentation available on this subject is quite confusing and seemingly incomplete.
The text was updated successfully, but these errors were encountered: