Reformat the anchor links for specific endpoints by moving these links to their respective sections.
The endpoints included in these changes:
- /api/v1/kolide/packs POST
- /api/v1/kolide/packs/{id} PATCH "modify_pack"
- /api/v1/kolide/packs/{id} GET "get_pack"
- /api/v1/kolide/packs GET "list_packs"
- /api/v1/kolide/packs/{name} DELETE "delete_pack"
- /api/v1/kolide/packs/id/{id} DELETE "delete_pack_by_id"
- /api/v1/kolide/packs/{id}/scheduled GET "get_scheduled_queries_in_pack"
- /api/v1/kolide/schedule POST "schedule_query"
- /api/v1/kolide/schedule/{id} GET "get_scheduled_query"
- /api/v1/kolide/schedule/{id} PATCH "modify_scheduled_query"
- /api/v1/kolide/schedule/{id} DELETE "delete_scheduled_query"
- /api/v1/kolide/spec/packs POST "apply_pack_specs"
- /api/v1/kolide/spec/packs GET "get_pack_specs"
- /api/v1/kolide/spec/packs/{name} GET "get_pack_spec"
The endpoints included in these changes:
- /api/v1/kolide/queries/{id} GET
- /api/v1/kolide/queries/{id} PATCH
- /api/v1/kolide/queries/{name} DELETE
- /api/v1/kolide/queries GET
- /api/v1/kolide/queries POST
- /api/v1/kolide/queries/id/{id} DELETE
- /api/v1/kolide/spec/queries POST
- /api/v1/kolide/spec/queries GET
- /api/v1/kolide/spec/queries/{name} GET
- /api/v1/kolide/queries/run POST
- /api/v1/kolide/queries/run_by_names POST
The endpoints included in these changes:
- /api/v1/kolide/host_summary GET
- /api/v1/kolide/hosts/{id} GET
- /api/v1/kolide/hosts/identifier/{identifier} GET
- /api/v1/kolide/hosts/{id} DELETE
- /api/v1/kolide/spec/osquery_options POST
- /api/v1/kolide/spec/osquery_options GET
Mozilla's recommended settings have changed since this was last updated.
We now link directly to the relevant revision in the Mozilla wiki to
avoid confusion if this is updated.
This PR is part of the Complete documentation for Fleet API project #43.
The endpoints included in these changes:
- /api/v1/kolide/config/certificate GET
- /api/v1/kolide/config GET
- /api/v1/kolide/config PATCH
- /api/v1/kolide/spec/enroll_secret POST
- /api/v1/kolide/spec/enroll_secret GET
- /api/v1/kolide/invites POST
- /api/v1/kolide/invites GET
- /api/v1/kolide/invites/{id} DELETE
- /api/v1/kolide/invites/{token} GET
- Quick attempt to alleviate potential confusion for how the osquery configuration overrides option works
- Leave in the commented explanation in the sample yaml file
- Split the array of objects to separate objects for each pattern in ignorePatterns. Rename the key in each object to "pattern." The documentation for the example config file is poor.
- Add hello@fleetdm.com and /server/datastore/mysql/migrations/ to ignorePatterns
- Add 999 to aliveStatucCodes (Seems to be a LinkedIn edge case)
- Fix all broken markdown links
The current implementation of FleetDM doesn't support Docker secrets for supplying the MySQL password and JWT key. This PR provides the ability for a file path to read in secrets. The goal of this PR is to avoid storing secrets in a static config or in an environment variable.
Example config for Docker:
```yaml
mysql:
address: mysql:3306
database: fleet
username: fleet
password_path: /run/secrets/mysql-fleetdm-password
redis:
address: redis:6379
server:
address: 0.0.0.0:8080
cert: /run/secrets/fleetdm-tls-cert
key: /run/secrets/fleetdm-tls-key
auth:
jwt_key_path: /run/secrets/fleetdm-jwt-key
filesystem:
status_log_file: /var/log/osquery/status.log
result_log_file: /var/log/osquery/result.log
enable_log_rotation: true
logging:
json: true
```
This PR includes the Using Fleet section of the documentation restructure #144.
It shouldn't be merged until changes are approved for the entire restructuring (part 1, part 2, and part 3).
Update the naming convention for the files to number prefixes.
This PR includes the Deployment section of the documentation restructure #144.
- Changes include the addition of 3 overarching folders/sections named Deployment, Using fleet, and Contribution guide. Each folder includes new files for the subsections.
- Move the copy from the appropriate files into the new files in the Deployment folder. Removed old files. A detailed outline of the exact old files can be found in the linked issue above.
- Add navigation to the top of each file via links to anchors in the markdown.
The naming convention for each folder and file is up for discussion. I chose to use number prefixes (1, 2, 3) to order the folders and files. This way we have control over the order when viewing on GitHub.
- Add help text within dropdown in smaller font size underneath "Require password reset" saying "This will revoke all active Fleet API tokens for this user."
- Update API docs to use "API token" parlance instead of "Auth token"
This adds the option to set up an S3 bucket as the storage backend for file carving (partially solving #111).
It works by using the multipart upload capabilities of S3 to maintain compatibility with the "upload in blocks" protocol that osquery uses. It does this basically replacing the carve_blocks table while still maintaining the metadata in the original place (it would probably be possible to rely completely on S3 by using object tagging at the cost of listing performance). To make this pluggable, I created a new field in the service struct dedicated to the CarveStore which, if no configuration for S3 is set up will be just a reference to the standard datastore, otherwise it will point to the S3 one (effectively this separation will allow in the future to add more backends).
@ahmedmusaad added documentation for the following API endpoints:
/api/v1/kolide/users GET
/api/v1/kolide/users POST
/api/v1/kolide/users/admin POST
/api/v1/kolide/users/{id} GET
Endpoints that have been added:
- /api/v1/kolide/login POST
- /api/v1/kolide/logout POST
- /api/v1/kolide/forgot_password POST
- /api/v1/kolide/me GET
- /api/v1/kolide/change_password POST
- /api/v1/kolide/perform_required_password_reset POST
- /api/v1/kolide/sso POST
- /api/v1/kolide/sso GET
Added walkthrough for users attempting to connect to MailHog server.
Connecting to the simulated mail server allows contributors to interact with features in Fleet UI that require email configuration.
Added link to development-infrastructure docs at the end of building-the-code docs to walk contributors to the next step of serving Fleet locally.
Added --auth_jwt_key="insecure" flag to fleet serve command in development-infrastructure docs.
$ character is now removed from all shell commands in markdown documentation.
When docs are eventually compiling to we can add $ automatically to code blocks.
My best attempt at steps to solve the common database connection error users receive when installing or updating Fleet.
Inserted 'Why am I receiving a database connection error when attempting to "prepare" the database?'.
Also simplified the answer to "Is Fleet available as a SaaS product?".
- Add endpoints for osquery to register and continue a carve.
- Implement client functionality for retrieving carve details and contents in fleetctl.
- Add documentation on using file carving with Fleet.
Addresses kolide/fleet#1714
