This PR includes various fixes to anchor links used in the documentation.
There are certain characters GitHub doesn't support for the use of anchor links in markdown files. The general rule I've found is to only use a-z or A-Z characters in anchor links. All other characters should be removed.
For example, consider the section title How do I connect to the Mailhog simulated server?. The valid GitHub anchor link for this section is #how-do-i-connect-to-the-mailhog-simulated-server. Notice no ?.
Closes#494
The enrollment cooldown period was sometimes causing problems when
osquery (probably unintentionally, see
https://github.com/osquery/osquery/issues/6993) tried to enroll more
than once from the same osqueryd process.
We now set this to default to off and make it configurable. With #417
this feature may be unnecessary for most deployments.
Osquery now exposes more information during host enrollment than Fleet
previously handled. We can use this to provide more options to users in
problematic enrollment scenarios.
Users can configure --osquery_host_identifier in Fleet to set which
identifier is used to determine uniqueness of hosts. The
default (provided) replicates existing behavior in Fleet. For many
users, setting this to instance will provide better enrollment
stability.
Closes#373
- Support both /api/v1/fleet and /api/v1/kolide routes in server.
- Add logging for use of deprecated routes.
- Rename routes in frontend JS.
- Rename routes and add notes in documentation.
In #212 these settings were updated and caused connectivity issues for
users in common environment configurations. The new changes are
aggressive (modern enforces TLS 1.3) and Mozilla indicates that
intermediate is an appropriate default. This will ensure better
compatibility for common deployments while still allowing the option to
use the strictest settings.
Document unintentional mismatched yaml key.
Fixes#269
Mozilla's recommended settings have changed since this was last updated.
We now link directly to the relevant revision in the Mozilla wiki to
avoid confusion if this is updated.
The current implementation of FleetDM doesn't support Docker secrets for supplying the MySQL password and JWT key. This PR provides the ability for a file path to read in secrets. The goal of this PR is to avoid storing secrets in a static config or in an environment variable.
Example config for Docker:
```yaml
mysql:
address: mysql:3306
database: fleet
username: fleet
password_path: /run/secrets/mysql-fleetdm-password
redis:
address: redis:6379
server:
address: 0.0.0.0:8080
cert: /run/secrets/fleetdm-tls-cert
key: /run/secrets/fleetdm-tls-key
auth:
jwt_key_path: /run/secrets/fleetdm-jwt-key
filesystem:
status_log_file: /var/log/osquery/status.log
result_log_file: /var/log/osquery/result.log
enable_log_rotation: true
logging:
json: true
```
This PR includes the Deployment section of the documentation restructure #144.
- Changes include the addition of 3 overarching folders/sections named Deployment, Using fleet, and Contribution guide. Each folder includes new files for the subsections.
- Move the copy from the appropriate files into the new files in the Deployment folder. Removed old files. A detailed outline of the exact old files can be found in the linked issue above.
- Add navigation to the top of each file via links to anchors in the markdown.
The naming convention for each folder and file is up for discussion. I chose to use number prefixes (1, 2, 3) to order the folders and files. This way we have control over the order when viewing on GitHub.
