Ryan Killeen
10/25/2022, 5:43 PMdocker-compose
and attempting to set a config for it, I can't seem to set the server config's yaml file through docker env variables.
Is there a recommended approach here? yaml in the thread!Ryan Killeen
10/25/2022, 5:43 PMservices:
cerbos:
image: <http://ghcr.io/cerbos/cerbos:0.21.0|ghcr.io/cerbos/cerbos:0.21.0>
volumes:
- '../authz-policies:/policies'
ports:
- '3592:3592'
- '3593:3593'
environment:
- CERBOS_CONFIG=/conf.yaml
Ryan Killeen
10/25/2022, 5:44 PMconf.yaml
lives at /authz-policies/conf.yaml
Alex Olivier (Cerbos)
/policies/conf.yaml
?Alex Olivier (Cerbos)
---
server:
httpListenAddr: ":3592"
grpcListenAddr: ":3593"
storage:
driver: "disk"
disk:
directory: /policies
watchForChanges: true
so you don’t need to set a conf file unless you need to set extra optionsAlex Olivier (Cerbos)
Ryan Killeen
10/25/2022, 5:50 PMAlex Olivier (Cerbos)
cerbos:
image: <http://ghcr.io/cerbos/cerbos:latest|ghcr.io/cerbos/cerbos:latest>
ports:
- "3592:3592"
- "3593:3593"
expose:
- '3592'
- '3593'
volumes:
- ./cerbos/policies:/policies
restart: unless-stopped
Alex Olivier (Cerbos)
CERBOS_CONFIG="/path-to-conf.yaml"
Ryan Killeen
10/25/2022, 5:54 PMRyan Killeen
10/25/2022, 5:54 PMRyan Killeen
10/25/2022, 5:55 PMRyan Killeen
10/25/2022, 5:55 PM{"file":"config.yaml","error":"failed to unmarshal JSON: proto: (line 1:2): unknown field \"server\""}
seems to be the key error.Alex Olivier (Cerbos)
Alex Olivier (Cerbos)
/mountedDir
/mountedDir/config.yaml
/mountedDir/policies/....policyfiles....
Ryan Killeen
10/25/2022, 6:10 PMcerbos:
image: <http://ghcr.io/cerbos/cerbos:0.21.0|ghcr.io/cerbos/cerbos:0.21.0>
volumes:
- '../authz-policies/config.yaml:/root/config.yaml'
- '../authz-policies/policies:/policies'
ports:
- '3592:3592'
- '3593:3593'
environment:
- CERBOS_CONFIG=/root/config.yaml
Ryan Killeen
10/25/2022, 6:10 PMRyan Killeen
10/25/2022, 6:37 PMcerbosctl
when running
docker run -it <http://ghcr.io/cerbos/cerbosctl:0.21.0|ghcr.io/cerbos/cerbosctl:0.21.0> \
--server=localhost:3593 \
--username=... \
--password=... \
--plaintext \
decisions
Audit log backend does not support querying
Alex Olivier (Cerbos)
Alex Olivier (Cerbos)
Ryan Killeen
10/25/2022, 6:39 PMAlex Olivier (Cerbos)
Alex Olivier (Cerbos)