tableflip / guvnor

A node process manager that isn't spanners all the way down
MIT License
428 stars 37 forks source link

Permissions Explanation #100

Open cinderblock opened 8 years ago

cinderblock commented 8 years ago

I'm trying to understand guvnor's permission model.

In particular, I'd like each app I run to be run as a separate user and control all of the apps from my guvnor-web main user. I'd also like to be able to create other web accounts to enable access/control to specific apps or servers.

At first, I assumed that adding all of my servers' remoteconfigs to guvnor-web-hosts with the root user and secret would simply enable "root" access to all of my servers. Of course, this is not true.

I see that in guvnor-web-users, there are hashed passwords for a user for logging into the web interface, and "secrets" for the per-user-host configurations.

Setting the user and secret to match each remote machine's (not running guvnor-web) guvnor instance's guv remoteconfig enabled me to control the other server. I had to play around with this a bunch to get this to work. It was not clear from the documentation where each password/secret needs be used.

Is this the expected way to enable control from guvnor-web? This doesn't seem to enable any level of granularity on the permissions for other guvnor-web users accessing restricted sets of apps on other servers.

I'm probably missing some trick to make this all work well. Any clarification would be greatly appreciated. The documentation available on this subject is quite confusing and seemingly incomplete.