kiterun/incus-fga
1
0
Fork 0
Code Issues Pull Requests Releases Activity

fix: use sqlite

Browse Source
This commit is contained in:
Brandon Kalinowski 2024-10-28 18:03:33 +00:00
parent 6ac41d45a7
commit e32f1dee91
2 changed files with 5 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
openfga-end.sh
View File

@ -1,75 +0,0 @@
#!/bin/bash
# Source: https://raw.githubusercontent.com/rgl/incus-playground/349480b30d82ca1b468cb6e983988c7cb01343e3/provision-openfga.sh
set -euxo pipefail
OPENFGA_FQDN="localhost"
# configure.
# see https://openfga.dev/docs/getting-started/setup-openfga/configure-openfga
# see https://github.com/openfga/openfga/blob/v1.5.2/internal/server/config/config.go#L189
# see https://github.com/openfga/openfga/blob/v1.5.2/internal/server/config/config.go#L341
cat >/opt/openfga/config.yaml <<EOF
log:
format: text
level: info # none, debug, info, warn, error, panic, fatal.
datastore:
engine: sqlite
uri: file:/opt/openfga/openfga.db
authn:
method: preshared
preshared:
keys:
- abracadabra
grpc:
# TODO change this back to :8081 once https://github.com/openfga/openfga/issues/640 is fixed.
addr: $OPENFGA_FQDN:8081
tls:
enabled: false
http:
enabled: true
addr: 127.0.0.1:8080
tls:
enabled: false
metrics:
enabled: true
addr: 127.0.0.1:2112
playground:
enabled: false
port: 3000
EOF
# brandonkal: disable TLS
#install -o root -g openfga -m 444 "/vagrant/shared/example-ca/$OPENFGA_FQDN-crt.pem" /opt/openfga
#install -o root -g openfga -m 440 "/vagrant/shared/example-ca/$OPENFGA_FQDN-key.pem" /opt/openfga
# start.
cat >/etc/systemd/system/openfga.service <<EOF
[Unit]
Description=openfga
After=network.service
[Service]
Type=simple
User=openfga
Group=openfga
ExecStart=/opt/openfga/openfga run
WorkingDirectory=/opt/openfga
Restart=on-abort
[Install]
WantedBy=multi-user.target
EOF
systemctl enable openfga
systemctl start openfga
ss -anlp | grep -E '(Address:Port|openfga)'
# show information.
cat <<EOF
OpenFGA is available at:
grpc://$OPENFGA_FQDN:8081
https://$OPENFGA_FQDN:8080
http://$OPENFGA_FQDN:2112/metrics
EOF

10
provision-openfga.sh
View File

@ -46,8 +46,8 @@ log:
format: text format: text
level: info # none, debug, info, warn, error, panic, fatal. level: info # none, debug, info, warn, error, panic, fatal.
datastore: datastore:
engine: postgres engine: sqlite
uri: postgres://openfga:abracadabra@$POSTGRES_FQDN:5432/openfga uri: file:/opt/openfga/openfga.db
authn: authn:
method: preshared method: preshared
preshared: preshared:
@ -55,17 +55,17 @@ authn:
- abracadabra - abracadabra
grpc: grpc:
# TODO change this back to :8081 once https://github.com/openfga/openfga/issues/640 is fixed. # TODO change this back to :8081 once https://github.com/openfga/openfga/issues/640 is fixed.
addr: $OPENFGA_FQDN:8081 addr: 127.0.0.1:8081
tls: tls:
enabled: false enabled: false
http: http:
enabled: true enabled: true
addr: :8080 addr: 127.0.0.1:8080
tls: tls:
enabled: false enabled: false
metrics: metrics:
enabled: true enabled: true
addr: :2112 addr: 127.0.0.1:2112
playground: playground:
enabled: false enabled: false
port: 3000 port: 3000