Skip to content

praekelt/etcetera

BranchesTags

Repository files navigation

etcetera

A simple client for working with an Etcd store in Elixir.

Usage

The client assumes that your Etcd store lives under a directory (your path or ETCD_PREFIX). It further assumes that this directory requires authentication to access (see Authentication below).

You will need to set the following environment variables:

export ETCD_HOST=localhost
export ETCD_PORT=2379
export ETCD_USER=user
export ETCD_PASS=password
export ETCD_PREFIX=some/path/here

Also remember to include the following in your config.exs:

config :etcetera,
  etcd_host: System.get_env("ETCD_HOST") || "localhost",
  etcd_port: String.to_integer(System.get_env("ETCD_PORT") || "2379"),
  etcd_user: System.get_env("ETCD_USER"),
  etcd_pass: System.get_env("ETCD_PASS"),
  etcd_prefix: System.get_env("ETCD_PREFIX")

Authentication

To set up authentication for your Etcd store, you need to add a root user and enable auth as follows:

etcdctl user add root
etcdctl auth enable

You will be prompted to enter a root password (rootpw is used as a running example here).

After auth has been enabled, you will need to add a role with read/write permission to your directory, and assign this role to your Etcd user.

It is not required, but strongly recommended that you disable guest access to the root Etcd directory. This will ensure that only the root user and your assigned user will have access to your path.

You can disable guest access with:

etcdctl -u root:rootpw role revoke guest -path '/*' -readwrite

You can ensure that guest access has been disabled with:

etcdctl -u root:rootpw role get guest

Roles

First you will need to create a role with read/write access to your path:

etcdctl -u root:rootpw role add <rolename>
etcdctl -u root:rootpw role grant <rolename> -path '/your/path/here/*' -readwrite

You can revoke access from this role with:

etcdctl -u root:rootpw role revoke <rolename> -path '/your/path/here/*' -readwrite

You can remove the role with:

etcdctl -u root:rootpw role remove <rolename>

Users

Create a user on the Etcd cluster with:

etcdctl -u root:rootpw user add <username>

You will be prompted to enter a user password. The password can be changed with:

etcdctl -u root:rootpw user passwd <username>

Then assign the role created previously to the new user with:

etcdctl -u root:rootpw user grant <username> -roles <rolename>

You can check what roles are assigned to a user with:

etcdctl -u root:rootpw user get <username>

You can also revoke a role from a user with:

etcdctl -u root:rootpw user revoke <username> -roles <rolename>

Dependencies

  • HTTPoison >= 1.8
  • Jason >= 1.2

About

No description, website, or topics provided.

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages