From 091e6936706ee8bfe34021e601ad984866c209d8 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Wed, 20 Mar 2024 14:33:18 +0100 Subject: [PATCH] [syslog] document environment variables --- doc/book/cookbook/from-source.md | 1 + doc/book/reference-manual/configuration.md | 24 +++++++++++++++++++++- 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/doc/book/cookbook/from-source.md b/doc/book/cookbook/from-source.md index ade47e96..0d7d8e77 100644 --- a/doc/book/cookbook/from-source.md +++ b/doc/book/cookbook/from-source.md @@ -90,6 +90,7 @@ The following feature flags are available in v0.8.0: | `kubernetes-discovery` | optional | Enable automatic registration and discovery
of cluster nodes through the Kubernetes API | | `metrics` | *by default* | Enable collection of metrics in Prometheus format on the admin API | | `telemetry-otlp` | optional | Enable collection of execution traces using OpenTelemetry | +| `syslog` | optional | Enable logging to Syslog | | `sled` | *by default* | Enable using Sled to store Garage's metadata | | `lmdb` | *by default* | Enable using LMDB to store Garage's metadata | | `sqlite` | *by default* | Enable using Sqlite3 to store Garage's metadata | diff --git a/doc/book/reference-manual/configuration.md b/doc/book/reference-manual/configuration.md index de800ec0..e6aced6d 100644 --- a/doc/book/reference-manual/configuration.md +++ b/doc/book/reference-manual/configuration.md @@ -32,6 +32,8 @@ rpc_bind_addr = "[::]:3901" rpc_bind_outgoing = false rpc_public_addr = "[fc00:1::1]:3901" +allow_world_readable_secrets = false + bootstrap_peers = [ "563e1ac825ee3323aa441e72c26d1030d6d4414aeb3dd25287c531e7fc2bc95d@[fc00:1::1]:3901", "86f0f26ae4afbd59aaf9cfb059eefac844951efd5b8caeec0d53f4ed6c85f332@[fc00:1::2]:3901", @@ -82,7 +84,10 @@ The following gives details about each available configuration option. ### Index +[Environment variables](#env_variables). + Top-level configuration options: +[`allow_world_readable_secrets`](#allow_world_readable_secrets), [`block_size`](#block_size), [`bootstrap_peers`](#bootstrap_peers), [`compression_level`](#compression_level), @@ -134,6 +139,23 @@ The `[admin]` section: [`admin_token`/`admin_token_file`](#admin_token), [`trace_sink`](#admin_trace_sink), +### Environment variables {#env_variables} + +The following configuration parameter must be specified as an environment +variable, it does not exist in the configuration file: + +- `GARAGE_LOG_TO_SYSLOG` (since v0.9.4): set this to `1` or `true` to make the + Garage daemon send its logs to `syslog` (using the libc `syslog` function) + instead of printing to stderr. + +The following environment variables can be used to override the corresponding +values in the configuration file: + +- [`GARAGE_ALLOW_WORLD_READABLE_SECRETS`](#allow_world_readable_secrets) +- [`GARAGE_RPC_SECRET` and `GARAGE_RPC_SECRET_FILE`](#rpc_secret) +- [`GARAGE_ADMIN_TOKEN` and `GARAGE_ADMIN_TOKEN_FILE`](#admin_token) +- [`GARAGE_METRICS_TOKEN` and `GARAGE_METRICS_TOKEN`](#admin_metrics_token) + ### Top-level configuration options @@ -503,7 +525,7 @@ be obtained by running `garage node id` and then included directly in the key will be returned by `garage node id` and you will have to add the IP yourself. -### `allow_world_readable_secrets` +### `allow_world_readable_secrets` or `GARAGE_ALLOW_WORLD_READABLE_SECRETS` (env) {#allow_world_readable_secrets} Garage checks the permissions of your secret files to make sure they're not world-readable. In some cases, the check might fail and consider your files as