A simple json configuration manager, intended to be used as a shared configuration server in a multi-app environment.
yarn install
npm install
npm run build-prod
On Windows, you need to install Webpack 3.0+ globally before running this command.
export DB_URL=mongodb://user:pass@yourserver && \
npm start -- --MASTER_TOKEN=replacemewithyourtoken
set DB_URL=mongodb://user:pass@yourserver
npm start -- --MASTER_TOKEN=replacemewithyourtoken
-
MASTER_TOKEN: This key is used by config server to allow admin access. You can login with this key in the dashboard and then create other access keys, seed the global configuration data, take snapshots and restore them etc. Keep this key safe. At the moment, the stored data is not encrypted with this key, so you can switch it anytime with a new one if you lose it.
-
DB_URL: MongoDB URL in connection-string format, which is used by config-server to read/write store data (config and keys). Sufficient read/write privileges should be provisioned for the credentials you use here.
- BIND_ADDRESS: Express server bind address, default is 0.0.0.0
- BIND_PORT: Express server bind port, defailt is 3000
docker build .
docker run -p 3000:3000 -e MASTER_TOKEN=replacemewithyourtoken -e DB_URL=mongodb://user:pass@yourserver <dockerimagename>
Browse http://localhost:3000/ui/.
Browse http://localhost:3000/ui/.
- Find the ip for your docker machine running the container using
docker-machine ip <machine name or nothing if using default>. - Browse http://<your.docker.machine.ip>:3000/ui.
Config-server dashboard lets you setup keys and configuration data. When you hit the ui endpoint, you are prompted to enter a key -
Type in your master-token and hit Enter or click Apply to login with admin access. In this mode, you can add more keys and define the configuration data.
All the configuration data is stored as a single JSON blob in your mongodb. You can edit this data with master token or a key with the right privileges.
You can add keys and configure their config data read/write privileges here.
Click on Add a new key to add a fresh key. By default a new key doesn't have read or write privileges to the store data. You must explicitly provide it.
config-server uses json-property-filter syntax to restrict read and write operations. You can read detailed documentation here. A good list of examples can be found here.
In config-server, read and write are separate privileges (i.e. the filter pattern used for read is not automatically included in write privileges).
Let's say our example application has three tiers - ui, api and db and it is oauth driven. Our example config json looks like this -
{
"mongo": {
"connectionStringTemplate": "mongodb://{username}:{password}@{dbhost}",
"host": "mongoserver"
},
"auth": {
"type": "oauth",
"flow": "code",
"clientid": "appclientid",
"clientsecret": "appclientsecret"
},
"ui": {
"apipath": "/api/",
"i18n": {
"default": "en-US",
"fallback": "en-US"
},
"showBetaFeatures": true,
"betaFeatures": [
"adminUI",
"invoice"
]
},
"api": {
"basepath": "/api",
"db": {
"username": "apiuser",
"password": "dummy"
}
}
}
Once you have saved the collated configuration json in Config tab, you now need to create two keys -
- UI: needs to have read access to
uiandauthnode. Should NOT have access toauth.clientsecret. Add a new key and configure its privileges as:
read: ["ui", "auth", "-auth.clientsecret"]
write: ["-**"]
-
API: needs to have read access to
mongo,auth,api.Add a new key and configure its privileges as:
read: ["mongo", "auth", "api"]
write: ["-**"]
Your keys should look like this now -
Click on the copy icon to copy the UI key into clipboard -
You can now click on the Change button in the app bar to try out the UI key -
The Config tab will now display data filtered through the configured read privileges -
Now change the key to the API key and verify the config data -
As we have not configured
writeprivileges on any key so far, any changes made to the config data in the Config tab with either of these keys won't persist.
Let's give write access to the API key on api node. Switch to master token and configure the below privileges for API key -
read: ["mongo", "auth", "api"] <-Unchanged!
write: ["api"] <- "api" added, "-**" removed.
Now switch the key to API and try making some changes in the config json's api property and save them. They will persist.
The Data tab allows you to take a snapshot of all the config-server data, including the config and keys. This shapshot is then downloaded in your device as a JSON file.
You can restore config data to an earlier snapshot. This is a quick way to migrate configurations to a new config-server. To do this, drag and drop your snapshot JSON file onto the editor provided in Restore section. Review it in the editor and then click Restore button to deploy it.
A restore completely replaces existing data and should ideally be done only after taking snapshot on existing servers.
config-server exposes the config data over REST endpoints. To read/write config data from your applications, you can make these requests -
curl -X OPTIONS \
http://configserver:3000/api/config/ \
-H 'x-auth-token: <key>'
curl -X PUT \
http://configserver:3000/api/config/ \
-H 'content-type: application/json' \
-H 'x-auth-token: <key>' \
-d '{
"the" : {
"complete": {
"config" : "for this key"
}
}
}'
Always send the complete config data of the key, per its write privileges, as
saveis not a delta operation. The data you send here replaces all write-enabled values sent previously.
For nodejs/browsers you can use the config-server-client library to read/write config data from your applications.