Hello there. I am trying to combine the grpc functionality with osqueryd without using the launcher. This issue pointed me towards building the grpc.ext separately. My question is, if I load this extension into my osqueryd, where do I put the kolide fleet server details (hostname/port no.)?

What are you hoping to achieve with that?

We are trying to use gRPC for comm between Kolide Fleet and osqueryd endpoints instead of TLS

Why?

I spoke to you and @seph earlier about trying to connect custom tables with launcher or osqueryd

Looks like the grpc plugin exposes this as env variables. I’m not sure anyone uses that, so this is very much off the beaten ath. https://github.com/kolide/launcher/blob/master/cmd/grpc.ext/grpc.go#L58-L61

Why not use the regular TLS transport in osqueryd?

And we decided to go with osqueryd because connecting custom tables and making them respond to Kolide Fleet was easier that way

Then why keep GRPC? Of all the things in launcher, that seems like the least interesting.

We are trying to use gRPC along with this https://defensivedepth.com/2020/04/02/kolide-fleet-breaking-out-the-osquery-api-web-ui/

But, it sounds a bit like you’re evaluating this weirdly. You can’t really easily say “I want X, and Y from launcher, but not Z”. It’s simpler to view it as a complete package. It’s all OSS, so there are options. But some of them require development or in depth work

There's just no need for gRPC to achieve what you're looking for. It will be simpler to configure with osquery's TLS transport and AFAICT you don't have any special need for gRPC.

if we use TLS, won't that open the dashboard to the entire internet? with gRPC we can limit the exposure

You'll use a similar strategy of fronting with a proxy and separating the endpoints

I have taken this forward with our security team