| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-02-19 | Add grpc signer | Niall Sheridan | |
| 2017-02-12 | Minor fixups | Niall Sheridan | |
| Correct some flag strings and some format strings Don't fatal when the client config file is missing Make keysigner, certstore and authprovider package-level | |||
| 2017-02-12 | Initial pass at prometheus support. (#56) | Kevin Lyda | |
| 2017-02-11 | Revert "Remove the oauth_callback_url config option" | Niall Sheridan | |
| 2017-02-09 | Remove the oauth_callback_url config option | Niall Sheridan | |
| Infer the redirect url from the request instead | |||
| 2017-01-25 | Create a gitlab auth source. | Kevin Lyda | |
| Defaults to public gitlab.com, but easily redirected to self-hosted installation. | |||
| 2017-01-25 | Switch to scl, an extension of hcl | Niall Sheridan | |
| 2017-01-15 | Add more context to errors | Niall Sheridan | |
| 2017-01-13 | Use wkfs to manage the lets encrypt cache | Niall Sheridan | |
| 2017-01-06 | Check that tls cert/key are set if use_tls is true | Niall Sheridan | |
| 2017-01-05 | Move GetPublicKey to the shared `lib` package | Niall Sheridan | |
| 2016-12-29 | Use vendored s3 wkfs | Niall Sheridan | |
| 2016-12-28 | Add LetsEncrypt support | Niall Sheridan | |
| When configured the server will request a TLS certificate for the specified server name from LetsEncrypt | |||
| 2016-10-11 | Replace the 'datastore' option with a 'database' option | Niall Sheridan | |
| The 'datastore' string option is deprecated and will be removed in a future version. The new 'database' map option is preferred. | |||
| 2016-10-06 | Add support for Hashicorp Vault | Niall Sheridan | |
| Vault is supported for the following: As a well-known filesystem for TLS cert, TLS key and SSH signing key. For configuration secrets for cookie_secret, csrf_secret, oauth_client_id and oauth_client_secret options. | |||
| 2016-10-06 | Use wkfs when loading tls certs | Niall Sheridan | |
| 2016-09-30 | Use json.NewDecoder to decode json from http | Niall Sheridan | |
| 2016-09-11 | Add a toggle for unexpired certs | Niall Sheridan | |
| 2016-09-01 | Remove the Principal field from the request | Niall Sheridan | |
| The server will always overwrite this field with the username obtained from the auth provider. Allowing the client to set it is a waste of time. | |||
| 2016-08-27 | Allow setting some config from environment | Niall Sheridan | |
| 2016-08-27 | Update dependencies | Niall Sheridan | |
| 2016-08-26 | First attempt at dropping privileges | sid77 | |
| 2016-08-20 | Use references to config structs | Niall Sheridan | |
| 2016-08-16 | Allow selecting which ip to listen on | Niall Sheridan | |
| 2016-08-09 | SQLite DB support | Niall Sheridan | |
| 2016-08-08 | Don't use local files | Niall Sheridan | |
| 2016-08-07 | Use bootstrap | Niall Sheridan | |
| Move templates and static under server/ | |||
| 2016-07-31 | Support mongo datastores | Niall Sheridan | |
| 2016-07-31 | Use a KRL for revoked certs | Niall Sheridan | |
| 2016-07-24 | Add a page for revoking certs | Niall Sheridan | |
| Add a template for revocation Use DATETIME type to store created/expires times Require auth for the /admin and /revoke endpoints | |||
| 2016-07-17 | Add some handlers tests | Niall Sheridan | |
| 2016-07-03 | first pass at a certificate store | Niall Sheridan | |
| 2016-06-30 | Configurable logfile location | Niall Sheridan | |
| 2016-06-28 | http logging | Niall Sheridan | |
| 2016-06-06 | Merge pull request #16 from nsheridan/s3 | Niall Sheridan | |
| Add AWS S3 and Google GCS virtual filesystems | |||
| 2016-06-06 | Save oauth 'state' identifier in the client | Niall Sheridan | |
| 2016-06-05 | Add AWS S3 and Google GCS virtual filesystems. | Niall Sheridan | |
| This allows the signing key to be read directly from S3 using a path like /s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>. | |||
| 2016-05-29 | Switch from json to hcl configs | Niall Sheridan | |
| This is backward-compatible with the JSON config format - this is a non-breaking change. HCL treats config blocks as repeated fields so the config has to be unmarshalled into a struct comprised of []Server, []Auth, []SSH first. | |||
| 2016-05-28 | Set expiry time in the github auth package | Niall Sheridan | |
| 2016-05-28 | Define the token tmpl as a string | Niall Sheridan | |
| 2016-05-24 | Don't allow wide-open Google or Github configs | Patrick O'Doherty | |
| Fail loudly if either the google_opts domain value or github_opts organization values are not set in the configuration. The lack of these values means that a) in the Google case any @gmail.com address will be allowed b) the Github case any Github user will be allowed. This was previously documented but left as a foot-gun in the code. Future commits will allow for explicit wildcards to be set. | |||
| 2016-05-22 | Make template directory configurable | Niall Sheridan | |
| 2016-05-22 | Move binaries into cmd/ directory | Niall Sheridan | |
 |
index : cashier | |
| Mirror of Cashier, a SSH Certificate Authority (CA). | Ben |
| aboutsummaryrefslogtreecommitdiff |