Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-10-18 | allow whitespace in message (#68) | Bob Long | |
2017-10-17 | Support a message to be passed and logged from client to server (#67) | Bob Long | |
* Support a message to be passed and logged from client to server | |||
2017-06-05 | Saving private keys (#61) | fuero | |
* enables saving private keys * renames public_file_prefix to key_file_prefix and updates its docs to better reflect the changes | |||
2017-04-10 | don't log timestamps | Niall Sheridan | |
2017-02-20 | Split the servers out of main | Niall Sheridan | |
2017-02-19 | Add grpc signer | Niall Sheridan | |
2017-02-12 | Minor fixups | Niall Sheridan | |
Correct some flag strings and some format strings Don't fatal when the client config file is missing Make keysigner, certstore and authprovider package-level | |||
2017-02-12 | Initial pass at prometheus support. (#56) | Kevin Lyda | |
2017-02-11 | Revert "Remove the oauth_callback_url config option" | Niall Sheridan | |
2017-02-09 | Remove the oauth_callback_url config option | Niall Sheridan | |
Infer the redirect url from the request instead | |||
2017-01-27 | Add a public_file_prefix option to cashier.conf | Kevin Lyda | |
Allow the client to save the public key and public cert to files that start with public_file_prefix and end with .pub and -cert.pub respectively. This is the naming scheme the ssh IdentityFile config option supported for certs starting in version 5.4p1. Starting in version 7.2p1, an additional option, CertificateFile, was added, but the IdentityFile-only method with those names still works. Used in conjunction with a user's ~/.ssh/config file setting IdentitiesOnly and IdentityFile, this change will allow for multiple ssh CAs for different services. Note that this will resolve #49 . | |||
2017-01-25 | Create a gitlab auth source. | Kevin Lyda | |
Defaults to public gitlab.com, but easily redirected to self-hosted installation. | |||
2017-01-25 | Switch to scl, an extension of hcl | Niall Sheridan | |
2017-01-15 | Add more context to errors | Niall Sheridan | |
2017-01-13 | Use wkfs to manage the lets encrypt cache | Niall Sheridan | |
2017-01-09 | Merge branch 'master' into opts2 | Niall Sheridan | |
2017-01-08 | Remove dbinit and use sql/js seed files | Niall Sheridan | |
2017-01-06 | Check that tls cert/key are set if use_tls is true | Niall Sheridan | |
2017-01-05 | Move GetPublicKey to the shared `lib` package | Niall Sheridan | |
2017-01-04 | Simplify key generation | Niall Sheridan | |
Use functions to build key generation options. Make it entirely optional. | |||
2016-12-29 | Use vendored s3 wkfs | Niall Sheridan | |
2016-12-28 | Add LetsEncrypt support | Niall Sheridan | |
When configured the server will request a TLS certificate for the specified server name from LetsEncrypt | |||
2016-10-11 | Replace the 'datastore' option with a 'database' option | Niall Sheridan | |
The 'datastore' string option is deprecated and will be removed in a future version. The new 'database' map option is preferred. | |||
2016-10-06 | Add support for Hashicorp Vault | Niall Sheridan | |
Vault is supported for the following: As a well-known filesystem for TLS cert, TLS key and SSH signing key. For configuration secrets for cookie_secret, csrf_secret, oauth_client_id and oauth_client_secret options. | |||
2016-10-06 | Use wkfs when loading tls certs | Niall Sheridan | |
2016-09-30 | Use json.NewDecoder to decode json from http | Niall Sheridan | |
2016-09-11 | Add a toggle for unexpired certs | Niall Sheridan | |
2016-09-10 | Make client a top-level package for consistency | Niall Sheridan | |
2016-09-03 | Add comments for exported types and functions | Niall Sheridan | |
2016-09-03 | Move signing & agent logic out of the main package | Niall Sheridan | |
2016-09-01 | Remove the Principal field from the request | Niall Sheridan | |
The server will always overwrite this field with the username obtained from the auth provider. Allowing the client to set it is a waste of time. | |||
2016-08-27 | Allow setting some config from environment | Niall Sheridan | |
2016-08-27 | Update dependencies | Niall Sheridan | |
2016-08-26 | First attempt at dropping privileges | sid77 | |
2016-08-20 | Replace Fatals with Errors | Niall Sheridan | |
2016-08-20 | Run some tests in parallel | Niall Sheridan | |
2016-08-20 | Use references to config structs | Niall Sheridan | |
2016-08-20 | Add key expiry time to the comment | Niall Sheridan | |
2016-08-16 | Allow selecting which ip to listen on | Niall Sheridan | |
2016-08-16 | Add private key along certificate | sid77 | |
2016-08-15 | Ensure the /sign url is valid before use | Niall Sheridan | |
2016-08-09 | Document sqlite | Niall Sheridan | |
2016-08-09 | SQLite DB support | Niall Sheridan | |
2016-08-08 | Don't use local files | Niall Sheridan | |
2016-08-07 | Use bootstrap | Niall Sheridan | |
Move templates and static under server/ | |||
2016-08-05 | Add an authdb flag for mongo | Niall Sheridan | |
2016-08-01 | Fix and enable handers test | Niall Sheridan | |
2016-07-31 | Support mongo datastores | Niall Sheridan | |
2016-07-31 | Use a KRL for revoked certs | Niall Sheridan | |
2016-07-24 | Add a page for revoking certs | Niall Sheridan | |
Add a template for revocation Use DATETIME type to store created/expires times Require auth for the /admin and /revoke endpoints |