aboutsummaryrefslogtreecommitdiff
path: root/cmd
AgeCommit message (Collapse)Author
2017-01-27Add a public_file_prefix option to cashier.confKevin Lyda
Allow the client to save the public key and public cert to files that start with public_file_prefix and end with .pub and -cert.pub respectively. This is the naming scheme the ssh IdentityFile config option supported for certs starting in version 5.4p1. Starting in version 7.2p1, an additional option, CertificateFile, was added, but the IdentityFile-only method with those names still works. Used in conjunction with a user's ~/.ssh/config file setting IdentitiesOnly and IdentityFile, this change will allow for multiple ssh CAs for different services. Note that this will resolve #49 .
2017-01-25Create a gitlab auth source.Kevin Lyda
Defaults to public gitlab.com, but easily redirected to self-hosted installation.
2017-01-25Switch to scl, an extension of hclNiall Sheridan
2017-01-15Add more context to errorsNiall Sheridan
2017-01-13Use wkfs to manage the lets encrypt cacheNiall Sheridan
2017-01-09Merge branch 'master' into opts2Niall Sheridan
2017-01-08Remove dbinit and use sql/js seed filesNiall Sheridan
2017-01-06Check that tls cert/key are set if use_tls is trueNiall Sheridan
2017-01-05Move GetPublicKey to the shared `lib` packageNiall Sheridan
2017-01-04Simplify key generationNiall Sheridan
Use functions to build key generation options. Make it entirely optional.
2016-12-29Use vendored s3 wkfsNiall Sheridan
2016-12-28Add LetsEncrypt supportNiall Sheridan
When configured the server will request a TLS certificate for the specified server name from LetsEncrypt
2016-10-11Replace the 'datastore' option with a 'database' optionNiall Sheridan
The 'datastore' string option is deprecated and will be removed in a future version. The new 'database' map option is preferred.
2016-10-06Add support for Hashicorp VaultNiall Sheridan
Vault is supported for the following: As a well-known filesystem for TLS cert, TLS key and SSH signing key. For configuration secrets for cookie_secret, csrf_secret, oauth_client_id and oauth_client_secret options.
2016-10-06Use wkfs when loading tls certsNiall Sheridan
2016-09-30Use json.NewDecoder to decode json from httpNiall Sheridan
2016-09-11Add a toggle for unexpired certsNiall Sheridan
2016-09-10Make client a top-level package for consistencyNiall Sheridan
2016-09-03Add comments for exported types and functionsNiall Sheridan
2016-09-03Move signing & agent logic out of the main packageNiall Sheridan
2016-09-01Remove the Principal field from the requestNiall Sheridan
The server will always overwrite this field with the username obtained from the auth provider. Allowing the client to set it is a waste of time.
2016-08-27Allow setting some config from environmentNiall Sheridan
2016-08-27Update dependenciesNiall Sheridan
2016-08-26First attempt at dropping privilegessid77
2016-08-20Replace Fatals with ErrorsNiall Sheridan
2016-08-20Run some tests in parallelNiall Sheridan
2016-08-20Use references to config structsNiall Sheridan
2016-08-20Add key expiry time to the commentNiall Sheridan
2016-08-16Allow selecting which ip to listen onNiall Sheridan
2016-08-16Add private key along certificatesid77
2016-08-15Ensure the /sign url is valid before useNiall Sheridan
2016-08-09Document sqliteNiall Sheridan
2016-08-09SQLite DB supportNiall Sheridan
2016-08-08Don't use local filesNiall Sheridan
2016-08-07Use bootstrapNiall Sheridan
Move templates and static under server/
2016-08-05Add an authdb flag for mongoNiall Sheridan
2016-08-01Fix and enable handers testNiall Sheridan
2016-07-31Support mongo datastoresNiall Sheridan
2016-07-31Use a KRL for revoked certsNiall Sheridan
2016-07-24Add a page for revoking certsNiall Sheridan
Add a template for revocation Use DATETIME type to store created/expires times Require auth for the /admin and /revoke endpoints
2016-07-17Add some handlers testsNiall Sheridan
2016-07-03first pass at a certificate storeNiall Sheridan
2016-06-30Configurable logfile locationNiall Sheridan
2016-06-28http loggingNiall Sheridan
2016-06-27Updated agent lib accepts *ed25519.PrivateKeyNiall Sheridan
2016-06-06Merge pull request #18 from nsheridan/agent_lifetimeNiall Sheridan
Remove certs from the agent when they expire
2016-06-06Merge pull request #16 from nsheridan/s3Niall Sheridan
Add AWS S3 and Google GCS virtual filesystems
2016-06-06Save oauth 'state' identifier in the clientNiall Sheridan
2016-06-05Add AWS S3 and Google GCS virtual filesystems.Niall Sheridan
This allows the signing key to be read directly from S3 using a path like /s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>.
2016-06-02Set an expiry on keys added to the agentNiall Sheridan
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-03 14:01:55 +0000