aboutsummaryrefslogtreecommitdiff
path: root/cmd
AgeCommit message (Collapse)Author
2020-04-13SimplifyBen Burwell
2018-08-22Make all handlers methods of appNiall Sheridan
Merge server setup and helpers from web.go into server.go Handlers moved to handlers.go
2018-08-10Add version stringNiall Sheridan
Add `lib.Version` to get updated at build time. Add --version flags to cashier and cashierd Send client version in the signing request Send server version in http response headers and in signing response Set version at build time
2018-08-10Add Microsoft auth providerKevin Lyda
Microsoft uses JSON Web Tokens (JWT) as OAuth tokens. These can run to many thousands of characters which are too long for TTYs. Work around this by base64-encoding the token and chunk it into smaller pieces. Closes #70
2018-08-09Only request a reason from the client if the server requires itNiall Sheridan
2018-08-09Remove gRPCNiall Sheridan
This hasn't been enabled in a while due to gRPC limitations
2018-08-08Correct client behaviours for option handlingNiall Sheridan
A config file is not required - don't error if one doesn't exist. Don't overwrite default options with an empty string.
2017-10-18allow whitespace in message (#68)Bob Long
2017-10-17 Support a message to be passed and logged from client to server (#67)Bob Long
* Support a message to be passed and logged from client to server
2017-06-05Saving private keys (#61)fuero
* enables saving private keys * renames public_file_prefix to key_file_prefix and updates its docs to better reflect the changes
2017-04-10don't log timestampsNiall Sheridan
2017-02-20Split the servers out of mainNiall Sheridan
2017-02-19Add grpc signerNiall Sheridan
2017-02-12Minor fixupsNiall Sheridan
Correct some flag strings and some format strings Don't fatal when the client config file is missing Make keysigner, certstore and authprovider package-level
2017-02-12Initial pass at prometheus support. (#56)Kevin Lyda
2017-02-11Revert "Remove the oauth_callback_url config option"Niall Sheridan
2017-02-09Remove the oauth_callback_url config optionNiall Sheridan
Infer the redirect url from the request instead
2017-01-27Add a public_file_prefix option to cashier.confKevin Lyda
Allow the client to save the public key and public cert to files that start with public_file_prefix and end with .pub and -cert.pub respectively. This is the naming scheme the ssh IdentityFile config option supported for certs starting in version 5.4p1. Starting in version 7.2p1, an additional option, CertificateFile, was added, but the IdentityFile-only method with those names still works. Used in conjunction with a user's ~/.ssh/config file setting IdentitiesOnly and IdentityFile, this change will allow for multiple ssh CAs for different services. Note that this will resolve #49 .
2017-01-25Create a gitlab auth source.Kevin Lyda
Defaults to public gitlab.com, but easily redirected to self-hosted installation.
2017-01-25Switch to scl, an extension of hclNiall Sheridan
2017-01-15Add more context to errorsNiall Sheridan
2017-01-13Use wkfs to manage the lets encrypt cacheNiall Sheridan
2017-01-09Merge branch 'master' into opts2Niall Sheridan
2017-01-08Remove dbinit and use sql/js seed filesNiall Sheridan
2017-01-06Check that tls cert/key are set if use_tls is trueNiall Sheridan
2017-01-05Move GetPublicKey to the shared `lib` packageNiall Sheridan
2017-01-04Simplify key generationNiall Sheridan
Use functions to build key generation options. Make it entirely optional.
2016-12-29Use vendored s3 wkfsNiall Sheridan
2016-12-28Add LetsEncrypt supportNiall Sheridan
When configured the server will request a TLS certificate for the specified server name from LetsEncrypt
2016-10-11Replace the 'datastore' option with a 'database' optionNiall Sheridan
The 'datastore' string option is deprecated and will be removed in a future version. The new 'database' map option is preferred.
2016-10-06Add support for Hashicorp VaultNiall Sheridan
Vault is supported for the following: As a well-known filesystem for TLS cert, TLS key and SSH signing key. For configuration secrets for cookie_secret, csrf_secret, oauth_client_id and oauth_client_secret options.
2016-10-06Use wkfs when loading tls certsNiall Sheridan
2016-09-30Use json.NewDecoder to decode json from httpNiall Sheridan
2016-09-11Add a toggle for unexpired certsNiall Sheridan
2016-09-10Make client a top-level package for consistencyNiall Sheridan
2016-09-03Add comments for exported types and functionsNiall Sheridan
2016-09-03Move signing & agent logic out of the main packageNiall Sheridan
2016-09-01Remove the Principal field from the requestNiall Sheridan
The server will always overwrite this field with the username obtained from the auth provider. Allowing the client to set it is a waste of time.
2016-08-27Allow setting some config from environmentNiall Sheridan
2016-08-27Update dependenciesNiall Sheridan
2016-08-26First attempt at dropping privilegessid77
2016-08-20Replace Fatals with ErrorsNiall Sheridan
2016-08-20Run some tests in parallelNiall Sheridan
2016-08-20Use references to config structsNiall Sheridan
2016-08-20Add key expiry time to the commentNiall Sheridan
2016-08-16Allow selecting which ip to listen onNiall Sheridan
2016-08-16Add private key along certificatesid77
2016-08-15Ensure the /sign url is valid before useNiall Sheridan
2016-08-09Document sqliteNiall Sheridan
2016-08-09SQLite DB supportNiall Sheridan