|paul 2422e3108f||2 years ago|
|assets||2 years ago|
|handlers||2 years ago|
|middleware||2 years ago|
|models||2 years ago|
|router||2 years ago|
|services||2 years ago|
|settings||2 years ago|
|views||2 years ago|
|.gitignore||2 years ago|
|.gitlab-ci.yml||2 years ago|
|Dockerfile||2 years ago|
|README.md||2 years ago|
|main.go||2 years ago|
Certman is a simple certificate manager web service for OpenVPN.
There are prebuilt binary files for this application. They are statically linked and have no additional dependencies. Supported plattforms are:
A prebuilt docker image (10MB) is available:
docker pull docker.klink.asia/paul/certman
You can easily build your own docker image from source
docker build -t docker.klink.asia/paul/certman .
Certman assumes the root certificates of the VPN CA are located in the same
directory as the binary, If that is not the case you need to copy over the
ca.key files before you are able to generate certificates
with this tool.
Additionally, the project is configured by the following environment variables:
OAUTH2_CLIENT_IDthe Client ID, assigned during client registration
OAUTH2_CLIENT_SECRETthe Client secret, assigned during client registration
OAUTH2_AUTH_URLthe URL to the "/authorize" endpoint of the identity provider
OAUTH2_TOKEN_URLthe URL to the "/token" endpoint of the identity provider
OAUTH2_REDIRECT_URLthe redirect URL used by the app, usually the hostname suffixed by "/login/oauth2/redirect"
USER_ENDPOINTthe URL to the Identity provider user endpoint, for gitlab this is "/api/v4/user". The "username" attribute of the returned JSON will used for authentication.
APP_KEYrandom ASCII string, 32 characters in length. Used for cookie generation.
APP_LISTENport and ip to listen on, e.g.