[docs] document flags and env vars

- Resolves: #5

3 files changed, 34 insertions, 4 deletions

diff --git a/README.md b/README.md
index 5848fb2..e423b67 100644
--- a/README.md
+++ b/README.md
@@ -3,4 +3,36 @@ vpnweb
 A minimalistic webapp in Go to service API/JSON for the LEAP VPN
 
 
+Configuration
+-------------
+
+You can pass generic configuration options either as a flag or an environment
+variable. Some specific options can be passed only as env vars (like
+authentication credentials).
+
+| Flag              |  Env var             |  default             | Description                                            |
+|-------------------|:--------------------:|----------------------|-------------------------------------------------------:|
+| **apiPath**       | `VPNWEB_API_PATH`    | /etc/leap/config/vpn | _Path for the public API static files_                 |
+| **providerCaCrt** | `VPNWEB_PROVIDER_CA` | /etc/leap/ca/ca.crt  | _Path for the provider CA certificate_                 |
+| **port**          | `VPNWEB_PORT`        | 8000                 | _Port where the server will listen_                    |
+| **tls**           |                      | false                | _Enable TLS on the service_                            |
+| **tlsCrt**        | `VPNWEB_TLSCRT`      |                      | _Path to the cert file for TLS_                        |
+| **tlsKey**        | `VPNWEB_TLSKEY`      |                      | _Path to the key file for TLS_                         |
+| **vpnCaCrt**      | `VPNWEB_CACRT`       |                      | _Path to the CA public key used for VPN certificates_  |
+| **vpnCaKey**      | `VPNWEB_CAKEY`       |                      | _Path to the CA private key used for VPN certificates_ |
+| **auth**          | `VPNWEB_AUTH`        |                      | _Authentication module to use (one of: sip2, anon)_    |
+| **authSecret**    | `VPNWEB_AUTH_SECRET` |                      | _Authentication secret to sign auth tokens_            |
+
+
+SIP2 authentication:
+
+|  Env var                      | Description                                          |
+|:-----------------------------:|-----------------------------------------------------:|
+| `VPNWEB_SIP_USER`             | Administrative user for the SIP2 telnet interface    |
+| `VPNWEB_SIP_PASS`             | Administrative pass for the SIP2 telnet interface    |
+| `VPNWEB_SIP_HOST`             | Host to connect to the SIP2 telnet interface         |
+| `VPNWEB_SIP_PORT`             | Port to connect to the SIP2 telnet interface         |
+| `VPNWEB_SIP_LIBR_LOCATION`    | Port to connect to the SIP2 telnet interface         |
+| `VPNWEB_SIP_TERMINATOR`       | Telnet terminator used by the endpoint (default: \r) |
+
 
diff --git a/config/CONFIG b/config/CONFIG
index 939393d..02d60cb 100755
--- a/config/CONFIG
+++ b/config/CONFIG
@@ -1,5 +1,7 @@
 # general variables
 
+export VPNWEB_API_PATH="./public"
+export VPNWEB_PROVIDER_CA="./public/ca.crt"
 export VPNWEB_AUTH=sip
 export VPNWEB_CAKEY=test/files/ca.key
 export VPNWEB_CACRT=test/files/ca.crt
@@ -15,5 +17,3 @@ export VPNWEB_SIP_PORT="6001"
 export VPNWEB_SIP_LIBR_LOCATION=testlibrary
 export VPNWEB_SIP_TERMINATOR="\r"
 
-#export VPNWEB_API_PATH="./public"
-#export VPNWEB_PROVIDER_CA="./public/ca.crt"
diff --git a/main.go b/main.go
index 2d7492c..86ddfea 100644
--- a/main.go
+++ b/main.go
@@ -25,8 +25,6 @@ func main() {
 
 	/* static files */
 
-	/* TODO -- pass static file path in options */
-
 	web.HttpFileHandler("/3/configs.json", opts.ApiPath+"/3/configs.json")
 	web.HttpFileHandler("/3/service.json", opts.ApiPath+"/3/service.json")
 	web.HttpFileHandler("/3/config/eip-service.json", opts.ApiPath+"/3/eip-service.json")