From 6da07c8be89be0d40e8bdae9d773bfb5d2d33ad9 Mon Sep 17 00:00:00 2001 From: "kali kaneko (leap communications)" Date: Tue, 4 Feb 2020 21:15:48 +0100 Subject: [docs] document flags and env vars - Resolves: #5 --- README.md | 32 ++++++++++++++++++++++++++++++++ config/CONFIG | 4 ++-- main.go | 2 -- 3 files changed, 34 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 5848fb2..e423b67 100644 --- a/README.md +++ b/README.md @@ -3,4 +3,36 @@ vpnweb A minimalistic webapp in Go to service API/JSON for the LEAP VPN +Configuration +------------- + +You can pass generic configuration options either as a flag or an environment +variable. Some specific options can be passed only as env vars (like +authentication credentials). + +| Flag | Env var | default | Description | +|-------------------|:--------------------:|----------------------|-------------------------------------------------------:| +| **apiPath** | `VPNWEB_API_PATH` | /etc/leap/config/vpn | _Path for the public API static files_ | +| **providerCaCrt** | `VPNWEB_PROVIDER_CA` | /etc/leap/ca/ca.crt | _Path for the provider CA certificate_ | +| **port** | `VPNWEB_PORT` | 8000 | _Port where the server will listen_ | +| **tls** | | false | _Enable TLS on the service_ | +| **tlsCrt** | `VPNWEB_TLSCRT` | | _Path to the cert file for TLS_ | +| **tlsKey** | `VPNWEB_TLSKEY` | | _Path to the key file for TLS_ | +| **vpnCaCrt** | `VPNWEB_CACRT` | | _Path to the CA public key used for VPN certificates_ | +| **vpnCaKey** | `VPNWEB_CAKEY` | | _Path to the CA private key used for VPN certificates_ | +| **auth** | `VPNWEB_AUTH` | | _Authentication module to use (one of: sip2, anon)_ | +| **authSecret** | `VPNWEB_AUTH_SECRET` | | _Authentication secret to sign auth tokens_ | + + +SIP2 authentication: + +| Env var | Description | +|:-----------------------------:|-----------------------------------------------------:| +| `VPNWEB_SIP_USER` | Administrative user for the SIP2 telnet interface | +| `VPNWEB_SIP_PASS` | Administrative pass for the SIP2 telnet interface | +| `VPNWEB_SIP_HOST` | Host to connect to the SIP2 telnet interface | +| `VPNWEB_SIP_PORT` | Port to connect to the SIP2 telnet interface | +| `VPNWEB_SIP_LIBR_LOCATION` | Port to connect to the SIP2 telnet interface | +| `VPNWEB_SIP_TERMINATOR` | Telnet terminator used by the endpoint (default: \r) | + diff --git a/config/CONFIG b/config/CONFIG index 939393d..02d60cb 100755 --- a/config/CONFIG +++ b/config/CONFIG @@ -1,5 +1,7 @@ # general variables +export VPNWEB_API_PATH="./public" +export VPNWEB_PROVIDER_CA="./public/ca.crt" export VPNWEB_AUTH=sip export VPNWEB_CAKEY=test/files/ca.key export VPNWEB_CACRT=test/files/ca.crt @@ -15,5 +17,3 @@ export VPNWEB_SIP_PORT="6001" export VPNWEB_SIP_LIBR_LOCATION=testlibrary export VPNWEB_SIP_TERMINATOR="\r" -#export VPNWEB_API_PATH="./public" -#export VPNWEB_PROVIDER_CA="./public/ca.crt" diff --git a/main.go b/main.go index 2d7492c..86ddfea 100644 --- a/main.go +++ b/main.go @@ -25,8 +25,6 @@ func main() { /* static files */ - /* TODO -- pass static file path in options */ - web.HttpFileHandler("/3/configs.json", opts.ApiPath+"/3/configs.json") web.HttpFileHandler("/3/service.json", opts.ApiPath+"/3/service.json") web.HttpFileHandler("/3/config/eip-service.json", opts.ApiPath+"/3/eip-service.json") -- cgit v1.2.3