blob: 5e3603276963206c12435f9007dd9e949d350228 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
vpnweb
======
A minimalistic webapp in Go to service API/JSON for the LEAP VPN
Configuration
-------------
You can pass generic configuration options either as a flag or an environment
variable. Some specific options can be passed only as env vars (like
authentication credentials).
| Flag | Env var | default | Description |
|-------------------|:--------------------:|----------------------|-------------------------------------------------------:|
| **apiPath** | `VPNWEB_API_PATH` | /etc/leap/config/vpn | _Path for the public API static files_ |
| **providerCaCrt** | `VPNWEB_PROVIDER_CA` | /etc/leap/ca/ca.crt | _Path for the provider CA certificate_ |
| **port** | `VPNWEB_PORT` | 8000 | _Port where the api server will listen_ |
| **metricsPort** | `VPNWEB_METRICS_PORT`| 8001 | _Port where the metrics server will listen_ |
| **tls** | | false | _Enable TLS on the service_ |
| **tlsCrt** | `VPNWEB_TLSCRT` | | _Path to the cert file for TLS_ |
| **tlsKey** | `VPNWEB_TLSKEY` | | _Path to the key file for TLS_ |
| **vpnCaCrt** | `VPNWEB_CACRT` | | _Path to the CA public key used for VPN certificates_ |
| **vpnCaKey** | `VPNWEB_CAKEY` | | _Path to the CA private key used for VPN certificates_ |
| **auth** | `VPNWEB_AUTH` | | _Authentication module to use (one of: sip2, anon)_ |
| **authSecret** | `VPNWEB_AUTH_SECRET` | | _Authentication secret to sign auth tokens_ |
SIP2 authentication:
| Env var | Description |
|:-----------------------------:|-----------------------------------------------------:|
| `VPNWEB_SIP_USER` | Administrative user for the SIP2 telnet interface |
| `VPNWEB_SIP_PASS` | Administrative pass for the SIP2 telnet interface |
| `VPNWEB_SIP_HOST` | Host to connect to the SIP2 telnet interface |
| `VPNWEB_SIP_PORT` | Port to connect to the SIP2 telnet interface |
| `VPNWEB_SIP_LIBR_LOCATION` | Port to connect to the SIP2 telnet interface |
| `VPNWEB_SIP_TERMINATOR` | Telnet terminator used by the endpoint (default: \r) |
|