A minimalistic webapp in Go to service API/JSON for the LEAP VPN
You can pass generic configuration options either as a flag or an environment variable. Some specific options can be passed only as env vars (like authentication credentials).
Flag | Env var | default | Description |
---|---|---|---|
apiPath | VPNWEB_API_PATH |
/etc/leap/config/vpn | Path for the public API static files |
providerCaCrt | VPNWEB_PROVIDER_CA |
/etc/leap/ca/ca.crt | Path for the provider CA certificate |
port | VPNWEB_PORT |
8000 | Port where the api server will listen |
metricsPort | VPNWEB_METRICS_PORT |
8001 | Port where the metrics server will listen |
tls | false | Enable TLS on the service | |
tlsCrt | VPNWEB_TLSCRT |
Path to the cert file for TLS | |
tlsKey | VPNWEB_TLSKEY |
Path to the key file for TLS | |
vpnCaCrt | VPNWEB_CACRT |
Path to the CA public key used for VPN certificates | |
vpnCaKey | VPNWEB_CAKEY |
Path to the CA private key used for VPN certificates | |
auth | VPNWEB_AUTH |
Authentication module to use (one of: sip2, anon) | |
authSecret | VPNWEB_AUTH_SECRET |
Authentication secret to sign auth tokens | |
passwordPolicy | VPNWEB_PASSWORD_POLICY |
require | Password policy, if used (one of: require, ignore) |
SIP2 authentication:
Env var | Description |
---|---|
VPNWEB_SIP_USER |
Administrative user for the SIP2 telnet interface |
VPNWEB_SIP_PASS |
Administrative pass for the SIP2 telnet interface |
VPNWEB_SIP_HOST |
Host to connect to the SIP2 telnet interface |
VPNWEB_SIP_PORT |
Port to connect to the SIP2 telnet interface |
VPNWEB_SIP_LIBR_LOCATION |
Library location identifier |
VPNWEB_SIP_TERMINATOR |
Telnet terminator used by the endpoint (default: \r\n) |