Documentation
¶
Overview ¶
Command skylight runs a Certificate Transparency log read-path server.
A YAML config file is required (specified with -c, by default skylight.yaml), the keys are documented in the Config type.
If the command line flag -testcert is passed, ACME will be disabled and the certificate will be loaded from skylight.pem and skylight-key.pem.
Requests from clients that don't specify an email address in their User-Agent will be globally rate-limited to 75 requests per second.
Metrics are exposed publicly at /metrics, and logs are written to stderr in human-readable format, and to stdout in JSON format. /health reports the health of all logs, returning 500 if any non-staging log is stale.
A private HTTP debug server is also started on a random port on localhost. It serves the net/http/pprof endpoints, the heavyhitter endpoints, the keylog endpoints, and the stdlog endpoints.
Source Files