caddyvault

package module

v1.0.0 Latest Latest Go to latest Published: Jun 1, 2019 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/siva-chegondi/caddyvault

Links

Open Source Insights

README ¶

CaddyVault

A TLS clustering plugin for caddyserver to use Vault as storage for storing TLS data like certificates, keys etc.,

state: ALPHA

Prerequisite

This plugin expects the following environment.

You need a VAULT server running and accessible from the machine/s on which caddy is running.

Extending caddy with CaddyVault plugin

To extend caddy with CaddyVault plugin, we need to include following import statement in github.com/mholt/caddy/caddy/caddymain/run.go file.

import (
   _ "github.com/mholt/caddy/caddyhttp"
   _ "github.com/siva-chegondi/caddyvault"
)

Docker file

Checkout following project for reference to build your own docker file. CaddyVault Docker

Configuration

Vault configuration

We need to enable KV2 secrets engine on the path certpaths.

Caddy configuration

We can enable CaddyVault plugin by setting environment variable CADDY_CLUSTERING to vault.
Now set the following environment variables.
- CADDY_CLUSTERING_VAULT_ENDPOINT
- CADDY_CLUSTERING_VAULT_KEY

Documentation ¶

Index ¶

type VaultStorage

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type VaultStorage ¶

type VaultStorage struct {
	API string
}

VaultStorage storage for ACME certificates

func (*VaultStorage) Delete ¶

func (vaultStorage *VaultStorage) Delete(key string) error

Delete deletes the certificate from vault.

func (*VaultStorage) Exists ¶

func (vaultStorage *VaultStorage) Exists(key string) bool

Exists returns existance of certificate with key

func (*VaultStorage) List ¶

func (vaultStorage *VaultStorage) List(prefix string, recursive bool) ([]string, error)

List lists certificates

func (*VaultStorage) Load ¶

func (vaultStorage *VaultStorage) Load(key string) ([]byte, error)

Load retrieves certificate of key

func (*VaultStorage) Lock ¶

func (vaultStorage *VaultStorage) Lock(key string) error

Lock locks operations on certificate with particular key

func (*VaultStorage) Stat ¶

func (vaultStorage *VaultStorage) Stat(key string) (certmagic.KeyInfo, error)

Stat retrieves status of certificate with key param

func (*VaultStorage) Store ¶

func (vaultStorage *VaultStorage) Store(key string, value []byte) error

Store stores certificate with key association

func (*VaultStorage) Unlock ¶

func (vaultStorage *VaultStorage) Unlock(key string) error

Unlock unlocks operations on certificate data

Source Files ¶

View all Source files

vaultstorage.go

Directories ¶

Path	Synopsis
utils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL