vpnweb
A minimalistic webapp in Go to service API/JSON for the LEAP VPN
Configuration
You can pass generic configuration options either as a flag or an environment
variable. Some specific options can be passed only as env vars (like
authentication credentials).
Flag | Env var | default | Description |
---|
apiPath | VPNWEB_API_PATH | /etc/leap/config/vpn | Path for the public API static files |
providerCaCrt | VPNWEB_PROVIDER_CA | /etc/leap/ca/ca.crt | Path for the provider CA certificate |
port | VPNWEB_PORT | 8000 | Port where the api server will listen |
metricsPort | VPNWEB_METRICS_PORT | 8001 | Port where the metrics server will listen |
tls | | false | Enable TLS on the service |
tlsCrt | VPNWEB_TLSCRT | | Path to the cert file for TLS |
tlsKey | VPNWEB_TLSKEY | | Path to the key file for TLS |
vpnCaCrt | VPNWEB_CACRT | | Path to the CA public key used for VPN certificates |
vpnCaKey | VPNWEB_CAKEY | | Path to the CA private key used for VPN certificates |
auth | VPNWEB_AUTH | | Authentication module to use (one of: sip2, anon) |
authSecret | VPNWEB_AUTH_SECRET | | Authentication secret to sign auth tokens |
passwordPolicy | VPNWEB_PASSWORD_POLICY | require | Password policy, if used (one of: require, ignore) |
SIP2 authentication:
Env var | Description |
---|
VPNWEB_SIP_USER | Administrative user for the SIP2 telnet interface |
VPNWEB_SIP_PASS | Administrative pass for the SIP2 telnet interface |
VPNWEB_SIP_HOST | Host to connect to the SIP2 telnet interface |
VPNWEB_SIP_PORT | Port to connect to the SIP2 telnet interface |
VPNWEB_SIP_LIBR_LOCATION | Library location identifier |
VPNWEB_SIP_TERMINATOR | Telnet terminator used by the endpoint (default: \r\n) |