vpnweb
A minimalistic webapp in Go to service API/JSON for the LEAP VPN
Configuration
You can pass generic configuration options either as a flag or an environment variable. Some specific options can be passed only as env vars (like authentication credentials).
| Flag | Env var | default | Description |
|---|---|---|---|
| apiPath | VPNWEB_API_PATH |
/etc/leap/config/vpn | Path for the public API static files |
| providerCaCrt | VPNWEB_PROVIDER_CA |
/etc/leap/ca/ca.crt | Path for the provider CA certificate |
| port | VPNWEB_PORT |
8000 | Port where the api server will listen |
| metricsPort | VPNWEB_METRICS_PORT |
8001 | Port where the metrics server will listen |
| tls | false | Enable TLS on the service | |
| tlsCrt | VPNWEB_TLSCRT |
Path to the cert file for TLS | |
| tlsKey | VPNWEB_TLSKEY |
Path to the key file for TLS | |
| vpnCaCrt | VPNWEB_CACRT |
Path to the CA public key used for VPN certificates | |
| vpnCaKey | VPNWEB_CAKEY |
Path to the CA private key used for VPN certificates | |
| auth | VPNWEB_AUTH |
Authentication module to use (one of: sip2, anon) | |
| authSecret | VPNWEB_AUTH_SECRET |
Authentication secret to sign auth tokens | |
| passwordPolicy | VPNWEB_PASSWORD_POLICY |
require | Password policy, if used (one of: require, ignore) |
SIP2 authentication:
| Env var | Description |
|---|---|
VPNWEB_SIP_USER |
Administrative user for the SIP2 telnet interface |
VPNWEB_SIP_PASS |
Administrative pass for the SIP2 telnet interface |
VPNWEB_SIP_HOST |
Host to connect to the SIP2 telnet interface |
VPNWEB_SIP_PORT |
Port to connect to the SIP2 telnet interface |
VPNWEB_SIP_LIBR_LOCATION |
Library location identifier |
VPNWEB_SIP_TERMINATOR |
Telnet terminator used by the endpoint (default: \r\n) |