1
0
Fork 0
mirror of https://github.com/Luzifer/vault-openvpn.git synced 2024-12-26 14:51:19 +00:00

Allow defining default config on disk

Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2017-05-04 12:06:46 +02:00
parent 2adcbfb5ca
commit 29743cd411
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E

46
main.go
View file

@ -13,6 +13,8 @@ import (
"text/template" "text/template"
"time" "time"
yaml "gopkg.in/yaml.v2"
"github.com/Luzifer/rconfig" "github.com/Luzifer/rconfig"
log "github.com/Sirupsen/logrus" log "github.com/Sirupsen/logrus"
"github.com/hashicorp/vault/api" "github.com/hashicorp/vault/api"
@ -29,6 +31,7 @@ const (
actionRevokeSerial = "revoke-serial" actionRevokeSerial = "revoke-serial"
dateFormat = "2006-01-02 15:04:05" dateFormat = "2006-01-02 15:04:05"
defaultsFile = "~/.config/vault-openvpn.yaml"
) )
var ( var (
@ -36,16 +39,24 @@ var (
VaultAddress string `flag:"vault-addr" env:"VAULT_ADDR" default:"https://127.0.0.1:8200" description:"Vault API address"` VaultAddress string `flag:"vault-addr" env:"VAULT_ADDR" default:"https://127.0.0.1:8200" description:"Vault API address"`
VaultToken string `flag:"vault-token" env:"VAULT_TOKEN" vardefault:"vault-token" description:"Specify a token to use instead of app-id auth"` VaultToken string `flag:"vault-token" env:"VAULT_TOKEN" vardefault:"vault-token" description:"Specify a token to use instead of app-id auth"`
PKIMountPoint string `flag:"pki-mountpoint" default:"/pki" description:"Path the PKI provider is mounted to"` PKIMountPoint string `flag:"pki-mountpoint" vardefault:"pki-mountpoint" description:"Path the PKI provider is mounted to"`
PKIRole string `flag:"pki-role" default:"openvpn" description:"Role defined in the PKI usable by the token and able to write the specified FQDN"` PKIRole string `flag:"pki-role" vardefault:"pki-role" description:"Role defined in the PKI usable by the token and able to write the specified FQDN"`
AutoRevoke bool `flag:"auto-revoke" default:"true" description:"Automatically revoke older certificates for this FQDN"` AutoRevoke bool `flag:"auto-revoke" vardefault:"auto-revoke" description:"Automatically revoke older certificates for this FQDN"`
CertTTL time.Duration `flag:"ttl" default:"8760h" description:"Set the TTL for this certificate"` CertTTL time.Duration `flag:"ttl" vardefault:"ttl" description:"Set the TTL for this certificate"`
LogLevel string `flag:"log-level" default:"info" description:"Log level to use (debug, info, warning, error)"` LogLevel string `flag:"log-level" vardefault:"log-level" description:"Log level to use (debug, info, warning, error)"`
VersionAndExit bool `flag:"version" default:"false" description:"Prints current version and exits"` VersionAndExit bool `flag:"version" default:"false" description:"Prints current version and exits"`
}{} }{}
defaultConfig = map[string]string{
"pki-mountpoint": "/pki",
"pki-role": "openvpn",
"auto-revoke": "true",
"ttl": "8760h",
"log-level": "info",
}
version = "dev" version = "dev"
client *api.Client client *api.Client
@ -87,10 +98,29 @@ func vaultTokenFromDisk() string {
return string(data) return string(data)
} }
func defualtsFromDisk() map[string]string {
res := defaultConfig
df, err := homedir.Expand(defaultsFile)
if err != nil {
return res
}
yamlSource, err := ioutil.ReadFile(df)
if err != nil {
return res
}
if err := yaml.Unmarshal(yamlSource, &res); err != nil {
log.Errorf("Unable to parse defaults file %q: %s", defaultsFile, err)
}
return res
}
func init() { func init() {
rconfig.SetVariableDefaults(map[string]string{ defaults := defualtsFromDisk()
"vault-token": vaultTokenFromDisk(), defaults["vault-token"] = vaultTokenFromDisk()
}) rconfig.SetVariableDefaults(defaults)
if err := rconfig.Parse(&cfg); err != nil { if err := rconfig.Parse(&cfg); err != nil {
log.Fatalf("Unable to parse commandline options: %s", err) log.Fatalf("Unable to parse commandline options: %s", err)