mirror of
https://github.com/Luzifer/vault-openvpn.git
synced 2024-12-26 14:51:19 +00:00
Allow defining default config on disk
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
2adcbfb5ca
commit
29743cd411
1 changed files with 39 additions and 9 deletions
46
main.go
46
main.go
|
@ -13,6 +13,8 @@ import (
|
||||||
"text/template"
|
"text/template"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
yaml "gopkg.in/yaml.v2"
|
||||||
|
|
||||||
"github.com/Luzifer/rconfig"
|
"github.com/Luzifer/rconfig"
|
||||||
log "github.com/Sirupsen/logrus"
|
log "github.com/Sirupsen/logrus"
|
||||||
"github.com/hashicorp/vault/api"
|
"github.com/hashicorp/vault/api"
|
||||||
|
@ -29,6 +31,7 @@ const (
|
||||||
actionRevokeSerial = "revoke-serial"
|
actionRevokeSerial = "revoke-serial"
|
||||||
|
|
||||||
dateFormat = "2006-01-02 15:04:05"
|
dateFormat = "2006-01-02 15:04:05"
|
||||||
|
defaultsFile = "~/.config/vault-openvpn.yaml"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
@ -36,16 +39,24 @@ var (
|
||||||
VaultAddress string `flag:"vault-addr" env:"VAULT_ADDR" default:"https://127.0.0.1:8200" description:"Vault API address"`
|
VaultAddress string `flag:"vault-addr" env:"VAULT_ADDR" default:"https://127.0.0.1:8200" description:"Vault API address"`
|
||||||
VaultToken string `flag:"vault-token" env:"VAULT_TOKEN" vardefault:"vault-token" description:"Specify a token to use instead of app-id auth"`
|
VaultToken string `flag:"vault-token" env:"VAULT_TOKEN" vardefault:"vault-token" description:"Specify a token to use instead of app-id auth"`
|
||||||
|
|
||||||
PKIMountPoint string `flag:"pki-mountpoint" default:"/pki" description:"Path the PKI provider is mounted to"`
|
PKIMountPoint string `flag:"pki-mountpoint" vardefault:"pki-mountpoint" description:"Path the PKI provider is mounted to"`
|
||||||
PKIRole string `flag:"pki-role" default:"openvpn" description:"Role defined in the PKI usable by the token and able to write the specified FQDN"`
|
PKIRole string `flag:"pki-role" vardefault:"pki-role" description:"Role defined in the PKI usable by the token and able to write the specified FQDN"`
|
||||||
|
|
||||||
AutoRevoke bool `flag:"auto-revoke" default:"true" description:"Automatically revoke older certificates for this FQDN"`
|
AutoRevoke bool `flag:"auto-revoke" vardefault:"auto-revoke" description:"Automatically revoke older certificates for this FQDN"`
|
||||||
CertTTL time.Duration `flag:"ttl" default:"8760h" description:"Set the TTL for this certificate"`
|
CertTTL time.Duration `flag:"ttl" vardefault:"ttl" description:"Set the TTL for this certificate"`
|
||||||
|
|
||||||
LogLevel string `flag:"log-level" default:"info" description:"Log level to use (debug, info, warning, error)"`
|
LogLevel string `flag:"log-level" vardefault:"log-level" description:"Log level to use (debug, info, warning, error)"`
|
||||||
VersionAndExit bool `flag:"version" default:"false" description:"Prints current version and exits"`
|
VersionAndExit bool `flag:"version" default:"false" description:"Prints current version and exits"`
|
||||||
}{}
|
}{}
|
||||||
|
|
||||||
|
defaultConfig = map[string]string{
|
||||||
|
"pki-mountpoint": "/pki",
|
||||||
|
"pki-role": "openvpn",
|
||||||
|
"auto-revoke": "true",
|
||||||
|
"ttl": "8760h",
|
||||||
|
"log-level": "info",
|
||||||
|
}
|
||||||
|
|
||||||
version = "dev"
|
version = "dev"
|
||||||
|
|
||||||
client *api.Client
|
client *api.Client
|
||||||
|
@ -87,10 +98,29 @@ func vaultTokenFromDisk() string {
|
||||||
return string(data)
|
return string(data)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func defualtsFromDisk() map[string]string {
|
||||||
|
res := defaultConfig
|
||||||
|
|
||||||
|
df, err := homedir.Expand(defaultsFile)
|
||||||
|
if err != nil {
|
||||||
|
return res
|
||||||
|
}
|
||||||
|
|
||||||
|
yamlSource, err := ioutil.ReadFile(df)
|
||||||
|
if err != nil {
|
||||||
|
return res
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := yaml.Unmarshal(yamlSource, &res); err != nil {
|
||||||
|
log.Errorf("Unable to parse defaults file %q: %s", defaultsFile, err)
|
||||||
|
}
|
||||||
|
return res
|
||||||
|
}
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
rconfig.SetVariableDefaults(map[string]string{
|
defaults := defualtsFromDisk()
|
||||||
"vault-token": vaultTokenFromDisk(),
|
defaults["vault-token"] = vaultTokenFromDisk()
|
||||||
})
|
rconfig.SetVariableDefaults(defaults)
|
||||||
|
|
||||||
if err := rconfig.Parse(&cfg); err != nil {
|
if err := rconfig.Parse(&cfg); err != nil {
|
||||||
log.Fatalf("Unable to parse commandline options: %s", err)
|
log.Fatalf("Unable to parse commandline options: %s", err)
|
||||||
|
|
Loading…
Reference in a new issue