Simple deployment tool for certificates managed by CertWarden https://certwarden-deploy.adora.codes
Find a file
2024-07-30 08:11:08 +02:00
.vscode add vscode debug config 2024-07-12 12:54:25 +02:00
.woodpecker add docs to repo 2024-07-12 13:04:33 +02:00
cmd/certwarden-deploy remove sentry remnants 2024-07-12 17:31:44 +02:00
docs describe configuration options 2024-07-30 08:11:08 +02:00
examples update example config file 2024-07-12 10:58:27 +02:00
internal refactor logger init function 2024-07-12 17:41:50 +02:00
.gitignore 0.1.0, add examples, add license 2024-07-03 11:56:04 +02:00
CHANGELOG.md bump version to 0.2.1 2024-07-12 11:18:50 +02:00
CONTRIBUTING.md use dev mail 2024-07-12 14:37:05 +02:00
go.mod remove sentry remnants 2024-07-12 17:31:44 +02:00
go.sum remove sentry remnants 2024-07-12 17:31:44 +02:00
LICENSE 0.1.0, add examples, add license 2024-07-03 11:56:04 +02:00
main.go initial commit 2024-06-28 15:28:54 +02:00
MAINTAINERS.md use dev mail 2024-07-12 14:37:05 +02:00
README.md update contribution documenation 2024-07-28 14:36:06 +02:00

certwarden-deploy

status-badge Please don't upload to GitHub

This is a simple binary to deploy certificates from a CertWarden instance.

Quick Start

Installation of the required CertWarden instance is out of scope of this documentation. For detailed instructions regarding CertWarden, please visit it's documentation

To quickly get started with certwarden-deploy, just download the binary...

# this downloads certwarden-deploy version 0.2.1 
# to /usr/local/bin/certwarden-deploy
sudo wget https://code.lila.network/adoralaura/certwarden-deploy/releases/download/0.2.1/certwarden-deploy-0.2.1-linux-amd64 -O /usr/local/bin/certwarden-deploy

sudo chmod +x /usr/local/bin/certwarden-deploy

... fill out the config file...

vi /etc/certwarden-deploy/config.yaml
# Base URL of the CertWarden instance
# required
base_url: "https://certwarden.example.com"

# Set this to true if your CertWarden instance does not have a publicly trusted 
# TLS certificate (e.g. it has a self signed one)
# default is false
disable_certificate_validation: false

# define all managed certificates here
certificates:
    # name is a unique identifier that must start and end with an alphanumeric character, 
    # and can contain the following characters: a-zA-Z0-9._-
    # required
  - name: test-certificate.example.com
    # Contains the API-Key to fetch the certificate from the server
    # required
    cert_secret: examplekey_notvalid_hrzjGDDw8z
    # path where to save the certificate
    # required
    cert_path: "/path/to/test-certificate.example.com-cert.pem"
    # Contains the API-Key to fetch the private key from the server
    # required
    key_secret: examplekey_notvalid_hrzbbDDw8z
    # path where to save the private key
    # required
    key_path: "/path/to/test-certificate.example.com-key.pem"
    # action to run when certificate was updated or --force is on
    action: "/usr/bin/systemd reload caddy"

... and run it!

certwarden-deploy -v

Contributing

I use my own Forgejo Instance code.lila.network to manage issues, pull requests and CI/CD.

  • If you have a trivial fix or improvement, go ahead and send a diff to the maintainer(s) of this repository (see MAINTAINERS.md).

  • If you plan to do something more involved, first please send me a mailmso I can create an account for you.

Non-development Contibutions

The best way to help without speaking a lot of Go would be to share your configuration, setup, and tips. If you have something that works and is not in the repository, please pay it forward and share what works.

Changelog

You can find the Changelog here: Changelog

License

certwarden-deploy is available under the MIT license. See the LICENSE file for more info.