coniksserver

command

v0.0.0-...-11acf48 Latest Latest Go to latest Published: Jul 22, 2018 License: BSD-3-Clause Imports: 2 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/coniks-sys/coniks-go

Links

Open Source Insights

README ¶

CONIKS Server implementation in Golang

Usage

⇒  go install github.com/coniks-sys/coniks-go/cli/coniksserver
⇒  coniksserver -h
 _______  _______  __    _  ___  ___   _  _______
|       ||       ||  |  | ||   ||   | | ||       |
|       ||   _   ||   |_| ||   ||   |_| ||  _____|
|       ||  | |  ||       ||   ||      _|| |_____
|      _||  |_|  ||  _    ||   ||     |_ |_____  |
|     |_ |       || | |   ||   ||    _  | _____| |
|_______||_______||_|  |__||___||___| |_||_______|

Usage:
  coniksserver [command]

Available Commands:
  init        Create a configuration file for a CONIKS server.
  run         Run a CONIKS server instance.
  version     Print the version number of coniksserver.

Flags:
  -h, --help   help for coniksserver

Use "coniksserver [command] --help" for more information about a command.

Configure the server

Generate the configuration file:

⇒  mkdir coniks; cd coniks
⇒  coniksserver init -c # create all files including a self-signed tls keys/cert

By default, the configuration file has two addresses entries: the first is for the registration proxy, the second is the server's public address for "read-only" requests (lookups, monitoring etc).
Edit the configuration file as needed:
- Replace the loaded_history_length with the desired number of snapshots kept in memory.
- Replace the epoch_deadline with the desired duration in seconds.
- If using a CONIKS registration proxy, replace the registration proxy address. Otherwise, remove the registration proxy addresses entry, and add allow_registration = true field to the public addresses entry.
- In either case, replace the public address with the server's public CONIKS address.
Test setup (no registration proxy) config file example:

[policies]
...
[[addresses]]
    address = "tcp://public.server.address:port"
    allow_registration = true
    cert = "server.pem"
    key = "server.key"
[logger]
...

Run the server

⇒  coniksserver run -p  # run & write down the process ID into coniks.pid

You can reload the server's policies while it's running by editing the config.toml file and possibly replace vrf.priv with a new key, then run

⇒  kill -USR2 `cat coniks.pid`

Disclaimer

Please keep in mind that this CONIKS server implementation is under active development. The repository may contain experimental features that aren't fully tested. We recommend using a tagged release.

Documentation ¶

Overview ¶

Executable CONIKS key server. See README for usage instructions.

Source Files ¶

View all Source files

coniksserver.go

Directories ¶

Path	Synopsis
internal
cmd Package cmd implements the CLI commands for a CONIKS key server.	Package cmd implements the CLI commands for a CONIKS key server.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL