mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-07 12:41:30 +00:00
Rewrite README and .env.example to match actual implementation
README.md:
- Replace ASCII architecture diagram with Mermaid
- Fix all database table names (managed_certificates, audit_events, etc.)
- Fix env var names to use CERTCTL_ prefix matching config.go
- Fix API endpoint paths ({id} not :id, /audit not /audit/logs)
- Add all missing endpoints (renew, deploy, CSR, heartbeat, policies, notifications)
- Add dashboard as primary feature (was completely missing)
- Link to all new docs (concepts, advanced demo, architecture, connectors)
- Fix integration status (Local CA implemented, ACME in progress)
- Fix security section (API key auth, not mTLS)
- Remove broken links to non-existent docs (api.md, k8s-deployment.md, scaling.md)
- Remove placeholder Support & Community section
.env.example:
- Change all var names to CERTCTL_ prefix (CERTCTL_DATABASE_URL, etc.)
- Remove vars that don't exist in config.go (ACME_*, SMTP_*, feature flags)
- Add scheduler tuning vars as commented examples
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
shankar0123
+23
-56
@@ -3,73 +3,40 @@
|
||||
# DO NOT commit .env with real secrets to version control
|
||||
|
||||
# ==============================================================================
|
||||
# PostgreSQL Database Configuration
|
||||
# PostgreSQL (used by Docker Compose for the postgres container)
|
||||
# ==============================================================================
|
||||
POSTGRES_DB=certctl
|
||||
POSTGRES_USER=certctl
|
||||
POSTGRES_PASSWORD=change-me-in-production
|
||||
POSTGRES_PORT=5432
|
||||
|
||||
# ==============================================================================
|
||||
# Certctl Server Configuration
|
||||
# Certctl Server
|
||||
# All server vars use the CERTCTL_ prefix (see internal/config/config.go)
|
||||
# ==============================================================================
|
||||
SERVER_HOST=0.0.0.0
|
||||
SERVER_PORT=8443
|
||||
LOG_LEVEL=info
|
||||
CERTCTL_DATABASE_URL=postgres://certctl:certctl@postgres:5432/certctl?sslmode=disable
|
||||
CERTCTL_SERVER_HOST=0.0.0.0
|
||||
CERTCTL_SERVER_PORT=8443
|
||||
CERTCTL_LOG_LEVEL=info
|
||||
CERTCTL_LOG_FORMAT=json
|
||||
|
||||
# Database connection string (alternative to individual vars)
|
||||
# DB_URL=postgres://certctl:password@localhost:5432/certctl?sslmode=disable
|
||||
# Auth type: "api-key", "jwt", or "none" (for demo/development)
|
||||
CERTCTL_AUTH_TYPE=none
|
||||
# Required when CERTCTL_AUTH_TYPE is "api-key" or "jwt"
|
||||
# Generate with: openssl rand -base64 32
|
||||
# CERTCTL_AUTH_SECRET=change-me-in-production
|
||||
|
||||
# ==============================================================================
|
||||
# ACME Configuration
|
||||
# Certctl Agent
|
||||
# ==============================================================================
|
||||
# For Let's Encrypt production, use: https://acme-v02.api.letsencrypt.org/directory
|
||||
# For Let's Encrypt staging, use: https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
ACME_DIRECTORY_URL=https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
ACME_EMAIL=admin@example.com
|
||||
CERTCTL_SERVER_URL=http://localhost:8443
|
||||
CERTCTL_API_KEY=change-me-in-production
|
||||
CERTCTL_AGENT_NAME=local-agent
|
||||
|
||||
# ==============================================================================
|
||||
# SMTP Configuration (for email notifications)
|
||||
# Optional: Scheduler Tuning (defaults are usually fine)
|
||||
# ==============================================================================
|
||||
SMTP_HOST=smtp.example.com
|
||||
SMTP_PORT=587
|
||||
SMTP_USERNAME=your-smtp-user
|
||||
SMTP_PASSWORD=your-smtp-password
|
||||
SMTP_FROM_ADDRESS=certctl@example.com
|
||||
|
||||
# ==============================================================================
|
||||
# Webhook Configuration (optional)
|
||||
# ==============================================================================
|
||||
WEBHOOK_URL=https://your-webhook-endpoint.example.com/notifications
|
||||
WEBHOOK_SECRET=your-webhook-secret
|
||||
|
||||
# ==============================================================================
|
||||
# Agent Configuration
|
||||
# ==============================================================================
|
||||
SERVER_URL=http://localhost:8443
|
||||
AGENT_API_KEY=change-me-in-production
|
||||
AGENT_NAME=local-agent
|
||||
CHECK_INTERVAL=60s
|
||||
|
||||
# ==============================================================================
|
||||
# PgAdmin Configuration (development only)
|
||||
# ==============================================================================
|
||||
PGADMIN_EMAIL=admin@example.com
|
||||
PGADMIN_PASSWORD=admin
|
||||
PGADMIN_PORT=5050
|
||||
|
||||
# ==============================================================================
|
||||
# Security Settings
|
||||
# ==============================================================================
|
||||
# JWT secret for API authentication (generate with: openssl rand -base64 32)
|
||||
JWT_SECRET=change-me-in-production
|
||||
|
||||
# Encryption key for sensitive data (generate with: openssl rand -base64 32)
|
||||
ENCRYPTION_KEY=change-me-in-production
|
||||
|
||||
# ==============================================================================
|
||||
# Feature Flags (optional)
|
||||
# ==============================================================================
|
||||
ENABLE_AUDIT_LOG=true
|
||||
ENABLE_METRICS=true
|
||||
ENABLE_TRACING=false
|
||||
# CERTCTL_SCHEDULER_RENEWAL_CHECK_INTERVAL=1h
|
||||
# CERTCTL_SCHEDULER_JOB_PROCESSOR_INTERVAL=30s
|
||||
# CERTCTL_SCHEDULER_AGENT_HEALTH_CHECK_INTERVAL=2m
|
||||
# CERTCTL_SCHEDULER_NOTIFICATION_PROCESS_INTERVAL=1m
|
||||
# CERTCTL_DATABASE_MAX_CONNS=25
|
||||
|
||||
Reference in New Issue
Block a user