mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-07 23:21:30 +00:00
shankar0123
c153361bbc
README.md:
- Replace ASCII architecture diagram with Mermaid
- Fix all database table names (managed_certificates, audit_events, etc.)
- Fix env var names to use CERTCTL_ prefix matching config.go
- Fix API endpoint paths ({id} not :id, /audit not /audit/logs)
- Add all missing endpoints (renew, deploy, CSR, heartbeat, policies, notifications)
- Add dashboard as primary feature (was completely missing)
- Link to all new docs (concepts, advanced demo, architecture, connectors)
- Fix integration status (Local CA implemented, ACME in progress)
- Fix security section (API key auth, not mTLS)
- Remove broken links to non-existent docs (api.md, k8s-deployment.md, scaling.md)
- Remove placeholder Support & Community section
.env.example:
- Change all var names to CERTCTL_ prefix (CERTCTL_DATABASE_URL, etc.)
- Remove vars that don't exist in config.go (ACME_*, SMTP_*, feature flags)
- Add scheduler tuning vars as commented examples
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
43 lines
1.8 KiB
Bash
43 lines
1.8 KiB
Bash
# Certctl Configuration Example
|
|
# Copy this file to .env and configure for your environment
|
|
# DO NOT commit .env with real secrets to version control
|
|
|
|
# ==============================================================================
|
|
# PostgreSQL (used by Docker Compose for the postgres container)
|
|
# ==============================================================================
|
|
POSTGRES_DB=certctl
|
|
POSTGRES_USER=certctl
|
|
POSTGRES_PASSWORD=change-me-in-production
|
|
|
|
# ==============================================================================
|
|
# Certctl Server
|
|
# All server vars use the CERTCTL_ prefix (see internal/config/config.go)
|
|
# ==============================================================================
|
|
CERTCTL_DATABASE_URL=postgres://certctl:certctl@postgres:5432/certctl?sslmode=disable
|
|
CERTCTL_SERVER_HOST=0.0.0.0
|
|
CERTCTL_SERVER_PORT=8443
|
|
CERTCTL_LOG_LEVEL=info
|
|
CERTCTL_LOG_FORMAT=json
|
|
|
|
# Auth type: "api-key", "jwt", or "none" (for demo/development)
|
|
CERTCTL_AUTH_TYPE=none
|
|
# Required when CERTCTL_AUTH_TYPE is "api-key" or "jwt"
|
|
# Generate with: openssl rand -base64 32
|
|
# CERTCTL_AUTH_SECRET=change-me-in-production
|
|
|
|
# ==============================================================================
|
|
# Certctl Agent
|
|
# ==============================================================================
|
|
CERTCTL_SERVER_URL=http://localhost:8443
|
|
CERTCTL_API_KEY=change-me-in-production
|
|
CERTCTL_AGENT_NAME=local-agent
|
|
|
|
# ==============================================================================
|
|
# Optional: Scheduler Tuning (defaults are usually fine)
|
|
# ==============================================================================
|
|
# CERTCTL_SCHEDULER_RENEWAL_CHECK_INTERVAL=1h
|
|
# CERTCTL_SCHEDULER_JOB_PROCESSOR_INTERVAL=30s
|
|
# CERTCTL_SCHEDULER_AGENT_HEALTH_CHECK_INTERVAL=2m
|
|
# CERTCTL_SCHEDULER_NOTIFICATION_PROCESS_INTERVAL=1m
|
|
# CERTCTL_DATABASE_MAX_CONNS=25
|