Skip to content
/ vogon Public

[ABANDONED, just use Vault] Minimal web application to manage secrets like certificates/keys and the automated access to them in build processes, written in Go.

1 star 1 fork Branches Tags Activity
Star
Notifications

xrstf/vogon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits

Godeps

Godeps

 
 

assets/js

assets/js

 
 

resources

resources

 
 

templates

templates

 
 

.bowerrc

.bowerrc

 
 

.gitignore

.gitignore

 
 

Gruntfile.js

Gruntfile.js

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

access_log.go

access_log.go

 
 

audit_log.go

audit_log.go

 
 

bower.json

bower.json

 
 

config.go

config.go

 
 

config.json.dist

config.json.dist

 
 

consumer.go

consumer.go

 
 

crypto.go

crypto.go

 
 

dashboard.go

dashboard.go

 
 

delivery.go

delivery.go

 
 

login.go

login.go

 
 

main.go

main.go

 
 

package.json

package.json

 
 

profile.go

profile.go

 
 

restriction.go

restriction.go

 
 

restriction_apikey.go

restriction_apikey.go

 
 

restriction_date.go

restriction_date.go

 
 

restriction_file.go

restriction_file.go

 
 

restriction_limit.go

restriction_limit.go

 
 

restriction_originip.go

restriction_originip.go

 
 

restriction_throttle.go

restriction_throttle.go

 
 

restriction_time.go

restriction_time.go

 
 

restriction_tlscert.go

restriction_tlscert.go

 
 

return_handler.go

return_handler.go

 
 

secret.go

secret.go

 
 

session.go

session.go

 
 

storage.go

storage.go

 
 

templates.go

templates.go

 
 

user.go

user.go

 
 

utils.go

utils.go

 
 

Repository files navigation

Raziel - Managing Secrets in Build Processes

This application can be used to have one central place to manage secrets like passwords, private keys or certificates that are used in automated build processes (think of things like Jenkins build jobs that need to embed a TLS certificate in a Docker image). Access to those secrets happens via HTTPS.

For this, users can create secrets and consumers. Consumers allow automated access, given certain conditions are met (like an API key, a certain day of the week or a specific origin IP).

Secrets are stored in an encrypted fashion in a MariaDB database.

All access (attempts) and changes to secrets are logged in access and audit logs.

Build from Source

You will need a recent Go compiler, at least version 1.4.

go get github.com/xrstf/raziel
cd $GOPATH/src/github.com/xrstf/raziel
make

Installation

Create a TLS certificate if you don't have one. If you are only playing around, you can generate your own using Go's TLS package:

go run $GOROOT/src/crypto/tls/generate_cert.go --host localhost

Copy the config.json.dist and adjust it accordingly.

Now go ahead and initialize your database by executing the resources/schema.sql.

Then, run Raziel:

./raziel --config myconfig.json

About

[ABANDONED, just use Vault] Minimal web application to manage secrets like certificates/keys and the automated access to them in build processes, written in Go.

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Languages