openspa icon indicating copy to clipboard operation
openspa copied to clipboard
verified publisher icon greenstatic

config.yaml in source code is missing

Open cugwhzenith opened this issue 2 years ago • 4 comments

zenith@LAPTOP-ZENITH:~/openspa/artifacts$ ./openspa_linux_amd64 server start 3:28PM FTL Failed to read config file error="open config.yaml: no such file or directory"

openspa server run err because of a lack of config.yaml

ps: I would appreciate it very much if README.md could be more specific : )

cugwhzenith avatar Mar 30 '23 07:03 cugwhzenith

I haven't yet written the documentation for the project yet, part of which would be the example server config file.

The server config schema can be found here in the source code: https://github.com/greenstatic/openspa/blob/dev/internal/server_config.go

Here is an example server config.yaml that I used for testing:

server:
  ip: "0.0.0.0"
  port: 22211

  requestHandlers: 100

  http:
    enable: true
    ip: "0.0.0.0"
    port: 22212

firewall:
  backend: "iptables"
  iptables:
    chain: "OPENSPA-ALLOW"


authorization:
  backend: "simple"
  simple:
    # Valid units are "s", "m", "h"; seconds, minutes and hours respectively
    duration: "30s"

crypto:
  cipherSuitePriority:
    - "CipherSuite_RSA_SHA256_AES256CBC"

  rsa:
    client:
      publicKeyLookupDir: "/home/ubuntu/openspa/authorized_keys"
    server:
      privateKeyPath: "/home/ubuntu/openspa/server_private.key"
      publicKeyPath: "/home/ubuntu/openspa/server_public.key"

Note:

  • The ADK (and XADK) feature is not enabled in this config
  • You will need to create a client and server pair of RSA keys (hence the paths)
  • The publicKeyLookupDir is the path to a directory which contains files with client's public keys (the file name is the client's Client UUID) https://github.com/greenstatic/openspa/blob/a72c3914baa743b8e9179c1e690c63309dfe2a30/internal/server.go#L73
  • The client also needs a config file, the schema can be found here https://github.com/greenstatic/openspa/blob/dev/internal/ospa.go
  • Currently the only sort of documentation or rather written text for the new version of OpenSPA (v2) is my master thesis available here: https://repozitorij.uni-lj.si/IzpisGradiva.php?id=142965&lang=eng (note this is not documentation for the software, but describes what the software does, e.g. what is ADK & XADK)

greenstatic avatar Mar 30 '23 07:03 greenstatic

it works as mentioned !

cugwhzenith avatar Mar 31 '23 07:03 cugwhzenith

V1 and V2 implementations of the client and server are completely different. They are not backwards compatible. In v1 the protocol schema is static while in v2 the protocol schema is based around TLV. Essentially v2 is a complete re-write. Sending v1 client request to a v2 server will not work.

I see you have updated your comment now :)

greenstatic avatar Mar 31 '23 07:03 greenstatic

Thanks a lot for your patience : )

cugwhzenith avatar Mar 31 '23 08:03 cugwhzenith