airkjw/CLIProxyAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(server): add mTLS certificate bootstrap via JWT for Home connections

Browse Source 
- Introduced `-home-jwt` flag and `HOME_JWT` environment variable to provide JWT for mTLS certificate generation.
- Added new APIs to handle certificate requests, validate JWT claims, and manage local certificate files.
- Updated Home TLS configuration to support client certificates, keys, and dynamic server name resolution.
This commit is contained in:
Luis Pater
2026-05-19 00:53:40 +08:00
parent cc0cb057b3
commit 77ba15f71b
4 changed files with 414 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/config/home.go
+7 -4
View File
@@ -12,8 +12,11 @@ type HomeConfig struct {
// HomeTLSConfig configures client-side TLS for the home Redis connection.
type HomeTLSConfig struct {
Enable bool `yaml:"enable" json:"-"`
ServerName string `yaml:"server-name" json:"-"`
InsecureSkipVerify bool `yaml:"insecure-skip-verify" json:"-"`
CACert string `yaml:"ca-cert" json:"-"`
Enable bool `yaml:"enable" json:"-"`
ServerName string `yaml:"server-name" json:"-"`
InsecureSkipVerify bool `yaml:"insecure-skip-verify" json:"-"`
CACert string `yaml:"ca-cert" json:"-"`
ClientCert string `yaml:"-" json:"-"`
ClientKey string `yaml:"-" json:"-"`
UseTargetServerName bool `yaml:"-" json:"-"`
}