53 lines
1.4 KiB
Markdown
53 lines
1.4 KiB
Markdown
# Cheese
|
|
|
|
A Certificate Transparency log configuration and deployment tool.
|
|
|
|
## Configuration Generator
|
|
|
|
The `tesseract/genconf` tool generates CT log configuration files and keys from a YAML specification
|
|
in a very similar way to Sunlight.
|
|
|
|
### Usage
|
|
|
|
1. **Create YAML configuration file:**
|
|
|
|
```yaml
|
|
listen:
|
|
- "[::]:16420"
|
|
roots: /etc/tesseract/roots.pem
|
|
logs:
|
|
- shortname: example2025h1
|
|
listen: "[::]:16900"
|
|
inception: 2025-01-01
|
|
submissionprefix: https://example2025h1.log.ct.example.com
|
|
monitoringprefix: https://example2025h1.mon.ct.example.com
|
|
extraroots: /etc/tesseract/extra-roots.pem
|
|
secret: /etc/tesseract/keys/example2025h1.pem
|
|
localdirectory: /var/lib/tesseract/example2025h1/data
|
|
notafterstart: 2025-01-01T00:00:00Z
|
|
notafterlimit: 2025-07-01T00:00:00Z
|
|
```
|
|
|
|
2. **Generate private keys:**
|
|
```bash
|
|
go run ./tesseract/genconf/main.go -c config.yaml gen-key
|
|
```
|
|
|
|
3. **Create directories and generate environment files:**
|
|
```bash
|
|
mkdir -p /var/lib/tesseract/example2025h1/data
|
|
go run ./tesseract/genconf/main.go -c config.yaml gen-env
|
|
```
|
|
|
|
4. **Generate HTML and JSON files:**
|
|
```bash
|
|
go run ./tesseract/genconf/main.go -c config.yaml gen-html
|
|
```
|
|
|
|
5. **Generate nginx configuration files:**
|
|
```bash
|
|
go run ./tesseract/genconf/main.go -c config.yaml gen-nginx
|
|
```
|
|
|
|
You can symlink the generated $monitoringprefix.conf files from `/etc/nginx/sites-enabled/`.
|