Code, API and README is still work in progress
Configurable daemon that provides common features needed on virtual machine instances running in my hybrid cloud.
🔑 Sync secrets from Vault
🏭 Manage x509 and SSH certificates
📦 Start, stop and restart libvirt domains and systemd units
📫 Monitor system updates
🚦 Automatic shutdown, reboot and waking-up of hardware unit
Development is done "API first", therefore server code and client code are auto-generated using oapicodegen and should not be changed by hand.
The OpenAPI 3 spec file is defined here and a swagger like page is available at the path /docs of the API server.
> make generateLinting is done via spectral using the default OpenAPI configuration.
A GitHub Actions workflow is in-place that runs code-generation on every commit and fails if the generated code doesn't match the committed code.
The default mode is using mTLS to authenticate against the server that serves the REST API. A middleware is available that validates request based on the CommonName attribute or EmailAddresses attributes of the certificate.
Although strongly discouraged, the server can be configured to run without any authentication for development purposes.
All successfully authenticated users share the same permissions, no distinguished roles are available.
- start K0s service
- stop K0s service
- start a libvirt domain
- shutdown a libvirt domain
- restart a libvirt domain
- list installed packages on a system
- list updateable packages on a system
- upgrade all packages
- sign ssh public keys
- get ssh signatures configuration
- replicate secrets from Hashicorp Vault to the local system
- get repliaction configuration
- set status of system services (restarted, started, stopped)
- get logs of a system services
- set power status of system (reboot, shutdown)
- get status of conditional-reboot
- set status of conditional-reboot (paused, unpaused)
- Send WOL packets to wake up local machines