Documentation
¶
Overview ¶
Package gpgsmith hosts the gpgsmith web UI — a thin HTTP frontend that calls the daemon over its Unix socket via wire.Client. It does no GPG, no vault crypto, and no audit on its own.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// Client is the daemon-facing client. Required.
Client DaemonClient
// Logger is the slog logger for the server. If nil, a
// discarding logger is used (tests).
Logger *slog.Logger
}
Config holds Server construction parameters.
type DaemonClient ¶
type DaemonClient interface {
VaultList(ctx context.Context) (*v1.ListResponse, error)
VaultStatus(ctx context.Context) (*v1.StatusVaultResponse, error)
VaultOpen(ctx context.Context, vaultName, passphrase string) (*v1.OpenResponse, error)
VaultResume(ctx context.Context, vaultName, passphrase string, resume bool) (*v1.ResumeResponse, error)
VaultDiscard(ctx context.Context, sessionToken string) error
KeyList(ctx context.Context, sessionToken string) (*v1.ListKeysResponse, error)
KeyStatus(ctx context.Context, sessionToken string) (*v1.KeyStatusResponse, error)
IdentityList(ctx context.Context, sessionToken string) (*v1.ListIdentitiesResponse, error)
CardInventory(ctx context.Context, sessionToken string) (*v1.InventoryResponse, error)
ServerList(ctx context.Context, sessionToken string) (*v1.ListServersResponse, error)
ServerLookup(ctx context.Context, sessionToken string) (*v1.LookupResponse, error)
AuditShow(ctx context.Context, sessionToken string, last int32) (*v1.ShowResponse, error)
// Mutations wired by v0.6.0 (Group A).
VaultSeal(ctx context.Context, sessionToken, message string) (*v1.SealResponse, error)
VaultTrust(ctx context.Context, vaultName, fingerprint string) error
KeyRevoke(ctx context.Context, sessionToken, keyID string) error
IdentityAdd(ctx context.Context, sessionToken, uid string) error
IdentityRevoke(ctx context.Context, sessionToken, uid string) error
IdentityPrimary(ctx context.Context, sessionToken, uid string) error
ServerAdd(ctx context.Context, sessionToken, alias, url string) error
ServerRemove(ctx context.Context, sessionToken, alias string) error
ServerEnable(ctx context.Context, sessionToken, alias string) error
ServerDisable(ctx context.Context, sessionToken, alias string) error
}
DaemonClient is the narrow subset of wire.Client that the web UI actually uses. Defining it here (rather than taking *wire.Client directly) lets tests inject a fake without dialing a real Unix socket.
The concrete adapter lives in wire_adapter.go.
func NewWireAdapter ¶
func NewWireAdapter(c *wire.Client) DaemonClient
NewWireAdapter wraps a *wire.Client so the web UI can call it via the DaemonClient interface.
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is the HTTP web UI. Construct via NewServer and install Handler() on an http.Server to start serving.
func NewServer ¶
NewServer assembles the HTTP handler graph. It does not start listening; install Handler() on an http.Server yourself.
func (*Server) Handler ¶
Handler returns the fully-wired HTTP handler: auth middleware + routed mux. Callers install it on an http.Server and call Serve.
func (*Server) StartupToken ¶
StartupToken returns the one-shot token the server requires on the initial URL (?t=<token>). Callers print this to stderr at startup.
Source Files