identity

package

v1.2.0 Latest Latest Go to latest Published: Apr 22, 2026 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/nstance-dev/nstance

Links

Open Source Insights

Documentation ¶

Overview ¶

Package identity provides agent identity management and certificate generation utilities.

Index ¶

func LocalHostname(override string) string
func LocalIPs(overrideV4, overrideV6 string) (ipv4, ipv6 string)
type Identity
- func Load(dir string, logger *slog.Logger) (*Identity, error)
- func LoadOrCreate(dir string, logger *slog.Logger, mode os.FileMode) (*Identity, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func LocalHostname ¶

func LocalHostname(override string) string

LocalHostname returns the hostname for this host. If override is provided, that value is used. Otherwise, auto-detects the hostname using os.Hostname(). Returns empty string if detection fails.

func LocalIPs ¶

func LocalIPs(overrideV4, overrideV6 string) (ipv4, ipv6 string)

LocalIPs returns the private IPv4 and IPv6 addresses for this host. If overrideV4 or overrideV6 are provided, those values are used. Otherwise, auto-detects the first non-loopback addresses found on the system. Returns empty strings if no suitable addresses are found.

Types ¶

type Identity ¶

type Identity struct {
	Nonce      []byte
	CACert     *x509.Certificate
	PublicKey  *ed25519.PublicKey
	PrivateKey *ed25519.PrivateKey
	ClientCert *x509.Certificate
	// contains filtered or unexported fields
}

Identity represents the identity material stored on disk for the agent.

func Load ¶

func Load(dir string, logger *slog.Logger) (*Identity, error)

Load loads identity material from dir for use as a client. Requires ca.crt, identity.crt, and identity.key to exist. Returns an error if any required file is missing.

func LoadOrCreate ¶

func LoadOrCreate(dir string, logger *slog.Logger, mode os.FileMode) (*Identity, error)

LoadOrCreate loads identity material from dir. Missing files are left nil, errors reading existing files are returned. If the identity keypair is missing it is generated automatically.

func (*Identity) BuildTLSConfig ¶

func (i *Identity) BuildTLSConfig() (*tls.Config, error)

BuildTLSConfig creates a TLS config using the identity's certificate and key. Requires CACert, ClientCert, and PrivateKey to be set.

func (*Identity) DeleteNonce ¶

func (i *Identity) DeleteNonce() error

DeleteNonce removes the nonce file from disk.

func (*Identity) GenerateKeypair ¶

func (i *Identity) GenerateKeypair() error

GenerateKeypair creates a new identity keypair, stores it on disk, and updates the struct.

func (*Identity) StoreClientCertificate ¶

func (i *Identity) StoreClientCertificate(certPEM []byte) error

StoreClientCertificate saves the provided certificate and updates the in-memory copy.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL