sam/SafelineAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
master
SafelineAPI/README.md
Sam Geyskens 8f450aa809 provider update
2025-12-23 17:08:39 +01:00

3.1 KiB
Raw Permalink Blame History

SafelineAPI

A lightweight CLI tool that automatically manages TLS/SSL certificates for SafeLine instances using DNS-01 validation. It supports multiple DNS providers, making it easy to automate certificate renewal and updates across your infrastructure.

What It Does

SafelineAPI simplifies TLS certificate management by:

  • Automatically requesting new certificates from Let's Encrypt using DNS-01 validation
  • Updating existing certificates in your SafeLine WAF instance
  • Supporting multiple DNS providers (Cloudflare)
  • Running as a scheduled service on Linux (systemd) or Windows
  • Checking certificate expiration and renewing before they expire

Perfect for users who want hands-off certificate management integrated with SafeLine!

Quick Start

Download & Run (Easiest)

  1. Download a pre-built binary from Releases
  2. Follow the setup guide → see INSTALL.md

Or Build from Source

git clone <your-repo-url>
cd SafelineAPI
go build -o safelineApi ./cmd/safelineApi

Installation & Setup

For detailed setup instructions, see INSTALL.md which covers:

  • Using pre-built release binaries
  • Building from source (Linux, Windows, macOS)
  • Configuring the application
  • Running as a service on Linux (systemd)
  • Running as a service on Windows (NSSM, Task Scheduler)
  • Troubleshooting

Configuration

  1. Copy config.example.json to config.json
  2. Fill in your SafeLine API token and DNS provider credentials
  3. Run with: ./safelineApi config.json

For detailed configuration options, see docs/CONFIGURATION.md

DNS Provider

Currently supports:

  • Cloudflare - Primary DNS provider

Additional providers can be added in the future. See docs/cloudflare.md for Cloudflare setup instructions.

Security Best Practices

  • Use scoped API tokens instead of global keys (especially for Cloudflare)
  • Keep config.json out of source control
  • Restrict file permissions on config.json (600 on Linux)
  • Run the service as an unprivileged user
  • Use environment variables or secret management in production

Documentation

Development

Prerequisites (for building from source)

  • Go 1.23 or later
  • Git

Build Commands

# Build for current platform
make build

# Build for all platforms (Linux & Windows)
make build-all

# Run tests
make test

# Format code
make fmt

Automated Releases

This project uses Gitea Actions to automatically build and release binaries for:

  • Linux: amd64, ARM64, ARMv7, 386, PowerPC 64LE
  • Windows: amd64, 386

Releases are triggered by git tags (e.g., v1.0.0, v1.0.1)

License

See LICENSE file for details.

Support

  • Found a bug? Create an issue
  • Have a question? Check the docs first, then create a discussion
  • Want to contribute? Pull requests welcome!
Reference in New Issue View Git Blame Copy Permalink