{ "info": { "author": "Glyph", "author_email": "glyph@twistedmatrix.com", "bugtrack_url": null, "classifiers": [ "License :: OSI Approved :: MIT License" ], "description": "# LAN-Cer: Certificates For Your LAN\n\n`lancer` is a tool which will quickly and simply provision certificates for any\nnumber of hosts in a domain, using Let's Encrypt, assuming that you have an\nAPI-controlled DNS service.\n\n## The Problem\n\nYou have too many computers. Too many (all) of them have to talk to the\nInternet. And, as we all know, any computer on the internet needs a TLS\ncertificate and the [lock\nicon](https://en.wikipedia.org/wiki/Padlock#Padlock_icon_symbolising_a_secure_web_transaction)\nthat comes with it if you want to be able to talk to it.\n\nFor example:\n\n1. Maybe you need to test some web APIs that [don't\n work](https://sites.google.com/a/chromium.org/dev/Home/chromium-security/deprecating-powerful-features-on-insecure-origins)\n without HTTPS, so you need a development certificate for localhost.\n2. Maybe you have an [OpenWRT](https://www.openwrt.org/) router and you need to\n administer it via its web interface; you don't want every compromised IoT\n device or bored teenager on your WiFi to be able to read your administrator\n password.\n\n## The Bad Old Days\n\nPreviously the way you'd address problems like this would be to:\n\n- \u26a0\ufe0f\ud83d\ude21\u26a0\ufe0f use a garbage self-signed root and click through annoying warnings all\n the time\n- \ud83d\udd12\ufe0f\ud83d\uddd1\ufe0f\ud83d\udd12\ufe0f add a garbage self-signed root to your trust store\n- \ud83d\udd25\ud83d\ude31\ud83d\udd25 turn off certificate validation entirely in your software\n\nThese are all bad in similar ways: they decrease your security and they require\nfiddly, machine-specific configuration that has to be repeated on every new\nmachine that needs to talk to such endpoints.\n\n## The Solution\n\nLet's Encrypt is 99% of the solution here. And, for public-facing internet\nservices, it's almost trivially easy to use; many web servers provide built-in\nsupport for it. But you don't want to use production certificates for your\nmain website on your development box: you want to put an entry in `/etc/hosts`\nunder a dedicated test domain name, and you shouldn't have to figure out how to\nroute inbound public traffic to a web server on that host name in order to\nrespond to a challenge.\n\nLuckily, Let's Encrypt offers DNS-01 validation, so all you need to do is\nupdate a DNS record. Lancer uses this challenge.\n\n## What You Need\n\nYour DNS needs to be hosted on a platform that supports `libcloud` (Rackspace\nDNS and CloudFlare are two that I have tested with), or Gandi's' V5 API which\nLancer has specific support for. You will need an API key.\n\n## How To Use It\n\n1. `pip install lancer`\n2. `mkdir certificates-for-mydomain.com`\n3. Create empty files for the certificates you want to provision: `touch\n certificates-for-mydomain.com/myhost1.lan.mydomain.com.pem\n certificates-for-mydomain.com/myhost2.lan.mydomain.com.pem` .\n4. `lancer certificates-for-mydomain.com`\n\nUpon first run, lancer will ask you 4 questions:\n\n1. what driver do you want to use? this should be the libcloud driver name, or\n 'gandi' for the Gandi V5 API.\n2. what is your username?\n3. what is the DNS zone that you will be provisioning certificates under?\n (usually this is the [registrable part](https://publicsuffix.org/) of the\n domain name; if you want certificates for `lan.somecompany.com` then your\n zone is usually `somecompany.com`)\n4. what is your API key? This will be prompted for and stored with\n [Secretly](https://github.com/glyph/secretly), which uses\n [Keyring](https://github.com/jaraco/keyring) to securely store secrets; this\n may mean that in certain unattended configurations you might need\n [keyrings.alt](https://github.com/jaraco/keyrings.alt) to store your API key\n in a configuration file rather than something like\n [Keychain](https://en.wikipedia.org/wiki/Keychain_(software)) or\n [GnomeKeyring](https://wiki.gnome.org/Projects/GnomeKeyring).\n\nIt will store the answers to the first three questions in\n`certificates-for-mydomain.com/lancer.json` and the secrets depending upon your\nkeyring configuration, so you shouldn't need to answer them again (although you\nmay need to click through a security confirmation on subsequent attempts to\nallow access to your API key).\n\nWait for `lancer` to log that it has successfully provisioned your\ncertificates, and copy your now-no-longer-empty `.pem` files (which will each\ncontain a certificate, chain certificates, and a private key) to wherever you\nneed them on your LAN. You can kill it with `^C` or you can just leave it\nrunning in the background and let it auto-renew every 90 days or so.\n\nIf you don't leave it running, to renew your certificates when they've expired,\nsimply run `lancer certificates-for-mydomain.com` again, and any expired or\nsoon-to-expire `.pem` files in that directory will be renewed and replaced.\nYou can add new certificates at any time by creating new, empty\n`fully-qualified-domain-name.pem` files,\n\n", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/glyph/lancer", "keywords": "", "license": "", "maintainer": "", "maintainer_email": "", "name": "lancer", "package_url": "https://pypi.org/project/lancer/", "platform": "", "project_url": "https://pypi.org/project/lancer/", "project_urls": { "Homepage": "https://github.com/glyph/lancer" }, "release_url": "https://pypi.org/project/lancer/0.4.0/", "requires_dist": [ "attrs>=18.1.0", "secretly>=0.2", "treq>=18.6.0", "txacme[libcloud]>=0.9.2", "twisted[tls]>=18.7.0" ], "requires_python": "", "summary": "Provision TLS *Cer*tificates for your *LAN*, using the ACME DNS challenge.", "version": "0.4.0" }, "last_serial": 4928611, "releases": { "0.1": [ { "comment_text": "", "digests": { "md5": "99bef05cced54a27a9b0f884c96fd469", "sha256": "7d69a2bc67273edd270f0a756c21d15ece2e1febffd8f38c0a2b7f40d0567601" }, "downloads": -1, "filename": "lancer-0.1-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "99bef05cced54a27a9b0f884c96fd469", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 5812, "upload_time": "2017-06-25T21:00:39", "url": "https://files.pythonhosted.org/packages/4f/53/3c3aeca370b955e2f2fa695d88d1ac290b750a4bef0d80a8d2bd514eb923/lancer-0.1-py2.py3-none-any.whl" } ], "0.1.1": [ { "comment_text": "", "digests": { "md5": "92d6890256c5fda8fd269b8040cd0d4f", "sha256": "6737fd02a15a470c8ac3c6d28ba12b7137a2edfd6e0e219f2ebc9ec2c3dade51" }, "downloads": -1, "filename": "lancer-0.1.1-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "92d6890256c5fda8fd269b8040cd0d4f", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 6080, "upload_time": "2017-12-14T00:56:46", "url": "https://files.pythonhosted.org/packages/1b/38/9e1236e03077096a6082fd6e04d0b6fd03c596d2dd8c9b742185a1d66697/lancer-0.1.1-py2.py3-none-any.whl" } ], "0.2.1": [ { "comment_text": "", "digests": { "md5": "a7f550df759743f83cc1e1299a17b581", "sha256": "e30e714e8932b4f3761897bea8e6f5e80e359d157828c5b8a154f881ce692bc3" }, "downloads": -1, "filename": "lancer-0.2.1-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "a7f550df759743f83cc1e1299a17b581", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 8864, "upload_time": "2018-01-29T00:10:27", "url": "https://files.pythonhosted.org/packages/3d/12/f7a77c835ed267b2f6c1b73f152038d5d597c8a344c32a175944c3461fe7/lancer-0.2.1-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "3f1d160f389f1b1ac21f0139c17358fa", "sha256": "bcb4f6e299305cd818de1edd0cbf5a7b262d7f784c0439d32d2acc27c76d20c3" }, "downloads": -1, "filename": "lancer-0.2.1.tar.gz", "has_sig": false, "md5_digest": "3f1d160f389f1b1ac21f0139c17358fa", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3462, "upload_time": "2018-01-29T00:10:28", "url": "https://files.pythonhosted.org/packages/ed/2b/f856941f985c943fc377e88f62d7be32a5853d75d1aba8ff32ed0a2d8b37/lancer-0.2.1.tar.gz" } ], "0.3.0": [ { "comment_text": "", "digests": { "md5": "fd494ab25985960a2bbd8eb42f8c9673", "sha256": "81dc54d2923f80224bb700da8070db71859169e83de11340c64ed7cd49755c49" }, "downloads": -1, "filename": "lancer-0.3.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "fd494ab25985960a2bbd8eb42f8c9673", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 12058, "upload_time": "2018-07-03T00:39:44", "url": "https://files.pythonhosted.org/packages/83/66/3b49394b9179fbaf12ddfd708d39c7b1e06c31dddcdbbf2b7e3d83caa676/lancer-0.3.0-py2.py3-none-any.whl" } ], "0.3.1": [ { "comment_text": "", "digests": { "md5": "d03424a0a9d8502461fddb3c431859c8", "sha256": "ef68ace09a2e178bade11912c34319f6ce8b3a30bf3b51603e6a3635c1f050a6" }, "downloads": -1, "filename": "lancer-0.3.1-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "d03424a0a9d8502461fddb3c431859c8", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 14271, "upload_time": "2018-08-17T23:39:11", "url": "https://files.pythonhosted.org/packages/08/32/829dceeee001c405a6dbeada9ca5f99df2d2db5c80c60834056767bd4fd7/lancer-0.3.1-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "6218fcd0c9632012b9e995253e76a0a4", "sha256": "04a9b3d71f152c1aed259b40cce698f16ce57fc7a8f828c5c09c0305793f1869" }, "downloads": -1, "filename": "lancer-0.3.1.tar.gz", "has_sig": false, "md5_digest": "6218fcd0c9632012b9e995253e76a0a4", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6349, "upload_time": "2018-08-17T23:39:12", "url": "https://files.pythonhosted.org/packages/6f/4e/0a2601ebd4cee81e116af8161258f3239d44a9f7d20ac166f5dc7bf61665/lancer-0.3.1.tar.gz" } ], "0.3.2": [ { "comment_text": "", "digests": { "md5": "196a9f84df5eff3480e8c818c6d22b81", "sha256": "7e71a51474ce9b6ad22ecc98bf709d1ef5c8bb7d5e6cb4ae0b78315d8e86c4dd" }, "downloads": -1, "filename": "lancer-0.3.2-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "196a9f84df5eff3480e8c818c6d22b81", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 14309, "upload_time": "2018-08-17T23:43:38", "url": "https://files.pythonhosted.org/packages/8a/44/eb9a17664047e03de9f03afdb0a5acfc739f54927a90a507d2b978069479/lancer-0.3.2-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "c7d3ae5fe462790378018b783b73d51d", "sha256": "78495c829c814533698e94f5142d468762c65040372915cc2aac5b5cf24c98b1" }, "downloads": -1, "filename": "lancer-0.3.2.tar.gz", "has_sig": false, "md5_digest": "c7d3ae5fe462790378018b783b73d51d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6391, "upload_time": "2018-08-17T23:43:40", "url": "https://files.pythonhosted.org/packages/59/df/e6d8970987a0e3a769f10572ac5da9d8565a051a3a950f58e634a9b5b52d/lancer-0.3.2.tar.gz" } ], "0.4.0": [ { "comment_text": "", "digests": { "md5": "ee6f3d87626931b2a17d7d216fd017ef", "sha256": "2024b2495812e3772caa6b22a28716f52761677e16459af247b99f79918a4369" }, "downloads": -1, "filename": "lancer-0.4.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "ee6f3d87626931b2a17d7d216fd017ef", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 16984, "upload_time": "2019-03-12T06:03:45", "url": "https://files.pythonhosted.org/packages/6e/1c/9a1dbafa436d79208e4a0203904b4f3f800720f332f9ebac4634bfdb2fa8/lancer-0.4.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "899fe70a0fdfe3f5ed9cf9adc9138588", "sha256": "e87fa0a7b03f50730d84378f5cd78b356fd32833b00eacfc77b92283c807fb61" }, "downloads": -1, "filename": "lancer-0.4.0.tar.gz", "has_sig": false, "md5_digest": "899fe70a0fdfe3f5ed9cf9adc9138588", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7135, "upload_time": "2019-03-12T06:03:47", "url": "https://files.pythonhosted.org/packages/a9/e4/70887c300054fd48f44739b4b1128ff2e7bb9a50195d50835516c6358dc8/lancer-0.4.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "ee6f3d87626931b2a17d7d216fd017ef", "sha256": "2024b2495812e3772caa6b22a28716f52761677e16459af247b99f79918a4369" }, "downloads": -1, "filename": "lancer-0.4.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "ee6f3d87626931b2a17d7d216fd017ef", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 16984, "upload_time": "2019-03-12T06:03:45", "url": "https://files.pythonhosted.org/packages/6e/1c/9a1dbafa436d79208e4a0203904b4f3f800720f332f9ebac4634bfdb2fa8/lancer-0.4.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "899fe70a0fdfe3f5ed9cf9adc9138588", "sha256": "e87fa0a7b03f50730d84378f5cd78b356fd32833b00eacfc77b92283c807fb61" }, "downloads": -1, "filename": "lancer-0.4.0.tar.gz", "has_sig": false, "md5_digest": "899fe70a0fdfe3f5ed9cf9adc9138588", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7135, "upload_time": "2019-03-12T06:03:47", "url": "https://files.pythonhosted.org/packages/a9/e4/70887c300054fd48f44739b4b1128ff2e7bb9a50195d50835516c6358dc8/lancer-0.4.0.tar.gz" } ] }