diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index e828a30ede01b69d7eb2ca3fad8e7f057c5ca35f..52891cdaa0fa1e76345248d3f5fa84d350f4fb92 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -22,6 +22,9 @@ jobs:
- name: Check out code into the Go module directory
uses: actions/checkout@v2
+ - name: Install golint
+ run: go get -u golang.org/x/lint/golint
+
- name: Build
run: go build -v .
diff --git a/README.md b/README.md
index 0c171c82a25e68cef35d79d73895723a2dbe4ae4..b1c8ba6dc25d82fb24c5e5219bb29664483a68ff 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,8 @@
GO Remote Desktop Gateway
=========================
+
+
:star: Star us on GitHub — it helps!
RDPGW is an implementation of the [Remote Desktop Gateway protocol](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-tsgu/0007d661-a86d-4e8f-89f7-7f77f8824188).
@@ -12,19 +14,62 @@ on Kubernetes.
RDPGW aims to provide a full open source replacement for MS Remote Desktop Gateway,
including access policies.
+## How to build
+```bash
+cd rdpgw
+go build -o rdpgw .
+```
+
+## Configuration
+By default the configuration is read from `rdpgw.yaml`. Below is a
+template.
+
+```yaml
+# web server configuration.
+server:
+ # TLS certificate files (required)
+ certFile: server.pem
+ keyFile: key.pem
+ # gateway address advertised in the rdp files
+ gatewayAddress: localhost
+ # port to listen on
+ port: 443
+ # list of acceptable desktop hosts to connect to
+ farmHosts:
+ - localhost:3389
+ # Allow the user to connect to any host (insecure)
+ enableOverride: false
+ # Set the desktop host to connect to filled in by the claims from oidc
+ hostTemplate: my-{{ preferred_username }}-host:3389
+
+# Open ID Connect specific settings (required)
+openId:
+ providerUrl: http://keycloak/auth/realms/test
+ clientId: rdpgw
+ clientSecret: your-secret
+
+# enabled / disabled capabilities
+caps:
+ SmartCardAuth: false
+ tokenAuth: true
+ idleTimeout: 10
+ DisablePrinter: true
+ DisablePort: true
+ DisablePnp: true
+ DisableDrive: true
+```
+
+## Use
+Point your browser to `https://your-gateway/connect`. After authentication
+and RDP file will download to your desktop. This file can be opened by one
+of the remote desktop clients and it will try to connect to the gateway and
+desktop host behind it.
+
## TODO
-* Integrate VIPER
* Integrate Open Policy Agent
* Integrate GOKRB5
* Integrate uber-go/zap
* Integrate prometheus
* Research: TLS defragmentation
-## How to build
-go build rdg.go main.go http.go errors.go
-
-## How to run
-Make sure you have a certificate and key file available. You can call those server.pem and key.pem and
-put them in the same directory as your executable.
-./rdg
diff --git a/config/configuration.go b/config/configuration.go
index 0f1ac22809cd01373bd047f6c49eedeb2d1e0c79..099d9920d36a96f707af4b4ad038dc2eb81139be 100644
--- a/config/configuration.go
+++ b/config/configuration.go
@@ -20,7 +20,6 @@ type OpenIDConfig struct {
ProviderUrl string
ClientId string
ClientSecret string
- CallbackHost string
}
type RDGCapsConfig struct {
diff --git a/go.mod b/go.mod
index 3b3589aeef825cdb4a04d58ab0730a6d65ebf690..44d063300e0bfeef0bb34336bed6419343b581d0 100644
--- a/go.mod
+++ b/go.mod
@@ -9,4 +9,5 @@ require (
github.com/prometheus/client_golang v1.7.1
github.com/spf13/cobra v1.0.0
github.com/spf13/viper v1.7.0
+ golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
)