Certificate generation and sync, implemented proper grant and revocation flows. Pubkey uploading. Added openssh-client to Dockerfile

2026-01-26 23:27:18 +00:00
parent cdaceb1cf7
commit 664e7be9f0
23 changed files with 1119 additions and 66 deletions
--- a/app/apps/keys/admin.py
+++ b/app/apps/keys/admin.py
@@ -8,7 +8,7 @@ except ImportError:  # Fallback for older Unfold builds without guardian admin s
    class GuardedModelAdmin(GuardianGuardedModelAdmin, UnfoldModelAdmin):
        pass

-from .models import SSHKey
+from .models import SSHCertificate, SSHCertificateAuthority, SSHKey


@admin.register(SSHKey)
@@ -17,3 +17,21 @@ class SSHKeyAdmin(GuardedModelAdmin):
    list_filter = ("is_active", "key_type")
    search_fields = ("name", "user__username", "user__email", "fingerprint")
    ordering = ("-created_at",)
+
+
+@admin.register(SSHCertificateAuthority)
+class SSHCertificateAuthorityAdmin(admin.ModelAdmin):
+    list_display = ("name", "fingerprint", "is_active", "created_at", "revoked_at")
+    list_filter = ("is_active",)
+    search_fields = ("name", "fingerprint")
+    readonly_fields = ("created_at", "revoked_at", "fingerprint", "public_key", "private_key")
+    ordering = ("-created_at",)
+
+
+@admin.register(SSHCertificate)
+class SSHCertificateAdmin(admin.ModelAdmin):
+    list_display = ("id", "user", "key", "serial", "is_active", "valid_before", "created_at")
+    list_filter = ("is_active",)
+    search_fields = ("user__username", "user__email", "serial")
+    readonly_fields = ("created_at", "revoked_at", "certificate")
+    ordering = ("-created_at",)