update LICENSE & Readme.md

2026-04-21 12:54:49 +02:00
parent c3464d7769
commit 93ef8561d6
2 changed files with 69 additions and 33 deletions
--- a/12
+++ b/12
@@ -1,8 +1,16 @@
 GNU AFFERO GENERAL PUBLIC LICENSE
 Version 3, 19 November 2007
-Copyright (C) 2026 Patrick Asmus (scriptos)
+---
-https://git.techniverse.net/scriptos/keywarden
+
 Copyright ©
 Name:    Patrick Asmus (scriptos)
 Email:   support@techniverse.net
 Website: https://www.patrick-asmus.de
 Blog:    https://www.cleveradmin.de
 ---
 Keywarden - Centralized SSH Key Management and Deployment
--- a/README.md
+++ b/README.md
@@ -1,12 +1,31 @@
-# Keywarden
+<p align="center">
  <a href="https://techniverse.net">
    <img src="https://assets.techniverse.net/f1/git/graphics/repo-techniverse-logo.png" alt="Techniverse Community" height="70" />
  </a>
 </p>
 <h1 align="center">Keywarden</h1>
 <h4 align="center">
  Self-hosted SSH key management and deployment for teams.
 </h4>
 <h6 align="center">
  <a href="https://www.cleveradmin.de">🏰 Website</a>
  ·
  <a href="https://techniverse.net">📰 Community</a>
  ·
  <a href="https://social.techniverse.net/@donnerwolke">🐘 Mastodon</a>
  ·
  <a href="https://matrix.to/#/#support:techniverse.net">💬 Support</a>
 </h6>
 <br><br>
 **Keywarden** is a self-hosted web application for centralized SSH key management and deployment. It lets you generate, store, and deploy SSH keys to Linux servers from a single web interface — with full audit logging, role-based access control, and automated temporary access scheduling.
 ![Keywarden Dashboard](assets/img/dashboard.png)
-
+## ⚠️ Alpha Software
 ## ⚠️ Alpha Software — Important Notice
 > **Keywarden is currently in alpha status.**
 >
@@ -16,32 +35,30 @@
 ---
-## Features
+## ✨ Features
- **SSH Key Management** — Generate (RSA 2048/4096, Ed25519, Ed448) or import existing keys
+| Area | What Keywarden provides |
- **Encrypted Storage** — Private keys encrypted at rest with AES-256-GCM
+|---|---|
- **Server & Group Management** — Register servers, organize into groups
+| **SSH keys** | Generate RSA 2048/4096, Ed25519, and Ed448 keys or import existing keys. |
- **Access Assignments** — Declarative access model: assign users + keys to servers with system user, sudo, and user creation
+| **Secure storage** | Store private keys encrypted at rest with AES-256-GCM. |
- **Temporary Access** — Schedule time-limited access with automatic expiry (key removal, user disable, or user deletion)
+| **Servers & groups** | Register Linux servers and organize them into manageable groups. |
- **Three-Tier Roles** — Owner, Admin, and User with distinct permissions
+| **Access assignments** | Assign users and keys to servers with system user, sudo, and user creation options. |
- **User Invitations** — Invite users via secure email links
+| **Temporary access** | Schedule time-limited access with automatic expiry actions. |
- **Key Enforcement** — Bastillion-style enforced key management: automatically detect and remove unauthorized SSH keys from servers
+| **Roles & invitations** | Manage Owner, Admin, and User roles and invite users with secure email links. |
- **Two-Factor Authentication** — TOTP-based MFA, optionally enforced for all users
+| **Enforcement** | Detect and remove unauthorized SSH keys from managed servers. |
- **Password Policies & Account Lockout** — Configurable complexity rules and brute-force protection
+| **Authentication** | Protect accounts with TOTP-based MFA, password policies, and account lockout. |
- **Audit Log** — Every action tracked with user, IP, timestamp, and details
+| **Audit & updates** | Track every action and notify admins about available updates. |
- **Update Notifications** — Automatic update check with version badge in the header for admins
+| **Backup & Docker** | Export encrypted database backups and run with a single Docker container and embedded SQLite. |
 - **Encrypted Backup/Restore** — Full database export with password-based encryption
 - **Docker-Native** — Single container with embedded SQLite, no external database required
 ---
-## Quick Start
+## 🚀 Quick Start
-### Prerequisites
+### ✅ Prerequisites
 - [Docker](https://docs.docker.com/get-docker/) and [Docker Compose](https://docs.docker.com/compose/install/)
-### 1. Clone and configure
+### 📦 1. Clone and Configure
 ```bash
 git clone https://git.techniverse.net/scriptos/keywarden.git
@@ -62,13 +79,13 @@ KEYWARDEN_ENCRYPTION_KEY=<second generated string>
 > **Important:** Change both keys to unique random strings. The encryption key protects all stored SSH private keys — if lost, they cannot be recovered. See the [Quick Start Guide](docs/quickstart.md) for more options to generate secure keys.
-### 2. Start
+### ▶️ 2. Start Keywarden
 ```bash
 docker compose up -d
 ```
-### 3. Get the initial password
+### 🔑 3. Get the Initial Password
 ```bash
 docker compose logs keywarden
@@ -85,11 +102,11 @@ Look for the auto-generated admin password in the output:
 ════════════════════════════════════════════════════════════
 ```
-### 4. Open
+### 🌐 4. Open the Web UI
 Navigate to `http://your-host:8080` and log in. You will be prompted to change the password.
-### 5. Deploy the master key
+### 🛡️ 5. Deploy the Master Key
 After login, copy the **system master key** (shown in Admin Settings and in the startup logs) and add it to the `authorized_keys` of the root user on every server you want to manage:
@@ -99,7 +116,7 @@ echo "ssh-ed25519 AAAA... keywarden-system-master" >> /root/.ssh/authorized_keys
 ---
-## Documentation
+## 📚 Documentation
 For detailed documentation, see the [docs/](docs/README.md) folder:
@@ -118,7 +135,7 @@ For detailed documentation, see the [docs/](docs/README.md) folder:
 ---
-## License
+## ⚖️ License
 Keywarden is licensed under the [GNU Affero General Public License v3.0 (AGPL-3.0-or-later)](LICENSE).
@@ -126,7 +143,7 @@ Keywarden is licensed under the [GNU Affero General Public License v3.0 (AGPL-3.
 ---
-## Community
+## 💬 Community
 Join the **Keywarden Matrix chat** to discuss the project, ask questions, or share feedback:
@@ -136,7 +153,7 @@ Join the **Keywarden Matrix chat** to discuss the project, ask questions, or sha
 ---
-## Repository & Mirror
+## 🧭 Repository & Mirror
 | | URL |
 |---|---|
@@ -147,3 +164,14 @@ Join the **Keywarden Matrix chat** to discuss the project, ask questions, or sha
 The **primary repository** is hosted on Gitea. The GitHub repository is a read-only mirror.
 **Bug reports & feature requests:** Please open an [Issue on GitHub](https://github.com/pscriptos/keywarden/issues) — registration on the Gitea instance is currently closed.
 <br><br>
 <p align="center">
  <img src="https://assets.techniverse.net/f1/git/graphics/gray0-catonline.svg" alt="">
 </p>
 <p align="center">
  <sub>
     © Patrick Asmus · Techniverse Network · <a href="./LICENSE">Lizenz</a>
  </sub>
 </p>