This package is under active development. Check the repository at DistGuard for development progress.
By default, Elixir node communication is unencrypted. DistGuard secures Elixir/Erlang node communication by automating the creation of a private, project-specific Certificate Authority (CA). Through a set of simple Mix tasks, it configures your release to use mutual TLS for all inter-node traffic, adopting a zero-trust security model by default.
DistGuard is for internal node security only. It is not a replacement for public CAs like Let's Encrypt and should not be used for client-facing HTTPS traffic.
- A
mix dist_guard.inittask for one-command project setup. - Automatic generation of a secure
openssl.cnfand management of keys/certificates. - A
Config.Providerfor seamless integration withmix release. - High-performance, secure-by-default TLS 1.3 configurations.
- Erlang/OTP 28.0.1+: This package will only support modern OTP versions.
- OpenSSL 3.0.0+:
DistGuardwill use theopensslcommand-line tool.
Once a stable version is released, you will be able to install the package by adding dist_guard to your list of dependencies in mix.exs:
def deps do
[
{:dist_guard, "~> 0.1.0"}
]
endDocumentation can be found at https://hexdocs.pm/dist_guard.