organization-DAFRA/Tonnage-app-IMCO
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases 25 Wiki Activity
Tonnage-app-IMCO/activator
History
Dejan b0ed6ac499 Upload files to "activator"
2026-04-30 16:52:24 +00:00
..
aactivator_x64.exe Upload files to "activator" 2026-04-30 16:52:24 +00:00
activator-force-monitor Upload files to "activator" 2026-04-20 16:29:31 +00:00
activator-force-monitor.exe Upload files to "activator" 2026-04-20 16:29:31 +00:00
docker-compose.yml added docker-compose file and Dockerfile 2026-04-23 18:40:13 +02:00
Dockerfile added docker-compose file and Dockerfile 2026-04-23 18:40:13 +02:00
go.mod added activator subfolder 2026-04-20 16:25:52 +02:00
install.sh added install script for the activator on a server 2026-04-23 17:19:32 +02:00
main.go added activator subfolder 2026-04-20 16:25:52 +02:00
README.md added activator subfolder 2026-04-20 16:25:52 +02:00
readme.md added readme.md 2026-04-20 18:01:16 +02:00

README.md

License Activation App

Small offline Go web app for generating signed licenses for the protected force_monitor application.

What this app does

  • generates Ed25519 keypairs
  • parses activation request JSON copied from the target machine
  • creates signed license JSON bound to that machine fingerprint
  • shows the public key that must be configured in the protected app

Important deployment answer

Recommended setup:

  • Run the activator on your laptop or on a secure internal office PC.
  • Run the protected app on the machine PC.
  • Do not ship the activator together with the machine app.
  • Do not place the private signing key on the customer machine.

Why

The protected machine should only contain the public key so it can verify licenses. The activator should keep the private key secret, because the private key is what creates valid licenses. If the private key is copied to the machine, anyone with access to that PC could generate licenses.

Recommended workflow

  1. Install the protected app on the target machine.
  2. Open the protected app in browser.
  3. Copy the activation request JSON from:
    • GET /api/license/request
    • or the activation page if you added one in the UI.
  4. Run this activator on your laptop: 
    go run .
  5. Open: 
    http://localhost:8090
  6. Paste the activation request JSON.
  7. Generate or load your signing key.
  8. Generate the signed license JSON.
  9. Copy that license JSON back to the target machine.
  10. Activate it in the protected app using:
    • POST /api/license/activate
    • or the protected app activation page.

First-time key setup

You only need to create the signing keypair once.

Option A — generate in the activator UI

  • Click Generate new keypair
  • Save the private key somewhere safe
  • Copy the public key into the protected app config:
license:
  public_key_base64: "PASTE_PUBLIC_KEY_HERE"

Option B — use environment variable for the private key

Set this before running the activator:

Windows PowerShell

$env:LICENSE_PRIVATE_KEY_BASE64="PASTE_PRIVATE_KEY_HERE"
go run .

Linux/macOS shell

export LICENSE_PRIVATE_KEY_BASE64="PASTE_PRIVATE_KEY_HERE"
go run .

Then the UI can generate licenses without pasting the private key each time.

Project files

  • main.go — activator web app
  • go.mod — module definition
  • README.md — usage instructions

Run

go run .

Then open:

http://localhost:8090

Optional environment variables

  • ACTIVATOR_LISTEN_ADDR — default :8090
  • ACTIVATOR_DEFAULT_PRODUCT — default force_monitor
  • LICENSE_PRIVATE_KEY_BASE64 — private signing key

Example:

$env:ACTIVATOR_LISTEN_ADDR=":8095"
$env:ACTIVATOR_DEFAULT_PRODUCT="force_monitor"
$env:LICENSE_PRIVATE_KEY_BASE64="PASTE_PRIVATE_KEY_HERE"
go run .

Practical recommendation

For your case, the safest and cleanest model is:

  • laptop/office PC = license generator / activator
  • machine PC = protected runtime app only

That way you can activate many customer machines without exposing your private signing key.