config

package
v1.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2026 License: MIT Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MinServers = 1
	MaxServers = 10
)
View Source 
const (
	// DefaultHeartbeatInterval is the default interval between heartbeat messages
	// Used by both client and server
	DefaultHeartbeatInterval = 10 * time.Second

	// DefaultHealthTimeout is the default timeout for determining connection health
	// based on received heartbeats. Must be greater than HeartbeatInterval.
	// Used by both client and server
	DefaultHealthTimeout = 30 * time.Second

	// DefaultMaxIdleTimeout is the default QUIC connection idle timeout
	DefaultMaxIdleTimeout = 5 * time.Minute

	// DefaultReadBufferSize is the default size for UDP read buffers (max UDP packet size)
	DefaultReadBufferSize = 65535

	// DefaultDatagramBufferSize is the default size for QUIC datagram buffers
	DefaultDatagramBufferSize = 1200

	// DefaultLoadBalancer is the default load balancing algorithm
	DefaultLoadBalancer = "least-connections"
)

Default timeout and interval values

View Source 
const (
	EnvPrefix = "QMUX_"
)

Variables

View Source 
var DefaultCapabilities = []string{"tcp", "udp"}

DefaultCapabilities lists the default supported protocols

Functions

func GenerateClientID added in v1.0.4 

func GenerateClientID() string

GenerateClientID generates a new UUID for use as a client identifier. This is useful for K8s deployments where multiple pods share the same ConfigMap.

func LoadConfig 

func LoadConfig[T any](path string) (*T, error)

LoadConfig reads a YAML configuration file and unmarshals it into the specified type. T must be a struct type that can be unmarshaled from YAML.

func ValidateAddress 

func ValidateAddress(addr string) error

ValidateAddress validates that an address is in valid host:port format. Returns an error if the address is invalid.

Types

type Client 

type Client struct {
	ClientID          string        `yaml:"client_id"`
	Server            ClientServer  `yaml:"server"`
	Local             LocalService  `yaml:"local"`
	Quic              Quic          `yaml:"quic"`
	TLS               ClientTLS     `yaml:"tls"`
	UDP               UDPConfig     `yaml:"udp"`
	HeartbeatInterval time.Duration `yaml:"heartbeat_interval"` // Heartbeat interval, default 30s
	HealthTimeout     time.Duration `yaml:"health_timeout"`     // Health timeout for received heartbeats, default 90s
}

func LoadClientConfig 

func LoadClientConfig(path string) (*Client, error)

LoadClientConfig reads a client YAML configuration file, validates it, and applies deduplication for multi-server configurations.

func (*Client) ApplyDefaults added in v1.0.4 

func (c *Client) ApplyDefaults()

ApplyDefaults applies default values to zero-value fields. It calls EnsureClientID() and sets HeartbeatInterval and HealthTimeout if not specified.

func (*Client) EnsureClientID added in v1.0.3 

func (c *Client) EnsureClientID()

EnsureClientID generates a UUID for ClientID if it is empty. This is useful for K8s deployments where multiple pods share the same ConfigMap.

func (*Client) Validate added in v1.1.0 

func (c *Client) Validate() error

Validate validates the client configuration. It checks that HealthTimeout is greater than HeartbeatInterval.

type ClientServer 

type ClientServer struct {
	Servers []ServerEndpoint `yaml:"servers"`
}

func (*ClientServer) DeduplicateServers 

func (cs *ClientServer) DeduplicateServers() ([]ServerEndpoint, bool)

DeduplicateServers removes duplicate server addresses from the configuration. It returns the deduplicated list and a boolean indicating if duplicates were found.

func (*ClientServer) GetServers 

func (cs *ClientServer) GetServers() []ServerEndpoint

GetServers returns all configured server endpoints.

func (*ClientServer) Validate 

func (cs *ClientServer) Validate() error

Validate validates the ClientServer configuration. It checks server count, address format, and deduplicates servers.

func (*ClientServer) ValidateAndDeduplicate 

func (cs *ClientServer) ValidateAndDeduplicate() (bool, error)

ValidateAndDeduplicate validates the configuration and deduplicates servers. It updates the Servers field with deduplicated values if duplicates are found. Returns an error if validation fails, and a boolean indicating if duplicates were removed.

type ClientTLS 

type ClientTLS struct {
	CACertFile     string `yaml:"ca_cert_file"`
	ClientCertFile string `yaml:"client_cert_file"`
	ClientKeyFile  string `yaml:"client_key_file"`

	// Loaded certificates (not from YAML)
	CACertPool *x509.CertPool  `yaml:"-"`
	ClientCert tls.Certificate `yaml:"-"`
}

func (*ClientTLS) LoadCertificates 

func (t *ClientTLS) LoadCertificates() error

LoadCertificates loads TLS certificates from files

type Listen 

type Listen struct {
	IP   string `mapstructure:"ip"`
	Port int    `mapstructure:"port"`
}

func (Listen) GetIP 

func (l Listen) GetIP() (net.IP, error)

type LocalService 

type LocalService struct {
	Host string `yaml:"host"` // localhost or 127.0.0.1
	Port int    `yaml:"port"` // local service port
}

type Quic 

type Quic struct {
	InitialStreamReceiveWindow     uint64
	MaxStreamReceiveWindow         uint64
	InitialConnectionReceiveWindow uint64
	MaxConnectionReceiveWindow     uint64
	MaxIncomingStreams             int64
	KeepAlivePeriod                time.Duration
	HandshakeIdleTimeout           time.Duration
	MaxIdleTimeout                 time.Duration
	Allow0RTT                      bool
}

func (Quic) GetConfig 

func (q Quic) GetConfig() *quic.Config

type QuicListener 

type QuicListener struct {
	QuicAddr    string `yaml:"quic_addr"`    // Address for QUIC control connections (e.g., "0.0.0.0:8443")
	TrafficAddr string `yaml:"traffic_addr"` // Address for forwarded traffic (e.g., "0.0.0.0:8080")
	Protocol    string `yaml:"protocol"`     // "tcp", "udp", or "both"
	Quic        `yaml:",inline"`
	UDP         UDPConfig `yaml:"udp"` // UDP-specific configuration
}

type Server 

type Server struct {
	Listeners []QuicListener `yaml:"listeners"`
	Auth      ServerAuth     `yaml:"auth"`
	TLS       ServerTLS      `yaml:"tls"`

	// Load balancer algorithm: "least-connections" (default) or "round-robin"
	LoadBalancer string `yaml:"load_balancer"`

	// Heartbeat configuration
	HeartbeatInterval time.Duration `yaml:"heartbeat_interval"` // Interval between server heartbeats to clients, default 10s
	HealthTimeout     time.Duration `yaml:"health_timeout"`     // Time without heartbeat before marking unhealthy, default 30s
}

func LoadServerConfig added in v1.0.7 

func LoadServerConfig(path string) (*Server, error)

LoadServerConfig reads a server YAML configuration file and applies defaults.

func (*Server) ApplyDefaults added in v1.0.4 

func (s *Server) ApplyDefaults()

ApplyDefaults applies default values to zero-value fields. It sets HeartbeatInterval and HealthTimeout if not specified.

type ServerAuth 

type ServerAuth struct {
	Method     string `yaml:"method"`       // "mtls", "token", etc.
	CACertFile string `yaml:"ca_cert_file"` // Path to CA certificate file (for mTLS)
	Token      string `yaml:"token"`        // Token for challenge-response auth

	// Loaded certificate (not from YAML)
	CACertPool *x509.CertPool `yaml:"-"`
}

func (*ServerAuth) CreateAuthenticator added in v1.0.5 

func (a *ServerAuth) CreateAuthenticator() (auth.Auth, error)

CreateAuthenticator creates and returns the appropriate authenticator based on the configured method. For mTLS (or empty method): loads the CA certificate and creates an mTLS authenticator. For token method: creates a challenge-response authenticator with the configured token. Returns an error if authenticator creation fails.

func (*ServerAuth) LoadCACertificate added in v1.0.5 

func (a *ServerAuth) LoadCACertificate() error

LoadCACertificate loads the CA certificate from file into the CACertPool

func (*ServerAuth) Validate added in v1.0.5 

func (a *ServerAuth) Validate() error

Validate validates the auth configuration based on the selected method. It defaults to "mtls" when Method is empty. For mTLS: requires non-empty CACertFile. For token: requires non-empty token with minimum 16 bytes length. Returns an error for unknown auth methods.

type ServerEndpoint 

type ServerEndpoint struct {
	Address    string `yaml:"address"`     // host:port
	ServerName string `yaml:"server_name"` // TLS server name for verification
}

ServerEndpoint represents a single server endpoint

type ServerTLS 

type ServerTLS struct {
	ServerCertFile string `yaml:"server_cert_file"`
	ServerKeyFile  string `yaml:"server_key_file"`

	// Rotation interval for session ticket encryption keys.
	// Recommended: 24h for production, 0 to disable rotation.
	// Keys are rotated periodically to limit the exposure window if compromised.
	SessionTicketEncryptionKeyRotationInterval time.Duration `yaml:"session_ticket_encryption_key_rotation_interval"`

	// Number of keys to maintain during rotation (current + old keys).
	// Recommended: 2-3 for smooth rotation, default: 2 if not specified.
	// Higher values allow clients with older tickets to still resume sessions.
	SessionTicketEncryptionKeyRotationOverlap uint8 `yaml:"session_ticket_encryption_key_rotation_overlap"`

	// Loaded certificate (not from YAML)
	ServerCert tls.Certificate `yaml:"-"`
}

func (*ServerTLS) LoadCertificates 

func (t *ServerTLS) LoadCertificates() error

LoadCertificates loads server TLS certificate and key from files

type UDPConfig added in v1.0.5 

type UDPConfig struct {
	// EnableFragmentation enables automatic fragmentation of large UDP packets.
	// When enabled, packets larger than ~1196 bytes will be split into multiple
	// QUIC datagrams and reassembled on the other side.
	// Default: true
	EnableFragmentation *bool `yaml:"enable_fragmentation"`

	// FragmentAssemblerShards is the number of shards for the fragment assembler.
	// Higher values reduce lock contention but use more memory.
	// Default: 16
	FragmentAssemblerShards int `yaml:"fragment_assembler_shards"`

	// EnableBufferPooling enables buffer pooling for UDP operations.
	// Default: true
	EnableBufferPooling *bool `yaml:"enable_buffer_pooling"`

	// ReadBufferSize is the size of the UDP read buffer in bytes.
	// This should be large enough to receive any UDP packet.
	// Default: 65535 (maximum UDP packet size)
	ReadBufferSize int `yaml:"read_buffer_size"`

	// DatagramBufferSize is the size of QUIC datagram buffers in bytes.
	// This is typically set to the QUIC max datagram size.
	// Default: 1200
	DatagramBufferSize int `yaml:"datagram_buffer_size"`
}

UDPConfig contains UDP-specific configuration

func (*UDPConfig) GetDatagramBufferSize added in v1.0.7 

func (u *UDPConfig) GetDatagramBufferSize() int

GetDatagramBufferSize returns the configured datagram buffer size or default

func (*UDPConfig) GetFragmentAssemblerShards added in v1.0.5 

func (u *UDPConfig) GetFragmentAssemblerShards() int

GetFragmentAssemblerShards returns the configured shard count or default

func (*UDPConfig) GetFragmentBufferSize added in v1.0.7 

func (u *UDPConfig) GetFragmentBufferSize() int

GetFragmentBufferSize returns the fragment buffer size calculated from datagram size. Fragment buffer = datagram size - 9 bytes (fragment header)

func (*UDPConfig) GetReadBufferSize added in v1.0.5 

func (u *UDPConfig) GetReadBufferSize() int

GetReadBufferSize returns the configured read buffer size or default

func (*UDPConfig) IsBufferPoolingEnabled added in v1.0.5 

func (u *UDPConfig) IsBufferPoolingEnabled() bool

IsBufferPoolingEnabled returns whether buffer pooling is enabled

func (*UDPConfig) IsFragmentationEnabled added in v1.0.5 

func (u *UDPConfig) IsFragmentationEnabled() bool

IsFragmentationEnabled returns whether UDP fragmentation is enabled. Defaults to true if not explicitly set.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.