Documentation
¶
Index ¶
- Constants
- func VCLRequiredMacros() []string
- type AuthData
- type CacheNode
- type CacheNodeConfig
- type CacheNodeListItem
- type CreateServiceVersionForm
- type CreateServiceVersionOrigin
- type DashboardData
- type Domain
- type DomainString
- type IPNetworkListItem
- type InputOrigin
- type InputServiceVersion
- type L4LBNode
- type L4LBNodeConfig
- type L4LBNodeListItem
- type NewOrgClientCredential
- type Node
- type NodeGroup
- type Org
- type OrgClientCredential
- type OrgClientCredentialSafe
- type OrgClientRegistrationTokenReEncryptResult
- type OrgListItem
- type OrgWithServices
- type Origin
- type OriginGroup
- type Role
- type Service
- type ServiceConnectivity
- type ServiceVersion
- type ServiceVersionCloneData
- type ServiceVersionConfig
- type ServiceVersionVCL
- type ServiceVersionWithConfig
- type ServiceWithVersions
- type UserEditData
- type UserListItem
Constants ¶
View Source
const ( // VCLMacroPrefix is the prefix used for VCL macro comments that mark // system-generated content injection points. VCLMacroPrefix = "#SUNET-CDN-MANAGER " // VCLTemplateMaxSize is the maximum size of a VCL template in bytes (1MB). VCLTemplateMaxSize = 1048576 )
View Source
const ( VCLMacroPreamble = "preamble" VCLMacroRecv = "vcl_recv" VCLMacroPipe = "vcl_pipe" VCLMacroPass = "vcl_pass" VCLMacroHash = "vcl_hash" VCLMacroPurge = "vcl_purge" VCLMacroMiss = "vcl_miss" VCLMacroHit = "vcl_hit" VCLMacroDeliver = "vcl_deliver" VCLMacroSynth = "vcl_synth" VCLMacroBackendFetch = "vcl_backend_fetch" VCLMacroBackendResponse = "vcl_backend_response" VCLMacroBackendError = "vcl_backend_error" )
VCL macro name constants.
View Source
const DefaultVCLTemplate = `` /* 647-byte string literal not displayed */
DefaultVCLTemplate is the minimal valid VCL template containing all required macros. It is used as the starting point for new service versions.
View Source
const KeycloakAuthProvider = "keycloak"
KeycloakAuthProvider is the auth provider name for users authenticated via Keycloak/OIDC.
View Source
const LocalAuthProvider = "local"
LocalAuthProvider is the auth provider name for users with local (password-based) authentication, as opposed to external providers like Keycloak/OIDC.
View Source
const OrgNotSelected = "-- not selected --"
Organization names must be a valid DNS label so this is can not collide with a real name.
Variables ¶
This section is empty.
Functions ¶
func VCLRequiredMacros ¶ added in v0.0.36
func VCLRequiredMacros() []string
VCLRequiredMacros returns a copy of the required macro names list.
Types ¶
type AuthData ¶
type AuthData struct {
Username *string
UserID *pgtype.UUID
OrgID *pgtype.UUID
OrgName *string
Superuser bool
RoleID pgtype.UUID
RoleName string
}
AuthData represents authentication data for a given user or org client credential. The Username and UserID fields are only set for users, not org client credentials and OrgID/OrgName may be unset for users not currently members of an organization.
type CacheNodeConfig ¶
type CacheNodeConfig struct {
CacheNode CacheNode `json:"cache_node"`
IPNetworks []netip.Prefix `json:"ip_networks"`
L4LBNodes []L4LBNode `json:"l4lb_nodes"`
Orgs map[string]OrgWithServices `json:"orgs"`
}
CacheNodeConfig is a nested struct containing complete config for a cache node optimized for easy iteration over the contents and minimal duplication of fields.
Map key is string rather than pgtype.UUID to support JSON marshalling. Trying to use pgtype.UUID directly as a map key leads to "json: unsupported type: map[pgtype.UUID]string" because pgtype.UUID does not implement encoding.TextMarshaler as expected by encoding/json.
type CacheNodeListItem ¶ added in v0.0.30
type CreateServiceVersionForm ¶ added in v0.0.21
type CreateServiceVersionForm struct {
VCLTemplate string `schema:"vcl_template" validate:"min=1,max=1048576"`
Domains []DomainString `schema:"domains" validate:"dive,min=1,max=253"`
Origins []CreateServiceVersionOrigin `schema:"origins" validate:"min=1,dive"`
}
type CreateServiceVersionOrigin ¶ added in v0.0.21
type CreateServiceVersionOrigin struct {
OriginGroup string `schema:"origin-group" validate:"gte=1,min=1,max=63"`
OriginHost string `schema:"host" validate:"gte=1,min=1,max=253"`
OriginPort int `schema:"port" validate:"gte=1,min=1,max=65535"`
OriginTLS bool `schema:"tls"`
OriginVerifyTLS bool `schema:"verify-tls"`
}
type DashboardData ¶ added in v0.0.25
type DomainString ¶
type DomainString string
func (DomainString) String ¶
func (ds DomainString) String() string
type IPNetworkListItem ¶ added in v0.0.38
type InputOrigin ¶
type InputServiceVersion ¶
type InputServiceVersion struct {
ServiceVersion
VCLTemplate string `json:"vcl_template" doc:"The VCL template content" validate:"min=1,max=1048576"`
Domains []DomainString `json:"domains" doc:"The domains used by the VCL" validate:"min=1"`
Origins []Origin `json:"origins" doc:"The origins used by the VCL" validate:"min=1"`
}
What data is expected when handling a request to add a service version
type L4LBNodeConfig ¶
type L4LBNodeConfig struct {
L4LBNode L4LBNode `json:"l4lb_node"`
IPNetworks []netip.Prefix `json:"ip_networks"`
Services []ServiceConnectivity `json:"service_ip_info"`
CacheNodes []CacheNode `json:"cache_nodes"`
}
type L4LBNodeListItem ¶ added in v0.0.30
type NewOrgClientCredential ¶ added in v0.0.21
type NewOrgClientCredential struct {
OrgClientCredentialSafe
ClientSecret string `json:"client_secret" doc:"client secret generated by Keycloak, only displayed once at creation time"` // #nosec G117 -- Is expected to be returned to client
}
NewOrgClientCredential is returned when creating new client creds and this is because the client secret is not stored in the database (only in keycloak), so it is only available at creation time for displaying once to the requesting client. The data we have in the database lives in OrgClientCredential instead.
type Node ¶ added in v0.0.17
type Node struct {
ID pgtype.UUID `json:"id" doc:"ID of the node"`
Name string `json:"name" doc:"Name of the node"`
Description string `json:"description" doc:"some identifying info for the node" minLength:"1" maxLength:"100" `
Addresses []netip.Addr `json:"addresses,omitempty" doc:"The IPv4 and IPv6 addresses of the node"`
Maintenance bool `json:"maintenance" doc:"If the node is currently in maintenance mode"`
}
type Org ¶
type Org struct {
ID pgtype.UUID `json:"id" doc:"ID of organization, UUIDv4"`
Name string `json:"name" example:"my-org" doc:"name of organization"`
ServiceQuota int64 `json:"service_quota" example:"1" doc:"maximum number of services allowed"`
DomainQuota int64 `json:"domain_quota" example:"5" doc:"maximum number of domains allowed"`
ClientTokenQuota int64 `json:"client_token_quota" example:"10" doc:"maximum number of client tokens allowed"`
}
Types that can be shared across the other packages
type OrgClientCredential ¶ added in v0.0.21
type OrgClientCredential struct {
OrgClientCredentialSafe
CryptRegistrationAccessToken []byte `json:"crypt_registration_access_token"`
}
OrgClientCredential maps directly to the fields in the database and contains fields that can not be shared directly with users.
type OrgClientCredentialSafe ¶ added in v0.0.21
type OrgClientCredentialSafe struct {
ID pgtype.UUID `json:"id" doc:"ID of organization client token, UUIDv4"`
Name string `json:"name" example:"credential-1" doc:"name of client credential"`
OrgID pgtype.UUID `json:"org_id" doc:"ID of related organization"`
ClientID string `json:"client_id" doc:"client_id of client credential"`
Description string `json:"description" doc:"Description for client token"`
}
OrgClientCredentialSafe contains the fields we can share with users via e.g. the API
type OrgClientRegistrationTokenReEncryptResult ¶ added in v0.0.27
type OrgClientRegistrationTokenReEncryptResult struct {
TotalTokens int64 `json:"total_tokens" doc:"total number of org client registration tokens that was inspected"`
UpdatedTokens int64 `json:"updated_tokens" doc:"number of org client registration tokens that was re-encrypted"`
SkippedTokens int64 `json:"skipped_tokens" doc:"number of org client registration tokens that was already up to date"`
FailedTokens int64 `json:"failed_tokens" doc:"number of org client registration tokens that failed to be re-encrypted"`
Duration time.Duration `json:"duration" doc:"the amount of time it took to perform the operation"`
}
OrgClientRegistrationTokenReEncryptResult is returned when requesting re-encryption of all org client registration tokens
type OrgListItem ¶ added in v0.0.30
type OrgWithServices ¶
type OrgWithServices struct {
ID pgtype.UUID `json:"id"`
Services map[string]ServiceWithVersions `json:"services"`
}
type OriginGroup ¶
type Service ¶
type Service struct {
ID pgtype.UUID `json:"id" doc:"ID of service"`
Name string `json:"name" example:"my-service" doc:"name of service"`
OrgID pgtype.UUID `json:"org_id" doc:"ID of related organization"`
OrgName string `json:"org_name" doc:"Name of related organization"`
UIDRangeFirst int64 `json:"uid_range_first" doc:"First process UID allocated to this service" db:"uid_range_first"`
UIDRangeEnd int64 `json:"uid_range_last" doc:"Last UID allocated to this service" db:"uid_range_last"`
}
type ServiceConnectivity ¶
type ServiceVersion ¶
type ServiceVersion struct {
ID pgtype.UUID `json:"id" doc:"ID of the service version"`
ServiceID pgtype.UUID `json:"service_id" doc:"ID of related service"`
ServiceName string `json:"service_name" doc:"Name of related service"`
OrgID pgtype.UUID `json:"org_id" doc:"ID of related organization"`
OrgName string `json:"org_name" doc:"Name of related organization"`
Version int64 `json:"version" example:"1" doc:"Version of the service"`
Active bool `json:"active" example:"true" doc:"If the version is active"`
}
type ServiceVersionCloneData ¶
type ServiceVersionCloneData struct {
VCLTemplate string `json:"vcl_template" doc:"The VCL template content"`
Domains []DomainString `json:"domains" doc:"The domains used by the VCL" validate:"min=1"`
Origins []Origin `json:"origins" doc:"The origins used by the VCL" validate:"min=1"`
}
type ServiceVersionConfig ¶
type ServiceVersionConfig struct {
ServiceVersion
VCLTemplate string `json:"vcl_template" doc:"The VCL template content"`
ServiceIPAddresses []netip.Addr `json:"service_ip_addresses" doc:"The IP (v4 and v6) addresses allocated to the service" validate:"min=2"`
Domains []DomainString `json:"domains" doc:"The domains used by the VCL" validate:"min=1"`
OriginGroups []OriginGroup `json:"origin_groups" doc:"The available origin groups" validate:"min=1"`
Origins []Origin `json:"origins" doc:"The origins used by the VCL" validate:"min=1"`
}
A combined type of all related data for a service version
type ServiceVersionVCL ¶
type ServiceVersionVCL struct {
ServiceVersion
VCL string `json:"vcl" example:"varnish vcl" doc:"VCL content"`
}
type ServiceVersionWithConfig ¶
type ServiceVersionWithConfig struct {
ID pgtype.UUID `json:"id"`
Version int64 `json:"version" example:"1" doc:"Version of the service"`
Active bool `json:"active" example:"true" doc:"If the version is active"`
VCL string `json:"vcl"`
TLS bool `json:"tls" example:"true" doc:"If at least one origin has TLS enabled which means we require certificates"`
Domains []DomainString `json:"domains" doc:"FQDNs that the service is listening on"`
HAProxyConfig string `json:"haproxy_config"`
}
type ServiceWithVersions ¶
type UserEditData ¶ added in v0.0.30
type UserEditData struct {
ID pgtype.UUID
DisplayName string
RoleName string
OrgName *string
AuthProvider string // "local" or "keycloak"
}
UserEditData is a composite type for the console edit form, enriching the base user fields with resolved names and auth provider info.
Source Files
Click to show internal directories.
Click to hide internal directories.