gateway

package
v0.23.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 18, 2026 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

Package gateway provides services for managing Cloudflare Gateway configurations.

Index

Constants

View Source 
const (
	// ResourceTypeGatewayRule is the SyncState resource type for GatewayRule
	ResourceTypeGatewayRule = v1alpha2.SyncResourceGatewayRule
	// ResourceTypeGatewayList is the SyncState resource type for GatewayList
	ResourceTypeGatewayList = v1alpha2.SyncResourceGatewayList
	// ResourceTypeGatewayConfiguration is the SyncState resource type for GatewayConfiguration
	ResourceTypeGatewayConfiguration = v1alpha2.SyncResourceGatewayConfiguration

	// Priority constants
	PriorityGatewayRule          = 100
	PriorityGatewayList          = 100
	PriorityGatewayConfiguration = 100
)

Resource Types for SyncState

Variables

This section is empty.

Functions

This section is empty.

Types

type ActivityLogSettings 

type ActivityLogSettings struct {
	Enabled bool `json:"enabled,omitempty"`
}

ActivityLogSettings contains activity logging settings.

type AntiVirusSettings 

type AntiVirusSettings struct {
	EnabledDownloadPhase bool                  `json:"enabledDownloadPhase,omitempty"`
	EnabledUploadPhase   bool                  `json:"enabledUploadPhase,omitempty"`
	FailClosed           bool                  `json:"failClosed,omitempty"`
	NotificationSettings *NotificationSettings `json:"notificationSettings,omitempty"`
}

AntiVirusSettings contains antivirus settings.

type AuditSSHSettings 

type AuditSSHSettings struct {
	CommandLogging bool `json:"commandLogging,omitempty"`
}

AuditSSHSettings contains SSH audit settings.

type BISOAdminControls 

type BISOAdminControls struct {
	DisablePrinting          *bool `json:"disablePrinting,omitempty"`
	DisableCopyPaste         *bool `json:"disableCopyPaste,omitempty"`
	DisableDownload          *bool `json:"disableDownload,omitempty"`
	DisableUpload            *bool `json:"disableUpload,omitempty"`
	DisableKeyboard          *bool `json:"disableKeyboard,omitempty"`
	DisableClipboardRedirect *bool `json:"disableClipboardRedirect,omitempty"`
}

BISOAdminControls contains browser isolation admin controls.

type BlockPageSettings 

type BlockPageSettings struct {
	Enabled         bool   `json:"enabled,omitempty"`
	FooterText      string `json:"footerText,omitempty"`
	HeaderText      string `json:"headerText,omitempty"`
	LogoPath        string `json:"logoPath,omitempty"`
	BackgroundColor string `json:"backgroundColor,omitempty"`
}

BlockPageSettings contains block page settings.

type BodyScanningSettings 

type BodyScanningSettings struct {
	InspectionMode string `json:"inspectionMode,omitempty"`
}

BodyScanningSettings contains body scanning settings.

type BrowserIsolationSettings 

type BrowserIsolationSettings struct {
	URLBrowserIsolationEnabled bool `json:"urlBrowserIsolationEnabled,omitempty"`
	NonIdentityEnabled         bool `json:"nonIdentityEnabled,omitempty"`
}

BrowserIsolationSettings contains browser isolation settings.

type CheckSessionSettings 

type CheckSessionSettings struct {
	Enforce  bool   `json:"enforce,omitempty"`
	Duration string `json:"duration,omitempty"`
}

CheckSessionSettings contains session check settings.

type CustomCertificateSettings 

type CustomCertificateSettings struct {
	Enabled bool   `json:"enabled,omitempty"`
	ID      string `json:"id,omitempty"`
}

CustomCertificateSettings contains custom certificate settings.

type DNSResolverAddress 

type DNSResolverAddress struct {
	IP   string `json:"ip,omitempty"`
	Port int    `json:"port,omitempty"`
}

DNSResolverAddress contains a DNS resolver address.

type DNSResolverSettings 

type DNSResolverSettings struct {
	Ipv4 []DNSResolverAddress `json:"ipv4,omitempty"`
	Ipv6 []DNSResolverAddress `json:"ipv6,omitempty"`
}

DNSResolverSettings contains DNS resolver settings.

type EgressSettings 

type EgressSettings struct {
	Ipv4         string `json:"ipv4,omitempty"`
	Ipv6         string `json:"ipv6,omitempty"`
	Ipv4Fallback string `json:"ipv4Fallback,omitempty"`
}

EgressSettings contains egress settings.

type FIPSSettings 

type FIPSSettings struct {
	TLS bool `json:"tls,omitempty"`
}

FIPSSettings contains FIPS settings.

type GatewayConfigurationConfig 

type GatewayConfigurationConfig struct {
	// TLSDecrypt contains TLS decryption settings
	TLSDecrypt *TLSDecryptSettings `json:"tlsDecrypt,omitempty"`
	// ActivityLog contains activity logging settings
	ActivityLog *ActivityLogSettings `json:"activityLog,omitempty"`
	// AntiVirus contains antivirus settings
	AntiVirus *AntiVirusSettings `json:"antiVirus,omitempty"`
	// BlockPage contains block page settings
	BlockPage *BlockPageSettings `json:"blockPage,omitempty"`
	// BodyScanning contains body scanning settings
	BodyScanning *BodyScanningSettings `json:"bodyScanning,omitempty"`
	// BrowserIsolation contains browser isolation settings
	BrowserIsolation *BrowserIsolationSettings `json:"browserIsolation,omitempty"`
	// FIPS contains FIPS settings
	FIPS *FIPSSettings `json:"fips,omitempty"`
	// ProtocolDetection contains protocol detection settings
	ProtocolDetection *ProtocolDetectionSettings `json:"protocolDetection,omitempty"`
	// CustomCertificate contains custom certificate settings
	CustomCertificate *CustomCertificateSettings `json:"customCertificate,omitempty"`
}

GatewayConfigurationConfig contains the configuration for Gateway settings.

type GatewayConfigurationRegisterOptions 

type GatewayConfigurationRegisterOptions struct {
	// AccountID is the Cloudflare account ID
	AccountID string
	// Source is the K8s resource source
	Source service.Source
	// Config is the gateway configuration
	Config GatewayConfigurationConfig
	// CredentialsRef references the CloudflareCredentials resource
	CredentialsRef v1alpha2.CredentialsReference
}

GatewayConfigurationRegisterOptions contains options for registering a GatewayConfiguration.

type GatewayConfigurationService 

type GatewayConfigurationService struct {
	*service.BaseService
}

GatewayConfigurationService manages GatewayConfiguration via CloudflareSyncState.

func NewGatewayConfigurationService 

func NewGatewayConfigurationService(c client.Client) *GatewayConfigurationService

NewGatewayConfigurationService creates a new GatewayConfiguration service.

func (*GatewayConfigurationService) Register 

func (s *GatewayConfigurationService) Register(ctx context.Context, opts GatewayConfigurationRegisterOptions) error

Register registers a GatewayConfiguration with the SyncState.

func (*GatewayConfigurationService) Unregister 

func (s *GatewayConfigurationService) Unregister(ctx context.Context, accountID string, source service.Source) error

Unregister removes a GatewayConfiguration from the SyncState.

func (*GatewayConfigurationService) UpdateStatus 

func (s *GatewayConfigurationService) UpdateStatus(
	ctx context.Context,
	config *v1alpha2.GatewayConfiguration,
	result *GatewayConfigurationSyncResult,
) error

UpdateStatus updates the K8s GatewayConfiguration resource status based on sync result.

type GatewayConfigurationSyncResult 

type GatewayConfigurationSyncResult struct {
	// AccountID is the Cloudflare account ID
	AccountID string
}

GatewayConfigurationSyncResult contains GatewayConfiguration-specific sync result.

type GatewayListConfig 

type GatewayListConfig struct {
	// Name is the list name
	Name string `json:"name"`
	// Description is an optional description
	Description string `json:"description,omitempty"`
	// Type is the list type (SERIAL, URL, DOMAIN, EMAIL, IP)
	Type string `json:"type"`
	// Items is the list of items
	Items []string `json:"items,omitempty"`
}

GatewayListConfig contains the configuration for a Gateway list.

type GatewayListRegisterOptions 

type GatewayListRegisterOptions struct {
	// AccountID is the Cloudflare account ID
	AccountID string
	// ListID is the existing list ID (empty for new)
	ListID string
	// Source is the K8s resource source
	Source service.Source
	// Config is the gateway list configuration
	Config GatewayListConfig
	// CredentialsRef references the CloudflareCredentials resource
	CredentialsRef v1alpha2.CredentialsReference
}

GatewayListRegisterOptions contains options for registering a GatewayList.

type GatewayListService 

type GatewayListService struct {
	*service.BaseService
}

GatewayListService manages GatewayList configurations via CloudflareSyncState.

func NewGatewayListService 

func NewGatewayListService(c client.Client) *GatewayListService

NewGatewayListService creates a new GatewayList service.

func (*GatewayListService) Register 

func (s *GatewayListService) Register(ctx context.Context, opts GatewayListRegisterOptions) error

Register registers a GatewayList configuration with the SyncState.

func (*GatewayListService) Unregister 

func (s *GatewayListService) Unregister(ctx context.Context, listID string, source service.Source) error

Unregister removes a configuration from the SyncState.

func (*GatewayListService) UpdateListID 

func (s *GatewayListService) UpdateListID(ctx context.Context, source service.Source, listID, accountID string) error

UpdateListID updates the SyncState to use the actual list ID.

func (*GatewayListService) UpdateStatus 

func (s *GatewayListService) UpdateStatus(
	ctx context.Context,
	list *v1alpha2.GatewayList,
	result *GatewayListSyncResult,
) error

UpdateStatus updates the K8s GatewayList resource status based on sync result.

type GatewayListSyncResult 

type GatewayListSyncResult struct {
	// ListID is the Cloudflare list ID
	ListID string
	// AccountID is the Cloudflare account ID
	AccountID string
	// ItemCount is the number of items in the list
	ItemCount int
}

GatewayListSyncResult contains GatewayList-specific sync result.

type GatewayRuleConfig 

type GatewayRuleConfig struct {
	// Name is the rule name
	Name string `json:"name"`
	// Description is an optional description
	Description string `json:"description,omitempty"`
	// Filters is the list of filter configurations
	Filters []GatewayRuleFilter `json:"filters,omitempty"`
	// TrafficType determines the traffic type (http, l4, dns)
	TrafficType string `json:"trafficType,omitempty"`
	// Action is the rule action
	Action string `json:"action,omitempty"`
	// RuleSettings contains additional rule settings
	RuleSettings *GatewayRuleSettings `json:"ruleSettings,omitempty"`
	// Priority is the rule priority
	Priority int `json:"priority,omitempty"`
	// Enabled indicates if the rule is enabled
	Enabled bool `json:"enabled"`
}

GatewayRuleConfig contains the configuration for a Gateway rule.

type GatewayRuleFilter 

type GatewayRuleFilter struct {
	// Type is the filter type (e.g., http, l4, dns)
	Type string `json:"type,omitempty"`
	// Expression is the filter expression
	Expression string `json:"expression,omitempty"`
}

GatewayRuleFilter contains filter configuration.

type GatewayRuleRegisterOptions 

type GatewayRuleRegisterOptions struct {
	// AccountID is the Cloudflare account ID
	AccountID string
	// RuleID is the existing rule ID (empty for new)
	RuleID string
	// Source is the K8s resource source
	Source service.Source
	// Config is the gateway rule configuration
	Config GatewayRuleConfig
	// CredentialsRef references the CloudflareCredentials resource
	CredentialsRef v1alpha2.CredentialsReference
}

GatewayRuleRegisterOptions contains options for registering a GatewayRule.

type GatewayRuleService 

type GatewayRuleService struct {
	*service.BaseService
}

GatewayRuleService manages GatewayRule configurations via CloudflareSyncState.

func NewGatewayRuleService 

func NewGatewayRuleService(c client.Client) *GatewayRuleService

NewGatewayRuleService creates a new GatewayRule service.

func (*GatewayRuleService) Register 

func (s *GatewayRuleService) Register(ctx context.Context, opts GatewayRuleRegisterOptions) error

Register registers a GatewayRule configuration with the SyncState.

func (*GatewayRuleService) Unregister 

func (s *GatewayRuleService) Unregister(ctx context.Context, ruleID string, source service.Source) error

Unregister removes a configuration from the SyncState.

func (*GatewayRuleService) UpdateRuleID 

func (s *GatewayRuleService) UpdateRuleID(ctx context.Context, source service.Source, ruleID, accountID string) error

UpdateRuleID updates the SyncState to use the actual rule ID.

func (*GatewayRuleService) UpdateStatus 

func (s *GatewayRuleService) UpdateStatus(
	ctx context.Context,
	rule *v1alpha2.GatewayRule,
	result *GatewayRuleSyncResult,
) error

UpdateStatus updates the K8s GatewayRule resource status based on sync result.

type GatewayRuleSettings 

type GatewayRuleSettings struct {
	// BlockPageEnabled enables the block page
	BlockPageEnabled *bool `json:"blockPageEnabled,omitempty"`
	// BlockReason is the reason shown on the block page
	BlockReason string `json:"blockReason,omitempty"`
	// OverrideHost is the host to override
	OverrideHost string `json:"overrideHost,omitempty"`
	// OverrideIPs are the IPs to override
	OverrideIPs []string `json:"overrideIPs,omitempty"`
	// InsecureDisableDNSSECValidation disables DNSSEC validation
	InsecureDisableDNSSECValidation *bool `json:"insecureDisableDnssecValidation,omitempty"`
	// AddHeaders are headers to add
	AddHeaders map[string]string `json:"addHeaders,omitempty"`
	// BISOAdminControls contains browser isolation admin controls
	BISOAdminControls *BISOAdminControls `json:"bisoAdminControls,omitempty"`
	// CheckSession contains session check settings
	CheckSession *CheckSessionSettings `json:"checkSession,omitempty"`
	// L4Override contains L4 override settings
	L4Override *L4OverrideSettings `json:"l4Override,omitempty"`
	// NotificationSettings contains notification settings
	NotificationSettings *NotificationSettings `json:"notificationSettings,omitempty"`
	// PayloadLog contains payload log settings
	PayloadLog *PayloadLogSettings `json:"payloadLog,omitempty"`
	// AuditSSH contains SSH audit settings
	AuditSSH *AuditSSHSettings `json:"auditSsh,omitempty"`
	// Untrusted certificate settings
	UntrustedCert *UntrustedCertSettings `json:"untrustedCert,omitempty"`
	// Egress settings
	Egress *EgressSettings `json:"egress,omitempty"`
	// DNS resolvers
	DNSResolvers *DNSResolverSettings `json:"dnsResolvers,omitempty"`
}

GatewayRuleSettings contains additional rule settings.

type GatewayRuleSyncResult 

type GatewayRuleSyncResult struct {
	// RuleID is the Cloudflare rule ID
	RuleID string
	// AccountID is the Cloudflare account ID
	AccountID string
}

GatewayRuleSyncResult contains GatewayRule-specific sync result.

type L4OverrideSettings 

type L4OverrideSettings struct {
	IP   string `json:"ip,omitempty"`
	Port int    `json:"port,omitempty"`
}

L4OverrideSettings contains L4 override settings.

type NotificationSettings 

type NotificationSettings struct {
	Enabled    bool   `json:"enabled,omitempty"`
	Message    string `json:"message,omitempty"`
	SupportURL string `json:"supportUrl,omitempty"`
}

NotificationSettings contains notification settings.

type PayloadLogSettings 

type PayloadLogSettings struct {
	Enabled bool `json:"enabled,omitempty"`
}

PayloadLogSettings contains payload log settings.

type ProtocolDetectionSettings 

type ProtocolDetectionSettings struct {
	Enabled bool `json:"enabled,omitempty"`
}

ProtocolDetectionSettings contains protocol detection settings.

type TLSDecryptSettings 

type TLSDecryptSettings struct {
	Enabled bool `json:"enabled,omitempty"`
}

TLSDecryptSettings contains TLS decryption settings.

type UntrustedCertSettings 

type UntrustedCertSettings struct {
	Action string `json:"action,omitempty"`
}

UntrustedCertSettings contains untrusted certificate settings.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.