Documentation
¶
Index ¶
Constants ¶
const ( MinConnectInterval = 5 * time.Second MaxConnectInterval = 300 * time.Second // Smux configuration for tunnel connections SmuxKeepAliveInterval = 10 * time.Second SmuxKeepAliveTimeout = 30 * time.Second SmuxMaxFrameSize = 32768 // 32KB SmuxMaxReceiveBuffer = 4194304 // 4MB SmuxMaxStreamBuffer = 65536 // 64KB per stream // Pool configuration defaults DefaultPoolMaxWorkers = 20 DefaultPoolQueueSize = 200 DefaultPoolDefaultTimeout = 3600 // 1 hour; safety net for handler-level timeouts // Command signature verification defaults. // Hardcoded intentionally: mode transitions (monitor → enforce) should be // deployed fleet-wide via code release, not per-server config changes. DefaultAIServerURL = "https://alpacon.ai" DefaultSigningMode = "monitor" // change to "enforce" when ready DefaultKeyRefreshSecs = 3600 // 1 hour // Pool configuration limits for warnings MaxReasonableWorkers = 1000 MaxReasonableQueueSize = 10000 MaxReasonableTimeoutSeconds = 3600 // Editor configuration defaults DefaultEditorIdleTimeout = 60 // minutes )
Variables ¶
This section is empty.
Functions ¶
func GetSmuxConfig ¶
GetSmuxConfig returns optimized smux configuration for tunnel connections.
func InitSettings ¶
func InitSettings(settings Settings)
func ReadSSL ¶ added in v2.3.0
ReadSSL reads the [ssl] section (verify, ca_cert) from path. Best-effort: a missing file/section/key yields the secure default verify=true and no CA, so callers can use it as a sane TLS baseline. Recovery paths (unregister, register --force) use it so the DELETE to a server speaks that server's own TLS settings rather than whatever flags the current invocation defaulted to.
func RenderConf ¶ added in v2.3.0
func RenderConf(s ServerConfig, sslVerify bool, caCertPath string) (string, error)
RenderConf produces the alpamon.conf body for the given server identity and SSL settings. It is the single source of truth for the on-disk config format, shared by register and migrate so the two cannot drift.
Types ¶
type Config ¶
type Config struct {
Server ServerConfig `ini:"server"`
SSL struct {
Verify bool `ini:"verify"`
CaCert string `ini:"ca_cert"`
} `ini:"ssl"`
Logging struct {
Debug bool `ini:"debug"`
} `ini:"logging"`
Pool struct {
MaxWorkers int `ini:"max_workers"`
QueueSize int `ini:"queue_size"`
DefaultTimeout *int `ini:"default_timeout"`
} `ini:"pool"`
Editor struct {
IdleTimeout *int `ini:"idle_timeout"`
} `ini:"editor"`
File struct {
MaxDownloadBytes int64 `ini:"max_download_bytes"`
} `ini:"file"`
}
type ServerConfig ¶ added in v2.3.0
ServerConfig is the [server] section of alpamon.conf: the identity and credentials an already-registered agent uses to authenticate back to Alpacon. It is embedded in Config so the on-disk schema is declared exactly once.
func ReadServer ¶ added in v2.3.0
func ReadServer(path string) (*ServerConfig, error)
ReadServer parses path as INI and returns the [server] url/id/key. Unlike LoadConfig it returns a normal error (no log.Fatal) so callers on recovery paths (migrate, unregister) can degrade gracefully—e.g. treat a missing or malformed config as "nothing to clean up".
type Settings ¶
type Settings struct {
ServerURL string
WSPath string
ControlWSPath string
UseSSL bool
CaCert string // CA certificate file path
SSLVerify bool
SSLOpt map[string]interface{}
HTTPThreads int
ID string
Key string
PoolMaxWorkers int // Maximum number of workers in the global worker pool
PoolQueueSize int // Size of the job queue for the global worker pool
PoolDefaultTimeout int // Default timeout in seconds for pool tasks (0 = no timeout)
EditorIdleTimeout int // Editor idle timeout in minutes (0 = no timeout)
MaxDownloadBytes int64 // Cap for URL download payloads in bytes (0 = unlimited)
// Command signature verification (hardcoded, not configurable via INI)
AIServerURL string // AI server URL for public key fetch
SigningMode string // "monitor" (warn only) or "enforce" (reject unsigned)
KeyRefreshSecs int // Public key cache TTL in seconds
}
var (
GlobalSettings Settings
)