config

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2026 License: MIT Imports: 6 Imported by: 0

Documentation

Overview

Package config loads and validates ditto.yaml configuration.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config 

type Config struct {
	Source Source `mapstructure:"source"`
	Dump   Dump   `mapstructure:"dump"`

	CopyTTLSeconds int          `mapstructure:"copy_ttl_seconds"`
	PortPoolStart  int          `mapstructure:"port_pool_start"`
	PortPoolEnd    int          `mapstructure:"port_pool_end"`
	WarmPoolSize   int          `mapstructure:"warm_pool_size"` // 0 = disabled (default)
	CopyImage      string       `mapstructure:"copy_image"`     // optional Docker image override
	DockerHost     string       `mapstructure:"docker_host"`    // optional Docker-compatible daemon host override
	Server         ServerConfig `mapstructure:"server"`
	Obfuscation    Obfuscation  `mapstructure:"obfuscation"`
}

Config is the top-level configuration structure, mirroring ditto.yaml.

func Load 

func Load(path string) (*Config, error)

Load reads and validates the config file at path. Environment variables with the prefix DITTO_ override config file values (e.g. DITTO_SOURCE_HOST overrides source.host, DITTO_SOURCE_URL overrides source.url).

type Dump 

type Dump struct {
	Schedule       string        `mapstructure:"schedule"`
	Path           string        `mapstructure:"path"`
	SchemaPath     string        `mapstructure:"schema_path"`     // optional: path for a schema-only (DDL) dump; empty = disabled
	StaleThreshold int           `mapstructure:"stale_threshold"` // seconds
	ClientImage    string        `mapstructure:"client_image"`    // optional helper image override for dump operations
	OnFailure      DumpOnFailure `mapstructure:"on_failure"`
}

Dump controls the dump scheduler.

type DumpOnFailure added in v0.2.0 

type DumpOnFailure struct {
	WebhookURL string `mapstructure:"webhook_url"` // HTTP endpoint to POST a JSON failure payload
	Exec       string `mapstructure:"exec"`        // shell command to run on failure
}

DumpOnFailure configures an alert sent when a scheduled dump fails. Either WebhookURL or Exec may be set; WebhookURL takes precedence.

type Obfuscation 

type Obfuscation struct {
	Rules []ObfuscationRule `mapstructure:"rules"`
}

Obfuscation holds post-restore PII scrubbing rules applied to every copy.

type ObfuscationRule 

type ObfuscationRule struct {
	Table    string `mapstructure:"table"`
	Column   string `mapstructure:"column"`
	Strategy string `mapstructure:"strategy"`  // nullify | redact | mask | hash | replace
	With     string `mapstructure:"with"`      // redact: replacement text (default "[redacted]")
	MaskChar string `mapstructure:"mask_char"` // mask: character to use (default "*")
	KeepLast int    `mapstructure:"keep_last"` // mask: preserve trailing N characters
	Type     string `mapstructure:"type"`      // replace: data type — email | name | phone | ip | url | uuid
	WarnOnly bool   `mapstructure:"warn_only"` // if true, 0-row updates emit a warning instead of an error
}

ObfuscationRule describes how a single table column should be scrubbed. Strategies: nullify, redact, mask, hash, replace.

type ServerAuthConfig added in v0.2.0 

type ServerAuthConfig struct {
	StaticToken string `mapstructure:"static_token"` // secret reference: env:VAR, file:/path, or literal
	Issuer      string `mapstructure:"issuer"`
	Audience    string `mapstructure:"audience"`
	JWKSURL     string `mapstructure:"jwks_url"`
	AdminClaim  string `mapstructure:"admin_claim"`
	AdminValue  string `mapstructure:"admin_value"`
}

ServerAuthConfig holds authentication settings for ditto host. Either StaticToken (simple shared secret) or OIDC fields must be set. StaticToken is for evaluation and single-operator use; prefer OIDC in production.

type ServerConfig 

type ServerConfig struct {
	Enabled          bool             `mapstructure:"enabled"`
	Addr             string           `mapstructure:"addr"`               // listen address, default ":8080"
	AdvertiseHost    string           `mapstructure:"advertise_host"`     // host/DNS name returned in remote DSNs
	DBBindHost       string           `mapstructure:"db_bind_host"`       // host interface used for published DB ports
	CopySecretSecret string           `mapstructure:"copy_secret_secret"` // secret reference used to derive per-copy credentials
	Auth             ServerAuthConfig `mapstructure:"auth"`
	DBTLS            ServerDBTLS      `mapstructure:"db_tls"`
}

ServerConfig holds shared-host listener and authentication settings for ditto host.

type ServerDBTLS added in v0.2.0 

type ServerDBTLS struct {
	CertFile string `mapstructure:"cert_file"`
	KeyFile  string `mapstructure:"key_file"`
}

ServerDBTLS holds the TLS certificate material mounted into remote copy containers.

type Source 

type Source struct {
	URL            string `mapstructure:"url"` // DSN alternative to individual fields
	Engine         string `mapstructure:"engine"`
	Host           string `mapstructure:"host"`
	Port           int    `mapstructure:"port"`
	Database       string `mapstructure:"database"`
	User           string `mapstructure:"user"`
	Password       string `mapstructure:"password"`        // plain password (dev only)
	PasswordSecret string `mapstructure:"password_secret"` // secret reference: env:VAR, file:/path, or arn:aws:...
}

Source holds connection parameters for the RDS source database.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.