Documentation
¶
Overview ¶
Package config holds the echo server configuration utilities
Index ¶
- Variables
- func RegisterServerFlags(v *viper.Viper, flags *pflag.FlagSet) error
- type Auth
- type AuthProvider
- type CORS
- type Config
- func (c *Config) GetConfig() (*Config, error)
- func (c *Config) SetDefaults() *Config
- func (c *Config) WithAutoCert(host string) *Config
- func (c *Config) WithDebug(debug bool) *Config
- func (c *Config) WithDefaultReadTimeout(period time.Duration) *Config
- func (c Config) WithDefaultTLSConfig() Config
- func (c *Config) WithDev(dev bool) *Config
- func (c *Config) WithHTTPS(https bool) *Config
- func (c *Config) WithIdleTimeout(period time.Duration) *Config
- func (c *Config) WithListen(listen string) *Config
- func (c Config) WithMiddleware(mdw ...echo.MiddlewareFunc) Config
- func (c *Config) WithReadHeaderTimeout(period time.Duration) *Config
- func (c *Config) WithShutdownGracePeriod(period time.Duration) *Config
- func (c *Config) WithTLSCerts(certFile, certKey string) *Config
- func (c Config) WithTLSDefaults() Config
- func (c *Config) WithWriteTimeout(period time.Duration) *Config
- type ConfigProvider
- type ConfigProviderWithRefresh
- type DB
- type Server
- type TLS
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // DefaultListenAddr sets the default listen for the server DefaultListenAddr = ":17608" // DefaultShutdownGracePeriod sets the default for how long we give the sever // to shutdown before forcefully stopping the server. DefaultShutdownGracePeriod = 5 * time.Second // DefaultReadTimeout sets the default maximum duration for reading the entire request including the body. DefaultReadTimeout = 15 * time.Second // DefaultWriteTimeout sets the default maximum duration before timing out writes of the response. DefaultWriteTimeout = 15 * time.Second // DefaultIdleTimeout sets the default maximum amount of time to wait for the next request when keep-alives are enabled. DefaultIdleTimeout = 30 * time.Second // DefaultReadHeaderTimeout sets the default amount of time allowed to read request headers. DefaultReadHeaderTimeout = 2 * time.Second // DefaultConfigRefresh sets the default interval to refresh the config. DefaultConfigRefresh = 10 * time.Minute // DefaultCertFile is the default cert file location DefaultCertFile = "server.crt" // DefaultKeyFile is the default key file location DefaultKeyFile = "server.key" // DefaultTLSConfig is the default TLS config used when HTTPS is enabled DefaultTLSConfig = &tls.Config{ MinVersion: tls.VersionTLS12, CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256}, PreferServerCipherSuites: true, CipherSuites: []uint16{ tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, }, } )
Functions ¶
Types ¶
type Auth ¶
type Auth struct {
// Enabled - checks this first before reading your provider config
Enabled bool `yaml:"enabled"`
// JWTSigningKey contains a 32 byte array to sign with the HmacSha256 algorithms
JWTSigningKey []byte `yaml:"jwtSigningKey"`
// A list of auth providers. Currently enables only the first provider in the list.
Providers []AuthProvider `yaml:"providers"`
}
Auth settings including providers and the ability to enable/disable auth all together
type AuthProvider ¶
type AuthProvider struct {
// Label for the provider (optional)
Label string `yaml:"label"`
// Type of the auth provider, currently only OIDC is supported
Type string `yaml:"type"`
// OIDC .well-known/openid-configuration URL, ex. https://accounts.google.com/
ProviderURL string `yaml:"providerUrl"`
// IssuerURL is only needed when it differs from the ProviderURL (optional)
IssuerURL string `yaml:"issuerUrl"`
// ClientID of the oauth2 provider
ClientID string `yaml:"clientId"`
// ClientSecret is the private key that authenticates your integration when requesting an OAuth token (optional when using PKCE)
ClientSecret string `yaml:"clientSecret"`
// Scopes for authentication, typically [openid, profile, email]
Scopes []string `yaml:"scopes"`
// CallbackURL after a successful auth, e.g. https://localhost:8080/oauth/callback
CallbackURL string `yaml:"callbackUrl"`
// Options added as URL query params when redirecting to auth provider. Can be used to configure custom auth flows such as Auth0 invitation flow.
Options map[string]interface{} `yaml:"options"`
}
type CORS ¶
type CORS struct {
// AllowOrigins is a list of allowed origin to indicate whether the response can be shared with
// requesting code from the given origin
AllowOrigins []string `yaml:"allowOrigins"`
// CookieInsecure allows CSRF cookie to be sent to servers that the browser considers
// unsecured. Useful for cases where the connection is secured via VPN rather than
// HTTPS directly.
CookieInsecure bool `yaml:"cookieInsecure"`
}
CORS settings
type Config ¶
type Config struct {
// RefreshInterval holds often to reload the config
RefreshInterval time.Duration `yaml:"refreshInterval"`
// Server contains the echo server settings
Server Server `yaml:"server"`
// Auth contains the authentication provider(s)
Auth Auth `yaml:"auth"`
// Authz contains the authorization settings
Authz fga.Config `yaml:"authz"`
// DB contains the database configuration
DB DB `yaml:"auth"`
// Logger contains the logger used by echo functions
Logger *zap.SugaredLogger `yaml:"logger"`
}
Config contains the configuration for the datum server
func (*Config) SetDefaults ¶
SetDefaults sets default values if not already defined.
func (*Config) WithAutoCert ¶
WithAutoCert generates a letsencrypt certificate, a valid host must be provided
func (*Config) WithDefaultReadTimeout ¶
WithDefaultReadTimeout sets the maximum duration for reading the entire request including the body.
func (Config) WithDefaultTLSConfig ¶
WithDefaultTLSConfig sets the default TLS Configuration
func (*Config) WithIdleTimeout ¶
WithIdleTimeout sets the maximum amount of time to wait for the next request when keep-alives are enabled.
func (*Config) WithListen ¶
WithListen sets the listen address to serve the echo server on.
func (Config) WithMiddleware ¶
func (c Config) WithMiddleware(mdw ...echo.MiddlewareFunc) Config
WithMiddleware includes the provided middleware when echo is initialized.
func (*Config) WithReadHeaderTimeout ¶
WithReadHeaderTimeout sets the amount of time allowed to read request headers.
func (*Config) WithShutdownGracePeriod ¶
WithShutdownGracePeriod sets the grace period for in flight requests before shutting down.
func (*Config) WithTLSCerts ¶
WithTLSCerts sets the TLS Cert and Key locations
func (Config) WithTLSDefaults ¶
WithTLSDefaults sets tls default settings assuming a default cert and key file location.
type ConfigProvider ¶
type ConfigProvider interface {
// GetConfig returns the server configuration
GetConfig() (*Config, error)
}
ConfigProvider serves as a common interface to read echo server configuration
type ConfigProviderWithRefresh ¶
ConfigProviderWithRefresh shows a config provider with automatic refresh; it contains fields and methods to manage the configuration, and refresh it periodically based on a specified interval
func NewConfigProviderWithRefresh ¶
func NewConfigProviderWithRefresh(cfgProvider ConfigProvider) (*ConfigProviderWithRefresh, error)
NewConfigProviderWithRefresh function is a constructor function that creates a new instance of ConfigProviderWithRefresh
func (*ConfigProviderWithRefresh) Close ¶
func (s *ConfigProviderWithRefresh) Close()
Close function is used to stop the automatic refresh of the configuration. It stops the ticker that triggers the refresh and closes the stop channel, which signals the goroutine to stop refreshing the configuration
func (*ConfigProviderWithRefresh) GetConfig ¶
func (s *ConfigProviderWithRefresh) GetConfig() (*Config, error)
GetConfig retrieves the current echo server configuration; it acquires a read lock to ensure thread safety and returns the `config` field
type DB ¶
type DB struct {
// Debug to print debug database logs
Debug bool
// SQL Driver name from dialect.Driver
DriverName string
// MultiWrite enabled writing to two databases
MultiWrite bool
// Primary write database source (required)
PrimaryDBSource string
// Secondary write databsae source (optional)
SecondaryDBSource string
}
DB Settings
type Server ¶
type Server struct {
// Debug enables echo's Debug option.
Debug bool `yaml:"debug"`
// Dev enables echo's dev mode options.
Dev bool `yaml:"dev"`
// Listen sets the listen address to serve the echo server on.
Listen string
// ShutdownGracePeriod sets the grace period for in flight requests before shutting down.
ShutdownGracePeriod time.Duration `yaml:"shutdownGracePeriod"`
// ReadTimeout sets the maximum duration for reading the entire request including the body.
ReadTimeout time.Duration `yaml:"readTimeout"`
// WriteTimeout sets the maximum duration before timing out writes of the response.
WriteTimeout time.Duration `yaml:"writeTimeout"`
// IdleTimeout sets the maximum amount of time to wait for the next request when keep-alives are enabled.
IdleTimeout time.Duration `yaml:"idleTimeout"`
// ReadHeaderTimeout sets the amount of time allowed to read request headers.
ReadHeaderTimeout time.Duration `yaml:"readHeaderTimeout"`
// TLS contains the tls configuration settings
TLS TLS `yaml:"tls"`
// CORS contains settings to allow cross origin settings and insecure cookies
CORS CORS `yaml:"cors"`
// Routes contains the handler functions
Routes []http.Handler `yaml:"routes"`
// Middleware to enable on the echo server
Middleware []echo.MiddlewareFunc `yaml:"middleware"`
// Handler contains the required settings for REST handlers including ready checks and JWT keys
Handler handlers.Handler `yaml:"checks"`
// Token contains the token config settings
Token tokens.Config `yaml:"token"`
}
Server settings
type TLS ¶
type TLS struct {
// Config contains the tls.Config settings
Config *tls.Config `yaml:"config"`
// Enabled turns on TLS settings for the server
Enabled bool
// CertFile location for the TLS server
CertFile string
// CertKey file location for the TLS server
CertKey string
// AutoCert generates the cert with letsencrypt, this does not work on localhost
AutoCert bool
}
TLS settings
Source Files
Click to show internal directories.
Click to hide internal directories.