Documentation
¶
Overview ¶
Package config holds the echo server configuration utilities
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // DefaultConfigRefresh sets the default interval to refresh the config. DefaultConfigRefresh = 10 * time.Minute // DefaultTLSConfig is the default TLS config used when HTTPS is enabled DefaultTLSConfig = &tls.Config{ MinVersion: tls.VersionTLS12, CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256}, PreferServerCipherSuites: true, CipherSuites: []uint16{ tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, }, } )
Functions ¶
This section is empty.
Types ¶
type Auth ¶
type Auth struct {
// Enabled - checks this first before reading your provider config
Enabled bool `yaml:"enabled" split_words:"true" default:"true"`
// A list of auth providers. Currently enables only the first provider in the list.
Providers []AuthProvider `yaml:"providers"`
}
Auth settings including providers and the ability to enable/disable auth all together
type AuthProvider ¶
type AuthProvider struct {
// Label for the provider (optional)
Label string `yaml:"label" split_words:"true" default:"default"`
// Type of the auth provider, currently only OIDC is supported
Type string `yaml:"type" split_words:"true" default:"oidc"`
// OIDC .well-known/openid-configuration URL, ex. https://accounts.google.com/
ProviderURL string `yaml:"providerUrl" split_words:"true" default:"https://accounts.google.com/"`
// IssuerURL is only needed when it differs from the ProviderURL (optional)
IssuerURL string `yaml:"issuerUrl" split_words:"true" default:""`
// ClientID of the oauth2 provider
ClientID string `yaml:"clientId" split_words:"true" default:""`
// ClientSecret is the private key that authenticates your integration when requesting an OAuth token (optional when using PKCE)
ClientSecret string `yaml:"clientSecret" split_words:"true" default:""`
// Scopes for authentication, typically [openid, profile, email]
Scopes []string `yaml:"scopes" split_words:"true" default:"openid,profile,email"`
// CallbackURL after a successful auth, e.g. https://localhost:8080/oauth/callback
CallbackURL string `yaml:"callbackUrl" split_words:"true" default:"https://auth.datum.net/oauth/callback"`
// Options added as URL query params when redirecting to auth provider. Can be used to configure custom auth flows such as Auth0 invitation flow.
Options map[string]interface{} `yaml:"options"`
}
AuthProvider settings TODO: This is currently unused, when enabled these settings should be added to the config/.env.example
type CORS ¶
type CORS struct {
// AllowOrigins is a list of allowed origin to indicate whether the response can be shared with
// requesting code from the given origin
AllowOrigins []string `yaml:"allowOrigins"`
// CookieInsecure allows CSRF cookie to be sent to servers that the browser considers
// unsecured. Useful for cases where the connection is secured via VPN rather than
// HTTPS directly.
CookieInsecure bool `yaml:"cookieInsecure"`
}
CORS settings
type Config ¶
type Config struct {
// RefreshInterval holds often to reload the config
RefreshInterval time.Duration `yaml:"refreshInterval" split_words:"true" default:"10m"`
// Server contains the echo server settings
Server Server `yaml:"server"`
// Auth contains the authentication provider(s)
Auth Auth `yaml:"auth"`
// Authz contains the authorization settings
Authz fga.Config `yaml:"authz"`
// DB contains the database configuration
DB entdb.Config `yaml:"db"`
// Logger contains the logger used by echo functions
Logger *zap.SugaredLogger `yaml:"logger"`
}
Config contains the configuration for the datum server
func NewServerConfig ¶ added in v0.2.3
func NewServerConfig() *Config
NewServerConfig creates a new empty config
func (*Config) WithAutoCert ¶
WithAutoCert generates a letsencrypt certificate, a valid host must be provided
func (Config) WithDefaultTLSConfig ¶
WithDefaultTLSConfig sets the default TLS Configuration
func (*Config) WithTLSCerts ¶
WithTLSCerts sets the TLS Cert and Key locations
func (Config) WithTLSDefaults ¶
WithTLSDefaults sets tls default settings assuming a default cert and key file location.
type ConfigProvider ¶
type ConfigProvider interface {
// GetConfig returns the server configuration
GetConfig() (*Config, error)
}
ConfigProvider serves as a common interface to read echo server configuration
type ConfigProviderWithRefresh ¶
ConfigProviderWithRefresh shows a config provider with automatic refresh; it contains fields and methods to manage the configuration, and refresh it periodically based on a specified interval
func NewConfigProviderWithRefresh ¶
func NewConfigProviderWithRefresh(cfgProvider ConfigProvider) (*ConfigProviderWithRefresh, error)
NewConfigProviderWithRefresh function is a constructor function that creates a new instance of ConfigProviderWithRefresh
func (*ConfigProviderWithRefresh) Close ¶
func (s *ConfigProviderWithRefresh) Close()
Close function is used to stop the automatic refresh of the configuration. It stops the ticker that triggers the refresh and closes the stop channel, which signals the goroutine to stop refreshing the configuration
func (*ConfigProviderWithRefresh) GetConfig ¶
func (s *ConfigProviderWithRefresh) GetConfig() (*Config, error)
GetConfig retrieves the current echo server configuration; it acquires a read lock to ensure thread safety and returns the `config` field
type Server ¶
type Server struct {
// Debug enables echo's Debug option.
Debug bool `yaml:"debug" split_words:"true" default:"false"`
// Dev enables echo's dev mode options.
Dev bool `yaml:"dev" split_words:"true" default:"false"`
// Listen sets the listen address to serve the echo server on.
Listen string `yaml:"listen" split_words:"true" default:":17608"`
// ShutdownGracePeriod sets the grace period for in flight requests before shutting down.
ShutdownGracePeriod time.Duration `yaml:"shutdownGracePeriod" split_words:"true" default:"10s"`
// ReadTimeout sets the maximum duration for reading the entire request including the body.
ReadTimeout time.Duration `yaml:"readTimeout" split_words:"true" default:"15s"`
// WriteTimeout sets the maximum duration before timing out writes of the response.
WriteTimeout time.Duration `yaml:"writeTimeout" split_words:"true" default:"15s"`
// IdleTimeout sets the maximum amount of time to wait for the next request when keep-alives are enabled.
IdleTimeout time.Duration `yaml:"idleTimeout" split_words:"true" default:"30s"`
// ReadHeaderTimeout sets the amount of time allowed to read request headers.
ReadHeaderTimeout time.Duration `yaml:"readHeaderTimeout" split_words:"true" default:"2s"`
// TLS contains the tls configuration settings
TLS TLS `yaml:"tls"`
// CORS contains settings to allow cross origin settings and insecure cookies
CORS CORS `yaml:"cors"`
// Routes contains the handler functions
Routes []http.Handler `yaml:"routes"`
// Middleware to enable on the echo server
Middleware []echo.MiddlewareFunc `yaml:"middleware"`
// Handler contains the required settings for REST handlers including ready checks and JWT keys
Handler handlers.Handler `yaml:"checks"`
// Token contains the token config settings
Token tokens.Config `yaml:"token"`
}
Server settings
type TLS ¶
type TLS struct {
// Config contains the tls.Config settings
Config *tls.Config `yaml:"config"`
// Enabled turns on TLS settings for the server
Enabled bool `yaml:"enabled" split_words:"true" default:"false"`
// CertFile location for the TLS server
CertFile string `yaml:"certFile" split_words:"true" default:"server.crt"`
// CertKey file location for the TLS server
CertKey string `yaml:"certKey" split_words:"true" default:"server.key"`
// AutoCert generates the cert with letsencrypt, this does not work on localhost
AutoCert bool `yaml:"autoCert" split_words:"true" default:"false"`
}
TLS settings
Source Files
Click to show internal directories.
Click to hide internal directories.