config

package
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 18, 2026 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ActivePath added in v0.2.0 

func ActivePath() string

ActivePath returns the config file currently in use. Returns an empty string before initConfig has run (e.g. in isolated unit tests that bypass the cobra lifecycle).

func CreateDefault 

func CreateDefault(path string) error

CreateDefault creates a default configuration file.

func FormatConfigYAML added in v0.2.0 

func FormatConfigYAML(cfg *Config) string

FormatConfigYAML renders cfg into the canonical commented YAML used by `dddns config init`. It never inspects or validates the config — callers are expected to call Config.Validate first when interactive input might have left required fields blank.

func MigrateToSecure 

func MigrateToSecure(plaintextPath, securePath string) error

MigrateToSecure converts plaintext config to encrypted

func SavePlaintext added in v0.2.0 

func SavePlaintext(cfg *Config, path string) error

SavePlaintext serializes cfg to YAML and writes it to path with the standard plaintext permissions (0600). This rewrites the entire file; comments and formatting in any previous version are discarded.

Use SaveSecure for encrypted-at-rest storage.

func SaveSecure 

func SaveSecure(cfg *Config, path string) error

SaveSecure saves config with encrypted credentials

func SetActivePath added in v0.2.0 

func SetActivePath(path string)

SetActivePath records the config path resolved by cmd/root.go's initConfig. Subsequent calls to Load()/LoadSecure() and ActivePath() read this value.

Types

type Config 

type Config struct {
	// AWS settings
	AWSRegion    string `yaml:"aws_region"`
	AWSAccessKey string `yaml:"aws_access_key"`
	AWSSecretKey string `yaml:"aws_secret_key"`

	// DNS settings (required)
	HostedZoneID string `yaml:"hosted_zone_id"`
	Hostname     string `yaml:"hostname"`
	TTL          int64  `yaml:"ttl"`

	// Operational settings
	IPCacheFile string `yaml:"ip_cache_file"`

	// IPSource overrides where dddns obtains the current public IP.
	// Values: "" or "auto" (mode-driven default), "local" (read the WAN
	// interface), "remote" (call checkip.amazonaws.com). Serve mode always
	// reads the local interface regardless of this setting.
	IPSource string `yaml:"ip_source,omitempty"`

	// Server holds parameters for serve mode (dddns serve). nil when the
	// `server:` block is absent from the config file, which disables serve
	// mode. See ServerConfig for fields.
	Server *ServerConfig `yaml:"server,omitempty"`
}

Config holds all configuration for dddns.

func Load 

func Load() (*Config, error)

Load reads configuration from the file recorded by SetActivePath. Encrypted .secure paths are delegated to LoadSecure. Defaults are applied before YAML is parsed so any fields set in the file override them.

func LoadSecure 

func LoadSecure(path string) (*Config, error)

LoadSecure loads config with decrypted credentials

func (*Config) Validate 

func (c *Config) Validate() error

Validate checks the top-level Config. It does not validate the Server block — that is ServerConfig.Validate's job, called by `dddns serve`.

type SecureConfig 

type SecureConfig struct {
	// AWS settings
	AWSRegion           string `yaml:"aws_region"`
	AWSCredentialsVault string `yaml:"aws_credentials_vault"` // Encrypted access:secret

	// DNS settings (not sensitive)
	HostedZoneID string `yaml:"hosted_zone_id"`
	Hostname     string `yaml:"hostname"`
	TTL          int64  `yaml:"ttl"`

	// Operational settings
	IPCacheFile string `yaml:"ip_cache_file"`
	IPSource    string `yaml:"ip_source,omitempty"`

	// Server holds the serve-mode parameters. SecretVault is the encrypted
	// form of the plaintext ServerConfig.SharedSecret.
	Server *SecureServerConfig `yaml:"server,omitempty"`
}

SecureConfig stores credentials in encrypted form.

type SecureServerConfig added in v0.2.0 

type SecureServerConfig struct {
	Bind         string   `yaml:"bind"`
	SecretVault  string   `yaml:"secret_vault"`
	AllowedCIDRs []string `yaml:"allowed_cidrs"`
	AuditLog     string   `yaml:"audit_log,omitempty"`
	WANInterface string   `yaml:"wan_interface,omitempty"`
}

SecureServerConfig is the at-rest form of ServerConfig with the shared secret replaced by a device-encrypted vault.

type ServerConfig added in v0.2.0 

type ServerConfig struct {
	Bind         string   `yaml:"bind"`
	SharedSecret string   `yaml:"shared_secret,omitempty"`
	AllowedCIDRs []string `yaml:"allowed_cidrs"`
	AuditLog     string   `yaml:"audit_log,omitempty"`
	WANInterface string   `yaml:"wan_interface,omitempty"`
}

ServerConfig holds parameters for serve mode (dddns serve).

The encrypted equivalent of SharedSecret lives in a sibling struct in secure_config.go (SecureServerConfig) so the two wire formats stay explicit.

func (*ServerConfig) Validate added in v0.2.0 

func (s *ServerConfig) Validate() error

Validate reports whether the server block is well-formed. It is called by `dddns serve` before binding, and by `dddns config set-mode serve` before rewriting the boot script. The cron path does not need to call this — Config.Validate ignores the server block when the user only runs `dddns update`.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.