models

package
v0.7.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 10, 2026 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrInvalidLengthCertificate        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowCertificate          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupCertificate = fmt.Errorf("proto: unexpected end of group")
)
View Source
var (
	ErrInvalidLengthChallenge        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowChallenge          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupChallenge = fmt.Errorf("proto: unexpected end of group")
)
View Source
var (
	ErrInvalidLengthRatelimit        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowRatelimit          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupRatelimit = fmt.Errorf("proto: unexpected end of group")
)
View Source
var (
	ErrInvalidLengthToken        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowToken          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupToken = fmt.Errorf("proto: unexpected end of group")
)

Functions

func GetCertificateCodec

func GetCertificateCodec() codec.Proto

func GetChallengeCodec

func GetChallengeCodec() codec.Proto

func GetRateLimitCodec added in v0.7.0

func GetRateLimitCodec() codec.Proto

func GetTokenCodec

func GetTokenCodec() codec.Proto

func ProtoCertificateFactory

func ProtoCertificateFactory() proto.Message

ProtoCertificateFactory makes new Certificate

func ProtoChallengeFactory

func ProtoChallengeFactory() proto.Message

ProtoChallengeFactory makes new Challenge

func ProtoRateLimitFactory added in v0.7.0

func ProtoRateLimitFactory() proto.Message

ProtoRateLimitFactory makes new RateLimit

func ProtoTokenFactory

func ProtoTokenFactory() proto.Message

ProtoTokenFactory makes new Token

Types

type CertMap

type CertMap struct {
	*Certificate
	Cert     string `json:"cert" example:"-----BEGIN CERTIFICATE-----\n..."`
	CAIssuer string `json:"ca_issuer" example:"-----BEGIN CERTIFICATE-----\n..."`
	URL      string `json:"url" example:"https://acme-staging-v02.api.letsencrypt.org/acme/cert/4b63b4e8b6109"`
}

type Certificate

type Certificate struct {
	Domain        string `protobuf:"bytes,1,opt,name=domain,proto3" json:"domain,omitempty"`
	Issuer        string `protobuf:"bytes,2,opt,name=issuer,proto3" json:"issuer,omitempty"`
	Bundle        bool   `protobuf:"varint,3,opt,name=bundle,proto3" json:"bundle,omitempty"`
	San           string `protobuf:"bytes,4,opt,name=san,proto3" json:"san,omitempty"`
	Days          int32  `protobuf:"varint,5,opt,name=days,proto3" json:"days,omitempty"`
	RenewalDays   string `protobuf:"bytes,6,opt,name=renewal_days,json=renewalDays,proto3" json:"renewal_days,omitempty"`
	RenewalDate   string `protobuf:"bytes,7,opt,name=renewal_date,json=renewalDate,proto3" json:"renewal_date,omitempty"`
	DnsChallenge  string `protobuf:"bytes,8,opt,name=dns_challenge,json=dnsChallenge,proto3" json:"dns_challenge,omitempty"`
	HttpChallenge string `protobuf:"bytes,9,opt,name=http_challenge,json=httpChallenge,proto3" json:"http_challenge,omitempty"`
	Expires       string `protobuf:"bytes,10,opt,name=expires,proto3" json:"expires,omitempty"`
	Fingerprint   string `protobuf:"bytes,11,opt,name=fingerprint,proto3" json:"fingerprint,omitempty"`
	Owner         string `protobuf:"bytes,12,opt,name=owner,proto3" json:"owner,omitempty"`
	Csr           string `protobuf:"bytes,13,opt,name=csr,proto3" json:"csr,omitempty"`
	Labels        string `protobuf:"bytes,14,opt,name=labels,proto3" json:"labels,omitempty"`
	Encryption    string `protobuf:"bytes,15,opt,name=encryption,proto3" json:"encryption,omitempty"`
	Serial        string `protobuf:"bytes,16,opt,name=serial,proto3" json:"serial,omitempty"`
	KeyType       string `protobuf:"bytes,17,opt,name=key_type,json=keyType,proto3" json:"key_type,omitempty"`
	// ACME profile for certificate issuance (draft-aaron-acme-profiles)
	Profile string `protobuf:"bytes,20,opt,name=profile,proto3" json:"profile,omitempty"`
	// Unix timestamp in milliseconds when we have updated the key.
	UpdatedAt int64 `protobuf:"varint,18,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
	// Unix timestamp in milliseconds when this entry was marked for deletion.
	// Reason for doing marking first, and delete later, is to make sure that replica nodes
	// watching the prefix will receive notification on "marking" -- at which point they can
	// already remove entry from memory. Actual deletion from KV store does *not* trigger
	// "watch" notification with a key for all KV stores.
	DeletedAt int64 `protobuf:"varint,19,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
}

func NewCertificate

func NewCertificate() *Certificate

NewCertificate returns an empty *models.Certificate.

func (*Certificate) Clone

func (r *Certificate) Clone() memberlist.Mergeable

Clone returns a deep copy of the Certificate.

func (*Certificate) Descriptor

func (*Certificate) Descriptor() ([]byte, []int)

func (*Certificate) Marshal

func (m *Certificate) Marshal() (dAtA []byte, err error)

func (*Certificate) MarshalTo

func (m *Certificate) MarshalTo(dAtA []byte) (int, error)

func (*Certificate) MarshalToSizedBuffer

func (m *Certificate) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Certificate) Merge

Merge merges other Certificate into this one. The decision is made based on the UpdatedAt timestamp

func (*Certificate) MergeContent

func (r *Certificate) MergeContent() []string

MergeContent describes content of this Mergeable. Given that Certificate can have only one instance at a time, it returns the Certificate it contains. By doing this we choose to not make use of the subset invalidation feature of memberlist

func (*Certificate) ProtoMessage

func (*Certificate) ProtoMessage()

func (*Certificate) RemoveTombstones

func (r *Certificate) RemoveTombstones(_ time.Time) (total, removed int)

RemoveTombstones is noOp because we will handle Certificateetions outside the context of memberlist.

func (*Certificate) Reset

func (m *Certificate) Reset()

func (*Certificate) Size

func (m *Certificate) Size() (n int)

func (*Certificate) String

func (m *Certificate) String() string

func (*Certificate) Unmarshal

func (m *Certificate) Unmarshal(dAtA []byte) error

func (*Certificate) XXX_DiscardUnknown

func (m *Certificate) XXX_DiscardUnknown()

func (*Certificate) XXX_Marshal

func (m *Certificate) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Certificate) XXX_Merge

func (m *Certificate) XXX_Merge(src proto.Message)

func (*Certificate) XXX_Size

func (m *Certificate) XXX_Size() int

func (*Certificate) XXX_Unmarshal

func (m *Certificate) XXX_Unmarshal(b []byte) error

type CertificateParams

type CertificateParams struct {
	Domain        string `json:"domain" example:"testfgx.example.com"`
	Issuer        string `json:"issuer" example:"letsencrypt"`
	Bundle        bool   `json:"bundle" example:"false"`
	San           string `json:"san,omitempty" example:""`
	Csr           string `json:"csr,omitempty"`
	Days          int    `json:"days,omitempty" example:"90"`
	RenewalDays   string `json:"renewal_days,omitempty" example:"30"`
	DNSChallenge  string `json:"dns_challenge,omitempty" example:"ns1"`
	HTTPChallenge string `json:"http_challenge,omitempty" example:""`
	Revoke        bool   `json:"revoke"`
	Labels        string `json:"labels"`
	KeyType       string `json:"key_type"`
	Profile       string `json:"profile,omitempty" example:"connect-direct"`
}

type Challenge

type Challenge struct {
	KeyAuth string `protobuf:"bytes,1,opt,name=keyAuth,proto3" json:"keyAuth,omitempty"`
	// Unix timestamp in milliseconds when we have updated the key.
	UpdatedAt int64 `protobuf:"varint,2,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
	// Unix timestamp in milliseconds when this entry was marked for deletion.
	// Reason for doing marking first, and delete later, is to make sure that replica nodes
	// watching the prefix will receive notification on "marking" -- at which point they can
	// already remove entry from memory. Actual deletion from KV store does *not* trigger
	// "watch" notification with a key for all KV stores.
	DeletedAt int64 `protobuf:"varint,3,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
}

func NewChallenge

func NewChallenge() *Challenge

NewChallenge returns an empty *models.Challenge.

func (*Challenge) Clone

func (r *Challenge) Clone() memberlist.Mergeable

Clone returns a deep copy of the Challenge.

func (*Challenge) Descriptor

func (*Challenge) Descriptor() ([]byte, []int)

func (*Challenge) Marshal

func (m *Challenge) Marshal() (dAtA []byte, err error)

func (*Challenge) MarshalTo

func (m *Challenge) MarshalTo(dAtA []byte) (int, error)

func (*Challenge) MarshalToSizedBuffer

func (m *Challenge) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Challenge) Merge

Merge merges other Challenge into this one. The decision is made based on the UpdatedAt timestamp

func (*Challenge) MergeContent

func (r *Challenge) MergeContent() []string

MergeContent describes content of this Mergeable. Given that Challenge can have only one instance at a time, it returns the Challenge it contains. By doing this we choose to not make use of the subset invalidation feature of memberlist

func (*Challenge) ProtoMessage

func (*Challenge) ProtoMessage()

func (*Challenge) RemoveTombstones

func (r *Challenge) RemoveTombstones(_ time.Time) (total, removed int)

RemoveTombstones is noOp because we will handle Challengeetions outside the context of memberlist.

func (*Challenge) Reset

func (m *Challenge) Reset()

func (*Challenge) Size

func (m *Challenge) Size() (n int)

func (*Challenge) String

func (m *Challenge) String() string

func (*Challenge) Unmarshal

func (m *Challenge) Unmarshal(dAtA []byte) error

func (*Challenge) XXX_DiscardUnknown

func (m *Challenge) XXX_DiscardUnknown()

func (*Challenge) XXX_Marshal

func (m *Challenge) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Challenge) XXX_Merge

func (m *Challenge) XXX_Merge(src proto.Message)

func (*Challenge) XXX_Size

func (m *Challenge) XXX_Size() int

func (*Challenge) XXX_Unmarshal

func (m *Challenge) XXX_Unmarshal(b []byte) error

type RateLimit added in v0.7.0

type RateLimit struct {
	// The owner (username) who made the request
	Owner string `protobuf:"bytes,1,opt,name=owner,proto3" json:"owner,omitempty"`
	// The certificate issuer
	Issuer string `protobuf:"bytes,2,opt,name=issuer,proto3" json:"issuer,omitempty"`
	// The certificate domain
	Domain string `protobuf:"bytes,3,opt,name=domain,proto3" json:"domain,omitempty"`
	// Unix timestamp in milliseconds when the current window started
	WindowStartAt int64 `protobuf:"varint,4,opt,name=window_start_at,json=windowStartAt,proto3" json:"window_start_at,omitempty"`
	// Number of requests made in current window
	RequestCount int32 `protobuf:"varint,5,opt,name=request_count,json=requestCount,proto3" json:"request_count,omitempty"`
	// Unix timestamp in milliseconds when we have updated the key.
	UpdatedAt int64 `protobuf:"varint,6,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
	// Unix timestamp in milliseconds when this entry was marked for deletion.
	DeletedAt int64 `protobuf:"varint,7,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
}

RateLimit tracks certificate request counts per user and certificate to prevent agents from repeatedly requesting the same certificate in a loop.

func NewRateLimit added in v0.7.0

func NewRateLimit() *RateLimit

NewRateLimit returns an empty *models.RateLimit.

func (*RateLimit) Clone added in v0.7.0

func (r *RateLimit) Clone() memberlist.Mergeable

Clone returns a deep copy of the RateLimit.

func (*RateLimit) Descriptor added in v0.7.0

func (*RateLimit) Descriptor() ([]byte, []int)

func (*RateLimit) Marshal added in v0.7.0

func (m *RateLimit) Marshal() (dAtA []byte, err error)

func (*RateLimit) MarshalTo added in v0.7.0

func (m *RateLimit) MarshalTo(dAtA []byte) (int, error)

func (*RateLimit) MarshalToSizedBuffer added in v0.7.0

func (m *RateLimit) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RateLimit) Merge added in v0.7.0

Merge merges other RateLimit into this one. The decision is made based on the UpdatedAt timestamp

func (*RateLimit) MergeContent added in v0.7.0

func (r *RateLimit) MergeContent() []string

MergeContent describes content of this Mergeable.

func (*RateLimit) ProtoMessage added in v0.7.0

func (*RateLimit) ProtoMessage()

func (*RateLimit) RemoveTombstones added in v0.7.0

func (r *RateLimit) RemoveTombstones(_ time.Time) (total, removed int)

RemoveTombstones is noOp because we will handle deletions outside the context of memberlist.

func (*RateLimit) Reset added in v0.7.0

func (m *RateLimit) Reset()

func (*RateLimit) Size added in v0.7.0

func (m *RateLimit) Size() (n int)

func (*RateLimit) String added in v0.7.0

func (m *RateLimit) String() string

func (*RateLimit) Unmarshal added in v0.7.0

func (m *RateLimit) Unmarshal(dAtA []byte) error

func (*RateLimit) XXX_DiscardUnknown added in v0.7.0

func (m *RateLimit) XXX_DiscardUnknown()

func (*RateLimit) XXX_Marshal added in v0.7.0

func (m *RateLimit) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RateLimit) XXX_Merge added in v0.7.0

func (m *RateLimit) XXX_Merge(src proto.Message)

func (*RateLimit) XXX_Size added in v0.7.0

func (m *RateLimit) XXX_Size() int

func (*RateLimit) XXX_Unmarshal added in v0.7.0

func (m *RateLimit) XXX_Unmarshal(b []byte) error

type Token

type Token struct {
	TokenHash string   `protobuf:"bytes,1,opt,name=tokenHash,proto3" json:"tokenHash,omitempty"`
	Scope     []string `protobuf:"bytes,2,rep,name=scope,proto3" json:"scope,omitempty"`
	Username  string   `protobuf:"bytes,3,opt,name=username,proto3" json:"username,omitempty"`
	Expires   string   `protobuf:"bytes,4,opt,name=expires,proto3" json:"expires,omitempty"`
	Duration  string   `protobuf:"bytes,5,opt,name=duration,proto3" json:"duration,omitempty"`
	// Unix timestamp in milliseconds when we have updated the key.
	UpdatedAt int64 `protobuf:"varint,6,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
	// Unix timestamp in milliseconds when this entry was marked for deletion.
	// Reason for doing marking first, and delete later, is to make sure that replica nodes
	// watching the prefix will receive notification on "marking" -- at which point they can
	// already remove entry from memory. Actual deletion from KV store does *not* trigger
	// "watch" notification with a key for all KV stores.
	DeletedAt int64 `protobuf:"varint,7,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
	// Rate limit window duration (e.g., "1h", "30m"). Overrides global config if set.
	RateLimitWindow string `protobuf:"bytes,8,opt,name=rate_limit_window,json=rateLimitWindow,proto3" json:"rate_limit_window,omitempty"`
	// Maximum requests allowed per rate limit window. Overrides global config if set.
	RateLimitMaxRequests int32 `` /* 126-byte string literal not displayed */
}

func NewToken

func NewToken() *Token

NewToken returns an empty *models.Token.

func (*Token) Clone

func (r *Token) Clone() memberlist.Mergeable

Clone returns a deep copy of the Token.

func (*Token) Descriptor

func (*Token) Descriptor() ([]byte, []int)

func (*Token) Marshal

func (m *Token) Marshal() (dAtA []byte, err error)

func (*Token) MarshalTo

func (m *Token) MarshalTo(dAtA []byte) (int, error)

func (*Token) MarshalToSizedBuffer

func (m *Token) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Token) Merge

func (r *Token) Merge(other memberlist.Mergeable, _ bool) (memberlist.Mergeable, error)

Merge merges other Token into this one. The decision is made based on the UpdatedAt timestamp

func (*Token) MergeContent

func (r *Token) MergeContent() []string

MergeContent describes content of this Mergeable. Given that Token can have only one instance at a time, it returns the Token it contains. By doing this we choose to not make use of the subset invalidation feature of memberlist

func (*Token) ProtoMessage

func (*Token) ProtoMessage()

func (*Token) RemoveTombstones

func (r *Token) RemoveTombstones(_ time.Time) (total, removed int)

RemoveTombstones is noOp because we will handle Tokenetions outside the context of memberlist.

func (*Token) Reset

func (m *Token) Reset()

func (*Token) Size

func (m *Token) Size() (n int)

func (*Token) String

func (m *Token) String() string

func (*Token) Unmarshal

func (m *Token) Unmarshal(dAtA []byte) error

func (*Token) XXX_DiscardUnknown

func (m *Token) XXX_DiscardUnknown()

func (*Token) XXX_Marshal

func (m *Token) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Token) XXX_Merge

func (m *Token) XXX_Merge(src proto.Message)

func (*Token) XXX_Size

func (m *Token) XXX_Size() int

func (*Token) XXX_Unmarshal

func (m *Token) XXX_Unmarshal(b []byte) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL