models

package
v0.7.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 10, 2026 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidLengthCertificate        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowCertificate          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupCertificate = fmt.Errorf("proto: unexpected end of group")
)
View Source 
var (
	ErrInvalidLengthChallenge        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowChallenge          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupChallenge = fmt.Errorf("proto: unexpected end of group")
)
View Source 
var (
	ErrInvalidLengthRatelimit        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowRatelimit          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupRatelimit = fmt.Errorf("proto: unexpected end of group")
)
View Source 
var (
	ErrInvalidLengthToken        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowToken          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupToken = fmt.Errorf("proto: unexpected end of group")
)

Functions

func GetCertificateCodec 

func GetCertificateCodec() codec.Proto

func GetChallengeCodec 

func GetChallengeCodec() codec.Proto

func GetRateLimitCodec added in v0.7.0 

func GetRateLimitCodec() codec.Proto

func GetTokenCodec 

func GetTokenCodec() codec.Proto

func ProtoCertificateFactory 

func ProtoCertificateFactory() proto.Message

ProtoCertificateFactory makes new Certificate

func ProtoChallengeFactory 

func ProtoChallengeFactory() proto.Message

ProtoChallengeFactory makes new Challenge

func ProtoRateLimitFactory added in v0.7.0 

func ProtoRateLimitFactory() proto.Message

ProtoRateLimitFactory makes new RateLimit

func ProtoTokenFactory 

func ProtoTokenFactory() proto.Message

ProtoTokenFactory makes new Token

Types

type CertMap 

type CertMap struct {
	*Certificate
	Cert     string `json:"cert" example:"-----BEGIN CERTIFICATE-----\n..."`
	CAIssuer string `json:"ca_issuer" example:"-----BEGIN CERTIFICATE-----\n..."`
	URL      string `json:"url" example:"https://acme-staging-v02.api.letsencrypt.org/acme/cert/4b63b4e8b6109"`
}

type Certificate 

type Certificate struct {
	Domain        string `protobuf:"bytes,1,opt,name=domain,proto3" json:"domain,omitempty"`
	Issuer        string `protobuf:"bytes,2,opt,name=issuer,proto3" json:"issuer,omitempty"`
	Bundle        bool   `protobuf:"varint,3,opt,name=bundle,proto3" json:"bundle,omitempty"`
	San           string `protobuf:"bytes,4,opt,name=san,proto3" json:"san,omitempty"`
	Days          int32  `protobuf:"varint,5,opt,name=days,proto3" json:"days,omitempty"`
	RenewalDays   string `protobuf:"bytes,6,opt,name=renewal_days,json=renewalDays,proto3" json:"renewal_days,omitempty"`
	RenewalDate   string `protobuf:"bytes,7,opt,name=renewal_date,json=renewalDate,proto3" json:"renewal_date,omitempty"`
	DnsChallenge  string `protobuf:"bytes,8,opt,name=dns_challenge,json=dnsChallenge,proto3" json:"dns_challenge,omitempty"`
	HttpChallenge string `protobuf:"bytes,9,opt,name=http_challenge,json=httpChallenge,proto3" json:"http_challenge,omitempty"`
	Expires       string `protobuf:"bytes,10,opt,name=expires,proto3" json:"expires,omitempty"`
	Fingerprint   string `protobuf:"bytes,11,opt,name=fingerprint,proto3" json:"fingerprint,omitempty"`
	Owner         string `protobuf:"bytes,12,opt,name=owner,proto3" json:"owner,omitempty"`
	Csr           string `protobuf:"bytes,13,opt,name=csr,proto3" json:"csr,omitempty"`
	Labels        string `protobuf:"bytes,14,opt,name=labels,proto3" json:"labels,omitempty"`
	Encryption    string `protobuf:"bytes,15,opt,name=encryption,proto3" json:"encryption,omitempty"`
	Serial        string `protobuf:"bytes,16,opt,name=serial,proto3" json:"serial,omitempty"`
	KeyType       string `protobuf:"bytes,17,opt,name=key_type,json=keyType,proto3" json:"key_type,omitempty"`
	// ACME profile for certificate issuance (draft-aaron-acme-profiles)
	Profile string `protobuf:"bytes,20,opt,name=profile,proto3" json:"profile,omitempty"`
	// Unix timestamp in milliseconds when we have updated the key.
	UpdatedAt int64 `protobuf:"varint,18,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
	// Unix timestamp in milliseconds when this entry was marked for deletion.
	// Reason for doing marking first, and delete later, is to make sure that replica nodes
	// watching the prefix will receive notification on "marking" -- at which point they can
	// already remove entry from memory. Actual deletion from KV store does *not* trigger
	// "watch" notification with a key for all KV stores.
	DeletedAt int64 `protobuf:"varint,19,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
}

func NewCertificate 

func NewCertificate() *Certificate

NewCertificate returns an empty *models.Certificate.

func (*Certificate) Clone 

func (r *Certificate) Clone() memberlist.Mergeable

Clone returns a deep copy of the Certificate.

func (*Certificate) Descriptor 

func (*Certificate) Descriptor() ([]byte, []int)

func (*Certificate) Marshal 

func (m *Certificate) Marshal() (dAtA []byte, err error)

func (*Certificate) MarshalTo 

func (m *Certificate) MarshalTo(dAtA []byte) (int, error)

func (*Certificate) MarshalToSizedBuffer 

func (m *Certificate) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Certificate) Merge 

func (r *Certificate) Merge(other memberlist.Mergeable, _ bool) (memberlist.Mergeable, error)

Merge merges other Certificate into this one. The decision is made based on the UpdatedAt timestamp

func (*Certificate) MergeContent 

func (r *Certificate) MergeContent() []string

MergeContent describes content of this Mergeable. Given that Certificate can have only one instance at a time, it returns the Certificate it contains. By doing this we choose to not make use of the subset invalidation feature of memberlist

func (*Certificate) ProtoMessage 

func (*Certificate) ProtoMessage()

func (*Certificate) RemoveTombstones 

func (r *Certificate) RemoveTombstones(_ time.Time) (total, removed int)

RemoveTombstones is noOp because we will handle Certificateetions outside the context of memberlist.

func (*Certificate) Reset 

func (m *Certificate) Reset()

func (*Certificate) Size 

func (m *Certificate) Size() (n int)

func (*Certificate) String 

func (m *Certificate) String() string

func (*Certificate) Unmarshal 

func (m *Certificate) Unmarshal(dAtA []byte) error

func (*Certificate) XXX_DiscardUnknown 

func (m *Certificate) XXX_DiscardUnknown()

func (*Certificate) XXX_Marshal 

func (m *Certificate) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Certificate) XXX_Merge 

func (m *Certificate) XXX_Merge(src proto.Message)

func (*Certificate) XXX_Size 

func (m *Certificate) XXX_Size() int

func (*Certificate) XXX_Unmarshal 

func (m *Certificate) XXX_Unmarshal(b []byte) error

type CertificateParams 

type CertificateParams struct {
	Domain        string `json:"domain" example:"testfgx.example.com"`
	Issuer        string `json:"issuer" example:"letsencrypt"`
	Bundle        bool   `json:"bundle" example:"false"`
	San           string `json:"san,omitempty" example:""`
	Csr           string `json:"csr,omitempty"`
	Days          int    `json:"days,omitempty" example:"90"`
	RenewalDays   string `json:"renewal_days,omitempty" example:"30"`
	DNSChallenge  string `json:"dns_challenge,omitempty" example:"ns1"`
	HTTPChallenge string `json:"http_challenge,omitempty" example:""`
	Revoke        bool   `json:"revoke"`
	Labels        string `json:"labels"`
	KeyType       string `json:"key_type"`
	Profile       string `json:"profile,omitempty" example:"connect-direct"`
}

type Challenge 

type Challenge struct {
	KeyAuth string `protobuf:"bytes,1,opt,name=keyAuth,proto3" json:"keyAuth,omitempty"`
	// Unix timestamp in milliseconds when we have updated the key.
	UpdatedAt int64 `protobuf:"varint,2,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
	// Unix timestamp in milliseconds when this entry was marked for deletion.
	// Reason for doing marking first, and delete later, is to make sure that replica nodes
	// watching the prefix will receive notification on "marking" -- at which point they can
	// already remove entry from memory. Actual deletion from KV store does *not* trigger
	// "watch" notification with a key for all KV stores.
	DeletedAt int64 `protobuf:"varint,3,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
}

func NewChallenge 

func NewChallenge() *Challenge

NewChallenge returns an empty *models.Challenge.

func (*Challenge) Clone 

func (r *Challenge) Clone() memberlist.Mergeable

Clone returns a deep copy of the Challenge.

func (*Challenge) Descriptor 

func (*Challenge) Descriptor() ([]byte, []int)

func (*Challenge) Marshal 

func (m *Challenge) Marshal() (dAtA []byte, err error)

func (*Challenge) MarshalTo 

func (m *Challenge) MarshalTo(dAtA []byte) (int, error)

func (*Challenge) MarshalToSizedBuffer 

func (m *Challenge) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Challenge) Merge 

func (r *Challenge) Merge(other memberlist.Mergeable, _ bool) (memberlist.Mergeable, error)

Merge merges other Challenge into this one. The decision is made based on the UpdatedAt timestamp

func (*Challenge) MergeContent 

func (r *Challenge) MergeContent() []string

MergeContent describes content of this Mergeable. Given that Challenge can have only one instance at a time, it returns the Challenge it contains. By doing this we choose to not make use of the subset invalidation feature of memberlist

func (*Challenge) ProtoMessage 

func (*Challenge) ProtoMessage()

func (*Challenge) RemoveTombstones 

func (r *Challenge) RemoveTombstones(_ time.Time) (total, removed int)

RemoveTombstones is noOp because we will handle Challengeetions outside the context of memberlist.

func (*Challenge) Reset 

func (m *Challenge) Reset()

func (*Challenge) Size 

func (m *Challenge) Size() (n int)

func (*Challenge) String 

func (m *Challenge) String() string

func (*Challenge) Unmarshal 

func (m *Challenge) Unmarshal(dAtA []byte) error

func (*Challenge) XXX_DiscardUnknown 

func (m *Challenge) XXX_DiscardUnknown()

func (*Challenge) XXX_Marshal 

func (m *Challenge) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Challenge) XXX_Merge 

func (m *Challenge) XXX_Merge(src proto.Message)

func (*Challenge) XXX_Size 

func (m *Challenge) XXX_Size() int

func (*Challenge) XXX_Unmarshal 

func (m *Challenge) XXX_Unmarshal(b []byte) error

type RateLimit added in v0.7.0 

type RateLimit struct {
	// The owner (username) who made the request
	Owner string `protobuf:"bytes,1,opt,name=owner,proto3" json:"owner,omitempty"`
	// The certificate issuer
	Issuer string `protobuf:"bytes,2,opt,name=issuer,proto3" json:"issuer,omitempty"`
	// The certificate domain
	Domain string `protobuf:"bytes,3,opt,name=domain,proto3" json:"domain,omitempty"`
	// Unix timestamp in milliseconds when the current window started
	WindowStartAt int64 `protobuf:"varint,4,opt,name=window_start_at,json=windowStartAt,proto3" json:"window_start_at,omitempty"`
	// Number of requests made in current window
	RequestCount int32 `protobuf:"varint,5,opt,name=request_count,json=requestCount,proto3" json:"request_count,omitempty"`
	// Unix timestamp in milliseconds when we have updated the key.
	UpdatedAt int64 `protobuf:"varint,6,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
	// Unix timestamp in milliseconds when this entry was marked for deletion.
	DeletedAt int64 `protobuf:"varint,7,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
}

RateLimit tracks certificate request counts per user and certificate to prevent agents from repeatedly requesting the same certificate in a loop.

func NewRateLimit added in v0.7.0 

func NewRateLimit() *RateLimit

NewRateLimit returns an empty *models.RateLimit.

func (*RateLimit) Clone added in v0.7.0 

func (r *RateLimit) Clone() memberlist.Mergeable

Clone returns a deep copy of the RateLimit.

func (*RateLimit) Descriptor added in v0.7.0 

func (*RateLimit) Descriptor() ([]byte, []int)

func (*RateLimit) Marshal added in v0.7.0 

func (m *RateLimit) Marshal() (dAtA []byte, err error)

func (*RateLimit) MarshalTo added in v0.7.0 

func (m *RateLimit) MarshalTo(dAtA []byte) (int, error)

func (*RateLimit) MarshalToSizedBuffer added in v0.7.0 

func (m *RateLimit) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RateLimit) Merge added in v0.7.0 

func (r *RateLimit) Merge(other memberlist.Mergeable, _ bool) (memberlist.Mergeable, error)

Merge merges other RateLimit into this one. The decision is made based on the UpdatedAt timestamp

func (*RateLimit) MergeContent added in v0.7.0 

func (r *RateLimit) MergeContent() []string

MergeContent describes content of this Mergeable.

func (*RateLimit) ProtoMessage added in v0.7.0 

func (*RateLimit) ProtoMessage()

func (*RateLimit) RemoveTombstones added in v0.7.0 

func (r *RateLimit) RemoveTombstones(_ time.Time) (total, removed int)

RemoveTombstones is noOp because we will handle deletions outside the context of memberlist.

func (*RateLimit) Reset added in v0.7.0 

func (m *RateLimit) Reset()

func (*RateLimit) Size added in v0.7.0 

func (m *RateLimit) Size() (n int)

func (*RateLimit) String added in v0.7.0 

func (m *RateLimit) String() string

func (*RateLimit) Unmarshal added in v0.7.0 

func (m *RateLimit) Unmarshal(dAtA []byte) error

func (*RateLimit) XXX_DiscardUnknown added in v0.7.0 

func (m *RateLimit) XXX_DiscardUnknown()

func (*RateLimit) XXX_Marshal added in v0.7.0 

func (m *RateLimit) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RateLimit) XXX_Merge added in v0.7.0 

func (m *RateLimit) XXX_Merge(src proto.Message)

func (*RateLimit) XXX_Size added in v0.7.0 

func (m *RateLimit) XXX_Size() int

func (*RateLimit) XXX_Unmarshal added in v0.7.0 

func (m *RateLimit) XXX_Unmarshal(b []byte) error

type Token 

type Token struct {
	TokenHash string   `protobuf:"bytes,1,opt,name=tokenHash,proto3" json:"tokenHash,omitempty"`
	Scope     []string `protobuf:"bytes,2,rep,name=scope,proto3" json:"scope,omitempty"`
	Username  string   `protobuf:"bytes,3,opt,name=username,proto3" json:"username,omitempty"`
	Expires   string   `protobuf:"bytes,4,opt,name=expires,proto3" json:"expires,omitempty"`
	Duration  string   `protobuf:"bytes,5,opt,name=duration,proto3" json:"duration,omitempty"`
	// Unix timestamp in milliseconds when we have updated the key.
	UpdatedAt int64 `protobuf:"varint,6,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
	// Unix timestamp in milliseconds when this entry was marked for deletion.
	// Reason for doing marking first, and delete later, is to make sure that replica nodes
	// watching the prefix will receive notification on "marking" -- at which point they can
	// already remove entry from memory. Actual deletion from KV store does *not* trigger
	// "watch" notification with a key for all KV stores.
	DeletedAt int64 `protobuf:"varint,7,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
	// Rate limit window duration (e.g., "1h", "30m"). Overrides global config if set.
	RateLimitWindow string `protobuf:"bytes,8,opt,name=rate_limit_window,json=rateLimitWindow,proto3" json:"rate_limit_window,omitempty"`
	// Maximum requests allowed per rate limit window. Overrides global config if set.
	RateLimitMaxRequests int32 `` /* 126-byte string literal not displayed */
}

func NewToken 

func NewToken() *Token

NewToken returns an empty *models.Token.

func (*Token) Clone 

func (r *Token) Clone() memberlist.Mergeable

Clone returns a deep copy of the Token.

func (*Token) Descriptor 

func (*Token) Descriptor() ([]byte, []int)

func (*Token) Marshal 

func (m *Token) Marshal() (dAtA []byte, err error)

func (*Token) MarshalTo 

func (m *Token) MarshalTo(dAtA []byte) (int, error)

func (*Token) MarshalToSizedBuffer 

func (m *Token) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Token) Merge 

func (r *Token) Merge(other memberlist.Mergeable, _ bool) (memberlist.Mergeable, error)

Merge merges other Token into this one. The decision is made based on the UpdatedAt timestamp

func (*Token) MergeContent 

func (r *Token) MergeContent() []string

MergeContent describes content of this Mergeable. Given that Token can have only one instance at a time, it returns the Token it contains. By doing this we choose to not make use of the subset invalidation feature of memberlist

func (*Token) ProtoMessage 

func (*Token) ProtoMessage()

func (*Token) RemoveTombstones 

func (r *Token) RemoveTombstones(_ time.Time) (total, removed int)

RemoveTombstones is noOp because we will handle Tokenetions outside the context of memberlist.

func (*Token) Reset 

func (m *Token) Reset()

func (*Token) Size 

func (m *Token) Size() (n int)

func (*Token) String 

func (m *Token) String() string

func (*Token) Unmarshal 

func (m *Token) Unmarshal(dAtA []byte) error

func (*Token) XXX_DiscardUnknown 

func (m *Token) XXX_DiscardUnknown()

func (*Token) XXX_Marshal 

func (m *Token) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Token) XXX_Merge 

func (m *Token) XXX_Merge(src proto.Message)

func (*Token) XXX_Size 

func (m *Token) XXX_Size() int

func (*Token) XXX_Unmarshal 

func (m *Token) XXX_Unmarshal(b []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.