Documentation
¶
Index ¶
- Constants
- type AITriageConfig
- type AgentConfig
- type AppConfig
- type AuthConfig
- type AuthProvider
- type CORSConfig
- type Config
- type DatabaseConfig
- type EncryptionConfig
- type GRPCConfig
- type KeycloakConfig
- type LoadBalancingConfig
- type LogConfig
- type OAuthConfig
- type OAuthProviderConfig
- type RateLimitConfig
- type RedisConfig
- type SMTPConfig
- type ServerConfig
- type WorkerConfig
Constants ¶
View Source
const (
EnvProduction = "production"
)
Environment constants
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AITriageConfig ¶
type AITriageConfig struct {
// Enabled controls whether AI triage feature is available platform-wide.
Enabled bool
// Platform AI Provider Configuration
// Used when tenants choose "platform" mode (don't provide their own keys)
PlatformProvider string // "claude", "openai", or "gemini"
PlatformModel string // e.g., "claude-3-5-sonnet-20241022", "gemini-1.5-pro"
AnthropicAPIKey string // Platform's Anthropic API key
OpenAIAPIKey string // Platform's OpenAI API key
GeminiAPIKey string // Platform's Google Gemini API key
// Rate Limiting
MaxConcurrentJobs int // Max concurrent AI triage jobs
RateLimitRPM int // Rate limit per minute
TimeoutSeconds int // Timeout for AI API calls
MaxTokens int // Max tokens per request
// LLM Parameters
Temperature float64 // Temperature for LLM (0.0-1.0, lower = more deterministic)
// Default Auto-Triage Settings (can be overridden per tenant)
DefaultAutoTriageEnabled bool
DefaultAutoTriageSeverities []string
DefaultAutoTriageDelay time.Duration
// Stuck Job Recovery Settings
RecoveryEnabled bool // Enable background recovery for stuck jobs
RecoveryInterval time.Duration // How often to check for stuck jobs (default: 5 minutes)
RecoveryStuckDuration time.Duration // How long before a job is considered stuck (default: 15 minutes)
RecoveryBatchSize int // Max jobs to recover per run (default: 50)
}
AITriageConfig holds AI triage configuration for the platform. This is the platform-level configuration. Tenant-specific settings are stored in tenant.Settings.AI.
func (*AITriageConfig) IsConfigured ¶
func (c *AITriageConfig) IsConfigured() bool
IsConfigured returns true if AI triage is properly configured. This checks if at least one LLM provider API key is set. Note: The Enabled field is deprecated - feature availability is now controlled by the module's is_active field in the database.
type AgentConfig ¶
type AgentConfig struct {
// HeartbeatTimeout is the duration after which an agent is marked as inactive
// if no heartbeat is received. Default: 5 minutes.
HeartbeatTimeout time.Duration
// HealthCheckInterval is how often to check for stale agents.
// Default: 1 minute.
HealthCheckInterval time.Duration
// Enabled controls whether agent health checking is enabled.
// Default: true.
Enabled bool
// LoadBalancing holds configuration for agent load balancing weights.
LoadBalancing LoadBalancingConfig
}
AgentConfig holds agent management configuration.
type AuthConfig ¶
type AuthConfig struct {
// Provider determines which authentication methods are available.
// Values: "local", "oidc", "hybrid"
Provider AuthProvider
// JWT settings for local auth
JWTSecret string // Secret key for signing JWTs (required for local/hybrid)
JWTIssuer string // Token issuer claim
AccessTokenDuration time.Duration // Access token lifetime (default: 15m)
RefreshTokenDuration time.Duration // Refresh token lifetime (default: 7d)
SessionDuration time.Duration // Session lifetime (default: 30d)
// Password policy
PasswordMinLength int // Minimum password length (default: 8)
PasswordRequireUpper bool // Require uppercase letter
PasswordRequireLower bool // Require lowercase letter
PasswordRequireNumber bool // Require number
PasswordRequireSpecial bool // Require special character
// Security settings
MaxLoginAttempts int // Max failed attempts before lockout (default: 5)
LockoutDuration time.Duration // Account lockout duration (default: 15m)
MaxActiveSessions int // Max concurrent sessions per user (default: 10)
// Registration settings
AllowRegistration bool // Allow new user registration (default: true)
RequireEmailVerification bool // Require email verification (default: true)
// Email verification/reset token settings
EmailVerificationDuration time.Duration // Email verification token lifetime (default: 24h)
PasswordResetDuration time.Duration // Password reset token lifetime (default: 1h)
// Cookie settings for tokens (security best practice)
CookieSecure bool // Use Secure flag (HTTPS only) - should be true in production
CookieDomain string // Cookie domain (empty = current host)
CookieSameSite string // SameSite policy: "strict", "lax", or "none"
AccessTokenCookieName string // Cookie name for access token (default: "auth_token")
RefreshTokenCookieName string // Cookie name for refresh token (default: "refresh_token")
TenantCookieName string // Cookie name for tenant (default: "app_tenant")
}
AuthConfig holds authentication configuration.
type AuthProvider ¶
type AuthProvider string
AuthProvider represents the authentication provider type.
const ( // AuthProviderLocal uses built-in email/password authentication. AuthProviderLocal AuthProvider = "local" // AuthProviderOIDC uses external OIDC provider (Keycloak). AuthProviderOIDC AuthProvider = "oidc" // AuthProviderHybrid allows both local and OIDC authentication. AuthProviderHybrid AuthProvider = "hybrid" )
func (AuthProvider) IsValid ¶
func (p AuthProvider) IsValid() bool
IsValid checks if the auth provider is valid.
func (AuthProvider) SupportsLocal ¶
func (p AuthProvider) SupportsLocal() bool
SupportsLocal returns true if local auth is supported.
func (AuthProvider) SupportsOIDC ¶
func (p AuthProvider) SupportsOIDC() bool
SupportsOIDC returns true if OIDC auth is supported.
type CORSConfig ¶
type CORSConfig struct {
AllowedOrigins []string
AllowedMethods []string
AllowedHeaders []string
MaxAge int
}
CORSConfig holds CORS configuration.
type Config ¶
type Config struct {
App AppConfig
Server ServerConfig
GRPC GRPCConfig
Database DatabaseConfig
Redis RedisConfig
Log LogConfig
Auth AuthConfig
OAuth OAuthConfig
Keycloak KeycloakConfig
CORS CORSConfig
RateLimit RateLimitConfig
SMTP SMTPConfig
Worker WorkerConfig
Encryption EncryptionConfig
AITriage AITriageConfig
}
Config holds all application configuration.
func (*Config) IsDevelopment ¶
IsDevelopment returns true if the application is in development mode.
func (*Config) IsProduction ¶
IsProduction returns true if the application is in production mode.
type DatabaseConfig ¶
type DatabaseConfig struct {
Host string
Port int
User string
Password string
Name string
SSLMode string
MaxOpenConns int
MaxIdleConns int
ConnMaxLifetime time.Duration
}
DatabaseConfig holds database configuration.
func (*DatabaseConfig) DSN ¶
func (c *DatabaseConfig) DSN() string
DSN returns the database connection string.
type EncryptionConfig ¶
type EncryptionConfig struct {
// Key is the encryption key for AES-256-GCM encryption of sensitive data.
// Must be exactly 32 bytes (256 bits) when decoded.
// Can be provided as:
// - Raw 32-byte key
// - Hex-encoded (64 characters)
// - Base64-encoded (44 characters)
Key string
// KeyFormat specifies the format of the encryption key.
// Values: "raw", "hex", "base64"
// Default: auto-detected based on key length
KeyFormat string
}
EncryptionConfig holds encryption configuration for sensitive data.
func (*EncryptionConfig) IsConfigured ¶
func (c *EncryptionConfig) IsConfigured() bool
IsConfigured returns true if encryption is configured.
type KeycloakConfig ¶
type KeycloakConfig struct {
// BaseURL is the Keycloak server URL (e.g., "https://keycloak.example.com")
BaseURL string
// Realm is the Keycloak realm name
Realm string
// ClientID is the expected audience in tokens (optional, for audience validation)
ClientID string
// JWKSRefreshInterval is how often to refresh JWKS keys
JWKSRefreshInterval time.Duration
// HTTPTimeout is the timeout for HTTP requests to Keycloak
HTTPTimeout time.Duration
}
KeycloakConfig holds Keycloak authentication configuration.
func (*KeycloakConfig) IssuerURL ¶
func (c *KeycloakConfig) IssuerURL() string
IssuerURL returns the expected token issuer URL.
func (*KeycloakConfig) JWKSURL ¶
func (c *KeycloakConfig) JWKSURL() string
JWKSURL returns the JWKS endpoint URL.
type LoadBalancingConfig ¶
type LoadBalancingConfig struct {
// JobWeight is the weight for job load factor (current_jobs/max_jobs * 100).
// Default: 0.30 (30%)
JobWeight float64
// CPUWeight is the weight for CPU usage percentage.
// Default: 0.40 (40%) - CPU is typically the most important metric
CPUWeight float64
// MemoryWeight is the weight for memory usage percentage.
// Default: 0.15 (15%)
MemoryWeight float64
// DiskIOWeight is the weight for disk I/O score.
// Default: 0.10 (10%)
DiskIOWeight float64
// NetworkWeight is the weight for network I/O score.
// Default: 0.05 (5%)
NetworkWeight float64
// MaxDiskThroughputMBPS is the maximum expected disk throughput in MB/s.
// Used to normalize disk I/O metrics to a 0-100 scale.
// Default: 500 (500 MB/s combined read+write)
MaxDiskThroughputMBPS float64
// MaxNetworkThroughputMBPS is the maximum expected network throughput in MB/s.
// Used to normalize network metrics to a 0-100 scale.
// Default: 1000 (1 Gbps combined rx+tx)
MaxNetworkThroughputMBPS float64
}
LoadBalancingConfig holds weights for agent load balancing score computation. The load score formula: score = (JobWeight * job_load) + (CPUWeight * cpu) +
(MemoryWeight * memory) + (DiskIOWeight * disk_io) + (NetworkWeight * network)
All weights should sum to 1.0 for meaningful percentage-based scoring. Lower score = better candidate for receiving new jobs.
type LogConfig ¶
type LogConfig struct {
Level string
Format string
// Sampling configuration for high-traffic production environments
SamplingEnabled bool // Enable log sampling (default: false for dev, true for prod)
SamplingThreshold int // First N identical logs per second (default: 100)
SamplingRate float64 // Sample rate after threshold, 0.0-1.0 (default: 0.1 = 10%)
ErrorSamplingRate float64 // Sample rate for errors, 0.0-1.0 (default: 1.0 = 100%)
// HTTP logging configuration
SkipHealthLogs bool // Skip logging health check endpoints (default: true in prod)
SlowRequestSeconds int // Log requests slower than this as warnings (default: 5)
}
LogConfig holds logging configuration.
type OAuthConfig ¶
type OAuthConfig struct {
// Enabled controls whether OAuth login is enabled
Enabled bool
// FrontendCallbackURL is the frontend URL for OAuth callbacks
// e.g., "http://localhost:3000/auth/callback"
FrontendCallbackURL string
// StateSecret is used to sign OAuth state tokens for CSRF protection
StateSecret string
// StateDuration is how long OAuth state tokens are valid
StateDuration time.Duration
// Providers
Google OAuthProviderConfig
GitHub OAuthProviderConfig
Microsoft OAuthProviderConfig
}
OAuthConfig holds OAuth/Social login configuration.
func (*OAuthConfig) HasAnyProvider ¶
func (c *OAuthConfig) HasAnyProvider() bool
HasAnyProvider returns true if any OAuth provider is enabled.
type OAuthProviderConfig ¶
type OAuthProviderConfig struct {
Enabled bool
ClientID string
ClientSecret string
// Scopes are the OAuth scopes to request (optional, defaults provided)
Scopes []string
}
OAuthProviderConfig holds configuration for a single OAuth provider.
func (*OAuthProviderConfig) IsConfigured ¶
func (c *OAuthProviderConfig) IsConfigured() bool
IsConfigured returns true if the provider is properly configured.
type RateLimitConfig ¶
type RateLimitConfig struct {
Enabled bool
RequestsPerSec float64
Burst int
CleanupInterval time.Duration
}
RateLimitConfig holds rate limiting configuration.
type RedisConfig ¶
type RedisConfig struct {
Host string
Port int
Password string
DB int
PoolSize int
MinIdleConns int
DialTimeout time.Duration
ReadTimeout time.Duration
WriteTimeout time.Duration
TLSEnabled bool
TLSSkipVerify bool
MaxRetries int
MinRetryDelay time.Duration
MaxRetryDelay time.Duration
}
RedisConfig holds Redis configuration.
type SMTPConfig ¶
type SMTPConfig struct {
Host string
Port int
User string
Password string
From string
FromName string
TLS bool
SkipVerify bool
Enabled bool
BaseURL string // Frontend base URL for email links (e.g., https://app.openctem.io)
Timeout time.Duration
}
SMTPConfig holds SMTP configuration for sending emails.
func (*SMTPConfig) IsConfigured ¶
func (c *SMTPConfig) IsConfigured() bool
IsConfigured returns true if SMTP is properly configured.
type ServerConfig ¶
type ServerConfig struct {
Host string
Port int
ReadTimeout time.Duration
WriteTimeout time.Duration
RequestTimeout time.Duration // Per-request handler timeout
ShutdownTimeout time.Duration
MaxBodySize int64
}
ServerConfig holds HTTP server configuration.
func (*ServerConfig) Addr ¶
func (c *ServerConfig) Addr() string
Addr returns the HTTP server address.
type WorkerConfig ¶
type WorkerConfig = AgentConfig
WorkerConfig holds worker/agent management configuration. Deprecated: Use AgentConfig instead. This alias is kept for backward compatibility.
Source Files
Click to show internal directories.
Click to hide internal directories.