config

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 9, 2026 License: GPL-3.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	EnvProduction = "production"
)

Environment constants

Variables

This section is empty.

Functions

This section is empty.

Types

type AITriageConfig 

type AITriageConfig struct {
	// Enabled controls whether AI triage feature is available platform-wide.
	Enabled bool

	// Platform AI Provider Configuration
	// Used when tenants choose "platform" mode (don't provide their own keys)
	PlatformProvider string // "claude", "openai", or "gemini"
	PlatformModel    string // e.g., "claude-3-5-sonnet-20241022", "gemini-1.5-pro"
	AnthropicAPIKey  string // Platform's Anthropic API key
	OpenAIAPIKey     string // Platform's OpenAI API key
	GeminiAPIKey     string // Platform's Google Gemini API key

	// Rate Limiting
	MaxConcurrentJobs int // Max concurrent AI triage jobs
	RateLimitRPM      int // Rate limit per minute
	TimeoutSeconds    int // Timeout for AI API calls
	MaxTokens         int // Max tokens per request

	// LLM Parameters
	Temperature float64 // Temperature for LLM (0.0-1.0, lower = more deterministic)

	// Default Auto-Triage Settings (can be overridden per tenant)
	DefaultAutoTriageEnabled    bool
	DefaultAutoTriageSeverities []string
	DefaultAutoTriageDelay      time.Duration

	// Stuck Job Recovery Settings
	RecoveryEnabled       bool          // Enable background recovery for stuck jobs
	RecoveryInterval      time.Duration // How often to check for stuck jobs (default: 5 minutes)
	RecoveryStuckDuration time.Duration // How long before a job is considered stuck (default: 15 minutes)
	RecoveryBatchSize     int           // Max jobs to recover per run (default: 50)
}

AITriageConfig holds AI triage configuration for the platform. This is the platform-level configuration. Tenant-specific settings are stored in tenant.Settings.AI.

func (*AITriageConfig) IsConfigured 

func (c *AITriageConfig) IsConfigured() bool

IsConfigured returns true if AI triage is properly configured. This checks if at least one LLM provider API key is set. Note: The Enabled field is deprecated - feature availability is now controlled by the module's is_active field in the database.

type AgentConfig 

type AgentConfig struct {
	// HeartbeatTimeout is the duration after which an agent is marked as inactive
	// if no heartbeat is received. Default: 5 minutes.
	HeartbeatTimeout time.Duration

	// HealthCheckInterval is how often to check for stale agents.
	// Default: 1 minute.
	HealthCheckInterval time.Duration

	// Enabled controls whether agent health checking is enabled.
	// Default: true.
	Enabled bool

	// LoadBalancing holds configuration for agent load balancing weights.
	LoadBalancing LoadBalancingConfig
}

AgentConfig holds agent management configuration.

type AgentConfigConfig added in v0.1.5 

type AgentConfigConfig struct {
	// TemplatesDir is the filesystem path containing agent config templates
	// (yaml.tmpl, env.tmpl, docker.tmpl, cli.tmpl). Operators can edit these
	// without rebuilding the API or UI.
	// Default: configs/agent-templates
	TemplatesDir string
	// PublicAPIURL is the URL agents will connect to (embedded in templates).
	// If empty, falls back to App.URL.
	PublicAPIURL string
}

AgentConfigConfig holds the agent config template service settings.

type AppConfig 

type AppConfig struct {
	Name  string
	Env   string
	Debug bool
	URL   string // Public app URL (used as fallback for agent config base URL)
}

AppConfig holds application-level configuration.

type AuthConfig 

type AuthConfig struct {
	// Provider determines which authentication methods are available.
	// Values: "local", "oidc", "hybrid"
	Provider AuthProvider

	// JWT settings for local auth
	JWTSecret            string        // Secret key for signing JWTs (required for local/hybrid)
	JWTIssuer            string        // Token issuer claim
	AccessTokenDuration  time.Duration // Access token lifetime (default: 15m)
	RefreshTokenDuration time.Duration // Refresh token lifetime (default: 7d)
	SessionDuration      time.Duration // Session lifetime (default: 30d)

	// Password policy
	PasswordMinLength      int  // Minimum password length (default: 8)
	PasswordRequireUpper   bool // Require uppercase letter
	PasswordRequireLower   bool // Require lowercase letter
	PasswordRequireNumber  bool // Require number
	PasswordRequireSpecial bool // Require special character

	// Security settings
	MaxLoginAttempts  int           // Max failed attempts before lockout (default: 5)
	LockoutDuration   time.Duration // Account lockout duration (default: 15m)
	MaxActiveSessions int           // Max concurrent sessions per user (default: 10)

	// Registration settings
	AllowRegistration        bool // Allow new user registration (default: true)
	RequireEmailVerification bool // Require email verification (default: true)

	// Email verification/reset token settings
	EmailVerificationDuration time.Duration // Email verification token lifetime (default: 24h)
	PasswordResetDuration     time.Duration // Password reset token lifetime (default: 1h)

	// Cookie settings for tokens (security best practice)
	CookieSecure           bool   // Use Secure flag (HTTPS only) - should be true in production
	CookieDomain           string // Cookie domain (empty = current host)
	CookieSameSite         string // SameSite policy: "strict", "lax", or "none"
	AccessTokenCookieName  string // Cookie name for access token (default: "auth_token")
	RefreshTokenCookieName string // Cookie name for refresh token (default: "refresh_token")
	TenantCookieName       string // Cookie name for tenant (default: "app_tenant")
}

AuthConfig holds authentication configuration.

type AuthProvider 

type AuthProvider string

AuthProvider represents the authentication provider type. 

const (
	// AuthProviderLocal uses built-in email/password authentication.
	AuthProviderLocal AuthProvider = "local"
	// AuthProviderOIDC uses external OIDC provider (Keycloak).
	AuthProviderOIDC AuthProvider = "oidc"
	// AuthProviderHybrid allows both local and OIDC authentication.
	AuthProviderHybrid AuthProvider = "hybrid"
)

func (AuthProvider) IsValid 

func (p AuthProvider) IsValid() bool

IsValid checks if the auth provider is valid.

func (AuthProvider) SupportsLocal 

func (p AuthProvider) SupportsLocal() bool

SupportsLocal returns true if local auth is supported.

func (AuthProvider) SupportsOIDC 

func (p AuthProvider) SupportsOIDC() bool

SupportsOIDC returns true if OIDC auth is supported.

type CORSConfig 

type CORSConfig struct {
	AllowedOrigins []string
	AllowedMethods []string
	AllowedHeaders []string
	MaxAge         int
}

CORSConfig holds CORS configuration.

type Config 

type Config struct {
	App         AppConfig
	Server      ServerConfig
	GRPC        GRPCConfig
	Database    DatabaseConfig
	Redis       RedisConfig
	Log         LogConfig
	Auth        AuthConfig
	OAuth       OAuthConfig
	Keycloak    KeycloakConfig
	CORS        CORSConfig
	RateLimit   RateLimitConfig
	SMTP        SMTPConfig
	Worker      WorkerConfig
	Encryption  EncryptionConfig
	AITriage    AITriageConfig
	AgentConfig AgentConfigConfig
}

Config holds all application configuration.

func Load 

func Load() (*Config, error)

Load loads configuration from environment variables.

func (*Config) IsDevelopment 

func (c *Config) IsDevelopment() bool

IsDevelopment returns true if the application is in development mode.

func (*Config) IsProduction 

func (c *Config) IsProduction() bool

IsProduction returns true if the application is in production mode.

func (*Config) Validate 

func (c *Config) Validate() error

Validate validates the configuration.

type DatabaseConfig 

type DatabaseConfig struct {
	Host            string
	Port            int
	User            string
	Password        string
	Name            string
	SSLMode         string
	MaxOpenConns    int
	MaxIdleConns    int
	ConnMaxLifetime time.Duration
}

DatabaseConfig holds database configuration.

func (*DatabaseConfig) DSN 

func (c *DatabaseConfig) DSN() string

DSN returns the database connection string.

type EncryptionConfig 

type EncryptionConfig struct {
	// Key is the encryption key for AES-256-GCM encryption of sensitive data.
	// Must be exactly 32 bytes (256 bits) when decoded.
	// Can be provided as:
	// - Raw 32-byte key
	// - Hex-encoded (64 characters)
	// - Base64-encoded (44 characters)
	Key string

	// KeyFormat specifies the format of the encryption key.
	// Values: "raw", "hex", "base64"
	// Default: auto-detected based on key length
	KeyFormat string
}

EncryptionConfig holds encryption configuration for sensitive data.

func (*EncryptionConfig) IsConfigured 

func (c *EncryptionConfig) IsConfigured() bool

IsConfigured returns true if encryption is configured.

type GRPCConfig 

type GRPCConfig struct {
	Port int
}

GRPCConfig holds gRPC server configuration.

type KeycloakConfig 

type KeycloakConfig struct {
	// BaseURL is the Keycloak server URL (e.g., "https://keycloak.example.com")
	BaseURL string
	// Realm is the Keycloak realm name
	Realm string
	// ClientID is the expected audience in tokens (optional, for audience validation)
	ClientID string
	// JWKSRefreshInterval is how often to refresh JWKS keys
	JWKSRefreshInterval time.Duration
	// HTTPTimeout is the timeout for HTTP requests to Keycloak
	HTTPTimeout time.Duration
}

KeycloakConfig holds Keycloak authentication configuration.

func (*KeycloakConfig) IssuerURL 

func (c *KeycloakConfig) IssuerURL() string

IssuerURL returns the expected token issuer URL.

func (*KeycloakConfig) JWKSURL 

func (c *KeycloakConfig) JWKSURL() string

JWKSURL returns the JWKS endpoint URL.

type LoadBalancingConfig 

type LoadBalancingConfig struct {
	// JobWeight is the weight for job load factor (current_jobs/max_jobs * 100).
	// Default: 0.30 (30%)
	JobWeight float64

	// CPUWeight is the weight for CPU usage percentage.
	// Default: 0.40 (40%) - CPU is typically the most important metric
	CPUWeight float64

	// MemoryWeight is the weight for memory usage percentage.
	// Default: 0.15 (15%)
	MemoryWeight float64

	// DiskIOWeight is the weight for disk I/O score.
	// Default: 0.10 (10%)
	DiskIOWeight float64

	// NetworkWeight is the weight for network I/O score.
	// Default: 0.05 (5%)
	NetworkWeight float64

	// MaxDiskThroughputMBPS is the maximum expected disk throughput in MB/s.
	// Used to normalize disk I/O metrics to a 0-100 scale.
	// Default: 500 (500 MB/s combined read+write)
	MaxDiskThroughputMBPS float64

	// MaxNetworkThroughputMBPS is the maximum expected network throughput in MB/s.
	// Used to normalize network metrics to a 0-100 scale.
	// Default: 1000 (1 Gbps combined rx+tx)
	MaxNetworkThroughputMBPS float64
}

LoadBalancingConfig holds weights for agent load balancing score computation. The load score formula: score = (JobWeight * job_load) + (CPUWeight * cpu) + 

(MemoryWeight * memory) + (DiskIOWeight * disk_io) + (NetworkWeight * network)

All weights should sum to 1.0 for meaningful percentage-based scoring. Lower score = better candidate for receiving new jobs.

type LogConfig 

type LogConfig struct {
	Level  string
	Format string

	// Sampling configuration for high-traffic production environments
	SamplingEnabled   bool    // Enable log sampling (default: false for dev, true for prod)
	SamplingThreshold int     // First N identical logs per second (default: 100)
	SamplingRate      float64 // Sample rate after threshold, 0.0-1.0 (default: 0.1 = 10%)
	ErrorSamplingRate float64 // Sample rate for errors, 0.0-1.0 (default: 1.0 = 100%)

	// HTTP logging configuration
	SkipHealthLogs     bool // Skip logging health check endpoints (default: true in prod)
	SlowRequestSeconds int  // Log requests slower than this as warnings (default: 5)
}

LogConfig holds logging configuration.

type OAuthConfig 

type OAuthConfig struct {
	// Enabled controls whether OAuth login is enabled
	Enabled bool

	// FrontendCallbackURL is the frontend URL for OAuth callbacks
	// e.g., "http://localhost:3000/auth/callback"
	FrontendCallbackURL string

	// StateSecret is used to sign OAuth state tokens for CSRF protection
	StateSecret string

	// StateDuration is how long OAuth state tokens are valid
	StateDuration time.Duration

	// AllowedRedirectURLs is a whitelist of allowed OAuth redirect URLs.
	// If empty, only the FrontendCallbackURL origin is allowed.
	AllowedRedirectURLs []string

	// Providers
	Google    OAuthProviderConfig
	GitHub    OAuthProviderConfig
	Microsoft OAuthProviderConfig
}

OAuthConfig holds OAuth/Social login configuration.

func (*OAuthConfig) HasAnyProvider 

func (c *OAuthConfig) HasAnyProvider() bool

HasAnyProvider returns true if any OAuth provider is enabled.

type OAuthProviderConfig 

type OAuthProviderConfig struct {
	Enabled      bool
	ClientID     string
	ClientSecret string
	// Scopes are the OAuth scopes to request (optional, defaults provided)
	Scopes []string
}

OAuthProviderConfig holds configuration for a single OAuth provider.

func (*OAuthProviderConfig) IsConfigured 

func (c *OAuthProviderConfig) IsConfigured() bool

IsConfigured returns true if the provider is properly configured.

type RateLimitConfig 

type RateLimitConfig struct {
	Enabled         bool
	RequestsPerSec  float64
	Burst           int
	CleanupInterval time.Duration
}

RateLimitConfig holds rate limiting configuration.

type RedisConfig 

type RedisConfig struct {
	Host          string
	Port          int
	Password      string
	DB            int
	PoolSize      int
	MinIdleConns  int
	DialTimeout   time.Duration
	ReadTimeout   time.Duration
	WriteTimeout  time.Duration
	TLSEnabled    bool
	TLSSkipVerify bool
	TLSCertFile   string // Path to TLS certificate file (optional, for mTLS)
	TLSKeyFile    string // Path to TLS key file (optional, for mTLS)
	TLSCAFile     string // Path to CA certificate file (optional, for custom CA)
	MaxRetries    int
	MinRetryDelay time.Duration
	MaxRetryDelay time.Duration
}

RedisConfig holds Redis configuration.

func (*RedisConfig) Addr 

func (c *RedisConfig) Addr() string

Addr returns the Redis address.

type SMTPConfig 

type SMTPConfig struct {
	Host       string
	Port       int
	User       string
	Password   string
	From       string
	FromName   string
	TLS        bool
	SkipVerify bool
	Enabled    bool
	BaseURL    string // Frontend base URL for email links (e.g., https://app.openctem.io)
	Timeout    time.Duration
}

SMTPConfig holds SMTP configuration for sending emails.

func (*SMTPConfig) IsConfigured 

func (c *SMTPConfig) IsConfigured() bool

IsConfigured returns true if SMTP is properly configured.

type ServerConfig 

type ServerConfig struct {
	Host                  string
	Port                  int
	ReadTimeout           time.Duration
	WriteTimeout          time.Duration
	RequestTimeout        time.Duration // Per-request handler timeout
	ShutdownTimeout       time.Duration
	MaxBodySize           int64
	SessionTimeoutMinutes int // Session timeout in minutes (0 = disabled, default: 30)
	MaxConcurrentRequests int // Maximum concurrent requests (default: 1000)
}

ServerConfig holds HTTP server configuration.

func (*ServerConfig) Addr 

func (c *ServerConfig) Addr() string

Addr returns the HTTP server address.

type WorkerConfig 

type WorkerConfig = AgentConfig

WorkerConfig holds worker/agent management configuration. Deprecated: Use AgentConfig instead. This alias is kept for backward compatibility.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.