Affected by 
Documentation
¶
Index ¶
- func NewMigrateCommand() *cobra.Command
- func NewRootCommand() *cobra.Command
- func NewRunCommand() *cobra.Command
- func RunServer(ctx context.Context, config *Config) error
- func VerifyConfig(cfg *Config) error
- type AuthnConfig
- type AuthnOIDCConfig
- type AuthnPresharedKeyConfig
- type Config
- type DatastoreConfig
- type GRPCConfig
- type HTTPConfig
- type LogConfig
- type OpenTelemetryConfig
- type OpenTelemetryMetricsConfig
- type PlaygroundConfig
- type ProfilerConfig
- type TLSConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewMigrateCommand ¶
func NewRootCommand ¶
func NewRunCommand ¶
func VerifyConfig ¶
Types ¶
type AuthnConfig ¶
type AuthnConfig struct {
// Method is the authentication method that should be enforced (e.g. 'none', 'preshared', 'oidc')
Method string
*AuthnOIDCConfig `mapstructure:"oidc"`
}
AuthnConfig defines OpenFGA server configurations for authentication specific settings.
type AuthnOIDCConfig ¶
AuthnOIDCConfig defines configurations for the 'oidc' method of authentication.
type AuthnPresharedKeyConfig ¶
type AuthnPresharedKeyConfig struct {
Keys []string
}
AuthnPresharedKeyConfig defines configurations for the 'preshared' method of authentication.
type Config ¶
type Config struct {
// ListObjectsDeadline defines the maximum amount of time to accumulate ListObjects results
// before the server will respond. This is to protect the server from misuse of the
// ListObjects endpoints. It cannot be larger than HTTPConfig.UpstreamTimeout.
ListObjectsDeadline time.Duration
// ListObjectsMaxResults defines the maximum number of ListObjects results to accumulate
// before the server will respond. This is to protect the server from misuse of the
// ListObjects endpoints.
ListObjectsMaxResults uint32
// MaxTuplesPerWrite defines the maximum number of tuples per Write endpoint.
MaxTuplesPerWrite int
// MaxTypesPerAuthorizationModel defines the maximum number of type definitions per authorization model for the WriteAuthorizationModel endpoint.
MaxTypesPerAuthorizationModel int
// ChangelogHorizonOffset is an offset in minutes from the current time. Changes that occur after this offset will not be included in the response of ReadChanges.
ChangelogHorizonOffset int
// Experimentals is a list of the experimental features to enable in the OpenFGA server.
Experimentals []string
// ResolveNodeLimit indicates how deeply nested an authorization model can be.
ResolveNodeLimit uint32
Datastore DatastoreConfig
GRPC GRPCConfig
HTTP HTTPConfig
Authn AuthnConfig
Log LogConfig
Playground PlaygroundConfig
Profiler ProfilerConfig
OpenTelemetry OpenTelemetryConfig `mapstructure:"otel"`
}
func DefaultConfig ¶
func DefaultConfig() *Config
DefaultConfig returns the OpenFGA server default configurations.
func MustDefaultConfigWithRandomPorts ¶
func MustDefaultConfigWithRandomPorts() *Config
MustDefaultConfigWithRandomPorts returns the DefaultConfig, but with random ports for the grpc and http addresses. This function may panic if somehow a random port cannot be chosen.
func ReadConfig ¶
ReadConfig returns the OpenFGA server configuration based on the values provided in the server's 'config.yaml' file. The 'config.yaml' file is loaded from '/etc/openfga', '$HOME/.openfga', or the current working directory. If no configuration file is present, the default values are returned.
type DatastoreConfig ¶
type DatastoreConfig struct {
// Engine is the datastore engine to use (e.g. 'memory', 'postgres', 'mysql')
Engine string
URI string
// MaxCacheSize is the maximum number of cache keys that the storage cache can store before evicting
// old keys. The storage cache is used to cache query results for various static resources
// such as type definitions.
MaxCacheSize int
// MaxOpenConns is the maximum number of open connections to the database.
MaxOpenConns int
// MaxIdleConns is the maximum number of connections to the datastore in the idle connection pool.
MaxIdleConns int
// ConnMaxIdleTime is the maximum amount of time a connection to the datastore may be idle.
ConnMaxIdleTime time.Duration
// ConnMaxLifetime is the maximum amount of time a connection to the datastore may be reused.
ConnMaxLifetime time.Duration
}
DatastoreConfig defines OpenFGA server configurations for datastore specific settings.
type GRPCConfig ¶
GRPCConfig defines OpenFGA server configurations for grpc server specific settings.
type HTTPConfig ¶
type HTTPConfig struct {
Enabled bool
Addr string
TLS *TLSConfig
// UpstreamTimeout is the timeout duration for proxying HTTP requests upstream
// to the grpc endpoint. It cannot be smaller than Config.ListObjectsDeadline.
UpstreamTimeout time.Duration
CORSAllowedOrigins []string
CORSAllowedHeaders []string
}
HTTPConfig defines OpenFGA server configurations for HTTP server specific settings.
type LogConfig ¶
type LogConfig struct {
// Format is the log format to use in the log output (e.g. 'text' or 'json')
Format string
// Level is the log level to use in the log output (e.g. 'none', 'debug', or 'info')
Level string
}
LogConfig defines OpenFGA server configurations for log specific settings. For production we recommend using the 'json' log format.
type OpenTelemetryConfig ¶ added in v0.3.2
type OpenTelemetryConfig struct {
OpenTelemetryMetricsConfig `mapstructure:"metrics"`
}
OpenTelemetryConfig defines configurations for OpenTelemetry telemetry settings.
type OpenTelemetryMetricsConfig ¶ added in v0.3.2
type PlaygroundConfig ¶
PlaygroundConfig defines OpenFGA server configurations for the Playground specific settings.
type ProfilerConfig ¶
ProfilerConfig defines server configurations specific to pprof profiling.
Source Files
Directories