config

package
v0.1.16 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 21, 2026 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const DockerConfigPath = "/etc/tailkitd/integrations/docker.toml"
View Source 
const FilesConfigPath = "/etc/tailkitd/integrations/files.toml"
View Source 
const MetricsConfigPath = "/etc/tailkitd/integrations/metrics.toml"
View Source 
const SystemdConfigPath = "/etc/tailkitd/integrations/systemd.toml"
View Source 
const VarsConfigPath = "/etc/tailkitd/integrations/vars.toml"

Variables

This section is empty.

Functions

This section is empty.

Types

type CPUMetricsConfig 

type CPUMetricsConfig struct {
	Enabled bool `toml:"enabled"`
}

CPUMetricsConfig controls GET /integrations/metrics/cpu.

type DiskMetricsConfig 

type DiskMetricsConfig struct {
	Enabled bool `toml:"enabled"`

	// Paths restricts disk stats to specific mount points.
	// All entries must be absolute paths.
	// If empty, all mounted filesystems are reported.
	Paths []string `toml:"paths"`
}

DiskMetricsConfig controls GET /integrations/metrics/disk.

type DockerConfig 

type DockerConfig struct {
	Enabled    bool
	Containers DockerSectionConfig `toml:"containers"`
	Images     DockerSectionConfig `toml:"images"`
	Compose    DockerSectionConfig `toml:"compose"`
	Swarm      DockerSectionConfig `toml:"swarm"`
}

DockerConfig is the parsed and validated representation of docker.toml. Enabled is set to true only after a successful load — absent file means the docker integration is disabled (503), not an error.

func LoadDockerConfig 

func LoadDockerConfig(ctx context.Context, logger *zap.Logger) (DockerConfig, error)

LoadDockerConfig loads and validates docker.toml from the default path.

Missing file → Enabled=false, nil error (integration disabled, 503). Present but invalid → non-nil error (startup failure).

type DockerSectionConfig 

type DockerSectionConfig struct {
	// Enabled gates all operations in this section.
	// If false, all endpoints in the section return 403 regardless of Allow.
	Enabled bool `toml:"enabled"`

	// Allow is the list of permitted operations within this section.
	// Valid values differ per section and are validated at startup.
	// An unknown value causes a fatal config error with the valid set listed.
	Allow []string `toml:"allow"`
}

DockerSectionConfig is the common shape for every docker.toml section. Enabled gates the entire section. Allow is the set of permitted operations within that section — validated at load time against the section's closed set of valid values.

func (DockerSectionConfig) Permits 

func (s DockerSectionConfig) Permits(op string) bool

Permits returns true if op is both in the allow list and the section is enabled. Callers use this instead of inspecting Allow directly.

type FilesConfig 

type FilesConfig struct {
	Enabled bool
	Paths   []PathRule `toml:"path"`
}

FilesConfig is the parsed and validated representation of files.toml.

func LoadFilesConfig 

func LoadFilesConfig(ctx context.Context, logger *zap.Logger) (FilesConfig, error)

LoadFilesConfig loads and validates files.toml from the default path.

Missing file → Enabled=false, nil error (integration disabled, 503). Present but invalid → non-nil error (startup failure).

func (FilesConfig) FindPath 

func (c FilesConfig) FindPath(dir string) (PathRule, bool)

FindPath returns the PathRule whose Dir matches the given directory path, and a bool indicating whether a match was found. Callers use this to resolve a requested path to its rule before checking Permits.

type HostMetricsConfig 

type HostMetricsConfig struct {
	Enabled bool `toml:"enabled"`
}

HostMetricsConfig controls GET /integrations/metrics/host.

type JournalConfig 

type JournalConfig struct {
	// Enabled gates the per-unit journal endpoint
	// (GET /integrations/systemd/units/{unit}/journal).
	Enabled bool `toml:"enabled"`

	// Priority is the minimum log severity to return.
	// Valid values: emerg, alert, crit, err, warning, notice, info, debug.
	// Defaults to "info" if omitted.
	Priority string `toml:"priority"`

	// Lines is the default number of journal lines returned per request.
	// Must be a positive integer. Defaults to 100 if omitted.
	Lines int `toml:"lines"`

	// SystemJournal permits GET /integrations/systemd/journal (system-wide).
	// Kept as a dedicated bool because it is a distinct endpoint, not an
	// operation variant of the per-unit journal.
	SystemJournal bool `toml:"system_journal"`
}

JournalConfig controls journal retrieval behaviour. It applies to both per-unit journal endpoints and the system-wide journal.

type MemoryMetricsConfig 

type MemoryMetricsConfig struct {
	Enabled bool `toml:"enabled"`
}

MemoryMetricsConfig controls GET /integrations/metrics/memory.

type MetricsConfig 

type MetricsConfig struct {
	Enabled   bool
	Host      HostMetricsConfig    `toml:"host"`
	CPU       CPUMetricsConfig     `toml:"cpu"`
	Memory    MemoryMetricsConfig  `toml:"memory"`
	Disk      DiskMetricsConfig    `toml:"disk"`
	Network   NetworkMetricsConfig `toml:"network"`
	Processes ProcessMetricsConfig `toml:"processes"`
}

MetricsConfig is the parsed and validated representation of metrics.toml.

Each sub-section maps to one metrics endpoint group. Sections are independent — enabling disk does not require enabling cpu, and so on.

func LoadMetricsConfig 

func LoadMetricsConfig(ctx context.Context, logger *zap.Logger) (MetricsConfig, error)

LoadMetricsConfig loads and validates metrics.toml from the default path.

Missing file → Enabled=false, nil error (integration disabled, 503). Present but invalid → non-nil error (startup failure).

func (MetricsConfig) ProcessLimit 

func (c MetricsConfig) ProcessLimit() int

ProcessLimit returns the effective process limit. Safe to call on a zero MetricsConfig — returns the default.

type NetworkMetricsConfig 

type NetworkMetricsConfig struct {
	Enabled bool `toml:"enabled"`

	// Interfaces restricts stats to specific network interfaces by name.
	// If empty, all interfaces are reported.
	Interfaces []string `toml:"interfaces"`
}

NetworkMetricsConfig controls GET /integrations/metrics/network.

type PathRule 

type PathRule struct {
	// Dir is the directory this rule applies to.
	// Must be an absolute path ending with "/".
	Dir string `toml:"dir"`

	// Allow is the list of permitted operations for this directory.
	// Valid values: "read", "write".
	Allow []string `toml:"allow"`
}

PathRule defines access permissions for a single directory.

Dir must be an absolute path ending with "/". Allow contains the permitted operations for that directory. PostRecv lists exec-registry commands to run after a successful write; validated against the exec registry after tools are loaded.

func (PathRule) Permits 

func (r PathRule) Permits(op string) bool

Permits returns true if op ("read" or "write") is in the allow list.

type ProcessMetricsConfig 

type ProcessMetricsConfig struct {
	Enabled bool `toml:"enabled"`

	// Limit caps the number of processes returned, sorted by CPU usage desc.
	// Must be a positive integer, maximum 100.
	// Uses a pointer so we can distinguish "omitted" (nil → default 20)
	// from "explicitly set to 0" (→ validation error).
	Limit *int `toml:"limit"`
}

ProcessMetricsConfig controls GET /integrations/metrics/processes.

type SystemdConfig 

type SystemdConfig struct {
	Enabled bool
	Units   UnitConfig    `toml:"units"`
	Journal JournalConfig `toml:"journal"`
}

SystemdConfig is the parsed and validated representation of systemd.toml.

func LoadSystemdConfig 

func LoadSystemdConfig(ctx context.Context, logger *zap.Logger) (SystemdConfig, error)

LoadSystemdConfig loads and validates systemd.toml from the default path.

Missing file → Enabled=false, nil error (integration disabled, 503). Present but invalid → non-nil error (startup failure).

type UnitConfig 

type UnitConfig struct {
	// Enabled gates all unit operations.
	Enabled bool `toml:"enabled"`

	// Allow is the list of permitted unit operations.
	// Valid values: list, inspect, unit_file, logs, start, stop, restart,
	// reload, enable, disable.
	// An unknown value is a fatal config error.
	Allow []string `toml:"allow"`
}

UnitConfig controls which systemd unit operations are permitted.

func (UnitConfig) Permits 

func (u UnitConfig) Permits(op string) bool

Permits returns true if op is enabled and present in the allow list.

type VarScope 

type VarScope struct {
	// Project is the project identifier (e.g. "myapp").
	// Must match ^[a-z0-9_-]+$.
	Project string `toml:"project"`

	// Env is the environment identifier (e.g. "prod", "staging").
	// Must match ^[a-z0-9_-]+$.
	Env string `toml:"env"`

	// Allow is the list of permitted operations for this scope.
	// Valid values: "read", "write".
	// At least one value is required.
	Allow []string `toml:"allow"`
}

VarScope defines access permissions for a single project+env combination.

Project and Env must both match ^[a-z0-9_-]+$. Allow must contain at least one of "read" or "write". Duplicate project/env pairs are a validation error.

func (VarScope) Permits 

func (s VarScope) Permits(op string) bool

Permits returns true if op ("read" or "write") is in the allow list.

type VarsConfig 

type VarsConfig struct {
	Enabled bool
	Scopes  []VarScope `toml:"scope"`
}

VarsConfig is the parsed and validated representation of vars.toml.

func LoadVarsConfig 

func LoadVarsConfig(ctx context.Context, logger *zap.Logger) (VarsConfig, error)

LoadVarsConfig loads and validates vars.toml from the default path.

Missing file → Enabled=false, nil error (integration disabled, 503). Present but invalid → non-nil error (startup failure).

func (VarsConfig) FindScope 

func (c VarsConfig) FindScope(project, env string) (VarScope, bool)

FindScope returns the VarScope for the given project+env pair, and a bool indicating whether a match was found.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.