-
Notifications
You must be signed in to change notification settings - Fork 2
/
options.go
110 lines (93 loc) · 4.38 KB
/
options.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
package options
import (
"crypto/rand"
"encoding/base64"
"fmt"
"github.com/jessevdk/go-flags"
)
// Base are base API server options
type Base struct {
Mode string `short:"m" long:"mode" description:"Server mode" choice:"http" choice:"lambda" default:"http"`
BindAddress string `short:"b" long:"address" description:"Address to bind API server" default:"0.0.0.0"`
Port string `short:"p" long:"port" description:"Port on which to bind API server" default:"10001"`
ExternalAddress string `short:"e" long:"external-address" description:"External address for connection to server" default:"localhost:10001"`
StaticDir string `short:"s" long:"static-dir" description:"Directory to serve static content from (if specified)"`
TLS `namespace:"tls" group:"Transport Layer Security (TLS) options"`
CookieSecret string `long:"cookie-secret" description:"Secret for session cookie encryption (defaults to a random key)"`
Session `namespace:"cookie" group:"Session storage options"`
LogEndpoints bool `long:"log-endpoints" description:"Enable endpoint logging"`
CORS `namespace:"cors" group:"Cross Origin Resource Sharing (CORS) settings"`
CSP `namespace:"csp" group:"Content Security Policy (CSP) settings"`
}
func (b *Base) GetExternalAddress() string {
if b.TLS.NoTLS {
return fmt.Sprintf("http://%s", b.ExternalAddress)
} else {
return fmt.Sprintf("https://%s", b.ExternalAddress)
}
}
func (b *Base) GetBindAddress() string {
if b.TLS.NoTLS {
return fmt.Sprintf("http://%s:%s", b.BindAddress, b.Port)
} else {
return fmt.Sprintf("https://%s:%s", b.BindAddress, b.Port)
}
}
type Session struct {
Secret string `long:"secret" description:"Secret for session cookie encryption (defaults to a random key)"`
DisableSecure bool `long:"disable-secure" description:"Disable secure cookie flag (DEV USE ONLY)"`
}
// TLS configuration options
type TLS struct {
TLSCert string `short:"c" long:"cert" description:"TLS certificate file"`
TLSKey string `short:"k" long:"key" description:"TLS key file"`
NoTLS bool `long:"disable" description:"Disable TLS"`
}
// CORS configuration options
type CORS struct {
AllowedOrigins []string `long:"allowed-origins" description:"Allowed origins (defaults to external address or bind address)"`
AllowedMethods []string `long:"allowed-methods" description:"Allowed http methods" default:"GET,POST,PUT,UPDATE,OPTIONS"`
AllowedHeaders []string `long:"allowed-headers" description:"Allowed headers" default:"Content-Type"`
AllowCredentials bool `long:"allowed-credentials" description:"Allowed credentials"`
NoCORS bool `long:"disable" description:"Disable CORS headers"`
}
// CSP configuration options
type CSP struct {
ReportOnly bool `long:"report-only" description:"Sets CSP to report only mode"`
DefaultSrc []string `long:"default-src" description:"Default allowed sources" default:"'self'"`
ScriptSrc []string `long:"script-src" description:"Allowed script sources"`
StyleSrc []string `long:"style-src" description:"Allowed style sources"`
ImgSrc []string `long:"img-src" description:"Allowed img sources"`
FontSrc []string `long:"font-src" description:"Allowed font sources"`
ChildSrc []string `long:"child-src" description:"Allowed child sources"`
ConnectSrc []string `long:"connect-src" description:"Allowed connect sources"`
FrameSrc []string `long:"frame-src" description:"Allowed frame sources"`
ManifestSrc []string `long:"manifest-src" description:"Allowed manifest sources"`
MediaSrc []string `long:"media-src" description:"Allowed media sources"`
ObjectSrc []string `long:"object-src" description:"Allowed object sources"`
WorkerSrc []string `long:"worker-src" description:"Allowed worker sources"`
ReportTo string `long:"report-to" description:"ReportTo address" default:"/csp-report"`
NoCSP bool `long:"disable" description:"Disable CSP headers"`
}
// Server mode constants
const (
ModeLambda = "lambda"
ModeHTTP = "http"
)
// Parse parses command line options
func Parse(i interface{}) error {
_, err := flags.Parse(i)
return err
}
// GenerateSecret Helper to generate a default secret to use
func GenerateSecret(len int) (string, error) {
data := make([]byte, len)
n, err := rand.Read(data)
if err != nil {
return "", err
}
if n != len {
return "", fmt.Errorf("Config: RNG failed")
}
return base64.URLEncoding.EncodeToString(data), nil
}