-
Notifications
You must be signed in to change notification settings - Fork 3
/
config.go
151 lines (123 loc) · 5 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
// Package sysconf provides system level configuration.
package sysconf
import (
"os"
"go.uber.org/zap"
"github.com/vanti-dev/sc-bos/pkg/app/http"
"github.com/vanti-dev/sc-bos/pkg/auth/policy"
"github.com/vanti-dev/sc-bos/pkg/auto"
"github.com/vanti-dev/sc-bos/pkg/driver"
"github.com/vanti-dev/sc-bos/pkg/system"
"github.com/vanti-dev/sc-bos/pkg/util/netutil"
"github.com/vanti-dev/sc-bos/pkg/zone"
)
// Load loads into dst any user supplied config from json files and CLI arguments. CLI arguments take precedence.
func Load(dst *Config) error {
// We call LoadFromArgs twice because args can be used to specify config file paths,
// but also args should override config values specified in json files.
if _, err := LoadFromArgs(dst, os.Args[1:]...); err != nil {
return err
}
if err := LoadAllFromJSON(dst); err != nil {
return err
}
if err := LoadFromConfigFilesJSON(dst); err != nil {
return err
}
if _, err := LoadFromArgs(dst, os.Args[1:]...); err != nil {
return err
}
// do any post processing
dst.CertConfig = dst.CertConfig.FillDefaults()
return nil
}
// Config configures how the controller should run.
type Config struct {
ConfigDirs []string `json:"-"` // Dirs to look in for system config files. Defaults to [".conf"]
ConfigFiles []string `json:"-"` // Filenames we load in ConfigDirs for system config. Defaults to ["system.conf.json", "system.json"]
// The smart core name of the controller.
// Can be overridden by app config.
Name string `json:"name,omitempty"`
Logger *zap.Config `json:"logger,omitempty"`
ListenGRPC string `json:"listenGrpc,omitempty"`
ListenHTTPS string `json:"listenHttps,omitempty"`
// FooAddr are preferred IP/host others use to connect to us.
// Defaults to netutil.PublicAddress
GRPCAddr string `json:"grpcAddr,omitempty"`
HTTPAddr string `json:"httpAddr,omitempty"`
AppConfig []string `json:"appConfig,omitempty"` // defaults to [".conf/app.conf.json"]
DataDir string `json:"dataDir,omitempty"` // defaults to .data/
StaticHosting []http.StaticHostingConfig `json:"staticHosting"`
CertConfig *Certs `json:"certs,omitempty"`
Cors http.CorsConfig `json:"cors,omitempty"`
Systems map[string]system.RawConfig `json:"systems,omitempty"`
Policy policy.Policy `json:"-"` // Override the policy used for RPC calls. Defaults to policy.Default
PolicyMode PolicyMode `json:"-"` // How to apply the policy. Unsafe and can disable security checks. Defaults to PolicyOn.
DriverFactories map[string]driver.Factory `json:"-"` // keyed by driver name
AutoFactories map[string]auto.Factory `json:"-"` // keyed by automation type
SystemFactories map[string]system.Factory `json:"-"` // keyed by system type
ZoneFactories map[string]zone.Factory `json:"-"` // keyed by zone type
}
// Certs encapsulates different settings used for loading and present certificates to clients and servers.
type Certs struct {
KeyFile string `json:"keyFile,omitempty"`
CertFile string `json:"certFile,omitempty"`
RootsFile string `json:"rootsFile,omitempty"`
HTTPCert bool `json:"httpCert,omitempty"` // have the https stack (grpc-web and hosting) use different pki.Source from the grpc stack
HTTPKeyFile string `json:"httpKeyFile,omitempty"`
HTTPCertFile string `json:"httpCertFile,omitempty"`
}
type PolicyMode string
const (
PolicyOn PolicyMode = "on" // Always check requests against the policy.
PolicyOff PolicyMode = "off" // Never check requests against the policy, allow all requests.
PolicyCheck PolicyMode = "check" // Check requests against the policy if the request has a token or client cert.
)
func Default() Config {
logConf := zap.NewDevelopmentConfig()
config := Config{
ConfigDirs: []string{".conf"},
ConfigFiles: []string{"system.conf.json", "system.json"},
Logger: &logConf,
ListenGRPC: ":23557",
ListenHTTPS: ":443",
AppConfig: []string{".conf/app.conf.json"},
DataDir: ".data",
Cors: http.CorsConfig{
DebugMode: false,
// todo: this should really default to the default host
CorsOrigins: []string{"*"},
},
StaticHosting: []http.StaticHostingConfig{},
CertConfig: &Certs{
KeyFile: "grpc.key.pem",
CertFile: "grpc.cert.pem",
RootsFile: "grpc.roots.pem",
HTTPCert: false,
HTTPKeyFile: "", // while these have defaults, we can't specify them and still have the "turn on if specified" feature
HTTPCertFile: "",
},
Policy: nil,
PolicyMode: PolicyOn,
}
config.Logger.DisableStacktrace = true // because it's annoying
if localIP, err := netutil.OutboundAddr(); err == nil {
config.GRPCAddr = localIP.String()
config.HTTPAddr = localIP.String()
}
return config
}
func (c *Certs) FillDefaults() *Certs {
or := func(a *string, b string) {
if *a == "" {
*a = b
}
}
// if the config specifies http key or cert file paths, assume they want to use it
if c.HTTPKeyFile != "" || c.HTTPCertFile != "" {
c.HTTPCert = true
}
or(&c.HTTPKeyFile, "https.key.pem")
or(&c.HTTPCertFile, "https.cert.pem")
return c
}