Documentation ¶
Index ¶
- Constants
- Variables
- func CertificateText(cert *x509.Certificate) string
- func CheckValidKeys(subSys string, kv KVS, validKVS KVS) error
- func Decrypt(KMS kms.KMS, ciphertext io.Reader, context kms.Context) (io.Reader, error)
- func DecryptBytes(KMS kms.KMS, ciphertext []byte, context kms.Context) ([]byte, error)
- func DefaultHelpPostfix(subsystem KVS, key string) string
- func Encrypt(KMS kms.KMS, plaintext io.Reader, ctx kms.Context) (io.Reader, error)
- func EncryptBytes(KMS kms.KMS, plaintext []byte, context kms.Context) ([]byte, error)
- func EnsureCertAndKey(clientCert, clientKey string) error
- func Errorf(format string, a ...interface{}) error
- func FmtError(introMsg string, err error, jsonFlag bool) string
- func FormatBool(b bool) string
- func GetSubSys(s string) (subSys string, inputs []string, tgt string, e error)
- func LoadX509KeyPair(certFile, keyFile string) (tls.Certificate, error)
- func LookupCreds(kv KVS) (auth.Credentials, error)
- func LookupWorm() (bool, error)
- func Merge(cfgKVS map[string]KVS, envname string, defaultKVS KVS) map[string]KVS
- func NewConfigWriteTo(cfg Config, key string) io.WriterTo
- func ParseBool(str string) (bool, error)
- func ParsePublicCertFile(certFile string) (x509Certs []*x509.Certificate, err error)
- func RegisterDefaultKVS(kvsMap map[string]KVS)
- func RegisterHelpDeprecatedSubSys(helpDeprecatedKVMap map[string]HelpKV)
- func RegisterHelpSubSys(helpKVSMap map[string]HelpKVS)
- func SetCredentials(c Config, cred auth.Credentials)
- func SetRegion(c Config, name string)
- type BoolFlag
- type Config
- func (c Config) CheckValidKeys(subSys string, deprecatedKeys []string) error
- func (c Config) Clone() Config
- func (c Config) DelFrom(r io.Reader) error
- func (c Config) DelKVS(s string) error
- func (c Config) GetAvailableTargets(subSys string) ([]string, error)
- func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (Targets, error)
- func (c Config) GetResolvedConfigParams(subSys, target string) ([]KVSrc, error)
- func (c Config) GetSubsysInfo(subSys string) ([]SubsysInfo, error)
- func (c Config) Merge() Config
- func (c Config) ReadConfig(r io.Reader) (dynOnly bool, err error)
- func (c Config) RedactSensitiveInfo() Config
- func (c Config) ResolveConfigParam(subSys, target, cfgParam string) (value string, cs ValueSource)
- func (c Config) SetKVS(s string, defaultKVS map[string]KVS) (dynamic bool, err error)
- type EnvPair
- type Err
- type ErrFn
- type Error
- type HelpKV
- type HelpKVS
- type KV
- type KVS
- func (kvs KVS) Clone() KVS
- func (kvs *KVS) Delete(key string)
- func (kvs KVS) Empty() bool
- func (kvs KVS) Get(key string) string
- func (kvs KVS) GetWithDefault(key string, defaultKVS KVS) string
- func (kvs KVS) Keys() []string
- func (kvs KVS) Lookup(key string) (string, bool)
- func (kvs *KVS) Set(key, value string)
- func (kvs KVS) String() string
- type KVSrc
- type Site
- type SubsysInfo
- type Target
- type Targets
- type ValueSource
Constants ¶
const ( Default = madmin.Default Enable = madmin.EnableKey Comment = madmin.CommentKey EnvSeparator = "=" // Enable values EnableOn = madmin.EnableOn EnableOff = madmin.EnableOff RegionKey = "region" NameKey = "name" RegionName = "name" AccessKey = "access_key" SecretKey = "secret_key" License = "license" // Deprecated Dec 2021 APIKey = "api_key" Proxy = "proxy" )
Default keys
const ( CredentialsSubSys = "credentials" PolicyOPASubSys = "policy_opa" PolicyPluginSubSys = "policy_plugin" IdentityOpenIDSubSys = "identity_openid" IdentityLDAPSubSys = "identity_ldap" IdentityTLSSubSys = "identity_tls" IdentityPluginSubSys = "identity_plugin" CacheSubSys = "cache" SiteSubSys = "site" RegionSubSys = "region" EtcdSubSys = "etcd" StorageClassSubSys = "storage_class" APISubSys = "api" CompressionSubSys = "compression" LoggerWebhookSubSys = "logger_webhook" AuditWebhookSubSys = "audit_webhook" AuditKafkaSubSys = "audit_kafka" HealSubSys = "heal" ScannerSubSys = "scanner" CrawlerSubSys = "crawler" SubnetSubSys = "subnet" CallhomeSubSys = "callhome" )
Top level config constants.
const ( NotifyKafkaSubSys = "notify_kafka" NotifyMQTTSubSys = "notify_mqtt" NotifyMySQLSubSys = "notify_mysql" NotifyNATSSubSys = "notify_nats" NotifyNSQSubSys = "notify_nsq" NotifyESSubSys = "notify_elasticsearch" NotifyAMQPSubSys = "notify_amqp" NotifyPostgresSubSys = "notify_postgres" NotifyRedisSubSys = "notify_redis" NotifyWebhookSubSys = "notify_webhook" )
Notification config constants.
const ( SubSystemSeparator = madmin.SubSystemSeparator KvSeparator = madmin.KvSeparator KvSpaceSeparator = madmin.KvSpaceSeparator KvComment = madmin.KvComment KvNewline = madmin.KvNewline KvDoubleQuote = madmin.KvDoubleQuote KvSingleQuote = madmin.KvSingleQuote // Env prefix used for all envs in AnnaStore EnvPrefix = "MINIO_" EnvWordDelimiter = `_` )
Constant separators
const ( EnvAccessKey = "MINIO_ACCESS_KEY" EnvSecretKey = "MINIO_SECRET_KEY" EnvRootUser = "MINIO_ROOT_USER" EnvRootPassword = "MINIO_ROOT_PASSWORD" // Legacy files EnvAccessKeyFile = "MINIO_ACCESS_KEY_FILE" EnvSecretKeyFile = "MINIO_SECRET_KEY_FILE" // Current files EnvRootUserFile = "MINIO_ROOT_USER_FILE" EnvRootPasswordFile = "MINIO_ROOT_PASSWORD_FILE" // Set all config environment variables from 'config.env' // if necessary. Overrides all previous settings and also // overrides all environment values passed from // 'podman run -e ENV=value' EnvConfigEnvFile = "MINIO_CONFIG_ENV_FILE" EnvBrowser = "MINIO_BROWSER" EnvDomain = "MINIO_DOMAIN" EnvPublicIPs = "MINIO_PUBLIC_IPS" EnvFSOSync = "MINIO_FS_OSYNC" EnvArgs = "MINIO_ARGS" EnvVolumes = "MINIO_VOLUMES" EnvDNSWebhook = "MINIO_DNS_WEBHOOK_ENDPOINT" EnvSiteName = "MINIO_SITE_NAME" EnvSiteRegion = "MINIO_SITE_REGION" EnvMinIOSubnetLicense = "MINIO_SUBNET_LICENSE" // Deprecated Dec 2021 EnvMinIOSubnetAPIKey = "MINIO_SUBNET_API_KEY" EnvMinIOSubnetProxy = "MINIO_SUBNET_PROXY" EnvMinIOCallhomeEnable = "MINIO_CALLHOME_ENABLE" EnvMinIOCallhomeFrequency = "MINIO_CALLHOME_FREQUENCY" EnvMinIOServerURL = "MINIO_SERVER_URL" EnvMinIOBrowserRedirectURL = "MINIO_BROWSER_REDIRECT_URL" EnvRootDiskThresholdSize = "MINIO_ROOTDISK_THRESHOLD_SIZE" EnvUpdate = "MINIO_UPDATE" EnvKMSSecretKey = "MINIO_KMS_SECRET_KEY" EnvKMSSecretKeyFile = "MINIO_KMS_SECRET_KEY_FILE" EnvKESEndpoint = "MINIO_KMS_KES_ENDPOINT" EnvKESKeyName = "MINIO_KMS_KES_KEY_NAME" EnvKESClientKey = "MINIO_KMS_KES_KEY_FILE" EnvKESClientPassword = "MINIO_KMS_KES_KEY_PASSWORD" EnvKESClientCert = "MINIO_KMS_KES_CERT_FILE" EnvKESServerCA = "MINIO_KMS_KES_CAPATH" EnvEndpoints = "MINIO_ENDPOINTS" // legacy EnvWorm = "MINIO_WORM" // legacy EnvRegion = "MINIO_REGION" // legacy EnvRegionName = "MINIO_REGION_NAME" // legacy )
Top level common ENVs
const DefaultComment = "optionally add a comment to this setting"
DefaultComment used across all sub-systems.
const EnvCertPassword = "MINIO_CERT_PASSWD"
EnvCertPassword is the environment variable which contains the password used to decrypt the TLS private key. It must be set if the TLS private key is password protected.
const (
ValueSeparator = ","
)
Config value separator
Variables ¶
var ( DefaultCredentialKVS = KVS{ KV{ Key: AccessKey, Value: auth.DefaultAccessKey, }, KV{ Key: SecretKey, Value: auth.DefaultSecretKey, }, } DefaultSiteKVS = KVS{ KV{ Key: NameKey, Value: "", }, KV{ Key: RegionKey, Value: "", }, } DefaultRegionKVS = KVS{ KV{ Key: RegionName, Value: "", }, } )
Default KV configs for worm and region
var ( ErrInvalidFSValue = newErrFn( "Invalid drive path", "Please provide an existing deployment with MinIO", "MinIO does not support newer NAS gateway deployments anymore refer https://github.com/minio/minio/issues/14331", ) ErrInvalidXLValue = newErrFn( "Invalid drive path", "Please provide a fresh drive for single drive MinIO setup", "MinIO only supports fresh drive paths", ) ErrInvalidBrowserValue = newErrFn( "Invalid console value", "Please check the passed value", "Environment can only accept `on` and `off` values. To disable Console access, set this value to `off`", ) ErrInvalidFSOSyncValue = newErrFn( "Invalid O_SYNC value", "Please check the passed value", "Can only accept `on` and `off` values. To enable O_SYNC for fs backend, set this value to `on`", ) ErrOverlappingDomainValue = newErrFn( "Overlapping domain values", "Please check the passed value", "MINIO_DOMAIN only accepts non-overlapping domain values", ) ErrInvalidDomainValue = newErrFn( "Invalid domain value", "Please check the passed value", "Domain can only accept DNS compatible values", ) ErrInvalidErasureSetSize = newErrFn( "Invalid erasure set size", "Please check the passed value", "Erasure set can only accept any of [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16] values", ) ErrInvalidWormValue = newErrFn( "Invalid WORM value", "Please check the passed value", "WORM can only accept `on` and `off` values. To enable WORM, set this value to `on`", ) ErrInvalidCacheDrivesValue = newErrFn( "Invalid cache drive value", "Please check the value in this ENV variable", "MINIO_CACHE_DRIVES: Mounted drives or directories are delimited by `,`", ) ErrInvalidCacheExcludesValue = newErrFn( "Invalid cache excludes value", "Please check the passed value", "MINIO_CACHE_EXCLUDE: Cache exclusion patterns are delimited by `,`", ) ErrInvalidCacheExpiryValue = newErrFn( "Invalid cache expiry value", "Please check the passed value", "MINIO_CACHE_EXPIRY: Valid cache expiry duration must be in days", ) ErrInvalidCacheQuota = newErrFn( "Invalid cache quota value", "Please check the passed value", "MINIO_CACHE_QUOTA: Valid cache quota value must be between 0-100", ) ErrInvalidCacheAfter = newErrFn( "Invalid cache after value", "Please check the passed value", "MINIO_CACHE_AFTER: Valid cache after value must be 0 or greater", ) ErrInvalidCacheWatermarkLow = newErrFn( "Invalid cache low watermark value", "Please check the passed value", "MINIO_CACHE_WATERMARK_LOW: Valid cache low watermark value must be between 0-100", ) ErrInvalidCacheWatermarkHigh = newErrFn( "Invalid cache high watermark value", "Please check the passed value", "MINIO_CACHE_WATERMARK_HIGH: Valid cache high watermark value must be between 0-100", ) ErrInvalidCacheEncryptionKey = newErrFn( "Invalid cache encryption master key value", "Please check the passed value", "MINIO_CACHE_ENCRYPTION_SECRET_KEY: For more information, please refer to https://docs.min.io/docs/minio-disk-cache-guide", ) ErrInvalidCacheRange = newErrFn( "Invalid cache range value", "Please check the passed value", "MINIO_CACHE_RANGE: Valid expected value is `on` or `off`", ) ErrInvalidCacheCommitValue = newErrFn( "Invalid cache commit value", "Please check the passed value", "MINIO_CACHE_COMMIT: Valid expected value is `writeback` or `writethrough`", ) ErrInvalidCacheSetting = newErrFn( "Incompatible cache setting", "Please check the passed value", "MINIO_CACHE_AFTER cannot be used with MINIO_CACHE_COMMIT setting", ) ErrInvalidCredentialsBackendEncrypted = newErrFn( "Invalid credentials", "Please set correct credentials in the environment for decryption", `Detected encrypted config backend, correct access and secret keys should be specified via environment variables MINIO_ROOT_USER and MINIO_ROOT_PASSWORD to be able to decrypt the MinIO config, user IAM and policies`, ) ErrInvalidCredentials = newErrFn( "Invalid credentials", "Please provide correct credentials", `Access key length should be at least 3, and secret key length at least 8 characters`, ) ErrMissingEnvCredentialRootUser = newErrFn( "Missing credential environment variable, \""+EnvRootUser+"\"", "Environment variable \""+EnvRootUser+"\" is missing", `Root user name (access key) and root password (secret key) are expected to be specified via environment variables MINIO_ROOT_USER and MINIO_ROOT_PASSWORD respectively`, ) ErrMissingEnvCredentialRootPassword = newErrFn( "Missing credential environment variable, \""+EnvRootPassword+"\"", "Environment variable \""+EnvRootPassword+"\" is missing", `Root user name (access key) and root password (secret key) are expected to be specified via environment variables MINIO_ROOT_USER and MINIO_ROOT_PASSWORD respectively`, ) ErrMissingEnvCredentialAccessKey = newErrFn( "Missing credential environment variable, \""+EnvAccessKey+"\"", "Environment variables \""+EnvAccessKey+"\" and \""+EnvSecretKey+"\" are deprecated", `Root user name (access key) and root password (secret key) are expected to be specified via environment variables MINIO_ROOT_USER and MINIO_ROOT_PASSWORD respectively`, ) ErrMissingEnvCredentialSecretKey = newErrFn( "Missing credential environment variable, \""+EnvSecretKey+"\"", "Environment variables \""+EnvSecretKey+"\" and \""+EnvAccessKey+"\" are deprecated", `Root user name (access key) and root password (secret key) are expected to be specified via environment variables MINIO_ROOT_USER and MINIO_ROOT_PASSWORD respectively`, ) ErrInvalidErasureEndpoints = newErrFn( "Invalid endpoint(s) in erasure mode", "Please provide correct combination of local/remote paths", "For more information, please refer to https://docs.min.io/docs/minio-erasure-code-quickstart-guide", ) ErrInvalidNumberOfErasureEndpoints = newErrFn( "Invalid total number of endpoints for erasure mode", "Please provide number of endpoints greater or equal to 2", "For more information, please refer to https://docs.min.io/docs/minio-erasure-code-quickstart-guide", ) ErrStorageClassValue = newErrFn( "Invalid storage class value", "Please check the value", `MINIO_STORAGE_CLASS_STANDARD: Format "EC:<Default_Parity_Standard_Class>" (e.g. "EC:3"). This sets the number of parity disks for MinIO server in Standard mode. Objects are stored in Standard mode, if storage class is not defined in Put request MINIO_STORAGE_CLASS_RRS: Format "EC:<Default_Parity_Reduced_Redundancy_Class>" (e.g. "EC:3"). This sets the number of parity disks for MinIO server in Reduced Redundancy mode. Objects are stored in Reduced Redundancy mode, if Put request specifies RRS storage class Refer to the link https://github.com/minio/minio/tree/master/docs/erasure/storage-class for more information`, ) ErrUnexpectedBackendVersion = newErrFn( "Backend version seems to be too recent", "Please update to the latest MinIO version", "", ) ErrInvalidAddressFlag = newErrFn( "--address input is invalid", "Please check --address parameter", `--address binds to a specific ADDRESS:PORT, ADDRESS can be an IPv4/IPv6 address or hostname (default port is ':9000') Examples: --address ':443' --address '172.16.34.31:9000' --address '[fe80::da00:a6c8:e3ae:ddd7]:9000'`, ) ErrInvalidFSEndpoint = newErrFn( "Invalid endpoint for standalone FS mode", "Please check the FS endpoint", `FS mode requires only one writable disk path Example 1: $ minio server /data/minio/`, ) ErrUnsupportedBackend = newErrFn( "Unable to write to the backend", "Please ensure your drive supports O_DIRECT", "", ) ErrUnableToWriteInBackend = newErrFn( "Unable to write to the backend", "Please ensure MinIO binary has write permissions for the backend", `Verify if MinIO binary is running as the same user who has write permissions for the backend`, ) ErrPortAlreadyInUse = newErrFn( "Port is already in use", "Please ensure no other program uses the same address/port", "", ) ErrPortAccess = newErrFn( "Unable to use specified port", "Please ensure MinIO binary has 'cap_net_bind_service=+ep' permissions", `Use 'sudo setcap cap_net_bind_service=+ep /path/to/minio' to provide sufficient permissions`, ) ErrSSLUnexpectedError = newErrFn( "Invalid TLS certificate", "Please check the content of your certificate data", `Only PEM (x.509) format is accepted as valid public & private certificates`, ) ErrSSLUnexpectedData = newErrFn( "Invalid TLS certificate", "Please check your certificate", "", ) ErrSSLNoPassword = newErrFn( "Missing TLS password", "Please set the password to environment variable `MINIO_CERT_PASSWD` so that the private key can be decrypted", "", ) ErrNoCertsAndHTTPSEndpoints = newErrFn( "HTTPS specified in endpoints, but no TLS certificate is found on the local machine", "Please add TLS certificate or use HTTP endpoints only", "Refer to https://docs.min.io/docs/how-to-secure-access-to-minio-server-with-tls for information about how to load a TLS certificate in your server", ) ErrCertsAndHTTPEndpoints = newErrFn( "HTTP specified in endpoints, but the server in the local machine is configured with a TLS certificate", "Please remove the certificate in the configuration directory or switch to HTTPS", "", ) ErrSSLWrongPassword = newErrFn( "Unable to decrypt the private key using the provided password", "Please set the correct password in environment variable `MINIO_CERT_PASSWD`", "", ) ErrUnexpectedError = newErrFn( "Unexpected error", "Please contact MinIO at https://slack.min.io", "", ) ErrInvalidCompressionIncludesValue = newErrFn( "Invalid compression include value", "Please check the passed value", "Compress extensions/mime-types are delimited by `,`. For eg, MINIO_COMPRESS_MIME_TYPES=\"A,B,C\"", ) ErrInvalidGWSSEValue = newErrFn( "Invalid gateway SSE value", "Please check the passed value", "MINIO_GATEWAY_SSE: Gateway SSE accepts only C and S3 as valid values. Delimit by `;` to set more than one value", ) ErrInvalidGWSSEEnvValue = newErrFn( "Invalid gateway SSE configuration", "", "Refer to https://docs.min.io/docs/minio-kms-quickstart-guide.html for setting up SSE", ) ErrInvalidReplicationWorkersValue = newErrFn( "Invalid value for replication workers", "", "MINIO_API_REPLICATION_WORKERS: should be > 0", ) ErrInvalidTransitionWorkersValue = newErrFn( "Invalid value for transition workers", "", "MINIO_API_TRANSITION_WORKERS: should be >= GOMAXPROCS/2", ) )
UI errors
var ( SiteHelp = HelpKVS{ HelpKV{ Key: NameKey, Type: "string", Description: `name for the site e.g. "cal-rack0"`, Optional: true, }, HelpKV{ Key: RegionKey, Type: "string", Description: `name of the location of the server e.g. "us-west-1"`, Optional: true, }, HelpKV{ Key: Comment, Type: "sentence", Description: DefaultComment, Optional: true, }, } RegionHelp = HelpKVS{ HelpKV{ Key: RegionName, Type: "string", Description: `[DEPRECATED] name of the location of the server e.g. "us-west-rack2"`, Optional: true, }, HelpKV{ Key: Comment, Type: "sentence", Description: DefaultComment, Optional: true, }, } )
Region help is documented in default config
var DefaultKVS map[string]KVS
DefaultKVS - default kvs for all sub-systems
var HelpDeprecatedSubSysMap map[string]HelpKV
HelpDeprecatedSubSysMap - help for all deprecated sub-systems, that may be removed in the future.
var HelpSubSysMap map[string]HelpKVS
HelpSubSysMap - help for all individual KVS for each sub-systems also carries a special empty sub-system which dumps help for each sub-system key.
var LoggerSubSystems = set.CreateStringSet( LoggerWebhookSubSys, AuditWebhookSubSys, AuditKafkaSubSys, )
LoggerSubSystems - all sub-systems related to logger
var NotifySubSystems = set.CreateStringSet( NotifyKafkaSubSys, NotifyMQTTSubSys, NotifyMySQLSubSys, NotifyNATSSubSys, NotifyNSQSubSys, NotifyESSubSys, NotifyAMQPSubSys, NotifyPostgresSubSys, NotifyRedisSubSys, NotifyWebhookSubSys, )
NotifySubSystems - all notification sub-systems
var SubSystems = set.CreateStringSet( CredentialsSubSys, SiteSubSys, RegionSubSys, EtcdSubSys, CacheSubSys, APISubSys, StorageClassSubSys, CompressionSubSys, LoggerWebhookSubSys, AuditWebhookSubSys, AuditKafkaSubSys, PolicyOPASubSys, PolicyPluginSubSys, IdentityLDAPSubSys, IdentityOpenIDSubSys, IdentityTLSSubSys, IdentityPluginSubSys, ScannerSubSys, HealSubSys, NotifyAMQPSubSys, NotifyESSubSys, NotifyKafkaSubSys, NotifyMQTTSubSys, NotifyMySQLSubSys, NotifyNATSSubSys, NotifyNSQSubSys, NotifyPostgresSubSys, NotifyRedisSubSys, NotifyWebhookSubSys, SubnetSubSys, CallhomeSubSys, )
SubSystems - all supported sub-systems
var SubSystemsDynamic = set.CreateStringSet( APISubSys, CompressionSubSys, ScannerSubSys, HealSubSys, SubnetSubSys, CallhomeSubSys, LoggerWebhookSubSys, AuditWebhookSubSys, AuditKafkaSubSys, StorageClassSubSys, )
SubSystemsDynamic - all sub-systems that have dynamic config.
var SubSystemsSingleTargets = set.CreateStringSet([]string{ CredentialsSubSys, SiteSubSys, RegionSubSys, EtcdSubSys, CacheSubSys, APISubSys, StorageClassSubSys, CompressionSubSys, PolicyOPASubSys, PolicyPluginSubSys, IdentityLDAPSubSys, IdentityTLSSubSys, IdentityPluginSubSys, HealSubSys, ScannerSubSys, }...)
SubSystemsSingleTargets - subsystems which only support single target.
Functions ¶
func CertificateText ¶
func CertificateText(cert *x509.Certificate) string
CertificateText returns a human-readable string representation of the certificate cert. The format is similar to the OpenSSL way of printing certificates (not identical).
func CheckValidKeys ¶
CheckValidKeys - checks if inputs KVS has the necessary keys, returns error if it find extra or superflous keys.
func Decrypt ¶
Decrypt decrypts the ciphertext using a key managed by the KMS. The same context that have been used during encryption must be provided.
func DecryptBytes ¶
DecryptBytes decrypts the ciphertext using a key managed by the KMS. The same context that have been used during encryption must be provided.
func DefaultHelpPostfix ¶
DefaultHelpPostfix - Helper function to add (default: $value) messages in config help
func Encrypt ¶
Encrypt encrypts the plaintext with a key managed by KMS. The context is bound to the returned ciphertext.
The same context must be provided when decrypting the ciphertext.
func EncryptBytes ¶
EncryptBytes encrypts the plaintext with a key managed by KMS. The context is bound to the returned ciphertext.
The same context must be provided when decrypting the ciphertext.
func EnsureCertAndKey ¶
EnsureCertAndKey checks if both client certificate and key paths are provided
func Errorf ¶
Errorf - formats according to a format specifier and returns the string as a value that satisfies error of type config.Error
func LoadX509KeyPair ¶
func LoadX509KeyPair(certFile, keyFile string) (tls.Certificate, error)
LoadX509KeyPair - load an X509 key pair (private key , certificate) from the provided paths. The private key may be encrypted and is decrypted using the ENV_VAR: MINIO_CERT_PASSWD.
func LookupCreds ¶
func LookupCreds(kv KVS) (auth.Credentials, error)
LookupCreds - lookup credentials from config.
func Merge ¶
Merge environment values with on disk KVS, environment values overrides anything on the disk.
func NewConfigWriteTo ¶
NewConfigWriteTo - returns a struct which allows for serializing the config/kv struct to a io.WriterTo
func ParseBool ¶
ParseBool returns the boolean value represented by the string. It accepts 1, t, T, TRUE, true, True, 0, f, F, FALSE, false, False. Any other value returns an error.
func ParsePublicCertFile ¶
func ParsePublicCertFile(certFile string) (x509Certs []*x509.Certificate, err error)
ParsePublicCertFile - parses public cert into its *x509.Certificate equivalent.
func RegisterDefaultKVS ¶
RegisterDefaultKVS - this function saves input kvsMap globally, this should be called only once preferably during `init()`.
func RegisterHelpDeprecatedSubSys ¶
RegisterHelpDeprecatedSubSys - saves input help KVS for deprecated sub-systems globally. Should be called only once at init.
func RegisterHelpSubSys ¶
RegisterHelpSubSys - this function saves input help KVS for each sub-system globally, this function should be called only once preferably in during `init()`.
func SetCredentials ¶
func SetCredentials(c Config, cred auth.Credentials)
SetCredentials - One time migration code needed, for migrating from older config to new for server credentials.
Types ¶
type BoolFlag ¶
type BoolFlag bool
BoolFlag - wrapper bool type.
func ParseBoolFlag ¶
ParseBoolFlag - parses string into BoolFlag.
func (BoolFlag) MarshalJSON ¶
MarshalJSON - converts BoolFlag into JSON data.
func (*BoolFlag) UnmarshalJSON ¶
UnmarshalJSON - parses given data into BoolFlag.
type Config ¶
Config - MinIO server config structure.
func (Config) CheckValidKeys ¶
CheckValidKeys - checks if the config parameters for the given subsystem and target are valid. It checks both the configuration store as well as environment variables.
func (Config) GetAvailableTargets ¶
GetAvailableTargets - returns a list of targets configured for the given subsystem (whether they are enabled or not). A target could be configured via environment variables or via the configuration store. The default target is `_` and is always returned. The result is sorted so that the default target is the first one and the remaining entries are sorted in ascending order.
func (Config) GetResolvedConfigParams ¶
GetResolvedConfigParams returns all applicable config parameters with their value sources.
func (Config) GetSubsysInfo ¶
func (c Config) GetSubsysInfo(subSys string) ([]SubsysInfo, error)
GetSubsysInfo returns `SubsysInfo`s for all targets for the subsystem.
func (Config) Merge ¶
Merge - merges a new config with all the missing values for default configs, returns a config.
func (Config) ReadConfig ¶
ReadConfig - read content from input and write into c. Returns whether all parameters were dynamic.
func (Config) RedactSensitiveInfo ¶
RedactSensitiveInfo - removes sensitive information like urls and credentials from the configuration
func (Config) ResolveConfigParam ¶
func (c Config) ResolveConfigParam(subSys, target, cfgParam string) (value string, cs ValueSource)
ResolveConfigParam returns the effective value of a configuration parameter, within a subsystem and subsystem target. The effective value is, in order of decreasing precedence:
1. the value of the corresponding environment variable if set, 2. the value of the parameter in the config store if set, 3. the default value,
This function only works for a subset of sub-systems, others return `ValueSourceAbsent`. FIXME: some parameters have custom environment variables for which support needs to be added.
type EnvPair ¶
type EnvPair struct {
Name, Value string
}
EnvPair represents an environment variable and its value.
type Err ¶
type Err struct {
// contains filtered or unexported fields
}
Err is a structure which contains all information to print a fatal error message in json or pretty mode Err implements error so we can use it anywhere
func ErrorToErr ¶
ErrorToErr inspects the passed error and transforms it to the appropriate UI error.
type HelpKV ¶
type HelpKV struct { Key string `json:"key"` Type string `json:"type"` Description string `json:"description"` Optional bool `json:"optional"` // Indicates if the value contains sensitive info // that shouldn't be exposed in certain apis Sensitive bool `json:"-"` // Indicates if sub-sys supports multiple targets. MultipleTargets bool `json:"multipleTargets"` }
HelpKV - implements help messages for keys with value as description of the keys.
type KVS ¶
type KVS []KV
KVS - is a shorthand for some wrapper functions to operate on list of key values.
func (KVS) GetWithDefault ¶
GetWithDefault - returns default value if key not set
type KVSrc ¶
type KVSrc struct { Key string Value string Src ValueSource }
KVSrc represents a configuration parameter key and value along with the source of the value.
type SubsysInfo ¶
type SubsysInfo struct {
SubSys, Target string
Params KVS
// map of config parameter name to EnvPair.
EnvMap map[string]EnvPair
}
SubsysInfo holds config info for a subsystem target.
func (*SubsysInfo) AddEnvString ¶
func (cs *SubsysInfo) AddEnvString(b *strings.Builder)
AddEnvString adds env vars to the given string builder.
type ValueSource ¶
type ValueSource uint8
ValueSource represents the source of a config parameter value.
const ( ValueSourceAbsent ValueSource = iota // this is an error case ValueSourceDef ValueSourceCfg ValueSourceEnv )
Constants for ValueSource