config

package
v0.0.0-...-eb3c7bf Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 5, 2024 License: MIT Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source
const DefaultLocation = "/etc/pterodactyl/config.yml"

Variables

DefaultTLSConfig sets sane defaults to use when configuring the internal webserver to listen for public connections.

@see https://blog.cloudflare.com/exposing-go-on-the-internet

Functions

func ConfigureDirectories

func ConfigureDirectories() error

ConfigureDirectories ensures that all the system directories exist on the system. These directories are created so that only the owner can read the data, and no other users.

This function IS NOT thread-safe.

func ConfigurePasswd

func ConfigurePasswd() error

ConfigurePasswd generates required passwd files for use with containers started by Wings.

func ConfigureTimezone

func ConfigureTimezone() error

ConfigureTimezone sets the timezone data for the configuration if it is currently missing. If a value has been set, this functionality will only run to validate that the timezone being used is valid.

This function IS NOT thread-safe.

func EnableLogRotation

func EnableLogRotation() error

EnableLogRotation writes a logrotate file for wings to the system logrotate configuration directory if one exists and a logrotate file is not found. This allows us to basically automate away the log rotation for most installs, but also enable users to make modifications on their own.

This function IS NOT thread-safe.

func EnsurePterodactylUser

func EnsurePterodactylUser() error

EnsurePterodactylUser ensures that the Pterodactyl core user exists on the system. This user will be the owner of all data in the root data directory and is used as the user within containers. If files are not owned by this user there will be issues with permissions on Docker mount points.

This function IS NOT thread safe and should only be called in the main thread when the application is booting.

func FromFile

func FromFile(path string) error

FromFile reads the configuration from the provided file and stores it in the global singleton for this instance.

func GetJwtAlgorithm

func GetJwtAlgorithm() *jwt.HMACSHA

GetJwtAlgorithm returns the in-memory JWT algorithm.

func Set

func Set(c *Configuration)

Set the global configuration instance. This is a blocking operation such that anything trying to set a different configuration value, or read the configuration will be paused until it is complete.

func SetDebugViaFlag

func SetDebugViaFlag(d bool)

SetDebugViaFlag tracks if the application is running in debug mode because of a command line flag argument. If so we do not want to store that configuration change to the disk.

func Update

func Update(callback func(c *Configuration))

Update performs an in-situ update of the global configuration object using a thread-safe mutex lock. This is the correct way to make modifications to the global configuration.

func UseOpenat2

func UseOpenat2() bool

func WriteToDisk

func WriteToDisk(c *Configuration) error

WriteToDisk writes the configuration to the disk. This is a thread safe operation and will only allow one write at a time. Additional calls while writing are queued up.

Types

type ApiConfiguration

type ApiConfiguration struct {
	// The interface that the internal webserver should bind to.
	Host string `default:"0.0.0.0" yaml:"host"`

	// The port that the internal webserver should bind to.
	Port int `default:"8080" yaml:"port"`

	// SSL configuration for the daemon.
	Ssl struct {
		Enabled         bool   `json:"enabled" yaml:"enabled"`
		CertificateFile string `json:"cert" yaml:"cert"`
		KeyFile         string `json:"key" yaml:"key"`
	}

	// Determines if functionality for allowing remote download of files into server directories
	// is enabled on this instance. If set to "true" remote downloads will not be possible for
	// servers.
	DisableRemoteDownload bool `json:"-" yaml:"disable_remote_download"`

	// The maximum size for files uploaded through the Panel in MB.
	UploadLimit int64 `default:"100" json:"upload_limit" yaml:"upload_limit"`

	// A list of IP address of proxies that may send a X-Forwarded-For header to set the true clients IP
	TrustedProxies []string `json:"trusted_proxies" yaml:"trusted_proxies"`
}

ApiConfiguration defines the configuration for the internal API that is exposed by the Wings webserver.

type Backups

type Backups struct {
	// WriteLimit imposes a Disk I/O write limit on backups to the disk, this affects all
	// backup drivers as the archiver must first write the file to the disk in order to
	// upload it to any external storage provider.
	//
	// If the value is less than 1, the write speed is unlimited,
	// if the value is greater than 0, the write speed is the value in MiB/s.
	//
	// Defaults to 0 (unlimited)
	WriteLimit int `default:"0" yaml:"write_limit"`

	// CompressionLevel determines how much backups created by wings should be compressed.
	//
	// "none" -> no compression will be applied
	// "best_speed" -> uses gzip level 1 for fast speed
	// "best_compression" -> uses gzip level 9 for minimal disk space useage
	//
	// Defaults to "best_speed" (level 1)
	CompressionLevel string `default:"best_speed" yaml:"compression_level"`
}

type Configuration

type Configuration struct {

	// Determines if wings should be running in debug mode. This value is ignored
	// if the debug flag is passed through the command line arguments.
	Debug bool

	AppName string `default:"Pterodactyl" json:"app_name" yaml:"app_name"`

	// A unique identifier for this node in the Panel.
	Uuid string

	// An identifier for the token which must be included in any requests to the panel
	// so that the token can be looked up correctly.
	AuthenticationTokenId string `json:"token_id" yaml:"token_id"`

	// The token used when performing operations. Requests to this instance must
	// validate against it.
	AuthenticationToken string `json:"token" yaml:"token"`

	Api    ApiConfiguration    `json:"api" yaml:"api"`
	System SystemConfiguration `json:"system" yaml:"system"`
	Docker DockerConfiguration `json:"docker" yaml:"docker"`

	// Defines internal throttling configurations for server processes to prevent
	// someone from running an endless loop that spams data to logs.
	Throttles ConsoleThrottles

	// The location where the panel is running that this daemon should connect to
	// to collect data and send events.
	PanelLocation string                   `json:"-" yaml:"remote"`
	RemoteQuery   RemoteQueryConfiguration `json:"remote_query" yaml:"remote_query"`

	// AllowedMounts is a list of allowed host-system mount points.
	// This is required to have the "Server Mounts" feature work properly.
	AllowedMounts []string `json:"-" yaml:"allowed_mounts"`

	// AllowedOrigins is a list of allowed request origins.
	// The Panel URL is automatically allowed, this is only needed for adding
	// additional origins.
	AllowedOrigins []string `json:"allowed_origins" yaml:"allowed_origins"`

	// AllowCORSPrivateNetwork sets the `Access-Control-Request-Private-Network` header which
	// allows client browsers to make requests to internal IP addresses over HTTP.  This setting
	// is only required by users running Wings without SSL certificates and using internal IP
	// addresses in order to connect. Most users should NOT enable this setting.
	AllowCORSPrivateNetwork bool `json:"allow_cors_private_network" yaml:"allow_cors_private_network"`

	// IgnorePanelConfigUpdates causes confiuration updates that are sent by the panel to be ignored.
	IgnorePanelConfigUpdates bool `json:"ignore_panel_config_updates" yaml:"ignore_panel_config_updates"`
	// contains filtered or unexported fields
}

func Get

func Get() *Configuration

Get returns the global configuration instance. This is a thread-safe operation that will block if the configuration is presently being modified.

Be aware that you CANNOT make modifications to the currently stored configuration by modifying the struct returned by this function. The only way to make modifications is by using the Update() function and passing data through in the callback.

func NewAtPath

func NewAtPath(path string) (*Configuration, error)

NewAtPath creates a new struct and set the path where it should be stored. This function does not modify the currently stored global configuration.

type ConsoleThrottles

type ConsoleThrottles struct {
	// Whether or not the throttler is enabled for this instance.
	Enabled bool `json:"enabled" yaml:"enabled" default:"true"`

	// The total number of lines that can be output in a given Period period before
	// a warning is triggered and counted against the server.
	Lines uint64 `json:"lines" yaml:"lines" default:"2000"`

	// The amount of time after which the number of lines processed is reset to 0. This runs in
	// a constant loop and is not affected by the current console output volumes. By default, this
	// will reset the processed line count back to 0 every 100ms.
	Period uint64 `json:"line_reset_interval" yaml:"line_reset_interval" default:"100"`
}

type CrashDetection

type CrashDetection struct {
	// CrashDetectionEnabled sets if crash detection is enabled globally for all servers on this node.
	CrashDetectionEnabled bool `default:"true" yaml:"enabled"`

	// Determines if Wings should detect a server that stops with a normal exit code of
	// "0" as being crashed if the process stopped without any Wings interaction. E.g.
	// the user did not press the stop button, but the process stopped cleanly.
	DetectCleanExitAsCrash bool `default:"true" yaml:"detect_clean_exit_as_crash"`

	// Timeout specifies the timeout between crashes that will not cause the server
	// to be automatically restarted, this value is used to prevent servers from
	// becoming stuck in a boot-loop after multiple consecutive crashes.
	Timeout int `default:"60" json:"timeout"`
}

type DockerConfiguration

type DockerConfiguration struct {
	// Network configuration that should be used when creating a new network
	// for containers run through the daemon.
	Network DockerNetworkConfiguration `json:"network" yaml:"network"`

	// Domainname is the Docker domainname for all containers.
	Domainname string `default:"" json:"domainname" yaml:"domainname"`

	// Registries .
	Registries map[string]RegistryConfiguration `json:"registries" yaml:"registries"`

	// TmpfsSize specifies the size for the /tmp directory mounted into containers. Please be
	// aware that Docker utilizes the host's system memory for this value, and that we do not
	// keep track of the space used there, so avoid allocating too much to a server.
	TmpfsSize uint `default:"100" json:"tmpfs_size" yaml:"tmpfs_size"`

	// ContainerPidLimit sets the total number of processes that can be active in a container
	// at any given moment. This is a security concern in shared-hosting environments where a
	// malicious process could create enough processes to cause the host node to run out of
	// available pids and crash.
	ContainerPidLimit int64 `default:"512" json:"container_pid_limit" yaml:"container_pid_limit"`

	// InstallerLimits defines the limits on the installer containers that prevents a server's
	// installation process from unintentionally consuming more resources than expected. This
	// is used in conjunction with the server's defined limits. Whichever value is higher will
	// take precedence in the installer containers.
	InstallerLimits struct {
		Memory int64 `default:"1024" json:"memory" yaml:"memory"`
		Cpu    int64 `default:"100" json:"cpu" yaml:"cpu"`
	} `json:"installer_limits" yaml:"installer_limits"`

	// Overhead controls the memory overhead given to all containers to circumvent certain
	// software such as the JVM not staying below the maximum memory limit.
	Overhead Overhead `json:"overhead" yaml:"overhead"`

	UsePerformantInspect bool `default:"true" json:"use_performant_inspect" yaml:"use_performant_inspect"`

	// Sets the user namespace mode for the container when user namespace remapping option is
	// enabled.
	//
	// If the value is blank, the daemon's user namespace remapping configuration is used,
	// if the value is "host", then the pterodactyl containers are started with user namespace
	// remapping disabled
	UsernsMode string `default:"" json:"userns_mode" yaml:"userns_mode"`

	LogConfig struct {
		Type   string            `default:"local" json:"type" yaml:"type"`
		Config map[string]string `` /* 127-byte string literal not displayed */
	} `json:"log_config" yaml:"log_config"`
}

DockerConfiguration defines the docker configuration used by the daemon when interacting with containers and networks on the system.

func (DockerConfiguration) ContainerLogConfig

func (c DockerConfiguration) ContainerLogConfig() container.LogConfig

type DockerNetworkConfiguration

type DockerNetworkConfiguration struct {
	// The interface that should be used to create the network. Must not conflict
	// with any other interfaces in use by Docker or on the system.
	Interface string `default:"172.18.0.1" json:"interface" yaml:"interface"`

	// The DNS settings for containers.
	Dns []string `default:"[\"1.1.1.1\", \"1.0.0.1\"]"`

	// The name of the network to use. If this network already exists it will not
	// be created. If it is not found, a new network will be created using the interface
	// defined.
	Name       string                  `default:"pterodactyl_nw"`
	ISPN       bool                    `default:"false" yaml:"ispn"`
	Driver     string                  `default:"bridge"`
	Mode       string                  `default:"pterodactyl_nw" yaml:"network_mode"`
	IsInternal bool                    `default:"false" yaml:"is_internal"`
	EnableICC  bool                    `default:"true" yaml:"enable_icc"`
	NetworkMTU int64                   `default:"1500" yaml:"network_mtu"`
	Interfaces dockerNetworkInterfaces `yaml:"interfaces"`
}

type Overhead

type Overhead struct {
	// Override controls if the overhead limits should be overridden by the values in the config file.
	Override bool `default:"false" json:"override" yaml:"override"`

	// DefaultMultiplier sets the default multiplier for if no Multipliers are able to be applied.
	DefaultMultiplier float64 `default:"1.05" json:"default_multiplier" yaml:"default_multiplier"`

	// Multipliers allows overriding DefaultMultiplier depending on the amount of memory
	// configured for a server.
	//
	// Default values (used if Override is `false`)
	// - Less than 2048 MB of memory, multiplier of 1.15 (15%)
	// - Less than 4096 MB of memory, multiplier of 1.10 (10%)
	// - Otherwise, multiplier of 1.05 (5%) - specified in DefaultMultiplier
	//
	// If the defaults were specified in the config they would look like:
	// “`yaml
	// multipliers:
	//   2048: 1.15
	//   4096: 1.10
	// “`
	Multipliers map[int]float64 `json:"multipliers" yaml:"multipliers"`
}

Overhead controls the memory overhead given to all containers to circumvent certain software such as the JVM not staying below the maximum memory limit.

func (Overhead) GetMultiplier

func (o Overhead) GetMultiplier(memoryLimit int64) float64

type RegistryConfiguration

type RegistryConfiguration struct {
	Username string `yaml:"username"`
	Password string `yaml:"password"`
}

RegistryConfiguration defines the authentication credentials for a given Docker registry.

func (RegistryConfiguration) Base64

func (c RegistryConfiguration) Base64() (string, error)

Base64 returns the authentication for a given registry as a base64 encoded string value.

type RemoteQueryConfiguration

type RemoteQueryConfiguration struct {
	// The amount of time in seconds that Wings should allow for a request to the Panel API
	// to complete. If this time passes the request will be marked as failed. If your requests
	// are taking longer than 30 seconds to complete it is likely a performance issue that
	// should be resolved on the Panel, and not something that should be resolved by upping this
	// number.
	Timeout int `default:"30" yaml:"timeout"`

	// The number of servers to load in a single request to the Panel API when booting the
	// Wings instance. A single request is initially made to the Panel to get this number
	// of servers, and then the pagination status is checked and additional requests are
	// fired off in parallel to request the remaining pages.
	//
	// It is not recommended to change this from the default as you will likely encounter
	// memory limits on your Panel instance. In the grand scheme of things 4 requests for
	// 50 servers is likely just as quick as two for 100 or one for 400, and will certainly
	// be less likely to cause performance issues on the Panel.
	BootServersPerPage int `default:"50" yaml:"boot_servers_per_page"`
}

RemoteQueryConfiguration defines the configuration settings for remote requests from Wings to the Panel.

type SftpConfiguration

type SftpConfiguration struct {
	// The bind address of the SFTP server.
	Address string `default:"0.0.0.0" json:"bind_address" yaml:"bind_address"`
	// The bind port of the SFTP server.
	Port int `default:"2022" json:"bind_port" yaml:"bind_port"`
	// If set to true, no write actions will be allowed on the SFTP server.
	ReadOnly bool `default:"false" yaml:"read_only"`
}

SftpConfiguration defines the configuration of the internal SFTP server.

type SystemConfiguration

type SystemConfiguration struct {
	// The root directory where all of the pterodactyl data is stored at.
	RootDirectory string `default:"/var/lib/pterodactyl" json:"-" yaml:"root_directory"`

	// Directory where logs for server installations and other wings events are logged.
	LogDirectory string `default:"/var/log/pterodactyl" json:"-" yaml:"log_directory"`

	// Directory where the server data is stored at.
	Data string `default:"/var/lib/pterodactyl/volumes" json:"-" yaml:"data"`

	// Directory where server archives for transferring will be stored.
	ArchiveDirectory string `default:"/var/lib/pterodactyl/archives" json:"-" yaml:"archive_directory"`

	// Directory where local backups will be stored on the machine.
	BackupDirectory string `default:"/var/lib/pterodactyl/backups" json:"-" yaml:"backup_directory"`

	// TmpDirectory specifies where temporary files for Pterodactyl installation processes
	// should be created. This supports environments running docker-in-docker.
	TmpDirectory string `default:"/tmp/pterodactyl" json:"-" yaml:"tmp_directory"`

	// Directory where PteroFuse server layers will be stored (de-duplicated files)
	LayerDirectory string `default:"/var/lib/pterodactyl/layers" json:"-" yaml:"layer_directory"`

	// The user that should own all of the server files, and be used for containers.
	Username string `default:"pterodactyl" yaml:"username"`

	// The timezone for this Wings instance. This is detected by Wings automatically if possible,
	// and falls back to UTC if not able to be detected. If you need to set this manually, that
	// can also be done.
	//
	// This timezone value is passed into all containers created by Wings.
	Timezone string `yaml:"timezone"`

	// Definitions for the user that gets created to ensure that we can quickly access
	// this information without constantly having to do a system lookup.
	User struct {
		// Rootless controls settings related to rootless container daemons.
		Rootless struct {
			// Enabled controls whether rootless containers are enabled.
			Enabled bool `yaml:"enabled" default:"false"`
			// ContainerUID controls the UID of the user inside the container.
			// This should likely be set to 0 so the container runs as the user
			// running Wings.
			ContainerUID int `yaml:"container_uid" default:"0"`
			// ContainerGID controls the GID of the user inside the container.
			// This should likely be set to 0 so the container runs as the user
			// running Wings.
			ContainerGID int `yaml:"container_gid" default:"0"`
		} `yaml:"rootless"`

		Uid int `yaml:"uid"`
		Gid int `yaml:"gid"`
	} `yaml:"user"`

	// Passwd controls the mounting of a generated passwd files into containers started by Wings.
	Passwd struct {
		// Enable controls whether generated passwd files should be mounted into containers.
		//
		// By default this option is disabled and Wings will not mount any additional passwd
		// files into containers.
		Enable bool `yaml:"enabled" default:"false"`

		// Directory is the directory on disk where the generated files will be stored.
		// This directory may be temporary as it will be re-created whenever Wings is started.
		//
		// This path **WILL** be both written to by Wings and mounted into containers created by
		// Wings. If you are running Wings itself in a container, this path will need to be mounted
		// into the Wings container as the exact path on the host, which should match the value
		// specified here. If you are using SELinux, you will need to make sure this file has the
		// correct SELinux context in order for containers to use it.
		Directory string `yaml:"directory" default:"/run/wings/etc"`
	} `yaml:"passwd"`

	// The amount of time in seconds that can elapse before a server's disk space calculation is
	// considered stale and a re-check should occur. DANGER: setting this value too low can seriously
	// impact system performance and cause massive I/O bottlenecks and high CPU usage for the Wings
	// process.
	//
	// Set to 0 to disable disk checking entirely. This will always return 0 for the disk space used
	// by a server and should only be set in extreme scenarios where performance is critical and
	// disk usage is not a concern.
	DiskCheckInterval int64 `default:"150" yaml:"disk_check_interval"`

	// ActivitySendInterval is the amount of time that should ellapse between aggregated server activity
	// being sent to the Panel. By default this will send activity collected over the last minute. Keep
	// in mind that only a fixed number of activity log entries, defined by ActivitySendCount, will be sent
	// in each run.
	ActivitySendInterval int `default:"60" yaml:"activity_send_interval"`

	// ActivitySendCount is the number of activity events to send per batch.
	ActivitySendCount int `default:"100" yaml:"activity_send_count"`

	// If set to true, file permissions for a server will be checked when the process is
	// booted. This can cause boot delays if the server has a large amount of files. In most
	// cases disabling this should not have any major impact unless external processes are
	// frequently modifying a servers' files.
	CheckPermissionsOnBoot bool `default:"true" yaml:"check_permissions_on_boot"`

	// If set to false Wings will not attempt to write a log rotate configuration to the disk
	// when it boots and one is not detected.
	EnableLogRotate bool `default:"true" yaml:"enable_log_rotate"`

	// The number of lines to send when a server connects to the websocket.
	WebsocketLogCount int `default:"150" yaml:"websocket_log_count"`

	Sftp SftpConfiguration `yaml:"sftp"`

	CrashDetection CrashDetection `yaml:"crash_detection"`

	Backups Backups `yaml:"backups"`

	Transfers Transfers `yaml:"transfers"`

	OpenatMode string `default:"auto" yaml:"openat_mode"`
}

SystemConfiguration defines basic system configuration settings.

func (*SystemConfiguration) GetStatesPath

func (sc *SystemConfiguration) GetStatesPath() string

GetStatesPath returns the location of the JSON file that tracks server states.

type Transfers

type Transfers struct {
	// DownloadLimit imposes a Network I/O read limit when downloading a transfer archive.
	//
	// If the value is less than 1, the write speed is unlimited,
	// if the value is greater than 0, the write speed is the value in MiB/s.
	//
	// Defaults to 0 (unlimited)
	DownloadLimit int `default:"0" yaml:"download_limit"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL