config

package
v0.4.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 11, 2020 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package config provides types and functions to collect, validate and apply user-provided settings.

Index

Constants

View Source
const (

	// MyAppName is the public name of this application
	MyAppName string = "brick"

	// MyAppURL is the location of the repo for this application
	MyAppURL string = "https://github.com/atc0005/brick"

	// MyAppDescription is the description for this application shown in
	// HelpText output.
	MyAppDescription string = "Automatically disable EZproxy users via webhook requests"
)
View Source
const (
	HTTPServerReadHeaderTimeout time.Duration = 20 * time.Second
	HTTPServerReadTimeout       time.Duration = 1 * time.Minute
	HTTPServerWriteTimeout      time.Duration = 2 * time.Minute
)

TODO: Expose these settings via flags, config file

Timeout settings applied to our instance of http.Server

View Source
const (

	// NotifyMgrTeamsNotificationTimeout is the timeout setting applied to
	// each Microsoft Teams notification attempt. This value does NOT take
	// into account the number of configured retries, retry delays or overall
	// rate limit for Teams notifications. The final timeout value applied to
	// each notification attempt should be based on those calculations and
	// this value. The GetNotificationTimeout method does just that.
	NotifyMgrTeamsNotificationTimeout time.Duration = 10 * time.Second

	// NotifyMgrEmailNotificationTimeout is the timeout setting applied to
	// each email notification attempt. This value does NOT take into account
	// the number of configured retries, retry delays or overall rate limit
	// for email notifications. The final timeout value applied to each
	// notification attempt should be based on those calculations and this
	// value. The GetNotificationTimeout method does just that.
	NotifyMgrEmailNotificationTimeout time.Duration = 30 * time.Second

	// NotifyStatsMonitorDelay limits notification stats logging to no more
	// often than this duration. This limiter is to keep from logging the
	// details so often that the information simply becomes noise.
	NotifyStatsMonitorDelay time.Duration = 5 * time.Minute

	// NotifyQueueMonitorDelay limits notification queue stats logging to no
	// more often than this duration. This limiter is to keep from logging the
	// details so often that the information simply becomes noise.
	NotifyQueueMonitorDelay time.Duration = 15 * time.Second
)

Timing-related settings (delays, timeouts) used by our notification manager and child goroutines to concurrently process notification requests.

View Source
const (
	TCPReservedPort            int = 0
	TCPSystemPortStart         int = 1
	TCPSystemPortEnd           int = 1023
	TCPUserPortStart           int = 1024
	TCPUserPortEnd             int = 49151
	TCPDynamicPrivatePortStart int = 49152
	TCPDynamicPrivatePortEnd   int = 65535
)

TCP port ranges http://www.iana.org/assignments/port-numbers Port numbers are assigned in various ways, based on three ranges: System Ports (0-1023), User Ports (1024-49151), and the Dynamic and/or Private Ports (49152-65535)

View Source
const (

	// LogLevelFatal is used for errors that should definitely be noted.
	// Commonly used for hooks to send errors to an error tracking service.
	LogLevelFatal string = "fatal"

	// LogLevelError is for errors that should definitely be noted.
	LogLevelError string = "error"

	// LogLevelWarn is for non-critical entries that deserve eyes.
	LogLevelWarn string = "warn"

	// LogLevelInfo is for general application operational entries.
	LogLevelInfo string = "info"

	// LogLevelDebug is for debug-level messages and is usually enabled
	// when debugging. Very verbose logging.
	LogLevelDebug string = "debug"
)

Log levels

View Source
const (
	// LogFormatCLI provides human-friendly CLI output
	LogFormatCLI string = "cli"

	// LogFormatJSON provides JSON output
	LogFormatJSON string = "json"

	// LogFormatLogFmt provides logfmt plain-text output
	LogFormatLogFmt string = "logfmt"

	// LogFormatText provides human-friendly colored output
	LogFormatText string = "text"

	// LogFormatDiscard discards all logs
	LogFormatDiscard string = "discard"
)
apex/log Handlers

--------------------------------------------------------- cli - human-friendly CLI output discard - discards all logs es - Elasticsearch handler graylog - Graylog handler json - JSON output handler kinesis - AWS Kinesis handler level - level filter handler logfmt - logfmt plain-text formatter memory - in-memory handler for tests multi - fan-out to multiple handlers papertrail - Papertrail handler text - human-friendly colored output delta - outputs the delta between log calls and spinner

View Source
const (

	// LogOutputStdout represents os.Stdout
	LogOutputStdout string = "stdout"

	// LogOutputStderr represents os.Stderr
	LogOutputStderr string = "stderr"
)
View Source
const HTTPServerShutdownTimeout time.Duration = 30 * time.Second

HTTPServerShutdownTimeout is used by the graceful shutdown process to control how long the shutdown process should wait before forcefully terminating.

View Source
const NotifyMgrQueueDepth int = 5

NotifyMgrQueueDepth is the number of items allowed into the queue/channel at one time. Senders with items for the notification "pipeline" that do not fit within the allocated space will block until space in the queue opens. Best practice for channels advocates that a smaller number is better than a larger one, so YMMV if this is set either too high or too low.

Brief testing (as of this writing) shows that a depth as low as 1 works for our purposes, but results in a greater number of stalled goroutines waiting to place items into the queue.

View Source
const NotifyMgrServicesShutdownTimeout time.Duration = 2 * time.Second

NotifyMgrServicesShutdownTimeout is used by the NotifyMgr to determine how long it should wait for results from each notifier or notifier "service" before continuing on with the shutdown process.

Variables

View Source
var Version string = "x.y.z"

Version is updated via Makefile builds by referencing the fully-qualified path to this variable, including the package. We set a placeholder value so that something resembling a version string will be provided for non-Makefile builds.

Functions

func GetNotificationTimeout

func GetNotificationTimeout(
	baseTimeout time.Duration,
	schedule time.Time,
	retries int,
	retriesDelay int,
) time.Duration

GetNotificationTimeout calculates the timeout value for the entire message submission process, including the initial attempt and all retry attempts.

This overall timeout value is computed using multiple values; (1) the base timeout value for a single message submission attempt, (2) the next scheduled notification (which was created using the configured delay we wish to force between message submission attempts), (3) the total number of retries allowed, (4) the delay between each retry attempt.

This computed timeout value is intended to be used to cancel a notification attempt once it reaches this timeout threshold.

func MessageTrailer

func MessageTrailer(format BrandingFormat) string

MessageTrailer generates a branded "footer" for use with notifications.

Types

type BrandingFormat

type BrandingFormat string

BrandingFormat is a type used to emulate a set of enums for use with defining the format used in footer or "message trailers".

const (

	// BrandingMarkdownFormat is used as a Markdown-compatible template for
	// message "trailers" or "footers" on outgoing notifications. This is
	// primarily used for Microsoft Teams notifications.
	BrandingMarkdownFormat BrandingFormat = `Message generated by [%s](%s) (%s) at %s`

	// BrandingTextileFormat is used as a Textile-compatible template for
	// message "trailers" or "footers" on outgoing notifications. This is
	// primarily used for email notifications that will be consumed by a
	// Redmine instance configured to use the (older) Textile formatting
	// option.
	BrandingTextileFormat BrandingFormat = `Message generated by "%s":%s (%s) at %s`
)

type Config

type Config struct {
	// contains filtered or unexported fields
}

Config is a unified set of configuration values for this application. This struct is configured via command-line flags or TOML configuration file provided by the user. The majority of values held by this object are intended to be retrieved via "Getter" methods.

func NewConfig

func NewConfig() (*Config, error)

NewConfig is a factory function that produces a new Config object based on user provided values. While the fields are exported (due to requirements of third-party config packages), the intent is that the "getter" methods be used to provided a unified view of the current configuration generated from one or more configuration sources.

func (Config) ConfigFile

func (c Config) ConfigFile() string

ConfigFile returns the user-provided path to the config file for this application or the default value if not provided. CLI flag or environment variables are the only way to specify a value for this setting.

func (Config) DisabledUsersFile

func (c Config) DisabledUsersFile() string

DisabledUsersFile returns the user-provided path to the EZproxy include file where this application should write disabled user accounts or the default value if not provided. CLI flag values take precedence if provided.

func (Config) DisabledUsersFileEntrySuffix

func (c Config) DisabledUsersFileEntrySuffix() string

DisabledUsersFileEntrySuffix returns the user-provided disabled users entry suffix or the default value if not provided. CLI flag values take precedence if provided.

func (Config) DisabledUsersFilePermissions

func (c Config) DisabledUsersFilePermissions() os.FileMode

DisabledUsersFilePermissions returns the user-provided permissions for the EZproxy include file where this application should write disabled user accounts or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EZproxyActiveFilePath

func (c Config) EZproxyActiveFilePath() string

EZproxyActiveFilePath returns the user-provided, fully-qualified path to the EZproxy Active Users and Hosts "state" file or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EZproxyAuditFileDirPath

func (c Config) EZproxyAuditFileDirPath() string

EZproxyAuditFileDirPath returns the user-provided, fully-qualified path to the EZproxy audit files directory or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EZproxyExecutablePath

func (c Config) EZproxyExecutablePath() string

EZproxyExecutablePath returns the user-provided, fully-qualified path to the EZproxy executable or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EZproxySearchDelay

func (c Config) EZproxySearchDelay() int

EZproxySearchDelay returns the user-provided number of seconds between session lookup attempts or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EZproxySearchRetries

func (c Config) EZproxySearchRetries() int

EZproxySearchRetries returns the user-provided number of retry attempts to make for session lookup attempts that return zero results or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EZproxyTerminateSessions

func (c Config) EZproxyTerminateSessions() bool

EZproxyTerminateSessions indicates whether attempts should be made to terminate sessions for reported user accounts. The user-provided value is returned or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EmailClientIdentity

func (c Config) EmailClientIdentity() string

EmailClientIdentity returns the user-provided identity for the server that this application sends email notifications on behalf of. If not provided, attempt to get the fully-qualified domain name for the system where this application is running. If there are issues resolving the fqdn use our fallback value. or the default CLI flag values take precedence if provided.

func (Config) EmailNotificationRateLimit

func (c Config) EmailNotificationRateLimit() time.Duration

EmailNotificationRateLimit returns a time.Duration value based on the user-provided rate limit in seconds between email notifications or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EmailNotificationRetries

func (c Config) EmailNotificationRetries() int

EmailNotificationRetries returns the user-provided retry limit before giving up on email message delivery or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EmailNotificationRetryDelay

func (c Config) EmailNotificationRetryDelay() int

EmailNotificationRetryDelay returns the user-provided delay for email notifications or the default value if not provided. CLI flag values take precedence if provided. This delay is added regardless of whether a previous notification delivery attempt has been made.

func (Config) EmailRecipientAddresses

func (c Config) EmailRecipientAddresses() []string

EmailRecipientAddresses returns the user-provided list of email addresess to receive all outgoing email notifications from this application or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EmailSenderAddress

func (c Config) EmailSenderAddress() string

EmailSenderAddress returns the user-provided email address used as the sender for all outgoing email notifications from this application or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EmailServer

func (c Config) EmailServer() string

EmailServer returns the user-provided SMTP server to be used for email notifications or the default value if not provided. CLI flag values take precedence if provided.

func (Config) EmailServerPort

func (c Config) EmailServerPort() int

EmailServerPort returns the user-provided TCP port for email notifications or the default value if not provided. CLI flag values take precedence if provided.

func (Config) IgnoreLookupErrors

func (c Config) IgnoreLookupErrors() bool

IgnoreLookupErrors returns the user-provided choice regarding ignoring lookup errors or the default value if not provided. CLI flag values take precedence if provided.

TODO: See GH-62.

func (Config) IgnoredIPAddressesFile

func (c Config) IgnoredIPAddressesFile() string

IgnoredIPAddressesFile returns the user-provided path to the file containing a list of individual IP Addresses which should not be banned by this application. If not specified, the default value is provided.

func (Config) IgnoredUsersFile

func (c Config) IgnoredUsersFile() string

IgnoredUsersFile returns the user-provided path to the file containing a list of user accounts which should not be disabled and whose associated IP should not be banned by this application. If not specified, the default value is provided along. CLI flag values take precedence if provided.

func (Config) IsSetIgnoredIPAddressesFile

func (c Config) IsSetIgnoredIPAddressesFile() bool

IsSetIgnoredIPAddressesFile indicates whether a user-provided path to the file containing a list of individual IP Addresses which should not be banned by this application was provided. Deprecated: See GH-46

func (Config) IsSetIgnoredUsersFile

func (c Config) IsSetIgnoredUsersFile() bool

IsSetIgnoredUsersFile indicates whether a user-provided path to the file containing a list of user accounts which should not be disabled and whose associated IP should not be banned by this application was provided. Deprecated: See GH-46

func (*Config) LoadConfigFile

func (c *Config) LoadConfigFile(fileHandle io.Reader) error

LoadConfigFile reads from an io.Reader and unmarshals a configuration file in TOML format into the associated Config struct.

func (Config) LocalIPAddress

func (c Config) LocalIPAddress() string

LocalIPAddress returns the user-provided logging format or the default value if not provided. CLI flag values take precedence if provided.

func (Config) LocalTCPPort

func (c Config) LocalTCPPort() int

LocalTCPPort returns the user-provided logging format or the default value if not provided. CLI flag values take precedence if provided.

func (Config) LogFormat

func (c Config) LogFormat() string

LogFormat returns the user-provided logging format or the default value if not provided. CLI flag values take precedence if provided.

func (Config) LogLevel

func (c Config) LogLevel() string

LogLevel returns the user-provided logging level or the default value if not provided. CLI flag values take precedence if provided.

func (Config) LogOutput

func (c Config) LogOutput() string

LogOutput returns the user-provided logging output or the default value if not provided. CLI flag values take precedence if provided.

func (Config) NotifyEmail

func (c Config) NotifyEmail() bool

NotifyEmail indicates whether or not notifications should be generated and sent via email to specified recipients.

func (Config) NotifyTeams

func (c Config) NotifyTeams() bool

NotifyTeams indicates whether or not notifications should be sent to a Microsoft Teams channel.

func (Config) ReportedUsersLogFile

func (c Config) ReportedUsersLogFile() string

ReportedUsersLogFile returns the fully-qualified path to the log file where this application should log user disable request events for fail2ban to ingest or the default value if not provided. CLI flag values take precedence if provided.

func (Config) ReportedUsersLogFilePermissions

func (c Config) ReportedUsersLogFilePermissions() os.FileMode

ReportedUsersLogFilePermissions returns the user-provided permissions for the log file where this application should log user disable request events for fail2ban to ingest or the default value if not provided. CLI flag values take precedence if provided.

func (Config) RequireTrustedPayloadSender added in v0.4.8

func (c Config) RequireTrustedPayloadSender() bool

RequireTrustedPayloadSender indicates whether the sysadmin specified a list of IP Addresses to trust for payload submission.

func (*Config) String

func (c *Config) String() string

func (Config) TeamsNotificationRateLimit

func (c Config) TeamsNotificationRateLimit() time.Duration

TeamsNotificationRateLimit returns a time.Duration value based on the user-provided rate limit in seconds between Microsoft Teams notifications or the default value if not provided. CLI flag values take precedence if provided.

func (Config) TeamsNotificationRetries

func (c Config) TeamsNotificationRetries() int

TeamsNotificationRetries returns the user-provided retry limit before giving up on message delivery or the default value if not provided. CLI flag values take precedence if provided.

func (Config) TeamsNotificationRetryDelay

func (c Config) TeamsNotificationRetryDelay() int

TeamsNotificationRetryDelay returns the user-provided delay between retry attempts for Microsoft Teams notifications or the default value if not provided. CLI flag values take precedence if provided.

func (Config) TeamsWebhookURL

func (c Config) TeamsWebhookURL() string

TeamsWebhookURL returns the user-provided webhook URL used for Teams notifications or the default value if not provided. CLI flag values take precedence if provided.

func (Config) TrustedIPAddresses added in v0.4.8

func (c Config) TrustedIPAddresses() []string

TrustedIPAddresses returns the user-provided list of IP Addresses that should be trusted to receive payloads or the the default value if not provided. CLI flag values take precedence if provided.

type DisabledUsers

type DisabledUsers struct {

	// File is the fully-qualified path to the EZproxy include file where this
	// application should write disabled user accounts.
	File *string `` /* 190-byte string literal not displayed */

	// EntrySuffix is the string that is appended after every username added
	// to the disabled users file in order to deny login access.
	EntrySuffix *string `` /* 213-byte string literal not displayed */

	// Permissions is the desired file permissions when this file is created.
	// Note: The ezproxy daemon will need to be able to read this file.
	FilePermissions *os.FileMode `` /* 223-byte string literal not displayed */
}

DisabledUsers represents the path to, and permissions for, the file generated by this application containing disabled accounts that EZproxy should import and disabled from logging in.

type EZproxy

type EZproxy struct {

	// ExecutablePath is the fully-qualified path to the EZproxy
	// executable/binary. This executable is usually named 'ezproxy' and is
	// set to start at system boot. The fully-qualified path to this
	// executable is required for session termination.
	ExecutablePath *string `` /* 314-byte string literal not displayed */

	// ActiveFilePath is the fully-qualified path to the Active Users and
	// Hosts "state" file used by EZproxy (and this application) to track
	// current sessions and hosts managed by EZproxy.
	ActiveFilePath *string `` /* 261-byte string literal not displayed */

	// AuditFileDirPath is the path to the directory containing the EZproxy
	// audit files. The assumption is made that all files within are based on
	// YYYYMMDD.txt pattern. Any other file pattern found within this path is
	// ignored (e.g, .zip or .tar or whatnot for a one-off quick backup made
	// by a sysadmin of a specific file).
	AuditFileDirPath *string `` /* 403-byte string literal not displayed */

	// SearchRetries is the number of retries allowed for the audit log and
	// active files before the application accepts that "cannot find matching
	// session IDs for specific user" is really the truth of it and not a race
	// condition between this application and the EZproxy application (e.g.,
	// EZproxy accepts a login, but delays writing the state information for
	// about 2 seconds to keep from hammering the storage device).
	SearchRetries *int `` /* 487-byte string literal not displayed */

	// SearchDelay is the delay in seconds between searches of the audit log
	// or active file for a specified username. This is an attempt to work
	// around race conditions between EZproxy updating its state file (which
	// has been observed to have a delay of up to several seconds) and this
	// application *reading* the active file. This delay is applied to the
	// initial search and each subsequent retried search for the provided
	// username.
	SearchDelay *int `` /* 493-byte string literal not displayed */

	// TerminateSessions controls whether session termination support is
	// enabled.
	//
	// If false, session termination will not be initiated by this
	// application, though current session IDs found as part of preparing for
	// termination will still be logged for troubleshooting purposes.
	//
	// If setting (or leaving) this as false, the assumption is that either no
	// handling of reported users is desired (other than perhaps logging and
	// notification) or that a tool such as fail2ban is used to monitor the
	// reported users log file and temporarily block the source IP in order to
	// force session timeout.
	TerminateSessions *bool `` /* 656-byte string literal not displayed */
}

EZproxy represents that various configuration settings used to interact with EZproxy and files/settings used by EZproxy.

type Email

type Email struct {

	// Server is the SMTP server that this application should connect to for
	// email message delivery. Specify localhost if testing or sending mail
	// via a local SMTP server instance. Examples include running a Postfix
	// null client which sends all mail to a relayhost on the local network or
	// a Maildev Docker container for development purposes.
	Server *string `` /* 397-byte string literal not displayed */

	// Port is the TCP port that this application should connect to for email
	// message delivery. The default is usually 25, but could be 1025 if using
	// the default Maildev container port.
	Port *int `` /* 243-byte string literal not displayed */

	// ClientIdentity is the hostname provided with the HELO or EHLO greeting
	// to the SMTP server. Be aware that many SMTP servers expect this value
	// to be a valid FQDN with forward and reverse DNS records. If left blank,
	// this value is generated by retrieving the local system's
	// fully-qualified domain name, the local hostname or as a fallback, the
	// hard-coded default value.
	ClientIdentity *string `` /* 439-byte string literal not displayed */

	// SenderAddress is the email address used as the sender for all outgoing
	// email notifications from this application.
	SenderAddress *string `` /* 185-byte string literal not displayed */

	// RecipientAddresses is the comma or space-separated list of email
	// addresses that should receive all outgoing email notifications from
	// this application.
	RecipientAddresses []string `` /* 232-byte string literal not displayed */

	// RateLimit is the number of seconds to wait between email notification
	// attempts. This rate limit is intended to help prevent unintentional
	// abuse of remote services and is applied regardless of whether the last
	// notification attempt was initially successful or required one or more
	// retry attempts.
	RateLimit *int `` /* 372-byte string literal not displayed */

	// RetryDelay is the number of seconds to wait between email message
	// delivery attempts.
	RetryDelay *int `` /* 170-byte string literal not displayed */

	// Retries is the number of attempts that this application will make to
	// deliver email messages before giving up.
	Retries *int `` /* 180-byte string literal not displayed */
}

Email represents the various configuration settings ued to send email notifications.

type IgnoredIPAddresses

type IgnoredIPAddresses struct {

	// File is the fully-qualified path to the file containing a list of
	// individual IP Addresses which should not be banned by this application.
	File *string `` /* 338-byte string literal not displayed */
}

IgnoredIPAddresses represents the fully-qualified path to the file containing a list of individual IP Addresses which should not be banned by this application. User accounts associated with the individual IP Addresses in this file are not disabled by this application when reported in the same alert, though report user accounts can still be disabled when associated with a different IP Address. See also the option to ignore specific user accounts.

type IgnoredUsers

type IgnoredUsers struct {

	// File is the fully-qualified path to the file containing a list of user
	// accounts that should not be disabled.
	File *string `` /* 321-byte string literal not displayed */
}

IgnoredUsers represents the fully-qualified path to the file containing a list of user accounts which should not be disabled and whose associated IP should not be banned by this application. Note: The same IP could end up being (temporarily) banned by association with another user account which is not in the list of user accounts to be ignored. See also the option to ignore specific (individual) IPs.

type Logging

type Logging struct {
	// Level is the chosen logging level
	Level *string `` /* 131-byte string literal not displayed */

	// Output is one of the standard application outputs, stdout or stderr
	Output *string `toml:"output" arg:"--log-output,env:BRICK_LOG_OUTPUT" help:"Log messages are written to this output target."`

	// LogFormat controls which output format is used for log messages
	// generated by this application. This value is from a smaller subset
	// of the formats supported by the third-party leveled-logging package
	// used by this application.
	Format *string `toml:"format" arg:"--log-format,env:BRICK_LOG_FORMAT" help:"Log messages are written in this format."`
}

Logging is a collection of logging-related settings provided via CLI and config file sources.

type MSTeams

type MSTeams struct {

	// WebhookURL is the full URL used to submit messages to the Teams
	// channel. This URL is in the form of
	// https://outlook.office.com/webhook/xxx or
	// https://outlook.office365.com/webhook/xxx. This URL needs to be created
	// in advance by adding/configuring a Webhook Connector in a Microsoft
	// Teams channel that you wish to submit messages to using this
	// application.
	WebhookURL *string `` /* 275-byte string literal not displayed */

	// RateLimit is the number of seconds to wait between Microsoft Teams
	// notification attempts. This rate limit is intended to help prevent
	// unintentional abuse of remote services and is applied regardless of
	// whether the last notification attempt was initially successful or
	// required one or more retry attempts.
	RateLimit *int `` /* 385-byte string literal not displayed */

	// RetryDelay is the number of seconds to wait between Microsoft Teams
	// message delivery retry attempts.
	RetryDelay *int `` /* 183-byte string literal not displayed */

	// Retries is the number of attempts that this application will make to
	// deliver Microsoft Teams messages before giving up.
	Retries *int `` /* 193-byte string literal not displayed */
}

MSTeams represents the various configuration settings used to send notifications to a Microsoft Teams channel.

type Network

type Network struct {

	// LocalTCPPort is the TCP port that this application should listen on for
	// incoming requests
	LocalTCPPort *int `` /* 142-byte string literal not displayed */

	// LocalIPAddress is the IP Address that this application should listen on
	// for incoming requests
	LocalIPAddress *string `` /* 160-byte string literal not displayed */

	// TrustedIPAddresses is the collection of single IP Addresses which are
	// trusted for payload submission. If this is defined, all other sender
	// IPs are ignored. If this is not defined, payloads are accepted from all
	// IP Addresses not otherwise rejected by local/remote firewall rules.
	TrustedIPAddresses []string `` /* 345-byte string literal not displayed */
}

Network is a collection of network-related settings provided via CLI and config file sources.

type ReportedUsers

type ReportedUsers struct {

	// File is the fully-qualified path to the log file where this application
	// should log user disable request events for fail2ban to ingest.
	LogFile *string `` /* 212-byte string literal not displayed */

	// Permissions is the desired file permissions when this file is created.
	// Note: fail2ban will need to be able to read this file.
	LogFilePermissions *os.FileMode `` /* 221-byte string literal not displayed */
}

ReportedUsers represents the path to, and permissions for, the file generated by this application for review by fail2ban for potential IP-ban actions and humans alike.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL