Documentation ¶
Index ¶
- Constants
- Variables
- func AcceptHeader(accept string) func(next http.Handler) http.Handler
- func AdminOnly(w http.ResponseWriter, req *http.Request) error
- func AdminOnlyMiddleware(next http.Handler) http.Handler
- func AdminOnlyWithRedirect(w http.ResponseWriter, req *http.Request) error
- func AdminOrItselfOnly(w http.ResponseWriter, req *http.Request, nickname string) error
- func BandwithLimiterMiddleware(max int64) func(next http.Handler) http.Handler
- func BlockBannedIPs(next http.Handler) http.Handler
- func BlockByCountryMiddleware(blockedCountries []string, CountryBlacklistIsWhitelist bool) func(http.Handler) http.Handler
- func BlockPostWithoutReferer(next http.Handler) http.Handler
- func BufferedDBWrite(collectionName string, object map[string]interface{})
- func CORSHeader(origin string) func(next http.Handler) http.Handler
- func CheckDNS(url string) error
- func CheckHostNetwork()
- func CheckPassword(nickname, password string) error
- func CleanBannedIPs()
- func CleanupByDate(collectionName string)
- func CompareSemver(v1, v2 string) (int, error)
- func ContentTypeMiddleware(contentType string) func(next http.Handler) http.Handler
- func CreateDefaultConfigFileIfNecessary() bool
- func DB() error
- func Debug(message string)
- func DisconnectDB()
- func DoErr(format string, a ...interface{}) string
- func DoLetsEncrypt() (string, string)
- func DoSuccess(format string, a ...interface{}) string
- func DoWarn(format string, a ...interface{}) string
- func DownloadFile(url string) (string, error)
- func EnsureHostname(next http.Handler) http.Handler
- func EnsureHostnameCosmosAPI(next http.Handler) http.Handler
- func Error(message string, err error)
- func Exec(cmd string, args ...string) (string, error)
- func Fatal(message string, err error)
- func FileExists(path string) bool
- func GenerateEd25519Certificates() (string, string)
- func GenerateRSAWebCertificates(domains []string) (string, string)
- func GenerateRandomString(n int) string
- func GetAllHostnames(applyWildCard bool, removePorts bool) []string
- func GetAvailableRAM() uint64
- func GetCPUUsage() []float64
- func GetClientIP(req *http.Request) string
- func GetCollection(applicationId string, collection string) (*mongo.Collection, error)
- func GetConfigFileName() string
- func GetEmbeddedCollection(applicationId string, collection string) (lungo.ICollection, func(), error)
- func GetIPLocation(ip string) (string, error)
- func GetPrivateAuthKey() string
- func GetPublicAuthKey() string
- func GetRAMUsage() uint64
- func GetRootAppId() string
- func GetServerURL() string
- func GetWriteBuffer() map[string][]map[string]interface{}
- func GetWriteBufferLength() int
- func HTTPError(w http.ResponseWriter, message string, code int, userCode string)
- func HasAnyNewItem(after []string, before []string) bool
- func IPInRange(ipStr, cidrStr string) (bool, error)
- func ImageToBase64(path string) (string, error)
- func IncrementIPAbuseCounter(ip string)
- func InitDBBuffers()
- func IsAdmin(req *http.Request) bool
- func IsDomain(domain string) bool
- func IsEmailEnabled() bool
- func IsLoggedIn(req *http.Request) bool
- func IsValidHostname(hostname string) bool
- func LetsEncryptValidOnly(hostnames []string, acceptWildcard bool) []string
- func LoadBaseMainConfig(config Config)
- func Log(message string)
- func LoggedInOnly(w http.ResponseWriter, req *http.Request) error
- func LoggedInOnlyWithRedirect(w http.ResponseWriter, req *http.Request) error
- func LoggedInWeakOnly(w http.ResponseWriter, req *http.Request) error
- func MajorError(message string, err error)
- func MarkAsRead(w http.ResponseWriter, req *http.Request)
- func Max(x, y int) int
- func MiddlewareTimeout(timeout time.Duration) func(next http.Handler) http.Handler
- func NotifGet(w http.ResponseWriter, req *http.Request)
- func PublicCORS(next http.Handler) http.Handler
- func RestartServer()
- func Restrictions(RestrictToConstellation bool, WhitelistInboundIPs []string) func(next http.Handler) http.Handler
- func Sanitize(s string) string
- func SanitizeSafe(s string) string
- func SaveConfigTofile(config Config)
- func SendEmail(recipients []string, subject string, body string) error
- func SetBaseMainConfig(config Config)
- func SetSecurityHeaders(next http.Handler) http.Handler
- func StringArrayContains(a []string, b string) bool
- func StringArrayEquals(a []string, b []string) bool
- func TriggerEvent(eventId string, label string, level string, object string, ...)
- func Values[M ~map[K]V, K comparable, V any](m M) []V
- func Warn(message string)
- func WriteNotification(notification Notification)
- func WriteToDatabase(collection *mongo.Collection, objects []map[string]interface{}) error
- type AddionalFiltersConfig
- type Alert
- type AlertAction
- type AlertCondition
- type AlertMetricTrack
- type CRONConfig
- type CertUser
- type CleanupObject
- type Config
- type ConstellationConfig
- type ConstellationDNSEntry
- type ConstellationDevice
- type DatabaseConfig
- type Device
- type DiskStatus
- type DockerConfig
- type EmailConfig
- type FileStats
- type HTTPConfig
- type HTTPErrorResult
- type HomepageConfig
- type LoggingLevel
- type MarketConfig
- type MarketSource
- type MyUser
- type NebulaConfig
- type NebulaConntrackConfig
- type NebulaFirewallRule
- type NetworkStatus
- type Notification
- type NotificationActions
- type OpenIDClient
- type ProxyConfig
- type ProxyMode
- type ProxyRouteConfig
- type Role
- type SmartShieldPolicy
- type SnapRAIDConfig
- type StorageConfig
- type ThemeConfig
- type User
Constants ¶
View Source
const ( GUEST = 0 USER = 1 ADMIN = 2 )
View Source
const ( DEBUG = 0 INFO = 1 WARNING = 2 ERROR = 3 )
View Source
const ( STRICT = 1 NORMAL = 2 LENIENT = 3 )
Variables ¶
View Source
var AlphaNumRunes = []rune("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
View Source
var BannedIPs = sync.Map{}
View Source
var Blue = "\033[34m"
View Source
var CONFIGFOLDER = "/var/lib/cosmos/"
View Source
var CheckDockerNetworkMode func() string
View Source
var ConfigLock sync.Mutex
View Source
var ConfigLockInternal sync.Mutex
View Source
var Cyan = "\033[36m"
View Source
var DBContainerName string
View Source
var DBStatus bool
View Source
var DefaultConfig = Config{ LoggingLevel: "INFO", NewInstall: true, AutoUpdate: true, BlockedCountries: []string{}, HTTPConfig: HTTPConfig{ HTTPSCertificateMode: "DISABLED", GenerateMissingAuthCert: true, HTTPPort: "80", HTTPSPort: "443", Hostname: "0.0.0.0", ProxyConfig: ProxyConfig{ Routes: []ProxyRouteConfig{}, }, }, DockerConfig: DockerConfig{ DefaultDataPath: "/usr", }, MarketConfig: MarketConfig{ Sources: []MarketSource{}, }, ConstellationConfig: ConstellationConfig{ Enabled: false, DNSDisabled: false, DNSFallback: "8.8.8.8:53", DNSAdditionalBlocklists: []string{ "https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt", "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt", "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts", "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-only/hosts", }, }, MonitoringAlerts: map[string]Alert{ "Anti Crypto-Miner": { Name: "Anti Crypto-Miner", Enabled: false, Period: "daily", TrackingMetric: "cosmos.system.docker.cpu.*", LastTriggered: time.Time{}, Condition: AlertCondition{ Operator: "gt", Value: 80, Percent: false, }, Actions: []AlertAction{ AlertAction{ Type: "notification", Target: "", }, AlertAction{ Type: "email", Target: "", }, AlertAction{ Type: "stop", Target: "", }, }, Throttled: false, Severity: "warn", }, "Anti Memory Leak": { Name: "Anti Memory Leak", Enabled: false, Period: "daily", TrackingMetric: "cosmos.system.docker.ram.*", LastTriggered: time.Time{}, Condition: AlertCondition{ Operator: "gt", Value: 80, Percent: true, }, Actions: []AlertAction{ { Type: "notification", Target: "", }, { Type: "email", Target: "", }, { Type: "stop", Target: "", }, }, Throttled: false, Severity: "warn", }, "Disk Full Notification": { Name: "Disk Full Notification", Enabled: true, Period: "latest", TrackingMetric: "cosmos.system.disk./", LastTriggered: time.Time{}, Condition: AlertCondition{ Operator: "gt", Value: 95, Percent: true, }, Actions: []AlertAction{ { Type: "notification", Target: "", }, }, Throttled: true, Severity: "warn", }, }, }
View Source
var DoesContainerExist func(string) bool
View Source
var GetContainerIPByName func(string) (string, error)
var ReBootstrapContainer func(string) error
View Source
var Gray = "\033[37m"
View Source
var Green = "\033[32m"
View Source
var HTTPSCertModeList = map[string]string{
"DISABLED": "DISABLED",
"PROVIDED": "PROVIDED",
"SELFSIGNED": "SELFSIGNED",
"LETSENCRYPT": "LETSENCRYPT",
}
View Source
var IsHTTPS = false
View Source
var IsHostNetwork = false
View Source
var LetsEncryptErrors = []string{}
View Source
var LoggingLevelLabels = map[LoggingLevel]int{ "DEBUG": DEBUG, "INFO": INFO, "WARNING": WARNING, "ERROR": ERROR, }
View Source
var NeedsRestart = false
View Source
var NewVersionAvailable = false
View Source
var ProxyModeList = map[string]string{
"PROXY": "PROXY",
"SPA": "SPA",
"STATIC": "STATIC",
"SERVAPP": "SERVAPP",
"REDIRECT": "REDIRECT",
}
View Source
var Purple = "\033[35m"
View Source
var PushShieldMetrics func(string)
View Source
var Red = "\033[31m"
View Source
var Reset = "\033[0m"
View Source
var RestartHTTPServer func()
View Source
var Template = `` /* 1110-byte string literal not displayed */
View Source
var UpdateAvailable = map[string]bool{}
View Source
var Validate = validator.New()
View Source
var White = "\033[97m"
View Source
var Yellow = "\033[33m"
Functions ¶
func AdminOnlyMiddleware ¶ added in v0.15.0
func AdminOnlyWithRedirect ¶
func AdminOnlyWithRedirect(w http.ResponseWriter, req *http.Request) error
func AdminOrItselfOnly ¶
func BlockByCountryMiddleware ¶
func BlockByCountryMiddleware(blockedCountries []string, CountryBlacklistIsWhitelist bool) func(http.Handler) http.Handler
BlockByCountryMiddleware returns a middleware function that blocks requests from specified countries.
func BlockPostWithoutReferer ¶
blockPostWithoutReferer blocks POST requests without a Referer header
func BufferedDBWrite ¶ added in v0.12.0
func CheckHostNetwork ¶ added in v0.14.0
func CheckHostNetwork()
func CheckPassword ¶ added in v0.15.0
func CleanBannedIPs ¶ added in v0.12.0
func CleanBannedIPs()
func CleanupByDate ¶ added in v0.12.0
func CleanupByDate(collectionName string)
func CompareSemver ¶ added in v0.14.0
compareSemver compares two semantic version strings. Returns:
0 if v1 == v2 1 if v1 > v2 -1 if v1 < v2 error if there's a problem parsing either version string
func ContentTypeMiddleware ¶ added in v0.15.0
func CreateDefaultConfigFileIfNecessary ¶
func CreateDefaultConfigFileIfNecessary() bool
func DisconnectDB ¶
func DisconnectDB()
func DoLetsEncrypt ¶
func DownloadFile ¶ added in v0.10.0
func EnsureHostnameCosmosAPI ¶ added in v0.12.6
func FileExists ¶
func GenerateRandomString ¶
func GetAllHostnames ¶
func GetAvailableRAM ¶
func GetAvailableRAM() uint64
func GetCPUUsage ¶
func GetCPUUsage() []float64
func GetClientIP ¶ added in v0.9.17
func GetCollection ¶
func GetCollection(applicationId string, collection string) (*mongo.Collection, error)
func GetConfigFileName ¶
func GetConfigFileName() string
func GetEmbeddedCollection ¶ added in v0.14.0
func GetEmbeddedCollection(applicationId string, collection string) (lungo.ICollection, func(), error)
func GetIPLocation ¶
GetIPLocation returns the ISO country code for a given IP address.
func GetPrivateAuthKey ¶
func GetPrivateAuthKey() string
func GetPublicAuthKey ¶
func GetPublicAuthKey() string
func GetRAMUsage ¶
func GetRAMUsage() uint64
func GetRootAppId ¶
func GetRootAppId() string
func GetServerURL ¶
func GetServerURL() string
func GetWriteBuffer ¶ added in v0.15.0
func GetWriteBufferLength ¶ added in v0.15.0
func GetWriteBufferLength() int
func HasAnyNewItem ¶
func ImageToBase64 ¶
func IncrementIPAbuseCounter ¶ added in v0.12.0
func IncrementIPAbuseCounter(ip string)
func InitDBBuffers ¶ added in v0.12.0
func InitDBBuffers()
func IsEmailEnabled ¶
func IsEmailEnabled() bool
func IsLoggedIn ¶ added in v0.12.6
func IsValidHostname ¶
func LetsEncryptValidOnly ¶
func LoadBaseMainConfig ¶
func LoadBaseMainConfig(config Config)
func LoggedInOnly ¶
func LoggedInOnly(w http.ResponseWriter, req *http.Request) error
func LoggedInOnlyWithRedirect ¶
func LoggedInOnlyWithRedirect(w http.ResponseWriter, req *http.Request) error
func LoggedInWeakOnly ¶
func LoggedInWeakOnly(w http.ResponseWriter, req *http.Request) error
func MajorError ¶ added in v0.12.0
func MarkAsRead ¶ added in v0.12.0
func MarkAsRead(w http.ResponseWriter, req *http.Request)
func MiddlewareTimeout ¶
func RestartServer ¶
func RestartServer()
func Restrictions ¶ added in v0.10.0
func SanitizeSafe ¶
func SaveConfigTofile ¶
func SaveConfigTofile(config Config)
func SetBaseMainConfig ¶
func SetBaseMainConfig(config Config)
func StringArrayContains ¶
func StringArrayEquals ¶
func TriggerEvent ¶ added in v0.12.0
func Values ¶ added in v0.15.0
func Values[M ~map[K]V, K comparable, V any](m M) []V
func WriteNotification ¶ added in v0.12.0
func WriteNotification(notification Notification)
func WriteToDatabase ¶ added in v0.12.0
func WriteToDatabase(collection *mongo.Collection, objects []map[string]interface{}) error
Types ¶
type AddionalFiltersConfig ¶ added in v0.9.9
type Alert ¶ added in v0.12.0
type Alert struct { Name string Enabled bool Period string TrackingMetric string Condition AlertCondition Actions []AlertAction LastTriggered time.Time Throttled bool Severity string }
type AlertAction ¶ added in v0.12.0
type AlertCondition ¶ added in v0.12.0
type AlertMetricTrack ¶ added in v0.12.0
type CRONConfig ¶ added in v0.15.0
type CertUser ¶
type CertUser struct { Email string Registration *registration.Resource // contains filtered or unexported fields }
func (*CertUser) GetPrivateKey ¶
func (u *CertUser) GetPrivateKey() crypto.PrivateKey
func (CertUser) GetRegistration ¶
func (u CertUser) GetRegistration() *registration.Resource
type CleanupObject ¶ added in v0.12.0
type Config ¶
type Config struct { LoggingLevel LoggingLevel `required,validate:"oneof=DEBUG INFO WARNING ERROR"` MongoDB string Database DatabaseConfig `validate:"dive"` DisableUserManagement bool NewInstall bool `validate:"boolean"` HTTPConfig HTTPConfig `validate:"required,dive,required"` EmailConfig EmailConfig `validate:"required,dive,required"` DockerConfig DockerConfig BlockedCountries []string CountryBlacklistIsWhitelist bool ServerCountry string RequireMFA bool AutoUpdate bool OpenIDClients []OpenIDClient MarketConfig MarketConfig HomepageConfig HomepageConfig ThemeConfig ThemeConfig ConstellationConfig ConstellationConfig MonitoringDisabled bool MonitoringAlerts map[string]Alert BackupOutputDir string DisableHostModeWarning bool AdminWhitelistIPs []string AdminConstellationOnly bool Storage StorageConfig CRON map[string]CRONConfig }
var BaseMainConfig Config
var MainConfig Config
func GetBaseMainConfig ¶
func GetBaseMainConfig() Config
func GetMainConfig ¶
func GetMainConfig() Config
func ReadConfigFromFile ¶
func ReadConfigFromFile() Config
type ConstellationConfig ¶ added in v0.10.0
type ConstellationDNSEntry ¶ added in v0.10.0
type ConstellationDevice ¶ added in v0.10.0
type ConstellationDevice struct { Nickname string `json:"nickname" bson:"Nickname"` DeviceName string `json:"deviceName" bson:"DeviceName"` PublicKey string `json:"publicKey" bson:"PublicKey"` IP string `json:"ip" bson:"IP"` IsLighthouse bool `json:"isLighthouse" bson:"IsLighthouse"` IsRelay bool `json:"isRelay" bson:"IsRelay"` PublicHostname string `json:"publicHostname" bson:"PublicHostname"` Port string `json:"port" bson:"Port"` Blocked bool `json:"blocked" bson:"Blocked"` Fingerprint string `json:"fingerprint" bson:"Fingerprint"` APIKey string `json:"-" bson:"APIKey"` }
type DatabaseConfig ¶ added in v0.14.0
type Device ¶ added in v0.10.0
type Device struct { DeviceName string `json:"deviceName"validate:"required,min=3,max=32,alphanum",bson:"DeviceName"` Nickname string `json:"nickname",validate:"required,min=3,max=32,alphanum",bson:"Nickname"` PublicKey string `json:"publicKey",omitempty,bson:"PublicKey"` PrivateKey string `json:"privateKey",omitempty,bson:"PrivateKey"` IP string `json:"ip",validate:"required,ipv4",bson:"IP"` }
type DiskStatus ¶
func GetDiskUsage ¶
func GetDiskUsage() []DiskStatus
type DockerConfig ¶
type EmailConfig ¶
type HTTPConfig ¶
type HTTPConfig struct { TLSCert string `validate:"omitempty,contains=\n` TLSKey string TLSKeyHostsCached []string TLSValidUntil time.Time AuthPrivateKey string AuthPublicKey string GenerateMissingAuthCert bool HTTPSCertificateMode string DNSChallengeProvider string ForceHTTPSCertificateRenewal bool HTTPPort string `validate:"required,containsany=0123456789,min=1,max=6"` HTTPSPort string `validate:"required,containsany=0123456789,min=1,max=6"` ProxyConfig ProxyConfig Hostname string `validate:"required,excludesall=0x2C/ "` SSLEmail string `validate:"omitempty,email"` UseWildcardCertificate bool OverrideWildcardDomains string `validate:"omitempty,excludesall=/ "` AcceptAllInsecureHostname bool DNSChallengeConfig map[string]string `json:"DNSChallengeConfig,omitempty"` UseForwardedFor bool }
type HTTPErrorResult ¶
type HomepageConfig ¶
type LoggingLevel ¶
type LoggingLevel string
type MarketConfig ¶
type MarketConfig struct {
Sources []MarketSource
}
type MarketSource ¶
type MyUser ¶
type MyUser struct { Email string Registration *registration.Resource // contains filtered or unexported fields }
You'll need a user or account type that implements acme.User
func (*MyUser) GetPrivateKey ¶
func (u *MyUser) GetPrivateKey() crypto.PrivateKey
func (MyUser) GetRegistration ¶
func (u MyUser) GetRegistration() *registration.Resource
type NebulaConfig ¶ added in v0.10.0
type NebulaConfig struct { PKI struct { CA string `yaml:"ca"` Cert string `yaml:"cert"` Key string `yaml:"key"` Blocklist []string `yaml:"blocklist"` } `yaml:"pki"` StaticHostMap map[string][]string `yaml:"static_host_map"` Lighthouse struct { AMLighthouse bool `yaml:"am_lighthouse"` Interval int `yaml:"interval"` Hosts []string `yaml:"hosts"` } `yaml:"lighthouse"` Listen struct { Host string `yaml:"host"` Port int `yaml:"port"` } `yaml:"listen"` Punchy struct { Punch bool `yaml:"punch"` Respond bool `yaml:"respond"` } `yaml:"punchy"` Relay struct { AMRelay bool `yaml:"am_relay"` UseRelays bool `yaml:"use_relays"` Relays []string `yaml:"relays"` } `yaml:"relay"` TUN struct { Disabled bool `yaml:"disabled"` Dev string `yaml:"dev"` DropLocalBroadcast bool `yaml:"drop_local_broadcast"` DropMulticast bool `yaml:"drop_multicast"` TxQueue int `yaml:"tx_queue"` MTU int `yaml:"mtu"` Routes []string `yaml:"routes"` UnsafeRoutes []string `yaml:"unsafe_routes"` } `yaml:"tun"` Logging struct { Level string `yaml:"level"` Format string `yaml:"format"` } `yaml:"logging"` Firewall struct { OutboundAction string `yaml:"outbound_action"` InboundAction string `yaml:"inbound_action"` Conntrack NebulaConntrackConfig `yaml:"conntrack"` Outbound []NebulaFirewallRule `yaml:"outbound"` Inbound []NebulaFirewallRule `yaml:"inbound"` } `yaml:"firewall"` }
type NebulaConntrackConfig ¶ added in v0.10.0
type NebulaFirewallRule ¶ added in v0.10.0
type NetworkStatus ¶
func GetNetworkUsage ¶
func GetNetworkUsage() NetworkStatus
type Notification ¶ added in v0.12.0
type NotificationActions ¶ added in v0.12.0
type OpenIDClient ¶
type ProxyConfig ¶
type ProxyConfig struct {
Routes []ProxyRouteConfig
}
type ProxyRouteConfig ¶
type ProxyRouteConfig struct { Disabled bool Name string `validate:"required"` Description string UseHost bool Host string UsePathPrefix bool PathPrefix string Timeout time.Duration ThrottlePerMinute int CORSOrigin string StripPathPrefix bool MaxBandwith int64 AuthEnabled bool AdminOnly bool Target string `validate:"required"` SmartShield SmartShieldPolicy Mode ProxyMode BlockCommonBots bool BlockAPIAbuse bool AcceptInsecureHTTPSTarget bool HideFromDashboard bool DisableHeaderHardening bool VerboseForwardHeader bool AddionalFilters []AddionalFiltersConfig RestrictToConstellation bool OverwriteHostHeader string WhitelistInboundIPs []string Icon string }
type SmartShieldPolicy ¶
type SnapRAIDConfig ¶ added in v0.15.0
type StorageConfig ¶ added in v0.15.0
type StorageConfig struct {
SnapRAIDs []SnapRAIDConfig
}
type ThemeConfig ¶
type User ¶
type User struct { ID primitive.ObjectID `json:"-" bson:"_id,omitempty"` Nickname string `validate:"required" json:"nickname" bson:"Nickname"` Password string `validate:"required" json:"-" bson:"Password"` RegisterKey string `json:"registerKey" bson:"RegisterKey"` RegisterKeyExp time.Time `json:"registerKeyExp" bson:"RegisterKeyExp"` Role Role `validate:"required" json:"role" bson:"Role"` PasswordCycle int `json:"-" bson:"PasswordCycle"` Link string `json:"link" bson:"-"` Email string `validate:"email" json:"email" bson:"Email"` RegisteredAt time.Time `json:"registeredAt" bson:"RegisteredAt"` LastPasswordChangedAt time.Time `json:"lastPasswordChangedAt" bson:"LastPasswordChangedAt"` CreatedAt time.Time `json:"createdAt" bson:"CreatedAt"` LastLogin time.Time `json:"lastLogin" bson:"LastLogin"` MFAKey string `json:"-" bson:"MFAKey"` Was2FAVerified bool `json:"-" bson:"Was2FAVerified"` MFAState int `json:"-" bson:"-"` }
func ListAllUsers ¶ added in v0.12.0
Click to show internal directories.
Click to hide internal directories.