Documentation ¶
Index ¶
- Variables
- func NewListener(t string, config map[string]interface{}, logger io.Writer, ui cli.Ui) (net.Listener, map[string]string, reload.ReloadFunc, error)
- func ParseStorage(result *Config, list *ast.ObjectList, name string) error
- type Config
- type Entropy
- type EntropyMode
- type Listener
- type ListenerFactory
- type Seal
- type Storage
- type TCPKeepAliveListener
- type Telemetry
Constants ¶
This section is empty.
Variables ¶
var BuiltinListeners = map[string]ListenerFactory{
"tcp": tcpListenerFactory,
}
BuiltinListeners is the list of built-in listener types.
Functions ¶
func NewListener ¶
func NewListener(t string, config map[string]interface{}, logger io.Writer, ui cli.Ui) (net.Listener, map[string]string, reload.ReloadFunc, error)
NewListener creates a new listener of the given type with the given configuration. The type is looked up in the BuiltinListeners map.
func ParseStorage ¶ added in v0.11.2
func ParseStorage(result *Config, list *ast.ObjectList, name string) error
Types ¶
type Config ¶
type Config struct { Listeners []*Listener `hcl:"-"` Storage *Storage `hcl:"-"` HAStorage *Storage `hcl:"-"` Seals []*Seal `hcl:"-"` Entropy *Entropy `hcl:"-"` CacheSize int `hcl:"cache_size"` DisableCache bool `hcl:"-"` DisableCacheRaw interface{} `hcl:"disable_cache"` DisableMlock bool `hcl:"-"` DisableMlockRaw interface{} `hcl:"disable_mlock"` DisablePrintableCheck bool `hcl:"-"` DisablePrintableCheckRaw interface{} `hcl:"disable_printable_check"` EnableUI bool `hcl:"-"` EnableUIRaw interface{} `hcl:"ui"` Telemetry *Telemetry `hcl:"telemetry"` MaxLeaseTTL time.Duration `hcl:"-"` MaxLeaseTTLRaw interface{} `hcl:"max_lease_ttl"` DefaultLeaseTTL time.Duration `hcl:"-"` DefaultLeaseTTLRaw interface{} `hcl:"default_lease_ttl"` DefaultMaxRequestDuration time.Duration `hcl:"-"` DefaultMaxRequestDurationRaw interface{} `hcl:"default_max_request_duration"` ClusterName string `hcl:"cluster_name"` ClusterCipherSuites string `hcl:"cluster_cipher_suites"` PluginDirectory string `hcl:"plugin_directory"` LogLevel string `hcl:"log_level"` // LogFormat specifies the log format. Valid values are "standard" and "json". The values are case-insenstive. // If no log format is specified, then standard format will be used. LogFormat string `hcl:"log_format"` PidFile string `hcl:"pid_file"` EnableRawEndpoint bool `hcl:"-"` EnableRawEndpointRaw interface{} `hcl:"raw_storage_endpoint"` APIAddr string `hcl:"api_addr"` ClusterAddr string `hcl:"cluster_addr"` DisableClustering bool `hcl:"-"` DisableClusteringRaw interface{} `hcl:"disable_clustering"` DisablePerformanceStandby bool `hcl:"-"` DisablePerformanceStandbyRaw interface{} `hcl:"disable_performance_standby"` DisableSealWrap bool `hcl:"-"` DisableSealWrapRaw interface{} `hcl:"disable_sealwrap"` DisableIndexing bool `hcl:"-"` DisableIndexingRaw interface{} `hcl:"disable_indexing"` }
Config is the configuration for the vault server.
func LoadConfig ¶
LoadConfig loads the configuration at the given path, regardless if its a file or directory.
func LoadConfigDir ¶
LoadConfigDir loads all the configurations in the given directory in alphabetical order.
func LoadConfigFile ¶
LoadConfigFile loads the configuration from the given file.
func ParseConfig ¶ added in v0.5.2
func (*Config) Sanitized ¶ added in v1.3.0
Sanitized returns a copy of the config with all values that are considered sensitive stripped. It also strips all `*Raw` values that are mainly used for parsing.
Specifically, the fields that this method strips are: - Storage.Config - HAStorage.Config - Seals.Config - Telemetry.CirconusAPIToken
type Entropy ¶ added in v1.3.0
type Entropy struct {
Mode EntropyMode
}
type EntropyMode ¶ added in v1.3.0
type EntropyMode int
Entropy contains Entropy configuration for the server
const ( Unknown EntropyMode = iota Augmentation )
type ListenerFactory ¶
type ListenerFactory func(map[string]interface{}, io.Writer, cli.Ui) (net.Listener, map[string]string, reload.ReloadFunc, error)
ListenerFactory is the factory function to create a listener.
type Storage ¶ added in v0.7.0
type Storage struct { Type string RedirectAddr string ClusterAddr string DisableClustering bool Config map[string]string }
Storage is the underlying storage configuration for the server.
type TCPKeepAliveListener ¶ added in v1.1.0
type TCPKeepAliveListener struct {
*net.TCPListener
}
TCPKeepAliveListener sets TCP keep-alive timeouts on accepted connections. It's used by ListenAndServe and ListenAndServeTLS so dead TCP connections (e.g. closing laptop mid-download) eventually go away.
This is copied directly from the Go source code.
type Telemetry ¶ added in v0.3.0
type Telemetry struct { StatsiteAddr string `hcl:"statsite_address"` StatsdAddr string `hcl:"statsd_address"` DisableHostname bool `hcl:"disable_hostname"` EnableHostnameLabel bool `hcl:"enable_hostname_label"` // CirconusAPIToken is a valid API Token used to create/manage check. If provided, // metric management is enabled. // Default: none CirconusAPIToken string `hcl:"circonus_api_token"` // CirconusAPIApp is an app name associated with API token. // Default: "consul" CirconusAPIApp string `hcl:"circonus_api_app"` // CirconusAPIURL is the base URL to use for contacting the Circonus API. // Default: "https://api.circonus.com/v2" CirconusAPIURL string `hcl:"circonus_api_url"` // CirconusSubmissionInterval is the interval at which metrics are submitted to Circonus. // Default: 10s CirconusSubmissionInterval string `hcl:"circonus_submission_interval"` // CirconusCheckSubmissionURL is the check.config.submission_url field from a // previously created HTTPTRAP check. // Default: none CirconusCheckSubmissionURL string `hcl:"circonus_submission_url"` // CirconusCheckID is the check id (not check bundle id) from a previously created // HTTPTRAP check. The numeric portion of the check._cid field. // Default: none CirconusCheckID string `hcl:"circonus_check_id"` // CirconusCheckForceMetricActivation will force enabling metrics, as they are encountered, // if the metric already exists and is NOT active. If check management is enabled, the default // behavior is to add new metrics as they are encountered. If the metric already exists in the // check, it will *NOT* be activated. This setting overrides that behavior. // Default: "false" CirconusCheckForceMetricActivation string `hcl:"circonus_check_force_metric_activation"` // CirconusCheckInstanceID serves to uniquely identify the metrics coming from this "instance". // It can be used to maintain metric continuity with transient or ephemeral instances as // they move around within an infrastructure. // Default: hostname:app CirconusCheckInstanceID string `hcl:"circonus_check_instance_id"` // CirconusCheckSearchTag is a special tag which, when coupled with the instance id, helps to // narrow down the search results when neither a Submission URL or Check ID is provided. // Default: service:app (e.g. service:consul) CirconusCheckSearchTag string `hcl:"circonus_check_search_tag"` // CirconusCheckTags is a comma separated list of tags to apply to the check. Note that // the value of CirconusCheckSearchTag will always be added to the check. // Default: none CirconusCheckTags string `hcl:"circonus_check_tags"` // CirconusCheckDisplayName is the name for the check which will be displayed in the Circonus UI. // Default: value of CirconusCheckInstanceID CirconusCheckDisplayName string `hcl:"circonus_check_display_name"` // CirconusBrokerID is an explicit broker to use when creating a new check. The numeric portion // of broker._cid. If metric management is enabled and neither a Submission URL nor Check ID // is provided, an attempt will be made to search for an existing check using Instance ID and // Search Tag. If one is not found, a new HTTPTRAP check will be created. // Default: use Select Tag if provided, otherwise, a random Enterprise Broker associated // with the specified API token or the default Circonus Broker. // Default: none CirconusBrokerID string `hcl:"circonus_broker_id"` // CirconusBrokerSelectTag is a special tag which will be used to select a broker when // a Broker ID is not provided. The best use of this is to as a hint for which broker // should be used based on *where* this particular instance is running. // (e.g. a specific geo location or datacenter, dc:sfo) // Default: none CirconusBrokerSelectTag string `hcl:"circonus_broker_select_tag"` // Dogstats: // DogStatsdAddr is the address of a dogstatsd instance. If provided, // metrics will be sent to that instance DogStatsDAddr string `hcl:"dogstatsd_addr"` // DogStatsdTags are the global tags that should be sent with each packet to dogstatsd // It is a list of strings, where each string looks like "my_tag_name:my_tag_value" DogStatsDTags []string `hcl:"dogstatsd_tags"` // Prometheus: // PrometheusRetentionTime is the retention time for prometheus metrics if greater than 0. // Default: 24h PrometheusRetentionTime time.Duration `hcl:"-"` PrometheusRetentionTimeRaw interface{} `hcl:"prometheus_retention_time"` // Stackdriver: // StackdriverProjectID is the project to publish stackdriver metrics to. StackdriverProjectID string `hcl:"stackdriver_project_id"` // StackdriverLocation is the GCP or AWS region of the monitored resource. StackdriverLocation string `hcl:"stackdriver_location"` // StackdriverNamespace is the namespace identifier, such as a cluster name. StackdriverNamespace string `hcl:"stackdriver_namespace"` }
Telemetry is the telemetry configuration for the server