Documentation ¶
Overview ¶
Package config adds local extensions to viper as well as supporting Geneos encryption key files and basic encryption and decryption.
Expandable Formats ¶
The Expand family of functions return the input with all occurrences of the form ${name} replaced using an os.Expand-like function (but without support for $name in the input) for the built-in and optional formats (in the order of priority) below. The caller can use options to define additional expansion functions based on a "prefix:", disable external lookups and also to pass in lookup tables referred to as value maps.
${enc:keyfile[|keyfile...]:encodedvalue} "encodedvalue" is an AES256 ciphertext in Geneos format - or, if not prefixed with `+encs+` then it is processed as an expandable string itself and can be a reference to another configuration key or a file or remote url containing one - which will be decoded using the key file(s) given. Each "keyfile" must be one of either an absolute path, a path relative to the working directory of the program, or if prefixed with "~/" then relative to the home directory of the user running the program. The first valid decode (see below) is returned. To minimise (but not wholly eliminate) any false-positive decodes that occur in some circumstances when using the wrong key file, the decoded value is only returned if it is a valid UTF-8 string as per [utf8.Valid]. This prefix can be disabled with the `config.NoDecode()` option. Note: The keyfile(s) can be in Windows file path format as the fields for keyfiles and the encoded value are split based on the last colon (`:`) in the string and not any contained in a drive letter path. On Windows paths may also contain normal backslashes, they are not considered escape characters once extracted from the underlying configuration syntax (which may impose it's own rules, e.g. JSON) Examples: - password: ${enc:~/.keyfile:+encs+9F2C3871E105EC21E4F0D5A7921A937D} - password: ${enc:/etc/geneos/keyfile.aes:env:ENCODED_PASSWORD} - password: ${enc:~/.config/geneos/keyfile1.aes:app.password} - password: ${enc:~/.keyfile.aes:config:mySecret} ${config:key} or ${path.to.config} Fetch the "key" configuration value (for single layered configurations, where a sub-level dot cannot be used) or if any value containing one or more dots "." will be looked-up in the existing configuration that the method is called on. The underlying configuration is not changed and values are resolved each time ExpandString() is called. No locking of the configuration is done. ${key} "key" will be substituted with the value of the first matching key from the tables set using config.LookupTable(), in the order passed to the function. If no lookup tables are set (as opposed to the key not being found in any of the tables) then name is looked up as an environment variable, as below. ${env:name} "name" will be substituted with the contents of the environment variable of the same name. If no environment variable with name exists then the value returned is an empty string. The additional prefixes below are enabled by default. They can be disabled using the config.ExternalLookups() option. ${.../path/to/file} or ${~/file} or ${file://path/to/file} or ${file:~/path/to/file} The contents of the referenced file will be read. Multiline files are used as-is; this can, for example, be used to read PEM certificate files or keys. If the path is prefixed with `~/` (or as an addition to a standard file url, if the first `/` is replaced with a tilde `~`) then the path is relative to the home directory of the user running the process. Any name that contains a `/` but not a `:` will be treated as a file, if file reading is enabled. File paths can be absolute or relative to the working directory (or relative to the home directory, as above) For Windows file paths you must use the URL style `${file:...}` formats, otherwise any drive identifier will be treated as a partial expansion type and cause unexpected behaviour. Examples: - certfile: ${file://etc/ssl/cert.pem} - template: ${file:~/templates/autogen.gotmpl} - relative: ${./file.txt} ${https://host/path} or ${http://host/path} The contents of the URL are fetched and used similarly as for local files above. The URL is passed to [http.Get] and supports proxies, embedded Basic Authentication and other features from that function. The prefix below can be enabled with the config.Expressions() option. ${expr:EXPRESSION} EXPRESSION is evaluated using https://github.com/maja42/goval. Inside the expression all configuration items are available as variables with the top level map `env` set to the environment variables available. All results are returned as strings. An empty string may mean there was an error in evaluating the expression.
Additional custom prefixes can be added with the config.Prefix() option.
The bare form "$name" is NOT supported, unlike os.Expand as this can unexpectedly match values containing valid literal dollar signs.
Expansion is not recursive. Configuration values are read and stored as literals and are expanded each time they are used. For each substitution any leading and trailing whitespace are removed. External sources are fetched each time they are used and so there may be a performance impact as well as the value unexpectedly changing during a process lifetime.
Any errors (particularly from substitutions from external files or remote URLs) will result in an empty or corrupt string being returned. Error returns are intentionally discarded and an empty string substituted. Where a value contains multiple expandable items processing will continue even after an error for one of them.
It is not currently possible to escape the syntax supported by ExpandString and if it is necessary to have a configuration value be a literal of the form "${name}" then you can set an otherwise unused item to the value and refer to it using the dotted syntax, e.g. for YAML
config: real: ${config.literal} literal: "${unchanged}"
In the above a reference to ${config.real} will return the literal string ${unchanged} as there is no recursive lookups.
Index ¶
- Constants
- Variables
- func AbbreviateHome(p string) string
- func AddCreds(creds Credentials, options ...FileOptions) (err error)
- func AllKeys() []string
- func AllSettings() map[string]any
- func AppConfigDir() string
- func AutomaticEnv()
- func BindEnv(input ...string) error
- func Checksum(data io.Reader) (crc uint32, err error)
- func ConfigFileUsed() string
- func CreateCertificateAndKey(template, parent *x509.Certificate, ...) (cert *x509.Certificate, certKeyDER *memguard.Enclave, err error)
- func CreateRootCert(h host.Host, basefilepath string, cn string, overwrite bool, keytype string) (err error)
- func CreateSigningCert(h host.Host, basefilepath string, rootbasefilepath string, cn string, ...) (err error)
- func DefaultFileExtension(extension string)
- func DefaultKeyDelimiter(delimiter string)
- func DeleteAllCreds(options ...FileOptions) (err error)
- func DeleteCreds(domain string, options ...FileOptions) (err error)
- func Delimiter() string
- func Expand(input string, options ...ExpandOptions) (value []byte)
- func ExpandHome(p string) string
- func ExpandHomeBytes(p []byte) []byte
- func ExpandString(input string, options ...ExpandOptions) (value string)
- func ExpandStringSlice(input []string, options ...ExpandOptions) []string
- func ExpandToEnclave(input string, options ...ExpandOptions) *memguard.Enclave
- func ExpandToLockedBuffer(input string, options ...ExpandOptions) (value *memguard.LockedBuffer)
- func ExtractCertificatePEM(h host.Host, path string) (data []byte, err error)
- func ExtractPrivateKeyPEM(h host.Host, pt string) (key *memguard.Enclave, err error)
- func Get(key string) any
- func GetBool(key string) bool
- func GetBytes(s string, options ...ExpandOptions) []byte
- func GetDuration(key string) time.Duration
- func GetFloat64(key string) float64
- func GetInt(s string, options ...ExpandOptions) int
- func GetInt64(s string, options ...ExpandOptions) int64
- func GetSliceStringMapString(s string, options ...ExpandOptions) (result []map[string]string)
- func GetString(s string, options ...ExpandOptions) string
- func GetStringMap(key string) any
- func GetStringMapString(s string, options ...ExpandOptions) map[string]string
- func GetStringMapStringSlice(key string) map[string][]string
- func GetStringSlice(s string, options ...ExpandOptions) []string
- func GetUint(key string) uint
- func GetUint16(key string) uint16
- func IsSet(key string) bool
- func Join(parts ...string) string
- func MatchKey(cert *x509.Certificate, derkeys []*memguard.Enclave) int
- func MergeConfigMap(vals map[string]any) error
- func NewPrivateKey(keytype string) (der *memguard.Enclave, err error)
- func ParseCertificate(h host.Host, certfile string) (cert *x509.Certificate, err error)
- func ParseCertificates(h host.Host, p string) (certs []*x509.Certificate, err error)
- func ParseKey(der *memguard.Enclave) (privateKey any, publickey crypto.PublicKey, err error)
- func Path(name string, options ...FileOptions) string
- func PrivateKeyType(der *memguard.Enclave) (keytype string)
- func PromoteFile(r host.Host, paths ...string) (final string)
- func PublicKey(der *memguard.Enclave) (publickey crypto.PublicKey, err error)
- func ReadCertChain(h host.Host, path string) (pool *x509.CertPool)
- func ReadCertificates(h host.Host, path string) (certs []*x509.Certificate)
- func ReadInputPEMString(from, prompt string) (data string, err error)
- func ReadPrivateKey(h host.Host, pt string) (key *memguard.Enclave, err error)
- func ReadPrivateKeyBytes(pembytes []byte) (key *memguard.Enclave, err error)
- func ReadUserInputLine(format string, args ...any) (input string, err error)
- func RegisterAlias(alias, key string)
- func ResetConfig(options ...FileOptions)
- func Save(name string, options ...FileOptions) (err error)
- func Set(key string, value interface{})
- func SetDefault(key string, value any)
- func SetEnvPrefix(prefix string)
- func SetKeyValues(items ...string)
- func SetString(key, value string, options ...ExpandOptions)
- func SetStringMapString(m string, vals map[string]string, options ...ExpandOptions)
- func SetStringSlice(key string, values []string, options ...ExpandOptions)
- func UnmarshalKey(key string, rawVal interface{}, opts ...viper.DecoderConfigOption) error
- func UserConfigDir(username ...string) (confdir string, err error)
- func UserHomeDir(username ...string) (home string, err error)
- func WriteCert(h host.Host, p string, cert *x509.Certificate) (err error)
- func WriteCertChain(h host.Host, p string, certs ...*x509.Certificate) (err error)
- func WritePrivateKey(h host.Host, pt string, key *memguard.Enclave) (err error)
- type Config
- func (c *Config) AllKeys() (keys []string)
- func (c *Config) AllSettings() (value map[string]any)
- func (c *Config) AppConfigDir() string
- func (c *Config) AutomaticEnv()
- func (c *Config) BindEnv(input ...string) (err error)
- func (c *Config) ConfigFileUsed() (f string)
- func (c *Config) DefaultExpandOptions(options ...ExpandOptions)
- func (c *Config) Delimiter() string
- func (c *Config) Expand(input string, options ...ExpandOptions) (value []byte)
- func (c *Config) ExpandAllSettings(options ...ExpandOptions) (all map[string]interface{})
- func (c *Config) ExpandRawString(s string, options ...ExpandOptions) (value string, err error)
- func (c *Config) ExpandString(input string, options ...ExpandOptions) (value string)
- func (c *Config) ExpandStringSlice(input []string, options ...ExpandOptions) (vals []string)
- func (c *Config) ExpandToEnclave(input string, options ...ExpandOptions) (value *memguard.Enclave)
- func (c *Config) ExpandToLockedBuffer(input string, options ...ExpandOptions) (value *memguard.LockedBuffer)
- func (c *Config) ExpandToPassword(input string, options ...ExpandOptions) *Plaintext
- func (cf *Config) FindCreds(p string) (creds *Config)
- func (c *Config) Get(key string) (value any)
- func (c *Config) GetBool(key string) (value bool)
- func (c *Config) GetBytes(s string, options ...ExpandOptions) []byte
- func (c *Config) GetDuration(key string) (value time.Duration)
- func (c *Config) GetFloat64(key string) (value float64)
- func (c *Config) GetInt(s string, options ...ExpandOptions) (i int)
- func (c *Config) GetInt64(s string, options ...ExpandOptions) (i int64)
- func (c *Config) GetPassword(key string, options ...ExpandOptions) *Plaintext
- func (c *Config) GetSliceStringMapString(s string, options ...ExpandOptions) (result []map[string]string)
- func (c *Config) GetString(s string, options ...ExpandOptions) string
- func (c *Config) GetStringMap(key string) (value map[string]any)
- func (c *Config) GetStringMapString(key string, options ...ExpandOptions) (m map[string]string)
- func (c *Config) GetStringMapStringSlice(key string) (values map[string][]string)
- func (c *Config) GetStringSlice(s string, options ...ExpandOptions) (slice []string)
- func (c *Config) GetUint(key string) (value uint)
- func (c *Config) GetUint16(key string) (value uint16)
- func (c *Config) IsSet(key string) (value bool)
- func (c *Config) Join(parts ...string) string
- func (c *Config) MergeConfigMap(vals map[string]any) (err error)
- func (c *Config) MergeHOCONConfig(conf string) (err error)
- func (c *Config) MergeHOCONFile(p string) (err error)
- func (c *Config) RegisterAlias(alias, key string)
- func (cf *Config) Save(name string, options ...FileOptions) (err error)
- func (c *Config) Set(key string, value interface{})
- func (c *Config) SetDefault(key string, value any)
- func (c *Config) SetEnvPrefix(prefix string)
- func (c *Config) SetKeyValues(items ...string)
- func (c *Config) SetString(key, value string, options ...ExpandOptions)
- func (c *Config) SetStringMapString(m string, vals map[string]string, options ...ExpandOptions)
- func (c *Config) SetStringSlice(key string, values []string, options ...ExpandOptions)
- func (c *Config) Sub(key string) *Config
- func (c *Config) UnmarshalKey(key string, rawVal interface{}, opts ...viper.DecoderConfigOption) error
- type Credentials
- type ExpandOptions
- func Default(value any) ExpandOptions
- func Expressions(yes bool) ExpandOptions
- func ExternalLookups(yes bool) ExpandOptions
- func Initial(value any) ExpandOptions
- func LookupTable(values ...map[string]string) ExpandOptions
- func LookupTables(values []map[string]string) ExpandOptionsdeprecated
- func NoDecode(n bool) ExpandOptions
- func NoExpand() ExpandOptions
- func Prefix(prefix string, fn func(*Config, string, bool) (string, error)) ExpandOptions
- func Replace(name string) ExpandOptions
- func TrimPrefix() ExpandOptions
- func TrimSpace(yes bool) ExpandOptions
- func UseKeyfile(file string) ExpandOptions
- type FileOptions
- func AddDirs(paths ...string) FileOptions
- func FromDir(dir string) FileOptions
- func Host(r host.Host) FileOptions
- func IgnoreSystemDir() FileOptions
- func IgnoreUserConfDir() FileOptions
- func IgnoreWorkingDir() FileOptions
- func KeyDelimiter(delimiter string) FileOptions
- func MergeSettings() FileOptions
- func MustExist() FileOptions
- func SetAppName(name string) FileOptions
- func SetConfigFile(p string) FileOptions
- func SetConfigReader(in io.Reader) FileOptions
- func SetFileExtension(extension string) FileOptions
- func StopOnInternalDefaultsErrors() FileOptions
- func UseDefaults(b bool) FileOptions
- func UseGlobal() FileOptions
- func WatchConfig(notify ...func(fsnotify.Event)) FileOptions
- func WithDefaults(defaults []byte, format string) FileOptions
- func WithEnvs(prefix string, delimiter string) FileOptions
- type KeyFile
- func (k *KeyFile) Base() string
- func (k *KeyFile) Concat(extras ...string) string
- func (k *KeyFile) CreateWithBackup(h host.Host, backup string) (crc uint32, err error)
- func (k *KeyFile) Decode(h host.Host, input []byte) (plaintext []byte, err error)
- func (k *KeyFile) DecodeEnclave(h host.Host, input []byte) (plaintext *memguard.Enclave, err error)
- func (k *KeyFile) DecodeString(h host.Host, input string) (plaintext string, err error)
- func (k *KeyFile) Dir() string
- func (k *KeyFile) Encode(h host.Host, plaintext *Plaintext, expandable bool) (out string, err error)
- func (k *KeyFile) EncodePasswordInput(h host.Host, expandable bool) (out string, err error)
- func (k *KeyFile) EncodeString(h host.Host, plaintext string, expandable bool) (out string, err error)
- func (k *KeyFile) Read(h host.Host) (kv *KeyValues, err error)
- func (k *KeyFile) ReadOrCreate(h host.Host, create bool) (crc32 uint32, created bool, err error)
- func (k *KeyFile) Set(value string) error
- func (k *KeyFile) String() string
- func (k *KeyFile) Type() string
- func (k *KeyFile) Write(h host.Host, kv *KeyValues) (err error)
- type KeyValues
- func (kv *KeyValues) Checksum() (c uint32, err error)
- func (kv *KeyValues) ChecksumString() (c string, err error)
- func (kv *KeyValues) Decode(in []byte) (out []byte, err error)
- func (kv *KeyValues) DecodeEnclave(in []byte) (out *memguard.Enclave, err error)
- func (kv *KeyValues) DecodeString(in string) (out string, err error)
- func (kv *KeyValues) Encode(plaintext *Plaintext) (out []byte, err error)
- func (kv *KeyValues) EncodeString(plaintext string) (out string, err error)
- func (kv *KeyValues) String() string
- func (kv *KeyValues) Write(w io.Writer) error
- type Plaintext
Constants ¶
const DefaultKeyType = "ecdh"
DefaultKeyType is the default key type
Variables ¶
var ErrNoUserConfigDir = errors.New("cannot resolve user config directory, check $USER and $HOME exist")
var ErrNotInteractive = errors.New("not an interactive session")
ErrNotInteractive is returned when input is required and STDIN is a named pipe
Functions ¶
func AbbreviateHome ¶ added in v1.13.0
AbbreviateHome replaces the user's home directory prefix on path p with `~/` and cleans the result. If the home directory is not present, or there is an error resolving it, then a cleaned copy of the original string is returned.
func AddCreds ¶ added in v1.5.0
func AddCreds(creds Credentials, options ...FileOptions) (err error)
AddCreds adds credentials to the "credentials" file identified by the options. creds.Domain is used as the key for matching later on. Any existing credential with the same Domain is overwritten. If there is an error un the underlying routines it is returned without change.
func AllSettings ¶ added in v1.10.0
func AppConfigDir ¶ added in v1.5.2
func AppConfigDir() string
AppConfigDir returns the application configuration directory
func AutomaticEnv ¶ added in v1.10.0
func AutomaticEnv()
func Checksum ¶
Checksum reads from io.Reader data until EOF (or other error) and returns crc as the 32-bit IEEE checksum. data should be closed by the caller on return. If there is an error reading from r then err is returned with the reason.
func ConfigFileUsed ¶ added in v1.10.0
func ConfigFileUsed() string
func CreateCertificateAndKey ¶ added in v1.7.0
func CreateCertificateAndKey(template, parent *x509.Certificate, signingKeyDER, existingKeyDER *memguard.Enclave) (cert *x509.Certificate, certKeyDER *memguard.Enclave, err error)
CreateCertificateAndKey is a wrapper to create a new certificate given the signing cert and key and an optional private key to (re)use for the certificate creation. Returns a certificate and private key. Keys are usually PKCS#8 encoded and so need parsing after unsealing.
func CreateRootCert ¶ added in v1.5.1
func CreateRootCert(h host.Host, basefilepath string, cn string, overwrite bool, keytype string) (err error)
CreateRootCert creates a new root certificate and private key and saves it with dir and file basefilepath with .pem and .key extensions. If overwrite is true then any existing certificate and key is overwritten.
func CreateSigningCert ¶ added in v1.5.1
func CreateSigningCert(h host.Host, basefilepath string, rootbasefilepath string, cn string, overwrite bool) (err error)
CreateSigningCert creates a new signing certificate and private key with the path and file bane name basefilepath. You must provide a valid root certificate and key in rootbasefilepath. If overwrite is true than any existing cert and key are overwritten.
func DefaultFileExtension ¶ added in v1.6.0
func DefaultFileExtension(extension string)
DefaultFileExtension sets the default file extension for all future calls to config.New() and config.Load(). The initial default is "json"
func DefaultKeyDelimiter ¶ added in v1.5.0
func DefaultKeyDelimiter(delimiter string)
DefaultKeyDelimiter sets the default key delimiter for all future calls to config.New() and config.Load(). The default is ".". You can use "::" if your keys are likely to contain "." such as domains, ipv4 addresses or version numbers. Use something else if keys are likely to be ipv6 addresses.
func DeleteAllCreds ¶ added in v1.5.0
func DeleteAllCreds(options ...FileOptions) (err error)
DeleteAllCreds will remove all the credentials in the credentials file identified by options.
func DeleteCreds ¶ added in v1.5.0
func DeleteCreds(domain string, options ...FileOptions) (err error)
DeleteCreds removes the entry for domain from the credentials file identified by options.
func Delimiter ¶ added in v1.8.0
func Delimiter() string
Delimiter returns the global config key delimiter
func Expand ¶ added in v1.4.1
func Expand(input string, options ...ExpandOptions) (value []byte)
Expand behaves like ExpandString but returns a byte slice.
This should be used where the return value may contain sensitive data and an immutable string cannot be destroyed after use.
func ExpandHome ¶ added in v1.13.0
ExpandHome replaces a leading `~/` on p with the user's home directory. If p does not have a prefix of `~/` then a cleaned copy is returned. If there is an error resolving the user's home directory then the path is returned relative to the root directory, i.e. with just the `~` removed (and cleaned).
func ExpandHomeBytes ¶ added in v1.13.2
ExpandHomeBytes replaces a leading `~/` on p with the user's home directory. If p does not have a prefix of `~/` then a cleaned copy is returned. If there is an error resolving the user's home directory then the path is returned relative to the root directory, i.e. with just the `~` removed (and cleaned).
func ExpandString ¶ added in v1.3.0
func ExpandString(input string, options ...ExpandOptions) (value string)
ExpandString returns the global configuration value for input as an expanded string. The returned string is always a freshly allocated value.
func ExpandStringSlice ¶ added in v1.6.0
func ExpandStringSlice(input []string, options ...ExpandOptions) []string
ExpandStringSlice applies ExpandString to each member of the input slice
func ExpandToEnclave ¶ added in v1.5.0
func ExpandToEnclave(input string, options ...ExpandOptions) *memguard.Enclave
ExpandToEnclave expands the input string and returns a sealed enclave. The option TrimSpace is ignored.
func ExpandToLockedBuffer ¶ added in v1.5.0
func ExpandToLockedBuffer(input string, options ...ExpandOptions) (value *memguard.LockedBuffer)
ExpandToLockedBuffer expands the input string and returns a sealed enclave. The option TrimSpace is ignored.
func ExtractCertificatePEM ¶ added in v1.13.0
ExtractCertificatePEM reads the first PEM encoded certificate from file at path p on host h and returns the block
func ExtractPrivateKeyPEM ¶ added in v1.13.0
ExtractPrivateKeyPEM reads a unencrypted, PEM-encoded private key as a memguard Enclave
func GetBytes ¶ added in v1.5.0
func GetBytes(s string, options ...ExpandOptions) []byte
GetBytes functions like viper.GetString but additionally calls Expand with the configuration value, passing any "values" maps and returning a byte slice
func GetDuration ¶ added in v1.10.0
func GetFloat64 ¶ added in v1.11.0
func GetInt ¶ added in v1.4.3
func GetInt(s string, options ...ExpandOptions) int
GetInt functions like viper.GetInt but additionally calls ExpandString with the configuration value, passing any "values" maps. If the conversion fails then the value returned will be the one from strconv.ParseInt - typically 0 but can be the maximum integer value
func GetInt64 ¶ added in v1.4.3
func GetInt64(s string, options ...ExpandOptions) int64
GetInt64 functions like viper.GetInt but additionally calls ExpandString with the configuration value, passing any "values" maps. If the conversion fails then the value returned will be the one from strconv.ParseInt - typically 0 but can be the maximum integer value
func GetSliceStringMapString ¶ added in v1.6.0
func GetSliceStringMapString(s string, options ...ExpandOptions) (result []map[string]string)
GetSliceStringMapString returns a slice of string maps for the key s, it iterates over all values in all maps and applies the ExpandString with the options given
func GetString ¶
func GetString(s string, options ...ExpandOptions) string
GetString functions like viper.GetString but additionally calls ExpandString with the configuration value, passing any "values" maps
func GetStringMap ¶ added in v1.10.0
func GetStringMapString ¶
func GetStringMapString(s string, options ...ExpandOptions) map[string]string
GetStringMapString functions like viper.GetStringMapString but additionally calls ExpandString on each value element of the map, passing any "values" maps
func GetStringMapStringSlice ¶ added in v1.10.0
func GetStringSlice ¶
func GetStringSlice(s string, options ...ExpandOptions) []string
GetStringSlice functions like viper.GetStringSlice but additionally calls ExpandString on each element of the slice, passing any "values" maps
func Join ¶ added in v1.5.0
Join returns a configuration key made up of parts joined with the default delimiter for the global configuration object.
func MatchKey ¶ added in v1.13.0
func MatchKey(cert *x509.Certificate, derkeys []*memguard.Enclave) int
MatchKey tests the slice derkeys of private keys against the x509 cert and returns the index of the first match, or -1 if none of the keys match.
func MergeConfigMap ¶ added in v1.10.0
func NewPrivateKey ¶ added in v1.5.1
NewPrivateKey returns a PKCS#8 DER encoded private key as an enclave.
func ParseCertificate ¶ added in v1.7.0
ParseCertificate reads a PEM encoded cert from path on host h, return the first found as a parsed certificate. The returned certificate is not verified or validated beyond that of the underlying Go x509 package parsing functions.
func ParseCertificates ¶ added in v1.7.0
ParseCertificates reads a PEM encoded file from host h and returns all the certificates found (using the same rules as x509.ParseCertificates). The returned certificates are not verified or validated beyond that of the underlying Go x509 package parsing functions.
func ParseKey ¶ added in v1.7.0
ParseKey tries to parse the DER encoded private key enclave, first as PKCS#8 and then as a PKCS#1 and finally as SEC1 (EC) if that fails. It returns the private and public keys or an error
func Path ¶ added in v1.5.0
func Path(name string, options ...FileOptions) string
Path returns the full path to the first regular file found (potentially on a remote host if config.Remote() is used) that would be opened by Load given the same options. If no file is found then a path to the expected file in the first configured directory is returned. This allows for a default value to be returned for new files. If no directories are used then the plain filename is returned.
func PrivateKeyType ¶ added in v1.8.0
PrivateKeyType returns the type of the DER encoded private key, suitable for use to NewPrivateKey
func PromoteFile ¶ added in v1.5.0
PromoteFile iterates over paths and finds the first regular file that exists. If this is not the first element in the paths slice then the found file is renamed to the path of the first element. The resulting final path is returned.
If the first element of paths is an empty string then no rename takes place and the first existing file is returned. If the first element is a directory then the file is moved into that directory through a rename operation and a file with the first matching basename of any other arguments is returned (this avoids the second call returning nothing).
func PublicKey ¶ added in v1.8.0
PublicKey parses the DER encoded private key enclave and returns the public key if successful. It will first try as PKCS#8 and then PKCS#1 if that fails. Using this over the more general ParseKey() ensures the decoded private key is not returned to the caller when not required.
func ReadCertChain ¶ added in v1.8.0
ReadCertChain returns a certificate pool loaded from the file on host h at path. If there is any error a nil pointer is returned.
func ReadCertificates ¶ added in v1.13.0
func ReadCertificates(h host.Host, path string) (certs []*x509.Certificate)
ReadCerts reads and decodes all certificates from the PEM file on host h at path.
func ReadInputPEMString ¶ added in v1.13.0
ReadInputPEMString reads and returns a PEM formatted input (without validation) from one of these sources:
- If `from` is empty then an empty string is returned
- If `from` is a dash (`-`) then data is read from STDIN the after the user is prompted with `Paste PEM formatted [PROMPT], end with newline + CTRL-D:` where `[PROMPT]` is taken from the prompt argument.
- If `from` has the prefix `pem:` then the data is taken from the remainder of the argument.
- Otherwise the file at the path pointed to by `from` is read and returned
Any error when reading the input is returned.
func ReadPrivateKey ¶ added in v1.7.0
ReadPrivateKey reads a unencrypted, PEM-encoded private key and saves the der format key in a memguard.Enclave
func ReadPrivateKeyBytes ¶ added in v1.13.0
ReadPrivateKeyBytes looks for the first "PRIVATE KEY" in the PEM formatted data slice and returns it as a memguard enclave. If no key is found an error is returned.
func ReadUserInputLine ¶ added in v1.13.0
ReadUserInputLine reads input from Stdin and returns the line unless there is an error. The prompt is made up from format and args (passed to fmt.Sprintf) and then shown to the user as-is. If STDIN is a named pipe (and not interactive) then a syscall.ENOTTY is returned.
func RegisterAlias ¶ added in v1.10.0
func RegisterAlias(alias, key string)
func ResetConfig ¶ added in v1.5.0
func ResetConfig(options ...FileOptions)
ResetConfig reinitialises the global configuration object. Existing settings will be copied over. This is primarily to be able to change the default delimiter after start-up.
func Save ¶ added in v1.5.0
func Save(name string, options ...FileOptions) (err error)
Save writes the global configuration to a configuration file defined by the component name and options
func SetDefault ¶ added in v1.10.0
func SetEnvPrefix ¶ added in v1.10.0
func SetEnvPrefix(prefix string)
func SetKeyValues ¶ added in v1.5.0
func SetKeyValues(items ...string)
SetKeyValues takes a list of `key-value` pairs as strings and applies them to the global configuration object. Items without an `=` are skipped.
func SetString ¶ added in v1.10.0
func SetString(key, value string, options ...ExpandOptions)
SetString sets the key to the value with options applied. This applies to the global configuration struct. See the other SetString for detailed behaviour.
func SetStringMapString ¶ added in v1.4.3
func SetStringMapString(m string, vals map[string]string, options ...ExpandOptions)
SetStringMapString iterates over a map[string]string and sets each key to the value given. Viper's Set() doesn't support maps until the configuration is written to and read back from a file.
func SetStringSlice ¶ added in v1.10.0
func SetStringSlice(key string, values []string, options ...ExpandOptions)
SetStringSlice sets the key to a slice of strings applying the replacement options as for SetString to each member of the slice
func UnmarshalKey ¶ added in v1.7.2
func UnmarshalKey(key string, rawVal interface{}, opts ...viper.DecoderConfigOption) error
func UserConfigDir ¶ added in v1.3.2
UserConfigDir returns the configuration directory for username, or is none given then the current user. If os.UserConfigDir() fails then we lookup the user and return a path relative to the homedir (which works around empty environments)
func UserHomeDir ¶ added in v1.11.0
UserHomeDir returns the home directory for username, or if none given then the current user. This works around empty environments by falling back to looking up the user.
func WriteCertChain ¶ added in v1.8.0
WriteCertChain concatenate certs and writes to path on host h
Types ¶
type Config ¶
type Config struct { Viper *viper.Viper Type string // The type of configuration file loaded // contains filtered or unexported fields }
Config embeds Viper
func FindCreds ¶ added in v1.5.0
func FindCreds(p string, options ...FileOptions) (creds *Config)
FindCreds looks for matching credentials in a default "credentials" file. Options are the same as for Load but the default KeyDelimiter is set to "::" as credential domains are likely to be hostnames or URLs. The longest match wins.
func Load ¶ added in v1.5.0
func Load(name string, options ...FileOptions) (cf *Config, err error)
Load reads configuration values from internal defaults, external defaults and configuration files. The directories searched and the configuration file names can be controlled using options. The first match is loaded unless the config.MergeSettings() option is used, in which case all defaults are merged and then all non-defaults are merged in the order they were given.
Examples:
config.Load("geneos", config.SetGlobal()) //go:embed somefile.json var myDefaults []byte cf, err := config.Load("geneos", config.WithDefaults(myDefaults, "json"), config.SetConfigFile(configPath), ) if err != nil { ...
Options can be passed to change the default behaviour and to pass any embedded defaults or an existing viper.
for defaults see: https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
Regardless of errors loading configurations a configuration object is always returned.
The returned config object may be made up from multiple sources so there is no simple way of getting the name of the final configuration file used.
If the LoadFrom() option is set then all file access is via the given remote. Defaults and the primary configuration cannot be loaded from different remotes. The default is "localhost".
Is the SetConfigReader() option is passed to load the configuration from an io.Reader then this takes precedence over file discovery or SetConfigFile(). The configuration file format should be set with SetFileExtension() or it defaults as above.
func New ¶
func New(options ...FileOptions) *Config
New returns a Config instance initialised with a new viper instance. Can be called with config.DefaultExpandOptions(...) to set defaults for future calls that use Expand.
func ReadHOCONFile ¶ added in v1.4.1
ReadHOCONFile loads a HOCON format configuration from file. To control behaviour and options like config.Load() use MergeHOCONConfig() or MergeHOCONFile() with an existing config.Config structure.
func Sub ¶ added in v1.11.0
Sub returns a Config instance rooted at the key passed. If key does not exist then an empty config structure is returned, unlike viper which returns nil. It uses the mutex pointer from the caller so that locking of sub-config objects also applies to the original.
Note that viper.Sub() does NOT merge defaults
func (*Config) AllSettings ¶ added in v1.10.0
func (*Config) AppConfigDir ¶ added in v1.5.2
AppConfigDir returns the application configuration directory
func (*Config) AutomaticEnv ¶ added in v1.10.0
func (c *Config) AutomaticEnv()
func (*Config) ConfigFileUsed ¶ added in v1.10.0
func (*Config) DefaultExpandOptions ¶ added in v1.4.1
func (c *Config) DefaultExpandOptions(options ...ExpandOptions)
DefaultExpandOptions sets defaults to all subsequent calls to functions that perform configuration expansion. These defaults can be reset by calling DefaultExpandOptions with no arguments.
func (*Config) Expand ¶ added in v1.4.1
func (c *Config) Expand(input string, options ...ExpandOptions) (value []byte)
Expand behaves like the ExpandString method but returns a byte slice.
func (*Config) ExpandAllSettings ¶
func (c *Config) ExpandAllSettings(options ...ExpandOptions) (all map[string]interface{})
ExpandAllSettings returns all the settings from config structure c applying ExpandString to all string values and all string slice values. Non-string types are left unchanged. Further types, e.g. maps of strings, may be added in future releases.
func (*Config) ExpandRawString ¶ added in v1.5.0
func (c *Config) ExpandRawString(s string, options ...ExpandOptions) (value string, err error)
ExpandRawString expands the string s using the same rules and options as ExpandString but treats the whole of s as if it were wrapped in '${...}'. The function does most of the core work for configuration expansion but is also exported for use without the decoration required for configuration values, allowing use against command line flag values, for example.
func (*Config) ExpandString ¶
func (c *Config) ExpandString(input string, options ...ExpandOptions) (value string)
ExpandString returns the configuration c value for input as an expanded string. The returned string is always a freshly allocated value.
func (*Config) ExpandStringSlice ¶ added in v1.6.0
func (c *Config) ExpandStringSlice(input []string, options ...ExpandOptions) (vals []string)
ExpandStringSlice applies ExpandString to each member of the input slice
func (*Config) ExpandToEnclave ¶ added in v1.5.0
func (c *Config) ExpandToEnclave(input string, options ...ExpandOptions) (value *memguard.Enclave)
ExpandToEnclave expands the input string and returns a sealed enclave. The option TrimSpace is ignored.
func (*Config) ExpandToLockedBuffer ¶ added in v1.5.0
func (c *Config) ExpandToLockedBuffer(input string, options ...ExpandOptions) (value *memguard.LockedBuffer)
ExpandToLockedBuffer expands the input string and returns a sealed enclave. The option TrimSpace is ignored.
func (*Config) ExpandToPassword ¶ added in v1.13.0
func (c *Config) ExpandToPassword(input string, options ...ExpandOptions) *Plaintext
ExpandPassword expands the input string and returns a *Plaintext. The TrimSPace option is ignored.
func (*Config) FindCreds ¶ added in v1.5.0
FindCreds finds a set of credentials in the given config under the key "credentials" and returns the longest match, if any. creds is nil if no matching credentials found.
func (*Config) GetBytes ¶ added in v1.5.0
func (c *Config) GetBytes(s string, options ...ExpandOptions) []byte
GetBytes functions like viper.GetString on a Config instance, but additionally calls Expand with the configuration value, passing any "values" maps and returning a byte slice
func (*Config) GetDuration ¶ added in v1.10.0
func (*Config) GetFloat64 ¶ added in v1.11.0
func (*Config) GetInt ¶ added in v1.4.3
func (c *Config) GetInt(s string, options ...ExpandOptions) (i int)
GetInt functions like viper.GetInt on a Config instance, but additionally calls ExpandString with the configuration value, passing any "values" maps, before converting the result to an int. If the conversion fails then the value returned will be the one from strconv.ParseInt - typically 0 but can be the maximum integer value
func (*Config) GetInt64 ¶ added in v1.4.3
func (c *Config) GetInt64(s string, options ...ExpandOptions) (i int64)
GetInt64 functions like viper.GetInt on a Config instance, but additionally calls ExpandString with the configuration value, passing any "values" maps, before converting the result to an int. If the conversion fails then the value returned will be the one from strconv.ParseInt - typically 0 but can be the maximum integer value
func (*Config) GetPassword ¶ added in v1.5.0
func (c *Config) GetPassword(key string, options ...ExpandOptions) *Plaintext
GetPassword returns a sealed enclave containing the configuration item identified by key and expanded using the Expand function with the options supplied.
func (*Config) GetSliceStringMapString ¶ added in v1.6.0
func (c *Config) GetSliceStringMapString(s string, options ...ExpandOptions) (result []map[string]string)
GetSliceStringMapString returns a slice of string maps for the key s, it iterates over all values in all maps and applies the ExpandString with the options given
func (*Config) GetString ¶
func (c *Config) GetString(s string, options ...ExpandOptions) string
GetString functions like viper.GetString on a Config instance, but additionally calls ExpandString with the configuration value, passing any "values" maps
func (*Config) GetStringMap ¶ added in v1.10.0
func (*Config) GetStringMapString ¶
func (c *Config) GetStringMapString(key string, options ...ExpandOptions) (m map[string]string)
GetStringMapString functions like viper.GetStringMapString on a Config instance but additionally calls ExpandString on each value element of the map, passing any "values" maps
Use a version of https://github.com/spf13/viper/pull/1504 to fix viper bug #1106
func (*Config) GetStringMapStringSlice ¶ added in v1.10.0
func (*Config) GetStringSlice ¶
func (c *Config) GetStringSlice(s string, options ...ExpandOptions) (slice []string)
GetStringSlice functions like viper.GetStringSlice on a Config instance but additionally calls ExpandString on each element of the slice, passing any "values" maps
func (*Config) Join ¶ added in v1.5.0
Join returns a configuration settings key joined with the delimiter for the c config object.
func (*Config) MergeConfigMap ¶ added in v1.10.0
func (*Config) MergeHOCONConfig ¶ added in v1.4.1
MergeHOCONConfig parses the HOCON configuration in conf and merges the results into the cf *config.Config object
func (*Config) MergeHOCONFile ¶ added in v1.4.1
MergeHOCONFile reads a HOCON configuration file in path and merges the settings into the cf *config.Config object
func (*Config) RegisterAlias ¶ added in v1.10.0
func (*Config) Save ¶ added in v1.5.0
func (cf *Config) Save(name string, options ...FileOptions) (err error)
Save a configuration file for the module name.
- The file specified by config.SetConfigFile() - A file name.ext in the first directory give with config.AddDirs() - A file name.ext in the user config directory + appname
The filesystem target for the configuration object is updated to match the remote destination, which can be set by Host() option with a default of "localhost"
func (*Config) SetDefault ¶ added in v1.10.0
func (*Config) SetEnvPrefix ¶ added in v1.10.0
func (*Config) SetKeyValues ¶ added in v1.5.0
SetKeyValues takes a list of `key=value` pairs as strings and applies them to the config object. Any item without an `=` is skipped.
If the separator is either `+=` or `+` then the given value is appended to any existing setting with a space.
func (*Config) SetString ¶ added in v1.10.0
func (c *Config) SetString(key, value string, options ...ExpandOptions)
SetString sets the key to the string given after processing options. Options include replacing substrings with configuration items that match *at the time of the SetString call*. This allows the abstraction of a static string based on the other config values given. E.g.
cf.SetString("setup", "/path/to/myname/setup.json", config.Replace("name"))
This would check the value of the "name" key in cf and do a global replace. Multiple Replace options are processed in order. If "name" was "myname" at the time of the call then the resulting value is `/path/to/${config:name}/setup.json`
Existing expand options are left unchanged. All replacements are case sensitive.
func (*Config) SetStringMapString ¶ added in v1.4.3
func (c *Config) SetStringMapString(m string, vals map[string]string, options ...ExpandOptions)
SetStringMapString iterates over a map[string]string and sets each key to the value given. Viper's Set() doesn't support maps until the configuration is written to and read back from a file.
func (*Config) SetStringSlice ¶ added in v1.10.0
func (c *Config) SetStringSlice(key string, values []string, options ...ExpandOptions)
SetStringSlice sets the key to a slice of strings applying the replacement options as for SetString to each member of the slice
func (*Config) Sub ¶
Sub returns a Config instance rooted at the key passed. If key does not exist then an empty config structure is returned, unlike viper which returns nil. It uses the mutex pointer from the caller so that locking of sub-config objects also applies to the original.
Note that viper.Sub() does NOT merge defaults
func (*Config) UnmarshalKey ¶ added in v1.7.2
func (c *Config) UnmarshalKey(key string, rawVal interface{}, opts ...viper.DecoderConfigOption) error
type Credentials ¶ added in v1.5.0
type Credentials struct { Domain string `json:"domain,omitempty"` Username string `json:"username,omitempty"` Password string `json:"password,omitempty"` ClientID string `json:"client_id,omitempty"` ClientSecret string `json:"client_secret,omitempty"` Token string `json:"token,omitempty"` Renewal string `json:"renewal,omitempty"` }
Credentials can carry a number of different credential types. Add more as required. Eventually this will go into memguard.
type ExpandOptions ¶ added in v1.4.1
type ExpandOptions func(*expandOptions)
ExpandOptions control the way configuration options undergo string expansion through the underlying ExpandString functions. ExpandOptions can be passed to any of the normal lookup functions that are provided to override viper versions, such as GetString.
e.g.
s := config.GetString("config.value", ExternalLookups(false), LookupTable(configMap), Prefix("myconf", myFunc))
func Default ¶ added in v1.4.3
func Default(value any) ExpandOptions
Default sets a default value to be returned if the resulting expansion of the whole config value is empty (after any optional trimming of leading and trailing spaces). This includes cases where external lookups fail or a configuration item is not found. If TrimSpace is false and the returned value consists wholly of whitespace then this is returned and not the default given here.
func Expressions ¶ added in v1.4.1
func Expressions(yes bool) ExpandOptions
Expressions enables or disables the built-in expansion for expressions via the `github.com/maja42/goval` package. The default is false.
func ExternalLookups ¶ added in v1.4.1
func ExternalLookups(yes bool) ExpandOptions
ExternalLookups enables or disables the built-in expansion options that fetch data from outside the program, such as URLs and file paths. The default is true.
func Initial ¶ added in v1.6.6
func Initial(value any) ExpandOptions
Initial sets an initial default value to be used if the configuration item is empty (or nil) to start. This differs from Default() which supplies a value to use if the value if empty after expansion. The initial value, if used, is expanded as would any configuration value.
If config.NoExpand() is also used then this initial value is used as a secondary default - i.e. if config.Default() is empty.
func LookupTable ¶ added in v1.4.1
func LookupTable(values ...map[string]string) ExpandOptions
LookupTable adds lookup maps, of name/value pairs, to the Expand functions. If there are no lookup tables defined then `${item}` is treated as an environment variable. When string expansion is done to a plain word, ie. without a prefix, then `${item}` is looked up in each map, in the order the LookupTable options are given, and first match, if any, wins. If there is no match in any of the lookup maps then a nil value is returned and environment variables are not checked.
func LookupTables
deprecated
added in
v1.6.0
func LookupTables(values []map[string]string) ExpandOptions
LookupTables sets the expansion lookup tables to the slice of maps passed as values. Any existing lookup tables are discarded.
Deprecated: Use the singular LookupTable with a variadic list of tables instead.
func NoDecode ¶ added in v1.5.0
func NoDecode(n bool) ExpandOptions
NoDecode disables the expansion of encoded values.
func NoExpand ¶ added in v1.5.0
func NoExpand() ExpandOptions
NoExpand overrides all other options except Default and returns the value (or the default) as-is with no expansion applied. This is to allow the normal functions and methods to be called but to receive the underlying configuration item, such as an encoded password.
func Prefix ¶ added in v1.4.1
Prefix defines a custom mapping for the given prefix to an expand-like function. The prefix should not include the terminating ":". If the configuration prefix matches during expansion then the function is called with the config data and the contents of the expansion including the prefix (for URLs) but stripped of the opening `${` and closing `}`. A boolean parameter trims white space from the result if true.
func Replace ¶ added in v1.10.0
func Replace(name string) ExpandOptions
Replace is used by config.Set* (except config.Set itself) functions to replace substrings with the formatted configuration item given as name with an equivalent expand string, where the value of the name key is only tested as Set time.
e.g. if ${home} is "/home/user" then:
config.SetString("path", "/home/user/file.txt", config.Replace("home"))
results in path being set to "${home}/file.txt" for future expansion, as "home" may change
Replace can be used multiple times, each name being checked in order.
Expand strings in the value are never substituted.
name is not checked for self-referencing
func TrimPrefix ¶ added in v1.4.1
func TrimPrefix() ExpandOptions
TrimPrefix enables the removal of the prefix from the string passed to expansion functions. If this is not set then URLs can be passed as-is since the prefix is part of the URL. If set then URLs would need the schema explicitly added after the prefix. Using this option allows standard function like strings.ToUpper to be used without additional wrappers.
func TrimSpace ¶ added in v1.4.3
func TrimSpace(yes bool) ExpandOptions
TrimSpace enables the removal of leading and trailing spaces on all values in an expansion. The default is `true`. If a default value is given using the Default() then this is never trimmed.
func UseKeyfile ¶ added in v1.15.0
func UseKeyfile(file string) ExpandOptions
UseKeyfile overrides the path to the embedded keyfile in the `${enc:/path:xxx}` value. This can be useful when the keyfile is placed in an alternative location.
type FileOptions ¶ added in v1.5.0
type FileOptions func(*fileOptions)
FileOptions can be passed to the Load or Save functions to set values.
func AddDirs ¶ added in v1.6.0
func AddDirs(paths ...string) FileOptions
AddDirs adds paths as directories to search for the configuration and defaults files. Directories are searched in the order given, and any directories added with this option are checked before any built-in list. This option can be given multiple times and each call appends to the existing list.
func FromDir ¶ added in v1.6.0
func FromDir(dir string) FileOptions
FromDir sets the only directory to search for the configuration files. It disables searching in the working directory, the user config directory and the system directory.
func Host ¶ added in v1.5.0
func Host(r host.Host) FileOptions
Host sets the source/destination for the configuration file. It defaults to localhost
func IgnoreSystemDir ¶
func IgnoreSystemDir() FileOptions
IgnoreSystemDir tells Load() not to search in the system configuration directory. This only applies on UNIX-like systems and is normally `/etc` and a sub-directory of AppName.
func IgnoreUserConfDir ¶
func IgnoreUserConfDir() FileOptions
IgnoreUserConfDir tells Load not to search under the user config directory. The user configuration directory is as per os.UserConfDir
func IgnoreWorkingDir ¶
func IgnoreWorkingDir() FileOptions
IgnoreWorkingDir tells Load not to search the working directory of the process for configuration files. This should be used when the caller may be running from an unknown or untrusted location.
func KeyDelimiter ¶ added in v1.5.0
func KeyDelimiter(delimiter string) FileOptions
KeyDelimiter sets the delimiter for keys in the configuration loaded with Load. This can only be changed at the time of creation of the configuration object so will not apply if used with SetGlobal().
func MergeSettings ¶ added in v1.4.1
func MergeSettings() FileOptions
MergeSettings change the default behaviour of Load which is to load the first configuration file found, instead loading each configuration file found and merging the settings together. Merging is done using viper.MergeConfigMap and should result in the last definition of each configuration item being used.
MergeSettings applies to both default and main settings, but separately, i.e. all defaults are first merged and applied then the main configuration files are merged and loaded.
func MustExist ¶ added in v1.5.0
func MustExist() FileOptions
MustExist makes Load() return an error if a configuration file is not found. This does not apply to default configuration files.
func SetAppName ¶
func SetAppName(name string) FileOptions
SetAppName overrides to use of the Load `name` argument as the application name, `AppName`, which is used for sub-directories while `name` is used as the prefix for files in those directories.
For example, if Load is called like this:
Load("myprogram", config.SetAppName("basename"))
Then one valid location of a configuration file would be:
${HOME}/.config/basename/myprogram.yaml
func SetConfigFile ¶
func SetConfigFile(p string) FileOptions
SetConfigFile forces Load to load only the configuration at the given path. This path must include the file extension. Defaults are still loaded from all the normal directories unless config.IgnoreDefaults is also passed as an option.
If the argument is an empty string then the option is not used. This also means it can be called with a command line flag value which can default to an empty string
func SetConfigReader ¶ added in v1.9.2
func SetConfigReader(in io.Reader) FileOptions
SetConfigReader sets Load to read the main configuration from an io.Reader in. The input is read until EOF or error.
The caller must close the reader on return.
func SetFileExtension ¶ added in v1.6.0
func SetFileExtension(extension string) FileOptions
SetFileExtension sets the file extension and, by implication, the format for the configuration. If the type is not set and the configuration file loaded has an extension then that is used. This applies to both defaults and main configuration files (but not embedded defaults). The default is "json". Any leading "." is ignored.
func StopOnInternalDefaultsErrors ¶ added in v1.12.1
func StopOnInternalDefaultsErrors() FileOptions
StopOnInternalDefaultsErrors returns an error if the internal defaults cause a parsing error. This can be because the file contains repeated keys or has format errors for the chosen format. Off by default, and errors in the defaults are ignored.
func UseDefaults ¶ added in v1.4.1
func UseDefaults(b bool) FileOptions
UseDefaults tells Load whether to load defaults or not. The default is true. Defaults are loaded from a file with the same name as the main on but with an extra `.defaults` suffix before the extension, i.e. for `config.yaml` the defaults file would be `config.defaults.yaml` but it is searched in all the directories and may be located elsewhere to the main configuration.
func UseGlobal ¶
func UseGlobal() FileOptions
UseGlobal tells Load to set values in the global configuration structure instead of creating a new one. The global configuration is then returned by Load.
func WatchConfig ¶ added in v1.10.0
func WatchConfig(notify ...func(fsnotify.Event)) FileOptions
WatchConfig enables the underlying viper instance to watch the finally loaded config file. Is disabled if MergeSettings() is used. Using this option is not concurrency safe on future calls to config methods, use carefully.
If a notify function is specified then this is passed to viper.OnConfigChange. Only the first notify function is used.
func WithDefaults ¶ added in v1.7.0
func WithDefaults(defaults []byte, format string) FileOptions
WithDefaults takes a []byte slice and a format type to set configuration defaults. This can be used in conjunction with `embed` to set embedded default configuration values so that a program can function without a configuration file, e.g.
//go:embed "defaults.yaml" var defaults []byte ... c, err := config.Load("appname", config.WithDefaults(defaults, "yaml"))
func WithEnvs ¶ added in v1.7.0
func WithEnvs(prefix string, delimiter string) FileOptions
WithEnvs enables the use of environment variables using viper's AutomaticEnv() functionality. If empty delimiter defaults to an underscore.
type KeyFile ¶ added in v1.5.0
type KeyFile string
KeyFile is a type that represents the path to a keyfile
func (*KeyFile) Concat ¶ added in v1.5.0
Concat returns a path made up of the path to the keyfile concatenated with extras. No separators are added. Typical use is to construct a backup file path for an existing keyfile.
func (*KeyFile) CreateWithBackup ¶ added in v1.13.0
CreateWithBackup will create a new keyfile at path. It will rename any existing file with backup appended to the filename before the extension, unless backup is an empty string, in which case any existing file is overwritten and no backup made.
func (*KeyFile) Decode ¶ added in v1.5.0
Decode input as a byte slice using keyfile and return byte slice plaintext. An error is returned if the keyfile is not readable.
func (*KeyFile) DecodeEnclave ¶ added in v1.5.0
DecodeEnclave decodes the input using the keyfile k and returns a memguard.Enclave
func (*KeyFile) DecodeString ¶ added in v1.5.0
DecodeString decodes the input as a string using keyfile and return plaintext. An error is returned if the keyfile is not readable.
func (*KeyFile) Encode ¶ added in v1.5.0
func (k *KeyFile) Encode(h host.Host, plaintext *Plaintext, expandable bool) (out string, err error)
Encode encodes the plaintext using the keyfile. The encoded password is returned in `Geneos AES256` format, with the `+encs+` prefix, unless expandable is set to true in which case it is returned in a format that can be used with the Expand function and includes a reference to the keyfile.
If the keyfile is located under the user's configuration directory, as defined by UserConfigDir, then the function will replace any home directory prefix with `~/' to shorten the keyfile path.
func (*KeyFile) EncodePasswordInput ¶ added in v1.5.0
EncodePasswordInput prompts the user for a password and again to verify, offering up to three attempts until the password match. When the two match the plaintext is encoded using the keyfile. If expandable is true then the encoded password is returned in a format useable by the Expand function which includes a path to the keyfile used at the time.
func (*KeyFile) EncodeString ¶ added in v1.5.0
func (k *KeyFile) EncodeString(h host.Host, plaintext string, expandable bool) (out string, err error)
EncodeString encodes the plaintext using the keyfile. The encoded password is returned in `Geneos AES256` format, with the `+encs+` prefix, unless expandable is set to true in which case it is returned in a format that can be used with the Expand function and includes a reference to the keyfile.
If the keyfile is located under the user's configuration directory, as defined by UserConfigDir, then the function will replace any home directory prefix with `~/' to shorten the keyfile path.
func (*KeyFile) Read ¶ added in v1.5.0
Read returns an KeyValues struct populated with the contents of the file passed as path. If the keyfile is not in a valid format and err is returned.
func (*KeyFile) ReadOrCreate ¶ added in v1.13.0
ReadOrCreate will either return the CRC32 checksum of an existing keyfile or, if the file does not exist and create is true then a keyfile will be created with new contents along with any intermediate directories, and the checksum of the new file will be returned. On error the checksum is undefined and err will indicate why. If create is true then directories and a file may have been created even on error.
type KeyValues ¶ added in v1.5.0
KeyValues contains the values required to create a Geneos Gateway AES key file and then to encode and decode AES passwords in configurations. It is handled as a memguard Enclave to protect the plaintext as much as possible.
func NewRandomKeyValues ¶ added in v1.5.0
func NewRandomKeyValues() (kv *KeyValues)
NewRandomKeyValues returns a new KeyValues structure with a key and iv generated using the memguard.
func ReadKeyValues ¶ added in v1.11.0
ReadKeyValues from the io.Reader r and return a locked buffer key values kv.
func (*KeyValues) ChecksumString ¶ added in v1.13.0
Checksum returns the CRC32 checksum of the KeyValues
func (*KeyValues) Decode ¶ added in v1.5.0
Decode returns the decoded value of in bytes using the KeyValues given as the method receiver. Any prefix of "+encs+" is trimmed before decode. If decoding fails then out is returned empty and err will contain the reason.
func (*KeyValues) DecodeEnclave ¶ added in v1.5.0
DecodeEnclave decodes the input using kv and returns a *memguard.Enclave
func (*KeyValues) DecodeString ¶ added in v1.5.0
DecodeString returns plaintext of the input or an error
func (*KeyValues) EncodeString ¶ added in v1.5.0
EncodeString encodes the plaintext string using kv, return as a string
func (*KeyValues) String ¶ added in v1.5.0
String method for KeyValues
The output is in the format for suitable for use as a gateway key file for secure passwords as described in: https://docs.itrsgroup.com/docs/geneos/current/Gateway_Reference_Guide/gateway_secure_passwords.htm
type Plaintext ¶ added in v1.5.0
Plaintext is a type that represents a plaintext string that should be protected
func ExpandToPassword ¶ added in v1.13.0
func ExpandToPassword(input string, options ...ExpandOptions) *Plaintext
ExpandPassword expands the input string and returns a *Plaintext. The TrimSPace option is ignored.
func GetPassword ¶ added in v1.5.0
func GetPassword(s string, options ...ExpandOptions) *Plaintext
GetPassword returns a sealed enclave containing the configuration item identified by key and expanded using the Expand function with the options supplied.
func NewPlaintext ¶ added in v1.5.0
NewPlaintext returns a memguard Enclave initialised with buf
func ReadPasswordInput ¶ added in v1.5.0
func ReadPasswordInput(match bool, maxtries int, prompt ...string) (plaintext *Plaintext, err error)
ReadPasswordInput prompts the user for a password without echoing the input. This is returned as a memguard LockBuffer. If match is true then the user is prompted twice and the two instances checked for a match. Up to maxtries attempts are allowed after which an error is returned. If maxtries is 0 then a default of 3 attempts is set.
If prompt is given then it must either be one or two strings, depending on match set. The prompt(s) are suffixed with ": " in both cases. The defaults are "Password" and "Re-enter Password".
On error the pw is empty and does not need to be Destroy()ed.
If STDIN is not a terminal then config.ErrNotInteractive is returned.
func (*Plaintext) IsNil ¶ added in v1.5.0
IsNil returns true if the secret or the underlying memguard Enclave is nil