config

package
v1.22.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 12, 2025 License: MIT Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	Plugin = iota
	ManagementClient
)

Variables

View Source 
var Defaults = Config{
	Debug: Debug{
		Listen: ":9001",
	},
	Log: Log{
		Format:      "console",
		Level:       slog.LevelInfo,
		VPNClientIP: true,
	},
	HTTP: HTTP{
		BaseURL: &URL{
			Scheme: "http",
			Host:   "localhost:9000",
		},
		Listen: ":9000",
		TLS:    false,
		Check: HTTPCheck{
			IPAddr: false,
		},
		CallbackTemplate: template.Must(template.New("index.gohtml").ParseFS(ui.Template, "index.gohtml")),
	},
	OpenVpn: OpenVpn{
		Addr: &URL{
			Scheme:   "unix",
			Path:     "/run/openvpn/server.sock",
			OmitHost: true,
		},
		AuthTokenUser:      true,
		AuthPendingTimeout: 3 * time.Minute,
		CommonName: OpenVPNCommonName{
			EnvironmentVariableName: "common_name",
			Mode:                    CommonNameModePlain,
		},
		Bypass: OpenVpnBypass{
			CommonNames: make([]string, 0),
		},
		Passthrough: OpenVPNPassthrough{
			Enabled: false,
			Address: &URL{
				Scheme:   "unix",
				Path:     "/run/openvpn-auth-oauth2/server.sock",
				OmitHost: true,
			},
			SocketMode:  660,
			SocketGroup: "",
		},
	},
	OAuth2: OAuth2{
		AuthStyle: OAuth2AuthStyle(oauth2.AuthStyleInParams),
		Client:    OAuth2Client{},
		Endpoints: OAuth2Endpoints{
			Auth:      &URL{Scheme: "", Host: ""},
			Discovery: &URL{Scheme: "", Host: ""},
			Token:     &URL{Scheme: "", Host: ""},
		},
		Issuer:   &URL{Scheme: "", Host: ""},
		Nonce:    true,
		PKCE:     true,
		Provider: "generic",
		Refresh: OAuth2Refresh{
			Expires:      time.Hour * 8,
			ValidateUser: true,
		},
		Scopes: make([]string, 0),
		Validate: OAuth2Validate{
			Groups: make([]string, 0),
			IPAddr: false,
			Issuer: true,
			Roles:  make([]string, 0),
		},
	},
}
View Source 
var ErrRequired = errors.New("required")

Functions

func FlagSet added in v1.0.0 

func FlagSet(name string) *flag.FlagSet

FlagSet configure the command line parser using the flag library.

func StringToTemplateHookFunc added in v1.6.0 

func StringToTemplateHookFunc() mapstructure.DecodeHookFuncType

StringToTemplateHookFunc parse a string to template.Template.

func Validate added in v1.0.0 

func Validate(mode int, conf Config) error

Validate validates the config.

Types

type Config 

type Config struct {
	ConfigFile string  `json:"config"  koanf:"config"`
	Debug      Debug   `json:"debug"   koanf:"debug"`
	Log        Log     `json:"log"     koanf:"log"`
	HTTP       HTTP    `json:"http"    koanf:"http"`
	OpenVpn    OpenVpn `json:"openvpn" koanf:"openvpn"`
	OAuth2     OAuth2  `json:"oauth2"  koanf:"oauth2"`
}

func Load added in v1.8.0 

func Load(mode int, configFile string, flagSet *flag.FlagSet) (Config, error)

func (Config) String added in v1.22.6 

func (c Config) String() string

type Debug added in v1.13.1 

type Debug struct {
	Pprof  bool   `json:"pprof"  koanf:"pprof"`
	Listen string `json:"listen" koanf:"listen"`
}

type HTTP added in v1.7.0 

type HTTP struct {
	Listen             string             `json:"listen"               koanf:"listen"`
	CertFile           string             `json:"cert"                 koanf:"cert"`
	KeyFile            string             `json:"key"                  koanf:"key"`
	TLS                bool               `json:"tls"                  koanf:"tls"`
	BaseURL            *URL               `json:"baseurl"              koanf:"baseurl"`
	Secret             Secret             `json:"secret"               koanf:"secret"`
	CallbackTemplate   *template.Template `json:"template,omitempty"   koanf:"template"`
	Check              HTTPCheck          `json:"check"                koanf:"check"`
	EnableProxyHeaders bool               `json:"enable-proxy-headers" koanf:"enable-proxy-headers"`
	AssetPath          string             `json:"assets-path"          koanf:"assets-path"`
}

func (HTTP) MarshalJSON added in v1.22.6 

func (h HTTP) MarshalJSON() ([]byte, error)

type HTTPCheck added in v1.7.0 

type HTTPCheck struct {
	IPAddr bool `json:"ipaddr" koanf:"ipaddr"`
}

type Log added in v1.0.0 

type Log struct {
	Format      string     `json:"format"        koanf:"format"`
	Level       slog.Level `json:"level"         koanf:"level"`
	VPNClientIP bool       `json:"vpn-client-ip" koanf:"vpn-client-ip"`
}

type OAuth2 added in v1.0.0 

type OAuth2 struct {
	AuthStyle       OAuth2AuthStyle `json:"auth-style"       koanf:"auth-style"`
	AuthorizeParams string          `json:"authorize-params" koanf:"authorize-params"`
	Client          OAuth2Client    `json:"client"           koanf:"client"`
	Endpoints       OAuth2Endpoints `json:"endpoint"         koanf:"endpoint"`
	Issuer          *URL            `json:"issuer"           koanf:"issuer"`
	Nonce           bool            `json:"nonce"            koanf:"nonce"`
	PKCE            bool            `json:"pkce"             koanf:"pkce"`
	Provider        string          `json:"provider"         koanf:"provider"`
	Refresh         OAuth2Refresh   `json:"refresh"          koanf:"refresh"`
	Scopes          StringSlice     `json:"scopes"           koanf:"scopes"`
	Validate        OAuth2Validate  `json:"validate"         koanf:"validate"`
}

type OAuth2AuthStyle added in v1.17.0 

type OAuth2AuthStyle oauth2.AuthStyle

func (OAuth2AuthStyle) AuthStyle added in v1.17.0 

func (s OAuth2AuthStyle) AuthStyle() oauth2.AuthStyle

func (OAuth2AuthStyle) MarshalText added in v1.17.0 

func (s OAuth2AuthStyle) MarshalText() ([]byte, error)

func (OAuth2AuthStyle) String added in v1.17.0 

func (s OAuth2AuthStyle) String() string

func (*OAuth2AuthStyle) UnmarshalText added in v1.17.0 

func (s *OAuth2AuthStyle) UnmarshalText(text []byte) error

type OAuth2Client added in v1.0.0 

type OAuth2Client struct {
	ID     string `json:"id"     koanf:"id"`
	Secret Secret `json:"secret" koanf:"secret"`
}

type OAuth2Endpoints added in v1.2.0 

type OAuth2Endpoints struct {
	Discovery *URL `json:"discovery" koanf:"discovery"`
	Auth      *URL `json:"auth"      koanf:"auth"`
	Token     *URL `json:"token"     koanf:"token"`
}

type OAuth2Refresh added in v1.13.0 

type OAuth2Refresh struct {
	Enabled      bool          `json:"enabled"        koanf:"enabled"`
	Expires      time.Duration `json:"expires"        koanf:"expires"`
	Secret       Secret        `json:"secret"         koanf:"secret"`
	UseSessionID bool          `json:"use-session-id" koanf:"use-session-id"`
	ValidateUser bool          `json:"validate-user"  koanf:"validate-user"`
}

type OAuth2Validate added in v1.0.0 

type OAuth2Validate struct {
	Acr                     StringSlice `json:"acr"                        koanf:"acr"`
	Groups                  StringSlice `json:"groups"                     koanf:"groups"`
	Roles                   StringSlice `json:"roles"                      koanf:"roles"`
	IPAddr                  bool        `json:"ipaddr"                     koanf:"ipaddr"`
	Issuer                  bool        `json:"issuer"                     koanf:"issuer"`
	CommonName              string      `json:"common-name"                koanf:"common-name"`
	CommonNameCaseSensitive bool        `json:"common-name-case-sensitive" koanf:"common-name-case-sensitive"`
}

type OpenVPNCommonName added in v1.12.0 

type OpenVPNCommonName struct {
	EnvironmentVariableName string                `json:"environment-variable-name" koanf:"environment-variable-name"`
	Mode                    OpenVPNCommonNameMode `json:"mode"                      koanf:"mode"`
}

type OpenVPNCommonNameMode added in v1.12.0 

type OpenVPNCommonNameMode int
const (
	CommonNameModePlain OpenVPNCommonNameMode = iota
	CommonNameModeOmit
	CommonNameModeOmitValue = "-"
)

func (OpenVPNCommonNameMode) MarshalText added in v1.12.0 

func (s OpenVPNCommonNameMode) MarshalText() ([]byte, error)

func (OpenVPNCommonNameMode) String added in v1.12.0 

func (s OpenVPNCommonNameMode) String() string

func (*OpenVPNCommonNameMode) UnmarshalText added in v1.12.0 

func (s *OpenVPNCommonNameMode) UnmarshalText(text []byte) error

type OpenVPNPassthrough added in v1.16.0 

type OpenVPNPassthrough struct {
	Enabled     bool   `json:"enabled"      koanf:"enabled"`
	Address     *URL   `json:"address"      koanf:"address"`
	Password    Secret `json:"password"     koanf:"password"`
	SocketMode  uint   `json:"socket-mode"  koanf:"socket-mode"`
	SocketGroup string `json:"socket-group" koanf:"socket-group"`
}

type OpenVpn added in v1.0.0 

type OpenVpn struct {
	Addr               *URL               `json:"addr"                 koanf:"addr"`
	Password           Secret             `json:"password"             koanf:"password"`
	Bypass             OpenVpnBypass      `json:"bypass"               koanf:"bypass"`
	AuthTokenUser      bool               `json:"auth-token-user"      koanf:"auth-token-user"`
	AuthPendingTimeout time.Duration      `json:"auth-pending-timeout" koanf:"auth-pending-timeout"`
	CommonName         OpenVPNCommonName  `json:"common-name"          koanf:"common-name"`
	Passthrough        OpenVPNPassthrough `json:"pass-through"         koanf:"pass-through"`
}

type OpenVpnBypass added in v1.1.0 

type OpenVpnBypass struct {
	CommonNames StringSlice `json:"common-names" koanf:"common-names"`
}

type Secret added in v1.13.0 

type Secret string

Secret represents a secret value that can be a plain string or a file path. If the value starts with "file://", it is treated as a file path, and the secret value is read from the file. The "file://" syntax supports environment variables. For example, "file://$HOME/my_secret.txt" would read the secret from the "my_secret.txt" file in the user's home directory.

func (Secret) MarshalJSON added in v1.22.6 

func (s Secret) MarshalJSON() ([]byte, error)

func (Secret) MarshalText added in v1.13.0 

func (s Secret) MarshalText() ([]byte, error)

MarshalText implements encoding.TextMarshaler interface for Secret

func (Secret) String added in v1.13.0 

func (s Secret) String() string

String reassembles the Secret into a valid string.

func (*Secret) UnmarshalText added in v1.13.0 

func (s *Secret) UnmarshalText(text []byte) error

UnmarshalText implements the encoding.TextUnmarshaler interface for Secret

type StringSlice added in v1.13.0 

type StringSlice []string

func (StringSlice) MarshalText added in v1.13.0 

func (stringSlice StringSlice) MarshalText() ([]byte, error)

MarshalText implements encoding.TextMarshaler interface for StringSlice

func (*StringSlice) UnmarshalText added in v1.13.0 

func (stringSlice *StringSlice) UnmarshalText(text []byte) error

UnmarshalText implements the encoding.TextUnmarshaler interface for StringSlice

type URL added in v1.22.6 

type URL url.URL

func NewURL added in v1.22.6 

func NewURL(u string) (*URL, error)

func (*URL) IsEmpty added in v1.22.6 

func (u *URL) IsEmpty() bool

func (*URL) JoinPath added in v1.22.6 

func (u *URL) JoinPath(elem ...string) *URL

func (*URL) MarshalJSON added in v1.22.6 

func (u *URL) MarshalJSON() ([]byte, error)

func (*URL) MarshalText added in v1.22.6 

func (u *URL) MarshalText() ([]byte, error)

func (*URL) String added in v1.22.6 

func (u *URL) String() string

func (*URL) URL added in v1.22.6 

func (u *URL) URL() *url.URL

func (*URL) UnmarshalText added in v1.22.6 

func (u *URL) UnmarshalText(text []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.