Documentation
¶
Index ¶
- Constants
- Variables
- func DefaultConfigDirectory() string
- func DefaultConfigPath() string
- func DefaultConfigSearchDirectories() []string
- func DefaultLogDirectory() string
- func FileExists(path string) (bool, error)
- func FindDefaultConfigPath() string
- func FindOrCreateConfigPath() string
- func ReadConfigFile(c *cli.Context, log *zerolog.Logger) (settings *configFileSettings, warnings string, err error)
- func ValidateUnixSocket(c *cli.Context) (string, error)
- func ValidateUrl(c *cli.Context, allowURLFromArgs bool) (*url.URL, error)
- type AccessConfig
- type Configuration
- type CustomDuration
- type DNSResolver
- func (r *DNSResolver) AddressOrDefault() string
- func (r *DNSResolver) BootstrapsOrDefault() []string
- func (r *DNSResolver) EnabledOrDefault() bool
- func (r *DNSResolver) Hash() string
- func (r *DNSResolver) MaxUpstreamConnectionsOrDefault() int
- func (r *DNSResolver) PortOrDefault() uint16
- func (r *DNSResolver) UpstreamsOrDefault() []string
- type FileManager
- type Forwarder
- type IngressIPRule
- type Manager
- type Notifier
- type OriginRequestConfig
- type Root
- type Tunnel
- type UnvalidatedIngressRule
- type WarpRoutingConfig
Constants ¶
const (
// BastionFlag is to enable bastion, or jump host, operation
BastionFlag = "bastion"
)
Variables ¶
var ( // DefaultConfigFiles is the file names from which we attempt to read configuration. DefaultConfigFiles = []string{"config.yml", "config.yaml"} // DefaultUnixConfigLocation is the primary location to find a config file DefaultUnixConfigLocation = "/usr/local/etc/netscale" // DefaultUnixLogLocation is the primary location to find log files DefaultUnixLogLocation = "/var/log/netscale" ErrNoConfigFile = fmt.Errorf("Cannot determine default configuration path. No file %v in %v", DefaultConfigFiles, DefaultConfigSearchDirectories()) )
Functions ¶
func DefaultConfigDirectory ¶
func DefaultConfigDirectory() string
DefaultConfigDirectory returns the default directory of the config file
func DefaultConfigPath ¶
func DefaultConfigPath() string
DefaultConfigPath returns the default location of a config file
func DefaultConfigSearchDirectories ¶
func DefaultConfigSearchDirectories() []string
DefaultConfigSearchDirectories returns the default folder locations of the config
func DefaultLogDirectory ¶
func DefaultLogDirectory() string
DefaultLogDirectory returns the default directory for log files
func FileExists ¶
FileExists checks to see if a file exist at the provided path.
func FindDefaultConfigPath ¶
func FindDefaultConfigPath() string
FindDefaultConfigPath returns the first path that contains a config file. If none of the combination of DefaultConfigSearchDirectories() and DefaultConfigFiles contains a config file, return empty string.
func FindOrCreateConfigPath ¶
func FindOrCreateConfigPath() string
FindOrCreateConfigPath returns the first path that contains a config file or creates one in the primary default path if it doesn't exist
func ReadConfigFile ¶
func ReadConfigFile(c *cli.Context, log *zerolog.Logger) (settings *configFileSettings, warnings string, err error)
ReadConfigFile returns InputSourceContext initialized from the configuration file. On repeat calls returns with the same file, returns without reading the file again; however, if value of "config" flag changes, will read the new config file
func ValidateUnixSocket ¶
ValidateUnixSocket ensures --unix-socket param is used exclusively i.e. it fails if a user specifies both --url and --unix-socket
Types ¶
type AccessConfig ¶
type AccessConfig struct { // Required when set to true will fail every request that does not arrive through an access authenticated endpoint. Required bool `yaml:"required" json:"required,omitempty"` // TeamName is the organization team name to get the public key certificates for. TeamName string `yaml:"teamName" json:"teamName"` // AudTag is the AudTag to verify access JWT against. AudTag []string `yaml:"audTag" json:"audTag"` }
type Configuration ¶
type Configuration struct { TunnelID string `yaml:"tunnel"` Ingress []UnvalidatedIngressRule WarpRouting WarpRoutingConfig `yaml:"warp-routing"` OriginRequest OriginRequestConfig `yaml:"originRequest"` // contains filtered or unexported fields }
func GetConfiguration ¶
func GetConfiguration() *Configuration
func (*Configuration) Source ¶
func (c *Configuration) Source() string
type CustomDuration ¶
A CustomDuration is a Duration that has custom serialization for JSON. JSON in Javascript assumes that int fields are 32 bits and Duration fields are deserialized assuming that numbers are in nanoseconds, which in 32bit integers limits to just 2 seconds. This type assumes that when serializing/deserializing from JSON, that the number is in seconds, while it maintains the YAML serde assumptions.
func (CustomDuration) MarshalJSON ¶
func (s CustomDuration) MarshalJSON() ([]byte, error)
func (*CustomDuration) MarshalYAML ¶
func (s *CustomDuration) MarshalYAML() (interface{}, error)
func (*CustomDuration) UnmarshalJSON ¶
func (s *CustomDuration) UnmarshalJSON(data []byte) error
func (*CustomDuration) UnmarshalYAML ¶
func (s *CustomDuration) UnmarshalYAML(unmarshal func(interface{}) error) error
type DNSResolver ¶
type DNSResolver struct { Enabled bool `json:"enabled"` Address string `json:"address,omitempty"` Port uint16 `json:"port,omitempty"` Upstreams []string `json:"upstreams,omitempty"` Bootstraps []string `json:"bootstraps,omitempty"` MaxUpstreamConnections int `json:"max_upstream_connections,omitempty"` }
DNSResolver represents a client side DNS resolver
func (*DNSResolver) AddressOrDefault ¶
func (r *DNSResolver) AddressOrDefault() string
AddressOrDefault returns the address or returns the default if empty
func (*DNSResolver) BootstrapsOrDefault ¶
func (r *DNSResolver) BootstrapsOrDefault() []string
BootstrapsOrDefault returns the bootstraps or returns the default if empty
func (*DNSResolver) EnabledOrDefault ¶
func (r *DNSResolver) EnabledOrDefault() bool
EnabledOrDefault returns the enabled property
func (*DNSResolver) Hash ¶
func (r *DNSResolver) Hash() string
Hash returns the computed values to see if the forwarder values change
func (*DNSResolver) MaxUpstreamConnectionsOrDefault ¶
func (r *DNSResolver) MaxUpstreamConnectionsOrDefault() int
MaxUpstreamConnectionsOrDefault return the max upstream connections or returns the default if negative
func (*DNSResolver) PortOrDefault ¶
func (r *DNSResolver) PortOrDefault() uint16
PortOrDefault return the port or returns the default if 0
func (*DNSResolver) UpstreamsOrDefault ¶
func (r *DNSResolver) UpstreamsOrDefault() []string
UpstreamsOrDefault returns the upstreams or returns the default if empty
type FileManager ¶
type FileManager struct { ReadConfig func(string, *zerolog.Logger) (Root, error) // contains filtered or unexported fields }
FileManager watches the yaml config for changes sends updates to the service to reconfigure to match the updated config
func NewFileManager ¶
func NewFileManager(watcher watcher.Notifier, configPath string, log *zerolog.Logger) (*FileManager, error)
NewFileManager creates a config manager
func (*FileManager) GetConfig ¶
func (m *FileManager) GetConfig() (Root, error)
GetConfig reads the yaml file from the disk
func (*FileManager) Start ¶
func (m *FileManager) Start(notifier Notifier) error
Start starts the runloop to watch for config changes
func (*FileManager) WatcherDidError ¶
func (m *FileManager) WatcherDidError(err error)
WatcherDidError notifies of errors with the file watcher
func (*FileManager) WatcherItemDidChange ¶
func (m *FileManager) WatcherItemDidChange(filepath string)
WatcherItemDidChange triggers when the yaml config is updated sends the updated config to the service to reload its state
type Forwarder ¶
type Forwarder struct { URL string `json:"url"` Listener string `json:"listener"` TokenClientID string `json:"service_token_id" yaml:"serviceTokenID"` TokenSecret string `json:"secret_token_id" yaml:"serviceTokenSecret"` Destination string `json:"destination"` }
Forwarder represents a client side listener to forward traffic to the edge
type IngressIPRule ¶
type OriginRequestConfig ¶
type OriginRequestConfig struct { // HTTP proxy timeout for establishing a new connection ConnectTimeout *CustomDuration `yaml:"connectTimeout" json:"connectTimeout,omitempty"` // HTTP proxy timeout for completing a TLS handshake TLSTimeout *CustomDuration `yaml:"tlsTimeout" json:"tlsTimeout,omitempty"` // HTTP proxy TCP keepalive duration TCPKeepAlive *CustomDuration `yaml:"tcpKeepAlive" json:"tcpKeepAlive,omitempty"` // HTTP proxy should disable "happy eyeballs" for IPv4/v6 fallback NoHappyEyeballs *bool `yaml:"noHappyEyeballs" json:"noHappyEyeballs,omitempty"` // HTTP proxy maximum keepalive connection pool size KeepAliveConnections *int `yaml:"keepAliveConnections" json:"keepAliveConnections,omitempty"` // HTTP proxy timeout for closing an idle connection KeepAliveTimeout *CustomDuration `yaml:"keepAliveTimeout" json:"keepAliveTimeout,omitempty"` // Sets the HTTP Host header for the local webserver. HTTPHostHeader *string `yaml:"httpHostHeader" json:"httpHostHeader,omitempty"` // Hostname on the origin server certificate. OriginServerName *string `yaml:"originServerName" json:"originServerName,omitempty"` // Path to the CA for the certificate of your origin. // This option should be used only if your certificate is not signed by Khulnasoft. CAPool *string `yaml:"caPool" json:"caPool,omitempty"` // Disables TLS verification of the certificate presented by your origin. // Will allow any certificate from the origin to be accepted. // Note: The connection from your machine to Khulnasoft's Edge is still encrypted. NoTLSVerify *bool `yaml:"noTLSVerify" json:"noTLSVerify,omitempty"` // Disables chunked transfer encoding. // Useful if you are running a WSGI server. DisableChunkedEncoding *bool `yaml:"disableChunkedEncoding" json:"disableChunkedEncoding,omitempty"` // Runs as jump host BastionMode *bool `yaml:"bastionMode" json:"bastionMode,omitempty"` // Listen address for the proxy. ProxyAddress *string `yaml:"proxyAddress" json:"proxyAddress,omitempty"` // Listen port for the proxy. ProxyPort *uint `yaml:"proxyPort" json:"proxyPort,omitempty"` // Valid options are 'socks' or empty. ProxyType *string `yaml:"proxyType" json:"proxyType,omitempty"` // IP rules for the proxy service IPRules []IngressIPRule `yaml:"ipRules" json:"ipRules,omitempty"` // Attempt to connect to origin with HTTP/2 Http2Origin *bool `yaml:"http2Origin" json:"http2Origin,omitempty"` // Access holds all access related configs Access *AccessConfig `yaml:"access" json:"access,omitempty"` }
OriginRequestConfig is a set of optional fields that users may set to customize how netscale sends requests to origin services. It is used to set up general config that apply to all rules, and also, specific per-rule config. Note: - To specify a time.Duration in go-yaml, use e.g. "3s" or "24h". - To specify a time.Duration in json, use int64 of the nanoseconds
type Root ¶
type Root struct { LogDirectory string `json:"log_directory" yaml:"logDirectory,omitempty"` LogLevel string `json:"log_level" yaml:"logLevel,omitempty"` Forwarders []Forwarder `json:"forwarders,omitempty" yaml:"forwarders,omitempty"` Tunnels []Tunnel `json:"tunnels,omitempty" yaml:"tunnels,omitempty"` Resolver DNSResolver `json:"resolver,omitempty" yaml:"resolver,omitempty"` }
Root is the base options to configure the service
type Tunnel ¶
type Tunnel struct { URL string `json:"url"` Origin string `json:"origin"` ProtocolType string `json:"type"` }
Tunnel represents a tunnel that should be started
type UnvalidatedIngressRule ¶
type UnvalidatedIngressRule struct { Hostname string `json:"hostname,omitempty"` Path string `json:"path,omitempty"` Service string `json:"service,omitempty"` OriginRequest OriginRequestConfig `yaml:"originRequest" json:"originRequest"` }
type WarpRoutingConfig ¶
type WarpRoutingConfig struct { ConnectTimeout *CustomDuration `yaml:"connectTimeout" json:"connectTimeout,omitempty"` TCPKeepAlive *CustomDuration `yaml:"tcpKeepAlive" json:"tcpKeepAlive,omitempty"` }