models

package
v0.0.0-...-f9f7919 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 23, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AddDevice

type AddDevice struct {
	VpcID           uuid.UUID  `json:"vpc_id" example:"694aa002-5d19-495e-980b-3d8fd508ea10"`
	PublicKey       string     `json:"public_key"`
	AdvertiseCidrs  []string   `json:"advertise_cidrs" example:"172.16.42.0/24"`
	IPv4TunnelIPs   []TunnelIP `json:"ipv4_tunnel_ips" gorm:"type:JSONB; serializer:json"`
	Relay           bool       `json:"relay"`
	SymmetricNat    bool       `json:"symmetric_nat"`
	Hostname        string     `json:"hostname" example:"myhost"`
	Endpoints       []Endpoint `json:"endpoints" gorm:"type:JSONB; serializer:json"`
	Os              string     `json:"os"`
	SecurityGroupId uuid.UUID  `json:"security_group_id"`
}

AddDevice is the information needed to add a new Device.

type AddInvitation

type AddInvitation struct {
	Email          *string    `json:"email"`   // The email address of the user to invite (one of email or user_id is required)
	UserID         *uuid.UUID `json:"user_id"` // The user id to invite (one of email or user_id is required)
	OrganizationID uuid.UUID  `json:"organization_id"`
	Roles          []string   `json:"roles"`
}

type AddOrganization

type AddOrganization struct {
	Name        string `json:"name" example:"zone-red"`
	Description string `json:"description" example:"The Red Zone"`
}

type AddRegKey

type AddRegKey struct {
	VpcID            *uuid.UUID             `json:"vpc_id,omitempty"`             // VpcID is the ID of the VPC the device will join.
	ServiceNetworkID *uuid.UUID             `json:"service_network_id,omitempty"` // ServiceNetworkID is the ID of the Service Network the device can join.
	Description      string                 `json:"description,omitempty"`        // Description of the registration key.
	SingleUse        bool                   `json:"single_use,omitempty"`         // SingleUse only allows the registration key to be used once.
	ExpiresAt        *time.Time             `json:"expires_at,omitempty"`         // ExpiresAt is optional, if set the registration key is only valid until the ExpiresAt time.
	SecurityGroupId  *uuid.UUID             `json:"security_group_id"`            // SecurityGroupId is the ID of the security group to assign to the device.
	Settings         map[string]interface{} `json:"settings"`                     // Settings contains general settings for the device.
}

type AddSecurityGroup

type AddSecurityGroup struct {
	Description   string         `json:"description" example:"group_description"`
	VpcId         uuid.UUID      `json:"vpc_id"`
	InboundRules  []SecurityRule `json:"inbound_rules,omitempty" gorm:"type:JSONB; serializer:json"`
	OutboundRules []SecurityRule `json:"outbound_rules,omitempty" gorm:"type:JSONB; serializer:json"`
}

AddSecurityGroup is the information needed to add a new Security Group.

type AddServiceNetwork

type AddServiceNetwork struct {
	OrganizationID uuid.UUID `json:"organization_id"`
	Description    string    `json:"description" example:"The Red Zone"`
}

type AddSite

type AddSite struct {
	ServiceNetworkID uuid.UUID `json:"service_network_id" example:"694aa002-5d19-495e-980b-3d8fd508ea10"`
	Name             string    `json:"name"`
	Platform         string    `json:"platform"`
	PublicKey        string    `json:"public_key"`
}

AddSite is the information needed to add a new Site.

type AddVPC

type AddVPC struct {
	OrganizationID uuid.UUID `json:"organization_id"`
	Description    string    `json:"description" example:"The Red Zone"`
	PrivateCidr    bool      `json:"private_cidr"`
	Ipv4Cidr       string    `json:"ipv4_cidr" example:"172.16.42.0/24"`
	Ipv6Cidr       string    `json:"ipv6_cidr" example:"0200::/8"`
}

type Base

type Base struct {
	ID        uuid.UUID      `gorm:"type:uuid;primary_key;" json:"id" example:"aa22666c-0f57-45cb-a449-16efecc04f2e"`
	CreatedAt time.Time      `json:"-"`
	UpdatedAt time.Time      `json:"-"`
	DeletedAt gorm.DeletedAt `gorm:"index" json:"-"`
}

Base contains common columns for all tables.

func (*Base) BeforeCreate

func (base *Base) BeforeCreate(tx *gorm.DB) error

BeforeCreate populates the ID (if not set)

type BaseError

type BaseError struct {
	Error string `json:"error" example:"something bad"`
}

BaseError is the base type for API errors

func NewApiError

func NewApiError(err error) BaseError

NewApiError returns a new response body for a general error

func NewBaseError

func NewBaseError(error string) BaseError

type CertificateSigningRequest

type CertificateSigningRequest struct {

	// Requested 'duration' (i.e. lifetime) of the Certificate. Note that the
	// issuer may choose to ignore the requested duration, just like any other
	// requested attribute.
	// +optional
	Duration *Duration `json:"duration,omitempty" swaggertype:"string"`

	// The PEM-encoded X.509 certificate signing request to be submitted to the
	// issuer for signing.
	//
	// If the CSR has a BasicConstraints extension, its isCA attribute must
	// match the `isCA` value of this CertificateRequest.
	// If the CSR has a KeyUsage extension, its key usages must match the
	// key usages in the `usages` field of this CertificateRequest.
	// If the CSR has a ExtKeyUsage extension, its extended key usages
	// must match the extended key usages in the `usages` field of this
	// CertificateRequest.
	Request string `json:"request" example:"-----BEGIN CERTIFICATE REQUEST-----(...)-----END CERTIFICATE REQUEST-----"`

	// Requested basic constraints isCA value. Note that the issuer may choose
	// to ignore the requested isCA value, just like any other requested attribute.
	//
	// NOTE: If the CSR in the `Request` field has a BasicConstraints extension,
	// it must have the same isCA value as specified here.
	//
	// If true, this will automatically add the `cert sign` usage to the list
	// of requested `usages`.
	// +optional
	IsCA bool `json:"is_ca,omitempty"`

	// Requested key usages and extended key usages.
	//
	// NOTE: If the CSR in the `Request` field has uses the KeyUsage or
	// ExtKeyUsage extension, these extensions must have the same values
	// as specified here without any additional values.
	//
	// If unset, defaults to `digital signature` and `key encipherment`.
	// +optional
	Usages []KeyUsage `json:"usages,omitempty"`
}

CertificateSigningRequest is a certificate signing request

type CertificateSigningResponse

type CertificateSigningResponse struct {

	// The PEM encoded X.509 certificate resulting from the certificate
	// signing request.
	// If not set, the CertificateRequest has either not been completed or has
	// failed. More information on failure can be found by checking the
	// `conditions` field.
	// +optional
	Certificate string `json:"certificate,omitempty" example:"-----BEGIN CERTIFICATE-----(...)-----END CERTIFICATE-----"`

	// The PEM encoded X.509 certificate of the signer, also known as the CA
	// (Certificate Authority).
	// This is set on a best-effort basis by different issuers.
	// If not set, the CA is assumed to be unknown/not available.
	// +optional
	CA string `json:"ca,omitempty" example:"-----BEGIN CERTIFICATE-----(...)-----END CERTIFICATE-----"`
}

CertificateSigningResponse is a certificate signing response

type ConflictsError

type ConflictsError struct {
	ID string `json:"id" example:"a1fae5de-dd96-4b20-8362-95f6a574c4b1"`
	BaseError
}

ConflictsError is returned in the body of an HTTP 409

func NewConflictsError

func NewConflictsError(id string) ConflictsError

type Device

type Device struct {
	Base
	OwnerID         uuid.UUID      `json:"owner_id"`
	VpcID           uuid.UUID      `json:"vpc_id" example:"694aa002-5d19-495e-980b-3d8fd508ea10"`
	OrganizationID  uuid.UUID      `json:"-"` // Denormalized from the VPC record for performance
	PublicKey       string         `json:"public_key"`
	AllowedIPs      pq.StringArray `json:"allowed_ips" gorm:"type:text[]" swaggertype:"array,string"`
	IPv4TunnelIPs   []TunnelIP     `json:"ipv4_tunnel_ips" gorm:"type:JSONB; serializer:json"`
	IPv6TunnelIPs   []TunnelIP     `json:"ipv6_tunnel_ips" gorm:"type:JSONB; serializer:json"`
	AdvertiseCidrs  pq.StringArray `json:"advertise_cidrs" gorm:"type:text[]" swaggertype:"array,string"`
	Relay           bool           `json:"relay"`
	SymmetricNat    bool           `json:"symmetric_nat"`
	Hostname        string         `json:"hostname"`
	Os              string         `json:"os"`
	Endpoints       []Endpoint     `json:"endpoints" gorm:"type:JSONB; serializer:json"`
	Revision        uint64         `json:"revision" gorm:"type:bigserial;index:"`
	SecurityGroupId uuid.UUID      `json:"security_group_id"`
	Online          bool           `json:"online"`
	OnlineAt        *time.Time     `json:"online_at"`
	RegKeyID        uuid.UUID      `json:"-"`                      // the reg key id that created the device (if it was created with a registration token)
	BearerToken     string         `json:"bearer_token,omitempty"` // the token nexd should use to reconcile device state.
}

Device is a unique, end-user device. Devices belong to one User and may be onboarded into an organization

type DeviceMetadata

type DeviceMetadata struct {
	DeviceID  uuid.UUID      `json:"device_id" gorm:"type:uuid;primary_key"`
	Key       string         `json:"key"       gorm:"primary_key"`
	Value     interface{}    `json:"value"     gorm:"type:JSONB; serializer:json"`
	Revision  uint64         `json:"revision"  gorm:"type:bigserial;index:"`
	DeletedAt gorm.DeletedAt `json:"-"         gorm:"index"`
	CreatedAt time.Time      `json:"-"`
	UpdatedAt time.Time      `json:"-"`
}

DeviceMetadata represents a key-value pair of device metadata in the database

type Duration

type Duration struct {
	time.Duration
}

Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.

func (Duration) MarshalJSON

func (d Duration) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (*Duration) UnmarshalJSON

func (d *Duration) UnmarshalJSON(b []byte) error

UnmarshalJSON implements the json.Unmarshaller interface.

type Endpoint

type Endpoint struct {
	// How the endpoint was discovered
	Source string `json:"source"`
	// IP address and port of the endpoint.
	Address string `json:"address" example:"10.1.1.1:51820"`
}

type InternalServerError

type InternalServerError struct {
	BaseError
	TraceId string `json:"trace_id,omitempty"`
}

type Invitation

type Invitation struct {
	Base
	UserID         *uuid.UUID    `json:"user_id,omitempty"`
	Email          *string       `json:"email,omitempty"` // The email address to invite
	OrganizationID uuid.UUID     `json:"organization_id"`
	Organization   *Organization `json:"organization,omitempty"`
	ExpiresAt      time.Time     `json:"expires_at"`
	FromID         uuid.UUID     `json:"-"`
	From           *User         `json:"from,omitempty"`
	Roles          StringArray   `json:"roles" swaggertype:"array,string"`
}

Invitation is a request for a user to join an organization

type KeyUsage

type KeyUsage string
const (
	UsageSigning           KeyUsage = "signing"
	UsageDigitalSignature  KeyUsage = "digital signature"
	UsageContentCommitment KeyUsage = "content commitment"
	UsageKeyEncipherment   KeyUsage = "key encipherment"
	UsageKeyAgreement      KeyUsage = "key agreement"
	UsageDataEncipherment  KeyUsage = "data encipherment"
	UsageCertSign          KeyUsage = "cert sign"
	UsageCRLSign           KeyUsage = "crl sign"
	UsageEncipherOnly      KeyUsage = "encipher only"
	UsageDecipherOnly      KeyUsage = "decipher only"
	UsageAny               KeyUsage = "any"
	UsageServerAuth        KeyUsage = "server auth"
	UsageClientAuth        KeyUsage = "client auth"
	UsageCodeSigning       KeyUsage = "code signing"
	UsageEmailProtection   KeyUsage = "email protection"
	UsageSMIME             KeyUsage = "s/mime"
	UsageIPsecEndSystem    KeyUsage = "ipsec end system"
	UsageIPsecTunnel       KeyUsage = "ipsec tunnel"
	UsageIPsecUser         KeyUsage = "ipsec user"
	UsageTimestamping      KeyUsage = "timestamping"
	UsageOCSPSigning       KeyUsage = "ocsp signing"
	UsageMicrosoftSGC      KeyUsage = "microsoft sgc"
	UsageNetscapeSGC       KeyUsage = "netscape sgc"
)

type NexodusClaims

type NexodusClaims struct {
	jwt.RegisteredClaims
	Scope            string     `json:"scope,omitempty"`              // Scope is the scope of the token.
	AgentID          *uuid.UUID `json:"agent_id,omitempty"`           // AgentID is the ID of the agent
	VpcID            *uuid.UUID `json:"vpc_id,omitempty"`             // VpcID is the ID of the VPC the agent will join.
	ServiceNetworkID *uuid.UUID `json:"service_network_id,omitempty"` // ServiceNetworkID is the ID of the ServiceNetwork the agent will join.
}

type NotAllowedError

type NotAllowedError struct {
	BaseError
	Reason string `json:"reason,omitempty"`
}

NotAllowedError is returned in the body of an HTTP 403

func NewNotAllowedError

func NewNotAllowedError(reason string) NotAllowedError

type NotFoundError

type NotFoundError struct {
	BaseError
	Resource string `json:"resource,omitempty"`
}

NotFoundError is returned in the body of an HTTP 404

func NewNotFoundError

func NewNotFoundError(resource string) NotFoundError

type Organization

type Organization struct {
	Base
	Name        string `json:"name" gorm:"uniqueIndex" sql:"index" example:"zone-red"`
	Description string `json:"description" example:"Team A"`

	Users       []*User       `json:"-" gorm:"many2many:user_organizations;"`
	Invitations []*Invitation `json:"-"`
}

Organization contains Users and VPCs

func (*Organization) BeforeCreate

func (z *Organization) BeforeCreate(tx *gorm.DB) error

type RegKey

type RegKey struct {
	Base
	OwnerID          uuid.UUID              `json:"owner_id,omitempty"`                            // OwnerID is the ID of the user that created the registration key.
	VpcID            *uuid.UUID             `json:"vpc_id,omitempty"`                              // VpcID is the ID of the VPC the device can join.
	OrganizationID   *uuid.UUID             `json:"-" gorm:"type:uuid"`                            // OrganizationID is denormalized from the VPC record for performance
	ServiceNetworkID *uuid.UUID             `json:"service_network_id,omitempty"`                  // ServiceNetworkID is the ID of the Service Network the device can join.
	SNOrganizationID *uuid.UUID             `json:"-" gorm:"type:uuid; column:sn_organization_id"` // OrganizationID is denormalized from the ServiceNetwork record for performance
	BearerToken      string                 `json:"bearer_token,omitempty"`                        // BearerToken is the bearer token the client should use to authenticate the device registration request.
	Description      string                 `json:"description,omitempty"`                         // Description of the registration key.
	DeviceId         *uuid.UUID             `json:"device_id,omitempty"`                           // DeviceId is set if the RegKey was created for single use
	ExpiresAt        *time.Time             `json:"expires_at,omitempty"`                          // ExpiresAt is optional, if set the registration key is only valid until the ExpiresAt time.
	SecurityGroupId  *uuid.UUID             `json:"security_group_id"`                             // SecurityGroupId is the ID of the security group to assign to the device.
	Settings         map[string]interface{} `json:"settings" gorm:"type:JSONB; serializer:json"`   // Settings contains general settings for the device.
}

RegKey is used to register devices without an interactive login.

type SecurityGroup

type SecurityGroup struct {
	Base
	Description    string         `json:"description"`
	VpcId          uuid.UUID      `json:"vpc_id"`
	OrganizationID uuid.UUID      `json:"-"` // Denormalized from the VPC record for performance
	InboundRules   []SecurityRule `json:"inbound_rules,omitempty" gorm:"type:JSONB; serializer:json"`
	OutboundRules  []SecurityRule `json:"outbound_rules,omitempty" gorm:"type:JSONB; serializer:json"`
	Revision       uint64         `json:"revision"  gorm:"type:bigserial;index:"`
}

SecurityGroup represents a security group containing security rules and a group owner

type SecurityRule

type SecurityRule struct {
	IpProtocol string   `json:"ip_protocol"`
	FromPort   int64    `json:"from_port"`
	ToPort     int64    `json:"to_port"`
	IpRanges   []string `json:"ip_ranges,omitempty"`
}

SecurityRule represents a Security Rule

type ServiceNetwork

type ServiceNetwork struct {
	Base
	OrganizationID uuid.UUID     `json:"organization_id" gorm:"type:uuid"`
	Organization   *Organization `json:"-"`
	Description    string        `json:"description"`
	CaKey          string        `json:"-"`
	CaCertificates []string      `json:"ca_certificates,omitempty" gorm:"type:JSONB; serializer:json"`
	Revision       uint64        `json:"revision" gorm:"type:bigserial;index:"`
}

ServiceNetwork contains interconnected Sites

type Site

type Site struct {
	Base
	Revision         uint64          `json:"revision" gorm:"type:bigserial;index:"`
	OwnerID          uuid.UUID       `json:"owner_id" gorm:"type:uuid"`
	ServiceNetworkID uuid.UUID       `json:"service_network_id" gorm:"type:uuid" example:"694aa002-5d19-495e-980b-3d8fd508ea10"`
	OrganizationID   uuid.UUID       `json:"-" gorm:"type:uuid"`     // Denormalized from the VPC record for performance
	RegKeyID         uuid.UUID       `json:"-" gorm:"type:uuid"`     // the reg key id that created the Site (if it was created with a registration token)
	BearerToken      string          `json:"bearer_token,omitempty"` // the token nexd should use to reconcile Site state.
	Hostname         string          `json:"hostname" example:"myhost"`
	Os               string          `json:"os"`
	Name             string          `json:"name"`
	Platform         string          `json:"platform"`
	PublicKey        string          `json:"public_key"`
	LinkSecret       string          `json:"link_secret"`
	ServiceNetwork   *ServiceNetwork `json:"-"`
	Online           bool            `json:"online"`
	OnlineAt         *time.Time      `json:"online_at"`
}

Site is a unique, end-user Site. Sites belong to one User and may be onboarded into an organization

type StringArray

type StringArray = datatype.StringArray

type TunnelIP

type TunnelIP struct {
	// IP address and port of the endpoint.
	Address string `json:"address" example:"10.1.1.1:51820"`
	// VPC CIDR this address was allocated from
	CIDR string `json:"cidr" example:"10.0.0.0/24"`
}

type UpdateDevice

type UpdateDevice struct {
	VpcID           *uuid.UUID `json:"vpc_id" example:"694aa002-5d19-495e-980b-3d8fd508ea10"`
	AdvertiseCidrs  []string   `json:"advertise_cidrs" example:"172.16.42.0/24"`
	SymmetricNat    *bool      `json:"symmetric_nat"`
	Hostname        string     `json:"hostname" example:"myhost"`
	Endpoints       []Endpoint `json:"endpoints" gorm:"type:JSONB; serializer:json"`
	Revision        *uint64    `json:"revision"`
	Relay           *bool      `json:"relay"`
	SecurityGroupId *uuid.UUID `json:"security_group_id"`
}

UpdateDevice is the information needed to update a Device.

type UpdateRegKey

type UpdateRegKey struct {
	Description     *string                `json:"description,omitempty"` // Description of the registration key.
	ExpiresAt       *time.Time             `json:"expires_at,omitempty"`  // ExpiresAt is optional, if set the registration key is only valid until the ExpiresAt time.
	SecurityGroupId *uuid.UUID             `json:"security_group_id"`     // SecurityGroupId is the ID of the security group to assign to the device.
	Settings        map[string]interface{} `json:"settings"`              // Settings contains general settings for the device.
}

type UpdateSecurityGroup

type UpdateSecurityGroup struct {
	Description   *string        `json:"description,omitempty"`
	InboundRules  []SecurityRule `json:"inbound_rules,omitempty" gorm:"type:JSONB; serializer:json"`
	OutboundRules []SecurityRule `json:"outbound_rules,omitempty" gorm:"type:JSONB; serializer:json"`
}

UpdateSecurityGroup is the information needed to update an existing Security Group.

type UpdateServiceNetwork

type UpdateServiceNetwork struct {
	Description *string `json:"description" example:"The Red Zone"`
}

type UpdateSite

type UpdateSite struct {
	Os         *string `json:"os"`
	Hostname   *string `json:"hostname" example:"myhost"`
	Revision   *uint64 `json:"revision"`
	LinkSecret *string `json:"link_secret"`
}

UpdateSite is the information needed to update a Site.

type UpdateVPC

type UpdateVPC struct {
	Description *string `json:"description" example:"The Red Zone"`
}

type User

type User struct {
	Base
	IdpID         string          `json:"-"` // Comes from the IDP
	Organizations []*Organization `gorm:"many2many:user_organizations" json:"-"`
	FullName      string          `json:"full_name"`
	Picture       string          `json:"picture"`
	UserName      string          `json:"username"`
	Invitations   []*Invitation   `json:"-"`
}

User is the a person who uses Nexodus

func (*User) BeforeCreate

func (u *User) BeforeCreate(tx *gorm.DB) error

type UserIdentity

type UserIdentity struct {
	Kind   string    `gorm:"primary_key"            json:"kind"  example:"email"`                        // email, phone, keycloak-id, etc
	Value  string    `gorm:"primary_key"            json:"value" example:"hiram@example.com"`            // the value of the identity
	UserID uuid.UUID `gorm:"type:uuid" json:"user_id"    example:"aa22666c-0f57-45cb-a449-16efecc04f2e"` // the id of the user
}

UserIdentity is an identity of a user. A user can have multiple identities.

type UserOrganization

type UserOrganization struct {
	UserID         uuid.UUID   `json:"user_id" gorm:"type:uuid;primary_key"`
	OrganizationID uuid.UUID   `json:"organization_id" gorm:"type:uuid;primary_key"`
	User           *User       `json:"user,omitempty"`
	Roles          StringArray `json:"roles" swaggertype:"array,string"`
}

UserOrganization record means the user is a member of the organization

type VPC

type VPC struct {
	Base
	OrganizationID uuid.UUID     `json:"organization_id"`
	Description    string        `json:"description"`
	PrivateCidr    bool          `json:"private_cidr"`
	Ipv4Cidr       string        `json:"ipv4_cidr"`
	Ipv6Cidr       string        `json:"ipv6_cidr"`
	Organization   *Organization `json:"-"`
	Revision       uint64        `json:"revision" gorm:"type:bigserial;index:"`
}

VPC contains Devices

type ValidationError

type ValidationError struct {
	BaseError
	Field  string `json:"field,omitempty"`
	Reason string `json:"reason,omitempty"`
}

ValidationError is returned in the body of an HTTP 400

func NewBadPathParameterError

func NewBadPathParameterError(param string) ValidationError

func NewBadPathParameterErrorAndReason

func NewBadPathParameterErrorAndReason(param string, reason string) ValidationError

func NewBadPayloadError

func NewBadPayloadError(err error) ValidationError

func NewBadQueryParameterError

func NewBadQueryParameterError(param string) ValidationError

func NewFieldNotPresentError

func NewFieldNotPresentError(field string) ValidationError

func NewFieldValidationError

func NewFieldValidationError(field string, reason string) ValidationError

func NewInvalidField

func NewInvalidField(field string) ValidationError

type Watch

type Watch struct {
	Kind       string                 `json:"kind,omitempty"`
	GtRevision uint64                 `json:"gt_revision,omitempty"`
	AtTail     bool                   `json:"at_tail,omitempty"`
	Options    map[string]interface{} `json:"options,omitempty"`
}

Watch is used to describe events you are interested in

type WatchEvent

type WatchEvent struct {
	Kind  string      `json:"kind,omitempty"`
	Type  string      `json:"type"`
	Value interface{} `json:"value,omitempty"`
}

WatchEvent struct for WatchEvent

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL