config

Documentation

Index

• Constants
• func CalculateCaPems(caPems *bytes.Buffer) *bytes.Buffer
• type Api
• type Config
  • func LoadFromMap(configMap map[interface{}]interface{}) (*Config, error)
  • func NewConfig() *Config
  • func (c *Config) AddCaPems(caPems []byte)
  • func (c *Config) CaCerts() []*x509.Certificate
  • func (c *Config) CaPems() []byte
  • func (c *Config) RefreshCas()
  • func (c *Config) SessionTimeoutDuration() time.Duration
• type Enrollment
• type EnrollmentOption
• type HttpTimeouts
  • func DefaultHttpTimeouts() *HttpTimeouts
• type Totp

Constants

const (
	DefaultEdgeApiActivityUpdateBatchSize = 250
	DefaultEdgeAPIActivityUpdateInterval  = 90 * time.Second
	MaxEdgeAPIActivityUpdateBatchSize     = 10000
	MinEdgeAPIActivityUpdateBatchSize     = 1
	MaxEdgeAPIActivityUpdateInterval      = 10 * time.Minute
	MinEdgeAPIActivityUpdateInterval      = time.Millisecond

	DefaultEdgeSessionTimeout = 30 * time.Minute
	MinEdgeSessionTimeout     = 1 * time.Minute

	MinEdgeEnrollmentDuration     = 5 * time.Minute
	DefaultEdgeEnrollmentDuration = 180 * time.Minute

	DefaultHttpIdleTimeout       = 5000 * time.Millisecond
	DefaultHttpReadTimeout       = 5000 * time.Millisecond
	DefaultHttpReadHeaderTimeout = 5000 * time.Millisecond
	DefaultHttpWriteTimeout      = 100000 * time.Millisecond

	DefaultTotpDomain = "openziti.io"

	DefaultAuthRateLimiterEnabled = true
	DefaultAuthRateLimiterMaxSize = 250
	DefaultAuthRateLimiterMinSize = 5

	AuthRateLimiterMinSizeValue = 5
	AuthRateLimiterMaxSizeValue = 1000
)

Functions

func CalculateCaPems

func CalculateCaPems(caPems *bytes.Buffer) *bytes.Buffer

CalculateCaPems takes the supplied caPems buffer as a set of PEM Certificates separated by new lines. Duplicate certificates are removed, and the result is returned as a bytes.Buffer of PEM Certificates separated by new lines.

Types

type Api

type Api struct {
	SessionTimeout          time.Duration
	ActivityUpdateBatchSize int
	ActivityUpdateInterval  time.Duration

	Listener      string
	Address       string
	IdentityCaPem []byte
	HttpTimeouts  HttpTimeouts
}

type Config

type Config struct {
	Enabled    bool
	Api        Api
	Enrollment Enrollment

	Totp            Totp
	AuthRateLimiter command.AdaptiveRateLimiterConfig
	// contains filtered or unexported fields
}

func LoadFromMap

func LoadFromMap(configMap map[interface{}]interface{}) (*Config, error)

func NewConfig

func NewConfig() *Config

func (*Config) AddCaPems

func (c *Config) AddCaPems(caPems []byte)

AddCaPems adds a byte array of certificates to the current buffered list of CAs. The certificates should be in PEM format separated by new lines. RefreshCas should be called after all calls to AddCaPems are completed.

func (*Config) CaCerts

func (c *Config) CaCerts() []*x509.Certificate

func (*Config) CaPems

func (c *Config) CaPems() []byte

func (*Config) RefreshCas

func (c *Config) RefreshCas()

func (*Config) SessionTimeoutDuration

func (c *Config) SessionTimeoutDuration() time.Duration

type Enrollment

type Enrollment struct {
	SigningCert       identity.Identity
	SigningCertConfig identity.Config
	SigningCertCaPem  []byte
	EdgeIdentity      EnrollmentOption
	EdgeRouter        EnrollmentOption
}

type EnrollmentOption

type EnrollmentOption struct {
	Duration time.Duration
}

type HttpTimeouts

type HttpTimeouts struct {
	ReadTimeoutDuration       time.Duration
	ReadHeaderTimeoutDuration time.Duration
	WriteTimeoutDuration      time.Duration
	IdleTimeoutsDuration      time.Duration
}

func DefaultHttpTimeouts

func DefaultHttpTimeouts() *HttpTimeouts

type Totp

type Totp struct {
	Hostname string
}