Documentation
¶
Overview ¶
Package config describes the configuration of the beacon server.
Index ¶
- Constants
- type BSConfig
- type CA
- type CAMode
- type CAService
- type Config
- type DRKeyConfig
- type HostProto
- type PSConfig
- type Policies
- type SecretValueHostList
- func (cfg *SecretValueHostList) ConfigName() string
- func (cfg *SecretValueHostList) InitDefaults()
- func (cfg *SecretValueHostList) Sample(dst io.Writer, path config.Path, ctx config.CtxMap)
- func (cfg *SecretValueHostList) ToAllowedSet() map[HostProto]struct{}
- func (cfg *SecretValueHostList) Validate() error
Constants ¶
View Source
const ( // DefaultOriginationInterval is the default interval between originating // beacons in a core BS. DefaultOriginationInterval = 5 * time.Second // DefaultPropagationInterval is the default interval between propagating beacons. DefaultPropagationInterval = 5 * time.Second // DefaultRegistrationInterval is the default interval between registering segments. DefaultRegistrationInterval = 5 * time.Second // DefaultQueryInterval is the default interval after which the segment // cache expires. DefaultQueryInterval = 5 * time.Minute // DefaultMaxASValidity is the default validity period for renewed AS certificates. DefaultMaxASValidity = 3 * 24 * time.Hour )
View Source
const DefaultPrefetchEntries = 10000
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BSConfig ¶
type BSConfig struct {
// OriginationInterval is the interval between originating beacons in a core BS.
OriginationInterval util.DurWrap `toml:"origination_interval,omitempty"`
// PropagationInterval is the interval between propagating beacons.
PropagationInterval util.DurWrap `toml:"propagation_interval,omitempty"`
// RegistrationInterval is the interval between registering segments.
RegistrationInterval util.DurWrap `toml:"registration_interval,omitempty"`
// Policies contains the policy files.
Policies Policies `toml:"policies,omitempty"`
// EPIC specifies whether the EPIC authenticators should be added to the beacons.
EPIC bool `toml:"epic,omitempty" default:"false"`
}
BSConfig holds the configuration specific to the beacon server.
func (*BSConfig) ConfigName ¶
ConfigName is the toml key for the beacon server specific configuration.
func (*BSConfig) InitDefaults ¶
func (cfg *BSConfig) InitDefaults()
InitDefaults the default values for the durations that are equal to zero.
type CA ¶
type CA struct {
// MaxASValidity is the maximum AS certificate lifetime.
MaxASValidity util.DurWrap `toml:"max_as_validity,omitempty"`
// Mode defines whether the Control Service should handle certificate
// issuance requests on its own, or whether to delegate handling to a
// dedicated Certificate Authority. If it is the empty string, the
// in-process mode is selected as the default.
Mode CAMode `toml:"mode,omitempty"`
// Service contains details about CA functionality delegation.
Service CAService `toml:"service,omitempty"`
}
CA is the CA configuration.
func (*CA) ConfigName ¶
func (*CA) InitDefaults ¶
func (cfg *CA) InitDefaults()
type CAService ¶
type CAService struct {
// create JWT tokens.
SharedSecret string `toml:"shared_secret,omitempty"`
// Address of the CA Service that handles the delegated certificate renewal requests.
Address string `toml:"addr,omitempty"`
// Lifetime contains the validity period of self-generated JWT authorization tokens. The format
// is a Go duration. If not set, the application default is used instead (see the sample for
// the value).
Lifetime util.DurWrap `toml:"lifetime,omitempty"`
// ClientID is the client identification string that should be used in self-generated JWT
// authorization tokens. If not set, the SCION ID is used instead.
ClientID string `toml:"client_id,omitempty"`
}
CAService contains details about CA functionality delegation.
func (*CAService) ConfigName ¶
func (*CAService) InitDefault ¶
func (cfg *CAService) InitDefault()
type Config ¶
type Config struct {
General env.General `toml:"general,omitempty"`
Features env.Features `toml:"features,omitempty"`
Logging log.Config `toml:"log,omitempty"`
Metrics env.Metrics `toml:"metrics,omitempty"`
API api.Config `toml:"api,omitempty"`
Tracing env.Tracing `toml:"tracing,omitempty"`
QUIC env.QUIC `toml:"quic,omitempty"`
BeaconDB storage.DBConfig `toml:"beacon_db,omitempty"`
TrustDB storage.DBConfig `toml:"trust_db,omitempty"`
PathDB storage.DBConfig `toml:"path_db,omitempty"`
BS BSConfig `toml:"beaconing,omitempty"`
PS PSConfig `toml:"path,omitempty"`
CA CA `toml:"ca,omitempty"`
TrustEngine trustengine.Config `toml:"trustengine,omitempty"`
DRKey DRKeyConfig `toml:"drkey,omitempty"`
}
Config is the control server configuration.
func (*Config) InitDefaults ¶
func (cfg *Config) InitDefaults()
InitDefaults initializes the default values for all parts of the config.
type DRKeyConfig ¶ added in v0.9.0
type DRKeyConfig struct {
Level1DB storage.DBConfig `toml:"level1_db,omitempty"`
SecretValueDB storage.DBConfig `toml:"secret_value_db,omitempty"`
Delegation SecretValueHostList `toml:"delegation,omitempty"`
PrefetchEntries int `toml:"prefetch_entries,omitempty"`
}
DRKeyConfig is the configuration for the connection to the trust database.
func (*DRKeyConfig) ConfigName ¶ added in v0.9.0
func (cfg *DRKeyConfig) ConfigName() string
ConfigName is the key in the toml file.
func (*DRKeyConfig) Enabled ¶ added in v0.9.0
func (cfg *DRKeyConfig) Enabled() bool
Enabled returns true if DRKey is configured. False otherwise.
func (*DRKeyConfig) InitDefaults ¶ added in v0.9.0
func (cfg *DRKeyConfig) InitDefaults()
InitDefaults initializes values of unset keys and determines if the configuration enables DRKey.
func (*DRKeyConfig) Validate ¶ added in v0.9.0
func (cfg *DRKeyConfig) Validate() error
Validate validates that all values are parsable.
type PSConfig ¶
type PSConfig struct {
// QueryInterval specifies after how much time segments
// for a destination should be refetched.
QueryInterval util.DurWrap `toml:"query_interval,omitempty"`
// HiddenPathsCfg specifies the file name of the hidden path configuration.
// If HiddenPathsCfg begins with http:// or https://, it will be fetched
// over the network from the specified URL instead.
HiddenPathsCfg string `toml:"hidden_paths_cfg,omitempty"`
}
func (*PSConfig) ConfigName ¶
func (*PSConfig) InitDefaults ¶
func (cfg *PSConfig) InitDefaults()
type Policies ¶
type Policies struct {
config.NoDefaulter
config.NoValidator
// Propagation contains the file path for the propagation policy. If this
// is the empty string, the default policy is used.
Propagation string `toml:"propagation,omitempty"`
// CoreRegistration contains the file path for the core registration
// policy. If this is the empty string, the default policy is used. In a
// non-core beacon server, this field is ignored.
CoreRegistration string `toml:"core_registration,omitempty"`
// UpRegistration contains the file path for the up registration policy. If
// this is the empty string, the default policy is used. In a core beacon
// server, this field is ignored.
UpRegistration string `toml:"up_registration,omitempty"`
// DownRegistration contains the file path for the down registration policy.
// If this is the empty string, the default policy is used. In a core beacon
// server, this field is ignored.
DownRegistration string `toml:"down_registration,omitempty"`
}
Policies contains the file paths of the policies.
func (*Policies) ConfigName ¶
ConfigName is the toml key for the beacon server specific configuration.
type SecretValueHostList ¶ added in v0.9.0
SecretValueHostList configures which endhosts can get delegation secrets, per protocol.
func (*SecretValueHostList) ConfigName ¶ added in v0.9.0
func (cfg *SecretValueHostList) ConfigName() string
ConfigName is the key in the toml file.
func (*SecretValueHostList) InitDefaults ¶ added in v0.9.0
func (cfg *SecretValueHostList) InitDefaults()
InitDefaults will not add or modify any entry in the config.
func (*SecretValueHostList) ToAllowedSet ¶ added in v0.9.0
func (cfg *SecretValueHostList) ToAllowedSet() map[HostProto]struct{}
ToAllowedSet will return map where there is a set of supported (Host,Protocol).
func (*SecretValueHostList) Validate ¶ added in v0.9.0
func (cfg *SecretValueHostList) Validate() error
Validate validates that the protocols exist, and their addresses are parsable.
Source Files
Click to show internal directories.
Click to hide internal directories.