Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertPool ¶ added in v0.3.1
CertPool is a wrapper around x509.CertPool, which can be unmarshalled and constructed from a list of filenames
func (*CertPool) MarshalJSON ¶ added in v0.4.0
MarshalJSON implements json.Marshaller to print the cert pool
func (*CertPool) MarshalYAML ¶ added in v0.4.0
MarshalYAML implements yaml.Marshaller to print the cert pool
func (*CertPool) UnmarshalJSON ¶ added in v0.3.1
UnmarshalJSON implements json.Unmarshaller
func (*CertPool) UnmarshalYAML ¶ added in v0.3.1
UnmarshalYAML implements yaml.Unmarshaller
type DFGetConfig ¶ added in v0.4.0
type DFGetConfig struct {
SuperNodes []string `yaml:"supernodes"`
DFRepo string `yaml:"localrepo"`
DFPath string `yaml:"dfpath"`
RateLimit string `yaml:"ratelimit"`
URLFilter string `yaml:"urlfilter"`
CallSystem string `yaml:"callsystem"`
Notbs bool `yaml:"notbs"`
}
DFGetConfig configures how dfdaemon calls dfget
type HijackConfig ¶ added in v0.3.1
type HijackConfig struct {
Cert string `yaml:"cert" json:"cert"`
Key string `yaml:"key" json:"key"`
Hosts []*HijackHost `yaml:"hosts" json:"hosts"`
}
HijackConfig represents how dfdaemon hijacks http requests
type HijackHost ¶ added in v0.3.1
type HijackHost struct {
Regx *Regexp `yaml:"regx" json:"regx"`
Insecure bool `yaml:"insecure" json:"insecure"`
Certs *CertPool `yaml:"certs" json:"certs"`
}
HijackHost is a hijack rule for the hosts that matches Regx
type Properties ¶
type Properties struct {
// Registry mirror settings
RegistryMirror *RegistryMirror `yaml:"registry_mirror" json:"registry_mirror"`
// Proxies is the list of rules for the transparent proxy. If no rules
// are provided, all requests will be proxied directly. Request will be
// proxied with the first matching rule.
Proxies []*Proxy `yaml:"proxies" json:"proxies"`
// HijackHTTPS is the list of hosts whose https requests should be hijacked
// by dfdaemon. Dfdaemon will be able to proxy requests from them with dfget
// if the url matches the proxy rules. The first matched rule will be used.
HijackHTTPS *HijackConfig `yaml:"hijack_https" json:"hijack_https"`
// https options
Port uint `yaml:"port" json:"port"`
HostIP string `yaml:"hostIp" json:"hostIp"`
CertPem string `yaml:"certpem" json:"certpem"`
KeyPem string `yaml:"keypem" json:"keypem"`
// dfget config
SuperNodes []string `yaml:"supernodes" json:"supernodes"`
DFRepo string `yaml:"localrepo" json:"localrepo"`
DFPath string `yaml:"dfpath" json:"dfpath"`
RateLimit string `yaml:"ratelimit" json:"ratelimit"`
URLFilter string `yaml:"urlfilter" json:"urlfilter"`
CallSystem string `yaml:"callsystem" json:"callsystem"`
Notbs bool `yaml:"notbs" json:"notbs"`
Verbose bool `yaml:"verbose" json:"verbose"`
MaxProcs int `yaml:"maxprocs" json:"maxprocs"`
}
Properties holds all configurable properties of dfdaemon. The default path is '/etc/dragonfly/dfdaemon.yml' For examples:
registry_mirror:
# url for the registry mirror
remote: https://index.docker.io
# whether to ignore https certificate errors
insecure: false
# optional certificates if the remote server uses self-signed certificates
certs: []
proxies:
# proxy all http image layer download requests with dfget
- regx: blobs/sha256:.*
# change http requests to some-registry to https and proxy them with dfget
- regx: some-registry/
use_https: true
# proxy requests directly, without dfget
- regx: no-proxy-reg
direct: true
hijack_https:
# key pair used to hijack https requests
cert: df.crt
key: df.key
hosts:
- regx: mirror.aliyuncs.com:443 # regexp to match request hosts
# whether to ignore https certificate errors
insecure: false
# optional certificates if the host uses self-signed certificates
certs: []
func (*Properties) DFGetConfig ¶ added in v0.4.0
func (p *Properties) DFGetConfig() DFGetConfig
DFGetConfig returns config for dfget downloader
func (*Properties) Validate ¶ added in v0.4.0
func (p *Properties) Validate() error
Validate validates the config
type Proxy ¶ added in v0.3.1
type Proxy struct {
Regx *Regexp `yaml:"regx" json:"regx"`
UseHTTPS bool `yaml:"use_https" json:"use_https"`
Direct bool `yaml:"direct" json:"direct"`
}
Proxy describe a regular expression matching rule for how to proxy a request
type Regexp ¶ added in v0.3.1
Regexp is simple wrapper around regexp.Regexp to make it unmarshallable from a string
func NewRegexp ¶ added in v0.3.1
NewRegexp returns new Regexp instance compiled from the given string
func (*Regexp) MarshalJSON ¶ added in v0.3.1
MarshalJSON implements json.Marshaller to print the regexp
func (*Regexp) MarshalYAML ¶ added in v0.4.0
MarshalYAML implements yaml.Marshaller to print the regexp
func (*Regexp) UnmarshalJSON ¶ added in v0.3.1
UnmarshalJSON implements json.Unmarshaller
func (*Regexp) UnmarshalYAML ¶ added in v0.3.1
UnmarshalYAML implements yaml.Unmarshaller
type RegistryMirror ¶ added in v0.3.1
type RegistryMirror struct {
// Remote url for the registry mirror, default is https://index.docker.io
Remote *URL `yaml:"remote" json:"remote"`
// Optional certificates if the mirror uses self-signed certificates
Certs *CertPool `yaml:"certs" json:"certs"`
// Whether to ignore certificates errors for the registry
Insecure bool `yaml:"insecure" json:"insecure"`
}
RegistryMirror configures the mirror of the official docker registry
func (*RegistryMirror) TLSConfig ¶ added in v0.3.1
func (r *RegistryMirror) TLSConfig() *tls.Config
TLSConfig returns the tls.Config used to communicate with the mirror
type URL ¶ added in v0.3.1
URL is simple wrapper around url.URL to make it unmarshallable from a string
func (*URL) MarshalJSON ¶ added in v0.3.1
MarshalJSON implements json.Marshaller to print the url
func (*URL) MarshalYAML ¶ added in v0.4.0
MarshalYAML implements yaml.Marshaller to print the url
func (*URL) UnmarshalJSON ¶ added in v0.3.1
UnmarshalJSON implements json.Unmarshaller
func (*URL) UnmarshalYAML ¶ added in v0.3.1
UnmarshalYAML implements yaml.Unmarshaller
Source Files