config

package
v0.87.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 14, 2022 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DatabaseTypeKey   = "database.type"
	LocalDatabaseType = "local"

	DatabaseLocalPathKey     = "database.local.path"
	DefaultDatabaseLocalPath = "~/lakefs/metadata"

	DatabaseLocalPrefetchSizeKey     = "database.local.prefetch_size"
	DefaultDatabaseLocalPrefetchSize = 256

	DatabaseDynamodbTableNameKey     = "database.dynamodb.table_name"
	DefaultDatabaseDynamodbTableName = "kvstore"

	DatabaseDynamodbReadCapacityUnitsKey     = "database.dynamodb.read_capacity_units"
	DefaultDatabaseDynamodbReadCapacityUnits = 1000

	DatabaseDynamodbWriteCapacityUnitsKey     = "database.dynamodb.write_capacity_units"
	DefaultDatabaseDynamodbWriteCapacityUnits = 1000

	DatabasePostgresMaxOpenConnectionsKey     = "database.postgres.max_open_connections"
	DefaultDatabasePostgresMaxOpenConnections = 25

	DatabasePostgresMaxIdleConnectionsKey     = "database.postgres.max_idle_connections"
	DefaultDatabasePostgresMaxIdleConnections = 25

	PostgresConnectionMaxLifetimeKey     = "database.postgres.connection_max_lifetime"
	DefaultPostgresConnectionMaxLifetime = "5m"

	BlockstoreTypeKey   = "blockstore.type"
	LocalBlockstoreType = "local"

	BlockstoreLocalPathKey     = "blockstore.local.path"
	DefaultBlockstoreLocalPath = "~/lakefs/data/block"

	BlockstoreS3RegionKey     = "blockstore.s3.region"
	DefaultBlockstoreS3Region = "us-east-1"

	BlockstoreS3StreamingChunkSizeKey     = "blockstore.s3.streaming_chunk_size"
	DefaultBlockstoreS3StreamingChunkSize = 2 << 19 // 1MiB by default per chunk

	BlockstoreS3StreamingChunkTimeoutKey     = "blockstore.s3.streaming_chunk_timeout"
	DefaultBlockstoreS3StreamingChunkTimeout = time.Second * 1 // or 1 seconds, whatever comes first

	BlockstoreS3DiscoverBucketRegionKey     = "blockstore.s3.discover_bucket_region"
	DefaultBlockstoreS3DiscoverBucketRegion = true

	BlockstoreS3MaxRetriesKey     = "blockstore.s3.max_retries"
	DefaultBlockstoreS3MaxRetries = 5

	BlockstoreAzureTryTimeoutKey     = "blockstore.azure.try_timeout"
	DefaultBlockstoreAzureTryTimeout = 10 * time.Minute

	BlockstoreAzureAuthMethod        = "blockstore.azure.auth_method"
	DefaultBlockstoreAzureAuthMethod = "access-key"

	BlockstoreGSS3EndpointKey     = "blockstore.gs.s3_endpoint"
	DefaultBlockstoreGSS3Endpoint = "https://storage.googleapis.com"

	DefaultCommittedLocalCacheRangePercent          = 0.9
	DefaultCommittedLocalCacheMetaRangePercent      = 0.1
	DefaultCommittedLocalCacheBytes                 = 1 * 1024 * 1024 * 1024
	DefaultCommittedLocalCacheDir                   = "~/lakefs/data/cache"
	DefaultCommittedPebbleSSTableCacheSizeBytes     = 400_000_000
	DefaultCommittedLocalCacheNumUploaders          = 10
	DefaultCommittedBlockStoragePrefix              = "_lakefs"
	DefaultCommittedPermanentMinRangeSizeBytes      = 0
	DefaultCommittedPermanentMaxRangeSizeBytes      = 20 * 1024 * 1024
	DefaultCommittedPermanentRangeRaggednessEntries = 50_000

	DefaultAuthCacheEnabled = true
	DefaultAuthCacheSize    = 1024
	DefaultAuthCacheTTL     = 20 * time.Second
	DefaultAuthCacheJitter  = 3 * time.Second

	DefaultAuthOIDCInitialGroupsClaimName = "initial_groups"
	DefaultAuthLogoutRedirectURL          = "/auth/login"
	DefaultAuthLoginDuration              = 7 * 24 * time.Hour

	DefaultListenAddr          = "0.0.0.0:8000"
	DefaultS3GatewayDomainName = "s3.local.lakefs.io"
	DefaultS3GatewayRegion     = "us-east-1"

	DefaultActionsEnabled = true

	DefaultStatsEnabled       = true
	DefaultStatsAddr          = "https://stats.treeverse.io"
	DefaultStatsFlushInterval = time.Second * 30
	DefaultStatsFlushSize     = 100

	DefaultEmailSubscriptionEnabled = true

	DefaultEmailLimitEveryDuration = time.Minute
	DefaultEmailBurst              = 10
	DefaultLakefsEmailBaseURL      = "http://localhost:8000"

	DefaultUIEnabled = true

	ListenAddressKey = "listen_address"

	LoggingFormatKey        = "logging.format"
	LoggingLevelKey         = "logging.level"
	LoggingOutputKey        = "logging.output"
	LoggingFileMaxSizeMBKey = "logging.file_max_size_mb"
	LoggingFilesKeepKey     = "logging.files_keep"
	LoggingAuditLogLevel    = "logging.audit_log_level"

	AuthEncryptSecretKey      = "auth.encrypt.secret_key"            // #nosec
	LocalAuthEncryptSecretKey = "THIS_MUST_BE_CHANGED_IN_PRODUCTION" // #nosec

	ActionsEnabledKey = "actions.enabled"

	AuthCacheEnabledKey = "auth.cache.enabled"
	AuthCacheSizeKey    = "auth.cache.size"
	AuthCacheTTLKey     = "auth.cache.ttl"
	AuthCacheJitterKey  = "auth.cache.jitter"

	AuthOIDCInitialGroupsClaimName = "auth.oidc.initial_groups_claim_name"
	AuthLogoutRedirectURL          = "auth.logout_redirect_url"
	AuthLoginDuration              = "auth.login_duration"

	CommittedLocalCacheSizeBytesKey             = "committed.local_cache.size_bytes"
	CommittedLocalCacheDirKey                   = "committed.local_cache.dir"
	CommittedLocalCacheNumUploadersKey          = "committed.local_cache.max_uploaders_per_writer"
	CommittedLocalCacheRangeProportionKey       = "committed.local_cache.range_proportion"
	CommittedLocalCacheMetaRangeProportionKey   = "committed.local_cache.metarange_proportion"
	CommittedBlockStoragePrefixKey              = "committed.block_storage_prefix"
	CommittedPermanentStorageMinRangeSizeKey    = "committed.permanent.min_range_size_bytes"
	CommittedPermanentStorageMaxRangeSizeKey    = "committed.permanent.max_range_size_bytes"
	CommittedPermanentStorageRangeRaggednessKey = "committed.permanent.range_raggedness_entries"

	CommittedPebbleSSTableCacheSizeBytesKey = "committed.sstable.memory.cache_size_bytes"

	GatewaysS3DomainNamesKey = "gateways.s3.domain_name"
	GatewaysS3RegionKey      = "gateways.s3.region"

	StatsEnabledKey       = "stats.enabled"
	StatsAddressKey       = "stats.address"
	StatsFlushIntervalKey = "stats.flush_interval"
	StatsFlushSizeKey     = "stats.flush_size"

	EmailSubscriptionEnabledKey = "email_subscription.enabled"

	SecurityAuditCheckIntervalKey     = "security.audit_check_interval"
	DefaultSecurityAuditCheckInterval = 24 * time.Hour

	SecurityAuditCheckURLKey     = "security.audit_check_url"
	DefaultSecurityAuditCheckURL = "https://audit.lakefs.io/audit"

	EmailLimitEveryDurationKey = "email.limit_every_duration"
	EmailBurstKey              = "email.burst"
	LakefsEmailBaseURLKey      = "email.lakefs_base_url"

	UIEnabledKey = "ui.enabled"
)
View Source
const (
	DefaultLoggingFormat       = "text"
	DefaultLoggingLevel        = "INFO"
	DefaultLoggingOutput       = "-"
	DefaultLoggingFilesKeepKey = 100
	DefaultAuditLogLevel       = "DEBUG"
)
View Source
const (
	FieldMaskedValue   = "******"
	FieldMaskedNoValue = "------"
)
View Source
const UseLocalConfiguration = "local-settings"

UseLocalConfiguration set to true will add defaults that enable a lakeFS run without any other configuration like DB or blockstore.

Variables

View Source
var (
	ErrBadConfiguration    = errors.New("bad configuration")
	ErrMissingSecretKey    = fmt.Errorf("%w: auth.encrypt.secret_key cannot be empty", ErrBadConfiguration)
	ErrInvalidProportion   = fmt.Errorf("%w: total proportion isn't 1.0", ErrBadConfiguration)
	ErrBadDomainNames      = fmt.Errorf("%w: domain names are prefixes", ErrBadConfiguration)
	ErrMissingRequiredKeys = fmt.Errorf("%w: missing required keys", ErrBadConfiguration)
)
View Source
var (
	ErrMustBeString = errors.New("must be a string")
)

Functions

func DecodeOnlyString added in v0.65.0

func DecodeOnlyString(fromValue reflect.Value, toValue reflect.Value) (interface{}, error)

DecodeOnlyString is a mapstructure.HookFuncType that decodes a string value as an OnlyString, but fails on all other values. It is useful to force parsing of a field that can contain just digits as a string, when the leading digit might be 0.

func DecodeStrings added in v0.40.0

func DecodeStrings(fromValue reflect.Value, toValue reflect.Value) (interface{}, error)

DecodeStrings is a mapstructure.HookFuncType that decodes a single string value or a slice of strings into Strings.

func GetStructKeys added in v0.40.0

func GetStructKeys(typ reflect.Type, tag, squashValue string) []string

GetStructKeys returns all keys in a nested struct type, taking the name from the tag name or the field name. It handles an additional suffix squashValue like mapstructure does: if present on an embedded struct, name components for that embedded struct should not be included. It does not handle maps, does chase pointers, but does not check for loops in nesting.

func MapLoggingFields added in v0.50.0

func MapLoggingFields(value interface{}) logging.Fields

MapLoggingFields returns all logging.Fields formatted based on our configuration keys 'dot.name.key' with associated values. Supports squash, and secret to skip printing out secrets.

func ValidateMissingRequiredKeys added in v0.48.0

func ValidateMissingRequiredKeys(value interface{}, tag, squashValue string) []string

ValidateMissingRequiredKeys returns all keys of value in GetStructKeys format that have an additional required tag set but are unset.

Types

type Config

type Config struct {
	// contains filtered or unexported fields
}

func NewConfig

func NewConfig() (*Config, error)

func NewLocalConfig added in v0.82.0

func NewLocalConfig() (*Config, error)

func (*Config) GetActionsEnabled added in v0.58.0

func (c *Config) GetActionsEnabled() bool

func (*Config) GetAuditLogLevel added in v0.68.0

func (c *Config) GetAuditLogLevel() string

func (*Config) GetAuthAPIEndpoint added in v0.63.0

func (c *Config) GetAuthAPIEndpoint() string

func (*Config) GetAuthAPISupportsInvites added in v0.70.0

func (c *Config) GetAuthAPISupportsInvites() bool

func (*Config) GetAuthAPIToken added in v0.63.0

func (c *Config) GetAuthAPIToken() string

func (*Config) GetAuthCacheConfig

func (c *Config) GetAuthCacheConfig() authparams.ServiceCache

func (*Config) GetAuthEncryptionSecret

func (c *Config) GetAuthEncryptionSecret() []byte

func (*Config) GetAuthLogoutRedirectURL added in v0.69.0

func (c *Config) GetAuthLogoutRedirectURL() string

func (*Config) GetAuthOIDCConfiguration added in v0.69.0

func (c *Config) GetAuthOIDCConfiguration() OIDC

func (*Config) GetAwsConfig

func (c *Config) GetAwsConfig() *aws.Config

func (*Config) GetBlockAdapterAzureParams

func (c *Config) GetBlockAdapterAzureParams() (blockparams.Azure, error)

func (*Config) GetBlockAdapterGSParams

func (c *Config) GetBlockAdapterGSParams() (blockparams.GS, error)

func (*Config) GetBlockAdapterLocalParams

func (c *Config) GetBlockAdapterLocalParams() (blockparams.Local, error)

func (*Config) GetBlockAdapterS3Params

func (c *Config) GetBlockAdapterS3Params() (blockparams.S3, error)

func (*Config) GetBlockstoreDefaultNamespacePrefix added in v0.60.0

func (c *Config) GetBlockstoreDefaultNamespacePrefix() string

func (*Config) GetBlockstoreType

func (c *Config) GetBlockstoreType() string

func (*Config) GetCommittedBlockStoragePrefix added in v0.43.0

func (c *Config) GetCommittedBlockStoragePrefix() string

func (*Config) GetCommittedParams

func (c *Config) GetCommittedParams() *committed.Params

func (*Config) GetCommittedTierFSParams

func (c *Config) GetCommittedTierFSParams(adapter block.Adapter) (*pyramidparams.ExtParams, error)

GetCommittedTierFSParams returns parameters for building a tierFS. Caller must separately build and populate Adapter.

func (*Config) GetDatabaseType added in v0.84.0

func (c *Config) GetDatabaseType() string

func (*Config) GetEmailParams added in v0.62.0

func (c *Config) GetEmailParams() (email.Params, error)

func (*Config) GetFixedInstallationID added in v0.40.0

func (c *Config) GetFixedInstallationID() string

func (*Config) GetKVParams added in v0.69.0

func (c *Config) GetKVParams() (kvparams.KV, error)

func (*Config) GetLDAPConfiguration added in v0.53.0

func (c *Config) GetLDAPConfiguration() *LDAP

func (*Config) GetListenAddress

func (c *Config) GetListenAddress() string

func (*Config) GetLoggingTraceRequestHeaders added in v0.53.1

func (c *Config) GetLoggingTraceRequestHeaders() bool

func (*Config) GetLoginDuration added in v0.85.0

func (c *Config) GetLoginDuration() time.Duration

func (*Config) GetS3GatewayDomainNames added in v0.40.0

func (c *Config) GetS3GatewayDomainNames() []string

func (*Config) GetS3GatewayFallbackURL

func (c *Config) GetS3GatewayFallbackURL() string

func (*Config) GetS3GatewayRegion

func (c *Config) GetS3GatewayRegion() string

func (*Config) GetSecurityAuditCheckInterval added in v0.57.0

func (c *Config) GetSecurityAuditCheckInterval() time.Duration

func (*Config) GetSecurityAuditCheckURL added in v0.57.0

func (c *Config) GetSecurityAuditCheckURL() string

func (*Config) GetStatsAddress

func (c *Config) GetStatsAddress() string

func (*Config) GetStatsEnabled

func (c *Config) GetStatsEnabled() bool

func (*Config) GetStatsExtended added in v0.83.0

func (c *Config) GetStatsExtended() bool

func (*Config) GetStatsFlushInterval

func (c *Config) GetStatsFlushInterval() time.Duration

func (*Config) GetStatsFlushSize added in v0.83.3

func (c *Config) GetStatsFlushSize() int

func (*Config) GetUIEnabled added in v0.70.2

func (c *Config) GetUIEnabled() bool

func (*Config) GetUISnippets added in v0.66.0

func (c *Config) GetUISnippets() []apiparams.CodeSnippet

func (*Config) IsAuthTypeAPI added in v0.63.0

func (c *Config) IsAuthTypeAPI() bool

func (*Config) IsEmailSubscriptionEnabled added in v0.87.0

func (c *Config) IsEmailSubscriptionEnabled() bool

func (*Config) ToLoggerFields added in v0.50.0

func (c *Config) ToLoggerFields() logging.Fields

func (*Config) Validate added in v0.48.0

func (c *Config) Validate() error

type LDAP added in v0.53.0

type LDAP struct {
	ServerEndpoint    string `mapstructure:"server_endpoint"`
	BindDN            string `mapstructure:"bind_dn"`
	BindPassword      string `mapstructure:"bind_password"`
	DefaultUserGroup  string `mapstructure:"default_user_group"`
	UsernameAttribute string `mapstructure:"username_attribute"`
	UserBaseDN        string `mapstructure:"user_base_dn"`
	UserFilter        string `mapstructure:"user_filter"`
}

LDAP holds configuration for authenticating on an LDAP server.

type OIDC added in v0.69.0

type OIDC struct {
	Enabled        bool `mapstructure:"enabled"`
	IsDefaultLogin bool `mapstructure:"is_default_login"`

	// provider details:
	URL          string `mapstructure:"url"`
	ClientID     string `mapstructure:"client_id"`
	ClientSecret string `mapstructure:"client_secret"`

	// configure the OIDC authentication flow:
	CallbackBaseURL                  string            `mapstructure:"callback_base_url"`
	AuthorizeEndpointQueryParameters map[string]string `mapstructure:"authorize_endpoint_query_parameters"`

	// configure how users are handled on the lakeFS side:
	ValidateIDTokenClaims  map[string]string `mapstructure:"validate_id_token_claims"`
	DefaultInitialGroups   []string          `mapstructure:"default_initial_groups"`
	InitialGroupsClaimName string            `mapstructure:"initial_groups_claim_name"`
	FriendlyNameClaimName  string            `mapstructure:"friendly_name_claim_name"`
	AdditionalScopeClaims  []string          `mapstructure:"additional_scope_claims"`
}

type OnlyString added in v0.65.0

type OnlyString string

OnlyString is a string that can deserialize only from a string. Use it to prevent YAML configuration reading a number-like string with leading zeros, and then Viper using mapstructure to convert it silently back to a string and losing the leading zeros.

type S3AuthInfo added in v0.40.0

type S3AuthInfo struct {
	CredentialsFile string `mapstructure:"credentials_file"`
	Profile         string
	Credentials     *struct {
		AccessKeyID SecureString `mapstructure:"access_key_id"`
		// AccessSecretKey is the old name for SecretAccessKey.
		//
		// Deprecated: use SecretAccessKey instead.
		AccessSecretKey SecureString `mapstructure:"access_secret_key"`
		SecretAccessKey SecureString `mapstructure:"secret_access_key"`
		SessionToken    SecureString `mapstructure:"session_token"`
	}
}

S3AuthInfo holds S3-style authentication.

type SecureString added in v0.50.0

type SecureString string

func (SecureString) SecureValue added in v0.62.0

func (s SecureString) SecureValue() string

SecureValue returns the actual value of s as a string.

func (SecureString) String added in v0.50.0

func (SecureString) String() string

String returns an elided version. It is safe to call for logging.

type Strings added in v0.40.0

type Strings []string

Strings is a []string that mapstructure can deserialize from a single string or from a list of strings.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL