zrok/controller/config/config.go

package config

import (
	"time"

	"github.com/openziti/zrok/controller/emailUi"
	"github.com/openziti/zrok/controller/env"
	"github.com/openziti/zrok/controller/limits"
	"github.com/openziti/zrok/controller/metrics"
	"github.com/openziti/zrok/controller/zrokEdgeSdk"

	"github.com/michaelquigley/cf"
	"github.com/openziti/zrok/controller/store"
	"github.com/pkg/errors"
)

const ConfigVersion = 3

type Config struct {
	V             int
	Admin         *AdminConfig
	Bridge        *metrics.BridgeConfig
	Endpoint      *EndpointConfig
	Email         *emailUi.Config
	Invites       *InvitesConfig
	Limits        *limits.Config
	Maintenance   *MaintenanceConfig
	Metrics       *metrics.Config
	Passwords     *PasswordsConfig
	Registration  *RegistrationConfig
	ResetPassword *ResetPasswordConfig
	Store         *store.Config
	Ziti          *zrokEdgeSdk.Config
	Tls           *TlsConfig
}

type AdminConfig struct {
	Secrets         []string `cf:"+secret"`
	TouLink         string
	ProfileEndpoint string
}

type EndpointConfig struct {
	Host string
	Port int
}

type InvitesConfig struct {
	InvitesOpen   bool
	TokenStrategy string
	TokenContact  string
}

type MaintenanceConfig struct {
	ResetPassword *ResetPasswordMaintenanceConfig
	Registration  *RegistrationMaintenanceConfig
}

type PasswordsConfig struct {
	Length                 int
	RequireCapital         bool
	RequireNumeric         bool
	RequireSpecial         bool
	ValidSpecialCharacters string
}

type RegistrationConfig struct {
	RegistrationUrlTemplate string
}

type ResetPasswordConfig struct {
	ResetUrlTemplate string
}

type RegistrationMaintenanceConfig struct {
	ExpirationTimeout time.Duration
	CheckFrequency    time.Duration
	BatchLimit        int
}

type ResetPasswordMaintenanceConfig struct {
	ExpirationTimeout time.Duration
	CheckFrequency    time.Duration
	BatchLimit        int
}

type TlsConfig struct {
	CertPath string
	KeyPath  string
}

func DefaultConfig() *Config {
	return &Config{
		Limits: limits.DefaultConfig(),
		Maintenance: &MaintenanceConfig{
			ResetPassword: &ResetPasswordMaintenanceConfig{
				ExpirationTimeout: time.Minute * 15,
				CheckFrequency:    time.Minute * 15,
				BatchLimit:        500,
			},
			Registration: &RegistrationMaintenanceConfig{
				ExpirationTimeout: time.Hour * 24,
				CheckFrequency:    time.Hour,
				BatchLimit:        500,
			},
		},
		Passwords: &PasswordsConfig{
			Length:                 8,
			RequireCapital:         true,
			RequireNumeric:         true,
			RequireSpecial:         true,
			ValidSpecialCharacters: `!@$&*_-., "#%'()+/:;<=>?[\]^{|}~`,
		},
	}
}

func LoadConfig(path string) (*Config, error) {
	cfg := DefaultConfig()
	if err := cf.BindYaml(cfg, path, env.GetCfOptions()); err != nil {
		return nil, errors.Wrapf(err, "error loading controller config '%v'", path)
	}
	if cfg.V != ConfigVersion {
		return nil, errors.Errorf("expecting configuration version '%v', your configuration is version '%v'; please see zrok.io for changelog and configuration documentation", ConfigVersion, cfg.V)
	}
	return cfg, nil
}
consolidated configuration; 'zrok metrics' and 'zrok ctrl' share config (#269) 2023-03-13 19:19:38 +01:00			`package config`
cmd scaffolding for controller; lint removal 2022-07-21 22:43:42 +02:00
cf-based config (#23) 2022-08-09 17:34:00 +02:00			`import (`
Enhanced password requirements and relevant ui changes 2023-05-11 20:35:49 +02:00			`"time"`

roughed in limit warning email actions (#276) 2023-03-27 21:29:25 +02:00			`"github.com/openziti/zrok/controller/emailUi"`
consolidated configuration; 'zrok metrics' and 'zrok ctrl' share config (#269) 2023-03-13 19:19:38 +01:00			`"github.com/openziti/zrok/controller/env"`
roughed in limits model that incorporates bandwidth limit specs (#235) 2023-03-10 20:25:29 +01:00			`"github.com/openziti/zrok/controller/limits"`
metrics2 -> metrics (#270) 2023-03-15 21:14:06 +01:00			`"github.com/openziti/zrok/controller/metrics"`
ziti edge client in sdk package (#128) 2023-03-07 20:31:39 +01:00			`"github.com/openziti/zrok/controller/zrokEdgeSdk"`
initial pass for forgot password 2023-01-18 20:05:10 +01:00
cf-based config (#23) 2022-08-09 17:34:00 +02:00			`"github.com/michaelquigley/cf"`
openziti-rest-kitchen -> openziti (#158) 2023-01-13 21:01:34 +01:00			`"github.com/openziti/zrok/controller/store"`
cf-based config (#23) 2022-08-09 17:34:00 +02:00			`"github.com/pkg/errors"`
			`)`
controller store skeleton; sqlx; sqlite3; migrations 2022-07-22 19:53:39 +02:00
update config version from 2 to 3 and update reference configuration (#288) 2023-04-05 17:45:40 +02:00			`const ConfigVersion = 3`
configuration versioning (#118) 2022-12-01 19:40:57 +01:00
cmd scaffolding for controller; lint removal 2022-07-21 22:43:42 +02:00			`type Config struct {`
password subsystem tweaks (#167) 2023-05-23 19:51:33 +02:00			`V int`
			`Admin *AdminConfig`
			`Bridge *metrics.BridgeConfig`
			`Endpoint *EndpointConfig`
			`Email *emailUi.Config`
tweaks to invites configuration and processing (#229) 2023-05-23 20:21:37 +02:00			`Invites *InvitesConfig`
password subsystem tweaks (#167) 2023-05-23 19:51:33 +02:00			`Limits *limits.Config`
			`Maintenance *MaintenanceConfig`
			`Metrics *metrics.Config`
			`Passwords *PasswordsConfig`
			`Registration *RegistrationConfig`
			`ResetPassword *ResetPasswordConfig`
			`Store *store.Config`
			`Ziti *zrokEdgeSdk.Config`
Tls supprt (#540) * added tls support to controller and access proxies * few pr comments 2024-01-17 22:37:46 +01:00			`Tls *TlsConfig`
initial pass for forgot password 2023-01-18 20:05:10 +01:00			`}`

add admin support to rest_model_zrok.Principal; authenticator (#116) 2022-12-01 20:48:23 +01:00			`type AdminConfig struct {`
support for pprof endpoint 2023-06-16 17:52:42 +02:00			Secrets []string `cf:"+secret"`
			`TouLink string`
			`ProfileEndpoint string`
add admin support to rest_model_zrok.Principal; authenticator (#116) 2022-12-01 20:48:23 +01:00			`}`

elaborating controller config (#23) 2022-08-09 17:18:24 +02:00			`type EndpointConfig struct {`
			`Host string`
			`Port int`
			`}`

tweaks to invites configuration and processing (#229) 2023-05-23 20:21:37 +02:00			`type InvitesConfig struct {`
			`InvitesOpen bool`
			`TokenStrategy string`
			`TokenContact string`
			`}`

password subsystem tweaks (#167) 2023-05-23 19:51:33 +02:00			`type MaintenanceConfig struct {`
			`ResetPassword *ResetPasswordMaintenanceConfig`
			`Registration *RegistrationMaintenanceConfig`
more registration config (#50, #51) 2022-09-09 19:23:30 +02:00			`}`

password subsystem tweaks (#167) 2023-05-23 19:51:33 +02:00			`type PasswordsConfig struct {`
Enhanced password requirements and relevant ui changes 2023-05-11 20:35:49 +02:00			`Length int`
			`RequireCapital bool`
			`RequireNumeric bool`
			`RequireSpecial bool`
			`ValidSpecialCharacters string`
			`}`

password subsystem tweaks (#167) 2023-05-23 19:51:33 +02:00			`type RegistrationConfig struct {`
			`RegistrationUrlTemplate string`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`}`

password subsystem tweaks (#167) 2023-05-23 19:51:33 +02:00			`type ResetPasswordConfig struct {`
			`ResetUrlTemplate string`
added go routine to cleaup expired access requests 2023-01-12 17:04:56 +01:00			`}`

			`type RegistrationMaintenanceConfig struct {`
			`ExpirationTimeout time.Duration`
			`CheckFrequency time.Duration`
added batch limits 2023-01-12 21:09:04 +01:00			`BatchLimit int`
added go routine to cleaup expired access requests 2023-01-12 17:04:56 +01:00			`}`

forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`type ResetPasswordMaintenanceConfig struct {`
added maintenance cleanup for expired password reset requests 2023-01-20 17:00:46 +01:00			`ExpirationTimeout time.Duration`
			`CheckFrequency time.Duration`
			`BatchLimit int`
			`}`

Tls supprt (#540) * added tls support to controller and access proxies * few pr comments 2024-01-17 22:37:46 +01:00			`type TlsConfig struct {`
			`CertPath string`
			`KeyPath string`
			`}`

added batch limits 2023-01-12 21:09:04 +01:00			`func DefaultConfig() *Config {`
			`return &Config{`
roughed in limits model that incorporates bandwidth limit specs (#235) 2023-03-10 20:25:29 +01:00			`Limits: limits.DefaultConfig(),`
added batch limits 2023-01-12 21:09:04 +01:00			`Maintenance: &MaintenanceConfig{`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`ResetPassword: &ResetPasswordMaintenanceConfig{`
added maintenance cleanup for expired password reset requests 2023-01-20 17:00:46 +01:00			`ExpirationTimeout: time.Minute * 15,`
			`CheckFrequency: time.Minute * 15,`
			`BatchLimit: 500,`
			`},`
added batch limits 2023-01-12 21:09:04 +01:00			`Registration: &RegistrationMaintenanceConfig{`
account expiration tweaks (#135) 2023-01-12 22:00:09 +01:00			`ExpirationTimeout: time.Hour * 24,`
added batch limits 2023-01-12 21:09:04 +01:00			`CheckFrequency: time.Hour,`
			`BatchLimit: 500,`
			`},`
			`},`
password subsystem tweaks (#167) 2023-05-23 19:51:33 +02:00			`Passwords: &PasswordsConfig{`
			`Length: 8,`
			`RequireCapital: true,`
			`RequireNumeric: true,`
			`RequireSpecial: true,`
			ValidSpecialCharacters: `!@$&*_-., "#%'()+/:;<=>?[\]^{\|}~`,
			`},`
added batch limits 2023-01-12 21:09:04 +01:00			`}`
			`}`
controller config defaults 2023-01-12 21:12:48 +01:00
			`func LoadConfig(path string) (*Config, error) {`
			`cfg := DefaultConfig()`
consolidated configuration; 'zrok metrics' and 'zrok ctrl' share config (#269) 2023-03-13 19:19:38 +01:00			`if err := cf.BindYaml(cfg, path, env.GetCfOptions()); err != nil {`
cf-based config (#23) 2022-08-09 17:34:00 +02:00			`return nil, errors.Wrapf(err, "error loading controller config '%v'", path)`
			`}`
configuration versioning (#118) 2022-12-01 19:40:57 +01:00			`if cfg.V != ConfigVersion {`
			`return nil, errors.Errorf("expecting configuration version '%v', your configuration is version '%v'; please see zrok.io for changelog and configuration documentation", ConfigVersion, cfg.V)`
			`}`
cf-based config (#23) 2022-08-09 17:34:00 +02:00			`return cfg, nil`
			`}`