Dragonfly2
220 строк · 6.1 Кб
1/*
2* Copyright 2023 The Dragonfly Authors
3*
4* Licensed under the Apache License, Version 2.0 (the "License");
5* you may not use this file except in compliance with the License.
6* You may obtain a copy of the License at
7*
8* http://www.apache.org/licenses/LICENSE-2.0
9*
10* Unless required by applicable law or agreed to in writing, software
11* distributed under the License is distributed on an "AS IS" BASIS,
12* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13* See the License for the specific language governing permissions and
14* limitations under the License.
15*/
16
17package config18
19import (20"errors"21"net"22"time"23
24"d7y.io/dragonfly/v2/cmd/dependency/base"25"d7y.io/dragonfly/v2/pkg/net/ip"26"d7y.io/dragonfly/v2/pkg/rpc"27"d7y.io/dragonfly/v2/pkg/slices"28"d7y.io/dragonfly/v2/pkg/types"29)
30
31type Config struct {32// Base options.33base.Options `yaml:",inline" mapstructure:",squash"`34
35// Network configuration.36Network NetworkConfig `yaml:"network" mapstructure:"network"`37
38// Server configuration.39Server ServerConfig `yaml:"server" mapstructure:"server"`40
41// Metrics configuration.42Metrics MetricsConfig `yaml:"metrics" mapstructure:"metrics"`43
44// Security configuration.45Security SecurityConfig `yaml:"security" mapstructure:"security"`46
47// Manager configuration.48Manager ManagerConfig `yaml:"manager" mapstructure:"manager"`49}
50
51type NetworkConfig struct {52// EnableIPv6 enables ipv6 for server.53EnableIPv6 bool `yaml:"enableIPv6" mapstructure:"enableIPv6"`54}
55
56type ServerConfig struct {57// AdvertiseIP is advertise ip.58AdvertiseIP net.IP `yaml:"advertiseIP" mapstructure:"advertiseIP"`59
60// AdvertisePort is advertise port.61AdvertisePort int `yaml:"advertisePort" mapstructure:"advertisePort"`62
63// ListenIP is listen ip, like: 0.0.0.0, 192.168.0.1.64ListenIP net.IP `yaml:"listenIP" mapstructure:"listenIP"`65
66// Server port.67Port int `yaml:"port" mapstructure:"port"`68
69// Server log directory.70LogDir string `yaml:"logDir" mapstructure:"logDir"`71
72// Server storage data directory.73DataDir string `yaml:"dataDir" mapstructure:"dataDir"`74}
75
76type MetricsConfig struct {77// Enable metrics service.78Enable bool `yaml:"enable" mapstructure:"enable"`79
80// Metrics service address.81Addr string `yaml:"addr" mapstructure:"addr"`82}
83
84type SecurityConfig struct {85// AutoIssueCert indicates to issue client certificates for all grpc call86// if AutoIssueCert is false, any other option in Security will be ignored.87AutoIssueCert bool `mapstructure:"autoIssueCert" yaml:"autoIssueCert"`88
89// CACert is the root CA certificate for all grpc tls handshake, it can be path or PEM format string.90CACert types.PEMContent `mapstructure:"caCert" yaml:"caCert"`91
92// TLSVerify indicates to verify client certificates.93TLSVerify bool `mapstructure:"tlsVerify" yaml:"tlsVerify"`94
95// TLSPolicy controls the grpc shandshake behaviors:96// force: both ClientHandshake and ServerHandshake are only support tls.97// prefer: ServerHandshake supports tls and insecure (non-tls), ClientHandshake will only support tls.98// default: ServerHandshake supports tls and insecure (non-tls), ClientHandshake will only support insecure (non-tls).99TLSPolicy string `mapstructure:"tlsPolicy" yaml:"tlsPolicy"`100
101// CertSpec is the desired state of certificate.102CertSpec CertSpec `mapstructure:"certSpec" yaml:"certSpec"`103}
104
105type CertSpec struct {106// DNSNames is a list of dns names be set on the certificate.107DNSNames []string `mapstructure:"dnsNames" yaml:"dnsNames"`108
109// IPAddresses is a list of ip addresses be set on the certificate.110IPAddresses []net.IP `mapstructure:"ipAddresses" yaml:"ipAddresses"`111
112// ValidityPeriod is the validity period of certificate.113ValidityPeriod time.Duration `mapstructure:"validityPeriod" yaml:"validityPeriod"`114}
115
116type ManagerConfig struct {117// Addr is manager address.118Addr string `yaml:"addr" mapstructure:"addr"`119}
120
121// New default configuration.
122func New() *Config {123return &Config{124Network: NetworkConfig{125EnableIPv6: DefaultNetworkEnableIPv6,126},127Server: ServerConfig{128AdvertisePort: DefaultServerAdvertisePort,129Port: DefaultServerPort,130},131Metrics: MetricsConfig{132Enable: false,133Addr: DefaultMetricsAddr,134},135Security: SecurityConfig{136AutoIssueCert: false,137TLSVerify: true,138TLSPolicy: rpc.PreferTLSPolicy,139CertSpec: CertSpec{140DNSNames: DefaultCertDNSNames,141IPAddresses: DefaultCertIPAddresses,142ValidityPeriod: DefaultCertValidityPeriod,143},144},145Manager: ManagerConfig{},146}147}
148
149// Validate config parameters.
150func (cfg *Config) Validate() error {151if cfg.Server.AdvertiseIP == nil {152return errors.New("server requires parameter advertiseIP")153}154
155if cfg.Server.AdvertisePort <= 0 {156return errors.New("server requires parameter advertisePort")157}158
159if cfg.Server.ListenIP == nil {160return errors.New("server requires parameter listenIP")161}162
163if cfg.Server.Port <= 0 {164return errors.New("server requires parameter port")165}166
167if cfg.Metrics.Enable {168if cfg.Metrics.Addr == "" {169return errors.New("metrics requires parameter addr")170}171}172
173if cfg.Security.AutoIssueCert {174if cfg.Security.CACert == "" {175return errors.New("security requires parameter caCert")176}177
178if !slices.Contains([]string{rpc.DefaultTLSPolicy, rpc.ForceTLSPolicy, rpc.PreferTLSPolicy}, cfg.Security.TLSPolicy) {179return errors.New("security requires parameter tlsPolicy")180}181
182if len(cfg.Security.CertSpec.IPAddresses) == 0 {183return errors.New("certSpec requires parameter ipAddresses")184}185
186if len(cfg.Security.CertSpec.DNSNames) == 0 {187return errors.New("certSpec requires parameter dnsNames")188}189
190if cfg.Security.CertSpec.ValidityPeriod <= 0 {191return errors.New("certSpec requires parameter validityPeriod")192}193}194
195if cfg.Manager.Addr == "" {196return errors.New("manager requires parameter addr")197}198
199return nil200}
201
202func (cfg *Config) Convert() error {203if cfg.Server.AdvertiseIP == nil {204if cfg.Network.EnableIPv6 {205cfg.Server.AdvertiseIP = ip.IPv6206} else {207cfg.Server.AdvertiseIP = ip.IPv4208}209}210
211if cfg.Server.ListenIP == nil {212if cfg.Network.EnableIPv6 {213cfg.Server.ListenIP = net.IPv6zero214} else {215cfg.Server.ListenIP = net.IPv4zero216}217}218
219return nil220}
221