/
envoy.istio
/
Dragonfly2
GigaCode
beta
ОбзорЦентр заботыВойти

Dragonfly2

Форк
0
Ветки: 3Коммиты: 2076Теги: 224
Dragonfly2
/trainer
/config
/
config.go 
220 строк · 6.1 Кб
1
/*
2
 *     Copyright 2023 The Dragonfly Authors
3
 *
4
 * Licensed under the Apache License, Version 2.0 (the "License");
5
 * you may not use this file except in compliance with the License.
6
 * You may obtain a copy of the License at
7
 *
8
 *      http://www.apache.org/licenses/LICENSE-2.0
9
 *
10
 * Unless required by applicable law or agreed to in writing, software
11
 * distributed under the License is distributed on an "AS IS" BASIS,
12
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
 * See the License for the specific language governing permissions and
14
 * limitations under the License.
15
 */
16


17
package config
18


19
import (
20
	"errors"
21
	"net"
22
	"time"
23


24
	"d7y.io/dragonfly/v2/cmd/dependency/base"
25
	"d7y.io/dragonfly/v2/pkg/net/ip"
26
	"d7y.io/dragonfly/v2/pkg/rpc"
27
	"d7y.io/dragonfly/v2/pkg/slices"
28
	"d7y.io/dragonfly/v2/pkg/types"
29
)
30


31
type Config struct {
32
	// Base options.
33
	base.Options `yaml:",inline" mapstructure:",squash"`
34


35
	// Network configuration.
36
	Network NetworkConfig `yaml:"network" mapstructure:"network"`
37


38
	// Server configuration.
39
	Server ServerConfig `yaml:"server" mapstructure:"server"`
40


41
	// Metrics configuration.
42
	Metrics MetricsConfig `yaml:"metrics" mapstructure:"metrics"`
43


44
	// Security configuration.
45
	Security SecurityConfig `yaml:"security" mapstructure:"security"`
46


47
	// Manager configuration.
48
	Manager ManagerConfig `yaml:"manager" mapstructure:"manager"`
49
}
50


51
type NetworkConfig struct {
52
	// EnableIPv6 enables ipv6 for server.
53
	EnableIPv6 bool `yaml:"enableIPv6" mapstructure:"enableIPv6"`
54
}
55


56
type ServerConfig struct {
57
	// AdvertiseIP is advertise ip.
58
	AdvertiseIP net.IP `yaml:"advertiseIP" mapstructure:"advertiseIP"`
59


60
	// AdvertisePort is advertise port.
61
	AdvertisePort int `yaml:"advertisePort" mapstructure:"advertisePort"`
62


63
	// ListenIP is listen ip, like: 0.0.0.0, 192.168.0.1.
64
	ListenIP net.IP `yaml:"listenIP" mapstructure:"listenIP"`
65


66
	// Server port.
67
	Port int `yaml:"port" mapstructure:"port"`
68


69
	// Server log directory.
70
	LogDir string `yaml:"logDir" mapstructure:"logDir"`
71


72
	// Server storage data directory.
73
	DataDir string `yaml:"dataDir" mapstructure:"dataDir"`
74
}
75


76
type MetricsConfig struct {
77
	// Enable metrics service.
78
	Enable bool `yaml:"enable" mapstructure:"enable"`
79


80
	// Metrics service address.
81
	Addr string `yaml:"addr" mapstructure:"addr"`
82
}
83


84
type SecurityConfig struct {
85
	// AutoIssueCert indicates to issue client certificates for all grpc call
86
	// if AutoIssueCert is false, any other option in Security will be ignored.
87
	AutoIssueCert bool `mapstructure:"autoIssueCert" yaml:"autoIssueCert"`
88


89
	// CACert is the root CA certificate for all grpc tls handshake, it can be path or PEM format string.
90
	CACert types.PEMContent `mapstructure:"caCert" yaml:"caCert"`
91


92
	// TLSVerify indicates to verify client certificates.
93
	TLSVerify bool `mapstructure:"tlsVerify" yaml:"tlsVerify"`
94


95
	// TLSPolicy controls the grpc shandshake behaviors:
96
	// force: both ClientHandshake and ServerHandshake are only support tls.
97
	// prefer: ServerHandshake supports tls and insecure (non-tls), ClientHandshake will only support tls.
98
	// default: ServerHandshake supports tls and insecure (non-tls), ClientHandshake will only support insecure (non-tls).
99
	TLSPolicy string `mapstructure:"tlsPolicy" yaml:"tlsPolicy"`
100


101
	// CertSpec is the desired state of certificate.
102
	CertSpec CertSpec `mapstructure:"certSpec" yaml:"certSpec"`
103
}
104


105
type CertSpec struct {
106
	// DNSNames is a list of dns names be set on the certificate.
107
	DNSNames []string `mapstructure:"dnsNames" yaml:"dnsNames"`
108


109
	// IPAddresses is a list of ip addresses be set on the certificate.
110
	IPAddresses []net.IP `mapstructure:"ipAddresses" yaml:"ipAddresses"`
111


112
	// ValidityPeriod is the validity period of certificate.
113
	ValidityPeriod time.Duration `mapstructure:"validityPeriod" yaml:"validityPeriod"`
114
}
115


116
type ManagerConfig struct {
117
	// Addr is manager address.
118
	Addr string `yaml:"addr" mapstructure:"addr"`
119
}
120


121
// New default configuration.
122
func New() *Config {
123
	return &Config{
124
		Network: NetworkConfig{
125
			EnableIPv6: DefaultNetworkEnableIPv6,
126
		},
127
		Server: ServerConfig{
128
			AdvertisePort: DefaultServerAdvertisePort,
129
			Port:          DefaultServerPort,
130
		},
131
		Metrics: MetricsConfig{
132
			Enable: false,
133
			Addr:   DefaultMetricsAddr,
134
		},
135
		Security: SecurityConfig{
136
			AutoIssueCert: false,
137
			TLSVerify:     true,
138
			TLSPolicy:     rpc.PreferTLSPolicy,
139
			CertSpec: CertSpec{
140
				DNSNames:       DefaultCertDNSNames,
141
				IPAddresses:    DefaultCertIPAddresses,
142
				ValidityPeriod: DefaultCertValidityPeriod,
143
			},
144
		},
145
		Manager: ManagerConfig{},
146
	}
147
}
148


149
// Validate config parameters.
150
func (cfg *Config) Validate() error {
151
	if cfg.Server.AdvertiseIP == nil {
152
		return errors.New("server requires parameter advertiseIP")
153
	}
154


155
	if cfg.Server.AdvertisePort <= 0 {
156
		return errors.New("server requires parameter advertisePort")
157
	}
158


159
	if cfg.Server.ListenIP == nil {
160
		return errors.New("server requires parameter listenIP")
161
	}
162


163
	if cfg.Server.Port <= 0 {
164
		return errors.New("server requires parameter port")
165
	}
166


167
	if cfg.Metrics.Enable {
168
		if cfg.Metrics.Addr == "" {
169
			return errors.New("metrics requires parameter addr")
170
		}
171
	}
172


173
	if cfg.Security.AutoIssueCert {
174
		if cfg.Security.CACert == "" {
175
			return errors.New("security requires parameter caCert")
176
		}
177


178
		if !slices.Contains([]string{rpc.DefaultTLSPolicy, rpc.ForceTLSPolicy, rpc.PreferTLSPolicy}, cfg.Security.TLSPolicy) {
179
			return errors.New("security requires parameter tlsPolicy")
180
		}
181


182
		if len(cfg.Security.CertSpec.IPAddresses) == 0 {
183
			return errors.New("certSpec requires parameter ipAddresses")
184
		}
185


186
		if len(cfg.Security.CertSpec.DNSNames) == 0 {
187
			return errors.New("certSpec requires parameter dnsNames")
188
		}
189


190
		if cfg.Security.CertSpec.ValidityPeriod <= 0 {
191
			return errors.New("certSpec requires parameter validityPeriod")
192
		}
193
	}
194


195
	if cfg.Manager.Addr == "" {
196
		return errors.New("manager requires parameter addr")
197
	}
198


199
	return nil
200
}
201


202
func (cfg *Config) Convert() error {
203
	if cfg.Server.AdvertiseIP == nil {
204
		if cfg.Network.EnableIPv6 {
205
			cfg.Server.AdvertiseIP = ip.IPv6
206
		} else {
207
			cfg.Server.AdvertiseIP = ip.IPv4
208
		}
209
	}
210


211
	if cfg.Server.ListenIP == nil {
212
		if cfg.Network.EnableIPv6 {
213
			cfg.Server.ListenIP = net.IPv6zero
214
		} else {
215
			cfg.Server.ListenIP = net.IPv4zero
216
		}
217
	}
218


219
	return nil
220
}
221

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.