Documentation ¶
Index ¶
- Variables
- type Access
- type Config
- type FilePermission
- func (instance FilePermission) AsFileMode() os.FileMode
- func (instance FilePermission) MarshalJSON() ([]byte, error)
- func (instance FilePermission) MarshalYAML() (interface{}, error)
- func (instance *FilePermission) Set(value string) error
- func (instance FilePermission) String() string
- func (instance FilePermission) ThisOrDefault() FilePermission
- func (instance *FilePermission) UnmarshalJSON(b []byte) error
- func (instance *FilePermission) UnmarshalYAML(unmarshal func(interface{}) error) error
- func (instance FilePermission) Validate() error
- type Permission
- func (instance Permission) CheckedString() (string, error)
- func (instance Permission) MarshalJSON() ([]byte, error)
- func (instance Permission) MarshalYAML() (interface{}, error)
- func (instance *Permission) Set(value string) error
- func (instance Permission) String() string
- func (instance *Permission) UnmarshalJSON(b []byte) error
- func (instance *Permission) UnmarshalYAML(unmarshal func(interface{}) error) error
- func (instance Permission) Validate() error
- type Type
- func (instance Type) CheckedString() (string, error)
- func (instance Type) IsGenerating() bool
- func (instance Type) IsTakingFileGroup() bool
- func (instance Type) IsTakingFilePermission() bool
- func (instance Type) IsTakingFileUser() bool
- func (instance Type) IsTakingFilename() bool
- func (instance Type) MarshalJSON() ([]byte, error)
- func (instance Type) MarshalYAML() (interface{}, error)
- func (instance *Type) Set(value string) error
- func (instance Type) String() string
- func (instance *Type) UnmarshalJSON(b []byte) error
- func (instance *Type) UnmarshalYAML(unmarshal func(interface{}) error) error
- func (instance Type) Validate() error
Constants ¶
This section is empty.
Variables ¶
var AllPermissions = []Permission{ Forbidden, ReadOnly, ReadWrite, }
AllPermissions contains all possible variants of Permission.
var AllTypes = []Type{ None, Trusted, GenerateToEnvironment, GenerateToFile, }
AllTypes contains all possible variants of Type.
Functions ¶
This section is empty.
Types ¶
type Access ¶
type Access struct {
// contains filtered or unexported fields
}
Access represents an initiated access management for a service node of caretakerd.
func (Access) Cleanup ¶
func (instance Access) Cleanup()
Cleanup cleans up tasks when the given object is not longer required. This could delete action of temporary files ...
func (Access) HasReadPermission ¶
HasReadPermission queries whether the service/node that this access instance belongs to can execute read actions in caretakerd.
func (Access) HasWritePermission ¶
HasWritePermission queries whether the service/node that this access instance belongs to can execute write actions in caretakerd.
func (*Access) IsCertValid ¶
func (instance *Access) IsCertValid(cert *x509.Certificate) bool
IsCertValid queries whether the given Certificate is valid in combination with this access instance.
type Config ¶
type Config struct { // @default "generateToFile" (for control/caretakerctl) "none" (for services) // // Defines how this access will be ensured. // // For details see possible values {@ref github.com/echocat/caretakerd/access.Type}. Type Type `json:"type" yaml:"type"` // @default "readWrite" (for control/caretakerctl) "forbidden" (for services) // // Defines what the control/service can do with caretakerd. // // For details see possible values {@ref github.com/echocat/caretakerd/access.Permission}. Permission Permission `json:"permission" yaml:"permission"` // @default "" // // If the property {@ref #Type type} = {@ref github.com/echocat/caretakerd/access.Type#Trusted trusted}, // the certificates specified in this file are used to trust remote connections. Not matching remote connections will be // rejected. // // If the property {@ref #Type type} = {@ref github.com/echocat/caretakerd/access.Type#GenerateToFile generateToFile}, // caretakerd generates this file that must be used by remote connections. // // > **Important:** If the property {@ref #Type type} = {@ref github.com/echocat/caretakerd/access.Type#GenerateToFile generateToFile}, // > this property is required. PemFile values.String `json:"pemFile,omitempty" yaml:"pemFile"` // @default 0600 // // Permission in filesystem of the generated {@ref #PemFile pem file}. PemFilePermission FilePermission `json:"pemFilePermission,omitempty" yaml:"pemFilePermission"` // @default "" // // If set, this user owns the generated {@ref #PemFile pem file}. // Otherwise it is owned by the user caretakerd is running with. PemFileUser values.String `json:"pemFileUser,omitempty" yaml:"pemFileUser"` }
Config to access caretakerd.
func NewGenerateToEnvironmentConfig ¶
func NewGenerateToEnvironmentConfig(permission Permission) Config
NewGenerateToEnvironmentConfig creates a new Config with the given permission and will force a creation of certificates to environment variables.
func NewGenerateToFileConfig ¶
func NewGenerateToFileConfig(permission Permission, pemFile values.String) Config
NewGenerateToFileConfig creates a new Config with the given permission and will force a creation of certificates to the given pemFile.
func NewNoneConfig ¶
func NewNoneConfig() Config
NewNoneConfig creates a new Config that denies access to anything.
func NewTrustedConfig ¶
func NewTrustedConfig(permission Permission) Config
NewTrustedConfig creates a new Config with the given Permission based on Trusted rules.
type FilePermission ¶
FilePermission represents a operating system file permission. @inline
func DefaultFilePermission ¶
func DefaultFilePermission() FilePermission
DefaultFilePermission returns the default FilePermission instance.
func (FilePermission) AsFileMode ¶
func (instance FilePermission) AsFileMode() os.FileMode
AsFileMode returns this instance as os.FileMode instance.
func (FilePermission) MarshalJSON ¶
func (instance FilePermission) MarshalJSON() ([]byte, error)
MarshalJSON is used until json marshalling. Do not call this method directly.
func (FilePermission) MarshalYAML ¶
func (instance FilePermission) MarshalYAML() (interface{}, error)
MarshalYAML is used until yaml marshalling. Do not call this method directly.
func (*FilePermission) Set ¶
func (instance *FilePermission) Set(value string) error
Set sets the given string to current object from a string. Returns an error object if there are problems while transforming the string.
func (FilePermission) String ¶
func (instance FilePermission) String() string
func (FilePermission) ThisOrDefault ¶
func (instance FilePermission) ThisOrDefault() FilePermission
ThisOrDefault returns this instance if not empty. Otherwise the default FilePermission will be returned.
func (*FilePermission) UnmarshalJSON ¶
func (instance *FilePermission) UnmarshalJSON(b []byte) error
UnmarshalJSON is used until json unmarshalling. Do not call this method directly.
func (*FilePermission) UnmarshalYAML ¶
func (instance *FilePermission) UnmarshalYAML(unmarshal func(interface{}) error) error
UnmarshalYAML is used until yaml unmarshalling. Do not call this method directly.
func (FilePermission) Validate ¶
func (instance FilePermission) Validate() error
Validate validates action on this object and returns an error object if errors occur.
type Permission ¶
type Permission int
Permission represents the service's/node's permissions in caretakerd.
const ( // @id forbidden // // The remote control/service does not have any permissions in caretakerd. Forbidden Permission = 0 // @id readOnly // // The remote control/service does only have read permissions in caretakerd. ReadOnly Permission = 1 // @id readWrite // // The remote control/service does have read and write permissions in caretakerd. ReadWrite Permission = 2 )
func (Permission) CheckedString ¶
func (instance Permission) CheckedString() (string, error)
CheckedString - Same as String but also returns an optional error message if errors occur. validation errors.
func (Permission) MarshalJSON ¶
func (instance Permission) MarshalJSON() ([]byte, error)
MarshalJSON is used until json marshalling. Do not call directly.
func (Permission) MarshalYAML ¶
func (instance Permission) MarshalYAML() (interface{}, error)
MarshalYAML is used until yaml marshalling. Do not call directly.
func (*Permission) Set ¶
func (instance *Permission) Set(value string) error
Set the given string to current object from a string. Return an error object if there are some problems while transforming the string.
func (Permission) String ¶
func (instance Permission) String() string
func (*Permission) UnmarshalJSON ¶
func (instance *Permission) UnmarshalJSON(b []byte) error
UnmarshalJSON is used until json unmarshalling. Do not call directly.
func (*Permission) UnmarshalYAML ¶
func (instance *Permission) UnmarshalYAML(unmarshal func(interface{}) error) error
UnmarshalYAML is used until yaml unmarshalling. Do not call directly.
func (Permission) Validate ¶
func (instance Permission) Validate() error
Validate validates actions on the given object and returns an error object if errors occur.
type Type ¶
type Type int
const ( // @id none // // No ID given None Type = 0 // @id trusted // // caretakerd trusts the remote connection based on the remote name and the configured {@ref github.com/echocat/caretakerd/keyStore.Config#CaFile}. // or if the {@ref github.com/echocat/caretakerd/access.Config#PemFile} is specified to expect exactly this identity. Trusted Type = 1 // @id generateToEnvironment // // Generates a new certificate to the environment variable “CTD_PEM“ and trusts it. GenerateToEnvironment Type = 2 // @id generateToFile // // Generates a new certificate to the configured {@ref github.com/echocat/caretakerd/access.Config#PemFile} and trusts it. GenerateToFile Type = 3 )
func (Type) CheckedString ¶
CheckedString is like String but also returns an optional error if there are validation errors.
func (Type) IsGenerating ¶
IsGenerating returns true if this Type indicates that it will create a key.
func (Type) IsTakingFileGroup ¶ added in v0.1.6
IsTakingFileGroup returns true if this Type indicates that it accepts a file group.
func (Type) IsTakingFilePermission ¶
IsTakingFilePermission returns true if this Type indicates that it accepts a file permission.
func (Type) IsTakingFileUser ¶
IsTakingFileUser returns true if this Type indicates that it accepts a file user.
func (Type) IsTakingFilename ¶
IsTakingFilename returns true if this Type indicates that it accepts a file name.
func (Type) MarshalJSON ¶
MarshalJSON is used until json marshalling. Do not call this method directly.
func (Type) MarshalYAML ¶
MarshalYAML is used until yaml marshalling. Do not call this method directly.
func (*Type) Set ¶
Set sets the given string to the current object from a string. Returns an error object if there are problems while transforming the string.
func (*Type) UnmarshalJSON ¶
UnmarshalJSON is used until json unmarshalling. Do not call this method directly.
func (*Type) UnmarshalYAML ¶
UnmarshalYAML is used until yaml unmarshalling. Do not call this method directly.