config

package

v0.1.13 Latest Latest Go to latest Published: Mar 5, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/fleetspeak

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

Package config defines structures and definitions relating to the client's configuration.

Index ¶

type Configuration
type FilesystemPersistenceHandler
- func NewFilesystemPersistenceHandler(configurationPath, stateFile string) (*FilesystemPersistenceHandler, error)
type NoopPersistenceHandler
- func NewNoopPersistenceHandler() *NoopPersistenceHandler
type PersistenceHandler

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Configuration ¶

type Configuration struct {
	// TrustedCerts is the root certificate pool used when verifying servers. All
	// servers will need to present a certificate chained back to this pool.
	//
	// Hardcoding recommended.
	TrustedCerts *x509.CertPool

	// Servers lists the hosts that the client should attempt to connect to,
	// should be of the form <hostname>:<port>.
	//
	// Hardcoding recommended.
	Servers []string

	// ClientLabels should all be of the form "client:<label>" and will be
	// presented to the server as an initial set of labels for this client.
	ClientLabels []*fspb.Label

	// PersistenceHandler defines the configuration storage strategy to be used.
	// Typically it's files on Unix and registry keys on Windows.
	PersistenceHandler PersistenceHandler

	// FixedServices are installed and started during client startup without
	// checking the deployment key.
	FixedServices []*fspb.ClientServiceConfig

	// CommunicatorConfig sets default communication parameters, and is meant to
	// be hardcoded in order to set them for a particular deployment. This can be
	// overridden on individual machines by providing a communicator.txt in the
	// configuration directory.
	CommunicatorConfig *clpb.CommunicatorConfig

	// RevokedCertSerials is a list of certificate serial numbers which have been
	// revoked. Revoked serial numbers can also be provided by the server and will
	// stored to the writeback location, if NoopPersistenceHandler is not used.
	// Intended for testing and specialized applications - should be hardcoded nil
	// in normal deployments.
	RevokedCertSerials [][]byte

	// If non-nil, proxy used for connecting to the server.
	// See https://golang.org/pkg/net/http/#Transport.Proxy for details.
	Proxy *url.URL

	// If set, the server will validate the client certificate from the request header.
	// This should be used if TLS is terminated at the load balancer and client certificates
	// can be passed upstream to the fleetspeak server as an http header.
	ClientCertificateHeader string
}

Configuration gathers the configuration parameters used to instantiate a Fleetspeak Client.

When building a client binary that will be marked as trusted through binary signing, hash whitelisting, or similar, it is recommended that certain of these parameters be hardcoded when calling New(). This mitigates the risk that a trusted Fleetspeak binary will be misused.

type FilesystemPersistenceHandler ¶

type FilesystemPersistenceHandler struct {
	// contains filtered or unexported fields
}

FilesystemPersistenceHandler defines the filesystem configuration storage strategy.

func NewFilesystemPersistenceHandler ¶

func NewFilesystemPersistenceHandler(configurationPath, stateFile string) (*FilesystemPersistenceHandler, error)

NewFilesystemPersistenceHandler instantiates a FilesystemPersistenceHandler.

configurationPath is the location to look for additional configuration files. Possible files include:

/communicator.txt - A text format clpb.CommunicatorConfig, used to tweak communicator behavior. /services/<service> - A binary format fspb.SignedClientServiceConfig. One file for each configured service. /textservices/<service> - A text format fspb.ClientServiceConfig

All of these files are optional, though Fleetspeak will not be particularly useful without at least one configured service.

If stateFile is nonempty, the client will attempt to write persistent state to it, in order to preserve identity across restarts.

func (*FilesystemPersistenceHandler) ReadCommunicatorConfig ¶

func (h *FilesystemPersistenceHandler) ReadCommunicatorConfig() (*clpb.CommunicatorConfig, error)

ReadCommunicatorConfig implements PersistenceHandler.

func (*FilesystemPersistenceHandler) ReadServices ¶

func (h *FilesystemPersistenceHandler) ReadServices() ([]*fspb.ClientServiceConfig, error)

ReadServices implements PersistenceHandler.

func (*FilesystemPersistenceHandler) ReadSignedServices ¶

func (h *FilesystemPersistenceHandler) ReadSignedServices() ([]*fspb.SignedClientServiceConfig, error)

ReadSignedServices implements PersistenceHandler.

func (*FilesystemPersistenceHandler) ReadState ¶

func (h *FilesystemPersistenceHandler) ReadState() (*clpb.ClientState, error)

ReadState implements PersistenceHandler.

func (*FilesystemPersistenceHandler) WriteState ¶

func (h *FilesystemPersistenceHandler) WriteState(s *clpb.ClientState) error

WriteState implements PersistenceHandler.

type NoopPersistenceHandler ¶

type NoopPersistenceHandler struct{}

NoopPersistenceHandler indicates that this client should not attempt to maintain state across restarts. If used, every execution will identify itself as a new client.

Intended for testing and specialized applications.

func NewNoopPersistenceHandler ¶

func NewNoopPersistenceHandler() *NoopPersistenceHandler

NewNoopPersistenceHandler instantiates a NoopPersistenceHandler.

func (*NoopPersistenceHandler) ReadCommunicatorConfig ¶

func (*NoopPersistenceHandler) ReadCommunicatorConfig() (*clpb.CommunicatorConfig, error)

ReadCommunicatorConfig implements PersistenceHandler.

func (*NoopPersistenceHandler) ReadServices ¶

func (*NoopPersistenceHandler) ReadServices() ([]*fspb.ClientServiceConfig, error)

ReadServices implements PersistenceHandler.

func (*NoopPersistenceHandler) ReadSignedServices ¶

func (*NoopPersistenceHandler) ReadSignedServices() ([]*fspb.SignedClientServiceConfig, error)

ReadSignedServices implements PersistenceHandler.

func (*NoopPersistenceHandler) ReadState ¶

func (*NoopPersistenceHandler) ReadState() (*clpb.ClientState, error)

ReadState implements PersistenceHandler.

func (*NoopPersistenceHandler) SaveSignedService ¶

func (*NoopPersistenceHandler) SaveSignedService(*fspb.SignedClientServiceConfig) error

SaveSignedService implements PersistenceHandler.

func (*NoopPersistenceHandler) WriteState ¶

func (*NoopPersistenceHandler) WriteState(s *clpb.ClientState) error

WriteState implements PersistenceHandler.

type PersistenceHandler ¶

type PersistenceHandler interface {
	ReadState() (*clpb.ClientState, error)
	WriteState(*clpb.ClientState) error
	ReadCommunicatorConfig() (*clpb.CommunicatorConfig, error)

	ReadSignedServices() ([]*fspb.SignedClientServiceConfig, error)
	ReadServices() ([]*fspb.ClientServiceConfig, error)
}

PersistenceHandler manages client's configuration storage.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL