minio: Index | Files | Directories

package config

import ""


Package Files

bool-flag.go certs.go certsinfo.go config.go constants.go errors-utils.go errors.go help.go legacy.go logger.go


const (
    Default = madmin.Default
    Enable  = madmin.EnableKey
    Comment = madmin.CommentKey

    // Enable values
    EnableOn  = madmin.EnableOn
    EnableOff = madmin.EnableOff

    RegionName = "name"
    AccessKey  = "access_key"
    SecretKey  = "secret_key"

Default keys

const (
    CredentialsSubSys    = "credentials"
    PolicyOPASubSys      = "policy_opa"
    IdentityOpenIDSubSys = "identity_openid"
    IdentityLDAPSubSys   = "identity_ldap"
    CacheSubSys          = "cache"
    RegionSubSys         = "region"
    EtcdSubSys           = "etcd"
    StorageClassSubSys   = "storage_class"
    APISubSys            = "api"
    CompressionSubSys    = "compression"
    KmsVaultSubSys       = "kms_vault"
    KmsKesSubSys         = "kms_kes"
    LoggerWebhookSubSys  = "logger_webhook"
    AuditWebhookSubSys   = "audit_webhook"
    HealSubSys           = "heal"
    CrawlerSubSys        = "crawler"

Top level config constants.

const (
    NotifyKafkaSubSys    = "notify_kafka"
    NotifyMQTTSubSys     = "notify_mqtt"
    NotifyMySQLSubSys    = "notify_mysql"
    NotifyNATSSubSys     = "notify_nats"
    NotifyNSQSubSys      = "notify_nsq"
    NotifyESSubSys       = "notify_elasticsearch"
    NotifyAMQPSubSys     = "notify_amqp"
    NotifyPostgresSubSys = "notify_postgres"
    NotifyRedisSubSys    = "notify_redis"
    NotifyWebhookSubSys  = "notify_webhook"

Notification config constants.

const (
    SubSystemSeparator = madmin.SubSystemSeparator
    KvSeparator        = madmin.KvSeparator
    KvSpaceSeparator   = madmin.KvSpaceSeparator
    KvComment          = madmin.KvComment
    KvNewline          = madmin.KvNewline
    KvDoubleQuote      = madmin.KvDoubleQuote
    KvSingleQuote      = madmin.KvSingleQuote

    // Env prefix used for all envs in MinIO
    EnvPrefix        = "MINIO_"
    EnvWordDelimiter = `_`

Constant separators

const (
    EnvAccessKey       = "MINIO_ACCESS_KEY"
    EnvSecretKey       = "MINIO_SECRET_KEY"
    EnvRootUser        = "MINIO_ROOT_USER"
    EnvRootPassword    = "MINIO_ROOT_PASSWORD"
    EnvAccessKeyOld    = "MINIO_ACCESS_KEY_OLD"
    EnvSecretKeyOld    = "MINIO_SECRET_KEY_OLD"
    EnvRootUserOld     = "MINIO_ROOT_USER_OLD"
    EnvRootPasswordOld = "MINIO_ROOT_PASSWORD_OLD"
    EnvBrowser         = "MINIO_BROWSER"
    EnvDomain          = "MINIO_DOMAIN"
    EnvRegionName      = "MINIO_REGION_NAME"
    EnvPublicIPs       = "MINIO_PUBLIC_IPS"
    EnvFSOSync         = "MINIO_FS_OSYNC"
    EnvArgs            = "MINIO_ARGS"

    EnvUpdate = "MINIO_UPDATE"

    EnvEndpoints = "MINIO_ENDPOINTS" // legacy
    EnvWorm      = "MINIO_WORM"      // legacy
    EnvRegion    = "MINIO_REGION"    // legacy

Top level common ENVs

const DefaultComment = "optionally add a comment to this setting"

DefaultComment used across all sub-systems.

const EnvCertPassword = "MINIO_CERT_PASSWD"

EnvCertPassword is the environment variable which contains the password used to decrypt the TLS private key. It must be set if the TLS private key is password protected.

const (
    ValueSeparator = ","

Config value separator


var (
    DefaultCredentialKVS = KVS{
            Key:   AccessKey,
            Value: auth.DefaultAccessKey,
            Key:   SecretKey,
            Value: auth.DefaultSecretKey,

    DefaultRegionKVS = KVS{
            Key:   RegionName,
            Value: "",

Default KV configs for worm and region

var (
    ErrInvalidBrowserValue = newErrFn(
        "Invalid browser value",
        "Please check the passed value",
        "Browser can only accept `on` and `off` values. To disable web browser access, set this value to `off`",

    ErrInvalidFSOSyncValue = newErrFn(
        "Invalid O_SYNC value",
        "Please check the passed value",
        "Can only accept `on` and `off` values. To enable O_SYNC for fs backend, set this value to `on`",

    ErrInvalidDomainValue = newErrFn(
        "Invalid domain value",
        "Please check the passed value",
        "Domain can only accept DNS compatible values",

    ErrInvalidErasureSetSize = newErrFn(
        "Invalid erasure set size",
        "Please check the passed value",
        "Erasure set can only accept any of [4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16] values",

    ErrInvalidWormValue = newErrFn(
        "Invalid WORM value",
        "Please check the passed value",
        "WORM can only accept `on` and `off` values. To enable WORM, set this value to `on`",

    ErrInvalidCacheDrivesValue = newErrFn(
        "Invalid cache drive value",
        "Please check the value in this ENV variable",
        "MINIO_CACHE_DRIVES: Mounted drives or directories are delimited by `,`",

    ErrInvalidCacheExcludesValue = newErrFn(
        "Invalid cache excludes value",
        "Please check the passed value",
        "MINIO_CACHE_EXCLUDE: Cache exclusion patterns are delimited by `,`",

    ErrInvalidCacheExpiryValue = newErrFn(
        "Invalid cache expiry value",
        "Please check the passed value",
        "MINIO_CACHE_EXPIRY: Valid cache expiry duration must be in days",

    ErrInvalidCacheQuota = newErrFn(
        "Invalid cache quota value",
        "Please check the passed value",
        "MINIO_CACHE_QUOTA: Valid cache quota value must be between 0-100",

    ErrInvalidCacheAfter = newErrFn(
        "Invalid cache after value",
        "Please check the passed value",
        "MINIO_CACHE_AFTER: Valid cache after value must be 0 or greater",

    ErrInvalidCacheWatermarkLow = newErrFn(
        "Invalid cache low watermark value",
        "Please check the passed value",
        "MINIO_CACHE_WATERMARK_LOW: Valid cache low watermark value must be between 0-100",

    ErrInvalidCacheWatermarkHigh = newErrFn(
        "Invalid cache high watermark value",
        "Please check the passed value",
        "MINIO_CACHE_WATERMARK_HIGH: Valid cache high watermark value must be between 0-100",

    ErrInvalidCacheEncryptionKey = newErrFn(
        "Invalid cache encryption master key value",
        "Please check the passed value",
        "MINIO_CACHE_ENCRYPTION_MASTER_KEY: For more information, please refer to",

    ErrInvalidCacheRange = newErrFn(
        "Invalid cache range value",
        "Please check the passed value",
        "MINIO_CACHE_RANGE: Valid expected value is `on` or `off`",

    ErrInvalidCacheCommitValue = newErrFn(
        "Invalid cache commit value",
        "Please check the passed value",
        "MINIO_CACHE_COMMIT: Valid expected value is `writeback` or `writethrough`",

    ErrInvalidCacheSetting = newErrFn(
        "Incompatible cache setting",
        "Please check the passed value",
        "MINIO_CACHE_AFTER cannot be used with MINIO_CACHE_COMMIT setting",
    ErrInvalidRotatingCredentialsBackendEncrypted = newErrFn(
        "Invalid rotating credentials",
        "Please set correct rotating credentials in the environment for decryption",
        "" /* 251 byte string literal not displayed */,

    ErrInvalidCredentialsBackendEncrypted = newErrFn(
        "Invalid credentials",
        "Please set correct credentials in the environment for decryption",
        "" /* 215 byte string literal not displayed */,

    ErrMissingCredentialsBackendEncrypted = newErrFn(
        "Credentials missing",
        "Please set your credentials in the environment",
        "" /* 207 byte string literal not displayed */,

    ErrInvalidCredentials = newErrFn(
        "Invalid credentials",
        "Please provide correct credentials",
        `Access key length should be at least 3, and secret key length at least 8 characters`,

    ErrEnvCredentialsMissingGateway = newErrFn(
        "Credentials missing",
        "Please set your credentials in the environment",
        "" /* 140 byte string literal not displayed */,

    ErrEnvCredentialsMissingDistributed = newErrFn(
        "Credentials missing",
        "Please set your credentials in the environment",
        "" /* 151 byte string literal not displayed */,

    ErrInvalidErasureEndpoints = newErrFn(
        "Invalid endpoint(s) in erasure mode",
        "Please provide correct combination of local/remote paths",
        "For more information, please refer to",

    ErrInvalidNumberOfErasureEndpoints = newErrFn(
        "Invalid total number of endpoints for erasure mode",
        "Please provide an even number of endpoints greater or equal to 4",
        "For more information, please refer to",

    ErrStorageClassValue = newErrFn(
        "Invalid storage class value",
        "Please check the value",
        "" /* 621 byte string literal not displayed */,

    ErrUnexpectedBackendVersion = newErrFn(
        "Backend version seems to be too recent",
        "Please update to the latest MinIO version",

    ErrInvalidAddressFlag = newErrFn(
        "--address input is invalid",
        "Please check --address parameter",
        "" /* 230 byte string literal not displayed */,

    ErrInvalidFSEndpoint = newErrFn(
        "Invalid endpoint for standalone FS mode",
        "Please check the FS endpoint",
        `FS mode requires only one writable disk path
Example 1:
   $ minio server /data/minio/`,

    ErrUnsupportedBackend = newErrFn(
        "Unable to write to the backend",
        "Please ensure your disk supports O_DIRECT",

    ErrUnableToWriteInBackend = newErrFn(
        "Unable to write to the backend",
        "Please ensure MinIO binary has write permissions for the backend",
        `Verify if MinIO binary is running as the same user who has write permissions for the backend`,

    ErrPortAlreadyInUse = newErrFn(
        "Port is already in use",
        "Please ensure no other program uses the same address/port",

    ErrPortAccess = newErrFn(
        "Unable to use specified port",
        "Please ensure MinIO binary has 'cap_net_bind_service=+ep' permissions",
        `Use 'sudo setcap cap_net_bind_service=+ep /path/to/minio' to provide sufficient permissions`,

    ErrSSLUnexpectedError = newErrFn(
        "Invalid TLS certificate",
        "Please check the content of your certificate data",
        `Only PEM (x.509) format is accepted as valid public & private certificates`,

    ErrSSLUnexpectedData = newErrFn(
        "Invalid TLS certificate",
        "Please check your certificate",

    ErrSSLNoPassword = newErrFn(
        "Missing TLS password",
        "Please set the password to environment variable `MINIO_CERT_PASSWD` so that the private key can be decrypted",

    ErrNoCertsAndHTTPSEndpoints = newErrFn(
        "HTTPS specified in endpoints, but no TLS certificate is found on the local machine",
        "Please add TLS certificate or use HTTP endpoints only",
        "" /* 148 byte string literal not displayed */,

    ErrCertsAndHTTPEndpoints = newErrFn(
        "HTTP specified in endpoints, but the server in the local machine is configured with a TLS certificate",
        "Please remove the certificate in the configuration directory or switch to HTTPS",

    ErrSSLWrongPassword = newErrFn(
        "Unable to decrypt the private key using the provided password",
        "Please set the correct password in environment variable `MINIO_CERT_PASSWD`",

    ErrUnexpectedError = newErrFn(
        "Unexpected error",
        "Please contact MinIO at",

    ErrInvalidCompressionIncludesValue = newErrFn(
        "Invalid compression include value",
        "Please check the passed value",
        "Compress extensions/mime-types are delimited by `,`. For eg, MINIO_COMPRESS_MIME_TYPES=\"A,B,C\"",

    ErrInvalidGWSSEValue = newErrFn(
        "Invalid gateway SSE value",
        "Please check the passed value",
        "MINIO_GATEWAY_SSE: Gateway SSE accepts only C and S3 as valid values. Delimit by `;` to set more than one value",

    ErrInvalidGWSSEEnvValue = newErrFn(
        "Invalid gateway SSE configuration",
        "Refer to for setting up SSE",

UI errors

var DefaultKVS map[string]KVS

DefaultKVS - default kvs for all sub-systems

var HelpSubSysMap map[string]HelpKVS

HelpSubSysMap - help for all individual KVS for each sub-systems also carries a special empty sub-system which dumps help for each sub-system key.

var Logger = struct {
    Info  func(msg string, data ...interface{})
    LogIf func(ctx context.Context, err error, errKind ...interface{})

Logger contains injected logger methods.

var (
    RegionHelp = HelpKVS{
            Key:         RegionName,
            Type:        "string",
            Description: `name of the location of the server e.g. "us-west-rack2"`,
            Optional:    true,
            Key:         Comment,
            Type:        "sentence",
            Description: DefaultComment,
            Optional:    true,

Region and Worm help is documented in default config

var SubSystems = set.CreateStringSet(

SubSystems - all supported sub-systems

var SubSystemsDynamic = set.CreateStringSet(

SubSystemsDynamic - all sub-systems that have dynamic config.

var SubSystemsSingleTargets = set.CreateStringSet([]string{

SubSystemsSingleTargets - subsystems which only support single target.

func CertificateText Uses

func CertificateText(cert *x509.Certificate) string

CertificateText returns a human-readable string representation of the certificate cert. The format is similar to the OpenSSL way of printing certificates (not identical).

func CheckValidKeys Uses

func CheckValidKeys(subSys string, kv KVS, validKVS KVS) error

CheckValidKeys - checks if inputs KVS has the necessary keys, returns error if it find extra or superflous keys.

func Errorf Uses

func Errorf(format string, a ...interface{}) error

Errorf - formats according to a format specifier and returns the string as a value that satisfies error of type config.Error

func FmtError Uses

func FmtError(introMsg string, err error, jsonFlag bool) string

FmtError converts a fatal error message to a more clear error using some colors

func FormatBool Uses

func FormatBool(b bool) string

FormatBool prints stringified version of boolean.

func LoadX509KeyPair Uses

func LoadX509KeyPair(certFile, keyFile string) (tls.Certificate, error)

LoadX509KeyPair - load an X509 key pair (private key , certificate) from the provided paths. The private key may be encrypted and is decrypted using the ENV_VAR: MINIO_CERT_PASSWD.

func LookupCreds Uses

func LookupCreds(kv KVS) (auth.Credentials, error)

LookupCreds - lookup credentials from config.

func LookupRegion Uses

func LookupRegion(kv KVS) (string, error)

LookupRegion - get current region.

func LookupWorm Uses

func LookupWorm() (bool, error)

LookupWorm - check if worm is enabled

func NewConfigWriteTo Uses

func NewConfigWriteTo(cfg Config, key string) io.WriterTo

NewConfigWriteTo - returns a struct which allows for serializing the config/kv struct to a io.WriterTo

func ParseBool Uses

func ParseBool(str string) (bool, error)

ParseBool returns the boolean value represented by the string. It accepts 1, t, T, TRUE, true, True, 0, f, F, FALSE, false, False. Any other value returns an error.

func ParsePublicCertFile Uses

func ParsePublicCertFile(certFile string) (x509Certs []*x509.Certificate, err error)

ParsePublicCertFile - parses public cert into its *x509.Certificate equivalent.

func RegisterDefaultKVS Uses

func RegisterDefaultKVS(kvsMap map[string]KVS)

RegisterDefaultKVS - this function saves input kvsMap globally, this should be called only once preferably during `init()`.

func RegisterHelpSubSys Uses

func RegisterHelpSubSys(helpKVSMap map[string]HelpKVS)

RegisterHelpSubSys - this function saves input help KVS for each sub-system globally, this function should be called only once preferably in during `init()`.

func SetCredentials Uses

func SetCredentials(c Config, cred auth.Credentials)

SetCredentials - One time migration code needed, for migrating from older config to new for server credentials.

func SetRegion Uses

func SetRegion(c Config, name string)

SetRegion - One time migration code needed, for migrating from older config to new for server Region.

type BoolFlag Uses

type BoolFlag bool

BoolFlag - wrapper bool type.

func ParseBoolFlag Uses

func ParseBoolFlag(s string) (bf BoolFlag, err error)

ParseBoolFlag - parses string into BoolFlag.

func (BoolFlag) MarshalJSON Uses

func (bf BoolFlag) MarshalJSON() ([]byte, error)

MarshalJSON - converts BoolFlag into JSON data.

func (BoolFlag) String Uses

func (bf BoolFlag) String() string

String - returns string of BoolFlag.

func (*BoolFlag) UnmarshalJSON Uses

func (bf *BoolFlag) UnmarshalJSON(data []byte) (err error)

UnmarshalJSON - parses given data into BoolFlag.

type Config Uses

type Config map[string]map[string]KVS

Config - MinIO server config structure.

func New Uses

func New() Config

New - initialize a new server config.

func (Config) Clone Uses

func (c Config) Clone() Config

Clone - clones a config map entirely.

func (Config) DelFrom Uses

func (c Config) DelFrom(r io.Reader) error

DelFrom - deletes all keys in the input reader.

func (Config) DelKVS Uses

func (c Config) DelKVS(s string) error

DelKVS - delete a specific key.

func (Config) GetKVS Uses

func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (Targets, error)

GetKVS - get kvs from specific subsystem.

func (Config) Merge Uses

func (c Config) Merge() Config

Merge - merges a new config with all the missing values for default configs, returns a config.

func (Config) ReadConfig Uses

func (c Config) ReadConfig(r io.Reader) (dynOnly bool, err error)

ReadConfig - read content from input and write into c. Returns whether all parameters were dynamic.

func (Config) SetKVS Uses

func (c Config) SetKVS(s string, defaultKVS map[string]KVS) (dynamic bool, err error)

SetKVS - set specific key values per sub-system.

type Err Uses

type Err struct {
    // contains filtered or unexported fields

Err is a structure which contains all information to print a fatal error message in json or pretty mode Err implements error so we can use it anywhere

func ErrorToErr Uses

func ErrorToErr(err error) Err

ErrorToErr inspects the passed error and transforms it to the appropriate UI error.

func (Err) Clone Uses

func (u Err) Clone() Err

Clone returns a new Err struct with the same information

func (Err) Error Uses

func (u Err) Error() string

Error returns the error message

func (Err) Hint Uses

func (u Err) Hint(m string, args ...interface{}) Err

Hint - Replace the current error's message

func (Err) Msg Uses

func (u Err) Msg(m string, args ...interface{}) Err

Msg - Replace the current error's message

type ErrFn Uses

type ErrFn func(err error) Err

ErrFn function wrapper

type Error Uses

type Error struct {
    Err string

Error config error type

func (Error) Error Uses

func (e Error) Error() string

type HelpKV Uses

type HelpKV struct {
    Key         string `json:"key"`
    Type        string `json:"type"`
    Description string `json:"description"`
    Optional    bool   `json:"optional"`

    // Indicates if sub-sys supports multiple targets.
    MultipleTargets bool `json:"multipleTargets"`

HelpKV - implements help messages for keys with value as description of the keys.

type HelpKVS Uses

type HelpKVS []HelpKV

HelpKVS - implement order of keys help messages.

func (HelpKVS) Lookup Uses

func (hkvs HelpKVS) Lookup(key string) (HelpKV, bool)

Lookup - lookup a key from help kvs.

type KV Uses

type KV struct {
    Key   string `json:"key"`
    Value string `json:"value"`

KV - is a shorthand of each key value.

type KVS Uses

type KVS []KV

KVS - is a shorthand for some wrapper functions to operate on list of key values.

func (*KVS) Delete Uses

func (kvs *KVS) Delete(key string)

Delete - deletes the key if present from the KV list.

func (KVS) Empty Uses

func (kvs KVS) Empty() bool

Empty - return if kv is empty

func (KVS) Get Uses

func (kvs KVS) Get(key string) string

Get - returns the value of a key, if not found returns empty.

func (KVS) Keys Uses

func (kvs KVS) Keys() []string

Keys returns the list of keys for the current KVS

func (KVS) Lookup Uses

func (kvs KVS) Lookup(key string) (string, bool)

Lookup - lookup a key in a list of KVS

func (*KVS) Set Uses

func (kvs *KVS) Set(key, value string)

Set sets a value, if not sets a default value.

func (KVS) String Uses

func (kvs KVS) String() string

type Target Uses

type Target struct {
    SubSystem string
    KVS       KVS

Target signifies an individual target

type Targets Uses

type Targets []Target

Targets sub-system targets



Package config imports 25 packages (graph) and is imported by 16 packages. Updated 2021-01-20. Refresh now. Tools for package owners.