Documentation ¶
Index ¶
Constants ¶
View Source
const ( DefaultAccessTokenTTL = time.Minute * 15 DefaultRefreshTokenTTL = time.Hour * 24 )
View Source
const ( DefaultPanelsPath = "schemas/panels" DefaultQueriesPath = "schemas/queries" DefaultDatasourcesPath = "schemas/datasources" DefaultVariablesPath = "schemas/variables" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthProviders ¶
type AuthProviders struct { EnableNative bool `json:"enable_native" yaml:"enable_native"` OAuth []OAuthProvider `json:"oauth,omitempty" yaml:"oauth,omitempty"` OIDC []OIDCProvider `json:"oidc,omitempty" yaml:"oidc,omitempty"` }
func (*AuthProviders) Verify ¶
func (p *AuthProviders) Verify() error
type AuthenticationConfig ¶
type AuthenticationConfig struct { // AccessTokenTTL is the time to live of the access token. By default, it is 15 minutes. AccessTokenTTL model.Duration `json:"access_token_ttl,omitempty" yaml:"access_token_ttl,omitempty"` // RefreshTokenTTL is the time to live of the refresh token. // The refresh token is used to get a new access token when it is expired. // By default, it is 24 hours. RefreshTokenTTL model.Duration `json:"refresh_token_ttl,omitempty" yaml:"refresh_token_ttl,omitempty"` // DisableSignUp deactivates the Sign-up page in the UI. // It also disables the endpoint that gives the possibility to create a user. DisableSignUp bool `json:"disable_sign_up" yaml:"disable_sign_up"` // Providers configure the different authentication providers Providers AuthProviders `json:"providers" yaml:"providers"` }
func (*AuthenticationConfig) Verify ¶
func (a *AuthenticationConfig) Verify() error
type AuthorizationConfig ¶
type AuthorizationConfig struct { // CheckLatestUpdateInterval that checks if the RBAC cache needs to be refreshed with db content. Only for SQL database setup. CheckLatestUpdateInterval model.Duration `json:"check_latest_update_interval,omitempty" yaml:"check_latest_update_interval,omitempty"` // Default permissions for guest users (logged-in users) GuestPermissions []*role.Permission `json:"guest_permissions,omitempty" yaml:"guest_permissions,omitempty"` }
func (*AuthorizationConfig) Verify ¶
func (a *AuthorizationConfig) Verify() error
type Config ¶
type Config struct { // Security contains any configuration that changes the API behavior like the endpoints exposed or if the permissions are activated. Security Security `json:"security,omitempty" yaml:"security,omitempty"` // Database contains the different configuration depending on the database you want to use Database Database `json:"database,omitempty" yaml:"database,omitempty"` // Schemas contain the configuration to get access to the CUE schemas Schemas Schemas `json:"schemas,omitempty" yaml:"schemas,omitempty"` // ImportantDashboards contains important dashboard selectors ImportantDashboards []dashboardSelector `json:"important_dashboards,omitempty" yaml:"important_dashboards,omitempty"` // Information contains markdown content to be display on the home page Information string `json:"information,omitempty" yaml:"information,omitempty"` // Provisioning contains the provisioning config that can be used if you want to provide default resources. Provisioning ProvisioningConfig `json:"provisioning,omitempty" yaml:"provisioning,omitempty"` // When it is true, Perses won't serve the frontend anymore. DeactivateFront bool `json:"deactivate_front" yaml:"deactivate_front"` // EphemeralDashboardsCleanupInterval is the interval at which the ephemeral dashboards are cleaned up EphemeralDashboardsCleanupInterval model.Duration `json:"ephemeral_dashboards_cleanup_interval,omitempty" yaml:"ephemeral_dashboards_cleanup_interval,omitempty"` }
type Database ¶
type File ¶
type File struct { Folder string `json:"folder" yaml:"folder"` // +kubebuilder:validation:Optional Extension FileExtension `json:"extension" yaml:"extension"` // +kubebuilder:validation:Optional CaseSensitive bool `json:"case_sensitive" yaml:"case_sensitive"` }
type FileExtension ¶
type FileExtension string
const ( YAMLExtension FileExtension = "yaml" JSONExtension FileExtension = "json" )
type OAuthOverride ¶ added in v0.44.0
type OAuthProvider ¶
type OAuthProvider struct { Provider `json:",inline" yaml:",inline"` AuthURL common.URL `json:"auth_url" yaml:"auth_url"` TokenURL common.URL `json:"token_url" yaml:"token_url"` UserInfosURL common.URL `json:"user_infos_url" yaml:"user_infos_url"` DeviceAuthURL common.URL `json:"device_auth_url" yaml:"device_auth_url"` CustomLoginProperty string `json:"custom_login_property,omitempty" yaml:"custom_login_property,omitempty"` }
func (*OAuthProvider) Verify ¶
func (p *OAuthProvider) Verify() error
type OIDCProvider ¶
type OIDCProvider struct { Provider `json:",inline" yaml:",inline"` Issuer common.URL `json:"issuer" yaml:"issuer"` DiscoveryURL common.URL `json:"discovery_url,omitempty" yaml:"discovery_url,omitempty"` URLParams map[string]string `json:"url_params,omitempty" yaml:"url_params,omitempty"` }
func (*OIDCProvider) Verify ¶
func (p *OIDCProvider) Verify() error
type Provider ¶
type Provider struct { SlugID string `json:"slug_id" yaml:"slug_id"` Name string `json:"name" yaml:"name"` ClientID secret.Hidden `json:"client_id" yaml:"client_id"` ClientSecret secret.Hidden `json:"client_secret" yaml:"client_secret"` DeviceCode *OAuthOverride `json:"device_code,omitempty" yaml:"device_code,omitempty"` ClientCredentials *OAuthOverride `json:"client_credentials,omitempty" yaml:"client_credentials,omitempty"` RedirectURI common.URL `json:"redirect_uri,omitempty" yaml:"redirect_uri,omitempty"` Scopes []string `json:"scopes,omitempty" yaml:"scopes,omitempty"` DisablePKCE bool `json:"disable_pkce" yaml:"disable_pkce"` }
type ProvisioningConfig ¶
type ProvisioningConfig struct { Folders []string `json:"folders,omitempty" yaml:"folders,omitempty"` // Interval is the refresh frequency Interval model.Duration `json:"interval,omitempty" yaml:"interval,omitempty"` }
func (*ProvisioningConfig) Verify ¶
func (p *ProvisioningConfig) Verify() error
type SQL ¶
type SQL struct { // TLS configuration TLSConfig *config.TLSConfig `json:"tls_config,omitempty" yaml:"tls_config,omitempty"` // Username User secret.Hidden `json:"user,omitempty" yaml:"user,omitempty"` // Password (requires User) Password secret.Hidden `json:"password,omitempty" yaml:"password,omitempty"` // PasswordFile is a path to a file that contains a password PasswordFile string `json:"password_file,omitempty" yaml:"password_file,omitempty"` // Network type Net string `json:"net,omitempty" yaml:"net,omitempty"` // Network address (requires Net) Addr secret.Hidden `json:"addr,omitempty" yaml:"addr,omitempty"` // Database name DBName string `json:"db_name" yaml:"db_name"` // Connection collation Collation string `json:"collation,omitempty" yaml:"collation,omitempty"` // Location for time.Time values Loc *time.Location `json:"loc,omitempty" yaml:"loc,omitempty"` // Max packet size allowed MaxAllowedPacket int `json:"max_allowed_packet" yaml:"maxAllowedPacket"` // Server public key name ServerPubKey string `json:"server_pub_key" yaml:"server_pub_key"` // Dial timeout Timeout model.Duration `json:"timeout" yaml:"timeout"` // I/O read timeout ReadTimeout model.Duration `json:"read_timeout" yaml:"read_timeout"` // I/O write timeout WriteTimeout model.Duration `json:"write_timeout" yaml:"write_timeout"` // Allow all files to be used with LOAD DATA LOCAL INFILE AllowAllFiles bool `json:"allow_all_files" yaml:"allow_all_files"` // Allows the cleartext client side plugin AllowCleartextPasswords bool `json:"allow_cleartext_passwords" yaml:"allow_cleartext_passwords"` // Allows fallback to unencrypted connection if server does not support TLS AllowFallbackToPlaintext bool `json:"allow_fallback_to_plaintext" yaml:"allow_fallback_to_plaintext"` // Allows the native password authentication method AllowNativePasswords bool `json:"allow_native_passwords" yaml:"allow_native_passwords"` // Allows the old insecure password method AllowOldPasswords bool `json:"allow_old_passwords" yaml:"allow_old_passwords"` // Check connections for liveness before using them CheckConnLiveness bool `json:"check_conn_liveness" yaml:"check_conn_liveness"` // Return number of matching rows instead of rows changed ClientFoundRows bool `json:"client_found_rows" yaml:"client_found_rows"` // Prepend table alias to column names ColumnsWithAlias bool `json:"columns_with_alias" yaml:"columns_with_alias"` // Interpolate placeholders into query string InterpolateParams bool `json:"interpolate_params" yaml:"interpolate_params"` // Allow multiple statements in one query MultiStatements bool `json:"multi_statements" yaml:"multi_statements"` // Parse time values to time.Time ParseTime bool `json:"parse_time" yaml:"parse_time"` // Reject read-only connections RejectReadOnly bool `json:"reject_read_only" yaml:"reject_read_only"` CaseSensitive bool `json:"case_sensitive" yaml:"case_sensitive"` }
type Schemas ¶
type Schemas struct { PanelsPath string `json:"panels_path,omitempty" yaml:"panels_path,omitempty"` QueriesPath string `json:"queries_path,omitempty" yaml:"queries_path,omitempty"` DatasourcesPath string `json:"datasources_path,omitempty" yaml:"datasources_path,omitempty"` VariablesPath string `json:"variables_path,omitempty" yaml:"variables_path,omitempty"` Interval model.Duration `json:"interval,omitempty" yaml:"interval,omitempty"` }
type Security ¶
type Security struct { // Readonly will deactivate any HTTP POST, PUT, DELETE endpoint Readonly bool `json:"readonly" yaml:"readonly"` // EncryptionKey is the secret key used to encrypt and decrypt sensitive data // stored in the database such as the password of the basic auth for a datasource. // Note that if it is not provided, it will use a default value. // On a production instance, you should set this key. // Also note the key size must be exactly 32 bytes long as we are using AES-256 to encrypt the data. EncryptionKey secret.Hidden `json:"encryption_key,omitempty" yaml:"encryption_key,omitempty"` // EncryptionKeyFile is the path to file containing the secret key EncryptionKeyFile string `json:"encryption_key_file,omitempty" yaml:"encryption_key_file,omitempty"` // When it is true, the authentication and authorization config are considered. // And you will need a valid JWT token to contact most of the endpoints exposed by the API EnableAuth bool `json:"enable_auth" yaml:"enable_auth"` // Authorization contains all configs around rbac (permissions and roles) Authorization AuthorizationConfig `json:"authorization,omitempty" yaml:"authorization,omitempty"` // Authentication contains configuration regarding management of access/refresh token Authentication AuthenticationConfig `json:"authentication,omitempty" yaml:"authentication,omitempty"` }
Click to show internal directories.
Click to hide internal directories.