Documentation
¶
Index ¶
Constants ¶
View Source
const ( DefaultAccessTokenTTL = time.Minute * 15 DefaultRefreshTokenTTL = time.Hour * 24 )
View Source
const ( DefaultPanelsPath = "schemas/panels" DefaultQueriesPath = "schemas/queries" DefaultDatasourcesPath = "schemas/datasources" DefaultVariablesPath = "schemas/variables" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthProviders ¶
type AuthProviders struct {
EnableNative bool `json:"enable_native" yaml:"enable_native"`
OAuth []OAuthProvider `json:"oauth,omitempty" yaml:"oauth,omitempty"`
OIDC []OIDCProvider `json:"oidc,omitempty" yaml:"oidc,omitempty"`
}
func (*AuthProviders) Verify ¶
func (p *AuthProviders) Verify() error
type AuthenticationConfig ¶
type AuthenticationConfig struct {
// AccessTokenTTL is the time to live of the access token. By default, it is 15 minutes.
AccessTokenTTL model.Duration `json:"access_token_ttl,omitempty" yaml:"access_token_ttl,omitempty"`
// RefreshTokenTTL is the time to live of the refresh token.
// The refresh token is used to get a new access token when it is expired.
// By default, it is 24 hours.
RefreshTokenTTL model.Duration `json:"refresh_token_ttl,omitempty" yaml:"refresh_token_ttl,omitempty"`
// DisableSignUp deactivates the Sign-up page in the UI.
// It also disables the endpoint that gives the possibility to create a user.
DisableSignUp bool `json:"disable_sign_up" yaml:"disable_sign_up"`
// Providers configure the different authentication providers
Providers AuthProviders `json:"providers" yaml:"providers"`
}
func (*AuthenticationConfig) Verify ¶
func (a *AuthenticationConfig) Verify() error
type AuthorizationConfig ¶
type AuthorizationConfig struct {
// CheckLatestUpdateInterval that checks if the RBAC cache needs to be refreshed with db content. Only for SQL database setup.
CheckLatestUpdateInterval model.Duration `json:"check_latest_update_interval,omitempty" yaml:"check_latest_update_interval,omitempty"`
// Default permissions for guest users (logged-in users)
GuestPermissions []*role.Permission `json:"guest_permissions,omitempty" yaml:"guest_permissions,omitempty"`
}
func (*AuthorizationConfig) Verify ¶
func (a *AuthorizationConfig) Verify() error
type Config ¶
type Config struct {
// Security contains any configuration that changes the API behavior like the endpoints exposed or if the permissions are activated.
Security Security `json:"security,omitempty" yaml:"security,omitempty"`
// Database contains the different configuration depending on the database you want to use
Database Database `json:"database,omitempty" yaml:"database,omitempty"`
// Schemas contain the configuration to get access to the CUE schemas
Schemas Schemas `json:"schemas,omitempty" yaml:"schemas,omitempty"`
// ImportantDashboards contains important dashboard selectors
ImportantDashboards []dashboardSelector `json:"important_dashboards,omitempty" yaml:"important_dashboards,omitempty"`
// Information contains markdown content to be display on the home page
Information string `json:"information,omitempty" yaml:"information,omitempty"`
// Provisioning contains the provisioning config that can be used if you want to provide default resources.
Provisioning ProvisioningConfig `json:"provisioning,omitempty" yaml:"provisioning,omitempty"`
// When it is true, Perses won't serve the frontend anymore.
DeactivateFront bool `json:"deactivate_front" yaml:"deactivate_front"`
// EphemeralDashboardsCleanupInterval is the interval at which the ephemeral dashboards are cleaned up
EphemeralDashboardsCleanupInterval model.Duration `json:"ephemeral_dashboards_cleanup_interval,omitempty" yaml:"ephemeral_dashboards_cleanup_interval,omitempty"`
}
type Database ¶
type File ¶
type File struct {
Folder string `json:"folder" yaml:"folder"`
// +kubebuilder:validation:Optional
Extension FileExtension `json:"extension" yaml:"extension"`
// +kubebuilder:validation:Optional
CaseSensitive bool `json:"case_sensitive" yaml:"case_sensitive"`
}
type FileExtension ¶
type FileExtension string
const ( YAMLExtension FileExtension = "yaml" JSONExtension FileExtension = "json" )
type OAuthOverride ¶ added in v0.44.0
type OAuthProvider ¶
type OAuthProvider struct {
Provider `json:",inline" yaml:",inline"`
AuthURL common.URL `json:"auth_url" yaml:"auth_url"`
TokenURL common.URL `json:"token_url" yaml:"token_url"`
UserInfosURL common.URL `json:"user_infos_url" yaml:"user_infos_url"`
DeviceAuthURL common.URL `json:"device_auth_url" yaml:"device_auth_url"`
CustomLoginProperty string `json:"custom_login_property,omitempty" yaml:"custom_login_property,omitempty"`
}
func (*OAuthProvider) Verify ¶
func (p *OAuthProvider) Verify() error
type OIDCProvider ¶
type OIDCProvider struct {
Provider `json:",inline" yaml:",inline"`
Issuer common.URL `json:"issuer" yaml:"issuer"`
DiscoveryURL common.URL `json:"discovery_url,omitempty" yaml:"discovery_url,omitempty"`
URLParams map[string]string `json:"url_params,omitempty" yaml:"url_params,omitempty"`
}
func (*OIDCProvider) Verify ¶
func (p *OIDCProvider) Verify() error
type Provider ¶
type Provider struct {
SlugID string `json:"slug_id" yaml:"slug_id"`
Name string `json:"name" yaml:"name"`
ClientID secret.Hidden `json:"client_id" yaml:"client_id"`
ClientSecret secret.Hidden `json:"client_secret" yaml:"client_secret"`
DeviceCode *OAuthOverride `json:"device_code,omitempty" yaml:"device_code,omitempty"`
ClientCredentials *OAuthOverride `json:"client_credentials,omitempty" yaml:"client_credentials,omitempty"`
RedirectURI common.URL `json:"redirect_uri,omitempty" yaml:"redirect_uri,omitempty"`
Scopes []string `json:"scopes,omitempty" yaml:"scopes,omitempty"`
DisablePKCE bool `json:"disable_pkce" yaml:"disable_pkce"`
}
type ProvisioningConfig ¶
type ProvisioningConfig struct {
Folders []string `json:"folders,omitempty" yaml:"folders,omitempty"`
// Interval is the refresh frequency
Interval model.Duration `json:"interval,omitempty" yaml:"interval,omitempty"`
}
func (*ProvisioningConfig) Verify ¶
func (p *ProvisioningConfig) Verify() error
type SQL ¶
type SQL struct {
// TLS configuration
TLSConfig *config.TLSConfig `json:"tls_config,omitempty" yaml:"tls_config,omitempty"`
// Username
User secret.Hidden `json:"user,omitempty" yaml:"user,omitempty"`
// Password (requires User)
Password secret.Hidden `json:"password,omitempty" yaml:"password,omitempty"`
// PasswordFile is a path to a file that contains a password
PasswordFile string `json:"password_file,omitempty" yaml:"password_file,omitempty"`
// Network type
Net string `json:"net,omitempty" yaml:"net,omitempty"`
// Network address (requires Net)
Addr secret.Hidden `json:"addr,omitempty" yaml:"addr,omitempty"`
// Database name
DBName string `json:"db_name" yaml:"db_name"`
// Connection collation
Collation string `json:"collation,omitempty" yaml:"collation,omitempty"`
// Location for time.Time values
Loc *time.Location `json:"loc,omitempty" yaml:"loc,omitempty"`
// Max packet size allowed
MaxAllowedPacket int `json:"max_allowed_packet" yaml:"maxAllowedPacket"`
// Server public key name
ServerPubKey string `json:"server_pub_key" yaml:"server_pub_key"`
// Dial timeout
Timeout model.Duration `json:"timeout" yaml:"timeout"`
// I/O read timeout
ReadTimeout model.Duration `json:"read_timeout" yaml:"read_timeout"`
// I/O write timeout
WriteTimeout model.Duration `json:"write_timeout" yaml:"write_timeout"`
// Allow all files to be used with LOAD DATA LOCAL INFILE
AllowAllFiles bool `json:"allow_all_files" yaml:"allow_all_files"`
// Allows the cleartext client side plugin
AllowCleartextPasswords bool `json:"allow_cleartext_passwords" yaml:"allow_cleartext_passwords"`
// Allows fallback to unencrypted connection if server does not support TLS
AllowFallbackToPlaintext bool `json:"allow_fallback_to_plaintext" yaml:"allow_fallback_to_plaintext"`
// Allows the native password authentication method
AllowNativePasswords bool `json:"allow_native_passwords" yaml:"allow_native_passwords"`
// Allows the old insecure password method
AllowOldPasswords bool `json:"allow_old_passwords" yaml:"allow_old_passwords"`
// Check connections for liveness before using them
CheckConnLiveness bool `json:"check_conn_liveness" yaml:"check_conn_liveness"`
// Return number of matching rows instead of rows changed
ClientFoundRows bool `json:"client_found_rows" yaml:"client_found_rows"`
// Prepend table alias to column names
ColumnsWithAlias bool `json:"columns_with_alias" yaml:"columns_with_alias"`
// Interpolate placeholders into query string
InterpolateParams bool `json:"interpolate_params" yaml:"interpolate_params"`
// Allow multiple statements in one query
MultiStatements bool `json:"multi_statements" yaml:"multi_statements"`
// Parse time values to time.Time
ParseTime bool `json:"parse_time" yaml:"parse_time"`
// Reject read-only connections
RejectReadOnly bool `json:"reject_read_only" yaml:"reject_read_only"`
CaseSensitive bool `json:"case_sensitive" yaml:"case_sensitive"`
}
type Schemas ¶
type Schemas struct {
PanelsPath string `json:"panels_path,omitempty" yaml:"panels_path,omitempty"`
QueriesPath string `json:"queries_path,omitempty" yaml:"queries_path,omitempty"`
DatasourcesPath string `json:"datasources_path,omitempty" yaml:"datasources_path,omitempty"`
VariablesPath string `json:"variables_path,omitempty" yaml:"variables_path,omitempty"`
Interval model.Duration `json:"interval,omitempty" yaml:"interval,omitempty"`
}
type Security ¶
type Security struct {
// Readonly will deactivate any HTTP POST, PUT, DELETE endpoint
Readonly bool `json:"readonly" yaml:"readonly"`
// EncryptionKey is the secret key used to encrypt and decrypt sensitive data
// stored in the database such as the password of the basic auth for a datasource.
// Note that if it is not provided, it will use a default value.
// On a production instance, you should set this key.
// Also note the key size must be exactly 32 bytes long as we are using AES-256 to encrypt the data.
EncryptionKey secret.Hidden `json:"encryption_key,omitempty" yaml:"encryption_key,omitempty"`
// EncryptionKeyFile is the path to file containing the secret key
EncryptionKeyFile string `json:"encryption_key_file,omitempty" yaml:"encryption_key_file,omitempty"`
// When it is true, the authentication and authorization config are considered.
// And you will need a valid JWT token to contact most of the endpoints exposed by the API
EnableAuth bool `json:"enable_auth" yaml:"enable_auth"`
// Authorization contains all configs around rbac (permissions and roles)
Authorization AuthorizationConfig `json:"authorization,omitempty" yaml:"authorization,omitempty"`
// Authentication contains configuration regarding management of access/refresh token
Authentication AuthenticationConfig `json:"authentication,omitempty" yaml:"authentication,omitempty"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.