config

package
v0.0.0-...-455eedf Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 28, 2023 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// BastionFlag is to enable bastion, or jump host, operation
	BastionFlag = "bastion"
)

Variables

View Source 
var (
	// DefaultConfigFiles is the file names from which we attempt to read configuration.
	DefaultConfigFiles = []string{"config.yml", "config.yaml"}

	// DefaultUnixConfigLocation is the primary location to find a config file
	DefaultUnixConfigLocation = "/usr/local/etc/cloudflared"

	// DefaultUnixLogLocation is the primary location to find log files
	DefaultUnixLogLocation = "/var/log/cloudflared"

	ErrNoConfigFile = fmt.Errorf("Cannot determine default configuration path. No file %v in %v", DefaultConfigFiles, DefaultConfigSearchDirectories())
)

Functions

func DefaultConfigDirectory 

func DefaultConfigDirectory() string

DefaultConfigDirectory returns the default directory of the config file

func DefaultConfigPath 

func DefaultConfigPath() string

DefaultConfigPath returns the default location of a config file

func DefaultConfigSearchDirectories 

func DefaultConfigSearchDirectories() []string

DefaultConfigSearchDirectories returns the default folder locations of the config

func DefaultLogDirectory 

func DefaultLogDirectory() string

DefaultLogDirectory returns the default directory for log files

func FileExists 

func FileExists(path string) (bool, error)

FileExists checks to see if a file exist at the provided path.

func FindDefaultConfigPath 

func FindDefaultConfigPath() string

FindDefaultConfigPath returns the first path that contains a config file. If none of the combination of DefaultConfigSearchDirectories() and DefaultConfigFiles contains a config file, return empty string.

func FindOrCreateConfigPath 

func FindOrCreateConfigPath() string

FindOrCreateConfigPath returns the first path that contains a config file or creates one in the primary default path if it doesn't exist

func ReadConfigFile 

func ReadConfigFile(c *cli.Context, log *zerolog.Logger) (settings *configFileSettings, warnings string, err error)

ReadConfigFile returns InputSourceContext initialized from the configuration file. On repeat calls returns with the same file, returns without reading the file again; however, if value of "config" flag changes, will read the new config file

func ValidateUnixSocket 

func ValidateUnixSocket(c *cli.Context) (string, error)

ValidateUnixSocket ensures --unix-socket param is used exclusively i.e. it fails if a user specifies both --url and --unix-socket

func ValidateUrl 

func ValidateUrl(c *cli.Context, allowURLFromArgs bool) (*url.URL, error)

ValidateUrl will validate url flag correctness. It can be either from --url or argument Notice ValidateUnixSocket, it will enforce --unix-socket is not used with --url or argument

Types

type AccessConfig 

type AccessConfig struct {
	// Required when set to true will fail every request that does not arrive through an access authenticated endpoint.
	Required bool `yaml:"required" json:"required,omitempty"`

	// TeamName is the organization team name to get the public key certificates for.
	TeamName string `yaml:"teamName" json:"teamName"`

	// AudTag is the AudTag to verify access JWT against.
	AudTag []string `yaml:"audTag" json:"audTag"`
}

type Configuration 

type Configuration struct {
	TunnelID      string `yaml:"tunnel"`
	Ingress       []UnvalidatedIngressRule
	WarpRouting   WarpRoutingConfig   `yaml:"warp-routing"`
	OriginRequest OriginRequestConfig `yaml:"originRequest"`
	// contains filtered or unexported fields
}

func GetConfiguration 

func GetConfiguration() *Configuration

func (*Configuration) Source 

func (c *Configuration) Source() string

type CustomDuration 

type CustomDuration struct {
	time.Duration
}

A CustomDuration is a Duration that has custom serialization for JSON. JSON in Javascript assumes that int fields are 32 bits and Duration fields are deserialized assuming that numbers are in nanoseconds, which in 32bit integers limits to just 2 seconds. This type assumes that when serializing/deserializing from JSON, that the number is in seconds, while it maintains the YAML serde assumptions.

func (CustomDuration) MarshalJSON 

func (s CustomDuration) MarshalJSON() ([]byte, error)

func (*CustomDuration) MarshalYAML 

func (s *CustomDuration) MarshalYAML() (interface{}, error)

func (*CustomDuration) UnmarshalJSON 

func (s *CustomDuration) UnmarshalJSON(data []byte) error

func (*CustomDuration) UnmarshalYAML 

func (s *CustomDuration) UnmarshalYAML(unmarshal func(interface{}) error) error

type DNSResolver 

type DNSResolver struct {
	Enabled                bool     `json:"enabled"`
	Address                string   `json:"address,omitempty"`
	Port                   uint16   `json:"port,omitempty"`
	Upstreams              []string `json:"upstreams,omitempty"`
	Bootstraps             []string `json:"bootstraps,omitempty"`
	MaxUpstreamConnections int      `json:"max_upstream_connections,omitempty"`
}

DNSResolver represents a client side DNS resolver

func (*DNSResolver) AddressOrDefault 

func (r *DNSResolver) AddressOrDefault() string

AddressOrDefault returns the address or returns the default if empty

func (*DNSResolver) BootstrapsOrDefault 

func (r *DNSResolver) BootstrapsOrDefault() []string

BootstrapsOrDefault returns the bootstraps or returns the default if empty

func (*DNSResolver) EnabledOrDefault 

func (r *DNSResolver) EnabledOrDefault() bool

EnabledOrDefault returns the enabled property

func (*DNSResolver) Hash 

func (r *DNSResolver) Hash() string

Hash returns the computed values to see if the forwarder values change

func (*DNSResolver) MaxUpstreamConnectionsOrDefault 

func (r *DNSResolver) MaxUpstreamConnectionsOrDefault() int

MaxUpstreamConnectionsOrDefault return the max upstream connections or returns the default if negative

func (*DNSResolver) PortOrDefault 

func (r *DNSResolver) PortOrDefault() uint16

PortOrDefault return the port or returns the default if 0

func (*DNSResolver) UpstreamsOrDefault 

func (r *DNSResolver) UpstreamsOrDefault() []string

UpstreamsOrDefault returns the upstreams or returns the default if empty

type FileManager 

type FileManager struct {
	ReadConfig func(string, *zerolog.Logger) (Root, error)
	// contains filtered or unexported fields
}

FileManager watches the yaml config for changes sends updates to the service to reconfigure to match the updated config

func NewFileManager 

func NewFileManager(watcher watcher.Notifier, configPath string, log *zerolog.Logger) (*FileManager, error)

NewFileManager creates a config manager

func (*FileManager) GetConfig 

func (m *FileManager) GetConfig() (Root, error)

GetConfig reads the yaml file from the disk

func (*FileManager) Shutdown 

func (m *FileManager) Shutdown()

Shutdown stops the watcher

func (*FileManager) Start 

func (m *FileManager) Start(notifier Notifier) error

Start starts the runloop to watch for config changes

func (*FileManager) WatcherDidError 

func (m *FileManager) WatcherDidError(err error)

WatcherDidError notifies of errors with the file watcher

func (*FileManager) WatcherItemDidChange 

func (m *FileManager) WatcherItemDidChange(filepath string)

WatcherItemDidChange triggers when the yaml config is updated sends the updated config to the service to reload its state

type Forwarder 

type Forwarder struct {
	URL           string `json:"url"`
	Listener      string `json:"listener"`
	TokenClientID string `json:"service_token_id" yaml:"serviceTokenID"`
	TokenSecret   string `json:"secret_token_id" yaml:"serviceTokenSecret"`
	Destination   string `json:"destination"`
}

Forwarder represents a client side listener to forward traffic to the edge

func (*Forwarder) Hash 

func (f *Forwarder) Hash() string

Hash returns the computed values to see if the forwarder values change

type IngressIPRule 

type IngressIPRule struct {
	Prefix *string `yaml:"prefix" json:"prefix"`
	Ports  []int   `yaml:"ports" json:"ports"`
	Allow  bool    `yaml:"allow" json:"allow"`
}

type Manager 

type Manager interface {
	Start(Notifier) error
	Shutdown()
}

Manager is the base functions of the config manager

type Notifier 

type Notifier interface {
	ConfigDidUpdate(Root)
}

Notifier sends out config updates

type OriginRequestConfig 

type OriginRequestConfig struct {
	// HTTP proxy timeout for establishing a new connection
	ConnectTimeout *CustomDuration `yaml:"connectTimeout" json:"connectTimeout,omitempty"`
	// HTTP proxy timeout for completing a TLS handshake
	TLSTimeout *CustomDuration `yaml:"tlsTimeout" json:"tlsTimeout,omitempty"`
	// HTTP proxy TCP keepalive duration
	TCPKeepAlive *CustomDuration `yaml:"tcpKeepAlive" json:"tcpKeepAlive,omitempty"`
	// HTTP proxy should disable "happy eyeballs" for IPv4/v6 fallback
	NoHappyEyeballs *bool `yaml:"noHappyEyeballs" json:"noHappyEyeballs,omitempty"`
	// HTTP proxy maximum keepalive connection pool size
	KeepAliveConnections *int `yaml:"keepAliveConnections" json:"keepAliveConnections,omitempty"`
	// HTTP proxy timeout for closing an idle connection
	KeepAliveTimeout *CustomDuration `yaml:"keepAliveTimeout" json:"keepAliveTimeout,omitempty"`
	// Sets the HTTP Host header for the local webserver.
	HTTPHostHeader *string `yaml:"httpHostHeader" json:"httpHostHeader,omitempty"`
	// Hostname on the origin server certificate.
	OriginServerName *string `yaml:"originServerName" json:"originServerName,omitempty"`
	// Path to the CA for the certificate of your origin.
	// This option should be used only if your certificate is not signed by Cloudflare.
	CAPool *string `yaml:"caPool" json:"caPool,omitempty"`
	// Disables TLS verification of the certificate presented by your origin.
	// Will allow any certificate from the origin to be accepted.
	// Note: The connection from your machine to Cloudflare's Edge is still encrypted.
	NoTLSVerify *bool `yaml:"noTLSVerify" json:"noTLSVerify,omitempty"`
	// Disables chunked transfer encoding.
	// Useful if you are running a WSGI server.
	DisableChunkedEncoding *bool `yaml:"disableChunkedEncoding" json:"disableChunkedEncoding,omitempty"`
	// Runs as jump host
	BastionMode *bool `yaml:"bastionMode" json:"bastionMode,omitempty"`
	// Listen address for the proxy.
	ProxyAddress *string `yaml:"proxyAddress" json:"proxyAddress,omitempty"`
	// Listen port for the proxy.
	ProxyPort *uint `yaml:"proxyPort" json:"proxyPort,omitempty"`
	// Valid options are 'socks' or empty.
	ProxyType *string `yaml:"proxyType" json:"proxyType,omitempty"`
	// IP rules for the proxy service
	IPRules []IngressIPRule `yaml:"ipRules" json:"ipRules,omitempty"`
	// Attempt to connect to origin with HTTP/2
	Http2Origin *bool `yaml:"http2Origin" json:"http2Origin,omitempty"`
	// Access holds all access related configs
	Access *AccessConfig `yaml:"access" json:"access,omitempty"`
}

OriginRequestConfig is a set of optional fields that users may set to customize how cloudflared sends requests to origin services. It is used to set up general config that apply to all rules, and also, specific per-rule config. Note: - To specify a time.Duration in go-yaml, use e.g. "3s" or "24h". - To specify a time.Duration in json, use int64 of the nanoseconds

type Root 

type Root struct {
	LogDirectory string      `json:"log_directory" yaml:"logDirectory,omitempty"`
	LogLevel     string      `json:"log_level" yaml:"logLevel,omitempty"`
	Forwarders   []Forwarder `json:"forwarders,omitempty" yaml:"forwarders,omitempty"`
	Tunnels      []Tunnel    `json:"tunnels,omitempty" yaml:"tunnels,omitempty"`
	Resolver     DNSResolver `json:"resolver,omitempty" yaml:"resolver,omitempty"`
}

Root is the base options to configure the service

type Tunnel 

type Tunnel struct {
	URL          string `json:"url"`
	Origin       string `json:"origin"`
	ProtocolType string `json:"type"`
}

Tunnel represents a tunnel that should be started

type UnvalidatedIngressRule 

type UnvalidatedIngressRule struct {
	Hostname      string              `json:"hostname,omitempty"`
	Path          string              `json:"path,omitempty"`
	Service       string              `json:"service,omitempty"`
	OriginRequest OriginRequestConfig `yaml:"originRequest" json:"originRequest"`
}

type WarpRoutingConfig 

type WarpRoutingConfig struct {
	ConnectTimeout *CustomDuration `yaml:"connectTimeout" json:"connectTimeout,omitempty"`
	TCPKeepAlive   *CustomDuration `yaml:"tcpKeepAlive" json:"tcpKeepAlive,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.