1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
|
// Package config implements configuration structures for Red
// October.
package config
import (
"encoding/json"
"io/ioutil"
)
// Server contains the configuration information required to start a
// redoctober server.
type Server struct {
// Addr contains the host:port that the server should listen
// on.
Addr string `json:"address"`
// CAPath contains the path to the TLS CA for client
// authentication. This is an optional field.
CAPath string `json:"ca_path,omitempty"`
// KeyPaths and CertPaths contains a list of paths to TLS key
// pairs that should be used to secure connections to the
// server. The paths should be comma-separated.
KeyPaths string `json:"private_keys"`
CertPaths string `json:"certificates"`
// Systemd indicates whether systemd socket activation should
// be used instead of a normal port listener.
Systemd bool `json:"use_systemd,omitempty"`
}
// UI contains the configuration information for the WWW API.
type UI struct {
// Root contains the base URL for the UI.
Root string `json:"root"`
// Static is an optional path for overriding the built in HTML
// UI.
Static string `json:"static"`
}
// HipChat contains the settings for Hipchat integration.
type HipChat struct {
Host string `json:"host"`
Room string `json:"room"`
APIKey string `json:"api_key"`
}
// Valid returns true if the HipChat config is ready to be used for
// HipChat notifications.
func (hc *HipChat) Valid() bool {
if hc.APIKey == "" {
return false
}
if hc.Room == "" {
return false
}
if hc.Host == "" {
return false
}
return true
}
// Metrics contains the configuration for the Prometheus metrics
// collector.
type Metrics struct {
Host string `json:"host"`
Port string `json:"port"`
}
// Delegations contains configuration for persisting delegations.
type Delegations struct {
// Persist controls whether delegations are persisted or not.
Persist bool `json:"persist"`
// Policy contains the MSP predicate for delegation
// persistence, and users contains the users allowed
// to delegate.
Policy string `json:"policy"`
Users []string `json:"users"`
// Mechanism specifies the persistence mechanism to use.
Mechanism string `json:"mechanism"`
// Location contains location information for the persistence
// mechanism, such as a file path or database connection
// string.
Location string `json:"location"`
}
// Config contains all the configuration options for a redoctober
// instance.
type Config struct {
Server *Server `json:"server"`
UI *UI `json:"ui"`
HipChat *HipChat `json:"hipchat"`
Metrics *Metrics `json:"metrics"`
Delegations *Delegations `json:"delegations"`
}
// Valid ensures that the config has enough data to start a Red
// October process.
func (c *Config) Valid() bool {
// The RedOctober API relies on TLS for security.
if len(c.Server.CertPaths) == 0 || len(c.Server.KeyPaths) == 0 {
return false
}
// The server needs some address to listen on.
if c.Server.Addr == "" && !c.Server.Systemd {
return false
}
return true
}
// New returns a new, empty config.
func New() *Config {
return &Config{
Server: &Server{},
UI: &UI{},
HipChat: &HipChat{},
Metrics: &Metrics{},
Delegations: &Delegations{},
}
}
// Load reads a JSON-encoded config file from disk.
func Load(path string) (*Config, error) {
cfg := New()
in, err := ioutil.ReadFile(path)
if err != nil {
return nil, err
}
err = json.Unmarshal(in, cfg)
if err != nil {
return nil, err
}
return cfg, nil
}
|
