Final changes to config sub-system (#8600)

- Introduces changes such as certain types of
  errors that can be ignored or which need to 
  go into safe mode.
- Update help text as per the review
This commit is contained in:
Harshavardhana
2019-12-04 15:32:37 -08:00
committed by kannappanr
parent 794eb54da8
commit c9940d8c3f
65 changed files with 605 additions and 1033 deletions
+44 -6
View File
@@ -23,9 +23,17 @@ import (
"io"
"net/http"
"strconv"
"strings"
"github.com/gorilla/mux"
"github.com/minio/minio/cmd/config"
"github.com/minio/minio/cmd/config/cache"
"github.com/minio/minio/cmd/config/etcd"
xldap "github.com/minio/minio/cmd/config/identity/ldap"
"github.com/minio/minio/cmd/config/identity/openid"
"github.com/minio/minio/cmd/config/policy/opa"
"github.com/minio/minio/cmd/config/storageclass"
"github.com/minio/minio/cmd/crypto"
"github.com/minio/minio/cmd/logger"
iampolicy "github.com/minio/minio/pkg/iam/policy"
"github.com/minio/minio/pkg/madmin"
@@ -417,15 +425,45 @@ func (a adminAPIHandlers) GetConfigHandler(w http.ResponseWriter, r *http.Reques
return
}
var buf = &bytes.Buffer{}
cw := config.NewConfigWriteTo(cfg, "")
if _, err = cw.WriteTo(buf); err != nil {
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return
var s strings.Builder
hkvs := config.HelpSubSysMap[""]
for _, hkv := range hkvs {
v := cfg[hkv.Key]
for target, kv := range v {
off := kv.Get(config.Enable) == config.EnableOff
switch hkv.Key {
case config.EtcdSubSys:
off = !etcd.Enabled(kv)
case config.CacheSubSys:
off = !cache.Enabled(kv)
case config.StorageClassSubSys:
off = !storageclass.Enabled(kv)
case config.KmsVaultSubSys:
off = !crypto.Enabled(kv)
case config.PolicyOPASubSys:
off = !opa.Enabled(kv)
case config.IdentityOpenIDSubSys:
off = !openid.Enabled(kv)
case config.IdentityLDAPSubSys:
off = !xldap.Enabled(kv)
}
if off {
s.WriteString(config.KvComment)
s.WriteString(config.KvSpaceSeparator)
}
s.WriteString(hkv.Key)
if target != config.Default {
s.WriteString(config.SubSystemSeparator)
s.WriteString(target)
}
s.WriteString(config.KvSpaceSeparator)
s.WriteString(kv.String())
s.WriteString(config.KvNewline)
}
}
password := globalActiveCred.SecretKey
econfigData, err := madmin.EncryptData(password, buf.Bytes())
econfigData, err := madmin.EncryptData(password, []byte(s.String()))
if err != nil {
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return
+2 -2
View File
@@ -158,7 +158,7 @@ func handleCommonCmdArgs(ctx *cli.Context) {
func handleCommonEnvVars() {
var err error
globalBrowserEnabled, err = config.ParseBool(env.Get(config.EnvBrowser, config.StateOn))
globalBrowserEnabled, err = config.ParseBool(env.Get(config.EnvBrowser, config.EnableOn))
if err != nil {
logger.Fatal(config.ErrInvalidBrowserValue(err), "Invalid MINIO_BROWSER value in environment variable")
}
@@ -202,7 +202,7 @@ func handleCommonEnvVars() {
// In place update is true by default if the MINIO_UPDATE is not set
// or is not set to 'off', if MINIO_UPDATE is set to 'off' then
// in-place update is off.
globalInplaceUpdateDisabled = strings.EqualFold(env.Get(config.EnvUpdate, config.StateOn), config.StateOff)
globalInplaceUpdateDisabled = strings.EqualFold(env.Get(config.EnvUpdate, config.EnableOn), config.EnableOff)
if env.IsSet(config.EnvAccessKey) || env.IsSet(config.EnvSecretKey) {
cred, err := auth.CreateCredentials(env.Get(config.EnvAccessKey, ""), env.Get(config.EnvSecretKey, ""))
+67 -48
View File
@@ -18,6 +18,7 @@ package cmd
import (
"context"
"fmt"
"strings"
"sync"
@@ -39,12 +40,11 @@ import (
"github.com/minio/minio/pkg/env"
)
func init() {
func initHelp() {
var kvs = map[string]config.KVS{
config.EtcdSubSys: etcd.DefaultKVS,
config.CacheSubSys: cache.DefaultKVS,
config.CompressionSubSys: compress.DefaultKVS,
config.StorageClassSubSys: storageclass.DefaultKVS,
config.IdentityLDAPSubSys: xldap.DefaultKVS,
config.IdentityOpenIDSubSys: openid.DefaultKVS,
config.PolicyOPASubSys: opa.DefaultKVS,
@@ -57,115 +57,123 @@ func init() {
for k, v := range notify.DefaultNotificationKVS {
kvs[k] = v
}
if globalIsXL {
kvs[config.StorageClassSubSys] = storageclass.DefaultKVS
}
config.RegisterDefaultKVS(kvs)
// Captures help for each sub-system
var helpSubSys = config.HelpKVS{
config.HelpKV{
Key: config.RegionSubSys,
Description: "Configure to describe the physical location of the server",
},
config.HelpKV{
Key: config.StorageClassSubSys,
Description: "Configure to control data and parity per object",
Description: "label the location of the server",
},
config.HelpKV{
Key: config.CacheSubSys,
Description: "Configure to enable edge caching",
Description: "add caching storage tier",
},
config.HelpKV{
Key: config.CompressionSubSys,
Description: "Configure to enable streaming on disk compression",
Description: "enable server side compression of objects",
},
config.HelpKV{
Key: config.EtcdSubSys,
Description: "Configure to enable 'etcd' configuration",
Description: "federate multiple clusters for IAM and Bucket DNS",
},
config.HelpKV{
Key: config.IdentityOpenIDSubSys,
Description: "Configure to enable OpenID SSO support",
Description: "enable OpenID SSO support",
},
config.HelpKV{
Key: config.IdentityLDAPSubSys,
Description: "Configure to enable LDAP SSO support",
Description: "enable LDAP SSO support",
},
config.HelpKV{
Key: config.PolicyOPASubSys,
Description: "Configure to enable external OPA policy support",
Description: "enable external OPA for policy enforcement",
},
config.HelpKV{
Key: config.KmsVaultSubSys,
Description: "Configure to enable Vault based external KMS",
Description: "enable external HashiCorp Vault for KMS",
},
config.HelpKV{
Key: config.LoggerWebhookSubSys,
Description: "Configure to enable Webhook based logger",
Description: "send server logs to webhook endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.AuditWebhookSubSys,
Description: "Configure to enable Webhook based audit logger",
Description: "send audit logs to webhook endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyWebhookSubSys,
Description: "Configure to publish events to Webhook target",
Description: "publish bucket notifications to webhook endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyAMQPSubSys,
Description: "Configure to publish events to AMQP target",
Description: "publish bucket notifications to AMQP endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyKafkaSubSys,
Description: "Configure to publish events to Kafka target",
Description: "publish bucket notifications to Kafka endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyMQTTSubSys,
Description: "Configure to publish events to MQTT target",
Description: "publish bucket notifications to MQTT endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyNATSSubSys,
Description: "Configure to publish events to NATS target",
Description: "publish bucket notifications to NATS endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyNSQSubSys,
Description: "Configure to publish events to NSQ target",
Description: "publish bucket notifications to NSQ endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyMySQLSubSys,
Description: "Configure to publish events to MySQL target",
Description: "publish bucket notifications to MySQL endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyPostgresSubSys,
Description: "Configure to publish events to Postgres target",
Description: "publish bucket notifications to Postgres endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyRedisSubSys,
Description: "Configure to publish events to Redis target",
Description: "publish bucket notifications to Redis endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyESSubSys,
Description: "Configure to publish events to Elasticsearch target",
Description: "publish bucket notifications to Elasticsearch endpoints",
MultipleTargets: true,
},
}
if globalIsXL {
helpSubSys = append(helpSubSys, config.HelpKV{})
copy(helpSubSys[2:], helpSubSys[1:])
helpSubSys[1] = config.HelpKV{
Key: config.StorageClassSubSys,
Description: "define object level redundancy",
}
}
var helpMap = map[string]config.HelpKVS{
"": helpSubSys, // Help for all sub-systems.
config.RegionSubSys: config.RegionHelp,
config.StorageClassSubSys: storageclass.Help,
config.EtcdSubSys: etcd.Help,
config.CacheSubSys: cache.Help,
config.CompressionSubSys: compress.Help,
config.StorageClassSubSys: storageclass.Help,
config.IdentityOpenIDSubSys: openid.Help,
config.IdentityLDAPSubSys: xldap.Help,
config.PolicyOPASubSys: opa.Help,
@@ -249,6 +257,9 @@ func validateConfig(s config.Config) error {
if _, err = crypto.NewKMS(kmsCfg); err != nil {
return err
}
// Disable merging env values for the rest.
env.SetEnvOff()
}
}
@@ -279,18 +290,18 @@ func lookupConfigs(s config.Config) (err error) {
// Env doesn't seem to be set, we fallback to lookup creds from the config.
globalActiveCred, err = config.LookupCreds(s[config.CredentialsSubSys][config.Default])
if err != nil {
return config.Errorf("Invalid credentials configuration: %s", err)
return fmt.Errorf("Invalid credentials configuration: %w", err)
}
}
etcdCfg, err := xetcd.LookupConfig(s[config.EtcdSubSys][config.Default], globalRootCAs)
if err != nil {
return config.Errorf("Unable to initialize etcd config: %s", err)
return fmt.Errorf("Unable to initialize etcd config: %w", err)
}
globalEtcdClient, err = xetcd.New(etcdCfg)
if err != nil {
return config.Errorf("Unable to initialize etcd config: %s", err)
return fmt.Errorf("Unable to initialize etcd config: %w", err)
}
if len(globalDomainNames) != 0 && !globalDomainIPs.IsEmpty() && globalEtcdClient != nil {
@@ -301,51 +312,51 @@ func lookupConfigs(s config.Config) (err error) {
dns.CoreDNSPath(etcdCfg.CoreDNSPath),
)
if err != nil {
return config.Errorf("Unable to initialize DNS config for %s: %s", globalDomainNames, err)
return config.Errorf(config.SafeModeKind,
"Unable to initialize DNS config for %s: %s", globalDomainNames, err)
}
}
globalServerRegion, err = config.LookupRegion(s[config.RegionSubSys][config.Default])
if err != nil {
return config.Errorf("Invalid region configuration: %s", err)
return fmt.Errorf("Invalid region configuration: %w", err)
}
globalWORMEnabled, err = config.LookupWorm()
if err != nil {
return config.Errorf("Invalid worm configuration: %s", err)
return fmt.Errorf("Invalid worm configuration: %w", err)
}
if globalIsXL {
globalStorageClass, err = storageclass.LookupConfig(s[config.StorageClassSubSys][config.Default],
globalXLSetDriveCount)
if err != nil {
return config.Errorf("Unable to initialize storage class config: %s", err)
return fmt.Errorf("Unable to initialize storage class config: %w", err)
}
}
globalCacheConfig, err = cache.LookupConfig(s[config.CacheSubSys][config.Default])
if err != nil {
return config.Errorf("Unable to setup cache: %s", err)
return fmt.Errorf("Unable to setup cache: %w", err)
}
if globalCacheConfig.Enabled {
if cacheEncKey := env.Get(cache.EnvCacheEncryptionMasterKey, ""); cacheEncKey != "" {
globalCacheKMS, err = crypto.ParseMasterKey(cacheEncKey)
if err != nil {
return config.Errorf("Unable to setup encryption cache: %s", err)
return fmt.Errorf("Unable to setup encryption cache: %w", err)
}
}
}
kmsCfg, err := crypto.LookupConfig(s[config.KmsVaultSubSys][config.Default])
if err != nil {
return config.Errorf("Unable to setup KMS config: %s", err)
return fmt.Errorf("Unable to setup KMS config: %w", err)
}
GlobalKMS, err = crypto.NewKMS(kmsCfg)
if err != nil {
return config.Errorf("Unable to setup KMS with current KMS config: %s", err)
return fmt.Errorf("Unable to setup KMS with current KMS config: %w", err)
}
// Enable auto-encryption if enabled
@@ -353,19 +364,19 @@ func lookupConfigs(s config.Config) (err error) {
globalCompressConfig, err = compress.LookupConfig(s[config.CompressionSubSys][config.Default])
if err != nil {
return config.Errorf("Unable to setup Compression: %s", err)
return fmt.Errorf("Unable to setup Compression: %w", err)
}
globalOpenIDConfig, err = openid.LookupConfig(s[config.IdentityOpenIDSubSys][config.Default],
NewCustomHTTPTransport(), xhttp.DrainBody)
if err != nil {
return config.Errorf("Unable to initialize OpenID: %s", err)
return fmt.Errorf("Unable to initialize OpenID: %w", err)
}
opaCfg, err := opa.LookupConfig(s[config.PolicyOPASubSys][config.Default],
NewCustomHTTPTransport(), xhttp.DrainBody)
if err != nil {
return config.Errorf("Unable to initialize OPA: %s", err)
return fmt.Errorf("Unable to initialize OPA: %w", err)
}
globalOpenIDValidators = getOpenIDValidators(globalOpenIDConfig)
@@ -374,7 +385,7 @@ func lookupConfigs(s config.Config) (err error) {
globalLDAPConfig, err = xldap.Lookup(s[config.IdentityLDAPSubSys][config.Default],
globalRootCAs)
if err != nil {
return config.Errorf("Unable to parse LDAP configuration: %s", err)
return fmt.Errorf("Unable to parse LDAP configuration: %w", err)
}
// Load logger targets based on user's configuration
@@ -382,7 +393,7 @@ func lookupConfigs(s config.Config) (err error) {
loggerCfg, err := logger.LookupConfig(s)
if err != nil {
return config.Errorf("Unable to initialize logger: %s", err)
return fmt.Errorf("Unable to initialize logger: %w", err)
}
for _, l := range loggerCfg.HTTP {
@@ -420,24 +431,32 @@ func GetHelp(subSys, key string, envOnly bool) (Help, error) {
}
subSystemValue := strings.SplitN(subSys, config.SubSystemSeparator, 2)
if len(subSystemValue) == 0 {
return Help{}, config.Errorf("invalid number of arguments %s", subSys)
return Help{}, config.Errorf(
config.SafeModeKind,
"invalid number of arguments %s", subSys)
}
subSys = subSystemValue[0]
subSysHelp, ok := config.HelpSubSysMap[""].Lookup(subSys)
if !ok {
return Help{}, config.Errorf("unknown sub-system %s", subSys)
return Help{}, config.Errorf(
config.SafeModeKind,
"unknown sub-system %s", subSys)
}
h, ok := config.HelpSubSysMap[subSys]
if !ok {
return Help{}, config.Errorf("unknown sub-system %s", subSys)
return Help{}, config.Errorf(
config.SafeModeKind,
"unknown sub-system %s", subSys)
}
if key != "" {
value, ok := h.Lookup(key)
if !ok {
return Help{}, config.Errorf("unknown key %s for sub-system %s", key, subSys)
return Help{}, config.Errorf(
config.SafeModeKind,
"unknown key %s for sub-system %s", key, subSys)
}
h = config.HelpKVS{value}
}
+10 -10
View File
@@ -23,30 +23,30 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: Drives,
Description: `List of mounted drives or directories delimited by ","`,
Type: "csv",
},
config.HelpKV{
Key: Exclude,
Description: `List of wildcard based cache exclusion patterns delimited by ","`,
Optional: true,
Description: `comma separated mountpoints e.g. "/optane1,/optane2"`,
Type: "csv",
},
config.HelpKV{
Key: Expiry,
Description: `Cache expiry duration in days. eg: "90"`,
Description: `cache expiry duration in days e.g. "90"`,
Optional: true,
Type: "number",
},
config.HelpKV{
Key: Quota,
Description: `Maximum permitted usage of the cache in percentage (0-100)`,
Description: `limit cache drive usage in percentage e.g. "90"`,
Optional: true,
Type: "number",
},
config.HelpKV{
Key: Exclude,
Description: `comma separated wildcard exclusion patterns e.g. "bucket/*.tmp,*.exe"`,
Optional: true,
Type: "csv",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the 'cache' settings",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
-4
View File
@@ -34,10 +34,6 @@ func SetCacheConfig(s config.Config, cfg Config) {
return
}
s[config.CacheSubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
},
config.KV{
Key: Drives,
Value: strings.Join(cfg.Drives, cacheDelimiter),
+7 -27
View File
@@ -32,7 +32,6 @@ const (
MaxUse = "maxuse"
Quota = "quota"
EnvCacheState = "MINIO_CACHE_STATE"
EnvCacheDrives = "MINIO_CACHE_DRIVES"
EnvCacheExclude = "MINIO_CACHE_EXCLUDE"
EnvCacheExpiry = "MINIO_CACHE_EXPIRY"
@@ -47,10 +46,6 @@ const (
// DefaultKVS - default KV settings for caching.
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: Drives,
Value: "",
@@ -74,6 +69,12 @@ const (
cacheDelimiter = ","
)
// Enabled returns if cache is enabled.
func Enabled(kvs config.KVS) bool {
drives := kvs.Get(Drives)
return drives != ""
}
// LookupConfig - extracts cache configuration provided by environment
// variables and merge them with provided CacheConfiguration.
func LookupConfig(kvs config.KVS) (Config, error) {
@@ -84,28 +85,7 @@ func LookupConfig(kvs config.KVS) (Config, error) {
}
drives := env.Get(EnvCacheDrives, kvs.Get(Drives))
if len(drives) > 0 {
// Drives is not-empty means user wishes to enable this explicitly, but
// check if ENV is set to false to disable caching.
stateBool, err := config.ParseBool(env.Get(EnvCacheState, config.StateOn))
if err != nil {
return cfg, err
}
if !stateBool {
return cfg, nil
}
} else {
// Check if cache is explicitly disabled
stateBool, err := config.ParseBool(env.Get(EnvCacheState, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return cfg, nil
}
return cfg, err
}
if stateBool {
return cfg, config.Error("'drives' key cannot be empty to enable caching")
}
if len(drives) == 0 {
return cfg, nil
}
+4 -4
View File
@@ -36,7 +36,7 @@ const (
Extensions = "extensions"
MimeTypes = "mime_types"
EnvCompressState = "MINIO_COMPRESS_STATE"
EnvCompressState = "MINIO_COMPRESS_ENABLE"
EnvCompressExtensions = "MINIO_COMPRESS_EXTENSIONS"
EnvCompressMimeTypes = "MINIO_COMPRESS_MIME_TYPES"
@@ -49,8 +49,8 @@ const (
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: Extensions,
@@ -87,7 +87,7 @@ func LookupConfig(kvs config.KVS) (Config, error) {
compress := env.Get(EnvCompress, "")
if compress == "" {
compress = env.Get(EnvCompressState, kvs.Get(config.State))
compress = env.Get(EnvCompressState, kvs.Get(config.Enable))
}
cfg.Enabled, err = config.ParseBool(compress)
if err != nil {
+3 -3
View File
@@ -23,19 +23,19 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: Extensions,
Description: `Comma separated file extensions to compress eg: ".txt,.log,.csv"`,
Description: `comma separated file extensions e.g. ".txt,.log,.csv"`,
Optional: true,
Type: "csv",
},
config.HelpKV{
Key: MimeTypes,
Description: `Comma separate wildcard mime-types to compress eg: "text/*,application/json,application/xml"`,
Description: `comma separated wildcard mime-types e.g. "text/*,application/json,application/xml"`,
Optional: true,
Type: "csv",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the compression setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
+2 -2
View File
@@ -36,8 +36,8 @@ func SetCompressionConfig(s config.Config, cfg Config) {
}
s[config.CompressionSubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: Extensions,
+91 -74
View File
@@ -31,27 +31,39 @@ import (
)
// Error config error type
type Error string
type Error struct {
Kind ErrorKind
Err string
}
// ErrorKind config error kind
type ErrorKind int8
// Various error kinds.
const (
ContinueKind ErrorKind = iota + 1
SafeModeKind
)
// Errorf - formats according to a format specifier and returns
// the string as a value that satisfies error of type config.Error
func Errorf(format string, a ...interface{}) error {
return Error(fmt.Sprintf(format, a...))
func Errorf(errKind ErrorKind, format string, a ...interface{}) error {
return Error{Kind: errKind, Err: fmt.Sprintf(format, a...)}
}
func (e Error) Error() string {
return string(e)
return e.Err
}
// Default keys
const (
Default = madmin.Default
State = madmin.StateKey
Enable = madmin.EnableKey
Comment = madmin.CommentKey
// State values
StateOn = madmin.StateOn
StateOff = madmin.StateOff
// Enable values
EnableOn = madmin.EnableOn
EnableOff = madmin.EnableOff
RegionName = "name"
AccessKey = "access_key"
@@ -67,7 +79,7 @@ const (
CacheSubSys = "cache"
RegionSubSys = "region"
EtcdSubSys = "etcd"
StorageClassSubSys = "storageclass"
StorageClassSubSys = "storage_class"
CompressionSubSys = "compression"
KmsVaultSubSys = "kms_vault"
LoggerWebhookSubSys = "logger_webhook"
@@ -195,19 +207,41 @@ func (kvs KVS) String() string {
var s strings.Builder
for _, kv := range kvs {
// Do not need to print if state is on
if kv.Key == State && kv.Value == StateOn {
if kv.Key == Enable && kv.Value == EnableOn {
continue
}
s.WriteString(kv.Key)
s.WriteString(KvSeparator)
s.WriteString(KvDoubleQuote)
spc := madmin.HasSpace(kv.Value)
if spc {
s.WriteString(KvDoubleQuote)
}
s.WriteString(kv.Value)
s.WriteString(KvDoubleQuote)
if spc {
s.WriteString(KvDoubleQuote)
}
s.WriteString(KvSpaceSeparator)
}
return s.String()
}
// Set sets a value, if not sets a default value.
func (kvs *KVS) Set(key, value string) {
for i, kv := range *kvs {
if kv.Key == key {
(*kvs)[i] = KV{
Key: key,
Value: value,
}
return
}
}
*kvs = append(*kvs, KV{
Key: key,
Value: value,
})
}
// Get - returns the value of a key, if not found returns empty.
func (kvs KVS) Get(key string) string {
v, ok := kvs.Lookup(key)
@@ -230,25 +264,6 @@ func (kvs KVS) Lookup(key string) (string, bool) {
// Config - MinIO server config structure.
type Config map[string]map[string]KVS
func (c Config) String() string {
var s strings.Builder
hkvs := HelpSubSysMap[""]
for _, hkv := range hkvs {
v := c[hkv.Key]
for target, kv := range v {
s.WriteString(hkv.Key)
if target != Default {
s.WriteString(SubSystemSeparator)
s.WriteString(target)
}
s.WriteString(KvSpaceSeparator)
s.WriteString(kv.String())
s.WriteString(KvNewline)
}
}
return s.String()
}
// DelFrom - deletes all keys in the input reader.
func (c Config) DelFrom(r io.Reader) error {
scanner := bufio.NewScanner(r)
@@ -303,10 +318,6 @@ func NewConfigWriteTo(cfg Config, key string) io.WriterTo {
// WriteTo - implements io.WriterTo interface implementation for config.
func (c *configWriteTo) WriteTo(w io.Writer) (int64, error) {
if c.filterByKey == "" {
n, err := w.Write([]byte(c.String()))
return int64(n), err
}
kvs, err := c.GetKVS(c.filterByKey, DefaultKVS)
if err != nil {
return 0, err
@@ -329,10 +340,6 @@ func (c *configWriteTo) WriteTo(w io.Writer) (int64, error) {
// Default KV configs for worm and region
var (
DefaultCredentialKVS = KVS{
KV{
Key: State,
Value: StateOff,
},
KV{
Key: AccessKey,
Value: auth.DefaultAccessKey,
@@ -344,10 +351,6 @@ var (
}
DefaultRegionKVS = KVS{
KV{
Key: State,
Value: StateOff,
},
KV{
Key: RegionName,
Value: "",
@@ -384,7 +387,8 @@ func LookupRegion(kv KVS) (string, error) {
if validRegionRegex.MatchString(region) {
return region, nil
}
return "", Errorf("region '%s' is invalid, expected simple characters such as [us-east-1, myregion...]",
return "", Errorf(SafeModeKind,
"region '%s' is invalid, expected simple characters such as [us-east-1, myregion...]",
region)
}
return "", nil
@@ -400,14 +404,16 @@ func CheckValidKeys(subSys string, kv KVS, validKVS KVS) error {
}
}
if len(nkv) > 0 {
return Errorf("found invalid keys (%s) for '%s' sub-system", nkv.String(), subSys)
return Errorf(
ContinueKind,
"found invalid keys (%s) for '%s' sub-system, use 'mc admin config reset myminio %s' to fix invalid keys", nkv.String(), subSys, subSys)
}
return nil
}
// LookupWorm - check if worm is enabled
func LookupWorm() (bool, error) {
return ParseBool(env.Get(EnvWorm, StateOff))
return ParseBool(env.Get(EnvWorm, EnableOff))
}
// New - initialize a new server config.
@@ -423,15 +429,15 @@ func New() Config {
// GetKVS - get kvs from specific subsystem.
func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, error) {
if len(s) == 0 {
return nil, Error("input cannot be empty")
return nil, Errorf(SafeModeKind, "input cannot be empty")
}
inputs := strings.Fields(s)
if len(inputs) > 1 {
return nil, Errorf("invalid number of arguments %s", s)
return nil, Errorf(SafeModeKind, "invalid number of arguments %s", s)
}
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
if len(subSystemValue) == 0 {
return nil, Errorf("invalid number of arguments %s", s)
return nil, Errorf(SafeModeKind, "invalid number of arguments %s", s)
}
found := SubSystems.Contains(subSystemValue[0])
if !found {
@@ -440,7 +446,7 @@ func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, err
found = !SubSystems.FuncMatch(strings.HasPrefix, subSystemValue[0]).IsEmpty() && len(subSystemValue) == 1
}
if !found {
return nil, Errorf("unknown sub-system %s", s)
return nil, Errorf(SafeModeKind, "unknown sub-system %s", s)
}
kvs := make(map[string]KVS)
@@ -448,11 +454,11 @@ func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, err
subSysPrefix := subSystemValue[0]
if len(subSystemValue) == 2 {
if len(subSystemValue[1]) == 0 {
return nil, Errorf("sub-system target '%s' cannot be empty", s)
return nil, Errorf(SafeModeKind, "sub-system target '%s' cannot be empty", s)
}
kvs[inputs[0]], ok = c[subSysPrefix][subSystemValue[1]]
if !ok {
return nil, Errorf("sub-system target '%s' doesn't exist", s)
return nil, Errorf(SafeModeKind, "sub-system target '%s' doesn't exist", s)
}
} else {
for subSys, subSysTgts := range c {
@@ -478,30 +484,32 @@ func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, err
// DelKVS - delete a specific key.
func (c Config) DelKVS(s string) error {
if len(s) == 0 {
return Error("input arguments cannot be empty")
return Errorf(SafeModeKind, "input arguments cannot be empty")
}
inputs := strings.Fields(s)
if len(inputs) > 1 {
return Errorf("invalid number of arguments %s", s)
return Errorf(SafeModeKind, "invalid number of arguments %s", s)
}
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
if len(subSystemValue) == 0 {
return Errorf("invalid number of arguments %s", s)
return Errorf(SafeModeKind, "invalid number of arguments %s", s)
}
if !SubSystems.Contains(subSystemValue[0]) {
return Errorf("unknown sub-system %s", s)
// Unknown sub-system found try to remove it anyways.
delete(c, subSystemValue[0])
return nil
}
tgt := Default
subSys := subSystemValue[0]
if len(subSystemValue) == 2 {
if len(subSystemValue[1]) == 0 {
return Errorf("sub-system target '%s' cannot be empty", s)
return Errorf(SafeModeKind, "sub-system target '%s' cannot be empty", s)
}
tgt = subSystemValue[1]
}
_, ok := c[subSys][tgt]
if !ok {
return Errorf("sub-system %s already deleted", s)
return Errorf(SafeModeKind, "sub-system %s already deleted", s)
}
delete(c[subSys], tgt)
return nil
@@ -522,23 +530,23 @@ func (c Config) Clone() Config {
// SetKVS - set specific key values per sub-system.
func (c Config) SetKVS(s string, defaultKVS map[string]KVS) error {
if len(s) == 0 {
return Error("input arguments cannot be empty")
return Errorf(SafeModeKind, "input arguments cannot be empty")
}
inputs := strings.SplitN(s, KvSpaceSeparator, 2)
if len(inputs) <= 1 {
return Errorf("invalid number of arguments '%s'", s)
return Errorf(SafeModeKind, "invalid number of arguments '%s'", s)
}
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
if len(subSystemValue) == 0 {
return Errorf("invalid number of arguments %s", s)
return Errorf(SafeModeKind, "invalid number of arguments %s", s)
}
if !SubSystems.Contains(subSystemValue[0]) {
return Errorf("unknown sub-system %s", s)
return Errorf(SafeModeKind, "unknown sub-system %s", s)
}
if SubSystemsSingleTargets.Contains(subSystemValue[0]) && len(subSystemValue) == 2 {
return Errorf("sub-system '%s' only supports single target", subSystemValue[0])
return Errorf(SafeModeKind, "sub-system '%s' only supports single target", subSystemValue[0])
}
var kvs = KVS{}
@@ -559,7 +567,7 @@ func (c Config) SetKVS(s string, defaultKVS map[string]KVS) error {
continue
}
if len(kv) == 1 {
return Errorf("key '%s', cannot have empty value", kv[0])
return Errorf(SafeModeKind, "key '%s', cannot have empty value", kv[0])
}
prevK = kv[0]
kvs = append(kvs, KV{
@@ -574,21 +582,30 @@ func (c Config) SetKVS(s string, defaultKVS map[string]KVS) error {
tgt = subSystemValue[1]
}
// Save client sent kvs
c[subSys][tgt] = kvs
_, ok := c[subSys][tgt].Lookup(State)
if !ok {
_, ok := kvs.Lookup(Enable)
// Check if state is required
_, defaultOk := defaultKVS[subSys].Lookup(Enable)
if !ok && defaultOk {
// implicit state "on" if not specified.
c[subSys][tgt] = append(c[subSys][tgt], KV{
Key: State,
Value: StateOn,
kvs = append(kvs, KV{
Key: Enable,
Value: EnableOn,
})
}
for _, kv := range defaultKVS[subSys] {
_, ok := c[subSys][tgt].Lookup(kv.Key)
currKVS := c[subSys][tgt]
for _, kv := range kvs {
currKVS.Set(kv.Key, kv.Value)
}
for _, defaultKV := range defaultKVS[subSys] {
_, ok := c[subSys][tgt].Lookup(defaultKV.Key)
if !ok {
c[subSys][tgt] = append(c[subSys][tgt], kv)
currKVS.Set(defaultKV.Key, defaultKV.Value)
}
}
copy(c[subSys][tgt], currKVS)
return nil
}
+7 -66
View File
@@ -19,7 +19,6 @@ package etcd
import (
"crypto/tls"
"crypto/x509"
"fmt"
"strings"
"time"
@@ -44,7 +43,6 @@ const (
ClientCert = "client_cert"
ClientCertKey = "client_cert_key"
EnvEtcdState = "MINIO_ETCD_STATE"
EnvEtcdEndpoints = "MINIO_ETCD_ENDPOINTS"
EnvEtcdPathPrefix = "MINIO_ETCD_PATH_PREFIX"
EnvEtcdCoreDNSPath = "MINIO_ETCD_COREDNS_PATH"
@@ -55,10 +53,6 @@ const (
// DefaultKVS - default KV settings for etcd.
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: Endpoints,
Value: "",
@@ -115,7 +109,8 @@ func parseEndpoints(endpoints string) ([]string, bool, error) {
return nil, false, err
}
if etcdSecure && u.Scheme == "http" {
return nil, false, fmt.Errorf("all endpoints should be https or http: %s", endpoint)
return nil, false, config.Errorf(config.SafeModeKind,
"all endpoints should be https or http: %s", endpoint)
}
// If one of the endpoint is https, we will use https directly.
etcdSecure = etcdSecure || u.Scheme == "https"
@@ -124,39 +119,10 @@ func parseEndpoints(endpoints string) ([]string, bool, error) {
return etcdEndpoints, etcdSecure, nil
}
func lookupLegacyConfig(rootCAs *x509.CertPool) (Config, error) {
cfg := Config{}
endpoints := env.Get(EnvEtcdEndpoints, "")
if endpoints == "" {
return cfg, nil
}
etcdEndpoints, etcdSecure, err := parseEndpoints(endpoints)
if err != nil {
return cfg, err
}
cfg.Enabled = true
cfg.DialTimeout = defaultDialTimeout
cfg.DialKeepAliveTime = defaultDialKeepAlive
cfg.Endpoints = etcdEndpoints
cfg.CoreDNSPath = env.Get(EnvEtcdCoreDNSPath, "/skydns")
// Default path prefix for all keys on etcd, other than CoreDNSPath.
cfg.PathPrefix = env.Get(EnvEtcdPathPrefix, "")
if etcdSecure {
cfg.TLS = &tls.Config{
RootCAs: rootCAs,
}
// This is only to support client side certificate authentication
// https://coreos.com/etcd/docs/latest/op-guide/security.html
etcdClientCertFile := env.Get(EnvEtcdClientCert, "")
etcdClientCertKey := env.Get(EnvEtcdClientCertKey, "")
if etcdClientCertFile != "" && etcdClientCertKey != "" {
cfg.TLS.GetClientCertificate = func(unused *tls.CertificateRequestInfo) (*tls.Certificate, error) {
cert, err := tls.LoadX509KeyPair(etcdClientCertFile, etcdClientCertKey)
return &cert, err
}
}
}
return cfg, nil
// Enabled returns if etcd is enabled.
func Enabled(kvs config.KVS) bool {
endpoints := kvs.Get(Endpoints)
return endpoints != ""
}
// LookupConfig - Initialize new etcd config.
@@ -166,34 +132,9 @@ func LookupConfig(kvs config.KVS, rootCAs *x509.CertPool) (Config, error) {
return cfg, err
}
if env.Get(EnvEtcdEndpoints, "") != "" && env.Get(EnvEtcdState, "") == "" {
// By default state is 'on' to honor legacy config.
var err error
cfg, err = lookupLegacyConfig(rootCAs)
if err != nil {
return cfg, err
}
// If old legacy config is enabled honor it.
if cfg.Enabled {
return cfg, nil
}
}
stateBool, err := config.ParseBool(env.Get(EnvEtcdState, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return cfg, nil
}
return cfg, err
}
if !stateBool {
return cfg, nil
}
endpoints := env.Get(EnvEtcdEndpoints, kvs.Get(Endpoints))
if endpoints == "" {
return cfg, config.Error("'endpoints' key cannot be empty to enable etcd")
return cfg, nil
}
etcdEndpoints, etcdSecure, err := parseEndpoints(endpoints)
+7 -6
View File
@@ -23,35 +23,36 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: Endpoints,
Description: `Comma separated list of etcd endpoints eg: "http://localhost:2379"`,
Description: `comma separated list of etcd endpoints e.g. "http://localhost:2379"`,
Type: "csv",
},
config.HelpKV{
Key: PathPrefix,
Description: `Default etcd path prefix to populate all IAM assets eg: "customer/"`,
Description: `default etcd path prefix to populate all IAM assets eg: "customer/"`,
Optional: true,
Type: "path",
},
config.HelpKV{
Key: CoreDNSPath,
Description: `Default etcd path location to populate bucket DNS srv records eg: "/skydns"`,
Description: `default etcd path location to populate bucket DNS srv records eg: "/skydns"`,
Optional: true,
Type: "path",
},
config.HelpKV{
Key: ClientCert,
Description: `Etcd client cert for mTLS authentication`,
Description: `client cert for mTLS authentication`,
Optional: true,
Type: "path",
},
config.HelpKV{
Key: ClientCertKey,
Description: `Etcd client cert key for mTLS authentication`,
Description: `client cert key for mTLS authentication`,
Optional: true,
Type: "path",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the etcd settings",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
+5 -2
View File
@@ -41,19 +41,22 @@ func (hkvs HelpKVS) Lookup(key string) (HelpKV, bool) {
return HelpKV{}, false
}
// DefaultComment used across all sub-systems.
const DefaultComment = "optionally add a comment to this setting"
// Region and Worm help is documented in default config
var (
RegionHelp = HelpKVS{
HelpKV{
Key: RegionName,
Type: "string",
Description: `Region name of this deployment, eg: "us-west-2"`,
Description: `name of the location of the server e.g. "us-west-rack2"`,
Optional: true,
},
HelpKV{
Key: Comment,
Type: "sentence",
Description: "A comment to describe the region setting",
Description: DefaultComment,
Optional: true,
},
}
+6 -18
View File
@@ -65,7 +65,6 @@ const (
GroupSearchBaseDN = "group_search_base_dn"
TLSSkipVerify = "tls_skip_verify"
EnvLDAPState = "MINIO_IDENTITY_LDAP_STATE"
EnvServerAddr = "MINIO_IDENTITY_LDAP_SERVER_ADDR"
EnvSTSExpiry = "MINIO_IDENTITY_LDAP_STS_EXPIRY"
EnvTLSSkipVerify = "MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY"
@@ -78,10 +77,6 @@ const (
// DefaultKVS - default config for LDAP config
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: ServerAddr,
Value: "",
@@ -108,7 +103,7 @@ var (
},
config.KV{
Key: TLSSkipVerify,
Value: config.StateOff,
Value: config.EnableOff,
},
}
)
@@ -130,25 +125,18 @@ func (l Config) GetExpiryDuration() time.Duration {
return l.stsExpiryDuration
}
// Enabled returns if jwks is enabled.
func Enabled(kvs config.KVS) bool {
return kvs.Get(ServerAddr) != ""
}
// Lookup - initializes LDAP config, overrides config, if any ENV values are set.
func Lookup(kvs config.KVS, rootCAs *x509.CertPool) (l Config, err error) {
l = Config{}
if err = config.CheckValidKeys(config.IdentityLDAPSubSys, kvs, DefaultKVS); err != nil {
return l, err
}
stateBool, err := config.ParseBool(env.Get(EnvLDAPState, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return l, nil
}
return l, err
}
ldapServer := env.Get(EnvServerAddr, kvs.Get(ServerAddr))
if stateBool {
if ldapServer == "" {
return l, config.Error("'serveraddr' cannot be empty if you wish to enable AD/LDAP support")
}
}
if ldapServer == "" {
return l, nil
}
+8 -8
View File
@@ -23,47 +23,47 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: ServerAddr,
Description: `AD/LDAP server address eg: "myldapserver.com:636"`,
Description: `AD/LDAP server address e.g. "myldapserver.com:636"`,
Type: "address",
},
config.HelpKV{
Key: UsernameFormat,
Description: `AD/LDAP format of full username DN eg: "uid={username},cn=accounts,dc=myldapserver,dc=com"`,
Description: `AD/LDAP format of full username DN e.g. "uid={username},cn=accounts,dc=myldapserver,dc=com"`,
Type: "string",
},
config.HelpKV{
Key: GroupSearchFilter,
Description: `Search filter to find groups of a user (optional) eg: "(&(objectclass=groupOfNames)(member={usernamedn}))"`,
Description: `search filter to find groups of a user (optional) e.g. "(&(objectclass=groupOfNames)(member={usernamedn}))"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: GroupNameAttribute,
Description: `Attribute of search results to use as group name (optional) eg: "cn"`,
Description: `attribute of search results to use as group name (optional) e.g. "cn"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: GroupSearchBaseDN,
Description: `Base DN in AD/LDAP hierarchy to use in search requests (optional) eg: "dc=myldapserver,dc=com"`,
Description: `base DN in AD/LDAP hierarchy to use in search requests (optional) e.g. "dc=myldapserver,dc=com"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: STSExpiry,
Description: `AD/LDAP STS credentials validity duration eg: "1h"`,
Description: `AD/LDAP STS credentials validity duration e.g. "1h"`,
Optional: true,
Type: "duration",
},
config.HelpKV{
Key: TLSSkipVerify,
Description: "Set this to 'on', to disable client verification of server certificates",
Description: "enable this to disable client verification of server certificates",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the LDAP/AD identity setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
-4
View File
@@ -25,10 +25,6 @@ func SetIdentityLDAP(s config.Config, ldapArgs Config) {
return
}
s[config.IdentityLDAPSubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
},
config.KV{
Key: ServerAddr,
Value: ldapArgs.ServerAddr,
+4 -4
View File
@@ -23,24 +23,24 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: ConfigURL,
Description: `OpenID discovery documented endpoint. eg: "https://accounts.google.com/.well-known/openid-configuration"`,
Description: `openid discovery document e.g. "https://accounts.google.com/.well-known/openid-configuration"`,
Type: "url",
},
config.HelpKV{
Key: ClientID,
Description: `The client identifier of the authenticating party at the identity provider`,
Description: `client identifier of the authenticating party at the identity provider`,
Type: "string",
Optional: true,
},
config.HelpKV{
Key: ClaimPrefix,
Description: `OpenID JWT claim namespace prefix. eg: "customer"`,
Description: `openid JWT claim namespace prefix e.g. "customer"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the OpenID identity setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
+5 -19
View File
@@ -212,7 +212,6 @@ const (
ClaimPrefix = "claim_prefix"
ClientID = "client_id"
EnvIdentityOpenIDState = "MINIO_IDENTITY_OPENID_STATE"
EnvIdentityOpenIDClientID = "MINIO_IDENTITY_OPENID_CLIENT_ID"
EnvIdentityOpenIDJWKSURL = "MINIO_IDENTITY_OPENID_JWKS_URL"
EnvIdentityOpenIDURL = "MINIO_IDENTITY_OPENID_CONFIG_URL"
@@ -264,10 +263,6 @@ func parseDiscoveryDoc(u *xnet.URL, transport *http.Transport, closeRespFn func(
// DefaultKVS - default config for OpenID config
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: ConfigURL,
Value: "",
@@ -287,20 +282,17 @@ var (
}
)
// Enabled returns if jwks is enabled.
func Enabled(kvs config.KVS) bool {
return kvs.Get(JwksURL) != ""
}
// LookupConfig lookup jwks from config, override with any ENVs.
func LookupConfig(kvs config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (c Config, err error) {
if err = config.CheckValidKeys(config.IdentityOpenIDSubSys, kvs, DefaultKVS); err != nil {
return c, err
}
stateBool, err := config.ParseBool(env.Get(EnvIdentityOpenIDState, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return c, nil
}
return c, err
}
jwksURL := env.Get(EnvIamJwksURL, "") // Legacy
if jwksURL == "" {
jwksURL = env.Get(EnvIdentityOpenIDJWKSURL, kvs.Get(JwksURL))
@@ -330,12 +322,6 @@ func LookupConfig(kvs config.KVS, transport *http.Transport, closeRespFn func(io
jwksURL = c.DiscoveryDoc.JwksURI
}
if stateBool {
// This check is needed to ensure that empty Jwks urls are not allowed.
if jwksURL == "" {
return c, config.Error("'config_url' must be set to a proper OpenID discovery document URL")
}
}
if jwksURL == "" {
return c, nil
}
-4
View File
@@ -30,10 +30,6 @@ func SetIdentityOpenID(s config.Config, cfg Config) {
return
}
s[config.IdentityOpenIDSubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
},
config.KV{
Key: JwksURL,
Value: cfg.JWKS.URL.String(),
-8
View File
@@ -31,10 +31,6 @@ func SetCredentials(c Config, cred auth.Credentials) {
return
}
c[CredentialsSubSys][Default] = KVS{
KV{
Key: State,
Value: StateOn,
},
KV{
Key: AccessKey,
Value: cred.AccessKey,
@@ -56,9 +52,5 @@ func SetRegion(c Config, name string) {
Key: RegionName,
Value: name,
},
KV{
Key: State,
Value: StateOn,
},
}
}
+99 -99
View File
@@ -26,78 +26,78 @@ var (
HelpAMQP = config.HelpKVS{
config.HelpKV{
Key: target.AmqpURL,
Description: "AMQP server endpoint, e.g. `amqp://myuser:mypassword@localhost:5672`",
Description: "AMQP server endpoint e.g. `amqp://myuser:mypassword@localhost:5672`",
Type: "url",
},
config.HelpKV{
Key: target.AmqpExchange,
Description: "Name of the AMQP exchange",
Description: "name of the AMQP exchange",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.AmqpExchangeType,
Description: "Kind of AMQP exchange type",
Description: "kind of AMQP exchange type",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.AmqpRoutingKey,
Description: "Routing key for publishing",
Description: "routing key for publishing",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.AmqpMandatory,
Description: "Set this to 'on' for server to return an unroutable message with a Return method. If this flag is 'off', the server silently drops the message",
Description: "set this to 'on' for server to return an unroutable message with a Return method. If this flag is 'off', the server silently drops the message",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.AmqpDurable,
Description: "Set this to 'on' for queue to survive broker restarts",
Description: "set this to 'on' for queue to survive broker restarts",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.AmqpNoWait,
Description: "When no_wait is 'on', declare without waiting for a confirmation from the server",
Description: "when no_wait is 'on', declare without waiting for a confirmation from the server",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.AmqpInternal,
Description: "Set this to 'on' for exchange to be not used directly by publishers, but only when bound to other exchanges",
Description: "set this to 'on' for exchange to be not used directly by publishers, but only when bound to other exchanges",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.AmqpAutoDeleted,
Description: "Set this to 'on' for queue that has had at least one consumer is deleted when last consumer unsubscribes",
Description: "set this to 'on' for queue that has had at least one consumer is deleted when last consumer unsubscribes",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.AmqpDeliveryMode,
Description: "Delivery queue implementation use non-persistent (1) or persistent (2)",
Description: "delivery queue implementation use non-persistent (1) or persistent (2)",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: target.AmqpQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.AmqpQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the AMQP target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@@ -106,66 +106,66 @@ var (
HelpKafka = config.HelpKVS{
config.HelpKV{
Key: target.KafkaBrokers,
Description: "Comma separated list of Kafka broker addresses",
Description: "comma separated list of Kafka broker addresses",
Type: "csv",
},
config.HelpKV{
Key: target.KafkaTopic,
Description: "The Kafka topic for a given message",
Description: "Kafka topic used for bucket notifications",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.KafkaSASLUsername,
Description: "Username for SASL/PLAIN or SASL/SCRAM authentication",
Description: "username for SASL/PLAIN or SASL/SCRAM authentication",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.KafkaSASLPassword,
Description: "Password for SASL/PLAIN or SASL/SCRAM authentication",
Description: "password for SASL/PLAIN or SASL/SCRAM authentication",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.KafkaTLSClientAuth,
Description: "ClientAuth determines the Kafka server's policy for TLS client auth",
Description: "clientAuth determines the Kafka server's policy for TLS client auth",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.KafkaSASL,
Description: "Set this to 'on' to enable SASL authentication",
Description: "set this to 'on' to enable SASL authentication",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.KafkaTLS,
Description: "Set this to 'on' to enable TLS",
Description: "set this to 'on' to enable TLS",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.KafkaTLSSkipVerify,
Description: "Set this to 'on' to disable client verification of server certificate chain",
Description: "set this to 'on' to disable client verification of server certificate chain",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.KafkaQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.KafkaQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the Kafka target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@@ -174,59 +174,59 @@ var (
HelpMQTT = config.HelpKVS{
config.HelpKV{
Key: target.MqttBroker,
Description: "MQTT server endpoint, e.g. `tcp://localhost:1883`",
Description: "MQTT server endpoint e.g. `tcp://localhost:1883`",
Type: "uri",
},
config.HelpKV{
Key: target.MqttTopic,
Description: "Name of the MQTT topic to publish on, e.g. `minio`",
Description: "name of the MQTT topic to publish on, e.g. `minio`",
Type: "string",
},
config.HelpKV{
Key: target.MqttUsername,
Description: "Username to connect to the MQTT server",
Description: "username to connect to the MQTT server",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.MqttPassword,
Description: "Password to connect to the MQTT server",
Description: "password to connect to the MQTT server",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.MqttQoS,
Description: "Set the Quality of Service Level for MQTT endpoint",
Description: "set the Quality of Service Level for MQTT endpoint",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: target.MqttKeepAliveInterval,
Description: "Keep alive interval for MQTT connections",
Description: "keep alive interval for MQTT connections",
Optional: true,
Type: "duration",
},
config.HelpKV{
Key: target.MqttReconnectInterval,
Description: "Reconnect interval for MQTT connections",
Description: "reconnect interval for MQTT connections",
Optional: true,
Type: "duration",
},
config.HelpKV{
Key: target.MqttQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.MqttQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the MQTT target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@@ -235,34 +235,34 @@ var (
HelpES = config.HelpKVS{
config.HelpKV{
Key: target.ElasticURL,
Description: "The Elasticsearch server's address, with optional authentication info",
Description: "Elasticsearch server's address, with optional authentication info",
Type: "url",
},
config.HelpKV{
Key: target.ElasticFormat,
Description: "Either `namespace` or `access`, defaults to 'namespace'",
Description: "set this to `namespace` or `access`, defaults to 'namespace'",
Type: "namespace*|access",
},
config.HelpKV{
Key: target.ElasticIndex,
Description: "The name of an Elasticsearch index in which MinIO will store document",
Description: "the name of an Elasticsearch index in which MinIO will store document",
Type: "string",
},
config.HelpKV{
Key: target.ElasticQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.ElasticQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the Elasticsearch target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@@ -271,30 +271,30 @@ var (
HelpWebhook = config.HelpKVS{
config.HelpKV{
Key: target.WebhookEndpoint,
Description: "Webhook server endpoint eg: http://localhost:8080/minio/events",
Description: "webhook server endpoint e.g. http://localhost:8080/minio/events",
Type: "url",
},
config.HelpKV{
Key: target.WebhookAuthToken,
Description: "Authorization token used for webhook server endpoint",
Description: "authorization token used for webhook server endpoint",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.WebhookQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.WebhookQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the Webhook target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@@ -303,40 +303,40 @@ var (
HelpRedis = config.HelpKVS{
config.HelpKV{
Key: target.RedisAddress,
Description: "The Redis server's address. For example: `localhost:6379`",
Description: "Redis server's address. For example: `localhost:6379`",
Type: "address",
},
config.HelpKV{
Key: target.RedisFormat,
Description: "Specify how data is populated, a hash is used in case of `namespace` format and a list in case of `access` format, defaults to 'namespace'",
Type: "namespace|access",
Description: "specifies how data is populated, a hash is used in case of `namespace` format and a list in case of `access` format, defaults to 'namespace'",
Type: "namespace*|access",
},
config.HelpKV{
Key: target.RedisKey,
Description: "The name of the Redis key under which events are stored",
Description: "name of the Redis key under which events are stored",
Type: "string",
},
config.HelpKV{
Key: target.RedisPassword,
Description: "The Redis server's password",
Description: "Redis server's password",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.RedisQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.RedisQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the Redis target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@@ -345,64 +345,64 @@ var (
HelpPostgres = config.HelpKVS{
config.HelpKV{
Key: target.PostgresConnectionString,
Description: "Connection string parameters for the PostgreSQL server",
Description: "connection string parameters for the PostgreSQL server",
Type: "string",
},
config.HelpKV{
Key: target.PostgresFormat,
Description: "Specify how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
Type: "namespace|access",
Description: "specifies how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
Type: "namespace*|access",
},
config.HelpKV{
Key: target.PostgresTable,
Description: "Table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
Description: "table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
Type: "string",
},
config.HelpKV{
Key: target.PostgresHost,
Description: "Host name of the PostgreSQL server. Defaults to `localhost`. IPv6 host should be enclosed with `[` and `]`",
Description: "host name of the PostgreSQL server. Defaults to `localhost`. IPv6 host should be enclosed with `[` and `]`",
Optional: true,
Type: "hostname",
},
config.HelpKV{
Key: target.PostgresPort,
Description: "Port on which to connect to PostgreSQL server, defaults to `5432`",
Description: "port on which to connect to PostgreSQL server, defaults to `5432`",
Optional: true,
Type: "port",
},
config.HelpKV{
Key: target.PostgresUsername,
Description: "Database username, defaults to user running the MinIO process if not specified",
Description: "database username, defaults to user running the MinIO process if not specified",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.PostgresPassword,
Description: "Database password",
Description: "database password",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.PostgresDatabase,
Description: "Postgres Database name",
Description: "postgres Database name",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.PostgresQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.PostgresQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the Postgres target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@@ -411,64 +411,64 @@ var (
HelpMySQL = config.HelpKVS{
config.HelpKV{
Key: target.MySQLDSNString,
Description: "Data-Source-Name connection string for the MySQL server",
Description: "data source name connection string for the MySQL server",
Type: "string",
},
config.HelpKV{
Key: target.MySQLTable,
Description: "Table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
Description: "table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
Type: "string",
},
config.HelpKV{
Key: target.MySQLFormat,
Description: "Specify how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
Type: "namespace|access",
Description: "specifies how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
Type: "namespace*|access",
},
config.HelpKV{
Key: target.MySQLHost,
Description: "Host name of the MySQL server (used only if `dsnString` is empty)",
Description: "host name of the MySQL server (used only if `dsnString` is empty)",
Optional: true,
Type: "hostname",
},
config.HelpKV{
Key: target.MySQLPort,
Description: "Port on which to connect to the MySQL server (used only if `dsn_string` is empty)",
Description: "port on which to connect to the MySQL server (used only if `dsn_string` is empty)",
Optional: true,
Type: "port",
},
config.HelpKV{
Key: target.MySQLUsername,
Description: "Database user-name (used only if `dsnString` is empty)",
Description: "database user-name (used only if `dsnString` is empty)",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.MySQLPassword,
Description: "Database password (used only if `dsnString` is empty)",
Description: "database password (used only if `dsnString` is empty)",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.MySQLDatabase,
Description: "Database name (used only if `dsnString` is empty)",
Description: "database name (used only if `dsnString` is empty)",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.MySQLQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.MySQLQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the MySQL target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@@ -477,7 +477,7 @@ var (
HelpNATS = config.HelpKVS{
config.HelpKV{
Key: target.NATSAddress,
Description: "NATS server address eg: '0.0.0.0:4222'",
Description: "NATS server address e.g. '0.0.0.0:4222'",
Type: "address",
},
config.HelpKV{
@@ -487,91 +487,91 @@ var (
},
config.HelpKV{
Key: target.NATSUsername,
Description: "Username to be used when connecting to the server",
Description: "username to be used when connecting to the server",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSPassword,
Description: "Password to be used when connecting to a server",
Description: "password to be used when connecting to a server",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSToken,
Description: "Token to be used when connecting to a server",
Description: "token to be used when connecting to a server",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSSecure,
Description: "Set this to 'on', enables TLS secure connections that skip server verification (not recommended)",
Description: "set this to 'on', enables TLS secure connections that skip server verification (not recommended)",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.NATSPingInterval,
Description: "Client ping commands interval to the server, disabled by default",
Description: "client ping commands interval to the server, disabled by default",
Optional: true,
Type: "duration",
},
config.HelpKV{
Key: target.NATSStreaming,
Description: "Set this to 'on', to use streaming NATS server",
Description: "set this to 'on', to use streaming NATS server",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.NATSStreamingAsync,
Description: "Set this to 'on', to enable asynchronous publish, process the ACK or error state",
Description: "set this to 'on', to enable asynchronous publish, process the ACK or error state",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.NATSStreamingMaxPubAcksInFlight,
Description: "Specifies how many messages can be published without getting ACKs back from NATS streaming server",
Description: "specifies how many messages can be published without getting ACKs back from NATS streaming server",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: target.NATSStreamingClusterID,
Description: "Unique ID for the NATS streaming cluster",
Description: "unique ID for the NATS streaming cluster",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: target.NATSQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.NATSCertAuthority,
Description: "Certificate chain of the target NATS server if self signed certs were used",
Description: "certificate chain of the target NATS server if self signed certs were used",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSClientCert,
Description: "TLS Cert used to authenticate against NATS configured to require client certificates",
Description: "TLS Cert used for NATS configured to require client certificates",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSClientKey,
Description: "TLS Key used to authenticate against NATS configured to require client certificates",
Description: "TLS Key used for NATS configured to require client certificates",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the NATS target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@@ -580,7 +580,7 @@ var (
HelpNSQ = config.HelpKVS{
config.HelpKV{
Key: target.NSQAddress,
Description: "NSQ server address eg: '127.0.0.1:4150'",
Description: "NSQ server address e.g. '127.0.0.1:4150'",
Type: "address",
},
config.HelpKV{
@@ -590,31 +590,31 @@ var (
},
config.HelpKV{
Key: target.NSQTLS,
Description: "Set this to 'on', to enable TLS negotiation",
Description: "set this to 'on', to enable TLS negotiation",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.NSQTLSSkipVerify,
Description: "Set this to 'on', to disable client verification of server certificates",
Description: "set this to 'on', to disable client verification of server certificates",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.NSQQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.NSQQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the NSQ target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
+22 -22
View File
@@ -21,8 +21,8 @@ func SetNotifyKafka(s config.Config, kName string, cfg target.KafkaArgs) error {
s[config.NotifyKafkaSubSys][kName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.KafkaBrokers,
@@ -86,8 +86,8 @@ func SetNotifyAMQP(s config.Config, amqpName string, cfg target.AMQPArgs) error
s[config.NotifyAMQPSubSys][amqpName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.AmqpURL,
@@ -154,8 +154,8 @@ func SetNotifyES(s config.Config, esName string, cfg target.ElasticsearchArgs) e
s[config.NotifyESSubSys][esName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.ElasticFormat,
@@ -194,8 +194,8 @@ func SetNotifyRedis(s config.Config, redisName string, cfg target.RedisArgs) err
s[config.NotifyRedisSubSys][redisName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.RedisFormat,
@@ -238,8 +238,8 @@ func SetNotifyWebhook(s config.Config, whName string, cfg target.WebhookArgs) er
s[config.NotifyWebhookSubSys][whName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.WebhookEndpoint,
@@ -274,8 +274,8 @@ func SetNotifyPostgres(s config.Config, psqName string, cfg target.PostgreSQLArg
s[config.NotifyPostgresSubSys][psqName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.PostgresFormat,
@@ -334,8 +334,8 @@ func SetNotifyNSQ(s config.Config, nsqName string, cfg target.NSQArgs) error {
s[config.NotifyNSQSubSys][nsqName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.NSQAddress,
@@ -378,8 +378,8 @@ func SetNotifyNATS(s config.Config, natsName string, cfg target.NATSArgs) error
s[config.NotifyNATSSubSys][natsName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.NATSAddress,
@@ -433,9 +433,9 @@ func SetNotifyNATS(s config.Config, natsName string, cfg target.NATSArgs) error
Key: target.NATSStreaming,
Value: func() string {
if cfg.Streaming.Enable {
return config.StateOn
return config.EnableOn
}
return config.StateOff
return config.EnableOff
}(),
},
config.KV{
@@ -467,8 +467,8 @@ func SetNotifyMySQL(s config.Config, sqlName string, cfg target.MySQLArgs) error
s[config.NotifyMySQLSubSys][sqlName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.MySQLFormat,
@@ -527,8 +527,8 @@ func SetNotifyMQTT(s config.Config, mqttName string, cfg target.MQTTArgs) error
s[config.NotifyMQTTSubSys][mqttName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.MqttBroker,
+88 -88
View File
@@ -341,8 +341,8 @@ func mergeTargets(cfgTargets map[string]config.KVS, envname string, defaultKVS c
var (
DefaultKafkaKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.KafkaTopic,
@@ -366,15 +366,15 @@ var (
},
config.KV{
Key: target.KafkaSASL,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.KafkaTLS,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.KafkaTLSSkipVerify,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.KafkaQueueLimit,
@@ -390,12 +390,12 @@ var (
// GetNotifyKafka - returns a map of registered notification 'kafka' targets
func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs, error) {
kafkaTargets := make(map[string]target.KafkaArgs)
for k, kv := range mergeTargets(kafkaKVS, target.EnvKafkaState, DefaultKafkaKVS) {
stateEnv := target.EnvKafkaState
for k, kv := range mergeTargets(kafkaKVS, target.EnvKafkaEnable, DefaultKafkaKVS) {
enableEnv := target.EnvKafkaEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@@ -409,7 +409,7 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
}
kafkaBrokers := env.Get(brokersEnv, kv.Get(target.KafkaBrokers))
if len(kafkaBrokers) == 0 {
return nil, config.Error("kafka 'brokers' cannot be empty")
return nil, config.Errorf(config.SafeModeKind, "kafka 'brokers' cannot be empty")
}
for _, s := range strings.Split(kafkaBrokers, config.ValueSeparator) {
var host *xnet.Host
@@ -467,8 +467,8 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
if k != config.Default {
tlsSkipVerifyEnv = tlsSkipVerifyEnv + config.Default + k
}
kafkaArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.KafkaTLS)) == config.StateOn
kafkaArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.KafkaTLSSkipVerify)) == config.StateOn
kafkaArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.KafkaTLS)) == config.EnableOn
kafkaArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.KafkaTLSSkipVerify)) == config.EnableOn
kafkaArgs.TLS.ClientAuth = tls.ClientAuthType(clientAuth)
saslEnableEnv := target.EnvKafkaSASLEnable
@@ -483,7 +483,7 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
if k != config.Default {
saslPasswordEnv = saslPasswordEnv + config.Default + k
}
kafkaArgs.SASL.Enable = env.Get(saslEnableEnv, kv.Get(target.KafkaSASL)) == config.StateOn
kafkaArgs.SASL.Enable = env.Get(saslEnableEnv, kv.Get(target.KafkaSASL)) == config.EnableOn
kafkaArgs.SASL.User = env.Get(saslUsernameEnv, kv.Get(target.KafkaSASLUsername))
kafkaArgs.SASL.Password = env.Get(saslPasswordEnv, kv.Get(target.KafkaSASLPassword))
@@ -501,8 +501,8 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
var (
DefaultMQTTKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.MqttBroker,
@@ -546,13 +546,13 @@ var (
// GetNotifyMQTT - returns a map of registered notification 'mqtt' targets
func GetNotifyMQTT(mqttKVS map[string]config.KVS, rootCAs *x509.CertPool) (map[string]target.MQTTArgs, error) {
mqttTargets := make(map[string]target.MQTTArgs)
for k, kv := range mergeTargets(mqttKVS, target.EnvMQTTState, DefaultMQTTKVS) {
stateEnv := target.EnvMQTTState
for k, kv := range mergeTargets(mqttKVS, target.EnvMQTTEnable, DefaultMQTTKVS) {
enableEnv := target.EnvMQTTEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@@ -656,8 +656,8 @@ func GetNotifyMQTT(mqttKVS map[string]config.KVS, rootCAs *x509.CertPool) (map[s
var (
DefaultMySQLKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.MySQLFormat,
@@ -705,13 +705,13 @@ var (
// GetNotifyMySQL - returns a map of registered notification 'mysql' targets
func GetNotifyMySQL(mysqlKVS map[string]config.KVS) (map[string]target.MySQLArgs, error) {
mysqlTargets := make(map[string]target.MySQLArgs)
for k, kv := range mergeTargets(mysqlKVS, target.EnvMySQLState, DefaultMySQLKVS) {
stateEnv := target.EnvMySQLState
for k, kv := range mergeTargets(mysqlKVS, target.EnvMySQLEnable, DefaultMySQLKVS) {
enableEnv := target.EnvMySQLEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@@ -795,8 +795,8 @@ func GetNotifyMySQL(mysqlKVS map[string]config.KVS) (map[string]target.MySQLArgs
var (
DefaultNATSKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.NATSAddress,
@@ -832,7 +832,7 @@ var (
},
config.KV{
Key: target.NATSSecure,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.NATSPingInterval,
@@ -840,11 +840,11 @@ var (
},
config.KV{
Key: target.NATSStreaming,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.NATSStreamingAsync,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.NATSStreamingMaxPubAcksInFlight,
@@ -868,13 +868,13 @@ var (
// GetNotifyNATS - returns a map of registered notification 'nats' targets
func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, error) {
natsTargets := make(map[string]target.NATSArgs)
for k, kv := range mergeTargets(natsKVS, target.EnvNATSState, DefaultNATSKVS) {
stateEnv := target.EnvNATSState
for k, kv := range mergeTargets(natsKVS, target.EnvNATSEnable, DefaultNATSKVS) {
enableEnv := target.EnvNATSEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@@ -967,7 +967,7 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
ClientCert: env.Get(clientCertEnv, kv.Get(target.NATSClientCert)),
ClientKey: env.Get(clientKeyEnv, kv.Get(target.NATSClientKey)),
Token: env.Get(tokenEnv, kv.Get(target.NATSToken)),
Secure: env.Get(secureEnv, kv.Get(target.NATSSecure)) == config.StateOn,
Secure: env.Get(secureEnv, kv.Get(target.NATSSecure)) == config.EnableOn,
PingInterval: pingInterval,
QueueDir: env.Get(queueDirEnv, kv.Get(target.NATSQueueDir)),
QueueLimit: queueLimit,
@@ -978,7 +978,7 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
streamingEnableEnv = streamingEnableEnv + config.Default + k
}
streamingEnabled := env.Get(streamingEnableEnv, kv.Get(target.NATSStreaming)) == config.StateOn
streamingEnabled := env.Get(streamingEnableEnv, kv.Get(target.NATSStreaming)) == config.EnableOn
if streamingEnabled {
asyncEnv := target.EnvNATSStreamingAsync
if k != config.Default {
@@ -999,7 +999,7 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
}
natsArgs.Streaming.Enable = streamingEnabled
natsArgs.Streaming.ClusterID = env.Get(clusterIDEnv, kv.Get(target.NATSStreamingClusterID))
natsArgs.Streaming.Async = env.Get(asyncEnv, kv.Get(target.NATSStreamingAsync)) == config.StateOn
natsArgs.Streaming.Async = env.Get(asyncEnv, kv.Get(target.NATSStreamingAsync)) == config.EnableOn
natsArgs.Streaming.MaxPubAcksInflight = maxPubAcksInflight
}
@@ -1016,8 +1016,8 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
var (
DefaultNSQKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.NSQAddress,
@@ -1029,11 +1029,11 @@ var (
},
config.KV{
Key: target.NSQTLS,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.NSQTLSSkipVerify,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.NSQQueueDir,
@@ -1049,13 +1049,13 @@ var (
// GetNotifyNSQ - returns a map of registered notification 'nsq' targets
func GetNotifyNSQ(nsqKVS map[string]config.KVS) (map[string]target.NSQArgs, error) {
nsqTargets := make(map[string]target.NSQArgs)
for k, kv := range mergeTargets(nsqKVS, target.EnvNSQState, DefaultNSQKVS) {
stateEnv := target.EnvNSQState
for k, kv := range mergeTargets(nsqKVS, target.EnvNSQEnable, DefaultNSQKVS) {
enableEnv := target.EnvNSQEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@@ -1105,8 +1105,8 @@ func GetNotifyNSQ(nsqKVS map[string]config.KVS) (map[string]target.NSQArgs, erro
QueueDir: env.Get(queueDirEnv, kv.Get(target.NSQQueueDir)),
QueueLimit: queueLimit,
}
nsqArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.NSQTLS)) == config.StateOn
nsqArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.NSQTLSSkipVerify)) == config.StateOn
nsqArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.NSQTLS)) == config.EnableOn
nsqArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.NSQTLSSkipVerify)) == config.EnableOn
if err = nsqArgs.Validate(); err != nil {
return nil, err
@@ -1121,8 +1121,8 @@ func GetNotifyNSQ(nsqKVS map[string]config.KVS) (map[string]target.NSQArgs, erro
var (
DefaultPostgresKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.PostgresFormat,
@@ -1170,13 +1170,13 @@ var (
// GetNotifyPostgres - returns a map of registered notification 'postgres' targets
func GetNotifyPostgres(postgresKVS map[string]config.KVS) (map[string]target.PostgreSQLArgs, error) {
psqlTargets := make(map[string]target.PostgreSQLArgs)
for k, kv := range mergeTargets(postgresKVS, target.EnvPostgresState, DefaultPostgresKVS) {
stateEnv := target.EnvPostgresState
for k, kv := range mergeTargets(postgresKVS, target.EnvPostgresEnable, DefaultPostgresKVS) {
enableEnv := target.EnvPostgresEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@@ -1270,8 +1270,8 @@ func GetNotifyPostgres(postgresKVS map[string]config.KVS) (map[string]target.Pos
var (
DefaultRedisKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.RedisFormat,
@@ -1303,13 +1303,13 @@ var (
// GetNotifyRedis - returns a map of registered notification 'redis' targets
func GetNotifyRedis(redisKVS map[string]config.KVS) (map[string]target.RedisArgs, error) {
redisTargets := make(map[string]target.RedisArgs)
for k, kv := range mergeTargets(redisKVS, target.EnvRedisState, DefaultRedisKVS) {
stateEnv := target.EnvRedisState
for k, kv := range mergeTargets(redisKVS, target.EnvRedisEnable, DefaultRedisKVS) {
enableEnv := target.EnvRedisEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@@ -1370,8 +1370,8 @@ func GetNotifyRedis(redisKVS map[string]config.KVS) (map[string]target.RedisArgs
var (
DefaultWebhookKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.WebhookEndpoint,
@@ -1395,12 +1395,12 @@ var (
// GetNotifyWebhook - returns a map of registered notification 'webhook' targets
func GetNotifyWebhook(webhookKVS map[string]config.KVS, rootCAs *x509.CertPool) (map[string]target.WebhookArgs, error) {
webhookTargets := make(map[string]target.WebhookArgs)
for k, kv := range mergeTargets(webhookKVS, target.EnvWebhookState, DefaultWebhookKVS) {
stateEnv := target.EnvWebhookState
for k, kv := range mergeTargets(webhookKVS, target.EnvWebhookEnable, DefaultWebhookKVS) {
enableEnv := target.EnvWebhookEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@@ -1452,8 +1452,8 @@ func GetNotifyWebhook(webhookKVS map[string]config.KVS, rootCAs *x509.CertPool)
var (
DefaultESKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.ElasticURL,
@@ -1481,12 +1481,12 @@ var (
// GetNotifyES - returns a map of registered notification 'elasticsearch' targets
func GetNotifyES(esKVS map[string]config.KVS) (map[string]target.ElasticsearchArgs, error) {
esTargets := make(map[string]target.ElasticsearchArgs)
for k, kv := range mergeTargets(esKVS, target.EnvElasticState, DefaultESKVS) {
stateEnv := target.EnvElasticState
for k, kv := range mergeTargets(esKVS, target.EnvElasticEnable, DefaultESKVS) {
enableEnv := target.EnvElasticEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@@ -1549,8 +1549,8 @@ func GetNotifyES(esKVS map[string]config.KVS) (map[string]target.ElasticsearchAr
var (
DefaultAMQPKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpURL,
@@ -1570,23 +1570,23 @@ var (
},
config.KV{
Key: target.AmqpMandatory,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpDurable,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpNoWait,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpInternal,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpAutoDeleted,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpDeliveryMode,
@@ -1606,12 +1606,12 @@ var (
// GetNotifyAMQP - returns a map of registered notification 'amqp' targets
func GetNotifyAMQP(amqpKVS map[string]config.KVS) (map[string]target.AMQPArgs, error) {
amqpTargets := make(map[string]target.AMQPArgs)
for k, kv := range mergeTargets(amqpKVS, target.EnvAMQPState, DefaultAMQPKVS) {
stateEnv := target.EnvAMQPState
for k, kv := range mergeTargets(amqpKVS, target.EnvAMQPEnable, DefaultAMQPKVS) {
enableEnv := target.EnvAMQPEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@@ -1689,12 +1689,12 @@ func GetNotifyAMQP(amqpKVS map[string]config.KVS) (map[string]target.AMQPArgs, e
RoutingKey: env.Get(routingKeyEnv, kv.Get(target.AmqpRoutingKey)),
ExchangeType: env.Get(exchangeTypeEnv, kv.Get(target.AmqpExchangeType)),
DeliveryMode: uint8(deliveryMode),
Mandatory: env.Get(mandatoryEnv, kv.Get(target.AmqpMandatory)) == config.StateOn,
Immediate: env.Get(immediateEnv, kv.Get(target.AmqpImmediate)) == config.StateOn,
Durable: env.Get(durableEnv, kv.Get(target.AmqpDurable)) == config.StateOn,
Internal: env.Get(internalEnv, kv.Get(target.AmqpInternal)) == config.StateOn,
NoWait: env.Get(noWaitEnv, kv.Get(target.AmqpNoWait)) == config.StateOn,
AutoDeleted: env.Get(autoDeletedEnv, kv.Get(target.AmqpAutoDeleted)) == config.StateOn,
Mandatory: env.Get(mandatoryEnv, kv.Get(target.AmqpMandatory)) == config.EnableOn,
Immediate: env.Get(immediateEnv, kv.Get(target.AmqpImmediate)) == config.EnableOn,
Durable: env.Get(durableEnv, kv.Get(target.AmqpDurable)) == config.EnableOn,
Internal: env.Get(internalEnv, kv.Get(target.AmqpInternal)) == config.EnableOn,
NoWait: env.Get(noWaitEnv, kv.Get(target.AmqpNoWait)) == config.EnableOn,
AutoDeleted: env.Get(autoDeletedEnv, kv.Get(target.AmqpAutoDeleted)) == config.EnableOn,
QueueDir: env.Get(queueDirEnv, kv.Get(target.AmqpQueueDir)),
QueueLimit: queueLimit,
}
+5 -4
View File
@@ -41,10 +41,6 @@ const (
// DefaultKVS - default config for OPA config
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: URL,
Value: "",
@@ -112,6 +108,11 @@ type Opa struct {
client *http.Client
}
// Enabled returns if opa is enabled.
func Enabled(kvs config.KVS) bool {
return kvs.Get(URL) != ""
}
// LookupConfig lookup Opa from config, override with any ENVs.
func LookupConfig(kv config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (Args, error) {
args := Args{}
+3 -3
View File
@@ -23,18 +23,18 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: URL,
Description: `Points to URL for OPA HTTP API endpoint. eg: "http://localhost:8181/v1/data/httpapi/authz/allow"`,
Description: `OPA HTTP API endpoint e.g. "http://localhost:8181/v1/data/httpapi/authz/allow"`,
Type: "url",
},
config.HelpKV{
Key: AuthToken,
Description: "Authorization token for the OPA HTTP API endpoint",
Description: "authorization token for OPA HTTP API endpoint",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the OPA policy setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
-4
View File
@@ -33,10 +33,6 @@ func SetPolicyOPAConfig(s config.Config, opaArgs Args) {
return
}
s[config.PolicyOPASubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
},
config.KV{
Key: URL,
Value: opaArgs.URL.String(),
+3 -3
View File
@@ -23,19 +23,19 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: ClassStandard,
Description: `Set standard storage class parity ratio. eg: "EC:4"`,
Description: `set the parity count for default standard storage class e.g. "EC:4"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: ClassRRS,
Description: `Set reduced redundancy storage class parity ratio. eg: "EC:2"`,
Description: `set the parity count for reduced redundancy storage class e.g. "EC:2"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the storageclass setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
-4
View File
@@ -35,9 +35,5 @@ func SetStorageClass(s config.Config, cfg Config) {
Key: ClassRRS,
Value: cfg.RRS.String(),
},
config.KV{
Key: config.State,
Value: config.StateOn,
},
}
}
+7 -20
View File
@@ -39,8 +39,6 @@ const (
ClassStandard = "standard"
ClassRRS = "rrs"
// Env to on/off storage class settings.
EnvStorageClass = "MINIO_STORAGE_CLASS_STATE"
// Reduced redundancy storage class environment variable
RRSEnv = "MINIO_STORAGE_CLASS_RRS"
// Standard storage class environment variable
@@ -59,10 +57,6 @@ const (
// DefaultKVS - default storage class config
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: ClassStandard,
Value: "",
@@ -218,6 +212,13 @@ func (sCfg Config) GetParityForSC(sc string) (parity int) {
}
}
// Enabled returns if etcd is enabled.
func Enabled(kvs config.KVS) bool {
ssc := kvs.Get(ClassStandard)
rrsc := kvs.Get(ClassRRS)
return ssc != "" || rrsc != ""
}
// LookupConfig - lookup storage class config and override with valid environment settings if any.
func LookupConfig(kvs config.KVS, drivesPerSet int) (cfg Config, err error) {
cfg = Config{}
@@ -228,22 +229,8 @@ func LookupConfig(kvs config.KVS, drivesPerSet int) (cfg Config, err error) {
return cfg, err
}
stateBool, err := config.ParseBool(env.Get(EnvStorageClass, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return cfg, nil
}
return cfg, err
}
ssc := env.Get(StandardEnv, kvs.Get(ClassStandard))
rrsc := env.Get(RRSEnv, kvs.Get(ClassRRS))
if stateBool {
if ssc == "" && rrsc == "" {
return cfg, config.Error("'standard' and 'rrs' key cannot be empty for enabled storage class")
}
// if one of storage class is not empty proceed.
}
// Check for environment variables and parse into storageClass struct
if ssc != "" {
cfg.Standard, err = parseStorageClass(ssc)
+7 -18
View File
@@ -46,10 +46,6 @@ const (
// DefaultKVS - default KV crypto config
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: KMSVaultEndpoint,
Value: "",
@@ -100,9 +96,6 @@ const (
)
const (
// EnvKMSVaultState to enable on/off
EnvKMSVaultState = "MINIO_KMS_VAULT_STATE"
// EnvKMSVaultEndpoint is the environment variable used to specify
// the vault HTTPS endpoint.
EnvKMSVaultEndpoint = "MINIO_KMS_VAULT_ENDPOINT"
@@ -145,6 +138,12 @@ var defaultCfg = VaultConfig{
},
}
// Enabled returns if HashiCorp Vault is enabled.
func Enabled(kvs config.KVS) bool {
endpoint := kvs.Get(KMSVaultEndpoint)
return endpoint != ""
}
// LookupConfig extracts the KMS configuration provided by environment
// variables and merge them with the provided KMS configuration. The
// merging follows the following rules:
@@ -167,7 +166,7 @@ func LookupConfig(kvs config.KVS) (KMSConfig, error) {
return kmsCfg, err
}
if !kmsCfg.AutoEncryption {
kmsCfg.AutoEncryption, err = config.ParseBool(env.Get(EnvKMSAutoEncryption, config.StateOff))
kmsCfg.AutoEncryption, err = config.ParseBool(env.Get(EnvKMSAutoEncryption, config.EnableOff))
if err != nil {
return kmsCfg, err
}
@@ -176,16 +175,6 @@ func LookupConfig(kvs config.KVS) (KMSConfig, error) {
return kmsCfg, nil
}
stateBool, err := config.ParseBool(env.Get(EnvKMSVaultState, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return kmsCfg, nil
}
return kmsCfg, err
}
if !stateBool {
return kmsCfg, nil
}
vcfg := VaultConfig{
Auth: VaultAuth{
Type: "approle",
+8 -8
View File
@@ -23,32 +23,32 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: KMSVaultEndpoint,
Description: `Points to Vault API endpoint eg: "http://vault-endpoint-ip:8200"`,
Description: `HashiCorp Vault API endpoint e.g. "http://vault-endpoint-ip:8200"`,
Type: "url",
},
config.HelpKV{
Key: KMSVaultKeyName,
Description: `Transit key name used in vault policy, must be unique name eg: "my-minio-key"`,
Description: `transit key name used in vault policy, must be unique name e.g. "my-minio-key"`,
Type: "string",
},
config.HelpKV{
Key: KMSVaultAuthType,
Description: `Authentication type to Vault API endpoint eg: "approle"`,
Description: `authentication type to Vault API endpoint e.g. "approle"`,
Type: "string",
},
config.HelpKV{
Key: KMSVaultAppRoleID,
Description: `Unique role ID created for AppRole`,
Description: `unique role ID created for AppRole`,
Type: "string",
},
config.HelpKV{
Key: KMSVaultAppRoleSecret,
Description: `Unique secret ID created for AppRole`,
Description: `unique secret ID created for AppRole`,
Type: "string",
},
config.HelpKV{
Key: KMSVaultNamespace,
Description: `Only needed if AppRole engine is scoped to Vault Namespace eg: "ns1"`,
Description: `only needed if AppRole engine is scoped to Vault Namespace e.g. "ns1"`,
Optional: true,
Type: "string",
},
@@ -60,13 +60,13 @@ var (
},
config.HelpKV{
Key: KMSVaultCAPath,
Description: `Path to PEM-encoded CA cert files to use mTLS authentication (optional) eg: "/home/user/custom-certs"`,
Description: `path to PEM-encoded CA cert files to use mTLS authentication (optional) e.g. "/home/user/custom-certs"`,
Optional: true,
Type: "path",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the KMS Vault setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
+1 -16
View File
@@ -83,10 +83,6 @@ func SetKMSConfig(s config.Config, cfg KMSConfig) {
return
}
s[config.KmsVaultSubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
},
config.KV{
Key: KMSVaultEndpoint,
Value: cfg.Vault.Endpoint,
@@ -141,7 +137,7 @@ func SetKMSConfig(s config.Config, cfg KMSConfig) {
// It sets the global KMS configuration according to the merged configuration
// on success.
func lookupConfigLegacy(kvs config.KVS) (KMSConfig, error) {
autoBool, err := config.ParseBool(env.Get(EnvAutoEncryptionLegacy, config.StateOff))
autoBool, err := config.ParseBool(env.Get(EnvAutoEncryptionLegacy, config.EnableOff))
if err != nil {
return KMSConfig{}, err
}
@@ -155,17 +151,6 @@ func lookupConfigLegacy(kvs config.KVS) (KMSConfig, error) {
},
}
// Assume default as "on" for legacy config since we didn't have a _STATE
// flag to turn it off, but we should honor it nonetheless to turn it off
// if the vault endpoint is down and there is no way to start the server.
stateBool, err := config.ParseBool(env.Get(EnvKMSVaultState, config.StateOn))
if err != nil {
return cfg, err
}
if !stateBool {
return cfg, nil
}
endpointStr := env.Get(EnvLegacyVaultEndpoint, "")
if endpointStr != "" {
// Lookup Hashicorp-Vault configuration & overwrite config entry if ENV var is present
+3
View File
@@ -118,6 +118,9 @@ func StartGateway(ctx *cli.Context, gw Gateway) {
// Handle common command args.
handleCommonCmdArgs(ctx)
// Initialize all help
initHelp()
// Get port to listen on from gateway address
globalMinioHost, globalMinioPort = mustSplitHostPort(globalCLIContext.Addr)
+2 -7
View File
@@ -101,17 +101,12 @@ ENVIRONMENT VARIABLES:
MINIO_CACHE_QUOTA: Maximum permitted usage of the cache in percentage (0-100).
EXAMPLES:
1. Start minio gateway server for Azure Blob Storage backend.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}azureaccountname
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}azureaccountkey
{{.Prompt}} {{.HelpName}}
2. Start minio gateway server for Azure Blob Storage backend on custom endpoint.
1. Start minio gateway server for Azure Blob Storage backend on custom endpoint.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}azureaccountname
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}azureaccountkey
{{.Prompt}} {{.HelpName}} https://azureaccountname.blob.custom.azure.endpoint
3. Start minio gateway server for Azure Blob Storage backend with edge caching enabled.
2. Start minio gateway server for Azure Blob Storage backend with edge caching enabled.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}azureaccountname
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}azureaccountkey
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_CACHE_DRIVES{{.AssignmentOperator}}"/mnt/drive1,/mnt/drive2,/mnt/drive3,/mnt/drive4"
-16
View File
@@ -72,28 +72,12 @@ ENVIRONMENT VARIABLES:
MINIO_CACHE_EXPIRY: Cache expiry duration in days.
MINIO_CACHE_QUOTA: Maximum permitted usage of the cache in percentage (0-100).
LOGGER:
MINIO_LOGGER_HTTP_STATE: Set this to "on" to enable HTTP logging target.
MINIO_LOGGER_HTTP_ENDPOINT: HTTP endpoint URL to log all incoming requests.
EXAMPLES:
1. Start minio gateway server for AWS S3 backend.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}accesskey
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}secretkey
{{.Prompt}} {{.HelpName}}
2. Start minio gateway server for S3 backend on custom endpoint.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}Q3AM3UQ867SPQQA43P2F
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG
{{.Prompt}} {{.HelpName}} https://play.min.io:9000
3. Start minio gateway server for AWS S3 backend logging all requests to http endpoint.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}Q3AM3UQ867SPQQA43P2F
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_LOGGER_HTTP_STATE{{.AssignmenOperator}}"on"
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_LOGGER_HTTP_ENDPOINT{{.AssignmentOperator}}"http://localhost:8000/"
{{.Prompt}} {{.HelpName}} https://play.min.io:9000
4. Start minio gateway server for AWS S3 backend with edge caching enabled.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}accesskey
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}secretkey
+2 -2
View File
@@ -654,9 +654,9 @@ func (sys *IAMSys) SetUserStatus(accessKey string, status madmin.AccountStatus)
SecretKey: cred.SecretKey,
Status: func() string {
if status == madmin.AccountEnabled {
return config.StateOn
return config.EnableOn
}
return config.StateOff
return config.EnableOff
}(),
})
if err := sys.store.saveUserIdentity(accessKey, false, uinfo); err != nil {
+6 -6
View File
@@ -58,8 +58,8 @@ const (
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: Endpoint,
@@ -72,8 +72,8 @@ var (
}
DefaultAuditKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: Endpoint,
@@ -153,7 +153,7 @@ func LookupConfig(scfg config.Config) (Config, error) {
return cfg, err
}
enabled, err := config.ParseBool(kv.Get(config.State))
enabled, err := config.ParseBool(kv.Get(config.Enable))
if err != nil {
return cfg, err
}
@@ -185,7 +185,7 @@ func LookupConfig(scfg config.Config) (Config, error) {
return cfg, err
}
enabled, err := config.ParseBool(kv.Get(config.State))
enabled, err := config.ParseBool(kv.Get(config.Enable))
if err != nil {
return cfg, err
}
+6 -6
View File
@@ -23,18 +23,18 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: Endpoint,
Description: `HTTP logger endpoint eg: "http://localhost:8080/minio/logs/server"`,
Description: `HTTP logger endpoint e.g. "http://localhost:8080/minio/logs/server"`,
Type: "url",
},
config.HelpKV{
Key: AuthToken,
Description: "Authorization token for logger endpoint",
Description: "authorization token for logger endpoint",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the HTTP logger setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@@ -43,18 +43,18 @@ var (
HelpAudit = config.HelpKVS{
config.HelpKV{
Key: Endpoint,
Description: `HTTP Audit logger endpoint eg: "http://localhost:8080/minio/logs/audit"`,
Description: `HTTP Audit logger endpoint e.g. "http://localhost:8080/minio/logs/audit"`,
Type: "url",
},
config.HelpKV{
Key: AuthToken,
Description: "Authorization token for logger endpoint",
Description: "authorization token for audit logger endpoint",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the HTTP Audit logger setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
+4 -4
View File
@@ -31,8 +31,8 @@ func SetLoggerHTTPAudit(scfg config.Config, k string, args HTTP) {
}
scfg[config.AuditWebhookSubSys][k] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: Endpoint,
@@ -54,8 +54,8 @@ func SetLoggerHTTP(scfg config.Config, k string, args HTTP) {
scfg[config.LoggerWebhookSubSys][k] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: Endpoint,
+28 -4
View File
@@ -156,7 +156,9 @@ func serverHandleCmdArgs(ctx *cli.Context) {
}
logger.FatalIf(err, "Invalid command line arguments")
logger.LogIf(context.Background(), checkEndpointsSubOptimal(ctx, setupType, globalEndpoints))
if err = checkEndpointsSubOptimal(ctx, setupType, globalEndpoints); err != nil {
logger.Info("Optimal endpoint check failed %s", err)
}
// On macOS, if a process already listens on LOCALIPADDR:PORT, net.Listen() falls back
// to IPv6 address ie minio will start listening on IPv6 address whereas another
@@ -217,6 +219,17 @@ func initSafeModeInit(buckets []BucketInfo) (err error) {
if errors.As(err, &cerr) {
return
}
var cfgErr config.Error
if errors.As(err, &cfgErr) {
if cfgErr.Kind == config.ContinueKind {
// print the error and continue
logger.Info("Config validation failed '%s' the sub-system is turned-off and all other sub-systems", err)
err = nil
return
}
}
// Enable logger
logger.Disable = false
@@ -308,6 +321,9 @@ func serverMain(ctx *cli.Context) {
// Handle all server environment vars.
serverHandleEnvVars()
// Initialize all help
initHelp()
// Check and load TLS certificates.
var err error
globalPublicCerts, globalTLSCerts, globalIsSSL, err = getTLSConfig()
@@ -338,7 +354,9 @@ func serverMain(ctx *cli.Context) {
}
// Set system resources to maximum.
logger.LogIf(context.Background(), setMaxResources())
if err = setMaxResources(); err != nil {
logger.Info("Unable to set system resources to maximum %s", err)
}
if globalIsXL {
// Init global heal state
@@ -409,8 +427,14 @@ func serverMain(ctx *cli.Context) {
logger.FatalIf(initSafeModeInit(buckets), "Unable to initialize server")
if globalCacheConfig.Enabled {
msg := color.RedBold("Disk caching is disabled in 'server' mode, 'caching' is only supported in gateway deployments")
logger.StartupMessage(msg)
// initialize the new disk cache objects.
var cacheAPI CacheObjectLayer
cacheAPI, err = newServerCacheObjects(context.Background(), globalCacheConfig)
logger.FatalIf(err, "Unable to initialize disk caching")
globalObjLayerMutex.Lock()
globalCacheObjectAPI = cacheAPI
globalObjLayerMutex.Unlock()
}
initDailyLifecycle()
+3 -3
View File
@@ -49,7 +49,7 @@ func getFormatStr(strLen int, padding int) string {
func printStartupSafeModeMessage(apiEndpoints []string, err error) {
logStartupMessage(color.RedBold("Server startup failed with '%v'", err))
logStartupMessage(color.RedBold("Server switching to safe mode"))
logStartupMessage(color.RedBold("Please use 'mc admin' commands to fix this issue"))
logStartupMessage(color.RedBold("Please use 'mc admin config' commands fix this issue"))
// Object layer is initialized then print StorageInfo in safe mode.
objAPI := newObjectLayerWithoutSafeModeFn()
@@ -91,13 +91,13 @@ func printStartupSafeModeMessage(apiEndpoints []string, err error) {
mcMessage := fmt.Sprintf("> mc.exe config host add %s %s %s %s --api s3v4", alias,
endPoint, cred.AccessKey, cred.SecretKey)
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
mcMessage = fmt.Sprintf("> mc.exe admin --help")
mcMessage = fmt.Sprintf("> mc.exe admin config --help")
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
} else {
mcMessage := fmt.Sprintf("$ mc config host add %s %s %s %s --api s3v4", alias,
endPoint, cred.AccessKey, cred.SecretKey)
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
mcMessage = fmt.Sprintf("$ mc admin --help")
mcMessage = fmt.Sprintf("$ mc admin config --help")
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
}
}
+1
View File
@@ -76,6 +76,7 @@ func init() {
logger.Disable = true
initHelp()
// Uncomment the following line to see trace logs during unit tests.
// logger.AddTarget(console.New())
}