mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-04-22 11:09:02 -05:00
Ralf Haferkamp
ee974afebf
* Introduce TLS Settings for go-micro based grpc services and clients TLS for the services can be configure by setting the OCIS_MICRO_GRPC_TLS_ENABLED" "OCIS_MICRO_GRPC_TLS_CERTIFICATE" and "OCIS_MICRO_GRPC_TLS_KEY" enviroment variables. TLS for the clients can configured by setting the "OCIS_MICRO_GRPC_CLIENT_TLS_MODE" and "OCIS_MICRO_GRPC_CLIENT_TLS_CACERT" variables. By default TLS is disabled. Co-authored-by: Martin <github@diemattels.at> * Unify TLS configuration for all grpc services All grpc service (whether they're based on reva) or go-micro use the same set of config vars now. TLS for the services can be configure by setting the OCIS_GRPC_TLS_ENABLED, OCIS_GRPC_TLS_CERTIFICATE and OCIS_GRPC_TLS_KEY enviroment variables. TLS for the clients can configured by setting the OCIS_GRPC_CLIENT_TLS_MODE and OCIS_MICRO_GRPC_CLIENT_TLS_CACERT variables. There are no individual per service config vars currently. If really needed, per service tls configurations can be specified via config file. Co-authored-by: Martin <github@diemattels.at> Co-authored-by: Martin <github@diemattels.at>
40 lines
1.6 KiB
Go
40 lines
1.6 KiB
Go
package config
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/owncloud/ocis/v2/ocis-pkg/shared"
|
|
)
|
|
|
|
// Config combines all available configuration parts.
|
|
type Config struct {
|
|
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
|
|
|
|
Service Service `yaml:"-"`
|
|
|
|
Tracing *Tracing `yaml:"tracing"`
|
|
Log *Log `yaml:"log"`
|
|
CacheStore *CacheStore `yaml:"cache_store"`
|
|
Debug Debug `yaml:"debug"`
|
|
|
|
HTTP HTTP `yaml:"http"`
|
|
|
|
TokenManager *TokenManager `yaml:"token_manager"`
|
|
Reva *shared.Reva `yaml:"reva"`
|
|
GRPCClientTLS *shared.GRPCClientTLS `yaml:"grpc_client_tls"`
|
|
|
|
IdentityManagement IdentityManagement `yaml:"identity_management"`
|
|
|
|
AccountBackend string `yaml:"-"` // we only support cs3 backend, no need to have this configurable
|
|
MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary to access resources from other services."`
|
|
|
|
Context context.Context `yaml:"-"`
|
|
}
|
|
|
|
// IdentityManagement keeps track of the OIDC address. This is because Reva requisite of uniqueness for users
|
|
// is based in the combination of IDP hostname + UserID. For more information see:
|
|
// https://github.com/cs3org/reva/blob/4fd0229f13fae5bc9684556a82dbbd0eced65ef9/pkg/storage/utils/decomposedfs/node/node.go#L856-L865
|
|
type IdentityManagement struct {
|
|
Address string `yaml:"address" env:"OCIS_URL;OCIS_OIDC_ISSUER;OCS_IDM_ADDRESS" desc:"URL of the OIDC issuer. It defaults to URL of the builtin IDP."`
|
|
}
|