1package config 2 3import ( 4 "encoding/json" 5 "fmt" 6 7 "github.com/hashicorp/consul/lib/decode" 8 "github.com/hashicorp/hcl" 9 "github.com/mitchellh/mapstructure" 10) 11 12const ( 13 SerfLANKeyring = "serf/local.keyring" 14 SerfWANKeyring = "serf/remote.keyring" 15) 16 17type Source struct { 18 Name string 19 Format string 20 Data string 21} 22 23// Parse parses a config fragment in either JSON or HCL format. 24func Parse(data string, format string) (c Config, md mapstructure.Metadata, err error) { 25 var raw map[string]interface{} 26 switch format { 27 case "json": 28 err = json.Unmarshal([]byte(data), &raw) 29 case "hcl": 30 err = hcl.Decode(&raw, data) 31 default: 32 err = fmt.Errorf("invalid format: %s", format) 33 } 34 if err != nil { 35 return Config{}, mapstructure.Metadata{}, err 36 } 37 38 d, err := mapstructure.NewDecoder(&mapstructure.DecoderConfig{ 39 DecodeHook: mapstructure.ComposeDecodeHookFunc( 40 // decode.HookWeakDecodeFromSlice is only necessary when reading from 41 // an HCL config file. In the future we could omit it when reading from 42 // JSON configs. It is left here for now to maintain backwards compat 43 // for the unlikely scenario that someone is using malformed JSON configs 44 // and expecting this behaviour to correct their config. 45 decode.HookWeakDecodeFromSlice, 46 decode.HookTranslateKeys, 47 ), 48 Metadata: &md, 49 Result: &c, 50 }) 51 if err != nil { 52 return Config{}, mapstructure.Metadata{}, err 53 } 54 if err := d.Decode(raw); err != nil { 55 return Config{}, mapstructure.Metadata{}, err 56 } 57 58 return c, md, nil 59} 60 61// Cache is the tunning configuration for cache, values are optional 62type Cache struct { 63 // EntryFetchMaxBurst max burst size of RateLimit for a single cache entry 64 EntryFetchMaxBurst *int `json:"entry_fetch_max_burst,omitempty" hcl:"entry_fetch_max_burst" mapstructure:"entry_fetch_max_burst"` 65 // EntryFetchRate represents the max calls/sec for a single cache entry 66 EntryFetchRate *float64 `json:"entry_fetch_rate,omitempty" hcl:"entry_fetch_rate" mapstructure:"entry_fetch_rate"` 67} 68 69// Config defines the format of a configuration file in either JSON or 70// HCL format. 71// 72// It must contain only pointer values, slices and maps to support 73// standardized merging of multiple Config structs into one. 74// 75// Since this is the format which users use to specify their 76// configuration it should be treated as an external API which cannot be 77// changed and refactored at will since this will break existing setups. 78type Config struct { 79 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza 80 ACLAgentMasterToken *string `json:"acl_agent_master_token,omitempty" hcl:"acl_agent_master_token" mapstructure:"acl_agent_master_token"` 81 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza 82 ACLAgentToken *string `json:"acl_agent_token,omitempty" hcl:"acl_agent_token" mapstructure:"acl_agent_token"` 83 // DEPRECATED (ACL-Legacy-Compat) - moved to "primary_datacenter" 84 ACLDatacenter *string `json:"acl_datacenter,omitempty" hcl:"acl_datacenter" mapstructure:"acl_datacenter"` 85 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza 86 ACLDefaultPolicy *string `json:"acl_default_policy,omitempty" hcl:"acl_default_policy" mapstructure:"acl_default_policy"` 87 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza 88 ACLDownPolicy *string `json:"acl_down_policy,omitempty" hcl:"acl_down_policy" mapstructure:"acl_down_policy"` 89 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza 90 ACLEnableKeyListPolicy *bool `json:"acl_enable_key_list_policy,omitempty" hcl:"acl_enable_key_list_policy" mapstructure:"acl_enable_key_list_policy"` 91 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza 92 ACLMasterToken *string `json:"acl_master_token,omitempty" hcl:"acl_master_token" mapstructure:"acl_master_token"` 93 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza 94 ACLReplicationToken *string `json:"acl_replication_token,omitempty" hcl:"acl_replication_token" mapstructure:"acl_replication_token"` 95 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza 96 ACLTTL *string `json:"acl_ttl,omitempty" hcl:"acl_ttl" mapstructure:"acl_ttl"` 97 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza 98 ACLToken *string `json:"acl_token,omitempty" hcl:"acl_token" mapstructure:"acl_token"` 99 ACL ACL `json:"acl,omitempty" hcl:"acl" mapstructure:"acl"` 100 Addresses Addresses `json:"addresses,omitempty" hcl:"addresses" mapstructure:"addresses"` 101 AdvertiseAddrLAN *string `json:"advertise_addr,omitempty" hcl:"advertise_addr" mapstructure:"advertise_addr"` 102 AdvertiseAddrLANIPv4 *string `json:"advertise_addr_ipv4,omitempty" hcl:"advertise_addr_ipv4" mapstructure:"advertise_addr_ipv4"` 103 AdvertiseAddrLANIPv6 *string `json:"advertise_addr_ipv6,omitempty" hcl:"advertise_addr_ipv6" mapstructure:"advertise_addr_ipv6"` 104 AdvertiseAddrWAN *string `json:"advertise_addr_wan,omitempty" hcl:"advertise_addr_wan" mapstructure:"advertise_addr_wan"` 105 AdvertiseAddrWANIPv4 *string `json:"advertise_addr_wan_ipv4,omitempty" hcl:"advertise_addr_wan_ipv4" mapstructure:"advertise_addr_wan_ipv4"` 106 AdvertiseAddrWANIPv6 *string `json:"advertise_addr_wan_ipv6,omitempty" hcl:"advertise_addr_wan_ipv6" mapstructure:"advertise_addr_ipv6"` 107 AutoConfig AutoConfigRaw `json:"auto_config,omitempty" hcl:"auto_config" mapstructure:"auto_config"` 108 Autopilot Autopilot `json:"autopilot,omitempty" hcl:"autopilot" mapstructure:"autopilot"` 109 BindAddr *string `json:"bind_addr,omitempty" hcl:"bind_addr" mapstructure:"bind_addr"` 110 Bootstrap *bool `json:"bootstrap,omitempty" hcl:"bootstrap" mapstructure:"bootstrap"` 111 BootstrapExpect *int `json:"bootstrap_expect,omitempty" hcl:"bootstrap_expect" mapstructure:"bootstrap_expect"` 112 Cache Cache `json:"cache,omitempty" hcl:"cache" mapstructure:"cache"` 113 CAFile *string `json:"ca_file,omitempty" hcl:"ca_file" mapstructure:"ca_file"` 114 CAPath *string `json:"ca_path,omitempty" hcl:"ca_path" mapstructure:"ca_path"` 115 CertFile *string `json:"cert_file,omitempty" hcl:"cert_file" mapstructure:"cert_file"` 116 Check *CheckDefinition `json:"check,omitempty" hcl:"check" mapstructure:"check"` // needs to be a pointer to avoid partial merges 117 CheckOutputMaxSize *int `json:"check_output_max_size,omitempty" hcl:"check_output_max_size" mapstructure:"check_output_max_size"` 118 CheckUpdateInterval *string `json:"check_update_interval,omitempty" hcl:"check_update_interval" mapstructure:"check_update_interval"` 119 Checks []CheckDefinition `json:"checks,omitempty" hcl:"checks" mapstructure:"checks"` 120 ClientAddr *string `json:"client_addr,omitempty" hcl:"client_addr" mapstructure:"client_addr"` 121 ConfigEntries ConfigEntries `json:"config_entries,omitempty" hcl:"config_entries" mapstructure:"config_entries"` 122 AutoEncrypt AutoEncrypt `json:"auto_encrypt,omitempty" hcl:"auto_encrypt" mapstructure:"auto_encrypt"` 123 Connect Connect `json:"connect,omitempty" hcl:"connect" mapstructure:"connect"` 124 DNS DNS `json:"dns_config,omitempty" hcl:"dns_config" mapstructure:"dns_config"` 125 DNSDomain *string `json:"domain,omitempty" hcl:"domain" mapstructure:"domain"` 126 DNSAltDomain *string `json:"alt_domain,omitempty" hcl:"alt_domain" mapstructure:"alt_domain"` 127 DNSRecursors []string `json:"recursors,omitempty" hcl:"recursors" mapstructure:"recursors"` 128 DataDir *string `json:"data_dir,omitempty" hcl:"data_dir" mapstructure:"data_dir"` 129 Datacenter *string `json:"datacenter,omitempty" hcl:"datacenter" mapstructure:"datacenter"` 130 DefaultQueryTime *string `json:"default_query_time,omitempty" hcl:"default_query_time" mapstructure:"default_query_time"` 131 DisableAnonymousSignature *bool `json:"disable_anonymous_signature,omitempty" hcl:"disable_anonymous_signature" mapstructure:"disable_anonymous_signature"` 132 DisableCoordinates *bool `json:"disable_coordinates,omitempty" hcl:"disable_coordinates" mapstructure:"disable_coordinates"` 133 DisableHostNodeID *bool `json:"disable_host_node_id,omitempty" hcl:"disable_host_node_id" mapstructure:"disable_host_node_id"` 134 DisableHTTPUnprintableCharFilter *bool `json:"disable_http_unprintable_char_filter,omitempty" hcl:"disable_http_unprintable_char_filter" mapstructure:"disable_http_unprintable_char_filter"` 135 DisableKeyringFile *bool `json:"disable_keyring_file,omitempty" hcl:"disable_keyring_file" mapstructure:"disable_keyring_file"` 136 DisableRemoteExec *bool `json:"disable_remote_exec,omitempty" hcl:"disable_remote_exec" mapstructure:"disable_remote_exec"` 137 DisableUpdateCheck *bool `json:"disable_update_check,omitempty" hcl:"disable_update_check" mapstructure:"disable_update_check"` 138 DiscardCheckOutput *bool `json:"discard_check_output" hcl:"discard_check_output" mapstructure:"discard_check_output"` 139 DiscoveryMaxStale *string `json:"discovery_max_stale" hcl:"discovery_max_stale" mapstructure:"discovery_max_stale"` 140 EnableACLReplication *bool `json:"enable_acl_replication,omitempty" hcl:"enable_acl_replication" mapstructure:"enable_acl_replication"` 141 EnableAgentTLSForChecks *bool `json:"enable_agent_tls_for_checks,omitempty" hcl:"enable_agent_tls_for_checks" mapstructure:"enable_agent_tls_for_checks"` 142 EnableCentralServiceConfig *bool `json:"enable_central_service_config,omitempty" hcl:"enable_central_service_config" mapstructure:"enable_central_service_config"` 143 EnableDebug *bool `json:"enable_debug,omitempty" hcl:"enable_debug" mapstructure:"enable_debug"` 144 EnableScriptChecks *bool `json:"enable_script_checks,omitempty" hcl:"enable_script_checks" mapstructure:"enable_script_checks"` 145 EnableLocalScriptChecks *bool `json:"enable_local_script_checks,omitempty" hcl:"enable_local_script_checks" mapstructure:"enable_local_script_checks"` 146 EnableSyslog *bool `json:"enable_syslog,omitempty" hcl:"enable_syslog" mapstructure:"enable_syslog"` 147 EncryptKey *string `json:"encrypt,omitempty" hcl:"encrypt" mapstructure:"encrypt"` 148 EncryptVerifyIncoming *bool `json:"encrypt_verify_incoming,omitempty" hcl:"encrypt_verify_incoming" mapstructure:"encrypt_verify_incoming"` 149 EncryptVerifyOutgoing *bool `json:"encrypt_verify_outgoing,omitempty" hcl:"encrypt_verify_outgoing" mapstructure:"encrypt_verify_outgoing"` 150 GossipLAN GossipLANConfig `json:"gossip_lan,omitempty" hcl:"gossip_lan" mapstructure:"gossip_lan"` 151 GossipWAN GossipWANConfig `json:"gossip_wan,omitempty" hcl:"gossip_wan" mapstructure:"gossip_wan"` 152 HTTPConfig HTTPConfig `json:"http_config,omitempty" hcl:"http_config" mapstructure:"http_config"` 153 KeyFile *string `json:"key_file,omitempty" hcl:"key_file" mapstructure:"key_file"` 154 LeaveOnTerm *bool `json:"leave_on_terminate,omitempty" hcl:"leave_on_terminate" mapstructure:"leave_on_terminate"` 155 Limits Limits `json:"limits,omitempty" hcl:"limits" mapstructure:"limits"` 156 LogLevel *string `json:"log_level,omitempty" hcl:"log_level" mapstructure:"log_level"` 157 LogJSON *bool `json:"log_json,omitempty" hcl:"log_json" mapstructure:"log_json"` 158 LogFile *string `json:"log_file,omitempty" hcl:"log_file" mapstructure:"log_file"` 159 LogRotateDuration *string `json:"log_rotate_duration,omitempty" hcl:"log_rotate_duration" mapstructure:"log_rotate_duration"` 160 LogRotateBytes *int `json:"log_rotate_bytes,omitempty" hcl:"log_rotate_bytes" mapstructure:"log_rotate_bytes"` 161 LogRotateMaxFiles *int `json:"log_rotate_max_files,omitempty" hcl:"log_rotate_max_files" mapstructure:"log_rotate_max_files"` 162 MaxQueryTime *string `json:"max_query_time,omitempty" hcl:"max_query_time" mapstructure:"max_query_time"` 163 NodeID *string `json:"node_id,omitempty" hcl:"node_id" mapstructure:"node_id"` 164 NodeMeta map[string]string `json:"node_meta,omitempty" hcl:"node_meta" mapstructure:"node_meta"` 165 NodeName *string `json:"node_name,omitempty" hcl:"node_name" mapstructure:"node_name"` 166 Performance Performance `json:"performance,omitempty" hcl:"performance" mapstructure:"performance"` 167 PidFile *string `json:"pid_file,omitempty" hcl:"pid_file" mapstructure:"pid_file"` 168 Ports Ports `json:"ports,omitempty" hcl:"ports" mapstructure:"ports"` 169 PrimaryDatacenter *string `json:"primary_datacenter,omitempty" hcl:"primary_datacenter" mapstructure:"primary_datacenter"` 170 PrimaryGateways []string `json:"primary_gateways" hcl:"primary_gateways" mapstructure:"primary_gateways"` 171 PrimaryGatewaysInterval *string `json:"primary_gateways_interval,omitempty" hcl:"primary_gateways_interval" mapstructure:"primary_gateways_interval"` 172 RPCProtocol *int `json:"protocol,omitempty" hcl:"protocol" mapstructure:"protocol"` 173 RaftProtocol *int `json:"raft_protocol,omitempty" hcl:"raft_protocol" mapstructure:"raft_protocol"` 174 RaftSnapshotThreshold *int `json:"raft_snapshot_threshold,omitempty" hcl:"raft_snapshot_threshold" mapstructure:"raft_snapshot_threshold"` 175 RaftSnapshotInterval *string `json:"raft_snapshot_interval,omitempty" hcl:"raft_snapshot_interval" mapstructure:"raft_snapshot_interval"` 176 RaftTrailingLogs *int `json:"raft_trailing_logs,omitempty" hcl:"raft_trailing_logs" mapstructure:"raft_trailing_logs"` 177 ReconnectTimeoutLAN *string `json:"reconnect_timeout,omitempty" hcl:"reconnect_timeout" mapstructure:"reconnect_timeout"` 178 ReconnectTimeoutWAN *string `json:"reconnect_timeout_wan,omitempty" hcl:"reconnect_timeout_wan" mapstructure:"reconnect_timeout_wan"` 179 RejoinAfterLeave *bool `json:"rejoin_after_leave,omitempty" hcl:"rejoin_after_leave" mapstructure:"rejoin_after_leave"` 180 RetryJoinIntervalLAN *string `json:"retry_interval,omitempty" hcl:"retry_interval" mapstructure:"retry_interval"` 181 RetryJoinIntervalWAN *string `json:"retry_interval_wan,omitempty" hcl:"retry_interval_wan" mapstructure:"retry_interval_wan"` 182 RetryJoinLAN []string `json:"retry_join,omitempty" hcl:"retry_join" mapstructure:"retry_join"` 183 RetryJoinMaxAttemptsLAN *int `json:"retry_max,omitempty" hcl:"retry_max" mapstructure:"retry_max"` 184 RetryJoinMaxAttemptsWAN *int `json:"retry_max_wan,omitempty" hcl:"retry_max_wan" mapstructure:"retry_max_wan"` 185 RetryJoinWAN []string `json:"retry_join_wan,omitempty" hcl:"retry_join_wan" mapstructure:"retry_join_wan"` 186 SerfAllowedCIDRsLAN []string `json:"serf_lan_allowed_cidrs,omitempty" hcl:"serf_lan_allowed_cidrs" mapstructure:"serf_lan_allowed_cidrs"` 187 SerfAllowedCIDRsWAN []string `json:"serf_wan_allowed_cidrs,omitempty" hcl:"serf_wan_allowed_cidrs" mapstructure:"serf_wan_allowed_cidrs"` 188 SerfBindAddrLAN *string `json:"serf_lan,omitempty" hcl:"serf_lan" mapstructure:"serf_lan"` 189 SerfBindAddrWAN *string `json:"serf_wan,omitempty" hcl:"serf_wan" mapstructure:"serf_wan"` 190 ServerMode *bool `json:"server,omitempty" hcl:"server" mapstructure:"server"` 191 ServerName *string `json:"server_name,omitempty" hcl:"server_name" mapstructure:"server_name"` 192 Service *ServiceDefinition `json:"service,omitempty" hcl:"service" mapstructure:"service"` 193 Services []ServiceDefinition `json:"services,omitempty" hcl:"services" mapstructure:"services"` 194 SessionTTLMin *string `json:"session_ttl_min,omitempty" hcl:"session_ttl_min" mapstructure:"session_ttl_min"` 195 SkipLeaveOnInt *bool `json:"skip_leave_on_interrupt,omitempty" hcl:"skip_leave_on_interrupt" mapstructure:"skip_leave_on_interrupt"` 196 StartJoinAddrsLAN []string `json:"start_join,omitempty" hcl:"start_join" mapstructure:"start_join"` 197 StartJoinAddrsWAN []string `json:"start_join_wan,omitempty" hcl:"start_join_wan" mapstructure:"start_join_wan"` 198 SyslogFacility *string `json:"syslog_facility,omitempty" hcl:"syslog_facility" mapstructure:"syslog_facility"` 199 TLSCipherSuites *string `json:"tls_cipher_suites,omitempty" hcl:"tls_cipher_suites" mapstructure:"tls_cipher_suites"` 200 TLSMinVersion *string `json:"tls_min_version,omitempty" hcl:"tls_min_version" mapstructure:"tls_min_version"` 201 TLSPreferServerCipherSuites *bool `json:"tls_prefer_server_cipher_suites,omitempty" hcl:"tls_prefer_server_cipher_suites" mapstructure:"tls_prefer_server_cipher_suites"` 202 TaggedAddresses map[string]string `json:"tagged_addresses,omitempty" hcl:"tagged_addresses" mapstructure:"tagged_addresses"` 203 Telemetry Telemetry `json:"telemetry,omitempty" hcl:"telemetry" mapstructure:"telemetry"` 204 TranslateWANAddrs *bool `json:"translate_wan_addrs,omitempty" hcl:"translate_wan_addrs" mapstructure:"translate_wan_addrs"` 205 UI *bool `json:"ui,omitempty" hcl:"ui" mapstructure:"ui"` 206 UIContentPath *string `json:"ui_content_path,omitempty" hcl:"ui_content_path" mapstructure:"ui_content_path"` 207 UIDir *string `json:"ui_dir,omitempty" hcl:"ui_dir" mapstructure:"ui_dir"` 208 UnixSocket UnixSocket `json:"unix_sockets,omitempty" hcl:"unix_sockets" mapstructure:"unix_sockets"` 209 VerifyIncoming *bool `json:"verify_incoming,omitempty" hcl:"verify_incoming" mapstructure:"verify_incoming"` 210 VerifyIncomingHTTPS *bool `json:"verify_incoming_https,omitempty" hcl:"verify_incoming_https" mapstructure:"verify_incoming_https"` 211 VerifyIncomingRPC *bool `json:"verify_incoming_rpc,omitempty" hcl:"verify_incoming_rpc" mapstructure:"verify_incoming_rpc"` 212 VerifyOutgoing *bool `json:"verify_outgoing,omitempty" hcl:"verify_outgoing" mapstructure:"verify_outgoing"` 213 VerifyServerHostname *bool `json:"verify_server_hostname,omitempty" hcl:"verify_server_hostname" mapstructure:"verify_server_hostname"` 214 Watches []map[string]interface{} `json:"watches,omitempty" hcl:"watches" mapstructure:"watches"` 215 216 // This isn't used by Consul but we've documented a feature where users 217 // can deploy their snapshot agent configs alongside their Consul configs 218 // so we have a placeholder here so it can be parsed but this doesn't 219 // manifest itself in any way inside the runtime config. 220 SnapshotAgent map[string]interface{} `json:"snapshot_agent,omitempty" hcl:"snapshot_agent" mapstructure:"snapshot_agent"` 221 222 // non-user configurable values 223 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza 224 ACLDisabledTTL *string `json:"acl_disabled_ttl,omitempty" hcl:"acl_disabled_ttl" mapstructure:"acl_disabled_ttl"` 225 AEInterval *string `json:"ae_interval,omitempty" hcl:"ae_interval" mapstructure:"ae_interval"` 226 CheckDeregisterIntervalMin *string `json:"check_deregister_interval_min,omitempty" hcl:"check_deregister_interval_min" mapstructure:"check_deregister_interval_min"` 227 CheckReapInterval *string `json:"check_reap_interval,omitempty" hcl:"check_reap_interval" mapstructure:"check_reap_interval"` 228 Consul Consul `json:"consul,omitempty" hcl:"consul" mapstructure:"consul"` 229 Revision *string `json:"revision,omitempty" hcl:"revision" mapstructure:"revision"` 230 SegmentLimit *int `json:"segment_limit,omitempty" hcl:"segment_limit" mapstructure:"segment_limit"` 231 SegmentNameLimit *int `json:"segment_name_limit,omitempty" hcl:"segment_name_limit" mapstructure:"segment_name_limit"` 232 SyncCoordinateIntervalMin *string `json:"sync_coordinate_interval_min,omitempty" hcl:"sync_coordinate_interval_min" mapstructure:"sync_coordinate_interval_min"` 233 SyncCoordinateRateTarget *float64 `json:"sync_coordinate_rate_target,omitempty" hcl:"sync_coordinate_rate_target" mapstructure:"sync_coordinate_rate_target"` 234 Version *string `json:"version,omitempty" hcl:"version" mapstructure:"version"` 235 VersionPrerelease *string `json:"version_prerelease,omitempty" hcl:"version_prerelease" mapstructure:"version_prerelease"` 236 237 // Enterprise Only 238 Audit *Audit `json:"audit,omitempty" hcl:"audit" mapstructure:"audit"` 239 // Enterprise Only 240 NonVotingServer *bool `json:"non_voting_server,omitempty" hcl:"non_voting_server" mapstructure:"non_voting_server"` 241 // Enterprise Only 242 SegmentName *string `json:"segment,omitempty" hcl:"segment" mapstructure:"segment"` 243 // Enterprise Only 244 Segments []Segment `json:"segments,omitempty" hcl:"segments" mapstructure:"segments"` 245} 246 247type GossipLANConfig struct { 248 GossipNodes *int `json:"gossip_nodes,omitempty" hcl:"gossip_nodes" mapstructure:"gossip_nodes"` 249 GossipInterval *string `json:"gossip_interval,omitempty" hcl:"gossip_interval" mapstructure:"gossip_interval"` 250 ProbeInterval *string `json:"probe_interval,omitempty" hcl:"probe_interval" mapstructure:"probe_interval"` 251 ProbeTimeout *string `json:"probe_timeout,omitempty" hcl:"probe_timeout" mapstructure:"probe_timeout"` 252 SuspicionMult *int `json:"suspicion_mult,omitempty" hcl:"suspicion_mult" mapstructure:"suspicion_mult"` 253 RetransmitMult *int `json:"retransmit_mult,omitempty" hcl:"retransmit_mult" mapstructure:"retransmit_mult"` 254} 255 256type GossipWANConfig struct { 257 GossipNodes *int `json:"gossip_nodes,omitempty" hcl:"gossip_nodes" mapstructure:"gossip_nodes"` 258 GossipInterval *string `json:"gossip_interval,omitempty" hcl:"gossip_interval" mapstructure:"gossip_interval"` 259 ProbeInterval *string `json:"probe_interval,omitempty" hcl:"probe_interval" mapstructure:"probe_interval"` 260 ProbeTimeout *string `json:"probe_timeout,omitempty" hcl:"probe_timeout" mapstructure:"probe_timeout"` 261 SuspicionMult *int `json:"suspicion_mult,omitempty" hcl:"suspicion_mult" mapstructure:"suspicion_mult"` 262 RetransmitMult *int `json:"retransmit_mult,omitempty" hcl:"retransmit_mult" mapstructure:"retransmit_mult"` 263} 264 265type Consul struct { 266 Coordinate struct { 267 UpdateBatchSize *int `json:"update_batch_size,omitempty" hcl:"update_batch_size" mapstructure:"update_batch_size"` 268 UpdateMaxBatches *int `json:"update_max_batches,omitempty" hcl:"update_max_batches" mapstructure:"update_max_batches"` 269 UpdatePeriod *string `json:"update_period,omitempty" hcl:"update_period" mapstructure:"update_period"` 270 } `json:"coordinate,omitempty" hcl:"coordinate" mapstructure:"coordinate"` 271 272 Raft struct { 273 ElectionTimeout *string `json:"election_timeout,omitempty" hcl:"election_timeout" mapstructure:"election_timeout"` 274 HeartbeatTimeout *string `json:"heartbeat_timeout,omitempty" hcl:"heartbeat_timeout" mapstructure:"heartbeat_timeout"` 275 LeaderLeaseTimeout *string `json:"leader_lease_timeout,omitempty" hcl:"leader_lease_timeout" mapstructure:"leader_lease_timeout"` 276 } `json:"raft,omitempty" hcl:"raft" mapstructure:"raft"` 277 278 Server struct { 279 HealthInterval *string `json:"health_interval,omitempty" hcl:"health_interval" mapstructure:"health_interval"` 280 } `json:"server,omitempty" hcl:"server" mapstructure:"server"` 281} 282 283type Addresses struct { 284 DNS *string `json:"dns,omitempty" hcl:"dns" mapstructure:"dns"` 285 HTTP *string `json:"http,omitempty" hcl:"http" mapstructure:"http"` 286 HTTPS *string `json:"https,omitempty" hcl:"https" mapstructure:"https"` 287 GRPC *string `json:"grpc,omitempty" hcl:"grpc" mapstructure:"grpc"` 288} 289 290type AdvertiseAddrsConfig struct { 291 RPC *string `json:"rpc,omitempty" hcl:"rpc" mapstructure:"rpc"` 292 SerfLAN *string `json:"serf_lan,omitempty" hcl:"serf_lan" mapstructure:"serf_lan"` 293 SerfWAN *string `json:"serf_wan,omitempty" hcl:"serf_wan" mapstructure:"serf_wan"` 294} 295 296type Autopilot struct { 297 CleanupDeadServers *bool `json:"cleanup_dead_servers,omitempty" hcl:"cleanup_dead_servers" mapstructure:"cleanup_dead_servers"` 298 LastContactThreshold *string `json:"last_contact_threshold,omitempty" hcl:"last_contact_threshold" mapstructure:"last_contact_threshold"` 299 MaxTrailingLogs *int `json:"max_trailing_logs,omitempty" hcl:"max_trailing_logs" mapstructure:"max_trailing_logs"` 300 MinQuorum *uint `json:"min_quorum,omitempty" hcl:"min_quorum" mapstructure:"min_quorum"` 301 ServerStabilizationTime *string `json:"server_stabilization_time,omitempty" hcl:"server_stabilization_time" mapstructure:"server_stabilization_time"` 302 303 // Enterprise Only 304 DisableUpgradeMigration *bool `json:"disable_upgrade_migration,omitempty" hcl:"disable_upgrade_migration" mapstructure:"disable_upgrade_migration"` 305 // Enterprise Only 306 RedundancyZoneTag *string `json:"redundancy_zone_tag,omitempty" hcl:"redundancy_zone_tag" mapstructure:"redundancy_zone_tag"` 307 // Enterprise Only 308 UpgradeVersionTag *string `json:"upgrade_version_tag,omitempty" hcl:"upgrade_version_tag" mapstructure:"upgrade_version_tag"` 309} 310 311// ServiceWeights defines the registration of weights used in DNS for a Service 312type ServiceWeights struct { 313 Passing *int `json:"passing,omitempty" hcl:"passing" mapstructure:"passing"` 314 Warning *int `json:"warning,omitempty" hcl:"warning" mapstructure:"warning"` 315} 316 317type ServiceAddress struct { 318 Address *string `json:"address,omitempty" hcl:"address" mapstructure:"address"` 319 Port *int `json:"port,omitempty" hcl:"port" mapstructure:"port"` 320} 321 322type ServiceDefinition struct { 323 Kind *string `json:"kind,omitempty" hcl:"kind" mapstructure:"kind"` 324 ID *string `json:"id,omitempty" hcl:"id" mapstructure:"id"` 325 Name *string `json:"name,omitempty" hcl:"name" mapstructure:"name"` 326 Tags []string `json:"tags,omitempty" hcl:"tags" mapstructure:"tags"` 327 Address *string `json:"address,omitempty" hcl:"address" mapstructure:"address"` 328 TaggedAddresses map[string]ServiceAddress `json:"tagged_addresses,omitempty" hcl:"tagged_addresses" mapstructure:"tagged_addresses"` 329 Meta map[string]string `json:"meta,omitempty" hcl:"meta" mapstructure:"meta"` 330 Port *int `json:"port,omitempty" hcl:"port" mapstructure:"port"` 331 Check *CheckDefinition `json:"check,omitempty" hcl:"check" mapstructure:"check"` 332 Checks []CheckDefinition `json:"checks,omitempty" hcl:"checks" mapstructure:"checks"` 333 Token *string `json:"token,omitempty" hcl:"token" mapstructure:"token"` 334 Weights *ServiceWeights `json:"weights,omitempty" hcl:"weights" mapstructure:"weights"` 335 EnableTagOverride *bool `json:"enable_tag_override,omitempty" hcl:"enable_tag_override" mapstructure:"enable_tag_override"` 336 Proxy *ServiceProxy `json:"proxy,omitempty" hcl:"proxy" mapstructure:"proxy"` 337 Connect *ServiceConnect `json:"connect,omitempty" hcl:"connect" mapstructure:"connect"` 338 339 EnterpriseMeta `hcl:",squash" mapstructure:",squash"` 340} 341 342type CheckDefinition struct { 343 ID *string `json:"id,omitempty" hcl:"id" mapstructure:"id"` 344 Name *string `json:"name,omitempty" hcl:"name" mapstructure:"name"` 345 Notes *string `json:"notes,omitempty" hcl:"notes" mapstructure:"notes"` 346 ServiceID *string `json:"service_id,omitempty" hcl:"service_id" mapstructure:"service_id" alias:"serviceid"` 347 Token *string `json:"token,omitempty" hcl:"token" mapstructure:"token"` 348 Status *string `json:"status,omitempty" hcl:"status" mapstructure:"status"` 349 ScriptArgs []string `json:"args,omitempty" hcl:"args" mapstructure:"args" alias:"scriptargs"` 350 HTTP *string `json:"http,omitempty" hcl:"http" mapstructure:"http"` 351 Header map[string][]string `json:"header,omitempty" hcl:"header" mapstructure:"header"` 352 Method *string `json:"method,omitempty" hcl:"method" mapstructure:"method"` 353 Body *string `json:"body,omitempty" hcl:"body" mapstructure:"body"` 354 OutputMaxSize *int `json:"output_max_size,omitempty" hcl:"output_max_size" mapstructure:"output_max_size"` 355 TCP *string `json:"tcp,omitempty" hcl:"tcp" mapstructure:"tcp"` 356 Interval *string `json:"interval,omitempty" hcl:"interval" mapstructure:"interval"` 357 DockerContainerID *string `json:"docker_container_id,omitempty" hcl:"docker_container_id" mapstructure:"docker_container_id" alias:"dockercontainerid"` 358 Shell *string `json:"shell,omitempty" hcl:"shell" mapstructure:"shell"` 359 GRPC *string `json:"grpc,omitempty" hcl:"grpc" mapstructure:"grpc"` 360 GRPCUseTLS *bool `json:"grpc_use_tls,omitempty" hcl:"grpc_use_tls" mapstructure:"grpc_use_tls"` 361 TLSSkipVerify *bool `json:"tls_skip_verify,omitempty" hcl:"tls_skip_verify" mapstructure:"tls_skip_verify" alias:"tlsskipverify"` 362 AliasNode *string `json:"alias_node,omitempty" hcl:"alias_node" mapstructure:"alias_node"` 363 AliasService *string `json:"alias_service,omitempty" hcl:"alias_service" mapstructure:"alias_service"` 364 Timeout *string `json:"timeout,omitempty" hcl:"timeout" mapstructure:"timeout"` 365 TTL *string `json:"ttl,omitempty" hcl:"ttl" mapstructure:"ttl"` 366 SuccessBeforePassing *int `json:"success_before_passing,omitempty" hcl:"success_before_passing" mapstructure:"success_before_passing"` 367 FailuresBeforeCritical *int `json:"failures_before_critical,omitempty" hcl:"failures_before_critical" mapstructure:"failures_before_critical"` 368 DeregisterCriticalServiceAfter *string `json:"deregister_critical_service_after,omitempty" hcl:"deregister_critical_service_after" mapstructure:"deregister_critical_service_after" alias:"deregistercriticalserviceafter"` 369 370 EnterpriseMeta `hcl:",squash" mapstructure:",squash"` 371} 372 373// ServiceConnect is the connect block within a service registration 374type ServiceConnect struct { 375 // Native is true when this service can natively understand Connect. 376 Native *bool `json:"native,omitempty" hcl:"native" mapstructure:"native"` 377 378 // SidecarService is a nested Service Definition to register at the same time. 379 // It's purely a convenience mechanism to allow specifying a sidecar service 380 // along with the application service definition. It's nested nature allows 381 // all of the fields to be defaulted which can reduce the amount of 382 // boilerplate needed to register a sidecar service separately, but the end 383 // result is identical to just making a second service registration via any 384 // other means. 385 SidecarService *ServiceDefinition `json:"sidecar_service,omitempty" hcl:"sidecar_service" mapstructure:"sidecar_service"` 386} 387 388// ServiceProxy is the additional config needed for a Kind = connect-proxy 389// registration. 390type ServiceProxy struct { 391 // DestinationServiceName is required and is the name of the service to accept 392 // traffic for. 393 DestinationServiceName *string `json:"destination_service_name,omitempty" hcl:"destination_service_name" mapstructure:"destination_service_name"` 394 395 // DestinationServiceID is optional and should only be specified for 396 // "side-car" style proxies where the proxy is in front of just a single 397 // instance of the service. It should be set to the service ID of the instance 398 // being represented which must be registered to the same agent. It's valid to 399 // provide a service ID that does not yet exist to avoid timing issues when 400 // bootstrapping a service with a proxy. 401 DestinationServiceID *string `json:"destination_service_id,omitempty" hcl:"destination_service_id" mapstructure:"destination_service_id"` 402 403 // LocalServiceAddress is the address of the local service instance. It is 404 // optional and should only be specified for "side-car" style proxies. It will 405 // default to 127.0.0.1 if the proxy is a "side-car" (DestinationServiceID is 406 // set) but otherwise will be ignored. 407 LocalServiceAddress *string `json:"local_service_address,omitempty" hcl:"local_service_address" mapstructure:"local_service_address"` 408 409 // LocalServicePort is the port of the local service instance. It is optional 410 // and should only be specified for "side-car" style proxies. It will default 411 // to the registered port for the instance if the proxy is a "side-car" 412 // (DestinationServiceID is set) but otherwise will be ignored. 413 LocalServicePort *int `json:"local_service_port,omitempty" hcl:"local_service_port" mapstructure:"local_service_port"` 414 415 // Config is the arbitrary configuration data provided with the proxy 416 // registration. 417 Config map[string]interface{} `json:"config,omitempty" hcl:"config" mapstructure:"config"` 418 419 // Upstreams describes any upstream dependencies the proxy instance should 420 // setup. 421 Upstreams []Upstream `json:"upstreams,omitempty" hcl:"upstreams" mapstructure:"upstreams"` 422 423 // Mesh Gateway Configuration 424 MeshGateway *MeshGatewayConfig `json:"mesh_gateway,omitempty" hcl:"mesh_gateway" mapstructure:"mesh_gateway"` 425 426 // Expose defines whether checks or paths are exposed through the proxy 427 Expose *ExposeConfig `json:"expose,omitempty" hcl:"expose" mapstructure:"expose"` 428} 429 430// Upstream represents a single upstream dependency for a service or proxy. It 431// describes the mechanism used to discover instances to communicate with (the 432// Target) as well as any potential client configuration that may be useful such 433// as load balancer options, timeouts etc. 434type Upstream struct { 435 // Destination fields are the required ones for determining what this upstream 436 // points to. Depending on DestinationType some other fields below might 437 // further restrict the set of instances allowable. 438 // 439 // DestinationType would be better as an int constant but even with custom 440 // JSON marshallers it causes havoc with all the mapstructure mangling we do 441 // on service definitions in various places. 442 DestinationType *string `json:"destination_type,omitempty" hcl:"destination_type" mapstructure:"destination_type"` 443 DestinationNamespace *string `json:"destination_namespace,omitempty" hcl:"destination_namespace" mapstructure:"destination_namespace"` 444 DestinationName *string `json:"destination_name,omitempty" hcl:"destination_name" mapstructure:"destination_name"` 445 446 // Datacenter that the service discovery request should be run against. Note 447 // for prepared queries, the actual results might be from a different 448 // datacenter. 449 Datacenter *string `json:"datacenter,omitempty" hcl:"datacenter" mapstructure:"datacenter"` 450 451 // LocalBindAddress is the ip address a side-car proxy should listen on for 452 // traffic destined for this upstream service. Default if empty is 127.0.0.1. 453 LocalBindAddress *string `json:"local_bind_address,omitempty" hcl:"local_bind_address" mapstructure:"local_bind_address"` 454 455 // LocalBindPort is the ip address a side-car proxy should listen on for traffic 456 // destined for this upstream service. Required. 457 LocalBindPort *int `json:"local_bind_port,omitempty" hcl:"local_bind_port" mapstructure:"local_bind_port"` 458 459 // Config is an opaque config that is specific to the proxy process being run. 460 // It can be used to pass arbitrary configuration for this specific upstream 461 // to the proxy. 462 Config map[string]interface{} `json:"config,omitempty" hcl:"config" mapstructure:"config"` 463 464 // Mesh Gateway Configuration 465 MeshGateway *MeshGatewayConfig `json:"mesh_gateway,omitempty" hcl:"mesh_gateway" mapstructure:"mesh_gateway"` 466} 467 468type MeshGatewayConfig struct { 469 // Mesh Gateway Mode 470 Mode *string `json:"mode,omitempty" hcl:"mode" mapstructure:"mode"` 471} 472 473// ExposeConfig describes HTTP paths to expose through Envoy outside of Connect. 474// Users can expose individual paths and/or all HTTP/GRPC paths for checks. 475type ExposeConfig struct { 476 // Checks defines whether paths associated with Consul checks will be exposed. 477 // This flag triggers exposing all HTTP and GRPC check paths registered for the service. 478 Checks *bool `json:"checks,omitempty" hcl:"checks" mapstructure:"checks"` 479 480 // Port defines the port of the proxy's listener for exposed paths. 481 Port *int `json:"port,omitempty" hcl:"port" mapstructure:"port"` 482 483 // Paths is the list of paths exposed through the proxy. 484 Paths []ExposePath `json:"paths,omitempty" hcl:"paths" mapstructure:"paths"` 485} 486 487type ExposePath struct { 488 // ListenerPort defines the port of the proxy's listener for exposed paths. 489 ListenerPort *int `json:"listener_port,omitempty" hcl:"listener_port" mapstructure:"listener_port"` 490 491 // Path is the path to expose through the proxy, ie. "/metrics." 492 Path *string `json:"path,omitempty" hcl:"path" mapstructure:"path"` 493 494 // Protocol describes the upstream's service protocol. 495 Protocol *string `json:"protocol,omitempty" hcl:"protocol" mapstructure:"protocol"` 496 497 // LocalPathPort is the port that the service is listening on for the given path. 498 LocalPathPort *int `json:"local_path_port,omitempty" hcl:"local_path_port" mapstructure:"local_path_port"` 499} 500 501// AutoEncrypt is the agent-global auto_encrypt configuration. 502type AutoEncrypt struct { 503 // TLS enables receiving certificates for clients from servers 504 TLS *bool `json:"tls,omitempty" hcl:"tls" mapstructure:"tls"` 505 506 // Additional DNS SAN entries that clients request for their certificates. 507 DNSSAN []string `json:"dns_san,omitempty" hcl:"dns_san" mapstructure:"dns_san"` 508 509 // Additional IP SAN entries that clients request for their certificates. 510 IPSAN []string `json:"ip_san,omitempty" hcl:"ip_san" mapstructure:"ip_san"` 511 512 // AllowTLS enables the RPC endpoint on the server to answer 513 // AutoEncrypt.Sign requests. 514 AllowTLS *bool `json:"allow_tls,omitempty" hcl:"allow_tls" mapstructure:"allow_tls"` 515} 516 517// Connect is the agent-global connect configuration. 518type Connect struct { 519 // Enabled opts the agent into connect. It should be set on all clients and 520 // servers in a cluster for correct connect operation. 521 Enabled *bool `json:"enabled,omitempty" hcl:"enabled" mapstructure:"enabled"` 522 CAProvider *string `json:"ca_provider,omitempty" hcl:"ca_provider" mapstructure:"ca_provider"` 523 CAConfig map[string]interface{} `json:"ca_config,omitempty" hcl:"ca_config" mapstructure:"ca_config"` 524 MeshGatewayWANFederationEnabled *bool `json:"enable_mesh_gateway_wan_federation" hcl:"enable_mesh_gateway_wan_federation" mapstructure:"enable_mesh_gateway_wan_federation"` 525 526 // TestCALeafRootChangeSpread controls how long after a CA roots change before new leaft certs will be generated. 527 // This is only tuned in tests, generally set to 1ns to make tests deterministic with when to expect updated leaf 528 // certs by. This configuration is not exposed to users (not documented, and agent/config/default.go will override it) 529 TestCALeafRootChangeSpread *string `json:"test_ca_leaf_root_change_spread,omitempty" hcl:"test_ca_leaf_root_change_spread" mapstructure:"test_ca_leaf_root_change_spread"` 530} 531 532// SOA is the configuration of SOA for DNS 533type SOA struct { 534 Refresh *uint32 `json:"refresh,omitempty" hcl:"refresh" mapstructure:"refresh"` 535 Retry *uint32 `json:"retry,omitempty" hcl:"retry" mapstructure:"retry"` 536 Expire *uint32 `json:"expire,omitempty" hcl:"expire" mapstructure:"expire"` 537 Minttl *uint32 `json:"min_ttl,omitempty" hcl:"min_ttl" mapstructure:"min_ttl"` 538} 539 540type DNS struct { 541 AllowStale *bool `json:"allow_stale,omitempty" hcl:"allow_stale" mapstructure:"allow_stale"` 542 ARecordLimit *int `json:"a_record_limit,omitempty" hcl:"a_record_limit" mapstructure:"a_record_limit"` 543 DisableCompression *bool `json:"disable_compression,omitempty" hcl:"disable_compression" mapstructure:"disable_compression"` 544 EnableTruncate *bool `json:"enable_truncate,omitempty" hcl:"enable_truncate" mapstructure:"enable_truncate"` 545 MaxStale *string `json:"max_stale,omitempty" hcl:"max_stale" mapstructure:"max_stale"` 546 NodeTTL *string `json:"node_ttl,omitempty" hcl:"node_ttl" mapstructure:"node_ttl"` 547 OnlyPassing *bool `json:"only_passing,omitempty" hcl:"only_passing" mapstructure:"only_passing"` 548 RecursorTimeout *string `json:"recursor_timeout,omitempty" hcl:"recursor_timeout" mapstructure:"recursor_timeout"` 549 ServiceTTL map[string]string `json:"service_ttl,omitempty" hcl:"service_ttl" mapstructure:"service_ttl"` 550 UDPAnswerLimit *int `json:"udp_answer_limit,omitempty" hcl:"udp_answer_limit" mapstructure:"udp_answer_limit"` 551 NodeMetaTXT *bool `json:"enable_additional_node_meta_txt,omitempty" hcl:"enable_additional_node_meta_txt" mapstructure:"enable_additional_node_meta_txt"` 552 SOA *SOA `json:"soa,omitempty" hcl:"soa" mapstructure:"soa"` 553 UseCache *bool `json:"use_cache,omitempty" hcl:"use_cache" mapstructure:"use_cache"` 554 CacheMaxAge *string `json:"cache_max_age,omitempty" hcl:"cache_max_age" mapstructure:"cache_max_age"` 555 556 // Enterprise Only 557 PreferNamespace *bool `json:"prefer_namespace,omitempty" hcl:"prefer_namespace" mapstructure:"prefer_namespace"` 558} 559 560type HTTPConfig struct { 561 BlockEndpoints []string `json:"block_endpoints,omitempty" hcl:"block_endpoints" mapstructure:"block_endpoints"` 562 AllowWriteHTTPFrom []string `json:"allow_write_http_from,omitempty" hcl:"allow_write_http_from" mapstructure:"allow_write_http_from"` 563 ResponseHeaders map[string]string `json:"response_headers,omitempty" hcl:"response_headers" mapstructure:"response_headers"` 564 UseCache *bool `json:"use_cache,omitempty" hcl:"use_cache" mapstructure:"use_cache"` 565} 566 567type Performance struct { 568 LeaveDrainTime *string `json:"leave_drain_time,omitempty" hcl:"leave_drain_time" mapstructure:"leave_drain_time"` 569 RaftMultiplier *int `json:"raft_multiplier,omitempty" hcl:"raft_multiplier" mapstructure:"raft_multiplier"` // todo(fs): validate as uint 570 RPCHoldTimeout *string `json:"rpc_hold_timeout" hcl:"rpc_hold_timeout" mapstructure:"rpc_hold_timeout"` 571} 572 573type Telemetry struct { 574 CirconusAPIApp *string `json:"circonus_api_app,omitempty" hcl:"circonus_api_app" mapstructure:"circonus_api_app"` 575 CirconusAPIToken *string `json:"circonus_api_token,omitempty" hcl:"circonus_api_token" mapstructure:"circonus_api_token"` 576 CirconusAPIURL *string `json:"circonus_api_url,omitempty" hcl:"circonus_api_url" mapstructure:"circonus_api_url"` 577 CirconusBrokerID *string `json:"circonus_broker_id,omitempty" hcl:"circonus_broker_id" mapstructure:"circonus_broker_id"` 578 CirconusBrokerSelectTag *string `json:"circonus_broker_select_tag,omitempty" hcl:"circonus_broker_select_tag" mapstructure:"circonus_broker_select_tag"` 579 CirconusCheckDisplayName *string `json:"circonus_check_display_name,omitempty" hcl:"circonus_check_display_name" mapstructure:"circonus_check_display_name"` 580 CirconusCheckForceMetricActivation *string `json:"circonus_check_force_metric_activation,omitempty" hcl:"circonus_check_force_metric_activation" mapstructure:"circonus_check_force_metric_activation"` 581 CirconusCheckID *string `json:"circonus_check_id,omitempty" hcl:"circonus_check_id" mapstructure:"circonus_check_id"` 582 CirconusCheckInstanceID *string `json:"circonus_check_instance_id,omitempty" hcl:"circonus_check_instance_id" mapstructure:"circonus_check_instance_id"` 583 CirconusCheckSearchTag *string `json:"circonus_check_search_tag,omitempty" hcl:"circonus_check_search_tag" mapstructure:"circonus_check_search_tag"` 584 CirconusCheckTags *string `json:"circonus_check_tags,omitempty" hcl:"circonus_check_tags" mapstructure:"circonus_check_tags"` 585 CirconusSubmissionInterval *string `json:"circonus_submission_interval,omitempty" hcl:"circonus_submission_interval" mapstructure:"circonus_submission_interval"` 586 CirconusSubmissionURL *string `json:"circonus_submission_url,omitempty" hcl:"circonus_submission_url" mapstructure:"circonus_submission_url"` 587 DisableHostname *bool `json:"disable_hostname,omitempty" hcl:"disable_hostname" mapstructure:"disable_hostname"` 588 DogstatsdAddr *string `json:"dogstatsd_addr,omitempty" hcl:"dogstatsd_addr" mapstructure:"dogstatsd_addr"` 589 DogstatsdTags []string `json:"dogstatsd_tags,omitempty" hcl:"dogstatsd_tags" mapstructure:"dogstatsd_tags"` 590 FilterDefault *bool `json:"filter_default,omitempty" hcl:"filter_default" mapstructure:"filter_default"` 591 PrefixFilter []string `json:"prefix_filter,omitempty" hcl:"prefix_filter" mapstructure:"prefix_filter"` 592 MetricsPrefix *string `json:"metrics_prefix,omitempty" hcl:"metrics_prefix" mapstructure:"metrics_prefix"` 593 PrometheusRetentionTime *string `json:"prometheus_retention_time,omitempty" hcl:"prometheus_retention_time" mapstructure:"prometheus_retention_time"` 594 StatsdAddr *string `json:"statsd_address,omitempty" hcl:"statsd_address" mapstructure:"statsd_address"` 595 StatsiteAddr *string `json:"statsite_address,omitempty" hcl:"statsite_address" mapstructure:"statsite_address"` 596} 597 598type Ports struct { 599 DNS *int `json:"dns,omitempty" hcl:"dns" mapstructure:"dns"` 600 HTTP *int `json:"http,omitempty" hcl:"http" mapstructure:"http"` 601 HTTPS *int `json:"https,omitempty" hcl:"https" mapstructure:"https"` 602 SerfLAN *int `json:"serf_lan,omitempty" hcl:"serf_lan" mapstructure:"serf_lan"` 603 SerfWAN *int `json:"serf_wan,omitempty" hcl:"serf_wan" mapstructure:"serf_wan"` 604 Server *int `json:"server,omitempty" hcl:"server" mapstructure:"server"` 605 GRPC *int `json:"grpc,omitempty" hcl:"grpc" mapstructure:"grpc"` 606 ProxyMinPort *int `json:"proxy_min_port,omitempty" hcl:"proxy_min_port" mapstructure:"proxy_min_port"` 607 ProxyMaxPort *int `json:"proxy_max_port,omitempty" hcl:"proxy_max_port" mapstructure:"proxy_max_port"` 608 SidecarMinPort *int `json:"sidecar_min_port,omitempty" hcl:"sidecar_min_port" mapstructure:"sidecar_min_port"` 609 SidecarMaxPort *int `json:"sidecar_max_port,omitempty" hcl:"sidecar_max_port" mapstructure:"sidecar_max_port"` 610 ExposeMinPort *int `json:"expose_min_port,omitempty" hcl:"expose_min_port" mapstructure:"expose_min_port"` 611 ExposeMaxPort *int `json:"expose_max_port,omitempty" hcl:"expose_max_port" mapstructure:"expose_max_port"` 612} 613 614type UnixSocket struct { 615 Group *string `json:"group,omitempty" hcl:"group" mapstructure:"group"` 616 Mode *string `json:"mode,omitempty" hcl:"mode" mapstructure:"mode"` 617 User *string `json:"user,omitempty" hcl:"user" mapstructure:"user"` 618} 619 620type Limits struct { 621 HTTPMaxConnsPerClient *int `json:"http_max_conns_per_client,omitempty" hcl:"http_max_conns_per_client" mapstructure:"http_max_conns_per_client"` 622 HTTPSHandshakeTimeout *string `json:"https_handshake_timeout,omitempty" hcl:"https_handshake_timeout" mapstructure:"https_handshake_timeout"` 623 RPCHandshakeTimeout *string `json:"rpc_handshake_timeout,omitempty" hcl:"rpc_handshake_timeout" mapstructure:"rpc_handshake_timeout"` 624 RPCMaxBurst *int `json:"rpc_max_burst,omitempty" hcl:"rpc_max_burst" mapstructure:"rpc_max_burst"` 625 RPCMaxConnsPerClient *int `json:"rpc_max_conns_per_client,omitempty" hcl:"rpc_max_conns_per_client" mapstructure:"rpc_max_conns_per_client"` 626 RPCRate *float64 `json:"rpc_rate,omitempty" hcl:"rpc_rate" mapstructure:"rpc_rate"` 627 KVMaxValueSize *uint64 `json:"kv_max_value_size,omitempty" hcl:"kv_max_value_size" mapstructure:"kv_max_value_size"` 628 TxnMaxReqLen *uint64 `json:"txn_max_req_len,omitempty" hcl:"txn_max_req_len" mapstructure:"txn_max_req_len"` 629} 630 631type Segment struct { 632 Advertise *string `json:"advertise,omitempty" hcl:"advertise" mapstructure:"advertise"` 633 Bind *string `json:"bind,omitempty" hcl:"bind" mapstructure:"bind"` 634 Name *string `json:"name,omitempty" hcl:"name" mapstructure:"name"` 635 Port *int `json:"port,omitempty" hcl:"port" mapstructure:"port"` 636 RPCListener *bool `json:"rpc_listener,omitempty" hcl:"rpc_listener" mapstructure:"rpc_listener"` 637} 638 639type ACL struct { 640 Enabled *bool `json:"enabled,omitempty" hcl:"enabled" mapstructure:"enabled"` 641 TokenReplication *bool `json:"enable_token_replication,omitempty" hcl:"enable_token_replication" mapstructure:"enable_token_replication"` 642 PolicyTTL *string `json:"policy_ttl,omitempty" hcl:"policy_ttl" mapstructure:"policy_ttl"` 643 RoleTTL *string `json:"role_ttl,omitempty" hcl:"role_ttl" mapstructure:"role_ttl"` 644 TokenTTL *string `json:"token_ttl,omitempty" hcl:"token_ttl" mapstructure:"token_ttl"` 645 DownPolicy *string `json:"down_policy,omitempty" hcl:"down_policy" mapstructure:"down_policy"` 646 DefaultPolicy *string `json:"default_policy,omitempty" hcl:"default_policy" mapstructure:"default_policy"` 647 EnableKeyListPolicy *bool `json:"enable_key_list_policy,omitempty" hcl:"enable_key_list_policy" mapstructure:"enable_key_list_policy"` 648 Tokens Tokens `json:"tokens,omitempty" hcl:"tokens" mapstructure:"tokens"` 649 DisabledTTL *string `json:"disabled_ttl,omitempty" hcl:"disabled_ttl" mapstructure:"disabled_ttl"` 650 EnableTokenPersistence *bool `json:"enable_token_persistence" hcl:"enable_token_persistence" mapstructure:"enable_token_persistence"` 651 652 // Enterprise Only 653 MSPDisableBootstrap *bool `json:"msp_disable_bootstrap" hcl:"msp_disable_bootstrap" mapstructure:"msp_disable_bootstrap"` 654} 655 656type Tokens struct { 657 Master *string `json:"master,omitempty" hcl:"master" mapstructure:"master"` 658 Replication *string `json:"replication,omitempty" hcl:"replication" mapstructure:"replication"` 659 AgentMaster *string `json:"agent_master,omitempty" hcl:"agent_master" mapstructure:"agent_master"` 660 Default *string `json:"default,omitempty" hcl:"default" mapstructure:"default"` 661 Agent *string `json:"agent,omitempty" hcl:"agent" mapstructure:"agent"` 662 663 // Enterprise Only 664 ManagedServiceProvider []ServiceProviderToken `json:"managed_service_provider,omitempty" hcl:"managed_service_provider" mapstructure:"managed_service_provider"` 665} 666 667// ServiceProviderToken groups an accessor and secret for a service provider token. Enterprise Only 668type ServiceProviderToken struct { 669 AccessorID *string `json:"accessor_id,omitempty" hcl:"accessor_id" mapstructure:"accessor_id"` 670 SecretID *string `json:"secret_id,omitempty" hcl:"secret_id" mapstructure:"secret_id"` 671} 672 673type ConfigEntries struct { 674 // Bootstrap is the list of config_entries that should only be persisted to 675 // cluster on initial startup of a new leader if no such config exists 676 // already. The type is map not structs.ConfigEntry for decoding reasons - we 677 // need to figure out the right concrete type before we can decode it 678 // unabiguously. 679 Bootstrap []map[string]interface{} `json:"bootstrap,omitempty" hcl:"bootstrap" mapstructure:"bootstrap"` 680} 681 682// Audit allows us to enable and define destinations for auditing 683type Audit struct { 684 Enabled *bool `json:"enabled,omitempty" hcl:"enabled" mapstructure:"enabled"` 685 Sinks map[string]AuditSink `json:"sink,omitempty" hcl:"sink" mapstructure:"sink"` 686} 687 688// AuditSink can be provided multiple times to define pipelines for auditing 689type AuditSink struct { 690 Name *string `json:"name,omitempty" hcl:"name" mapstructure:"name"` 691 Type *string `json:"type,omitempty" hcl:"type" mapstructure:"type"` 692 Format *string `json:"format,omitempty" hcl:"format" mapstructure:"format"` 693 Path *string `json:"path,omitempty" hcl:"path" mapstructure:"path"` 694 DeliveryGuarantee *string `json:"delivery_guarantee,omitempty" hcl:"delivery_guarantee" mapstructure:"delivery_guarantee"` 695 RotateBytes *int `json:"rotate_bytes,omitempty" hcl:"rotate_bytes" mapstructure:"rotate_bytes"` 696 RotateDuration *string `json:"rotate_duration,omitempty" hcl:"rotate_duration" mapstructure:"rotate_duration"` 697 RotateMaxFiles *int `json:"rotate_max_files,omitempty" hcl:"rotate_max_files" mapstructure:"rotate_max_files"` 698} 699 700type AutoConfigRaw struct { 701 Enabled *bool `json:"enabled,omitempty" hcl:"enabled" mapstructure:"enabled"` 702 IntroToken *string `json:"intro_token,omitempty" hcl:"intro_token" mapstructure:"intro_token"` 703 IntroTokenFile *string `json:"intro_token_file,omitempty" hcl:"intro_token_file" mapstructure:"intro_token_file"` 704 ServerAddresses []string `json:"server_addresses,omitempty" hcl:"server_addresses" mapstructure:"server_addresses"` 705 DNSSANs []string `json:"dns_sans,omitempty" hcl:"dns_sans" mapstructure:"dns_sans"` 706 IPSANs []string `json:"ip_sans,omitempty" hcl:"ip_sans" mapstructure:"ip_sans"` 707 Authorization AutoConfigAuthorizationRaw `json:"authorization,omitempty" hcl:"authorization" mapstructure:"authorization"` 708} 709 710type AutoConfigAuthorizationRaw struct { 711 Enabled *bool `json:"enabled,omitempty" hcl:"enabled" mapstructure:"enabled"` 712 Static AutoConfigAuthorizerRaw `json:"static,omitempty" hcl:"static" mapstructure:"static"` 713} 714 715type AutoConfigAuthorizerRaw struct { 716 ClaimAssertions []string `json:"claim_assertions,omitempty" hcl:"claim_assertions" mapstructure:"claim_assertions"` 717 AllowReuse *bool `json:"allow_reuse,omitempty" hcl:"allow_reuse" mapstructure:"allow_reuse"` 718 719 // Fields to be shared with the JWT Auth Method 720 JWTSupportedAlgs []string `json:"jwt_supported_algs,omitempty" hcl:"jwt_supported_algs" mapstructure:"jwt_supported_algs"` 721 BoundAudiences []string `json:"bound_audiences,omitempty" hcl:"bound_audiences" mapstructure:"bound_audiences"` 722 ClaimMappings map[string]string `json:"claim_mappings,omitempty" hcl:"claim_mappings" mapstructure:"claim_mappings"` 723 ListClaimMappings map[string]string `json:"list_claim_mappings,omitempty" hcl:"list_claim_mappings" mapstructure:"list_claim_mappings"` 724 OIDCDiscoveryURL *string `json:"oidc_discovery_url,omitempty" hcl:"oidc_discovery_url" mapstructure:"oidc_discovery_url"` 725 OIDCDiscoveryCACert *string `json:"oidc_discovery_ca_cert,omitempty" hcl:"oidc_discovery_ca_cert" mapstructure:"oidc_discovery_ca_cert"` 726 JWKSURL *string `json:"jwks_url,omitempty" hcl:"jwks_url" mapstructure:"jwks_url"` 727 JWKSCACert *string `json:"jwks_ca_cert,omitempty" hcl:"jwks_ca_cert" mapstructure:"jwks_ca_cert"` 728 JWTValidationPubKeys []string `json:"jwt_validation_pub_keys,omitempty" hcl:"jwt_validation_pub_keys" mapstructure:"jwt_validation_pub_keys"` 729 BoundIssuer *string `json:"bound_issuer,omitempty" hcl:"bound_issuer" mapstructure:"bound_issuer"` 730 ExpirationLeeway *string `json:"expiration_leeway,omitempty" hcl:"expiration_leeway" mapstructure:"expiration_leeway"` 731 NotBeforeLeeway *string `json:"not_before_leeway,omitempty" hcl:"not_before_leeway" mapstructure:"not_before_leeway"` 732 ClockSkewLeeway *string `json:"clock_skew_leeway,omitempty" hcl:"clock_skew_leeway" mapstructure:"clock_skew_leeway"` 733} 734