1package config 2 3import ( 4 "encoding/json" 5 "fmt" 6 "strings" 7 8 multierror "github.com/hashicorp/go-multierror" 9 "github.com/hashicorp/hcl" 10 "github.com/mitchellh/mapstructure" 11) 12 13const ( 14 SerfLANKeyring = "serf/local.keyring" 15 SerfWANKeyring = "serf/remote.keyring" 16) 17 18type Source struct { 19 Name string 20 Format string 21 Data string 22} 23 24func FormatFrom(name string) string { 25 switch { 26 case strings.HasSuffix(name, ".json"): 27 return "json" 28 case strings.HasSuffix(name, ".hcl"): 29 return "hcl" 30 default: 31 return "" 32 } 33} 34 35// Parse parses a config fragment in either JSON or HCL format. 36func Parse(data string, format string) (c Config, err error) { 37 var raw map[string]interface{} 38 switch format { 39 case "json": 40 err = json.Unmarshal([]byte(data), &raw) 41 case "hcl": 42 err = hcl.Decode(&raw, data) 43 default: 44 err = fmt.Errorf("invalid format: %s", format) 45 } 46 if err != nil { 47 return Config{}, err 48 } 49 50 // We want to be able to report fields which we cannot map as an 51 // error so that users find typos in their configuration quickly. To 52 // achieve this we use the mapstructure library which maps a a raw 53 // map[string]interface{} to a nested structure and reports unused 54 // fields. The input for a mapstructure.Decode expects a 55 // map[string]interface{} as produced by encoding/json. 56 // 57 // The HCL language allows to repeat map keys which forces it to 58 // store nested structs as []map[string]interface{} instead of 59 // map[string]interface{}. This is an ambiguity which makes the 60 // generated structures incompatible with a corresponding JSON 61 // struct. It also does not work well with the mapstructure library. 62 // 63 // In order to still use the mapstructure library to find unused 64 // fields we patch instances of []map[string]interface{} to a 65 // map[string]interface{} before we decode that into a Config 66 // struct. 67 // 68 // However, Config has some fields which are either 69 // []map[string]interface{} or are arrays of structs which 70 // encoding/json will decode to []map[string]interface{}. Therefore, 71 // we need to be able to specify exceptions for this mapping. The 72 // patchSliceOfMaps() implements that mapping. All fields of type 73 // []map[string]interface{} are mapped to map[string]interface{} if 74 // it contains at most one value. If there is more than one value it 75 // panics. To define exceptions one can specify the nested field 76 // names in dot notation. 77 // 78 // todo(fs): There might be an easier way to achieve the same thing 79 // todo(fs): but this approach works for now. 80 m := patchSliceOfMaps(raw, []string{ 81 "checks", 82 "segments", 83 "service.checks", 84 "services", 85 "services.checks", 86 "watches", 87 "service.connect.proxy.config.upstreams", // Deprecated 88 "services.connect.proxy.config.upstreams", // Deprecated 89 "service.connect.proxy.upstreams", 90 "services.connect.proxy.upstreams", 91 "service.proxy.upstreams", 92 "services.proxy.upstreams", 93 94 // Need all the service(s) exceptions also for nested sidecar service except 95 // managed proxy which is explicitly not supported there. 96 "service.connect.sidecar_service.checks", 97 "services.connect.sidecar_service.checks", 98 "service.connect.sidecar_service.proxy.upstreams", 99 "services.connect.sidecar_service.proxy.upstreams", 100 }) 101 102 // There is a difference of representation of some fields depending on 103 // where they are used. The HTTP API uses CamelCase whereas the config 104 // files use snake_case and between the two there is no automatic mapping. 105 // While the JSON and HCL parsers match keys without case (both `id` and 106 // `ID` are mapped to an ID field) the same thing does not happen between 107 // CamelCase and snake_case. Since changing either format would break 108 // existing setups we have to support both and slowly transition to one of 109 // the formats. Also, there is at least one case where we use the "wrong" 110 // key and want to map that to the new key to support deprecation - 111 // see [GH-3179]. TranslateKeys maps potentially CamelCased values to the 112 // snake_case that is used in the config file parser. If both the CamelCase 113 // and snake_case values are set the snake_case value is used and the other 114 // value is discarded. 115 TranslateKeys(m, map[string]string{ 116 "deregistercriticalserviceafter": "deregister_critical_service_after", 117 "dockercontainerid": "docker_container_id", 118 "scriptargs": "args", 119 "serviceid": "service_id", 120 "tlsskipverify": "tls_skip_verify", 121 }) 122 123 var md mapstructure.Metadata 124 d, err := mapstructure.NewDecoder(&mapstructure.DecoderConfig{ 125 Metadata: &md, 126 Result: &c, 127 }) 128 if err != nil { 129 return Config{}, err 130 } 131 if err := d.Decode(m); err != nil { 132 return Config{}, err 133 } 134 for _, k := range md.Unused { 135 err = multierror.Append(err, fmt.Errorf("invalid config key %s", k)) 136 } 137 return 138} 139 140// Config defines the format of a configuration file in either JSON or 141// HCL format. 142// 143// It must contain only pointer values, slices and maps to support 144// standardized merging of multiple Config structs into one. 145// 146// Since this is the format which users use to specify their 147// configuration it should be treated as an external API which cannot be 148// changed and refactored at will since this will break existing setups. 149type Config struct { 150 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza 151 ACLAgentMasterToken *string `json:"acl_agent_master_token,omitempty" hcl:"acl_agent_master_token" mapstructure:"acl_agent_master_token"` 152 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza 153 ACLAgentToken *string `json:"acl_agent_token,omitempty" hcl:"acl_agent_token" mapstructure:"acl_agent_token"` 154 // DEPRECATED (ACL-Legacy-Compat) - moved to "primary_datacenter" 155 ACLDatacenter *string `json:"acl_datacenter,omitempty" hcl:"acl_datacenter" mapstructure:"acl_datacenter"` 156 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza 157 ACLDefaultPolicy *string `json:"acl_default_policy,omitempty" hcl:"acl_default_policy" mapstructure:"acl_default_policy"` 158 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza 159 ACLDownPolicy *string `json:"acl_down_policy,omitempty" hcl:"acl_down_policy" mapstructure:"acl_down_policy"` 160 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza 161 ACLEnableKeyListPolicy *bool `json:"acl_enable_key_list_policy,omitempty" hcl:"acl_enable_key_list_policy" mapstructure:"acl_enable_key_list_policy"` 162 // DEPRECATED (ACL-Legacy-Compat) - pre-version8 enforcement is deprecated. 163 ACLEnforceVersion8 *bool `json:"acl_enforce_version_8,omitempty" hcl:"acl_enforce_version_8" mapstructure:"acl_enforce_version_8"` 164 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza 165 ACLMasterToken *string `json:"acl_master_token,omitempty" hcl:"acl_master_token" mapstructure:"acl_master_token"` 166 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza 167 ACLReplicationToken *string `json:"acl_replication_token,omitempty" hcl:"acl_replication_token" mapstructure:"acl_replication_token"` 168 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza 169 ACLTTL *string `json:"acl_ttl,omitempty" hcl:"acl_ttl" mapstructure:"acl_ttl"` 170 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza 171 ACLToken *string `json:"acl_token,omitempty" hcl:"acl_token" mapstructure:"acl_token"` 172 ACL ACL `json:"acl,omitempty" hcl:"acl" mapstructure:"acl"` 173 Addresses Addresses `json:"addresses,omitempty" hcl:"addresses" mapstructure:"addresses"` 174 AdvertiseAddrLAN *string `json:"advertise_addr,omitempty" hcl:"advertise_addr" mapstructure:"advertise_addr"` 175 AdvertiseAddrWAN *string `json:"advertise_addr_wan,omitempty" hcl:"advertise_addr_wan" mapstructure:"advertise_addr_wan"` 176 Autopilot Autopilot `json:"autopilot,omitempty" hcl:"autopilot" mapstructure:"autopilot"` 177 BindAddr *string `json:"bind_addr,omitempty" hcl:"bind_addr" mapstructure:"bind_addr"` 178 Bootstrap *bool `json:"bootstrap,omitempty" hcl:"bootstrap" mapstructure:"bootstrap"` 179 BootstrapExpect *int `json:"bootstrap_expect,omitempty" hcl:"bootstrap_expect" mapstructure:"bootstrap_expect"` 180 CAFile *string `json:"ca_file,omitempty" hcl:"ca_file" mapstructure:"ca_file"` 181 CAPath *string `json:"ca_path,omitempty" hcl:"ca_path" mapstructure:"ca_path"` 182 CertFile *string `json:"cert_file,omitempty" hcl:"cert_file" mapstructure:"cert_file"` 183 Check *CheckDefinition `json:"check,omitempty" hcl:"check" mapstructure:"check"` // needs to be a pointer to avoid partial merges 184 CheckUpdateInterval *string `json:"check_update_interval,omitempty" hcl:"check_update_interval" mapstructure:"check_update_interval"` 185 Checks []CheckDefinition `json:"checks,omitempty" hcl:"checks" mapstructure:"checks"` 186 ClientAddr *string `json:"client_addr,omitempty" hcl:"client_addr" mapstructure:"client_addr"` 187 Connect Connect `json:"connect,omitempty" hcl:"connect" mapstructure:"connect"` 188 DNS DNS `json:"dns_config,omitempty" hcl:"dns_config" mapstructure:"dns_config"` 189 DNSDomain *string `json:"domain,omitempty" hcl:"domain" mapstructure:"domain"` 190 DNSRecursors []string `json:"recursors,omitempty" hcl:"recursors" mapstructure:"recursors"` 191 DataDir *string `json:"data_dir,omitempty" hcl:"data_dir" mapstructure:"data_dir"` 192 Datacenter *string `json:"datacenter,omitempty" hcl:"datacenter" mapstructure:"datacenter"` 193 DisableAnonymousSignature *bool `json:"disable_anonymous_signature,omitempty" hcl:"disable_anonymous_signature" mapstructure:"disable_anonymous_signature"` 194 DisableCoordinates *bool `json:"disable_coordinates,omitempty" hcl:"disable_coordinates" mapstructure:"disable_coordinates"` 195 DisableHostNodeID *bool `json:"disable_host_node_id,omitempty" hcl:"disable_host_node_id" mapstructure:"disable_host_node_id"` 196 DisableHTTPUnprintableCharFilter *bool `json:"disable_http_unprintable_char_filter,omitempty" hcl:"disable_http_unprintable_char_filter" mapstructure:"disable_http_unprintable_char_filter"` 197 DisableKeyringFile *bool `json:"disable_keyring_file,omitempty" hcl:"disable_keyring_file" mapstructure:"disable_keyring_file"` 198 DisableRemoteExec *bool `json:"disable_remote_exec,omitempty" hcl:"disable_remote_exec" mapstructure:"disable_remote_exec"` 199 DisableUpdateCheck *bool `json:"disable_update_check,omitempty" hcl:"disable_update_check" mapstructure:"disable_update_check"` 200 DiscardCheckOutput *bool `json:"discard_check_output" hcl:"discard_check_output" mapstructure:"discard_check_output"` 201 DiscoveryMaxStale *string `json:"discovery_max_stale" hcl:"discovery_max_stale" mapstructure:"discovery_max_stale"` 202 EnableACLReplication *bool `json:"enable_acl_replication,omitempty" hcl:"enable_acl_replication" mapstructure:"enable_acl_replication"` 203 EnableAgentTLSForChecks *bool `json:"enable_agent_tls_for_checks,omitempty" hcl:"enable_agent_tls_for_checks" mapstructure:"enable_agent_tls_for_checks"` 204 EnableDebug *bool `json:"enable_debug,omitempty" hcl:"enable_debug" mapstructure:"enable_debug"` 205 EnableScriptChecks *bool `json:"enable_script_checks,omitempty" hcl:"enable_script_checks" mapstructure:"enable_script_checks"` 206 EnableLocalScriptChecks *bool `json:"enable_local_script_checks,omitempty" hcl:"enable_local_script_checks" mapstructure:"enable_local_script_checks"` 207 EnableSyslog *bool `json:"enable_syslog,omitempty" hcl:"enable_syslog" mapstructure:"enable_syslog"` 208 EncryptKey *string `json:"encrypt,omitempty" hcl:"encrypt" mapstructure:"encrypt"` 209 EncryptVerifyIncoming *bool `json:"encrypt_verify_incoming,omitempty" hcl:"encrypt_verify_incoming" mapstructure:"encrypt_verify_incoming"` 210 EncryptVerifyOutgoing *bool `json:"encrypt_verify_outgoing,omitempty" hcl:"encrypt_verify_outgoing" mapstructure:"encrypt_verify_outgoing"` 211 GossipLAN GossipLANConfig `json:"gossip_lan,omitempty" hcl:"gossip_lan" mapstructure:"gossip_lan"` 212 GossipWAN GossipWANConfig `json:"gossip_wan,omitempty" hcl:"gossip_wan" mapstructure:"gossip_wan"` 213 HTTPConfig HTTPConfig `json:"http_config,omitempty" hcl:"http_config" mapstructure:"http_config"` 214 KeyFile *string `json:"key_file,omitempty" hcl:"key_file" mapstructure:"key_file"` 215 LeaveOnTerm *bool `json:"leave_on_terminate,omitempty" hcl:"leave_on_terminate" mapstructure:"leave_on_terminate"` 216 Limits Limits `json:"limits,omitempty" hcl:"limits" mapstructure:"limits"` 217 LogLevel *string `json:"log_level,omitempty" hcl:"log_level" mapstructure:"log_level"` 218 LogFile *string `json:"log_file,omitempty" hcl:"log_file" mapstructure:"log_file"` 219 LogRotateDuration *string `json:"log_rotate_duration,omitempty" hcl:"log_rotate_duration" mapstructure:"log_rotate_duration"` 220 LogRotateBytes *int `json:"log_rotate_bytes,omitempty" hcl:"log_rotate_bytes" mapstructure:"log_rotate_bytes"` 221 NodeID *string `json:"node_id,omitempty" hcl:"node_id" mapstructure:"node_id"` 222 NodeMeta map[string]string `json:"node_meta,omitempty" hcl:"node_meta" mapstructure:"node_meta"` 223 NodeName *string `json:"node_name,omitempty" hcl:"node_name" mapstructure:"node_name"` 224 NonVotingServer *bool `json:"non_voting_server,omitempty" hcl:"non_voting_server" mapstructure:"non_voting_server"` 225 Performance Performance `json:"performance,omitempty" hcl:"performance" mapstructure:"performance"` 226 PidFile *string `json:"pid_file,omitempty" hcl:"pid_file" mapstructure:"pid_file"` 227 Ports Ports `json:"ports,omitempty" hcl:"ports" mapstructure:"ports"` 228 PrimaryDatacenter *string `json:"primary_datacenter,omitempty" hcl:"primary_datacenter" mapstructure:"primary_datacenter"` 229 RPCProtocol *int `json:"protocol,omitempty" hcl:"protocol" mapstructure:"protocol"` 230 RaftProtocol *int `json:"raft_protocol,omitempty" hcl:"raft_protocol" mapstructure:"raft_protocol"` 231 RaftSnapshotThreshold *int `json:"raft_snapshot_threshold,omitempty" hcl:"raft_snapshot_threshold" mapstructure:"raft_snapshot_threshold"` 232 RaftSnapshotInterval *string `json:"raft_snapshot_interval,omitempty" hcl:"raft_snapshot_interval" mapstructure:"raft_snapshot_interval"` 233 ReconnectTimeoutLAN *string `json:"reconnect_timeout,omitempty" hcl:"reconnect_timeout" mapstructure:"reconnect_timeout"` 234 ReconnectTimeoutWAN *string `json:"reconnect_timeout_wan,omitempty" hcl:"reconnect_timeout_wan" mapstructure:"reconnect_timeout_wan"` 235 RejoinAfterLeave *bool `json:"rejoin_after_leave,omitempty" hcl:"rejoin_after_leave" mapstructure:"rejoin_after_leave"` 236 RetryJoinIntervalLAN *string `json:"retry_interval,omitempty" hcl:"retry_interval" mapstructure:"retry_interval"` 237 RetryJoinIntervalWAN *string `json:"retry_interval_wan,omitempty" hcl:"retry_interval_wan" mapstructure:"retry_interval_wan"` 238 RetryJoinLAN []string `json:"retry_join,omitempty" hcl:"retry_join" mapstructure:"retry_join"` 239 RetryJoinMaxAttemptsLAN *int `json:"retry_max,omitempty" hcl:"retry_max" mapstructure:"retry_max"` 240 RetryJoinMaxAttemptsWAN *int `json:"retry_max_wan,omitempty" hcl:"retry_max_wan" mapstructure:"retry_max_wan"` 241 RetryJoinWAN []string `json:"retry_join_wan,omitempty" hcl:"retry_join_wan" mapstructure:"retry_join_wan"` 242 SegmentName *string `json:"segment,omitempty" hcl:"segment" mapstructure:"segment"` 243 Segments []Segment `json:"segments,omitempty" hcl:"segments" mapstructure:"segments"` 244 SerfBindAddrLAN *string `json:"serf_lan,omitempty" hcl:"serf_lan" mapstructure:"serf_lan"` 245 SerfBindAddrWAN *string `json:"serf_wan,omitempty" hcl:"serf_wan" mapstructure:"serf_wan"` 246 ServerMode *bool `json:"server,omitempty" hcl:"server" mapstructure:"server"` 247 ServerName *string `json:"server_name,omitempty" hcl:"server_name" mapstructure:"server_name"` 248 Service *ServiceDefinition `json:"service,omitempty" hcl:"service" mapstructure:"service"` 249 Services []ServiceDefinition `json:"services,omitempty" hcl:"services" mapstructure:"services"` 250 SessionTTLMin *string `json:"session_ttl_min,omitempty" hcl:"session_ttl_min" mapstructure:"session_ttl_min"` 251 SkipLeaveOnInt *bool `json:"skip_leave_on_interrupt,omitempty" hcl:"skip_leave_on_interrupt" mapstructure:"skip_leave_on_interrupt"` 252 StartJoinAddrsLAN []string `json:"start_join,omitempty" hcl:"start_join" mapstructure:"start_join"` 253 StartJoinAddrsWAN []string `json:"start_join_wan,omitempty" hcl:"start_join_wan" mapstructure:"start_join_wan"` 254 SyslogFacility *string `json:"syslog_facility,omitempty" hcl:"syslog_facility" mapstructure:"syslog_facility"` 255 TLSCipherSuites *string `json:"tls_cipher_suites,omitempty" hcl:"tls_cipher_suites" mapstructure:"tls_cipher_suites"` 256 TLSMinVersion *string `json:"tls_min_version,omitempty" hcl:"tls_min_version" mapstructure:"tls_min_version"` 257 TLSPreferServerCipherSuites *bool `json:"tls_prefer_server_cipher_suites,omitempty" hcl:"tls_prefer_server_cipher_suites" mapstructure:"tls_prefer_server_cipher_suites"` 258 TaggedAddresses map[string]string `json:"tagged_addresses,omitempty" hcl:"tagged_addresses" mapstructure:"tagged_addresses"` 259 Telemetry Telemetry `json:"telemetry,omitempty" hcl:"telemetry" mapstructure:"telemetry"` 260 TranslateWANAddrs *bool `json:"translate_wan_addrs,omitempty" hcl:"translate_wan_addrs" mapstructure:"translate_wan_addrs"` 261 UI *bool `json:"ui,omitempty" hcl:"ui" mapstructure:"ui"` 262 UIDir *string `json:"ui_dir,omitempty" hcl:"ui_dir" mapstructure:"ui_dir"` 263 UnixSocket UnixSocket `json:"unix_sockets,omitempty" hcl:"unix_sockets" mapstructure:"unix_sockets"` 264 VerifyIncoming *bool `json:"verify_incoming,omitempty" hcl:"verify_incoming" mapstructure:"verify_incoming"` 265 VerifyIncomingHTTPS *bool `json:"verify_incoming_https,omitempty" hcl:"verify_incoming_https" mapstructure:"verify_incoming_https"` 266 VerifyIncomingRPC *bool `json:"verify_incoming_rpc,omitempty" hcl:"verify_incoming_rpc" mapstructure:"verify_incoming_rpc"` 267 VerifyOutgoing *bool `json:"verify_outgoing,omitempty" hcl:"verify_outgoing" mapstructure:"verify_outgoing"` 268 VerifyServerHostname *bool `json:"verify_server_hostname,omitempty" hcl:"verify_server_hostname" mapstructure:"verify_server_hostname"` 269 Watches []map[string]interface{} `json:"watches,omitempty" hcl:"watches" mapstructure:"watches"` 270 271 // This isn't used by Consul but we've documented a feature where users 272 // can deploy their snapshot agent configs alongside their Consul configs 273 // so we have a placeholder here so it can be parsed but this doesn't 274 // manifest itself in any way inside the runtime config. 275 SnapshotAgent map[string]interface{} `json:"snapshot_agent,omitempty" hcl:"snapshot_agent" mapstructure:"snapshot_agent"` 276 277 // non-user configurable values 278 // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza 279 ACLDisabledTTL *string `json:"acl_disabled_ttl,omitempty" hcl:"acl_disabled_ttl" mapstructure:"acl_disabled_ttl"` 280 AEInterval *string `json:"ae_interval,omitempty" hcl:"ae_interval" mapstructure:"ae_interval"` 281 CheckDeregisterIntervalMin *string `json:"check_deregister_interval_min,omitempty" hcl:"check_deregister_interval_min" mapstructure:"check_deregister_interval_min"` 282 CheckReapInterval *string `json:"check_reap_interval,omitempty" hcl:"check_reap_interval" mapstructure:"check_reap_interval"` 283 Consul Consul `json:"consul,omitempty" hcl:"consul" mapstructure:"consul"` 284 Revision *string `json:"revision,omitempty" hcl:"revision" mapstructure:"revision"` 285 SegmentLimit *int `json:"segment_limit,omitempty" hcl:"segment_limit" mapstructure:"segment_limit"` 286 SegmentNameLimit *int `json:"segment_name_limit,omitempty" hcl:"segment_name_limit" mapstructure:"segment_name_limit"` 287 SyncCoordinateIntervalMin *string `json:"sync_coordinate_interval_min,omitempty" hcl:"sync_coordinate_interval_min" mapstructure:"sync_coordinate_interval_min"` 288 SyncCoordinateRateTarget *float64 `json:"sync_coordinate_rate_target,omitempty" hcl:"sync_coordinate_rate_target" mapstructure:"sync_coordinate_rate_target"` 289 Version *string `json:"version,omitempty" hcl:"version" mapstructure:"version"` 290 VersionPrerelease *string `json:"version_prerelease,omitempty" hcl:"version_prerelease" mapstructure:"version_prerelease"` 291} 292 293type GossipLANConfig struct { 294 GossipNodes *int `json:"gossip_nodes,omitempty" hcl:"gossip_nodes" mapstructure:"gossip_nodes"` 295 GossipInterval *string `json:"gossip_interval,omitempty" hcl:"gossip_interval" mapstructure:"gossip_interval"` 296 ProbeInterval *string `json:"probe_interval,omitempty" hcl:"probe_interval" mapstructure:"probe_interval"` 297 ProbeTimeout *string `json:"probe_timeout,omitempty" hcl:"probe_timeout" mapstructure:"probe_timeout"` 298 SuspicionMult *int `json:"suspicion_mult,omitempty" hcl:"suspicion_mult" mapstructure:"suspicion_mult"` 299 RetransmitMult *int `json:"retransmit_mult,omitempty" hcl:"retransmit_mult" mapstructure:"retransmit_mult"` 300} 301 302type GossipWANConfig struct { 303 GossipNodes *int `json:"gossip_nodes,omitempty" hcl:"gossip_nodes" mapstructure:"gossip_nodes"` 304 GossipInterval *string `json:"gossip_interval,omitempty" hcl:"gossip_interval" mapstructure:"gossip_interval"` 305 ProbeInterval *string `json:"probe_interval,omitempty" hcl:"probe_interval" mapstructure:"probe_interval"` 306 ProbeTimeout *string `json:"probe_timeout,omitempty" hcl:"probe_timeout" mapstructure:"probe_timeout"` 307 SuspicionMult *int `json:"suspicion_mult,omitempty" hcl:"suspicion_mult" mapstructure:"suspicion_mult"` 308 RetransmitMult *int `json:"retransmit_mult,omitempty" hcl:"retransmit_mult" mapstructure:"retransmit_mult"` 309} 310 311type Consul struct { 312 Coordinate struct { 313 UpdateBatchSize *int `json:"update_batch_size,omitempty" hcl:"update_batch_size" mapstructure:"update_batch_size"` 314 UpdateMaxBatches *int `json:"update_max_batches,omitempty" hcl:"update_max_batches" mapstructure:"update_max_batches"` 315 UpdatePeriod *string `json:"update_period,omitempty" hcl:"update_period" mapstructure:"update_period"` 316 } `json:"coordinate,omitempty" hcl:"coordinate" mapstructure:"coordinate"` 317 318 Raft struct { 319 ElectionTimeout *string `json:"election_timeout,omitempty" hcl:"election_timeout" mapstructure:"election_timeout"` 320 HeartbeatTimeout *string `json:"heartbeat_timeout,omitempty" hcl:"heartbeat_timeout" mapstructure:"heartbeat_timeout"` 321 LeaderLeaseTimeout *string `json:"leader_lease_timeout,omitempty" hcl:"leader_lease_timeout" mapstructure:"leader_lease_timeout"` 322 } `json:"raft,omitempty" hcl:"raft" mapstructure:"raft"` 323 324 Server struct { 325 HealthInterval *string `json:"health_interval,omitempty" hcl:"health_interval" mapstructure:"health_interval"` 326 } `json:"server,omitempty" hcl:"server" mapstructure:"server"` 327} 328 329type Addresses struct { 330 DNS *string `json:"dns,omitempty" hcl:"dns" mapstructure:"dns"` 331 HTTP *string `json:"http,omitempty" hcl:"http" mapstructure:"http"` 332 HTTPS *string `json:"https,omitempty" hcl:"https" mapstructure:"https"` 333 GRPC *string `json:"grpc,omitempty" hcl:"grpc" mapstructure:"grpc"` 334} 335 336type AdvertiseAddrsConfig struct { 337 RPC *string `json:"rpc,omitempty" hcl:"rpc" mapstructure:"rpc"` 338 SerfLAN *string `json:"serf_lan,omitempty" hcl:"serf_lan" mapstructure:"serf_lan"` 339 SerfWAN *string `json:"serf_wan,omitempty" hcl:"serf_wan" mapstructure:"serf_wan"` 340} 341 342type Autopilot struct { 343 CleanupDeadServers *bool `json:"cleanup_dead_servers,omitempty" hcl:"cleanup_dead_servers" mapstructure:"cleanup_dead_servers"` 344 DisableUpgradeMigration *bool `json:"disable_upgrade_migration,omitempty" hcl:"disable_upgrade_migration" mapstructure:"disable_upgrade_migration"` 345 LastContactThreshold *string `json:"last_contact_threshold,omitempty" hcl:"last_contact_threshold" mapstructure:"last_contact_threshold"` 346 MaxTrailingLogs *int `json:"max_trailing_logs,omitempty" hcl:"max_trailing_logs" mapstructure:"max_trailing_logs"` 347 RedundancyZoneTag *string `json:"redundancy_zone_tag,omitempty" hcl:"redundancy_zone_tag" mapstructure:"redundancy_zone_tag"` 348 ServerStabilizationTime *string `json:"server_stabilization_time,omitempty" hcl:"server_stabilization_time" mapstructure:"server_stabilization_time"` 349 UpgradeVersionTag *string `json:"upgrade_version_tag,omitempty" hcl:"upgrade_version_tag" mapstructure:"upgrade_version_tag"` 350} 351 352// ServiceWeights defines the registration of weights used in DNS for a Service 353type ServiceWeights struct { 354 Passing *int `json:"passing,omitempty" hcl:"passing" mapstructure:"passing"` 355 Warning *int `json:"warning,omitempty" hcl:"warning" mapstructure:"warning"` 356} 357 358type ServiceDefinition struct { 359 Kind *string `json:"kind,omitempty" hcl:"kind" mapstructure:"kind"` 360 ID *string `json:"id,omitempty" hcl:"id" mapstructure:"id"` 361 Name *string `json:"name,omitempty" hcl:"name" mapstructure:"name"` 362 Tags []string `json:"tags,omitempty" hcl:"tags" mapstructure:"tags"` 363 Address *string `json:"address,omitempty" hcl:"address" mapstructure:"address"` 364 Meta map[string]string `json:"meta,omitempty" hcl:"meta" mapstructure:"meta"` 365 Port *int `json:"port,omitempty" hcl:"port" mapstructure:"port"` 366 Check *CheckDefinition `json:"check,omitempty" hcl:"check" mapstructure:"check"` 367 Checks []CheckDefinition `json:"checks,omitempty" hcl:"checks" mapstructure:"checks"` 368 Token *string `json:"token,omitempty" hcl:"token" mapstructure:"token"` 369 Weights *ServiceWeights `json:"weights,omitempty" hcl:"weights" mapstructure:"weights"` 370 EnableTagOverride *bool `json:"enable_tag_override,omitempty" hcl:"enable_tag_override" mapstructure:"enable_tag_override"` 371 // DEPRECATED (ProxyDestination) - remove this when removing ProxyDestination 372 ProxyDestination *string `json:"proxy_destination,omitempty" hcl:"proxy_destination" mapstructure:"proxy_destination"` 373 Proxy *ServiceProxy `json:"proxy,omitempty" hcl:"proxy" mapstructure:"proxy"` 374 Connect *ServiceConnect `json:"connect,omitempty" hcl:"connect" mapstructure:"connect"` 375} 376 377type CheckDefinition struct { 378 ID *string `json:"id,omitempty" hcl:"id" mapstructure:"id"` 379 Name *string `json:"name,omitempty" hcl:"name" mapstructure:"name"` 380 Notes *string `json:"notes,omitempty" hcl:"notes" mapstructure:"notes"` 381 ServiceID *string `json:"service_id,omitempty" hcl:"service_id" mapstructure:"service_id"` 382 Token *string `json:"token,omitempty" hcl:"token" mapstructure:"token"` 383 Status *string `json:"status,omitempty" hcl:"status" mapstructure:"status"` 384 ScriptArgs []string `json:"args,omitempty" hcl:"args" mapstructure:"args"` 385 HTTP *string `json:"http,omitempty" hcl:"http" mapstructure:"http"` 386 Header map[string][]string `json:"header,omitempty" hcl:"header" mapstructure:"header"` 387 Method *string `json:"method,omitempty" hcl:"method" mapstructure:"method"` 388 TCP *string `json:"tcp,omitempty" hcl:"tcp" mapstructure:"tcp"` 389 Interval *string `json:"interval,omitempty" hcl:"interval" mapstructure:"interval"` 390 DockerContainerID *string `json:"docker_container_id,omitempty" hcl:"docker_container_id" mapstructure:"docker_container_id"` 391 Shell *string `json:"shell,omitempty" hcl:"shell" mapstructure:"shell"` 392 GRPC *string `json:"grpc,omitempty" hcl:"grpc" mapstructure:"grpc"` 393 GRPCUseTLS *bool `json:"grpc_use_tls,omitempty" hcl:"grpc_use_tls" mapstructure:"grpc_use_tls"` 394 TLSSkipVerify *bool `json:"tls_skip_verify,omitempty" hcl:"tls_skip_verify" mapstructure:"tls_skip_verify"` 395 AliasNode *string `json:"alias_node,omitempty" hcl:"alias_node" mapstructure:"alias_node"` 396 AliasService *string `json:"alias_service,omitempty" hcl:"alias_service" mapstructure:"alias_service"` 397 Timeout *string `json:"timeout,omitempty" hcl:"timeout" mapstructure:"timeout"` 398 TTL *string `json:"ttl,omitempty" hcl:"ttl" mapstructure:"ttl"` 399 DeregisterCriticalServiceAfter *string `json:"deregister_critical_service_after,omitempty" hcl:"deregister_critical_service_after" mapstructure:"deregister_critical_service_after"` 400} 401 402// ServiceConnect is the connect block within a service registration 403type ServiceConnect struct { 404 // Native is true when this service can natively understand Connect. 405 Native *bool `json:"native,omitempty" hcl:"native" mapstructure:"native"` 406 407 // Proxy configures a connect proxy instance for the service 408 Proxy *ServiceConnectProxy `json:"proxy,omitempty" hcl:"proxy" mapstructure:"proxy"` 409 410 // SidecarService is a nested Service Definition to register at the same time. 411 // It's purely a convenience mechanism to allow specifying a sidecar service 412 // along with the application service definition. It's nested nature allows 413 // all of the fields to be defaulted which can reduce the amount of 414 // boilerplate needed to register a sidecar service separately, but the end 415 // result is identical to just making a second service registration via any 416 // other means. 417 SidecarService *ServiceDefinition `json:"sidecar_service,omitempty" hcl:"sidecar_service" mapstructure:"sidecar_service"` 418} 419 420type ServiceConnectProxy struct { 421 Command []string `json:"command,omitempty" hcl:"command" mapstructure:"command"` 422 ExecMode *string `json:"exec_mode,omitempty" hcl:"exec_mode" mapstructure:"exec_mode"` 423 Config map[string]interface{} `json:"config,omitempty" hcl:"config" mapstructure:"config"` 424 Upstreams []Upstream `json:"upstreams,omitempty" hcl:"upstreams" mapstructure:"upstreams"` 425} 426 427// ServiceProxy is the additional config needed for a Kind = connect-proxy 428// registration. 429type ServiceProxy struct { 430 // DestinationServiceName is required and is the name of the service to accept 431 // traffic for. 432 DestinationServiceName *string `json:"destination_service_name,omitempty" hcl:"destination_service_name" mapstructure:"destination_service_name"` 433 434 // DestinationServiceID is optional and should only be specified for 435 // "side-car" style proxies where the proxy is in front of just a single 436 // instance of the service. It should be set to the service ID of the instance 437 // being represented which must be registered to the same agent. It's valid to 438 // provide a service ID that does not yet exist to avoid timing issues when 439 // bootstrapping a service with a proxy. 440 DestinationServiceID *string `json:"destination_service_id,omitempty" hcl:"destination_service_id" mapstructure:"destination_service_id"` 441 442 // LocalServiceAddress is the address of the local service instance. It is 443 // optional and should only be specified for "side-car" style proxies. It will 444 // default to 127.0.0.1 if the proxy is a "side-car" (DestinationServiceID is 445 // set) but otherwise will be ignored. 446 LocalServiceAddress *string `json:"local_service_address,omitempty" hcl:"local_service_address" mapstructure:"local_service_address"` 447 448 // LocalServicePort is the port of the local service instance. It is optional 449 // and should only be specified for "side-car" style proxies. It will default 450 // to the registered port for the instance if the proxy is a "side-car" 451 // (DestinationServiceID is set) but otherwise will be ignored. 452 LocalServicePort *int `json:"local_service_port,omitempty" hcl:"local_service_port" mapstructure:"local_service_port"` 453 454 // Config is the arbitrary configuration data provided with the proxy 455 // registration. 456 Config map[string]interface{} `json:"config,omitempty" hcl:"config" mapstructure:"config"` 457 458 // Upstreams describes any upstream dependencies the proxy instance should 459 // setup. 460 Upstreams []Upstream `json:"upstreams,omitempty" hcl:"upstreams" mapstructure:"upstreams"` 461} 462 463// Upstream represents a single upstream dependency for a service or proxy. It 464// describes the mechanism used to discover instances to communicate with (the 465// Target) as well as any potential client configuration that may be useful such 466// as load balancer options, timeouts etc. 467type Upstream struct { 468 // Destination fields are the required ones for determining what this upstream 469 // points to. Depending on DestinationType some other fields below might 470 // further restrict the set of instances allowable. 471 // 472 // DestinationType would be better as an int constant but even with custom 473 // JSON marshallers it causes havoc with all the mapstructure mangling we do 474 // on service definitions in various places. 475 DestinationType *string `json:"destination_type,omitempty" hcl:"destination_type" mapstructure:"destination_type"` 476 DestinationNamespace *string `json:"destination_namespace,omitempty" hcl:"destination_namespace" mapstructure:"destination_namespace"` 477 DestinationName *string `json:"destination_name,omitempty" hcl:"destination_name" mapstructure:"destination_name"` 478 479 // Datacenter that the service discovery request should be run against. Note 480 // for prepared queries, the actual results might be from a different 481 // datacenter. 482 Datacenter *string `json:"datacenter,omitempty" hcl:"datacenter" mapstructure:"datacenter"` 483 484 // LocalBindAddress is the ip address a side-car proxy should listen on for 485 // traffic destined for this upstream service. Default if empty is 127.0.0.1. 486 LocalBindAddress *string `json:"local_bind_address,omitempty" hcl:"local_bind_address" mapstructure:"local_bind_address"` 487 488 // LocalBindPort is the ip address a side-car proxy should listen on for traffic 489 // destined for this upstream service. Required. 490 LocalBindPort *int `json:"local_bind_port,omitempty" hcl:"local_bind_port" mapstructure:"local_bind_port"` 491 492 // Config is an opaque config that is specific to the proxy process being run. 493 // It can be used to pass abritrary configuration for this specific upstream 494 // to the proxy. 495 Config map[string]interface{} `json:"config,omitempty" hcl:"config" mapstructure:"config"` 496} 497 498// Connect is the agent-global connect configuration. 499type Connect struct { 500 // Enabled opts the agent into connect. It should be set on all clients and 501 // servers in a cluster for correct connect operation. 502 Enabled *bool `json:"enabled,omitempty" hcl:"enabled" mapstructure:"enabled"` 503 Proxy ConnectProxy `json:"proxy,omitempty" hcl:"proxy" mapstructure:"proxy"` 504 ProxyDefaults ConnectProxyDefaults `json:"proxy_defaults,omitempty" hcl:"proxy_defaults" mapstructure:"proxy_defaults"` 505 CAProvider *string `json:"ca_provider,omitempty" hcl:"ca_provider" mapstructure:"ca_provider"` 506 CAConfig map[string]interface{} `json:"ca_config,omitempty" hcl:"ca_config" mapstructure:"ca_config"` 507} 508 509// ConnectProxy is the agent-global connect proxy configuration. 510type ConnectProxy struct { 511 // Consul will not execute managed proxies if its EUID is 0 (root). 512 // If this is true, then Consul will execute proxies if Consul is 513 // running as root. This is not recommended. 514 AllowManagedRoot *bool `json:"allow_managed_root" hcl:"allow_managed_root" mapstructure:"allow_managed_root"` 515 516 // AllowManagedAPIRegistration enables managed proxy registration 517 // via the agent HTTP API. If this is false, only file configurations 518 // can be used. 519 AllowManagedAPIRegistration *bool `json:"allow_managed_api_registration" hcl:"allow_managed_api_registration" mapstructure:"allow_managed_api_registration"` 520} 521 522// ConnectProxyDefaults is the agent-global defaults for managed Connect proxies. 523type ConnectProxyDefaults struct { 524 // ExecMode is used where a registration doesn't include an exec_mode. 525 // Defaults to daemon. 526 ExecMode *string `json:"exec_mode,omitempty" hcl:"exec_mode" mapstructure:"exec_mode"` 527 // DaemonCommand is used to start proxy in exec_mode = daemon if not specified 528 // at registration time. 529 DaemonCommand []string `json:"daemon_command,omitempty" hcl:"daemon_command" mapstructure:"daemon_command"` 530 // ScriptCommand is used to start proxy in exec_mode = script if not specified 531 // at registration time. 532 ScriptCommand []string `json:"script_command,omitempty" hcl:"script_command" mapstructure:"script_command"` 533 // Config is merged into an Config specified at registration time. 534 Config map[string]interface{} `json:"config,omitempty" hcl:"config" mapstructure:"config"` 535} 536 537// SOA is the configuration of SOA for DNS 538type SOA struct { 539 Refresh *uint32 `json:"refresh,omitempty" hcl:"refresh" mapstructure:"refresh"` 540 Retry *uint32 `json:"retry,omitempty" hcl:"retry" mapstructure:"retry"` 541 Expire *uint32 `json:"expire,omitempty" hcl:"expire" mapstructure:"expire"` 542 Minttl *uint32 `json:"min_ttl,omitempty" hcl:"min_ttl" mapstructure:"min_ttl"` 543} 544 545type DNS struct { 546 AllowStale *bool `json:"allow_stale,omitempty" hcl:"allow_stale" mapstructure:"allow_stale"` 547 ARecordLimit *int `json:"a_record_limit,omitempty" hcl:"a_record_limit" mapstructure:"a_record_limit"` 548 DisableCompression *bool `json:"disable_compression,omitempty" hcl:"disable_compression" mapstructure:"disable_compression"` 549 EnableTruncate *bool `json:"enable_truncate,omitempty" hcl:"enable_truncate" mapstructure:"enable_truncate"` 550 MaxStale *string `json:"max_stale,omitempty" hcl:"max_stale" mapstructure:"max_stale"` 551 NodeTTL *string `json:"node_ttl,omitempty" hcl:"node_ttl" mapstructure:"node_ttl"` 552 OnlyPassing *bool `json:"only_passing,omitempty" hcl:"only_passing" mapstructure:"only_passing"` 553 RecursorTimeout *string `json:"recursor_timeout,omitempty" hcl:"recursor_timeout" mapstructure:"recursor_timeout"` 554 ServiceTTL map[string]string `json:"service_ttl,omitempty" hcl:"service_ttl" mapstructure:"service_ttl"` 555 UDPAnswerLimit *int `json:"udp_answer_limit,omitempty" hcl:"udp_answer_limit" mapstructure:"udp_answer_limit"` 556 NodeMetaTXT *bool `json:"enable_additional_node_meta_txt,omitempty" hcl:"enable_additional_node_meta_txt" mapstructure:"enable_additional_node_meta_txt"` 557 SOA *SOA `json:"soa,omitempty" hcl:"soa" mapstructure:"soa"` 558} 559 560type HTTPConfig struct { 561 BlockEndpoints []string `json:"block_endpoints,omitempty" hcl:"block_endpoints" mapstructure:"block_endpoints"` 562 AllowWriteHTTPFrom []string `json:"allow_write_http_from,omitempty" hcl:"allow_write_http_from" mapstructure:"allow_write_http_from"` 563 ResponseHeaders map[string]string `json:"response_headers,omitempty" hcl:"response_headers" mapstructure:"response_headers"` 564} 565 566type Performance struct { 567 LeaveDrainTime *string `json:"leave_drain_time,omitempty" hcl:"leave_drain_time" mapstructure:"leave_drain_time"` 568 RaftMultiplier *int `json:"raft_multiplier,omitempty" hcl:"raft_multiplier" mapstructure:"raft_multiplier"` // todo(fs): validate as uint 569 RPCHoldTimeout *string `json:"rpc_hold_timeout" hcl:"rpc_hold_timeout" mapstructure:"rpc_hold_timeout"` 570} 571 572type Telemetry struct { 573 CirconusAPIApp *string `json:"circonus_api_app,omitempty" hcl:"circonus_api_app" mapstructure:"circonus_api_app"` 574 CirconusAPIToken *string `json:"circonus_api_token,omitempty" json:"-" hcl:"circonus_api_token" mapstructure:"circonus_api_token" json:"-"` 575 CirconusAPIURL *string `json:"circonus_api_url,omitempty" hcl:"circonus_api_url" mapstructure:"circonus_api_url"` 576 CirconusBrokerID *string `json:"circonus_broker_id,omitempty" hcl:"circonus_broker_id" mapstructure:"circonus_broker_id"` 577 CirconusBrokerSelectTag *string `json:"circonus_broker_select_tag,omitempty" hcl:"circonus_broker_select_tag" mapstructure:"circonus_broker_select_tag"` 578 CirconusCheckDisplayName *string `json:"circonus_check_display_name,omitempty" hcl:"circonus_check_display_name" mapstructure:"circonus_check_display_name"` 579 CirconusCheckForceMetricActivation *string `json:"circonus_check_force_metric_activation,omitempty" hcl:"circonus_check_force_metric_activation" mapstructure:"circonus_check_force_metric_activation"` 580 CirconusCheckID *string `json:"circonus_check_id,omitempty" hcl:"circonus_check_id" mapstructure:"circonus_check_id"` 581 CirconusCheckInstanceID *string `json:"circonus_check_instance_id,omitempty" hcl:"circonus_check_instance_id" mapstructure:"circonus_check_instance_id"` 582 CirconusCheckSearchTag *string `json:"circonus_check_search_tag,omitempty" hcl:"circonus_check_search_tag" mapstructure:"circonus_check_search_tag"` 583 CirconusCheckTags *string `json:"circonus_check_tags,omitempty" hcl:"circonus_check_tags" mapstructure:"circonus_check_tags"` 584 CirconusSubmissionInterval *string `json:"circonus_submission_interval,omitempty" hcl:"circonus_submission_interval" mapstructure:"circonus_submission_interval"` 585 CirconusSubmissionURL *string `json:"circonus_submission_url,omitempty" hcl:"circonus_submission_url" mapstructure:"circonus_submission_url"` 586 DisableHostname *bool `json:"disable_hostname,omitempty" hcl:"disable_hostname" mapstructure:"disable_hostname"` 587 DogstatsdAddr *string `json:"dogstatsd_addr,omitempty" hcl:"dogstatsd_addr" mapstructure:"dogstatsd_addr"` 588 DogstatsdTags []string `json:"dogstatsd_tags,omitempty" hcl:"dogstatsd_tags" mapstructure:"dogstatsd_tags"` 589 FilterDefault *bool `json:"filter_default,omitempty" hcl:"filter_default" mapstructure:"filter_default"` 590 PrefixFilter []string `json:"prefix_filter,omitempty" hcl:"prefix_filter" mapstructure:"prefix_filter"` 591 MetricsPrefix *string `json:"metrics_prefix,omitempty" hcl:"metrics_prefix" mapstructure:"metrics_prefix"` 592 PrometheusRetentionTime *string `json:"prometheus_retention_time,omitempty" hcl:"prometheus_retention_time" mapstructure:"prometheus_retention_time"` 593 StatsdAddr *string `json:"statsd_address,omitempty" hcl:"statsd_address" mapstructure:"statsd_address"` 594 StatsiteAddr *string `json:"statsite_address,omitempty" hcl:"statsite_address" mapstructure:"statsite_address"` 595} 596 597type Ports struct { 598 DNS *int `json:"dns,omitempty" hcl:"dns" mapstructure:"dns"` 599 HTTP *int `json:"http,omitempty" hcl:"http" mapstructure:"http"` 600 HTTPS *int `json:"https,omitempty" hcl:"https" mapstructure:"https"` 601 SerfLAN *int `json:"serf_lan,omitempty" hcl:"serf_lan" mapstructure:"serf_lan"` 602 SerfWAN *int `json:"serf_wan,omitempty" hcl:"serf_wan" mapstructure:"serf_wan"` 603 Server *int `json:"server,omitempty" hcl:"server" mapstructure:"server"` 604 GRPC *int `json:"grpc,omitempty" hcl:"grpc" mapstructure:"grpc"` 605 ProxyMinPort *int `json:"proxy_min_port,omitempty" hcl:"proxy_min_port" mapstructure:"proxy_min_port"` 606 ProxyMaxPort *int `json:"proxy_max_port,omitempty" hcl:"proxy_max_port" mapstructure:"proxy_max_port"` 607 SidecarMinPort *int `json:"sidecar_min_port,omitempty" hcl:"sidecar_min_port" mapstructure:"sidecar_min_port"` 608 SidecarMaxPort *int `json:"sidecar_max_port,omitempty" hcl:"sidecar_max_port" mapstructure:"sidecar_max_port"` 609} 610 611type UnixSocket struct { 612 Group *string `json:"group,omitempty" hcl:"group" mapstructure:"group"` 613 Mode *string `json:"mode,omitempty" hcl:"mode" mapstructure:"mode"` 614 User *string `json:"user,omitempty" hcl:"user" mapstructure:"user"` 615} 616 617type Limits struct { 618 RPCMaxBurst *int `json:"rpc_max_burst,omitempty" hcl:"rpc_max_burst" mapstructure:"rpc_max_burst"` 619 RPCRate *float64 `json:"rpc_rate,omitempty" hcl:"rpc_rate" mapstructure:"rpc_rate"` 620} 621 622type Segment struct { 623 Advertise *string `json:"advertise,omitempty" hcl:"advertise" mapstructure:"advertise"` 624 Bind *string `json:"bind,omitempty" hcl:"bind" mapstructure:"bind"` 625 Name *string `json:"name,omitempty" hcl:"name" mapstructure:"name"` 626 Port *int `json:"port,omitempty" hcl:"port" mapstructure:"port"` 627 RPCListener *bool `json:"rpc_listener,omitempty" hcl:"rpc_listener" mapstructure:"rpc_listener"` 628} 629 630type ACL struct { 631 Enabled *bool `json:"enabled,omitempty" hcl:"enabled" mapstructure:"enabled"` 632 TokenReplication *bool `json:"enable_token_replication,omitempty" hcl:"enable_token_replication" mapstructure:"enable_token_replication"` 633 PolicyTTL *string `json:"policy_ttl,omitempty" hcl:"policy_ttl" mapstructure:"policy_ttl"` 634 TokenTTL *string `json:"token_ttl,omitempty" hcl:"token_ttl" mapstructure:"token_ttl"` 635 DownPolicy *string `json:"down_policy,omitempty" hcl:"down_policy" mapstructure:"down_policy"` 636 DefaultPolicy *string `json:"default_policy,omitempty" hcl:"default_policy" mapstructure:"default_policy"` 637 EnableKeyListPolicy *bool `json:"enable_key_list_policy,omitempty" hcl:"enable_key_list_policy" mapstructure:"enable_key_list_policy"` 638 Tokens Tokens `json:"tokens,omitempty" hcl:"tokens" mapstructure:"tokens"` 639 DisabledTTL *string `json:"disabled_ttl,omitempty" hcl:"disabled_ttl" mapstructure:"disabled_ttl"` 640} 641 642type Tokens struct { 643 Master *string `json:"master,omitempty" hcl:"master" mapstructure:"master"` 644 Replication *string `json:"replication,omitempty" hcl:"replication" mapstructure:"replication"` 645 AgentMaster *string `json:"agent_master,omitempty" hcl:"agent_master" mapstructure:"agent_master"` 646 Default *string `json:"default,omitempty" hcl:"default" mapstructure:"default"` 647 Agent *string `json:"agent,omitempty" hcl:"agent" mapstructure:"agent"` 648} 649