mirror of
https://github.com/minio/minio.git
synced 2024-12-23 21:55:53 -05:00
Final changes to config sub-system (#8600)
- Introduces changes such as certain types of errors that can be ignored or which need to go into safe mode. - Update help text as per the review
This commit is contained in:
parent
794eb54da8
commit
c9940d8c3f
@ -23,9 +23,17 @@ import (
|
||||
"io"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/gorilla/mux"
|
||||
"github.com/minio/minio/cmd/config"
|
||||
"github.com/minio/minio/cmd/config/cache"
|
||||
"github.com/minio/minio/cmd/config/etcd"
|
||||
xldap "github.com/minio/minio/cmd/config/identity/ldap"
|
||||
"github.com/minio/minio/cmd/config/identity/openid"
|
||||
"github.com/minio/minio/cmd/config/policy/opa"
|
||||
"github.com/minio/minio/cmd/config/storageclass"
|
||||
"github.com/minio/minio/cmd/crypto"
|
||||
"github.com/minio/minio/cmd/logger"
|
||||
iampolicy "github.com/minio/minio/pkg/iam/policy"
|
||||
"github.com/minio/minio/pkg/madmin"
|
||||
@ -417,15 +425,45 @@ func (a adminAPIHandlers) GetConfigHandler(w http.ResponseWriter, r *http.Reques
|
||||
return
|
||||
}
|
||||
|
||||
var buf = &bytes.Buffer{}
|
||||
cw := config.NewConfigWriteTo(cfg, "")
|
||||
if _, err = cw.WriteTo(buf); err != nil {
|
||||
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
|
||||
return
|
||||
var s strings.Builder
|
||||
hkvs := config.HelpSubSysMap[""]
|
||||
for _, hkv := range hkvs {
|
||||
v := cfg[hkv.Key]
|
||||
for target, kv := range v {
|
||||
off := kv.Get(config.Enable) == config.EnableOff
|
||||
switch hkv.Key {
|
||||
case config.EtcdSubSys:
|
||||
off = !etcd.Enabled(kv)
|
||||
case config.CacheSubSys:
|
||||
off = !cache.Enabled(kv)
|
||||
case config.StorageClassSubSys:
|
||||
off = !storageclass.Enabled(kv)
|
||||
case config.KmsVaultSubSys:
|
||||
off = !crypto.Enabled(kv)
|
||||
case config.PolicyOPASubSys:
|
||||
off = !opa.Enabled(kv)
|
||||
case config.IdentityOpenIDSubSys:
|
||||
off = !openid.Enabled(kv)
|
||||
case config.IdentityLDAPSubSys:
|
||||
off = !xldap.Enabled(kv)
|
||||
}
|
||||
if off {
|
||||
s.WriteString(config.KvComment)
|
||||
s.WriteString(config.KvSpaceSeparator)
|
||||
}
|
||||
s.WriteString(hkv.Key)
|
||||
if target != config.Default {
|
||||
s.WriteString(config.SubSystemSeparator)
|
||||
s.WriteString(target)
|
||||
}
|
||||
s.WriteString(config.KvSpaceSeparator)
|
||||
s.WriteString(kv.String())
|
||||
s.WriteString(config.KvNewline)
|
||||
}
|
||||
}
|
||||
|
||||
password := globalActiveCred.SecretKey
|
||||
econfigData, err := madmin.EncryptData(password, buf.Bytes())
|
||||
econfigData, err := madmin.EncryptData(password, []byte(s.String()))
|
||||
if err != nil {
|
||||
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
|
||||
return
|
||||
|
@ -158,7 +158,7 @@ func handleCommonCmdArgs(ctx *cli.Context) {
|
||||
|
||||
func handleCommonEnvVars() {
|
||||
var err error
|
||||
globalBrowserEnabled, err = config.ParseBool(env.Get(config.EnvBrowser, config.StateOn))
|
||||
globalBrowserEnabled, err = config.ParseBool(env.Get(config.EnvBrowser, config.EnableOn))
|
||||
if err != nil {
|
||||
logger.Fatal(config.ErrInvalidBrowserValue(err), "Invalid MINIO_BROWSER value in environment variable")
|
||||
}
|
||||
@ -202,7 +202,7 @@ func handleCommonEnvVars() {
|
||||
// In place update is true by default if the MINIO_UPDATE is not set
|
||||
// or is not set to 'off', if MINIO_UPDATE is set to 'off' then
|
||||
// in-place update is off.
|
||||
globalInplaceUpdateDisabled = strings.EqualFold(env.Get(config.EnvUpdate, config.StateOn), config.StateOff)
|
||||
globalInplaceUpdateDisabled = strings.EqualFold(env.Get(config.EnvUpdate, config.EnableOn), config.EnableOff)
|
||||
|
||||
if env.IsSet(config.EnvAccessKey) || env.IsSet(config.EnvSecretKey) {
|
||||
cred, err := auth.CreateCredentials(env.Get(config.EnvAccessKey, ""), env.Get(config.EnvSecretKey, ""))
|
||||
|
@ -18,6 +18,7 @@ package cmd
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
@ -39,12 +40,11 @@ import (
|
||||
"github.com/minio/minio/pkg/env"
|
||||
)
|
||||
|
||||
func init() {
|
||||
func initHelp() {
|
||||
var kvs = map[string]config.KVS{
|
||||
config.EtcdSubSys: etcd.DefaultKVS,
|
||||
config.CacheSubSys: cache.DefaultKVS,
|
||||
config.CompressionSubSys: compress.DefaultKVS,
|
||||
config.StorageClassSubSys: storageclass.DefaultKVS,
|
||||
config.IdentityLDAPSubSys: xldap.DefaultKVS,
|
||||
config.IdentityOpenIDSubSys: openid.DefaultKVS,
|
||||
config.PolicyOPASubSys: opa.DefaultKVS,
|
||||
@ -57,115 +57,123 @@ func init() {
|
||||
for k, v := range notify.DefaultNotificationKVS {
|
||||
kvs[k] = v
|
||||
}
|
||||
if globalIsXL {
|
||||
kvs[config.StorageClassSubSys] = storageclass.DefaultKVS
|
||||
}
|
||||
config.RegisterDefaultKVS(kvs)
|
||||
|
||||
// Captures help for each sub-system
|
||||
var helpSubSys = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: config.RegionSubSys,
|
||||
Description: "Configure to describe the physical location of the server",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.StorageClassSubSys,
|
||||
Description: "Configure to control data and parity per object",
|
||||
Description: "label the location of the server",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.CacheSubSys,
|
||||
Description: "Configure to enable edge caching",
|
||||
Description: "add caching storage tier",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.CompressionSubSys,
|
||||
Description: "Configure to enable streaming on disk compression",
|
||||
Description: "enable server side compression of objects",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.EtcdSubSys,
|
||||
Description: "Configure to enable 'etcd' configuration",
|
||||
Description: "federate multiple clusters for IAM and Bucket DNS",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.IdentityOpenIDSubSys,
|
||||
Description: "Configure to enable OpenID SSO support",
|
||||
Description: "enable OpenID SSO support",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.IdentityLDAPSubSys,
|
||||
Description: "Configure to enable LDAP SSO support",
|
||||
Description: "enable LDAP SSO support",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.PolicyOPASubSys,
|
||||
Description: "Configure to enable external OPA policy support",
|
||||
Description: "enable external OPA for policy enforcement",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.KmsVaultSubSys,
|
||||
Description: "Configure to enable Vault based external KMS",
|
||||
Description: "enable external HashiCorp Vault for KMS",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.LoggerWebhookSubSys,
|
||||
Description: "Configure to enable Webhook based logger",
|
||||
Description: "send server logs to webhook endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.AuditWebhookSubSys,
|
||||
Description: "Configure to enable Webhook based audit logger",
|
||||
Description: "send audit logs to webhook endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.NotifyWebhookSubSys,
|
||||
Description: "Configure to publish events to Webhook target",
|
||||
Description: "publish bucket notifications to webhook endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.NotifyAMQPSubSys,
|
||||
Description: "Configure to publish events to AMQP target",
|
||||
Description: "publish bucket notifications to AMQP endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.NotifyKafkaSubSys,
|
||||
Description: "Configure to publish events to Kafka target",
|
||||
Description: "publish bucket notifications to Kafka endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.NotifyMQTTSubSys,
|
||||
Description: "Configure to publish events to MQTT target",
|
||||
Description: "publish bucket notifications to MQTT endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.NotifyNATSSubSys,
|
||||
Description: "Configure to publish events to NATS target",
|
||||
Description: "publish bucket notifications to NATS endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.NotifyNSQSubSys,
|
||||
Description: "Configure to publish events to NSQ target",
|
||||
Description: "publish bucket notifications to NSQ endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.NotifyMySQLSubSys,
|
||||
Description: "Configure to publish events to MySQL target",
|
||||
Description: "publish bucket notifications to MySQL endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.NotifyPostgresSubSys,
|
||||
Description: "Configure to publish events to Postgres target",
|
||||
Description: "publish bucket notifications to Postgres endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.NotifyRedisSubSys,
|
||||
Description: "Configure to publish events to Redis target",
|
||||
Description: "publish bucket notifications to Redis endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.NotifyESSubSys,
|
||||
Description: "Configure to publish events to Elasticsearch target",
|
||||
Description: "publish bucket notifications to Elasticsearch endpoints",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
}
|
||||
|
||||
if globalIsXL {
|
||||
helpSubSys = append(helpSubSys, config.HelpKV{})
|
||||
copy(helpSubSys[2:], helpSubSys[1:])
|
||||
helpSubSys[1] = config.HelpKV{
|
||||
Key: config.StorageClassSubSys,
|
||||
Description: "define object level redundancy",
|
||||
}
|
||||
}
|
||||
|
||||
var helpMap = map[string]config.HelpKVS{
|
||||
"": helpSubSys, // Help for all sub-systems.
|
||||
config.RegionSubSys: config.RegionHelp,
|
||||
config.StorageClassSubSys: storageclass.Help,
|
||||
config.EtcdSubSys: etcd.Help,
|
||||
config.CacheSubSys: cache.Help,
|
||||
config.CompressionSubSys: compress.Help,
|
||||
config.StorageClassSubSys: storageclass.Help,
|
||||
config.IdentityOpenIDSubSys: openid.Help,
|
||||
config.IdentityLDAPSubSys: xldap.Help,
|
||||
config.PolicyOPASubSys: opa.Help,
|
||||
@ -249,6 +257,9 @@ func validateConfig(s config.Config) error {
|
||||
if _, err = crypto.NewKMS(kmsCfg); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Disable merging env values for the rest.
|
||||
env.SetEnvOff()
|
||||
}
|
||||
}
|
||||
|
||||
@ -279,18 +290,18 @@ func lookupConfigs(s config.Config) (err error) {
|
||||
// Env doesn't seem to be set, we fallback to lookup creds from the config.
|
||||
globalActiveCred, err = config.LookupCreds(s[config.CredentialsSubSys][config.Default])
|
||||
if err != nil {
|
||||
return config.Errorf("Invalid credentials configuration: %s", err)
|
||||
return fmt.Errorf("Invalid credentials configuration: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
etcdCfg, err := xetcd.LookupConfig(s[config.EtcdSubSys][config.Default], globalRootCAs)
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to initialize etcd config: %s", err)
|
||||
return fmt.Errorf("Unable to initialize etcd config: %w", err)
|
||||
}
|
||||
|
||||
globalEtcdClient, err = xetcd.New(etcdCfg)
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to initialize etcd config: %s", err)
|
||||
return fmt.Errorf("Unable to initialize etcd config: %w", err)
|
||||
}
|
||||
|
||||
if len(globalDomainNames) != 0 && !globalDomainIPs.IsEmpty() && globalEtcdClient != nil {
|
||||
@ -301,51 +312,51 @@ func lookupConfigs(s config.Config) (err error) {
|
||||
dns.CoreDNSPath(etcdCfg.CoreDNSPath),
|
||||
)
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to initialize DNS config for %s: %s", globalDomainNames, err)
|
||||
return config.Errorf(config.SafeModeKind,
|
||||
"Unable to initialize DNS config for %s: %s", globalDomainNames, err)
|
||||
}
|
||||
}
|
||||
|
||||
globalServerRegion, err = config.LookupRegion(s[config.RegionSubSys][config.Default])
|
||||
if err != nil {
|
||||
return config.Errorf("Invalid region configuration: %s", err)
|
||||
return fmt.Errorf("Invalid region configuration: %w", err)
|
||||
}
|
||||
|
||||
globalWORMEnabled, err = config.LookupWorm()
|
||||
if err != nil {
|
||||
return config.Errorf("Invalid worm configuration: %s", err)
|
||||
|
||||
return fmt.Errorf("Invalid worm configuration: %w", err)
|
||||
}
|
||||
|
||||
if globalIsXL {
|
||||
globalStorageClass, err = storageclass.LookupConfig(s[config.StorageClassSubSys][config.Default],
|
||||
globalXLSetDriveCount)
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to initialize storage class config: %s", err)
|
||||
return fmt.Errorf("Unable to initialize storage class config: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
globalCacheConfig, err = cache.LookupConfig(s[config.CacheSubSys][config.Default])
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to setup cache: %s", err)
|
||||
return fmt.Errorf("Unable to setup cache: %w", err)
|
||||
}
|
||||
|
||||
if globalCacheConfig.Enabled {
|
||||
if cacheEncKey := env.Get(cache.EnvCacheEncryptionMasterKey, ""); cacheEncKey != "" {
|
||||
globalCacheKMS, err = crypto.ParseMasterKey(cacheEncKey)
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to setup encryption cache: %s", err)
|
||||
return fmt.Errorf("Unable to setup encryption cache: %w", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
kmsCfg, err := crypto.LookupConfig(s[config.KmsVaultSubSys][config.Default])
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to setup KMS config: %s", err)
|
||||
return fmt.Errorf("Unable to setup KMS config: %w", err)
|
||||
}
|
||||
|
||||
GlobalKMS, err = crypto.NewKMS(kmsCfg)
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to setup KMS with current KMS config: %s", err)
|
||||
return fmt.Errorf("Unable to setup KMS with current KMS config: %w", err)
|
||||
}
|
||||
|
||||
// Enable auto-encryption if enabled
|
||||
@ -353,19 +364,19 @@ func lookupConfigs(s config.Config) (err error) {
|
||||
|
||||
globalCompressConfig, err = compress.LookupConfig(s[config.CompressionSubSys][config.Default])
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to setup Compression: %s", err)
|
||||
return fmt.Errorf("Unable to setup Compression: %w", err)
|
||||
}
|
||||
|
||||
globalOpenIDConfig, err = openid.LookupConfig(s[config.IdentityOpenIDSubSys][config.Default],
|
||||
NewCustomHTTPTransport(), xhttp.DrainBody)
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to initialize OpenID: %s", err)
|
||||
return fmt.Errorf("Unable to initialize OpenID: %w", err)
|
||||
}
|
||||
|
||||
opaCfg, err := opa.LookupConfig(s[config.PolicyOPASubSys][config.Default],
|
||||
NewCustomHTTPTransport(), xhttp.DrainBody)
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to initialize OPA: %s", err)
|
||||
return fmt.Errorf("Unable to initialize OPA: %w", err)
|
||||
}
|
||||
|
||||
globalOpenIDValidators = getOpenIDValidators(globalOpenIDConfig)
|
||||
@ -374,7 +385,7 @@ func lookupConfigs(s config.Config) (err error) {
|
||||
globalLDAPConfig, err = xldap.Lookup(s[config.IdentityLDAPSubSys][config.Default],
|
||||
globalRootCAs)
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to parse LDAP configuration: %s", err)
|
||||
return fmt.Errorf("Unable to parse LDAP configuration: %w", err)
|
||||
}
|
||||
|
||||
// Load logger targets based on user's configuration
|
||||
@ -382,7 +393,7 @@ func lookupConfigs(s config.Config) (err error) {
|
||||
|
||||
loggerCfg, err := logger.LookupConfig(s)
|
||||
if err != nil {
|
||||
return config.Errorf("Unable to initialize logger: %s", err)
|
||||
return fmt.Errorf("Unable to initialize logger: %w", err)
|
||||
}
|
||||
|
||||
for _, l := range loggerCfg.HTTP {
|
||||
@ -420,24 +431,32 @@ func GetHelp(subSys, key string, envOnly bool) (Help, error) {
|
||||
}
|
||||
subSystemValue := strings.SplitN(subSys, config.SubSystemSeparator, 2)
|
||||
if len(subSystemValue) == 0 {
|
||||
return Help{}, config.Errorf("invalid number of arguments %s", subSys)
|
||||
return Help{}, config.Errorf(
|
||||
config.SafeModeKind,
|
||||
"invalid number of arguments %s", subSys)
|
||||
}
|
||||
|
||||
subSys = subSystemValue[0]
|
||||
|
||||
subSysHelp, ok := config.HelpSubSysMap[""].Lookup(subSys)
|
||||
if !ok {
|
||||
return Help{}, config.Errorf("unknown sub-system %s", subSys)
|
||||
return Help{}, config.Errorf(
|
||||
config.SafeModeKind,
|
||||
"unknown sub-system %s", subSys)
|
||||
}
|
||||
|
||||
h, ok := config.HelpSubSysMap[subSys]
|
||||
if !ok {
|
||||
return Help{}, config.Errorf("unknown sub-system %s", subSys)
|
||||
return Help{}, config.Errorf(
|
||||
config.SafeModeKind,
|
||||
"unknown sub-system %s", subSys)
|
||||
}
|
||||
if key != "" {
|
||||
value, ok := h.Lookup(key)
|
||||
if !ok {
|
||||
return Help{}, config.Errorf("unknown key %s for sub-system %s", key, subSys)
|
||||
return Help{}, config.Errorf(
|
||||
config.SafeModeKind,
|
||||
"unknown key %s for sub-system %s", key, subSys)
|
||||
}
|
||||
h = config.HelpKVS{value}
|
||||
}
|
||||
|
20
cmd/config/cache/help.go
vendored
20
cmd/config/cache/help.go
vendored
@ -23,30 +23,30 @@ var (
|
||||
Help = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: Drives,
|
||||
Description: `List of mounted drives or directories delimited by ","`,
|
||||
Type: "csv",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: Exclude,
|
||||
Description: `List of wildcard based cache exclusion patterns delimited by ","`,
|
||||
Optional: true,
|
||||
Description: `comma separated mountpoints e.g. "/optane1,/optane2"`,
|
||||
Type: "csv",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: Expiry,
|
||||
Description: `Cache expiry duration in days. eg: "90"`,
|
||||
Description: `cache expiry duration in days e.g. "90"`,
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: Quota,
|
||||
Description: `Maximum permitted usage of the cache in percentage (0-100)`,
|
||||
Description: `limit cache drive usage in percentage e.g. "90"`,
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: Exclude,
|
||||
Description: `comma separated wildcard exclusion patterns e.g. "bucket/*.tmp,*.exe"`,
|
||||
Optional: true,
|
||||
Type: "csv",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the 'cache' settings",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
|
4
cmd/config/cache/legacy.go
vendored
4
cmd/config/cache/legacy.go
vendored
@ -34,10 +34,6 @@ func SetCacheConfig(s config.Config, cfg Config) {
|
||||
return
|
||||
}
|
||||
s[config.CacheSubSys][config.Default] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: Drives,
|
||||
Value: strings.Join(cfg.Drives, cacheDelimiter),
|
||||
|
34
cmd/config/cache/lookup.go
vendored
34
cmd/config/cache/lookup.go
vendored
@ -32,7 +32,6 @@ const (
|
||||
MaxUse = "maxuse"
|
||||
Quota = "quota"
|
||||
|
||||
EnvCacheState = "MINIO_CACHE_STATE"
|
||||
EnvCacheDrives = "MINIO_CACHE_DRIVES"
|
||||
EnvCacheExclude = "MINIO_CACHE_EXCLUDE"
|
||||
EnvCacheExpiry = "MINIO_CACHE_EXPIRY"
|
||||
@ -47,10 +46,6 @@ const (
|
||||
// DefaultKVS - default KV settings for caching.
|
||||
var (
|
||||
DefaultKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: Drives,
|
||||
Value: "",
|
||||
@ -74,6 +69,12 @@ const (
|
||||
cacheDelimiter = ","
|
||||
)
|
||||
|
||||
// Enabled returns if cache is enabled.
|
||||
func Enabled(kvs config.KVS) bool {
|
||||
drives := kvs.Get(Drives)
|
||||
return drives != ""
|
||||
}
|
||||
|
||||
// LookupConfig - extracts cache configuration provided by environment
|
||||
// variables and merge them with provided CacheConfiguration.
|
||||
func LookupConfig(kvs config.KVS) (Config, error) {
|
||||
@ -84,28 +85,7 @@ func LookupConfig(kvs config.KVS) (Config, error) {
|
||||
}
|
||||
|
||||
drives := env.Get(EnvCacheDrives, kvs.Get(Drives))
|
||||
if len(drives) > 0 {
|
||||
// Drives is not-empty means user wishes to enable this explicitly, but
|
||||
// check if ENV is set to false to disable caching.
|
||||
stateBool, err := config.ParseBool(env.Get(EnvCacheState, config.StateOn))
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
if !stateBool {
|
||||
return cfg, nil
|
||||
}
|
||||
} else {
|
||||
// Check if cache is explicitly disabled
|
||||
stateBool, err := config.ParseBool(env.Get(EnvCacheState, kvs.Get(config.State)))
|
||||
if err != nil {
|
||||
if kvs.Empty() {
|
||||
return cfg, nil
|
||||
}
|
||||
return cfg, err
|
||||
}
|
||||
if stateBool {
|
||||
return cfg, config.Error("'drives' key cannot be empty to enable caching")
|
||||
}
|
||||
if len(drives) == 0 {
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
|
@ -36,7 +36,7 @@ const (
|
||||
Extensions = "extensions"
|
||||
MimeTypes = "mime_types"
|
||||
|
||||
EnvCompressState = "MINIO_COMPRESS_STATE"
|
||||
EnvCompressState = "MINIO_COMPRESS_ENABLE"
|
||||
EnvCompressExtensions = "MINIO_COMPRESS_EXTENSIONS"
|
||||
EnvCompressMimeTypes = "MINIO_COMPRESS_MIME_TYPES"
|
||||
|
||||
@ -49,8 +49,8 @@ const (
|
||||
var (
|
||||
DefaultKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: Extensions,
|
||||
@ -87,7 +87,7 @@ func LookupConfig(kvs config.KVS) (Config, error) {
|
||||
|
||||
compress := env.Get(EnvCompress, "")
|
||||
if compress == "" {
|
||||
compress = env.Get(EnvCompressState, kvs.Get(config.State))
|
||||
compress = env.Get(EnvCompressState, kvs.Get(config.Enable))
|
||||
}
|
||||
cfg.Enabled, err = config.ParseBool(compress)
|
||||
if err != nil {
|
||||
|
@ -23,19 +23,19 @@ var (
|
||||
Help = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: Extensions,
|
||||
Description: `Comma separated file extensions to compress eg: ".txt,.log,.csv"`,
|
||||
Description: `comma separated file extensions e.g. ".txt,.log,.csv"`,
|
||||
Optional: true,
|
||||
Type: "csv",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: MimeTypes,
|
||||
Description: `Comma separate wildcard mime-types to compress eg: "text/*,application/json,application/xml"`,
|
||||
Description: `comma separated wildcard mime-types e.g. "text/*,application/json,application/xml"`,
|
||||
Optional: true,
|
||||
Type: "csv",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the compression setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
|
@ -36,8 +36,8 @@ func SetCompressionConfig(s config.Config, cfg Config) {
|
||||
}
|
||||
s[config.CompressionSubSys][config.Default] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: Extensions,
|
||||
|
@ -31,27 +31,39 @@ import (
|
||||
)
|
||||
|
||||
// Error config error type
|
||||
type Error string
|
||||
type Error struct {
|
||||
Kind ErrorKind
|
||||
Err string
|
||||
}
|
||||
|
||||
// ErrorKind config error kind
|
||||
type ErrorKind int8
|
||||
|
||||
// Various error kinds.
|
||||
const (
|
||||
ContinueKind ErrorKind = iota + 1
|
||||
SafeModeKind
|
||||
)
|
||||
|
||||
// Errorf - formats according to a format specifier and returns
|
||||
// the string as a value that satisfies error of type config.Error
|
||||
func Errorf(format string, a ...interface{}) error {
|
||||
return Error(fmt.Sprintf(format, a...))
|
||||
func Errorf(errKind ErrorKind, format string, a ...interface{}) error {
|
||||
return Error{Kind: errKind, Err: fmt.Sprintf(format, a...)}
|
||||
}
|
||||
|
||||
func (e Error) Error() string {
|
||||
return string(e)
|
||||
return e.Err
|
||||
}
|
||||
|
||||
// Default keys
|
||||
const (
|
||||
Default = madmin.Default
|
||||
State = madmin.StateKey
|
||||
Enable = madmin.EnableKey
|
||||
Comment = madmin.CommentKey
|
||||
|
||||
// State values
|
||||
StateOn = madmin.StateOn
|
||||
StateOff = madmin.StateOff
|
||||
// Enable values
|
||||
EnableOn = madmin.EnableOn
|
||||
EnableOff = madmin.EnableOff
|
||||
|
||||
RegionName = "name"
|
||||
AccessKey = "access_key"
|
||||
@ -67,7 +79,7 @@ const (
|
||||
CacheSubSys = "cache"
|
||||
RegionSubSys = "region"
|
||||
EtcdSubSys = "etcd"
|
||||
StorageClassSubSys = "storageclass"
|
||||
StorageClassSubSys = "storage_class"
|
||||
CompressionSubSys = "compression"
|
||||
KmsVaultSubSys = "kms_vault"
|
||||
LoggerWebhookSubSys = "logger_webhook"
|
||||
@ -195,19 +207,41 @@ func (kvs KVS) String() string {
|
||||
var s strings.Builder
|
||||
for _, kv := range kvs {
|
||||
// Do not need to print if state is on
|
||||
if kv.Key == State && kv.Value == StateOn {
|
||||
if kv.Key == Enable && kv.Value == EnableOn {
|
||||
continue
|
||||
}
|
||||
s.WriteString(kv.Key)
|
||||
s.WriteString(KvSeparator)
|
||||
s.WriteString(KvDoubleQuote)
|
||||
spc := madmin.HasSpace(kv.Value)
|
||||
if spc {
|
||||
s.WriteString(KvDoubleQuote)
|
||||
}
|
||||
s.WriteString(kv.Value)
|
||||
s.WriteString(KvDoubleQuote)
|
||||
if spc {
|
||||
s.WriteString(KvDoubleQuote)
|
||||
}
|
||||
s.WriteString(KvSpaceSeparator)
|
||||
}
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// Set sets a value, if not sets a default value.
|
||||
func (kvs *KVS) Set(key, value string) {
|
||||
for i, kv := range *kvs {
|
||||
if kv.Key == key {
|
||||
(*kvs)[i] = KV{
|
||||
Key: key,
|
||||
Value: value,
|
||||
}
|
||||
return
|
||||
}
|
||||
}
|
||||
*kvs = append(*kvs, KV{
|
||||
Key: key,
|
||||
Value: value,
|
||||
})
|
||||
}
|
||||
|
||||
// Get - returns the value of a key, if not found returns empty.
|
||||
func (kvs KVS) Get(key string) string {
|
||||
v, ok := kvs.Lookup(key)
|
||||
@ -230,25 +264,6 @@ func (kvs KVS) Lookup(key string) (string, bool) {
|
||||
// Config - MinIO server config structure.
|
||||
type Config map[string]map[string]KVS
|
||||
|
||||
func (c Config) String() string {
|
||||
var s strings.Builder
|
||||
hkvs := HelpSubSysMap[""]
|
||||
for _, hkv := range hkvs {
|
||||
v := c[hkv.Key]
|
||||
for target, kv := range v {
|
||||
s.WriteString(hkv.Key)
|
||||
if target != Default {
|
||||
s.WriteString(SubSystemSeparator)
|
||||
s.WriteString(target)
|
||||
}
|
||||
s.WriteString(KvSpaceSeparator)
|
||||
s.WriteString(kv.String())
|
||||
s.WriteString(KvNewline)
|
||||
}
|
||||
}
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// DelFrom - deletes all keys in the input reader.
|
||||
func (c Config) DelFrom(r io.Reader) error {
|
||||
scanner := bufio.NewScanner(r)
|
||||
@ -303,10 +318,6 @@ func NewConfigWriteTo(cfg Config, key string) io.WriterTo {
|
||||
|
||||
// WriteTo - implements io.WriterTo interface implementation for config.
|
||||
func (c *configWriteTo) WriteTo(w io.Writer) (int64, error) {
|
||||
if c.filterByKey == "" {
|
||||
n, err := w.Write([]byte(c.String()))
|
||||
return int64(n), err
|
||||
}
|
||||
kvs, err := c.GetKVS(c.filterByKey, DefaultKVS)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
@ -329,10 +340,6 @@ func (c *configWriteTo) WriteTo(w io.Writer) (int64, error) {
|
||||
// Default KV configs for worm and region
|
||||
var (
|
||||
DefaultCredentialKVS = KVS{
|
||||
KV{
|
||||
Key: State,
|
||||
Value: StateOff,
|
||||
},
|
||||
KV{
|
||||
Key: AccessKey,
|
||||
Value: auth.DefaultAccessKey,
|
||||
@ -344,10 +351,6 @@ var (
|
||||
}
|
||||
|
||||
DefaultRegionKVS = KVS{
|
||||
KV{
|
||||
Key: State,
|
||||
Value: StateOff,
|
||||
},
|
||||
KV{
|
||||
Key: RegionName,
|
||||
Value: "",
|
||||
@ -384,7 +387,8 @@ func LookupRegion(kv KVS) (string, error) {
|
||||
if validRegionRegex.MatchString(region) {
|
||||
return region, nil
|
||||
}
|
||||
return "", Errorf("region '%s' is invalid, expected simple characters such as [us-east-1, myregion...]",
|
||||
return "", Errorf(SafeModeKind,
|
||||
"region '%s' is invalid, expected simple characters such as [us-east-1, myregion...]",
|
||||
region)
|
||||
}
|
||||
return "", nil
|
||||
@ -400,14 +404,16 @@ func CheckValidKeys(subSys string, kv KVS, validKVS KVS) error {
|
||||
}
|
||||
}
|
||||
if len(nkv) > 0 {
|
||||
return Errorf("found invalid keys (%s) for '%s' sub-system", nkv.String(), subSys)
|
||||
return Errorf(
|
||||
ContinueKind,
|
||||
"found invalid keys (%s) for '%s' sub-system, use 'mc admin config reset myminio %s' to fix invalid keys", nkv.String(), subSys, subSys)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// LookupWorm - check if worm is enabled
|
||||
func LookupWorm() (bool, error) {
|
||||
return ParseBool(env.Get(EnvWorm, StateOff))
|
||||
return ParseBool(env.Get(EnvWorm, EnableOff))
|
||||
}
|
||||
|
||||
// New - initialize a new server config.
|
||||
@ -423,15 +429,15 @@ func New() Config {
|
||||
// GetKVS - get kvs from specific subsystem.
|
||||
func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, error) {
|
||||
if len(s) == 0 {
|
||||
return nil, Error("input cannot be empty")
|
||||
return nil, Errorf(SafeModeKind, "input cannot be empty")
|
||||
}
|
||||
inputs := strings.Fields(s)
|
||||
if len(inputs) > 1 {
|
||||
return nil, Errorf("invalid number of arguments %s", s)
|
||||
return nil, Errorf(SafeModeKind, "invalid number of arguments %s", s)
|
||||
}
|
||||
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
|
||||
if len(subSystemValue) == 0 {
|
||||
return nil, Errorf("invalid number of arguments %s", s)
|
||||
return nil, Errorf(SafeModeKind, "invalid number of arguments %s", s)
|
||||
}
|
||||
found := SubSystems.Contains(subSystemValue[0])
|
||||
if !found {
|
||||
@ -440,7 +446,7 @@ func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, err
|
||||
found = !SubSystems.FuncMatch(strings.HasPrefix, subSystemValue[0]).IsEmpty() && len(subSystemValue) == 1
|
||||
}
|
||||
if !found {
|
||||
return nil, Errorf("unknown sub-system %s", s)
|
||||
return nil, Errorf(SafeModeKind, "unknown sub-system %s", s)
|
||||
}
|
||||
|
||||
kvs := make(map[string]KVS)
|
||||
@ -448,11 +454,11 @@ func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, err
|
||||
subSysPrefix := subSystemValue[0]
|
||||
if len(subSystemValue) == 2 {
|
||||
if len(subSystemValue[1]) == 0 {
|
||||
return nil, Errorf("sub-system target '%s' cannot be empty", s)
|
||||
return nil, Errorf(SafeModeKind, "sub-system target '%s' cannot be empty", s)
|
||||
}
|
||||
kvs[inputs[0]], ok = c[subSysPrefix][subSystemValue[1]]
|
||||
if !ok {
|
||||
return nil, Errorf("sub-system target '%s' doesn't exist", s)
|
||||
return nil, Errorf(SafeModeKind, "sub-system target '%s' doesn't exist", s)
|
||||
}
|
||||
} else {
|
||||
for subSys, subSysTgts := range c {
|
||||
@ -478,30 +484,32 @@ func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, err
|
||||
// DelKVS - delete a specific key.
|
||||
func (c Config) DelKVS(s string) error {
|
||||
if len(s) == 0 {
|
||||
return Error("input arguments cannot be empty")
|
||||
return Errorf(SafeModeKind, "input arguments cannot be empty")
|
||||
}
|
||||
inputs := strings.Fields(s)
|
||||
if len(inputs) > 1 {
|
||||
return Errorf("invalid number of arguments %s", s)
|
||||
return Errorf(SafeModeKind, "invalid number of arguments %s", s)
|
||||
}
|
||||
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
|
||||
if len(subSystemValue) == 0 {
|
||||
return Errorf("invalid number of arguments %s", s)
|
||||
return Errorf(SafeModeKind, "invalid number of arguments %s", s)
|
||||
}
|
||||
if !SubSystems.Contains(subSystemValue[0]) {
|
||||
return Errorf("unknown sub-system %s", s)
|
||||
// Unknown sub-system found try to remove it anyways.
|
||||
delete(c, subSystemValue[0])
|
||||
return nil
|
||||
}
|
||||
tgt := Default
|
||||
subSys := subSystemValue[0]
|
||||
if len(subSystemValue) == 2 {
|
||||
if len(subSystemValue[1]) == 0 {
|
||||
return Errorf("sub-system target '%s' cannot be empty", s)
|
||||
return Errorf(SafeModeKind, "sub-system target '%s' cannot be empty", s)
|
||||
}
|
||||
tgt = subSystemValue[1]
|
||||
}
|
||||
_, ok := c[subSys][tgt]
|
||||
if !ok {
|
||||
return Errorf("sub-system %s already deleted", s)
|
||||
return Errorf(SafeModeKind, "sub-system %s already deleted", s)
|
||||
}
|
||||
delete(c[subSys], tgt)
|
||||
return nil
|
||||
@ -522,23 +530,23 @@ func (c Config) Clone() Config {
|
||||
// SetKVS - set specific key values per sub-system.
|
||||
func (c Config) SetKVS(s string, defaultKVS map[string]KVS) error {
|
||||
if len(s) == 0 {
|
||||
return Error("input arguments cannot be empty")
|
||||
return Errorf(SafeModeKind, "input arguments cannot be empty")
|
||||
}
|
||||
inputs := strings.SplitN(s, KvSpaceSeparator, 2)
|
||||
if len(inputs) <= 1 {
|
||||
return Errorf("invalid number of arguments '%s'", s)
|
||||
return Errorf(SafeModeKind, "invalid number of arguments '%s'", s)
|
||||
}
|
||||
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
|
||||
if len(subSystemValue) == 0 {
|
||||
return Errorf("invalid number of arguments %s", s)
|
||||
return Errorf(SafeModeKind, "invalid number of arguments %s", s)
|
||||
}
|
||||
|
||||
if !SubSystems.Contains(subSystemValue[0]) {
|
||||
return Errorf("unknown sub-system %s", s)
|
||||
return Errorf(SafeModeKind, "unknown sub-system %s", s)
|
||||
}
|
||||
|
||||
if SubSystemsSingleTargets.Contains(subSystemValue[0]) && len(subSystemValue) == 2 {
|
||||
return Errorf("sub-system '%s' only supports single target", subSystemValue[0])
|
||||
return Errorf(SafeModeKind, "sub-system '%s' only supports single target", subSystemValue[0])
|
||||
}
|
||||
|
||||
var kvs = KVS{}
|
||||
@ -559,7 +567,7 @@ func (c Config) SetKVS(s string, defaultKVS map[string]KVS) error {
|
||||
continue
|
||||
}
|
||||
if len(kv) == 1 {
|
||||
return Errorf("key '%s', cannot have empty value", kv[0])
|
||||
return Errorf(SafeModeKind, "key '%s', cannot have empty value", kv[0])
|
||||
}
|
||||
prevK = kv[0]
|
||||
kvs = append(kvs, KV{
|
||||
@ -574,21 +582,30 @@ func (c Config) SetKVS(s string, defaultKVS map[string]KVS) error {
|
||||
tgt = subSystemValue[1]
|
||||
}
|
||||
|
||||
// Save client sent kvs
|
||||
c[subSys][tgt] = kvs
|
||||
_, ok := c[subSys][tgt].Lookup(State)
|
||||
if !ok {
|
||||
_, ok := kvs.Lookup(Enable)
|
||||
// Check if state is required
|
||||
_, defaultOk := defaultKVS[subSys].Lookup(Enable)
|
||||
if !ok && defaultOk {
|
||||
// implicit state "on" if not specified.
|
||||
c[subSys][tgt] = append(c[subSys][tgt], KV{
|
||||
Key: State,
|
||||
Value: StateOn,
|
||||
kvs = append(kvs, KV{
|
||||
Key: Enable,
|
||||
Value: EnableOn,
|
||||
})
|
||||
}
|
||||
for _, kv := range defaultKVS[subSys] {
|
||||
_, ok := c[subSys][tgt].Lookup(kv.Key)
|
||||
|
||||
currKVS := c[subSys][tgt]
|
||||
|
||||
for _, kv := range kvs {
|
||||
currKVS.Set(kv.Key, kv.Value)
|
||||
}
|
||||
|
||||
for _, defaultKV := range defaultKVS[subSys] {
|
||||
_, ok := c[subSys][tgt].Lookup(defaultKV.Key)
|
||||
if !ok {
|
||||
c[subSys][tgt] = append(c[subSys][tgt], kv)
|
||||
currKVS.Set(defaultKV.Key, defaultKV.Value)
|
||||
}
|
||||
}
|
||||
|
||||
copy(c[subSys][tgt], currKVS)
|
||||
return nil
|
||||
}
|
||||
|
@ -19,7 +19,6 @@ package etcd
|
||||
import (
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"fmt"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
@ -44,7 +43,6 @@ const (
|
||||
ClientCert = "client_cert"
|
||||
ClientCertKey = "client_cert_key"
|
||||
|
||||
EnvEtcdState = "MINIO_ETCD_STATE"
|
||||
EnvEtcdEndpoints = "MINIO_ETCD_ENDPOINTS"
|
||||
EnvEtcdPathPrefix = "MINIO_ETCD_PATH_PREFIX"
|
||||
EnvEtcdCoreDNSPath = "MINIO_ETCD_COREDNS_PATH"
|
||||
@ -55,10 +53,6 @@ const (
|
||||
// DefaultKVS - default KV settings for etcd.
|
||||
var (
|
||||
DefaultKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: Endpoints,
|
||||
Value: "",
|
||||
@ -115,7 +109,8 @@ func parseEndpoints(endpoints string) ([]string, bool, error) {
|
||||
return nil, false, err
|
||||
}
|
||||
if etcdSecure && u.Scheme == "http" {
|
||||
return nil, false, fmt.Errorf("all endpoints should be https or http: %s", endpoint)
|
||||
return nil, false, config.Errorf(config.SafeModeKind,
|
||||
"all endpoints should be https or http: %s", endpoint)
|
||||
}
|
||||
// If one of the endpoint is https, we will use https directly.
|
||||
etcdSecure = etcdSecure || u.Scheme == "https"
|
||||
@ -124,39 +119,10 @@ func parseEndpoints(endpoints string) ([]string, bool, error) {
|
||||
return etcdEndpoints, etcdSecure, nil
|
||||
}
|
||||
|
||||
func lookupLegacyConfig(rootCAs *x509.CertPool) (Config, error) {
|
||||
cfg := Config{}
|
||||
endpoints := env.Get(EnvEtcdEndpoints, "")
|
||||
if endpoints == "" {
|
||||
return cfg, nil
|
||||
}
|
||||
etcdEndpoints, etcdSecure, err := parseEndpoints(endpoints)
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
cfg.Enabled = true
|
||||
cfg.DialTimeout = defaultDialTimeout
|
||||
cfg.DialKeepAliveTime = defaultDialKeepAlive
|
||||
cfg.Endpoints = etcdEndpoints
|
||||
cfg.CoreDNSPath = env.Get(EnvEtcdCoreDNSPath, "/skydns")
|
||||
// Default path prefix for all keys on etcd, other than CoreDNSPath.
|
||||
cfg.PathPrefix = env.Get(EnvEtcdPathPrefix, "")
|
||||
if etcdSecure {
|
||||
cfg.TLS = &tls.Config{
|
||||
RootCAs: rootCAs,
|
||||
}
|
||||
// This is only to support client side certificate authentication
|
||||
// https://coreos.com/etcd/docs/latest/op-guide/security.html
|
||||
etcdClientCertFile := env.Get(EnvEtcdClientCert, "")
|
||||
etcdClientCertKey := env.Get(EnvEtcdClientCertKey, "")
|
||||
if etcdClientCertFile != "" && etcdClientCertKey != "" {
|
||||
cfg.TLS.GetClientCertificate = func(unused *tls.CertificateRequestInfo) (*tls.Certificate, error) {
|
||||
cert, err := tls.LoadX509KeyPair(etcdClientCertFile, etcdClientCertKey)
|
||||
return &cert, err
|
||||
}
|
||||
}
|
||||
}
|
||||
return cfg, nil
|
||||
// Enabled returns if etcd is enabled.
|
||||
func Enabled(kvs config.KVS) bool {
|
||||
endpoints := kvs.Get(Endpoints)
|
||||
return endpoints != ""
|
||||
}
|
||||
|
||||
// LookupConfig - Initialize new etcd config.
|
||||
@ -166,34 +132,9 @@ func LookupConfig(kvs config.KVS, rootCAs *x509.CertPool) (Config, error) {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
if env.Get(EnvEtcdEndpoints, "") != "" && env.Get(EnvEtcdState, "") == "" {
|
||||
// By default state is 'on' to honor legacy config.
|
||||
var err error
|
||||
cfg, err = lookupLegacyConfig(rootCAs)
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
// If old legacy config is enabled honor it.
|
||||
if cfg.Enabled {
|
||||
return cfg, nil
|
||||
}
|
||||
}
|
||||
|
||||
stateBool, err := config.ParseBool(env.Get(EnvEtcdState, kvs.Get(config.State)))
|
||||
if err != nil {
|
||||
if kvs.Empty() {
|
||||
return cfg, nil
|
||||
}
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
if !stateBool {
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
endpoints := env.Get(EnvEtcdEndpoints, kvs.Get(Endpoints))
|
||||
if endpoints == "" {
|
||||
return cfg, config.Error("'endpoints' key cannot be empty to enable etcd")
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
etcdEndpoints, etcdSecure, err := parseEndpoints(endpoints)
|
||||
|
@ -23,35 +23,36 @@ var (
|
||||
Help = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: Endpoints,
|
||||
Description: `Comma separated list of etcd endpoints eg: "http://localhost:2379"`,
|
||||
Description: `comma separated list of etcd endpoints e.g. "http://localhost:2379"`,
|
||||
Type: "csv",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: PathPrefix,
|
||||
Description: `Default etcd path prefix to populate all IAM assets eg: "customer/"`,
|
||||
Description: `default etcd path prefix to populate all IAM assets eg: "customer/"`,
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: CoreDNSPath,
|
||||
Description: `Default etcd path location to populate bucket DNS srv records eg: "/skydns"`,
|
||||
Description: `default etcd path location to populate bucket DNS srv records eg: "/skydns"`,
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: ClientCert,
|
||||
Description: `Etcd client cert for mTLS authentication`,
|
||||
Description: `client cert for mTLS authentication`,
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: ClientCertKey,
|
||||
Description: `Etcd client cert key for mTLS authentication`,
|
||||
Description: `client cert key for mTLS authentication`,
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the etcd settings",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
|
@ -41,19 +41,22 @@ func (hkvs HelpKVS) Lookup(key string) (HelpKV, bool) {
|
||||
return HelpKV{}, false
|
||||
}
|
||||
|
||||
// DefaultComment used across all sub-systems.
|
||||
const DefaultComment = "optionally add a comment to this setting"
|
||||
|
||||
// Region and Worm help is documented in default config
|
||||
var (
|
||||
RegionHelp = HelpKVS{
|
||||
HelpKV{
|
||||
Key: RegionName,
|
||||
Type: "string",
|
||||
Description: `Region name of this deployment, eg: "us-west-2"`,
|
||||
Description: `name of the location of the server e.g. "us-west-rack2"`,
|
||||
Optional: true,
|
||||
},
|
||||
HelpKV{
|
||||
Key: Comment,
|
||||
Type: "sentence",
|
||||
Description: "A comment to describe the region setting",
|
||||
Description: DefaultComment,
|
||||
Optional: true,
|
||||
},
|
||||
}
|
||||
|
@ -65,7 +65,6 @@ const (
|
||||
GroupSearchBaseDN = "group_search_base_dn"
|
||||
TLSSkipVerify = "tls_skip_verify"
|
||||
|
||||
EnvLDAPState = "MINIO_IDENTITY_LDAP_STATE"
|
||||
EnvServerAddr = "MINIO_IDENTITY_LDAP_SERVER_ADDR"
|
||||
EnvSTSExpiry = "MINIO_IDENTITY_LDAP_STS_EXPIRY"
|
||||
EnvTLSSkipVerify = "MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY"
|
||||
@ -78,10 +77,6 @@ const (
|
||||
// DefaultKVS - default config for LDAP config
|
||||
var (
|
||||
DefaultKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: ServerAddr,
|
||||
Value: "",
|
||||
@ -108,7 +103,7 @@ var (
|
||||
},
|
||||
config.KV{
|
||||
Key: TLSSkipVerify,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
}
|
||||
)
|
||||
@ -130,25 +125,18 @@ func (l Config) GetExpiryDuration() time.Duration {
|
||||
return l.stsExpiryDuration
|
||||
}
|
||||
|
||||
// Enabled returns if jwks is enabled.
|
||||
func Enabled(kvs config.KVS) bool {
|
||||
return kvs.Get(ServerAddr) != ""
|
||||
}
|
||||
|
||||
// Lookup - initializes LDAP config, overrides config, if any ENV values are set.
|
||||
func Lookup(kvs config.KVS, rootCAs *x509.CertPool) (l Config, err error) {
|
||||
l = Config{}
|
||||
if err = config.CheckValidKeys(config.IdentityLDAPSubSys, kvs, DefaultKVS); err != nil {
|
||||
return l, err
|
||||
}
|
||||
stateBool, err := config.ParseBool(env.Get(EnvLDAPState, kvs.Get(config.State)))
|
||||
if err != nil {
|
||||
if kvs.Empty() {
|
||||
return l, nil
|
||||
}
|
||||
return l, err
|
||||
}
|
||||
ldapServer := env.Get(EnvServerAddr, kvs.Get(ServerAddr))
|
||||
if stateBool {
|
||||
if ldapServer == "" {
|
||||
return l, config.Error("'serveraddr' cannot be empty if you wish to enable AD/LDAP support")
|
||||
}
|
||||
}
|
||||
if ldapServer == "" {
|
||||
return l, nil
|
||||
}
|
||||
|
@ -23,47 +23,47 @@ var (
|
||||
Help = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: ServerAddr,
|
||||
Description: `AD/LDAP server address eg: "myldapserver.com:636"`,
|
||||
Description: `AD/LDAP server address e.g. "myldapserver.com:636"`,
|
||||
Type: "address",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: UsernameFormat,
|
||||
Description: `AD/LDAP format of full username DN eg: "uid={username},cn=accounts,dc=myldapserver,dc=com"`,
|
||||
Description: `AD/LDAP format of full username DN e.g. "uid={username},cn=accounts,dc=myldapserver,dc=com"`,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: GroupSearchFilter,
|
||||
Description: `Search filter to find groups of a user (optional) eg: "(&(objectclass=groupOfNames)(member={usernamedn}))"`,
|
||||
Description: `search filter to find groups of a user (optional) e.g. "(&(objectclass=groupOfNames)(member={usernamedn}))"`,
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: GroupNameAttribute,
|
||||
Description: `Attribute of search results to use as group name (optional) eg: "cn"`,
|
||||
Description: `attribute of search results to use as group name (optional) e.g. "cn"`,
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: GroupSearchBaseDN,
|
||||
Description: `Base DN in AD/LDAP hierarchy to use in search requests (optional) eg: "dc=myldapserver,dc=com"`,
|
||||
Description: `base DN in AD/LDAP hierarchy to use in search requests (optional) e.g. "dc=myldapserver,dc=com"`,
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: STSExpiry,
|
||||
Description: `AD/LDAP STS credentials validity duration eg: "1h"`,
|
||||
Description: `AD/LDAP STS credentials validity duration e.g. "1h"`,
|
||||
Optional: true,
|
||||
Type: "duration",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: TLSSkipVerify,
|
||||
Description: "Set this to 'on', to disable client verification of server certificates",
|
||||
Description: "enable this to disable client verification of server certificates",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the LDAP/AD identity setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
|
@ -25,10 +25,6 @@ func SetIdentityLDAP(s config.Config, ldapArgs Config) {
|
||||
return
|
||||
}
|
||||
s[config.IdentityLDAPSubSys][config.Default] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: ServerAddr,
|
||||
Value: ldapArgs.ServerAddr,
|
||||
|
@ -23,24 +23,24 @@ var (
|
||||
Help = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: ConfigURL,
|
||||
Description: `OpenID discovery documented endpoint. eg: "https://accounts.google.com/.well-known/openid-configuration"`,
|
||||
Description: `openid discovery document e.g. "https://accounts.google.com/.well-known/openid-configuration"`,
|
||||
Type: "url",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: ClientID,
|
||||
Description: `The client identifier of the authenticating party at the identity provider`,
|
||||
Description: `client identifier of the authenticating party at the identity provider`,
|
||||
Type: "string",
|
||||
Optional: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: ClaimPrefix,
|
||||
Description: `OpenID JWT claim namespace prefix. eg: "customer"`,
|
||||
Description: `openid JWT claim namespace prefix e.g. "customer"`,
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the OpenID identity setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
|
@ -212,7 +212,6 @@ const (
|
||||
ClaimPrefix = "claim_prefix"
|
||||
ClientID = "client_id"
|
||||
|
||||
EnvIdentityOpenIDState = "MINIO_IDENTITY_OPENID_STATE"
|
||||
EnvIdentityOpenIDClientID = "MINIO_IDENTITY_OPENID_CLIENT_ID"
|
||||
EnvIdentityOpenIDJWKSURL = "MINIO_IDENTITY_OPENID_JWKS_URL"
|
||||
EnvIdentityOpenIDURL = "MINIO_IDENTITY_OPENID_CONFIG_URL"
|
||||
@ -264,10 +263,6 @@ func parseDiscoveryDoc(u *xnet.URL, transport *http.Transport, closeRespFn func(
|
||||
// DefaultKVS - default config for OpenID config
|
||||
var (
|
||||
DefaultKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: ConfigURL,
|
||||
Value: "",
|
||||
@ -287,20 +282,17 @@ var (
|
||||
}
|
||||
)
|
||||
|
||||
// Enabled returns if jwks is enabled.
|
||||
func Enabled(kvs config.KVS) bool {
|
||||
return kvs.Get(JwksURL) != ""
|
||||
}
|
||||
|
||||
// LookupConfig lookup jwks from config, override with any ENVs.
|
||||
func LookupConfig(kvs config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (c Config, err error) {
|
||||
if err = config.CheckValidKeys(config.IdentityOpenIDSubSys, kvs, DefaultKVS); err != nil {
|
||||
return c, err
|
||||
}
|
||||
|
||||
stateBool, err := config.ParseBool(env.Get(EnvIdentityOpenIDState, kvs.Get(config.State)))
|
||||
if err != nil {
|
||||
if kvs.Empty() {
|
||||
return c, nil
|
||||
}
|
||||
return c, err
|
||||
}
|
||||
|
||||
jwksURL := env.Get(EnvIamJwksURL, "") // Legacy
|
||||
if jwksURL == "" {
|
||||
jwksURL = env.Get(EnvIdentityOpenIDJWKSURL, kvs.Get(JwksURL))
|
||||
@ -330,12 +322,6 @@ func LookupConfig(kvs config.KVS, transport *http.Transport, closeRespFn func(io
|
||||
jwksURL = c.DiscoveryDoc.JwksURI
|
||||
}
|
||||
|
||||
if stateBool {
|
||||
// This check is needed to ensure that empty Jwks urls are not allowed.
|
||||
if jwksURL == "" {
|
||||
return c, config.Error("'config_url' must be set to a proper OpenID discovery document URL")
|
||||
}
|
||||
}
|
||||
if jwksURL == "" {
|
||||
return c, nil
|
||||
}
|
||||
|
@ -30,10 +30,6 @@ func SetIdentityOpenID(s config.Config, cfg Config) {
|
||||
return
|
||||
}
|
||||
s[config.IdentityOpenIDSubSys][config.Default] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: JwksURL,
|
||||
Value: cfg.JWKS.URL.String(),
|
||||
|
@ -31,10 +31,6 @@ func SetCredentials(c Config, cred auth.Credentials) {
|
||||
return
|
||||
}
|
||||
c[CredentialsSubSys][Default] = KVS{
|
||||
KV{
|
||||
Key: State,
|
||||
Value: StateOn,
|
||||
},
|
||||
KV{
|
||||
Key: AccessKey,
|
||||
Value: cred.AccessKey,
|
||||
@ -56,9 +52,5 @@ func SetRegion(c Config, name string) {
|
||||
Key: RegionName,
|
||||
Value: name,
|
||||
},
|
||||
KV{
|
||||
Key: State,
|
||||
Value: StateOn,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
@ -26,78 +26,78 @@ var (
|
||||
HelpAMQP = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: target.AmqpURL,
|
||||
Description: "AMQP server endpoint, e.g. `amqp://myuser:mypassword@localhost:5672`",
|
||||
Description: "AMQP server endpoint e.g. `amqp://myuser:mypassword@localhost:5672`",
|
||||
Type: "url",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpExchange,
|
||||
Description: "Name of the AMQP exchange",
|
||||
Description: "name of the AMQP exchange",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpExchangeType,
|
||||
Description: "Kind of AMQP exchange type",
|
||||
Description: "kind of AMQP exchange type",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpRoutingKey,
|
||||
Description: "Routing key for publishing",
|
||||
Description: "routing key for publishing",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpMandatory,
|
||||
Description: "Set this to 'on' for server to return an unroutable message with a Return method. If this flag is 'off', the server silently drops the message",
|
||||
Description: "set this to 'on' for server to return an unroutable message with a Return method. If this flag is 'off', the server silently drops the message",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpDurable,
|
||||
Description: "Set this to 'on' for queue to survive broker restarts",
|
||||
Description: "set this to 'on' for queue to survive broker restarts",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpNoWait,
|
||||
Description: "When no_wait is 'on', declare without waiting for a confirmation from the server",
|
||||
Description: "when no_wait is 'on', declare without waiting for a confirmation from the server",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpInternal,
|
||||
Description: "Set this to 'on' for exchange to be not used directly by publishers, but only when bound to other exchanges",
|
||||
Description: "set this to 'on' for exchange to be not used directly by publishers, but only when bound to other exchanges",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpAutoDeleted,
|
||||
Description: "Set this to 'on' for queue that has had at least one consumer is deleted when last consumer unsubscribes",
|
||||
Description: "set this to 'on' for queue that has had at least one consumer is deleted when last consumer unsubscribes",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpDeliveryMode,
|
||||
Description: "Delivery queue implementation use non-persistent (1) or persistent (2)",
|
||||
Description: "delivery queue implementation use non-persistent (1) or persistent (2)",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpQueueDir,
|
||||
Description: "Local directory where events are stored eg: '/home/events'",
|
||||
Description: "local directory where events are stored e.g. '/home/events'",
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.AmqpQueueLimit,
|
||||
Description: "Enable persistent event store queue limit, defaults to '10000'",
|
||||
Description: "enable persistent event store queue limit, defaults to '10000'",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the AMQP target setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
@ -106,66 +106,66 @@ var (
|
||||
HelpKafka = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: target.KafkaBrokers,
|
||||
Description: "Comma separated list of Kafka broker addresses",
|
||||
Description: "comma separated list of Kafka broker addresses",
|
||||
Type: "csv",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.KafkaTopic,
|
||||
Description: "The Kafka topic for a given message",
|
||||
Description: "Kafka topic used for bucket notifications",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.KafkaSASLUsername,
|
||||
Description: "Username for SASL/PLAIN or SASL/SCRAM authentication",
|
||||
Description: "username for SASL/PLAIN or SASL/SCRAM authentication",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.KafkaSASLPassword,
|
||||
Description: "Password for SASL/PLAIN or SASL/SCRAM authentication",
|
||||
Description: "password for SASL/PLAIN or SASL/SCRAM authentication",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.KafkaTLSClientAuth,
|
||||
Description: "ClientAuth determines the Kafka server's policy for TLS client auth",
|
||||
Description: "clientAuth determines the Kafka server's policy for TLS client auth",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.KafkaSASL,
|
||||
Description: "Set this to 'on' to enable SASL authentication",
|
||||
Description: "set this to 'on' to enable SASL authentication",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.KafkaTLS,
|
||||
Description: "Set this to 'on' to enable TLS",
|
||||
Description: "set this to 'on' to enable TLS",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.KafkaTLSSkipVerify,
|
||||
Description: "Set this to 'on' to disable client verification of server certificate chain",
|
||||
Description: "set this to 'on' to disable client verification of server certificate chain",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.KafkaQueueDir,
|
||||
Description: "Local directory where events are stored eg: '/home/events'",
|
||||
Description: "local directory where events are stored e.g. '/home/events'",
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.KafkaQueueLimit,
|
||||
Description: "Enable persistent event store queue limit, defaults to '10000'",
|
||||
Description: "enable persistent event store queue limit, defaults to '10000'",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the Kafka target setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
@ -174,59 +174,59 @@ var (
|
||||
HelpMQTT = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: target.MqttBroker,
|
||||
Description: "MQTT server endpoint, e.g. `tcp://localhost:1883`",
|
||||
Description: "MQTT server endpoint e.g. `tcp://localhost:1883`",
|
||||
Type: "uri",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MqttTopic,
|
||||
Description: "Name of the MQTT topic to publish on, e.g. `minio`",
|
||||
Description: "name of the MQTT topic to publish on, e.g. `minio`",
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MqttUsername,
|
||||
Description: "Username to connect to the MQTT server",
|
||||
Description: "username to connect to the MQTT server",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MqttPassword,
|
||||
Description: "Password to connect to the MQTT server",
|
||||
Description: "password to connect to the MQTT server",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MqttQoS,
|
||||
Description: "Set the Quality of Service Level for MQTT endpoint",
|
||||
Description: "set the Quality of Service Level for MQTT endpoint",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MqttKeepAliveInterval,
|
||||
Description: "Keep alive interval for MQTT connections",
|
||||
Description: "keep alive interval for MQTT connections",
|
||||
Optional: true,
|
||||
Type: "duration",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MqttReconnectInterval,
|
||||
Description: "Reconnect interval for MQTT connections",
|
||||
Description: "reconnect interval for MQTT connections",
|
||||
Optional: true,
|
||||
Type: "duration",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MqttQueueDir,
|
||||
Description: "Local directory where events are stored eg: '/home/events'",
|
||||
Description: "local directory where events are stored e.g. '/home/events'",
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MqttQueueLimit,
|
||||
Description: "Enable persistent event store queue limit, defaults to '10000'",
|
||||
Description: "enable persistent event store queue limit, defaults to '10000'",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the MQTT target setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
@ -235,34 +235,34 @@ var (
|
||||
HelpES = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: target.ElasticURL,
|
||||
Description: "The Elasticsearch server's address, with optional authentication info",
|
||||
Description: "Elasticsearch server's address, with optional authentication info",
|
||||
Type: "url",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.ElasticFormat,
|
||||
Description: "Either `namespace` or `access`, defaults to 'namespace'",
|
||||
Description: "set this to `namespace` or `access`, defaults to 'namespace'",
|
||||
Type: "namespace*|access",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.ElasticIndex,
|
||||
Description: "The name of an Elasticsearch index in which MinIO will store document",
|
||||
Description: "the name of an Elasticsearch index in which MinIO will store document",
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.ElasticQueueDir,
|
||||
Description: "Local directory where events are stored eg: '/home/events'",
|
||||
Description: "local directory where events are stored e.g. '/home/events'",
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.ElasticQueueLimit,
|
||||
Description: "Enable persistent event store queue limit, defaults to '10000'",
|
||||
Description: "enable persistent event store queue limit, defaults to '10000'",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the Elasticsearch target setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
@ -271,30 +271,30 @@ var (
|
||||
HelpWebhook = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: target.WebhookEndpoint,
|
||||
Description: "Webhook server endpoint eg: http://localhost:8080/minio/events",
|
||||
Description: "webhook server endpoint e.g. http://localhost:8080/minio/events",
|
||||
Type: "url",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.WebhookAuthToken,
|
||||
Description: "Authorization token used for webhook server endpoint",
|
||||
Description: "authorization token used for webhook server endpoint",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.WebhookQueueDir,
|
||||
Description: "Local directory where events are stored eg: '/home/events'",
|
||||
Description: "local directory where events are stored e.g. '/home/events'",
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.WebhookQueueLimit,
|
||||
Description: "Enable persistent event store queue limit, defaults to '10000'",
|
||||
Description: "enable persistent event store queue limit, defaults to '10000'",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the Webhook target setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
@ -303,40 +303,40 @@ var (
|
||||
HelpRedis = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: target.RedisAddress,
|
||||
Description: "The Redis server's address. For example: `localhost:6379`",
|
||||
Description: "Redis server's address. For example: `localhost:6379`",
|
||||
Type: "address",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.RedisFormat,
|
||||
Description: "Specify how data is populated, a hash is used in case of `namespace` format and a list in case of `access` format, defaults to 'namespace'",
|
||||
Type: "namespace|access",
|
||||
Description: "specifies how data is populated, a hash is used in case of `namespace` format and a list in case of `access` format, defaults to 'namespace'",
|
||||
Type: "namespace*|access",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.RedisKey,
|
||||
Description: "The name of the Redis key under which events are stored",
|
||||
Description: "name of the Redis key under which events are stored",
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.RedisPassword,
|
||||
Description: "The Redis server's password",
|
||||
Description: "Redis server's password",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.RedisQueueDir,
|
||||
Description: "Local directory where events are stored eg: '/home/events'",
|
||||
Description: "local directory where events are stored e.g. '/home/events'",
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.RedisQueueLimit,
|
||||
Description: "Enable persistent event store queue limit, defaults to '10000'",
|
||||
Description: "enable persistent event store queue limit, defaults to '10000'",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the Redis target setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
@ -345,64 +345,64 @@ var (
|
||||
HelpPostgres = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: target.PostgresConnectionString,
|
||||
Description: "Connection string parameters for the PostgreSQL server",
|
||||
Description: "connection string parameters for the PostgreSQL server",
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.PostgresFormat,
|
||||
Description: "Specify how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
|
||||
Type: "namespace|access",
|
||||
Description: "specifies how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
|
||||
Type: "namespace*|access",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.PostgresTable,
|
||||
Description: "Table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
|
||||
Description: "table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.PostgresHost,
|
||||
Description: "Host name of the PostgreSQL server. Defaults to `localhost`. IPv6 host should be enclosed with `[` and `]`",
|
||||
Description: "host name of the PostgreSQL server. Defaults to `localhost`. IPv6 host should be enclosed with `[` and `]`",
|
||||
Optional: true,
|
||||
Type: "hostname",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.PostgresPort,
|
||||
Description: "Port on which to connect to PostgreSQL server, defaults to `5432`",
|
||||
Description: "port on which to connect to PostgreSQL server, defaults to `5432`",
|
||||
Optional: true,
|
||||
Type: "port",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.PostgresUsername,
|
||||
Description: "Database username, defaults to user running the MinIO process if not specified",
|
||||
Description: "database username, defaults to user running the MinIO process if not specified",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.PostgresPassword,
|
||||
Description: "Database password",
|
||||
Description: "database password",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.PostgresDatabase,
|
||||
Description: "Postgres Database name",
|
||||
Description: "postgres Database name",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.PostgresQueueDir,
|
||||
Description: "Local directory where events are stored eg: '/home/events'",
|
||||
Description: "local directory where events are stored e.g. '/home/events'",
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.PostgresQueueLimit,
|
||||
Description: "Enable persistent event store queue limit, defaults to '10000'",
|
||||
Description: "enable persistent event store queue limit, defaults to '10000'",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the Postgres target setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
@ -411,64 +411,64 @@ var (
|
||||
HelpMySQL = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: target.MySQLDSNString,
|
||||
Description: "Data-Source-Name connection string for the MySQL server",
|
||||
Description: "data source name connection string for the MySQL server",
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MySQLTable,
|
||||
Description: "Table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
|
||||
Description: "table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MySQLFormat,
|
||||
Description: "Specify how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
|
||||
Type: "namespace|access",
|
||||
Description: "specifies how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
|
||||
Type: "namespace*|access",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MySQLHost,
|
||||
Description: "Host name of the MySQL server (used only if `dsnString` is empty)",
|
||||
Description: "host name of the MySQL server (used only if `dsnString` is empty)",
|
||||
Optional: true,
|
||||
Type: "hostname",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MySQLPort,
|
||||
Description: "Port on which to connect to the MySQL server (used only if `dsn_string` is empty)",
|
||||
Description: "port on which to connect to the MySQL server (used only if `dsn_string` is empty)",
|
||||
Optional: true,
|
||||
Type: "port",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MySQLUsername,
|
||||
Description: "Database user-name (used only if `dsnString` is empty)",
|
||||
Description: "database user-name (used only if `dsnString` is empty)",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MySQLPassword,
|
||||
Description: "Database password (used only if `dsnString` is empty)",
|
||||
Description: "database password (used only if `dsnString` is empty)",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MySQLDatabase,
|
||||
Description: "Database name (used only if `dsnString` is empty)",
|
||||
Description: "database name (used only if `dsnString` is empty)",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MySQLQueueDir,
|
||||
Description: "Local directory where events are stored eg: '/home/events'",
|
||||
Description: "local directory where events are stored e.g. '/home/events'",
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.MySQLQueueLimit,
|
||||
Description: "Enable persistent event store queue limit, defaults to '10000'",
|
||||
Description: "enable persistent event store queue limit, defaults to '10000'",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the MySQL target setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
@ -477,7 +477,7 @@ var (
|
||||
HelpNATS = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: target.NATSAddress,
|
||||
Description: "NATS server address eg: '0.0.0.0:4222'",
|
||||
Description: "NATS server address e.g. '0.0.0.0:4222'",
|
||||
Type: "address",
|
||||
},
|
||||
config.HelpKV{
|
||||
@ -487,91 +487,91 @@ var (
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSUsername,
|
||||
Description: "Username to be used when connecting to the server",
|
||||
Description: "username to be used when connecting to the server",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSPassword,
|
||||
Description: "Password to be used when connecting to a server",
|
||||
Description: "password to be used when connecting to a server",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSToken,
|
||||
Description: "Token to be used when connecting to a server",
|
||||
Description: "token to be used when connecting to a server",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSSecure,
|
||||
Description: "Set this to 'on', enables TLS secure connections that skip server verification (not recommended)",
|
||||
Description: "set this to 'on', enables TLS secure connections that skip server verification (not recommended)",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSPingInterval,
|
||||
Description: "Client ping commands interval to the server, disabled by default",
|
||||
Description: "client ping commands interval to the server, disabled by default",
|
||||
Optional: true,
|
||||
Type: "duration",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSStreaming,
|
||||
Description: "Set this to 'on', to use streaming NATS server",
|
||||
Description: "set this to 'on', to use streaming NATS server",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSStreamingAsync,
|
||||
Description: "Set this to 'on', to enable asynchronous publish, process the ACK or error state",
|
||||
Description: "set this to 'on', to enable asynchronous publish, process the ACK or error state",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSStreamingMaxPubAcksInFlight,
|
||||
Description: "Specifies how many messages can be published without getting ACKs back from NATS streaming server",
|
||||
Description: "specifies how many messages can be published without getting ACKs back from NATS streaming server",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSStreamingClusterID,
|
||||
Description: "Unique ID for the NATS streaming cluster",
|
||||
Description: "unique ID for the NATS streaming cluster",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSQueueLimit,
|
||||
Description: "Enable persistent event store queue limit, defaults to '10000'",
|
||||
Description: "enable persistent event store queue limit, defaults to '10000'",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSQueueDir,
|
||||
Description: "Local directory where events are stored eg: '/home/events'",
|
||||
Description: "local directory where events are stored e.g. '/home/events'",
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSCertAuthority,
|
||||
Description: "Certificate chain of the target NATS server if self signed certs were used",
|
||||
Description: "certificate chain of the target NATS server if self signed certs were used",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSClientCert,
|
||||
Description: "TLS Cert used to authenticate against NATS configured to require client certificates",
|
||||
Description: "TLS Cert used for NATS configured to require client certificates",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NATSClientKey,
|
||||
Description: "TLS Key used to authenticate against NATS configured to require client certificates",
|
||||
Description: "TLS Key used for NATS configured to require client certificates",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the NATS target setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
@ -580,7 +580,7 @@ var (
|
||||
HelpNSQ = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: target.NSQAddress,
|
||||
Description: "NSQ server address eg: '127.0.0.1:4150'",
|
||||
Description: "NSQ server address e.g. '127.0.0.1:4150'",
|
||||
Type: "address",
|
||||
},
|
||||
config.HelpKV{
|
||||
@ -590,31 +590,31 @@ var (
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NSQTLS,
|
||||
Description: "Set this to 'on', to enable TLS negotiation",
|
||||
Description: "set this to 'on', to enable TLS negotiation",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NSQTLSSkipVerify,
|
||||
Description: "Set this to 'on', to disable client verification of server certificates",
|
||||
Description: "set this to 'on', to disable client verification of server certificates",
|
||||
Optional: true,
|
||||
Type: "on|off",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NSQQueueDir,
|
||||
Description: "Local directory where events are stored eg: '/home/events'",
|
||||
Description: "local directory where events are stored e.g. '/home/events'",
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: target.NSQQueueLimit,
|
||||
Description: "Enable persistent event store queue limit, defaults to '10000'",
|
||||
Description: "enable persistent event store queue limit, defaults to '10000'",
|
||||
Optional: true,
|
||||
Type: "number",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the NSQ target setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
|
@ -21,8 +21,8 @@ func SetNotifyKafka(s config.Config, kName string, cfg target.KafkaArgs) error {
|
||||
|
||||
s[config.NotifyKafkaSubSys][kName] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.KafkaBrokers,
|
||||
@ -86,8 +86,8 @@ func SetNotifyAMQP(s config.Config, amqpName string, cfg target.AMQPArgs) error
|
||||
|
||||
s[config.NotifyAMQPSubSys][amqpName] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.AmqpURL,
|
||||
@ -154,8 +154,8 @@ func SetNotifyES(s config.Config, esName string, cfg target.ElasticsearchArgs) e
|
||||
|
||||
s[config.NotifyESSubSys][esName] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.ElasticFormat,
|
||||
@ -194,8 +194,8 @@ func SetNotifyRedis(s config.Config, redisName string, cfg target.RedisArgs) err
|
||||
|
||||
s[config.NotifyRedisSubSys][redisName] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.RedisFormat,
|
||||
@ -238,8 +238,8 @@ func SetNotifyWebhook(s config.Config, whName string, cfg target.WebhookArgs) er
|
||||
|
||||
s[config.NotifyWebhookSubSys][whName] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.WebhookEndpoint,
|
||||
@ -274,8 +274,8 @@ func SetNotifyPostgres(s config.Config, psqName string, cfg target.PostgreSQLArg
|
||||
|
||||
s[config.NotifyPostgresSubSys][psqName] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.PostgresFormat,
|
||||
@ -334,8 +334,8 @@ func SetNotifyNSQ(s config.Config, nsqName string, cfg target.NSQArgs) error {
|
||||
|
||||
s[config.NotifyNSQSubSys][nsqName] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NSQAddress,
|
||||
@ -378,8 +378,8 @@ func SetNotifyNATS(s config.Config, natsName string, cfg target.NATSArgs) error
|
||||
|
||||
s[config.NotifyNATSSubSys][natsName] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NATSAddress,
|
||||
@ -433,9 +433,9 @@ func SetNotifyNATS(s config.Config, natsName string, cfg target.NATSArgs) error
|
||||
Key: target.NATSStreaming,
|
||||
Value: func() string {
|
||||
if cfg.Streaming.Enable {
|
||||
return config.StateOn
|
||||
return config.EnableOn
|
||||
}
|
||||
return config.StateOff
|
||||
return config.EnableOff
|
||||
}(),
|
||||
},
|
||||
config.KV{
|
||||
@ -467,8 +467,8 @@ func SetNotifyMySQL(s config.Config, sqlName string, cfg target.MySQLArgs) error
|
||||
|
||||
s[config.NotifyMySQLSubSys][sqlName] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.MySQLFormat,
|
||||
@ -527,8 +527,8 @@ func SetNotifyMQTT(s config.Config, mqttName string, cfg target.MQTTArgs) error
|
||||
|
||||
s[config.NotifyMQTTSubSys][mqttName] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.MqttBroker,
|
||||
|
@ -341,8 +341,8 @@ func mergeTargets(cfgTargets map[string]config.KVS, envname string, defaultKVS c
|
||||
var (
|
||||
DefaultKafkaKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.KafkaTopic,
|
||||
@ -366,15 +366,15 @@ var (
|
||||
},
|
||||
config.KV{
|
||||
Key: target.KafkaSASL,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.KafkaTLS,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.KafkaTLSSkipVerify,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.KafkaQueueLimit,
|
||||
@ -390,12 +390,12 @@ var (
|
||||
// GetNotifyKafka - returns a map of registered notification 'kafka' targets
|
||||
func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs, error) {
|
||||
kafkaTargets := make(map[string]target.KafkaArgs)
|
||||
for k, kv := range mergeTargets(kafkaKVS, target.EnvKafkaState, DefaultKafkaKVS) {
|
||||
stateEnv := target.EnvKafkaState
|
||||
for k, kv := range mergeTargets(kafkaKVS, target.EnvKafkaEnable, DefaultKafkaKVS) {
|
||||
enableEnv := target.EnvKafkaEnable
|
||||
if k != config.Default {
|
||||
stateEnv = stateEnv + config.Default + k
|
||||
enableEnv = enableEnv + config.Default + k
|
||||
}
|
||||
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
|
||||
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -409,7 +409,7 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
|
||||
}
|
||||
kafkaBrokers := env.Get(brokersEnv, kv.Get(target.KafkaBrokers))
|
||||
if len(kafkaBrokers) == 0 {
|
||||
return nil, config.Error("kafka 'brokers' cannot be empty")
|
||||
return nil, config.Errorf(config.SafeModeKind, "kafka 'brokers' cannot be empty")
|
||||
}
|
||||
for _, s := range strings.Split(kafkaBrokers, config.ValueSeparator) {
|
||||
var host *xnet.Host
|
||||
@ -467,8 +467,8 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
|
||||
if k != config.Default {
|
||||
tlsSkipVerifyEnv = tlsSkipVerifyEnv + config.Default + k
|
||||
}
|
||||
kafkaArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.KafkaTLS)) == config.StateOn
|
||||
kafkaArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.KafkaTLSSkipVerify)) == config.StateOn
|
||||
kafkaArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.KafkaTLS)) == config.EnableOn
|
||||
kafkaArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.KafkaTLSSkipVerify)) == config.EnableOn
|
||||
kafkaArgs.TLS.ClientAuth = tls.ClientAuthType(clientAuth)
|
||||
|
||||
saslEnableEnv := target.EnvKafkaSASLEnable
|
||||
@ -483,7 +483,7 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
|
||||
if k != config.Default {
|
||||
saslPasswordEnv = saslPasswordEnv + config.Default + k
|
||||
}
|
||||
kafkaArgs.SASL.Enable = env.Get(saslEnableEnv, kv.Get(target.KafkaSASL)) == config.StateOn
|
||||
kafkaArgs.SASL.Enable = env.Get(saslEnableEnv, kv.Get(target.KafkaSASL)) == config.EnableOn
|
||||
kafkaArgs.SASL.User = env.Get(saslUsernameEnv, kv.Get(target.KafkaSASLUsername))
|
||||
kafkaArgs.SASL.Password = env.Get(saslPasswordEnv, kv.Get(target.KafkaSASLPassword))
|
||||
|
||||
@ -501,8 +501,8 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
|
||||
var (
|
||||
DefaultMQTTKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.MqttBroker,
|
||||
@ -546,13 +546,13 @@ var (
|
||||
// GetNotifyMQTT - returns a map of registered notification 'mqtt' targets
|
||||
func GetNotifyMQTT(mqttKVS map[string]config.KVS, rootCAs *x509.CertPool) (map[string]target.MQTTArgs, error) {
|
||||
mqttTargets := make(map[string]target.MQTTArgs)
|
||||
for k, kv := range mergeTargets(mqttKVS, target.EnvMQTTState, DefaultMQTTKVS) {
|
||||
stateEnv := target.EnvMQTTState
|
||||
for k, kv := range mergeTargets(mqttKVS, target.EnvMQTTEnable, DefaultMQTTKVS) {
|
||||
enableEnv := target.EnvMQTTEnable
|
||||
if k != config.Default {
|
||||
stateEnv = stateEnv + config.Default + k
|
||||
enableEnv = enableEnv + config.Default + k
|
||||
}
|
||||
|
||||
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
|
||||
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -656,8 +656,8 @@ func GetNotifyMQTT(mqttKVS map[string]config.KVS, rootCAs *x509.CertPool) (map[s
|
||||
var (
|
||||
DefaultMySQLKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.MySQLFormat,
|
||||
@ -705,13 +705,13 @@ var (
|
||||
// GetNotifyMySQL - returns a map of registered notification 'mysql' targets
|
||||
func GetNotifyMySQL(mysqlKVS map[string]config.KVS) (map[string]target.MySQLArgs, error) {
|
||||
mysqlTargets := make(map[string]target.MySQLArgs)
|
||||
for k, kv := range mergeTargets(mysqlKVS, target.EnvMySQLState, DefaultMySQLKVS) {
|
||||
stateEnv := target.EnvMySQLState
|
||||
for k, kv := range mergeTargets(mysqlKVS, target.EnvMySQLEnable, DefaultMySQLKVS) {
|
||||
enableEnv := target.EnvMySQLEnable
|
||||
if k != config.Default {
|
||||
stateEnv = stateEnv + config.Default + k
|
||||
enableEnv = enableEnv + config.Default + k
|
||||
}
|
||||
|
||||
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
|
||||
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -795,8 +795,8 @@ func GetNotifyMySQL(mysqlKVS map[string]config.KVS) (map[string]target.MySQLArgs
|
||||
var (
|
||||
DefaultNATSKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NATSAddress,
|
||||
@ -832,7 +832,7 @@ var (
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NATSSecure,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NATSPingInterval,
|
||||
@ -840,11 +840,11 @@ var (
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NATSStreaming,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NATSStreamingAsync,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NATSStreamingMaxPubAcksInFlight,
|
||||
@ -868,13 +868,13 @@ var (
|
||||
// GetNotifyNATS - returns a map of registered notification 'nats' targets
|
||||
func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, error) {
|
||||
natsTargets := make(map[string]target.NATSArgs)
|
||||
for k, kv := range mergeTargets(natsKVS, target.EnvNATSState, DefaultNATSKVS) {
|
||||
stateEnv := target.EnvNATSState
|
||||
for k, kv := range mergeTargets(natsKVS, target.EnvNATSEnable, DefaultNATSKVS) {
|
||||
enableEnv := target.EnvNATSEnable
|
||||
if k != config.Default {
|
||||
stateEnv = stateEnv + config.Default + k
|
||||
enableEnv = enableEnv + config.Default + k
|
||||
}
|
||||
|
||||
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
|
||||
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -967,7 +967,7 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
|
||||
ClientCert: env.Get(clientCertEnv, kv.Get(target.NATSClientCert)),
|
||||
ClientKey: env.Get(clientKeyEnv, kv.Get(target.NATSClientKey)),
|
||||
Token: env.Get(tokenEnv, kv.Get(target.NATSToken)),
|
||||
Secure: env.Get(secureEnv, kv.Get(target.NATSSecure)) == config.StateOn,
|
||||
Secure: env.Get(secureEnv, kv.Get(target.NATSSecure)) == config.EnableOn,
|
||||
PingInterval: pingInterval,
|
||||
QueueDir: env.Get(queueDirEnv, kv.Get(target.NATSQueueDir)),
|
||||
QueueLimit: queueLimit,
|
||||
@ -978,7 +978,7 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
|
||||
streamingEnableEnv = streamingEnableEnv + config.Default + k
|
||||
}
|
||||
|
||||
streamingEnabled := env.Get(streamingEnableEnv, kv.Get(target.NATSStreaming)) == config.StateOn
|
||||
streamingEnabled := env.Get(streamingEnableEnv, kv.Get(target.NATSStreaming)) == config.EnableOn
|
||||
if streamingEnabled {
|
||||
asyncEnv := target.EnvNATSStreamingAsync
|
||||
if k != config.Default {
|
||||
@ -999,7 +999,7 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
|
||||
}
|
||||
natsArgs.Streaming.Enable = streamingEnabled
|
||||
natsArgs.Streaming.ClusterID = env.Get(clusterIDEnv, kv.Get(target.NATSStreamingClusterID))
|
||||
natsArgs.Streaming.Async = env.Get(asyncEnv, kv.Get(target.NATSStreamingAsync)) == config.StateOn
|
||||
natsArgs.Streaming.Async = env.Get(asyncEnv, kv.Get(target.NATSStreamingAsync)) == config.EnableOn
|
||||
natsArgs.Streaming.MaxPubAcksInflight = maxPubAcksInflight
|
||||
}
|
||||
|
||||
@ -1016,8 +1016,8 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
|
||||
var (
|
||||
DefaultNSQKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NSQAddress,
|
||||
@ -1029,11 +1029,11 @@ var (
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NSQTLS,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NSQTLSSkipVerify,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.NSQQueueDir,
|
||||
@ -1049,13 +1049,13 @@ var (
|
||||
// GetNotifyNSQ - returns a map of registered notification 'nsq' targets
|
||||
func GetNotifyNSQ(nsqKVS map[string]config.KVS) (map[string]target.NSQArgs, error) {
|
||||
nsqTargets := make(map[string]target.NSQArgs)
|
||||
for k, kv := range mergeTargets(nsqKVS, target.EnvNSQState, DefaultNSQKVS) {
|
||||
stateEnv := target.EnvNSQState
|
||||
for k, kv := range mergeTargets(nsqKVS, target.EnvNSQEnable, DefaultNSQKVS) {
|
||||
enableEnv := target.EnvNSQEnable
|
||||
if k != config.Default {
|
||||
stateEnv = stateEnv + config.Default + k
|
||||
enableEnv = enableEnv + config.Default + k
|
||||
}
|
||||
|
||||
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
|
||||
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -1105,8 +1105,8 @@ func GetNotifyNSQ(nsqKVS map[string]config.KVS) (map[string]target.NSQArgs, erro
|
||||
QueueDir: env.Get(queueDirEnv, kv.Get(target.NSQQueueDir)),
|
||||
QueueLimit: queueLimit,
|
||||
}
|
||||
nsqArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.NSQTLS)) == config.StateOn
|
||||
nsqArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.NSQTLSSkipVerify)) == config.StateOn
|
||||
nsqArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.NSQTLS)) == config.EnableOn
|
||||
nsqArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.NSQTLSSkipVerify)) == config.EnableOn
|
||||
|
||||
if err = nsqArgs.Validate(); err != nil {
|
||||
return nil, err
|
||||
@ -1121,8 +1121,8 @@ func GetNotifyNSQ(nsqKVS map[string]config.KVS) (map[string]target.NSQArgs, erro
|
||||
var (
|
||||
DefaultPostgresKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.PostgresFormat,
|
||||
@ -1170,13 +1170,13 @@ var (
|
||||
// GetNotifyPostgres - returns a map of registered notification 'postgres' targets
|
||||
func GetNotifyPostgres(postgresKVS map[string]config.KVS) (map[string]target.PostgreSQLArgs, error) {
|
||||
psqlTargets := make(map[string]target.PostgreSQLArgs)
|
||||
for k, kv := range mergeTargets(postgresKVS, target.EnvPostgresState, DefaultPostgresKVS) {
|
||||
stateEnv := target.EnvPostgresState
|
||||
for k, kv := range mergeTargets(postgresKVS, target.EnvPostgresEnable, DefaultPostgresKVS) {
|
||||
enableEnv := target.EnvPostgresEnable
|
||||
if k != config.Default {
|
||||
stateEnv = stateEnv + config.Default + k
|
||||
enableEnv = enableEnv + config.Default + k
|
||||
}
|
||||
|
||||
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
|
||||
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -1270,8 +1270,8 @@ func GetNotifyPostgres(postgresKVS map[string]config.KVS) (map[string]target.Pos
|
||||
var (
|
||||
DefaultRedisKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.RedisFormat,
|
||||
@ -1303,13 +1303,13 @@ var (
|
||||
// GetNotifyRedis - returns a map of registered notification 'redis' targets
|
||||
func GetNotifyRedis(redisKVS map[string]config.KVS) (map[string]target.RedisArgs, error) {
|
||||
redisTargets := make(map[string]target.RedisArgs)
|
||||
for k, kv := range mergeTargets(redisKVS, target.EnvRedisState, DefaultRedisKVS) {
|
||||
stateEnv := target.EnvRedisState
|
||||
for k, kv := range mergeTargets(redisKVS, target.EnvRedisEnable, DefaultRedisKVS) {
|
||||
enableEnv := target.EnvRedisEnable
|
||||
if k != config.Default {
|
||||
stateEnv = stateEnv + config.Default + k
|
||||
enableEnv = enableEnv + config.Default + k
|
||||
}
|
||||
|
||||
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
|
||||
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -1370,8 +1370,8 @@ func GetNotifyRedis(redisKVS map[string]config.KVS) (map[string]target.RedisArgs
|
||||
var (
|
||||
DefaultWebhookKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.WebhookEndpoint,
|
||||
@ -1395,12 +1395,12 @@ var (
|
||||
// GetNotifyWebhook - returns a map of registered notification 'webhook' targets
|
||||
func GetNotifyWebhook(webhookKVS map[string]config.KVS, rootCAs *x509.CertPool) (map[string]target.WebhookArgs, error) {
|
||||
webhookTargets := make(map[string]target.WebhookArgs)
|
||||
for k, kv := range mergeTargets(webhookKVS, target.EnvWebhookState, DefaultWebhookKVS) {
|
||||
stateEnv := target.EnvWebhookState
|
||||
for k, kv := range mergeTargets(webhookKVS, target.EnvWebhookEnable, DefaultWebhookKVS) {
|
||||
enableEnv := target.EnvWebhookEnable
|
||||
if k != config.Default {
|
||||
stateEnv = stateEnv + config.Default + k
|
||||
enableEnv = enableEnv + config.Default + k
|
||||
}
|
||||
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
|
||||
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -1452,8 +1452,8 @@ func GetNotifyWebhook(webhookKVS map[string]config.KVS, rootCAs *x509.CertPool)
|
||||
var (
|
||||
DefaultESKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.ElasticURL,
|
||||
@ -1481,12 +1481,12 @@ var (
|
||||
// GetNotifyES - returns a map of registered notification 'elasticsearch' targets
|
||||
func GetNotifyES(esKVS map[string]config.KVS) (map[string]target.ElasticsearchArgs, error) {
|
||||
esTargets := make(map[string]target.ElasticsearchArgs)
|
||||
for k, kv := range mergeTargets(esKVS, target.EnvElasticState, DefaultESKVS) {
|
||||
stateEnv := target.EnvElasticState
|
||||
for k, kv := range mergeTargets(esKVS, target.EnvElasticEnable, DefaultESKVS) {
|
||||
enableEnv := target.EnvElasticEnable
|
||||
if k != config.Default {
|
||||
stateEnv = stateEnv + config.Default + k
|
||||
enableEnv = enableEnv + config.Default + k
|
||||
}
|
||||
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
|
||||
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -1549,8 +1549,8 @@ func GetNotifyES(esKVS map[string]config.KVS) (map[string]target.ElasticsearchAr
|
||||
var (
|
||||
DefaultAMQPKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.AmqpURL,
|
||||
@ -1570,23 +1570,23 @@ var (
|
||||
},
|
||||
config.KV{
|
||||
Key: target.AmqpMandatory,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.AmqpDurable,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.AmqpNoWait,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.AmqpInternal,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.AmqpAutoDeleted,
|
||||
Value: config.StateOff,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: target.AmqpDeliveryMode,
|
||||
@ -1606,12 +1606,12 @@ var (
|
||||
// GetNotifyAMQP - returns a map of registered notification 'amqp' targets
|
||||
func GetNotifyAMQP(amqpKVS map[string]config.KVS) (map[string]target.AMQPArgs, error) {
|
||||
amqpTargets := make(map[string]target.AMQPArgs)
|
||||
for k, kv := range mergeTargets(amqpKVS, target.EnvAMQPState, DefaultAMQPKVS) {
|
||||
stateEnv := target.EnvAMQPState
|
||||
for k, kv := range mergeTargets(amqpKVS, target.EnvAMQPEnable, DefaultAMQPKVS) {
|
||||
enableEnv := target.EnvAMQPEnable
|
||||
if k != config.Default {
|
||||
stateEnv = stateEnv + config.Default + k
|
||||
enableEnv = enableEnv + config.Default + k
|
||||
}
|
||||
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
|
||||
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -1689,12 +1689,12 @@ func GetNotifyAMQP(amqpKVS map[string]config.KVS) (map[string]target.AMQPArgs, e
|
||||
RoutingKey: env.Get(routingKeyEnv, kv.Get(target.AmqpRoutingKey)),
|
||||
ExchangeType: env.Get(exchangeTypeEnv, kv.Get(target.AmqpExchangeType)),
|
||||
DeliveryMode: uint8(deliveryMode),
|
||||
Mandatory: env.Get(mandatoryEnv, kv.Get(target.AmqpMandatory)) == config.StateOn,
|
||||
Immediate: env.Get(immediateEnv, kv.Get(target.AmqpImmediate)) == config.StateOn,
|
||||
Durable: env.Get(durableEnv, kv.Get(target.AmqpDurable)) == config.StateOn,
|
||||
Internal: env.Get(internalEnv, kv.Get(target.AmqpInternal)) == config.StateOn,
|
||||
NoWait: env.Get(noWaitEnv, kv.Get(target.AmqpNoWait)) == config.StateOn,
|
||||
AutoDeleted: env.Get(autoDeletedEnv, kv.Get(target.AmqpAutoDeleted)) == config.StateOn,
|
||||
Mandatory: env.Get(mandatoryEnv, kv.Get(target.AmqpMandatory)) == config.EnableOn,
|
||||
Immediate: env.Get(immediateEnv, kv.Get(target.AmqpImmediate)) == config.EnableOn,
|
||||
Durable: env.Get(durableEnv, kv.Get(target.AmqpDurable)) == config.EnableOn,
|
||||
Internal: env.Get(internalEnv, kv.Get(target.AmqpInternal)) == config.EnableOn,
|
||||
NoWait: env.Get(noWaitEnv, kv.Get(target.AmqpNoWait)) == config.EnableOn,
|
||||
AutoDeleted: env.Get(autoDeletedEnv, kv.Get(target.AmqpAutoDeleted)) == config.EnableOn,
|
||||
QueueDir: env.Get(queueDirEnv, kv.Get(target.AmqpQueueDir)),
|
||||
QueueLimit: queueLimit,
|
||||
}
|
||||
|
@ -41,10 +41,6 @@ const (
|
||||
// DefaultKVS - default config for OPA config
|
||||
var (
|
||||
DefaultKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: URL,
|
||||
Value: "",
|
||||
@ -112,6 +108,11 @@ type Opa struct {
|
||||
client *http.Client
|
||||
}
|
||||
|
||||
// Enabled returns if opa is enabled.
|
||||
func Enabled(kvs config.KVS) bool {
|
||||
return kvs.Get(URL) != ""
|
||||
}
|
||||
|
||||
// LookupConfig lookup Opa from config, override with any ENVs.
|
||||
func LookupConfig(kv config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (Args, error) {
|
||||
args := Args{}
|
||||
|
@ -23,18 +23,18 @@ var (
|
||||
Help = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: URL,
|
||||
Description: `Points to URL for OPA HTTP API endpoint. eg: "http://localhost:8181/v1/data/httpapi/authz/allow"`,
|
||||
Description: `OPA HTTP API endpoint e.g. "http://localhost:8181/v1/data/httpapi/authz/allow"`,
|
||||
Type: "url",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: AuthToken,
|
||||
Description: "Authorization token for the OPA HTTP API endpoint",
|
||||
Description: "authorization token for OPA HTTP API endpoint",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the OPA policy setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
|
@ -33,10 +33,6 @@ func SetPolicyOPAConfig(s config.Config, opaArgs Args) {
|
||||
return
|
||||
}
|
||||
s[config.PolicyOPASubSys][config.Default] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: URL,
|
||||
Value: opaArgs.URL.String(),
|
||||
|
@ -23,19 +23,19 @@ var (
|
||||
Help = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: ClassStandard,
|
||||
Description: `Set standard storage class parity ratio. eg: "EC:4"`,
|
||||
Description: `set the parity count for default standard storage class e.g. "EC:4"`,
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: ClassRRS,
|
||||
Description: `Set reduced redundancy storage class parity ratio. eg: "EC:2"`,
|
||||
Description: `set the parity count for reduced redundancy storage class e.g. "EC:2"`,
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the storageclass setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
|
@ -35,9 +35,5 @@ func SetStorageClass(s config.Config, cfg Config) {
|
||||
Key: ClassRRS,
|
||||
Value: cfg.RRS.String(),
|
||||
},
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
@ -39,8 +39,6 @@ const (
|
||||
ClassStandard = "standard"
|
||||
ClassRRS = "rrs"
|
||||
|
||||
// Env to on/off storage class settings.
|
||||
EnvStorageClass = "MINIO_STORAGE_CLASS_STATE"
|
||||
// Reduced redundancy storage class environment variable
|
||||
RRSEnv = "MINIO_STORAGE_CLASS_RRS"
|
||||
// Standard storage class environment variable
|
||||
@ -59,10 +57,6 @@ const (
|
||||
// DefaultKVS - default storage class config
|
||||
var (
|
||||
DefaultKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: ClassStandard,
|
||||
Value: "",
|
||||
@ -218,6 +212,13 @@ func (sCfg Config) GetParityForSC(sc string) (parity int) {
|
||||
}
|
||||
}
|
||||
|
||||
// Enabled returns if etcd is enabled.
|
||||
func Enabled(kvs config.KVS) bool {
|
||||
ssc := kvs.Get(ClassStandard)
|
||||
rrsc := kvs.Get(ClassRRS)
|
||||
return ssc != "" || rrsc != ""
|
||||
}
|
||||
|
||||
// LookupConfig - lookup storage class config and override with valid environment settings if any.
|
||||
func LookupConfig(kvs config.KVS, drivesPerSet int) (cfg Config, err error) {
|
||||
cfg = Config{}
|
||||
@ -228,22 +229,8 @@ func LookupConfig(kvs config.KVS, drivesPerSet int) (cfg Config, err error) {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
stateBool, err := config.ParseBool(env.Get(EnvStorageClass, kvs.Get(config.State)))
|
||||
if err != nil {
|
||||
if kvs.Empty() {
|
||||
return cfg, nil
|
||||
}
|
||||
return cfg, err
|
||||
}
|
||||
ssc := env.Get(StandardEnv, kvs.Get(ClassStandard))
|
||||
rrsc := env.Get(RRSEnv, kvs.Get(ClassRRS))
|
||||
if stateBool {
|
||||
if ssc == "" && rrsc == "" {
|
||||
return cfg, config.Error("'standard' and 'rrs' key cannot be empty for enabled storage class")
|
||||
}
|
||||
// if one of storage class is not empty proceed.
|
||||
}
|
||||
|
||||
// Check for environment variables and parse into storageClass struct
|
||||
if ssc != "" {
|
||||
cfg.Standard, err = parseStorageClass(ssc)
|
||||
|
@ -46,10 +46,6 @@ const (
|
||||
// DefaultKVS - default KV crypto config
|
||||
var (
|
||||
DefaultKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: KMSVaultEndpoint,
|
||||
Value: "",
|
||||
@ -100,9 +96,6 @@ const (
|
||||
)
|
||||
|
||||
const (
|
||||
// EnvKMSVaultState to enable on/off
|
||||
EnvKMSVaultState = "MINIO_KMS_VAULT_STATE"
|
||||
|
||||
// EnvKMSVaultEndpoint is the environment variable used to specify
|
||||
// the vault HTTPS endpoint.
|
||||
EnvKMSVaultEndpoint = "MINIO_KMS_VAULT_ENDPOINT"
|
||||
@ -145,6 +138,12 @@ var defaultCfg = VaultConfig{
|
||||
},
|
||||
}
|
||||
|
||||
// Enabled returns if HashiCorp Vault is enabled.
|
||||
func Enabled(kvs config.KVS) bool {
|
||||
endpoint := kvs.Get(KMSVaultEndpoint)
|
||||
return endpoint != ""
|
||||
}
|
||||
|
||||
// LookupConfig extracts the KMS configuration provided by environment
|
||||
// variables and merge them with the provided KMS configuration. The
|
||||
// merging follows the following rules:
|
||||
@ -167,7 +166,7 @@ func LookupConfig(kvs config.KVS) (KMSConfig, error) {
|
||||
return kmsCfg, err
|
||||
}
|
||||
if !kmsCfg.AutoEncryption {
|
||||
kmsCfg.AutoEncryption, err = config.ParseBool(env.Get(EnvKMSAutoEncryption, config.StateOff))
|
||||
kmsCfg.AutoEncryption, err = config.ParseBool(env.Get(EnvKMSAutoEncryption, config.EnableOff))
|
||||
if err != nil {
|
||||
return kmsCfg, err
|
||||
}
|
||||
@ -176,16 +175,6 @@ func LookupConfig(kvs config.KVS) (KMSConfig, error) {
|
||||
return kmsCfg, nil
|
||||
}
|
||||
|
||||
stateBool, err := config.ParseBool(env.Get(EnvKMSVaultState, kvs.Get(config.State)))
|
||||
if err != nil {
|
||||
if kvs.Empty() {
|
||||
return kmsCfg, nil
|
||||
}
|
||||
return kmsCfg, err
|
||||
}
|
||||
if !stateBool {
|
||||
return kmsCfg, nil
|
||||
}
|
||||
vcfg := VaultConfig{
|
||||
Auth: VaultAuth{
|
||||
Type: "approle",
|
||||
|
@ -23,32 +23,32 @@ var (
|
||||
Help = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: KMSVaultEndpoint,
|
||||
Description: `Points to Vault API endpoint eg: "http://vault-endpoint-ip:8200"`,
|
||||
Description: `HashiCorp Vault API endpoint e.g. "http://vault-endpoint-ip:8200"`,
|
||||
Type: "url",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: KMSVaultKeyName,
|
||||
Description: `Transit key name used in vault policy, must be unique name eg: "my-minio-key"`,
|
||||
Description: `transit key name used in vault policy, must be unique name e.g. "my-minio-key"`,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: KMSVaultAuthType,
|
||||
Description: `Authentication type to Vault API endpoint eg: "approle"`,
|
||||
Description: `authentication type to Vault API endpoint e.g. "approle"`,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: KMSVaultAppRoleID,
|
||||
Description: `Unique role ID created for AppRole`,
|
||||
Description: `unique role ID created for AppRole`,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: KMSVaultAppRoleSecret,
|
||||
Description: `Unique secret ID created for AppRole`,
|
||||
Description: `unique secret ID created for AppRole`,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: KMSVaultNamespace,
|
||||
Description: `Only needed if AppRole engine is scoped to Vault Namespace eg: "ns1"`,
|
||||
Description: `only needed if AppRole engine is scoped to Vault Namespace e.g. "ns1"`,
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
@ -60,13 +60,13 @@ var (
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: KMSVaultCAPath,
|
||||
Description: `Path to PEM-encoded CA cert files to use mTLS authentication (optional) eg: "/home/user/custom-certs"`,
|
||||
Description: `path to PEM-encoded CA cert files to use mTLS authentication (optional) e.g. "/home/user/custom-certs"`,
|
||||
Optional: true,
|
||||
Type: "path",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the KMS Vault setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
|
@ -83,10 +83,6 @@ func SetKMSConfig(s config.Config, cfg KMSConfig) {
|
||||
return
|
||||
}
|
||||
s[config.KmsVaultSubSys][config.Default] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: KMSVaultEndpoint,
|
||||
Value: cfg.Vault.Endpoint,
|
||||
@ -141,7 +137,7 @@ func SetKMSConfig(s config.Config, cfg KMSConfig) {
|
||||
// It sets the global KMS configuration according to the merged configuration
|
||||
// on success.
|
||||
func lookupConfigLegacy(kvs config.KVS) (KMSConfig, error) {
|
||||
autoBool, err := config.ParseBool(env.Get(EnvAutoEncryptionLegacy, config.StateOff))
|
||||
autoBool, err := config.ParseBool(env.Get(EnvAutoEncryptionLegacy, config.EnableOff))
|
||||
if err != nil {
|
||||
return KMSConfig{}, err
|
||||
}
|
||||
@ -155,17 +151,6 @@ func lookupConfigLegacy(kvs config.KVS) (KMSConfig, error) {
|
||||
},
|
||||
}
|
||||
|
||||
// Assume default as "on" for legacy config since we didn't have a _STATE
|
||||
// flag to turn it off, but we should honor it nonetheless to turn it off
|
||||
// if the vault endpoint is down and there is no way to start the server.
|
||||
stateBool, err := config.ParseBool(env.Get(EnvKMSVaultState, config.StateOn))
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
if !stateBool {
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
endpointStr := env.Get(EnvLegacyVaultEndpoint, "")
|
||||
if endpointStr != "" {
|
||||
// Lookup Hashicorp-Vault configuration & overwrite config entry if ENV var is present
|
||||
|
@ -118,6 +118,9 @@ func StartGateway(ctx *cli.Context, gw Gateway) {
|
||||
// Handle common command args.
|
||||
handleCommonCmdArgs(ctx)
|
||||
|
||||
// Initialize all help
|
||||
initHelp()
|
||||
|
||||
// Get port to listen on from gateway address
|
||||
globalMinioHost, globalMinioPort = mustSplitHostPort(globalCLIContext.Addr)
|
||||
|
||||
|
@ -101,17 +101,12 @@ ENVIRONMENT VARIABLES:
|
||||
MINIO_CACHE_QUOTA: Maximum permitted usage of the cache in percentage (0-100).
|
||||
|
||||
EXAMPLES:
|
||||
1. Start minio gateway server for Azure Blob Storage backend.
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}azureaccountname
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}azureaccountkey
|
||||
{{.Prompt}} {{.HelpName}}
|
||||
|
||||
2. Start minio gateway server for Azure Blob Storage backend on custom endpoint.
|
||||
1. Start minio gateway server for Azure Blob Storage backend on custom endpoint.
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}azureaccountname
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}azureaccountkey
|
||||
{{.Prompt}} {{.HelpName}} https://azureaccountname.blob.custom.azure.endpoint
|
||||
|
||||
3. Start minio gateway server for Azure Blob Storage backend with edge caching enabled.
|
||||
2. Start minio gateway server for Azure Blob Storage backend with edge caching enabled.
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}azureaccountname
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}azureaccountkey
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_CACHE_DRIVES{{.AssignmentOperator}}"/mnt/drive1,/mnt/drive2,/mnt/drive3,/mnt/drive4"
|
||||
|
@ -72,28 +72,12 @@ ENVIRONMENT VARIABLES:
|
||||
MINIO_CACHE_EXPIRY: Cache expiry duration in days.
|
||||
MINIO_CACHE_QUOTA: Maximum permitted usage of the cache in percentage (0-100).
|
||||
|
||||
LOGGER:
|
||||
MINIO_LOGGER_HTTP_STATE: Set this to "on" to enable HTTP logging target.
|
||||
MINIO_LOGGER_HTTP_ENDPOINT: HTTP endpoint URL to log all incoming requests.
|
||||
|
||||
EXAMPLES:
|
||||
1. Start minio gateway server for AWS S3 backend.
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}accesskey
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}secretkey
|
||||
{{.Prompt}} {{.HelpName}}
|
||||
|
||||
2. Start minio gateway server for S3 backend on custom endpoint.
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}Q3AM3UQ867SPQQA43P2F
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG
|
||||
{{.Prompt}} {{.HelpName}} https://play.min.io:9000
|
||||
|
||||
3. Start minio gateway server for AWS S3 backend logging all requests to http endpoint.
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}Q3AM3UQ867SPQQA43P2F
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_LOGGER_HTTP_STATE{{.AssignmenOperator}}"on"
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_LOGGER_HTTP_ENDPOINT{{.AssignmentOperator}}"http://localhost:8000/"
|
||||
{{.Prompt}} {{.HelpName}} https://play.min.io:9000
|
||||
|
||||
4. Start minio gateway server for AWS S3 backend with edge caching enabled.
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}accesskey
|
||||
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}secretkey
|
||||
|
@ -654,9 +654,9 @@ func (sys *IAMSys) SetUserStatus(accessKey string, status madmin.AccountStatus)
|
||||
SecretKey: cred.SecretKey,
|
||||
Status: func() string {
|
||||
if status == madmin.AccountEnabled {
|
||||
return config.StateOn
|
||||
return config.EnableOn
|
||||
}
|
||||
return config.StateOff
|
||||
return config.EnableOff
|
||||
}(),
|
||||
})
|
||||
if err := sys.store.saveUserIdentity(accessKey, false, uinfo); err != nil {
|
||||
|
@ -58,8 +58,8 @@ const (
|
||||
var (
|
||||
DefaultKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: Endpoint,
|
||||
@ -72,8 +72,8 @@ var (
|
||||
}
|
||||
DefaultAuditKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOff,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOff,
|
||||
},
|
||||
config.KV{
|
||||
Key: Endpoint,
|
||||
@ -153,7 +153,7 @@ func LookupConfig(scfg config.Config) (Config, error) {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
enabled, err := config.ParseBool(kv.Get(config.State))
|
||||
enabled, err := config.ParseBool(kv.Get(config.Enable))
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
@ -185,7 +185,7 @@ func LookupConfig(scfg config.Config) (Config, error) {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
enabled, err := config.ParseBool(kv.Get(config.State))
|
||||
enabled, err := config.ParseBool(kv.Get(config.Enable))
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
@ -23,18 +23,18 @@ var (
|
||||
Help = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: Endpoint,
|
||||
Description: `HTTP logger endpoint eg: "http://localhost:8080/minio/logs/server"`,
|
||||
Description: `HTTP logger endpoint e.g. "http://localhost:8080/minio/logs/server"`,
|
||||
Type: "url",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: AuthToken,
|
||||
Description: "Authorization token for logger endpoint",
|
||||
Description: "authorization token for logger endpoint",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the HTTP logger setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
@ -43,18 +43,18 @@ var (
|
||||
HelpAudit = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: Endpoint,
|
||||
Description: `HTTP Audit logger endpoint eg: "http://localhost:8080/minio/logs/audit"`,
|
||||
Description: `HTTP Audit logger endpoint e.g. "http://localhost:8080/minio/logs/audit"`,
|
||||
Type: "url",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: AuthToken,
|
||||
Description: "Authorization token for logger endpoint",
|
||||
Description: "authorization token for audit logger endpoint",
|
||||
Optional: true,
|
||||
Type: "string",
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.Comment,
|
||||
Description: "A comment to describe the HTTP Audit logger setting",
|
||||
Description: config.DefaultComment,
|
||||
Optional: true,
|
||||
Type: "sentence",
|
||||
},
|
||||
|
@ -31,8 +31,8 @@ func SetLoggerHTTPAudit(scfg config.Config, k string, args HTTP) {
|
||||
}
|
||||
scfg[config.AuditWebhookSubSys][k] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: Endpoint,
|
||||
@ -54,8 +54,8 @@ func SetLoggerHTTP(scfg config.Config, k string, args HTTP) {
|
||||
|
||||
scfg[config.LoggerWebhookSubSys][k] = config.KVS{
|
||||
config.KV{
|
||||
Key: config.State,
|
||||
Value: config.StateOn,
|
||||
Key: config.Enable,
|
||||
Value: config.EnableOn,
|
||||
},
|
||||
config.KV{
|
||||
Key: Endpoint,
|
||||
|
@ -156,7 +156,9 @@ func serverHandleCmdArgs(ctx *cli.Context) {
|
||||
}
|
||||
logger.FatalIf(err, "Invalid command line arguments")
|
||||
|
||||
logger.LogIf(context.Background(), checkEndpointsSubOptimal(ctx, setupType, globalEndpoints))
|
||||
if err = checkEndpointsSubOptimal(ctx, setupType, globalEndpoints); err != nil {
|
||||
logger.Info("Optimal endpoint check failed %s", err)
|
||||
}
|
||||
|
||||
// On macOS, if a process already listens on LOCALIPADDR:PORT, net.Listen() falls back
|
||||
// to IPv6 address ie minio will start listening on IPv6 address whereas another
|
||||
@ -217,6 +219,17 @@ func initSafeModeInit(buckets []BucketInfo) (err error) {
|
||||
if errors.As(err, &cerr) {
|
||||
return
|
||||
}
|
||||
|
||||
var cfgErr config.Error
|
||||
if errors.As(err, &cfgErr) {
|
||||
if cfgErr.Kind == config.ContinueKind {
|
||||
// print the error and continue
|
||||
logger.Info("Config validation failed '%s' the sub-system is turned-off and all other sub-systems", err)
|
||||
err = nil
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
// Enable logger
|
||||
logger.Disable = false
|
||||
|
||||
@ -308,6 +321,9 @@ func serverMain(ctx *cli.Context) {
|
||||
// Handle all server environment vars.
|
||||
serverHandleEnvVars()
|
||||
|
||||
// Initialize all help
|
||||
initHelp()
|
||||
|
||||
// Check and load TLS certificates.
|
||||
var err error
|
||||
globalPublicCerts, globalTLSCerts, globalIsSSL, err = getTLSConfig()
|
||||
@ -338,7 +354,9 @@ func serverMain(ctx *cli.Context) {
|
||||
}
|
||||
|
||||
// Set system resources to maximum.
|
||||
logger.LogIf(context.Background(), setMaxResources())
|
||||
if err = setMaxResources(); err != nil {
|
||||
logger.Info("Unable to set system resources to maximum %s", err)
|
||||
}
|
||||
|
||||
if globalIsXL {
|
||||
// Init global heal state
|
||||
@ -409,8 +427,14 @@ func serverMain(ctx *cli.Context) {
|
||||
logger.FatalIf(initSafeModeInit(buckets), "Unable to initialize server")
|
||||
|
||||
if globalCacheConfig.Enabled {
|
||||
msg := color.RedBold("Disk caching is disabled in 'server' mode, 'caching' is only supported in gateway deployments")
|
||||
logger.StartupMessage(msg)
|
||||
// initialize the new disk cache objects.
|
||||
var cacheAPI CacheObjectLayer
|
||||
cacheAPI, err = newServerCacheObjects(context.Background(), globalCacheConfig)
|
||||
logger.FatalIf(err, "Unable to initialize disk caching")
|
||||
|
||||
globalObjLayerMutex.Lock()
|
||||
globalCacheObjectAPI = cacheAPI
|
||||
globalObjLayerMutex.Unlock()
|
||||
}
|
||||
|
||||
initDailyLifecycle()
|
||||
|
@ -49,7 +49,7 @@ func getFormatStr(strLen int, padding int) string {
|
||||
func printStartupSafeModeMessage(apiEndpoints []string, err error) {
|
||||
logStartupMessage(color.RedBold("Server startup failed with '%v'", err))
|
||||
logStartupMessage(color.RedBold("Server switching to safe mode"))
|
||||
logStartupMessage(color.RedBold("Please use 'mc admin' commands to fix this issue"))
|
||||
logStartupMessage(color.RedBold("Please use 'mc admin config' commands fix this issue"))
|
||||
|
||||
// Object layer is initialized then print StorageInfo in safe mode.
|
||||
objAPI := newObjectLayerWithoutSafeModeFn()
|
||||
@ -91,13 +91,13 @@ func printStartupSafeModeMessage(apiEndpoints []string, err error) {
|
||||
mcMessage := fmt.Sprintf("> mc.exe config host add %s %s %s %s --api s3v4", alias,
|
||||
endPoint, cred.AccessKey, cred.SecretKey)
|
||||
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
|
||||
mcMessage = fmt.Sprintf("> mc.exe admin --help")
|
||||
mcMessage = fmt.Sprintf("> mc.exe admin config --help")
|
||||
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
|
||||
} else {
|
||||
mcMessage := fmt.Sprintf("$ mc config host add %s %s %s %s --api s3v4", alias,
|
||||
endPoint, cred.AccessKey, cred.SecretKey)
|
||||
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
|
||||
mcMessage = fmt.Sprintf("$ mc admin --help")
|
||||
mcMessage = fmt.Sprintf("$ mc admin config --help")
|
||||
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
|
||||
}
|
||||
}
|
||||
|
@ -76,6 +76,7 @@ func init() {
|
||||
|
||||
logger.Disable = true
|
||||
|
||||
initHelp()
|
||||
// Uncomment the following line to see trace logs during unit tests.
|
||||
// logger.AddTarget(console.New())
|
||||
}
|
||||
|
@ -74,9 +74,9 @@ minio server /data
|
||||
|
||||
| Field | Type | Description |
|
||||
|:-------------------------------|:---------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| ``storageclass`` | | Set storage class for configurable data and parity, as per object basis. |
|
||||
| ``storageclass standard=EC:4`` | _string_ | Value for standard storage class. It should be in the format `EC:Parity`, for example to set 4 disk parity for standard storage class objects, set this field to `EC:4`. |
|
||||
| ``storageclass rrs=EC:2`` | _string_ | Value for reduced redundancy storage class. It should be in the format `EC:Parity`, for example to set 3 disk parity for reduced redundancy storage class objects, set this field to `EC:3`. |
|
||||
| ``storage_class`` | | Set storage class for configurable data and parity, as per object basis. |
|
||||
| ``storage_class standard=EC:4`` | _string_ | Value for standard storage class. It should be in the format `EC:Parity`, for example to set 4 disk parity for standard storage class objects, set this field to `EC:4`. |
|
||||
| ``storage_class rrs=EC:2`` | _string_ | Value for reduced redundancy storage class. It should be in the format `EC:Parity`, for example to set 3 disk parity for reduced redundancy storage class objects, set this field to `EC:3`. |
|
||||
|
||||
By default, parity for objects with standard storage class is set to `N/2`, and parity for objects with reduced redundancy storage class objects is set to `2`. Read more about storage class support in MinIO server [here](https://github.com/minio/minio/blob/master/docs/erasure/storage-class/README.md).
|
||||
|
||||
|
@ -1,340 +0,0 @@
|
||||
{
|
||||
"cache": {
|
||||
"_": {
|
||||
"drives": "",
|
||||
"exclude": "",
|
||||
"expiry": "90",
|
||||
"quota": "80",
|
||||
"state": "off"
|
||||
}
|
||||
},
|
||||
"compression": {
|
||||
"_": {
|
||||
"extensions": ".txt,.log,.csv,.json,.tar,.xml,.bin",
|
||||
"mime_types": "text/*,application/json,application/xml",
|
||||
"state": "off"
|
||||
}
|
||||
},
|
||||
"identity_ldap": {
|
||||
"_": {
|
||||
"group_name_attribute": "",
|
||||
"group_search_base_dn": "",
|
||||
"group_search_filter": "",
|
||||
"server_addr": "",
|
||||
"state": "off",
|
||||
"sts_expiry": "",
|
||||
"username_format": ""
|
||||
}
|
||||
},
|
||||
"identity_openid": {
|
||||
"_": {
|
||||
"config_url": "http://localhost:8080/auth/realms/demo/.well-known/openid-configuration",
|
||||
"state": "on"
|
||||
}
|
||||
},
|
||||
"kms_vault": {
|
||||
"_": {
|
||||
"auth_approle_id": "",
|
||||
"auth_approle_secret": "",
|
||||
"auth_type": "",
|
||||
"capath": "",
|
||||
"endpoint": "",
|
||||
"key_name": "",
|
||||
"key_version": "0",
|
||||
"namespace": "",
|
||||
"state": "off"
|
||||
}
|
||||
},
|
||||
"logger_http": {
|
||||
"1": {
|
||||
"auth_token": "",
|
||||
"endpoint": "",
|
||||
"state": "off"
|
||||
},
|
||||
"_": {
|
||||
"auth_token": "",
|
||||
"endpoint": "",
|
||||
"state": "off"
|
||||
}
|
||||
},
|
||||
"logger_http_audit": {
|
||||
"_": {
|
||||
"auth_token": "",
|
||||
"endpoint": "",
|
||||
"state": "off"
|
||||
}
|
||||
},
|
||||
"notify_amqp": {
|
||||
"1": {
|
||||
"auto_deleted": "off",
|
||||
"delivery_mode": "0",
|
||||
"durable": "off",
|
||||
"exchange": "",
|
||||
"exchange_type": "",
|
||||
"internal": "off",
|
||||
"mandatory": "off",
|
||||
"no_wait": "off",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"routing_key": "",
|
||||
"state": "off",
|
||||
"url": ""
|
||||
},
|
||||
"_": {
|
||||
"auto_deleted": "off",
|
||||
"delivery_mode": "0",
|
||||
"durable": "off",
|
||||
"exchange": "",
|
||||
"exchange_type": "",
|
||||
"internal": "off",
|
||||
"mandatory": "off",
|
||||
"no_wait": "off",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"routing_key": "",
|
||||
"state": "off",
|
||||
"url": ""
|
||||
}
|
||||
},
|
||||
"notify_elasticsearch": {
|
||||
"1": {
|
||||
"format": "namespace",
|
||||
"index": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off",
|
||||
"url": ""
|
||||
},
|
||||
"_": {
|
||||
"format": "namespace",
|
||||
"index": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off",
|
||||
"url": ""
|
||||
}
|
||||
},
|
||||
"notify_kafka": {
|
||||
"1": {
|
||||
"brokers": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"sasl_enable": "off",
|
||||
"sasl_password": "",
|
||||
"sasl_username": "",
|
||||
"state": "off",
|
||||
"tls_client_auth": "0",
|
||||
"tls_enable": "off",
|
||||
"tls_skip_verify": "off",
|
||||
"topic": ""
|
||||
},
|
||||
"_": {
|
||||
"brokers": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"sasl_enable": "off",
|
||||
"sasl_password": "",
|
||||
"sasl_username": "",
|
||||
"state": "off",
|
||||
"tls_client_auth": "0",
|
||||
"tls_enable": "off",
|
||||
"tls_skip_verify": "off",
|
||||
"topic": ""
|
||||
}
|
||||
},
|
||||
"notify_mqtt": {
|
||||
"1": {
|
||||
"broker": "",
|
||||
"keep_alive_interval": "0s",
|
||||
"password": "",
|
||||
"qos": "0",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"reconnect_interval": "0s",
|
||||
"state": "off",
|
||||
"topic": "",
|
||||
"username": ""
|
||||
},
|
||||
"_": {
|
||||
"broker": "",
|
||||
"keep_alive_interval": "0s",
|
||||
"password": "",
|
||||
"qos": "0",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"reconnect_interval": "0s",
|
||||
"state": "off",
|
||||
"topic": "",
|
||||
"username": ""
|
||||
}
|
||||
},
|
||||
"notify_mysql": {
|
||||
"1": {
|
||||
"database": "",
|
||||
"dsn_string": "",
|
||||
"format": "namespace",
|
||||
"host": "",
|
||||
"password": "",
|
||||
"port": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off",
|
||||
"table": "",
|
||||
"username": ""
|
||||
},
|
||||
"_": {
|
||||
"database": "",
|
||||
"dsn_string": "",
|
||||
"format": "namespace",
|
||||
"host": "",
|
||||
"password": "",
|
||||
"port": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off",
|
||||
"table": "",
|
||||
"username": ""
|
||||
}
|
||||
},
|
||||
"notify_nats": {
|
||||
"1": {
|
||||
"address": "",
|
||||
"password": "",
|
||||
"ping_interval": "0",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"secure": "off",
|
||||
"state": "off",
|
||||
"streaming_async": "off",
|
||||
"streaming_cluster_id": "",
|
||||
"streaming_enable": "off",
|
||||
"streaming_max_pub_acks_in_flight": "0",
|
||||
"subject": "",
|
||||
"token": "",
|
||||
"username": ""
|
||||
},
|
||||
"_": {
|
||||
"address": "",
|
||||
"password": "",
|
||||
"ping_interval": "0",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"secure": "off",
|
||||
"state": "off",
|
||||
"streaming_async": "off",
|
||||
"streaming_cluster_id": "",
|
||||
"streaming_enable": "off",
|
||||
"streaming_max_pub_acks_in_flight": "0",
|
||||
"subject": "",
|
||||
"token": "",
|
||||
"username": ""
|
||||
}
|
||||
},
|
||||
"notify_nsq": {
|
||||
"1": {
|
||||
"nsqd_address": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off",
|
||||
"tls_enable": "off",
|
||||
"tls_skip_verify": "off",
|
||||
"topic": ""
|
||||
},
|
||||
"_": {
|
||||
"nsqd_address": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off",
|
||||
"tls_enable": "off",
|
||||
"tls_skip_verify": "off",
|
||||
"topic": ""
|
||||
}
|
||||
},
|
||||
"notify_postgres": {
|
||||
"1": {
|
||||
"connection_string": "",
|
||||
"database": "",
|
||||
"format": "namespace",
|
||||
"host": "",
|
||||
"password": "",
|
||||
"port": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off",
|
||||
"table": "",
|
||||
"username": ""
|
||||
},
|
||||
"_": {
|
||||
"connection_string": "",
|
||||
"database": "",
|
||||
"format": "namespace",
|
||||
"host": "",
|
||||
"password": "",
|
||||
"port": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off",
|
||||
"table": "",
|
||||
"username": ""
|
||||
}
|
||||
},
|
||||
"notify_redis": {
|
||||
"1": {
|
||||
"address": "",
|
||||
"format": "namespace",
|
||||
"key": "",
|
||||
"password": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off"
|
||||
},
|
||||
"_": {
|
||||
"address": "",
|
||||
"format": "namespace",
|
||||
"key": "",
|
||||
"password": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off"
|
||||
}
|
||||
},
|
||||
"notify_webhook": {
|
||||
"1": {
|
||||
"endpoint": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off"
|
||||
},
|
||||
"_": {
|
||||
"auth_token": "",
|
||||
"endpoint": "",
|
||||
"queue_dir": "",
|
||||
"queue_limit": "0",
|
||||
"state": "off"
|
||||
}
|
||||
},
|
||||
"policy_opa": {
|
||||
"_": {
|
||||
"auth_token": "",
|
||||
"state": "off",
|
||||
"url": ""
|
||||
}
|
||||
},
|
||||
"region": {
|
||||
"_": {
|
||||
"name": "us-east-1"
|
||||
}
|
||||
},
|
||||
"storageclass": {
|
||||
"_": {
|
||||
"rrs": "",
|
||||
"standard": "",
|
||||
"state": "off"
|
||||
}
|
||||
},
|
||||
"worm": {
|
||||
"_": {
|
||||
"state": "off"
|
||||
}
|
||||
}
|
||||
}
|
@ -62,14 +62,12 @@ Default value for `REDUCED_REDUNDANCY` storage class is `2`.
|
||||
|
||||
The format to set storage class environment variables is as follows
|
||||
|
||||
`MINIO_STORAGE_CLASS_STATE=on`
|
||||
`MINIO_STORAGE_CLASS_STANDARD=EC:parity`
|
||||
`MINIO_STORAGE_CLASS_RRS=EC:parity`
|
||||
|
||||
For example, set `MINIO_STORAGE_CLASS_RRS` parity 2 and `MINIO_STORAGE_CLASS_STANDARD` parity 3
|
||||
|
||||
```sh
|
||||
export MINIO_STORAGE_CLASS_STATE=on
|
||||
export MINIO_STORAGE_CLASS_STANDARD=EC:3
|
||||
export MINIO_STORAGE_CLASS_RRS=EC:2
|
||||
```
|
||||
|
@ -76,7 +76,6 @@ and "c" for sse-c encryption. More than one encryption option can be set, delimi
|
||||
|
||||
```sh
|
||||
export MINIO_GATEWAY_SSE="s3;c"
|
||||
export MINIO_KMS_VAULT_STATE=on
|
||||
export MINIO_KMS_VAULT_APPROLE_ID=9b56cc08-8258-45d5-24a3-679876769126
|
||||
export MINIO_KMS_VAULT_APPROLE_SECRET=4e30c52f-13e4-a6f5-0763-d50e8cb4321f
|
||||
export MINIO_KMS_VAULT_ENDPOINT=https://vault-endpoint-ip:8200
|
||||
|
@ -171,7 +171,6 @@ The AppRole ID, AppRole Secret Id, Vault endpoint and Vault key name can now be
|
||||
You'll need the Vault endpoint, AppRole ID, AppRole SecretID and encryption key-ring name defined in step 2.1.2
|
||||
|
||||
```
|
||||
export MINIO_KMS_VAULT_STATE=on
|
||||
export MINIO_KMS_VAULT_APPROLE_ID=8c03926c-6c51-7a1d-cf7d-62e48ab8d6d7
|
||||
export MINIO_KMS_VAULT_APPROLE_SECRET=edd8738c-6efe-c226-74f9-ef5b66e119d7
|
||||
export MINIO_KMS_VAULT_ENDPOINT=http://vault-endpoint-ip:8200
|
||||
|
@ -28,7 +28,7 @@ NOTE: `http://endpoint:port/path` is a placeholder value to indicate the URL for
|
||||
|
||||
MinIO also honors environment variable for HTTP target logging as shown below, this setting will override the endpoint settings in the MinIO server config.
|
||||
```
|
||||
export MINIO_LOGGER_WEBHOOK_STATE_target1="on"
|
||||
export MINIO_LOGGER_WEBHOOK_ENABLE_target1="on"
|
||||
export MINIO_LOGGER_WEBHOOK_AUTH_TOKEN_target1="token"
|
||||
export MINIO_LOGGER_WEBHOOK_ENDPOINT_target1=http://localhost:8080/minio/logs
|
||||
minio server /mnt/data
|
||||
@ -50,7 +50,7 @@ NOTE: `http://endpoint:port/path` is a placeholder value to indicate the URL for
|
||||
|
||||
MinIO also honors environment variable for HTTP target Audit logging as shown below, this setting will override the endpoint settings in the MinIO server config.
|
||||
```
|
||||
export MINIO_AUDIT_WEBHOOK_STATE_target1="on"
|
||||
export MINIO_AUDIT_WEBHOOK_ENABLE_target1="on"
|
||||
export MINIO_AUDIT_WEBHOOK_AUTH_TOKEN_target1="token"
|
||||
export MINIO_AUDIT_WEBHOOK_ENDPOINT_target1=http://localhost:8080/minio/logs
|
||||
minio server /mnt/data
|
||||
|
@ -34,7 +34,6 @@ Make sure we have followed the previous step and configured each software indepe
|
||||
```
|
||||
export MINIO_ACCESS_KEY=minio
|
||||
export MINIO_SECRET_KEY=minio123
|
||||
export MINIO_IDENTITY_OPENID_STATE="on"
|
||||
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
|
||||
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
|
||||
minio server /mnt/data
|
||||
@ -48,7 +47,6 @@ Make sure we have followed the previous step and configured each software indepe
|
||||
```
|
||||
export MINIO_ACCESS_KEY=aws_access_key
|
||||
export MINIO_SECRET_KEY=aws_secret_key
|
||||
export MINIO_IDENTITY_OPENID_STATE="on"
|
||||
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
|
||||
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
|
||||
export MINIO_ETCD_ENDPOINTS=http://localhost:2379
|
||||
|
@ -93,14 +93,13 @@ http://minio.cluster:9000?Action=AssumeRoleWithClientGrants&DurationSeconds=3600
|
||||
```
|
||||
export MINIO_ACCESS_KEY=minio
|
||||
export MINIO_SECRET_KEY=minio123
|
||||
export MINIO_IDENTITY_OPENID_STATE="on"
|
||||
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
|
||||
export MINIO_IDENTITY_OPENID_CLIENT_ID="7a243d56-1081-11ea-b1b9-0bad8bed6ca0"
|
||||
export MINIO_POLICY_OPA_URL=http://localhost:8181/v1/data/httpapi/authz
|
||||
minio server /mnt/export
|
||||
|
||||
mc admin config get myminio identity_openid
|
||||
identity_openid config_url="https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration"
|
||||
identity_openid config_url="https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration"
|
||||
|
||||
mc admin config get myminio policy_opa
|
||||
policy_opa url="http://localhost:8181/v1/data/httpapi/authz" auth_token=
|
||||
|
@ -42,7 +42,6 @@ LDAP is configured via the following environment variables:
|
||||
|
||||
| Variable | Required? | Purpose |
|
||||
|----------------------------------------------|-------------------------|-------------------------------------------------------------------------|
|
||||
| **MINIO_IDENTITY_LDAP_STATE** | **YES** | Enable or disable ldap identity |
|
||||
| **MINIO_IDENTITY_LDAP_SERVER_ADDR** | **YES** | AD/LDAP server address |
|
||||
| **MINIO_IDENTITY_LDAP_USERNAME_FORMAT** | **YES** | Format of full username DN |
|
||||
| **MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN** | **NO** | Base DN in AD/LDAP hierarchy to use in search requests |
|
||||
@ -57,7 +56,6 @@ Please note that MinIO will only access the AD/LDAP server over TLS. If a self-s
|
||||
An example setup for development or experimentation:
|
||||
|
||||
``` shell
|
||||
export MINIO_IDENTITY_LDAP_STATE="on"
|
||||
export MINIO_IDENTITY_LDAP_SERVER_ADDR=myldapserver.com:636
|
||||
export MINIO_IDENTITY_LDAP_USERNAME_FORMAT="uid={username},cn=accounts,dc=myldapserver,dc=com"
|
||||
export MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN="dc=myldapserver,dc=com"
|
||||
@ -111,7 +109,6 @@ The group search filter looks like `(&(objectclass=group)(member={usernamedn}))`
|
||||
Thus the key configuration parameters look like:
|
||||
|
||||
```
|
||||
MINIO_IDENTITY_LDAP_STATE="on"
|
||||
MINIO_IDENTITY_LDAP_SERVER_ADDR='my.ldap-active-dir-server.com:636'
|
||||
MINIO_IDENTITY_LDAP_USERNAME_FORMAT='cn={username},cn=users,dc=minioad,dc=local'
|
||||
MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN='dc=minioad,dc=local'
|
||||
@ -218,7 +215,6 @@ http://minio.cluster:9000?Action=AssumeRoleWithLDAPIdentity&LDAPUsername=foouser
|
||||
```
|
||||
$ export MINIO_ACCESS_KEY=minio
|
||||
$ export MINIO_SECRET_KEY=minio123
|
||||
$ export MINIO_IDENTITY_LDAP_STATE="on"
|
||||
$ export MINIO_IDENTITY_LDAP_SERVER_ADDR='my.ldap-active-dir-server.com:636'
|
||||
$ export MINIO_IDENTITY_LDAP_USERNAME_FORMAT='cn={username},cn=users,dc=minioad,dc=local'
|
||||
$ export MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN='dc=minioad,dc=local'
|
||||
|
@ -93,7 +93,6 @@ http://minio.cluster:9000?Action=AssumeRoleWithWebIdentity&DurationSeconds=3600&
|
||||
```
|
||||
export MINIO_ACCESS_KEY=minio
|
||||
export MINIO_SECRET_KEY=minio123
|
||||
export MINIO_IDENTITY_OPENID_STATE="on"
|
||||
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
|
||||
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://accounts.google.com/.well-known/openid-configuration
|
||||
minio server /mnt/export
|
||||
|
@ -69,7 +69,6 @@ Using the above `access_token` we can perform an STS request to MinIO to get tem
|
||||
### 5. Setup MinIO with OpenID configuration URL
|
||||
MinIO server expects environment variable for OpenID configuration url as `MINIO_IDENTITY_OPENID_CONFIG_URL`, this environment variable takes a single entry.
|
||||
```
|
||||
export MINIO_IDENTITY_OPENID_STATE="on"
|
||||
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
|
||||
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
|
||||
minio server /mnt/data
|
||||
|
@ -68,7 +68,7 @@ const (
|
||||
AmqpArguments = "arguments"
|
||||
AmqpPublishingHeaders = "publishing_headers"
|
||||
|
||||
EnvAMQPState = "MINIO_NOTIFY_AMQP_STATE"
|
||||
EnvAMQPEnable = "MINIO_NOTIFY_AMQP_ENABLE"
|
||||
EnvAMQPURL = "MINIO_NOTIFY_AMQP_URL"
|
||||
EnvAMQPExchange = "MINIO_NOTIFY_AMQP_EXCHANGE"
|
||||
EnvAMQPRoutingKey = "MINIO_NOTIFY_AMQP_ROUTING_KEY"
|
||||
|
@ -39,7 +39,7 @@ const (
|
||||
ElasticQueueDir = "queue_dir"
|
||||
ElasticQueueLimit = "queue_limit"
|
||||
|
||||
EnvElasticState = "MINIO_NOTIFY_ELASTICSEARCH_STATE"
|
||||
EnvElasticEnable = "MINIO_NOTIFY_ELASTICSEARCH_ENABLE"
|
||||
EnvElasticFormat = "MINIO_NOTIFY_ELASTICSEARCH_FORMAT"
|
||||
EnvElasticURL = "MINIO_NOTIFY_ELASTICSEARCH_URL"
|
||||
EnvElasticIndex = "MINIO_NOTIFY_ELASTICSEARCH_INDEX"
|
||||
|
@ -46,7 +46,7 @@ const (
|
||||
KafkaSASLUsername = "sasl_username"
|
||||
KafkaSASLPassword = "sasl_password"
|
||||
|
||||
EnvKafkaState = "MINIO_NOTIFY_KAFKA_STATE"
|
||||
EnvKafkaEnable = "MINIO_NOTIFY_KAFKA_ENABLE"
|
||||
EnvKafkaBrokers = "MINIO_NOTIFY_KAFKA_BROKERS"
|
||||
EnvKafkaTopic = "MINIO_NOTIFY_KAFKA_TOPIC"
|
||||
EnvKafkaQueueDir = "MINIO_NOTIFY_KAFKA_QUEUE_DIR"
|
||||
|
@ -50,7 +50,7 @@ const (
|
||||
MqttQueueDir = "queue_dir"
|
||||
MqttQueueLimit = "queue_limit"
|
||||
|
||||
EnvMQTTState = "MINIO_NOTIFY_MQTT_STATE"
|
||||
EnvMQTTEnable = "MINIO_NOTIFY_MQTT_ENABLE"
|
||||
EnvMQTTBroker = "MINIO_NOTIFY_MQTT_BROKER"
|
||||
EnvMQTTTopic = "MINIO_NOTIFY_MQTT_TOPIC"
|
||||
EnvMQTTQoS = "MINIO_NOTIFY_MQTT_QOS"
|
||||
|
@ -94,7 +94,7 @@ const (
|
||||
MySQLQueueLimit = "queue_limit"
|
||||
MySQLQueueDir = "queue_dir"
|
||||
|
||||
EnvMySQLState = "MINIO_NOTIFY_MYSQL_STATE"
|
||||
EnvMySQLEnable = "MINIO_NOTIFY_MYSQL_ENABLE"
|
||||
EnvMySQLFormat = "MINIO_NOTIFY_MYSQL_FORMAT"
|
||||
EnvMySQLDSNString = "MINIO_NOTIFY_MYSQL_DSN_STRING"
|
||||
EnvMySQLTable = "MINIO_NOTIFY_MYSQL_TABLE"
|
||||
|
@ -51,7 +51,7 @@ const (
|
||||
NATSStreamingAsync = "streaming_async"
|
||||
NATSStreamingMaxPubAcksInFlight = "streaming_max_pub_acks_in_flight"
|
||||
|
||||
EnvNATSState = "MINIO_NOTIFY_NATS_STATE"
|
||||
EnvNATSEnable = "MINIO_NOTIFY_NATS_ENABLE"
|
||||
EnvNATSAddress = "MINIO_NOTIFY_NATS_ADDRESS"
|
||||
EnvNATSSubject = "MINIO_NOTIFY_NATS_SUBJECT"
|
||||
EnvNATSUsername = "MINIO_NOTIFY_NATS_USERNAME"
|
||||
|
@ -40,7 +40,7 @@ const (
|
||||
NSQQueueDir = "queue_dir"
|
||||
NSQQueueLimit = "queue_limit"
|
||||
|
||||
EnvNSQState = "MINIO_NOTIFY_NSQ"
|
||||
EnvNSQEnable = "MINIO_NOTIFY_NSQ"
|
||||
EnvNSQAddress = "MINIO_NOTIFY_NSQ_NSQD_ADDRESS"
|
||||
EnvNSQTopic = "MINIO_NOTIFY_NSQ_TOPIC"
|
||||
EnvNSQTLS = "MINIO_NOTIFY_NSQ_TLS"
|
||||
|
@ -95,7 +95,7 @@ const (
|
||||
PostgresQueueDir = "queue_dir"
|
||||
PostgresQueueLimit = "queue_limit"
|
||||
|
||||
EnvPostgresState = "MINIO_NOTIFY_POSTGRES_STATE"
|
||||
EnvPostgresEnable = "MINIO_NOTIFY_POSTGRES_ENABLE"
|
||||
EnvPostgresFormat = "MINIO_NOTIFY_POSTGRES_FORMAT"
|
||||
EnvPostgresConnectionString = "MINIO_NOTIFY_POSTGRES_CONNECTION_STRING"
|
||||
EnvPostgresTable = "MINIO_NOTIFY_POSTGRES_TABLE"
|
||||
|
@ -41,7 +41,7 @@ const (
|
||||
RedisQueueDir = "queue_dir"
|
||||
RedisQueueLimit = "queue_limit"
|
||||
|
||||
EnvRedisState = "MINIO_NOTIFY_REDIS_STATE"
|
||||
EnvRedisEnable = "MINIO_NOTIFY_REDIS_ENABLE"
|
||||
EnvRedisFormat = "MINIO_NOTIFY_REDIS_FORMAT"
|
||||
EnvRedisAddress = "MINIO_NOTIFY_REDIS_ADDRESS"
|
||||
EnvRedisPassword = "MINIO_NOTIFY_REDIS_PASSWORD"
|
||||
|
@ -44,7 +44,7 @@ const (
|
||||
WebhookQueueDir = "queue_dir"
|
||||
WebhookQueueLimit = "queue_limit"
|
||||
|
||||
EnvWebhookState = "MINIO_NOTIFY_WEBHOOK_STATE"
|
||||
EnvWebhookEnable = "MINIO_NOTIFY_WEBHOOK_ENABLE"
|
||||
EnvWebhookEndpoint = "MINIO_NOTIFY_WEBHOOK_ENDPOINT"
|
||||
EnvWebhookAuthToken = "MINIO_NOTIFY_WEBHOOK_AUTH_TOKEN"
|
||||
EnvWebhookQueueDir = "MINIO_NOTIFY_WEBHOOK_QUEUE_DIR"
|
||||
|
@ -70,19 +70,19 @@ type Targets []Target
|
||||
|
||||
// Standard config keys and values.
|
||||
const (
|
||||
StateKey = "state"
|
||||
EnableKey = "enable"
|
||||
CommentKey = "comment"
|
||||
|
||||
// State values
|
||||
StateOn = "on"
|
||||
StateOff = "off"
|
||||
// Enable values
|
||||
EnableOn = "on"
|
||||
EnableOff = "off"
|
||||
)
|
||||
|
||||
func (kvs KVS) String() string {
|
||||
var s strings.Builder
|
||||
for _, kv := range kvs {
|
||||
// Do not need to print state which is on.
|
||||
if kv.Key == StateKey && kv.Value == StateOn {
|
||||
if kv.Key == EnableKey && kv.Value == EnableOn {
|
||||
continue
|
||||
}
|
||||
if kv.Key == CommentKey && kv.Value == "" {
|
||||
@ -90,7 +90,7 @@ func (kvs KVS) String() string {
|
||||
}
|
||||
s.WriteString(kv.Key)
|
||||
s.WriteString(KvSeparator)
|
||||
spc := hasSpace(kv.Value)
|
||||
spc := HasSpace(kv.Value)
|
||||
if spc {
|
||||
s.WriteString(KvDoubleQuote)
|
||||
}
|
||||
@ -108,7 +108,8 @@ func (t Targets) Count() int {
|
||||
return len(t)
|
||||
}
|
||||
|
||||
func hasSpace(s string) bool {
|
||||
// HasSpace - returns if given string has space.
|
||||
func HasSpace(s string) bool {
|
||||
for _, r := range s {
|
||||
if unicode.IsSpace(r) {
|
||||
return true
|
||||
@ -159,10 +160,12 @@ func (t *Targets) AddTarget(s string) error {
|
||||
if len(inputs) <= 1 {
|
||||
return fmt.Errorf("invalid number of arguments '%s'", s)
|
||||
}
|
||||
|
||||
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
|
||||
if len(subSystemValue) == 0 {
|
||||
return fmt.Errorf("invalid number of arguments %s", s)
|
||||
}
|
||||
|
||||
var kvs = KVS{}
|
||||
var prevK string
|
||||
for _, v := range strings.Fields(inputs[1]) {
|
||||
@ -187,11 +190,19 @@ func (t *Targets) AddTarget(s string) error {
|
||||
})
|
||||
}
|
||||
|
||||
for i := range *t {
|
||||
if (*t)[i].SubSystem == inputs[0] {
|
||||
(*t)[i] = Target{
|
||||
SubSystem: inputs[0],
|
||||
KVS: kvs,
|
||||
}
|
||||
return nil
|
||||
}
|
||||
}
|
||||
*t = append(*t, Target{
|
||||
SubSystem: inputs[0],
|
||||
KVS: kvs,
|
||||
})
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user