MyFavMirrors
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Final changes to config sub-system (#8600) 

- Introduces changes such as certain types of
  errors that can be ignored or which need to 
  go into safe mode.
- Update help text as per the review
This commit is contained in:
Harshavardhana 2019-12-04 15:32:37 -08:00 committed by kannappanr
parent 794eb54da8
commit c9940d8c3f
65 changed files with 605 additions and 1033 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
cmd/admin-handlers-config-kv.go
View File

@ -23,9 +23,17 @@ import (
"io"
"net/http"
"strconv"
"strings"
"github.com/gorilla/mux"
"github.com/minio/minio/cmd/config"
"github.com/minio/minio/cmd/config/cache"
"github.com/minio/minio/cmd/config/etcd"
xldap "github.com/minio/minio/cmd/config/identity/ldap"
"github.com/minio/minio/cmd/config/identity/openid"
"github.com/minio/minio/cmd/config/policy/opa"
"github.com/minio/minio/cmd/config/storageclass"
"github.com/minio/minio/cmd/crypto"
"github.com/minio/minio/cmd/logger"
iampolicy "github.com/minio/minio/pkg/iam/policy"
"github.com/minio/minio/pkg/madmin"
@ -417,15 +425,45 @@ func (a adminAPIHandlers) GetConfigHandler(w http.ResponseWriter, r *http.Reques
return
}
var buf = &bytes.Buffer{}
cw := config.NewConfigWriteTo(cfg, "")
if _, err = cw.WriteTo(buf); err != nil {
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return
var s strings.Builder
hkvs := config.HelpSubSysMap[""]
for _, hkv := range hkvs {
v := cfg[hkv.Key]
for target, kv := range v {
off := kv.Get(config.Enable) == config.EnableOff
switch hkv.Key {
case config.EtcdSubSys:
off = !etcd.Enabled(kv)
case config.CacheSubSys:
off = !cache.Enabled(kv)
case config.StorageClassSubSys:
off = !storageclass.Enabled(kv)
case config.KmsVaultSubSys:
off = !crypto.Enabled(kv)
case config.PolicyOPASubSys:
off = !opa.Enabled(kv)
case config.IdentityOpenIDSubSys:
off = !openid.Enabled(kv)
case config.IdentityLDAPSubSys:
off = !xldap.Enabled(kv)
}
if off {
s.WriteString(config.KvComment)
s.WriteString(config.KvSpaceSeparator)
}
s.WriteString(hkv.Key)
if target != config.Default {
s.WriteString(config.SubSystemSeparator)
s.WriteString(target)
}
s.WriteString(config.KvSpaceSeparator)
s.WriteString(kv.String())
s.WriteString(config.KvNewline)
}
}
password := globalActiveCred.SecretKey
econfigData, err := madmin.EncryptData(password, buf.Bytes())
econfigData, err := madmin.EncryptData(password, []byte(s.String()))
if err != nil {
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return

4
cmd/common-main.go
View File

@ -158,7 +158,7 @@ func handleCommonCmdArgs(ctx *cli.Context) {
func handleCommonEnvVars() {
var err error
globalBrowserEnabled, err = config.ParseBool(env.Get(config.EnvBrowser, config.StateOn))
globalBrowserEnabled, err = config.ParseBool(env.Get(config.EnvBrowser, config.EnableOn))
if err != nil {
logger.Fatal(config.ErrInvalidBrowserValue(err), "Invalid MINIO_BROWSER value in environment variable")
}
@ -202,7 +202,7 @@ func handleCommonEnvVars() {
// In place update is true by default if the MINIO_UPDATE is not set
// or is not set to 'off', if MINIO_UPDATE is set to 'off' then
// in-place update is off.
globalInplaceUpdateDisabled = strings.EqualFold(env.Get(config.EnvUpdate, config.StateOn), config.StateOff)
globalInplaceUpdateDisabled = strings.EqualFold(env.Get(config.EnvUpdate, config.EnableOn), config.EnableOff)
if env.IsSet(config.EnvAccessKey) || env.IsSet(config.EnvSecretKey) {
cred, err := auth.CreateCredentials(env.Get(config.EnvAccessKey, ""), env.Get(config.EnvSecretKey, ""))

115
cmd/config-current.go
View File

@ -18,6 +18,7 @@ package cmd
import (
"context"
"fmt"
"strings"
"sync"
@ -39,12 +40,11 @@ import (
"github.com/minio/minio/pkg/env"
)
func init() {
func initHelp() {
var kvs = map[string]config.KVS{
config.EtcdSubSys: etcd.DefaultKVS,
config.CacheSubSys: cache.DefaultKVS,
config.CompressionSubSys: compress.DefaultKVS,
config.StorageClassSubSys: storageclass.DefaultKVS,
config.IdentityLDAPSubSys: xldap.DefaultKVS,
config.IdentityOpenIDSubSys: openid.DefaultKVS,
config.PolicyOPASubSys: opa.DefaultKVS,
@ -57,115 +57,123 @@ func init() {
for k, v := range notify.DefaultNotificationKVS {
kvs[k] = v
}
if globalIsXL {
kvs[config.StorageClassSubSys] = storageclass.DefaultKVS
}
config.RegisterDefaultKVS(kvs)
// Captures help for each sub-system
var helpSubSys = config.HelpKVS{
config.HelpKV{
Key: config.RegionSubSys,
Description: "Configure to describe the physical location of the server",
},
config.HelpKV{
Key: config.StorageClassSubSys,
Description: "Configure to control data and parity per object",
Description: "label the location of the server",
},
config.HelpKV{
Key: config.CacheSubSys,
Description: "Configure to enable edge caching",
Description: "add caching storage tier",
},
config.HelpKV{
Key: config.CompressionSubSys,
Description: "Configure to enable streaming on disk compression",
Description: "enable server side compression of objects",
},
config.HelpKV{
Key: config.EtcdSubSys,
Description: "Configure to enable 'etcd' configuration",
Description: "federate multiple clusters for IAM and Bucket DNS",
},
config.HelpKV{
Key: config.IdentityOpenIDSubSys,
Description: "Configure to enable OpenID SSO support",
Description: "enable OpenID SSO support",
},
config.HelpKV{
Key: config.IdentityLDAPSubSys,
Description: "Configure to enable LDAP SSO support",
Description: "enable LDAP SSO support",
},
config.HelpKV{
Key: config.PolicyOPASubSys,
Description: "Configure to enable external OPA policy support",
Description: "enable external OPA for policy enforcement",
},
config.HelpKV{
Key: config.KmsVaultSubSys,
Description: "Configure to enable Vault based external KMS",
Description: "enable external HashiCorp Vault for KMS",
},
config.HelpKV{
Key: config.LoggerWebhookSubSys,
Description: "Configure to enable Webhook based logger",
Description: "send server logs to webhook endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.AuditWebhookSubSys,
Description: "Configure to enable Webhook based audit logger",
Description: "send audit logs to webhook endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyWebhookSubSys,
Description: "Configure to publish events to Webhook target",
Description: "publish bucket notifications to webhook endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyAMQPSubSys,
Description: "Configure to publish events to AMQP target",
Description: "publish bucket notifications to AMQP endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyKafkaSubSys,
Description: "Configure to publish events to Kafka target",
Description: "publish bucket notifications to Kafka endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyMQTTSubSys,
Description: "Configure to publish events to MQTT target",
Description: "publish bucket notifications to MQTT endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyNATSSubSys,
Description: "Configure to publish events to NATS target",
Description: "publish bucket notifications to NATS endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyNSQSubSys,
Description: "Configure to publish events to NSQ target",
Description: "publish bucket notifications to NSQ endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyMySQLSubSys,
Description: "Configure to publish events to MySQL target",
Description: "publish bucket notifications to MySQL endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyPostgresSubSys,
Description: "Configure to publish events to Postgres target",
Description: "publish bucket notifications to Postgres endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyRedisSubSys,
Description: "Configure to publish events to Redis target",
Description: "publish bucket notifications to Redis endpoints",
MultipleTargets: true,
},
config.HelpKV{
Key: config.NotifyESSubSys,
Description: "Configure to publish events to Elasticsearch target",
Description: "publish bucket notifications to Elasticsearch endpoints",
MultipleTargets: true,
},
}
if globalIsXL {
helpSubSys = append(helpSubSys, config.HelpKV{})
copy(helpSubSys[2:], helpSubSys[1:])
helpSubSys[1] = config.HelpKV{
Key: config.StorageClassSubSys,
Description: "define object level redundancy",
}
}
var helpMap = map[string]config.HelpKVS{
"": helpSubSys, // Help for all sub-systems.
config.RegionSubSys: config.RegionHelp,
config.StorageClassSubSys: storageclass.Help,
config.EtcdSubSys: etcd.Help,
config.CacheSubSys: cache.Help,
config.CompressionSubSys: compress.Help,
config.StorageClassSubSys: storageclass.Help,
config.IdentityOpenIDSubSys: openid.Help,
config.IdentityLDAPSubSys: xldap.Help,
config.PolicyOPASubSys: opa.Help,
@ -249,6 +257,9 @@ func validateConfig(s config.Config) error {
if _, err = crypto.NewKMS(kmsCfg); err != nil {
return err
}
// Disable merging env values for the rest.
env.SetEnvOff()
}
}
@ -279,18 +290,18 @@ func lookupConfigs(s config.Config) (err error) {
// Env doesn't seem to be set, we fallback to lookup creds from the config.
globalActiveCred, err = config.LookupCreds(s[config.CredentialsSubSys][config.Default])
if err != nil {
return config.Errorf("Invalid credentials configuration: %s", err)
return fmt.Errorf("Invalid credentials configuration: %w", err)
}
}
etcdCfg, err := xetcd.LookupConfig(s[config.EtcdSubSys][config.Default], globalRootCAs)
if err != nil {
return config.Errorf("Unable to initialize etcd config: %s", err)
return fmt.Errorf("Unable to initialize etcd config: %w", err)
}
globalEtcdClient, err = xetcd.New(etcdCfg)
if err != nil {
return config.Errorf("Unable to initialize etcd config: %s", err)
return fmt.Errorf("Unable to initialize etcd config: %w", err)
}
if len(globalDomainNames) != 0 && !globalDomainIPs.IsEmpty() && globalEtcdClient != nil {
@ -301,51 +312,51 @@ func lookupConfigs(s config.Config) (err error) {
dns.CoreDNSPath(etcdCfg.CoreDNSPath),
)
if err != nil {
return config.Errorf("Unable to initialize DNS config for %s: %s", globalDomainNames, err)
return config.Errorf(config.SafeModeKind,
"Unable to initialize DNS config for %s: %s", globalDomainNames, err)
}
}
globalServerRegion, err = config.LookupRegion(s[config.RegionSubSys][config.Default])
if err != nil {
return config.Errorf("Invalid region configuration: %s", err)
return fmt.Errorf("Invalid region configuration: %w", err)
}
globalWORMEnabled, err = config.LookupWorm()
if err != nil {
return config.Errorf("Invalid worm configuration: %s", err)
return fmt.Errorf("Invalid worm configuration: %w", err)
}
if globalIsXL {
globalStorageClass, err = storageclass.LookupConfig(s[config.StorageClassSubSys][config.Default],
globalXLSetDriveCount)
if err != nil {
return config.Errorf("Unable to initialize storage class config: %s", err)
return fmt.Errorf("Unable to initialize storage class config: %w", err)
}
}
globalCacheConfig, err = cache.LookupConfig(s[config.CacheSubSys][config.Default])
if err != nil {
return config.Errorf("Unable to setup cache: %s", err)
return fmt.Errorf("Unable to setup cache: %w", err)
}
if globalCacheConfig.Enabled {
if cacheEncKey := env.Get(cache.EnvCacheEncryptionMasterKey, ""); cacheEncKey != "" {
globalCacheKMS, err = crypto.ParseMasterKey(cacheEncKey)
if err != nil {
return config.Errorf("Unable to setup encryption cache: %s", err)
return fmt.Errorf("Unable to setup encryption cache: %w", err)
}
}
}
kmsCfg, err := crypto.LookupConfig(s[config.KmsVaultSubSys][config.Default])
if err != nil {
return config.Errorf("Unable to setup KMS config: %s", err)
return fmt.Errorf("Unable to setup KMS config: %w", err)
}
GlobalKMS, err = crypto.NewKMS(kmsCfg)
if err != nil {
return config.Errorf("Unable to setup KMS with current KMS config: %s", err)
return fmt.Errorf("Unable to setup KMS with current KMS config: %w", err)
}
// Enable auto-encryption if enabled
@ -353,19 +364,19 @@ func lookupConfigs(s config.Config) (err error) {
globalCompressConfig, err = compress.LookupConfig(s[config.CompressionSubSys][config.Default])
if err != nil {
return config.Errorf("Unable to setup Compression: %s", err)
return fmt.Errorf("Unable to setup Compression: %w", err)
}
globalOpenIDConfig, err = openid.LookupConfig(s[config.IdentityOpenIDSubSys][config.Default],
NewCustomHTTPTransport(), xhttp.DrainBody)
if err != nil {
return config.Errorf("Unable to initialize OpenID: %s", err)
return fmt.Errorf("Unable to initialize OpenID: %w", err)
}
opaCfg, err := opa.LookupConfig(s[config.PolicyOPASubSys][config.Default],
NewCustomHTTPTransport(), xhttp.DrainBody)
if err != nil {
return config.Errorf("Unable to initialize OPA: %s", err)
return fmt.Errorf("Unable to initialize OPA: %w", err)
}
globalOpenIDValidators = getOpenIDValidators(globalOpenIDConfig)
@ -374,7 +385,7 @@ func lookupConfigs(s config.Config) (err error) {
globalLDAPConfig, err = xldap.Lookup(s[config.IdentityLDAPSubSys][config.Default],
globalRootCAs)
if err != nil {
return config.Errorf("Unable to parse LDAP configuration: %s", err)
return fmt.Errorf("Unable to parse LDAP configuration: %w", err)
}
// Load logger targets based on user's configuration
@ -382,7 +393,7 @@ func lookupConfigs(s config.Config) (err error) {
loggerCfg, err := logger.LookupConfig(s)
if err != nil {
return config.Errorf("Unable to initialize logger: %s", err)
return fmt.Errorf("Unable to initialize logger: %w", err)
}
for _, l := range loggerCfg.HTTP {
@ -420,24 +431,32 @@ func GetHelp(subSys, key string, envOnly bool) (Help, error) {
}
subSystemValue := strings.SplitN(subSys, config.SubSystemSeparator, 2)
if len(subSystemValue) == 0 {
return Help{}, config.Errorf("invalid number of arguments %s", subSys)
return Help{}, config.Errorf(
config.SafeModeKind,
"invalid number of arguments %s", subSys)
}
subSys = subSystemValue[0]
subSysHelp, ok := config.HelpSubSysMap[""].Lookup(subSys)
if !ok {
return Help{}, config.Errorf("unknown sub-system %s", subSys)
return Help{}, config.Errorf(
config.SafeModeKind,
"unknown sub-system %s", subSys)
}
h, ok := config.HelpSubSysMap[subSys]
if !ok {
return Help{}, config.Errorf("unknown sub-system %s", subSys)
return Help{}, config.Errorf(
config.SafeModeKind,
"unknown sub-system %s", subSys)
}
if key != "" {
value, ok := h.Lookup(key)
if !ok {
return Help{}, config.Errorf("unknown key %s for sub-system %s", key, subSys)
return Help{}, config.Errorf(
config.SafeModeKind,
"unknown key %s for sub-system %s", key, subSys)
}
h = config.HelpKVS{value}
}

20
cmd/config/cache/help.go vendored
View File

@ -23,30 +23,30 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: Drives,
Description: `List of mounted drives or directories delimited by ","`,
Type: "csv",
},
config.HelpKV{
Key: Exclude,
Description: `List of wildcard based cache exclusion patterns delimited by ","`,
Optional: true,
Description: `comma separated mountpoints e.g. "/optane1,/optane2"`,
Type: "csv",
},
config.HelpKV{
Key: Expiry,
Description: `Cache expiry duration in days. eg: "90"`,
Description: `cache expiry duration in days e.g. "90"`,
Optional: true,
Type: "number",
},
config.HelpKV{
Key: Quota,
Description: `Maximum permitted usage of the cache in percentage (0-100)`,
Description: `limit cache drive usage in percentage e.g. "90"`,
Optional: true,
Type: "number",
},
config.HelpKV{
Key: Exclude,
Description: `comma separated wildcard exclusion patterns e.g. "bucket/*.tmp,*.exe"`,
Optional: true,
Type: "csv",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the 'cache' settings",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},

4
cmd/config/cache/legacy.go vendored
View File

@ -34,10 +34,6 @@ func SetCacheConfig(s config.Config, cfg Config) {
return
}
s[config.CacheSubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
},
config.KV{
Key: Drives,
Value: strings.Join(cfg.Drives, cacheDelimiter),

34
cmd/config/cache/lookup.go vendored
View File

@ -32,7 +32,6 @@ const (
MaxUse = "maxuse"
Quota = "quota"
EnvCacheState = "MINIO_CACHE_STATE"
EnvCacheDrives = "MINIO_CACHE_DRIVES"
EnvCacheExclude = "MINIO_CACHE_EXCLUDE"
EnvCacheExpiry = "MINIO_CACHE_EXPIRY"
@ -47,10 +46,6 @@ const (
// DefaultKVS - default KV settings for caching.
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: Drives,
Value: "",
@ -74,6 +69,12 @@ const (
cacheDelimiter = ","
)
// Enabled returns if cache is enabled.
func Enabled(kvs config.KVS) bool {
drives := kvs.Get(Drives)
return drives != ""
}
// LookupConfig - extracts cache configuration provided by environment
// variables and merge them with provided CacheConfiguration.
func LookupConfig(kvs config.KVS) (Config, error) {
@ -84,28 +85,7 @@ func LookupConfig(kvs config.KVS) (Config, error) {
}
drives := env.Get(EnvCacheDrives, kvs.Get(Drives))
if len(drives) > 0 {
// Drives is not-empty means user wishes to enable this explicitly, but
// check if ENV is set to false to disable caching.
stateBool, err := config.ParseBool(env.Get(EnvCacheState, config.StateOn))
if err != nil {
return cfg, err
}
if !stateBool {
return cfg, nil
}
} else {
// Check if cache is explicitly disabled
stateBool, err := config.ParseBool(env.Get(EnvCacheState, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return cfg, nil
}
return cfg, err
}
if stateBool {
return cfg, config.Error("'drives' key cannot be empty to enable caching")
}
if len(drives) == 0 {
return cfg, nil
}

8
cmd/config/compress/compress.go
View File

@ -36,7 +36,7 @@ const (
Extensions = "extensions"
MimeTypes = "mime_types"
EnvCompressState = "MINIO_COMPRESS_STATE"
EnvCompressState = "MINIO_COMPRESS_ENABLE"
EnvCompressExtensions = "MINIO_COMPRESS_EXTENSIONS"
EnvCompressMimeTypes = "MINIO_COMPRESS_MIME_TYPES"
@ -49,8 +49,8 @@ const (
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: Extensions,
@ -87,7 +87,7 @@ func LookupConfig(kvs config.KVS) (Config, error) {
compress := env.Get(EnvCompress, "")
if compress == "" {
compress = env.Get(EnvCompressState, kvs.Get(config.State))
compress = env.Get(EnvCompressState, kvs.Get(config.Enable))
}
cfg.Enabled, err = config.ParseBool(compress)
if err != nil {

6
cmd/config/compress/help.go
View File

@ -23,19 +23,19 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: Extensions,
Description: `Comma separated file extensions to compress eg: ".txt,.log,.csv"`,
Description: `comma separated file extensions e.g. ".txt,.log,.csv"`,
Optional: true,
Type: "csv",
},
config.HelpKV{
Key: MimeTypes,
Description: `Comma separate wildcard mime-types to compress eg: "text/*,application/json,application/xml"`,
Description: `comma separated wildcard mime-types e.g. "text/*,application/json,application/xml"`,
Optional: true,
Type: "csv",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the compression setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},

4
cmd/config/compress/legacy.go
View File

@ -36,8 +36,8 @@ func SetCompressionConfig(s config.Config, cfg Config) {
}
s[config.CompressionSubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: Extensions,

165
cmd/config/config.go
View File

@ -31,27 +31,39 @@ import (
)
// Error config error type
type Error string
type Error struct {
Kind ErrorKind
Err string
}
// ErrorKind config error kind
type ErrorKind int8
// Various error kinds.
const (
ContinueKind ErrorKind = iota + 1
SafeModeKind
)
// Errorf - formats according to a format specifier and returns
// the string as a value that satisfies error of type config.Error
func Errorf(format string, a ...interface{}) error {
return Error(fmt.Sprintf(format, a...))
func Errorf(errKind ErrorKind, format string, a ...interface{}) error {
return Error{Kind: errKind, Err: fmt.Sprintf(format, a...)}
}
func (e Error) Error() string {
return string(e)
return e.Err
}
// Default keys
const (
Default = madmin.Default
State = madmin.StateKey
Enable = madmin.EnableKey
Comment = madmin.CommentKey
// State values
StateOn = madmin.StateOn
StateOff = madmin.StateOff
// Enable values
EnableOn = madmin.EnableOn
EnableOff = madmin.EnableOff
RegionName = "name"
AccessKey = "access_key"
@ -67,7 +79,7 @@ const (
CacheSubSys = "cache"
RegionSubSys = "region"
EtcdSubSys = "etcd"
StorageClassSubSys = "storageclass"
StorageClassSubSys = "storage_class"
CompressionSubSys = "compression"
KmsVaultSubSys = "kms_vault"
LoggerWebhookSubSys = "logger_webhook"
@ -195,19 +207,41 @@ func (kvs KVS) String() string {
var s strings.Builder
for _, kv := range kvs {
// Do not need to print if state is on
if kv.Key == State && kv.Value == StateOn {
if kv.Key == Enable && kv.Value == EnableOn {
continue
}
s.WriteString(kv.Key)
s.WriteString(KvSeparator)
s.WriteString(KvDoubleQuote)
spc := madmin.HasSpace(kv.Value)
if spc {
s.WriteString(KvDoubleQuote)
}
s.WriteString(kv.Value)
s.WriteString(KvDoubleQuote)
if spc {
s.WriteString(KvDoubleQuote)
}
s.WriteString(KvSpaceSeparator)
}
return s.String()
}
// Set sets a value, if not sets a default value.
func (kvs *KVS) Set(key, value string) {
for i, kv := range *kvs {
if kv.Key == key {
(*kvs)[i] = KV{
Key: key,
Value: value,
}
return
}
}
*kvs = append(*kvs, KV{
Key: key,
Value: value,
})
}
// Get - returns the value of a key, if not found returns empty.
func (kvs KVS) Get(key string) string {
v, ok := kvs.Lookup(key)
@ -230,25 +264,6 @@ func (kvs KVS) Lookup(key string) (string, bool) {
// Config - MinIO server config structure.
type Config map[string]map[string]KVS
func (c Config) String() string {
var s strings.Builder
hkvs := HelpSubSysMap[""]
for _, hkv := range hkvs {
v := c[hkv.Key]
for target, kv := range v {
s.WriteString(hkv.Key)
if target != Default {
s.WriteString(SubSystemSeparator)
s.WriteString(target)
}
s.WriteString(KvSpaceSeparator)
s.WriteString(kv.String())
s.WriteString(KvNewline)
}
}
return s.String()
}
// DelFrom - deletes all keys in the input reader.
func (c Config) DelFrom(r io.Reader) error {
scanner := bufio.NewScanner(r)
@ -303,10 +318,6 @@ func NewConfigWriteTo(cfg Config, key string) io.WriterTo {
// WriteTo - implements io.WriterTo interface implementation for config.
func (c *configWriteTo) WriteTo(w io.Writer) (int64, error) {
if c.filterByKey == "" {
n, err := w.Write([]byte(c.String()))
return int64(n), err
}
kvs, err := c.GetKVS(c.filterByKey, DefaultKVS)
if err != nil {
return 0, err
@ -329,10 +340,6 @@ func (c *configWriteTo) WriteTo(w io.Writer) (int64, error) {
// Default KV configs for worm and region
var (
DefaultCredentialKVS = KVS{
KV{
Key: State,
Value: StateOff,
},
KV{
Key: AccessKey,
Value: auth.DefaultAccessKey,
@ -344,10 +351,6 @@ var (
}
DefaultRegionKVS = KVS{
KV{
Key: State,
Value: StateOff,
},
KV{
Key: RegionName,
Value: "",
@ -384,7 +387,8 @@ func LookupRegion(kv KVS) (string, error) {
if validRegionRegex.MatchString(region) {
return region, nil
}
return "", Errorf("region '%s' is invalid, expected simple characters such as [us-east-1, myregion...]",
return "", Errorf(SafeModeKind,
"region '%s' is invalid, expected simple characters such as [us-east-1, myregion...]",
region)
}
return "", nil
@ -400,14 +404,16 @@ func CheckValidKeys(subSys string, kv KVS, validKVS KVS) error {
}
}
if len(nkv) > 0 {
return Errorf("found invalid keys (%s) for '%s' sub-system", nkv.String(), subSys)
return Errorf(
ContinueKind,
"found invalid keys (%s) for '%s' sub-system, use 'mc admin config reset myminio %s' to fix invalid keys", nkv.String(), subSys, subSys)
}
return nil
}
// LookupWorm - check if worm is enabled
func LookupWorm() (bool, error) {
return ParseBool(env.Get(EnvWorm, StateOff))
return ParseBool(env.Get(EnvWorm, EnableOff))
}
// New - initialize a new server config.
@ -423,15 +429,15 @@ func New() Config {
// GetKVS - get kvs from specific subsystem.
func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, error) {
if len(s) == 0 {
return nil, Error("input cannot be empty")
return nil, Errorf(SafeModeKind, "input cannot be empty")
}
inputs := strings.Fields(s)
if len(inputs) > 1 {
return nil, Errorf("invalid number of arguments %s", s)
return nil, Errorf(SafeModeKind, "invalid number of arguments %s", s)
}
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
if len(subSystemValue) == 0 {
return nil, Errorf("invalid number of arguments %s", s)
return nil, Errorf(SafeModeKind, "invalid number of arguments %s", s)
}
found := SubSystems.Contains(subSystemValue[0])
if !found {
@ -440,7 +446,7 @@ func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, err
found = !SubSystems.FuncMatch(strings.HasPrefix, subSystemValue[0]).IsEmpty() && len(subSystemValue) == 1
}
if !found {
return nil, Errorf("unknown sub-system %s", s)
return nil, Errorf(SafeModeKind, "unknown sub-system %s", s)
}
kvs := make(map[string]KVS)
@ -448,11 +454,11 @@ func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, err
subSysPrefix := subSystemValue[0]
if len(subSystemValue) == 2 {
if len(subSystemValue[1]) == 0 {
return nil, Errorf("sub-system target '%s' cannot be empty", s)
return nil, Errorf(SafeModeKind, "sub-system target '%s' cannot be empty", s)
}
kvs[inputs[0]], ok = c[subSysPrefix][subSystemValue[1]]
if !ok {
return nil, Errorf("sub-system target '%s' doesn't exist", s)
return nil, Errorf(SafeModeKind, "sub-system target '%s' doesn't exist", s)
}
} else {
for subSys, subSysTgts := range c {
@ -478,30 +484,32 @@ func (c Config) GetKVS(s string, defaultKVS map[string]KVS) (map[string]KVS, err
// DelKVS - delete a specific key.
func (c Config) DelKVS(s string) error {
if len(s) == 0 {
return Error("input arguments cannot be empty")
return Errorf(SafeModeKind, "input arguments cannot be empty")
}
inputs := strings.Fields(s)
if len(inputs) > 1 {
return Errorf("invalid number of arguments %s", s)
return Errorf(SafeModeKind, "invalid number of arguments %s", s)
}
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
if len(subSystemValue) == 0 {
return Errorf("invalid number of arguments %s", s)
return Errorf(SafeModeKind, "invalid number of arguments %s", s)
}
if !SubSystems.Contains(subSystemValue[0]) {
return Errorf("unknown sub-system %s", s)
// Unknown sub-system found try to remove it anyways.
delete(c, subSystemValue[0])
return nil
}
tgt := Default
subSys := subSystemValue[0]
if len(subSystemValue) == 2 {
if len(subSystemValue[1]) == 0 {
return Errorf("sub-system target '%s' cannot be empty", s)
return Errorf(SafeModeKind, "sub-system target '%s' cannot be empty", s)
}
tgt = subSystemValue[1]
}
_, ok := c[subSys][tgt]
if !ok {
return Errorf("sub-system %s already deleted", s)
return Errorf(SafeModeKind, "sub-system %s already deleted", s)
}
delete(c[subSys], tgt)
return nil
@ -522,23 +530,23 @@ func (c Config) Clone() Config {
// SetKVS - set specific key values per sub-system.
func (c Config) SetKVS(s string, defaultKVS map[string]KVS) error {
if len(s) == 0 {
return Error("input arguments cannot be empty")
return Errorf(SafeModeKind, "input arguments cannot be empty")
}
inputs := strings.SplitN(s, KvSpaceSeparator, 2)
if len(inputs) <= 1 {
return Errorf("invalid number of arguments '%s'", s)
return Errorf(SafeModeKind, "invalid number of arguments '%s'", s)
}
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
if len(subSystemValue) == 0 {
return Errorf("invalid number of arguments %s", s)
return Errorf(SafeModeKind, "invalid number of arguments %s", s)
}
if !SubSystems.Contains(subSystemValue[0]) {
return Errorf("unknown sub-system %s", s)
return Errorf(SafeModeKind, "unknown sub-system %s", s)
}
if SubSystemsSingleTargets.Contains(subSystemValue[0]) && len(subSystemValue) == 2 {
return Errorf("sub-system '%s' only supports single target", subSystemValue[0])
return Errorf(SafeModeKind, "sub-system '%s' only supports single target", subSystemValue[0])
}
var kvs = KVS{}
@ -559,7 +567,7 @@ func (c Config) SetKVS(s string, defaultKVS map[string]KVS) error {
continue
}
if len(kv) == 1 {
return Errorf("key '%s', cannot have empty value", kv[0])
return Errorf(SafeModeKind, "key '%s', cannot have empty value", kv[0])
}
prevK = kv[0]
kvs = append(kvs, KV{
@ -574,21 +582,30 @@ func (c Config) SetKVS(s string, defaultKVS map[string]KVS) error {
tgt = subSystemValue[1]
}
// Save client sent kvs
c[subSys][tgt] = kvs
_, ok := c[subSys][tgt].Lookup(State)
if !ok {
_, ok := kvs.Lookup(Enable)
// Check if state is required
_, defaultOk := defaultKVS[subSys].Lookup(Enable)
if !ok && defaultOk {
// implicit state "on" if not specified.
c[subSys][tgt] = append(c[subSys][tgt], KV{
Key: State,
Value: StateOn,
kvs = append(kvs, KV{
Key: Enable,
Value: EnableOn,
})
}
for _, kv := range defaultKVS[subSys] {
_, ok := c[subSys][tgt].Lookup(kv.Key)
currKVS := c[subSys][tgt]
for _, kv := range kvs {
currKVS.Set(kv.Key, kv.Value)
}
for _, defaultKV := range defaultKVS[subSys] {
_, ok := c[subSys][tgt].Lookup(defaultKV.Key)
if !ok {
c[subSys][tgt] = append(c[subSys][tgt], kv)
currKVS.Set(defaultKV.Key, defaultKV.Value)
}
}
copy(c[subSys][tgt], currKVS)
return nil
}

0
cmd/config/errors-utls.go → cmd/config/errors-utils.go
View File

73
cmd/config/etcd/etcd.go
View File

@ -19,7 +19,6 @@ package etcd
import (
"crypto/tls"
"crypto/x509"
"fmt"
"strings"
"time"
@ -44,7 +43,6 @@ const (
ClientCert = "client_cert"
ClientCertKey = "client_cert_key"
EnvEtcdState = "MINIO_ETCD_STATE"
EnvEtcdEndpoints = "MINIO_ETCD_ENDPOINTS"
EnvEtcdPathPrefix = "MINIO_ETCD_PATH_PREFIX"
EnvEtcdCoreDNSPath = "MINIO_ETCD_COREDNS_PATH"
@ -55,10 +53,6 @@ const (
// DefaultKVS - default KV settings for etcd.
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: Endpoints,
Value: "",
@ -115,7 +109,8 @@ func parseEndpoints(endpoints string) ([]string, bool, error) {
return nil, false, err
}
if etcdSecure && u.Scheme == "http" {
return nil, false, fmt.Errorf("all endpoints should be https or http: %s", endpoint)
return nil, false, config.Errorf(config.SafeModeKind,
"all endpoints should be https or http: %s", endpoint)
}
// If one of the endpoint is https, we will use https directly.
etcdSecure = etcdSecure || u.Scheme == "https"
@ -124,39 +119,10 @@ func parseEndpoints(endpoints string) ([]string, bool, error) {
return etcdEndpoints, etcdSecure, nil
}
func lookupLegacyConfig(rootCAs *x509.CertPool) (Config, error) {
cfg := Config{}
endpoints := env.Get(EnvEtcdEndpoints, "")
if endpoints == "" {
return cfg, nil
}
etcdEndpoints, etcdSecure, err := parseEndpoints(endpoints)
if err != nil {
return cfg, err
}
cfg.Enabled = true
cfg.DialTimeout = defaultDialTimeout
cfg.DialKeepAliveTime = defaultDialKeepAlive
cfg.Endpoints = etcdEndpoints
cfg.CoreDNSPath = env.Get(EnvEtcdCoreDNSPath, "/skydns")
// Default path prefix for all keys on etcd, other than CoreDNSPath.
cfg.PathPrefix = env.Get(EnvEtcdPathPrefix, "")
if etcdSecure {
cfg.TLS = &tls.Config{
RootCAs: rootCAs,
}
// This is only to support client side certificate authentication
// https://coreos.com/etcd/docs/latest/op-guide/security.html
etcdClientCertFile := env.Get(EnvEtcdClientCert, "")
etcdClientCertKey := env.Get(EnvEtcdClientCertKey, "")
if etcdClientCertFile != "" && etcdClientCertKey != "" {
cfg.TLS.GetClientCertificate = func(unused *tls.CertificateRequestInfo) (*tls.Certificate, error) {
cert, err := tls.LoadX509KeyPair(etcdClientCertFile, etcdClientCertKey)
return &cert, err
}
}
}
return cfg, nil
// Enabled returns if etcd is enabled.
func Enabled(kvs config.KVS) bool {
endpoints := kvs.Get(Endpoints)
return endpoints != ""
}
// LookupConfig - Initialize new etcd config.
@ -166,34 +132,9 @@ func LookupConfig(kvs config.KVS, rootCAs *x509.CertPool) (Config, error) {
return cfg, err
}
if env.Get(EnvEtcdEndpoints, "") != "" && env.Get(EnvEtcdState, "") == "" {
// By default state is 'on' to honor legacy config.
var err error
cfg, err = lookupLegacyConfig(rootCAs)
if err != nil {
return cfg, err
}
// If old legacy config is enabled honor it.
if cfg.Enabled {
return cfg, nil
}
}
stateBool, err := config.ParseBool(env.Get(EnvEtcdState, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return cfg, nil
}
return cfg, err
}
if !stateBool {
return cfg, nil
}
endpoints := env.Get(EnvEtcdEndpoints, kvs.Get(Endpoints))
if endpoints == "" {
return cfg, config.Error("'endpoints' key cannot be empty to enable etcd")
return cfg, nil
}
etcdEndpoints, etcdSecure, err := parseEndpoints(endpoints)

13
cmd/config/etcd/help.go
View File

@ -23,35 +23,36 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: Endpoints,
Description: `Comma separated list of etcd endpoints eg: "http://localhost:2379"`,
Description: `comma separated list of etcd endpoints e.g. "http://localhost:2379"`,
Type: "csv",
},
config.HelpKV{
Key: PathPrefix,
Description: `Default etcd path prefix to populate all IAM assets eg: "customer/"`,
Description: `default etcd path prefix to populate all IAM assets eg: "customer/"`,
Optional: true,
Type: "path",
},
config.HelpKV{
Key: CoreDNSPath,
Description: `Default etcd path location to populate bucket DNS srv records eg: "/skydns"`,
Description: `default etcd path location to populate bucket DNS srv records eg: "/skydns"`,
Optional: true,
Type: "path",
},
config.HelpKV{
Key: ClientCert,
Description: `Etcd client cert for mTLS authentication`,
Description: `client cert for mTLS authentication`,
Optional: true,
Type: "path",
},
config.HelpKV{
Key: ClientCertKey,
Description: `Etcd client cert key for mTLS authentication`,
Description: `client cert key for mTLS authentication`,
Optional: true,
Type: "path",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the etcd settings",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},

7
cmd/config/help.go
View File

@ -41,19 +41,22 @@ func (hkvs HelpKVS) Lookup(key string) (HelpKV, bool) {
return HelpKV{}, false
}
// DefaultComment used across all sub-systems.
const DefaultComment = "optionally add a comment to this setting"
// Region and Worm help is documented in default config
var (
RegionHelp = HelpKVS{
HelpKV{
Key: RegionName,
Type: "string",
Description: `Region name of this deployment, eg: "us-west-2"`,
Description: `name of the location of the server e.g. "us-west-rack2"`,
Optional: true,
},
HelpKV{
Key: Comment,
Type: "sentence",
Description: "A comment to describe the region setting",
Description: DefaultComment,
Optional: true,
},
}

24
cmd/config/identity/ldap/config.go
View File

@ -65,7 +65,6 @@ const (
GroupSearchBaseDN = "group_search_base_dn"
TLSSkipVerify = "tls_skip_verify"
EnvLDAPState = "MINIO_IDENTITY_LDAP_STATE"
EnvServerAddr = "MINIO_IDENTITY_LDAP_SERVER_ADDR"
EnvSTSExpiry = "MINIO_IDENTITY_LDAP_STS_EXPIRY"
EnvTLSSkipVerify = "MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY"
@ -78,10 +77,6 @@ const (
// DefaultKVS - default config for LDAP config
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: ServerAddr,
Value: "",
@ -108,7 +103,7 @@ var (
},
config.KV{
Key: TLSSkipVerify,
Value: config.StateOff,
Value: config.EnableOff,
},
}
)
@ -130,25 +125,18 @@ func (l Config) GetExpiryDuration() time.Duration {
return l.stsExpiryDuration
}
// Enabled returns if jwks is enabled.
func Enabled(kvs config.KVS) bool {
return kvs.Get(ServerAddr) != ""
}
// Lookup - initializes LDAP config, overrides config, if any ENV values are set.
func Lookup(kvs config.KVS, rootCAs *x509.CertPool) (l Config, err error) {
l = Config{}
if err = config.CheckValidKeys(config.IdentityLDAPSubSys, kvs, DefaultKVS); err != nil {
return l, err
}
stateBool, err := config.ParseBool(env.Get(EnvLDAPState, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return l, nil
}
return l, err
}
ldapServer := env.Get(EnvServerAddr, kvs.Get(ServerAddr))
if stateBool {
if ldapServer == "" {
return l, config.Error("'serveraddr' cannot be empty if you wish to enable AD/LDAP support")
}
}
if ldapServer == "" {
return l, nil
}

16
cmd/config/identity/ldap/help.go
View File

@ -23,47 +23,47 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: ServerAddr,
Description: `AD/LDAP server address eg: "myldapserver.com:636"`,
Description: `AD/LDAP server address e.g. "myldapserver.com:636"`,
Type: "address",
},
config.HelpKV{
Key: UsernameFormat,
Description: `AD/LDAP format of full username DN eg: "uid={username},cn=accounts,dc=myldapserver,dc=com"`,
Description: `AD/LDAP format of full username DN e.g. "uid={username},cn=accounts,dc=myldapserver,dc=com"`,
Type: "string",
},
config.HelpKV{
Key: GroupSearchFilter,
Description: `Search filter to find groups of a user (optional) eg: "(&(objectclass=groupOfNames)(member={usernamedn}))"`,
Description: `search filter to find groups of a user (optional) e.g. "(&(objectclass=groupOfNames)(member={usernamedn}))"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: GroupNameAttribute,
Description: `Attribute of search results to use as group name (optional) eg: "cn"`,
Description: `attribute of search results to use as group name (optional) e.g. "cn"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: GroupSearchBaseDN,
Description: `Base DN in AD/LDAP hierarchy to use in search requests (optional) eg: "dc=myldapserver,dc=com"`,
Description: `base DN in AD/LDAP hierarchy to use in search requests (optional) e.g. "dc=myldapserver,dc=com"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: STSExpiry,
Description: `AD/LDAP STS credentials validity duration eg: "1h"`,
Description: `AD/LDAP STS credentials validity duration e.g. "1h"`,
Optional: true,
Type: "duration",
},
config.HelpKV{
Key: TLSSkipVerify,
Description: "Set this to 'on', to disable client verification of server certificates",
Description: "enable this to disable client verification of server certificates",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the LDAP/AD identity setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},

4
cmd/config/identity/ldap/legacy.go
View File

@ -25,10 +25,6 @@ func SetIdentityLDAP(s config.Config, ldapArgs Config) {
return
}
s[config.IdentityLDAPSubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
},
config.KV{
Key: ServerAddr,
Value: ldapArgs.ServerAddr,

8
cmd/config/identity/openid/help.go
View File

@ -23,24 +23,24 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: ConfigURL,
Description: `OpenID discovery documented endpoint. eg: "https://accounts.google.com/.well-known/openid-configuration"`,
Description: `openid discovery document e.g. "https://accounts.google.com/.well-known/openid-configuration"`,
Type: "url",
},
config.HelpKV{
Key: ClientID,
Description: `The client identifier of the authenticating party at the identity provider`,
Description: `client identifier of the authenticating party at the identity provider`,
Type: "string",
Optional: true,
},
config.HelpKV{
Key: ClaimPrefix,
Description: `OpenID JWT claim namespace prefix. eg: "customer"`,
Description: `openid JWT claim namespace prefix e.g. "customer"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the OpenID identity setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},

24
cmd/config/identity/openid/jwt.go
View File

@ -212,7 +212,6 @@ const (
ClaimPrefix = "claim_prefix"
ClientID = "client_id"
EnvIdentityOpenIDState = "MINIO_IDENTITY_OPENID_STATE"
EnvIdentityOpenIDClientID = "MINIO_IDENTITY_OPENID_CLIENT_ID"
EnvIdentityOpenIDJWKSURL = "MINIO_IDENTITY_OPENID_JWKS_URL"
EnvIdentityOpenIDURL = "MINIO_IDENTITY_OPENID_CONFIG_URL"
@ -264,10 +263,6 @@ func parseDiscoveryDoc(u *xnet.URL, transport *http.Transport, closeRespFn func(
// DefaultKVS - default config for OpenID config
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: ConfigURL,
Value: "",
@ -287,20 +282,17 @@ var (
}
)
// Enabled returns if jwks is enabled.
func Enabled(kvs config.KVS) bool {
return kvs.Get(JwksURL) != ""
}
// LookupConfig lookup jwks from config, override with any ENVs.
func LookupConfig(kvs config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (c Config, err error) {
if err = config.CheckValidKeys(config.IdentityOpenIDSubSys, kvs, DefaultKVS); err != nil {
return c, err
}
stateBool, err := config.ParseBool(env.Get(EnvIdentityOpenIDState, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return c, nil
}
return c, err
}
jwksURL := env.Get(EnvIamJwksURL, "") // Legacy
if jwksURL == "" {
jwksURL = env.Get(EnvIdentityOpenIDJWKSURL, kvs.Get(JwksURL))
@ -330,12 +322,6 @@ func LookupConfig(kvs config.KVS, transport *http.Transport, closeRespFn func(io
jwksURL = c.DiscoveryDoc.JwksURI
}
if stateBool {
// This check is needed to ensure that empty Jwks urls are not allowed.
if jwksURL == "" {
return c, config.Error("'config_url' must be set to a proper OpenID discovery document URL")
}
}
if jwksURL == "" {
return c, nil
}

4
cmd/config/identity/openid/legacy.go
View File

@ -30,10 +30,6 @@ func SetIdentityOpenID(s config.Config, cfg Config) {
return
}
s[config.IdentityOpenIDSubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
},
config.KV{
Key: JwksURL,
Value: cfg.JWKS.URL.String(),

8
cmd/config/legacy.go
View File

@ -31,10 +31,6 @@ func SetCredentials(c Config, cred auth.Credentials) {
return
}
c[CredentialsSubSys][Default] = KVS{
KV{
Key: State,
Value: StateOn,
},
KV{
Key: AccessKey,
Value: cred.AccessKey,
@ -56,9 +52,5 @@ func SetRegion(c Config, name string) {
Key: RegionName,
Value: name,
},
KV{
Key: State,
Value: StateOn,
},
}
}

198
cmd/config/notify/help.go
View File

@ -26,78 +26,78 @@ var (
HelpAMQP = config.HelpKVS{
config.HelpKV{
Key: target.AmqpURL,
Description: "AMQP server endpoint, e.g. `amqp://myuser:mypassword@localhost:5672`",
Description: "AMQP server endpoint e.g. `amqp://myuser:mypassword@localhost:5672`",
Type: "url",
},
config.HelpKV{
Key: target.AmqpExchange,
Description: "Name of the AMQP exchange",
Description: "name of the AMQP exchange",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.AmqpExchangeType,
Description: "Kind of AMQP exchange type",
Description: "kind of AMQP exchange type",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.AmqpRoutingKey,
Description: "Routing key for publishing",
Description: "routing key for publishing",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.AmqpMandatory,
Description: "Set this to 'on' for server to return an unroutable message with a Return method. If this flag is 'off', the server silently drops the message",
Description: "set this to 'on' for server to return an unroutable message with a Return method. If this flag is 'off', the server silently drops the message",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.AmqpDurable,
Description: "Set this to 'on' for queue to survive broker restarts",
Description: "set this to 'on' for queue to survive broker restarts",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.AmqpNoWait,
Description: "When no_wait is 'on', declare without waiting for a confirmation from the server",
Description: "when no_wait is 'on', declare without waiting for a confirmation from the server",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.AmqpInternal,
Description: "Set this to 'on' for exchange to be not used directly by publishers, but only when bound to other exchanges",
Description: "set this to 'on' for exchange to be not used directly by publishers, but only when bound to other exchanges",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.AmqpAutoDeleted,
Description: "Set this to 'on' for queue that has had at least one consumer is deleted when last consumer unsubscribes",
Description: "set this to 'on' for queue that has had at least one consumer is deleted when last consumer unsubscribes",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.AmqpDeliveryMode,
Description: "Delivery queue implementation use non-persistent (1) or persistent (2)",
Description: "delivery queue implementation use non-persistent (1) or persistent (2)",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: target.AmqpQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.AmqpQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the AMQP target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@ -106,66 +106,66 @@ var (
HelpKafka = config.HelpKVS{
config.HelpKV{
Key: target.KafkaBrokers,
Description: "Comma separated list of Kafka broker addresses",
Description: "comma separated list of Kafka broker addresses",
Type: "csv",
},
config.HelpKV{
Key: target.KafkaTopic,
Description: "The Kafka topic for a given message",
Description: "Kafka topic used for bucket notifications",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.KafkaSASLUsername,
Description: "Username for SASL/PLAIN or SASL/SCRAM authentication",
Description: "username for SASL/PLAIN or SASL/SCRAM authentication",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.KafkaSASLPassword,
Description: "Password for SASL/PLAIN or SASL/SCRAM authentication",
Description: "password for SASL/PLAIN or SASL/SCRAM authentication",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.KafkaTLSClientAuth,
Description: "ClientAuth determines the Kafka server's policy for TLS client auth",
Description: "clientAuth determines the Kafka server's policy for TLS client auth",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.KafkaSASL,
Description: "Set this to 'on' to enable SASL authentication",
Description: "set this to 'on' to enable SASL authentication",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.KafkaTLS,
Description: "Set this to 'on' to enable TLS",
Description: "set this to 'on' to enable TLS",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.KafkaTLSSkipVerify,
Description: "Set this to 'on' to disable client verification of server certificate chain",
Description: "set this to 'on' to disable client verification of server certificate chain",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.KafkaQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.KafkaQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the Kafka target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@ -174,59 +174,59 @@ var (
HelpMQTT = config.HelpKVS{
config.HelpKV{
Key: target.MqttBroker,
Description: "MQTT server endpoint, e.g. `tcp://localhost:1883`",
Description: "MQTT server endpoint e.g. `tcp://localhost:1883`",
Type: "uri",
},
config.HelpKV{
Key: target.MqttTopic,
Description: "Name of the MQTT topic to publish on, e.g. `minio`",
Description: "name of the MQTT topic to publish on, e.g. `minio`",
Type: "string",
},
config.HelpKV{
Key: target.MqttUsername,
Description: "Username to connect to the MQTT server",
Description: "username to connect to the MQTT server",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.MqttPassword,
Description: "Password to connect to the MQTT server",
Description: "password to connect to the MQTT server",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.MqttQoS,
Description: "Set the Quality of Service Level for MQTT endpoint",
Description: "set the Quality of Service Level for MQTT endpoint",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: target.MqttKeepAliveInterval,
Description: "Keep alive interval for MQTT connections",
Description: "keep alive interval for MQTT connections",
Optional: true,
Type: "duration",
},
config.HelpKV{
Key: target.MqttReconnectInterval,
Description: "Reconnect interval for MQTT connections",
Description: "reconnect interval for MQTT connections",
Optional: true,
Type: "duration",
},
config.HelpKV{
Key: target.MqttQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.MqttQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the MQTT target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@ -235,34 +235,34 @@ var (
HelpES = config.HelpKVS{
config.HelpKV{
Key: target.ElasticURL,
Description: "The Elasticsearch server's address, with optional authentication info",
Description: "Elasticsearch server's address, with optional authentication info",
Type: "url",
},
config.HelpKV{
Key: target.ElasticFormat,
Description: "Either `namespace` or `access`, defaults to 'namespace'",
Description: "set this to `namespace` or `access`, defaults to 'namespace'",
Type: "namespace*|access",
},
config.HelpKV{
Key: target.ElasticIndex,
Description: "The name of an Elasticsearch index in which MinIO will store document",
Description: "the name of an Elasticsearch index in which MinIO will store document",
Type: "string",
},
config.HelpKV{
Key: target.ElasticQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.ElasticQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the Elasticsearch target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@ -271,30 +271,30 @@ var (
HelpWebhook = config.HelpKVS{
config.HelpKV{
Key: target.WebhookEndpoint,
Description: "Webhook server endpoint eg: http://localhost:8080/minio/events",
Description: "webhook server endpoint e.g. http://localhost:8080/minio/events",
Type: "url",
},
config.HelpKV{
Key: target.WebhookAuthToken,
Description: "Authorization token used for webhook server endpoint",
Description: "authorization token used for webhook server endpoint",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.WebhookQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.WebhookQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the Webhook target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@ -303,40 +303,40 @@ var (
HelpRedis = config.HelpKVS{
config.HelpKV{
Key: target.RedisAddress,
Description: "The Redis server's address. For example: `localhost:6379`",
Description: "Redis server's address. For example: `localhost:6379`",
Type: "address",
},
config.HelpKV{
Key: target.RedisFormat,
Description: "Specify how data is populated, a hash is used in case of `namespace` format and a list in case of `access` format, defaults to 'namespace'",
Type: "namespace|access",
Description: "specifies how data is populated, a hash is used in case of `namespace` format and a list in case of `access` format, defaults to 'namespace'",
Type: "namespace*|access",
},
config.HelpKV{
Key: target.RedisKey,
Description: "The name of the Redis key under which events are stored",
Description: "name of the Redis key under which events are stored",
Type: "string",
},
config.HelpKV{
Key: target.RedisPassword,
Description: "The Redis server's password",
Description: "Redis server's password",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.RedisQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.RedisQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the Redis target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@ -345,64 +345,64 @@ var (
HelpPostgres = config.HelpKVS{
config.HelpKV{
Key: target.PostgresConnectionString,
Description: "Connection string parameters for the PostgreSQL server",
Description: "connection string parameters for the PostgreSQL server",
Type: "string",
},
config.HelpKV{
Key: target.PostgresFormat,
Description: "Specify how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
Type: "namespace|access",
Description: "specifies how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
Type: "namespace*|access",
},
config.HelpKV{
Key: target.PostgresTable,
Description: "Table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
Description: "table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
Type: "string",
},
config.HelpKV{
Key: target.PostgresHost,
Description: "Host name of the PostgreSQL server. Defaults to `localhost`. IPv6 host should be enclosed with `[` and `]`",
Description: "host name of the PostgreSQL server. Defaults to `localhost`. IPv6 host should be enclosed with `[` and `]`",
Optional: true,
Type: "hostname",
},
config.HelpKV{
Key: target.PostgresPort,
Description: "Port on which to connect to PostgreSQL server, defaults to `5432`",
Description: "port on which to connect to PostgreSQL server, defaults to `5432`",
Optional: true,
Type: "port",
},
config.HelpKV{
Key: target.PostgresUsername,
Description: "Database username, defaults to user running the MinIO process if not specified",
Description: "database username, defaults to user running the MinIO process if not specified",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.PostgresPassword,
Description: "Database password",
Description: "database password",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.PostgresDatabase,
Description: "Postgres Database name",
Description: "postgres Database name",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.PostgresQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.PostgresQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the Postgres target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@ -411,64 +411,64 @@ var (
HelpMySQL = config.HelpKVS{
config.HelpKV{
Key: target.MySQLDSNString,
Description: "Data-Source-Name connection string for the MySQL server",
Description: "data source name connection string for the MySQL server",
Type: "string",
},
config.HelpKV{
Key: target.MySQLTable,
Description: "Table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
Description: "table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up",
Type: "string",
},
config.HelpKV{
Key: target.MySQLFormat,
Description: "Specify how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
Type: "namespace|access",
Description: "specifies how data is populated, `namespace` format and `access` format, defaults to 'namespace'",
Type: "namespace*|access",
},
config.HelpKV{
Key: target.MySQLHost,
Description: "Host name of the MySQL server (used only if `dsnString` is empty)",
Description: "host name of the MySQL server (used only if `dsnString` is empty)",
Optional: true,
Type: "hostname",
},
config.HelpKV{
Key: target.MySQLPort,
Description: "Port on which to connect to the MySQL server (used only if `dsn_string` is empty)",
Description: "port on which to connect to the MySQL server (used only if `dsn_string` is empty)",
Optional: true,
Type: "port",
},
config.HelpKV{
Key: target.MySQLUsername,
Description: "Database user-name (used only if `dsnString` is empty)",
Description: "database user-name (used only if `dsnString` is empty)",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.MySQLPassword,
Description: "Database password (used only if `dsnString` is empty)",
Description: "database password (used only if `dsnString` is empty)",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.MySQLDatabase,
Description: "Database name (used only if `dsnString` is empty)",
Description: "database name (used only if `dsnString` is empty)",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.MySQLQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.MySQLQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the MySQL target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@ -477,7 +477,7 @@ var (
HelpNATS = config.HelpKVS{
config.HelpKV{
Key: target.NATSAddress,
Description: "NATS server address eg: '0.0.0.0:4222'",
Description: "NATS server address e.g. '0.0.0.0:4222'",
Type: "address",
},
config.HelpKV{
@ -487,91 +487,91 @@ var (
},
config.HelpKV{
Key: target.NATSUsername,
Description: "Username to be used when connecting to the server",
Description: "username to be used when connecting to the server",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSPassword,
Description: "Password to be used when connecting to a server",
Description: "password to be used when connecting to a server",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSToken,
Description: "Token to be used when connecting to a server",
Description: "token to be used when connecting to a server",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSSecure,
Description: "Set this to 'on', enables TLS secure connections that skip server verification (not recommended)",
Description: "set this to 'on', enables TLS secure connections that skip server verification (not recommended)",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.NATSPingInterval,
Description: "Client ping commands interval to the server, disabled by default",
Description: "client ping commands interval to the server, disabled by default",
Optional: true,
Type: "duration",
},
config.HelpKV{
Key: target.NATSStreaming,
Description: "Set this to 'on', to use streaming NATS server",
Description: "set this to 'on', to use streaming NATS server",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.NATSStreamingAsync,
Description: "Set this to 'on', to enable asynchronous publish, process the ACK or error state",
Description: "set this to 'on', to enable asynchronous publish, process the ACK or error state",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.NATSStreamingMaxPubAcksInFlight,
Description: "Specifies how many messages can be published without getting ACKs back from NATS streaming server",
Description: "specifies how many messages can be published without getting ACKs back from NATS streaming server",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: target.NATSStreamingClusterID,
Description: "Unique ID for the NATS streaming cluster",
Description: "unique ID for the NATS streaming cluster",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: target.NATSQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.NATSCertAuthority,
Description: "Certificate chain of the target NATS server if self signed certs were used",
Description: "certificate chain of the target NATS server if self signed certs were used",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSClientCert,
Description: "TLS Cert used to authenticate against NATS configured to require client certificates",
Description: "TLS Cert used for NATS configured to require client certificates",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: target.NATSClientKey,
Description: "TLS Key used to authenticate against NATS configured to require client certificates",
Description: "TLS Key used for NATS configured to require client certificates",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the NATS target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@ -580,7 +580,7 @@ var (
HelpNSQ = config.HelpKVS{
config.HelpKV{
Key: target.NSQAddress,
Description: "NSQ server address eg: '127.0.0.1:4150'",
Description: "NSQ server address e.g. '127.0.0.1:4150'",
Type: "address",
},
config.HelpKV{
@ -590,31 +590,31 @@ var (
},
config.HelpKV{
Key: target.NSQTLS,
Description: "Set this to 'on', to enable TLS negotiation",
Description: "set this to 'on', to enable TLS negotiation",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.NSQTLSSkipVerify,
Description: "Set this to 'on', to disable client verification of server certificates",
Description: "set this to 'on', to disable client verification of server certificates",
Optional: true,
Type: "on|off",
},
config.HelpKV{
Key: target.NSQQueueDir,
Description: "Local directory where events are stored eg: '/home/events'",
Description: "local directory where events are stored e.g. '/home/events'",
Optional: true,
Type: "path",
},
config.HelpKV{
Key: target.NSQQueueLimit,
Description: "Enable persistent event store queue limit, defaults to '10000'",
Description: "enable persistent event store queue limit, defaults to '10000'",
Optional: true,
Type: "number",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the NSQ target setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},

44
cmd/config/notify/legacy.go
View File

@ -21,8 +21,8 @@ func SetNotifyKafka(s config.Config, kName string, cfg target.KafkaArgs) error {
s[config.NotifyKafkaSubSys][kName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.KafkaBrokers,
@ -86,8 +86,8 @@ func SetNotifyAMQP(s config.Config, amqpName string, cfg target.AMQPArgs) error
s[config.NotifyAMQPSubSys][amqpName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.AmqpURL,
@ -154,8 +154,8 @@ func SetNotifyES(s config.Config, esName string, cfg target.ElasticsearchArgs) e
s[config.NotifyESSubSys][esName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.ElasticFormat,
@ -194,8 +194,8 @@ func SetNotifyRedis(s config.Config, redisName string, cfg target.RedisArgs) err
s[config.NotifyRedisSubSys][redisName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.RedisFormat,
@ -238,8 +238,8 @@ func SetNotifyWebhook(s config.Config, whName string, cfg target.WebhookArgs) er
s[config.NotifyWebhookSubSys][whName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.WebhookEndpoint,
@ -274,8 +274,8 @@ func SetNotifyPostgres(s config.Config, psqName string, cfg target.PostgreSQLArg
s[config.NotifyPostgresSubSys][psqName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.PostgresFormat,
@ -334,8 +334,8 @@ func SetNotifyNSQ(s config.Config, nsqName string, cfg target.NSQArgs) error {
s[config.NotifyNSQSubSys][nsqName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.NSQAddress,
@ -378,8 +378,8 @@ func SetNotifyNATS(s config.Config, natsName string, cfg target.NATSArgs) error
s[config.NotifyNATSSubSys][natsName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.NATSAddress,
@ -433,9 +433,9 @@ func SetNotifyNATS(s config.Config, natsName string, cfg target.NATSArgs) error
Key: target.NATSStreaming,
Value: func() string {
if cfg.Streaming.Enable {
return config.StateOn
return config.EnableOn
}
return config.StateOff
return config.EnableOff
}(),
},
config.KV{
@ -467,8 +467,8 @@ func SetNotifyMySQL(s config.Config, sqlName string, cfg target.MySQLArgs) error
s[config.NotifyMySQLSubSys][sqlName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.MySQLFormat,
@ -527,8 +527,8 @@ func SetNotifyMQTT(s config.Config, mqttName string, cfg target.MQTTArgs) error
s[config.NotifyMQTTSubSys][mqttName] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: target.MqttBroker,

176
cmd/config/notify/parse.go
View File

@ -341,8 +341,8 @@ func mergeTargets(cfgTargets map[string]config.KVS, envname string, defaultKVS c
var (
DefaultKafkaKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.KafkaTopic,
@ -366,15 +366,15 @@ var (
},
config.KV{
Key: target.KafkaSASL,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.KafkaTLS,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.KafkaTLSSkipVerify,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.KafkaQueueLimit,
@ -390,12 +390,12 @@ var (
// GetNotifyKafka - returns a map of registered notification 'kafka' targets
func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs, error) {
kafkaTargets := make(map[string]target.KafkaArgs)
for k, kv := range mergeTargets(kafkaKVS, target.EnvKafkaState, DefaultKafkaKVS) {
stateEnv := target.EnvKafkaState
for k, kv := range mergeTargets(kafkaKVS, target.EnvKafkaEnable, DefaultKafkaKVS) {
enableEnv := target.EnvKafkaEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@ -409,7 +409,7 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
}
kafkaBrokers := env.Get(brokersEnv, kv.Get(target.KafkaBrokers))
if len(kafkaBrokers) == 0 {
return nil, config.Error("kafka 'brokers' cannot be empty")
return nil, config.Errorf(config.SafeModeKind, "kafka 'brokers' cannot be empty")
}
for _, s := range strings.Split(kafkaBrokers, config.ValueSeparator) {
var host *xnet.Host
@ -467,8 +467,8 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
if k != config.Default {
tlsSkipVerifyEnv = tlsSkipVerifyEnv + config.Default + k
}
kafkaArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.KafkaTLS)) == config.StateOn
kafkaArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.KafkaTLSSkipVerify)) == config.StateOn
kafkaArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.KafkaTLS)) == config.EnableOn
kafkaArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.KafkaTLSSkipVerify)) == config.EnableOn
kafkaArgs.TLS.ClientAuth = tls.ClientAuthType(clientAuth)
saslEnableEnv := target.EnvKafkaSASLEnable
@ -483,7 +483,7 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
if k != config.Default {
saslPasswordEnv = saslPasswordEnv + config.Default + k
}
kafkaArgs.SASL.Enable = env.Get(saslEnableEnv, kv.Get(target.KafkaSASL)) == config.StateOn
kafkaArgs.SASL.Enable = env.Get(saslEnableEnv, kv.Get(target.KafkaSASL)) == config.EnableOn
kafkaArgs.SASL.User = env.Get(saslUsernameEnv, kv.Get(target.KafkaSASLUsername))
kafkaArgs.SASL.Password = env.Get(saslPasswordEnv, kv.Get(target.KafkaSASLPassword))
@ -501,8 +501,8 @@ func GetNotifyKafka(kafkaKVS map[string]config.KVS) (map[string]target.KafkaArgs
var (
DefaultMQTTKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.MqttBroker,
@ -546,13 +546,13 @@ var (
// GetNotifyMQTT - returns a map of registered notification 'mqtt' targets
func GetNotifyMQTT(mqttKVS map[string]config.KVS, rootCAs *x509.CertPool) (map[string]target.MQTTArgs, error) {
mqttTargets := make(map[string]target.MQTTArgs)
for k, kv := range mergeTargets(mqttKVS, target.EnvMQTTState, DefaultMQTTKVS) {
stateEnv := target.EnvMQTTState
for k, kv := range mergeTargets(mqttKVS, target.EnvMQTTEnable, DefaultMQTTKVS) {
enableEnv := target.EnvMQTTEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@ -656,8 +656,8 @@ func GetNotifyMQTT(mqttKVS map[string]config.KVS, rootCAs *x509.CertPool) (map[s
var (
DefaultMySQLKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.MySQLFormat,
@ -705,13 +705,13 @@ var (
// GetNotifyMySQL - returns a map of registered notification 'mysql' targets
func GetNotifyMySQL(mysqlKVS map[string]config.KVS) (map[string]target.MySQLArgs, error) {
mysqlTargets := make(map[string]target.MySQLArgs)
for k, kv := range mergeTargets(mysqlKVS, target.EnvMySQLState, DefaultMySQLKVS) {
stateEnv := target.EnvMySQLState
for k, kv := range mergeTargets(mysqlKVS, target.EnvMySQLEnable, DefaultMySQLKVS) {
enableEnv := target.EnvMySQLEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@ -795,8 +795,8 @@ func GetNotifyMySQL(mysqlKVS map[string]config.KVS) (map[string]target.MySQLArgs
var (
DefaultNATSKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.NATSAddress,
@ -832,7 +832,7 @@ var (
},
config.KV{
Key: target.NATSSecure,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.NATSPingInterval,
@ -840,11 +840,11 @@ var (
},
config.KV{
Key: target.NATSStreaming,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.NATSStreamingAsync,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.NATSStreamingMaxPubAcksInFlight,
@ -868,13 +868,13 @@ var (
// GetNotifyNATS - returns a map of registered notification 'nats' targets
func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, error) {
natsTargets := make(map[string]target.NATSArgs)
for k, kv := range mergeTargets(natsKVS, target.EnvNATSState, DefaultNATSKVS) {
stateEnv := target.EnvNATSState
for k, kv := range mergeTargets(natsKVS, target.EnvNATSEnable, DefaultNATSKVS) {
enableEnv := target.EnvNATSEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@ -967,7 +967,7 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
ClientCert: env.Get(clientCertEnv, kv.Get(target.NATSClientCert)),
ClientKey: env.Get(clientKeyEnv, kv.Get(target.NATSClientKey)),
Token: env.Get(tokenEnv, kv.Get(target.NATSToken)),
Secure: env.Get(secureEnv, kv.Get(target.NATSSecure)) == config.StateOn,
Secure: env.Get(secureEnv, kv.Get(target.NATSSecure)) == config.EnableOn,
PingInterval: pingInterval,
QueueDir: env.Get(queueDirEnv, kv.Get(target.NATSQueueDir)),
QueueLimit: queueLimit,
@ -978,7 +978,7 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
streamingEnableEnv = streamingEnableEnv + config.Default + k
}
streamingEnabled := env.Get(streamingEnableEnv, kv.Get(target.NATSStreaming)) == config.StateOn
streamingEnabled := env.Get(streamingEnableEnv, kv.Get(target.NATSStreaming)) == config.EnableOn
if streamingEnabled {
asyncEnv := target.EnvNATSStreamingAsync
if k != config.Default {
@ -999,7 +999,7 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
}
natsArgs.Streaming.Enable = streamingEnabled
natsArgs.Streaming.ClusterID = env.Get(clusterIDEnv, kv.Get(target.NATSStreamingClusterID))
natsArgs.Streaming.Async = env.Get(asyncEnv, kv.Get(target.NATSStreamingAsync)) == config.StateOn
natsArgs.Streaming.Async = env.Get(asyncEnv, kv.Get(target.NATSStreamingAsync)) == config.EnableOn
natsArgs.Streaming.MaxPubAcksInflight = maxPubAcksInflight
}
@ -1016,8 +1016,8 @@ func GetNotifyNATS(natsKVS map[string]config.KVS) (map[string]target.NATSArgs, e
var (
DefaultNSQKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.NSQAddress,
@ -1029,11 +1029,11 @@ var (
},
config.KV{
Key: target.NSQTLS,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.NSQTLSSkipVerify,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.NSQQueueDir,
@ -1049,13 +1049,13 @@ var (
// GetNotifyNSQ - returns a map of registered notification 'nsq' targets
func GetNotifyNSQ(nsqKVS map[string]config.KVS) (map[string]target.NSQArgs, error) {
nsqTargets := make(map[string]target.NSQArgs)
for k, kv := range mergeTargets(nsqKVS, target.EnvNSQState, DefaultNSQKVS) {
stateEnv := target.EnvNSQState
for k, kv := range mergeTargets(nsqKVS, target.EnvNSQEnable, DefaultNSQKVS) {
enableEnv := target.EnvNSQEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@ -1105,8 +1105,8 @@ func GetNotifyNSQ(nsqKVS map[string]config.KVS) (map[string]target.NSQArgs, erro
QueueDir: env.Get(queueDirEnv, kv.Get(target.NSQQueueDir)),
QueueLimit: queueLimit,
}
nsqArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.NSQTLS)) == config.StateOn
nsqArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.NSQTLSSkipVerify)) == config.StateOn
nsqArgs.TLS.Enable = env.Get(tlsEnableEnv, kv.Get(target.NSQTLS)) == config.EnableOn
nsqArgs.TLS.SkipVerify = env.Get(tlsSkipVerifyEnv, kv.Get(target.NSQTLSSkipVerify)) == config.EnableOn
if err = nsqArgs.Validate(); err != nil {
return nil, err
@ -1121,8 +1121,8 @@ func GetNotifyNSQ(nsqKVS map[string]config.KVS) (map[string]target.NSQArgs, erro
var (
DefaultPostgresKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.PostgresFormat,
@ -1170,13 +1170,13 @@ var (
// GetNotifyPostgres - returns a map of registered notification 'postgres' targets
func GetNotifyPostgres(postgresKVS map[string]config.KVS) (map[string]target.PostgreSQLArgs, error) {
psqlTargets := make(map[string]target.PostgreSQLArgs)
for k, kv := range mergeTargets(postgresKVS, target.EnvPostgresState, DefaultPostgresKVS) {
stateEnv := target.EnvPostgresState
for k, kv := range mergeTargets(postgresKVS, target.EnvPostgresEnable, DefaultPostgresKVS) {
enableEnv := target.EnvPostgresEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@ -1270,8 +1270,8 @@ func GetNotifyPostgres(postgresKVS map[string]config.KVS) (map[string]target.Pos
var (
DefaultRedisKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.RedisFormat,
@ -1303,13 +1303,13 @@ var (
// GetNotifyRedis - returns a map of registered notification 'redis' targets
func GetNotifyRedis(redisKVS map[string]config.KVS) (map[string]target.RedisArgs, error) {
redisTargets := make(map[string]target.RedisArgs)
for k, kv := range mergeTargets(redisKVS, target.EnvRedisState, DefaultRedisKVS) {
stateEnv := target.EnvRedisState
for k, kv := range mergeTargets(redisKVS, target.EnvRedisEnable, DefaultRedisKVS) {
enableEnv := target.EnvRedisEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@ -1370,8 +1370,8 @@ func GetNotifyRedis(redisKVS map[string]config.KVS) (map[string]target.RedisArgs
var (
DefaultWebhookKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.WebhookEndpoint,
@ -1395,12 +1395,12 @@ var (
// GetNotifyWebhook - returns a map of registered notification 'webhook' targets
func GetNotifyWebhook(webhookKVS map[string]config.KVS, rootCAs *x509.CertPool) (map[string]target.WebhookArgs, error) {
webhookTargets := make(map[string]target.WebhookArgs)
for k, kv := range mergeTargets(webhookKVS, target.EnvWebhookState, DefaultWebhookKVS) {
stateEnv := target.EnvWebhookState
for k, kv := range mergeTargets(webhookKVS, target.EnvWebhookEnable, DefaultWebhookKVS) {
enableEnv := target.EnvWebhookEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@ -1452,8 +1452,8 @@ func GetNotifyWebhook(webhookKVS map[string]config.KVS, rootCAs *x509.CertPool)
var (
DefaultESKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.ElasticURL,
@ -1481,12 +1481,12 @@ var (
// GetNotifyES - returns a map of registered notification 'elasticsearch' targets
func GetNotifyES(esKVS map[string]config.KVS) (map[string]target.ElasticsearchArgs, error) {
esTargets := make(map[string]target.ElasticsearchArgs)
for k, kv := range mergeTargets(esKVS, target.EnvElasticState, DefaultESKVS) {
stateEnv := target.EnvElasticState
for k, kv := range mergeTargets(esKVS, target.EnvElasticEnable, DefaultESKVS) {
enableEnv := target.EnvElasticEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@ -1549,8 +1549,8 @@ func GetNotifyES(esKVS map[string]config.KVS) (map[string]target.ElasticsearchAr
var (
DefaultAMQPKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpURL,
@ -1570,23 +1570,23 @@ var (
},
config.KV{
Key: target.AmqpMandatory,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpDurable,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpNoWait,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpInternal,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpAutoDeleted,
Value: config.StateOff,
Value: config.EnableOff,
},
config.KV{
Key: target.AmqpDeliveryMode,
@ -1606,12 +1606,12 @@ var (
// GetNotifyAMQP - returns a map of registered notification 'amqp' targets
func GetNotifyAMQP(amqpKVS map[string]config.KVS) (map[string]target.AMQPArgs, error) {
amqpTargets := make(map[string]target.AMQPArgs)
for k, kv := range mergeTargets(amqpKVS, target.EnvAMQPState, DefaultAMQPKVS) {
stateEnv := target.EnvAMQPState
for k, kv := range mergeTargets(amqpKVS, target.EnvAMQPEnable, DefaultAMQPKVS) {
enableEnv := target.EnvAMQPEnable
if k != config.Default {
stateEnv = stateEnv + config.Default + k
enableEnv = enableEnv + config.Default + k
}
enabled, err := config.ParseBool(env.Get(stateEnv, kv.Get(config.State)))
enabled, err := config.ParseBool(env.Get(enableEnv, kv.Get(config.Enable)))
if err != nil {
return nil, err
}
@ -1689,12 +1689,12 @@ func GetNotifyAMQP(amqpKVS map[string]config.KVS) (map[string]target.AMQPArgs, e
RoutingKey: env.Get(routingKeyEnv, kv.Get(target.AmqpRoutingKey)),
ExchangeType: env.Get(exchangeTypeEnv, kv.Get(target.AmqpExchangeType)),
DeliveryMode: uint8(deliveryMode),
Mandatory: env.Get(mandatoryEnv, kv.Get(target.AmqpMandatory)) == config.StateOn,
Immediate: env.Get(immediateEnv, kv.Get(target.AmqpImmediate)) == config.StateOn,
Durable: env.Get(durableEnv, kv.Get(target.AmqpDurable)) == config.StateOn,
Internal: env.Get(internalEnv, kv.Get(target.AmqpInternal)) == config.StateOn,
NoWait: env.Get(noWaitEnv, kv.Get(target.AmqpNoWait)) == config.StateOn,
AutoDeleted: env.Get(autoDeletedEnv, kv.Get(target.AmqpAutoDeleted)) == config.StateOn,
Mandatory: env.Get(mandatoryEnv, kv.Get(target.AmqpMandatory)) == config.EnableOn,
Immediate: env.Get(immediateEnv, kv.Get(target.AmqpImmediate)) == config.EnableOn,
Durable: env.Get(durableEnv, kv.Get(target.AmqpDurable)) == config.EnableOn,
Internal: env.Get(internalEnv, kv.Get(target.AmqpInternal)) == config.EnableOn,
NoWait: env.Get(noWaitEnv, kv.Get(target.AmqpNoWait)) == config.EnableOn,
AutoDeleted: env.Get(autoDeletedEnv, kv.Get(target.AmqpAutoDeleted)) == config.EnableOn,
QueueDir: env.Get(queueDirEnv, kv.Get(target.AmqpQueueDir)),
QueueLimit: queueLimit,
}

9
cmd/config/policy/opa/config.go
View File

@ -41,10 +41,6 @@ const (
// DefaultKVS - default config for OPA config
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: URL,
Value: "",
@ -112,6 +108,11 @@ type Opa struct {
client *http.Client
}
// Enabled returns if opa is enabled.
func Enabled(kvs config.KVS) bool {
return kvs.Get(URL) != ""
}
// LookupConfig lookup Opa from config, override with any ENVs.
func LookupConfig(kv config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (Args, error) {
args := Args{}

6
cmd/config/policy/opa/help.go
View File

@ -23,18 +23,18 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: URL,
Description: `Points to URL for OPA HTTP API endpoint. eg: "http://localhost:8181/v1/data/httpapi/authz/allow"`,
Description: `OPA HTTP API endpoint e.g. "http://localhost:8181/v1/data/httpapi/authz/allow"`,
Type: "url",
},
config.HelpKV{
Key: AuthToken,
Description: "Authorization token for the OPA HTTP API endpoint",
Description: "authorization token for OPA HTTP API endpoint",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the OPA policy setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},

4
cmd/config/policy/opa/legacy.go
View File

@ -33,10 +33,6 @@ func SetPolicyOPAConfig(s config.Config, opaArgs Args) {
return
}
s[config.PolicyOPASubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
},
config.KV{
Key: URL,
Value: opaArgs.URL.String(),

6
cmd/config/storageclass/help.go
View File

@ -23,19 +23,19 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: ClassStandard,
Description: `Set standard storage class parity ratio. eg: "EC:4"`,
Description: `set the parity count for default standard storage class e.g. "EC:4"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: ClassRRS,
Description: `Set reduced redundancy storage class parity ratio. eg: "EC:2"`,
Description: `set the parity count for reduced redundancy storage class e.g. "EC:2"`,
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the storageclass setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},

4
cmd/config/storageclass/legacy.go
View File

@ -35,9 +35,5 @@ func SetStorageClass(s config.Config, cfg Config) {
Key: ClassRRS,
Value: cfg.RRS.String(),
},
config.KV{
Key: config.State,
Value: config.StateOn,
},
}
}

27
cmd/config/storageclass/storage-class.go
View File

@ -39,8 +39,6 @@ const (
ClassStandard = "standard"
ClassRRS = "rrs"
// Env to on/off storage class settings.
EnvStorageClass = "MINIO_STORAGE_CLASS_STATE"
// Reduced redundancy storage class environment variable
RRSEnv = "MINIO_STORAGE_CLASS_RRS"
// Standard storage class environment variable
@ -59,10 +57,6 @@ const (
// DefaultKVS - default storage class config
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: ClassStandard,
Value: "",
@ -218,6 +212,13 @@ func (sCfg Config) GetParityForSC(sc string) (parity int) {
}
}
// Enabled returns if etcd is enabled.
func Enabled(kvs config.KVS) bool {
ssc := kvs.Get(ClassStandard)
rrsc := kvs.Get(ClassRRS)
return ssc != "" || rrsc != ""
}
// LookupConfig - lookup storage class config and override with valid environment settings if any.
func LookupConfig(kvs config.KVS, drivesPerSet int) (cfg Config, err error) {
cfg = Config{}
@ -228,22 +229,8 @@ func LookupConfig(kvs config.KVS, drivesPerSet int) (cfg Config, err error) {
return cfg, err
}
stateBool, err := config.ParseBool(env.Get(EnvStorageClass, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return cfg, nil
}
return cfg, err
}
ssc := env.Get(StandardEnv, kvs.Get(ClassStandard))
rrsc := env.Get(RRSEnv, kvs.Get(ClassRRS))
if stateBool {
if ssc == "" && rrsc == "" {
return cfg, config.Error("'standard' and 'rrs' key cannot be empty for enabled storage class")
}
// if one of storage class is not empty proceed.
}
// Check for environment variables and parse into storageClass struct
if ssc != "" {
cfg.Standard, err = parseStorageClass(ssc)

25
cmd/crypto/config.go
View File

@ -46,10 +46,6 @@ const (
// DefaultKVS - default KV crypto config
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
},
config.KV{
Key: KMSVaultEndpoint,
Value: "",
@ -100,9 +96,6 @@ const (
)
const (
// EnvKMSVaultState to enable on/off
EnvKMSVaultState = "MINIO_KMS_VAULT_STATE"
// EnvKMSVaultEndpoint is the environment variable used to specify
// the vault HTTPS endpoint.
EnvKMSVaultEndpoint = "MINIO_KMS_VAULT_ENDPOINT"
@ -145,6 +138,12 @@ var defaultCfg = VaultConfig{
},
}
// Enabled returns if HashiCorp Vault is enabled.
func Enabled(kvs config.KVS) bool {
endpoint := kvs.Get(KMSVaultEndpoint)
return endpoint != ""
}
// LookupConfig extracts the KMS configuration provided by environment
// variables and merge them with the provided KMS configuration. The
// merging follows the following rules:
@ -167,7 +166,7 @@ func LookupConfig(kvs config.KVS) (KMSConfig, error) {
return kmsCfg, err
}
if !kmsCfg.AutoEncryption {
kmsCfg.AutoEncryption, err = config.ParseBool(env.Get(EnvKMSAutoEncryption, config.StateOff))
kmsCfg.AutoEncryption, err = config.ParseBool(env.Get(EnvKMSAutoEncryption, config.EnableOff))
if err != nil {
return kmsCfg, err
}
@ -176,16 +175,6 @@ func LookupConfig(kvs config.KVS) (KMSConfig, error) {
return kmsCfg, nil
}
stateBool, err := config.ParseBool(env.Get(EnvKMSVaultState, kvs.Get(config.State)))
if err != nil {
if kvs.Empty() {
return kmsCfg, nil
}
return kmsCfg, err
}
if !stateBool {
return kmsCfg, nil
}
vcfg := VaultConfig{
Auth: VaultAuth{
Type: "approle",

16
cmd/crypto/help.go
View File

@ -23,32 +23,32 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: KMSVaultEndpoint,
Description: `Points to Vault API endpoint eg: "http://vault-endpoint-ip:8200"`,
Description: `HashiCorp Vault API endpoint e.g. "http://vault-endpoint-ip:8200"`,
Type: "url",
},
config.HelpKV{
Key: KMSVaultKeyName,
Description: `Transit key name used in vault policy, must be unique name eg: "my-minio-key"`,
Description: `transit key name used in vault policy, must be unique name e.g. "my-minio-key"`,
Type: "string",
},
config.HelpKV{
Key: KMSVaultAuthType,
Description: `Authentication type to Vault API endpoint eg: "approle"`,
Description: `authentication type to Vault API endpoint e.g. "approle"`,
Type: "string",
},
config.HelpKV{
Key: KMSVaultAppRoleID,
Description: `Unique role ID created for AppRole`,
Description: `unique role ID created for AppRole`,
Type: "string",
},
config.HelpKV{
Key: KMSVaultAppRoleSecret,
Description: `Unique secret ID created for AppRole`,
Description: `unique secret ID created for AppRole`,
Type: "string",
},
config.HelpKV{
Key: KMSVaultNamespace,
Description: `Only needed if AppRole engine is scoped to Vault Namespace eg: "ns1"`,
Description: `only needed if AppRole engine is scoped to Vault Namespace e.g. "ns1"`,
Optional: true,
Type: "string",
},
@ -60,13 +60,13 @@ var (
},
config.HelpKV{
Key: KMSVaultCAPath,
Description: `Path to PEM-encoded CA cert files to use mTLS authentication (optional) eg: "/home/user/custom-certs"`,
Description: `path to PEM-encoded CA cert files to use mTLS authentication (optional) e.g. "/home/user/custom-certs"`,
Optional: true,
Type: "path",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the KMS Vault setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},

17
cmd/crypto/legacy.go
View File

@ -83,10 +83,6 @@ func SetKMSConfig(s config.Config, cfg KMSConfig) {
return
}
s[config.KmsVaultSubSys][config.Default] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
},
config.KV{
Key: KMSVaultEndpoint,
Value: cfg.Vault.Endpoint,
@ -141,7 +137,7 @@ func SetKMSConfig(s config.Config, cfg KMSConfig) {
// It sets the global KMS configuration according to the merged configuration
// on success.
func lookupConfigLegacy(kvs config.KVS) (KMSConfig, error) {
autoBool, err := config.ParseBool(env.Get(EnvAutoEncryptionLegacy, config.StateOff))
autoBool, err := config.ParseBool(env.Get(EnvAutoEncryptionLegacy, config.EnableOff))
if err != nil {
return KMSConfig{}, err
}
@ -155,17 +151,6 @@ func lookupConfigLegacy(kvs config.KVS) (KMSConfig, error) {
},
}
// Assume default as "on" for legacy config since we didn't have a _STATE
// flag to turn it off, but we should honor it nonetheless to turn it off
// if the vault endpoint is down and there is no way to start the server.
stateBool, err := config.ParseBool(env.Get(EnvKMSVaultState, config.StateOn))
if err != nil {
return cfg, err
}
if !stateBool {
return cfg, nil
}
endpointStr := env.Get(EnvLegacyVaultEndpoint, "")
if endpointStr != "" {
// Lookup Hashicorp-Vault configuration & overwrite config entry if ENV var is present

3
cmd/gateway-main.go
View File

@ -118,6 +118,9 @@ func StartGateway(ctx *cli.Context, gw Gateway) {
// Handle common command args.
handleCommonCmdArgs(ctx)
// Initialize all help
initHelp()
// Get port to listen on from gateway address
globalMinioHost, globalMinioPort = mustSplitHostPort(globalCLIContext.Addr)

9
cmd/gateway/azure/gateway-azure.go
View File

@ -101,17 +101,12 @@ ENVIRONMENT VARIABLES:
MINIO_CACHE_QUOTA: Maximum permitted usage of the cache in percentage (0-100).
EXAMPLES:
1. Start minio gateway server for Azure Blob Storage backend.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}azureaccountname
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}azureaccountkey
{{.Prompt}} {{.HelpName}}
2. Start minio gateway server for Azure Blob Storage backend on custom endpoint.
1. Start minio gateway server for Azure Blob Storage backend on custom endpoint.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}azureaccountname
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}azureaccountkey
{{.Prompt}} {{.HelpName}} https://azureaccountname.blob.custom.azure.endpoint
3. Start minio gateway server for Azure Blob Storage backend with edge caching enabled.
2. Start minio gateway server for Azure Blob Storage backend with edge caching enabled.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}azureaccountname
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}azureaccountkey
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_CACHE_DRIVES{{.AssignmentOperator}}"/mnt/drive1,/mnt/drive2,/mnt/drive3,/mnt/drive4"

16
cmd/gateway/s3/gateway-s3.go
View File

@ -72,28 +72,12 @@ ENVIRONMENT VARIABLES:
MINIO_CACHE_EXPIRY: Cache expiry duration in days.
MINIO_CACHE_QUOTA: Maximum permitted usage of the cache in percentage (0-100).
LOGGER:
MINIO_LOGGER_HTTP_STATE: Set this to "on" to enable HTTP logging target.
MINIO_LOGGER_HTTP_ENDPOINT: HTTP endpoint URL to log all incoming requests.
EXAMPLES:
1. Start minio gateway server for AWS S3 backend.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}accesskey
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}secretkey
{{.Prompt}} {{.HelpName}}
2. Start minio gateway server for S3 backend on custom endpoint.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}Q3AM3UQ867SPQQA43P2F
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG
{{.Prompt}} {{.HelpName}} https://play.min.io:9000
3. Start minio gateway server for AWS S3 backend logging all requests to http endpoint.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}Q3AM3UQ867SPQQA43P2F
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_LOGGER_HTTP_STATE{{.AssignmenOperator}}"on"
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_LOGGER_HTTP_ENDPOINT{{.AssignmentOperator}}"http://localhost:8000/"
{{.Prompt}} {{.HelpName}} https://play.min.io:9000
4. Start minio gateway server for AWS S3 backend with edge caching enabled.
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_ACCESS_KEY{{.AssignmentOperator}}accesskey
{{.Prompt}} {{.EnvVarSetCommand}} MINIO_SECRET_KEY{{.AssignmentOperator}}secretkey

4
cmd/iam.go
View File

@ -654,9 +654,9 @@ func (sys *IAMSys) SetUserStatus(accessKey string, status madmin.AccountStatus)
SecretKey: cred.SecretKey,
Status: func() string {
if status == madmin.AccountEnabled {
return config.StateOn
return config.EnableOn
}
return config.StateOff
return config.EnableOff
}(),
})
if err := sys.store.saveUserIdentity(accessKey, false, uinfo); err != nil {

12
cmd/logger/config.go
View File

@ -58,8 +58,8 @@ const (
var (
DefaultKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: Endpoint,
@ -72,8 +72,8 @@ var (
}
DefaultAuditKVS = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOff,
Key: config.Enable,
Value: config.EnableOff,
},
config.KV{
Key: Endpoint,
@ -153,7 +153,7 @@ func LookupConfig(scfg config.Config) (Config, error) {
return cfg, err
}
enabled, err := config.ParseBool(kv.Get(config.State))
enabled, err := config.ParseBool(kv.Get(config.Enable))
if err != nil {
return cfg, err
}
@ -185,7 +185,7 @@ func LookupConfig(scfg config.Config) (Config, error) {
return cfg, err
}
enabled, err := config.ParseBool(kv.Get(config.State))
enabled, err := config.ParseBool(kv.Get(config.Enable))
if err != nil {
return cfg, err
}

12
cmd/logger/help.go
View File

@ -23,18 +23,18 @@ var (
Help = config.HelpKVS{
config.HelpKV{
Key: Endpoint,
Description: `HTTP logger endpoint eg: "http://localhost:8080/minio/logs/server"`,
Description: `HTTP logger endpoint e.g. "http://localhost:8080/minio/logs/server"`,
Type: "url",
},
config.HelpKV{
Key: AuthToken,
Description: "Authorization token for logger endpoint",
Description: "authorization token for logger endpoint",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the HTTP logger setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},
@ -43,18 +43,18 @@ var (
HelpAudit = config.HelpKVS{
config.HelpKV{
Key: Endpoint,
Description: `HTTP Audit logger endpoint eg: "http://localhost:8080/minio/logs/audit"`,
Description: `HTTP Audit logger endpoint e.g. "http://localhost:8080/minio/logs/audit"`,
Type: "url",
},
config.HelpKV{
Key: AuthToken,
Description: "Authorization token for logger endpoint",
Description: "authorization token for audit logger endpoint",
Optional: true,
Type: "string",
},
config.HelpKV{
Key: config.Comment,
Description: "A comment to describe the HTTP Audit logger setting",
Description: config.DefaultComment,
Optional: true,
Type: "sentence",
},

8
cmd/logger/legacy.go
View File

@ -31,8 +31,8 @@ func SetLoggerHTTPAudit(scfg config.Config, k string, args HTTP) {
}
scfg[config.AuditWebhookSubSys][k] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: Endpoint,
@ -54,8 +54,8 @@ func SetLoggerHTTP(scfg config.Config, k string, args HTTP) {
scfg[config.LoggerWebhookSubSys][k] = config.KVS{
config.KV{
Key: config.State,
Value: config.StateOn,
Key: config.Enable,
Value: config.EnableOn,
},
config.KV{
Key: Endpoint,

32
cmd/server-main.go
View File

@ -156,7 +156,9 @@ func serverHandleCmdArgs(ctx *cli.Context) {
}
logger.FatalIf(err, "Invalid command line arguments")
logger.LogIf(context.Background(), checkEndpointsSubOptimal(ctx, setupType, globalEndpoints))
if err = checkEndpointsSubOptimal(ctx, setupType, globalEndpoints); err != nil {
logger.Info("Optimal endpoint check failed %s", err)
}
// On macOS, if a process already listens on LOCALIPADDR:PORT, net.Listen() falls back
// to IPv6 address ie minio will start listening on IPv6 address whereas another
@ -217,6 +219,17 @@ func initSafeModeInit(buckets []BucketInfo) (err error) {
if errors.As(err, &cerr) {
return
}
var cfgErr config.Error
if errors.As(err, &cfgErr) {
if cfgErr.Kind == config.ContinueKind {
// print the error and continue
logger.Info("Config validation failed '%s' the sub-system is turned-off and all other sub-systems", err)
err = nil
return
}
}
// Enable logger
logger.Disable = false
@ -308,6 +321,9 @@ func serverMain(ctx *cli.Context) {
// Handle all server environment vars.
serverHandleEnvVars()
// Initialize all help
initHelp()
// Check and load TLS certificates.
var err error
globalPublicCerts, globalTLSCerts, globalIsSSL, err = getTLSConfig()
@ -338,7 +354,9 @@ func serverMain(ctx *cli.Context) {
}
// Set system resources to maximum.
logger.LogIf(context.Background(), setMaxResources())
if err = setMaxResources(); err != nil {
logger.Info("Unable to set system resources to maximum %s", err)
}
if globalIsXL {
// Init global heal state
@ -409,8 +427,14 @@ func serverMain(ctx *cli.Context) {
logger.FatalIf(initSafeModeInit(buckets), "Unable to initialize server")
if globalCacheConfig.Enabled {
msg := color.RedBold("Disk caching is disabled in 'server' mode, 'caching' is only supported in gateway deployments")
logger.StartupMessage(msg)
// initialize the new disk cache objects.
var cacheAPI CacheObjectLayer
cacheAPI, err = newServerCacheObjects(context.Background(), globalCacheConfig)
logger.FatalIf(err, "Unable to initialize disk caching")
globalObjLayerMutex.Lock()
globalCacheObjectAPI = cacheAPI
globalObjLayerMutex.Unlock()
}
initDailyLifecycle()

6
cmd/server-startup-msg.go
View File

@ -49,7 +49,7 @@ func getFormatStr(strLen int, padding int) string {
func printStartupSafeModeMessage(apiEndpoints []string, err error) {
logStartupMessage(color.RedBold("Server startup failed with '%v'", err))
logStartupMessage(color.RedBold("Server switching to safe mode"))
logStartupMessage(color.RedBold("Please use 'mc admin' commands to fix this issue"))
logStartupMessage(color.RedBold("Please use 'mc admin config' commands fix this issue"))
// Object layer is initialized then print StorageInfo in safe mode.
objAPI := newObjectLayerWithoutSafeModeFn()
@ -91,13 +91,13 @@ func printStartupSafeModeMessage(apiEndpoints []string, err error) {
mcMessage := fmt.Sprintf("> mc.exe config host add %s %s %s %s --api s3v4", alias,
endPoint, cred.AccessKey, cred.SecretKey)
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
mcMessage = fmt.Sprintf("> mc.exe admin --help")
mcMessage = fmt.Sprintf("> mc.exe admin config --help")
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
} else {
mcMessage := fmt.Sprintf("$ mc config host add %s %s %s %s --api s3v4", alias,
endPoint, cred.AccessKey, cred.SecretKey)
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
mcMessage = fmt.Sprintf("$ mc admin --help")
mcMessage = fmt.Sprintf("$ mc admin config --help")
logStartupMessage(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
}
}

1
cmd/test-utils_test.go
View File

@ -76,6 +76,7 @@ func init() {
logger.Disable = true
initHelp()
// Uncomment the following line to see trace logs during unit tests.
// logger.AddTarget(console.New())
}

6
docs/config/README.md
View File

@ -74,9 +74,9 @@ minio server /data
| Field | Type | Description |
|:-------------------------------|:---------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ``storageclass`` | | Set storage class for configurable data and parity, as per object basis. |
| ``storageclass standard=EC:4`` | _string_ | Value for standard storage class. It should be in the format `EC:Parity`, for example to set 4 disk parity for standard storage class objects, set this field to `EC:4`. |
| ``storageclass rrs=EC:2`` | _string_ | Value for reduced redundancy storage class. It should be in the format `EC:Parity`, for example to set 3 disk parity for reduced redundancy storage class objects, set this field to `EC:3`. |
| ``storage_class`` | | Set storage class for configurable data and parity, as per object basis. |
| ``storage_class standard=EC:4`` | _string_ | Value for standard storage class. It should be in the format `EC:Parity`, for example to set 4 disk parity for standard storage class objects, set this field to `EC:4`. |
| ``storage_class rrs=EC:2`` | _string_ | Value for reduced redundancy storage class. It should be in the format `EC:Parity`, for example to set 3 disk parity for reduced redundancy storage class objects, set this field to `EC:3`. |
By default, parity for objects with standard storage class is set to `N/2`, and parity for objects with reduced redundancy storage class objects is set to `2`. Read more about storage class support in MinIO server [here](https://github.com/minio/minio/blob/master/docs/erasure/storage-class/README.md).

340
docs/config/config.sample.json
View File

@ -1,340 +0,0 @@
{
"cache": {
"_": {
"drives": "",
"exclude": "",
"expiry": "90",
"quota": "80",
"state": "off"
}
},
"compression": {
"_": {
"extensions": ".txt,.log,.csv,.json,.tar,.xml,.bin",
"mime_types": "text/*,application/json,application/xml",
"state": "off"
}
},
"identity_ldap": {
"_": {
"group_name_attribute": "",
"group_search_base_dn": "",
"group_search_filter": "",
"server_addr": "",
"state": "off",
"sts_expiry": "",
"username_format": ""
}
},
"identity_openid": {
"_": {
"config_url": "http://localhost:8080/auth/realms/demo/.well-known/openid-configuration",
"state": "on"
}
},
"kms_vault": {
"_": {
"auth_approle_id": "",
"auth_approle_secret": "",
"auth_type": "",
"capath": "",
"endpoint": "",
"key_name": "",
"key_version": "0",
"namespace": "",
"state": "off"
}
},
"logger_http": {
"1": {
"auth_token": "",
"endpoint": "",
"state": "off"
},
"_": {
"auth_token": "",
"endpoint": "",
"state": "off"
}
},
"logger_http_audit": {
"_": {
"auth_token": "",
"endpoint": "",
"state": "off"
}
},
"notify_amqp": {
"1": {
"auto_deleted": "off",
"delivery_mode": "0",
"durable": "off",
"exchange": "",
"exchange_type": "",
"internal": "off",
"mandatory": "off",
"no_wait": "off",
"queue_dir": "",
"queue_limit": "0",
"routing_key": "",
"state": "off",
"url": ""
},
"_": {
"auto_deleted": "off",
"delivery_mode": "0",
"durable": "off",
"exchange": "",
"exchange_type": "",
"internal": "off",
"mandatory": "off",
"no_wait": "off",
"queue_dir": "",
"queue_limit": "0",
"routing_key": "",
"state": "off",
"url": ""
}
},
"notify_elasticsearch": {
"1": {
"format": "namespace",
"index": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"url": ""
},
"_": {
"format": "namespace",
"index": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"url": ""
}
},
"notify_kafka": {
"1": {
"brokers": "",
"queue_dir": "",
"queue_limit": "0",
"sasl_enable": "off",
"sasl_password": "",
"sasl_username": "",
"state": "off",
"tls_client_auth": "0",
"tls_enable": "off",
"tls_skip_verify": "off",
"topic": ""
},
"_": {
"brokers": "",
"queue_dir": "",
"queue_limit": "0",
"sasl_enable": "off",
"sasl_password": "",
"sasl_username": "",
"state": "off",
"tls_client_auth": "0",
"tls_enable": "off",
"tls_skip_verify": "off",
"topic": ""
}
},
"notify_mqtt": {
"1": {
"broker": "",
"keep_alive_interval": "0s",
"password": "",
"qos": "0",
"queue_dir": "",
"queue_limit": "0",
"reconnect_interval": "0s",
"state": "off",
"topic": "",
"username": ""
},
"_": {
"broker": "",
"keep_alive_interval": "0s",
"password": "",
"qos": "0",
"queue_dir": "",
"queue_limit": "0",
"reconnect_interval": "0s",
"state": "off",
"topic": "",
"username": ""
}
},
"notify_mysql": {
"1": {
"database": "",
"dsn_string": "",
"format": "namespace",
"host": "",
"password": "",
"port": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"table": "",
"username": ""
},
"_": {
"database": "",
"dsn_string": "",
"format": "namespace",
"host": "",
"password": "",
"port": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"table": "",
"username": ""
}
},
"notify_nats": {
"1": {
"address": "",
"password": "",
"ping_interval": "0",
"queue_dir": "",
"queue_limit": "0",
"secure": "off",
"state": "off",
"streaming_async": "off",
"streaming_cluster_id": "",
"streaming_enable": "off",
"streaming_max_pub_acks_in_flight": "0",
"subject": "",
"token": "",
"username": ""
},
"_": {
"address": "",
"password": "",
"ping_interval": "0",
"queue_dir": "",
"queue_limit": "0",
"secure": "off",
"state": "off",
"streaming_async": "off",
"streaming_cluster_id": "",
"streaming_enable": "off",
"streaming_max_pub_acks_in_flight": "0",
"subject": "",
"token": "",
"username": ""
}
},
"notify_nsq": {
"1": {
"nsqd_address": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"tls_enable": "off",
"tls_skip_verify": "off",
"topic": ""
},
"_": {
"nsqd_address": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"tls_enable": "off",
"tls_skip_verify": "off",
"topic": ""
}
},
"notify_postgres": {
"1": {
"connection_string": "",
"database": "",
"format": "namespace",
"host": "",
"password": "",
"port": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"table": "",
"username": ""
},
"_": {
"connection_string": "",
"database": "",
"format": "namespace",
"host": "",
"password": "",
"port": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"table": "",
"username": ""
}
},
"notify_redis": {
"1": {
"address": "",
"format": "namespace",
"key": "",
"password": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off"
},
"_": {
"address": "",
"format": "namespace",
"key": "",
"password": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off"
}
},
"notify_webhook": {
"1": {
"endpoint": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off"
},
"_": {
"auth_token": "",
"endpoint": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off"
}
},
"policy_opa": {
"_": {
"auth_token": "",
"state": "off",
"url": ""
}
},
"region": {
"_": {
"name": "us-east-1"
}
},
"storageclass": {
"_": {
"rrs": "",
"standard": "",
"state": "off"
}
},
"worm": {
"_": {
"state": "off"
}
}
}

2
docs/erasure/storage-class/README.md
View File

@ -62,14 +62,12 @@ Default value for `REDUCED_REDUNDANCY` storage class is `2`.
The format to set storage class environment variables is as follows
`MINIO_STORAGE_CLASS_STATE=on`
`MINIO_STORAGE_CLASS_STANDARD=EC:parity`
`MINIO_STORAGE_CLASS_RRS=EC:parity`
For example, set `MINIO_STORAGE_CLASS_RRS` parity 2 and `MINIO_STORAGE_CLASS_STANDARD` parity 3
```sh
export MINIO_STORAGE_CLASS_STATE=on
export MINIO_STORAGE_CLASS_STANDARD=EC:3
export MINIO_STORAGE_CLASS_RRS=EC:2
```

1
docs/gateway/s3.md
View File

@ -76,7 +76,6 @@ and "c" for sse-c encryption. More than one encryption option can be set, delimi
```sh
export MINIO_GATEWAY_SSE="s3;c"
export MINIO_KMS_VAULT_STATE=on
export MINIO_KMS_VAULT_APPROLE_ID=9b56cc08-8258-45d5-24a3-679876769126
export MINIO_KMS_VAULT_APPROLE_SECRET=4e30c52f-13e4-a6f5-0763-d50e8cb4321f
export MINIO_KMS_VAULT_ENDPOINT=https://vault-endpoint-ip:8200

1
docs/kms/README.md
View File

@ -171,7 +171,6 @@ The AppRole ID, AppRole Secret Id, Vault endpoint and Vault key name can now be
You'll need the Vault endpoint, AppRole ID, AppRole SecretID and encryption key-ring name defined in step 2.1.2
```
export MINIO_KMS_VAULT_STATE=on
export MINIO_KMS_VAULT_APPROLE_ID=8c03926c-6c51-7a1d-cf7d-62e48ab8d6d7
export MINIO_KMS_VAULT_APPROLE_SECRET=edd8738c-6efe-c226-74f9-ef5b66e119d7
export MINIO_KMS_VAULT_ENDPOINT=http://vault-endpoint-ip:8200

4
docs/logging/README.md
View File

@ -28,7 +28,7 @@ NOTE: `http://endpoint:port/path` is a placeholder value to indicate the URL for
MinIO also honors environment variable for HTTP target logging as shown below, this setting will override the endpoint settings in the MinIO server config.
```
export MINIO_LOGGER_WEBHOOK_STATE_target1="on"
export MINIO_LOGGER_WEBHOOK_ENABLE_target1="on"
export MINIO_LOGGER_WEBHOOK_AUTH_TOKEN_target1="token"
export MINIO_LOGGER_WEBHOOK_ENDPOINT_target1=http://localhost:8080/minio/logs
minio server /mnt/data
@ -50,7 +50,7 @@ NOTE: `http://endpoint:port/path` is a placeholder value to indicate the URL for
MinIO also honors environment variable for HTTP target Audit logging as shown below, this setting will override the endpoint settings in the MinIO server config.
```
export MINIO_AUDIT_WEBHOOK_STATE_target1="on"
export MINIO_AUDIT_WEBHOOK_ENABLE_target1="on"
export MINIO_AUDIT_WEBHOOK_AUTH_TOKEN_target1="token"
export MINIO_AUDIT_WEBHOOK_ENDPOINT_target1=http://localhost:8080/minio/logs
minio server /mnt/data

2
docs/sts/README.md
View File

@ -34,7 +34,6 @@ Make sure we have followed the previous step and configured each software indepe
```
export MINIO_ACCESS_KEY=minio
export MINIO_SECRET_KEY=minio123
export MINIO_IDENTITY_OPENID_STATE="on"
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
minio server /mnt/data
@ -48,7 +47,6 @@ Make sure we have followed the previous step and configured each software indepe
```
export MINIO_ACCESS_KEY=aws_access_key
export MINIO_SECRET_KEY=aws_secret_key
export MINIO_IDENTITY_OPENID_STATE="on"
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
export MINIO_ETCD_ENDPOINTS=http://localhost:2379

3
docs/sts/client-grants.md
View File

@ -93,14 +93,13 @@ http://minio.cluster:9000?Action=AssumeRoleWithClientGrants&DurationSeconds=3600
```
export MINIO_ACCESS_KEY=minio
export MINIO_SECRET_KEY=minio123
export MINIO_IDENTITY_OPENID_STATE="on"
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
export MINIO_IDENTITY_OPENID_CLIENT_ID="7a243d56-1081-11ea-b1b9-0bad8bed6ca0"
export MINIO_POLICY_OPA_URL=http://localhost:8181/v1/data/httpapi/authz
minio server /mnt/export
mc admin config get myminio identity_openid
identity_openid config_url="https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration"
identity_openid config_url="https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration"
mc admin config get myminio policy_opa
policy_opa url="http://localhost:8181/v1/data/httpapi/authz" auth_token=

4
docs/sts/ldap.md
View File

@ -42,7 +42,6 @@ LDAP is configured via the following environment variables:
| Variable | Required? | Purpose |
|----------------------------------------------|-------------------------|-------------------------------------------------------------------------|
| **MINIO_IDENTITY_LDAP_STATE** | **YES** | Enable or disable ldap identity |
| **MINIO_IDENTITY_LDAP_SERVER_ADDR** | **YES** | AD/LDAP server address |
| **MINIO_IDENTITY_LDAP_USERNAME_FORMAT** | **YES** | Format of full username DN |
| **MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN** | **NO** | Base DN in AD/LDAP hierarchy to use in search requests |
@ -57,7 +56,6 @@ Please note that MinIO will only access the AD/LDAP server over TLS. If a self-s
An example setup for development or experimentation:
``` shell
export MINIO_IDENTITY_LDAP_STATE="on"
export MINIO_IDENTITY_LDAP_SERVER_ADDR=myldapserver.com:636
export MINIO_IDENTITY_LDAP_USERNAME_FORMAT="uid={username},cn=accounts,dc=myldapserver,dc=com"
export MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN="dc=myldapserver,dc=com"
@ -111,7 +109,6 @@ The group search filter looks like `(&(objectclass=group)(member={usernamedn}))`
Thus the key configuration parameters look like:
```
MINIO_IDENTITY_LDAP_STATE="on"
MINIO_IDENTITY_LDAP_SERVER_ADDR='my.ldap-active-dir-server.com:636'
MINIO_IDENTITY_LDAP_USERNAME_FORMAT='cn={username},cn=users,dc=minioad,dc=local'
MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN='dc=minioad,dc=local'
@ -218,7 +215,6 @@ http://minio.cluster:9000?Action=AssumeRoleWithLDAPIdentity&LDAPUsername=foouser
```
$ export MINIO_ACCESS_KEY=minio
$ export MINIO_SECRET_KEY=minio123
$ export MINIO_IDENTITY_LDAP_STATE="on"
$ export MINIO_IDENTITY_LDAP_SERVER_ADDR='my.ldap-active-dir-server.com:636'
$ export MINIO_IDENTITY_LDAP_USERNAME_FORMAT='cn={username},cn=users,dc=minioad,dc=local'
$ export MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN='dc=minioad,dc=local'

1
docs/sts/web-identity.md
View File

@ -93,7 +93,6 @@ http://minio.cluster:9000?Action=AssumeRoleWithWebIdentity&DurationSeconds=3600&
```
export MINIO_ACCESS_KEY=minio
export MINIO_SECRET_KEY=minio123
export MINIO_IDENTITY_OPENID_STATE="on"
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://accounts.google.com/.well-known/openid-configuration
minio server /mnt/export

1
docs/sts/wso2.md
View File

@ -69,7 +69,6 @@ Using the above `access_token` we can perform an STS request to MinIO to get tem
### 5. Setup MinIO with OpenID configuration URL
MinIO server expects environment variable for OpenID configuration url as `MINIO_IDENTITY_OPENID_CONFIG_URL`, this environment variable takes a single entry.
```
export MINIO_IDENTITY_OPENID_STATE="on"
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
minio server /mnt/data

2
pkg/event/target/amqp.go
View File

@ -68,7 +68,7 @@ const (
AmqpArguments = "arguments"
AmqpPublishingHeaders = "publishing_headers"
EnvAMQPState = "MINIO_NOTIFY_AMQP_STATE"
EnvAMQPEnable = "MINIO_NOTIFY_AMQP_ENABLE"
EnvAMQPURL = "MINIO_NOTIFY_AMQP_URL"
EnvAMQPExchange = "MINIO_NOTIFY_AMQP_EXCHANGE"
EnvAMQPRoutingKey = "MINIO_NOTIFY_AMQP_ROUTING_KEY"

2
pkg/event/target/elasticsearch.go
View File

@ -39,7 +39,7 @@ const (
ElasticQueueDir = "queue_dir"
ElasticQueueLimit = "queue_limit"
EnvElasticState = "MINIO_NOTIFY_ELASTICSEARCH_STATE"
EnvElasticEnable = "MINIO_NOTIFY_ELASTICSEARCH_ENABLE"
EnvElasticFormat = "MINIO_NOTIFY_ELASTICSEARCH_FORMAT"
EnvElasticURL = "MINIO_NOTIFY_ELASTICSEARCH_URL"
EnvElasticIndex = "MINIO_NOTIFY_ELASTICSEARCH_INDEX"

2
pkg/event/target/kafka.go
View File

@ -46,7 +46,7 @@ const (
KafkaSASLUsername = "sasl_username"
KafkaSASLPassword = "sasl_password"
EnvKafkaState = "MINIO_NOTIFY_KAFKA_STATE"
EnvKafkaEnable = "MINIO_NOTIFY_KAFKA_ENABLE"
EnvKafkaBrokers = "MINIO_NOTIFY_KAFKA_BROKERS"
EnvKafkaTopic = "MINIO_NOTIFY_KAFKA_TOPIC"
EnvKafkaQueueDir = "MINIO_NOTIFY_KAFKA_QUEUE_DIR"

2
pkg/event/target/mqtt.go
View File

@ -50,7 +50,7 @@ const (
MqttQueueDir = "queue_dir"
MqttQueueLimit = "queue_limit"
EnvMQTTState = "MINIO_NOTIFY_MQTT_STATE"
EnvMQTTEnable = "MINIO_NOTIFY_MQTT_ENABLE"
EnvMQTTBroker = "MINIO_NOTIFY_MQTT_BROKER"
EnvMQTTTopic = "MINIO_NOTIFY_MQTT_TOPIC"
EnvMQTTQoS = "MINIO_NOTIFY_MQTT_QOS"

2
pkg/event/target/mysql.go
View File

@ -94,7 +94,7 @@ const (
MySQLQueueLimit = "queue_limit"
MySQLQueueDir = "queue_dir"
EnvMySQLState = "MINIO_NOTIFY_MYSQL_STATE"
EnvMySQLEnable = "MINIO_NOTIFY_MYSQL_ENABLE"
EnvMySQLFormat = "MINIO_NOTIFY_MYSQL_FORMAT"
EnvMySQLDSNString = "MINIO_NOTIFY_MYSQL_DSN_STRING"
EnvMySQLTable = "MINIO_NOTIFY_MYSQL_TABLE"

2
pkg/event/target/nats.go
View File

@ -51,7 +51,7 @@ const (
NATSStreamingAsync = "streaming_async"
NATSStreamingMaxPubAcksInFlight = "streaming_max_pub_acks_in_flight"
EnvNATSState = "MINIO_NOTIFY_NATS_STATE"
EnvNATSEnable = "MINIO_NOTIFY_NATS_ENABLE"
EnvNATSAddress = "MINIO_NOTIFY_NATS_ADDRESS"
EnvNATSSubject = "MINIO_NOTIFY_NATS_SUBJECT"
EnvNATSUsername = "MINIO_NOTIFY_NATS_USERNAME"

2
pkg/event/target/nsq.go
View File

@ -40,7 +40,7 @@ const (
NSQQueueDir = "queue_dir"
NSQQueueLimit = "queue_limit"
EnvNSQState = "MINIO_NOTIFY_NSQ"
EnvNSQEnable = "MINIO_NOTIFY_NSQ"
EnvNSQAddress = "MINIO_NOTIFY_NSQ_NSQD_ADDRESS"
EnvNSQTopic = "MINIO_NOTIFY_NSQ_TOPIC"
EnvNSQTLS = "MINIO_NOTIFY_NSQ_TLS"

2
pkg/event/target/postgresql.go
View File

@ -95,7 +95,7 @@ const (
PostgresQueueDir = "queue_dir"
PostgresQueueLimit = "queue_limit"
EnvPostgresState = "MINIO_NOTIFY_POSTGRES_STATE"
EnvPostgresEnable = "MINIO_NOTIFY_POSTGRES_ENABLE"
EnvPostgresFormat = "MINIO_NOTIFY_POSTGRES_FORMAT"
EnvPostgresConnectionString = "MINIO_NOTIFY_POSTGRES_CONNECTION_STRING"
EnvPostgresTable = "MINIO_NOTIFY_POSTGRES_TABLE"

2
pkg/event/target/redis.go
View File

@ -41,7 +41,7 @@ const (
RedisQueueDir = "queue_dir"
RedisQueueLimit = "queue_limit"
EnvRedisState = "MINIO_NOTIFY_REDIS_STATE"
EnvRedisEnable = "MINIO_NOTIFY_REDIS_ENABLE"
EnvRedisFormat = "MINIO_NOTIFY_REDIS_FORMAT"
EnvRedisAddress = "MINIO_NOTIFY_REDIS_ADDRESS"
EnvRedisPassword = "MINIO_NOTIFY_REDIS_PASSWORD"

2
pkg/event/target/webhook.go
View File

@ -44,7 +44,7 @@ const (
WebhookQueueDir = "queue_dir"
WebhookQueueLimit = "queue_limit"
EnvWebhookState = "MINIO_NOTIFY_WEBHOOK_STATE"
EnvWebhookEnable = "MINIO_NOTIFY_WEBHOOK_ENABLE"
EnvWebhookEndpoint = "MINIO_NOTIFY_WEBHOOK_ENDPOINT"
EnvWebhookAuthToken = "MINIO_NOTIFY_WEBHOOK_AUTH_TOKEN"
EnvWebhookQueueDir = "MINIO_NOTIFY_WEBHOOK_QUEUE_DIR"

27
pkg/madmin/parse-kv.go
View File

@ -70,19 +70,19 @@ type Targets []Target
// Standard config keys and values.
const (
StateKey = "state"
EnableKey = "enable"
CommentKey = "comment"
// State values
StateOn = "on"
StateOff = "off"
// Enable values
EnableOn = "on"
EnableOff = "off"
)
func (kvs KVS) String() string {
var s strings.Builder
for _, kv := range kvs {
// Do not need to print state which is on.
if kv.Key == StateKey && kv.Value == StateOn {
if kv.Key == EnableKey && kv.Value == EnableOn {
continue
}
if kv.Key == CommentKey && kv.Value == "" {
@ -90,7 +90,7 @@ func (kvs KVS) String() string {
}
s.WriteString(kv.Key)
s.WriteString(KvSeparator)
spc := hasSpace(kv.Value)
spc := HasSpace(kv.Value)
if spc {
s.WriteString(KvDoubleQuote)
}
@ -108,7 +108,8 @@ func (t Targets) Count() int {
return len(t)
}
func hasSpace(s string) bool {
// HasSpace - returns if given string has space.
func HasSpace(s string) bool {
for _, r := range s {
if unicode.IsSpace(r) {
return true
@ -159,10 +160,12 @@ func (t *Targets) AddTarget(s string) error {
if len(inputs) <= 1 {
return fmt.Errorf("invalid number of arguments '%s'", s)
}
subSystemValue := strings.SplitN(inputs[0], SubSystemSeparator, 2)
if len(subSystemValue) == 0 {
return fmt.Errorf("invalid number of arguments %s", s)
}
var kvs = KVS{}
var prevK string
for _, v := range strings.Fields(inputs[1]) {
@ -187,11 +190,19 @@ func (t *Targets) AddTarget(s string) error {
})
}
for i := range *t {
if (*t)[i].SubSystem == inputs[0] {
(*t)[i] = Target{
SubSystem: inputs[0],
KVS: kvs,
}
return nil
}
}
*t = append(*t, Target{
SubSystem: inputs[0],
KVS: kvs,
})
return nil
}