forked from lightninglabs/aperture
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.go
154 lines (118 loc) · 6.07 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
package aperture
import (
"errors"
"fmt"
"time"
"github.com/btcsuite/btcd/btcutil"
"github.com/lightninglabs/aperture/proxy"
)
var (
apertureDataDir = btcutil.AppDataDir("aperture", false)
defaultConfigFilename = "aperture.yaml"
defaultTLSKeyFilename = "tls.key"
defaultTLSCertFilename = "tls.cert"
defaultLogLevel = "info"
defaultLogFilename = "aperture.log"
defaultMaxLogFiles = 3
defaultMaxLogFileSize = 10
)
type EtcdConfig struct {
Host string `long:"host" description:"host:port of an active etcd instance"`
User string `long:"user" description:"user authorized to access the etcd host"`
Password string `long:"password" description:"password of the etcd user"`
}
type AuthConfig struct {
// LndHost is the hostname of the LND instance to connect to.
LndHost string `long:"lndhost" description:"Hostname of the LND instance to connect to"`
TLSPath string `long:"tlspath" description:"Path to LND instance's tls certificate"`
MacDir string `long:"macdir" description:"Directory containing LND instance's macaroons"`
Network string `long:"network" description:"The network LND is connected to." choice:"regtest" choice:"simnet" choice:"testnet" choice:"mainnet"`
Disable bool `long:"disable" description:"Whether to disable LND auth."`
}
func (a *AuthConfig) validate() error {
// If we're disabled, we don't mind what these values are.
if a.Disable {
return nil
}
if a.LndHost == "" {
return errors.New("lnd host required")
}
if a.TLSPath == "" {
return errors.New("lnd tls required")
}
if a.MacDir == "" {
return errors.New("lnd mac dir required")
}
return nil
}
type HashMailConfig struct {
Enabled bool `long:"enabled"`
MessageRate time.Duration `long:"messagerate" description:"The average minimum time that should pass between each message."`
MessageBurstAllowance int `long:"messageburstallowance" description:"The burst rate we allow for messages."`
StaleTimeout time.Duration `long:"staletimeout" description:"The time after the last activity that a mailbox should be removed. Set to -1s to disable. "`
}
type TorConfig struct {
Control string `long:"control" description:"The host:port of the Tor instance."`
ListenPort uint16 `long:"listenport" description:"The port we should listen on for client requests over Tor. Note that this port should not be exposed to the outside world, it is only intended to be reached by clients through the onion service."`
VirtualPort uint16 `long:"virtualport" description:"The port through which the onion services created can be reached at."`
V3 bool `long:"v3" description:"Whether we should listen for client requests through a v3 onion service."`
}
type Config struct {
// ListenAddr is the listening address that we should use to allow Aperture
// to listen for requests.
ListenAddr string `long:"listenaddr" description:"The interface we should listen on for client requests."`
// ServerName can be set to a fully qualifying domain name that should
// be used while creating a certificate through Let's Encrypt.
ServerName string `long:"servername" description:"Server name (FQDN) to use for the TLS certificate."`
// AutoCert can be set to true if aperture should try to create a valid
// certificate through Let's Encrypt using ServerName.
AutoCert bool `long:"autocert" description:"Automatically create a Let's Encrypt cert using ServerName."`
// Insecure can be set to disable TLS on incoming connections.
Insecure bool `long:"insecure" description:"Listen on an insecure connection, disabling TLS for incoming connections."`
// StaticRoot is the folder where the static content served by the proxy
// is located.
StaticRoot string `long:"staticroot" description:"The folder where the static content is located."`
// ServeStatic defines if static content should be served from the
// directory defined by StaticRoot.
ServeStatic bool `long:"servestatic" description:"Flag to enable or disable static content serving."`
Etcd *EtcdConfig `group:"etcd" namespace:"etcd"`
Authenticator *AuthConfig `group:"authenticator" namespace:"authenticator"`
Tor *TorConfig `group:"tor" namespace:"tor"`
// Services is a list of JSON objects in string format, which specify
// each backend service to Aperture.
Services []*proxy.Service `long:"service" description:"Configurations for each Aperture backend service."`
// HashMail is the configuration section for configuring the Lightning
// Node Connect mailbox server.
HashMail *HashMailConfig `group:"hashmail" namespace:"hashmail" description:"Configuration for the Lightning Node Connect mailbox server."`
// Prometheus is the config for setting up an endpoint for a Prometheus
// server to scrape metrics from.
Prometheus *PrometheusConfig `group:"prometheus" namespace:"prometheus" description:"Configuration setting up an endpoint that a Prometheus server can scrape."`
// DebugLevel is a string defining the log level for the service either
// for all subsystems the same or individual level by subsystem.
DebugLevel string `long:"debuglevel" description:"Debug level for the Aperture application and its subsystems."`
// ConfigFile points aperture to an alternative config file.
ConfigFile string `long:"configfile" description:"Custom path to a config file."`
// BaseDir is a custom directory to store all aperture flies.
BaseDir string `long:"basedir" description:"Directory to place all of aperture's files in."`
// ProfilePort is the port on which the pprof profile will be served.
ProfilePort uint16 `long:"profile" description:"Enable HTTP profiling on given port -- NOTE port must be between 1024 and 65535"`
}
func (c *Config) validate() error {
if err := c.Authenticator.validate(); err != nil {
return err
}
if c.ListenAddr == "" {
return fmt.Errorf("missing listen address for server")
}
return nil
}
// NewConfig initializes a new Config variable.
func NewConfig() *Config {
return &Config{
Etcd: &EtcdConfig{},
Authenticator: &AuthConfig{},
Tor: &TorConfig{},
HashMail: &HashMailConfig{},
Prometheus: &PrometheusConfig{},
}
}