2020-07-24 21:39:38 +00:00
|
|
|
// Package config manages the configuration
|
2019-07-20 10:26:52 +00:00
|
|
|
package config
|
|
|
|
|
|
|
|
import (
|
2021-01-03 16:57:07 +00:00
|
|
|
"errors"
|
2019-08-04 07:37:58 +00:00
|
|
|
"fmt"
|
2020-12-23 15:12:30 +00:00
|
|
|
"os"
|
2020-12-03 16:16:35 +00:00
|
|
|
"path/filepath"
|
2020-12-23 15:12:30 +00:00
|
|
|
"strconv"
|
2019-07-29 06:53:22 +00:00
|
|
|
"strings"
|
2019-07-20 10:26:52 +00:00
|
|
|
|
2020-05-06 17:36:34 +00:00
|
|
|
"github.com/spf13/viper"
|
|
|
|
|
2021-06-26 05:31:41 +00:00
|
|
|
"github.com/drakkan/sftpgo/v2/common"
|
|
|
|
"github.com/drakkan/sftpgo/v2/dataprovider"
|
|
|
|
"github.com/drakkan/sftpgo/v2/ftpd"
|
|
|
|
"github.com/drakkan/sftpgo/v2/httpclient"
|
|
|
|
"github.com/drakkan/sftpgo/v2/httpd"
|
|
|
|
"github.com/drakkan/sftpgo/v2/kms"
|
|
|
|
"github.com/drakkan/sftpgo/v2/logger"
|
2021-07-11 13:26:51 +00:00
|
|
|
"github.com/drakkan/sftpgo/v2/sdk/plugin"
|
2021-06-26 05:31:41 +00:00
|
|
|
"github.com/drakkan/sftpgo/v2/sftpd"
|
|
|
|
"github.com/drakkan/sftpgo/v2/telemetry"
|
2021-07-11 13:26:51 +00:00
|
|
|
"github.com/drakkan/sftpgo/v2/util"
|
2021-06-26 05:31:41 +00:00
|
|
|
"github.com/drakkan/sftpgo/v2/version"
|
|
|
|
"github.com/drakkan/sftpgo/v2/webdavd"
|
2019-07-20 10:26:52 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
2019-09-12 07:21:58 +00:00
|
|
|
logSender = "config"
|
2020-12-03 16:16:35 +00:00
|
|
|
// configName defines the name for config file.
|
|
|
|
// This name does not include the extension, viper will search for files
|
|
|
|
// with supported extensions such as "sftpgo.json", "sftpgo.yaml" and so on
|
2020-12-03 15:23:33 +00:00
|
|
|
configName = "sftpgo"
|
2020-12-03 16:16:35 +00:00
|
|
|
// ConfigEnvPrefix defines a prefix that environment variables will use
|
2019-08-07 20:46:13 +00:00
|
|
|
configEnvPrefix = "sftpgo"
|
2019-07-20 10:26:52 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
2020-12-23 15:12:30 +00:00
|
|
|
globalConf globalConfig
|
|
|
|
defaultSFTPDBanner = fmt.Sprintf("SFTPGo_%v", version.Get().Version)
|
|
|
|
defaultFTPDBanner = fmt.Sprintf("SFTPGo %v ready", version.Get().Version)
|
|
|
|
defaultSFTPDBinding = sftpd.Binding{
|
|
|
|
Address: "",
|
|
|
|
Port: 2022,
|
|
|
|
ApplyProxyConfig: true,
|
|
|
|
}
|
|
|
|
defaultFTPDBinding = ftpd.Binding{
|
|
|
|
Address: "",
|
|
|
|
Port: 0,
|
|
|
|
ApplyProxyConfig: true,
|
2020-12-29 08:20:09 +00:00
|
|
|
TLSMode: 0,
|
|
|
|
ForcePassiveIP: "",
|
|
|
|
ClientAuthType: 0,
|
2021-02-18 19:17:16 +00:00
|
|
|
TLSCipherSuites: nil,
|
2020-12-23 15:12:30 +00:00
|
|
|
}
|
|
|
|
defaultWebDAVDBinding = webdavd.Binding{
|
2021-02-18 19:17:16 +00:00
|
|
|
Address: "",
|
|
|
|
Port: 0,
|
|
|
|
EnableHTTPS: false,
|
|
|
|
ClientAuthType: 0,
|
|
|
|
TLSCipherSuites: nil,
|
2021-03-07 16:10:45 +00:00
|
|
|
Prefix: "",
|
2021-05-11 04:54:06 +00:00
|
|
|
ProxyAllowed: nil,
|
2020-12-23 15:12:30 +00:00
|
|
|
}
|
2021-01-19 17:59:41 +00:00
|
|
|
defaultHTTPDBinding = httpd.Binding{
|
2021-02-18 19:17:16 +00:00
|
|
|
Address: "127.0.0.1",
|
|
|
|
Port: 8080,
|
|
|
|
EnableWebAdmin: true,
|
2021-05-06 19:35:43 +00:00
|
|
|
EnableWebClient: true,
|
2021-02-18 19:17:16 +00:00
|
|
|
EnableHTTPS: false,
|
|
|
|
ClientAuthType: 0,
|
|
|
|
TLSCipherSuites: nil,
|
2021-05-11 04:54:06 +00:00
|
|
|
ProxyAllowed: nil,
|
2021-07-27 16:43:00 +00:00
|
|
|
HideLoginURL: 0,
|
2021-01-19 17:59:41 +00:00
|
|
|
}
|
2021-04-18 10:31:06 +00:00
|
|
|
defaultRateLimiter = common.RateLimiterConfig{
|
|
|
|
Average: 0,
|
|
|
|
Period: 1000,
|
|
|
|
Burst: 1,
|
|
|
|
Type: 2,
|
2021-04-19 06:14:04 +00:00
|
|
|
Protocols: []string{common.ProtocolSSH, common.ProtocolFTP, common.ProtocolWebDAV, common.ProtocolHTTP},
|
2021-04-18 10:31:06 +00:00
|
|
|
GenerateDefenderEvents: false,
|
|
|
|
EntriesSoftLimit: 100,
|
|
|
|
EntriesHardLimit: 150,
|
|
|
|
}
|
2019-07-20 10:26:52 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type globalConfig struct {
|
2020-12-18 08:01:19 +00:00
|
|
|
Common common.Configuration `json:"common" mapstructure:"common"`
|
|
|
|
SFTPD sftpd.Configuration `json:"sftpd" mapstructure:"sftpd"`
|
|
|
|
FTPD ftpd.Configuration `json:"ftpd" mapstructure:"ftpd"`
|
|
|
|
WebDAVD webdavd.Configuration `json:"webdavd" mapstructure:"webdavd"`
|
|
|
|
ProviderConf dataprovider.Config `json:"data_provider" mapstructure:"data_provider"`
|
|
|
|
HTTPDConfig httpd.Conf `json:"httpd" mapstructure:"httpd"`
|
|
|
|
HTTPConfig httpclient.Config `json:"http" mapstructure:"http"`
|
|
|
|
KMSConfig kms.Configuration `json:"kms" mapstructure:"kms"`
|
|
|
|
TelemetryConfig telemetry.Conf `json:"telemetry" mapstructure:"telemetry"`
|
2021-07-11 13:26:51 +00:00
|
|
|
PluginsConfig []plugin.Config `json:"plugins" mapstructure:"plugins"`
|
2019-07-20 10:26:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func init() {
|
2020-12-03 15:23:33 +00:00
|
|
|
Init()
|
|
|
|
}
|
|
|
|
|
|
|
|
// Init initializes the global configuration.
|
|
|
|
// It is not supposed to be called outside of this package.
|
|
|
|
// It is exported to minimize refactoring efforts. Will eventually disappear.
|
|
|
|
func Init() {
|
2019-07-20 10:26:52 +00:00
|
|
|
// create a default configuration to use if no config file is provided
|
|
|
|
globalConf = globalConfig{
|
2020-07-24 21:39:38 +00:00
|
|
|
Common: common.Configuration{
|
|
|
|
IdleTimeout: 15,
|
|
|
|
UploadMode: 0,
|
|
|
|
Actions: common.ProtocolActions{
|
2021-05-11 10:45:14 +00:00
|
|
|
ExecuteOn: []string{},
|
|
|
|
ExecuteSync: []string{},
|
|
|
|
Hook: "",
|
2019-07-27 07:38:09 +00:00
|
|
|
},
|
2021-05-08 17:45:21 +00:00
|
|
|
SetstatMode: 0,
|
2021-05-27 13:38:27 +00:00
|
|
|
TempPath: "",
|
2021-05-08 17:45:21 +00:00
|
|
|
ProxyProtocol: 0,
|
|
|
|
ProxyAllowed: []string{},
|
|
|
|
PostConnectHook: "",
|
|
|
|
MaxTotalConnections: 0,
|
|
|
|
MaxPerHostConnections: 20,
|
2021-01-02 13:05:09 +00:00
|
|
|
DefenderConfig: common.DefenderConfig{
|
2021-05-08 17:45:21 +00:00
|
|
|
Enabled: false,
|
|
|
|
BanTime: 30,
|
|
|
|
BanTimeIncrement: 50,
|
|
|
|
Threshold: 15,
|
|
|
|
ScoreInvalid: 2,
|
|
|
|
ScoreValid: 1,
|
|
|
|
ScoreLimitExceeded: 3,
|
|
|
|
ObservationTime: 30,
|
|
|
|
EntriesSoftLimit: 100,
|
|
|
|
EntriesHardLimit: 150,
|
|
|
|
SafeListFile: "",
|
|
|
|
BlockListFile: "",
|
2021-01-02 13:05:09 +00:00
|
|
|
},
|
2021-04-18 10:31:06 +00:00
|
|
|
RateLimitersConfig: []common.RateLimiterConfig{defaultRateLimiter},
|
2020-07-24 21:39:38 +00:00
|
|
|
},
|
|
|
|
SFTPD: sftpd.Configuration{
|
2020-07-29 19:56:56 +00:00
|
|
|
Banner: defaultSFTPDBanner,
|
2020-12-23 15:12:30 +00:00
|
|
|
Bindings: []sftpd.Binding{defaultSFTPDBinding},
|
2020-07-24 21:39:38 +00:00
|
|
|
MaxAuthTries: 0,
|
2020-05-16 21:26:44 +00:00
|
|
|
HostKeys: []string{},
|
2020-04-01 21:25:23 +00:00
|
|
|
KexAlgorithms: []string{},
|
|
|
|
Ciphers: []string{},
|
|
|
|
MACs: []string{},
|
2020-05-15 18:08:53 +00:00
|
|
|
TrustedUserCAKeys: []string{},
|
2020-04-01 21:25:23 +00:00
|
|
|
LoginBannerFile: "",
|
2021-07-28 22:54:22 +00:00
|
|
|
EnabledSSHCommands: []string{},
|
2020-04-01 21:25:23 +00:00
|
|
|
KeyboardInteractiveHook: "",
|
2020-09-01 17:34:40 +00:00
|
|
|
PasswordAuthentication: true,
|
2021-07-28 22:32:55 +00:00
|
|
|
FolderPrefix: "",
|
2019-07-20 10:26:52 +00:00
|
|
|
},
|
2020-07-29 19:56:56 +00:00
|
|
|
FTPD: ftpd.Configuration{
|
2020-12-23 15:12:30 +00:00
|
|
|
Bindings: []ftpd.Binding{defaultFTPDBinding},
|
2020-07-29 19:56:56 +00:00
|
|
|
Banner: defaultFTPDBanner,
|
|
|
|
BannerFile: "",
|
2020-12-23 15:12:30 +00:00
|
|
|
ActiveTransfersPortNon20: true,
|
2020-07-29 19:56:56 +00:00
|
|
|
PassivePortRange: ftpd.PortRange{
|
|
|
|
Start: 50000,
|
|
|
|
End: 50100,
|
|
|
|
},
|
2020-12-24 17:48:06 +00:00
|
|
|
DisableActiveMode: false,
|
|
|
|
EnableSite: false,
|
|
|
|
HASHSupport: 0,
|
|
|
|
CombineSupport: 0,
|
2020-07-29 19:56:56 +00:00
|
|
|
CertificateFile: "",
|
|
|
|
CertificateKeyFile: "",
|
2020-12-29 08:20:09 +00:00
|
|
|
CACertificates: []string{},
|
2021-01-03 16:03:04 +00:00
|
|
|
CARevocationLists: []string{},
|
2020-07-29 19:56:56 +00:00
|
|
|
},
|
2020-08-11 21:56:10 +00:00
|
|
|
WebDAVD: webdavd.Configuration{
|
2020-12-23 15:12:30 +00:00
|
|
|
Bindings: []webdavd.Binding{defaultWebDAVDBinding},
|
2020-08-11 21:56:10 +00:00
|
|
|
CertificateFile: "",
|
|
|
|
CertificateKeyFile: "",
|
2020-12-28 18:48:23 +00:00
|
|
|
CACertificates: []string{},
|
2021-01-03 16:03:04 +00:00
|
|
|
CARevocationLists: []string{},
|
2020-08-15 13:55:20 +00:00
|
|
|
Cors: webdavd.Cors{
|
|
|
|
Enabled: false,
|
|
|
|
AllowedOrigins: []string{},
|
|
|
|
AllowedMethods: []string{},
|
|
|
|
AllowedHeaders: []string{},
|
|
|
|
ExposedHeaders: []string{},
|
|
|
|
AllowCredentials: false,
|
|
|
|
MaxAge: 0,
|
|
|
|
},
|
2020-08-31 17:25:17 +00:00
|
|
|
Cache: webdavd.Cache{
|
2020-11-04 18:11:40 +00:00
|
|
|
Users: webdavd.UsersCacheConfig{
|
|
|
|
ExpirationTime: 0,
|
|
|
|
MaxSize: 50,
|
|
|
|
},
|
|
|
|
MimeTypes: webdavd.MimeCacheConfig{
|
|
|
|
Enabled: true,
|
|
|
|
MaxSize: 1000,
|
|
|
|
},
|
2020-08-31 17:25:17 +00:00
|
|
|
},
|
2020-08-11 21:56:10 +00:00
|
|
|
},
|
2019-07-20 10:26:52 +00:00
|
|
|
ProviderConf: dataprovider.Config{
|
|
|
|
Driver: "sqlite",
|
|
|
|
Name: "sftpgo.db",
|
|
|
|
Host: "",
|
2021-04-11 06:38:43 +00:00
|
|
|
Port: 0,
|
2019-07-20 10:26:52 +00:00
|
|
|
Username: "",
|
|
|
|
Password: "",
|
|
|
|
ConnectionString: "",
|
2020-06-07 21:30:18 +00:00
|
|
|
SQLTablesPrefix: "",
|
2019-07-20 10:26:52 +00:00
|
|
|
SSLMode: 0,
|
|
|
|
TrackQuota: 1,
|
2019-09-13 06:14:07 +00:00
|
|
|
PoolSize: 0,
|
2019-09-28 20:48:52 +00:00
|
|
|
UsersBaseDir: "",
|
2020-07-24 21:39:38 +00:00
|
|
|
Actions: dataprovider.UserActions{
|
2020-05-24 13:29:39 +00:00
|
|
|
ExecuteOn: []string{},
|
|
|
|
Hook: "",
|
2019-11-14 10:06:03 +00:00
|
|
|
},
|
2020-08-19 17:36:12 +00:00
|
|
|
ExternalAuthHook: "",
|
|
|
|
ExternalAuthScope: 0,
|
|
|
|
CredentialsPath: "credentials",
|
|
|
|
PreLoginHook: "",
|
|
|
|
PostLoginHook: "",
|
|
|
|
PostLoginScope: 0,
|
|
|
|
CheckPasswordHook: "",
|
|
|
|
CheckPasswordScope: 0,
|
2020-09-04 15:09:31 +00:00
|
|
|
PasswordHashing: dataprovider.PasswordHashing{
|
|
|
|
Argon2Options: dataprovider.Argon2Options{
|
|
|
|
Memory: 65536,
|
|
|
|
Iterations: 1,
|
|
|
|
Parallelism: 2,
|
|
|
|
},
|
2021-04-20 11:55:09 +00:00
|
|
|
BcryptOptions: dataprovider.BcryptOptions{
|
|
|
|
Cost: 10,
|
|
|
|
},
|
2021-04-25 07:38:33 +00:00
|
|
|
Algo: dataprovider.HashingAlgoBcrypt,
|
2020-09-04 15:09:31 +00:00
|
|
|
},
|
2021-04-20 07:39:36 +00:00
|
|
|
PasswordCaching: true,
|
2020-10-22 08:42:40 +00:00
|
|
|
UpdateMode: 0,
|
|
|
|
PreferDatabaseCredentials: false,
|
2021-03-04 08:48:53 +00:00
|
|
|
SkipNaturalKeysValidation: false,
|
2021-04-11 06:38:43 +00:00
|
|
|
DelayedQuotaUpdate: 0,
|
2021-05-14 17:21:15 +00:00
|
|
|
CreateDefaultAdmin: false,
|
2019-07-20 10:26:52 +00:00
|
|
|
},
|
2019-10-07 16:19:01 +00:00
|
|
|
HTTPDConfig: httpd.Conf{
|
2021-01-19 17:59:41 +00:00
|
|
|
Bindings: []httpd.Binding{defaultHTTPDBinding},
|
2020-02-03 23:08:00 +00:00
|
|
|
TemplatesPath: "templates",
|
|
|
|
StaticFilesPath: "static",
|
|
|
|
BackupsPath: "backups",
|
2021-05-06 19:35:43 +00:00
|
|
|
WebRoot: "",
|
2020-02-03 23:08:00 +00:00
|
|
|
CertificateFile: "",
|
|
|
|
CertificateKeyFile: "",
|
2021-04-09 20:02:48 +00:00
|
|
|
CACertificates: nil,
|
|
|
|
CARevocationLists: nil,
|
2021-07-01 18:17:40 +00:00
|
|
|
SigningPassphrase: "",
|
2021-07-23 08:19:27 +00:00
|
|
|
MaxUploadFileSize: 1048576000,
|
2019-07-20 10:26:52 +00:00
|
|
|
},
|
2020-04-26 21:29:09 +00:00
|
|
|
HTTPConfig: httpclient.Config{
|
|
|
|
Timeout: 20,
|
2021-02-12 20:42:49 +00:00
|
|
|
RetryWaitMin: 2,
|
|
|
|
RetryWaitMax: 30,
|
|
|
|
RetryMax: 3,
|
2020-04-26 21:29:09 +00:00
|
|
|
CACertificates: nil,
|
2021-02-13 13:41:37 +00:00
|
|
|
Certificates: nil,
|
2020-05-03 09:37:50 +00:00
|
|
|
SkipTLSVerify: false,
|
2021-05-25 06:36:01 +00:00
|
|
|
Headers: nil,
|
2020-04-26 21:29:09 +00:00
|
|
|
},
|
2020-11-30 20:46:34 +00:00
|
|
|
KMSConfig: kms.Configuration{
|
|
|
|
Secrets: kms.Secrets{
|
2021-07-17 13:34:48 +00:00
|
|
|
URL: "",
|
|
|
|
MasterKeyString: "",
|
|
|
|
MasterKeyPath: "",
|
2020-11-30 20:46:34 +00:00
|
|
|
},
|
|
|
|
},
|
2020-12-18 08:01:19 +00:00
|
|
|
TelemetryConfig: telemetry.Conf{
|
2020-12-18 15:04:42 +00:00
|
|
|
BindPort: 10000,
|
|
|
|
BindAddress: "127.0.0.1",
|
|
|
|
EnableProfiler: false,
|
|
|
|
AuthUserFile: "",
|
|
|
|
CertificateFile: "",
|
|
|
|
CertificateKeyFile: "",
|
2021-02-18 19:17:16 +00:00
|
|
|
TLSCipherSuites: nil,
|
2020-12-18 08:01:19 +00:00
|
|
|
},
|
2021-07-11 13:26:51 +00:00
|
|
|
PluginsConfig: nil,
|
2019-07-20 10:26:52 +00:00
|
|
|
}
|
2019-08-07 20:46:13 +00:00
|
|
|
|
|
|
|
viper.SetEnvPrefix(configEnvPrefix)
|
|
|
|
replacer := strings.NewReplacer(".", "__")
|
|
|
|
viper.SetEnvKeyReplacer(replacer)
|
2020-12-03 15:23:33 +00:00
|
|
|
viper.SetConfigName(configName)
|
2020-10-30 17:58:57 +00:00
|
|
|
setViperDefaults()
|
2019-08-07 20:46:13 +00:00
|
|
|
viper.AutomaticEnv()
|
2019-09-03 21:13:33 +00:00
|
|
|
viper.AllowEmptyEnv(true)
|
2019-07-20 10:26:52 +00:00
|
|
|
}
|
|
|
|
|
2020-07-24 21:39:38 +00:00
|
|
|
// GetCommonConfig returns the common protocols configuration
|
|
|
|
func GetCommonConfig() common.Configuration {
|
|
|
|
return globalConf.Common
|
|
|
|
}
|
|
|
|
|
|
|
|
// SetCommonConfig sets the common protocols configuration
|
|
|
|
func SetCommonConfig(config common.Configuration) {
|
|
|
|
globalConf.Common = config
|
|
|
|
}
|
|
|
|
|
2019-07-30 18:51:29 +00:00
|
|
|
// GetSFTPDConfig returns the configuration for the SFTP server
|
2019-07-20 10:26:52 +00:00
|
|
|
func GetSFTPDConfig() sftpd.Configuration {
|
|
|
|
return globalConf.SFTPD
|
|
|
|
}
|
|
|
|
|
2019-10-24 16:50:35 +00:00
|
|
|
// SetSFTPDConfig sets the configuration for the SFTP server
|
|
|
|
func SetSFTPDConfig(config sftpd.Configuration) {
|
|
|
|
globalConf.SFTPD = config
|
|
|
|
}
|
|
|
|
|
2020-07-29 19:56:56 +00:00
|
|
|
// GetFTPDConfig returns the configuration for the FTP server
|
|
|
|
func GetFTPDConfig() ftpd.Configuration {
|
|
|
|
return globalConf.FTPD
|
|
|
|
}
|
|
|
|
|
|
|
|
// SetFTPDConfig sets the configuration for the FTP server
|
|
|
|
func SetFTPDConfig(config ftpd.Configuration) {
|
|
|
|
globalConf.FTPD = config
|
|
|
|
}
|
|
|
|
|
2020-08-11 21:56:10 +00:00
|
|
|
// GetWebDAVDConfig returns the configuration for the WebDAV server
|
|
|
|
func GetWebDAVDConfig() webdavd.Configuration {
|
|
|
|
return globalConf.WebDAVD
|
|
|
|
}
|
|
|
|
|
|
|
|
// SetWebDAVDConfig sets the configuration for the WebDAV server
|
|
|
|
func SetWebDAVDConfig(config webdavd.Configuration) {
|
|
|
|
globalConf.WebDAVD = config
|
|
|
|
}
|
|
|
|
|
2019-07-30 18:51:29 +00:00
|
|
|
// GetHTTPDConfig returns the configuration for the HTTP server
|
2019-10-07 16:19:01 +00:00
|
|
|
func GetHTTPDConfig() httpd.Conf {
|
2019-07-20 10:26:52 +00:00
|
|
|
return globalConf.HTTPDConfig
|
|
|
|
}
|
|
|
|
|
2019-10-24 16:50:35 +00:00
|
|
|
// SetHTTPDConfig sets the configuration for the HTTP server
|
|
|
|
func SetHTTPDConfig(config httpd.Conf) {
|
|
|
|
globalConf.HTTPDConfig = config
|
|
|
|
}
|
|
|
|
|
2020-12-03 15:23:33 +00:00
|
|
|
// GetProviderConf returns the configuration for the data provider
|
2019-07-20 10:26:52 +00:00
|
|
|
func GetProviderConf() dataprovider.Config {
|
|
|
|
return globalConf.ProviderConf
|
|
|
|
}
|
|
|
|
|
2020-12-03 15:23:33 +00:00
|
|
|
// SetProviderConf sets the configuration for the data provider
|
2019-10-24 16:50:35 +00:00
|
|
|
func SetProviderConf(config dataprovider.Config) {
|
|
|
|
globalConf.ProviderConf = config
|
|
|
|
}
|
|
|
|
|
2020-04-26 21:29:09 +00:00
|
|
|
// GetHTTPConfig returns the configuration for HTTP clients
|
|
|
|
func GetHTTPConfig() httpclient.Config {
|
|
|
|
return globalConf.HTTPConfig
|
|
|
|
}
|
|
|
|
|
2020-11-30 20:46:34 +00:00
|
|
|
// GetKMSConfig returns the KMS configuration
|
|
|
|
func GetKMSConfig() kms.Configuration {
|
|
|
|
return globalConf.KMSConfig
|
|
|
|
}
|
|
|
|
|
|
|
|
// SetKMSConfig sets the kms configuration
|
|
|
|
func SetKMSConfig(config kms.Configuration) {
|
|
|
|
globalConf.KMSConfig = config
|
|
|
|
}
|
|
|
|
|
2020-12-18 08:01:19 +00:00
|
|
|
// GetTelemetryConfig returns the telemetry configuration
|
|
|
|
func GetTelemetryConfig() telemetry.Conf {
|
|
|
|
return globalConf.TelemetryConfig
|
|
|
|
}
|
|
|
|
|
|
|
|
// SetTelemetryConfig sets the telemetry configuration
|
|
|
|
func SetTelemetryConfig(config telemetry.Conf) {
|
|
|
|
globalConf.TelemetryConfig = config
|
|
|
|
}
|
|
|
|
|
2021-07-11 13:26:51 +00:00
|
|
|
// GetPluginsConfig returns the plugins configuration
|
|
|
|
func GetPluginsConfig() []plugin.Config {
|
|
|
|
return globalConf.PluginsConfig
|
|
|
|
}
|
|
|
|
|
2020-11-24 12:44:57 +00:00
|
|
|
// HasServicesToStart returns true if the config defines at least a service to start.
|
|
|
|
// Supported services are SFTP, FTP and WebDAV
|
|
|
|
func HasServicesToStart() bool {
|
2020-12-23 15:12:30 +00:00
|
|
|
if globalConf.SFTPD.ShouldBind() {
|
2020-11-24 12:44:57 +00:00
|
|
|
return true
|
|
|
|
}
|
2020-12-23 15:12:30 +00:00
|
|
|
if globalConf.FTPD.ShouldBind() {
|
2020-11-24 12:44:57 +00:00
|
|
|
return true
|
|
|
|
}
|
2020-12-23 15:12:30 +00:00
|
|
|
if globalConf.WebDAVD.ShouldBind() {
|
2020-11-24 12:44:57 +00:00
|
|
|
return true
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2019-09-13 19:57:52 +00:00
|
|
|
func getRedactedGlobalConf() globalConfig {
|
|
|
|
conf := globalConf
|
2021-07-11 13:26:51 +00:00
|
|
|
conf.Common.Actions.Hook = util.GetRedactedURL(conf.Common.Actions.Hook)
|
|
|
|
conf.Common.StartupHook = util.GetRedactedURL(conf.Common.StartupHook)
|
|
|
|
conf.Common.PostConnectHook = util.GetRedactedURL(conf.Common.PostConnectHook)
|
|
|
|
conf.SFTPD.KeyboardInteractiveHook = util.GetRedactedURL(conf.SFTPD.KeyboardInteractiveHook)
|
2021-07-01 18:17:40 +00:00
|
|
|
conf.HTTPDConfig.SigningPassphrase = "[redacted]"
|
2019-09-13 19:57:52 +00:00
|
|
|
conf.ProviderConf.Password = "[redacted]"
|
2021-07-11 13:26:51 +00:00
|
|
|
conf.ProviderConf.Actions.Hook = util.GetRedactedURL(conf.ProviderConf.Actions.Hook)
|
|
|
|
conf.ProviderConf.ExternalAuthHook = util.GetRedactedURL(conf.ProviderConf.ExternalAuthHook)
|
|
|
|
conf.ProviderConf.PreLoginHook = util.GetRedactedURL(conf.ProviderConf.PreLoginHook)
|
|
|
|
conf.ProviderConf.PostLoginHook = util.GetRedactedURL(conf.ProviderConf.PostLoginHook)
|
|
|
|
conf.ProviderConf.CheckPasswordHook = util.GetRedactedURL(conf.ProviderConf.CheckPasswordHook)
|
2019-09-13 19:57:52 +00:00
|
|
|
return conf
|
|
|
|
}
|
|
|
|
|
2020-12-03 16:16:35 +00:00
|
|
|
func setConfigFile(configDir, configFile string) {
|
|
|
|
if configFile == "" {
|
|
|
|
return
|
|
|
|
}
|
2021-07-11 13:26:51 +00:00
|
|
|
if !filepath.IsAbs(configFile) && util.IsFileInputValid(configFile) {
|
2020-12-03 16:16:35 +00:00
|
|
|
configFile = filepath.Join(configDir, configFile)
|
|
|
|
}
|
|
|
|
viper.SetConfigFile(configFile)
|
|
|
|
}
|
|
|
|
|
2019-08-07 20:46:13 +00:00
|
|
|
// LoadConfig loads the configuration
|
|
|
|
// configDir will be added to the configuration search paths.
|
|
|
|
// The search path contains by default the current directory and on linux it contains
|
|
|
|
// $HOME/.config/sftpgo and /etc/sftpgo too.
|
2020-12-03 16:16:35 +00:00
|
|
|
// configFile is an absolute or relative path (to the config dir) to the configuration file.
|
2020-12-03 15:23:33 +00:00
|
|
|
func LoadConfig(configDir, configFile string) error {
|
2019-08-07 20:46:13 +00:00
|
|
|
var err error
|
|
|
|
viper.AddConfigPath(configDir)
|
2019-09-05 20:07:59 +00:00
|
|
|
setViperAdditionalConfigPaths()
|
|
|
|
viper.AddConfigPath(".")
|
2020-12-03 16:16:35 +00:00
|
|
|
setConfigFile(configDir, configFile)
|
2019-08-07 20:46:13 +00:00
|
|
|
if err = viper.ReadInConfig(); err != nil {
|
2021-01-03 16:57:07 +00:00
|
|
|
// if the user specify a configuration file we get os.ErrNotExist.
|
|
|
|
// viper.ConfigFileNotFoundError is returned if viper is unable
|
|
|
|
// to find sftpgo.{json,yaml, etc..} in any of the search paths
|
|
|
|
if errors.As(err, &viper.ConfigFileNotFoundError{}) {
|
|
|
|
logger.Debug(logSender, "", "no configuration file found")
|
|
|
|
} else {
|
|
|
|
// should we return the error and not start here?
|
|
|
|
logger.Warn(logSender, "", "error loading configuration file: %v", err)
|
|
|
|
logger.WarnToConsole("error loading configuration file: %v", err)
|
|
|
|
}
|
2019-07-20 10:26:52 +00:00
|
|
|
}
|
2019-08-07 20:46:13 +00:00
|
|
|
err = viper.Unmarshal(&globalConf)
|
2019-07-20 10:26:52 +00:00
|
|
|
if err != nil {
|
2020-12-03 16:16:35 +00:00
|
|
|
logger.Warn(logSender, "", "error parsing configuration file: %v", err)
|
|
|
|
logger.WarnToConsole("error parsing configuration file: %v", err)
|
2019-07-20 10:26:52 +00:00
|
|
|
return err
|
|
|
|
}
|
2020-12-23 15:12:30 +00:00
|
|
|
// viper only supports slice of strings from env vars, so we use our custom method
|
|
|
|
loadBindingsFromEnv()
|
2019-07-29 06:53:22 +00:00
|
|
|
if strings.TrimSpace(globalConf.SFTPD.Banner) == "" {
|
2020-07-29 19:56:56 +00:00
|
|
|
globalConf.SFTPD.Banner = defaultSFTPDBanner
|
|
|
|
}
|
|
|
|
if strings.TrimSpace(globalConf.FTPD.Banner) == "" {
|
|
|
|
globalConf.FTPD.Banner = defaultFTPDBanner
|
2019-07-29 06:53:22 +00:00
|
|
|
}
|
2021-07-11 13:26:51 +00:00
|
|
|
if globalConf.ProviderConf.UsersBaseDir != "" && !util.IsFileInputValid(globalConf.ProviderConf.UsersBaseDir) {
|
2020-03-03 08:09:58 +00:00
|
|
|
err = fmt.Errorf("invalid users base dir %#v will be ignored", globalConf.ProviderConf.UsersBaseDir)
|
|
|
|
globalConf.ProviderConf.UsersBaseDir = ""
|
|
|
|
logger.Warn(logSender, "", "Configuration error: %v", err)
|
|
|
|
logger.WarnToConsole("Configuration error: %v", err)
|
|
|
|
}
|
2020-07-24 21:39:38 +00:00
|
|
|
if globalConf.Common.UploadMode < 0 || globalConf.Common.UploadMode > 2 {
|
2020-12-03 16:16:35 +00:00
|
|
|
warn := fmt.Sprintf("invalid upload_mode 0, 1 and 2 are supported, configured: %v reset upload_mode to 0",
|
2020-07-24 21:39:38 +00:00
|
|
|
globalConf.Common.UploadMode)
|
|
|
|
globalConf.Common.UploadMode = 0
|
2020-12-03 16:16:35 +00:00
|
|
|
logger.Warn(logSender, "", "Configuration error: %v", warn)
|
|
|
|
logger.WarnToConsole("Configuration error: %v", warn)
|
2019-08-04 07:37:58 +00:00
|
|
|
}
|
2020-07-24 21:39:38 +00:00
|
|
|
if globalConf.Common.ProxyProtocol < 0 || globalConf.Common.ProxyProtocol > 2 {
|
2020-12-03 16:16:35 +00:00
|
|
|
warn := fmt.Sprintf("invalid proxy_protocol 0, 1 and 2 are supported, configured: %v reset proxy_protocol to 0",
|
2020-07-24 21:39:38 +00:00
|
|
|
globalConf.Common.ProxyProtocol)
|
|
|
|
globalConf.Common.ProxyProtocol = 0
|
2020-12-03 16:16:35 +00:00
|
|
|
logger.Warn(logSender, "", "Configuration error: %v", warn)
|
|
|
|
logger.WarnToConsole("Configuration error: %v", warn)
|
2020-02-28 23:02:06 +00:00
|
|
|
}
|
2021-02-28 11:10:40 +00:00
|
|
|
if globalConf.ProviderConf.ExternalAuthScope < 0 || globalConf.ProviderConf.ExternalAuthScope > 15 {
|
2020-12-03 16:16:35 +00:00
|
|
|
warn := fmt.Sprintf("invalid external_auth_scope: %v reset to 0", globalConf.ProviderConf.ExternalAuthScope)
|
2020-01-06 20:42:41 +00:00
|
|
|
globalConf.ProviderConf.ExternalAuthScope = 0
|
2020-12-03 16:16:35 +00:00
|
|
|
logger.Warn(logSender, "", "Configuration error: %v", warn)
|
|
|
|
logger.WarnToConsole("Configuration error: %v", warn)
|
2020-01-06 20:42:41 +00:00
|
|
|
}
|
2020-12-03 16:16:35 +00:00
|
|
|
if globalConf.ProviderConf.CredentialsPath == "" {
|
|
|
|
warn := "invalid credentials path, reset to \"credentials\""
|
2020-01-31 18:04:00 +00:00
|
|
|
globalConf.ProviderConf.CredentialsPath = "credentials"
|
2020-12-03 16:16:35 +00:00
|
|
|
logger.Warn(logSender, "", "Configuration error: %v", warn)
|
|
|
|
logger.WarnToConsole("Configuration error: %v", warn)
|
2020-01-31 18:04:00 +00:00
|
|
|
}
|
2020-03-03 08:09:58 +00:00
|
|
|
logger.Debug(logSender, "", "config file used: '%#v', config loaded: %+v", viper.ConfigFileUsed(), getRedactedGlobalConf())
|
2020-12-03 16:16:35 +00:00
|
|
|
return nil
|
2019-07-20 10:26:52 +00:00
|
|
|
}
|
2020-04-01 21:25:23 +00:00
|
|
|
|
2020-12-23 15:12:30 +00:00
|
|
|
func loadBindingsFromEnv() {
|
2021-04-18 10:31:06 +00:00
|
|
|
for idx := 0; idx < 10; idx++ {
|
|
|
|
getRateLimitersFromEnv(idx)
|
2021-07-11 13:26:51 +00:00
|
|
|
getPluginsFromEnv(idx)
|
2020-12-23 15:12:30 +00:00
|
|
|
getSFTPDBindindFromEnv(idx)
|
|
|
|
getFTPDBindingFromEnv(idx)
|
|
|
|
getWebDAVDBindingFromEnv(idx)
|
2021-01-19 17:59:41 +00:00
|
|
|
getHTTPDBindingFromEnv(idx)
|
2021-02-13 13:41:37 +00:00
|
|
|
getHTTPClientCertificatesFromEnv(idx)
|
2021-05-25 06:36:01 +00:00
|
|
|
getHTTPClientHeadersFromEnv(idx)
|
2020-12-23 15:12:30 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-04-18 10:31:06 +00:00
|
|
|
func getRateLimitersFromEnv(idx int) {
|
|
|
|
rtlConfig := defaultRateLimiter
|
|
|
|
if len(globalConf.Common.RateLimitersConfig) > idx {
|
|
|
|
rtlConfig = globalConf.Common.RateLimitersConfig[idx]
|
|
|
|
}
|
|
|
|
|
|
|
|
isSet := false
|
|
|
|
|
|
|
|
average, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_COMMON__RATE_LIMITERS__%v__AVERAGE", idx))
|
|
|
|
if ok {
|
|
|
|
rtlConfig.Average = average
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
period, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_COMMON__RATE_LIMITERS__%v__PERIOD", idx))
|
|
|
|
if ok {
|
|
|
|
rtlConfig.Period = period
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
burst, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_COMMON__RATE_LIMITERS__%v__BURST", idx))
|
|
|
|
if ok {
|
|
|
|
rtlConfig.Burst = int(burst)
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
rtlType, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_COMMON__RATE_LIMITERS__%v__TYPE", idx))
|
|
|
|
if ok {
|
|
|
|
rtlConfig.Type = int(rtlType)
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
protocols, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_COMMON__RATE_LIMITERS__%v__PROTOCOLS", idx))
|
|
|
|
if ok {
|
|
|
|
rtlConfig.Protocols = protocols
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
generateEvents, ok := lookupBoolFromEnv(fmt.Sprintf("SFTPGO_COMMON__RATE_LIMITERS__%v__GENERATE_DEFENDER_EVENTS", idx))
|
|
|
|
if ok {
|
|
|
|
rtlConfig.GenerateDefenderEvents = generateEvents
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
softLimit, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_COMMON__RATE_LIMITERS__%v__ENTRIES_SOFT_LIMIT", idx))
|
|
|
|
if ok {
|
|
|
|
rtlConfig.EntriesSoftLimit = int(softLimit)
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
hardLimit, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_COMMON__RATE_LIMITERS__%v__ENTRIES_HARD_LIMIT", idx))
|
|
|
|
if ok {
|
|
|
|
rtlConfig.EntriesHardLimit = int(hardLimit)
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
if isSet {
|
|
|
|
if len(globalConf.Common.RateLimitersConfig) > idx {
|
|
|
|
globalConf.Common.RateLimitersConfig[idx] = rtlConfig
|
|
|
|
} else {
|
|
|
|
globalConf.Common.RateLimitersConfig = append(globalConf.Common.RateLimitersConfig, rtlConfig)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-07-11 13:26:51 +00:00
|
|
|
func getPluginsFromEnv(idx int) {
|
|
|
|
pluginConfig := plugin.Config{}
|
|
|
|
if len(globalConf.PluginsConfig) > idx {
|
|
|
|
pluginConfig = globalConf.PluginsConfig[idx]
|
|
|
|
}
|
|
|
|
|
|
|
|
isSet := false
|
|
|
|
|
|
|
|
pluginType, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__TYPE", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.Type = pluginType
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
notifierFsEvents, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__NOTIFIER_OPTIONS__FS_EVENTS", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.NotifierOptions.FsEvents = notifierFsEvents
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
notifierUserEvents, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__NOTIFIER_OPTIONS__USER_EVENTS", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.NotifierOptions.UserEvents = notifierUserEvents
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-07-20 10:51:21 +00:00
|
|
|
notifierRetryMaxTime, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__NOTIFIER_OPTIONS__RETRY_MAX_TIME", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.NotifierOptions.RetryMaxTime = int(notifierRetryMaxTime)
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
notifierRetryQueueMaxSize, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__NOTIFIER_OPTIONS__RETRY_QUEUE_MAX_SIZE", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.NotifierOptions.RetryQueueMaxSize = int(notifierRetryQueueMaxSize)
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-07-16 16:22:42 +00:00
|
|
|
kmsScheme, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__KMS_OPTIONS__SCHEME", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.KMSOptions.Scheme = kmsScheme
|
|
|
|
}
|
|
|
|
|
|
|
|
kmsEncStatus, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__KMS_OPTIONS__ENCRYPTED_STATUS", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.KMSOptions.EncryptedStatus = kmsEncStatus
|
|
|
|
}
|
|
|
|
|
2021-07-11 13:26:51 +00:00
|
|
|
cmd, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__CMD", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.Cmd = cmd
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
cmdArgs, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__ARGS", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.Args = cmdArgs
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
pluginHash, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__SHA256SUM", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.SHA256Sum = pluginHash
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
autoMTLS, ok := lookupBoolFromEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__AUTO_MTLS", idx))
|
|
|
|
if ok {
|
|
|
|
pluginConfig.AutoMTLS = autoMTLS
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
if isSet {
|
|
|
|
if len(globalConf.PluginsConfig) > idx {
|
|
|
|
globalConf.PluginsConfig[idx] = pluginConfig
|
|
|
|
} else {
|
|
|
|
globalConf.PluginsConfig = append(globalConf.PluginsConfig, pluginConfig)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-12-23 15:12:30 +00:00
|
|
|
func getSFTPDBindindFromEnv(idx int) {
|
2021-04-16 11:35:13 +00:00
|
|
|
binding := sftpd.Binding{
|
|
|
|
ApplyProxyConfig: true,
|
|
|
|
}
|
2020-12-23 15:12:30 +00:00
|
|
|
if len(globalConf.SFTPD.Bindings) > idx {
|
|
|
|
binding = globalConf.SFTPD.Bindings[idx]
|
|
|
|
}
|
|
|
|
|
|
|
|
isSet := false
|
|
|
|
|
|
|
|
port, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_SFTPD__BINDINGS__%v__PORT", idx))
|
|
|
|
if ok {
|
2021-04-18 10:31:06 +00:00
|
|
|
binding.Port = int(port)
|
2020-12-23 15:12:30 +00:00
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
address, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_SFTPD__BINDINGS__%v__ADDRESS", idx))
|
|
|
|
if ok {
|
|
|
|
binding.Address = address
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
applyProxyConfig, ok := lookupBoolFromEnv(fmt.Sprintf("SFTPGO_SFTPD__BINDINGS__%v__APPLY_PROXY_CONFIG", idx))
|
|
|
|
if ok {
|
|
|
|
binding.ApplyProxyConfig = applyProxyConfig
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
if isSet {
|
|
|
|
if len(globalConf.SFTPD.Bindings) > idx {
|
|
|
|
globalConf.SFTPD.Bindings[idx] = binding
|
|
|
|
} else {
|
|
|
|
globalConf.SFTPD.Bindings = append(globalConf.SFTPD.Bindings, binding)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func getFTPDBindingFromEnv(idx int) {
|
2021-04-16 11:35:13 +00:00
|
|
|
binding := ftpd.Binding{
|
|
|
|
ApplyProxyConfig: true,
|
|
|
|
}
|
2020-12-23 15:12:30 +00:00
|
|
|
if len(globalConf.FTPD.Bindings) > idx {
|
|
|
|
binding = globalConf.FTPD.Bindings[idx]
|
|
|
|
}
|
|
|
|
|
|
|
|
isSet := false
|
|
|
|
|
|
|
|
port, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_FTPD__BINDINGS__%v__PORT", idx))
|
|
|
|
if ok {
|
2021-04-18 10:31:06 +00:00
|
|
|
binding.Port = int(port)
|
2020-12-23 15:12:30 +00:00
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
address, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_FTPD__BINDINGS__%v__ADDRESS", idx))
|
|
|
|
if ok {
|
|
|
|
binding.Address = address
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
applyProxyConfig, ok := lookupBoolFromEnv(fmt.Sprintf("SFTPGO_FTPD__BINDINGS__%v__APPLY_PROXY_CONFIG", idx))
|
|
|
|
if ok {
|
|
|
|
binding.ApplyProxyConfig = applyProxyConfig
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
tlsMode, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_FTPD__BINDINGS__%v__TLS_MODE", idx))
|
|
|
|
if ok {
|
2021-04-18 10:31:06 +00:00
|
|
|
binding.TLSMode = int(tlsMode)
|
2020-12-23 15:12:30 +00:00
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
passiveIP, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_FTPD__BINDINGS__%v__FORCE_PASSIVE_IP", idx))
|
|
|
|
if ok {
|
|
|
|
binding.ForcePassiveIP = passiveIP
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2020-12-29 08:20:09 +00:00
|
|
|
clientAuthType, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_FTPD__BINDINGS__%v__CLIENT_AUTH_TYPE", idx))
|
|
|
|
if ok {
|
2021-04-18 10:31:06 +00:00
|
|
|
binding.ClientAuthType = int(clientAuthType)
|
2020-12-29 08:20:09 +00:00
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-02-18 19:17:16 +00:00
|
|
|
tlsCiphers, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_FTPD__BINDINGS__%v__TLS_CIPHER_SUITES", idx))
|
|
|
|
if ok {
|
|
|
|
binding.TLSCipherSuites = tlsCiphers
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-07-20 15:22:08 +00:00
|
|
|
debug, ok := lookupBoolFromEnv(fmt.Sprintf("SFTPGO_FTPD__BINDINGS__%v__DEBUG", idx))
|
|
|
|
if ok {
|
|
|
|
binding.Debug = debug
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2020-12-23 15:12:30 +00:00
|
|
|
if isSet {
|
|
|
|
if len(globalConf.FTPD.Bindings) > idx {
|
|
|
|
globalConf.FTPD.Bindings[idx] = binding
|
|
|
|
} else {
|
|
|
|
globalConf.FTPD.Bindings = append(globalConf.FTPD.Bindings, binding)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func getWebDAVDBindingFromEnv(idx int) {
|
|
|
|
binding := webdavd.Binding{}
|
|
|
|
if len(globalConf.WebDAVD.Bindings) > idx {
|
|
|
|
binding = globalConf.WebDAVD.Bindings[idx]
|
|
|
|
}
|
|
|
|
|
|
|
|
isSet := false
|
|
|
|
|
|
|
|
port, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_WEBDAVD__BINDINGS__%v__PORT", idx))
|
|
|
|
if ok {
|
2021-04-18 10:31:06 +00:00
|
|
|
binding.Port = int(port)
|
2020-12-23 15:12:30 +00:00
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
address, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_WEBDAVD__BINDINGS__%v__ADDRESS", idx))
|
|
|
|
if ok {
|
|
|
|
binding.Address = address
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
enableHTTPS, ok := lookupBoolFromEnv(fmt.Sprintf("SFTPGO_WEBDAVD__BINDINGS__%v__ENABLE_HTTPS", idx))
|
|
|
|
if ok {
|
|
|
|
binding.EnableHTTPS = enableHTTPS
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2020-12-28 18:48:23 +00:00
|
|
|
clientAuthType, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_WEBDAVD__BINDINGS__%v__CLIENT_AUTH_TYPE", idx))
|
|
|
|
if ok {
|
2021-04-18 10:31:06 +00:00
|
|
|
binding.ClientAuthType = int(clientAuthType)
|
2020-12-28 18:48:23 +00:00
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-02-18 19:17:16 +00:00
|
|
|
tlsCiphers, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_WEBDAVD__BINDINGS__%v__TLS_CIPHER_SUITES", idx))
|
|
|
|
if ok {
|
|
|
|
binding.TLSCipherSuites = tlsCiphers
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-05-11 04:54:06 +00:00
|
|
|
proxyAllowed, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_WEBDAVD__BINDINGS__%v__PROXY_ALLOWED", idx))
|
|
|
|
if ok {
|
|
|
|
binding.ProxyAllowed = proxyAllowed
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-03-07 16:10:45 +00:00
|
|
|
prefix, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_WEBDAVD__BINDINGS__%v__PREFIX", idx))
|
|
|
|
if ok {
|
|
|
|
binding.Prefix = prefix
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2020-12-23 15:12:30 +00:00
|
|
|
if isSet {
|
|
|
|
if len(globalConf.WebDAVD.Bindings) > idx {
|
|
|
|
globalConf.WebDAVD.Bindings[idx] = binding
|
|
|
|
} else {
|
|
|
|
globalConf.WebDAVD.Bindings = append(globalConf.WebDAVD.Bindings, binding)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-01-19 17:59:41 +00:00
|
|
|
func getHTTPDBindingFromEnv(idx int) {
|
2021-06-17 13:57:41 +00:00
|
|
|
binding := httpd.Binding{
|
|
|
|
EnableWebAdmin: true,
|
|
|
|
EnableWebClient: true,
|
|
|
|
}
|
2021-01-19 17:59:41 +00:00
|
|
|
if len(globalConf.HTTPDConfig.Bindings) > idx {
|
|
|
|
binding = globalConf.HTTPDConfig.Bindings[idx]
|
|
|
|
}
|
|
|
|
|
|
|
|
isSet := false
|
|
|
|
|
|
|
|
port, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_HTTPD__BINDINGS__%v__PORT", idx))
|
|
|
|
if ok {
|
2021-04-18 10:31:06 +00:00
|
|
|
binding.Port = int(port)
|
2021-01-19 17:59:41 +00:00
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
address, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_HTTPD__BINDINGS__%v__ADDRESS", idx))
|
|
|
|
if ok {
|
|
|
|
binding.Address = address
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
enableWebAdmin, ok := lookupBoolFromEnv(fmt.Sprintf("SFTPGO_HTTPD__BINDINGS__%v__ENABLE_WEB_ADMIN", idx))
|
|
|
|
if ok {
|
|
|
|
binding.EnableWebAdmin = enableWebAdmin
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-05-06 19:35:43 +00:00
|
|
|
enableWebClient, ok := lookupBoolFromEnv(fmt.Sprintf("SFTPGO_HTTPD__BINDINGS__%v__ENABLE_WEB_CLIENT", idx))
|
|
|
|
if ok {
|
|
|
|
binding.EnableWebClient = enableWebClient
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-01-19 17:59:41 +00:00
|
|
|
enableHTTPS, ok := lookupBoolFromEnv(fmt.Sprintf("SFTPGO_HTTPD__BINDINGS__%v__ENABLE_HTTPS", idx))
|
|
|
|
if ok {
|
|
|
|
binding.EnableHTTPS = enableHTTPS
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
|
|
|
clientAuthType, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_HTTPD__BINDINGS__%v__CLIENT_AUTH_TYPE", idx))
|
|
|
|
if ok {
|
2021-04-18 10:31:06 +00:00
|
|
|
binding.ClientAuthType = int(clientAuthType)
|
2021-01-19 17:59:41 +00:00
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-02-18 19:17:16 +00:00
|
|
|
tlsCiphers, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_HTTPD__BINDINGS__%v__TLS_CIPHER_SUITES", idx))
|
|
|
|
if ok {
|
|
|
|
binding.TLSCipherSuites = tlsCiphers
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-05-11 04:54:06 +00:00
|
|
|
proxyAllowed, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_HTTPD__BINDINGS__%v__PROXY_ALLOWED", idx))
|
|
|
|
if ok {
|
|
|
|
binding.ProxyAllowed = proxyAllowed
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-07-27 16:43:00 +00:00
|
|
|
hideLoginURL, ok := lookupIntFromEnv(fmt.Sprintf("SFTPGO_HTTPD__BINDINGS__%v__HIDE_LOGIN_URL", idx))
|
|
|
|
if ok {
|
|
|
|
binding.HideLoginURL = int(hideLoginURL)
|
|
|
|
isSet = true
|
|
|
|
}
|
|
|
|
|
2021-01-19 17:59:41 +00:00
|
|
|
if isSet {
|
|
|
|
if len(globalConf.HTTPDConfig.Bindings) > idx {
|
|
|
|
globalConf.HTTPDConfig.Bindings[idx] = binding
|
|
|
|
} else {
|
|
|
|
globalConf.HTTPDConfig.Bindings = append(globalConf.HTTPDConfig.Bindings, binding)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-02-13 13:41:37 +00:00
|
|
|
func getHTTPClientCertificatesFromEnv(idx int) {
|
|
|
|
tlsCert := httpclient.TLSKeyPair{}
|
|
|
|
|
|
|
|
cert, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_HTTP__CERTIFICATES__%v__CERT", idx))
|
|
|
|
if ok {
|
|
|
|
tlsCert.Cert = cert
|
|
|
|
}
|
|
|
|
|
|
|
|
key, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_HTTP__CERTIFICATES__%v__KEY", idx))
|
|
|
|
if ok {
|
|
|
|
tlsCert.Key = key
|
|
|
|
}
|
|
|
|
|
|
|
|
if tlsCert.Cert != "" && tlsCert.Key != "" {
|
|
|
|
if len(globalConf.HTTPConfig.Certificates) > idx {
|
|
|
|
globalConf.HTTPConfig.Certificates[idx] = tlsCert
|
|
|
|
} else {
|
|
|
|
globalConf.HTTPConfig.Certificates = append(globalConf.HTTPConfig.Certificates, tlsCert)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-05-25 06:36:01 +00:00
|
|
|
func getHTTPClientHeadersFromEnv(idx int) {
|
|
|
|
header := httpclient.Header{}
|
|
|
|
|
|
|
|
key, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_HTTP__HEADERS__%v__KEY", idx))
|
|
|
|
if ok {
|
|
|
|
header.Key = key
|
|
|
|
}
|
|
|
|
|
|
|
|
value, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_HTTP__HEADERS__%v__VALUE", idx))
|
|
|
|
if ok {
|
|
|
|
header.Value = value
|
|
|
|
}
|
|
|
|
|
|
|
|
url, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_HTTP__HEADERS__%v__URL", idx))
|
|
|
|
if ok {
|
|
|
|
header.URL = url
|
|
|
|
}
|
|
|
|
|
|
|
|
if header.Key != "" && header.Value != "" {
|
|
|
|
if len(globalConf.HTTPConfig.Headers) > idx {
|
|
|
|
globalConf.HTTPConfig.Headers[idx] = header
|
|
|
|
} else {
|
|
|
|
globalConf.HTTPConfig.Headers = append(globalConf.HTTPConfig.Headers, header)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-10-30 17:58:57 +00:00
|
|
|
func setViperDefaults() {
|
|
|
|
viper.SetDefault("common.idle_timeout", globalConf.Common.IdleTimeout)
|
|
|
|
viper.SetDefault("common.upload_mode", globalConf.Common.UploadMode)
|
|
|
|
viper.SetDefault("common.actions.execute_on", globalConf.Common.Actions.ExecuteOn)
|
2021-05-11 10:45:14 +00:00
|
|
|
viper.SetDefault("common.actions.execute_sync", globalConf.Common.Actions.ExecuteSync)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("common.actions.hook", globalConf.Common.Actions.Hook)
|
|
|
|
viper.SetDefault("common.setstat_mode", globalConf.Common.SetstatMode)
|
2021-05-27 13:38:27 +00:00
|
|
|
viper.SetDefault("common.temp_path", globalConf.Common.TempPath)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("common.proxy_protocol", globalConf.Common.ProxyProtocol)
|
|
|
|
viper.SetDefault("common.proxy_allowed", globalConf.Common.ProxyAllowed)
|
|
|
|
viper.SetDefault("common.post_connect_hook", globalConf.Common.PostConnectHook)
|
2020-12-15 18:29:30 +00:00
|
|
|
viper.SetDefault("common.max_total_connections", globalConf.Common.MaxTotalConnections)
|
2021-05-08 17:45:21 +00:00
|
|
|
viper.SetDefault("common.max_per_host_connections", globalConf.Common.MaxPerHostConnections)
|
2021-01-02 13:05:09 +00:00
|
|
|
viper.SetDefault("common.defender.enabled", globalConf.Common.DefenderConfig.Enabled)
|
|
|
|
viper.SetDefault("common.defender.ban_time", globalConf.Common.DefenderConfig.BanTime)
|
|
|
|
viper.SetDefault("common.defender.ban_time_increment", globalConf.Common.DefenderConfig.BanTimeIncrement)
|
|
|
|
viper.SetDefault("common.defender.threshold", globalConf.Common.DefenderConfig.Threshold)
|
|
|
|
viper.SetDefault("common.defender.score_invalid", globalConf.Common.DefenderConfig.ScoreInvalid)
|
|
|
|
viper.SetDefault("common.defender.score_valid", globalConf.Common.DefenderConfig.ScoreValid)
|
2021-05-08 17:45:21 +00:00
|
|
|
viper.SetDefault("common.defender.score_limit_exceeded", globalConf.Common.DefenderConfig.ScoreLimitExceeded)
|
2021-01-02 13:05:09 +00:00
|
|
|
viper.SetDefault("common.defender.observation_time", globalConf.Common.DefenderConfig.ObservationTime)
|
|
|
|
viper.SetDefault("common.defender.entries_soft_limit", globalConf.Common.DefenderConfig.EntriesSoftLimit)
|
|
|
|
viper.SetDefault("common.defender.entries_hard_limit", globalConf.Common.DefenderConfig.EntriesHardLimit)
|
|
|
|
viper.SetDefault("common.defender.safelist_file", globalConf.Common.DefenderConfig.SafeListFile)
|
|
|
|
viper.SetDefault("common.defender.blocklist_file", globalConf.Common.DefenderConfig.BlockListFile)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("sftpd.max_auth_tries", globalConf.SFTPD.MaxAuthTries)
|
|
|
|
viper.SetDefault("sftpd.banner", globalConf.SFTPD.Banner)
|
|
|
|
viper.SetDefault("sftpd.host_keys", globalConf.SFTPD.HostKeys)
|
|
|
|
viper.SetDefault("sftpd.kex_algorithms", globalConf.SFTPD.KexAlgorithms)
|
|
|
|
viper.SetDefault("sftpd.ciphers", globalConf.SFTPD.Ciphers)
|
|
|
|
viper.SetDefault("sftpd.macs", globalConf.SFTPD.MACs)
|
|
|
|
viper.SetDefault("sftpd.trusted_user_ca_keys", globalConf.SFTPD.TrustedUserCAKeys)
|
|
|
|
viper.SetDefault("sftpd.login_banner_file", globalConf.SFTPD.LoginBannerFile)
|
2021-07-28 22:54:22 +00:00
|
|
|
viper.SetDefault("sftpd.enabled_ssh_commands", sftpd.GetDefaultSSHCommands())
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("sftpd.keyboard_interactive_auth_hook", globalConf.SFTPD.KeyboardInteractiveHook)
|
|
|
|
viper.SetDefault("sftpd.password_authentication", globalConf.SFTPD.PasswordAuthentication)
|
2021-07-28 22:32:55 +00:00
|
|
|
viper.SetDefault("sftpd.folder_prefix", globalConf.SFTPD.FolderPrefix)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("ftpd.banner", globalConf.FTPD.Banner)
|
|
|
|
viper.SetDefault("ftpd.banner_file", globalConf.FTPD.BannerFile)
|
|
|
|
viper.SetDefault("ftpd.active_transfers_port_non_20", globalConf.FTPD.ActiveTransfersPortNon20)
|
|
|
|
viper.SetDefault("ftpd.passive_port_range.start", globalConf.FTPD.PassivePortRange.Start)
|
|
|
|
viper.SetDefault("ftpd.passive_port_range.end", globalConf.FTPD.PassivePortRange.End)
|
2020-12-24 17:48:06 +00:00
|
|
|
viper.SetDefault("ftpd.disable_active_mode", globalConf.FTPD.DisableActiveMode)
|
|
|
|
viper.SetDefault("ftpd.enable_site", globalConf.FTPD.EnableSite)
|
|
|
|
viper.SetDefault("ftpd.hash_support", globalConf.FTPD.HASHSupport)
|
|
|
|
viper.SetDefault("ftpd.combine_support", globalConf.FTPD.CombineSupport)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("ftpd.certificate_file", globalConf.FTPD.CertificateFile)
|
|
|
|
viper.SetDefault("ftpd.certificate_key_file", globalConf.FTPD.CertificateKeyFile)
|
2020-12-29 08:20:09 +00:00
|
|
|
viper.SetDefault("ftpd.ca_certificates", globalConf.FTPD.CACertificates)
|
2021-01-03 16:03:04 +00:00
|
|
|
viper.SetDefault("ftpd.ca_revocation_lists", globalConf.FTPD.CARevocationLists)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("webdavd.certificate_file", globalConf.WebDAVD.CertificateFile)
|
|
|
|
viper.SetDefault("webdavd.certificate_key_file", globalConf.WebDAVD.CertificateKeyFile)
|
2020-12-28 18:48:23 +00:00
|
|
|
viper.SetDefault("webdavd.ca_certificates", globalConf.WebDAVD.CACertificates)
|
2021-01-03 16:03:04 +00:00
|
|
|
viper.SetDefault("webdavd.ca_revocation_lists", globalConf.WebDAVD.CARevocationLists)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("webdavd.cors.enabled", globalConf.WebDAVD.Cors.Enabled)
|
|
|
|
viper.SetDefault("webdavd.cors.allowed_origins", globalConf.WebDAVD.Cors.AllowedOrigins)
|
|
|
|
viper.SetDefault("webdavd.cors.allowed_methods", globalConf.WebDAVD.Cors.AllowedMethods)
|
|
|
|
viper.SetDefault("webdavd.cors.allowed_headers", globalConf.WebDAVD.Cors.AllowedHeaders)
|
|
|
|
viper.SetDefault("webdavd.cors.exposed_headers", globalConf.WebDAVD.Cors.ExposedHeaders)
|
|
|
|
viper.SetDefault("webdavd.cors.allow_credentials", globalConf.WebDAVD.Cors.AllowCredentials)
|
|
|
|
viper.SetDefault("webdavd.cors.max_age", globalConf.WebDAVD.Cors.MaxAge)
|
2020-11-04 18:11:40 +00:00
|
|
|
viper.SetDefault("webdavd.cache.users.expiration_time", globalConf.WebDAVD.Cache.Users.ExpirationTime)
|
|
|
|
viper.SetDefault("webdavd.cache.users.max_size", globalConf.WebDAVD.Cache.Users.MaxSize)
|
|
|
|
viper.SetDefault("webdavd.cache.mime_types.enabled", globalConf.WebDAVD.Cache.MimeTypes.Enabled)
|
|
|
|
viper.SetDefault("webdavd.cache.mime_types.max_size", globalConf.WebDAVD.Cache.MimeTypes.MaxSize)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("data_provider.driver", globalConf.ProviderConf.Driver)
|
|
|
|
viper.SetDefault("data_provider.name", globalConf.ProviderConf.Name)
|
|
|
|
viper.SetDefault("data_provider.host", globalConf.ProviderConf.Host)
|
|
|
|
viper.SetDefault("data_provider.port", globalConf.ProviderConf.Port)
|
|
|
|
viper.SetDefault("data_provider.username", globalConf.ProviderConf.Username)
|
|
|
|
viper.SetDefault("data_provider.password", globalConf.ProviderConf.Password)
|
|
|
|
viper.SetDefault("data_provider.sslmode", globalConf.ProviderConf.SSLMode)
|
|
|
|
viper.SetDefault("data_provider.connection_string", globalConf.ProviderConf.ConnectionString)
|
|
|
|
viper.SetDefault("data_provider.sql_tables_prefix", globalConf.ProviderConf.SQLTablesPrefix)
|
|
|
|
viper.SetDefault("data_provider.track_quota", globalConf.ProviderConf.TrackQuota)
|
|
|
|
viper.SetDefault("data_provider.pool_size", globalConf.ProviderConf.PoolSize)
|
|
|
|
viper.SetDefault("data_provider.users_base_dir", globalConf.ProviderConf.UsersBaseDir)
|
|
|
|
viper.SetDefault("data_provider.actions.execute_on", globalConf.ProviderConf.Actions.ExecuteOn)
|
|
|
|
viper.SetDefault("data_provider.actions.hook", globalConf.ProviderConf.Actions.Hook)
|
|
|
|
viper.SetDefault("data_provider.external_auth_hook", globalConf.ProviderConf.ExternalAuthHook)
|
|
|
|
viper.SetDefault("data_provider.external_auth_scope", globalConf.ProviderConf.ExternalAuthScope)
|
|
|
|
viper.SetDefault("data_provider.credentials_path", globalConf.ProviderConf.CredentialsPath)
|
|
|
|
viper.SetDefault("data_provider.prefer_database_credentials", globalConf.ProviderConf.PreferDatabaseCredentials)
|
|
|
|
viper.SetDefault("data_provider.pre_login_hook", globalConf.ProviderConf.PreLoginHook)
|
|
|
|
viper.SetDefault("data_provider.post_login_hook", globalConf.ProviderConf.PostLoginHook)
|
|
|
|
viper.SetDefault("data_provider.post_login_scope", globalConf.ProviderConf.PostLoginScope)
|
|
|
|
viper.SetDefault("data_provider.check_password_hook", globalConf.ProviderConf.CheckPasswordHook)
|
|
|
|
viper.SetDefault("data_provider.check_password_scope", globalConf.ProviderConf.CheckPasswordScope)
|
2021-04-25 07:38:33 +00:00
|
|
|
viper.SetDefault("data_provider.password_hashing.bcrypt_options.cost", globalConf.ProviderConf.PasswordHashing.BcryptOptions.Cost)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("data_provider.password_hashing.argon2_options.memory", globalConf.ProviderConf.PasswordHashing.Argon2Options.Memory)
|
|
|
|
viper.SetDefault("data_provider.password_hashing.argon2_options.iterations", globalConf.ProviderConf.PasswordHashing.Argon2Options.Iterations)
|
|
|
|
viper.SetDefault("data_provider.password_hashing.argon2_options.parallelism", globalConf.ProviderConf.PasswordHashing.Argon2Options.Parallelism)
|
2021-04-25 07:38:33 +00:00
|
|
|
viper.SetDefault("data_provider.password_hashing.algo", globalConf.ProviderConf.PasswordHashing.Algo)
|
2021-05-14 17:21:15 +00:00
|
|
|
viper.SetDefault("data_provider.password_caching", globalConf.ProviderConf.PasswordCaching)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("data_provider.update_mode", globalConf.ProviderConf.UpdateMode)
|
2021-03-04 08:48:53 +00:00
|
|
|
viper.SetDefault("data_provider.skip_natural_keys_validation", globalConf.ProviderConf.SkipNaturalKeysValidation)
|
2021-04-11 06:38:43 +00:00
|
|
|
viper.SetDefault("data_provider.delayed_quota_update", globalConf.ProviderConf.DelayedQuotaUpdate)
|
2021-05-14 17:21:15 +00:00
|
|
|
viper.SetDefault("data_provider.create_default_admin", globalConf.ProviderConf.CreateDefaultAdmin)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("httpd.templates_path", globalConf.HTTPDConfig.TemplatesPath)
|
|
|
|
viper.SetDefault("httpd.static_files_path", globalConf.HTTPDConfig.StaticFilesPath)
|
|
|
|
viper.SetDefault("httpd.backups_path", globalConf.HTTPDConfig.BackupsPath)
|
2021-05-06 19:35:43 +00:00
|
|
|
viper.SetDefault("httpd.web_root", globalConf.HTTPDConfig.WebRoot)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("httpd.certificate_file", globalConf.HTTPDConfig.CertificateFile)
|
|
|
|
viper.SetDefault("httpd.certificate_key_file", globalConf.HTTPDConfig.CertificateKeyFile)
|
2021-01-19 17:59:41 +00:00
|
|
|
viper.SetDefault("httpd.ca_certificates", globalConf.HTTPDConfig.CACertificates)
|
|
|
|
viper.SetDefault("httpd.ca_revocation_lists", globalConf.HTTPDConfig.CARevocationLists)
|
2021-07-01 18:17:40 +00:00
|
|
|
viper.SetDefault("httpd.signing_passphrase", globalConf.HTTPDConfig.SigningPassphrase)
|
2021-07-23 08:19:27 +00:00
|
|
|
viper.SetDefault("httpd.max_upload_file_size", globalConf.HTTPDConfig.MaxUploadFileSize)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("http.timeout", globalConf.HTTPConfig.Timeout)
|
2021-02-12 20:42:49 +00:00
|
|
|
viper.SetDefault("http.retry_wait_min", globalConf.HTTPConfig.RetryWaitMin)
|
|
|
|
viper.SetDefault("http.retry_wait_max", globalConf.HTTPConfig.RetryWaitMax)
|
|
|
|
viper.SetDefault("http.retry_max", globalConf.HTTPConfig.RetryMax)
|
2020-10-30 17:58:57 +00:00
|
|
|
viper.SetDefault("http.ca_certificates", globalConf.HTTPConfig.CACertificates)
|
|
|
|
viper.SetDefault("http.skip_tls_verify", globalConf.HTTPConfig.SkipTLSVerify)
|
2020-11-30 20:46:34 +00:00
|
|
|
viper.SetDefault("kms.secrets.url", globalConf.KMSConfig.Secrets.URL)
|
2021-07-17 13:34:48 +00:00
|
|
|
viper.SetDefault("kms.secrets.master_key", globalConf.KMSConfig.Secrets.MasterKeyString)
|
2020-11-30 20:46:34 +00:00
|
|
|
viper.SetDefault("kms.secrets.master_key_path", globalConf.KMSConfig.Secrets.MasterKeyPath)
|
2020-12-18 08:01:19 +00:00
|
|
|
viper.SetDefault("telemetry.bind_port", globalConf.TelemetryConfig.BindPort)
|
|
|
|
viper.SetDefault("telemetry.bind_address", globalConf.TelemetryConfig.BindAddress)
|
2020-12-18 15:04:42 +00:00
|
|
|
viper.SetDefault("telemetry.enable_profiler", globalConf.TelemetryConfig.EnableProfiler)
|
|
|
|
viper.SetDefault("telemetry.auth_user_file", globalConf.TelemetryConfig.AuthUserFile)
|
|
|
|
viper.SetDefault("telemetry.certificate_file", globalConf.TelemetryConfig.CertificateFile)
|
|
|
|
viper.SetDefault("telemetry.certificate_key_file", globalConf.TelemetryConfig.CertificateKeyFile)
|
2021-02-18 19:17:16 +00:00
|
|
|
viper.SetDefault("telemetry.tls_cipher_suites", globalConf.TelemetryConfig.TLSCipherSuites)
|
2020-10-30 17:58:57 +00:00
|
|
|
}
|
2020-12-23 15:12:30 +00:00
|
|
|
|
|
|
|
func lookupBoolFromEnv(envName string) (bool, bool) {
|
|
|
|
value, ok := os.LookupEnv(envName)
|
|
|
|
if ok {
|
2021-07-27 16:43:00 +00:00
|
|
|
converted, err := strconv.ParseBool(strings.TrimSpace(value))
|
2020-12-23 15:12:30 +00:00
|
|
|
if err == nil {
|
|
|
|
return converted, ok
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return false, false
|
|
|
|
}
|
|
|
|
|
2021-04-18 10:31:06 +00:00
|
|
|
func lookupIntFromEnv(envName string) (int64, bool) {
|
2020-12-23 15:12:30 +00:00
|
|
|
value, ok := os.LookupEnv(envName)
|
|
|
|
if ok {
|
2021-07-27 16:43:00 +00:00
|
|
|
converted, err := strconv.ParseInt(strings.TrimSpace(value), 10, 64)
|
2020-12-23 15:12:30 +00:00
|
|
|
if err == nil {
|
2021-04-18 10:31:06 +00:00
|
|
|
return converted, ok
|
2020-12-23 15:12:30 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0, false
|
|
|
|
}
|
2021-02-18 19:17:16 +00:00
|
|
|
|
|
|
|
func lookupStringListFromEnv(envName string) ([]string, bool) {
|
|
|
|
value, ok := os.LookupEnv(envName)
|
|
|
|
if ok {
|
|
|
|
var result []string
|
|
|
|
for _, v := range strings.Split(value, ",") {
|
2021-07-11 13:26:51 +00:00
|
|
|
val := strings.TrimSpace(v)
|
|
|
|
if val != "" {
|
|
|
|
result = append(result, val)
|
|
|
|
}
|
2021-02-18 19:17:16 +00:00
|
|
|
}
|
|
|
|
return result, true
|
|
|
|
}
|
|
|
|
return nil, false
|
|
|
|
}
|