config.go 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304
  1. package config
  2. import (
  3. "fmt"
  4. )
  5. // Action represents the core functionality of OliveTin - commands that show up
  6. // as buttons in the UI.
  7. type Action struct {
  8. ID string `koanf:"id"`
  9. Title string `koanf:"title"`
  10. Icon string `koanf:"icon"`
  11. Shell string `koanf:"shell"`
  12. Exec []string `koanf:"exec"`
  13. ShellAfterCompleted string `koanf:"shellAfterCompleted"`
  14. Timeout int `koanf:"timeout"`
  15. Acls []string `koanf:"acls"`
  16. Entity string `koanf:"entity"`
  17. Hidden bool `koanf:"hidden"`
  18. ExecOnStartup bool `koanf:"execOnStartup"`
  19. ExecOnCron []string `koanf:"execOnCron"`
  20. ExecOnFileCreatedInDir []string `koanf:"execOnFileCreatedInDir"`
  21. ExecOnFileChangedInDir []string `koanf:"execOnFileChangedInDir"`
  22. ExecOnCalendarFile string `koanf:"execOnCalendarFile"`
  23. ExecOnWebhook []WebhookConfig `koanf:"execOnWebhook"`
  24. Triggers []string `koanf:"triggers"`
  25. MaxConcurrent int `koanf:"maxConcurrent"`
  26. MaxRate []RateSpec `koanf:"maxRate"`
  27. Arguments []ActionArgument `koanf:"arguments"`
  28. PopupOnStart string `koanf:"popupOnStart"`
  29. SaveLogs SaveLogsConfig `koanf:"saveLogs"`
  30. EnabledExpression string `koanf:"enabledExpression"`
  31. }
  32. // ActionArgument objects appear on Actions.
  33. type ActionArgument struct {
  34. Name string `koanf:"name"`
  35. Title string `koanf:"title"`
  36. Description string `koanf:"description"`
  37. Type string `koanf:"type"`
  38. Default string `koanf:"default"`
  39. Choices []ActionArgumentChoice `koanf:"choices"`
  40. Entity string `koanf:"entity"`
  41. RejectNull bool `koanf:"rejectNull"`
  42. Suggestions map[string]string `koanf:"suggestions"`
  43. SuggestionsBrowserKey string `koanf:"suggestionsBrowserKey"`
  44. }
  45. // ActionArgumentChoice represents a predefined choice for an argument.
  46. type ActionArgumentChoice struct {
  47. Value string `koanf:"value"`
  48. Title string `koanf:"title"`
  49. }
  50. // RateSpec allows you to set a max frequency for an action.
  51. type RateSpec struct {
  52. Limit int `koanf:"limit"`
  53. Duration string `koanf:"duration"`
  54. }
  55. // WebhookConfig defines configuration for generic webhook triggers.
  56. type WebhookConfig struct {
  57. Secret string `koanf:"secret"` // Optional: secret for signature verification
  58. AuthType string `koanf:"authType"` // Optional: "hmac-sha256", "hmac-sha1", "bearer", "basic", "none"
  59. AuthHeader string `koanf:"authHeader"` // Optional: custom header name for auth (default: "X-Webhook-Signature")
  60. MatchHeaders map[string]string `koanf:"matchHeaders"` // Match HTTP headers
  61. MatchPath string `koanf:"matchPath"` // JSONPath expression to match in request body (format: "jsonpath=value" or just "jsonpath")
  62. MatchQuery map[string]string `koanf:"matchQuery"` // Match URL query parameters
  63. Extract map[string]string `koanf:"extract"` // Map action argument names to JSONPath expressions
  64. Template string `koanf:"template"` // Optional: template name (e.g., "github-push", "github-pr")
  65. }
  66. // Entity represents a "thing" that can have multiple actions associated with it.
  67. // for example, a media player with a start and stop action.
  68. type EntityFile struct {
  69. File string `koanf:"file"`
  70. Name string `koanf:"name"`
  71. Icon string `koanf:"icon"`
  72. }
  73. // PermissionsList defines what users can do with an action.
  74. type PermissionsList struct {
  75. View bool `koanf:"view"`
  76. Exec bool `koanf:"exec"`
  77. Logs bool `koanf:"logs"`
  78. Kill bool `koanf:"kill"`
  79. }
  80. // AccessControlList defines what permissions apply to a user or user group.
  81. type AccessControlList struct {
  82. Name string `koanf:"name"`
  83. AddToEveryAction bool `koanf:"addToEveryAction"`
  84. MatchUsergroups []string `koanf:"matchUsergroups"`
  85. MatchUsernames []string `koanf:"matchUsernames"`
  86. Permissions PermissionsList `koanf:"permissions"`
  87. Policy ConfigurationPolicy `koanf:"policy"`
  88. }
  89. // ConfigurationPolicy defines global settings which are overridden with an ACL.
  90. type ConfigurationPolicy struct {
  91. ShowDiagnostics bool `koanf:"showDiagnostics"`
  92. ShowLogList bool `koanf:"showLogList"`
  93. ShowVersionNumber bool `koanf:"showVersionNumber"`
  94. }
  95. type PrometheusConfig struct {
  96. Enabled bool `koanf:"enabled"`
  97. DefaultGoMetrics bool `koanf:"defaultGoMetrics"`
  98. }
  99. // SecurityConfig allows users to fine tune the security related HTTP headers and cookie options.
  100. type SecurityConfig struct {
  101. HeaderContentSecurityPolicy bool `koanf:"headerContentSecurityPolicy"`
  102. ContentSecurityPolicy string `koanf:"contentSecurityPolicy"`
  103. HeaderXContentTypeOptions bool `koanf:"headerXContentTypeOptions"`
  104. HeaderXFrameOptions bool `koanf:"headerXFrameOptions"`
  105. XFrameOptions string `koanf:"xFrameOptions"`
  106. ForceSecureCookies bool `koanf:"forceSecureCookies"`
  107. }
  108. // Config is the global config used through the whole app.
  109. type Config struct {
  110. UseSingleHTTPFrontend bool `koanf:"useSingleHTTPFrontend"`
  111. ThemeName string `koanf:"themeName"`
  112. ThemeCacheDisabled bool `koanf:"themeCacheDisabled"`
  113. ListenAddressSingleHTTPFrontend string `koanf:"listenAddressSingleHTTPFrontend"`
  114. ListenAddressWebUI string `koanf:"listenAddressWebUI"`
  115. ListenAddressRestActions string `koanf:"listenAddressRestActions"`
  116. ListenAddressPrometheus string `koanf:"listenAddressPrometheus"`
  117. ExternalRestAddress string `koanf:"externalRestAddress"`
  118. LogLevel string `koanf:"logLevel"`
  119. LogDebugOptions LogDebugOptions `koanf:"logDebugOptions"`
  120. LogHistoryPageSize int64 `koanf:"logHistoryPageSize"`
  121. Actions []*Action `koanf:"actions"`
  122. Entities []*EntityFile `koanf:"entities"`
  123. Dashboards []*DashboardComponent `koanf:"dashboards"`
  124. CheckForUpdates bool `koanf:"checkForUpdates"`
  125. PageTitle string `koanf:"pageTitle"`
  126. ShowFooter bool `koanf:"showFooter"`
  127. ShowNavigation bool `koanf:"showNavigation"`
  128. ShowNewVersions bool `koanf:"showNewVersions"`
  129. ShowNavigateOnStartIcons bool `koanf:"showNavigateOnStartIcons"`
  130. EnableCustomJs bool `koanf:"enableCustomJs"`
  131. AuthJwtCookieName string `koanf:"authJwtCookieName"`
  132. AuthJwtHeader string `koanf:"authJwtHeader"`
  133. AuthJwtAud string `koanf:"authJwtAud"`
  134. AuthJwtDomain string `koanf:"authJwtDomain"`
  135. AuthJwtCertsURL string `koanf:"authJwtCertsUrl"`
  136. AuthJwtHmacSecret string `koanf:"authJwtHmacSecret"` // mutually exclusive with pub key config fields
  137. AuthJwtClaimUsername string `koanf:"authJwtClaimUsername"`
  138. AuthJwtClaimUserGroup string `koanf:"authJwtClaimUserGroup"`
  139. AuthJwtPubKeyPath string `koanf:"authJwtPubKeyPath"` // will read pub key from file on disk
  140. AuthHttpHeaderUsername string `koanf:"authHttpHeaderUsername"`
  141. AuthHttpHeaderUserGroup string `koanf:"authHttpHeaderUserGroup"`
  142. AuthHttpHeaderUserGroupSep string `koanf:"authHttpHeaderUserGroupSep"`
  143. AuthLocalUsers AuthLocalUsersConfig `koanf:"authLocalUsers"`
  144. AuthLoginUrl string `koanf:"authLoginUrl"`
  145. AuthRequireGuestsToLogin bool `koanf:"authRequireGuestsToLogin"`
  146. AuthOAuth2RedirectURL string `koanf:"authOAuth2RedirectUrl"`
  147. AuthOAuth2Providers map[string]*OAuth2Provider `koanf:"authOAuth2Providers"`
  148. DefaultPermissions PermissionsList `koanf:"defaultPermissions"`
  149. DefaultPolicy ConfigurationPolicy `koanf:"defaultPolicy"`
  150. AccessControlLists []*AccessControlList `koanf:"accessControlLists"`
  151. WebUIDir string `koanf:"webUIDir"`
  152. CronSupportForSeconds bool `koanf:"cronSupportForSeconds"`
  153. SectionNavigationStyle string `koanf:"sectionNavigationStyle"`
  154. DefaultPopupOnStart string `koanf:"defaultPopupOnStart"`
  155. InsecureAllowDumpOAuth2UserData bool `koanf:"insecureAllowDumpOAuth2UserData"`
  156. InsecureAllowDumpVars bool `koanf:"insecureAllowDumpVars"`
  157. InsecureAllowDumpSos bool `koanf:"insecureAllowDumpSos"`
  158. InsecureAllowDumpActionMap bool `koanf:"insecureAllowDumpActionMap"`
  159. InsecureAllowDumpJwtClaims bool `koanf:"insecureAllowDumpJwtClaims"`
  160. Prometheus PrometheusConfig `koanf:"prometheus"`
  161. Security SecurityConfig `koanf:"security"`
  162. SaveLogs SaveLogsConfig `koanf:"saveLogs"`
  163. DefaultIconForActions string `koanf:"defaultIconForActions"`
  164. DefaultIconForDirectories string `koanf:"defaultIconForDirectories"`
  165. DefaultIconForBack string `koanf:"defaultIconForBack"`
  166. AdditionalNavigationLinks []*NavigationLink `koanf:"additionalNavigationLinks"`
  167. ServiceHostMode string `koanf:"serviceHostMode"`
  168. StyleMods []string `koanf:"styleMods"`
  169. BannerMessage string `koanf:"bannerMessage"`
  170. BannerCSS string `koanf:"bannerCss"`
  171. Include string `koanf:"include"`
  172. sourceFiles []string
  173. }
  174. type AuthLocalUsersConfig struct {
  175. Enabled bool `koanf:"enabled"`
  176. Users []*LocalUser `koanf:"users"`
  177. }
  178. type LocalUser struct {
  179. Username string `koanf:"username"`
  180. Usergroup string `koanf:"usergroup"`
  181. Password string `koanf:"password"`
  182. }
  183. type OAuth2Provider struct {
  184. Name string `koanf:"name"`
  185. Title string `koanf:"title"`
  186. ClientID string `koanf:"clientId"`
  187. ClientSecret string `koanf:"clientSecret"`
  188. Icon string `koanf:"icon"`
  189. Scopes []string `koanf:"scopes"`
  190. AuthUrl string `koanf:"authUrl"`
  191. TokenUrl string `koanf:"tokenUrl"`
  192. WhoamiUrl string `koanf:"whoamiUrl"`
  193. UsernameField string `koanf:"usernameField"`
  194. UserGroupField string `koanf:"userGroupField"`
  195. InsecureSkipVerify bool `koanf:"insecureSkipVerify"`
  196. CallbackTimeout int `koanf:"callbackTimeout"`
  197. CertBundlePath string `koanf:"certBundlePath"`
  198. AddToUsergroup string `koanf:"addToUsergroup"`
  199. }
  200. type NavigationLink struct {
  201. Title string `koanf:"title"`
  202. Url string `koanf:"url"`
  203. Target string `koanf:"target"`
  204. }
  205. type SaveLogsConfig struct {
  206. ResultsDirectory string `koanf:"resultsDirectory"`
  207. OutputDirectory string `koanf:"outputDirectory"`
  208. }
  209. type LogDebugOptions struct {
  210. SingleFrontendRequests bool `koanf:"singleFrontendRequests"`
  211. SingleFrontendRequestHeaders bool `koanf:"singleFrontendRequestHeaders"`
  212. AclCheckStarted bool `koanf:"aclCheckStarted"`
  213. AclMatched bool `koanf:"aclMatched"`
  214. AclNotMatched bool `koanf:"aclNotMatched"`
  215. AclNoneMatched bool `koanf:"aclNoneMatched"`
  216. }
  217. type DashboardComponent struct {
  218. Title string `koanf:"title"`
  219. Type string `koanf:"type"`
  220. Entity string `koanf:"entity"`
  221. Icon string `koanf:"icon"`
  222. CssClass string `koanf:"cssClass"`
  223. InlineAction *Action `koanf:"inlineAction"`
  224. Contents []*DashboardComponent `koanf:"contents"`
  225. }
  226. func DefaultConfig() *Config {
  227. return DefaultConfigWithBasePort(1337)
  228. }
  229. // DefaultConfig gets a new Config structure with sensible default values.
  230. func DefaultConfigWithBasePort(basePort int) *Config {
  231. config := Config{}
  232. config.UseSingleHTTPFrontend = true
  233. config.PageTitle = "OliveTin"
  234. config.ShowFooter = true
  235. config.ShowNavigation = true
  236. config.ShowNewVersions = true
  237. config.ShowNavigateOnStartIcons = true
  238. config.EnableCustomJs = false
  239. config.ExternalRestAddress = "."
  240. config.LogLevel = "INFO"
  241. config.LogHistoryPageSize = 10
  242. config.CheckForUpdates = false
  243. config.DefaultPermissions.Exec = true
  244. config.DefaultPermissions.View = true
  245. config.DefaultPermissions.Logs = true
  246. config.DefaultPermissions.Kill = true
  247. config.AuthJwtClaimUsername = "name"
  248. config.AuthJwtClaimUserGroup = "group"
  249. config.AuthRequireGuestsToLogin = false
  250. config.WebUIDir = "./webui"
  251. config.CronSupportForSeconds = false
  252. config.SectionNavigationStyle = "sidebar"
  253. config.DefaultPopupOnStart = "nothing"
  254. config.InsecureAllowDumpVars = false
  255. config.InsecureAllowDumpSos = false
  256. config.InsecureAllowDumpActionMap = false
  257. config.InsecureAllowDumpJwtClaims = false
  258. config.Prometheus.Enabled = false
  259. config.Prometheus.DefaultGoMetrics = false
  260. config.Security.HeaderContentSecurityPolicy = true
  261. config.Security.ContentSecurityPolicy = ContentSecurityPolicyDefault
  262. config.Security.HeaderXContentTypeOptions = true
  263. config.Security.HeaderXFrameOptions = true
  264. config.Security.XFrameOptions = "DENY"
  265. config.DefaultIconForActions = "😀"
  266. config.DefaultIconForDirectories = "&#128193"
  267. config.DefaultIconForBack = "«"
  268. config.ThemeCacheDisabled = false
  269. config.ServiceHostMode = ""
  270. config.ListenAddressSingleHTTPFrontend = fmt.Sprintf("0.0.0.0:%d", basePort)
  271. config.ListenAddressRestActions = fmt.Sprintf("localhost:%d", basePort+1)
  272. config.ListenAddressWebUI = fmt.Sprintf("localhost:%d", basePort+3)
  273. config.ListenAddressPrometheus = fmt.Sprintf("localhost:%d", basePort+4)
  274. config.DefaultPolicy.ShowDiagnostics = true
  275. config.DefaultPolicy.ShowLogList = true
  276. config.DefaultPolicy.ShowVersionNumber = true
  277. return &config
  278. }