config.go 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292
  1. package config
  2. import (
  3. "fmt"
  4. )
  5. // Action represents the core functionality of OliveTin - commands that show up
  6. // as buttons in the UI.
  7. type Action struct {
  8. ID string `koanf:"id"`
  9. Title string `koanf:"title"`
  10. Icon string `koanf:"icon"`
  11. Shell string `koanf:"shell"`
  12. Exec []string `koanf:"exec"`
  13. ExecTool *ExecToolConfig `koanf:"execTool"`
  14. ShellAfterCompleted string `koanf:"shellAfterCompleted"`
  15. Timeout int `koanf:"timeout"`
  16. Acls []string `koanf:"acls"`
  17. Entity string `koanf:"entity"`
  18. Hidden bool `koanf:"hidden"`
  19. ExecOnStartup bool `koanf:"execOnStartup"`
  20. ExecOnCron []string `koanf:"execOnCron"`
  21. ExecOnFileCreatedInDir []string `koanf:"execOnFileCreatedInDir"`
  22. ExecOnFileChangedInDir []string `koanf:"execOnFileChangedInDir"`
  23. ExecOnCalendarFile string `koanf:"execOnCalendarFile"`
  24. ExecOnWebhook []WebhookConfig `koanf:"execOnWebhook"`
  25. Triggers []string `koanf:"triggers"`
  26. MaxConcurrent int `koanf:"maxConcurrent"`
  27. MaxRate []RateSpec `koanf:"maxRate"`
  28. Arguments []ActionArgument `koanf:"arguments"`
  29. PopupOnStart string `koanf:"popupOnStart"`
  30. SaveLogs SaveLogsConfig `koanf:"saveLogs"`
  31. EnabledExpression string `koanf:"enabledExpression"`
  32. }
  33. // ActionArgument objects appear on Actions.
  34. type ActionArgument struct {
  35. Name string `koanf:"name"`
  36. Title string `koanf:"title"`
  37. Description string `koanf:"description"`
  38. Type string `koanf:"type"`
  39. Default string `koanf:"default"`
  40. Choices []ActionArgumentChoice `koanf:"choices"`
  41. Entity string `koanf:"entity"`
  42. RejectNull bool `koanf:"rejectNull"`
  43. Suggestions map[string]string `koanf:"suggestions"`
  44. SuggestionsBrowserKey string `koanf:"suggestionsBrowserKey"`
  45. }
  46. // ActionArgumentChoice represents a predefined choice for an argument.
  47. type ActionArgumentChoice struct {
  48. Value string `koanf:"value"`
  49. Title string `koanf:"title"`
  50. }
  51. // RateSpec allows you to set a max frequency for an action.
  52. type RateSpec struct {
  53. Limit int `koanf:"limit"`
  54. Duration string `koanf:"duration"`
  55. }
  56. // WebhookConfig defines configuration for generic webhook triggers.
  57. type WebhookConfig struct {
  58. Secret string `koanf:"secret"` // Optional: secret for signature verification
  59. AuthType string `koanf:"authType"` // Optional: "hmac-sha256", "hmac-sha1", "bearer", "basic", "none"
  60. AuthHeader string `koanf:"authHeader"` // Optional: custom header name for auth (default: "X-Webhook-Signature")
  61. MatchHeaders map[string]string `koanf:"matchHeaders"` // Match HTTP headers
  62. MatchPath string `koanf:"matchPath"` // JSONPath expression to match in request body (format: "jsonpath=value" or just "jsonpath")
  63. MatchQuery map[string]string `koanf:"matchQuery"` // Match URL query parameters
  64. Extract map[string]string `koanf:"extract"` // Map action argument names to JSONPath expressions
  65. Template string `koanf:"template"` // Optional: template name (e.g., "github-push", "github-pr")
  66. }
  67. // Entity represents a "thing" that can have multiple actions associated with it.
  68. // for example, a media player with a start and stop action.
  69. type EntityFile struct {
  70. File string `koanf:"file"`
  71. Name string `koanf:"name"`
  72. Icon string `koanf:"icon"`
  73. }
  74. // PermissionsList defines what users can do with an action.
  75. type PermissionsList struct {
  76. View bool `koanf:"view"`
  77. Exec bool `koanf:"exec"`
  78. Logs bool `koanf:"logs"`
  79. Kill bool `koanf:"kill"`
  80. }
  81. // AccessControlList defines what permissions apply to a user or user group.
  82. type AccessControlList struct {
  83. Name string `koanf:"name"`
  84. AddToEveryAction bool `koanf:"addToEveryAction"`
  85. MatchUsergroups []string `koanf:"matchUsergroups"`
  86. MatchUsernames []string `koanf:"matchUsernames"`
  87. Permissions PermissionsList `koanf:"permissions"`
  88. Policy ConfigurationPolicy `koanf:"policy"`
  89. }
  90. // ConfigurationPolicy defines global settings which are overridden with an ACL.
  91. type ConfigurationPolicy struct {
  92. ShowDiagnostics bool `koanf:"showDiagnostics"`
  93. ShowLogList bool `koanf:"showLogList"`
  94. }
  95. type PrometheusConfig struct {
  96. Enabled bool `koanf:"enabled"`
  97. DefaultGoMetrics bool `koanf:"defaultGoMetrics"`
  98. }
  99. // Config is the global config used through the whole app.
  100. type Config struct {
  101. UseSingleHTTPFrontend bool `koanf:"useSingleHTTPFrontend"`
  102. ThemeName string `koanf:"themeName"`
  103. ThemeCacheDisabled bool `koanf:"themeCacheDisabled"`
  104. ListenAddressSingleHTTPFrontend string `koanf:"listenAddressSingleHTTPFrontend"`
  105. ListenAddressWebUI string `koanf:"listenAddressWebUI"`
  106. ListenAddressRestActions string `koanf:"listenAddressRestActions"`
  107. ListenAddressPrometheus string `koanf:"listenAddressPrometheus"`
  108. ExternalRestAddress string `koanf:"externalRestAddress"`
  109. LogLevel string `koanf:"logLevel"`
  110. LogDebugOptions LogDebugOptions `koanf:"logDebugOptions"`
  111. LogHistoryPageSize int64 `koanf:"logHistoryPageSize"`
  112. Actions []*Action `koanf:"actions"`
  113. Entities []*EntityFile `koanf:"entities"`
  114. Dashboards []*DashboardComponent `koanf:"dashboards"`
  115. CheckForUpdates bool `koanf:"checkForUpdates"`
  116. PageTitle string `koanf:"pageTitle"`
  117. ShowFooter bool `koanf:"showFooter"`
  118. ShowNavigation bool `koanf:"showNavigation"`
  119. ShowNewVersions bool `koanf:"showNewVersions"`
  120. ShowNavigateOnStartIcons bool `koanf:"showNavigateOnStartIcons"`
  121. EnableCustomJs bool `koanf:"enableCustomJs"`
  122. AuthJwtCookieName string `koanf:"authJwtCookieName"`
  123. AuthJwtHeader string `koanf:"authJwtHeader"`
  124. AuthJwtAud string `koanf:"authJwtAud"`
  125. AuthJwtDomain string `koanf:"authJwtDomain"`
  126. AuthJwtCertsURL string `koanf:"authJwtCertsUrl"`
  127. AuthJwtHmacSecret string `koanf:"authJwtHmacSecret"` // mutually exclusive with pub key config fields
  128. AuthJwtClaimUsername string `koanf:"authJwtClaimUsername"`
  129. AuthJwtClaimUserGroup string `koanf:"authJwtClaimUserGroup"`
  130. AuthJwtPubKeyPath string `koanf:"authJwtPubKeyPath"` // will read pub key from file on disk
  131. AuthHttpHeaderUsername string `koanf:"authHttpHeaderUsername"`
  132. AuthHttpHeaderUserGroup string `koanf:"authHttpHeaderUserGroup"`
  133. AuthHttpHeaderUserGroupSep string `koanf:"authHttpHeaderUserGroupSep"`
  134. AuthLocalUsers AuthLocalUsersConfig `koanf:"authLocalUsers"`
  135. AuthLoginUrl string `koanf:"authLoginUrl"`
  136. AuthRequireGuestsToLogin bool `koanf:"authRequireGuestsToLogin"`
  137. AuthOAuth2RedirectURL string `koanf:"authOAuth2RedirectUrl"`
  138. AuthOAuth2Providers map[string]*OAuth2Provider `koanf:"authOAuth2Providers"`
  139. DefaultPermissions PermissionsList `koanf:"defaultPermissions"`
  140. DefaultPolicy ConfigurationPolicy `koanf:"defaultPolicy"`
  141. AccessControlLists []*AccessControlList `koanf:"accessControlLists"`
  142. WebUIDir string `koanf:"webUIDir"`
  143. CronSupportForSeconds bool `koanf:"cronSupportForSeconds"`
  144. SectionNavigationStyle string `koanf:"sectionNavigationStyle"`
  145. DefaultPopupOnStart string `koanf:"defaultPopupOnStart"`
  146. InsecureAllowDumpOAuth2UserData bool `koanf:"insecureAllowDumpOAuth2UserData"`
  147. InsecureAllowDumpVars bool `koanf:"insecureAllowDumpVars"`
  148. InsecureAllowDumpSos bool `koanf:"insecureAllowDumpSos"`
  149. InsecureAllowDumpActionMap bool `koanf:"insecureAllowDumpActionMap"`
  150. InsecureAllowDumpJwtClaims bool `koanf:"insecureAllowDumpJwtClaims"`
  151. Prometheus PrometheusConfig `koanf:"prometheus"`
  152. SaveLogs SaveLogsConfig `koanf:"saveLogs"`
  153. DefaultIconForActions string `koanf:"defaultIconForActions"`
  154. DefaultIconForDirectories string `koanf:"defaultIconForDirectories"`
  155. DefaultIconForBack string `koanf:"defaultIconForBack"`
  156. AdditionalNavigationLinks []*NavigationLink `koanf:"additionalNavigationLinks"`
  157. ServiceHostMode string `koanf:"serviceHostMode"`
  158. StyleMods []string `koanf:"styleMods"`
  159. BannerMessage string `koanf:"bannerMessage"`
  160. BannerCSS string `koanf:"bannerCss"`
  161. Include string `koanf:"include"`
  162. sourceFiles []string
  163. }
  164. type AuthLocalUsersConfig struct {
  165. Enabled bool `koanf:"enabled"`
  166. Users []*LocalUser `koanf:"users"`
  167. }
  168. type LocalUser struct {
  169. Username string `koanf:"username"`
  170. Usergroup string `koanf:"usergroup"`
  171. Password string `koanf:"password"`
  172. }
  173. type OAuth2Provider struct {
  174. Name string `koanf:"name"`
  175. Title string `koanf:"title"`
  176. ClientID string `koanf:"clientId"`
  177. ClientSecret string `koanf:"clientSecret"`
  178. Icon string `koanf:"icon"`
  179. Scopes []string `koanf:"scopes"`
  180. AuthUrl string `koanf:"authUrl"`
  181. TokenUrl string `koanf:"tokenUrl"`
  182. WhoamiUrl string `koanf:"whoamiUrl"`
  183. UsernameField string `koanf:"usernameField"`
  184. UserGroupField string `koanf:"userGroupField"`
  185. InsecureSkipVerify bool `koanf:"insecureSkipVerify"`
  186. CallbackTimeout int `koanf:"callbackTimeout"`
  187. CertBundlePath string `koanf:"certBundlePath"`
  188. AddToUsergroup string `koanf:"addToUsergroup"`
  189. }
  190. type NavigationLink struct {
  191. Title string `koanf:"title"`
  192. Url string `koanf:"url"`
  193. Target string `koanf:"target"`
  194. }
  195. type SaveLogsConfig struct {
  196. ResultsDirectory string `koanf:"resultsDirectory"`
  197. OutputDirectory string `koanf:"outputDirectory"`
  198. }
  199. type LogDebugOptions struct {
  200. SingleFrontendRequests bool `koanf:"singleFrontendRequests"`
  201. SingleFrontendRequestHeaders bool `koanf:"singleFrontendRequestHeaders"`
  202. AclCheckStarted bool `koanf:"aclCheckStarted"`
  203. AclMatched bool `koanf:"aclMatched"`
  204. AclNotMatched bool `koanf:"aclNotMatched"`
  205. AclNoneMatched bool `koanf:"aclNoneMatched"`
  206. }
  207. type DashboardComponent struct {
  208. Title string `koanf:"title"`
  209. Type string `koanf:"type"`
  210. Entity string `koanf:"entity"`
  211. Icon string `koanf:"icon"`
  212. CssClass string `koanf:"cssClass"`
  213. InlineAction *Action `koanf:"inlineAction"`
  214. Contents []*DashboardComponent `koanf:"contents"`
  215. }
  216. type ExecToolConfig struct {
  217. Name string `koanf:"name"`
  218. Config map[string]any `koanf:"config"`
  219. }
  220. func DefaultConfig() *Config {
  221. return DefaultConfigWithBasePort(1337)
  222. }
  223. // DefaultConfig gets a new Config structure with sensible default values.
  224. func DefaultConfigWithBasePort(basePort int) *Config {
  225. config := Config{}
  226. config.UseSingleHTTPFrontend = true
  227. config.PageTitle = "OliveTin"
  228. config.ShowFooter = true
  229. config.ShowNavigation = true
  230. config.ShowNewVersions = true
  231. config.ShowNavigateOnStartIcons = true
  232. config.EnableCustomJs = false
  233. config.ExternalRestAddress = "."
  234. config.LogLevel = "INFO"
  235. config.LogHistoryPageSize = 10
  236. config.CheckForUpdates = false
  237. config.DefaultPermissions.Exec = true
  238. config.DefaultPermissions.View = true
  239. config.DefaultPermissions.Logs = true
  240. config.DefaultPermissions.Kill = true
  241. config.AuthJwtClaimUsername = "name"
  242. config.AuthJwtClaimUserGroup = "group"
  243. config.AuthRequireGuestsToLogin = false
  244. config.WebUIDir = "./webui"
  245. config.CronSupportForSeconds = false
  246. config.SectionNavigationStyle = "sidebar"
  247. config.DefaultPopupOnStart = "nothing"
  248. config.InsecureAllowDumpVars = false
  249. config.InsecureAllowDumpSos = false
  250. config.InsecureAllowDumpActionMap = false
  251. config.InsecureAllowDumpJwtClaims = false
  252. config.Prometheus.Enabled = false
  253. config.Prometheus.DefaultGoMetrics = false
  254. config.DefaultIconForActions = "😀"
  255. config.DefaultIconForDirectories = "&#128193"
  256. config.DefaultIconForBack = "«"
  257. config.ThemeCacheDisabled = false
  258. config.ServiceHostMode = ""
  259. config.ListenAddressSingleHTTPFrontend = fmt.Sprintf("0.0.0.0:%d", basePort)
  260. config.ListenAddressRestActions = fmt.Sprintf("localhost:%d", basePort+1)
  261. config.ListenAddressWebUI = fmt.Sprintf("localhost:%d", basePort+3)
  262. config.ListenAddressPrometheus = fmt.Sprintf("localhost:%d", basePort+4)
  263. config.DefaultPolicy.ShowDiagnostics = true
  264. config.DefaultPolicy.ShowLogList = true
  265. return &config
  266. }