mirror of
https://github.com/status-im/consul.git
synced 2025-01-11 14:24:39 +00:00
9b01f9423c
Right now this is only hooked into the insecure RPC server and requires JWT authorization. If no JWT authorizer is setup in the configuration then we inject a disabled “authorizer” to always report that JWT authorization is disabled.
70 lines
1.5 KiB
Protocol Buffer
70 lines
1.5 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package config;
|
|
|
|
option go_package = "github.com/hashicorp/consul/agent/agentpb/config";
|
|
|
|
message Config {
|
|
string Datacenter = 1;
|
|
string PrimaryDatacenter = 2;
|
|
string NodeName = 3;
|
|
string SegmentName = 4;
|
|
ACL ACL = 5;
|
|
AutoEncrypt AutoEncrypt = 6;
|
|
Gossip Gossip = 7;
|
|
TLS TLS = 8;
|
|
}
|
|
|
|
message Gossip {
|
|
GossipEncryption Encryption = 1;
|
|
repeated string RetryJoinLAN = 2;
|
|
}
|
|
|
|
message GossipEncryption {
|
|
string Key = 1;
|
|
bool VerifyIncoming = 2;
|
|
bool VerifyOutgoing = 3;
|
|
}
|
|
|
|
message TLS {
|
|
bool VerifyOutgoing = 1;
|
|
bool VerifyServerHostname = 2;
|
|
string CipherSuites = 3;
|
|
string MinVersion = 4;
|
|
bool PreferServerCipherSuites = 5;
|
|
}
|
|
|
|
message ACL {
|
|
bool Enabled = 1;
|
|
string PolicyTTL = 2;
|
|
string RoleTTL = 3;
|
|
string TokenTTL = 4;
|
|
string DownPolicy = 5;
|
|
string DefaultPolicy = 6;
|
|
bool EnableKeyListPolicy = 7;
|
|
ACLTokens Tokens = 8;
|
|
string DisabledTTL = 9;
|
|
bool EnableTokenPersistence = 10;
|
|
bool MSPDisableBootstrap = 11;
|
|
}
|
|
|
|
message ACLTokens {
|
|
string Master = 1;
|
|
string Replication = 2;
|
|
string AgentMaster = 3;
|
|
string Default = 4;
|
|
string Agent = 5;
|
|
repeated ACLServiceProviderToken ManagedServiceProvider = 6;
|
|
}
|
|
|
|
message ACLServiceProviderToken {
|
|
string AccessorID = 1;
|
|
string SecretID = 2;
|
|
}
|
|
|
|
message AutoEncrypt {
|
|
bool TLS = 1;
|
|
repeated string DNSSAN = 2;
|
|
repeated string IPSAN = 3;
|
|
bool AllowTLS = 4;
|
|
} |