trifid/trifid-api/src/config.rs

// trifid-api, an open source reimplementation of the Defined Networking nebula management server.
//     Copyright (C) 2023 c0repwn3r
//
//     This program is free software: you can redistribute it and/or modify
//     it under the terms of the GNU General Public License as published by
//     the Free Software Foundation, either version 3 of the License, or
//     (at your option) any later version.
//
//     This program is distributed in the hope that it will be useful,
//     but WITHOUT ANY WARRANTY; without even the implied warranty of
//     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//     GNU General Public License for more details.
//
//     You should have received a copy of the GNU General Public License
//     along with this program.  If not, see <https://www.gnu.org/licenses/>.

use log::error;
use once_cell::sync::Lazy;
use serde::{Deserialize, Serialize};
use std::fs;
use std::net::{Ipv4Addr, SocketAddr, SocketAddrV4};

pub static CONFIG: Lazy<TrifidConfig> = Lazy::new(|| {
    let config_str = match fs::read_to_string("/etc/trifid/config.toml") {
        Ok(str) => str,
        Err(e) => {
            error!("Unable to read config file: {}", e);
            std::process::exit(1);
        }
    };

    match toml::from_str(&config_str) {
        Ok(cfg) => cfg,
        Err(e) => {
            error!("Unable to parse config file: {}", e);
            std::process::exit(1);
        }
    }
});

#[derive(Serialize, Debug, Deserialize)]
pub struct TrifidConfig {
    pub database: TrifidConfigDatabase,
    pub server: TrifidConfigServer,
    pub tokens: TrifidConfigTokens,
    pub crypto: TrifidConfigCryptography,
}

#[derive(Serialize, Deserialize, Debug)]
pub struct TrifidConfigDatabase {
    pub url: String,
    #[serde(default = "max_connections_default")]
    pub max_connections: u32,
    #[serde(default = "min_connections_default")]
    pub min_connections: u32,
    #[serde(default = "time_defaults")]
    pub connect_timeout: u64,
    #[serde(default = "time_defaults")]
    pub acquire_timeout: u64,
    #[serde(default = "time_defaults")]
    pub idle_timeout: u64,
    #[serde(default = "time_defaults")]
    pub max_lifetime: u64,
    #[serde(default = "sqlx_logging_default")]
    pub sqlx_logging: bool,
}

#[derive(Serialize, Deserialize, Debug)]
pub struct TrifidConfigServer {
    #[serde(default = "socketaddr_8080")]
    pub bind: SocketAddr,
}

#[derive(Serialize, Deserialize, Debug)]
pub struct TrifidConfigTokens {
    #[serde(default = "magic_link_expiry_time")]
    pub magic_link_expiry_time_seconds: u64,
    #[serde(default = "session_token_expiry_time")]
    pub session_token_expiry_time_seconds: u64,
    #[serde(default = "totp_setup_timeout_time")]
    pub totp_setup_timeout_time_seconds: u64,
    #[serde(default = "mfa_tokens_expiry_time")]
    pub mfa_tokens_expiry_time_seconds: u64,
    #[serde(default = "enrollment_tokens_expiry_time")]
    pub enrollment_tokens_expiry_time: u64
}

#[derive(Serialize, Deserialize, Debug)]
pub struct TrifidConfigCryptography {
    pub data_encryption_key: String,
}

fn max_connections_default() -> u32 {
    100
}
fn min_connections_default() -> u32 {
    5
}
fn time_defaults() -> u64 {
    8
}
fn sqlx_logging_default() -> bool {
    true
}
fn socketaddr_8080() -> SocketAddr {
    SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::from([0, 0, 0, 0]), 8080))
}
fn magic_link_expiry_time() -> u64 {
    3600
} // 1 hour
fn session_token_expiry_time() -> u64 {
    15780000
} // 6 months
fn totp_setup_timeout_time() -> u64 {
    600
} // 10 minutes
fn mfa_tokens_expiry_time() -> u64 {
    600
} // 10 minutes
fn enrollment_tokens_expiry_time() -> u64 {
    600
} // 10 minutes