matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2026-01-03 17:02:28 +03:00
Code Activity
Files
65282fc9af4b32b361a9495144e4ce39aa4ba535
authentication-service/docs/config.schema.json
Quentin Gliech 65282fc9af Update the config schema
2022-10-17 12:09:33 +02:00

1693 lines
43 KiB
JSON
Raw Blame History

{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "RootConfig",
"description": "Application configuration root",
"type": "object",
"required": [
"secrets"
],
"properties": {
"clients": {
"description": "List of OAuth 2.0/OIDC clients config",
"default": [],
"type": "array",
"items": {
"$ref": "#/definitions/ClientConfig"
}
},
"csrf": {
"description": "Configuration related to Cross-Site Request Forgery protections",
"default": {
"ttl": 3600
},
"allOf": [
{
"$ref": "#/definitions/CsrfConfig"
}
]
},
"database": {
"description": "Database connection configuration",
"default": {
"connect_timeout": 30,
"idle_timeout": 600,
"max_connections": 10,
"max_lifetime": 1800,
"min_connections": 0,
"uri": "postgresql://"
},
"allOf": [
{
"$ref": "#/definitions/DatabaseConfig"
}
]
},
"email": {
"description": "Configuration related to sending emails",
"default": {
"from": "Authentication Service <root@localhost>",
"reply_to": "Authentication Service <root@localhost>",
"transport": "blackhole"
},
"allOf": [
{
"$ref": "#/definitions/EmailConfig"
}
]
},
"http": {
"description": "Configuration of the HTTP server",
"default": {
"listeners": [
{
"binds": [
{
"address": "[::]:8080"
}
],
"name": "web",
"proxy_protocol": false,
"resources": [
{
"name": "discovery"
},
{
"name": "human"
},
{
"name": "oauth"
},
{
"name": "compat"
},
{
"name": "static"
}
]
},
{
"binds": [
{
"address": "localhost:8081"
}
],
"name": "internal",
"proxy_protocol": false,
"resources": [
{
"name": "health"
}
]
}
],
"public_base": "http://[::]:8080/"
},
"allOf": [
{
"$ref": "#/definitions/HttpConfig"
}
]
},
"matrix": {
"description": "Configuration related to the homeserver",
"default": {
"homeserver": "localhost:8008"
},
"allOf": [
{
"$ref": "#/definitions/MatrixConfig"
}
]
},
"policy": {
"description": "Configuration related to the OPA policies",
"default": {
"authorization_grant_entrypoint": "authorization_grant/violation",
"client_registration_entrypoint": "client_registration/violation",
"data": null,
"register_entrypoint": "register/violation",
"wasm_module": null
},
"allOf": [
{
"$ref": "#/definitions/PolicyConfig"
}
]
},
"secrets": {
"description": "Application secrets",
"allOf": [
{
"$ref": "#/definitions/SecretsConfig"
}
]
},
"telemetry": {
"description": "Configuration related to sending monitoring data",
"default": {
"metrics": {
"exporter": "none"
},
"tracing": {
"exporter": "none",
"propagators": []
}
},
"allOf": [
{
"$ref": "#/definitions/TelemetryConfig"
}
]
},
"templates": {
"description": "Configuration related to templates",
"default": {
"builtin": true,
"path": null
},
"allOf": [
{
"$ref": "#/definitions/TemplatesConfig"
}
]
}
},
"definitions": {
"BindConfig": {
"description": "Configuration of a single listener",
"anyOf": [
{
"description": "Listen on the specified host and port",
"type": "object",
"required": [
"port"
],
"properties": {
"host": {
"description": "Host on which to listen.\n\nDefaults to listening on all addresses",
"type": "string"
},
"port": {
"description": "Port on which to listen.",
"type": "integer",
"format": "uint16",
"minimum": 0.0
}
}
},
{
"description": "Listen on the specified address",
"type": "object",
"required": [
"address"
],
"properties": {
"address": {
"description": "Host and port on which to listen",
"examples": [
"[::1]:8080",
"[::]:8080",
"127.0.0.1:8080",
"0.0.0.0:8080"
],
"type": "string"
}
}
},
{
"description": "Listen on a UNIX domain socket",
"type": "object",
"required": [
"socket"
],
"properties": {
"socket": {
"description": "Path to the socket",
"type": "string"
}
}
},
{
"description": "Accept connections on file descriptors passed by the parent process.\n\nThis is useful for grabbing sockets passed by systemd.\n\nSee <https://www.freedesktop.org/software/systemd/man/sd_listen_fds.html>",
"type": "object",
"properties": {
"fd": {
"description": "Index of the file descriptor. Note that this is offseted by 3 because of the standard input/output sockets, so setting here a value of `0` will grab the file descriptor `3`",
"default": 0,
"type": "integer",
"format": "uint",
"minimum": 0.0
},
"kind": {
"description": "Whether the socket is a TCP socket or a UNIX domain socket. Defaults to TCP.",
"default": "tcp",
"allOf": [
{
"$ref": "#/definitions/UnixOrTcp"
}
]
}
}
}
]
},
"ClientConfig": {
"description": "An OAuth 2.0 client configuration",
"type": "object",
"oneOf": [
{
"description": "`none`: No authentication",
"type": "object",
"required": [
"client_auth_method"
],
"properties": {
"client_auth_method": {
"type": "string",
"enum": [
"none"
]
}
}
},
{
"description": "`client_secret_basic`: `client_id` and `client_secret` used as basic authorization credentials",
"type": "object",
"required": [
"client_auth_method",
"client_secret"
],
"properties": {
"client_auth_method": {
"type": "string",
"enum": [
"client_secret_basic"
]
},
"client_secret": {
"description": "The client secret",
"type": "string"
}
}
},
{
"description": "`client_secret_post`: `client_id` and `client_secret` sent in the request body",
"type": "object",
"required": [
"client_auth_method",
"client_secret"
],
"properties": {
"client_auth_method": {
"type": "string",
"enum": [
"client_secret_post"
]
},
"client_secret": {
"description": "The client secret",
"type": "string"
}
}
},
{
"description": "`client_secret_basic`: a `client_assertion` sent in the request body and signed using the `client_secret`",
"type": "object",
"required": [
"client_auth_method",
"client_secret"
],
"properties": {
"client_auth_method": {
"type": "string",
"enum": [
"client_secret_jwt"
]
},
"client_secret": {
"description": "The client secret",
"type": "string"
}
}
},
{
"description": "`client_secret_basic`: a `client_assertion` sent in the request body and signed by an asymetric key",
"type": "object",
"oneOf": [
{
"type": "object",
"required": [
"jwks"
],
"properties": {
"jwks": {
"$ref": "#/definitions/JsonWebKeySet_for_JsonWebKeyPublicParameters"
}
},
"additionalProperties": false
},
{
"type": "object",
"required": [
"jwks_uri"
],
"properties": {
"jwks_uri": {
"type": "string",
"format": "uri"
}
},
"additionalProperties": false
}
],
"required": [
"client_auth_method"
],
"properties": {
"client_auth_method": {
"type": "string",
"enum": [
"private_key_jwt"
]
}
}
}
],
"required": [
"client_id"
],
"properties": {
"client_id": {
"description": "The client ID",
"type": "string"
},
"redirect_uris": {
"description": "List of allowed redirect URIs",
"default": [],
"type": "array",
"items": {
"type": "string",
"format": "uri"
}
}
}
},
"CsrfConfig": {
"description": "Configuration related to Cross-Site Request Forgery protections",
"type": "object",
"properties": {
"ttl": {
"description": "Time-to-live of a CSRF token in seconds",
"default": 3600,
"type": "integer",
"format": "uint64",
"maximum": 86400.0,
"minimum": 60.0
}
}
},
"DatabaseConfig": {
"description": "Database connection configuration",
"type": "object",
"anyOf": [
{
"type": "object",
"properties": {
"uri": {
"description": "Connection URI",
"default": "postgresql://",
"type": "string",
"format": "uri"
}
}
},
{
"type": "object",
"properties": {
"database": {
"description": "The database name",
"default": null,
"type": "string"
},
"host": {
"description": "Name of host to connect to",
"default": null,
"type": "string",
"format": "hostname"
},
"password": {
"description": "Password to be used if the server demands password authentication",
"default": null,
"type": "string"
},
"port": {
"description": "Port number to connect at the server host",
"default": null,
"type": "integer",
"maximum": 65535.0,
"minimum": 1.0
},
"socket": {
"description": "Directory containing the UNIX socket to connect to",
"default": null,
"type": "string"
},
"username": {
"description": "PostgreSQL user name to connect as",
"default": null,
"type": "string"
}
}
}
],
"properties": {
"connect_timeout": {
"description": "Set the amount of time to attempt connecting to the database",
"default": 30,
"type": "integer",
"format": "uint64",
"minimum": 0.0
},
"idle_timeout": {
"description": "Set a maximum idle duration for individual connections",
"default": 600,
"type": "integer",
"format": "uint64",
"minimum": 0.0
},
"max_connections": {
"description": "Set the maximum number of connections the pool should maintain",
"default": 10,
"type": "integer",
"format": "uint32",
"minimum": 1.0
},
"max_lifetime": {
"description": "Set the maximum lifetime of individual connections",
"default": 1800,
"type": "integer",
"format": "uint64",
"minimum": 0.0
},
"min_connections": {
"description": "Set the minimum number of connections the pool should maintain",
"default": 0,
"type": "integer",
"format": "uint32",
"minimum": 0.0
}
}
},
"EmailConfig": {
"description": "Configuration related to sending emails",
"type": "object",
"oneOf": [
{
"description": "Don't send emails anywhere",
"type": "object",
"required": [
"transport"
],
"properties": {
"transport": {
"type": "string",
"enum": [
"blackhole"
]
}
}
},
{
"description": "Send emails via an SMTP relay",
"type": "object",
"required": [
"hostname",
"mode",
"transport"
],
"properties": {
"hostname": {
"description": "Hostname to connect to",
"type": "string",
"format": "hostname"
},
"mode": {
"description": "Connection mode to the relay",
"allOf": [
{
"$ref": "#/definitions/EmailSmtpMode"
}
]
},
"password": {
"description": "Password for use to authenticate when connecting to the SMTP server",
"type": "string"
},
"port": {
"description": "Port to connect to. Default is 25 for plain, 465 for TLS and 587 for StartTLS",
"type": "integer",
"format": "uint16",
"minimum": 1.0
},
"transport": {
"type": "string",
"enum": [
"smtp"
]
},
"username": {
"description": "Username for use to authenticate when connecting to the SMTP server",
"type": "string"
}
}
},
{
"description": "Send emails by calling sendmail",
"type": "object",
"required": [
"transport"
],
"properties": {
"command": {
"description": "Command to execute",
"default": "sendmail",
"type": "string"
},
"transport": {
"type": "string",
"enum": [
"sendmail"
]
}
}
},
{
"description": "Send emails via the AWS SESv2 API",
"type": "object",
"required": [
"transport"
],
"properties": {
"transport": {
"type": "string",
"enum": [
"aws_ses"
]
}
}
}
],
"properties": {
"from": {
"description": "Email address to use as From when sending emails",
"default": "Authentication Service <root@localhost>",
"type": "string",
"format": "email"
},
"reply_to": {
"description": "Email address to use as Reply-To when sending emails",
"default": "Authentication Service <root@localhost>",
"type": "string",
"format": "email"
}
}
},
"EmailSmtpMode": {
"description": "Encryption mode to use",
"oneOf": [
{
"description": "Plain text",
"type": "string",
"enum": [
"plain"
]
},
{
"description": "StartTLS (starts as plain text then upgrade to TLS)",
"type": "string",
"enum": [
"starttls"
]
},
{
"description": "TLS",
"type": "string",
"enum": [
"tls"
]
}
]
},
"HttpConfig": {
"description": "Configuration related to the web server",
"type": "object",
"required": [
"public_base"
],
"properties": {
"listeners": {
"description": "List of listeners to run",
"default": [],
"type": "array",
"items": {
"$ref": "#/definitions/ListenerConfig"
}
},
"public_base": {
"description": "Public URL base from where the authentication service is reachable",
"type": "string",
"format": "uri"
}
}
},
"JsonWebKeyEcEllipticCurve": {
"description": "JSON Web Key EC Elliptic Curve\n\nSource: <https://www.iana.org/assignments/jose/web-key-elliptic-curve.csv>",
"oneOf": [
{
"description": "P-256 Curve",
"type": "string",
"enum": [
"P-256"
]
},
{
"description": "P-384 Curve",
"type": "string",
"enum": [
"P-384"
]
},
{
"description": "P-521 Curve",
"type": "string",
"enum": [
"P-521"
]
},
{
"description": "SECG secp256k1 curve",
"type": "string",
"enum": [
"secp256k1"
]
}
]
},
"JsonWebKeyOkpEllipticCurve": {
"description": "JSON Web Key OKP Elliptic Curve\n\nSource: <https://www.iana.org/assignments/jose/web-key-elliptic-curve.csv>",
"oneOf": [
{
"description": "Ed25519 signature algorithm key pairs",
"type": "string",
"enum": [
"Ed25519"
]
},
{
"description": "Ed448 signature algorithm key pairs",
"type": "string",
"enum": [
"Ed448"
]
},
{
"description": "X25519 function key pairs",
"type": "string",
"enum": [
"X25519"
]
},
{
"description": "X448 function key pairs",
"type": "string",
"enum": [
"X448"
]
}
]
},
"JsonWebKeyOperation": {
"description": "JSON Web Key Operation\n\nSource: <https://www.iana.org/assignments/jose/web-key-operations.csv>",
"oneOf": [
{
"description": "Compute digital signature or MAC",
"type": "string",
"enum": [
"sign"
]
},
{
"description": "Verify digital signature or MAC",
"type": "string",
"enum": [
"verify"
]
},
{
"description": "Encrypt content",
"type": "string",
"enum": [
"encrypt"
]
},
{
"description": "Decrypt content and validate decryption, if applicable",
"type": "string",
"enum": [
"decrypt"
]
},
{
"description": "Encrypt key",
"type": "string",
"enum": [
"wrapKey"
]
},
{
"description": "Decrypt key and validate decryption, if applicable",
"type": "string",
"enum": [
"unwrapKey"
]
},
{
"description": "Derive key",
"type": "string",
"enum": [
"deriveKey"
]
},
{
"description": "Derive bits not to be used as a key",
"type": "string",
"enum": [
"deriveBits"
]
}
]
},
"JsonWebKeySet_for_JsonWebKeyPublicParameters": {
"type": "object",
"required": [
"keys"
],
"properties": {
"keys": {
"type": "array",
"items": {
"$ref": "#/definitions/JsonWebKey_for_JsonWebKeyPublicParameters"
}
}
}
},
"JsonWebKeyUse": {
"description": "JSON Web Key Use\n\nSource: <https://www.iana.org/assignments/jose/web-key-use.csv>",
"oneOf": [
{
"description": "Digital Signature or MAC",
"type": "string",
"enum": [
"sig"
]
},
{
"description": "Encryption",
"type": "string",
"enum": [
"enc"
]
}
]
},
"JsonWebKey_for_JsonWebKeyPublicParameters": {
"type": "object",
"oneOf": [
{
"type": "object",
"required": [
"e",
"kty",
"n"
],
"properties": {
"e": {
"type": "string"
},
"kty": {
"type": "string",
"enum": [
"RSA"
]
},
"n": {
"type": "string"
}
}
},
{
"type": "object",
"required": [
"crv",
"kty",
"x",
"y"
],
"properties": {
"crv": {
"$ref": "#/definitions/JsonWebKeyEcEllipticCurve"
},
"kty": {
"type": "string",
"enum": [
"EC"
]
},
"x": {
"type": "string"
},
"y": {
"type": "string"
}
}
},
{
"type": "object",
"required": [
"crv",
"kty",
"x"
],
"properties": {
"crv": {
"$ref": "#/definitions/JsonWebKeyOkpEllipticCurve"
},
"kty": {
"type": "string",
"enum": [
"OKP"
]
},
"x": {
"type": "string"
}
}
}
],
"properties": {
"alg": {
"$ref": "#/definitions/JsonWebSignatureAlg"
},
"key_ops": {
"type": "array",
"items": {
"$ref": "#/definitions/JsonWebKeyOperation"
}
},
"kid": {
"type": "string"
},
"use": {
"$ref": "#/definitions/JsonWebKeyUse"
},
"x5c": {
"type": "array",
"items": {
"type": "string"
}
},
"x5t": {
"type": "string"
},
"x5t#S256": {
"type": "string"
},
"x5u": {
"type": "string"
}
}
},
"JsonWebSignatureAlg": {
"description": "JSON Web Signature \"alg\" parameter\n\nSource: <https://www.iana.org/assignments/jose/web-signature-encryption-algorithms.csv>",
"oneOf": [
{
"description": "HMAC using SHA-256",
"type": "string",
"enum": [
"HS256"
]
},
{
"description": "HMAC using SHA-384",
"type": "string",
"enum": [
"HS384"
]
},
{
"description": "HMAC using SHA-512",
"type": "string",
"enum": [
"HS512"
]
},
{
"description": "RSASSA-PKCS1-v1_5 using SHA-256",
"type": "string",
"enum": [
"RS256"
]
},
{
"description": "RSASSA-PKCS1-v1_5 using SHA-384",
"type": "string",
"enum": [
"RS384"
]
},
{
"description": "RSASSA-PKCS1-v1_5 using SHA-512",
"type": "string",
"enum": [
"RS512"
]
},
{
"description": "ECDSA using P-256 and SHA-256",
"type": "string",
"enum": [
"ES256"
]
},
{
"description": "ECDSA using P-384 and SHA-384",
"type": "string",
"enum": [
"ES384"
]
},
{
"description": "ECDSA using P-521 and SHA-512",
"type": "string",
"enum": [
"ES512"
]
},
{
"description": "RSASSA-PSS using SHA-256 and MGF1 with SHA-256",
"type": "string",
"enum": [
"PS256"
]
},
{
"description": "RSASSA-PSS using SHA-384 and MGF1 with SHA-384",
"type": "string",
"enum": [
"PS384"
]
},
{
"description": "RSASSA-PSS using SHA-512 and MGF1 with SHA-512",
"type": "string",
"enum": [
"PS512"
]
},
{
"description": "No digital signature or MAC performed",
"type": "string",
"enum": [
"none"
]
},
{
"description": "EdDSA signature algorithms",
"type": "string",
"enum": [
"EdDSA"
]
},
{
"description": "ECDSA using secp256k1 curve and SHA-256",
"type": "string",
"enum": [
"ES256K"
]
}
]
},
"KeyConfig": {
"type": "object",
"oneOf": [
{
"type": "object",
"required": [
"password"
],
"properties": {
"password": {
"type": "string"
}
},
"additionalProperties": false
},
{
"type": "object",
"required": [
"password_file"
],
"properties": {
"password_file": {
"type": "string"
}
},
"additionalProperties": false
}
],
"required": [
"kid"
],
"properties": {
"kid": {
"type": "string"
}
}
},
"ListenerConfig": {
"description": "Configuration of a listener",
"type": "object",
"required": [
"binds",
"resources"
],
"properties": {
"binds": {
"description": "List of sockets to bind",
"type": "array",
"items": {
"$ref": "#/definitions/BindConfig"
}
},
"name": {
"description": "A unique name for this listener which will be shown in traces and in metrics labels",
"type": "string"
},
"proxy_protocol": {
"description": "Accept HAProxy's Proxy Protocol V1",
"default": false,
"type": "boolean"
},
"resources": {
"description": "List of resources to mount",
"type": "array",
"items": {
"$ref": "#/definitions/Resource"
}
},
"tls": {
"description": "If set, makes the listener use TLS with the provided certificate and key",
"allOf": [
{
"$ref": "#/definitions/TlsConfig"
}
]
}
}
},
"MatrixConfig": {
"description": "Configuration related to the Matrix homeserver",
"type": "object",
"properties": {
"homeserver": {
"description": "Time-to-live of a CSRF token in seconds",
"default": "localhost:8008",
"type": "string"
}
}
},
"MetricsConfig": {
"description": "Configuration related to exporting metrics",
"type": "object",
"oneOf": [
{
"description": "Don't export metrics",
"type": "object",
"required": [
"exporter"
],
"properties": {
"exporter": {
"type": "string",
"enum": [
"none"
]
}
}
},
{
"description": "Export metrics to stdout. Only useful for debugging",
"type": "object",
"required": [
"exporter"
],
"properties": {
"exporter": {
"type": "string",
"enum": [
"stdout"
]
}
}
},
{
"description": "Export metrics to an OpenTelemetry protocol compatible endpoint",
"type": "object",
"required": [
"exporter"
],
"properties": {
"endpoint": {
"description": "OTLP compatible endpoint",
"examples": [
"https://localhost:4317"
],
"type": "string",
"format": "uri"
},
"exporter": {
"type": "string",
"enum": [
"otlp"
]
}
}
},
{
"description": "Export metrics via Prometheus. An HTTP listener with the `prometheus` resource must be setup to expose the Promethes metrics.",
"type": "object",
"required": [
"exporter"
],
"properties": {
"exporter": {
"type": "string",
"enum": [
"prometheus"
]
}
}
}
]
},
"PolicyConfig": {
"description": "Application secrets",
"type": "object",
"properties": {
"authorization_grant_entrypoint": {
"description": "Entrypoint to use when evaluating authorization grants",
"default": "authorization_grant/violation",
"type": "string"
},
"client_registration_entrypoint": {
"description": "Entrypoint to use when evaluating client registrations",
"default": "client_registration/violation",
"type": "string"
},
"data": {
"description": "Arbitrary data to pass to the policy",
"default": null
},
"register_entrypoint": {
"description": "Entrypoint to use when evaluating user registrations",
"default": "register/violation",
"type": "string"
},
"wasm_module": {
"description": "Path to the WASM module",
"default": null,
"type": "string"
}
}
},
"Propagator": {
"description": "Propagation format for incoming and outgoing requests",
"oneOf": [
{
"description": "Propagate according to the W3C Trace Context specification",
"type": "string",
"enum": [
"tracecontext"
]
},
{
"description": "Propagate according to the W3C Baggage specification",
"type": "string",
"enum": [
"baggage"
]
},
{
"description": "Propagate trace context with Jaeger compatible headers",
"type": "string",
"enum": [
"jaeger"
]
},
{
"description": "Propagate trace context with Zipkin compatible headers (single `b3` header variant)",
"type": "string",
"enum": [
"b3"
]
},
{
"description": "Propagate trace context with Zipkin compatible headers (multiple `x-b3-*` headers variant)",
"type": "string",
"enum": [
"b3multi"
]
}
]
},
"Resource": {
"description": "HTTP resources to mount",
"oneOf": [
{
"description": "Healthcheck endpoint (/health)",
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"enum": [
"health"
]
}
}
},
{
"description": "Prometheus metrics endpoint (/metrics)",
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"enum": [
"prometheus"
]
}
}
},
{
"description": "OIDC discovery endpoints",
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"enum": [
"discovery"
]
}
}
},
{
"description": "Pages destined to be viewed by humans",
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"enum": [
"human"
]
}
}
},
{
"description": "OAuth-related APIs",
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"enum": [
"oauth"
]
}
}
},
{
"description": "Matrix compatibility API",
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"enum": [
"compat"
]
}
}
},
{
"description": "Static files",
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"enum": [
"static"
]
},
"web_root": {
"description": "Path from which to serve static files. If not specified, it will serve the static files embedded in the server binary",
"type": "string"
}
}
},
{
"description": "Mount a \"/connection-info\" handler which helps debugging informations on the upstream connection",
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"enum": [
"connection-info"
]
}
}
}
]
},
"SecretsConfig": {
"description": "Application secrets",
"type": "object",
"required": [
"encryption"
],
"properties": {
"encryption": {
"description": "Encryption key for secure cookies",
"examples": [
"0000111122223333444455556666777788889999aaaabbbbccccddddeeeeffff"
],
"type": "string",
"pattern": "[0-9a-fA-F]{64}"
},
"keys": {
"description": "List of private keys to use for signing and encrypting payloads",
"default": [],
"type": "array",
"items": {
"$ref": "#/definitions/KeyConfig"
}
}
}
},
"TelemetryConfig": {
"description": "Configuration related to sending monitoring data",
"type": "object",
"properties": {
"metrics": {
"description": "Configuration related to exporting metrics",
"default": {
"exporter": "none"
},
"allOf": [
{
"$ref": "#/definitions/MetricsConfig"
}
]
},
"tracing": {
"description": "Configuration related to exporting traces",
"default": {
"exporter": "none",
"propagators": []
},
"allOf": [
{
"$ref": "#/definitions/TracingConfig"
}
]
}
}
},
"TemplatesConfig": {
"description": "Configuration related to templates",
"type": "object",
"properties": {
"builtin": {
"description": "Load the templates embedded in the binary",
"default": true,
"type": "boolean"
},
"path": {
"description": "Path to the folder that holds the custom templates",
"default": null,
"type": "string"
}
}
},
"TlsConfig": {
"description": "Configuration related to TLS on a listener",
"type": "object",
"oneOf": [
{
"type": "object",
"required": [
"certificate"
],
"properties": {
"certificate": {
"type": "string"
}
},
"additionalProperties": false
},
{
"type": "object",
"required": [
"certificate_file"
],
"properties": {
"certificate_file": {
"type": "string"
}
},
"additionalProperties": false
}
]
},
"TracingConfig": {
"description": "Configuration related to exporting traces",
"type": "object",
"oneOf": [
{
"description": "Don't export traces",
"type": "object",
"required": [
"exporter"
],
"properties": {
"exporter": {
"type": "string",
"enum": [
"none"
]
}
},
"additionalProperties": false
},
{
"description": "Export traces to the standard output. Only useful for debugging",
"type": "object",
"required": [
"exporter"
],
"properties": {
"exporter": {
"type": "string",
"enum": [
"stdout"
]
}
},
"additionalProperties": false
},
{
"description": "Export traces to an OpenTelemetry protocol compatible endpoint",
"type": "object",
"required": [
"exporter"
],
"properties": {
"endpoint": {
"description": "OTLP compatible endpoint",
"examples": [
"https://localhost:4317"
],
"type": "string",
"format": "uri"
},
"exporter": {
"type": "string",
"enum": [
"otlp"
]
}
},
"additionalProperties": false
},
{
"description": "Export traces to a Jaeger agent",
"type": "object",
"oneOf": [
{
"description": "Thrift over HTTP",
"type": "object",
"required": [
"endpoint",
"protocol"
],
"properties": {
"endpoint": {
"description": "Full URL of the Jaeger HTTP endpoint\n\nDefaults to `http://localhost:14268/api/traces`",
"type": "string"
},
"password": {
"description": "Password to be used for HTTP basic authentication",
"type": "string"
},
"protocol": {
"type": "string",
"enum": [
"http/thrift.binary"
]
},
"username": {
"description": "Username to be used for HTTP basic authentication",
"type": "string"
}
}
},
{
"description": "Thrift with compact encoding over UDP",
"type": "object",
"required": [
"agent_host",
"agent_port",
"protocol"
],
"properties": {
"agent_host": {
"description": "Hostname of the Jaeger agent\n\nDefaults to `localhost`",
"type": "string"
},
"agent_port": {
"description": "`udp/thrift.compact` port of the Jaeger agent\n\nDefaults to `6831`",
"type": "integer",
"format": "uint16",
"minimum": 0.0
},
"protocol": {
"type": "string",
"enum": [
"udp/thrift.compact"
]
}
}
}
],
"required": [
"exporter"
],
"properties": {
"exporter": {
"type": "string",
"enum": [
"jaeger"
]
}
},
"additionalProperties": false
},
{
"description": "Export traces to a Zipkin collector",
"type": "object",
"required": [
"exporter"
],
"properties": {
"collector_endpoint": {
"description": "Zipkin collector endpoint",
"examples": [
"http://127.0.0.1:9411/api/v2/spans"
],
"type": "string",
"format": "uri"
},
"exporter": {
"type": "string",
"enum": [
"zipkin"
]
}
},
"additionalProperties": false
}
],
"required": [
"propagators"
],
"properties": {
"propagators": {
"description": "List of propagation formats to use for incoming and outgoing requests",
"type": "array",
"items": {
"$ref": "#/definitions/Propagator"
}
}
}
},
"UnixOrTcp": {
"description": "Kind of socket",
"oneOf": [
{
"description": "UNIX domain socket",
"type": "string",
"enum": [
"unix"
]
},
{
"description": "TCP socket",
"type": "string",
"enum": [
"tcp"
]
}
]
}
}
}
View Git Blame Copy Permalink