Class: Uninterruptible::Configuration

Inherits:
Object
  • Object
show all
Defined in:
lib/uninterruptible/configuration.rb

Overview

Configuration parameters for an individual instance of a server.

See Server#configure for usage instructions.

Constant Summary collapse

AVAILABLE_SSL_VERSIONS = 
%w[TLSv1_1 TLSv1_2].freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#allowed_networksObject

Specifiy allowed networks to reject all connections except those originating from allowed networks. Set to an array of networks in CIDR format. If environment variable ALLOWED_NETWORKS is set, a comma separated list will be read from that. Setting this enables #block_connections?



101
102
103
 
# File 'lib/uninterruptible/configuration.rb', line 101

def allowed_networks
  @allowed_networks || (ENV['ALLOWED_NETWORKS'] && ENV['ALLOWED_NETWORKS'].split(',')) || []
end

#bindObject

URI to bind to, falls back to tcp://bind_address:bind_port if unset. Accepts tcp:// or unix:// schemes.



26
27
28
 
# File 'lib/uninterruptible/configuration.rb', line 26

def bind
  @bind || "tcp://#{bind_address}:#{bind_port}"
end

#bind_addressObject

Address to bind the server to (defaults to 0.0.0.0).



21
22
23
 
# File 'lib/uninterruptible/configuration.rb', line 21

def bind_address
  @bind_address || "0.0.0.0"
end

#bind_portInteger

Available TCP Port for the server to bind to (required). Falls back to environment variable PORT if set.

Returns:

  • (Integer)

    Port number to bind to

Raises:



14
15
16
17
18
 
# File 'lib/uninterruptible/configuration.rb', line 14

def bind_port
  port = (@bind_port || ENV["PORT"])
  raise ConfigurationError, "You must configure a bind_port" if port.nil?
  port.to_i
end

#client_tls_certificate_caObject

Validate any connecting clients against a specific CA. If environment variable CLIENT_TLS_CERTIFICATE_CA is set, attempt to read from that file. Setting this enables #verify_client_tls_certificate?



94
95
96
 
# File 'lib/uninterruptible/configuration.rb', line 94

def client_tls_certificate_ca
  @client_tls_certificate_ca || ENV['CLIENT_TLS_CERTIFICATE_CA']
end

#log_levelObject

Severity of entries written to the log, should be one of Logger::Severity (default Logger::INFO)



51
52
53
 
# File 'lib/uninterruptible/configuration.rb', line 51

def log_level
  @log_level || Logger::INFO
end

#log_pathObject

Where should log output be written to? (defaults to STDOUT)



46
47
48
 
# File 'lib/uninterruptible/configuration.rb', line 46

def log_path
  @log_path || STDOUT
end

#pidfile_pathObject

Location to write the pid of the current server to. If blank pidfile will not be written. Falls back to environment variable PID_FILE if set.



32
33
34
 
# File 'lib/uninterruptible/configuration.rb', line 32

def pidfile_path
  @pidfile_path || ENV["PID_FILE"]
end

#start_commandObject

Command that should be used to reexecute the server (required). Note: bundle exec will be automatically added.

Examples:

rake app:run_server

Raises:



40
41
42
43
 
# File 'lib/uninterruptible/configuration.rb', line 40

def start_command
  raise ConfigurationError, "You must configure a start_command" unless @start_command
  @start_command
end

#tls_certificateObject

Certificate used for authenticating TLS connection. If environment variable TLS_CERTIFICATE is set, attempt to read from a file at that location



81
82
83
 
# File 'lib/uninterruptible/configuration.rb', line 81

def tls_certificate
  @tls_certificate || (ENV['TLS_CERTIFICATE'] ? File.read(ENV['TLS_CERTIFICATE']) : nil)
end

#tls_keyObject

Private key used for encrypting TLS connection. If environment variable TLS_KEY is set, attempt to read from a file at that location.



75
76
77
 
# File 'lib/uninterruptible/configuration.rb', line 75

def tls_key
  @tls_key || (ENV['TLS_KEY'] ? File.read(ENV['TLS_KEY']) : nil)
end

#tls_versionObject

TLS version to use for the connection. Must be one of Uninterruptible::Configuration::AVAILABLE_SSL_VERSIONS If unset, connection will be unencrypted.



63
64
65
66
67
68
69
70
71
 
# File 'lib/uninterruptible/configuration.rb', line 63

def tls_version
  version = @tls_version || ENV['TLS_VERSION'] || 'TLSv1_2'

  unless AVAILABLE_SSL_VERSIONS.include?(version)
    raise ConfigurationError, "Please ensure tls_version is one of #{AVAILABLE_SSL_VERSIONS.join(', ')}"
  end

  version
end

#verify_client_tls_certificate=(value) ⇒ Object (writeonly)

Sets the attribute verify_client_tls_certificate

Parameters:

  • value

    the value to set the attribute verify_client_tls_certificate to.



8
9
10
 
# File 'lib/uninterruptible/configuration.rb', line 8

def verify_client_tls_certificate=(value)
  @verify_client_tls_certificate = value
end

Instance Method Details

#block_connections?Boolean

True when allowed_networks is set

Returns:

  • (Boolean) 


106
107
108
 
# File 'lib/uninterruptible/configuration.rb', line 106

def block_connections?
  !allowed_networks.empty?
end

#tls_enabled?Boolean

Should the socket server be wrapped with a TLS server (TCP only). Automatically enabled when #tls_key or #tls_certificate is set

Returns:

  • (Boolean) 


57
58
59
 
# File 'lib/uninterruptible/configuration.rb', line 57

def tls_enabled?
  !tls_key.nil? || !tls_certificate.nil?
end

#verify_client_tls_certificate?Boolean

Should the client be required to present it’s own SSL Certificate? Set #verify_client_tls_certificate to true, or environment variable VERIFY_CLIENT_TLS_CERTIFICATE to enable

Returns:

  • (Boolean) 


87
88
89
90
 
# File 'lib/uninterruptible/configuration.rb', line 87

def verify_client_tls_certificate?
  @verify_client_tls_certificate == true || !ENV['VERIFY_CLIENT_TLS_CERTIFICATE'].nil? ||
    !client_tls_certificate_ca.nil?
end