vikarti.anatra/safing-portbase
1
0
Fork 0
mirror of https://github.com/safing/portbase synced 2025-09-01 01:59:48 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
safing-portbase/configuration/configuration.go
Daniel 96ec15b39b Initial commit after restructure
2018-08-13 14:05:58 +02:00

96 lines
4.6 KiB
Go
Raw Blame History

// Copyright Safing ICS Technologies GmbH. Use of this source code is governed by the AGPL license that can be found in the LICENSE file.
package configuration
import (
"sync/atomic"
"github.com/Safing/safing-core/database"
datastore "github.com/ipfs/go-datastore"
)
type SecurityLevelBoolean int8
func (slb SecurityLevelBoolean) IsSet() bool {
return int8(atomic.LoadInt32(securityLevel)) >= int8(slb)
}
func (slb SecurityLevelBoolean) IsSetWithLevel(customSecurityLevel int8) bool {
return customSecurityLevel >= int8(slb) || int8(atomic.LoadInt32(securityLevel)) >= int8(slb)
}
func (slb SecurityLevelBoolean) Level() int8 {
return int8(slb)
}
type Configuration struct {
database.Base
// Security Config
EnforceCT SecurityLevelBoolean `json:",omitempty bson:",omitempty"` // Hardfail on Certificate Transparency
EnforceRevocation SecurityLevelBoolean `json:",omitempty bson:",omitempty"` // Hardfail on Certificate Revokation
DenyInsecureTLS SecurityLevelBoolean `json:",omitempty bson:",omitempty"` // Block TLS connections, that use insecure TLS versions, cipher suites, ...
DenyTLSWithoutSNI SecurityLevelBoolean `json:",omitempty bson:",omitempty"` // Block TLS connections that do not use SNI, connections without SNI cannot be verified as well as connections with SNI.
DoNotUseAssignedDNS SecurityLevelBoolean `json:",omitempty bson:",omitempty"` // Do not use DNS Servers assigned by DHCP
DoNotUseMDNS SecurityLevelBoolean `json:",omitempty bson:",omitempty"` // Do not use mDNS
DoNotForwardSpecialDomains SecurityLevelBoolean `json:",omitempty bson:",omitempty"` // Do not resolve special domains with assigned DNS Servers
AlwaysPromptAtNewProfile SecurityLevelBoolean `json:",omitempty bson:",omitempty"` // Always prompt user to review new profiles
DenyNetworkUntilProfileApproved SecurityLevelBoolean `json:",omitempty bson:",omitempty"` // Deny network communication until a new profile is actively approved by the user
// Generic Config
CompetenceLevel int8 `json:",omitempty bson:",omitempty"` // Select CompetenceLevel
Beta bool `json:",omitempty bson:",omitempty"` // Take part in Beta
PermanentVerdicts bool `json:",omitempty bson:",omitempty"` // As soon as work on a link is finished, leave it to the system for performance and stability
DNSServers []string `json:",omitempty bson:",omitempty"` // DNS Servers to use for name resolution. Please refer to the user guide for further help.
// regex: ^(DoH|DNS|TDNS)\|[A-Za-z0-9\.:\[\]]+(\|[A-Za-z0-9\.:]+)?$
DNSServerRetryRate int64 `json:",omitempty bson:",omitempty"` // Amount of seconds to wait until failing DNS Servers may be retried.
CountryBlacklist []string `json:",omitempty bson:",omitempty"` // Do not connect to servers in these countries
ASBlacklist []uint32 `json:",omitempty bson:",omitempty"` // Do not connect to server in these AS
LocalPort17Node bool `json:",omitempty bson:",omitempty"` // Serve as local Port17 Node
PublicPort17Node bool `json:",omitempty bson:",omitempty"` // Serve as public Port17 Node
}
var (
configurationModel *Configuration // only use this as parameter for database.EnsureModel-like functions
configurationInstanceName = "config"
defaultConfigurationInstanceName = "default"
)
func initConfigurationModel() {
database.RegisterModel(configurationModel, func() database.Model { return new(Configuration) })
}
// Create saves Configuration with the provided name in the default namespace.
func (m *Configuration) Create(name string) error {
return m.CreateObject(&database.Me, name, m)
}
// CreateInNamespace saves Configuration with the provided name in the provided namespace.
func (m *Configuration) CreateInNamespace(namespace *datastore.Key, name string) error {
return m.CreateObject(namespace, name, m)
}
// Save saves Configuration.
func (m *Configuration) Save() error {
return m.SaveObject(m)
}
// GetConfiguration fetches Configuration with the provided name in the default namespace.
func GetConfiguration(name string) (*Configuration, error) {
return GetConfigurationFromNamespace(&database.Me, name)
}
// GetConfigurationFromNamespace fetches Configuration with the provided name in the provided namespace.
func GetConfigurationFromNamespace(namespace *datastore.Key, name string) (*Configuration, error) {
object, err := database.GetAndEnsureModel(namespace, name, configurationModel)
if err != nil {
return nil, err
}
model, ok := object.(*Configuration)
if !ok {
return nil, database.NewMismatchError(object, configurationModel)
}
return model, nil
}
Reference in a new issue View git blame Copy permalink