cloakpipe_core/
config.rs

1//! Configuration types parsed from cloakpipe.toml.
2
3use crate::resolver::ResolverConfig;
4use crate::session::SessionConfig;
5use serde::{Deserialize, Serialize};
6
7#[derive(Debug, Clone, Deserialize, Serialize)]
8pub struct CloakPipeConfig {
9    pub proxy: ProxyConfig,
10    pub vault: VaultConfig,
11    /// Industry profile for smart detection defaults (general, legal, healthcare, fintech).
12    #[serde(default)]
13    pub profile: Option<String>,
14    pub detection: DetectionConfig,
15    #[serde(default)]
16    pub tree: TreeConfig,
17    #[serde(default)]
18    pub vectors: VectorConfig,
19    #[serde(default)]
20    pub local: LocalConfig,
21    #[serde(default)]
22    pub audit: AuditConfig,
23    #[serde(default)]
24    pub session: SessionConfig,
25}
26
27#[derive(Debug, Clone, Deserialize, Serialize)]
28pub struct ProxyConfig {
29    pub listen: String,
30    pub upstream: String,
31    #[serde(default = "default_api_key_env")]
32    pub api_key_env: String,
33    #[serde(default = "default_timeout")]
34    pub timeout_seconds: u64,
35    #[serde(default = "default_max_concurrent")]
36    pub max_concurrent: usize,
37    #[serde(default = "default_mode")]
38    pub mode: String,
39}
40
41#[derive(Debug, Clone, Deserialize, Serialize)]
42pub struct VaultConfig {
43    pub path: String,
44    #[serde(default = "default_encryption")]
45    pub encryption: String,
46    pub key_env: Option<String>,
47    #[serde(default)]
48    pub key_keyring: bool,
49    #[serde(default = "default_vault_backend")]
50    pub backend: String,
51}
52
53#[derive(Debug, Clone, Deserialize, Serialize)]
54pub struct DetectionConfig {
55    #[serde(default = "default_true")]
56    pub secrets: bool,
57    #[serde(default = "default_true")]
58    pub financial: bool,
59    #[serde(default = "default_true")]
60    pub dates: bool,
61    #[serde(default = "default_true")]
62    pub emails: bool,
63    #[serde(default)]
64    pub phone_numbers: bool,
65    #[serde(default)]
66    pub ip_addresses: bool,
67    #[serde(default)]
68    pub urls_internal: bool,
69    #[serde(default)]
70    pub ner: NerConfig,
71    #[serde(default)]
72    pub custom: CustomConfig,
73    #[serde(default)]
74    pub overrides: OverrideConfig,
75    #[serde(default)]
76    pub resolver: ResolverConfig,
77}
78
79#[derive(Debug, Clone, Default, Deserialize, Serialize)]
80pub struct NerConfig {
81    #[serde(default)]
82    pub enabled: bool,
83    pub model: Option<String>,
84    #[serde(default = "default_confidence")]
85    pub confidence_threshold: f64,
86    #[serde(default)]
87    pub entity_types: Vec<String>,
88}
89
90#[derive(Debug, Clone, Default, Deserialize, Serialize)]
91pub struct CustomConfig {
92    #[serde(default)]
93    pub patterns: Vec<CustomPattern>,
94}
95
96#[derive(Debug, Clone, Deserialize, Serialize)]
97pub struct CustomPattern {
98    pub name: String,
99    pub regex: String,
100    pub category: String,
101}
102
103#[derive(Debug, Clone, Default, Deserialize, Serialize)]
104pub struct OverrideConfig {
105    #[serde(default)]
106    pub preserve: Vec<String>,
107    #[serde(default)]
108    pub force: Vec<String>,
109}
110
111#[derive(Debug, Clone, Deserialize, Serialize)]
112pub struct TreeConfig {
113    #[serde(default = "default_true")]
114    pub enabled: bool,
115    #[serde(default = "default_tree_path")]
116    pub storage_path: String,
117    #[serde(default = "default_tree_model")]
118    pub index_model: String,
119    #[serde(default = "default_tree_model")]
120    pub search_model: String,
121    #[serde(default = "default_max_pages")]
122    pub max_pages_per_node: usize,
123    #[serde(default = "default_max_tokens")]
124    pub max_tokens_per_node: usize,
125    #[serde(default = "default_true")]
126    pub add_node_summaries: bool,
127    #[serde(default = "default_true")]
128    pub pseudonymize_summaries: bool,
129}
130
131#[derive(Debug, Clone, Default, Deserialize, Serialize)]
132pub struct VectorConfig {
133    #[serde(default)]
134    pub encrypt: bool,
135    #[serde(default = "default_adcpe")]
136    pub algorithm: String,
137    pub key_env: Option<String>,
138}
139
140#[derive(Debug, Clone, Default, Deserialize, Serialize)]
141pub struct LocalConfig {
142    pub embeddings_model: Option<String>,
143    #[serde(default = "default_vector_db")]
144    pub vector_db: String,
145    pub vector_db_path: Option<String>,
146    pub llm_model: Option<String>,
147    pub llm_backend: Option<String>,
148}
149
150#[derive(Debug, Clone, Deserialize, Serialize)]
151pub struct AuditConfig {
152    #[serde(default = "default_true")]
153    pub enabled: bool,
154    #[serde(default = "default_audit_path")]
155    pub log_path: String,
156    #[serde(default = "default_jsonl")]
157    pub format: String,
158    #[serde(default = "default_retention")]
159    pub retention_days: u32,
160    #[serde(default = "default_true")]
161    pub log_entities: bool,
162    #[serde(default)]
163    pub log_mappings: bool,
164    #[serde(default = "default_audit_backend")]
165    pub backend: String,
166}
167
168// Default value functions
169fn default_true() -> bool { true }
170fn default_api_key_env() -> String { "OPENAI_API_KEY".into() }
171fn default_timeout() -> u64 { 120 }
172fn default_max_concurrent() -> usize { 256 }
173fn default_mode() -> String { "cloaktree".into() }
174fn default_encryption() -> String { "aes-256-gcm".into() }
175fn default_vault_backend() -> String { "file".into() }
176fn default_audit_backend() -> String { "jsonl".into() }
177fn default_confidence() -> f64 { 0.85 }
178fn default_tree_path() -> String { "./trees/".into() }
179fn default_tree_model() -> String { "gpt-4o".into() }
180fn default_max_pages() -> usize { 10 }
181fn default_max_tokens() -> usize { 20000 }
182fn default_adcpe() -> String { "adcpe".into() }
183fn default_vector_db() -> String { "lancedb".into() }
184fn default_audit_path() -> String { "./audit/".into() }
185fn default_jsonl() -> String { "jsonl".into() }
186fn default_retention() -> u32 { 90 }
187
188impl Default for TreeConfig {
189    fn default() -> Self {
190        Self {
191            enabled: true,
192            storage_path: default_tree_path(),
193            index_model: default_tree_model(),
194            search_model: default_tree_model(),
195            max_pages_per_node: default_max_pages(),
196            max_tokens_per_node: default_max_tokens(),
197            add_node_summaries: true,
198            pseudonymize_summaries: true,
199        }
200    }
201}
202
203impl Default for AuditConfig {
204    fn default() -> Self {
205        Self {
206            enabled: true,
207            log_path: default_audit_path(),
208            format: default_jsonl(),
209            retention_days: default_retention(),
210            log_entities: true,
211            log_mappings: false,
212            backend: default_audit_backend(),
213        }
214    }
215}
cloakpipe_core/config.rs

cloakpipe_core/
config.rs
