fraiseql-server 2.2.0

HTTP server for FraiseQL v2 GraphQL engine
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

//! TLS configuration types for server and database connections.

use std::path::PathBuf;

use serde::{Deserialize, Serialize};

use super::defaults::{
    default_clickhouse_https, default_elasticsearch_https, default_postgres_ssl_mode,
    default_redis_ssl, default_tls_min_version, default_verify_certs,
};

/// GraphQL IDE/playground tool to use.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize, Default)]
#[serde(rename_all = "kebab-case")]
#[non_exhaustive]
pub enum PlaygroundTool {
    /// `GraphiQL` - the classic GraphQL IDE.
    GraphiQL,
    /// Apollo Sandbox - Apollo's embeddable GraphQL IDE (default).
    ///
    /// Apollo Sandbox offers a better UX with features like:
    /// - Query collections and history
    /// - Schema documentation explorer
    /// - Variables and headers panels
    /// - Operation tracing
    #[default]
    ApolloSandbox,
}

/// TLS server configuration for HTTPS and secure connections.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct TlsServerConfig {
    /// Enable TLS for HTTP/gRPC endpoints.
    pub enabled: bool,

    /// Path to TLS certificate file (PEM format).
    pub cert_path: PathBuf,

    /// Path to TLS private key file (PEM format).
    pub key_path: PathBuf,

    /// Require client certificate (mTLS) for all connections.
    #[serde(default)]
    pub require_client_cert: bool,

    /// Path to CA certificate for validating client certificates (for mTLS).
    #[serde(default)]
    pub client_ca_path: Option<PathBuf>,

    /// Minimum TLS version ("1.2" or "1.3", default: "1.2").
    #[serde(default = "default_tls_min_version")]
    pub min_version: String,
}

/// Database TLS configuration for encrypted database connections.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct DatabaseTlsConfig {
    /// PostgreSQL SSL mode: disable, allow, prefer, require, verify-ca, verify-full.
    #[serde(default = "default_postgres_ssl_mode")]
    pub postgres_ssl_mode: String,

    /// Enable TLS for Redis connections (use rediss:// protocol).
    #[serde(default = "default_redis_ssl")]
    pub redis_ssl: bool,

    /// Enable HTTPS for `ClickHouse` connections.
    #[serde(default = "default_clickhouse_https")]
    pub clickhouse_https: bool,

    /// Enable HTTPS for Elasticsearch connections.
    #[serde(default = "default_elasticsearch_https")]
    pub elasticsearch_https: bool,

    /// Verify server certificates for HTTPS connections.
    #[serde(default = "default_verify_certs")]
    pub verify_certificates: bool,

    /// Path to CA certificate bundle for verifying server certificates.
    #[serde(default)]
    pub ca_bundle_path: Option<PathBuf>,
}