# `ordinary.json` Reference
## `OrdinaryConfig`
Config definition for an Ordinary Application
### `lifecycle`
> (any of) [TopLevelLifecycle](#toplevellifecycle) | null
### `domain`
> string
Domain name for the application to be run from the
deployment environment.
### `cnames`
> array<string> | null
additional domains with a CNAME or ALIAS records
pointing at the primary `OrdinaryConfig::domain`.
add a TXT record in the following format:
`ordinary=your.config.domain`
### `canonical`
> string | null
specify which of the `domain` or `cnames` is
the "canonical" location.
this is useful for [indexing](https://developers.google.com/search/docs/crawling-indexing/consolidate-duplicate-urls)
and situations where you want to display the primary
URL as text on the page itself (i.e. pick one of `example.some.host`, `example.com`, and `www.example.com`).
defaults to `domain` if `cnames` is empty. defaults to first `cname` in list if `cnames`
are not empty.
### `redirects`
> (any of) [Redirects](#redirects) | null
configuration of internal redirects
### `proxies`
> array<[ProxyConfig](#proxyconfig)> | null
configuration of proxied services
### `contacts`
> array<string> | null
list of email addresses that can be used to contact
the application owner or administrators.
### `hide_contacts`
> boolean | null
whether contacts should be hidden (defaults to `true`)
### `version`
> string
Version of the site build.
### `storage_size`
> integer | null
Storage size in bytes (rounded up to nearest OS page size).
### `default_timeout`
> integer | null
Default request timeout.
Unit (seconds).
### `csp`
> (any of) [HttpCsp](#httpcsp) | null
HTTP Content Security Policy configuration.
<https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP>
"Base" defaults to `default-src 'self';` and tacks on SHA-256 integrity
hashes for all inlined scripts and styles (generated at build time) to
`script-src 'self' sha256-b64` and `style-src 'self' sha256-b64`, respectively.
`https:` is used when not running in `--insecure` mode.
### `cors`
> (any of) [HttpCors](#httpcors) | null
### `runtime`
> (any of) [RuntimeMode](#runtimemode) | null
Specifies runtime mode for application on the host.
If none is specified, defaults to Shared (or host default).
### `hide_schema`
> boolean | null
When set to true, `{{ domain }}/.ordinary/schema`
is not addressable.
Note: this can break applications which depend on
flags, and `action`/`template` query descriptors.
### `client_rendering`
> boolean | null
Include template rendering code in the client WASM.
### `obfuscation`
> boolean | null
Include E2EE handler code in the client WASM.
### `client_events`
> boolean | null
Include E2EE handler code in the client WASM.
### `port`
> integer | null
Port to be used for standalone "run" instances.
### `redirect_port`
> integer | null
port used for redirecting from http when
standalone is running in secure mode.
### `logging`
> (any of) [LoggingConfig](#loggingconfig) | null
### `error`
> (any of) [ErrorConfig](#errorconfig) | null
Configures error handling.
Note: If not included just the error message will be
sent back as text.
### `auth`
> (any of) [AuthConfig](#authconfig) | null
Auth config for the Ordinary application.
### `globals`
> array<[Global](#global)> | null
Global constants that can be accessed from templates
### `secrets`
> array<[Secret](#secret)> | null
Secrets that can be used by actions or integrations.
### `flags`
> array<[Flag](#flag)> | null
Feature flags which can be referenced from templates
to inform application behavior, and run experiments.
### `content`
> (any of) [Content](#content) | null
Definitions for static content "types"/object structure
that can be used to inform template/page development (i.e.
one might define a "post" content definition, and then create
a template for their blog).
### `models`
> array<[ModelConfig](#modelconfig)> | null
Definitions for the models that will be stored in the Ordinary database.
### `integrations`
> array<[IntegrationConfig](#integrationconfig)> | null
Definitions for the external APIs that will be integrated
into the Ordinary application.
### `actions`
> array<[ActionConfig](#actionconfig)> | null
IO, access and language configuration for actions that
are compiled to and executed as WebAssembly modules.
### `assets`
> (any of) [AssetsConfig](#assetsconfig) | null
Specifies the asset directory and per-path configuration
details for assets that require preprocessing (TypeScript, SCSS,
JavaScript minification, etc.)
### `fragments`
> (any of) [FragmentsConfig](#fragmentsconfig) | null
Configuration for the template fragments
### `templates`
> array<[TemplateConfig](#templateconfig)> | null
Configuration for the templates/pages that the application
will render. Each template is compiled to a WebAssembly module
which accepts runtime arguments for models/content/integrations, and can be
executed on either the server or the client.
With the option to render on the client, only the result of the server
query needs to be sent, in a compact, optimized, format.
Currently, all rendering is happening server-side, and only HTML is being sent.
In an ideal/future state multiple modes will be supported, even up to a full
'noscript' config.
## `TopLevelLifecycle`
### `before_all`
> array<array> | null
run before every lifecycle operation
### `build`
> (any of) [LifecycleBeforeAfterScripts](#lifecyclebeforeafterscripts) | null
configure build lifecycle hooks
## `LifecycleBeforeAfterScripts`
### `before`
> array<array> | null
### `after`
> array<array> | null
## `Redirects`
### `host`
> array<[HostRedirect](#hostredirect)> | null
host redirects
### `route`
> array<[RouteRedirect](#routeredirect)> | null
route redirects
## `HostRedirect`
### `from`
> string
from host name
### `to`
> string
to host name
### `method`
redirect method
## `RedirectMethod`
> (one of)
307 <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status/307>
> Temporary (string)
308 <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status/308>
> Permanent (string)
## `RouteRedirect`
### `condition`
> string
[axum route](https://docs.rs/axum/latest/axum/struct.Router.html#method.route) pattern
### `rule`
> array
translation regexes map to [`Regex::replace_all`](https://docs.rs/regex/latest/regex/#example-replacement-with-named-capture-groups)
where `rule.0` is body of `Regex::new()` and `rule.1` is second param of `re.replace_all()`.
### `method`
redirect method
## `ProxyConfig`
proxy configuration.
**Note:** `path` should not be set at the same time as either `domain`
or `port`. `path` takes precedence and the other sources will be ignored.
if the `path`, `domain` and `port` are all unset, validation will fail.
### `path`
> string | null
an `axum` [route](https://docs.rs/axum/latest/axum/routing/struct.Router.html#method.route)
with a `*path` wildcard that will be appended to the target.
i.e. `"/some/path/{*path}"`
**Note:** MUST end in a trailing `/{*path}`
### `domain`
> string | null
custom domain with an ALIAS/CNAME pointing at the primary `OrdinaryConfig::domain`
and a TXT record indicating ownership (i.e. `ordinary-proxy=your.config.domain`).
i.e `example.com`
**Note:** if a `path` is specified, the `domain` will be ignored
### `port`
> integer | null
preferred port that the proxy will listen on in a `--dedicated-ports`
configured multi-tenant server OR a standalone app instance.
i.e `8081`
**Note:** if a `path` is specified, the `port` will be ignored,
and `port` will not be tried without `domain` being present.
### `target`
> string
url for resource to proxy.
i.e. `https://example.com`
## `HttpCsp`
### `default_src`
> string | null
defaults to `'self'` (`default-src ` does not need to be included)
### `script_src`
> string | null
defaults to unset unless inline hashes are included,
in which case the directive will start with `'self'` (`script-src ` does not need to be included).
### `style_src`
> string | null
defaults to unset unless inline hashes are included,
in which case the directive will start with `'self'` (`style-src ` does not need to be included).
### `font_src`
> string | null
defaults to unset.
(`font-src ` does not need to be included).
### `img_src`
> string | null
defaults to unset.
(`img-src ` does not need to be included).
### `frame_src`
> string | null
defaults to unset.
(`frame-src ` does not need to be included).
### `include_inline_hashes`
> boolean | null
defaults to `true`.
## `HttpCors`
### `allow_credentials`
> boolean | null
### `allow_headers`
> (any of) [HttpCorsAllowHeaders](#httpcorsallowheaders) | null
### `max_age`
> integer | null
unit: Seconds
### `allow_methods`
> (any of) [HttpCorsAllowMethods](#httpcorsallowmethods) | null
### `allow_origin`
> (any of) [HttpCorsAllowOrigin](#httpcorsalloworigin) | null
### `expose_headers`
> (any of) [HttpCorsExposeHeaders](#httpcorsexposeheaders) | null
### `allow_private_network`
> boolean | null
## `HttpCorsAllowHeaders`
> (one of)
> (enum) Any
> object
<https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers>
### `Headers`
> array<string>
## `HttpCorsAllowMethods`
> (one of)
> (enum) Any
> object
<https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods>
### `Methods`
> array<string>
## `HttpCorsAllowOrigin`
> (one of)
> (enum) Any
> object
<https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin>
### `Origins`
> array<string>
## `HttpCorsExposeHeaders`
> (one of)
> (enum) Any
> object
<https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers>
### `Headers`
> array<string>
## `RuntimeMode`
> (one of)
Application will run on the shared multithreaded
tokio runtime.
> Shared (string)
Application will run on a separate thread with its
own single-threaded tokio runtime.
> SingleThreaded (string)
Application will run on a separate thread with its
own multithreaded tokio runtime.
> MultiThreaded (string)
## `LoggingConfig`
### `client`
> (any of) [ClientLoggingConfig](#clientloggingconfig) | null
### `server`
> (any of) [ServerLoggingConfig](#serverloggingconfig) | null
## `ClientLoggingConfig`
### `min_delay`
> integer | null
bottom end of the delayed delivery range (seconds)
### `max_delay`
> integer | null
top end of delayed delivery range (seconds)
### `max_buffer`
> integer | null
max number of events to be buffered on the client
prior to flush.
### `max_batch`
> integer | null
sets the max number of events in a given request.
## `ServerLoggingConfig`
### `ips`
> boolean | null
### `headers`
> boolean | null
### `credentials`
> (any of) [RedactedHashAlg](#redactedhashalg) | null
### `timing`
> boolean | null
### `sizes`
> boolean | null
## `RedactedHashAlg`
> string
## `ErrorConfig`
### `template`
> string | null
Refers to the error template by name.
Note: if set, will override the `asset` field
### `asset`
> string | null
Refers to the asset by path.
Note: if `template` is set it will override this field
## `AuthConfig`
Auth configuration.
### `password`
Configuration for passwords.
### `mfa`
MFA configuration for auth.
### `refresh_token`
Configuration for refresh tokens.
### `access_token`
Configuration for access tokens.
### `cookies_enabled`
> boolean
Determines whether cookies should be used
for browser based template navigation, and form submissions
Note: when set to `false`, `protected` templates, and actions triggered
by form submission will fail. Form based registration and login will
necessarily be disabled, also.
!! Important: when set to `true`, tokens retrieved for `js` and `noscript` flavors
!! do not support client signatures, because http-only cookies cannot be signed by
!! the client.
### `client_hash`
what algorithm is used to hash passwords and MFA codes
### `invite`
> (any of) [InviteConfig](#inviteconfig) | null
invite config
## `PasswordConfig`
Configuration for passwords.
### `protocol`
## `PasswordProtocol`
> (one of)
When WASM is enabled, this will run the client portions
browser-side. When JavaScript-only, passwords will be hashed
and then sent to the server where the client portion will
be done on behalf of the user. In noscript mode, the password
is sent only protected by TLS, hashed and then the client operations
are done server side.
If a user later decides to enable JavaScript or WASM, they'll be
able to opt in to the no-plain-password-sent modes without interruption.
> Opaque (string)
Configuration for password protocol.
## `MfaConfig`
### `totp`
## `TotpConfig`
### `template`
> string | null
Used for response after registration form is submitted.
Will just return a QR code SVG if not set.
### `algorithm`
## `TotpAlgorithm`
> (one of)
only allowing SHA1 for now
because many of the major MFA authenticator
apps don't support SHA256 or SHA512, and fail silently.
> Sha1 (string)
## `RefreshTokenConfig`
Configuration for refresh tokens.
### `algorithm`
Algorithm used for verifying the token.
### `lifetime`
> integer
How long a token should be valid for (seconds).
### `rotation`
> integer
how frequently the key should be rotated
## `TokenAlgorithm`
> string
## `AccessTokenConfig`
Configuration for access tokens.
### `algorithm`
Algorithm used for verifying the token.
### `lifetime`
> integer
How long a token should be valid for (seconds).
### `rotation`
> integer
how frequently the key should be rotated
### `claims`
> array<[Field](#field)>
Token claims structuring.
Note: `idx` starts at 1 to create space for system claims (id, domain, and account).
## `Field`
Fields are used to describe properties on a model,
IO for actions/integrations and content definitions.
### `idx`
> integer
The index used for compact, vector based serialization.
The index is preserved even if the property name changes.
Each field must be assigned an index value from 0-255, with
no gaps (i.e. cannot go from 2 to 4 without also having a field
with an index of 3).
### `name`
> string
this is the name that is used when accessing a property in a template
and will be the name that is used in the JSON serialized format.
### `kind`
the "kind" represents the type of the value that will
be stored or sent.
### `indexed`
> boolean | null
Used for models and content definitions. Determines whether
you can access an object/item by this property. All items
have are automatically stored ID that can be used for look
up if no properties are indexed.
Note: `indexed` fields also have a uniqueness constraint.
!! Important: only `String`, `Uuid` and `Url` kinds can be indexed
### `queryable`
> boolean | null
Specifies whether field can be queried via Gte/Gt, Lte/Lt, Eq and `BeginsWith`.
!! Important: only `Bool`, `String`, `Url`, `Uuid`, `Timestamp`, `U8/16/32/64`, `I8/16/32/64`,
!! and `F32/64` kinds can be made queryable.
### `searchable`
> boolean | null
Specifies whether the field can be searched by any value of the same kind.
### `mapping`
> string | null
Used for integrations, so that a property on the external
resource's response can be renamed.
### `doc`
> string | null
Optional message to hint to the user
in an editor.
### `compressed`
> boolean | null
Compresses the value of the field using the Zstd compression algorithm (level 4).
Note: at some point in the future, compression levels and compression algorithm
selection will be configurable.
### `encrypted`
> boolean | null
Encrypts the field using `XChaCha20Poly1305`.
Note: The storage encryption key is stored on the same
server as the data it's encrypting; anyone with full access
to the server. This is mostly useful for protecting
sensitive data in backups (assuming the key isn't stored with the
backup), and can potentially limit exposure in partial-access context
stemming from a misconfiguration or a mistake in a multi-tenant scenario
(i.e. for whatever reason tenant A's database contents is moved to tenant B's
directory, without the keys also being shifted over).
!! Important: this is not currently intended for storing *any* meaningfully
!! sensitive data (e.g. SSNs, credit card numbers, passwords, encryption keys, etc.)
!! use (or don't) at your own risk.
## `Kind`
> (one of)
> object
In the case of one-to-many the deletion of the
parent reference causes a cascading delete (i.e if you have a user, chat, message
relationship structure, deletion of the user or the chat automatically
deletes messages owned by either).
References must always be bidirectionally defined.
### `Ref`
> object
### `model`
> string
name of model you're referencing.
### `field`
> string
name of the field on the model.
### `many`
> boolean | null
whether you have many of the referenced model.
null/void/undefined/None
> Void (string)
boolean/true/false
> Bool (string)
integers between
> I8 (string)
integers between
> U8 (string)
integers between
> I16 (string)
integers between
> U16 (string)
integers between
> I32 (string)
integers between
> U32 (string)
integers between
> I64 (string)
integers between
> U64 (string)
floats between
> F32 (string)
floats between
> F64 (string)
universal unique identifiers. 16 bytes
or 36 characters.
> Uuid (string)
must be a valid URL
> Url (string)
> object
unix timestamp
### `Timestamp`
> object
### `unit`
array of bytes.
> Blob (string)
text/string/characters.
> String (string)
JSON formatted string.
> Json (string)
Markdown formatted string
> Markdown (string)
> object
array of values.
### `List`
> object
### `kind`
the type for the values stored in the list.
> object
Select from a list of options. Stored as its u8 index value.
### `Enum`
> object
### `name`
> string
### `opts`
> array<[EnumOpt](#enumopt)>
> object
complex kind with its own name and subfields.
### `Object`
> object
### `name`
> string
the object definition's name.
### `fields`
> array<[Field](#field)>
nested subfields.
Defines the types recognized by this framework.
## `TimeUnit`
> string
## `EnumOpt`
### `idx`
> integer
### `name`
> string
## `ClientPasswordHash`
> (one of)
Limited by what browsers can support, SHA-256 is
a good option for a client-side hash to enable
slightly better password protection when in
javascript-only mode, without the WASM for Opaque.
> Sha256 (string)
Configuration for client password hashing.
When JavaScript or WASM modes are enabled, passwords are
hashed with the application name, and account, before transit
(or in the case of WASM prior to the Opaque client operations
if Opaque is selected for the `PasswordProtocol`).
## `InviteConfig`
### `mode`
### `lifetime`
> integer
How long a token is valid for.
Defaults to 7 days.
### `clean_interval`
> array
On what interval to clean up expired token ids.
Defaults to 30 - 90 seconds.
### `claims`
> array<[Field](#field)> | null
Values that can be used internally in the API server to
set default permissions for new accounts.
TODO: in the future, these can also be set in order to pre-validate
TODO: or constrain `app` account registrations. This will require the
TODO: use of an `InviteCreate` action trigger (for validating and setting
TODO: the invite token claims), and a pre-registration `InviteValidate`,
TODO: as well as passing the invite token claims to the `Registration` trigger
TODO: (allowing for the validated invite claims to be used in the account
TODO: claims setting operation).
Note: `idx` starts at 1 to create space for system claims (id, domain, and account).
## `InviteMode`
> (one of)
only the root user can invite
> Root (string)
only a site admin can invite
> Admin (string)
anyone who has been invited can invite anyone else
> Viral (string)
## `Global`
Global constant definitions, for use in [`ordinary_template::Template`]s.
### `name`
> string
Name of the global constant.
### `kind`
Type definition for the global variable.
### `value`
JSON value of the global constant.
## `Secret`
Mechanism for exposing secrets to `Integration`s.
### `name`
> string
Name of the secret.
### `source`
Where to retrieve the secret from.
### `visibility`
Where the secret is to be used.
## `SecretSource`
> (one of)
Name of the host provided environment variable/secret.
`Env` secrets are available to every tenant for a given
API server (when running in "multi" mode).
This is useful in scenarios where a provider running the API
server would like to expose convenient integrations with 3rd parties, for
which it only wants to maintain a single set of credentials.
`Env` secrets are also useful when you're running a standalone
application and do not need a more complicated secrets management
paradigm.
> Env (string)
Name of a stored secret.
`Stored` secrets are application scoped, and can be set
through an API server on which the application runs.
`Stored` secrets live in their own database and are only
accessible to components with permissions.
> Stored (string)
Where Ordinary will look for the secret.
## `SecretVisibility`
> (one of)
`Integrations` level visibility runs the risk of unintentionally
sending a secret to the incorrect endpoint, but does not expose
secrets to any user defined modules.
> Integrations (string)
Where the secret is accessible from.
## `Flag`
Feature flag definition.
Note: Flags use cookies for non-logged in users,
and use fields set on their token after they're logged in
so that users have the ability to configure their preference
if they have one.
### `idx`
> integer
Unique index for the feature flag.
### `name`
> string
Name of the feature flag.
### `options`
> array<[FlagOption](#flagoption)>
Options for this flag. Percentage must
total 100.
## `FlagOption`
Option for the feature flag.
### `idx`
> integer
Unique index for this flag option.
### `name`
> string
Name of this feature flag option.
### `percentage`
> integer
Percentage of users that will have this
flag turned on.
## `Content`
Content is used for static values that should be updated
independent of document structure, stylings or behavior.
Content is stored in a denormalized format for indexed fields
to optimize for maximum read efficiency.
### `file_path`
> string
Specifies the path to the JSON file which contains
the content objects.
### `definitions`
> array<[ContentDefinition](#contentdefinition)>
Definitions/structure of the content objects in the
`content.json`.
### `update`
> (any of) [ContentUpdateConfig](#contentupdateconfig) | null
## `ContentDefinition`
### `idx`
> integer
Unique index for the content definition.
### `name`
> string
Name of the content definition.
### `fields`
> array<[Field](#field)>
Fields for the content definition.
Note: only fields with the `String` and `Uuid` kinds can
be indexed (for now).
### `lifecycle`
> (any of) [ContentObjectLifecycle](#contentobjectlifecycle) | null
configure scripts for responding to object lifecycle events.
## `ContentObjectLifecycle`
### `before_all`
> array<array> | null
run script before all commands in the set
### `on_add`
> (any of) [LifecycleBeforeAfterScripts](#lifecyclebeforeafterscripts) | null
hook for running scripts before/after an object
is added via CLI or studio.
`after` receives the stringified JSON object as the
first stdarg.
### `on_edit`
> (any of) [LifecycleBeforeAfterScripts](#lifecyclebeforeafterscripts) | null
hook for running scripts before/after an object
is edited via CLI or studio.
`after` receives the stringified JSON object as the
first stdarg.
### `on_delete`
> (any of) [LifecycleBeforeAfterScripts](#lifecyclebeforeafterscripts) | null
hook for running scripts before/after an object
is deleted via CLI or studio.
`after` receives the stringified JSON object as the
first stdarg.
## `ContentUpdateConfig`
### `lifecycle`
> (any of) [LifecycleBeforeAfterScripts](#lifecyclebeforeafterscripts) | null
## `ModelConfig`
Defines a model in the Ordinary Database.
### `idx`
> integer
Index of the model. Used for its kind
for storage keys. There can be no gaps in
index values.
Note: the first (0) index is always skipped as it
is reserved for the item UUID.
### `name`
> string
Name of the model.
### `fields`
> array<[Field](#field)>
Fields on the model.
### `uuid`
> (any of) [UuidVersion](#uuidversion) | null
Every model is generated with a UUID key. If this value
is blank, it will default to V4. If you'd like records to
be ordered by time, V7 is recommended.
## `UuidVersion`
> string
## `IntegrationConfig`
The mechanism for reverse proxying and calling
out to external APIs.
### `idx`
> integer
Unique index for integration
### `name`
> string
Name of the integration.
### `protocol`
Protocol used for communicating with the external service.
### `endpoint`
> string
Endpoint that the external service lives at.
### `send`
Definition for the parameters of the receiving service.
(Automatically translated to the service's protocol/encoding format).
### `recv`
Definition for the returned value of the external service.
(Automatically translated from the service's protocol/encoding format).
### `secrets`
> array<string> | null
Names of secrets to include
### `timeout`
> integer | null
Max duration for the template.
Unit: seconds
## `IntegrationProtocol`
> (one of)
> object
For integrating an external HTTP API.
### `Http`
> object
### `method`
> string
HTTP method.
### `headers`
> array<array>
static http headers
### `send_encoding`
how to encode the value passed from the action
### `recv_encoding`
how to decode the value passed back to the action
The protocol for the integration.
## `IntegrationProtocolHttpEncoding`
> string
## `ActionConfig`
Configuration parameters for Ordinary Actions.
### `ffi`
Foreign function interface config
### `idx`
> integer
Unique index value for action.
### `name`
> string
Action name. Must be unique.
### `lang`
The source language the action is written in.
### `dir_path`
> string | null
Relative path to the source directory for the action.
### `protected`
> (any of) [Check](#check) | null
What to check the token fields against. If blank
action is public.
### `transactional`
> boolean | null
whether the storage interactions
are executed under a single transaction.
### `access`
> array<[ActionAccessPermission](#actionaccesspermission)>
Which Ordinary Application resources the action has access to.
### `accepts`
Input definition for the action.
### `returns`
Output definition for the action.
### `triggered_by`
> array<[ActionTrigger](#actiontrigger)>
How this action is called (i.e. side effect from DB/Auth,
http API call, browser form submission, etc.)
### `timeout`
> integer | null
Max duration for the action.
Unit: seconds
### `cors`
> (any of) [HttpCors](#httpcors) | null
### `wasm_opt`
> (any of) [WasmOpt](#wasmopt) | null
### `privileged`
> boolean | null
Whether the action should have bindings for API server interaction.
Can only be set on applications which have been explicitly
allow-listed by the API server administrator via their domain.
### `variables`
> array<string> | null
List of build time environment variables.
format in template: `{{ YOUR_VAR }}`
## `ActionFfi`
### `version`
### `serialization`
## `ActionFfiVersion`
> string
## `ActionFfiSerialization`
> string
Input/output serialization for module and host functions.
## `ActionLang`
> (one of)
Action is written in the Rust programming language.
Uses zero-copy `FlexBuffer` vectors for serialization format.
> Rust (string)
Action is written in JavaScript.
`QuickJS` runtime embedded in a Rust WASM which itself uses
`FlexBuffer` vectors for FFI serialization, but then translates
to JSON when communicating across the `QuickJS` runtime barrier.
> JavaScript (string)
The language in which the action is written.
Many more languages will be supported in the future.
## `Check`
> object
## `ActionAccessPermission`
> (one of)
> object
Provides the action access to a given model.
### `Model`
> object
### `name`
> string
Name of the model.
### `ops`
> array<[ActionAccessModelOps](#actionaccessmodelops)>
List of allowed operations that the action
can take on the model.
> object
Provides the action access to a given content def.
### `Content`
> object
### `name`
> string
Content definition name.
> object
Provides the action access to a given integration.
### `Integration`
> object
### `name`
> string
Name of the integration the action can access.
> object
Provides the action access to another action.
### `Action`
> object
### `name`
> string
Name of the other action.
> object
Provides the action access to Ordinary Auth.
### `Auth`
> object
### `ops`
> array<[ActionAccessAuthOps](#actionaccessauthops)>
Which operations the action is allowed to take.
Defines access permissions that an Ordinary
Action can configure.
## `ActionAccessModelOps`
> (one of)
Can create an item for this model.
> Insert (string)
Can get an item for this model by UUID or Index.
> Get (string)
Can query an item for this model by queryable field.
> Query (string)
Can search an item for this model by searchable field.
> Search (string)
Can update an item for this model.
> Update (string)
Can delete an item for this model.
> Delete (string)
Model operations that an action is allowed to make.
## `ActionAccessAuthOps`
> (one of)
Allows the action the ability to set
a user's access token fields/claims.
> SetTokenFields (string)
Auth operations that an action can make.
## `ActionTrigger`
> (one of)
HTTP request with the Ordinary data format
> Ordinary (string)
> object
JSON formatted API call
### `Json`
> object
### `route`
> string
API rout
### `method`
HTTP method
> object
Web Form Submission
### `Form`
> object
### `route`
> string
endpoint the form should point at
### `method`
method for the form to use
### `redirect`
> string
redirect for after submission.
note: it is allowed to use return values in the route
via {return} or {`return.some_field_name`}
Login event from Auth
> Login (string)
Registration event from Auth
> Registration (string)
> object
For when content updates
### `Content`
> object
### `name`
> string
Action trigger options.
## `HttpMethod`
> string
## `WasmOpt`
> string
Corresponds to <https://docs.rs/wasm-opt/latest/wasm_opt/struct.OptimizationOptions.html#impl-OptimizationOptions>.
Certain levels may not work with `wasmtime`/`cranelift`.
## `AssetsConfig`
### `dir_path`
> string | null
Relative path to assets directory.
### `base_route`
> string
Note: must start with a `/` and cannot end with a `/` unless
`/` is the entire route.
### `append_index_html`
> boolean | null
whether to add `index.html` to the base route
and the end of routes having a trailing slash
or missing an extension.
i.e. `https://example.com/static`, `https://example.com/static/`,
`https://example.com/static/{*path}/` and `https://example.com/static/{*path}`
(with no extension) would return the contents of
`/static/index.html` or `/static/{*path}/index.html`.
primarily useful when serving a generated static site.
Note: cannot be used with `append_index_ext`
### `skip_base_route_index_html`
> boolean | null
whether the `{base_route}` and `{base_route}/` routes should
skip returning the `index.html` at the root of the static dir.
useful when the static dir `base_route` is set to `/` but you'd
like to have a template use the `/` route.
### `append_html_ext`
> boolean | null
whether to append `.html` to routes that do not
include an extension.
i.e. `https://example.com/static/about` would return the contents of
`/static/about.html`.
primarily useful when serving a generated static site.
Note: cannot be used with `append_index_html`
### `preserve_exif`
> boolean | null
will not strip the exif data from images.
Important: only use if you want all metadata (including
location data) on your photos.
### `html_csp`
> (any of) [HttpCsp](#httpcsp) | null
content security policy for HTML assets
### `http`
> (any of) [HttpCache](#httpcache) | null
HTTP cache configuration.
TODO: provide a way to pattern match files for which to apply
TODO: specific cache controls.
### `precompression`
> (any of) [CompressionAlgorithms](#compressionalgorithms) | null
Which encodings to use when precompressing assets.
Serving priority is dictated by specified order.
### `internal_precompression`
> array<[CompressionAlgorithm](#compressionalgorithm)> | null
### `minify_css`
> boolean | null
Determines whether CSS files should be minified,
prior to write.
### `minify_js`
> boolean | null
Determines whether JS files should be minified,
prior to write.
### `minify_html`
> boolean | null
Determines whether HTML files should be minified,
prior to write.
### `internal_cache_control_header_value`
> string | null
## `HttpCache`
### `cache_control`
> (any of) [HttpCacheControl](#httpcachecontrol) | null
### `expires`
> integer | null
Corresponds to the HTTP Expires header.
<https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Expires>
Unit: seconds.
### `etag`
> (any of) [HttpEtag](#httpetag) | null
## `HttpCacheControl`
HTTP Cache-Control.
See: <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Cache-Control>
### `max_age`
> integer | null
### `s_maxage`
> integer | null
### `no_cache`
> boolean | null
### `no_store`
> boolean | null
### `no_transform`
> boolean | null
### `must_revalidate`
> boolean | null
### `proxy_revalidate`
> boolean | null
### `private`
> boolean | null
### `public`
> boolean | null
### `immutable`
> boolean | null
### `stale_while_revalidate`
> boolean | null
### `stale_if_error`
> boolean | null
## `HttpEtag`
HTTP Cache-Control.
See: <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Cache-Control>
### `alg`
> (any of) [HttpEtagAlgorithm](#httpetagalgorithm) | null
## `HttpEtagAlgorithm`
> (one of)
> (enum) AHash | Rustc | Blake3
> object
### `XXH3`
Hashing algorithm options for generating etags.
`AHash` is the default if none is selected.
## `XXH3Variation`
> string
## `CompressionAlgorithms`
> array<[CompressionAlgorithm](#compressionalgorithm)>
## `CompressionAlgorithm`
> (one of)
> (enum) All | Gzip | Brotli | Deflate
> object
### `Zstd`
> object
### `level`
> integer
Compression algorithms
## `FragmentsConfig`
### `dir_path`
> string
Relative path to fragments directory.
## `TemplateConfig`
Template configuration for Ordinary Applications.
### `ffi`
Foreign function interface config
### `idx`
> integer
Unique index for template.
### `name`
> string
Template's name.
### `mime`
> string
Used as the `content-type` header for HTTP responses.
Validated against file extension (if `path` is present).
### `minify`
> boolean | null
Specifies whether the content in the file should
be "minified"/have whitespace removed.
### `path`
> string | null
Relative path to the template file
### `route`
> string
The route used in the HTTP server to serve this template.
Can use segments to bind to properties on models or content
### `protected`
> (any of) [Check](#check) | null
What to check the token fields against. If left blank, route is considered public.
### `cache`
> (any of) [TemplateCache](#templatecache) | null
Used to specify the cache policy for this template.
### `csp`
> (any of) [HttpCsp](#httpcsp) | null
HTTP Content Security Policy configuration.
<https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP>
"Base" defaults to `default-src 'self';` and tacks on SHA-256 integrity
hashes for all inlined scripts and styles (generated at build time) to
`script-src 'self' sha256-b64` and `style-src 'self' sha256-b64`, respectively.
`https:` is used when not running in `--insecure` mode.
### `cors`
> (any of) [HttpCors](#httpcors) | null
### `timeout`
> integer | null
Max duration for the template.
Unit: seconds
### `fields`
> array<[TemplateField](#templatefield)> | null
Used for template-specific variables that don't need to be shared
beyond the scope of the given template, and don't warrant a content
object.
### `globals`
> array<string> | null
List of global variables to be included with the compiled template
binary. Globals are excluded by default and have to be explicitly
listed in the globals to be accessed from the template.
### `flags`
> array<[TemplateFlagRef](#templateflagref)> | null
List of flags to be referenced by the template.
### `params`
> array<[TemplateParamRef](#templateparamref)> | null
List of params to be referenced by the template.
### `models`
> array<[TemplateRef](#templateref)> | null
List of models and what fields the template needs from the models.
This is effectively a query definition.
### `content`
> array<[TemplateRef](#templateref)> | null
List of content definitions and the content definition fields
that this template will use.
### `actions`
> array<string> | null
Specifies which actions this template triggers, and adds
this template's route pattern to the action's list of valid
origins.
### `wasm_opt`
> (any of) [WasmOpt](#wasmopt) | null
### `variables`
> array<string> | null
List of build time environment variables.
format in template: `{{ YOUR_VAR }}`
## `TemplateFfi`
### `version`
### `serialization`
## `TemplateFfiVersion`
> string
## `TemplateFfiSerialization`
> string
Input serialization format. Output is always an array of bytes.
## `TemplateCache`
### `stored`
> (any of) [StoredCache](#storedcache) | null
### `http`
> (any of) [HttpCache](#httpcache) | null
## `StoredCache`
Render caching policy.
IMPORTANT: Very experimental, may not work as described. `policy: Permanent` is currently
the most likely to behave correctly.
### `policy`
### `compression`
> (any of) [CompressionAlgorithms](#compressionalgorithms) | null
Which compression formats should be stored
### `internal_compression`
> array<[CompressionAlgorithm](#compressionalgorithm)> | null
### `max_ttl`
> integer | null
Upper limit on total time a cached item can be stored
Unit: seconds
### `hit_ttl`
> integer | null
Compared with time since last hit.
Unit: seconds
### `max_size`
> integer | null
Upper limit on the cumulative size of all cached responses
for a given template.
Unit: bytes
### `max_count`
> integer | null
Upper limit on the number of cached responses stored at
a given time, for a given template.
### `frequency_window`
> integer | null
How long an LFU "hit" tick is valid for
Unit: seconds
### `clean_interval`
> array | null
Rate at which the cache is cleaned based on other rules.
Option<(min, max)>
### `evict_on_dependency_change`
> boolean | null
Whether a cached item should also track the of models and content
which it depends on, and evict when they are modified.
## `StoredCachePolicy`
> (one of)
No eviction on clean or write. Constrained only by overall storage limit or `max_size`
(if set). Will only be evicted if dependencies change and `evict_on_dependency_change`
is set.
> Permanent (string)
> object
Prioritize the most Frequently accessed, Recently accessed and smallest Sized items
(`frequency_equality_threshold` (hit count), `recency_equality_threshold` (seconds))
### `FRs`
> array
## `TemplateField`
Field used within the scope of a single template.
### `name`
> string
Field name
### `kind`
Specifies the type of the value.
### `value`
JSON value for template field.
## `TemplateFlagRef`
Server flags can only be used in templates whose cache is
set to "Never".
### `idx`
> integer
Specifies the index position for the referenced
data. Index must be unique across flags, data models and
content definitions.
### `name`
> string
Name of the flag.
## `TemplateParamRef`
### `idx`
> integer
Specifies the index position for the referenced
data. Index must be unique across flags, data models, params, and
content definitions.
### `name`
> string
Name of the param.
## `TemplateRef`
How templates reference Content Definitions
and Data Models, and the specific fields it
wants to include.
### `idx`
> integer
Specifies the index position for the referenced
data. Index must be unique across flags, params, data models and
content definitions.
### `name`
> string
Name of the model or content definition.
### `fields`
> array<[TemplateRefField](#templatereffield)>
Which fields to include.
### `all`
> string | null
for requesting multiple top-level items
note: only supported for content. models use relationships.
## `TemplateRefField`
Declaration for which fields from a content definition
or data model to include.
### `idx`
> integer
Specifies index for reference field. Index
must be unique across fields for a given reference.
### `name`
> string
Name of field to be included.
### `bind`
> (any of) [TemplateRefFieldBind](#templatereffieldbind) | null
Option to bind this field's value to a route
segment, querystring parameter or token field.
### `fields`
> array<[TemplateRefField](#templatereffield)> | null
List of any nested subfields to include for this field.
## `TemplateRefFieldBind`
> (one of)
> object
Bind this property to a token field.
### `Token`
> object
### `field`
> string
Name of the field that this property should bind to.
(i.e "account" if you'd like to have an "/account" route
that interprets the request based on the logged-in user's
token claims/fields).
### `expression`
> (any of) [QueryExpression](#queryexpression) | null
Include if the parent field is queryable.
> object
Bind this property to a route segment (i.e /{something})
### `Segment`
> object
### `name`
> string
Specifies the name of the route segment that this property is binding to.
### `expression`
> (any of) [QueryExpression](#queryexpression) | null
Include if the parent field is queryable.
Binding options for template field refs.
## `QueryExpression`
> string
Query expression to be used in template bindings.
<hr/>
_This document was generated automatically for structs defined in the [`ordinary-config`](https://docs.rs/ordinary-config/latest/ordinary_config/) crate._