Struct routinator::config::Config

source · 
pub struct Config {
Show 58 fields
    pub cache_dir: PathBuf,
    pub no_rir_tals: bool,
    pub bundled_tals: Vec<String>,
    pub extra_tals_dir: Option<PathBuf>,
    pub exceptions: Vec<PathBuf>,
    pub strict: bool,
    pub stale: FilterPolicy,
    pub unsafe_vrps: FilterPolicy,
    pub unknown_objects: FilterPolicy,
    pub limit_v4_len: Option<u8>,
    pub limit_v6_len: Option<u8>,
    pub allow_dubious_hosts: bool,
    pub fresh: bool,
    pub disable_rsync: bool,
    pub rsync_command: String,
    pub rsync_args: Option<Vec<String>>,
    pub rsync_timeout: Option<Duration>,
    pub disable_rrdp: bool,
    pub rrdp_fallback: FallbackPolicy,
    pub rrdp_fallback_time: Duration,
    pub rrdp_max_delta_count: usize,
    pub rrdp_timeout: Option<Duration>,
    pub rrdp_connect_timeout: Option<Duration>,
    pub rrdp_tcp_keepalive: Option<Duration>,
    pub rrdp_local_addr: Option<IpAddr>,
    pub rrdp_root_certs: Vec<PathBuf>,
    pub rrdp_proxies: Vec<String>,
    pub rrdp_user_agent: String,
    pub rrdp_keep_responses: Option<PathBuf>,
    pub max_object_size: Option<u64>,
    pub max_ca_depth: usize,
    pub enable_bgpsec: bool,
    pub enable_aspa: bool,
    pub dirty_repository: bool,
    pub validation_threads: usize,
    pub refresh: Duration,
    pub retry: Duration,
    pub expire: Duration,
    pub history_size: usize,
    pub rtr_listen: Vec<SocketAddr>,
    pub rtr_tls_listen: Vec<SocketAddr>,
    pub http_listen: Vec<SocketAddr>,
    pub http_tls_listen: Vec<SocketAddr>,
    pub systemd_listen: bool,
    pub rtr_tcp_keepalive: Option<Duration>,
    pub rtr_client_metrics: bool,
    pub rtr_tls_key: Option<PathBuf>,
    pub rtr_tls_cert: Option<PathBuf>,
    pub http_tls_key: Option<PathBuf>,
    pub http_tls_cert: Option<PathBuf>,
    pub log_level: LevelFilter,
    pub log_target: LogTarget,
    pub pid_file: Option<PathBuf>,
    pub working_dir: Option<PathBuf>,
    pub chroot: Option<PathBuf>,
    pub user: Option<String>,
    pub group: Option<String>,
    pub tal_labels: HashMap<String, String>,

}
Expand description

Routinator configuration.

This type contains both the basic configuration of Routinator, such as where to keep the repository and how to update it, as well as the configuration for server mode.

All values are public and can be accessed directly.

The two functions config_args and server_args can be used to create the clap application. Its matches can then be used to create the basic config via from_arg_matches. If the RTR server configuration is necessary, it can be added via apply_server_arg_matches from the server subcommand matches.

The methods init_logging and switch_logging can be used to configure logging according to the strategy provided by the configuration. On Unix systems only, the method daemonize creates a correctly configured Daemonizer. Finally, to_toml can be used to produce a TOML value that contains a configuration file content representing the current configuration.

Fields§

§cache_dir: PathBuf

Path to the directory that contains the repository cache.

§no_rir_tals: bool

Should we not use the RIR TALs?

§bundled_tals: Vec<String>

Additional bundled TALs to use.

§extra_tals_dir: Option<PathBuf>

Path to a directory that contains additional trust anchor locators.

§exceptions: Vec<PathBuf>

Paths to the local exceptions files.

§strict: bool

Should we do strict validation?

See the relevant RPKI crate documentation for more information.

§stale: FilterPolicy

How should we deal with stale objects?

Stale objects are manifests and CRLs that have a next_update field in the past. The current version of the protocol leaves the decision how to interpret stale objects to local policy. This configuration value configures this policy.

Since the upcoming version of the protocol clarifies that these objects should be rejected, this is the default policy.

§unsafe_vrps: FilterPolicy

How should we deal with unsafe VRPs?

Unsafe VRPs have their prefix intersect with a prefix held by a rejected CA. Allowing such VRPs may lead to legitimate routes being flagged as RPKI invalid. To avoid this, these can VRPs can be filtered.

The default for now is to warn about them.

§unknown_objects: FilterPolicy

How to deal with unknown RPKI object types.

§limit_v4_len: Option<u8>

The maximum length of IPv4 prefixes included in the VRP set.

§limit_v6_len: Option<u8>

The maximum length of IPv6 prefixes included in the VRP set.

§allow_dubious_hosts: bool

Allow dubious host names.

§fresh: bool

Should we wipe the cache before starting?

(This option is only available on command line.)

§disable_rsync: bool

Whether to disable rsync.

§rsync_command: String

The command to run for rsync.

§rsync_args: Option<Vec<String>>

Optional arguments passed to rsync.

If these are present, they overide the arguments automatically determined otherwise. Thus, Some<Vec::new()> will supress all arguments.

§rsync_timeout: Option<Duration>

Timeout for rsync commands.

If this is None, no timeout is set.

§disable_rrdp: bool

Whether to disable RRDP.

§rrdp_fallback: FallbackPolicy

The policy for when to fall back from RRDP to rsync.

§rrdp_fallback_time: Duration

Time since last update of an RRDP repository before fallback to rsync.

§rrdp_max_delta_count: usize

The maxmimm number of deltas we allow before using snapshot.

§rrdp_timeout: Option<Duration>

RRDP timeout in seconds.

If this is None, no timeout is set.

§rrdp_connect_timeout: Option<Duration>

Optional RRDP connect timeout.

§rrdp_tcp_keepalive: Option<Duration>

Optional TCP keepalive duration for RRDP connections.

§rrdp_local_addr: Option<IpAddr>

Optional RRDP local address to bind to when doing requests.

§rrdp_root_certs: Vec<PathBuf>

RRDP additional root certificates for HTTPS.

These do not overide the default system root certififcates.

§rrdp_proxies: Vec<String>

RRDP HTTP proxies.

§rrdp_user_agent: String

RRDP HTTP User Agent.

§rrdp_keep_responses: Option<PathBuf>

Should we keep RRDP responses and if so where?

§max_object_size: Option<u64>

Optional size limit for objects.

§max_ca_depth: usize

Maxium length of the CA chain.

§enable_bgpsec: bool

Whether to process BGPsec router keys.

§enable_aspa: bool

Whether to process ASPA objects.

§dirty_repository: bool

Whether to not cleanup the repository directory after a validation run.

If this is false and update has not been disabled otherwise, all data for rsync modules (if rsync is enabled) and RRDP servers (if RRDP is enabled) that have not been used during validation will be deleted.

§validation_threads: usize

Number of threads used during validation.

§refresh: Duration

The refresh interval for repository validation.

§retry: Duration

The RTR retry inverval to be announced to a client.

§expire: Duration

The RTR expire time to be announced to a client.

§history_size: usize

How many diffs to keep in the history.

§rtr_listen: Vec<SocketAddr>

Addresses to listen on for RTR TCP transport connections.

§rtr_tls_listen: Vec<SocketAddr>

Addresses to listen on for RTR TLS transport connections.

§http_listen: Vec<SocketAddr>

Addresses to listen on for HTTP connections.

§http_tls_listen: Vec<SocketAddr>

Addresses to listen on for HTTP TLS connections.

§systemd_listen: bool

Whether to get the listening sockets from systemd.

§rtr_tcp_keepalive: Option<Duration>

The length of the TCP keep-alive timeout for RTR TCP sockets.

If this is None, TCP keep-alive will not be enabled.

§rtr_client_metrics: bool

Should we publish detailed RTR client statistics?

§rtr_tls_key: Option<PathBuf>

Path to the RTR TLS private key.

§rtr_tls_cert: Option<PathBuf>

Path to the RTR TLS server certificate.

§http_tls_key: Option<PathBuf>

Path to the HTTP TLS private key.

§http_tls_cert: Option<PathBuf>

Path to the HTTP TLS server certificate.

§log_level: LevelFilter

The log levels to be logged.

§log_target: LogTarget

The target to log to.

§pid_file: Option<PathBuf>

The optional PID file for server mode.

§working_dir: Option<PathBuf>

The optional working directory for server mode.

§chroot: Option<PathBuf>

The optional directory to chroot to in server mode.

§user: Option<String>

The name of the user to change to in server mode.

§group: Option<String>

The name of the group to change to in server mode.

§tal_labels: HashMap<String, String>

A mapping of TAL file names to TAL labels.

Implementations§

source§

impl Config

source

pub fn config_args(app: Command) -> Command

Adds the basic arguments to a Clap command.

Returns the command with the arguments added.

source

pub fn server_args(app: Command) -> Command

Adds the relevant config args to the server subcommand.

Some of the options in the config only make sense for the RTR server. Having them in the global part of the clap command line is confusing, so we stick to defaults unless we actually run the server. This function adds the relevant arguments to the subcommand provided via app.

Returns the command with the arguments added.

source

pub fn from_arg_matches( matches: &ArgMatches, cur_dir: &Path ) -> Result<Self, Failed>

Creates a configuration from command line matches.

The function attempts to create configuration from the command line arguments provided via matches. It will try to read a config file if provided via the config file option (-c or --config) or a file in $HOME/.routinator.conf otherwise. If the latter doesn’t exist either, starts with a default configuration.

All relative paths given in command line arguments will be interpreted relative to cur_dir. Conversely, paths in the config file are treated as relative to the config file’s directory.

If you are runming in server mode, you need to also apply the server arguments via apply_server_arg_matches.

source

pub fn apply_server_arg_matches( &mut self, matches: &ArgMatches, cur_dir: &Path ) -> Result<(), Failed>

Applies the RTR server command line arguments to an existing config.

All paths used in arguments are interpreted relative to cur_dir.

source

pub fn default_with_paths(cache_dir: PathBuf) -> Self

Creates a default config with the given paths.

Uses default values for everything except for the cache directory which needs to be provided.

source

pub fn adjust_chroot_paths(&mut self) -> Result<(), Failed>

Alters paths so that they are relative to a possible chroot.

source

pub fn to_toml(&self) -> Table

Returns a TOML representation of the config.

Trait Implementations§

source§

impl Clone for Config

source§

fn clone(&self) -> Config

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for Config

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Default for Config

source§

fn default() -> Self

Returns the “default value” for a type. Read more
source§

impl Display for Config

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl PartialEq for Config

source§

fn eq(&self, other: &Config) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Eq for Config

source§

impl StructuralPartialEq for Config

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Text for T
where T: Display,

source§

fn write_escaped( &self, mode: TextEscape, target: &mut impl Write ) -> Result<(), Error>

Write text escaped for the given mode to target.
source§

fn write_raw(&self, target: &mut impl Write) -> Result<(), Error>

Write text as is to target.
source§

fn write_base64(&self, target: &mut impl Write) -> Result<(), Error>

Write text encoded in BASE64 to target.
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T> ToString for T
where T: Display + ?Sized,

source§

default fn to_string(&self) -> String

Converts the given value to a String. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more