Skip to main content

tf_types/generated/
daemon_config.rs

1// GENERATED by `tf-schema codegen --target rust` — DO NOT EDIT BY HAND.
2
3#![allow(unused_imports, non_camel_case_types, non_snake_case, clippy::all)]
4
5use serde::{Deserialize, Serialize};
6use super::*;
7
8/// Configuration file for a running tf-daemon instance (.tf/daemon.yaml).
9#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
10pub struct DaemonConfig {
11    /// Version of the daemon-config schema itself.
12    pub daemon_version: DaemonConfig_DaemonVersion,
13    /// Actor URI the daemon presents during the session handshake.
14    pub self_actor: ActorId,
15    /// Transport bind settings for the daemon.
16    pub listen: DaemonConfig_Listen,
17    /// On-disk vault location.
18    pub vault: DaemonConfig_Vault,
19    /// Path to the agent-contract YAML this daemon enforces.
20    pub contract_path: String,
21    /// Path to the .tflog file the daemon appends to.
22    pub proof_log_path: String,
23    /// v1 local HTTP endpoint exposure. TCP listeners require bearer auth; Unix-domain sockets are local-decision sockets guarded by filesystem/group/peer trust.
24    #[serde(skip_serializing_if = "Option::is_none", default)]
25    pub http: Option<DaemonConfig_Http>,
26    /// Approval-queue tuning.
27    #[serde(skip_serializing_if = "Option::is_none", default)]
28    pub approval_queue: Option<DaemonConfig_ApprovalQueue>,
29    /// Conformance profile this daemon claims at startup. The runtime FeatureGate refuses to boot when the profile's MUST entries are not all satisfied.
30    #[serde(skip_serializing_if = "Option::is_none", default)]
31    pub profile: Option<String>,
32    /// Default EnforcementLevel for the daemon's AgentGuard. See DECISIONS.md "Progressive enforcement".
33    #[serde(skip_serializing_if = "Option::is_none", default)]
34    pub enforcement_level: Option<EnforcementLevel>,
35    /// Local admin HTTP endpoint. Disabled when omitted.
36    #[serde(skip_serializing_if = "Option::is_none", default)]
37    pub admin: Option<DaemonConfig_Admin>,
38}
39
40/// Local admin HTTP endpoint. Disabled when omitted.
41#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
42pub struct DaemonConfig_Admin {
43    /// When true, the daemon serves /admin/* HTTP routes alongside the WebSocket session listener.
44    pub enabled: bool,
45    /// Environment variable holding the bearer token for admin requests. Default TF_ADMIN_TOKEN.
46    #[serde(skip_serializing_if = "Option::is_none", default)]
47    pub token_env: Option<String>,
48    /// Path of the JSON revocation list the admin endpoint appends to.
49    #[serde(skip_serializing_if = "Option::is_none", default)]
50    pub revocation_path: Option<String>,
51    /// Expected Host header and listener bind for admin routes. Defaults to 127.0.0.1.
52    #[serde(skip_serializing_if = "Option::is_none", default)]
53    pub bind: Option<String>,
54    /// Maximum accepted JSON body size for admin and v1 routes. Defaults to 65536.
55    #[serde(skip_serializing_if = "Option::is_none", default)]
56    pub max_body_bytes: Option<i64>,
57}
58
59/// Approval-queue tuning.
60#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
61pub struct DaemonConfig_ApprovalQueue {
62    /// Maximum pending approval requests before new ones are rejected.
63    #[serde(skip_serializing_if = "Option::is_none", default)]
64    pub max_pending: Option<i64>,
65    /// How long to wait for an approval response before defaulting to deny.
66    #[serde(skip_serializing_if = "Option::is_none", default)]
67    pub default_timeout_seconds: Option<i64>,
68}
69
70/// Version of the daemon-config schema itself.
71#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
72pub enum DaemonConfig_DaemonVersion {
73    #[serde(rename = "1")]
74    V1,
75}
76
77/// v1 local HTTP endpoint exposure. TCP listeners require bearer auth; Unix-domain sockets are local-decision sockets guarded by filesystem/group/peer trust.
78#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
79pub struct DaemonConfig_Http {
80    /// TCP exposure for /v1/* endpoints. This surface is bearer-token protected.
81    #[serde(skip_serializing_if = "Option::is_none", default)]
82    pub tcp: Option<serde_json::Value>,
83    /// Unix-domain socket exposure for local decision callers. /v1/decide uses local-peer trust; privileged routes stay bearer-gated.
84    #[serde(skip_serializing_if = "Option::is_none", default)]
85    pub unix: Option<serde_json::Value>,
86}
87
88/// Transport bind settings for the daemon.
89#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
90pub struct DaemonConfig_Listen {
91    /// Carrier kind. websocket: drive session over Bun.serve. tcp: drive session over raw Bun.listen. tls: drive session over raw Bun.listen with TLS termination.
92    pub kind: String,
93    /// Bind host for the WebSocket listener.
94    #[serde(skip_serializing_if = "Option::is_none", default)]
95    pub bind: Option<String>,
96    /// Port for the WebSocket listener. 0 asks the OS to pick one.
97    #[serde(skip_serializing_if = "Option::is_none", default)]
98    pub port: Option<i64>,
99}
100
101/// On-disk vault location.
102#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
103pub struct DaemonConfig_Vault {
104    /// Path to the passphrase-encrypted vault file.
105    pub path: String,
106}