1use std::collections::HashMap;
2use std::fmt;
3
4use secrecy::{ExposeSecret, SecretString};
5use serde::{Deserialize, Serialize};
6use zeroize::{Zeroize, ZeroizeOnDrop};
7
8use super::redaction::redact;
9
10#[derive(Debug, Deserialize, Clone)]
13#[non_exhaustive]
14pub struct HealthResponse {
15 pub initialized: bool,
16 pub sealed: bool,
17 pub standby: bool,
18 #[serde(default)]
19 pub performance_standby: bool,
20 pub replication_performance_mode: Option<String>,
21 pub replication_dr_mode: Option<String>,
22 pub server_time_utc: Option<u64>,
23 pub version: String,
24 pub cluster_name: Option<String>,
25 pub cluster_id: Option<String>,
26}
27
28#[derive(Debug, Deserialize, Clone)]
29#[non_exhaustive]
30pub struct LeaderResponse {
31 pub ha_enabled: bool,
32 pub is_self: bool,
33 #[serde(default)]
34 pub leader_address: String,
35 #[serde(default)]
36 pub leader_cluster_address: String,
37 #[serde(default)]
38 pub performance_standby: bool,
39}
40
41#[derive(Debug, Deserialize, Clone)]
44#[non_exhaustive]
45pub struct SealStatus {
46 #[serde(rename = "type")]
47 pub seal_type: String,
48 pub initialized: bool,
49 pub sealed: bool,
50 pub t: u32,
51 pub n: u32,
52 pub progress: u32,
53 pub nonce: String,
54 pub version: String,
55 pub build_date: Option<String>,
56 pub migration: Option<bool>,
57 pub cluster_name: Option<String>,
58 pub cluster_id: Option<String>,
59 pub recovery_seal: Option<bool>,
60 pub storage_type: Option<String>,
61}
62
63#[derive(Debug, Serialize, Clone)]
64pub struct InitParams {
65 pub secret_shares: u32,
66 pub secret_threshold: u32,
67 #[serde(skip_serializing_if = "Option::is_none")]
68 pub pgp_keys: Option<Vec<String>>,
69 #[serde(skip_serializing_if = "Option::is_none")]
70 pub root_token_pgp_key: Option<String>,
71 #[serde(skip_serializing_if = "Option::is_none")]
72 pub recovery_shares: Option<u32>,
73 #[serde(skip_serializing_if = "Option::is_none")]
74 pub recovery_threshold: Option<u32>,
75}
76
77#[derive(Deserialize, Zeroize, ZeroizeOnDrop)]
78#[non_exhaustive]
79pub struct InitResponse {
80 #[serde(default)]
81 pub keys: Vec<SecretString>,
82 #[serde(default)]
83 pub keys_base64: Vec<SecretString>,
84 pub root_token: SecretString,
85}
86
87impl Clone for InitResponse {
88 fn clone(&self) -> Self {
89 Self {
90 keys: self.keys.clone(),
91 keys_base64: self.keys_base64.clone(),
92 root_token: self.root_token.clone(),
93 }
94 }
95}
96
97impl fmt::Debug for InitResponse {
98 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
99 let keys: Vec<String> = self
100 .keys
101 .iter()
102 .map(|s| redact(s.expose_secret()))
103 .collect();
104 let keys_b64: Vec<String> = self
105 .keys_base64
106 .iter()
107 .map(|s| redact(s.expose_secret()))
108 .collect();
109 f.debug_struct("InitResponse")
110 .field("keys", &keys)
111 .field("keys_base64", &keys_b64)
112 .field("root_token", &redact(self.root_token.expose_secret()))
113 .finish()
114 }
115}
116
117#[derive(Debug, Deserialize, Clone)]
120#[non_exhaustive]
121pub struct MountInfo {
122 #[serde(rename = "type")]
123 pub mount_type: String,
124 #[serde(default)]
125 pub description: String,
126 pub accessor: String,
127 pub config: MountConfig,
128 #[serde(default)]
129 pub local: bool,
130 #[serde(default)]
131 pub seal_wrap: bool,
132 #[serde(default)]
133 pub external_entropy_access: bool,
134 pub options: Option<HashMap<String, String>>,
135 pub uuid: Option<String>,
136}
137
138#[derive(Debug, Deserialize, Clone)]
139#[non_exhaustive]
140pub struct MountConfig {
141 pub default_lease_ttl: u64,
142 pub max_lease_ttl: u64,
143 #[serde(default)]
144 pub force_no_cache: bool,
145}
146
147#[derive(Debug, Serialize, Clone)]
148pub struct MountParams {
149 #[serde(rename = "type")]
150 pub mount_type: String,
151 #[serde(skip_serializing_if = "Option::is_none")]
152 pub description: Option<String>,
153 #[serde(skip_serializing_if = "Option::is_none")]
154 pub config: Option<MountTuneParams>,
155 #[serde(skip_serializing_if = "Option::is_none")]
156 pub options: Option<HashMap<String, String>>,
157}
158
159#[derive(Debug, Serialize, Default, Clone)]
160pub struct MountTuneParams {
161 #[serde(skip_serializing_if = "Option::is_none")]
162 pub default_lease_ttl: Option<String>,
163 #[serde(skip_serializing_if = "Option::is_none")]
164 pub max_lease_ttl: Option<String>,
165 #[serde(skip_serializing_if = "Option::is_none")]
166 pub description: Option<String>,
167}
168
169#[derive(Debug, Deserialize, Clone)]
170#[non_exhaustive]
171pub struct AuthMountInfo {
172 #[serde(rename = "type")]
173 pub mount_type: String,
174 #[serde(default)]
175 pub description: String,
176 pub accessor: String,
177 pub config: MountConfig,
178 #[serde(default)]
179 pub local: bool,
180 #[serde(default)]
181 pub seal_wrap: bool,
182 pub uuid: Option<String>,
183}
184
185#[derive(Debug, Serialize, Clone)]
186pub struct AuthMountParams {
187 #[serde(rename = "type")]
188 pub mount_type: String,
189 #[serde(skip_serializing_if = "Option::is_none")]
190 pub description: Option<String>,
191 #[serde(skip_serializing_if = "Option::is_none")]
192 pub config: Option<MountTuneParams>,
193}
194
195#[derive(Debug, Deserialize, Clone)]
198#[non_exhaustive]
199pub struct PolicyInfo {
200 pub name: String,
201 pub policy: String,
202}
203
204#[derive(Debug, Deserialize, Clone)]
207#[non_exhaustive]
208pub struct LeaseInfo {
209 pub id: String,
210 pub issue_time: String,
211 pub expire_time: Option<String>,
212 pub last_renewal: Option<String>,
213 pub renewable: bool,
214 pub ttl: u64,
215}
216
217#[derive(Debug, Deserialize, Clone)]
222#[non_exhaustive]
223pub struct LeaseRenewal {
224 pub lease_id: String,
225 pub lease_duration: u64,
226 pub renewable: bool,
227}
228
229#[derive(Debug, Deserialize, Clone)]
232#[non_exhaustive]
233pub struct AuditDevice {
234 #[serde(rename = "type")]
235 pub audit_type: String,
236 #[serde(default)]
237 pub description: String,
238 #[serde(default)]
239 pub options: HashMap<String, String>,
240 pub path: String,
241 #[serde(default)]
242 pub local: bool,
243}
244
245#[derive(Debug, Serialize, Clone)]
246pub struct AuditParams {
247 #[serde(rename = "type")]
248 pub audit_type: String,
249 #[serde(skip_serializing_if = "Option::is_none")]
250 pub description: Option<String>,
251 pub options: HashMap<String, String>,
252 #[serde(skip_serializing_if = "Option::is_none")]
253 pub local: Option<bool>,
254}
255
256#[derive(Debug, Deserialize, Clone)]
259#[non_exhaustive]
260pub struct KeyStatus {
261 pub term: u64,
262 pub install_time: String,
263 pub encryptions: Option<u64>,
264}
265
266#[derive(Debug, Deserialize, Clone)]
269#[non_exhaustive]
270pub struct PluginInfo {
271 pub name: String,
272 pub command: String,
273 #[serde(default)]
274 pub args: Vec<String>,
275 pub sha256: String,
276 pub version: Option<String>,
277 pub builtin: bool,
278}
279
280#[derive(Debug, Serialize, Clone)]
281pub struct RegisterPluginRequest {
282 pub name: String,
283 #[serde(rename = "type")]
284 pub plugin_type: String,
285 pub command: String,
286 pub sha256: String,
287 #[serde(skip_serializing_if = "Option::is_none")]
288 pub args: Option<Vec<String>>,
289 #[serde(skip_serializing_if = "Option::is_none")]
290 pub env: Option<Vec<String>>,
291 #[serde(skip_serializing_if = "Option::is_none")]
292 pub version: Option<String>,
293}
294
295#[derive(Debug, Deserialize, Clone)]
298#[non_exhaustive]
299pub struct RaftConfig {
300 #[serde(default)]
301 pub servers: Vec<RaftServer>,
302 pub index: u64,
303}
304
305#[derive(Debug, Deserialize, Clone)]
306#[non_exhaustive]
307pub struct RaftServer {
308 pub node_id: String,
309 pub address: String,
310 pub leader: bool,
311 pub voter: bool,
312}
313
314#[derive(Debug, Deserialize, Clone)]
315#[non_exhaustive]
316pub struct AutopilotState {
317 pub healthy: bool,
318 pub failure_tolerance: u64,
319 pub leader: String,
320 #[serde(default)]
321 pub voters: Vec<String>,
322 #[serde(default)]
323 pub servers: HashMap<String, AutopilotServerState>,
324}
325
326#[derive(Debug, Deserialize, Clone)]
327#[non_exhaustive]
328pub struct AutopilotServerState {
329 pub id: String,
330 pub name: String,
331 pub address: String,
332 pub node_status: String,
333 pub status: String,
334 pub healthy: bool,
335 pub last_contact: String,
336 pub last_index: u64,
337 pub last_term: u64,
338 pub voter: bool,
339 pub leader: bool,
340}
341
342#[derive(Debug, Deserialize, Clone)]
345#[non_exhaustive]
346pub struct NamespaceInfo {
347 pub id: String,
348 pub path: String,
349}
350
351#[derive(Debug, Serialize, Default, Clone)]
354pub struct RateLimitQuotaRequest {
355 pub name: String,
356 pub rate: f64,
357 #[serde(skip_serializing_if = "Option::is_none")]
358 pub burst: Option<u64>,
359 #[serde(skip_serializing_if = "Option::is_none")]
360 pub path: Option<String>,
361 #[serde(skip_serializing_if = "Option::is_none")]
362 pub interval: Option<String>,
363 #[serde(skip_serializing_if = "Option::is_none")]
364 pub block_interval: Option<String>,
365 #[serde(skip_serializing_if = "Option::is_none")]
366 pub role: Option<String>,
367 #[serde(skip_serializing_if = "Option::is_none")]
368 pub inheritable: Option<bool>,
369}
370
371#[derive(Debug, Deserialize, Clone)]
372#[non_exhaustive]
373pub struct RateLimitQuota {
374 pub name: String,
375 pub rate: f64,
376 pub burst: u64,
377 pub path: String,
378 pub interval: Option<String>,
379 pub block_interval: Option<String>,
380 pub role: Option<String>,
381 #[serde(rename = "type")]
382 pub quota_type: Option<String>,
383}
384
385#[derive(Debug, Serialize, Clone)]
388pub struct RekeyInitRequest {
389 pub secret_shares: u32,
390 pub secret_threshold: u32,
391 #[serde(skip_serializing_if = "Option::is_none")]
392 pub pgp_keys: Option<Vec<String>>,
393 #[serde(skip_serializing_if = "Option::is_none")]
394 pub backup: Option<bool>,
395}
396
397#[derive(Deserialize, Zeroize, ZeroizeOnDrop)]
398#[non_exhaustive]
399pub struct RekeyStatus {
400 pub started: bool,
401 pub nonce: String,
402 pub t: u32,
403 pub n: u32,
404 pub progress: u32,
405 pub required: u32,
406 pub pgp_finger_prints: Option<Vec<String>>,
407 pub backup: bool,
408 pub verification_required: bool,
409 pub complete: bool,
410 pub keys: Option<Vec<SecretString>>,
411 pub keys_base64: Option<Vec<SecretString>>,
412}
413
414impl Clone for RekeyStatus {
415 fn clone(&self) -> Self {
416 Self {
417 started: self.started,
418 nonce: self.nonce.clone(),
419 t: self.t,
420 n: self.n,
421 progress: self.progress,
422 required: self.required,
423 pgp_finger_prints: self.pgp_finger_prints.clone(),
424 backup: self.backup,
425 verification_required: self.verification_required,
426 complete: self.complete,
427 keys: self.keys.clone(),
428 keys_base64: self.keys_base64.clone(),
429 }
430 }
431}
432
433impl fmt::Debug for RekeyStatus {
434 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
435 f.debug_struct("RekeyStatus")
436 .field("started", &self.started)
437 .field("nonce", &self.nonce)
438 .field("t", &self.t)
439 .field("n", &self.n)
440 .field("progress", &self.progress)
441 .field("required", &self.required)
442 .field("pgp_finger_prints", &self.pgp_finger_prints)
443 .field("backup", &self.backup)
444 .field("verification_required", &self.verification_required)
445 .field("complete", &self.complete)
446 .field(
447 "keys",
448 &self.keys.as_ref().map(|v| {
449 v.iter()
450 .map(|s| redact(s.expose_secret()))
451 .collect::<Vec<_>>()
452 }),
453 )
454 .field(
455 "keys_base64",
456 &self.keys_base64.as_ref().map(|v| {
457 v.iter()
458 .map(|s| redact(s.expose_secret()))
459 .collect::<Vec<_>>()
460 }),
461 )
462 .finish()
463 }
464}
465
466#[derive(Debug, Serialize, Default, Clone)]
469pub struct GenerateRootInitRequest {
470 #[serde(skip_serializing_if = "Option::is_none")]
471 pub pgp_key: Option<String>,
472}
473
474#[derive(Deserialize, Zeroize, ZeroizeOnDrop)]
475#[non_exhaustive]
476pub struct GenerateRootStatus {
477 pub started: bool,
478 #[zeroize(skip)]
479 pub nonce: String,
480 pub progress: u32,
481 pub required: u32,
482 pub complete: bool,
483 pub encoded_token: Option<SecretString>,
484 pub encoded_root_token: Option<SecretString>,
485 pub otp_length: Option<u64>,
486 pub otp: Option<SecretString>,
487}
488
489impl Clone for GenerateRootStatus {
490 fn clone(&self) -> Self {
491 Self {
492 started: self.started,
493 nonce: self.nonce.clone(),
494 progress: self.progress,
495 required: self.required,
496 complete: self.complete,
497 encoded_token: self.encoded_token.clone(),
498 encoded_root_token: self.encoded_root_token.clone(),
499 otp_length: self.otp_length,
500 otp: self.otp.clone(),
501 }
502 }
503}
504
505impl fmt::Debug for GenerateRootStatus {
506 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
507 f.debug_struct("GenerateRootStatus")
508 .field("started", &self.started)
509 .field("nonce", &self.nonce)
510 .field("progress", &self.progress)
511 .field("required", &self.required)
512 .field("complete", &self.complete)
513 .field(
514 "encoded_token",
515 &self
516 .encoded_token
517 .as_ref()
518 .map(|s| redact(s.expose_secret())),
519 )
520 .field(
521 "encoded_root_token",
522 &self
523 .encoded_root_token
524 .as_ref()
525 .map(|s| redact(s.expose_secret())),
526 )
527 .field("otp_length", &self.otp_length)
528 .field("otp", &self.otp.as_ref().map(|s| redact(s.expose_secret())))
529 .finish()
530 }
531}
532
533#[derive(Debug, Deserialize, Clone)]
536#[non_exhaustive]
537pub struct RemountStatus {
538 pub migration_id: String,
539}
540
541#[derive(Debug, Deserialize, Clone)]
544#[non_exhaustive]
545pub struct HostInfo {
546 pub cpu: Option<Vec<serde_json::Value>>,
547 pub disk: Option<Vec<serde_json::Value>>,
548 pub host: Option<serde_json::Value>,
549 pub memory: Option<serde_json::Value>,
550 pub timestamp: String,
551}
552
553#[derive(Debug, Deserialize, Clone)]
556#[non_exhaustive]
557pub struct InFlightRequest {
558 pub request_id: String,
559 pub request_path: String,
560 pub client_address: String,
561 pub start_time: String,
562}
563
564#[derive(Debug, Deserialize, Clone)]
567#[non_exhaustive]
568pub struct VersionHistoryEntry {
569 #[serde(default)]
570 pub version: String,
571 pub timestamp_installed: String,
572 pub build_date: Option<String>,
573 pub previous_version: Option<String>,
574}