DeBros/orama
4
0
Fork 0
mirror of https://github.com/DeBrosOfficial/orama.git synced 2026-06-16 23:54:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
orama/core/pkg/config/gateway_config.go
anonpenguin23 e3b2f08a0a fix(gateway): plumb ntfy_base_url into gateway config so push fan-out activates (#858) 
The ntfy fan-out (publish each push to every active push node so a
round-robin-DNS-pinned subscriber receives it) was coded but INERT: the
gateway's cfg.NtfyBaseURL was never populated, so the fan-out resolver was
never built and pushes went single-host (the ~87% loss the bug describes).
The orchestrator already derives https://push.<dnsZone> for the ntfy server +
Caddy reverse-proxy but never put it in node.yaml's http_gateway. Same
regression class as the v0.122.42 secrets_encryption_key fix (consumer
landed; template + parse field + node->gateway mapping were missed).

Plumb it through all four layers: render it under http_gateway (derived as
push.<dnsZone>, matching the ntfy host), parse it in HTTPGatewayConfig, map
it onto gateway.Config. Rolling-upgrade safe: Phase 4 regen runs under the
new binary (post-swap), so an old binary never reads a node.yaml with the new
field. DecodeStrict regression guard added (mirrors secrets_encryption_key).
2026-06-15 23:08:39 +03:00

94 lines
5.3 KiB
Go
Raw Blame History

package config
import "time"
// HTTPGatewayConfig contains HTTP reverse proxy gateway configuration
type HTTPGatewayConfig struct {
Enabled bool `yaml:"enabled"` // Enable HTTP gateway
ListenAddr string `yaml:"listen_addr"` // Address to listen on (e.g., ":8080")
NodeName string `yaml:"node_name"` // Node name for routing
Routes map[string]RouteConfig `yaml:"routes"` // Service routes
HTTPS HTTPSConfig `yaml:"https"` // HTTPS/TLS configuration
SNI SNIConfig `yaml:"sni"` // SNI-based TCP routing configuration
// Full gateway configuration (for API, auth, pubsub)
ClientNamespace string `yaml:"client_namespace"` // Namespace for network client
RQLiteDSN string `yaml:"rqlite_dsn"` // RQLite database DSN
OlricServers []string `yaml:"olric_servers"` // List of Olric server addresses
OlricTimeout time.Duration `yaml:"olric_timeout"` // Timeout for Olric operations
IPFSClusterAPIURL string `yaml:"ipfs_cluster_api_url"` // IPFS Cluster API URL
IPFSAPIURL string `yaml:"ipfs_api_url"` // IPFS API URL
IPFSTimeout time.Duration `yaml:"ipfs_timeout"` // Timeout for IPFS operations
BaseDomain string `yaml:"base_domain"` // Base domain for deployments (e.g., "dbrs.space"). Defaults to "dbrs.space"
// SecretsEncryptionKey is the AES-256 key (hex, 64 chars) used to encrypt
// serverless function secrets at rest. Generated per-cluster and written
// into node.yaml by Phase 4 config generation. This field MUST exist or
// strict YAML unmarshal rejects node.yaml entirely and orama-node fails
// to boot (regression that shipped in v0.122.42: template + secret
// generator + gateway.Config consumer all landed, but this parse field
// and the node→gateway mapping were missed).
SecretsEncryptionKey string `yaml:"secrets_encryption_key"`
// NtfyBaseURL is the shared self-hosted ntfy base URL (e.g.
// "https://push.orama-devnet.network"). When set, the push ntfy provider
// fans each publish out to every active push node so a subscriber pinned
// to any instance by round-robin DNS receives it (bugboard #858). Rendered
// under http_gateway by Phase 4 config generation as "https://push."+dnsZone
// — matching the ntfy server + Caddy reverse-proxy host. Empty → no fan-out
// (single-host delivery, the ~87% loss the fix exists to remove). MUST exist
// here or the node→gateway mapping cannot populate gateway.Config.NtfyBaseURL.
NtfyBaseURL string `yaml:"ntfy_base_url"`
// WebRTC configuration (optional, enabled per-namespace)
WebRTC WebRTCConfig `yaml:"webrtc"`
}
// WebRTCConfig contains WebRTC-related gateway configuration
type WebRTCConfig struct {
Enabled bool `yaml:"enabled"` // Whether this gateway has WebRTC support active
SFUPort int `yaml:"sfu_port"` // Local SFU signaling port to proxy to
TURNDomain string `yaml:"turn_domain"` // TURN domain (e.g., "turn.ns-myapp.dbrs.space")
TURNSecret string `yaml:"turn_secret"` // HMAC-SHA1 shared secret for TURN credential generation
}
// HTTPSConfig contains HTTPS/TLS configuration for the gateway
type HTTPSConfig struct {
Enabled bool `yaml:"enabled"` // Enable HTTPS (port 443)
Domain string `yaml:"domain"` // Primary domain (e.g., node-123.orama.network)
AutoCert bool `yaml:"auto_cert"` // Use Let's Encrypt for automatic certificate
UseSelfSigned bool `yaml:"use_self_signed"` // Use self-signed certificates (pre-generated)
CertFile string `yaml:"cert_file"` // Path to certificate file (if not using auto_cert)
KeyFile string `yaml:"key_file"` // Path to key file (if not using auto_cert)
CacheDir string `yaml:"cache_dir"` // Directory for Let's Encrypt certificate cache
HTTPPort int `yaml:"http_port"` // HTTP port for ACME challenge (default: 80)
HTTPSPort int `yaml:"https_port"` // HTTPS port (default: 443)
Email string `yaml:"email"` // Email for Let's Encrypt account
}
// SNIConfig contains SNI-based TCP routing configuration for port 7001
type SNIConfig struct {
Enabled bool `yaml:"enabled"` // Enable SNI-based TCP routing
ListenAddr string `yaml:"listen_addr"` // Address to listen on (e.g., ":7001")
Routes map[string]string `yaml:"routes"` // SNI hostname -> backend address mapping
CertFile string `yaml:"cert_file"` // Path to certificate file
KeyFile string `yaml:"key_file"` // Path to key file
}
// RouteConfig defines a single reverse proxy route
type RouteConfig struct {
PathPrefix string `yaml:"path_prefix"` // URL path prefix (e.g., "/rqlite/http")
BackendURL string `yaml:"backend_url"` // Backend service URL
Timeout time.Duration `yaml:"timeout"` // Request timeout
WebSocket bool `yaml:"websocket"` // Support WebSocket upgrades
}
// ClientConfig represents configuration for network clients
type ClientConfig struct {
AppName string `yaml:"app_name"`
DatabaseName string `yaml:"database_name"`
BootstrapPeers []string `yaml:"bootstrap_peers"`
ConnectTimeout time.Duration `yaml:"connect_timeout"`
RetryAttempts int `yaml:"retry_attempts"`
}
Reference in New Issue View Git Blame Copy Permalink