chore(everything): too much honestly
This commit is contained in:
parent
8147aa8e88
commit
58a66099c3
14 changed files with 357 additions and 355 deletions
1
.dockerignore
Normal file
1
.dockerignore
Normal file
|
@ -0,0 +1 @@
|
|||
target
|
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
|
@ -0,0 +1,3 @@
|
|||
/debug
|
||||
/target
|
||||
Cargo.lock
|
23
.gitlab-ci.yml
Normal file
23
.gitlab-ci.yml
Normal file
|
@ -0,0 +1,23 @@
|
|||
include:
|
||||
- project: 'famedly/infra/templates/ci-cd'
|
||||
ref: 'rust-v1'
|
||||
file: '/rust.yml'
|
||||
- project: 'famedly/infra/templates/ci-cd'
|
||||
ref: 'docker-v1'
|
||||
file: '/docker.yml'
|
||||
|
||||
stages:
|
||||
- test
|
||||
- build
|
||||
|
||||
cargo-check:
|
||||
extends: .cargo_check
|
||||
|
||||
cargo-build:
|
||||
extends: .cargo_build
|
||||
|
||||
docker_releases:
|
||||
extends: .docker_releases
|
||||
|
||||
docker_tags:
|
||||
extends: .docker_tags
|
|
@ -8,9 +8,9 @@ edition = "2021"
|
|||
[dependencies]
|
||||
config = { version = "0.13.1", features = ["yaml"] }
|
||||
serde = { version = "1.0", features = ["derive"] }
|
||||
prometheus-client = "0.19.0"
|
||||
metrics = "0.21.0"
|
||||
metrics-exporter-prometheus = { version = "0.12.1", features = ["http-listener"] }
|
||||
futures-util = "0.3.25"
|
||||
axum = "0.6.12"
|
||||
tokio = { version = "1.21.2", features = ["rt-multi-thread","macros"] }
|
||||
rsvici = "0.1"
|
||||
anyhow = "1.0.70"
|
||||
|
|
11
Dockerfile
Normal file
11
Dockerfile
Normal file
|
@ -0,0 +1,11 @@
|
|||
FROM registry.gitlab.com/famedly/infra/containers/rust:main as builder
|
||||
COPY . /app
|
||||
WORKDIR /app
|
||||
|
||||
RUN cargo build --release
|
||||
|
||||
FROM debian:stable-slim
|
||||
RUN mkdir -p /opt/openmetrics-vici-exporter
|
||||
WORKDIR /opt/openmetrics-vici-exporter
|
||||
COPY --from=builder /app/target/release/openmetrics-vici-exporter /usr/local/bin/openmetrics-vici-exporter
|
||||
CMD ["/usr/local/bin/openmetrics-vici-exporter"]
|
10
config.yml
10
config.yml
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
vici_socket: "/var/run/charon.vici"
|
||||
actix_bind_addr: "0.0.0.0"
|
||||
actix_bind_port: "80"
|
||||
actix_auth_token: ""
|
||||
vici:
|
||||
socket: "/var/run/charon.vici"
|
||||
interval: 10
|
||||
server:
|
||||
address: "0.0.0.0"
|
||||
port: 8001
|
||||
|
|
15
docker-compose.yml
Normal file
15
docker-compose.yml
Normal file
|
@ -0,0 +1,15 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
ove:
|
||||
restart: "unless-stopped"
|
||||
environment:
|
||||
- VICI_EXPORTER_VICI_SOCKET="/var/run/charon.vici"
|
||||
- VICI_EXPORTER_VICI_INTERVAL=10
|
||||
- VICI_EXPORTER_SERVER_ADDRESS=0.0.0.0
|
||||
- VICI_EXPORTER_SERVER_PORT=8001
|
||||
volumes:
|
||||
#- ./config.yml:/opt/openmetrics-vici-exporter/config.yml
|
||||
- /var/run/charon.vici:/var/run/charon.vici
|
||||
ports:
|
||||
- 8111:80/tcp
|
1
rustfmt.toml
Normal file
1
rustfmt.toml
Normal file
|
@ -0,0 +1 @@
|
|||
max_width = 120
|
5
shell.nix
Normal file
5
shell.nix
Normal file
|
@ -0,0 +1,5 @@
|
|||
{ pkgs ? import <nixpkgs> {} }:
|
||||
pkgs.mkShell {
|
||||
packages = with pkgs; [ rustc cargo gcc rustfmt clippy ];
|
||||
name = "rust-env";
|
||||
}
|
41
src/config.rs
Normal file
41
src/config.rs
Normal file
|
@ -0,0 +1,41 @@
|
|||
use anyhow::Result;
|
||||
use config::Config;
|
||||
use serde::Deserialize;
|
||||
use std::net::{IpAddr, SocketAddr};
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct WebServerConfig {
|
||||
pub address: IpAddr,
|
||||
pub port: u16,
|
||||
}
|
||||
impl Into<SocketAddr> for &WebServerConfig {
|
||||
fn into(self) -> SocketAddr {
|
||||
SocketAddr::from((self.address, self.port))
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct VICIConfig {
|
||||
pub socket: String,
|
||||
pub interval: u64,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct Configuration {
|
||||
pub server: WebServerConfig,
|
||||
pub vici: VICIConfig,
|
||||
}
|
||||
|
||||
impl Configuration {
|
||||
pub async fn load() -> Result<Configuration> {
|
||||
let mut s = Config::builder();
|
||||
if std::fs::metadata("config").is_ok(){
|
||||
s = s.add_source(config::File::with_name("config"));
|
||||
} else { println!("config file not found. continuing with env vars... ") };
|
||||
|
||||
s = s.add_source(config::Environment::with_prefix("VICI_EXPORTER").separator("_"));
|
||||
// s.build().unwrap();
|
||||
let conf: Configuration = s.build().unwrap().try_deserialize().unwrap();
|
||||
Ok(conf)
|
||||
}
|
||||
}
|
134
src/main.rs
134
src/main.rs
|
@ -1,104 +1,56 @@
|
|||
#![allow(dead_code)]
|
||||
|
||||
use axum::{
|
||||
response::IntoResponse,
|
||||
http::{
|
||||
StatusCode,
|
||||
header::{self}
|
||||
},
|
||||
extract::State,
|
||||
routing::get,
|
||||
Router,
|
||||
};
|
||||
|
||||
use prometheus_client::{
|
||||
registry::Registry,
|
||||
metrics::{
|
||||
family::Family,
|
||||
}
|
||||
};
|
||||
|
||||
use std::{
|
||||
// collections::HashMap,
|
||||
// error::Error,
|
||||
sync::Arc,
|
||||
net::{IpAddr,SocketAddr},
|
||||
// path::Path,
|
||||
};
|
||||
|
||||
use serde::Deserialize;
|
||||
|
||||
use config::Config;
|
||||
use metrics::{
|
||||
describe_gauge,
|
||||
gauge,
|
||||
describe_counter,
|
||||
counter,
|
||||
IntoLabels,
|
||||
Unit};
|
||||
use metrics_exporter_prometheus::PrometheusBuilder;
|
||||
use tokio::time::{interval, Duration, MissedTickBehavior};
|
||||
|
||||
pub mod config;
|
||||
pub mod vici;
|
||||
pub mod metrics;
|
||||
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
struct Configuration {
|
||||
vici_socket: String,
|
||||
axum_bind_addr: IpAddr,
|
||||
axum_bind_port: u16,
|
||||
}
|
||||
|
||||
pub async fn metrics_handler(State(state): State<Arc<AppState>>) -> impl IntoResponse {
|
||||
let state: Arc<AppState> = state.clone();
|
||||
let mut buffer = String::new();
|
||||
prometheus_client::encoding::text::encode(&mut buffer, &state.registry).unwrap();
|
||||
(
|
||||
StatusCode::OK,
|
||||
[(header::CONTENT_TYPE, "application/openmetrics-text; version=1.0.0; charset=utf-8")],
|
||||
buffer,
|
||||
)
|
||||
}
|
||||
|
||||
pub struct AppState {
|
||||
pub registry: Registry,
|
||||
pub vici: vici::VICIState,
|
||||
}
|
||||
|
||||
|
||||
#[tokio::main]
|
||||
async fn main() -> anyhow::Result<()> {
|
||||
let settings = Config::builder()
|
||||
.add_source(config::File::with_name("config"))
|
||||
.add_source(config::Environment::with_prefix("VICI_EXPORTER"))
|
||||
.build()
|
||||
.unwrap();
|
||||
let mut conf: Configuration = settings.try_deserialize().unwrap();
|
||||
let mut vici_client = rsvici::unix::connect(conf.vici_socket).await?;
|
||||
let mut vici_state: vici::VICIState;
|
||||
let conf = config::Configuration::load().await?;
|
||||
let mut vici_client = rsvici::unix::connect(conf.vici.socket).await?;
|
||||
|
||||
let metrics = Arc::new(metrics::Metrics {
|
||||
sa_uptime: Family::default(),
|
||||
});
|
||||
let mut interval = interval(Duration::from_secs(conf.vici.interval));
|
||||
interval.set_missed_tick_behavior(MissedTickBehavior::Skip);
|
||||
|
||||
let mut initial_registery = Registry::default();
|
||||
PrometheusBuilder::new()
|
||||
.with_http_listener(&conf.server)
|
||||
.install()
|
||||
.expect("failed to install recorder/exporter");
|
||||
|
||||
initial_registery.register(
|
||||
"sa_uptime",
|
||||
"How Long a connection has been established",
|
||||
metrics.sa_uptime.clone(),
|
||||
);
|
||||
describe_gauge!("sa_uptime", Unit::Seconds, "");
|
||||
describe_gauge!("sa_rekey_time", Unit::Seconds, "");
|
||||
|
||||
let mut state = Arc::new(
|
||||
AppState {
|
||||
registry: initial_registery,
|
||||
vici: vici::VICIState::update(&mut vici_client).await?,
|
||||
},
|
||||
);
|
||||
describe_counter!("sa_child_bytes_out", Unit::Bytes, "");
|
||||
describe_counter!("sa_child_bytes_in", Unit::Bytes, "");
|
||||
|
||||
loop {
|
||||
let vici_state = vici::VICIState::update(&mut vici_client).await?;
|
||||
|
||||
for (sa_name, sa_values) in vici_state.security_associations {
|
||||
let mut labels = sa_values.into_labels();
|
||||
labels.push((&("sa_name", sa_name.clone())).into());
|
||||
|
||||
let addr = SocketAddr::from((conf.axum_bind_addr,conf.axum_bind_port));
|
||||
let app = Router::new()
|
||||
.route("/metrics",get(metrics_handler))
|
||||
.with_state(state);
|
||||
|
||||
axum::Server::bind(&addr)
|
||||
.serve(app.into_make_service())
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
Ok(())
|
||||
gauge!("sa_uptime", sa_values.established as f64, labels.clone());
|
||||
gauge!("sa_rekey_time", sa_values.rekey_time as f64, labels.clone());
|
||||
//gauge!("sa_state")
|
||||
for (sa_child_name, sa_child_values) in sa_values.child_security_associations {
|
||||
let mut child_labels = sa_child_values.into_labels();
|
||||
child_labels.push((&("sa_name", sa_name.clone())).into());
|
||||
child_labels.push((&("sa_child_name", sa_child_name)).into());
|
||||
counter!("sa_child_bytes_in", sa_child_values.bytes_in, child_labels.clone());
|
||||
counter!("sa_child_bytes_out", sa_child_values.bytes_out, child_labels.clone());
|
||||
counter!("sa_child_packets_in", sa_child_values.packets_in, child_labels.clone());
|
||||
counter!("sa_child_packets_out", sa_child_values.packets_out, child_labels.clone());
|
||||
|
||||
}
|
||||
}
|
||||
interval.tick().await;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,25 +0,0 @@
|
|||
use prometheus_client::{
|
||||
metrics::{
|
||||
family::Family,
|
||||
gauge::Gauge,
|
||||
}
|
||||
};
|
||||
use anyhow::Result;
|
||||
|
||||
use crate::vici;
|
||||
pub mod labels;
|
||||
|
||||
pub struct Metrics {
|
||||
pub sa_uptime: Family<labels::SecurityAssociationLabels, Gauge>,
|
||||
}
|
||||
|
||||
impl Metrics {
|
||||
pub async fn sa_uptime(&self, security_associations: vici::SecurityAssociations) -> Result<()>{
|
||||
for named_sa in security_associations.into_iter() {
|
||||
let label_set = labels::SecurityAssociationLabels::set_from_sa(&mut named_sa).await?;
|
||||
let (_sa_name, sa_value) = named_sa;
|
||||
self.sa_uptime.get_or_create(&label_set).set(sa_value.established as i64);
|
||||
}
|
||||
Ok(());
|
||||
}
|
||||
}
|
|
@ -1,65 +0,0 @@
|
|||
use serde::Deserialize;
|
||||
use prometheus_client::encoding::{EncodeLabelValue,EncodeLabelSet};
|
||||
|
||||
use crate::vici;
|
||||
use anyhow::Result;
|
||||
|
||||
|
||||
// I don't really wanna define *all* of this here, it's gonna get really tedious and uncomfortable to maintain.
|
||||
|
||||
/*
|
||||
#[derive(Debug, Deserialize, Clone, Hash, PartialEq, Eq)]
|
||||
pub struct SecurityAssociationLabels {
|
||||
pub uniqueid: String,
|
||||
pub local_id: String,
|
||||
pub local_host: String,
|
||||
pub local_port: u16,
|
||||
pub remote_id: String,
|
||||
pub remote_host: String,
|
||||
pub remote_port: u16,
|
||||
}
|
||||
*/
|
||||
#[derive(Debug, Deserialize, Clone, Hash, PartialEq, Eq)]
|
||||
pub struct SecurityAssociationInfo {
|
||||
pub uniqueid: String,
|
||||
pub version: u8,
|
||||
pub local_host: String,
|
||||
pub local_port: u16,
|
||||
pub local_id: String,
|
||||
pub remote_host: String,
|
||||
pub remote_port: u16,
|
||||
pub remote_id: String,
|
||||
pub if_id_in: String,
|
||||
pub if_id_out: String,
|
||||
pub encr_alg: String,
|
||||
pub encr_keysize: String,
|
||||
pub integ_alg: String,
|
||||
pub integ_keysize: String,
|
||||
pub prf_alg: String,
|
||||
pub dh_group: Option<String>,
|
||||
pub local_vips: Vec<String>,
|
||||
pub remote_vips: Vec<String>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Hash, PartialEq, Eq, EncodeLabelSet)]
|
||||
pub struct SecurityAssociationLabels {
|
||||
pub name: String,
|
||||
pub uniqueid: String,
|
||||
pub ike_version: u8,
|
||||
pub local_id: String,
|
||||
pub remote_id: String,
|
||||
}
|
||||
|
||||
|
||||
impl SecurityAssociationLabels {
|
||||
pub async fn set_from_sa(sa: &mut vici::NamedSecurityAssociation) -> Result<SecurityAssociationLabels> {
|
||||
let (sa_name, sa_value) = sa;
|
||||
Ok(SecurityAssociationLabels {
|
||||
name: sa_name,
|
||||
uniqueid: sa_value.uniqueid,
|
||||
ike_version: sa_value.version,
|
||||
local_id: sa_value.local_id.unwrap(),
|
||||
remote_id: sa_value.remote_id.unwrap(),
|
||||
})
|
||||
}
|
||||
}
|
374
src/vici.rs
374
src/vici.rs
|
@ -6,47 +6,57 @@ use std::collections::HashMap;
|
|||
use futures_util::stream::StreamExt;
|
||||
|
||||
use anyhow::Result;
|
||||
use metrics::{IntoLabels,Label};
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct VICIState {
|
||||
pub version: Version,
|
||||
pub statistics: Statistics,
|
||||
pub policies: Policies,
|
||||
pub connections: Connections,
|
||||
pub security_associations: SecurityAssociations,
|
||||
pub certificates: Certificates,
|
||||
pub authorities: Authorities,
|
||||
pub pools: Pools,
|
||||
pub version: Version,
|
||||
pub statistics: Statistics,
|
||||
pub policies: Policies,
|
||||
pub connections: Connections,
|
||||
pub security_associations: SecurityAssociations,
|
||||
pub certificates: Certificates,
|
||||
pub authorities: Authorities,
|
||||
pub pools: Pools,
|
||||
}
|
||||
|
||||
impl VICIState {
|
||||
pub async fn update(client: &mut rsvici::Client) -> Result<VICIState> {
|
||||
Ok(VICIState {
|
||||
version: client.request("version", ()).await?,
|
||||
statistics: client.request("statistics", ()).await?,
|
||||
policies: collected_stream::<NamedPolicy, Policies>(client, "list-policies", "list-policy").await,
|
||||
connections: collected_stream::<NamedConnection, Connections>(client, "list-connections", "list-conn").await,
|
||||
security_associations: collected_stream::<NamedSecurityAssociation, SecurityAssociations>(client, "list-sas", "list-sa").await,
|
||||
certificates: collected_stream::<NamedCertificate, Certificates>(client, "list-certs", "list-cert").await,
|
||||
authorities: collected_stream::<NamedAuthority, Authorities>(client, "list-authorities", "list-authority").await,
|
||||
pools: collected_stream::<NamedPool, Pools>(client, "list-pools", "list-pool").await,
|
||||
version: client.request("version", ()).await?,
|
||||
statistics: client.request("statistics", ()).await?,
|
||||
policies: collected_stream::<NamedPolicy, Policies>(client, "list-policies", "list-policy").await?,
|
||||
connections: collected_stream::<NamedConnection, Connections>(client, "list-connections", "list-conn")
|
||||
.await?,
|
||||
security_associations: collected_stream::<NamedSecurityAssociation, SecurityAssociations>(
|
||||
client, "list-sas", "list-sa",
|
||||
)
|
||||
.await?,
|
||||
certificates: collected_stream::<NamedCertificate, Certificates>(client, "list-certs", "list-cert").await?,
|
||||
authorities: collected_stream::<NamedAuthority, Authorities>(client, "list-authorities", "list-authority")
|
||||
.await?,
|
||||
pools: collected_stream::<NamedPool, Pools>(client, "list-pools", "list-pool").await?,
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
async fn collected_stream<N,C>(client: &mut rsvici::Client, command: &str, event: &str) -> C
|
||||
async fn collected_stream<N, C>(client: &mut rsvici::Client, command: &str, event: &str) -> Result<C>
|
||||
where
|
||||
N: for<'de> serde::Deserialize<'de>,
|
||||
C: std::iter::Extend<N> + Default,
|
||||
{
|
||||
client.stream_request::<(), N>(command, event, ()).filter_map(|event| async move {event.ok()}).collect::<C>().await
|
||||
Ok(client
|
||||
.stream_request::<(), N>(command, event, ())
|
||||
.filter_map(|event| async move { event.ok() })
|
||||
.collect::<C>()
|
||||
.await)
|
||||
}
|
||||
|
||||
// Structs for parsing the control interface
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct Version {
|
||||
pub daemon: String,
|
||||
pub daemon: String,
|
||||
pub version: String,
|
||||
pub sysname: String,
|
||||
pub release: String,
|
||||
|
@ -55,46 +65,46 @@ pub struct Version {
|
|||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct Statistics {
|
||||
pub uptime: StatisticsUptime,
|
||||
pub workers: StatisticsWorkers,
|
||||
pub queues: StatisticsJobPriorities,
|
||||
pub scheduled: String,
|
||||
pub ikesecurity_associations: StatisticsIKESecurityAssociations,
|
||||
pub plugins: Vec<String>,
|
||||
pub mem: Option<StatisticsMem>,
|
||||
pub mallinfo: Option<StatisticsMallinfo>,
|
||||
pub uptime: StatisticsUptime,
|
||||
pub workers: StatisticsWorkers,
|
||||
pub queues: StatisticsJobPriorities,
|
||||
pub scheduled: String,
|
||||
pub ikesas: StatisticsIKESecurityAssociations,
|
||||
pub plugins: Vec<String>,
|
||||
pub mem: Option<StatisticsMem>,
|
||||
pub mallinfo: Option<StatisticsMallinfo>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct StatisticsUptime {
|
||||
pub running: String,
|
||||
pub since: String,
|
||||
pub since: String,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct StatisticsWorkers {
|
||||
pub total: String,
|
||||
pub idle: String,
|
||||
pub total: String,
|
||||
pub idle: String,
|
||||
pub active: StatisticsJobPriorities,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct StatisticsJobPriorities {
|
||||
pub critical: String,
|
||||
pub high: String,
|
||||
pub medium: String,
|
||||
pub low: String,
|
||||
pub high: String,
|
||||
pub medium: String,
|
||||
pub low: String,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct StatisticsIKESecurityAssociations {
|
||||
pub total: String,
|
||||
pub total: String,
|
||||
pub half_open: Option<String>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct StatisticsMem {
|
||||
pub total: String,
|
||||
pub total: String,
|
||||
pub allocs: String,
|
||||
}
|
||||
#[derive(Debug, Deserialize)]
|
||||
|
@ -111,19 +121,20 @@ pub type NamedPolicy = (String, Policy);
|
|||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct Policy {
|
||||
pub child: String,
|
||||
pub ike: Option<String>,
|
||||
pub mode: PolicyMode,
|
||||
pub local_ts: Option<Vec<String>>,
|
||||
pub child: String,
|
||||
pub ike: Option<String>,
|
||||
pub mode: PolicyMode,
|
||||
pub local_ts: Option<Vec<String>>,
|
||||
pub remote_ts: Option<Vec<String>>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
#[serde(rename_all = "snake_case")]
|
||||
pub enum PolicyMode {
|
||||
tunnel,
|
||||
transport,
|
||||
pass,
|
||||
drop,
|
||||
Tunnel,
|
||||
Transport,
|
||||
Pass,
|
||||
Drop,
|
||||
}
|
||||
|
||||
pub type Connections = HashMap<String, Conn>;
|
||||
|
@ -132,45 +143,46 @@ pub type NamedConnection = (String, Conn);
|
|||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct Conn {
|
||||
pub local_addrs: Vec<String>,
|
||||
pub local_addrs: Vec<String>,
|
||||
pub remote_addrs: Vec<String>,
|
||||
pub version: String,
|
||||
pub reauth_time: u32,
|
||||
pub rekey_time: u32,
|
||||
pub children: HashMap<String, ConnChildSection>,
|
||||
pub version: String,
|
||||
pub reauth_time: u32,
|
||||
pub rekey_time: u32,
|
||||
pub children: HashMap<String, ConnChildSection>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct ConnAuthSection {
|
||||
pub class: String,
|
||||
pub eap_type: Option<String>,
|
||||
pub eap_vendor: Option<String>,
|
||||
pub xauth: Option<String>,
|
||||
pub revocation: Option<String>,
|
||||
pub id: String,
|
||||
pub aaa_id: Option<String>,
|
||||
pub eap_id: Option<String>,
|
||||
pub xauth_id: Option<String>,
|
||||
pub groups: Option<Vec<String>>,
|
||||
pub class: String,
|
||||
pub eap_type: Option<String>,
|
||||
pub eap_vendor: Option<String>,
|
||||
pub xauth: Option<String>,
|
||||
pub revocation: Option<String>,
|
||||
pub id: String,
|
||||
pub aaa_id: Option<String>,
|
||||
pub eap_id: Option<String>,
|
||||
pub xauth_id: Option<String>,
|
||||
pub groups: Option<Vec<String>>,
|
||||
pub certificates: Option<Vec<String>>,
|
||||
pub cacerts: Option<Vec<String>>,
|
||||
pub cacerts: Option<Vec<String>>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct ConnChildSection {
|
||||
pub mode: ChildSecurityAssociationMode,
|
||||
pub rekey_time: u32,
|
||||
pub rekey_bytes: u64,
|
||||
pub mode: ChildSecurityAssociationMode,
|
||||
pub rekey_time: u32,
|
||||
pub rekey_bytes: u64,
|
||||
pub rekey_packets: u64,
|
||||
pub local_ts: Option<Vec<String>>,
|
||||
pub remote_ts: Option<Vec<String>>,
|
||||
pub local_ts: Option<Vec<String>>,
|
||||
pub remote_ts: Option<Vec<String>>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize, Clone, Hash, PartialEq, Eq)]
|
||||
#[serde(rename_all = "UPPERCASE")]
|
||||
pub enum ChildSecurityAssociationMode {
|
||||
TUNNEL,
|
||||
TRANSPORT,
|
||||
BEET,
|
||||
Tunnel,
|
||||
Transport,
|
||||
Beet,
|
||||
}
|
||||
#[derive(Debug, Deserialize, Clone, Hash, PartialEq, Eq)]
|
||||
pub enum ChildSecurityAssociationProtocol {
|
||||
|
@ -182,82 +194,103 @@ pub type SecurityAssociations = HashMap<String, SecurityAssociation>;
|
|||
|
||||
pub type NamedSecurityAssociation = (String, SecurityAssociation);
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct SecurityAssociation {
|
||||
pub uniqueid: String,
|
||||
pub version: u8,
|
||||
pub state: String,
|
||||
pub local_host: Option<String>,
|
||||
pub local_port: Option<u16>,
|
||||
pub local_id: Option<String>,
|
||||
pub remote_host: Option<String>,
|
||||
pub remote_port: Option<u16>,
|
||||
pub remote_id: Option<String>,
|
||||
pub remote_xauth_id: Option<String>,
|
||||
pub remote_epa_id: Option<String>,
|
||||
pub initiator: Option<bool>,
|
||||
pub initiator_spi: Option<String>,
|
||||
pub responder_spi: Option<String>,
|
||||
pub nat_local: Option<bool>,
|
||||
pub nat_remote: Option<bool>,
|
||||
pub nat_fake: Option<bool>,
|
||||
pub nat_any: Option<bool>,
|
||||
pub if_id_in: Option<String>,
|
||||
pub if_id_out: Option<String>,
|
||||
pub encr_alg: Option<String>,
|
||||
pub encr_keysize: Option<String>,
|
||||
pub integ_alg: Option<String>,
|
||||
pub integ_keysize: Option<String>,
|
||||
pub prf_alg: Option<String>,
|
||||
pub dh_group: Option<String>,
|
||||
pub established: u64,
|
||||
pub rekey_time: Option<u32>,
|
||||
pub reauth_time: Option<u32>,
|
||||
pub local_vips: Option<Vec<String>>,
|
||||
pub remote_vips: Option<Vec<String>>,
|
||||
pub tasks_queued: Option<Vec<String>>,
|
||||
pub tasks_active: Option<Vec<String>>,
|
||||
pub tasks_passive: Option<Vec<String>>,
|
||||
pub child_security_associations: Option<HashMap<String, SecurityAssociationChild>>,
|
||||
impl IntoLabels for &SecurityAssociation {
|
||||
fn into_labels(self) -> Vec<Label> {
|
||||
vec![
|
||||
(&("uniqueid", self.uniqueid.clone())).into(),
|
||||
(&("remote_id", self.remote_id.clone())).into(),
|
||||
(&("local_id", self.local_id.clone())).into(),
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct SecurityAssociation {
|
||||
pub uniqueid: String,
|
||||
pub version: u8,
|
||||
pub state: String,
|
||||
pub local_host: String,
|
||||
pub local_port: u16,
|
||||
pub local_id: String,
|
||||
pub remote_host: String,
|
||||
pub remote_port: u16,
|
||||
pub remote_id: String,
|
||||
pub remote_xauth_id: Option<String>,
|
||||
pub remote_epa_id: Option<String>,
|
||||
pub initiator: Option<bool>,
|
||||
pub initiator_spi: Option<String>,
|
||||
pub responder_spi: Option<String>,
|
||||
pub nat_local: Option<bool>,
|
||||
pub nat_remote: Option<bool>,
|
||||
pub nat_fake: Option<bool>,
|
||||
pub nat_any: Option<bool>,
|
||||
pub if_id_in: Option<String>,
|
||||
pub if_id_out: Option<String>,
|
||||
pub encr_alg: Option<String>,
|
||||
pub encr_keysize: Option<String>,
|
||||
pub integ_alg: Option<String>,
|
||||
pub integ_keysize: Option<String>,
|
||||
pub prf_alg: Option<String>,
|
||||
pub dh_group: Option<String>,
|
||||
pub established: u64,
|
||||
pub rekey_time: u32,
|
||||
pub reauth_time: Option<u32>,
|
||||
pub local_vips: Option<Vec<String>>,
|
||||
pub remote_vips: Option<Vec<String>>,
|
||||
pub tasks_queued: Option<Vec<String>>,
|
||||
pub tasks_active: Option<Vec<String>>,
|
||||
pub tasks_passive: Option<Vec<String>>,
|
||||
pub child_security_associations: HashMap<String, SecurityAssociationChild>,
|
||||
}
|
||||
|
||||
|
||||
impl IntoLabels for &SecurityAssociationChild {
|
||||
fn into_labels(self) -> Vec<Label> {
|
||||
vec![
|
||||
(&("child_uniqueid", self.uniqueid.clone())).into(),
|
||||
(&("child_reqid", self.reqid.clone())).into(),
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct SecurityAssociationChild {
|
||||
pub name: String,
|
||||
pub uniqueid: String,
|
||||
pub reqid: String,
|
||||
pub state: String,
|
||||
pub mode: ChildSecurityAssociationMode,
|
||||
pub protocol: ChildSecurityAssociationProtocol,
|
||||
pub encap: Option<bool>,
|
||||
pub spi_in: String,
|
||||
pub spi_out: String,
|
||||
pub cpi_in: Option<String>,
|
||||
pub cpi_out: Option<String>,
|
||||
pub mark_in: Option<String>,
|
||||
pub mark_mask_in: Option<String>,
|
||||
pub mark_out: Option<String>,
|
||||
pub mark_mask_out: Option<String>,
|
||||
pub if_id_in: Option<String>,
|
||||
pub if_id_out: Option<String>,
|
||||
pub encr_alg: Option<String>,
|
||||
pub encr_keysize: Option<String>,
|
||||
pub integ_alg: Option<String>,
|
||||
pub integ_keysize: Option<String>,
|
||||
pub prf_alg: Option<String>,
|
||||
pub dh_group: Option<String>,
|
||||
pub esn: Option<u16>,
|
||||
pub bytes_in: u64,
|
||||
pub packets_in: u64,
|
||||
pub use_in: Option<u32>,
|
||||
pub bytes_out: u64,
|
||||
pub packets_out: u64,
|
||||
pub use_out: Option<u32>,
|
||||
pub rekey_time: Option<u32>,
|
||||
pub life_time: u32,
|
||||
pub install_time: u64,
|
||||
pub local_ts: Vec<String>,
|
||||
pub remote_ts: Vec<String>,
|
||||
pub name: String,
|
||||
pub uniqueid: String,
|
||||
pub reqid: String,
|
||||
pub state: String,
|
||||
pub mode: ChildSecurityAssociationMode,
|
||||
pub protocol: ChildSecurityAssociationProtocol,
|
||||
pub encap: Option<bool>,
|
||||
pub spi_in: String,
|
||||
pub spi_out: String,
|
||||
pub cpi_in: Option<String>,
|
||||
pub cpi_out: Option<String>,
|
||||
pub mark_in: Option<String>,
|
||||
pub mark_mask_in: Option<String>,
|
||||
pub mark_out: Option<String>,
|
||||
pub mark_mask_out: Option<String>,
|
||||
pub if_id_in: Option<String>,
|
||||
pub if_id_out: Option<String>,
|
||||
pub encr_alg: Option<String>,
|
||||
pub encr_keysize: Option<String>,
|
||||
pub integ_alg: Option<String>,
|
||||
pub integ_keysize: Option<String>,
|
||||
pub prf_alg: Option<String>,
|
||||
pub dh_group: Option<String>,
|
||||
pub esn: Option<u16>,
|
||||
pub bytes_in: u64,
|
||||
pub packets_in: u64,
|
||||
pub use_in: Option<u32>,
|
||||
pub bytes_out: u64,
|
||||
pub packets_out: u64,
|
||||
pub use_out: Option<u32>,
|
||||
pub rekey_time: u32,
|
||||
pub life_time: u32,
|
||||
pub install_time: u64,
|
||||
pub local_ts: Vec<String>,
|
||||
pub remote_ts: Vec<String>,
|
||||
}
|
||||
|
||||
pub type Certificates = HashMap<String, Cert>;
|
||||
|
@ -267,21 +300,25 @@ pub type NamedCertificate = (String, Cert);
|
|||
#[derive(Debug, Deserialize)]
|
||||
pub struct Cert {
|
||||
pub r#type: CertType,
|
||||
pub flag: X509CertFlag,
|
||||
pub flag: X509CertFlag,
|
||||
pub has_privkey: Option<String>,
|
||||
pub data: String,
|
||||
pub subject: Option<String>,
|
||||
pub not_before: Option<String>,
|
||||
pub not_after: Option<String>,
|
||||
pub data: String,
|
||||
pub subject: Option<String>,
|
||||
pub not_before: Option<String>,
|
||||
pub not_after: Option<String>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub enum CertType {
|
||||
X509,
|
||||
X509_AC,
|
||||
X509_CRL,
|
||||
OSCP_RESPONSE,
|
||||
PUBKEY,
|
||||
#[serde(alias = "X509_AC")]
|
||||
X509AC,
|
||||
#[serde(alias = "X509_CRL")]
|
||||
X509CRL,
|
||||
#[serde(alias = "OSCP_RESPONSE")]
|
||||
OSCPResponse,
|
||||
#[serde(alias = "PUBKEY")]
|
||||
PubKey,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
|
@ -298,35 +335,36 @@ pub type NamedAuthority = (String, Authority);
|
|||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct Authority {
|
||||
pub cacert: String,
|
||||
pub crl_uris: Vec<String>,
|
||||
pub ocsp_uris: Vec<String>,
|
||||
pub cert_uri_base: String,
|
||||
pub cacert: String,
|
||||
pub crl_uris: Vec<String>,
|
||||
pub ocsp_uris: Vec<String>,
|
||||
pub cert_uri_base: String,
|
||||
}
|
||||
|
||||
pub type Pools = HashMap<String, Pool>;
|
||||
|
||||
pub type NamedPool = (String, Pool);
|
||||
|
||||
#[derive(Debug,Deserialize)]
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct Pool {
|
||||
pub name: String,
|
||||
pub base: String,
|
||||
pub size: u128,
|
||||
pub online: u128,
|
||||
pub name: String,
|
||||
pub base: String,
|
||||
pub size: u128,
|
||||
pub online: u128,
|
||||
pub offline: u128,
|
||||
pub leases: Option<HashMap<u16,PoolLease>>,
|
||||
}
|
||||
|
||||
#[derive(Debug,Deserialize)]
|
||||
pub struct PoolLease {
|
||||
pub address: String,
|
||||
pub identity: String,
|
||||
pub status: PoolLeaseStatus,
|
||||
pub leases: Option<HashMap<u16, PoolLease>>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub enum PoolLeaseStatus {
|
||||
online,
|
||||
offline,
|
||||
pub struct PoolLease {
|
||||
pub address: String,
|
||||
pub identity: String,
|
||||
pub status: PoolLeaseStatus,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
#[serde(rename_all = "lowercase")]
|
||||
pub enum PoolLeaseStatus {
|
||||
Online,
|
||||
Offline,
|
||||
}
|
||||
|
|
Loading…
Add table
Reference in a new issue