diff --git a/changelog/unreleased/fix-nats-authentication.md b/changelog/unreleased/fix-nats-authentication.md new file mode 100644 index 000000000..2ab13db9d --- /dev/null +++ b/changelog/unreleased/fix-nats-authentication.md @@ -0,0 +1,5 @@ +Bugfix: Fix nats authentication + +Fixes nats authentication for registry/events/stores + +https://github.com/owncloud/ocis/pull/8236 diff --git a/ocis-pkg/natsjsregistry/registry.go b/ocis-pkg/natsjsregistry/registry.go index 8be5d02d8..857b4e519 100644 --- a/ocis-pkg/natsjsregistry/registry.go +++ b/ocis-pkg/natsjsregistry/registry.go @@ -31,7 +31,7 @@ func NewRegistry(opts ...registry.Option) registry.Registry { exp, _ := options.Context.Value(expiryKey{}).(time.Duration) return &storeregistry{ opts: options, - store: natsjskv.NewStore(storeOptions(options)...), + store: natsjskv.NewStore(append(storeOptions(options), natsjskv.DefaultMemory())...), typ: _registryName, expiry: exp, } diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index 9775daec3..a5c5aa336 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -63,6 +63,8 @@ type Cache struct { TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL" desc:"Time to live for events in the store. The duration can be set as number followed by a unit identifier like s, m or h."` Size int `yaml:"size" env:"OCIS_CACHE_SIZE" desc:"The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured."` DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false."` + AuthUsername string `yaml:"auth_username" env:"OCIS_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured."` + AuthPassword string `yaml:"auth_password" env:"OCIS_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured."` } // Commons holds configuration that are common to all extensions. Each extension can then decide whether diff --git a/services/frontend/pkg/config/config.go b/services/frontend/pkg/config/config.go index 897627ad8..fa8c7b2fc 100644 --- a/services/frontend/pkg/config/config.go +++ b/services/frontend/pkg/config/config.go @@ -137,6 +137,8 @@ type OCS struct { StatCacheTTL time.Duration `yaml:"stat_cache_ttl" env:"OCIS_CACHE_TTL;FRONTEND_OCS_STAT_CACHE_TTL" desc:"Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details."` StatCacheSize int `yaml:"stat_cache_size" env:"OCIS_CACHE_SIZE;FRONTEND_OCS_STAT_CACHE_SIZE" desc:"Max number of entries to hold in the cache."` StatCacheDisablePersistence bool `yaml:"stat_cache_disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE" desc:"Disable persistence of the cache. Only applies when using the 'nats-js-kv' store type. Defaults to false."` + StatCacheAuthUsername string `yaml:"stat_cache_auth_username" env:"OCIS_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when using the 'nats-js-kv' store type."` + StatCacheAuthPassword string `yaml:"stat_cache_auth_password" env:"OCIS_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when using the 'nats-js-kv' store type."` CacheWarmupDriver string `yaml:"cache_warmup_driver,omitempty"` // not supported by the oCIS product, therefore not part of docs CacheWarmupDrivers CacheWarmupDrivers `yaml:"cache_warmup_drivers,omitempty"` // not supported by the oCIS product, therefore not part of docs diff --git a/services/frontend/pkg/revaconfig/config.go b/services/frontend/pkg/revaconfig/config.go index 51c413856..93ab7833a 100644 --- a/services/frontend/pkg/revaconfig/config.go +++ b/services/frontend/pkg/revaconfig/config.go @@ -8,7 +8,6 @@ import ( "path" "path/filepath" "strconv" - "time" "github.com/owncloud/ocis/v2/ocis-pkg/config/defaults" "github.com/owncloud/ocis/v2/ocis-pkg/log" @@ -160,9 +159,11 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string "cache_nodes": cfg.OCS.StatCacheNodes, "cache_database": cfg.OCS.StatCacheDatabase, "cache_table": cfg.OCS.StatCacheTable, - "cache_ttl": cfg.OCS.StatCacheTTL / time.Second, + "cache_ttl": cfg.OCS.StatCacheTTL, "cache_size": cfg.OCS.StatCacheSize, "cache_disable_persistence": cfg.OCS.StatCacheDisablePersistence, + "cache_auth_username": cfg.OCS.StatCacheAuthUsername, + "cache_auth_password": cfg.OCS.StatCacheAuthPassword, }, "prefix": cfg.OCS.Prefix, "additional_info_attribute": cfg.OCS.AdditionalInfoAttribute, diff --git a/services/gateway/pkg/config/config.go b/services/gateway/pkg/config/config.go index e676f59ec..a3242706b 100644 --- a/services/gateway/pkg/config/config.go +++ b/services/gateway/pkg/config/config.go @@ -85,22 +85,20 @@ type StorageRegistry struct { // Cache holds cache config type Cache struct { - StatCacheStore string // NOTE: The stat cache is not working atm. Hence we block configuring it - StatCacheNodes []string `yaml:"stat_cache_nodes" env:"OCIS_CACHE_STORE_NODES;GATEWAY_STAT_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details."` - StatCacheDatabase string `yaml:"stat_cache_database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use."` - StatCacheTTL time.Duration `yaml:"stat_cache_ttl" env:"OCIS_CACHE_TTL;GATEWAY_STAT_CACHE_TTL" desc:"Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details."` - StatCacheSize int `yaml:"stat_cache_size" env:"OCIS_CACHE_SIZE;GATEWAY_STAT_CACHE_SIZE" desc:"The maximum quantity of items in the cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitely set as default."` - StatCacheDisablePersistence bool `yaml:"stat_cache_disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_STAT_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the stat cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false."` ProviderCacheStore string `yaml:"provider_cache_store" env:"OCIS_CACHE_STORE;GATEWAY_PROVIDER_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details."` ProviderCacheNodes []string `yaml:"provider_cache_nodes" env:"OCIS_CACHE_STORE_NODES;GATEWAY_PROVIDER_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details."` ProviderCacheDatabase string `yaml:"provider_cache_database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use."` ProviderCacheTTL time.Duration `yaml:"provider_cache_ttl" env:"OCIS_CACHE_TTL;GATEWAY_PROVIDER_CACHE_TTL" desc:"Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details."` ProviderCacheSize int `yaml:"provider_cache_size" env:"OCIS_CACHE_SIZE;GATEWAY_PROVIDER_CACHE_SIZE" desc:"The maximum quantity of items in the cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitely set as default."` ProviderCacheDisablePersistence bool `yaml:"provider_cache_disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the provider cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false."` + ProviderCacheAuthUsername string `yaml:"provider_cache_auth_username" env:"OCIS_CACHE_AUTH_USERNAME;GATEWAY_PROVIDER_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured."` + ProviderCacheAuthPassword string `yaml:"provider_cache_auth_password" env:"OCIS_CACHE_AUTH_PASSWORD;GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured."` CreateHomeCacheStore string `yaml:"create_home_cache_store" env:"OCIS_CACHE_STORE;GATEWAY_CREATE_HOME_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details."` CreateHomeCacheNodes []string `yaml:"create_home_cache_nodes" env:"OCIS_CACHE_STORE_NODES;GATEWAY_CREATE_HOME_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details."` CreateHomeCacheDatabase string `yaml:"create_home_cache_database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use."` CreateHomeCacheTTL time.Duration `yaml:"create_home_cache_ttl" env:"OCIS_CACHE_TTL;GATEWAY_CREATE_HOME_CACHE_TTL" desc:"Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details."` CreateHomeCacheSize int `yaml:"create_home_cache_size" env:"OCIS_CACHE_SIZE;GATEWAY_CREATE_HOME_CACHE_SIZE" desc:"The maximum quantity of items in the cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitely set as default."` CreateHomeCacheDisablePersistence bool `yaml:"create_home_cache_disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the create home cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false."` + CreateHomeCacheAuthUsername string `yaml:"create_home_cache_auth_username" env:"OCIS_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured."` + CreateHomeCacheAuthPassword string `yaml:"create_home_cache_auth_password" env:"OCIS_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured."` } diff --git a/services/gateway/pkg/config/defaults/defaultconfig.go b/services/gateway/pkg/config/defaults/defaultconfig.go index f1ae85004..b8bea1a4b 100644 --- a/services/gateway/pkg/config/defaults/defaultconfig.go +++ b/services/gateway/pkg/config/defaults/defaultconfig.go @@ -39,10 +39,6 @@ func DefaultConfig() *config.Config { DisableHomeCreationOnLogin: true, TransferExpires: 24 * 60 * 60, Cache: config.Cache{ - StatCacheStore: "noop", // NOTE: stat cache not working - StatCacheDatabase: "ocis", - StatCacheNodes: []string{"127.0.0.1:9233"}, - StatCacheTTL: 300 * time.Second, ProviderCacheStore: "noop", ProviderCacheNodes: []string{"127.0.0.1:9233"}, ProviderCacheDatabase: "cache-providers", diff --git a/services/gateway/pkg/revaconfig/config.go b/services/gateway/pkg/revaconfig/config.go index d1affa7a9..c13688aee 100644 --- a/services/gateway/pkg/revaconfig/config.go +++ b/services/gateway/pkg/revaconfig/config.go @@ -61,15 +61,6 @@ func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]i "transfer_shared_secret": cfg.TransferSecret, "transfer_expires": cfg.TransferExpires, // cache and TTLs - "stat_cache_config": map[string]interface{}{ - "cache_store": cfg.Cache.StatCacheStore, - "cache_nodes": cfg.Cache.StatCacheNodes, - "cache_database": cfg.Cache.StatCacheDatabase, - "cache_table": "stat", - "cache_ttl": cfg.Cache.StatCacheTTL, - "cache_size": cfg.Cache.StatCacheSize, - "cache_disable_persistenc": cfg.Cache.StatCacheDisablePersistence, - }, "provider_cache_config": map[string]interface{}{ "cache_store": cfg.Cache.ProviderCacheStore, "cache_nodes": cfg.Cache.ProviderCacheNodes, @@ -78,6 +69,8 @@ func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]i "cache_ttl": cfg.Cache.ProviderCacheTTL, "cache_size": cfg.Cache.ProviderCacheSize, "disable_persistence": cfg.Cache.ProviderCacheDisablePersistence, + "cache_auth_username": cfg.Cache.ProviderCacheAuthUsername, + "cache_auth_password": cfg.Cache.ProviderCacheAuthPassword, }, "create_home_cache_config": map[string]interface{}{ "cache_store": cfg.Cache.CreateHomeCacheStore, @@ -87,6 +80,8 @@ func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]i "cache_ttl": cfg.Cache.CreateHomeCacheTTL, "cache_size": cfg.Cache.CreateHomeCacheSize, "cache_disable_persistence": cfg.Cache.CreateHomeCacheDisablePersistence, + "cache_auth_username": cfg.Cache.CreateHomeCacheAuthUsername, + "cache_auth_password": cfg.Cache.CreateHomeCacheAuthPassword, }, }, "authregistry": map[string]interface{}{ diff --git a/services/sharing/pkg/config/config.go b/services/sharing/pkg/config/config.go index 24c8834d2..7d51d0b83 100644 --- a/services/sharing/pkg/config/config.go +++ b/services/sharing/pkg/config/config.go @@ -153,6 +153,8 @@ type Events struct { TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;SHARING_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates."` TLSRootCaCertPath string `yaml:"tls_root_ca_cert_path" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SHARING_EVENTS_TLS_INSECURE will be seen as false."` EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;SHARING_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.."` + AuthUsername string `yaml:"auth_username" env:"OCIS_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME" desc:"Username for the events broker."` + AuthPassword string `yaml:"auth_password" env:"OCIS_EVENTS_AUTH_PASSWORD;SHARING_EVENTS_AUTH_PASSWORD" desc:"Password for the events broker."` } // PasswordPolicy configures reva password policy diff --git a/services/sharing/pkg/revaconfig/config.go b/services/sharing/pkg/revaconfig/config.go index b1f7e0d46..8f02b796d 100644 --- a/services/sharing/pkg/revaconfig/config.go +++ b/services/sharing/pkg/revaconfig/config.go @@ -81,6 +81,8 @@ func SharingConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string] "natsclusterid": cfg.Events.ClusterID, "tlsinsecure": cfg.Events.TLSInsecure, "tlsrootcacertificate": cfg.Events.TLSRootCaCertPath, + "authusername": cfg.Events.AuthUsername, + "authpassword": cfg.Events.AuthPassword, }, }, }, @@ -134,6 +136,8 @@ func SharingConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string] "tls-root-ca-cert": cfg.Events.TLSRootCaCertPath, "enable-tls": cfg.Events.EnableTLS, "name": "sharing-eventsmiddleware", + "username": cfg.Events.AuthUsername, + "password": cfg.Events.AuthPassword, }, "prometheus": map[string]interface{}{ "namespace": "ocis", diff --git a/services/storage-system/pkg/config/config.go b/services/storage-system/pkg/config/config.go index e05a52451..6ebe5b718 100644 --- a/services/storage-system/pkg/config/config.go +++ b/services/storage-system/pkg/config/config.go @@ -93,4 +93,6 @@ type Cache struct { TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details."` Size int `yaml:"size" env:"OCIS_CACHE_SIZE;STORAGE_SYSTEM_CACHE_SIZE" desc:"The maximum quantity of items in the user info cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitely set as default."` DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false."` + AuthUsername string `yaml:"auth_username" env:"OCIS_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME" desc:"Username for the configured store. Only applies when store type 'nats-js-kv' is configured."` + AuthPassword string `yaml:"auth_password" env:"OCIS_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD" desc:"Password for the configured store. Only applies when store type 'nats-js-kv' is configured."` } diff --git a/services/storage-system/pkg/revaconfig/config.go b/services/storage-system/pkg/revaconfig/config.go index 16c1c3a09..555755209 100644 --- a/services/storage-system/pkg/revaconfig/config.go +++ b/services/storage-system/pkg/revaconfig/config.go @@ -1,8 +1,6 @@ package revaconfig import ( - "time" - userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" "github.com/owncloud/ocis/v2/services/storage-system/pkg/config" ) @@ -165,9 +163,11 @@ func metadataDrivers(cfg *config.Config) map[string]interface{} { "cache_store": cfg.FileMetadataCache.Store, "cache_nodes": cfg.FileMetadataCache.Nodes, "cache_database": cfg.FileMetadataCache.Database, - "cache_ttl": cfg.FileMetadataCache.TTL / time.Second, + "cache_ttl": cfg.FileMetadataCache.TTL, "cache_size": cfg.FileMetadataCache.Size, "cache_disable_persistence": cfg.FileMetadataCache.DisablePersistence, + "cache_auth_username": cfg.FileMetadataCache.AuthUsername, + "cache_auth_password": cfg.FileMetadataCache.AuthPassword, }, }, } diff --git a/services/storage-users/pkg/config/config.go b/services/storage-users/pkg/config/config.go index 77616b35d..8fd16c74b 100644 --- a/services/storage-users/pkg/config/config.go +++ b/services/storage-users/pkg/config/config.go @@ -31,7 +31,6 @@ type Config struct { TransferExpires int64 `yaml:"transfer_expires" env:"STORAGE_USERS_TRANSFER_EXPIRES" desc:"the time after which the token for upload postprocessing expires"` Events Events `yaml:"events"` - StatCache StatCache `yaml:"stat_cache"` FilemetadataCache FilemetadataCache `yaml:"filemetadata_cache"` IDCache IDCache `yaml:"id_cache"` MountID string `yaml:"mount_id" env:"STORAGE_USERS_MOUNT_ID" desc:"Mount ID of this storage."` @@ -182,16 +181,6 @@ type Events struct { AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.."` } -// StatCache holds cache config -type StatCache struct { - Store string `yaml:"store" env:"OCIS_CACHE_STORE;STORAGE_USERS_STAT_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details."` - Nodes []string `yaml:"nodes" env:"OCIS_CACHE_STORE_NODES;STORAGE_USERS_STAT_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details."` - Database string `yaml:"database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use."` - TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;STORAGE_USERS_STAT_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details."` - Size int `yaml:"size" env:"OCIS_CACHE_SIZE;STORAGE_USERS_STAT_CACHE_SIZE" desc:"The maximum quantity of items in the user info cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitely set as default."` - DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_STAT_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false."` -} - // FilemetadataCache holds cache config type FilemetadataCache struct { Store string `yaml:"store" env:"OCIS_CACHE_STORE;STORAGE_USERS_FILEMETADATA_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details."` @@ -200,6 +189,8 @@ type FilemetadataCache struct { TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;STORAGE_USERS_FILEMETADATA_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details."` Size int `yaml:"size" env:"OCIS_CACHE_SIZE;STORAGE_USERS_FILEMETADATA_CACHE_SIZE" desc:"The maximum quantity of items in the user info cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitely set as default."` DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false."` + AuthUsername string `yaml:"username" env:"OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured."` + AuthPassword string `yaml:"password" env:"OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured."` } // IDCache holds cache config @@ -210,6 +201,8 @@ type IDCache struct { TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;STORAGE_USERS_ID_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens have no expiration. Defaults to 300s which is derived from the underlaying package though not explicitly set as default. See the Environment Variable Types description for more details."` Size int `yaml:"size" env:"OCIS_CACHE_SIZE;STORAGE_USERS_ID_CACHE_SIZE" desc:"The maximum quantity of items in the user info cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitely set as default."` DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false."` + AuthUsername string `yaml:"username" env:"OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured."` + AuthPassword string `yaml:"password" env:"OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured."` } // S3Driver is the storage driver configuration when using 's3' storage driver diff --git a/services/storage-users/pkg/config/defaults/defaultconfig.go b/services/storage-users/pkg/config/defaults/defaultconfig.go index 8bc070c6a..82a65ff79 100644 --- a/services/storage-users/pkg/config/defaults/defaultconfig.go +++ b/services/storage-users/pkg/config/defaults/defaultconfig.go @@ -94,12 +94,6 @@ func DefaultConfig() *config.Config { ClusterID: "ocis-cluster", EnableTLS: false, }, - StatCache: config.StatCache{ - Store: "memory", - Nodes: []string{"127.0.0.1:9233"}, - Database: "ocis", - TTL: 300 * time.Second, - }, FilemetadataCache: config.FilemetadataCache{ Store: "memory", Nodes: []string{"127.0.0.1:9233"}, diff --git a/services/storage-users/pkg/revaconfig/config.go b/services/storage-users/pkg/revaconfig/config.go index 3966d86c5..f8ecffd9b 100644 --- a/services/storage-users/pkg/revaconfig/config.go +++ b/services/storage-users/pkg/revaconfig/config.go @@ -46,6 +46,8 @@ func StorageUsersConfigFromStruct(cfg *config.Config) map[string]interface{} { "tls-root-ca-cert": cfg.Events.TLSRootCaCertPath, "enable-tls": cfg.Events.EnableTLS, "name": "storage-users-eventsmiddleware", + "username": cfg.Events.AuthUsername, + "password": cfg.Events.AuthPassword, }, "prometheus": map[string]interface{}{ "namespace": "ocis", @@ -70,35 +72,8 @@ func StorageUsersConfigFromStruct(cfg *config.Config) map[string]interface{} { "nats_tls_insecure": cfg.Events.TLSInsecure, "nats_root_ca_cert_path": cfg.Events.TLSRootCaCertPath, "nats_enable_tls": cfg.Events.EnableTLS, - "data_txs": map[string]interface{}{ - "simple": map[string]interface{}{ - "cache_store": cfg.StatCache.Store, - "cache_nodes": cfg.StatCache.Nodes, - "cache_database": cfg.StatCache.Database, - "cache_ttl": cfg.StatCache.TTL, - "cache_size": cfg.StatCache.Size, - "cache_table": "stat", - "cache_disable_persistence": cfg.StatCache.DisablePersistence, - }, - "spaces": map[string]interface{}{ - "cache_store": cfg.StatCache.Store, - "cache_nodes": cfg.StatCache.Nodes, - "cache_database": cfg.StatCache.Database, - "cache_ttl": cfg.StatCache.TTL, - "cache_size": cfg.StatCache.Size, - "cache_table": "stat", - "cache_disable_persistence": cfg.StatCache.DisablePersistence, - }, - "tus": map[string]interface{}{ - "cache_store": cfg.StatCache.Store, - "cache_nodes": cfg.StatCache.Nodes, - "cache_database": cfg.StatCache.Database, - "cache_ttl": cfg.StatCache.TTL, - "cache_size": cfg.StatCache.Size, - "cache_table": "stat", - "cache_disable_persistence": cfg.StatCache.DisablePersistence, - }, - }, + "nats_username": cfg.Events.AuthUsername, + "nats_password": cfg.Events.AuthPassword, }, }, }, diff --git a/services/storage-users/pkg/revaconfig/drivers.go b/services/storage-users/pkg/revaconfig/drivers.go index a26bf8de4..0a44caf74 100644 --- a/services/storage-users/pkg/revaconfig/drivers.go +++ b/services/storage-users/pkg/revaconfig/drivers.go @@ -132,14 +132,6 @@ func Ocis(cfg *config.Config) map[string]interface{} { "max_concurrency": cfg.Drivers.OCIS.MaxConcurrency, "asyncfileuploads": cfg.Drivers.OCIS.AsyncUploads, "max_quota": cfg.Drivers.OCIS.MaxQuota, - "statcache": map[string]interface{}{ - "cache_store": cfg.StatCache.Store, - "cache_nodes": cfg.StatCache.Nodes, - "cache_database": cfg.StatCache.Database, - "cache_ttl": cfg.StatCache.TTL, - "cache_size": cfg.StatCache.Size, - "cache_disable_persistence": cfg.StatCache.DisablePersistence, - }, "filemetadatacache": map[string]interface{}{ "cache_store": cfg.FilemetadataCache.Store, "cache_nodes": cfg.FilemetadataCache.Nodes, @@ -147,6 +139,8 @@ func Ocis(cfg *config.Config) map[string]interface{} { "cache_ttl": cfg.FilemetadataCache.TTL, "cache_size": cfg.FilemetadataCache.Size, "cache_disable_persistence": cfg.FilemetadataCache.DisablePersistence, + "cache_auth_username": cfg.FilemetadataCache.AuthUsername, + "cache_auth_password": cfg.FilemetadataCache.AuthPassword, }, "idcache": map[string]interface{}{ "cache_store": cfg.IDCache.Store, @@ -155,13 +149,11 @@ func Ocis(cfg *config.Config) map[string]interface{} { "cache_ttl": cfg.IDCache.TTL, "cache_size": cfg.IDCache.Size, "cache_disable_persistence": cfg.IDCache.DisablePersistence, + "cache_auth_username": cfg.IDCache.AuthUsername, + "cache_auth_password": cfg.IDCache.AuthPassword, }, "events": map[string]interface{}{ - "natsaddress": cfg.Events.Addr, - "natsclusterid": cfg.Events.ClusterID, - "tlsinsecure": cfg.Events.TLSInsecure, - "tlsrootcacertificate": cfg.Events.TLSRootCaCertPath, - "numconsumers": cfg.Events.NumConsumers, + "numconsumers": cfg.Events.NumConsumers, }, "tokens": map[string]interface{}{ "transfer_shared_secret": cfg.Commons.TransferSecret, @@ -193,14 +185,6 @@ func OcisNoEvents(cfg *config.Config) map[string]interface{} { "lock_cycle_duration_factor": cfg.Drivers.OCIS.LockCycleDurationFactor, "max_concurrency": cfg.Drivers.OCIS.MaxConcurrency, "max_quota": cfg.Drivers.OCIS.MaxQuota, - "statcache": map[string]interface{}{ - "cache_store": cfg.StatCache.Store, - "cache_nodes": cfg.StatCache.Nodes, - "cache_database": cfg.StatCache.Database, - "cache_ttl": cfg.StatCache.TTL, - "cache_size": cfg.StatCache.Size, - "cache_disable_persistence": cfg.StatCache.DisablePersistence, - }, "filemetadatacache": map[string]interface{}{ "cache_store": cfg.FilemetadataCache.Store, "cache_nodes": cfg.FilemetadataCache.Nodes, @@ -208,6 +192,8 @@ func OcisNoEvents(cfg *config.Config) map[string]interface{} { "cache_ttl": cfg.FilemetadataCache.TTL, "cache_size": cfg.FilemetadataCache.Size, "cache_disable_persistence": cfg.FilemetadataCache.DisablePersistence, + "cache_auth_username": cfg.FilemetadataCache.AuthUsername, + "cache_auth_password": cfg.FilemetadataCache.AuthPassword, }, "idcache": map[string]interface{}{ "cache_store": cfg.IDCache.Store, @@ -216,6 +202,8 @@ func OcisNoEvents(cfg *config.Config) map[string]interface{} { "cache_ttl": cfg.IDCache.TTL, "cache_size": cfg.IDCache.Size, "cache_disable_persistence": cfg.IDCache.DisablePersistence, + "cache_auth_username": cfg.IDCache.AuthUsername, + "cache_auth_password": cfg.IDCache.AuthPassword, }, } } @@ -259,14 +247,6 @@ func S3NG(cfg *config.Config) map[string]interface{} { "lock_cycle_duration_factor": cfg.Drivers.S3NG.LockCycleDurationFactor, "max_concurrency": cfg.Drivers.S3NG.MaxConcurrency, "asyncfileuploads": cfg.Drivers.OCIS.AsyncUploads, - "statcache": map[string]interface{}{ - "cache_store": cfg.StatCache.Store, - "cache_nodes": cfg.StatCache.Nodes, - "cache_database": cfg.StatCache.Database, - "cache_ttl": cfg.StatCache.TTL, - "cache_size": cfg.StatCache.Size, - "cache_disable_persistence": cfg.StatCache.DisablePersistence, - }, "filemetadatacache": map[string]interface{}{ "cache_store": cfg.FilemetadataCache.Store, "cache_nodes": cfg.FilemetadataCache.Nodes, @@ -274,6 +254,8 @@ func S3NG(cfg *config.Config) map[string]interface{} { "cache_ttl": cfg.FilemetadataCache.TTL, "cache_size": cfg.FilemetadataCache.Size, "cache_disable_persistence": cfg.FilemetadataCache.DisablePersistence, + "cache_auth_username": cfg.FilemetadataCache.AuthUsername, + "cache_auth_password": cfg.FilemetadataCache.AuthPassword, }, "idcache": map[string]interface{}{ "cache_store": cfg.IDCache.Store, @@ -282,13 +264,11 @@ func S3NG(cfg *config.Config) map[string]interface{} { "cache_ttl": cfg.IDCache.TTL, "cache_size": cfg.IDCache.Size, "cache_disable_persistence": cfg.IDCache.DisablePersistence, + "cache_auth_username": cfg.IDCache.AuthUsername, + "cache_auth_password": cfg.IDCache.AuthPassword, }, "events": map[string]interface{}{ - "natsaddress": cfg.Events.Addr, - "natsclusterid": cfg.Events.ClusterID, - "tlsinsecure": cfg.Events.TLSInsecure, - "tlsrootcacertificate": cfg.Events.TLSRootCaCertPath, - "numconsumers": cfg.Events.NumConsumers, + "numconsumers": cfg.Events.NumConsumers, }, "tokens": map[string]interface{}{ "transfer_shared_secret": cfg.Commons.TransferSecret, @@ -324,14 +304,6 @@ func S3NGNoEvents(cfg *config.Config) map[string]interface{} { "max_acquire_lock_cycles": cfg.Drivers.S3NG.MaxAcquireLockCycles, "max_concurrency": cfg.Drivers.S3NG.MaxConcurrency, "lock_cycle_duration_factor": cfg.Drivers.S3NG.LockCycleDurationFactor, - "statcache": map[string]interface{}{ - "cache_store": cfg.StatCache.Store, - "cache_nodes": cfg.StatCache.Nodes, - "cache_database": cfg.StatCache.Database, - "cache_ttl": cfg.StatCache.TTL, - "cache_size": cfg.StatCache.Size, - "cache_disable_persistence": cfg.StatCache.DisablePersistence, - }, "filemetadatacache": map[string]interface{}{ "cache_store": cfg.FilemetadataCache.Store, "cache_nodes": cfg.FilemetadataCache.Nodes, @@ -339,6 +311,8 @@ func S3NGNoEvents(cfg *config.Config) map[string]interface{} { "cache_ttl": cfg.FilemetadataCache.TTL, "cache_size": cfg.FilemetadataCache.Size, "cache_disable_persistence": cfg.FilemetadataCache.DisablePersistence, + "cache_auth_username": cfg.FilemetadataCache.AuthUsername, + "cache_auth_password": cfg.FilemetadataCache.AuthPassword, }, "idcache": map[string]interface{}{ "cache_store": cfg.IDCache.Store, @@ -347,6 +321,8 @@ func S3NGNoEvents(cfg *config.Config) map[string]interface{} { "cache_ttl": cfg.IDCache.TTL, "cache_size": cfg.IDCache.Size, "cache_disable_persistence": cfg.IDCache.DisablePersistence, + "cache_auth_username": cfg.IDCache.AuthUsername, + "cache_auth_password": cfg.IDCache.AuthPassword, }, } }