151 lines
5.7 KiB
C#
151 lines
5.7 KiB
C#
using System.Security.Authentication;
|
|
using NATS.Server.Auth;
|
|
using NATS.Server.Tls;
|
|
|
|
namespace NATS.Server;
|
|
|
|
public sealed class NatsOptions
|
|
{
|
|
public string Host { get; set; } = "0.0.0.0";
|
|
public int Port { get; set; } = 4222;
|
|
public string? ServerName { get; set; }
|
|
public int MaxPayload { get; set; } = 1024 * 1024;
|
|
public int MaxControlLine { get; set; } = 4096;
|
|
public int MaxConnections { get; set; } = 65536;
|
|
public long MaxPending { get; set; } = 64 * 1024 * 1024; // 64MB, matching Go MAX_PENDING_SIZE
|
|
public TimeSpan WriteDeadline { get; set; } = TimeSpan.FromSeconds(10);
|
|
public TimeSpan PingInterval { get; set; } = TimeSpan.FromMinutes(2);
|
|
public int MaxPingsOut { get; set; } = 2;
|
|
|
|
// Subscription limits
|
|
public int MaxSubs { get; set; } // 0 = unlimited (per-connection)
|
|
public int MaxSubTokens { get; set; } // 0 = unlimited
|
|
|
|
// Server tags (exposed via /varz)
|
|
public Dictionary<string, string>? Tags { get; set; }
|
|
|
|
// Account configuration
|
|
public Dictionary<string, AccountConfig>? Accounts { get; set; }
|
|
|
|
// Simple auth (single user)
|
|
public string? Username { get; set; }
|
|
public string? Password { get; set; }
|
|
public string? Authorization { get; set; }
|
|
|
|
// Multiple users/nkeys
|
|
public IReadOnlyList<User>? Users { get; set; }
|
|
public IReadOnlyList<NKeyUser>? NKeys { get; set; }
|
|
|
|
// Default/fallback
|
|
public string? NoAuthUser { get; set; }
|
|
|
|
// Auth timing
|
|
public TimeSpan AuthTimeout { get; set; } = TimeSpan.FromSeconds(2);
|
|
|
|
// Monitoring (0 = disabled; standard port is 8222)
|
|
public int MonitorPort { get; set; }
|
|
public string MonitorHost { get; set; } = "0.0.0.0";
|
|
public string? MonitorBasePath { get; set; }
|
|
// 0 = disabled
|
|
public int MonitorHttpsPort { get; set; }
|
|
|
|
// Lifecycle / lame-duck mode
|
|
public TimeSpan LameDuckDuration { get; set; } = TimeSpan.FromMinutes(2);
|
|
public TimeSpan LameDuckGracePeriod { get; set; } = TimeSpan.FromSeconds(10);
|
|
|
|
// File paths
|
|
public string? PidFile { get; set; }
|
|
public string? PortsFileDir { get; set; }
|
|
public string? ConfigFile { get; set; }
|
|
|
|
// Logging
|
|
public string? LogFile { get; set; }
|
|
public long LogSizeLimit { get; set; }
|
|
public int LogMaxFiles { get; set; }
|
|
public bool Debug { get; set; }
|
|
public bool Trace { get; set; }
|
|
public bool Logtime { get; set; } = true;
|
|
public bool LogtimeUTC { get; set; }
|
|
public bool Syslog { get; set; }
|
|
public string? RemoteSyslog { get; set; }
|
|
|
|
// Profiling (0 = disabled)
|
|
public int ProfPort { get; set; }
|
|
|
|
// Extended options for Go parity
|
|
public string? ClientAdvertise { get; set; }
|
|
public bool TraceVerbose { get; set; }
|
|
public int MaxTracedMsgLen { get; set; }
|
|
public bool DisableSublistCache { get; set; }
|
|
public int ConnectErrorReports { get; set; } = 3600;
|
|
public int ReconnectErrorReports { get; set; } = 1;
|
|
public bool NoHeaderSupport { get; set; }
|
|
public int MaxClosedClients { get; set; } = 10_000;
|
|
public bool NoSystemAccount { get; set; }
|
|
public string? SystemAccount { get; set; }
|
|
|
|
// Tracks which fields were set via CLI flags (for reload precedence)
|
|
public HashSet<string> InCmdLine { get; } = [];
|
|
|
|
// TLS
|
|
public string? TlsCert { get; set; }
|
|
public string? TlsKey { get; set; }
|
|
public string? TlsCaCert { get; set; }
|
|
public bool TlsVerify { get; set; }
|
|
public bool TlsMap { get; set; }
|
|
public TimeSpan TlsTimeout { get; set; } = TimeSpan.FromSeconds(2);
|
|
public bool TlsHandshakeFirst { get; set; }
|
|
public TimeSpan TlsHandshakeFirstFallback { get; set; } = TimeSpan.FromMilliseconds(50);
|
|
public bool AllowNonTls { get; set; }
|
|
public long TlsRateLimit { get; set; }
|
|
public HashSet<string>? TlsPinnedCerts { get; set; }
|
|
public SslProtocols TlsMinVersion { get; set; } = SslProtocols.Tls12;
|
|
|
|
// OCSP stapling and peer verification
|
|
public OcspConfig? OcspConfig { get; set; }
|
|
public bool OcspPeerVerify { get; set; }
|
|
|
|
// JWT / Operator mode
|
|
public string[]? TrustedKeys { get; set; }
|
|
public Auth.Jwt.IAccountResolver? AccountResolver { get; set; }
|
|
|
|
// Per-subsystem log level overrides (namespace -> level)
|
|
public Dictionary<string, string>? LogOverrides { get; set; }
|
|
|
|
// Subject mapping / transforms (source pattern -> destination template)
|
|
public Dictionary<string, string>? SubjectMappings { get; set; }
|
|
|
|
// MQTT configuration (parsed from config, no listener yet)
|
|
public MqttOptions? Mqtt { get; set; }
|
|
|
|
public bool HasTls => TlsCert != null && TlsKey != null;
|
|
|
|
// WebSocket
|
|
public WebSocketOptions WebSocket { get; set; } = new();
|
|
}
|
|
|
|
public sealed class WebSocketOptions
|
|
{
|
|
public string Host { get; set; } = "0.0.0.0";
|
|
public int Port { get; set; } = -1;
|
|
public string? Advertise { get; set; }
|
|
public string? NoAuthUser { get; set; }
|
|
public string? JwtCookie { get; set; }
|
|
public string? UsernameCookie { get; set; }
|
|
public string? PasswordCookie { get; set; }
|
|
public string? TokenCookie { get; set; }
|
|
public string? Username { get; set; }
|
|
public string? Password { get; set; }
|
|
public string? Token { get; set; }
|
|
public TimeSpan AuthTimeout { get; set; } = TimeSpan.FromSeconds(2);
|
|
public bool NoTls { get; set; }
|
|
public string? TlsCert { get; set; }
|
|
public string? TlsKey { get; set; }
|
|
public bool SameOrigin { get; set; }
|
|
public List<string>? AllowedOrigins { get; set; }
|
|
public bool Compression { get; set; }
|
|
public TimeSpan HandshakeTimeout { get; set; } = TimeSpan.FromSeconds(2);
|
|
public TimeSpan? PingInterval { get; set; }
|
|
public Dictionary<string, string>? Headers { get; set; }
|
|
}
|