oracle-watchdog

config

import "github.com/afreidah/oracle-watchdog/internal/config"

Index

type CloudflareConfig

CloudflareConfig identifies the Cloudflare API token env var and target zone used by the WAN DNS updater.

type CloudflareConfig struct {
    // APITokenEnv is the name of the environment variable that holds the
    // Cloudflare API token. The token must have DNS:Edit permission on the
    // configured zone.
    APITokenEnv string `yaml:"api_token_env"`

    // ZoneID is the Cloudflare zone identifier the record lives in.
    ZoneID string `yaml:"zone_id"`
}

type Config

Config holds oracle-watchdog configuration shared by monitor and agent modes. Each mode reads only the fields relevant to its responsibilities and validates them via the matching LoadAgent or LoadMonitor entry point.

type Config struct {
    // Timeout defines how long an Oracle node must be unresponsive before the
    // agent triggers a restart cycle.
    Timeout time.Duration `yaml:"timeout"`

    // CheckInterval defines how often the agent scans Consul for missing
    // session keys.
    CheckInterval time.Duration `yaml:"check_interval"`

    // ConsulAddress is the host:port of the Consul HTTP API used by the agent.
    ConsulAddress string `yaml:"consul_address"`

    // OCI holds Oracle Cloud authentication settings used by the agent when
    // issuing instance-action API calls.
    OCI OCIConfig `yaml:"oci"`

    // Nodes lists the Oracle instances the agent monitors and is allowed to
    // restart. Required for agent mode.
    Nodes []NodeConfig `yaml:"nodes"`

    // MaxRestartAttempts caps consecutive restarts per node before the agent
    // stops trying. Zero means unlimited; the per-node counter resets on
    // recovery.
    MaxRestartAttempts int `yaml:"max_restart_attempts"`

    // DryRun, when true, logs restart actions without executing them. Set via
    // the agent CLI flag rather than the YAML file.
    DryRun bool `yaml:"-"`

    // Wireguard configures the monitor-side endpoint resolver. Default-disabled
    // so deploys without a wireguard block continue to behave as before.
    Wireguard WireguardConfig `yaml:"wireguard"`

    // WanDNS configures the agent-side WAN-IP DDNS updater. Default-disabled.
    WanDNS WanDNSConfig `yaml:"wan_dns"`

    // Tracing configures OpenTelemetry trace export. Shared by both modes and
    // default-disabled; the -tracing CLI flag force-enables regardless.
    Tracing TracingConfig `yaml:"tracing"`
}

func LoadAgent

func LoadAgent(path string) (*Config, error)

LoadAgent reads agent-mode configuration. Requires the nodes list and OCI credentials. Wireguard and wan_dns blocks are validated only when enabled.

func LoadMonitor

func LoadMonitor(path string) (*Config, error)

LoadMonitor reads monitor-mode configuration. The config file is optional: when it does not exist, monitor runs with built-in defaults and no wireguard resolver, preserving the legacy env-only behaviour.

type NodeConfig

NodeConfig maps a Consul session name to an OCI instance the agent restarts.

type NodeConfig struct {
    // Name is the Consul session/node name reported by the matching monitor.
    Name string `yaml:"name"`

    // InstanceID is the OCID of the OCI compute instance.
    InstanceID string `yaml:"instance_id"`

    // CompartmentID is the OCID of the OCI compartment containing the instance.
    CompartmentID string `yaml:"compartment_id"`
}

type OCIConfig

OCIConfig holds Oracle Cloud authentication settings.

type OCIConfig struct {
    // ConfigPath is the filesystem path to an OCI SDK config file.
    ConfigPath string `yaml:"config_path"`

    // Profile is the named section within the OCI config file to use.
    Profile string `yaml:"profile"`
}

type TracingConfig

TracingConfig configures OpenTelemetry trace export. Shared by both modes.

type TracingConfig struct {
    // Enabled toggles tracer initialization. When false, and the -tracing CLI
    // override is unset, no tracer provider is installed.
    Enabled bool `yaml:"enabled"`

    // Endpoint is the OTLP/HTTP collector as a bare host:port with no scheme.
    // Empty falls back to OTEL_EXPORTER_OTLP_ENDPOINT, then a built-in default.
    Endpoint string `yaml:"endpoint"`
}

type WanDNSConfig

WanDNSConfig configures the agent-side WAN-IP DDNS updater. The Cloudflare API token is read from the environment variable named in Cloudflare.APITokenEnv to keep secrets out of this struct.

type WanDNSConfig struct {
    // Enabled toggles the updater. When false, the updater does not run and
    // other fields are ignored.
    Enabled bool `yaml:"enabled"`

    // Hostname is the DNS record updated when the WAN IP changes.
    Hostname string `yaml:"hostname"`

    // Cloudflare identifies the API token env var and target zone.
    Cloudflare CloudflareConfig `yaml:"cloudflare"`

    // DetectionProviders lists URLs queried in order to discover the current
    // WAN IPv4 address. Tried sequentially; the first parseable response wins.
    DetectionProviders []string `yaml:"detection_providers"`

    // PollInterval defines how often the WAN IP is rechecked.
    PollInterval time.Duration `yaml:"poll_interval"`

    // Cooldown is the minimum time between successive Cloudflare record
    // updates. Prevents flapping during ISP DHCP renewal storms.
    Cooldown time.Duration `yaml:"cooldown"`
}

type WireguardConfig

WireguardConfig configures the monitor-side endpoint resolver. The resolver updates the kernel WireGuard peer endpoint when the configured hostname resolves to a new IP.

type WireguardConfig struct {
    // Enabled toggles the endpoint resolver. When false, the resolver does not
    // run and other fields are ignored.
    Enabled bool `yaml:"enabled"`

    // Interface is the WireGuard interface name (typically "wg0").
    Interface string `yaml:"interface"`

    // PeerPubkey is the base64-encoded public key of the remote peer to track.
    PeerPubkey string `yaml:"peer_pubkey"`

    // EndpointHostname is the DNS name resolved on each tick. The resolver
    // uses the first IPv4 address returned to keep selection deterministic.
    EndpointHostname string `yaml:"endpoint_hostname"`

    // EndpointPort is the UDP port the WireGuard server listens on.
    EndpointPort int `yaml:"endpoint_port"`

    // ResolveInterval defines how often DNS is consulted.
    ResolveInterval time.Duration `yaml:"resolve_interval"`

    // StaleHandshakeThreshold forces an immediate endpoint update when the
    // most recent handshake is older than this even if the resolved IP did
    // not change. Catches "endpoint same, server moved hosts" cases.
    StaleHandshakeThreshold time.Duration `yaml:"stale_handshake_threshold"`
}

Generated by gomarkdoc