mirror of
https://github.com/grafana/grafana.git
synced 2024-11-29 12:14:08 -06:00
58678f5879
* Plugins: add option to disable TLS in the socks proxy * fix allow_insecure docs * upgrade github.com/grafana/grafana-plugin-sdk-go from v0.196.0 to v0.197.0 * fix conflicts
54 lines
1.5 KiB
Go
54 lines
1.5 KiB
Go
package setting
|
|
|
|
import (
|
|
"errors"
|
|
|
|
"gopkg.in/ini.v1"
|
|
)
|
|
|
|
type SecureSocksDSProxySettings struct {
|
|
Enabled bool
|
|
ShowUI bool
|
|
AllowInsecure bool
|
|
ClientCert string
|
|
ClientKey string
|
|
RootCA string
|
|
ProxyAddress string
|
|
ServerName string
|
|
}
|
|
|
|
func readSecureSocksDSProxySettings(iniFile *ini.File) (SecureSocksDSProxySettings, error) {
|
|
s := SecureSocksDSProxySettings{}
|
|
secureSocksProxySection := iniFile.Section("secure_socks_datasource_proxy")
|
|
s.Enabled = secureSocksProxySection.Key("enabled").MustBool(false)
|
|
s.ClientCert = secureSocksProxySection.Key("client_cert").MustString("")
|
|
s.ClientKey = secureSocksProxySection.Key("client_key").MustString("")
|
|
s.RootCA = secureSocksProxySection.Key("root_ca_cert").MustString("")
|
|
s.ProxyAddress = secureSocksProxySection.Key("proxy_address").MustString("")
|
|
s.ServerName = secureSocksProxySection.Key("server_name").MustString("")
|
|
s.ShowUI = secureSocksProxySection.Key("show_ui").MustBool(true)
|
|
s.AllowInsecure = secureSocksProxySection.Key("allow_insecure").MustBool(false)
|
|
|
|
if !s.Enabled {
|
|
return s, nil
|
|
}
|
|
|
|
if s.ProxyAddress == "" {
|
|
return s, errors.New("proxy address required")
|
|
}
|
|
|
|
// If the proxy is going to use TLS.
|
|
if !s.AllowInsecure {
|
|
// all fields must be specified to use the proxy
|
|
if s.RootCA == "" {
|
|
return s, errors.New("rootCA required")
|
|
} else if s.ClientCert == "" || s.ClientKey == "" {
|
|
return s, errors.New("client key pair required")
|
|
} else if s.ServerName == "" {
|
|
return s, errors.New("server name required")
|
|
}
|
|
}
|
|
|
|
return s, nil
|
|
}
|