def _sig_toml(self, topo_id, topo):
name = 'sig%s' % topo_id.file_fmt()
net = self.args.networks[name][0]
log_level = 'debug'
ipv = 'ipv4'
if ipv not in net:
ipv = 'ipv6'
sciond_net = self.args.networks["sd" + topo_id.file_fmt()][0]
ipv = 'ipv4'
if ipv not in sciond_net:
ipv = 'ipv6'
sciond_ip = sciond_net[ipv]
sig_conf = {
'gateway': {
'id': name,
'traffic_policy_file': 'conf/sig.json',
'ctrl_addr': str(net[ipv]),
},
'sciond_connection': {
'address': socket_address_str(sciond_ip, SD_API_PORT),
},
'log': {
'console': {
'level': log_level,
}
},
'metrics': {
'prometheus': '0.0.0.0:%s' % SIG_PROM_PORT
},
'features': translate_features(self.args.features),
}
path = os.path.join(topo_id.base_dir(self.args.output_dir), SIG_CONFIG_NAME)
write_file(path, toml.dumps(sig_conf))
def _build_sciond_conf(self, topo_id, ia, base):
name = sciond_name(topo_id)
config_dir = '/share/conf' if self.args.docker else base
ip = sciond_ip(self.args.docker, topo_id, self.args.networks)
raw_entry = {
'general': {
'id': name,
'config_dir': config_dir,
'reconnect_to_dispatcher': True,
},
'log': self._log_entry(name),
'trust_db': {
'connection': os.path.join(self.db_dir, '%s.trust.db' % name),
},
'path_db': {
'connection': os.path.join(self.db_dir, '%s.path.db' % name),
},
'drkey_db': {
'connection': os.path.join(self.db_dir, '%s.drkey.db' % name),
},
'sd': {
'address': socket_address_str(ip, SD_API_PORT),
'bind_dialer_to_address': True,
},
'tracing': self._tracing_entry(),
'metrics': {
'prometheus': socket_address_str(ip, SCIOND_PROM_PORT)
},
'features': translate_features(self.args.features),
'api': {
'addr': socket_address_str(ip, SD_API_PORT + 700),
}
}
return raw_entry
def _build_control_service_conf(self, topo_id, ia, base, name, infra_elem, ca):
config_dir = '/share/conf' if self.args.docker else base
raw_entry = {
'general': {
'id': name,
'config_dir': config_dir,
'reconnect_to_dispatcher': True,
},
'log': self._log_entry(name),
'trust_db': {
'connection': os.path.join(self.db_dir, '%s.trust.db' % name),
},
'beacon_db': {
'connection': os.path.join(self.db_dir, '%s.beacon.db' % name),
},
'path_db': {
'connection': os.path.join(self.db_dir, '%s.path.db' % name),
},
'tracing': self._tracing_entry(),
'metrics': self._metrics_entry(infra_elem, CS_PROM_PORT),
'features': translate_features(self.args.features),
}
if ca:
raw_entry['renewal_db'] = {
'connection': os.path.join(self.db_dir, '%s.renewal.db' % name),
}
return raw_entry
def _build_disp_conf(self, name, topo_id=None):
prometheus_addr = prom_addr_dispatcher(self.args.docker, topo_id,
self.args.networks, DISP_PROM_PORT, name)
return {
'dispatcher': {
'id': name,
},
'log': self._log_entry(name),
'metrics': {
'prometheus': prometheus_addr,
},
'features': translate_features(self.args.features),
}
def _build_br_conf(self, topo_id, ia, base, name, v):
config_dir = '/share/conf' if self.args.docker else base
raw_entry = {
'general': {
'id': name,
'config_dir': config_dir,
},
'log': self._log_entry(name),
'metrics': {
'prometheus': prom_addr(v['internal_addr'], DEFAULT_BR_PROM_PORT),
},
'features': translate_features(self.args.features),
}
return raw_entry
def _build_control_service_conf(self, topo_id, ia, base, name, infra_elem,
ca):
config_dir = '/share/conf' if self.args.docker else base
sd_ip = sciond_ip(self.args.docker, topo_id, self.args.networks)
raw_entry = {
'general': {
'id': name,
'config_dir': config_dir,
'reconnect_to_dispatcher': True,
},
'log': self._log_entry(name),
'trust_db': {
'connection': os.path.join(self.db_dir, '%s.trust.db' % name),
},
'beacon_db': {
'connection': os.path.join(self.db_dir, '%s.beacon.db' % name),
},
'path_db': {
'connection': os.path.join(self.db_dir, '%s.path.db' % name),
},
'drkey': {
'cert_file':
os.path.join(base, 'crypto', 'as',
f'{topo_id.ISD()}-{topo_id.AS_file()}.pem'),
'key_file':
os.path.join(base, 'crypto', 'as', 'cp-as.key'),
'drkey_db': {
'connection': os.path.join(self.db_dir,
'%s.drkey.db' % name),
},
'delegation': {
'colibri':
[str(sd_ip)
], # local daemon must be able to get the colibri DS
'piskes':
[str(sd_ip)], # local daemon must be able to use piskes
},
},
'tracing': self._tracing_entry(),
'metrics': self._metrics_entry(infra_elem, CS_PROM_PORT),
'api': self._api_entry(infra_elem, CS_PROM_PORT + 700),
'features': translate_features(self.args.features),
}
if ca:
raw_entry['ca'] = {'mode': 'in-process'}
return raw_entry
def _build_co_conf(self, topo_id, ia, base, name, infra_elem):
config_dir = '/share/conf' if self.args.docker else base
raw_entry = {
'general': {
'ID': name,
'ConfigDir': config_dir,
'ReconnectToDispatcher': True,
},
'log': self._log_entry(name),
'trust_db': {
'connection': os.path.join(self.db_dir, '%s.trust.db' % name),
},
'tracing': self._tracing_entry(),
'metrics': self._metrics_entry(infra_elem, CO_PROM_PORT),
'features': translate_features(self.args.features),
}
return raw_entry
