storj/uplink/config.go

// Copyright (C) 2019 Storj Labs, Inc.
// See LICENSE for copying information.

package uplink

import (
	"io/ioutil"
	"strings"
	"time"

	"github.com/zeebo/errs"
	"gopkg.in/spacemonkeygo/monkit.v2"

	libuplink "storj.io/storj/lib/uplink"
	"storj.io/storj/pkg/peertls/tlsopts"
	"storj.io/storj/pkg/storj"
	"storj.io/storj/private/memory"
)

var mon = monkit.Package()

// RSConfig is a configuration struct that keeps details about default
// redundancy strategy information
type RSConfig struct {
	MaxBufferMem     memory.Size `help:"maximum buffer memory (in bytes) to be allocated for read buffers" default:"4MiB" hidden:"true"`
	ErasureShareSize memory.Size `help:"the size of each new erasure share in bytes" default:"256B" hidden:"true"`
	MinThreshold     int         `help:"the minimum pieces required to recover a segment. k." releaseDefault:"29" devDefault:"4" hidden:"true"`
	RepairThreshold  int         `help:"the minimum safe pieces before a repair is triggered. m." releaseDefault:"35" devDefault:"6" hidden:"true"`
	SuccessThreshold int         `help:"the desired total pieces for a segment. o." releaseDefault:"80" devDefault:"8" hidden:"true"`
	MaxThreshold     int         `help:"the largest amount of pieces to encode to. n." releaseDefault:"95" devDefault:"10" hidden:"true"`
}

// EncryptionConfig is a configuration struct that keeps details about
// encrypting segments
type EncryptionConfig struct {
	DataType int `help:"Type of encryption to use for content and metadata (2=AES-GCM, 3=SecretBox)" default:"2"`
	PathType int `help:"Type of encryption to use for paths (1=Unencrypted, 2=AES-GCM, 3=SecretBox)" default:"2"`
}

// ClientConfig is a configuration struct for the uplink that controls how
// to talk to the rest of the network.
type ClientConfig struct {
	MaxInlineSize memory.Size   `help:"max inline segment size in bytes" default:"4KiB"`
	SegmentSize   memory.Size   `help:"the size of a segment in bytes" default:"64MiB"`
	DialTimeout   time.Duration `help:"timeout for dials" default:"0h2m00s"`
}

// Config uplink configuration
type Config struct {
	ScopeConfig
	Client ClientConfig
	RS     RSConfig
	Enc    EncryptionConfig
	TLS    tlsopts.Config
}

// ScopeConfig holds information about which scopes exist and are selected.
type ScopeConfig struct {
	Scopes map[string]string `internal:"true"`
	Scope  string            `help:"the serialized scope, or name of the scope to use" default:""`

	Legacy // Holds on to legacy configuration values
}

// Legacy holds deprecated configuration values
type Legacy struct {
	Client struct {
		APIKey        string `default:"" help:"the api key to use for the satellite (deprecated)" noprefix:"true" deprecated:"true"`
		SatelliteAddr string `releaseDefault:"127.0.0.1:7777" devDefault:"127.0.0.1:10000" help:"the address to use for the satellite (deprecated)" noprefix:"true"`
	}
	Enc struct {
		EncryptionKey     string `help:"the root key for encrypting the data which will be stored in KeyFilePath (deprecated)" setup:"true" deprecated:"true"`
		KeyFilepath       string `help:"the path to the file which contains the root key for encrypting the data (deprecated)" deprecated:"true"`
		EncAccessFilepath string `help:"the path to a file containing a serialized encryption access (deprecated)" deprecated:"true"`
	}
}

// GetScope returns the appropriate scope for the config.
func (c ScopeConfig) GetScope() (_ *libuplink.Scope, err error) {
	defer mon.Task()(nil)(&err)

	// if a scope exists for that name, try to load it.
	if data, ok := c.Scopes[c.Scope]; ok && c.Scope != "" {
		return libuplink.ParseScope(data)
	}

	// Otherwise, try to load the scope name as a serialized scope.
	if scope, err := libuplink.ParseScope(c.Scope); err == nil {
		return scope, nil
	}

	// fall back to trying to load the legacy values.
	apiKey, err := libuplink.ParseAPIKey(c.Legacy.Client.APIKey)
	if err != nil {
		return nil, err
	}

	satelliteAddr := c.Legacy.Client.SatelliteAddr
	if satelliteAddr == "" {
		return nil, errs.New("must specify a satellite address")
	}

	var encAccess *libuplink.EncryptionAccess
	if c.Legacy.Enc.EncAccessFilepath != "" {
		data, err := ioutil.ReadFile(c.Legacy.Enc.EncAccessFilepath)
		if err != nil {
			return nil, errs.Wrap(err)
		}
		encAccess, err = libuplink.ParseEncryptionAccess(strings.TrimSpace(string(data)))
		if err != nil {
			return nil, err
		}
	} else {
		data := []byte(c.Legacy.Enc.EncryptionKey)
		if c.Legacy.Enc.KeyFilepath != "" {
			data, err = ioutil.ReadFile(c.Legacy.Enc.KeyFilepath)
			if err != nil {
				return nil, errs.Wrap(err)
			}
		}
		key, err := storj.NewKey(data)
		if err != nil {
			return nil, errs.Wrap(err)
		}
		encAccess = libuplink.NewEncryptionAccessWithDefaultKey(*key)
	}

	return &libuplink.Scope{
		APIKey:           apiKey,
		SatelliteAddr:    satelliteAddr,
		EncryptionAccess: encAccess,
	}, nil
}

// GetRedundancyScheme returns the configured redundancy scheme for new uploads
func (c Config) GetRedundancyScheme() storj.RedundancyScheme {
	return storj.RedundancyScheme{
		Algorithm:      storj.ReedSolomon,
		ShareSize:      c.RS.ErasureShareSize.Int32(),
		RequiredShares: int16(c.RS.MinThreshold),
		RepairShares:   int16(c.RS.RepairThreshold),
		OptimalShares:  int16(c.RS.SuccessThreshold),
		TotalShares:    int16(c.RS.MaxThreshold),
	}
}

// GetPathCipherSuite returns the cipher suite used for path encryption for bucket objects
func (c Config) GetPathCipherSuite() storj.CipherSuite {
	return storj.CipherSuite(c.Enc.PathType)
}

// GetEncryptionParameters returns the configured encryption scheme for new uploads
// Blocksize should align with the stripe size therefore multiples of stripes
// should fit in every encryption block. Instead of lettings users configure this
// multiple value, we hardcode stripesPerBlock as 2 for simplicity.
func (c Config) GetEncryptionParameters() storj.EncryptionParameters {
	const stripesPerBlock = 2
	return storj.EncryptionParameters{
		CipherSuite: storj.CipherSuite(c.Enc.DataType),
		BlockSize:   c.GetRedundancyScheme().StripeSize() * stripesPerBlock,
	}
}

// GetSegmentSize returns the segment size set in uplink config
func (c Config) GetSegmentSize() memory.Size {
	return c.Client.SegmentSize
}
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`// Copyright (C) 2019 Storj Labs, Inc.`
			`// See LICENSE for copying information.`

			`package uplink`

			`import (`
cmd/uplink: use scopes to open (#2501) What: Change cmd/uplink to use scopes It moves the fields that will be subsumed by scopes into an explicit legacy section and hides their configuration flags. Why: So that it can read scopes in from files and stuff 2019-08-05 18:01:20 +01:00			`"io/ioutil"`
			`"strings"`
Download is hanging when one node is not responsive (#1764) Change closes download connection in parallel and sets a timeout for communication between uplink and storage node 2019-04-25 09:17:26 +01:00			`"time"`
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00
cmd/uplink: use scopes to open (#2501) What: Change cmd/uplink to use scopes It moves the fields that will be subsumed by scopes into an explicit legacy section and hides their configuration flags. Why: So that it can read scopes in from files and stuff 2019-08-05 18:01:20 +01:00			`"github.com/zeebo/errs"`
			`"gopkg.in/spacemonkeygo/monkit.v2"`

			`libuplink "storj.io/storj/lib/uplink"`
pkg/transport: require tls configuration for dialing (#1286) * separate TLS options from server options (because we need them for dialing too) * stop creating transports in multiple places * ensure that we actually check revocation, whitelists, certificate signing, etc, for all connections. 2019-02-11 11:17:32 +00:00			`"storj.io/storj/pkg/peertls/tlsopts"`
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`"storj.io/storj/pkg/storj"`
private: rename internal to private (#3573) 2019-11-14 19:46:15 +00:00			`"storj.io/storj/private/memory"`
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`)`

cmd/uplink: use scopes to open (#2501) What: Change cmd/uplink to use scopes It moves the fields that will be subsumed by scopes into an explicit legacy section and hides their configuration flags. Why: So that it can read scopes in from files and stuff 2019-08-05 18:01:20 +01:00			`var mon = monkit.Package()`

Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`// RSConfig is a configuration struct that keeps details about default`
			`// redundancy strategy information`
			`type RSConfig struct {`
add support to hide config settings (#2241) * add hide support for config settings * updates per CR to unit test * check err for lint 2019-06-19 15:27:44 +01:00			MaxBufferMem memory.Size `help:"maximum buffer memory (in bytes) to be allocated for read buffers" default:"4MiB" hidden:"true"`
			ErasureShareSize memory.Size `help:"the size of each new erasure share in bytes" default:"256B" hidden:"true"`
			MinThreshold int `help:"the minimum pieces required to recover a segment. k." releaseDefault:"29" devDefault:"4" hidden:"true"`
			RepairThreshold int `help:"the minimum safe pieces before a repair is triggered. m." releaseDefault:"35" devDefault:"6" hidden:"true"`
			SuccessThreshold int `help:"the desired total pieces for a segment. o." releaseDefault:"80" devDefault:"8" hidden:"true"`
satellite/metainfo: support a wider range of values for RS.Total in satellite metainfo validation (#3431) change uplink RS default configuration from 130 to 95 2019-10-31 19:04:33 +00:00			MaxThreshold int `help:"the largest amount of pieces to encode to. n." releaseDefault:"95" devDefault:"10" hidden:"true"`
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`}`

			`// EncryptionConfig is a configuration struct that keeps details about`
			`// encrypting segments`
			`type EncryptionConfig struct {`
cmd/uplink: use scopes to open (#2501) What: Change cmd/uplink to use scopes It moves the fields that will be subsumed by scopes into an explicit legacy section and hides their configuration flags. Why: So that it can read scopes in from files and stuff 2019-08-05 18:01:20 +01:00			DataType int `help:"Type of encryption to use for content and metadata (2=AES-GCM, 3=SecretBox)" default:"2"`
			PathType int `help:"Type of encryption to use for paths (1=Unencrypted, 2=AES-GCM, 3=SecretBox)" default:"2"`
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`}`

			`// ClientConfig is a configuration struct for the uplink that controls how`
			`// to talk to the rest of the network.`
			`type ClientConfig struct {`
pkg/rpc: remove read/write deadlines as a mechanism for request timeouts (#3335) libuplink was incorrectly setting timeouts to 10 seconds still, but should have been at least 10 minutes. the order sender was setting them to 1 hour. we don't want timeouts in uplink-side logic as it establishes a minimum rate on tcp streams. instead of all of this, just use tcp keep alive. tcp keep alive packets are sent every 15 seconds and if the peer stops responding the connection dies. this is enabled by default with go. this will kill tcp connections when they stop working. Change-Id: I3d7ad49f71950b3eb43044eedf4b17993116045b 2019-10-23 00:57:24 +01:00			MaxInlineSize memory.Size `help:"max inline segment size in bytes" default:"4KiB"`
			SegmentSize memory.Size `help:"the size of a segment in bytes" default:"64MiB"`
			DialTimeout time.Duration `help:"timeout for dials" default:"0h2m00s"`
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`}`

			`// Config uplink configuration`
			`type Config struct {`
cmd/uplink: use scopes to open (#2501) What: Change cmd/uplink to use scopes It moves the fields that will be subsumed by scopes into an explicit legacy section and hides their configuration flags. Why: So that it can read scopes in from files and stuff 2019-08-05 18:01:20 +01:00			`ScopeConfig`
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`Client ClientConfig`
			`RS RSConfig`
			`Enc EncryptionConfig`
pkg/transport: require tls configuration for dialing (#1286) * separate TLS options from server options (because we need them for dialing too) * stop creating transports in multiple places * ensure that we actually check revocation, whitelists, certificate signing, etc, for all connections. 2019-02-11 11:17:32 +00:00			`TLS tlsopts.Config`
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`}`

cmd/uplink: use scopes to open (#2501) What: Change cmd/uplink to use scopes It moves the fields that will be subsumed by scopes into an explicit legacy section and hides their configuration flags. Why: So that it can read scopes in from files and stuff 2019-08-05 18:01:20 +01:00			`// ScopeConfig holds information about which scopes exist and are selected.`
			`type ScopeConfig struct {`
			Scopes map[string]string `internal:"true"`
			Scope string `help:"the serialized scope, or name of the scope to use" default:""`

			`Legacy // Holds on to legacy configuration values`
			`}`

			`// Legacy holds deprecated configuration values`
			`type Legacy struct {`
			`Client struct {`
			APIKey string `default:"" help:"the api key to use for the satellite (deprecated)" noprefix:"true" deprecated:"true"`
			SatelliteAddr string `releaseDefault:"127.0.0.1:7777" devDefault:"127.0.0.1:10000" help:"the address to use for the satellite (deprecated)" noprefix:"true"`
			`}`
			`Enc struct {`
			EncryptionKey string `help:"the root key for encrypting the data which will be stored in KeyFilePath (deprecated)" setup:"true" deprecated:"true"`
			KeyFilepath string `help:"the path to the file which contains the root key for encrypting the data (deprecated)" deprecated:"true"`
			EncAccessFilepath string `help:"the path to a file containing a serialized encryption access (deprecated)" deprecated:"true"`
			`}`
			`}`

			`// GetScope returns the appropriate scope for the config.`
			`func (c ScopeConfig) GetScope() (_ *libuplink.Scope, err error) {`
			`defer mon.Task()(nil)(&err)`

			`// if a scope exists for that name, try to load it.`
			`if data, ok := c.Scopes[c.Scope]; ok && c.Scope != "" {`
			`return libuplink.ParseScope(data)`
			`}`

			`// Otherwise, try to load the scope name as a serialized scope.`
			`if scope, err := libuplink.ParseScope(c.Scope); err == nil {`
			`return scope, nil`
			`}`

			`// fall back to trying to load the legacy values.`
			`apiKey, err := libuplink.ParseAPIKey(c.Legacy.Client.APIKey)`
			`if err != nil {`
			`return nil, err`
			`}`

			`satelliteAddr := c.Legacy.Client.SatelliteAddr`
			`if satelliteAddr == "" {`
			`return nil, errs.New("must specify a satellite address")`
			`}`

			`var encAccess *libuplink.EncryptionAccess`
			`if c.Legacy.Enc.EncAccessFilepath != "" {`
			`data, err := ioutil.ReadFile(c.Legacy.Enc.EncAccessFilepath)`
			`if err != nil {`
			`return nil, errs.Wrap(err)`
			`}`
			`encAccess, err = libuplink.ParseEncryptionAccess(strings.TrimSpace(string(data)))`
			`if err != nil {`
			`return nil, err`
			`}`
			`} else {`
			`data := []byte(c.Legacy.Enc.EncryptionKey)`
			`if c.Legacy.Enc.KeyFilepath != "" {`
			`data, err = ioutil.ReadFile(c.Legacy.Enc.KeyFilepath)`
			`if err != nil {`
			`return nil, errs.Wrap(err)`
			`}`
			`}`
			`key, err := storj.NewKey(data)`
			`if err != nil {`
			`return nil, errs.Wrap(err)`
			`}`
			`encAccess = libuplink.NewEncryptionAccessWithDefaultKey(*key)`
			`}`

			`return &libuplink.Scope{`
			`APIKey: apiKey,`
			`SatelliteAddr: satelliteAddr,`
			`EncryptionAccess: encAccess,`
			`}, nil`
			`}`

Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`// GetRedundancyScheme returns the configured redundancy scheme for new uploads`
			`func (c Config) GetRedundancyScheme() storj.RedundancyScheme {`
			`return storj.RedundancyScheme{`
			`Algorithm: storj.ReedSolomon,`
makes sure all uplink cli configs get passed to libuplink, add stripeSize (#2103) * makes sure all uplink cli configs get passed to libuplink, add stripSize * update comment * update defaults for uplink config blocksize * changes per CR, update uplink config defaults * pass shareSize from uplink config * move block size validation to kvmeta pkg * fix tests * shareSize default 1k, rm config option blocksize * rm printing err to stdout 2019-06-06 19:55:10 +01:00			`ShareSize: c.RS.ErasureShareSize.Int32(),`
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`RequiredShares: int16(c.RS.MinThreshold),`
			`RepairShares: int16(c.RS.RepairThreshold),`
			`OptimalShares: int16(c.RS.SuccessThreshold),`
			`TotalShares: int16(c.RS.MaxThreshold),`
			`}`
			`}`

makes sure all uplink cli configs get passed to libuplink, add stripeSize (#2103) * makes sure all uplink cli configs get passed to libuplink, add stripSize * update comment * update defaults for uplink config blocksize * changes per CR, update uplink config defaults * pass shareSize from uplink config * move block size validation to kvmeta pkg * fix tests * shareSize default 1k, rm config option blocksize * rm printing err to stdout 2019-06-06 19:55:10 +01:00			`// GetPathCipherSuite returns the cipher suite used for path encryption for bucket objects`
			`func (c Config) GetPathCipherSuite() storj.CipherSuite {`
Rename/remove EncryptionScheme -> EncryptionParame… (#2363) * rename/remove EncryptionScheme -> EncryptionParameters 2019-07-03 19:07:44 +01:00			`return storj.CipherSuite(c.Enc.PathType)`
makes sure all uplink cli configs get passed to libuplink, add stripeSize (#2103) * makes sure all uplink cli configs get passed to libuplink, add stripSize * update comment * update defaults for uplink config blocksize * changes per CR, update uplink config defaults * pass shareSize from uplink config * move block size validation to kvmeta pkg * fix tests * shareSize default 1k, rm config option blocksize * rm printing err to stdout 2019-06-06 19:55:10 +01:00			`}`

Rename/remove EncryptionScheme -> EncryptionParame… (#2363) * rename/remove EncryptionScheme -> EncryptionParameters 2019-07-03 19:07:44 +01:00			`// GetEncryptionParameters returns the configured encryption scheme for new uploads`
add const stripesPerBlock const to calc blocksize (#2163) * add const stripesPerBlock, update comments in Pad, add speed to progressbar * change size of erasure share size, update comments * missing copyright * update tests with stripesPerBlock 2019-06-11 18:14:05 +01:00			`// Blocksize should align with the stripe size therefore multiples of stripes`
			`// should fit in every encryption block. Instead of lettings users configure this`
			`// multiple value, we hardcode stripesPerBlock as 2 for simplicity.`
Rename/remove EncryptionScheme -> EncryptionParame… (#2363) * rename/remove EncryptionScheme -> EncryptionParameters 2019-07-03 19:07:44 +01:00			`func (c Config) GetEncryptionParameters() storj.EncryptionParameters {`
add const stripesPerBlock const to calc blocksize (#2163) * add const stripesPerBlock, update comments in Pad, add speed to progressbar * change size of erasure share size, update comments * missing copyright * update tests with stripesPerBlock 2019-06-11 18:14:05 +01:00			`const stripesPerBlock = 2`
Rename/remove EncryptionScheme -> EncryptionParame… (#2363) * rename/remove EncryptionScheme -> EncryptionParameters 2019-07-03 19:07:44 +01:00			`return storj.EncryptionParameters{`
			`CipherSuite: storj.CipherSuite(c.Enc.DataType),`
			`BlockSize: c.GetRedundancyScheme().StripeSize() * stripesPerBlock,`
Move metainfo config (#1234) * Move metainfo config * move config to uplink * reorganize code * use satellite apikey * comment update 2019-02-08 12:57:35 +00:00			`}`
			`}`
Change where the encryption key is being stored for uplink (#1967) * uplink: Add a new flag to set the filepath of the file which is used for saving the encryption key and rename the one that hold the encryption key and establish that it has priority over the key stored in the file to make the configuration usable without having a huge refactoring in test-sim. * cmd/uplink: Adapt the setup subcommand for storing the user input key to a file and adapt the rest of the subcommands for reading the key from the key-file when the key isn't explicitly set with a command line flag. * cmd/gateway: Adapt it to read the encryption key from the key-file or use the one passed by a command line flag. * pkg/process: Export the default configuration filename so other packages which use the same value can reference to it rather than having it hardcoded. * Adapt several integrations (scripts, etc.) to consider the changes applied in uplink and cmd packages. 2019-05-22 14:57:12 +01:00
makes sure all uplink cli configs get passed to libuplink, add stripeSize (#2103) * makes sure all uplink cli configs get passed to libuplink, add stripSize * update comment * update defaults for uplink config blocksize * changes per CR, update uplink config defaults * pass shareSize from uplink config * move block size validation to kvmeta pkg * fix tests * shareSize default 1k, rm config option blocksize * rm printing err to stdout 2019-06-06 19:55:10 +01:00			`// GetSegmentSize returns the segment size set in uplink config`
			`func (c Config) GetSegmentSize() memory.Size {`
			`return c.Client.SegmentSize`
			`}`