add edge config and template

go.mod

@@ -5,7 +5,7 @@ go 1.20
 replace github.com/singchia/geminio => ../../moresec/singchia/geminio
 
 require (
-	github.com/jumboframes/armorigo v0.2.5
+	github.com/jumboframes/armorigo v0.3.0
 	github.com/singchia/geminio v1.1.0
 	github.com/singchia/go-timer/v2 v2.2.1
 	github.com/spf13/pflag v1.0.5

pkg/config/config.go

@@ -2,9 +2,11 @@ package config
 
 import (
 	"flag"
+	"io"
 	"os"
 	"strconv"
 
+	armio "github.com/jumboframes/armorigo/io"
 	"github.com/spf13/pflag"
 	"gopkg.in/yaml.v2"
 	"k8s.io/klog/v2"
@@ -31,24 +33,34 @@ type CertKey struct {
 }
 
 type TLS struct {
+	Enable  bool      `yaml:"enable"`
 	MTLS    bool      `yaml:"mtls"`
 	CACerts []string  `yaml:"ca_certs"` // ca certs paths
 	Certs   []CertKey `yaml:"certs"`    // certs paths
 }
 
 type Listen struct {
-	Network   string `yaml:"network"`
-	Addr      string `yaml:"addr"`
-	TLSEnable bool   `yaml:"tls_enable"`
-	TLS       TLS    `yaml:"tls"`
+	Network string `yaml:"network"`
+	Addr    string `yaml:"addr"`
+	TLS     TLS    `yaml:"tls"`
 }
 
+// edgebound
+// Bypass is for the lagecy gateway, this will split
+type Bypass struct {
+	Enable  bool   `yaml:"enable"`
+	Network string `yaml:"network"`
+	Addr    string `yaml:"addr"` // addr to dial
+	TLS     TLS    `yaml:"tls"`
+}
 type Edgebound struct {
 	Listen Listen `yaml:"listen"`
+	Bypass Bypass `yaml:"bypass"`
 	// alloc edgeID when no get_id function online
 	EdgeIDAllocWhenNoIDServiceOn bool `yaml:"edgeid_alloc_when_no_idservice_on"`
 }
 
+// servicebound
 type Servicebound struct {
 	Listen Listen `yaml:"listen"`
 }
@@ -137,3 +149,97 @@ func ParseFlags() (*Configuration, error) {
 
 	return config, nil
 }
+
+func genDefaultConfig(writer io.Writer) error {
+	conf := &Configuration{
+		Daemon: Daemon{
+			RLimit: RLimit{
+				NumFile: 1024,
+			},
+			PProf: PProf{
+				Addr: "0.0.0.0:6060",
+			},
+		},
+		Edgebound: Edgebound{
+			Listen: Listen{
+				Network: "tcp",
+				Addr:    "0.0.0.0:2432",
+				TLS: TLS{
+					Enable: true,
+					MTLS:   true,
+					CACerts: []string{
+						"ca1.cert",
+						"ca2.cert",
+					},
+					Certs: []CertKey{
+						{
+							Cert: "edgebound.cert",
+							Key:  "edgebound.key",
+						},
+					},
+				},
+			},
+			EdgeIDAllocWhenNoIDServiceOn: true,
+			Bypass: Bypass{
+				Enable:  true,
+				Network: "tcp",
+				Addr:    "192.168.1.10:8443",
+				TLS: TLS{
+					Enable: true,
+					MTLS:   true,
+					CACerts: []string{
+						"ca1.cert",
+					},
+					Certs: []CertKey{
+						{
+							Cert: "frontier.cert",
+							Key:  "frontier.key",
+						},
+					},
+				},
+			},
+		},
+		Servicebound: Servicebound{
+			Listen: Listen{
+				Network: "tcp",
+				Addr:    "0.0.0.0:2431",
+				TLS: TLS{
+					Enable: true,
+					MTLS:   true,
+					CACerts: []string{
+						"ca1.cert",
+						"ca2.cert",
+					},
+					Certs: []CertKey{
+						{
+							Cert: "servicebound.cert",
+							Key:  "servicebound.key",
+						},
+					},
+				},
+			},
+		},
+		Log: Log{
+			LogDir:           "/app/log",
+			LogFile:          "frontier.log",
+			LogFileMaxSizeMB: 100,
+			ToStderr:         false,
+			AlsoToStderr:     false,
+			Verbosity:        4,
+			AddDirHeader:     true,
+			SkipHeaders:      true,
+			OneOutput:        true,
+			SkipLogHeaders:   true,
+			StderrThreshold:  1024,
+		},
+	}
+	data, err := yaml.Marshal(conf)
+	if err != nil {
+		return err
+	}
+	_, err = armio.WriteAll(data, writer)
+	if err != nil {
+		return err
+	}
+	return nil
+}

pkg/config/config.yaml

@@ -0,0 +1,56 @@
+daemon:
+  rlimit:
+    nofile: 1024
+  pprof:
+    addr: 0.0.0.0:6060
+edgebound:
+  listen:
+    network: tcp
+    addr: 0.0.0.0:2432
+    tls:
+      enable: true
+      mtls: true
+      ca_certs:
+      - ca1.cert
+      - ca2.cert
+      certs:
+      - cert: edgebound.cert
+        key: edgebound.key
+  bypass:
+    enable: true
+    network: tcp
+    addr: 192.168.1.10:8443
+    tls:
+      enable: true
+      mtls: true
+      ca_certs:
+      - ca1.cert
+      certs:
+      - cert: frontier.cert
+        key: frontier.key
+  edgeid_alloc_when_no_idservice_on: true
+servicebound:
+  listen:
+    network: tcp
+    addr: 0.0.0.0:2431
+    tls:
+      enable: true
+      mtls: true
+      ca_certs:
+      - ca1.cert
+      - ca2.cert
+      certs:
+      - cert: servicebound.cert
+        key: servicebound.key
+log:
+  log_dir: /app/log
+  log_file: frontier.log
+  log_file_max_size: 100
+  logtostderr: false
+  alsologtostderr: false
+  verbosity: 4
+  add_dir_header: true
+  skip_headers: true
+  one_output: true
+  skip_log_headers: true
+  stderrthreshold: 1024

pkg/config/config_test.go

@@ -1,8 +1,11 @@
 package config
 
 import (
+	"os"
 	"reflect"
 	"testing"
+
+	"gopkg.in/yaml.v2"
 )
 
 func TestParseFlags(t *testing.T) {
@@ -36,3 +39,36 @@ func TestParseFlags(t *testing.T) {
 		})
 	}
 }
+
+func TestParseFile(t *testing.T) {
+	conf := &Configuration{
+		Daemon: Daemon{
+			RLimit: RLimit{
+				NumFile: 1024,
+			},
+			PProf: PProf{
+				Addr: "0.0.0.0:6060",
+			},
+		},
+		Edgebound:    Edgebound{},
+		Servicebound: Servicebound{},
+		Log:          Log{},
+	}
+	_, err := yaml.Marshal(conf)
+	if err != nil {
+		t.Error(err)
+		return
+	}
+}
+
+func TestGenDefaultConfig(t *testing.T) {
+	file, err := os.OpenFile("./config.yaml", os.O_CREATE|os.O_RDWR, 0666)
+	if err != nil {
+		t.Error(err)
+	}
+	defer file.Close()
+	err = genDefaultConfig(file)
+	if err != nil {
+		t.Error(err)
+	}
+}

pkg/edgebound/edge_manager.go

@@ -84,7 +84,7 @@ func newedgeManager(conf *config.Configuration, dao *dao.Dao, informer EdgeInfor
 		informer:  informer,
 	}
 
-	if !conf.Edgebound.Listen.TLSEnable {
+	if !conf.Edgebound.Listen.TLS.Enable {
 		if ln, err = net.Listen(network, addr); err != nil {
 			klog.Errorf("net listen err: %s, network: %s, addr: %s", err, network, addr)
 			return nil, err