Pierre HUBERT
c7de64cc02
All checks were successful
continuous-integration/drone/push Build is passing
Make it possible to create token authorized to query predetermined set of routes. Reviewed-on: #9 Co-authored-by: Pierre HUBERT <pierre.git@communiquons.org> Co-committed-by: Pierre HUBERT <pierre.git@communiquons.org>
110 lines
3.0 KiB
Rust
110 lines
3.0 KiB
Rust
/// Name of the cookie that contains session information
|
|
pub const SESSION_COOKIE_NAME: &str = "X-auth-token";
|
|
|
|
/// Maximum session duration after inactivity, in seconds
|
|
pub const MAX_INACTIVITY_DURATION: u64 = 60 * 30;
|
|
|
|
/// Maximum session duration (6 hours)
|
|
pub const MAX_SESSION_DURATION: u64 = 3600 * 6;
|
|
|
|
/// The routes that can be accessed without authentication
|
|
pub const ROUTES_WITHOUT_AUTH: [&str; 5] = [
|
|
"/",
|
|
"/api/server/static_config",
|
|
"/api/auth/local",
|
|
"/api/auth/start_oidc",
|
|
"/api/auth/finish_oidc",
|
|
];
|
|
|
|
/// Allowed ISO mimetypes
|
|
pub const ALLOWED_ISO_MIME_TYPES: [&str; 3] = [
|
|
"application/x-cd-image",
|
|
"application/x-iso9660-image",
|
|
"application/octet-stream",
|
|
];
|
|
|
|
/// ISO max size
|
|
pub const ISO_MAX_SIZE: usize = 10 * 1000 * 1000 * 1000;
|
|
|
|
/// Min VM memory size (MB)
|
|
pub const MIN_VM_MEMORY: usize = 100;
|
|
|
|
/// Max VM memory size (MB)
|
|
pub const MAX_VM_MEMORY: usize = 64000;
|
|
|
|
/// Disk name min length
|
|
pub const DISK_NAME_MIN_LEN: usize = 2;
|
|
|
|
/// Disk name max length
|
|
pub const DISK_NAME_MAX_LEN: usize = 10;
|
|
|
|
/// Disk size min (MB)
|
|
pub const DISK_SIZE_MIN: usize = 100;
|
|
|
|
/// Disk size max (MB)
|
|
pub const DISK_SIZE_MAX: usize = 1000 * 1000 * 2;
|
|
|
|
/// Net nat entry comment max size
|
|
pub const NET_NAT_COMMENT_MAX_SIZE: usize = 250;
|
|
|
|
/// Network mac address default prefix
|
|
pub const NET_MAC_ADDR_PREFIX: &str = "52:54:00";
|
|
|
|
/// Built-in network filter rules
|
|
pub const BUILTIN_NETWORK_FILTER_RULES: [&str; 24] = [
|
|
"allow-arp",
|
|
"allow-dhcp",
|
|
"allow-dhcp-server",
|
|
"allow-dhcpv6",
|
|
"allow-dhcpv6-server",
|
|
"allow-incoming-ipv4",
|
|
"allow-incoming-ipv6",
|
|
"allow-ipv4",
|
|
"allow-ipv6",
|
|
"clean-traffic",
|
|
"clean-traffic-gateway",
|
|
"no-arp-ip-spoofing",
|
|
"no-arp-mac-spoofing",
|
|
"no-arp-spoofing",
|
|
"no-ip-multicast",
|
|
"no-ip-spoofing",
|
|
"no-ipv6-multicast",
|
|
"no-ipv6-spoofing",
|
|
"no-mac-broadcast",
|
|
"no-mac-spoofing",
|
|
"no-other-l2-traffic",
|
|
"no-other-rarp-traffic",
|
|
"qemu-announce-self",
|
|
"qemu-announce-self-rarp",
|
|
];
|
|
|
|
/// List of valid network chains
|
|
pub const NETWORK_CHAINS: [&str; 8] = ["root", "mac", "stp", "vlan", "arp", "rarp", "ipv4", "ipv6"];
|
|
|
|
/// Directory where nat rules are stored, inside storage directory
|
|
pub const STORAGE_NAT_DIR: &str = "nat";
|
|
|
|
/// Environment variable that is set to run VirtWeb in NAT configuration mode
|
|
pub const NAT_MODE_ENV_VAR_NAME: &str = "NAT_MODE";
|
|
|
|
/// Nat hook file path
|
|
pub const NAT_HOOK_PATH: &str = "/etc/libvirt/hooks/network";
|
|
|
|
/// Directory where API tokens are stored, inside storage directory
|
|
pub const STORAGE_TOKENS_DIR: &str = "tokens";
|
|
|
|
/// API token name min length
|
|
pub const API_TOKEN_NAME_MIN_LENGTH: usize = 3;
|
|
|
|
/// API token name max length
|
|
pub const API_TOKEN_NAME_MAX_LENGTH: usize = 30;
|
|
|
|
/// API token description min length
|
|
pub const API_TOKEN_DESCRIPTION_MIN_LENGTH: usize = 5;
|
|
|
|
/// API token description max length
|
|
pub const API_TOKEN_DESCRIPTION_MAX_LENGTH: usize = 30;
|
|
|
|
/// API token right path max length
|
|
pub const API_TOKEN_RIGHT_PATH_MAX_LENGTH: usize = 255;
|