From 371f736d0b6ff847bb06611ffa324a5c22da1667 Mon Sep 17 00:00:00 2001 From: YR Chen Date: Thu, 29 Aug 2024 00:44:02 +0800 Subject: [PATCH] Clarify that recovery settings are dedicated to legacy API --- README.md | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 20e9857..f275dcb 100644 --- a/README.md +++ b/README.md @@ -47,22 +47,32 @@ Auth settings configures the authentication and authorization API used by `sshmu The following settings are only used with `legacy` auth APIs. They are also grouped under `auth` in the TOML file. -| Key | Type | Description | Required | Example | -| -------------------------- | ---------- | ----------------------------------------------------------- | -------------------------- | ---------------------------- | -| `token` | `string` | Token used to authenticate with the API endpoint. | If `version` is `"legacy"` | `"long-and-random-token"` | -| `all-username-nopassword` | `bool` | If set to `true`, no users will be asked for UNIX password. | No | `true` | -| `usernames-nopassword` | `[]string` | Usernames that won't be asked for UNIX password. | No | `["vlab", "ubuntu", "root"]` | -| `invalid-usernames` | `[]string` | Usernames that are known to be invalid. | No | `["user"]` | -| `invalid-username-message` | `string` | Message to display when the requested username is invalid. | No | `"Invalid username %s."` | +| Key | Type | Description | Required | Example | +| -------------------------- | ---------- | ----------------------------------------------------------- | ------------------------------- | ---------------------------- | +| `token` | `string` | Token used to authenticate with the API endpoint. | If `auth.version` is `"legacy"` | `"long-and-random-token"` | +| `all-username-nopassword` | `bool` | If set to `true`, no users will be asked for UNIX password. | No | `true` | +| `usernames-nopassword` | `[]string` | Usernames that won't be asked for UNIX password. | No | `["vlab", "ubuntu", "root"]` | +| `invalid-usernames` | `[]string` | Usernames that are known to be invalid. | No | `["user"]` | +| `invalid-username-message` | `string` | Message to display when the requested username is invalid. | No | `"Invalid username %s."` | + +#### Recovery Settings + +Recovery settings configures Vlab recovery service support of `sshmux`, only used with `legacy` auth APIs. They are grouped under `recovery` in the TOML file. + +| Key | Type | Description | Required | Example | +| ----------- | ---------- | ----------------------------------------------------- | -------- | ------------------------- | +| `address` | `string` | SSH host and port of the recovery server. | No | `"172.30.0.101:2222"` | +| `usernames` | `[]string` | Usernames dedicated to the recovery server. | No | `["recovery", "console"]` | +| `token` | `string` | Token used to authenticate with the recovery backend. | No | `"long-and-random-token"` | ### Logger Settings Logger settings configures the logger behavior of `sshmux`. They are grouped under `logger` in the TOML file. -| Key | Type | Description | Required | Example | -| ---------- | -------- | ----------------------------------------------------------------------------- | ---------------------- | ------------------------ | -| `enabled` | `bool` | Whether the logger is enabled. Defaults to `false`. | No | `true` | -| `endpoint` | `string` | Endpoint URL that `sshmux` will log onto. Only `udp` scheme is supported now. | If `enabled` is `true` | `"udp://127.0.0.1:5556"` | +| Key | Type | Description | Required | Example | +| ---------- | -------- | ----------------------------------------------------------------------------- | ----------------------------- | ------------------------ | +| `enabled` | `bool` | Whether the logger is enabled. Defaults to `false`. | No | `true` | +| `endpoint` | `string` | Endpoint URL that `sshmux` will log onto. Only `udp` scheme is supported now. | If `logger.enabled` is `true` | `"udp://127.0.0.1:5556"` | ### PROXY Protocol Settings @@ -74,16 +84,6 @@ PROXY protocol settings configures [PROXY protocol](https://www.haproxy.com/blog | `hosts` | `[]string` | Host names from which PROXY protocol is allowed. | No | `["nginx.local", "127.0.0.22"]` | | `networks` | `[]string` | Network CIDRs from which PROXY protocol is allowed. | No | `["10.10.0.0/24"]` | -### Recovery Settings - -Recovery settings configures Vlab recovery service support of `sshmux`. They are grouped under `recovery` in the TOML file. - -| Key | Type | Description | Required | Example | -| ----------- | ---------- | ----------------------------------------------------- | -------- | ------------------------- | -| `address` | `string` | SSH host and port of the recovery server. | No | `"172.30.0.101:2222"` | -| `usernames` | `[]string` | Usernames dedicated to the recovery server. | No | `["recovery", "console"]` | -| `token` | `string` | Token used to authenticate with the recovery backend. | No | `"long-and-random-token"` | - ## Auth API `sshmux` uses a RESTful API to perform authentication and authorization for a user.