svalinn.yaml

---

# The unique fully-qualified-domain-name of the server.  It is provided to 
# the X-Svalinn-Server header for showing what server fulfilled the request 
# sent.
# (Optional)
server: "svalinn-instance-123.example.com"

########################################
#   Labeling/Tracing via HTTP Headers Configuration
########################################

# Provides this build number to the X-Svalinn-Build header for
# showing machine version information.  The build number SHOULD
# match the scheme `version-build` but there is not a strict requirement.
# (Optional)
build: "0.1.3-434"

# Provides the region information to the X-Svalinn-Region header
# for showing what region this machine is located in.  The region
# is arbitrary and optional.
# (Optional)
region: "east"

# Provides the flavor information to the X-Svalinn-Flavor header
# for showing what flavor this machine is associated with.  The flavor
# is arbitrary and optional.
# (Optional)
flavor: "mint"

########################################
#   Primary Endpoint Configuration
########################################

# primary defines the details needed for the primary endpoint.  The
# primary endpoint accepts requests for events for a specific device id.
primary:
  # address provides the port number for the endpoint to bind to.
  # ":443" is ideal, but may require some special handling due to it being
  # a reserved (by the kernel) port.
  address: ":7100"
  # HTTPS/TLS 
  #
  # certificateFile provides the public key and CA chain in PEM format if
  # TLS is used.  Note: the certificate needs to match the fqdn for clients
  # to accept without issue.
  #
  # keyFile provides the private key that matches the certificateFile
  # (Optional)
  # certificateFile: "/etc/svalinn/public.pem"
  # keyFile: "/etc/svalinn/private.pem"

########################################
#   Health Endpoint Configuration
########################################

# health defines the details needed for the health check endpoint.  The
# health check endpoint is generally used by services (like AWS Route53
# or consul) to determine if this particular machine is healthy or not.
health: 
  # port provides the port number for the endpoint to bind to.
  # ":80" is ideal, but may require some special handling due to it being
  # a reserved (by the kernel) port.
  port: ":7101"
  # endpoint provides the endpoint that will provide the health check 
  # information.
  endpoint: "/health"

########################################
#   Debugging/Pprof Configuration
########################################

# pprof defines the details needed for the pprof debug endpoint.
# (Optional)
pprof:
  # address provides the port number for the endpoint to bind to.
  address: ":7102"

########################################
#   Metrics Configuration
########################################

# metric defines the details needed for the prometheus metrics endpoint
# (Optional)
metric:
  # address provides the port number for the endpoint to bind to.  Port 9389
  # was chosen because it does not conflict with any of the other prometheus
  # metrics or other machines in the xmidt cluster.  You may use any port you
  # wish.
  address: ":7103"

  # metricsOptions provides the details needed to configure the prometheus
  # metric data.  Metrics generally have the form:
  #
  # {namespace}_{subsystem}_{metric}
  #
  # so if you use the suggested value below, your metrics are prefixed like
  # this:
  #
  # codex_svalinn_{metric}
  #
  # (Optional)
  metricsOptions:
    # namespace is the namespace of the metrics provided
    # (Optional)
    namespace: "codex"
    # subsystem is the subsystem of the metrics provided
    # (Optional)
    subsystem: "svalinn"

########################################
#   Logging Related Configuration
########################################

# log configures the logging subsystem details
log:
  # file is the name of the most recent log file.  If set to "stdout" this
  # will log to os.Stdout.
  # (Optional) defaults to os.TempDir()
  #file: "/var/log/svalinn/svalinn.log"
  file: "stdout"

  # level is the logging level to use - INFO, DEBUG, WARN, ERROR
  # (Optional) defaults to ERROR
  level: "ERROR"

  # maxsize is the maximum file size in MB
  # (Optional) defaults to max 100MB
  maxsize: 50

  # maxage is the maximum number of days to retain old log files
  # (Optional) defaults to ignore age limit (0)
  maxage: 30

  # maxbackups is the maximum number of old log files to retain
  # (Optional) defaults to retain all (0)
  maxbackups: 10

  # json is a flag indicating whether JSON logging output should be used.
  # (Optional) defaults to false
  json: true

########################################
#   Database Related Configuration
########################################

# db provides the configuration for connecting to the database and database 
# calls.
db:
  # server is the address and port used to connect to the server.
  server: "db:26257"

  # username is the username to use when connecting to the database.
  username: "roachadmin"

  # database is the name of the database being connected to.
  database: "devices"

  # SSLRootCert is the root cert to use when connecting to the database.
  # The SSLKey and SSLCert must also be provided in order to connect securely.
  # (Optional)
  #sslRootCert: "/etc/svalinn/ca.crt"

  # SSLKey is the SSL key to use when connecting to the database.  The 
  # SSLRootCert and SSLCert must also be provided in order to connect securely.
  # (Optional)
  #sslKey: "/etc/svalinn/client.svalinn.key"

  # SSLCert is the SSL cert to use when connecting to the database.  The SSLKey 
  # and SSLRootCert must also be provided in order to connect securely.
  # (Optional)
  #sslCert: "/etc/svalinn/client.svalinn.crt"

  # numRetries is the number of times to retry connecting to the database.  If 
  # numRetries is below 1, there will be no attempts to retry.
  # (Optional)
  numRetries: 4

  # waitTimeMult is the number to multiply by 1 second in between each attempt 
  # to connect to the database. If there is only the initial attempt, this 
  # value is not used.  If the multiple is set below 1, it defaults to 1.
  # (Optional) defaults to 1
  waitTimeMult: 5

  # pingInterval is the time to wait in between pinging the database.  The ping 
  # is a part of the health check for svalinn.  If pinging fails, svalinn will 
  # report as unhealthy. If the ping interval is set to 0, it defaults to 1s.
  # (Optional) defaults to 1s
  pingInterval: 1s

  # connectTimeout is the timeout for connecting to the database.  If 
  # establishing a connection takes longer than this, it will fail.  If 
  # the connectTimeout is set to 0, it defaults to 10s.
  # (Optional) defaults to 10s
  connectTimeout: 1m

  # opTimeout is the timeout for database calls after svalinn is connected.
  # If the opTimeout is set to 0, it defaults to 10s.
  # (Optional) defaults to 10s
  opTimeout: 100ms

  # maxIdleConns are the maximum number of idle connections allowed at one time.
  # If a value below 2 is chosen, it defaults to 2.
  # (Optional) defaults to 2
  #maxIdleConns: 2

  # maxOpenConns are the maximum number of open connections allowed at one time.
  # If the value is 0, there is an unlimited number of connections.
  # (Optional)I
  #maxOpenConns: 0

# insertRetries provides the information needed for making multiple attempts to 
# insert the same batch of records.
insertRetries: 
  # numRetries provides the number of times to retry if a database request 
  # fails.  If numRetries is set to a value below 0, it is set to 1.
  # (Optional)
  numRetries: 3

  # interval provides the amount of time to wait in between attempts to query 
  # the database.  Has no effect if the number of retries is 0.
  # (Optional) defaults to 1s
  interval: 10s

  # intervalMult provides the number to multiple the interval by between each 
  # attempt.  Has no effect if the number of retries is 0.  If it is set below 
  # 1, it defaults to 1.
  # (Optional) defaults to 1
  intervalMult: 5

# batchInserter provides the information needed for inserting multiple records 
# in one query.
# (Optional)
batchInserter:
  # queueSize provides the max number of records that can be stored on the 
  # queue.  Once records are taken off the queue, they are batched together and 
  # inserted.  If a value below 5 is chosen, it defaults to 5.
  # (Optional) defaults to 5
  queueSize: 3000

  # maxWorkers provides the maximum number of workers that can work on 
  # inserting batches of records at one time.  If a value below 1 is chosen,
  # it defaults to 5.
  # (Optional) defaults to 5
  maxWorkers: 1000

  # maxBatchSize provides the maximum number of records that can be grouped 
  # together in a single insert.  If a value below 0 is chosen, it defaults to
  # 1.  If the 0 value is chosen, there is no maximum and records are batched 
  # together until the maxBatchWaitTime is reached.
  # (Optional) defaults to 1
  maxBatchSize: 30

  # maxBatchWaitTime provides the maximum amount of time to wait once the first 
  # record in a batch is received.  If a value below 0s is chosen, it defaults to 
  # 0s.
  # (Optional)
  maxBatchWaitTime: 10ms

########################################
#   Encryption Related Configuration
########################################

# cipher tells svalinn what type of encryption it should be prepared to 
# encrypt.  This list is used to encrypt the events being inserted the database.
# If there is no encryption, use the "none" configuration below. Svalinn uses 
# the first cipher on the list that loads successfully.
cipher:
  - 
    # type is the type of encryption.
    type: rsa-sym

    # kid is a further identifier for what kind of encryption should be used.
    kid: "basic-sha"

    # params are further information for a type of encryption.
    # (Optional)
    params:
      hash: SHA512
    
    # keys are the keys to use for this form of encryption.
    # (Optional)
    keys:
      publicKey: "/etc/svalinn/public.pem"

  - 
    # type is the type of encryption.
    type: none

    # kid is the a further identifier for what kind of encryption should be used.
    kid: none

########################################
#   Event Parsing Related Configuration
########################################

# endpoint provides the endpoint to listen for events at, which is added to the 
# api base.
endpoint: "/device-status"

# requestParser provides the information needed for starting the parser, which 
# turns events into records.
# (Optional)
requestParser:
  # queueSize provides the maximum number of events that can be added to the 
  # queue.  Once events are taken off the queue, they are parsed into records.  
  # If a value below 5 is chosen, it defaults to 5.
  # (Optional) defaults to 5
  queueSize: 3000

  # maxWorkers provides the maximum number of workers parsing events at a 
  # time.  If a value below 5 is chosen, it defaults to 5.
  # (Optional) defaults to 5
  maxWorkers: 10000

  # metadataMaxSize provides the number of bytes that the marshaled metadata of 
  # an event must not exceed.  If the metadata is larger than that, it is removed 
  # from the event before the event is put in a record.  If a value below 0 is 
  # chosen, it defaults to 0.
  # (Optional)
  metadataMaxSize: 1000

  # payloadMaxSize provides the number of bytes that the payload of an event must 
  # not exceed.  If the payload is larger than that, it is removed from the event 
  # before the events is put in a record.  If a value below 0 is chosen, it 
  # defaults to 0.
  # (Optional)
  payloadMaxSize: 1000

  # defaultTTL provides the amount of time a record is kept in the database 
  # before it is removed.  This TTL is for any event that doesn't have a rule 
  # with a TTL specified.  If 0 is chosen, it defaults to 5m.
  # (Optional) defaults to 5m
  defaultTTL: 5s

  # regexRules provides rules for events whose destinations match the regular 
  # expression.  If the event matches the regex of a rule, Svalinn gets 
  # instructions on whether or not to store the event's payload (storePayload), 
  # what the event type should be (eventType), and how long the record should 
  # live in the database (ruleTTL).  If no rules are provided, the payload isn't 
  # stored, the event type is the default, and the record's TTL is the defaultTTL. 
  # Svalinn uses the first rule whose regex matches an event's destination.
  #
  # The eventType indicates where to find the device id in the event.  If the 
  # event type is "State", the device id is parsed out of the event Destination.
  # Otherwise, the event Source is used as the device id.
  # eventType options: "State", "Default" 
  #
  # (Optional)
  regexRules:
    - regex: ".*/online$"
      storePayload: true
      ruleTTL: 30s
      eventType: "State"
    - regex: ".*/offline$"
      storePayload: true
      ruleTTL: 30s
      eventType: "State"

# blacklistInterval provides how often Svalinn should get the blacklist from 
# the database.  If a device id matches a regular expression on the blacklist, 
# that event isn't inserted into the database.  If 0s is chosen, it defaults to 
# 1m.
# (Oprional) defaults to 1m
blacklistInterval: 1m


########################################
#   Webhook Registration Related Configuration
########################################

# webhook provides the information needed to register to a webhook.
# (Optional)
webhook:
  # secret provides the key for hashing the messages the webhook sends.
  secret: "super secret"

  # registrationInterval provides the time to wait between each registration to 
  # the webhook.  If this is set to 0, no registration is done.
  # (Optional)
  registrationInterval: "4m"

  # url provides the place to register to the webhook.
  url: "http://host.docker.internal:8181/api/v1/device-status"

  # timeout provides the length of time the request should wait before timing 
  # out.
  timeout: "1m"

  # registrationURL provides the URL the webhook should send the events to.  If 
  # this value isn't set, it defaults to:
  #  
  # {server config value}{apiBase constant}{endpoint config value}
  #
  # (Optional)
  registrationURL: "https://127.0.0.1:6000/hook"

  # eventsToWatch provides a list of regular expressions that tells the webhook 
  # which endpoints to send to Svalinn.  If the destination of an event 
  # matches a regular expression in this list, it is sent to Svalinn
  eventsToWatch: ["device-status.*"]

  # the below configuration values provide a way to add an Authorization header 
  # to the request to the webhook.  If both basic and sat contain empty values, 
  # no header is sent.  sat takes priority over basic if both are set.

  # basic provides a way to use Basic Authorization when registering to a 
  # webhook.  If this value is provided and sat isn't, the following header is 
  # added to the registration request:
  #
  # Authorization Basic {basic value}
  #
  # (Optional)
  basic: ""

  # sat provides a way to use Bearer Authorization when registering to a 
  # webhook.  If the below values are all provided, a request is made to the 
  # SAT URL to get the SAT token to be used in the registration request.  The 
  # header would look like: 
  # 
  # Authorization Bearer {SAT token}
  # 
  # SAT tokens are a type of JWT.
  # (Optional)
  sat:
    # client is the SAT client we are requesting.
    client: ""

    # secret is the secret to use to prove we have access to this SAT token.
    secret: ""

    # satURL is the URL to access for the SAT token.
    satURL: ""

    # timeout is how long the request to get the SAT token will take before 
    # timing out.
    timeout: "1m"