datamodel: server: webmgmt subsection added

diff --git a/manager/knot_resolver_manager/datamodel/lua_template.j2 b/manager/knot_resolver_manager/datamodel/lua_template.j2
index 89639fce0b21f2a17e437339ed1c4a528d3d810b..229857aa504c095a1af238abcd93443a37163a6e 100644 (file)
--- a/manager/knot_resolver_manager/datamodel/lua_template.j2
+++ b/manager/knot_resolver_manager/datamodel/lua_template.j2
@@ -1,5 +1,13 @@
 {% if not cfg.lua.script_only %}
 
+-- MODULES
+modules = {
+    {{ "'rebinding < iterate'," if cfg.options.rebinding_protection }}
+    {{ "'workarounds < iterate'," if cfg.options.violators_workarounds }}
+    {{ "'serve_stale < cache'," if cfg.options.serve_stale }}
+    {{ "dns64 = '"+cfg.dns64.prefix+"'," if cfg.dns64 }}
+}
+
 -- SERVER section
 -- server.hostname
 hostname('{{ cfg.server.hostname }}')
@@ -10,6 +18,26 @@ modules.load('nsid')
 nsid.name('{{ cfg.server.nsid }} ' .. worker.id)
 {% endif %}
 
+{% if cfg.server.webmgmt %}
+-- server.webmgmt
+modules.load('http')
+http.config({
+    tls = {{ 'true' if cfg.server.webmgmt.tls else 'false'}},
+    {{ "cert = '"+cfg.server.webmgmt.cert_file+"'," if cfg.server.webmgmt.cert_file }}
+    {{ "key = '"+cfg.server.webmgmt.key_file+"'," if cfg.server.webmgmt.key_file }}
+}, 'webmgmt')
+net.listen(
+{% if cfg.server.webmgmt.listen.ip %}
+    '{{ cfg.server.webmgmt.listen.ip }}',
+{% elif cfg.server.webmgmt.listen.unix_socket %}
+    '{{ cfg.server.webmgmt.listen.unix_socket }}',
+{% elif cfg.server.webmgmt.listen.interface %}
+    net.{{ cfg.server.webmgmt.listen.interface }},
+{% endif %}
+    {{ cfg.server.webmgmt.listen.port|string if cfg.server.webmgmt.listen.port else 'nil' }},
+    { kind = 'webmgmt' })
+{% endif %}
+
 -- NETWORK section
 -- network.interfaces
 {% for item in cfg.network.interfaces %}
@@ -19,14 +47,6 @@ net.listen('{{ item.address }}', {{ item.port }}, {
 })
 {% endfor %}
 
--- MODULES
-modules = {
-    {{ "'rebinding < iterate'," if cfg.options.rebinding_protection }}
-    {{ "'workarounds < iterate'," if cfg.options.violators_workarounds }}
-    {{ "'serve_stale < cache'," if cfg.options.serve_stale }}
-    {{ "dns64 = '"+cfg.dns64.prefix+"'," if cfg.dns64 }}
-}
-
 -- OPTIONS section
 mode('{{ cfg.options.glue_checking }}')
 option('NO_MINIMIZE', {{ 'false' if cfg.options.qname_minimisation else 'true' }})

diff --git a/manager/knot_resolver_manager/datamodel/server_config.py b/manager/knot_resolver_manager/datamodel/server_config.py
index 647fd390a31835d5e2a7d9ce53cda60857de67e9..cf8a5e6c03c85cf07e580b27eab75a2d84b48d7d 100644 (file)
--- a/manager/knot_resolver_manager/datamodel/server_config.py
+++ b/manager/knot_resolver_manager/datamodel/server_config.py
@@ -5,6 +5,7 @@ from typing import Optional, Union
 
 from typing_extensions import Literal
 
+from knot_resolver_manager.datamodel.types import AnyPath, Listen, ListenStrict
 from knot_resolver_manager.exceptions import ValidationException
 from knot_resolver_manager.utils import DataParser, DataValidator
 from knot_resolver_manager.utils.types import LiteralEnum
@@ -34,15 +35,29 @@ BackendEnum = LiteralEnum["auto", "systemd", "supervisord"]
 
 
 class Management(DataParser):
-    listen: str = "/tmp/manager.sock"
+    listen: Listen = Listen({"unix-socket": "/tmp/manager.sock"})
     backend: BackendEnum = "auto"
-    rundir: str = "."
+    rundir: AnyPath = AnyPath(".")
 
 
 class ManagementStrict(DataValidator):
-    listen: str
+    listen: ListenStrict
     backend: BackendEnum
-    rundir: str
+    rundir: AnyPath
+
+
+class Webmgmt(DataParser):
+    listen: Listen
+    tls: bool = False
+    cert_file: Optional[AnyPath] = None
+    key_file: Optional[AnyPath] = None
+
+
+class WebmgmtStrict(DataValidator):
+    listen: ListenStrict
+    tls: bool
+    cert_file: Optional[AnyPath]
+    key_file: Optional[AnyPath]
 
 
 class Server(DataParser):
@@ -51,7 +66,9 @@ class Server(DataParser):
     nsid: Optional[str]
     workers: Union[Literal["auto"], int] = 1
     use_cache_gc: bool = True
+
     management: Management = Management()
+    webmgmt: Optional[Webmgmt] = None
 
 
 class ServerStrict(DataValidator):
@@ -60,7 +77,9 @@ class ServerStrict(DataValidator):
     nsid: Optional[str]
     workers: int
     use_cache_gc: bool
+
     management: ManagementStrict
+    webmgmt: Optional[WebmgmtStrict]
 
     def _hostname(self, obj: Server) -> str:
         if isinstance(obj.hostname, str):

diff --git a/manager/tests/datamodel/test_server_config.py b/manager/tests/datamodel/test_server_config.py
deleted file mode 100644 (file)
index 94b36f6..0000000
--- a/manager/tests/datamodel/test_server_config.py
+++ /dev/null
@@ -1,38 +0,0 @@
-from knot_resolver_manager.datamodel.server_config import Server, ServerStrict
-
-yaml = """
-hostname: myhostname
-groupid: group1
-nsid: mynsid
-workers: 4
-use-cache-gc: false
-management:
-    listen: /tmp/manager.sock
-    backend: systemd
-    rundir: "."
-"""
-
-config = Server.from_yaml(yaml)
-strict = ServerStrict(config)
-
-
-def test_parsing():
-    assert config.hostname == "myhostname"
-    assert config.groupid == "group1"
-    assert config.nsid == "mynsid"
-    assert config.workers == 4
-    assert config.use_cache_gc == False
-    assert config.management.listen == "/tmp/manager.sock"
-    assert config.management.backend == "systemd"
-    assert config.management.rundir == "."
-
-
-def test_validating():
-    assert strict.hostname == "myhostname"
-    assert strict.groupid == "group1"
-    assert strict.nsid == "mynsid"
-    assert strict.workers == 4
-    assert strict.use_cache_gc == False
-    assert strict.management.listen == "/tmp/manager.sock"
-    assert strict.management.backend == "systemd"
-    assert strict.management.rundir == "."