-
Notifications
You must be signed in to change notification settings - Fork 659
Expand file tree
/
Copy pathIAppConfiguration.cs
More file actions
549 lines (449 loc) · 22.4 KB
/
IAppConfiguration.cs
File metadata and controls
549 lines (449 loc) · 22.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using NuGet.Services.Messaging.Email;
namespace NuGetGallery.Configuration
{
public interface IAppConfiguration : IMessageServiceConfiguration
{
/// <summary>
/// Gets the location in which the Lucene Index is stored
/// </summary>
LuceneIndexLocation LuceneIndexLocation { get; set; }
/// <summary>
/// Gets the name of the environment in which the gallery is deployed
/// </summary>
string Environment { get; set; }
/// <summary>
/// Gets the warning banner text
/// </summary>
string WarningBanner { get; set; }
/// <summary>
/// Gets a setting indicating if SSL is required for all operations once logged in.
/// </summary>
bool RequireSSL { get; set; }
/// <summary>
/// Gets the port used for SSL
/// </summary>
int SSLPort { get; set; }
/// <summary>
/// A string containing a path exluded from forcing the HTTP to HTTPS redirection.
/// To provide multiple paths separate them with ;
/// </summary>
/// <example>/api/health-probe</example>
string[] ForceSslExclusion { get; set; }
/// <summary>
/// The Azure Storage connection string used for auditing.
/// </summary>
string AzureStorage_Auditing_ConnectionString { get; set; }
/// <summary>
/// The Azure Storage connection string used for user certificates.
/// </summary>
string AzureStorage_UserCertificates_ConnectionString { get; set; }
/// <summary>
/// The Azure Storage connection string used for static content.
/// </summary>
string AzureStorage_Content_ConnectionString { get; set; }
/// <summary>
/// The Azure Storage connection string used for packages, after upload.
/// </summary>
string AzureStorage_Packages_ConnectionString { get; set; }
/// <summary>
/// The Azure Storage connection string used for flatContainer, after upload.
/// </summary>
string AzureStorage_FlatContainer_ConnectionString { get; set; }
/// <summary>
/// The Azure Storage connection string used for statistics.
/// </summary>
string AzureStorage_Statistics_ConnectionString { get; set; }
/// <summary>
/// The Azure Storage connection string used for statistics. Secondary
/// </summary>
string AzureStorage_Statistics_ConnectionString_Alternate { get; set; }
/// <summary>
/// The Azure Storage connection string used for package uploads, before publishing.
/// </summary>
string AzureStorage_Uploads_ConnectionString { get; set; }
/// <summary>
/// The Azure storage connection string used for RevalidateCertificate job admin panel.
/// </summary>
string AzureStorage_Revalidation_ConnectionString { get; set; }
/// <summary>
/// Gets a setting if Read Access Geo Redundant is enabled in azure storage
/// </summary>
bool AzureStorageReadAccessGeoRedundant { get; set; }
/// <summary>
/// Indicates whether Managed Service Identity should be used to access Azure Storage.
/// If false, the presumption is that connection strings contain the necessary credentials.
/// If true, single MSI is going to be used for all storage connections.
/// </summary>
bool AzureStorageUseMsi { get; set; }
/// <summary>
/// Client ID of the MSI to use for Azure storage access.
/// If empty or not specified, the default MSI will be used in Release builds
/// and <see cref="Azure.Identity.DefaultAzureCredential"/> in Debug builds.
/// </summary>
string AzureStorageMsiClientId { get; set; }
/// <summary>
/// How frequently the feature flags should be refreshed.
/// </summary>
TimeSpan FeatureFlagsRefreshInterval { get; set; }
/// <summary>
/// Indicates whether Admin panel pages exist on this instance.
/// </summary>
bool AdminPanelEnabled { get; set; }
/// <summary>
/// Gets a boolean indicating whether DB admin through web UI should be accesible.
/// </summary>
bool AdminPanelDatabaseAccessEnabled { get; set; }
/// <summary>
/// Gets a boolean indicating whether asynchronous package validation is enabled.
/// </summary>
bool AsynchronousPackageValidationEnabled { get; set; }
/// <summary>
/// Only makes sense if <see cref="AsynchronousPackageValidationEnabled"/> is set to true.
/// Indicates whether async package validation will be run in blocking mode.
/// Running in blocking mode means that the package will not be available for download
/// until it successfully passed all validations.
/// </summary>
bool BlockingAsynchronousPackageValidationEnabled { get; set; }
/// <summary>
/// If <see cref="AsynchronousPackageValidationEnabled"/> is set to true,
/// this is the delay that downstream validations should wait before starting
/// to process a package.
/// </summary>
TimeSpan AsynchronousPackageValidationDelay { get; set; }
/// <summary>
/// The upper bound for package validations. A notice will be displayed if a package's validation exceeds this value.
/// </summary>
TimeSpan ValidationExpectedTime { get; set; }
/// <summary>
/// Gets a boolean indicating whether NuGet password logins are deprecated.
/// </summary>
bool DeprecateNuGetPasswordLogins { get; set; }
/// <summary>
/// Gets a boolean indicating if the site requires that email addresses be confirmed
/// </summary>
bool ConfirmEmailAddresses { get; set; }
/// <summary>
/// Gets a boolean indicating if the site is in read only mode
/// </summary>
bool ReadOnlyMode { get; set; }
/// <summary>
/// Gets if only service feeds should be registered
/// </summary>
bool FeedOnlyMode { get; set; }
/// <summary>
/// Gets the local directory in which to store files.
/// </summary>
string FileStorageDirectory { get; set; }
/// <summary>
/// Gets the site brand name i.e. 'NuGet Gallery' by default. Cobranding feature.
/// </summary>
string Brand { get; set; }
/// <summary>
/// Gets the storage mechanism used by this instance of the gallery
/// </summary>
string StorageType { get; set; }
/// <summary>
/// Gets the URI of the SMTP host to use. Or null if SMTP is not being used. Use <see cref="NuGetGallery.Configuration.SmtpUri"/> to parse it
/// </summary>
Uri SmtpUri { get; set; }
/// <summary>
/// Gets the SQL Connection string used to connect to the database
/// </summary>
string SqlConnectionString { get; set; }
/// <summary>
/// Gets the SQL Connection string used to connect to the database read only replica.
/// </summary>
string SqlReadOnlyReplicaConnectionString { get; set; }
/// <summary>
/// Gets the SQL Connection string used to connect to the database for support requests
/// </summary>
string SqlConnectionStringSupportRequest { get; set; }
/// <summary>
/// Gets the SQL Connection string used to connect to the database for validations
/// </summary>
string SqlConnectionStringValidation { get; set; }
/// <summary>
/// Gets the host name of the Azure CDN being used
/// </summary>
string AzureCdnHost { get; set; }
/// <summary>
/// Gets the App ID of the Facebook app associated with this deployment
/// </summary>
string FacebookAppId { get; set; }
/// <summary>
/// Gets the Application Insights instrumentation key associated with this deployment.
/// </summary>
string AppInsightsInstrumentationKey { get; set; }
/// <summary>
/// Gets the Application Insights sampling percentage associated with this deployment.
/// </summary>
double AppInsightsSamplingPercentage { get; set; }
/// <summary>
/// Gets the Application Insights heartbeat interval in seconds associated with this deployment.
/// </summary>
int AppInsightsHeartbeatIntervalSeconds { get; set; }
/// <summary>
/// The tenant key used for Microsoft's internal instrumentation system similar to Application Insights.
/// Because it is internal, this setting is not useful if used outside of Microsoft.
/// </summary>
string InternalMicrosoftTenantKey { get; set; }
/// <summary>
/// Gets the protocol-independent site root
/// </summary>
string SiteRoot { get; set; }
/// <summary>
/// Gets the protocol-independent support email site root
/// </summary>
string SupportEmailSiteRoot { get; set; }
/// <summary>
/// Private key for verifying recaptcha user response.
/// </summary>
string ReCaptchaPrivateKey { get; set; }
/// <summary>
/// Public key for verifying recaptcha user response.
/// </summary>
string ReCaptchaPublicKey { get; set; }
/// <summary>
/// Gets the Google Analytics Property ID being used, if any.
/// </summary>
string GoogleAnalyticsPropertyId { get; set; }
/// <summary>
/// Gets a boolean indicating if the search index should be updated automatically in the background
/// </summary>
bool AutoUpdateSearchIndex { get; set; }
/// <summary>
/// Gets a string indicating which authentication provider(s) are supported for administrators.
/// When specified, the gallery will ensure admin users are logging in using any of the specified authentication providers.
/// Blank means any authentication provider can be used by administrators.
/// </summary>
string EnforcedAuthProviderForAdmin { get; set; }
/// <summary>
/// Gets a string indicating which Microsoft Entra tenant ID should be used for administrators.
/// When specified, the gallery will ensure admin users are logging in using only the specified tenant ID.
/// Blank means any Microsoft Entra tenant ID can be used by administrators.
/// </summary>
string EnforcedTenantIdForAdmin { get; set; }
/// <summary>
/// The required format for a user password.
/// </summary>
string UserPasswordRegex { get; set; }
/// <summary>
/// A message to show the user, to explain password requirements.
/// </summary>
string UserPasswordHint { get; set; }
/// <summary>
/// Defines the time after which V1 API keys expire.
/// </summary>
int ExpirationInDaysForApiKeyV1 { get; set; }
/// <summary>
/// Defines the number of days before the API key expires when the server should emit a warning to the client.
/// </summary>
int WarnAboutExpirationInDaysForApiKeyV1 { get; set; }
/// <summary>
/// Defines a semi-colon separated list of domains for the alternate site root for gallery, used for MSA authentication by AADv2
/// </summary>
string AlternateSiteRootList { get; set; }
/// <summary>
/// Configuration to enable manual setting of the machine key for session persistence across deployments/slots.
/// </summary>
bool EnableMachineKeyConfiguration { get; set; }
/// <summary>
/// Defines the encryption aglorithm that is used for encrypting and decrypting forms authentication data.
/// </summary>
string MachineKeyDecryption { get; set; }
/// <summary>
/// Defines the key that is sued to encrypt and decrypt data, or the process by which the key is generated.
/// </summary>
string MachineKeyDecryptionKey { get; set; }
/// <summary>
/// Defines the hashing algorithm used for validating forms authentication and view state data.
/// </summary>
string MachineKeyValidationAlgorithm { get; set; }
/// <summary>
/// Defines the key that is used to validate forms authentication and view state data, or the process by which the key is generated.
/// </summary>
string MachineKeyValidationKey { get; set; }
/// <summary>
/// Gets/sets a bool that indicates if the OData requests will be filtered.
/// </summary>
bool IsODataFilterEnabled { get; set; }
/// <summary>
/// Gets/sets a string that is a link to the status page
/// </summary>
string ExternalStatusUrl { get; set; }
/// <summary>
/// Gets/sets a string that is a link to an external about page
/// </summary>
string ExternalAboutUrl { get; set; }
/// <summary>
/// Gets/sets a string that is a link to an external privacy policy
/// </summary>
string ExternalPrivacyPolicyUrl { get; set; }
/// <summary>
/// Gets/sets a string that is a link to an external privacy choices page
/// </summary>
string ExternalYourPrivacyChoicesUrl { get; set; }
/// <summary>
/// Gets/sets a string that is a link to an external terms of use document
/// </summary>
string ExternalTermsOfUseUrl { get; set; }
/// <summary>
/// Gets/sets a string that is a link to the brand
/// </summary>
string ExternalBrandingUrl { get; set; }
/// <summary>
/// Gets/sets a string that is brand string to display in the footer, this also
/// accepts a single {0} string format token which is replaced by the UTC year
/// </summary>
string ExternalBrandingMessage { get; set; }
/// <summary>
/// Get/Sets a string to a url that details trademarks. If unset, the link will not appear.
/// </summary>
string TrademarksUrl { get; set; }
/// <summary>
/// Gets/Sets a flag indicating if default security policies should be enforced.
/// </summary>
bool EnforceDefaultSecurityPolicies { get; set; }
/// <summary>
/// Whether or not the gallery is running as a hosted web service. This should always be true unless the
/// gallery code is being used inside a console application.
/// </summary>
bool IsHosted { get; set; }
/// <summary>
/// Whether or not to synchronously reject signed packages on push/upload when no certificate is uploaded
/// by the owner.
/// </summary>
bool RejectSignedPackagesWithNoRegisteredCertificate { get; set; }
/// <summary>
/// Whether or not to synchronously reject packages on push/upload that have too many package entries.
/// </summary>
bool RejectPackagesWithTooManyPackageEntries { get; set; }
/// <summary>
/// Whether or not to block search engines from indexing the web pages using the "noindex" meta tag.
/// </summary>
bool BlockSearchEngineIndexing { get; set; }
/// <summary>
/// Gets or sets a flag indicating whether asynchronous email service is enabled.
/// </summary>
bool AsynchronousEmailServiceEnabled { get; set; }
/// <summary>
/// Gets or sets a flag indicating whether asynchronous account deletion service is enabled.
/// </summary>
bool AsynchronousDeleteAccountServiceEnabled { get; set; }
/// <summary>
/// Gets or sets a flag indicating if this gallery allows users to delete their own account.
/// </summary>
bool SelfServiceAccountDeleteEnabled { get; set; }
/// <summary>
/// Indicates whether packages that specify the license the "old" way (with a "licenseUrl" node only) should be rejected.
/// </summary>
bool BlockLegacyLicenseUrl { get; set; }
/// <summary>
/// Indicates whether packages that don't specify any license information (no license URL, no license expression,
/// no embedded license) are allowed into Gallery.
/// </summary>
bool AllowLicenselessPackages { get; set; }
/// <summary>
/// The URL for the primary search endpoint, for stable behavior.
/// </summary>
Uri SearchServiceUriPrimary { get; set; }
/// <summary>
/// The URL for the secondary search endpoint, for stable behavior.
/// </summary>
Uri SearchServiceUriSecondary { get; set; }
/// <summary>
/// The URL for the primary search endpoint, for preview behavior.
/// </summary>
Uri PreviewSearchServiceUriPrimary { get; set; }
/// <summary>
/// The URL for the secondary search endpoint, for preview behavior.
/// </summary>
Uri PreviewSearchServiceUriSecondary { get; set; }
/// <summary>
/// The time in seconds for the circuit breaker delay. (The time the circuit breaker will stay in open state)
/// </summary>
int SearchCircuitBreakerDelayInSeconds { get; set; }
/// <summary>
/// The wait time in milliseconds for the WaitAndRetry policy.
/// </summary>
int SearchCircuitBreakerWaitAndRetryIntervalInMilliseconds { get; set; }
/// <summary>
/// A request will fail after this number of retries. In total a request will fail after this number of retries + 1.
/// </summary>
int SearchCircuitBreakerWaitAndRetryCount { get; set; }
/// <summary>
/// CircuitBreaker will open after this number of consecutive failed requests.
/// </summary>
int SearchCircuitBreakerBreakAfterCount { get; set; }
/// <summary>
/// The Search timeout per request in milliseconds.
/// </summary>
int SearchHttpRequestTimeoutInMilliseconds { get; set; }
/// <summary>
/// Template for the storage URL for packages with embedded icons.
/// When expanded the '{id-lower}' will be replaced with the package id in lowercase,
/// '{version-lower}' will be replaced with the normalized package version in lowercase.
/// </summary>
string EmbeddedIconUrlTemplate { get; set; }
/// <summary>
/// Deployment label to log with telemetry.
/// </summary>
string DeploymentLabel { get; set; }
/// <summary>
/// Allows to override the default (or externally configured) minWorkerThreads setting. Must be specified with <see cref="MinIoThreads"/>.
/// This is a global (not per CPU core) limit.
/// See more:
/// https://docs.microsoft.com/en-us/dotnet/api/system.threading.threadpool.setminthreads?view=netframework-4.7.2
/// https://docs.microsoft.com/en-us/previous-versions/dotnet/netframework-4.0/7w2sway1(v=vs.100)?redirectedfrom=MSDN
/// </summary>
int? MinWorkerThreads { get; set; }
/// <summary>
/// Allows to override the default (or externally configured) maxWorkerThreads setting. Must be specified with <see cref="MaxIoThreads"/>
/// This is a global (not per CPU core) limit.
/// See more:
/// https://docs.microsoft.com/en-us/dotnet/api/system.threading.threadpool.setmaxthreads?view=netframework-4.7.2
/// https://docs.microsoft.com/en-us/previous-versions/dotnet/netframework-4.0/7w2sway1(v=vs.100)?redirectedfrom=MSDN
/// </summary>
int? MaxWorkerThreads { get; set; }
/// <summary>
/// Allows to override the default (or externally configured) minIoThreads setting. Must be specified with <see cref="MinWorkerThreads"/>.
/// This is a global (not per CPU core) limit.
/// See more:
/// https://docs.microsoft.com/en-us/dotnet/api/system.threading.threadpool.setminthreads?view=netframework-4.7.2
/// https://docs.microsoft.com/en-us/previous-versions/dotnet/netframework-4.0/7w2sway1(v=vs.100)?redirectedfrom=MSDN
/// </summary>
int? MinIoThreads { get; set; }
/// <summary>
/// Allows to override the default (or externally configured) maxIoThreads setting. Must be specified with <see cref="MaxWorkerThreads"/>.
/// This is a global (not per CPU core) limit.
/// See more:
/// https://docs.microsoft.com/en-us/dotnet/api/system.threading.threadpool.setmaxthreads?view=netframework-4.7.2
/// https://docs.microsoft.com/en-us/previous-versions/dotnet/netframework-4.0/7w2sway1(v=vs.100)?redirectedfrom=MSDN
/// </summary>
int? MaxIoThreads { get; set; }
/// <summary>
/// The username of the user that can be entered as the sender for admin flows. When an admin flow may send one
/// or more emails to end users, it helps to mask the identity of the site admin that performed the action by
/// using this user instead. This account is not created automatically. The username should refer to a user
/// account (not organization) that has an email address that can be visible for administrative notices. This
/// account should not have any credentials or be marked as a site admin.
/// </summary>
string AdminSenderUser { get; set; }
/// <summary>
/// The maximum size of JSON that can be returned by a JSON endpoint. This overrides the default 4 MB in
/// select places where large JSON response bodies are possible.
/// </summary>
int MaxJsonLengthOverride { get; set; }
/// <summary>
/// The maximum number of owners allowed per package registration. If this limit is reached, no more owners can be added and others must be removed first.
/// </summary>
int MaxOwnerPerPackageRegistration { get; set; }
/// <summary>
/// The maximum number of owner requests allowed per package registration. If this limit is reached, no more requests can be made and other requests must be removed first.
/// </summary>
int MaxOwnerRequestsPerPackageRegistration { get; set; }
}
}