all repos — litestore @ openssl

A minimalist nosql document store.

src/admin/md/configuration-file.md

 1
 2
 3
 4
 5
 6
 7
 8
 9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
## Configuration File

As of version 1.8.0, you can specify a configuration file containing settings, middleware and authorization configuration using the  **-\-config** or **-c** command  line option:

[litestore -c:config.json](class:cmd)

A typical configuration file looks like this:

```
{
  "settings": {
    "log": "debug",
    "port": 9200
  },
  "stores": {
    "logs": {
      "file": "logs.db",
      "config": {
        "resources": {
          "/docs/*": {
            "GET": {
              "auth": ["admin:server"]
            },
            "POST": {
              "allowed": false
            },
            "PUT": {
              "allowed": false
            },
            "PATCH": {
              "allowed": false
            },
            "DELETE": {
              "allowed": false
            }
          }
        }
      }
    }
  },
  "resources": {
    "/docs/vehicles/*": {
      "GET": {
        "middleware": ["validate", "log"]
      },
      "HEAD": {
        "middleware": ["validate", "log"]
      },
      "POST": {
        "allowed": false
      },
      "PATCH": {
        "auth": ["admin:vehicles"],
        "middleware": ["validate", "log"]
      },
      "PUT": {
        "auth": ["admin:vehicles"],
        "middleware": ["validate", "log"]
      },
      "DELETE": {
        "auth": ["admin:vehicles"],
        "middleware": ["validate", "log"]
      }
    }
  }
}
```

At present, it contains a [settings](class:kwd), a [resources](class:kwd), and a [signature](class:kwd) section.

### settings

This section contains some of the most common command-line options, i.e.:

* address
* port
* store
* directory
* mount
* readonly
* middleware
* log

If a configuration file is specified and some of these settings are configured, they will be recognized as if they were specified via command line. However, if you also specify the same settings via command line, the command line settings will take precedence over the settings defined in the configuration file.

### stores

This section is used to defined additional stores to be managed by LiteStore by specifying the SQLite file to open and optionally the store configuration. 

In this case, the **logs** store is configured as an additional store.

### resources

This section can contain any number of resource paths, like [/docs/](class:kwd), [/info/](class:kwd), [/docs/vehicles/AA456CC](class:kwd) or [/docs/logs/*](class:kwd). If a wildcard is specified after a resource or folder path, the rules defined within that section will match any document within the specified path. So for examople [/docs/vehicles/*](class:kwd) will match both [/docs/vehicles/AB547QV](class:kwd) and [/docs/vehicles/BB326CZ](class:kwd), but *not* [/docs/vehicles/](class:kwd).

Within each resource path, you can specify different HTTP methods (all uppercase) and  within each method any of the following properties:

* **auth** — A list of JWT scopes necessary to access the specified resource with the specified method.
* **middleware** — A list of middleware function definitions that will be executed in sequence when the resource is accessed with the specified method.
* **allowed** — If set to **false**, LiteStore will return a [405 - Method not allowed](class:kwd) error code when accessing  the resource with the specified method.

### signature

This section must be  set to a valid certificate used validate JWT tokens. Note that the certificate must follow a specific format and start with the appropriate begin/end  blocks.

### jwks_uri

As of version 1.13.0, this property can be set to a URI pointing to a valid [JSON Web Key Sets](https://auth0.com/docs/secure/tokens/json-web-tokens/json-web-key-sets) file. If this property is specified, it will be used instead of **signature** to perform signature verification of JWKS tokens.

> %note%
> How JWKS data is managed
> 
> If this property is set, LiteStore will attempt to download the specified JWKS file on startup. This file will be catched to a *store-name*_jwks.json file (e.g. `data_jwks.json`) and its contents stored in memory.