ServeArgs

nixfleet_control_plane::server

Struct ServeArgs 

Source 
pub struct ServeArgs {
Show 28 fields
    pub listen: SocketAddr,
    pub tls_cert: PathBuf,
    pub tls_key: PathBuf,
    pub client_ca: Option<PathBuf>,
    pub fleet_ca_cert: Option<PathBuf>,
    pub fleet_ca_key: Option<PathBuf>,
    pub tpm_ca_pubkey_raw: Option<PathBuf>,
    pub tpm_ca_sign_wrapper: Option<PathBuf>,
    pub allow_file_ca_key: bool,
    pub audit_log_path: Option<PathBuf>,
    pub artifact_path: PathBuf,
    pub signature_path: PathBuf,
    pub trust_path: PathBuf,
    pub observed_path: PathBuf,
    pub freshness_window: Duration,
    pub confirm_deadline_secs: i64,
    pub channel_refs: Option<ChannelRefsSource>,
    pub revocations: Option<RevocationsSource>,
    pub bootstrap_nonces: Option<BootstrapNoncesSource>,
    pub db_path: Option<PathBuf>,
    pub closure_upstream: Option<String>,
    pub rollouts_dir: Option<PathBuf>,
    pub rollouts_source: Option<RolloutsSource>,
    pub strict: bool,
    pub agent_cn_suffix: String,
    pub agent_cert_validity: Duration,
    pub mark_ready_at_startup: bool,
    pub initial_nonces: Option<AllowedNoncesView>,

}
Expand description

Default defaults are bogus on purpose; prod paths fail at first IO if clap parsing is skipped.

Fields§

§listen: SocketAddr§tls_cert: PathBuf§tls_key: PathBuf§client_ca: Option<PathBuf>§fleet_ca_cert: Option<PathBuf>

Often the same path as client_ca.

§fleet_ca_key: Option<PathBuf>

File-backed CA signer’s private key PEM. TPM (pubkey + wrapper) wins.

§tpm_ca_pubkey_raw: Option<PathBuf>

TPM-backed CA signer: keyslot scope’s pubkey.raw (64 raw P-256 X||Y).

§tpm_ca_sign_wrapper: Option<PathBuf>

TPM-backed CA signer: keyslot scope’s tpm-sign-<keyname> wrapper.

§allow_file_ca_key: bool

Permit the file-backed CA-issuance backend under --strict. Default false: in strict mode, the file backend is refused unless TPM is also configured (in which case TPM wins) or this flag is set explicitly. See RFC-0010 §1.5.1.

§audit_log_path: Option<PathBuf>§artifact_path: PathBuf§signature_path: PathBuf§trust_path: PathBuf§observed_path: PathBuf

File-backed fallback used only when no agents checked in AND channel_refs is None.

§freshness_window: Duration§confirm_deadline_secs: i64§channel_refs: Option<ChannelRefsSource>

None -> file-backed --artifact only.

§revocations: Option<RevocationsSource>§bootstrap_nonces: Option<BootstrapNoncesSource>§db_path: Option<PathBuf>

None -> in-memory state only.

§closure_upstream: Option<String>

None -> /v1/agent/closure/<hash> returns 501.

§rollouts_dir: Option<PathBuf>

Pre-signed <rolloutId>.{json,sig} pairs; falls back to rollouts_source, then 503.

§rollouts_source: Option<RolloutsSource>

HTTP-fetched manifests; required when nixfleet-release writes manifests post-build.

§strict: bool

Refuse to start when any security-fallback flag is unset.

§agent_cn_suffix: String

agent-<machineId>.<suffix> for issued cert CNs. Must match the issuance CA’s dNSName name constraint (D14).

§agent_cert_validity: Duration

Validity baked into agent certs at enroll + renew. Default 30d; shortened by operators for hardware testing of renewal flows.

§mark_ready_at_startup: bool

Test-only: skip the readiness gate so endpoint tests don’t have to drive a real channel-refs poll. Production paths MUST leave false; the CLI never sets it.

§initial_nonces: Option<AllowedNoncesView>

Test-only: seed the in-memory bootstrap-nonces allowlist at startup without running the poll loop. Production paths MUST leave None; the CLI never sets it.

Trait Implementations§

Source§

impl Clone for ServeArgs

Source§

fn clone(&self) -> ServeArgs

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for ServeArgs

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for ServeArgs

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FromRef<T> for T
where T: Clone,

§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
§

impl<T> PolicyExt for T
where T: ?Sized,

§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns [Action::Follow] only if self and other return Action::Follow. Read more
§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns [Action::Follow] if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more