Initial commit
This commit is contained in:
commit
19296f4188
18 changed files with 2562 additions and 0 deletions
101
checker/definition.go
Normal file
101
checker/definition.go
Normal file
|
|
@ -0,0 +1,101 @@
|
|||
package checker
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
sdk "git.happydns.org/checker-sdk-go/checker"
|
||||
)
|
||||
|
||||
// Version defaults to "built-in"; standalone and plugin builds override
|
||||
// it via -ldflags "-X .../checker.Version=...".
|
||||
var Version = "built-in"
|
||||
|
||||
// Option ids.
|
||||
const (
|
||||
OptionResolver = "resolver"
|
||||
OptionCertExpiryWarnDays = "certExpiryWarnDays"
|
||||
OptionRequireDNSSEC = "requireDNSSEC"
|
||||
OptionRequireEmailProtection = "requireEmailProtection"
|
||||
)
|
||||
|
||||
// Definition is the package-level helper returned to the host by the
|
||||
// plugin entrypoint and used by sdk.NewServer via the provider's
|
||||
// CheckerDefinitionProvider implementation.
|
||||
func Definition() *sdk.CheckerDefinition {
|
||||
return &sdk.CheckerDefinition{
|
||||
ID: "openpgpkey-smimea",
|
||||
Name: "OPENPGPKEY & SMIMEA",
|
||||
Version: Version,
|
||||
Availability: sdk.CheckerAvailability{
|
||||
ApplyToService: true,
|
||||
LimitToServices: []string{
|
||||
ServiceOpenPGP,
|
||||
ServiceSMimeCert,
|
||||
},
|
||||
},
|
||||
ObservationKeys: []sdk.ObservationKey{ObservationKey},
|
||||
Options: sdk.CheckerOptionsDocumentation{
|
||||
UserOpts: []sdk.CheckerOptionDocumentation{
|
||||
{
|
||||
Id: OptionResolver,
|
||||
Type: "string",
|
||||
Label: "DNS resolver",
|
||||
Placeholder: "1.1.1.1",
|
||||
Description: "Validating resolver to query (comma-separated list accepted). Defaults to the system resolver when empty.",
|
||||
},
|
||||
{
|
||||
Id: OptionCertExpiryWarnDays,
|
||||
Type: "number",
|
||||
Label: "Expiry warning threshold (days)",
|
||||
Description: "Emit a warning when the primary key or S/MIME certificate expires in less than this many days.",
|
||||
Default: float64(30),
|
||||
},
|
||||
{
|
||||
Id: OptionRequireDNSSEC,
|
||||
Type: "bool",
|
||||
Label: "Require DNSSEC",
|
||||
Description: "When enabled, a non-DNSSEC-validated lookup is reported as critical (otherwise as warning). RFC 7929 and RFC 8162 mandate DNSSEC.",
|
||||
Default: true,
|
||||
},
|
||||
{
|
||||
Id: OptionRequireEmailProtection,
|
||||
Type: "bool",
|
||||
Label: "Require emailProtection EKU",
|
||||
Description: "When enabled, an S/MIME certificate without the emailProtection Extended Key Usage is reported as critical.",
|
||||
Default: true,
|
||||
},
|
||||
},
|
||||
DomainOpts: []sdk.CheckerOptionDocumentation{
|
||||
{
|
||||
Id: "domain_name",
|
||||
Label: "Zone origin",
|
||||
AutoFill: sdk.AutoFillDomainName,
|
||||
},
|
||||
{
|
||||
Id: "subdomain",
|
||||
Label: "Subdomain",
|
||||
AutoFill: sdk.AutoFillSubdomain,
|
||||
},
|
||||
},
|
||||
ServiceOpts: []sdk.CheckerOptionDocumentation{
|
||||
{
|
||||
Id: "service",
|
||||
Label: "Service",
|
||||
AutoFill: sdk.AutoFillService,
|
||||
},
|
||||
{
|
||||
Id: "service_type",
|
||||
Label: "Service type",
|
||||
AutoFill: sdk.AutoFillServiceType,
|
||||
Hide: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
Rules: []sdk.CheckRule{Rule()},
|
||||
Interval: &sdk.CheckIntervalSpec{
|
||||
Min: 1 * time.Hour,
|
||||
Max: 7 * 24 * time.Hour,
|
||||
Default: 12 * time.Hour,
|
||||
},
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue