Documentation
¶
Overview ¶
Package config defines the configuration types and loading for fence.
Index ¶
- Variables
- func DefaultConfigPath() string
- func FormatConfigForFile(cfg *Config, opts FileWriteOptions) (string, error)
- func MarshalConfigJSON(cfg *Config) ([]byte, error)
- func MatchesDomain(hostname, pattern string) bool
- func MatchesHost(hostname, pattern string) bool
- func WriteConfigFile(cfg *Config, path string, opts FileWriteOptions) error
- type CommandConfig
- type Config
- type FileWriteOptions
- type FilesystemConfig
- type NetworkConfig
- type SSHConfig
Constants ¶
This section is empty.
Variables ¶
var DefaultDeniedCommands = []string{
"shutdown",
"reboot",
"halt",
"poweroff",
"init 0",
"init 6",
"systemctl poweroff",
"systemctl reboot",
"systemctl halt",
"insmod",
"rmmod",
"modprobe",
"kexec",
"mkfs",
"mkfs.ext2",
"mkfs.ext3",
"mkfs.ext4",
"mkfs.xfs",
"mkfs.btrfs",
"mkfs.vfat",
"mkfs.ntfs",
"fdisk",
"parted",
"dd if=",
"docker run -v /:/",
"docker run --privileged",
"chroot",
"unshare",
"nsenter",
}
DefaultDeniedCommands returns commands that are blocked by default. These are system-level dangerous commands that are rarely needed by AI agents.
Functions ¶
func DefaultConfigPath ¶
func DefaultConfigPath() string
DefaultConfigPath returns the default config file path. Uses the OS-preferred config directory (XDG on Linux, ~/Library/Application Support on macOS). Falls back to ~/.fence.json if the new location doesn't exist but the legacy one does.
func FormatConfigForFile ¶ added in v0.1.23
func FormatConfigForFile(cfg *Config, opts FileWriteOptions) (string, error)
FormatConfigForFile returns config JSON with optional header lines.
func MarshalConfigJSON ¶ added in v0.1.23
MarshalConfigJSON marshals a fence config to clean JSON, omitting empty arrays and with fields in a logical order (extends first).
func MatchesDomain ¶
MatchesDomain checks if a hostname matches a domain pattern.
func MatchesHost ¶ added in v0.1.10
MatchesHost checks if a hostname matches an SSH host pattern. SSH host patterns support wildcards anywhere in the pattern.
func WriteConfigFile ¶ added in v0.1.23
func WriteConfigFile(cfg *Config, path string, opts FileWriteOptions) error
WriteConfigFile writes a fence config to a file with optional header lines.
Types ¶
type CommandConfig ¶ added in v0.1.4
type CommandConfig struct {
Deny []string `json:"deny"`
Allow []string `json:"allow"`
UseDefaults *bool `json:"useDefaults,omitempty"`
}
CommandConfig defines command restrictions.
func (*CommandConfig) UseDefaultDeniedCommands ¶ added in v0.1.4
func (c *CommandConfig) UseDefaultDeniedCommands() bool
UseDefaultDeniedCommands returns whether to use the default deny list.
type Config ¶
type Config struct {
Extends string `json:"extends,omitempty"`
Network NetworkConfig `json:"network"`
Filesystem FilesystemConfig `json:"filesystem"`
Command CommandConfig `json:"command"`
SSH SSHConfig `json:"ssh"`
AllowPty bool `json:"allowPty,omitempty"`
}
Config is the main configuration for fence.
func Default ¶
func Default() *Config
Default returns the default configuration with all network blocked.
type FileWriteOptions ¶ added in v0.1.23
type FileWriteOptions struct {
// HeaderLines are written above the JSON content (one line per entry).
// Lines are written as provided; callers can include comment prefixes.
HeaderLines []string
}
FileWriteOptions controls config file formatting behavior.
type FilesystemConfig ¶
type FilesystemConfig struct {
DefaultDenyRead bool `json:"defaultDenyRead,omitempty"` // If true, deny reads by default except system paths and AllowRead
WSLInterop *bool `json:"wslInterop,omitempty"` // If nil, auto-detect WSL and allow /init; true/false to override
AllowRead []string `json:"allowRead"` // Paths to allow reading
AllowExecute []string `json:"allowExecute"` // Paths to allow executing (read+execute only, no directory listing)
DenyRead []string `json:"denyRead"`
AllowWrite []string `json:"allowWrite"`
DenyWrite []string `json:"denyWrite"`
AllowGitConfig bool `json:"allowGitConfig,omitempty"`
}
FilesystemConfig defines filesystem restrictions.
type NetworkConfig ¶
type NetworkConfig struct {
AllowedDomains []string `json:"allowedDomains"`
DeniedDomains []string `json:"deniedDomains"`
AllowUnixSockets []string `json:"allowUnixSockets,omitempty"`
AllowAllUnixSockets bool `json:"allowAllUnixSockets,omitempty"`
AllowLocalBinding bool `json:"allowLocalBinding,omitempty"`
AllowLocalOutbound *bool `json:"allowLocalOutbound,omitempty"` // If nil, defaults to AllowLocalBinding value
HTTPProxyPort int `json:"httpProxyPort,omitempty"`
SOCKSProxyPort int `json:"socksProxyPort,omitempty"`
}
NetworkConfig defines network restrictions.
type SSHConfig ¶ added in v0.1.10
type SSHConfig struct {
AllowedHosts []string `json:"allowedHosts"` // Host patterns to allow SSH to (supports wildcards like *.example.com)
DeniedHosts []string `json:"deniedHosts"` // Host patterns to deny SSH to (checked before allowed)
AllowedCommands []string `json:"allowedCommands"` // Commands allowed over SSH (allowlist mode)
DeniedCommands []string `json:"deniedCommands"` // Commands denied over SSH (checked before allowed)
AllowAllCommands bool `json:"allowAllCommands,omitempty"` // If true, use denylist mode instead of allowlist
InheritDeny bool `json:"inheritDeny,omitempty"` // If true, also apply global command.deny rules
}
SSHConfig defines SSH command restrictions. SSH commands are filtered using an allowlist by default for security.
Source Files