server

type Config struct {
	// DB, if set, is used as the secrets database for the server.
	// If non-nil, the DBPath and Key fields are ignored.
	// If nil, then DBPath, Key, and AuditLog must all be set.
	DB *db.DB

	// DBPath, if non-empty, is the path to the secrets database.
	// It must be set if DB is nil.
	DBPath string

	// Key is the AEAD used to encrypt/decrypt the database.
	// It must be set if DB is nil.
	Key tink.AEAD

	// AuditLog is the writer to use for audit logs.
	// It must be set if DB is nil.
	AuditLog *audit.Writer

	// WhoIs is a function that reports an identity for a client IP
	// address. Outside of tests, it will be the WhoIs of a Tailscale
	// LocalClient.
	WhoIs func(ctx context.Context, remoteAddr string) (*apitype.WhoIsResponse, error)

	// Mux is the http.ServeMux on which the server registers its HTTP
	// handlers. It must be non-nil.
	Mux *http.ServeMux

	// BackupBucket is an AWS S3 bucket name to which database
	// backups should be saved. If empty, the database is not backed
	// up.
	BackupBucket string

	// BackupBucketRegion is the AWS region that the S3 bucket is in.
	//
	// You would think that one could derive this automatically given
	// the bucket's unique global namespace. I genuinely could not
	// find a way to get the AWS Go SDK to just figure this out
	// correctly, after two days of trying. The AWS SDK is not
	// designed for excellence, you are supposed to just give up and
	// be mediocre.
	BackupBucketRegion string
	// BackupAssumeRole is an AWS IAM role to assume to access the
	// backup bucket. The role assumption is requested using the
	// process's ambient AWS permissions, as autoconfigured by the AWS
	// SDK. If BackupAssumeRole is empty, backups are written without
	// assuming a role.
	BackupAssumeRole string
}

type Server struct {
	// contains filtered or unexported fields
}