This commit is contained in:
+16
-1
@@ -14,7 +14,11 @@ export interface UniDeskConfig {
|
||||
database: { port: number; containerPort: number };
|
||||
providerIngress: { port: number; containerPort: number };
|
||||
providerData: { port: number; containerPort: number };
|
||||
restrictedHostAccess?: { bindHost: string; allowedSourceCidrs: string[] };
|
||||
restrictedHostAccess?: {
|
||||
bindHost: string;
|
||||
allowedSourceCidrs: string[];
|
||||
allowedForwardRules: Array<{ id: string; sourceCidr: string; destinationCidr: string; port: number; purpose: string }>;
|
||||
};
|
||||
};
|
||||
auth: { username: string; password: string; sessionSecret: string; sessionTtlSeconds: number };
|
||||
database: { user: string; password: string; name: string; volume: string; volumeSize: string };
|
||||
@@ -181,9 +185,20 @@ function optionalRestrictedHostAccess(network: Record<string, unknown>): UniDesk
|
||||
const record = asRecord(value, "network.restrictedHostAccess");
|
||||
const allowedSourceCidrs = stringArrayField(record, "allowedSourceCidrs", "network.restrictedHostAccess");
|
||||
if (allowedSourceCidrs.length === 0) throw new Error("network.restrictedHostAccess.allowedSourceCidrs must not be empty");
|
||||
const allowedForwardRules = optionalArray(record.allowedForwardRules, "network.restrictedHostAccess.allowedForwardRules").map((item, index) => {
|
||||
const path = `network.restrictedHostAccess.allowedForwardRules[${index}]`;
|
||||
return {
|
||||
id: stringField(item, "id", path),
|
||||
sourceCidr: stringField(item, "sourceCidr", path),
|
||||
destinationCidr: stringField(item, "destinationCidr", path),
|
||||
port: numberField(item, "port", path),
|
||||
purpose: stringField(item, "purpose", path),
|
||||
};
|
||||
});
|
||||
return {
|
||||
bindHost: stringField(record, "bindHost", "network.restrictedHostAccess"),
|
||||
allowedSourceCidrs,
|
||||
allowedForwardRules,
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user