{ "$schema": "http://json-schema.org/draft-07/schema#", "type": "object", "description": "The startup config for policyd", "markdownDescription": "The startup config for the [policyd](https://docs.halon.io/policyd)", "additionalProperties": false, "required": [ "version", "listeners", "websocket", "elasticsearch" ], "properties": { "version": { "type": "string", "enum": [ "1.1" ], "description": "The software version the configuration was created for" }, "listeners": { "type": "array", "uniqueItems": true, "minItems": 1, "description": "The IP addresses and ports to listen on. If no IP addresses are specificed it will bind to any (both IPv4 and IPv6)", "items": { "type": "object", "required": [ "port" ], "additionalProperties": false, "properties": { "port": { "type": "integer", "maximum": 65535, "minimum": 1, "description": "Port number" }, "address": { "description": "IP address", "anyOf": [ { "type": "string", "format": "ipv4", "description": "IPv4 address" }, { "type": "string", "format": "ipv6", "description": "IPv6 address" } ] }, "pki": { "type": "object", "description": "The X.509 certificate and private key", "additionalProperties": false, "required": [ "certificate", "privatekey" ], "properties": { "certificate": { "oneOf": [ { "type": "object", "additionalProperties": false, "required": [ "data" ], "properties": { "data": { "type": "string", "minLength": 1, "description": "The PKCS #8 PEM data" } } }, { "type": "object", "additionalProperties": false, "required": [ "path" ], "properties": { "path": { "type": "string", "minLength": 1, "description": "The PKCS #8 PEM path" } } } ] }, "privatekey": { "oneOf": [ { "type": "object", "additionalProperties": false, "required": [ "data" ], "properties": { "data": { "type": "string", "minLength": 1, "description": "The private key data" } } }, { "type": "object", "additionalProperties": false, "required": [ "path" ], "properties": { "path": { "type": "string", "minLength": 1, "description": "The private key path" } } } ] } } } } } }, "websocket": { "description": "The settings for the WebSocket", "required": [ "listener" ], "properties": { "listener": { "description": "The IP addresses and ports to listen on. If no IP addresses are specificed it will bind to any (both IPv4 and IPv6)", "type": "object", "required": [ "port" ], "additionalProperties": false, "properties": { "port": { "type": "integer", "maximum": 65535, "minimum": 1, "description": "Port number" }, "address": { "description": "IP address", "anyOf": [ { "type": "string", "format": "ipv4", "description": "IPv4 address" }, { "type": "string", "format": "ipv6", "description": "IPv6 address" } ] }, "pki": { "type": "object", "description": "The X.509 certificate and private key", "additionalProperties": false, "required": [ "certificate", "privatekey" ], "properties": { "certificate": { "oneOf": [ { "type": "object", "additionalProperties": false, "required": [ "data" ], "properties": { "data": { "type": "string", "minLength": 1, "description": "The PKCS #8 PEM data" } } }, { "type": "object", "additionalProperties": false, "required": [ "path" ], "properties": { "path": { "type": "string", "minLength": 1, "description": "The PKCS #8 PEM path" } } } ] }, "privatekey": { "oneOf": [ { "type": "object", "additionalProperties": false, "required": [ "data" ], "properties": { "data": { "type": "string", "minLength": 1, "description": "The private key data" } } }, { "type": "object", "additionalProperties": false, "required": [ "path" ], "properties": { "path": { "type": "string", "minLength": 1, "description": "The private key path" } } } ] } } } } } } }, "elasticsearch": { "type": "object", "properties": { "index": { "type": "object", "description": "The Elasticsearch indices used by the application", "properties": { "actions": { "type": "string", "description": "The index for storing action events" } }, "required": [ "actions" ], "additionalProperties": false }, "nodes": { "type": "array", "description": "A list of Elasticsearch nodes", "items": { "type": "object", "properties": { "url": { "type": "string" } }, "required": [ "url" ], "additionalProperties": false } }, "auth": { "type": "object", "description": "Authentication for the Elasticsearch nodes", "properties": { "username": { "type": "string" }, "password": { "type": "string" } }, "required": [ "username", "password" ], "additionalProperties": false }, "tls": { "type": "object", "additionalProperties": false, "description": "The TLS options", "properties": { "verify": { "type": "boolean", "default": true, "description": "If the server certificate should be verified" } } } }, "required": [ "index", "nodes" ], "additionalProperties": false } } }