ContainerSSH
diff --git a/‎CHANGELOG.md‎
Lines changed: 4 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎appconfig.go‎
Lines changed: 89 additions & 19 deletions b/‎appconfig.go‎
Lines changed: 89 additions & 19 deletions
diff --git a/‎client_config.go‎
Lines changed: 8 additions & 0 deletions b/‎client_config.go‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎compatibility_test.go‎
Lines changed: 2 additions & 0 deletions b/‎compatibility_test.go‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎data/0.3.yaml‎
Lines changed: 1 addition & 1 deletion b/‎data/0.3.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎go.mod‎
Lines changed: 7 additions & 7 deletions b/‎go.mod‎
Lines changed: 7 additions & 7 deletions
@@ -1,5 +1,9 @@
 # Changelog
 
+## 0.9.6: Added Validate()
+
+This release adds a `Validate()` method to the configuration that allows for check the configuration on loading.
+
 ## 0.9.5: Security configuration
 
 This release adds support for the new [security library](https://github.com/containerssh/security). It also adds a metric for config server requests and updates several libraries to their latest versions.
 
@@ -1,6 +1,8 @@
 package configuration
 
 import (
+	"fmt"
+
 	"github.com/containerssh/auditlog"
 	"github.com/containerssh/auth"
 	"github.com/containerssh/docker"
@@ -16,42 +18,49 @@ import (
 //goland:noinspection GoDeprecation
 type AppConfig struct {
 	// Listen is an alias for ssh.listen. Its usage is deprecated.
+	// swagger:ignore
+	// deprecated: use SSH.Listen instead
 	Listen string `json:"listen,omitempty" yaml:"listen,omitempty" default:""`
 	// SSH contains the configuration for the SSH server.
 	// swagger:ignore
-	SSH sshserver.Config `json:"ssh" yaml:"ssh" comment:"SSH configuration"`
+	SSH sshserver.Config `json:"ssh" yaml:"ssh"`
 	// ConfigServer contains the settings for fetching the user-specific configuration.
 	// swagger:ignore
-	ConfigServer ClientConfig `json:"configserver" yaml:"configserver" comment:"Configuration server settings"`
+	ConfigServer ClientConfig `json:"configserver" yaml:"configserver"`
 	// Auth contains the configuration for user authentication.
 	// swagger:ignore
-	Auth auth.ClientConfig `json:"auth" yaml:"auth" comment:"Authentication server configuration"`
+	Auth auth.ClientConfig `json:"auth" yaml:"auth"`
 	// Log contains the configuration for the logging level.
 	// swagger:ignore
-	Log log.Config `json:"log" yaml:"log" comment:"Log configuration"`
+	Log log.Config `json:"log" yaml:"log"`
 	// Metrics contains the configuration for the metrics server.
 	// swagger:ignore
-	Metrics metrics.Config `json:"metrics" yaml:"metrics" comment:"Metrics configuration."`
+	Metrics metrics.Config `json:"metrics" yaml:"metrics"`
 	// GeoIP contains the configuration for the GeoIP lookups.
 	// swagger:ignore
-	GeoIP geoip.Config `json:"geoip" yaml:"geoip" comment:"GeoIP database"`
+	GeoIP geoip.Config `json:"geoip" yaml:"geoip"`
 	// Audit contains the configuration for audit logging and log upload.
 	// swagger:ignore
-	Audit auditlog.Config `json:"audit" yaml:"audit" comment:"Audit configuration"`
-
-	// Security contains the security restrictions on what can be executed.
-	Security security.Config `json:"security" yaml:"security" comment:"Security configuration"`
+	Audit auditlog.Config `json:"audit" yaml:"audit"`
 
+	// Security contains the security restrictions on what can be executed. This option can be changed from the config
+	// server.
+	Security security.Config `json:"security" yaml:"security"`
 	// Backend defines which backend to use. This option can be changed from the config server.
-	Backend string `json:"backend" yaml:"backend" default:"dockerrun" comment:"Backend module to use"`
-	// Docker contains the configuration for the docker backend.
-	Docker docker.Config `json:"docker,omitempty" yaml:"docker" comment:"Docker configuration to use when the Docker backend is used."`
-	// DockerRun contains the configuration for the deprecated dockerrun backend.
-	DockerRun docker.DockerRunConfig `json:"dockerrun,omitempty" yaml:"dockerrun" comment:"Docker configuration to use when the Docker run backend is used."`
-	// Kubernetes contains the configuration for the kubernetes backend.
-	Kubernetes kubernetes.Config `json:"kubernetes,omitempty" yaml:"kubernetes" comment:"Kubernetes configuration to use when the kubernetes run backend is used."`
-	// KubeRun contains the configuration for the deprecated kuberun backend.
-	KubeRun kubernetes.KubeRunConfig `json:"kuberun,omitempty" yaml:"kuberun" comment:"Kubernetes configuration to use when the kuberun run backend is used."`
+	Backend string `json:"backend" yaml:"backend" default:"docker"`
+	// Docker contains the configuration for the docker backend. This option can be changed from the config server.
+	Docker docker.Config `json:"docker,omitempty" yaml:"docker"`
+	// DockerRun contains the configuration for the deprecated dockerrun backend. This option can be changed from the
+	// config server.
+	// deprecated: use Docker instead
+	DockerRun docker.DockerRunConfig `json:"dockerrun,omitempty" yaml:"dockerrun"`
+	// Kubernetes contains the configuration for the kubernetes backend. This option can be changed from the config
+	// server.
+	Kubernetes kubernetes.Config `json:"kubernetes,omitempty" yaml:"kubernetes"`
+	// KubeRun contains the configuration for the deprecated kuberun backend. This option can be changed from the config
+	// server.
+	// deprecated: use Kubernetes instead
+	KubeRun kubernetes.KubeRunConfig `json:"kuberun,omitempty" yaml:"kuberun"`
 }
 
 // FixCompatibility moves deprecated options to their new places and issues warnings.
@@ -67,3 +76,64 @@ func (cfg *AppConfig) FixCompatibility(logger log.Logger) error {
 	}
 	return nil
 }
+
+// Validate validates the configuration structure and returns an error if it is invalid.
+//
+// - dynamic enables the validation for dynamically configurable options.
+func (cfg *AppConfig) Validate(dynamic bool) error {
+	queue := newValidationQueue()
+	queue.add("SSH", &cfg.SSH)
+	queue.add("config server", &cfg.ConfigServer)
+	queue.add("authentication", &cfg.Auth)
+	queue.add("logging", &cfg.Log)
+	queue.add("metrics", &cfg.Metrics)
+	queue.add("GeoIP", &cfg.GeoIP)
+	queue.add("audit log", &cfg.Audit)
+
+	if cfg.ConfigServer.URL != "" && !dynamic {
+		return queue.Validate()
+	}
+	queue.add("security configuration", &cfg.Security)
+	switch cfg.Backend {
+	case "docker":
+		queue.add("Docker", &cfg.Docker)
+	case "dockerrun":
+		queue.add("DockerRun", &cfg.DockerRun)
+	case "kubernetes":
+		queue.add("Kubernetes", &cfg.Kubernetes)
+	case "kuberun":
+		queue.add("KubeRun", &cfg.KubeRun)
+	case "":
+		return fmt.Errorf("no backend configured")
+	default:
+		return fmt.Errorf("invalid backend: %s", cfg.Backend)
+	}
+	return queue.Validate()
+}
+
+type validatable interface {
+	Validate() error
+}
+
+func newValidationQueue() *validationQueue {
+	return &validationQueue{
+		items: map[string]validatable{},
+	}
+}
+
+type validationQueue struct {
+	items map[string]validatable
+}
+
+func (v *validationQueue) add(name string, item validatable) {
+	v.items[name] = item
+}
+
+func (v *validationQueue) Validate() error {
+	for name, item := range v.items {
+		if err := item.Validate(); err != nil {
+			return fmt.Errorf("invalid %s configuration (%w)", name, err)
+		}
+	}
+	return nil
+}
@@ -8,3 +8,11 @@ import (
 type ClientConfig struct {
 	http.ClientConfiguration `yaml:",inline"`
 }
+
+// Validate validates the client configuration.
+func (c *ClientConfig) Validate() error {
+	if c.ClientConfiguration.URL == "" {
+		return nil
+	}
+	return c.ClientConfiguration.Validate()
+}
@@ -6,6 +6,7 @@ import (
 	"testing"
 
 	"github.com/containerssh/log"
+	"github.com/containerssh/structutils"
 	"github.com/stretchr/testify/assert"
 
 	"github.com/containerssh/configuration"
@@ -35,6 +36,7 @@ func Test03Compatibility(t *testing.T) {
 	assert.NoError(t, err)
 
 	config := configuration.AppConfig{}
+	structutils.Defaults(&config)
 	err = reader.Load(context.Background(), &config)
 	assert.NoError(t, err)
 
 
@@ -25,7 +25,7 @@ configserver:
   cert: ""
   key: ""
 auth:
-  url: ""
+  url: "http://localhost:8080"
   cacert: ""
   timeout: 2s
   cert: ""
 
@@ -3,15 +3,15 @@ module github.com/containerssh/configuration
 go 1.14
 
 require (
-	github.com/containerssh/auditlog v0.9.5
+	github.com/containerssh/auditlog v0.9.6
 	github.com/containerssh/auth v0.9.3
-	github.com/containerssh/docker v0.9.5
-	github.com/containerssh/geoip v0.9.3
-	github.com/containerssh/http v0.9.4
-	github.com/containerssh/kubernetes v0.9.2
-	github.com/containerssh/log v0.9.7
+	github.com/containerssh/docker v0.9.6
+	github.com/containerssh/geoip v0.9.4
+	github.com/containerssh/http v0.9.5
+	github.com/containerssh/kubernetes v0.9.3
+	github.com/containerssh/log v0.9.8
 	github.com/containerssh/metrics v0.9.5
-	github.com/containerssh/security v0.9.0
+	github.com/containerssh/security v0.9.2
 	github.com/containerssh/service v0.9.0
 	github.com/containerssh/sshserver v0.9.14
 	github.com/containerssh/structutils v0.9.0