<?xml version="1.0" encoding="UTF-8" ?> <i:Configuration xmlns:i="urn:com.io7m.idstore:configuration:1" xmlns:it="urn:com.io7m.idstore.tls:1"> <i:Branding ProductTitle="idstore"/> <i:Database Name="idstore" Kind="POSTGRESQL" OwnerRoleName="idstore_install" OwnerRolePassword="mydatabasewill" WorkerRolePassword="probablybecompromised" Address="db.example.com" Port="5432" Create="true" Upgrade="true"/> <i:HTTPServices> <i:HTTPServiceAdminAPI ListenAddress="[::]" ListenPort="51000" ExternalURI="https://[::]:51000/"> <it:TLSEnabled> <it:KeyStore Type="CANONMILL" Provider="CANONMILL" Password="changeit" File="keystore.xml"/> <it:TrustStore Type="CANONMILL" Provider="CANONMILL" Password="changeit" File="truststore.xml"/> </it:TLSEnabled> </i:HTTPServiceAdminAPI> <i:HTTPServiceUserAPI ListenAddress="[::]" ListenPort="50000" ExternalURI="http://[::]:50000/"> <it:TLSDisabled/> </i:HTTPServiceUserAPI> <i:HTTPServiceUserView ListenAddress="[::]" ListenPort="50001" ExternalURI="http://[::]:50001/"> <it:TLSDisabled/> </i:HTTPServiceUserView> </i:HTTPServices> <i:History UserLoginHistoryLimit="10" AdminLoginHistoryLimit="100"/> <i:Mail SenderAddress="no-reply@example.com" VerificationExpiration="PT24H"> <i:SMTP Host="mail.example.com" Port="25"/> </i:Mail> <i:Maintenance/> <i:RateLimiting EmailVerificationRateLimit="PT10M" PasswordResetRateLimit="PT10M"/> <i:Sessions UserSessionExpiration="PT30M" AdminSessionExpiration="PT30M"/> </i:Configuration>
<Mail SenderAddress="no-reply@example.com" VerificationExpiration="PT24H"> <SMTP Host="mail.example.com" Port="25"/> </Mail>
<Maintenance TLSReloadInterval="PT30M"/>
<HTTPServices> <HTTPServiceAdminAPI ListenAddress="localhost" ListenPort="51000" ExternalURI="http://localhost:51000/"> <it:TLSEnabled> <it:KeyStore Type="CANONMILL" Provider="CANONMILL" Password="changeit" File="keystore.xml"/> <it:TrustStore Type="CANONMILL" Provider="CANONMILL" Password="changeit" File="truststore.xml"/> </it:TLSEnabled> </HTTPServiceAdminAPI> <HTTPServiceUserAPI ListenAddress="localhost" ListenPort="50000" ExternalURI="http://localhost:50000/"> <it:TLSDisabled/> </HTTPServiceUserAPI> <HTTPServiceUserView ListenAddress="localhost" ListenPort="50001" ExternalURI="http://localhost:50001/"> <it:TLSDisabled/> </HTTPServiceUserView> </HTTPServices>
<Sessions UserSessionExpiration="PT30M" AdminSessionExpiration="PT30M"/>
<History UserLoginHistoryLimit="100" AdminLoginHistoryLimit="10000"/>
<Database Kind="POSTGRESQL" OwnerRoleName="idstore_install" OwnerRolePassword="mydatabasewill" WorkerRolePassword="probablybecompromised" ReaderRolePassword="lookbutdonottouch" Address="localhost" Port="54322" Create="true" Upgrade="true"/>
<RateLimiting EmailVerificationRateLimit="PT10M" PasswordResetRateLimit="PT10M" UserLoginRateLimit="PT5S" UserLoginDelay="PT1S" AdminLoginRateLimit="PT5S" AdminLoginDelay="PT1S" />
<PasswordExpiration UserPasswordValidityDuration="PT720H" AdminPasswordValidityDuration="PT2160H" />
<OpenTelemetry LogicalServiceName="idstore"> <Logs Endpoint="http://logs.example.com:4317" Protocol="GRPC"/> <Metrics Endpoint="http://metrics.example.com:4317" Protocol="GRPC"/> <Traces Endpoint="http://traces.example.com:4317" Protocol="GRPC"/> </OpenTelemetry>
<Branding ProductTitle="idstore"> <ColorScheme> <ButtonColors> <Disabled> <BodyColor Red="0.101" Green="0.309" Blue="0.45"/> <BorderColor Red="0" Green="0" Blue="0"/> <EmbossEColor Red="0.175" Green="0.527" Blue="0.765"/> <EmbossNColor Red="0.175" Green="0.527" Blue="0.765"/> <EmbossSColor Red="0.07" Green="0.214" Blue="0.316"/> <EmbossWColor Red="0.07" Green="0.214" Blue="0.316"/> <TextColor Red="0" Green="0" Blue="0"/> </Disabled> <Enabled> <BodyColor Red="0.101" Green="0.309" Blue="0.45"/> <BorderColor Red="0" Green="0" Blue="0"/> <EmbossEColor Red="0.175" Green="0.527" Blue="0.765"/> <EmbossNColor Red="0.175" Green="0.527" Blue="0.765"/> <EmbossSColor Red="0.07" Green="0.214" Blue="0.316"/> <EmbossWColor Red="0.07" Green="0.214" Blue="0.316"/> <TextColor Red="0" Green="0" Blue="0"/> </Enabled> <Hover> <BodyColor Red="0.125" Green="0.371" Blue="0.539"/> <BorderColor Red="0" Green="0" Blue="0"/> <EmbossEColor Red="0.175" Green="0.527" Blue="0.765"/> <EmbossNColor Red="0.175" Green="0.527" Blue="0.765"/> <EmbossSColor Red="0.07" Green="0.214" Blue="0.316"/> <EmbossWColor Red="0.07" Green="0.214" Blue="0.316"/> <TextColor Red="0" Green="0" Blue="0"/> </Hover> <Pressed> <BodyColor Red="0.093" Green="0.277" Blue="0.406"/> <BorderColor Red="0" Green="0" Blue="0"/> <EmbossEColor Red="0.07" Green="0.214" Blue="0.316"/> <EmbossNColor Red="0.07" Green="0.214" Blue="0.316"/> <EmbossSColor Red="0.125" Green="0.371" Blue="0.539"/> <EmbossWColor Red="0.125" Green="0.371" Blue="0.539"/> <TextColor Red="0" Green="0" Blue="0"/> </Pressed> </ButtonColors> <ErrorBorderColor Red="1" Green="0" Blue="0"/> <HeaderBackgroundColor Red="0.184" Green="0.184" Blue="0.184"/> <HeaderLinkColor Red="1" Green="1" Blue="1"/> <HeaderTextColor Red="1" Green="1" Blue="1"/> <MainBackgroundColor Red="0.101" Green="0.309" Blue="0.45"/> <MainLinkColor Red="1" Green="1" Blue="1"/> <MainMessageBorderColor Red="0.1875" Green="0.558" Blue="0.8125"/> <MainTableBorderColor Red="0.1875" Green="0.558" Blue="0.8125"/> <MainTextColor Red="1" Green="1" Blue="1"/> </ColorScheme> </Branding>
<?xml version="1.0" encoding="UTF-8" ?> <!-- Copyright © 2023 Mark Raynsford <code@io7m.com> https://www.io7m.com Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. --> <schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:c="urn:com.io7m.idstore:configuration:1" xmlns:ct="urn:com.io7m.idstore.tls:1" targetNamespace="urn:com.io7m.idstore:configuration:1"> <import namespace="urn:com.io7m.idstore.tls:1"/> <simpleType name="ColorComponent"> <annotation> <documentation> The type of a component within a color. </documentation> </annotation> <restriction base="double"> <minInclusive value="0.0"/> <maxInclusive value="1.0"/> </restriction> </simpleType> <complexType name="ColorType"> <annotation> <documentation> An RGB color. </documentation> </annotation> <attribute name="Red" type="c:ColorComponent" use="required"/> <attribute name="Green" type="c:ColorComponent" use="required"/> <attribute name="Blue" type="c:ColorComponent" use="required"/> </complexType> <element name="ErrorBorderColor" type="c:ColorType"> <annotation> <documentation> The color used for the border around error messages on web pages. </documentation> </annotation> </element> <element name="HeaderBackgroundColor" type="c:ColorType"> <annotation> <documentation> The color used for the web page header background. </documentation> </annotation> </element> <element name="HeaderLinkColor" type="c:ColorType"> <annotation> <documentation> The color used for the web page header links. </documentation> </annotation> </element> <element name="HeaderTextColor" type="c:ColorType"> <annotation> <documentation> The color used for the web page header text. </documentation> </annotation> </element> <element name="MainBackgroundColor" type="c:ColorType"> <annotation> <documentation> The color used for the web page main background. </documentation> </annotation> </element> <element name="MainLinkColor" type="c:ColorType"> <annotation> <documentation> The color used for the web page main links on web pages. </documentation> </annotation> </element> <element name="MainMessageBorderColor" type="c:ColorType"> <annotation> <documentation> The color used for the border around non-error messages on web pages. </documentation> </annotation> </element> <element name="MainTableBorderColor" type="c:ColorType"> <annotation> <documentation> The color used for table borders on web pages. </documentation> </annotation> </element> <element name="MainTextColor" type="c:ColorType"> <annotation> <documentation> The color used for the main text on web pages. </documentation> </annotation> </element> <element name="TextColor" type="c:ColorType"> <annotation> <documentation> The color used for the button text. </documentation> </annotation> </element> <element name="BodyColor" type="c:ColorType"> <annotation> <documentation> The color used for the button body. </documentation> </annotation> </element> <element name="BorderColor" type="c:ColorType"> <annotation> <documentation> The color used for the button border. </documentation> </annotation> </element> <element name="EmbossEColor" type="c:ColorType"> <annotation> <documentation> The color used for the east-facing emboss. </documentation> </annotation> </element> <element name="EmbossSColor" type="c:ColorType"> <annotation> <documentation> The color used for the south-facing emboss. </documentation> </annotation> </element> <element name="EmbossWColor" type="c:ColorType"> <annotation> <documentation> The color used for the west-facing emboss. </documentation> </annotation> </element> <element name="EmbossNColor" type="c:ColorType"> <annotation> <documentation> The color used for the north-facing emboss. </documentation> </annotation> </element> <complexType name="ButtonStateColors"> <annotation> <documentation> The colors used for a particular button state. </documentation> </annotation> <sequence> <element ref="c:BodyColor"/> <element ref="c:BorderColor"/> <element ref="c:EmbossEColor"/> <element ref="c:EmbossNColor"/> <element ref="c:EmbossSColor"/> <element ref="c:EmbossWColor"/> <element ref="c:TextColor"/> </sequence> </complexType> <element name="Enabled" type="c:ButtonStateColors"> <annotation> <documentation> The colors used when the button is in the unpressed, enabled state. </documentation> </annotation> </element> <element name="Disabled" type="c:ButtonStateColors"> <annotation> <documentation> The colors used when the button is in the disabled state. </documentation> </annotation> </element> <element name="Pressed" type="c:ButtonStateColors"> <annotation> <documentation> The colors used when the button is in the pressed state. </documentation> </annotation> </element> <element name="Hover" type="c:ButtonStateColors"> <annotation> <documentation> The colors used when the button is in the hover state. </documentation> </annotation> </element> <element name="ButtonColors"> <annotation> <documentation> The colors used for all button states. </documentation> </annotation> <complexType> <sequence> <element ref="c:Disabled"/> <element ref="c:Enabled"/> <element ref="c:Hover"/> <element ref="c:Pressed"/> </sequence> </complexType> </element> <element name="ColorScheme"> <complexType> <sequence> <element ref="c:ButtonColors"/> <element ref="c:ErrorBorderColor"/> <element ref="c:HeaderBackgroundColor"/> <element ref="c:HeaderLinkColor"/> <element ref="c:HeaderTextColor"/> <element ref="c:MainBackgroundColor"/> <element ref="c:MainLinkColor"/> <element ref="c:MainMessageBorderColor"/> <element ref="c:MainTableBorderColor"/> <element ref="c:MainTextColor"/> </sequence> </complexType> </element> <element name="Branding"> <complexType> <sequence> <element ref="c:ColorScheme" minOccurs="0" maxOccurs="1"/> </sequence> <attribute name="ProductTitle" use="required" type="string"> <annotation> <documentation> The product title that will be used in web pages and emails. </documentation> </annotation> </attribute> <attribute name="Logo" use="optional" type="anyURI"> <annotation> <documentation> A file that contains a logo image used in web pages. </documentation> </annotation> </attribute> <attribute name="LoginExtra" use="optional" type="anyURI"> <annotation> <documentation> A file that contains XHTML text that will be inserted into login web pages. </documentation> </annotation> </attribute> </complexType> </element> <complexType name="MailTransportType"> <annotation> <documentation> The base type of mail transport configurations. </documentation> </annotation> </complexType> <complexType name="SMTPType"> <annotation> <documentation> Settings for communicating over SMTP without encryption. </documentation> </annotation> <complexContent> <extension base="c:MailTransportType"> <attribute name="Host" type="anyURI" use="required"/> <attribute name="Port" type="unsignedInt" use="required"/> </extension> </complexContent> </complexType> <complexType name="SMTPTLSType"> <annotation> <documentation> Settings for communicating over SMTP_TLS. </documentation> </annotation> <complexContent> <extension base="c:MailTransportType"> <attribute name="Host" type="anyURI" use="required"/> <attribute name="Port" type="unsignedInt" use="required"/> </extension> </complexContent> </complexType> <complexType name="SMTPSType"> <annotation> <documentation> Settings for communicating over SMTPS. </documentation> </annotation> <complexContent> <extension base="c:MailTransportType"> <attribute name="Host" type="anyURI" use="required"/> <attribute name="Port" type="unsignedInt" use="required"/> </extension> </complexContent> </complexType> <element name="SMTP" type="c:SMTPType"/> <element name="SMTPTLS" type="c:SMTPTLSType"/> <element name="SMTPS" type="c:SMTPSType"/> <element name="MailAuthentication"> <annotation> <documentation> The mail server authentication configuration. </documentation> </annotation> <complexType> <attribute name="Username" type="string" use="required"> <annotation> <documentation> The username that will be used to authenticate to the mail server. </documentation> </annotation> </attribute> <attribute name="Password" type="string" use="required"> <annotation> <documentation> The password that will be used to authenticate to the mail server. </documentation> </annotation> </attribute> </complexType> </element> <element name="Mail"> <annotation> <documentation> The mail server configuration. </documentation> </annotation> <complexType> <sequence> <choice minOccurs="1" maxOccurs="1"> <element ref="c:SMTP"/> <element ref="c:SMTPS"/> <element ref="c:SMTPTLS"/> </choice> <element ref="c:MailAuthentication" minOccurs="0" maxOccurs="1"/> </sequence> <attribute name="SenderAddress" type="string" use="required"/> <attribute name="VerificationExpiration" type="duration" use="required"/> </complexType> </element> <element name="Maintenance"> <annotation> <documentation> Configuration for the server's periodic maintenance tasks. </documentation> </annotation> <complexType> <attribute name="TLSReloadInterval" type="duration" use="optional"> <annotation> <documentation> The interval at which TLS contexts will be reloaded. If not specified, TLS contexts will not be reloaded. </documentation> </annotation> </attribute> </complexType> </element> <element name="History"> <annotation> <documentation> Retention settings for logins. </documentation> </annotation> <complexType> <attribute name="UserLoginHistoryLimit" type="unsignedInt" use="required"> <annotation> <documentation> The number of login records to store for users. </documentation> </annotation> </attribute> <attribute name="AdminLoginHistoryLimit" type="unsignedInt" use="required"> <annotation> <documentation> The number of login records to store for admins. </documentation> </annotation> </attribute> </complexType> </element> <complexType name="HTTPServiceType"> <sequence minOccurs="1" maxOccurs="1"> <group ref="ct:TLSGroup"/> </sequence> <attribute name="ListenAddress" use="required" type="string"> <annotation> <documentation> The address upon which this HTTP service will listen. </documentation> </annotation> </attribute> <attribute name="ListenPort" use="required" type="unsignedInt"> <annotation> <documentation> The port upon which this HTTP service will listen. </documentation> </annotation> </attribute> <attribute name="ExternalURI" use="required" type="anyURI"> <annotation> <documentation> The external URI by which this HTTP service will be accessible. This is used in emails and web pages and is primarily useful when the HTTP service will be used behind a reverse proxy. </documentation> </annotation> </attribute> </complexType> <element name="HTTPServiceAdminAPI" type="c:HTTPServiceType"> <annotation> <documentation> Configuration for the Admin API service. </documentation> </annotation> </element> <element name="HTTPServiceUserAPI" type="c:HTTPServiceType"> <annotation> <documentation> Configuration for the User API service. </documentation> </annotation> </element> <element name="HTTPServiceUserView" type="c:HTTPServiceType"> <annotation> <documentation> Configuration for the User view service. </documentation> </annotation> </element> <element name="HTTPServices"> <annotation> <documentation> Configuration for HTTP services. </documentation> </annotation> <complexType> <sequence> <element ref="c:HTTPServiceAdminAPI"/> <element ref="c:HTTPServiceUserAPI"/> <element ref="c:HTTPServiceUserView"/> </sequence> </complexType> </element> <element name="Sessions"> <complexType> <attribute name="UserSessionExpiration" type="duration" use="required"> <annotation> <documentation> The maximum age of idle user sessions before they are considered expired and deleted. </documentation> </annotation> </attribute> <attribute name="AdminSessionExpiration" type="duration" use="required"> <annotation> <documentation> The maximum age of idle admin sessions before they are considered expired and deleted. </documentation> </annotation> </attribute> </complexType> </element> <element name="Database"> <annotation> <documentation> Configuration for the database service. </documentation> </annotation> <complexType> <attribute name="OwnerRoleName" use="required" type="string"> <annotation> <documentation> The name of the role that owns the database. This is used for the initial database setup, and for upgrades. </documentation> </annotation> </attribute> <attribute name="OwnerRolePassword" use="required" type="string"> <annotation> <documentation> The password of the role that owns the database. </documentation> </annotation> </attribute> <attribute name="WorkerRolePassword" use="required" type="string"> <annotation> <documentation> The password of the role used for normal database operation. This is an unprivileged role that does not have the ability to perform DDL or other database-changing operations. </documentation> </annotation> </attribute> <attribute name="ReaderRolePassword" use="optional" type="string"> <annotation> <documentation> The password of the role used for read-only database operation. If this attribute is not specified, the read-only role is not allowed to log in. </documentation> </annotation> </attribute> <attribute name="Kind" use="required" type="string"> <annotation> <documentation> The kind of the remote database, such as POSTGRESQL. </documentation> </annotation> </attribute> <attribute name="Name" use="required" type="string"> <annotation> <documentation> The name of the database. </documentation> </annotation> </attribute> <attribute name="Address" use="required" type="string"> <annotation> <documentation> The address of the database. </documentation> </annotation> </attribute> <attribute name="Port" use="required" type="unsignedInt"> <annotation> <documentation> The port used to connect to the database. </documentation> </annotation> </attribute> <attribute name="Create" use="required" type="boolean"> <annotation> <documentation> Should the database be created if it does not already exist? </documentation> </annotation> </attribute> <attribute name="Upgrade" use="required" type="boolean"> <annotation> <documentation> Should the database schema be upgraded if the schema version is older than the current application? </documentation> </annotation> </attribute> </complexType> </element> <element name="PasswordExpiration"> <annotation> <documentation> Configuration information for password expiration. </documentation> </annotation> <complexType> <attribute name="UserPasswordValidityDuration" type="duration" use="optional"> <annotation> <documentation> The duration for which user passwords are valid. If unspecified, user passwords do not expire. </documentation> </annotation> </attribute> <attribute name="AdminPasswordValidityDuration" type="duration" use="optional"> <annotation> <documentation> The duration for which admin passwords are valid. If unspecified, user passwords do not expire. </documentation> </annotation> </attribute> </complexType> </element> <element name="RateLimiting"> <annotation> <documentation> Configuration information for request rate limiting. </documentation> </annotation> <complexType> <attribute name="UserLoginDelay" type="duration" default="PT1S" use="optional"> <annotation> <documentation> A fixed delay added to user login operations in order to reduce the feasibility of online password brute-forcing. </documentation> </annotation> </attribute> <attribute name="UserLoginRateLimit" type="duration" default="PT5S" use="optional"> <annotation> <documentation> User login attempts cannot be made more frequently than this duration, for a given IP address. </documentation> </annotation> </attribute> <attribute name="AdminLoginDelay" type="duration" default="PT1S" use="optional"> <annotation> <documentation> A fixed delay added to admin login operations in order to reduce the feasibility of online password brute-forcing. </documentation> </annotation> </attribute> <attribute name="AdminLoginRateLimit" type="duration" default="PT5S" use="optional"> <annotation> <documentation> Admin login attempts cannot be made more frequently than this duration, for a given IP address. </documentation> </annotation> </attribute> <attribute name="EmailVerificationRateLimit" type="duration" use="required"> <annotation> <documentation> Email verifications for various operations cannot be prompted more frequently than this duration, for a given user account. </documentation> </annotation> </attribute> <attribute name="PasswordResetRateLimit" type="duration" use="required"> <annotation> <documentation> Passwords cannot be reset more frequently than this duration, for a given IP address. </documentation> </annotation> </attribute> </complexType> </element> <simpleType name="OpenTelemetryProtocol"> <annotation> <documentation> The protocol used to deliver OpenTelemetry data. </documentation> </annotation> <restriction base="string"> <enumeration value="GRPC"> <annotation> <documentation> The data will be sent using gRPC. </documentation> </annotation> </enumeration> <enumeration value="HTTP"> <annotation> <documentation> The data will be sent using HTTP(s). </documentation> </annotation> </enumeration> </restriction> </simpleType> <element name="Metrics"> <annotation> <documentation> Configuration information for OpenTelemetry metrics. </documentation> </annotation> <complexType> <attribute name="Endpoint" use="required" type="anyURI"> <annotation> <documentation> The endpoint to which OTLP metrics data will be sent. </documentation> </annotation> </attribute> <attribute name="Protocol" use="required" type="c:OpenTelemetryProtocol"> <annotation> <documentation> The protocol used to send metrics data. </documentation> </annotation> </attribute> </complexType> </element> <element name="Traces"> <annotation> <documentation> Configuration information for OpenTelemetry traces. </documentation> </annotation> <complexType> <attribute name="Endpoint" use="required" type="anyURI"> <annotation> <documentation> The endpoint to which OTLP trace data will be sent. </documentation> </annotation> </attribute> <attribute name="Protocol" use="required" type="c:OpenTelemetryProtocol"> <annotation> <documentation> The protocol used to send trace data. </documentation> </annotation> </attribute> </complexType> </element> <element name="Logs"> <annotation> <documentation> Configuration information for OpenTelemetry logs/events. </documentation> </annotation> <complexType> <attribute name="Endpoint" use="required" type="anyURI"> <annotation> <documentation> The endpoint to which OTLP log data will be sent. </documentation> </annotation> </attribute> <attribute name="Protocol" use="required" type="c:OpenTelemetryProtocol"> <annotation> <documentation> The protocol used to send log data. </documentation> </annotation> </attribute> </complexType> </element> <element name="OpenTelemetry"> <annotation> <documentation> Configuration information for OpenTelemetry. </documentation> </annotation> <complexType> <sequence> <element ref="c:Logs" minOccurs="0" maxOccurs="1"/> <element ref="c:Metrics" minOccurs="0" maxOccurs="1"/> <element ref="c:Traces" minOccurs="0" maxOccurs="1"/> </sequence> <attribute name="LogicalServiceName" use="required" type="string"> <annotation> <documentation> The logical name of the service as it will appear in OpenTelemetry. </documentation> </annotation> </attribute> </complexType> </element> <element name="Configuration"> <annotation> <documentation> The main server configuration element. </documentation> </annotation> <complexType> <sequence> <element ref="c:Branding"/> <element ref="c:Database"/> <element ref="c:HTTPServices"/> <element ref="c:History"/> <element ref="c:Mail"/> <element ref="c:Maintenance"/> <element ref="c:OpenTelemetry" minOccurs="0" maxOccurs="1"/> <element ref="c:PasswordExpiration" minOccurs="0" maxOccurs="1"/> <element ref="c:RateLimiting"/> <element ref="c:Sessions"/> </sequence> </complexType> </element> </schema>
<?xml version="1.0" encoding="UTF-8" ?> <!-- Copyright © 2023 Mark Raynsford <code@io7m.com> https://www.io7m.com Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. --> <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:com.io7m.idstore.tls:1" xmlns:nt="urn:com.io7m.idstore.tls:1"> <xsd:complexType name="StoreType" abstract="true"> <xsd:attribute name="Type" type="xsd:string" use="required"/> <xsd:attribute name="Provider" type="xsd:string" use="required"/> <xsd:attribute name="Password" type="xsd:string" use="required"/> <xsd:attribute name="File" type="xsd:string" use="required"/> </xsd:complexType> <xsd:complexType name="KeyStoreType"> <xsd:complexContent> <xsd:extension base="nt:StoreType"/> </xsd:complexContent> </xsd:complexType> <xsd:complexType name="TrustStoreType"> <xsd:complexContent> <xsd:extension base="nt:StoreType"/> </xsd:complexContent> </xsd:complexType> <xsd:element name="KeyStore" type="nt:KeyStoreType"/> <xsd:element name="TrustStore" type="nt:TrustStoreType"/> <xsd:complexType name="TLSType" abstract="true"/> <xsd:complexType name="TLSDisabledType"> <xsd:complexContent> <xsd:extension base="nt:TLSType"/> </xsd:complexContent> </xsd:complexType> <xsd:element name="TLSDisabled" type="nt:TLSDisabledType"/> <xsd:complexType name="TLSEnabledType"> <xsd:complexContent> <xsd:extension base="nt:TLSType"> <xsd:sequence> <xsd:element ref="nt:KeyStore"/> <xsd:element ref="nt:TrustStore"/> </xsd:sequence> </xsd:extension> </xsd:complexContent> </xsd:complexType> <xsd:element name="TLSEnabled" type="nt:TLSEnabledType"/> <xsd:group name="TLSGroup"> <xsd:choice> <xsd:element ref="nt:TLSDisabled"/> <xsd:element ref="nt:TLSEnabled"/> </xsd:choice> </xsd:group> </xsd:schema>