/* Icinga 2 | (c) 2012 Icinga GmbH | GPLv2+ */

#include "remote/i2-remote.hpp"
#include "base/configobject.hpp"
#include "base/application.hpp"

library remote;

namespace icinga
{

class ApiListener : ConfigObject
{
	activation_priority 50;

	[config, deprecated] String cert_path;
	[config, deprecated] String key_path;
	[config, deprecated] String ca_path;
	[config] String crl_path;
	[config] String cipher_list {
		default {{{ return "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:AES256-GCM-SHA384:AES128-GCM-SHA256"; }}}
	};
	[config] String tls_protocolmin {
		default {{{ return "TLSv1.2"; }}}
	};

	[config] String bind_host {
		default {{{ return Configuration::ApiBindHost; }}}
	};
	[config] String bind_port {
		default {{{ return Configuration::ApiBindPort; }}}
	};

	[config] bool accept_config;
	[config] bool accept_commands;
	[config] int max_anonymous_clients {
		default {{{ return -1; }}}
	};

	[config] double tls_handshake_timeout {
		get;
		set;
		default {{{ return Configuration::TlsHandshakeTimeout; }}}
	};

	[config] String ticket_salt;

	[config] Array::Ptr access_control_allow_origin;
	[config, deprecated] bool access_control_allow_credentials;
	[config, deprecated] String access_control_allow_headers;
	[config, deprecated] String access_control_allow_methods;


	[state, no_user_modify] Timestamp log_message_timestamp;

	[no_user_modify] String identity;

	[state, no_user_modify] Dictionary::Ptr last_failed_zones_stage_validation;
};

}