<%- # Bootstrap manifest to pull in environment variable configuration.
def enabled?(var, default=false)
  if ENV.key?(var)
    ENV[var] == "true"
  else
    default
  end
end

tmpfs = ENV["TMPFS"] || "/tmp"
basic_auth_file = File.join(tmpfs, "/auth/htpasswd")
cacerts_file = File.join(tmpfs, "/identity/ca/cacerts.pem")
client_cert_file = File.join(tmpfs, "/identity/client/certificates/client.pem")
client_key_file = File.join(tmpfs, "/identity/client/keys/client-key.pem")
-%>
version: v1
removes:
  - /etc/rsyslog.conf
  - /etc/rsyslog.d/*.conf
  <%- if ENV["DRAIN_MODE"] == "proxy" || ENV["DRAIN_MODE"] == "challenge" -%>
  - /etc/nginx/*.conf
  - /etc/nginx/conf.d/*.conf
  <%- end -%>
templates:
  - input: /config/templates/rsyslog/rsyslog.conf
    output: /etc/rsyslog.conf
  - input: /config/templates/rsyslog/outputs.conf.erb
    output: /etc/rsyslog.d/05-outputs.conf
  - input: /config/templates/rsyslog/drain.conf.erb
    output: /etc/rsyslog.d/10-drain.conf
  - input: /config/templates/identity/cacerts.pem.erb
    output: <%= cacerts_file %>
  - input: /config/templates/identity/client.pem.erb
    output: <%= client_cert_file %>
  - input: /config/templates/identity/client-key.pem.erb
    output: <%= client_key_file %>
  <%- if enabled?("DRAIN_BASIC_AUTH", false) -%>
  - input: /config/templates/auth/htpasswd.erb
    output: <%= basic_auth_file %>
  <%- end -%>
  <%- if ENV["DRAIN_MODE"] == "proxy" -%>
  - input: /config/templates/nginx/nginx.conf.erb
    output: /etc/nginx/nginx.conf
  - input: /config/templates/nginx/proxy.conf.erb
    output: /etc/nginx/conf.d/proxy.conf
  <%- end -%>
  <%- if ENV["DRAIN_MODE"] == "challenge" -%>
  - input: /config/templates/nginx/fastly/nginx.conf.erb
    output: /etc/nginx/nginx.conf
  - input: /config/templates/nginx/fastly/challenge.conf.erb
    output: /etc/nginx/conf.d/challenge.conf
  <%- end -%>
  - input: /config/templates/rsyslog/syslog.conf.erb
    output: /etc/rsyslog.d/10-syslog.conf
data:
  _pki:
    cacert: <%= cacerts_file %>
    client:
      cert: <%= client_cert_file %>
      key: <%= client_key_file %>
  _funnel:
    host: <%= ENV["ENDPOINT_FUNNEL"] || "ajna-api.salesforce.com" %>
    port: 443
    scheme: https
    metrics_request_timeout_ms: <%= ENV["ENDPOINT_FUNNEL_METRICS_REQUEST_TIMEOUT_MS"] || ENV["ENDPOINT_FUNNEL_REQUEST_TIMEOUT_MS"] || 3000 %>
    dnr_request_timeout_ms: <%= ENV["ENDPOINT_FUNNEL_DNR_REQUEST_TIMEOUT_MS"] || ENV["ENDPOINT_FUNNEL_REQUEST_TIMEOUT_MS"] || 3000 %>
    <%- if ENV.key?("ENDPOINT_FUNNEL_LOGS_REQUEST_TIMEOUT_MS") || ENV.key?("ENDPOINT_FUNNEL_REQUEST_TIMEOUT_MS") -%>
    logs_request_timeout_ms: <%= ENV["ENDPOINT_FUNNEL_LOGS_REQUEST_TIMEOUT_MS"] || ENV["ENDPOINT_FUNNEL_REQUEST_TIMEOUT_MS"] %>
    <%- end -%>
    request_resume_interval_secs: <%= ENV["ENDPOINT_FUNNEL_REQUEST_RESUME_INTERVAL_SECS"] || 1 %>
    request_resume_interval_max_secs: <%= ENV["ENDPOINT_FUNNEL_REQUEST_RESUME_INTERVAL_MAX_SECS"] || 30 %>
  _funnel_logs:
    host: <%= ENV["ENDPOINT_FUNNEL_LOGS"] || ENV["ENDPOINT_FUNNEL"] || "ajna-api.salesforce.com" %>
    port: 443
    scheme: https
    api: <%= ENV["FUNNEL_LOGS_API"] || "logs" %>
    # Set restpath, content_type, batch_format based on `api` setting
    <%- if ENV["FUNNEL_LOGS_API"] == "data" -%>
    <%- topic_namespace = ENV["FUNNEL_LOGS_TOPIC_NAMESPACE"] || "sfdc.prod.rsyslog" -%>
    <%- topic_name = ENV["FUNNEL_LOGS_TOPIC_NAME"] || "logs.general" -%>
    rest_path: <%= "v1/data/namespaces/#{topic_namespace}/topics/#{topic_name}" %>
    http_content_type: application/vnd.kafka.v1+json
    batch_format: kafkarest
    <%- else -%>
    rest_path: v1/logs/v1
    http_content_type: application/vnd.kafka.json.v1+json
    batch_format: jsonarray
    <%- end-%>
  heroku:
    app_name: "<%= ENV["HEROKU_APP_NAME"] || "-" %>"
    app_id: "<%= ENV["HEROKU_APP_ID"] %>"
    short_region: "<%= ENV["SHORT_REGION"] || "-" %>"
    dyno: "<%= ENV["DYNO"] || "-" %>"
    release_version: "<%= ENV["HEROKU_RELEASE_VERSION"] %>"
  log_drain:
    # Build metadata.
    version: "<%= ENV["DRAIN_VERSION"] %>"
    build: "<%= ENV["DRAIN_BUILD"] %>"
    # Enable debug mode.
    debug: <%= enabled?("DRAIN_DEBUG") %>
    # Publish logs to Funnel.
    publish_logs: <%= enabled?("DRAIN_PUBLISH_LOGS", true) %>
    # Publish enabled metrics to Funnel.
    publish_metrics: <%= enabled?("DRAIN_PUBLISH_METRICS", true) %>
    # Parse Heroku dyno runtime-metrics and addon log-based metrics.
    runtime_metrics: <%= enabled?("DRAIN_RUNTIME_METRICS", true) %>
    # Parse Heroku router logs into metrics.
    router_metrics: <%= enabled?("DRAIN_ROUTER_METRICS", true) %>
    # Enable internal self-metrics.
    self_metrics: <%= enabled?("DRAIN_SELF_METRICS", true) %>
    # Serving port.
    port: <%= ENV["DRAIN_PORT"] || ENV["PORT"] || 5000 %>
    <%- if enabled?("DRAIN_BASIC_AUTH", false) -%>
    # Basic Authentication.
    basic_auth_file: <%= basic_auth_file %>
    <%- end -%>
    # Set base environment for this drain
    environment: "<%= ENV["DRAIN_DEFAULT_ENVIRONMENT"] || "-" %>"
    # Set base cloud value for this drain
    cloud: "<%= ENV["DRAIN_DEFAULT_CLOUD"] || "-" %>"
    # Set base cloud value for this drain
    business_unit: <%= ENV["DRAIN_DEFAULT_BUSINESS_UNIT"] || "Heroku" %>
    # UUID for this Drain.
    uuid: <%= ENV["DRAIN_UUID"] %>
    disable_flow_control: <%= enabled?("DRAIN_DISABLE_FLOW_CONTROL", false) %>
    # Impstats reporting interval.
    stats_interval_seconds: 60
    # Main ruleset queue sizes.
    input_queue_size: <%= ENV["DRAIN_QUEUE_SIZE"] || 250000 %>
    # output queue sizes.
    output_queue_size: <%= ENV["DRAIN_OUTPUT_QUEUE_SIZE"] || 125000 %>
    <%- if enabled?("ENABLE_DISK_ASSISTED_QUEUE", false) -%>
    # enable disk assisted queue
    queue_filename: <%= ENV["DRAIN_QUEUE_FILENAME"] || "rs_drain_queue" %>
    queue_spool_directory: <%= ENV["DRAIN_QUEUE_SPOOL_DIRECTORY"] || "/tmp" %>
    queue_max_file_size: <%= ENV["DRAIN_QUEUE_MAX_FILE_SIZE"] || "32m" %>
    <%- if ENV.key?("DRAIN_QUEUE_HIGH_WATERMARK") -%>
    queue_high_watermark: <%= ENV["DRAIN_QUEUE_HIGH_WATERMARK"] %>
    <%- end -%>
    <%- if ENV.key?("DRAIN_QUEUE_LOW_WATERMARK") -%>
    queue_low_watermark: <%= ENV["DRAIN_QUEUE_LOW_WATERMARK"] %>
    <%- end -%>
    <%- end -%>
    # workers > 1 does not appear to have any appreciable effect.
    logs_batch_worker_threads: <%= ENV["DRAIN_PUBLISH_LOGS_BATCH_WORKER_THREADS"] || 1 %>
    # Use system default
    <%- if ENV.key?("DRAIN_PUBLISH_INPUT_LOGS_BATCH_SIZE") || ENV.key?("DRAIN_PUBLISH_LOGS_BATCH_SIZE") -%>
    logs_input_batch_size: <%= ENV["DRAIN_PUBLISH_INPUT_LOGS_BATCH_SIZE"] || ENV["DRAIN_PUBLISH_LOGS_BATCH_SIZE"] %>
    <%- end -%>
    <%- if ENV.key?("DRAIN_PUBLISH_LOGS_OUTPUT_BATCH_SIZE") -%>
    logs_output_batch_size: <%= ENV["DRAIN_PUBLISH_LOGS_OUTPUT_BATCH_SIZE"] %>
    <%- end -%>
    logs_output_min_batch_size: <%= ENV["DRAIN_PUBLISH_LOGS_OUTPUT_MIN_BATCH_SIZE"] || 0 %>
    logs_batch_size: <%= ENV["DRAIN_PUBLISH_LOGS_OUTPUT_BATCH_SIZE"] || 1024 %>
    <%- if enabled?("ENABLE_MULTI_THREAD_OMHTTP", false) -%>
    logs_use_sender_thread: <%= enabled?("DRAIN_PUBLISH_LOGS_USE_MULTI_THREAD", false) %>
    logs_sender_max_connections: <%= ENV["DRAIN_PUBLISH_LOGS_SENDER_MAX_CONNECTIONS"] || 2 %>
    <%- end -%>
    # Buffer up to 10MB by default. Funnel accepts up to 25MB batches.
    logs_batch_max_bytes: <%= ENV["DRAIN_PUBLISH_LOGS_BATCH_MAX_BYTES"] || 10000000 %>
    # Use defaults for timeout values, which work well queues are slowed down
    logs_batch_timeout_ms: <%= ENV["DRAIN_PUBLISH_LOGS_BATCH_TIMEOUT_MS"] || 1000 %>
    # The "http_*" fields correspond to imhttp/civetweb HTTP options.
    # Reference https://github.com/civetweb/civetweb/blob/master/docs/UserManual.md
    # Heroku router logs access requests too, no need to log twice.
    http_access_log_file: <%= ENV["DRAIN_HTTP_ACCESS_LOG_FILE"] || "/dev/null" %>
    http_error_log_file: <%= ENV["DRAIN_HTTP_ACCESS_LOG_FILE"] || "/dev/stderr" %>
    http_num_threads: <%= ENV["DRAIN_HTTP_NUM_THREADS"] || 50 %>
    http_listen_backlog: <%= ENV["DRAIN_HTTP_LISTEN_BACKLOG"] || 32 %>
    http_connection_queue: <%= ENV["DRAIN_HTTP_CONNECTION_QUEUE"] || 16 %>
    # Document root used to serve received logs for testing abd debugging.
    http_document_root: /www/data
    # DNR (Detection n' Response) filtering.
    filter_dnr_logs: <%= enabled?("DRAIN_FILTER_DNR_LOGS", false) %>
    filter_dnr_logs_expression: <%= ENV["DRAIN_FILTER_DNR_LOGS_EXPRESSION"] || "" %>
    # In proxy mode, allow nginx to log locally.
    syslog_udp_port: 10514
  <%- if ENV["DRAIN_MODE"] == "proxy" -%>
  proxy:
    port: <%= ENV["PORT"] || 5001 %>
    drain_port: <%= ENV["DRAIN_PORT"] || 5000 %>
    mirror_resolver: <%= ENV["MIRROR_RESOLVER"] || "1.1.1.1" %>
    # Reference https://docs.nginx.com/nginx/admin-guide/monitoring/logging/
    # Can also be a file, e.g. /dev/null
    <%- if enabled?("DRAIN_PROXY_ACCESS_LOG", false) -%>
    access_log: syslog:server=127.0.0.1:10514,facility=local7,tag=nginx,severity=info
    <%- else -%>
    access_log: /dev/null
    <%- end -%>
    error_log: syslog:server=127.0.0.1:10514
  <%- end -%>
  <%- if ENV["DRAIN_MODE"] == "challenge" -%>
  challenge:
    port: <%= ENV["PORT"] || 5001 %>
    drain_port: <%= ENV["DRAIN_PORT"] || 5000 %>
    response: <%= ENV["DRAIN_CHALLENGE_RESPONSE"] ? ENV["DRAIN_CHALLENGE_RESPONSE"] : "*" %>
    access_log: /dev/null
    error_log: /dev/null
  <%- end -%>