frostfs-s3-gw/cmd/gate/app-settings.go

package main

import (
	"crypto/ecdsa"
	"crypto/elliptic"
	"crypto/rand"
	"fmt"
	"io"
	"os"
	"strconv"
	"strings"
	"time"

	crypto "github.com/nspcc-dev/neofs-crypto"
	"github.com/nspcc-dev/neofs-s3-gate/api/pool"
	"github.com/nspcc-dev/neofs-s3-gate/auth"
	"github.com/nspcc-dev/neofs-s3-gate/misc"
	"github.com/pkg/errors"
	"github.com/spf13/pflag"
	"github.com/spf13/viper"
	"go.uber.org/zap"
)

const (
	devNull   = empty(0)
	generated = "generated"

	minimumTTLInMinutes = 5

	defaultTTL = minimumTTLInMinutes * time.Minute

	defaultRebalanceTimer  = 15 * time.Second
	defaultRequestTimeout  = 15 * time.Second
	defaultConnectTimeout  = 30 * time.Second
	defaultShutdownTimeout = 15 * time.Second

	defaultKeepaliveTime    = 10 * time.Second
	defaultKeepaliveTimeout = 10 * time.Second

	defaultMaxClientsCount    = 100
	defaultMaxClientsDeadline = time.Second * 30
)

const ( // settings
	// Logger:
	cfgLoggerLevel              = "logger.level"
	cfgLoggerFormat             = "logger.format"
	cfgLoggerTraceLevel         = "logger.trace_level"
	cfgLoggerNoDisclaimer       = "logger.no_disclaimer"
	cfgLoggerSamplingInitial    = "logger.sampling.initial"
	cfgLoggerSamplingThereafter = "logger.sampling.thereafter"

	// KeepAlive
	cfgKeepaliveTime                = "keepalive.time"
	cfgKeepaliveTimeout             = "keepalive.timeout"
	cfgKeepalivePermitWithoutStream = "keepalive.permit_without_stream"

	// Keys
	cfgNeoFSPrivateKey    = "neofs-ecdsa-key"
	cfgGateAuthPrivateKey = "gate-auth-key"

	// HTTPS/TLS
	cfgTLSKeyFile  = "tls.key_file"
	cfgTLSCertFile = "tls.cert_file"

	// Timeouts
	cfgConnectionTTL  = "con_ttl"
	cfgConnectTimeout = "connect_timeout"
	cfgRequestTimeout = "request_timeout"
	cfgRebalanceTimer = "rebalance_timer"

	// MaxClients
	cfgMaxClientsCount    = "max_clients_count"
	cfgMaxClientsDeadline = "max_clients_deadline"

	// gRPC
	cfgGRPCVerbose = "verbose"

	// Metrics / Profiler / Web
	cfgEnableMetrics  = "metrics"
	cfgEnableProfiler = "pprof"
	cfgListenAddress  = "listen_address"

	// Application
	cfgApplicationName      = "app.name"
	cfgApplicationVersion   = "app.version"
	cfgApplicationBuildTime = "app.build_time"
)

type empty int

func (empty) Read([]byte) (int, error) { return 0, io.EOF }

func fetchAuthCenter(l *zap.Logger, v *viper.Viper, peers []pool.Peer) (*auth.Center, error) {
	var (
		err             error
		neofsPrivateKey *ecdsa.PrivateKey
	)
	switch nfspk := v.GetString(cfgNeoFSPrivateKey); nfspk {
	case generated:
		neofsPrivateKey, err = ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
		if err != nil {
			return nil, errors.Wrap(err, "could not generate NeoFS private key")
		}
	default:
		neofsPrivateKey, err = crypto.LoadPrivateKey(nfspk)
		if err != nil {
			return nil, errors.Wrap(err, "could not load NeoFS private key")
		}
	}
	gapk := v.GetString(cfgGateAuthPrivateKey)
	gateAuthPrivateKey, err := auth.LoadGateAuthPrivateKey(gapk)
	if err != nil {
		return nil, errors.Wrapf(err, "could not load gate auth private key %q", gapk)
	}
	// NB: Maybe choose a peer more smarter.
	center, err := auth.NewCenter(l, peers[0].Address)
	if err != nil {
		return nil, errors.Wrap(err, "failed to create auth center")
	}
	center.SetUserAuthKeys(gateAuthPrivateKey)
	if err = center.SetNeoFSKeys(neofsPrivateKey); err != nil {
		return nil, err
	}
	return center, nil
}

func fetchPeers(l *zap.Logger, v *viper.Viper) []pool.Peer {
	peers := make([]pool.Peer, 0)

	for i := 0; ; i++ {

		key := "peers." + strconv.Itoa(i) + "."
		address := v.GetString(key + "address")
		weight := v.GetFloat64(key + "weight")

		if address == "" {
			l.Warn("skip, empty address")
			break
		}

		peers = append(peers, pool.Peer{
			Address: address,
			Weight:  weight,
		})
	}

	return peers
}

func newSettings() *viper.Viper {
	v := viper.New()

	v.AutomaticEnv()
	v.SetEnvPrefix("S3")
	v.SetConfigType("yaml")
	v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))

	// flags setup:
	flags := pflag.NewFlagSet("commandline", pflag.ExitOnError)
	flags.SortFlags = false

	flags.Bool(cfgEnableProfiler, false, "enable pprof")
	flags.Bool(cfgEnableMetrics, false, "enable prometheus metrics")

	help := flags.BoolP("help", "h", false, "show help")
	version := flags.BoolP("version", "v", false, "show version")

	flags.String(cfgNeoFSPrivateKey, generated, fmt.Sprintf(`set value to hex string, WIF string, or path to NeoFS private key file (use "%s" to generate key)`, generated))
	flags.String(cfgGateAuthPrivateKey, "", "set path to file with auth (curve25519) private key to use in auth scheme")

	flags.Bool(cfgGRPCVerbose, false, "set debug mode of gRPC connections")
	flags.Duration(cfgRequestTimeout, defaultRequestTimeout, "set gRPC request timeout")
	flags.Duration(cfgConnectTimeout, defaultConnectTimeout, "set gRPC connect timeout")
	flags.Duration(cfgRebalanceTimer, defaultRebalanceTimer, "set gRPC connection rebalance timer")

	flags.Int(cfgMaxClientsCount, defaultMaxClientsCount, "set max-clients count")
	flags.Duration(cfgMaxClientsDeadline, defaultMaxClientsDeadline, "set max-clients deadline")

	ttl := flags.DurationP(cfgConnectionTTL, "t", defaultTTL, "set gRPC connection time to live")

	flags.String(cfgListenAddress, "0.0.0.0:8080", "set address to listen")
	peers := flags.StringArrayP("peers", "p", nil, "set NeoFS nodes")

	// set prefers:
	v.Set(cfgApplicationName, misc.ApplicationName)
	v.Set(cfgApplicationVersion, misc.Version)
	v.Set(cfgApplicationBuildTime, misc.Build)

	// set defaults:

	// logger:
	v.SetDefault(cfgLoggerLevel, "debug")
	v.SetDefault(cfgLoggerFormat, "console")
	v.SetDefault(cfgLoggerTraceLevel, "panic")
	v.SetDefault(cfgLoggerNoDisclaimer, true)
	v.SetDefault(cfgLoggerSamplingInitial, 1000)
	v.SetDefault(cfgLoggerSamplingThereafter, 1000)

	// keepalive:
	// If set below 10s, a minimum value of 10s will be used instead.
	v.SetDefault(cfgKeepaliveTime, defaultKeepaliveTime)
	v.SetDefault(cfgKeepaliveTimeout, defaultKeepaliveTimeout)
	v.SetDefault(cfgKeepalivePermitWithoutStream, true)

	if err := v.BindPFlags(flags); err != nil {
		panic(err)
	}

	if err := v.ReadConfig(devNull); err != nil {
		panic(err)
	}

	if err := flags.Parse(os.Args); err != nil {
		panic(err)
	}

	switch {
	case help != nil && *help:
		fmt.Printf("NeoFS S3 Gateway %s (%s)\n", misc.Version, misc.Build)
		flags.PrintDefaults()
		os.Exit(0)
	case version != nil && *version:
		fmt.Printf("NeoFS S3 Gateway %s (%s)\n", misc.Version, misc.Build)
		os.Exit(0)
	case ttl != nil && ttl.Minutes() < minimumTTLInMinutes:
		fmt.Printf("connection ttl should not be less than %s", defaultTTL)
	}

	if peers != nil && len(*peers) > 0 {
		for i := range *peers {
			v.SetDefault("peers."+strconv.Itoa(i)+".address", (*peers)[i])
			v.SetDefault("peers."+strconv.Itoa(i)+".weight", 1)
		}
	}

	return v
}
Prepare base application 2020-07-06 09:18:16 +00:00			`package main`

			`import (`
			`"crypto/ecdsa"`
			`"crypto/elliptic"`
			`"crypto/rand"`
			`"fmt"`
			`"io"`
			`"os"`
			`"strconv"`
			`"strings"`
			`"time"`

			`crypto "github.com/nspcc-dev/neofs-crypto"`
[#13] Rename go module name according to NSPCC standards - refactoring s3 gate structure - cleanup unused code - rename go module to `github.com/nspcc-dev/neofs-s3-gate` closes #13 Signed-off-by: Evgeniy Kulikov <kim@nspcc.ru> 2020-08-06 12:02:13 +00:00			`"github.com/nspcc-dev/neofs-s3-gate/api/pool"`
			`"github.com/nspcc-dev/neofs-s3-gate/auth"`
			`"github.com/nspcc-dev/neofs-s3-gate/misc"`
			`"github.com/pkg/errors"`
Prepare base application 2020-07-06 09:18:16 +00:00			`"github.com/spf13/pflag"`
			`"github.com/spf13/viper"`
			`"go.uber.org/zap"`
			`)`

			`const (`
			`devNull = empty(0)`
			`generated = "generated"`

			`minimumTTLInMinutes = 5`

			`defaultTTL = minimumTTLInMinutes * time.Minute`

Prepare to export 2020-07-12 23:00:47 +00:00			`defaultRebalanceTimer = 15 * time.Second`
			`defaultRequestTimeout = 15 * time.Second`
			`defaultConnectTimeout = 30 * time.Second`
			`defaultShutdownTimeout = 15 * time.Second`
Prepare base application 2020-07-06 09:18:16 +00:00
			`defaultKeepaliveTime = 10 * time.Second`
			`defaultKeepaliveTimeout = 10 * time.Second`
NFSSVC-30 Isolate S3 routing from legacy code 2020-07-22 13:02:32 +00:00
			`defaultMaxClientsCount = 100`
			`defaultMaxClientsDeadline = time.Second * 30`
Prepare base application 2020-07-06 09:18:16 +00:00			`)`

Move config to constants 2020-07-07 11:25:13 +00:00			`const ( // settings`
			`// Logger:`
			`cfgLoggerLevel = "logger.level"`
			`cfgLoggerFormat = "logger.format"`
			`cfgLoggerTraceLevel = "logger.trace_level"`
			`cfgLoggerNoDisclaimer = "logger.no_disclaimer"`
			`cfgLoggerSamplingInitial = "logger.sampling.initial"`
			`cfgLoggerSamplingThereafter = "logger.sampling.thereafter"`

			`// KeepAlive`
			`cfgKeepaliveTime = "keepalive.time"`
			`cfgKeepaliveTimeout = "keepalive.timeout"`
			`cfgKeepalivePermitWithoutStream = "keepalive.permit_without_stream"`

Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`// Keys`
			`cfgNeoFSPrivateKey = "neofs-ecdsa-key"`
[#8] Switch outer code to using the new auth scheme * Removed CLI flag for RSA key * Passed through peers to auth center to be able to independently interact with a NeoFS node * Added flag and loader for curve25519 (private) key Signed-off-by: Pavel Korotkov <pkorotkov@gmail.com> 2020-08-06 11:56:40 +00:00			`cfgGateAuthPrivateKey = "gate-auth-key"`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00
			`// HTTPS/TLS`
Add posibility to serve HTTPS/TLS connection 2020-07-13 15:50:11 +00:00			`cfgTLSKeyFile = "tls.key_file"`
			`cfgTLSCertFile = "tls.cert_file"`

Move config to constants 2020-07-07 11:25:13 +00:00			`// Timeouts`
			`cfgConnectionTTL = "con_ttl"`
			`cfgConnectTimeout = "connect_timeout"`
			`cfgRequestTimeout = "request_timeout"`
			`cfgRebalanceTimer = "rebalance_timer"`

NFSSVC-30 Isolate S3 routing from legacy code 2020-07-22 13:02:32 +00:00			`// MaxClients`
			`cfgMaxClientsCount = "max_clients_count"`
			`cfgMaxClientsDeadline = "max_clients_deadline"`

Move config to constants 2020-07-07 11:25:13 +00:00			`// gRPC`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`cfgGRPCVerbose = "verbose"`
Move config to constants 2020-07-07 11:25:13 +00:00
			`// Metrics / Profiler / Web`
			`cfgEnableMetrics = "metrics"`
			`cfgEnableProfiler = "pprof"`
			`cfgListenAddress = "listen_address"`

			`// Application`
			`cfgApplicationName = "app.name"`
			`cfgApplicationVersion = "app.version"`
			`cfgApplicationBuildTime = "app.build_time"`
			`)`

Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`type empty int`

Prepare base application 2020-07-06 09:18:16 +00:00			`func (empty) Read([]byte) (int, error) { return 0, io.EOF }`

[#8] Switch outer code to using the new auth scheme * Removed CLI flag for RSA key * Passed through peers to auth center to be able to independently interact with a NeoFS node * Added flag and loader for curve25519 (private) key Signed-off-by: Pavel Korotkov <pkorotkov@gmail.com> 2020-08-06 11:56:40 +00:00			`func fetchAuthCenter(l zap.Logger, v viper.Viper, peers []pool.Peer) (*auth.Center, error) {`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`var (`
[#8] Switch outer code to using the new auth scheme * Removed CLI flag for RSA key * Passed through peers to auth center to be able to independently interact with a NeoFS node * Added flag and loader for curve25519 (private) key Signed-off-by: Pavel Korotkov <pkorotkov@gmail.com> 2020-08-06 11:56:40 +00:00			`err error`
			`neofsPrivateKey *ecdsa.PrivateKey`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`)`
			`switch nfspk := v.GetString(cfgNeoFSPrivateKey); nfspk {`
Prepare base application 2020-07-06 09:18:16 +00:00			`case generated:`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`neofsPrivateKey, err = ecdsa.GenerateKey(elliptic.P256(), rand.Reader)`
Prepare base application 2020-07-06 09:18:16 +00:00			`if err != nil {`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`return nil, errors.Wrap(err, "could not generate NeoFS private key")`
Prepare base application 2020-07-06 09:18:16 +00:00			`}`
			`default:`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`neofsPrivateKey, err = crypto.LoadPrivateKey(nfspk)`
Prepare base application 2020-07-06 09:18:16 +00:00			`if err != nil {`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`return nil, errors.Wrap(err, "could not load NeoFS private key")`
Prepare base application 2020-07-06 09:18:16 +00:00			`}`
			`}`
[#8] Switch outer code to using the new auth scheme * Removed CLI flag for RSA key * Passed through peers to auth center to be able to independently interact with a NeoFS node * Added flag and loader for curve25519 (private) key Signed-off-by: Pavel Korotkov <pkorotkov@gmail.com> 2020-08-06 11:56:40 +00:00			`gapk := v.GetString(cfgGateAuthPrivateKey)`
			`gateAuthPrivateKey, err := auth.LoadGateAuthPrivateKey(gapk)`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`if err != nil {`
[#8] Switch outer code to using the new auth scheme * Removed CLI flag for RSA key * Passed through peers to auth center to be able to independently interact with a NeoFS node * Added flag and loader for curve25519 (private) key Signed-off-by: Pavel Korotkov <pkorotkov@gmail.com> 2020-08-06 11:56:40 +00:00			`return nil, errors.Wrapf(err, "could not load gate auth private key %q", gapk)`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`}`
[#8] Switch outer code to using the new auth scheme * Removed CLI flag for RSA key * Passed through peers to auth center to be able to independently interact with a NeoFS node * Added flag and loader for curve25519 (private) key Signed-off-by: Pavel Korotkov <pkorotkov@gmail.com> 2020-08-06 11:56:40 +00:00			`// NB: Maybe choose a peer more smarter.`
			`center, err := auth.NewCenter(l, peers[0].Address)`
Add error checking while creating auth center 2020-07-21 10:21:03 +00:00			`if err != nil {`
			`return nil, errors.Wrap(err, "failed to create auth center")`
			`}`
[#8] Switch outer code to using the new auth scheme * Removed CLI flag for RSA key * Passed through peers to auth center to be able to independently interact with a NeoFS node * Added flag and loader for curve25519 (private) key Signed-off-by: Pavel Korotkov <pkorotkov@gmail.com> 2020-08-06 11:56:40 +00:00			`center.SetUserAuthKeys(gateAuthPrivateKey)`
NFSSVC-30 Isolate S3 routing from legacy code 2020-07-22 13:02:32 +00:00			`if err = center.SetNeoFSKeys(neofsPrivateKey); err != nil {`
			`return nil, err`
			`}`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`return center, nil`
Prepare base application 2020-07-06 09:18:16 +00:00			`}`
Move config to constants 2020-07-07 11:25:13 +00:00
			`func fetchPeers(l zap.Logger, v viper.Viper) []pool.Peer {`
			`peers := make([]pool.Peer, 0)`

			`for i := 0; ; i++ {`

			`key := "peers." + strconv.Itoa(i) + "."`
			`address := v.GetString(key + "address")`
			`weight := v.GetFloat64(key + "weight")`

			`if address == "" {`
			`l.Warn("skip, empty address")`
			`break`
			`}`

			`peers = append(peers, pool.Peer{`
			`Address: address,`
			`Weight: weight,`
			`})`
			`}`

			`return peers`
			`}`

Prepare base application 2020-07-06 09:18:16 +00:00			`func newSettings() *viper.Viper {`
			`v := viper.New()`

			`v.AutomaticEnv()`
			`v.SetEnvPrefix("S3")`
			`v.SetConfigType("yaml")`
			`v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))`

			`// flags setup:`
			`flags := pflag.NewFlagSet("commandline", pflag.ExitOnError)`
			`flags.SortFlags = false`

Move config to constants 2020-07-07 11:25:13 +00:00			`flags.Bool(cfgEnableProfiler, false, "enable pprof")`
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`flags.Bool(cfgEnableMetrics, false, "enable prometheus metrics")`
Prepare base application 2020-07-06 09:18:16 +00:00
			`help := flags.BoolP("help", "h", false, "show help")`
			`version := flags.BoolP("version", "v", false, "show version")`

Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			flags.String(cfgNeoFSPrivateKey, generated, fmt.Sprintf(`set value to hex string, WIF string, or path to NeoFS private key file (use "%s" to generate key)`, generated))
[#8] Switch outer code to using the new auth scheme * Removed CLI flag for RSA key * Passed through peers to auth center to be able to independently interact with a NeoFS node * Added flag and loader for curve25519 (private) key Signed-off-by: Pavel Korotkov <pkorotkov@gmail.com> 2020-08-06 11:56:40 +00:00			`flags.String(cfgGateAuthPrivateKey, "", "set path to file with auth (curve25519) private key to use in auth scheme")`
Prepare base application 2020-07-06 09:18:16 +00:00
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`flags.Bool(cfgGRPCVerbose, false, "set debug mode of gRPC connections")`
			`flags.Duration(cfgRequestTimeout, defaultRequestTimeout, "set gRPC request timeout")`
			`flags.Duration(cfgConnectTimeout, defaultConnectTimeout, "set gRPC connect timeout")`
			`flags.Duration(cfgRebalanceTimer, defaultRebalanceTimer, "set gRPC connection rebalance timer")`
Prepare base application 2020-07-06 09:18:16 +00:00
NFSSVC-30 Isolate S3 routing from legacy code 2020-07-22 13:02:32 +00:00			`flags.Int(cfgMaxClientsCount, defaultMaxClientsCount, "set max-clients count")`
			`flags.Duration(cfgMaxClientsDeadline, defaultMaxClientsDeadline, "set max-clients deadline")`

Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`ttl := flags.DurationP(cfgConnectionTTL, "t", defaultTTL, "set gRPC connection time to live")`
Prepare base application 2020-07-06 09:18:16 +00:00
Remove enclove as a separate entity; move auth center to app settings 2020-07-15 20:16:27 +00:00			`flags.String(cfgListenAddress, "0.0.0.0:8080", "set address to listen")`
			`peers := flags.StringArrayP("peers", "p", nil, "set NeoFS nodes")`
Prepare base application 2020-07-06 09:18:16 +00:00
			`// set prefers:`
Fix merge conflicts 2020-07-07 11:28:49 +00:00			`v.Set(cfgApplicationName, misc.ApplicationName)`
Move config to constants 2020-07-07 11:25:13 +00:00			`v.Set(cfgApplicationVersion, misc.Version)`
			`v.Set(cfgApplicationBuildTime, misc.Build)`
Prepare base application 2020-07-06 09:18:16 +00:00
			`// set defaults:`

			`// logger:`
Move config to constants 2020-07-07 11:25:13 +00:00			`v.SetDefault(cfgLoggerLevel, "debug")`
			`v.SetDefault(cfgLoggerFormat, "console")`
NFSSVC-27 Implement list-buckets 2020-07-24 16:10:41 +00:00			`v.SetDefault(cfgLoggerTraceLevel, "panic")`
Move config to constants 2020-07-07 11:25:13 +00:00			`v.SetDefault(cfgLoggerNoDisclaimer, true)`
			`v.SetDefault(cfgLoggerSamplingInitial, 1000)`
			`v.SetDefault(cfgLoggerSamplingThereafter, 1000)`
Prepare base application 2020-07-06 09:18:16 +00:00
			`// keepalive:`
			`// If set below 10s, a minimum value of 10s will be used instead.`
Move config to constants 2020-07-07 11:25:13 +00:00			`v.SetDefault(cfgKeepaliveTime, defaultKeepaliveTime)`
			`v.SetDefault(cfgKeepaliveTimeout, defaultKeepaliveTimeout)`
			`v.SetDefault(cfgKeepalivePermitWithoutStream, true)`
Prepare base application 2020-07-06 09:18:16 +00:00
			`if err := v.BindPFlags(flags); err != nil {`
			`panic(err)`
			`}`

			`if err := v.ReadConfig(devNull); err != nil {`
			`panic(err)`
			`}`

			`if err := flags.Parse(os.Args); err != nil {`
			`panic(err)`
			`}`

			`switch {`
			`case help != nil && *help:`
			`fmt.Printf("NeoFS S3 Gateway %s (%s)\n", misc.Version, misc.Build)`
			`flags.PrintDefaults()`
			`os.Exit(0)`
			`case version != nil && *version:`
			`fmt.Printf("NeoFS S3 Gateway %s (%s)\n", misc.Version, misc.Build)`
			`os.Exit(0)`
			`case ttl != nil && ttl.Minutes() < minimumTTLInMinutes:`
			`fmt.Printf("connection ttl should not be less than %s", defaultTTL)`
			`}`

			`if peers != nil && len(*peers) > 0 {`
			`for i := range *peers {`
			`v.SetDefault("peers."+strconv.Itoa(i)+".address", (*peers)[i])`
			`v.SetDefault("peers."+strconv.Itoa(i)+".weight", 1)`
			`}`
			`}`

			`return v`
			`}`