Merge pull request 'env: export REGIONS and ZONE{zoneID}_REGION' (#45) from pr-amery-env-regions into main

Reviewed-on: #45

.gitignore

@@ -1 +1,2 @@
 .tmp
+.version

cmd/jpictl/main.go

@@ -2,6 +2,8 @@
 package main
 
 import (
+	_ "embed"
+
 	"github.com/spf13/cobra"
 )
 
@@ -12,8 +14,9 @@ const (
 
 var (
 	rootCmd = &cobra.Command{
-		Use:   CmdName,
-		Short: "control tool for jpi.cloud",
+		Use:     CmdName,
+		Short:   "control tool for jpi.cloud",
+		Version: version,
 	}
 )
 

cmd/jpictl/version.go

@@ -0,0 +1,31 @@
+package main
+
+import (
+	_ "embed"
+
+	"fmt"
+	"os"
+
+	"github.com/spf13/cobra"
+)
+
+//go:generate sh -c "git describe | tr -d '\r\n' > .version"
+//go:embed .version
+var version string
+
+var versionCmd = &cobra.Command{
+	Use:   "version",
+	Short: "Returns jpictl's version",
+	Args:  cobra.NoArgs,
+	Run: func(_ *cobra.Command, _ []string) {
+		_, _ = fmt.Fprintf(os.Stdout, "%s\n", version)
+	},
+}
+
+func init() {
+	if version == "" {
+		version = "undetermined"
+	}
+
+	rootCmd.AddCommand(versionCmd)
+}

go.mod

@@ -17,7 +17,6 @@ require (
 	github.com/spf13/cobra v1.8.0
 	golang.org/x/crypto v0.20.0
 	golang.org/x/net v0.21.0
-	gopkg.in/gcfg.v1 v1.2.3
 	gopkg.in/yaml.v3 v3.0.1
 )
 
@@ -50,5 +49,4 @@ require (
 	golang.org/x/sys v0.17.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/tools v0.18.0 // indirect
-	gopkg.in/warnings.v0 v0.1.2 // indirect
 )

go.sum

@@ -115,10 +115,6 @@ golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ=
 golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
-gopkg.in/gcfg.v1 v1.2.3 h1:m8OOJ4ccYHnx2f4gQwpno8nAX5OGOh7RLaaz0pj3Ogs=
-gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o=
-gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
-gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

pkg/ceph/config.go

@@ -39,6 +39,9 @@ func writeGlobalToBuffer(w *bytes.Buffer, c *GlobalConfig) {
 	_, _ = fmt.Fprintf(w, "%s = %s\n", "mon_initial_members", strings.Join(c.Monitors, ", "))
 	_, _ = fmt.Fprintf(w, "%s = %s\n", "mon_host", joinAddrs(c.MonitorsAddr, ", "))
 	_, _ = fmt.Fprintf(w, "%s = %s\n", "cluster_network", c.ClusterNetwork.String())
+
+	_, _ = fmt.Fprintf(w, "\n; %s\n", "don't rewrite labels on startup")
+	_, _ = fmt.Fprintf(w, "%s = %s\n", "osd_class_update_on_start", "false")
 }
 
 func joinAddrs(addrs []netip.Addr, sep string) string {

pkg/cluster/cluster_scan.go

@@ -4,6 +4,7 @@ import (
 	"io/fs"
 	"path"
 	"sort"
+	"strings"
 
 	"darvaza.org/core"
 )
@@ -12,6 +13,10 @@ const (
 	// ZoneRegionsFileName indicates the file containing
 	// region names as references
 	ZoneRegionsFileName = "regions"
+
+	// RegionClusterTokenFileName contains the kubernetes
+	// token of the cluster this region represents
+	RegionClusterTokenFileName = "k8s_token"
 )
 
 func (m *Cluster) scan(opts *ScanOptions) error {
@@ -186,6 +191,8 @@ func (z *Zone) scan() error {
 		switch {
 		case name == ZoneRegionsFileName:
 			err = z.loadRegions()
+		case name == RegionClusterTokenFileName:
+			err = z.loadClusterToken()
 		case e.IsDir():
 			err = z.scanSubdirectory(name)
 		default:
@@ -218,6 +225,32 @@ func (z *Zone) loadRegions() error {
 	return err
 }
 
+func (z *Zone) loadClusterToken() error {
+	var token string
+
+	filename := path.Join(z.Name, RegionClusterTokenFileName)
+	lines, err := z.zones.ReadLines(filename)
+	if err != nil {
+		return err
+	}
+
+	// first non-empty line
+	for _, s := range lines {
+		s = strings.TrimSpace(s)
+		if s != "" {
+			token = s
+			break
+		}
+	}
+
+	err = z.zones.setRegionClusterToken(z.Name, token)
+	if err != nil {
+		err = core.Wrap(err, filename)
+	}
+
+	return err
+}
+
 func (z *Zone) scanSubdirectory(name string) error {
 	m := &Machine{
 		zone:   z,

pkg/cluster/env.go

@@ -4,12 +4,14 @@ import (
 	"bytes"
 	"fmt"
 	"io"
+	"sort"
 	"strings"
 )
 
 // Env is a shell environment factory for this cluster
 type Env struct {
 	ZoneIterator
+	RegionIterator
 
 	cephFSID string
 	export   bool
@@ -23,9 +25,10 @@ func (m *Cluster) Env(export bool) (*Env, error) {
 	}
 
 	env := &Env{
-		ZoneIterator: m,
-		cephFSID:     fsid.String(),
-		export:       export,
+		ZoneIterator:   m,
+		RegionIterator: m,
+		cephFSID:       fsid.String(),
+		export:         export,
 	}
 
 	return env, nil
@@ -43,6 +46,22 @@ func (m *Env) Zones() []int {
 	return zones
 }
 
+// Regions returns the list of primary regions
+func (m *Env) Regions() []string {
+	var regions []string
+
+	m.ForEachRegion(func(r *Region) bool {
+		if r.Cluster != nil {
+			regions = append(regions, r.Name)
+		}
+
+		return false
+	})
+
+	sort.Strings(regions)
+	return regions
+}
+
 // WriteTo generates environment variables for shell scripts
 func (m *Env) WriteTo(w io.Writer) (int64, error) {
 	var buf bytes.Buffer
@@ -51,6 +70,7 @@ func (m *Env) WriteTo(w io.Writer) (int64, error) {
 		m.writeEnvVar(&buf, m.cephFSID, "FSID")
 	}
 
+	m.writeEnvVarStrings(&buf, m.Regions(), "REGIONS")
 	m.writeEnvVarInts(&buf, m.Zones(), "ZONES")
 
 	m.ForEachZone(func(z *Zone) bool {
@@ -74,6 +94,9 @@ func (m *Env) writeEnvZone(w io.Writer, z *Zone) {
 	gateways, _ := z.GatewayIDs()
 	m.writeEnvVarInts(w, gateways, "ZONE%v_%s", zoneID, "GW")
 
+	// ZONE{zoneID}_REGION
+	m.writeEnvVar(w, genEnvZoneRegion(z), "ZONE%v_%s", zoneID, "REGION")
+
 	// Ceph
 	monitors := z.GetCephMonitors()
 	// MON{zoneID}_NAME
@@ -85,22 +108,29 @@ func (m *Env) writeEnvZone(w io.Writer, z *Zone) {
 }
 
 func (m *Env) writeEnvVarInts(w io.Writer, value []int, name string, args ...any) {
-	var s string
+	var buf bytes.Buffer
 
-	if n := len(value); n > 0 {
-		var buf bytes.Buffer
-
-		for i, v := range value {
-			if i != 0 {
-				_, _ = fmt.Fprint(&buf, " ")
-			}
-			_, _ = fmt.Fprintf(&buf, "%v", v)
+	for _, v := range value {
+		if buf.Len() > 0 {
+			_, _ = fmt.Fprint(&buf, " ")
 		}
-
-		s = buf.String()
+		_, _ = fmt.Fprintf(&buf, "%v", v)
 	}
 
-	m.writeEnvVar(w, s, name, args...)
+	m.writeEnvVar(w, buf.String(), name, args...)
+}
+
+func (m *Env) writeEnvVarStrings(w io.Writer, value []string, name string, args ...any) {
+	var buf bytes.Buffer
+
+	for _, v := range value {
+		if buf.Len() > 0 {
+			_, _ = fmt.Fprint(&buf, " ")
+		}
+		_, _ = fmt.Fprintf(&buf, "%s", v)
+	}
+
+	m.writeEnvVar(w, buf.String(), name, args...)
 }
 
 func (m *Env) writeEnvVar(w io.Writer, value string, name string, args ...any) {
@@ -117,7 +147,11 @@ func (m *Env) writeEnvVar(w io.Writer, value string, name string, args ...any) {
 	if name != "" {
 		value = strings.TrimSpace(value)
 
-		_, _ = fmt.Fprintf(w, "%s%s=%q\n", prefix, name, value)
+		if value == "" {
+			_, _ = fmt.Fprintf(w, "%s%s=\n", prefix, name)
+		} else {
+			_, _ = fmt.Fprintf(w, "%s%s=%q\n", prefix, name, value)
+		}
 	}
 }
 
@@ -135,6 +169,21 @@ func genEnvZoneNodes(z *Zone) string {
 	return ""
 }
 
+func genEnvZoneRegion(z *Zone) string {
+	var region string
+
+	z.ForEachRegion(func(r *Region) bool {
+		if r.Cluster != nil {
+			region = r.Name
+			return true
+		}
+
+		return false
+	})
+
+	return region
+}
+
 func genEnvZoneCephMonNames(m Machines) string {
 	var buf strings.Builder
 	m.ForEachMachine(func(p *Machine) bool {

pkg/cluster/regions.go

@@ -8,14 +8,23 @@ import (
 var (
 	_ MachineIterator = (*Region)(nil)
 	_ ZoneIterator    = (*Region)(nil)
+
+	_ RegionIterator = (*Zone)(nil)
+	_ RegionIterator = (*Cluster)(nil)
 )
 
+// A RegionIterator is a set of Regions we can iterate on
+type RegionIterator interface {
+	ForEachRegion(func(*Region) bool)
+}
+
 // Region represents a group of zones geographically related
 type Region struct {
 	m     *Cluster
 	zones []*Zone
 
 	Name    string
+	Cluster *string  `json:",omitempty" yaml:",omitempty"`
 	Regions []string `json:",omitempty" yaml:",omitempty"`
 }
 
@@ -106,6 +115,26 @@ func (m *Cluster) setRegionZones(name string, zones ...*Zone) {
 	})
 }
 
+func (m *Cluster) setRegionClusterToken(name string, token string) error {
+	for i := range m.Regions {
+		r := &m.Regions[i]
+
+		if r.Name == name {
+			// found
+			r.Cluster = &token
+			return nil
+		}
+	}
+
+	// new
+	m.Regions = append(m.Regions, Region{
+		m:       m,
+		Name:    name,
+		Cluster: &token,
+	})
+	return nil
+}
+
 func (m *Cluster) appendRegionRegions(name string, subs ...string) {
 	for i := range m.Regions {
 		r := &m.Regions[i]
@@ -124,6 +153,28 @@ func (m *Cluster) appendRegionRegions(name string, subs ...string) {
 	})
 }
 
+// ForEachRegion calls a function on all regions this zone belongs to.
+func (z *Zone) ForEachRegion(fn func(*Region) bool) {
+	if fn == nil {
+		return
+	}
+
+	z.zones.ForEachRegion(func(r *Region) bool {
+		var match bool
+
+		r.ForEachZone(func(z2 *Zone) bool {
+			match = (z == z2)
+			return match
+		})
+
+		if match && fn(r) {
+			return true
+		}
+
+		return false
+	})
+}
+
 func (z *Zone) appendRegions(regions ...string) error {
 	for _, s := range regions {
 		// TODO: validate
@@ -147,7 +198,7 @@ func (m *Cluster) finishRegion(r *Region) {
 	r.m = m
 	sub := []string{}
 	for _, name := range r.Regions {
-		r2, ok := m.getRegion(name)
+		r2, ok := m.getFinishRegion(name)
 		if !ok {
 			m.warn(nil).WithField("region", name).Print("unknown region")
 			continue
@@ -162,9 +213,7 @@ func (m *Cluster) finishRegion(r *Region) {
 func (m *Cluster) getRegion(name string) (*Region, bool) {
 	for i := range m.Regions {
 		r := &m.Regions[i]
-
 		if name == r.Name {
-			m.finishRegion(r)
 			return r, true
 		}
 	}
@@ -172,17 +221,22 @@ func (m *Cluster) getRegion(name string) (*Region, bool) {
 	return nil, false
 }
 
+func (m *Cluster) getFinishRegion(name string) (*Region, bool) {
+	if r, ok := m.getRegion(name); ok {
+		m.finishRegion(r)
+		return r, true
+	}
+
+	return nil, false
+}
+
 // SyncRegions writes to the file system the regions this [Zone]
 // belongs to.
 func (z *Zone) SyncRegions() error {
 	err := z.syncZoneRegions()
 	if err == nil {
 		z.ForEachMachine(func(p *Machine) bool {
-			if p.IsActive() {
-				err = p.RemoveFile("region")
-			} else {
-				err = p.WriteStringFile("none\n", "region")
-			}
+			err = z.syncMachineRegions(p)
 			return err != nil
 		})
 	}
@@ -190,8 +244,24 @@ func (z *Zone) SyncRegions() error {
 	return err
 }
 
+func (*Zone) syncMachineRegions(p *Machine) error {
+	var err error
+
+	if p.IsActive() {
+		err = p.RemoveFile("region")
+	} else {
+		err = p.WriteStringFile("none\n", "region")
+	}
+
+	if err == nil {
+		err = p.RemoveFile(RegionClusterTokenFileName)
+	}
+
+	return err
+}
+
 func (z *Zone) syncZoneRegions() error {
-	name := filepath.Join(z.Name, "regions")
+	name := filepath.Join(z.Name, ZoneRegionsFileName)
 
 	if len(z.Regions) > 0 {
 		var buf bytes.Buffer
@@ -210,9 +280,25 @@ func (z *Zone) syncZoneRegions() error {
 // SyncRegions writes to the file system the regions covered
 // by this meta-region
 func (r *Region) SyncRegions() error {
-	name := filepath.Join(r.Name, "regions")
+	if err := r.syncRegionsFile(); err != nil {
+		return err
+	}
 
-	if len(r.Regions) > 0 {
+	return r.syncClusterFile()
+}
+
+func (r *Region) mkdir() error {
+	return r.m.MkdirAll(r.Name)
+}
+
+func (r *Region) syncRegionsFile() error {
+	var err error
+
+	name := filepath.Join(r.Name, ZoneRegionsFileName)
+
+	if len(r.Regions) == 0 {
+		err = r.m.RemoveFile(name)
+	} else if err = r.mkdir(); err == nil {
 		var buf bytes.Buffer
 
 		for _, s := range r.Regions {
@@ -220,12 +306,29 @@ func (r *Region) SyncRegions() error {
 			_, _ = buf.WriteRune('\n')
 		}
 
-		if err := r.m.MkdirAll(r.Name); err != nil {
-			return err
-		}
-
-		return r.m.WriteStringFile(buf.String(), name)
+		err = r.m.WriteStringFile(buf.String(), name)
 	}
 
-	return r.m.RemoveFile(name)
+	return err
+}
+
+func (r *Region) syncClusterFile() error {
+	var err error
+
+	name := filepath.Join(r.Name, RegionClusterTokenFileName)
+
+	if r.Cluster == nil {
+		err = r.m.RemoveFile(name)
+	} else if err = r.mkdir(); err == nil {
+		var buf bytes.Buffer
+
+		_, _ = buf.WriteString(*r.Cluster)
+		if buf.Len() > 0 {
+			_, _ = buf.WriteRune('\n')
+		}
+
+		err = r.m.WriteStringFile(buf.String(), name)
+	}
+
+	return err
 }

pkg/wireguard/config.go

@@ -2,7 +2,6 @@ package wireguard
 
 import (
 	"bytes"
-	"errors"
 	"fmt"
 	"io"
 	"net/netip"
@@ -10,8 +9,8 @@ import (
 	"strings"
 	"text/template"
 
+	"asciigoat.org/ini/basic"
 	"darvaza.org/core"
-	"gopkg.in/gcfg.v1"
 )
 
 var configTemplate = template.Must(template.New("config").Funcs(template.FuncMap{
@@ -132,100 +131,6 @@ func (ep *EndpointAddress) FromString(s string) error {
 	return nil
 }
 
-type intermediateConfig struct {
-	Interface interfaceConfig
-	Peer      peersConfig
-}
-
-func (v *intermediateConfig) Export() (*Config, error) {
-	var out Config
-	var err error
-
-	// Interface
-	out.Interface, err = v.Interface.Export()
-	if err != nil {
-		return nil, err
-	}
-
-	// Peers
-	peers, ok := v.PeersCount()
-	if !ok {
-		return nil, errors.New("inconsistent Peer data")
-	}
-
-	for i := 0; i < peers; i++ {
-		p, err := v.ExportPeer(i)
-		if err != nil {
-			err = core.Wrap(err, "Peer[%v]:", i)
-			return nil, err
-		}
-
-		out.Peer = append(out.Peer, p)
-	}
-
-	return &out, nil
-}
-
-type interfaceConfig struct {
-	Address    netip.Addr
-	PrivateKey string
-	ListenPort uint16
-}
-
-func (p interfaceConfig) Export() (InterfaceConfig, error) {
-	var err error
-
-	out := InterfaceConfig{
-		Address:    p.Address,
-		ListenPort: p.ListenPort,
-	}
-
-	if p.PrivateKey != "" {
-		out.PrivateKey, err = PrivateKeyFromBase64(p.PrivateKey)
-		if err != nil {
-			err = core.Wrap(err, "PrivateKey")
-			return InterfaceConfig{}, err
-		}
-	}
-
-	return out, nil
-}
-
-type peersConfig struct {
-	PublicKey  []string
-	Endpoint   []string
-	AllowedIPs []string
-}
-
-func (v *intermediateConfig) ExportPeer(i int) (PeerConfig, error) {
-	var out PeerConfig
-
-	// Endpoint
-	s := v.Peer.Endpoint[i]
-	err := out.Endpoint.FromString(s)
-	if err != nil {
-		err = core.Wrap(err, "Endpoint")
-		return out, err
-	}
-
-	// PublicKey
-	out.PublicKey, err = PublicKeyFromBase64(v.Peer.PublicKey[i])
-	if err != nil {
-		err = core.Wrap(err, "PublicKey")
-		return out, err
-	}
-
-	// AllowedIPs
-	s = v.Peer.AllowedIPs[i]
-	out.AllowedIPs, err = parseAllowedIPs(s)
-	if err != nil {
-		err = core.Wrap(err, "AllowedIPs")
-		return out, err
-	}
-
-	return out, nil
-}
-
 func parseAllowedIPs(data string) ([]netip.Prefix, error) {
 	var out []netip.Prefix
 
@@ -242,25 +147,17 @@ func parseAllowedIPs(data string) ([]netip.Prefix, error) {
 	return out, nil
 }
 
-func (v *intermediateConfig) PeersCount() (int, bool) {
-	c0 := len(v.Peer.Endpoint)
-	c1 := len(v.Peer.PublicKey)
-	c2 := len(v.Peer.AllowedIPs)
-
-	if c0 != c1 || c1 != c2 {
-		return 0, false
-	}
-
-	return c0, true
-}
-
 // NewConfigFromReader parses a wgN.conf file
 func NewConfigFromReader(r io.Reader) (*Config, error) {
-	temp := &intermediateConfig{}
-
-	if err := gcfg.ReadInto(temp, r); err != nil {
+	doc, err := basic.Decode(r)
+	if err != nil {
 		return nil, err
 	}
 
-	return temp.Export()
+	cfg, err := newConfigFromDocument(doc)
+	if err != nil {
+		return nil, err
+	}
+
+	return cfg, nil
 }

pkg/wireguard/config_parser.go

@@ -0,0 +1,169 @@
+package wireguard
+
+import (
+	"io/fs"
+	"strconv"
+
+	"asciigoat.org/ini/basic"
+	"darvaza.org/core"
+)
+
+type sectionHandler func(*Config, *basic.Section) error
+
+var sectionMap = map[string]func(*Config, *basic.Section) error{
+	"Interface": loadInterfaceConfSection,
+	"Peer":      loadPeerConfSection,
+}
+
+func loadConfSection(out *Config, src *basic.Section) error {
+	h, ok := sectionMap[src.Key]
+	if !ok {
+		return core.Wrap(fs.ErrInvalid, "unknown section %q", src.Key)
+	}
+
+	return h(out, src)
+}
+
+func loadInterfaceConfSection(out *Config, src *basic.Section) error {
+	var cfg InterfaceConfig
+
+	for _, field := range src.Fields {
+		if err := loadInterfaceConfField(&cfg, field); err != nil {
+			return core.Wrap(err, "Interface")
+		}
+	}
+
+	out.Interface = cfg
+	return nil
+}
+
+func loadPeerConfSection(out *Config, src *basic.Section) error {
+	var cfg PeerConfig
+
+	for _, field := range src.Fields {
+		if err := loadPeerConfField(&cfg, field); err != nil {
+			return core.Wrap(err, "Peer[%v]", len(out.Peer))
+		}
+	}
+
+	out.Peer = append(out.Peer, cfg)
+	return nil
+}
+
+// revive:disable:cyclomatic
+// revive:disable:cognitive-complexity
+
+func loadInterfaceConfField(cfg *InterfaceConfig, field basic.Field) error {
+	// revive:enable:cyclomatic
+	// revive:enable:cognitive-complexity
+
+	// TODO: refactor when asciigoat's ini parser learns to do reflection
+	switch field.Key {
+	case "Address":
+		if !core.IsZero(cfg.Address) {
+			return core.Wrap(fs.ErrInvalid, "duplicate field %q", field.Key)
+		}
+
+		err := cfg.Address.UnmarshalText([]byte(field.Value))
+		switch {
+		case err != nil:
+			return core.Wrap(err, field.Key)
+		default:
+			return nil
+		}
+	case "PrivateKey":
+		if !core.IsZero(cfg.PrivateKey) {
+			return core.Wrap(fs.ErrInvalid, "duplicate field %q", field.Key)
+		}
+
+		err := cfg.PrivateKey.UnmarshalText([]byte(field.Value))
+		switch {
+		case err != nil:
+			return core.Wrap(err, field.Key)
+		default:
+			return nil
+		}
+	case "ListenPort":
+		if cfg.ListenPort > 0 {
+			return core.Wrap(fs.ErrInvalid, "duplicate field %q", field.Key)
+		}
+
+		u64, err := strconv.ParseUint(field.Value, 10, 16)
+		switch {
+		case err != nil:
+			return core.Wrap(err, field.Key)
+		case u64 == 0:
+			return core.Wrap(fs.ErrInvalid, "invalid %q value", field.Key)
+		default:
+			cfg.ListenPort = uint16(u64)
+			return nil
+		}
+	default:
+		return core.Wrap(fs.ErrInvalid, "unknown field %q", field.Key)
+	}
+}
+
+// revive:disable:cyclomatic
+// revive:disable:cognitive-complexity
+
+func loadPeerConfField(cfg *PeerConfig, field basic.Field) error {
+	// revive:enable:cyclomatic
+	// revive:enable:cognitive-complexity
+
+	switch field.Key {
+	case "PublicKey":
+		if !core.IsZero(cfg.PublicKey) {
+			return core.Wrap(fs.ErrInvalid, "duplicate field %q", field.Key)
+		}
+
+		err := cfg.PublicKey.UnmarshalText([]byte(field.Value))
+		switch {
+		case err != nil:
+			return core.Wrap(err, field.Key)
+		default:
+			return nil
+		}
+	case "Endpoint":
+		if cfg.Endpoint.String() != "" {
+			return core.Wrap(fs.ErrInvalid, "duplicate field %q", field.Key)
+		}
+
+		err := cfg.Endpoint.UnmarshalText([]byte(field.Value))
+		switch {
+		case err != nil:
+			return core.Wrap(err, field.Key)
+		default:
+			return nil
+		}
+	case "AllowedIPs":
+		s, err := parseAllowedIPs(field.Value)
+		switch {
+		case err != nil:
+			return core.Wrap(err, field.Key)
+		case len(s) > 0:
+			cfg.AllowedIPs = append(cfg.AllowedIPs, s...)
+			return nil
+		}
+	default:
+		return core.Wrap(fs.ErrInvalid, "unknown field %q", field.Key)
+	}
+	return nil
+}
+
+func newConfigFromDocument(doc *basic.Document) (*Config, error) {
+	var out Config
+
+	if len(doc.Global) > 0 {
+		err := core.Wrap(fs.ErrInvalid, "fields before the first section")
+		return nil, err
+	}
+
+	for i := range doc.Sections {
+		src := &doc.Sections[i]
+		if err := loadConfSection(&out, src); err != nil {
+			return nil, err
+		}
+	}
+
+	return &out, nil
+}