Skip to content

Document trusted-server.example.toml and restore dropped-but-supported config sections #869

Description

@aram356

Summary

trusted-server.example.toml is the source-controlled config template (ts config init, and embedded into the Cloudflare/Spin adapters via include_str!). Over time it drifted from the supported config schema: it dropped several sections that still exist in the Rust config structs, and it doesn't clearly distinguish the required minimum config from optional/vendor settings.

Problems

  • No clear "minimum config". Nothing in the file signals that only [publisher], [ec].passphrase, and an admin-covering [[handlers]] are required to boot/validate. [ec] in particular is easy to assume optional, but an omitted/empty passphrase fails validation.
  • Dropped-but-still-supported sections. The following map to live structs yet were missing from the template: [tester_cookie], [rewrite], the [consent] tree, [image_optimizer], [tinybird], [integrations.osano], publisher.max_buffered_body_bytes, sourcepoint.auth_cookie_name, DataDome protection fields, Prebid override rules.
  • Sparse descriptions. Most keys have no explanation of what they do or their defaults.

Proposed change

  • Keep the required trio active with per-key descriptions.
  • Comment out every optional section/integration, each with a one-line description, so a fresh deploy starts minimal and safe.
  • Re-add the dropped-but-supported sections as documented (commented) blocks.
  • Keep the four ts audit-patched integrations (gpt, didomi, datadome, google_tag_manager) active with enabled = false so the audit CLI can still flip them.
  • Keep all example hosts as example.com (no real vendor domains).

Acceptance

  • File deserializes and passes Settings::from_toml validation (verified with real secrets substituted for the intentional placeholders).
  • ts audit draft-config patching still works (run_audit_writes_selected_outputs_and_summary).
  • Config schema in the file matches the actual Rust structs.

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentation

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions