mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-24 04:57:00 +01:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity
kanidm/kanidmd/src/server/main.rs

331 lines
12 KiB
Rust
Raw Normal View History

Clean all codebase warnings
2019-07-29 09:09:09 +02:00
#![deny(warnings)]
V large cleanup
2020-08-04 04:58:11 +02:00
#![warn(unused_extern_crates)]
#![deny(clippy::unwrap_used)]
#![deny(clippy::expect_used)]
#![deny(clippy::panic)]
#![deny(clippy::unreachable)]
#![deny(clippy::await_holding_lock)]
#![deny(clippy::needless_pass_by_value)]
#![deny(clippy::trivially_copy_pass_by_ref)]
Clean all codebase warnings
2019-07-29 09:09:09 +02:00
Update build
2021-02-17 09:36:28 +01:00
#[cfg(all(jemallocator, not(test)))]
Move jemalloc to runtime only
2021-02-13 07:17:58 +01:00
#[global_allocator]
static ALLOC: jemallocator::Jemalloc = jemallocator::Jemalloc;
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
use users::{get_current_gid, get_current_uid, get_effective_gid, get_effective_uid};
Pre-release update and cleanup (#631)
2021-12-31 00:11:20 +01:00
use serde::Deserialize;
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
use std::fs::{metadata, File, Metadata};
Fix readonly check (#496)
2021-06-27 03:30:40 +02:00
#[cfg(target_family = "unix")]
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
use std::os::unix::fs::MetadataExt;
Fix readonly check (#496)
2021-06-27 03:30:40 +02:00
use std::io::Read;
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
use std::path::Path;
Remove "extern crate" from binary crates
2020-01-08 11:49:26 +01:00
use std::path::PathBuf;
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
use std::str::FromStr;
Implement memberof with direct/indirect tracking and testcases. (#48) * Implement memberof with direct/indirect tracking and testcases.
2019-05-08 02:39:46 +02:00
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
use kanidm::audit::LogLevel;
Implement Online Backups (#25) (#536)
2021-07-31 09:13:46 +02:00
use kanidm::config::{Configuration, OnlineBackup, ServerRole};
Complete the rename of the project from rsidm to kanidm
2019-09-14 15:44:08 +02:00
use kanidm::core::{
511 upgrade failure - add debuging tools and improve debugging of the issue. (#512)
2021-07-01 06:51:25 +02:00
backup_server_core, create_server_core, dbscan_get_id2entry_core, dbscan_list_id2entry_core,
dbscan_list_index_analysis_core, dbscan_list_index_core, dbscan_list_indexes_core,
domain_rename_core, recover_account_core, reindex_server_core, restore_server_core,
vacuum_server_core, verify_server_core,
cargo fmt
2019-07-29 09:09:18 +02:00
};
Customized `tracing` for `tide::Middleware` logging (#544)
2021-08-19 03:04:24 +02:00
use kanidm::tracing_tree;
Fix readonly check (#496)
2021-06-27 03:30:40 +02:00
use kanidm::utils::file_permissions_readonly;
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
use structopt::StructOpt;
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
include!("./opt.rs");
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
#[derive(Debug, Deserialize)]
struct ServerConfig {
pub bindaddress: Option<String>,
pub ldapbindaddress: Option<String>,
// pub threads: Option<usize>,
pub db_path: String,
Support zfs page size
2020-08-04 08:52:57 +02:00
pub db_fs_type: Option<String>,
Idlset2, query cache, acp resolve cache (#409)
2021-04-14 01:56:40 +02:00
pub db_arc_size: Option<usize>,
356 Use tls chain file (#358) Fixes #356 - this changes from a split ca_chain/cert configuration to a single chain file. This allows rustls in tide-rustls to present the chain correctly, and allows openssl for ldaps to present the chain correctly too. it also simplifies integration to lets encrypt which provides a chain and key file by default.
2021-02-16 02:40:25 +01:00
pub tls_chain: Option<String>,
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
pub tls_key: Option<String>,
pub log_level: Option<String>,
Implement Online Backups (#25) (#536)
2021-07-31 09:13:46 +02:00
pub online_backup: Option<OnlineBackup>,
13 135 webauthn support (#332) Fixes #13 and Fixes #135 - webauthn and webauthn with cli. This is the core of webauthn, but only as a single factor. Some changes are still needed for webauthn as MFA and as a verified single factor. This will be made in a subsequent PR.
2020-12-02 02:12:07 +01:00
pub origin: String,
Add ability to pick a server role (#432)
2021-05-06 12:58:22 +02:00
#[serde(default)]
pub role: ServerRole,
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
}
impl ServerConfig {
pub fn new<P: AsRef<Path>>(config_path: P) -> Result<Self, ()> {
let mut f = File::open(config_path).map_err(|e| {
eprintln!("Unable to open config file [{:?}] 🥺", e);
})?;
let mut contents = String::new();
f.read_to_string(&mut contents)
.map_err(|e| eprintln!("unable to read contents {:?}", e))?;
toml::from_str(contents.as_str()).map_err(|e| eprintln!("unable to parse config {:?}", e))
}
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
}
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
impl KanidmdOpt {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
fn commonopt(&self) -> &CommonOpt {
Docker improvements (#81) Update the dockerfile to work correctly with the newer server options and runtime.
2019-09-06 05:05:27 +02:00
match self {
vacuum (#365) Fixes #362 moves vacuum to a dedicated task. This is needed as previous vacuuming on startup on large databases could cause the server to fail to start. By making this a task it avoids this error case, and makes the vacuum more predictable, and only run when required.
2021-02-21 06:04:58 +01:00
KanidmdOpt::Server(sopt)
| KanidmdOpt::Verify(sopt)
| KanidmdOpt::Reindex(sopt)
511 upgrade failure - add debuging tools and improve debugging of the issue. (#512)
2021-07-01 06:51:25 +02:00
| KanidmdOpt::Vacuum(sopt)
| KanidmdOpt::DbScan(DbScanOpt::ListIndexes(sopt))
| KanidmdOpt::DbScan(DbScanOpt::ListId2Entry(sopt))
| KanidmdOpt::DbScan(DbScanOpt::ListIndexAnalysis(sopt)) => &sopt,
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
KanidmdOpt::Backup(bopt) => &bopt.commonopts,
KanidmdOpt::Restore(ropt) => &ropt.commonopts,
KanidmdOpt::RecoverAccount(ropt) => &ropt.commonopts,
KanidmdOpt::DomainChange(dopt) => &dopt.commonopts,
511 upgrade failure - add debuging tools and improve debugging of the issue. (#512)
2021-07-01 06:51:25 +02:00
KanidmdOpt::DbScan(DbScanOpt::ListIndex(dopt)) => &dopt.commonopts,
// KanidmdOpt::DbScan(DbScanOpt::GetIndex(dopt)) => &dopt.commonopts,
KanidmdOpt::DbScan(DbScanOpt::GetId2Entry(dopt)) => &dopt.commonopts,
Docker improvements (#81) Update the dockerfile to work correctly with the newer server options and runtime.
2019-09-06 05:05:27 +02:00
}
}
}
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
fn read_file_metadata(path: &PathBuf) -> Metadata {
match metadata(path) {
Ok(m) => m,
Err(e) => {
eprintln!(
"Unable to read metadata for {} - {:?}",
V large cleanup
2020-08-04 04:58:11 +02:00
path.to_str().unwrap_or("invalid file path"),
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
e
);
std::process::exit(1);
}
}
}
314 improve async (#316) this completely removes actix and actix-web from the codebase, replacing it with tokio and http-rs/tide. Due to a current temporary limit in tokio parts with openssl/libressl, rustls is used for the webserver, but I'll change this back once that issue is resolved. For now there are likely some other clippy issues, but the next step now is that I can finally run cargo outdated and update this and the other kanidm/* deps to be up to date due to no longer being held back on versions by actix. So following this, I need to finish clippy warnings, and run cargo outdated and cargo audit.
2020-09-06 00:44:35 +02:00
#[tokio::main]
Improve errors, tagging, logging and more across the codebase. (#243)
2020-06-05 06:01:20 +02:00
async fn main() {
Customized `tracing` for `tide::Middleware` logging (#544)
2021-08-19 03:04:24 +02:00
tracing_tree::main_init();
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
// Get info about who we are.
let cuid = get_current_uid();
let ceuid = get_effective_uid();
let cgid = get_current_gid();
let cegid = get_effective_gid();
if cuid == 0 || ceuid == 0 || cgid == 0 || cegid == 0 {
Change root user check to warning due to container run times (#328) Fixes #327 - In container run times, the default is to run as root. This may be user with virtualised containers or even to just smooth the "first run" process rather than requiring a user for the process and volumes.
2020-10-30 02:12:06 +01:00
eprintln!("WARNING: This is running as uid == 0 (root) which may be a security risk.");
// eprintln!("ERROR: Refusing to run - this process must not operate as root.");
// std::process::exit(1);
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
}
if cuid != ceuid || cgid != cegid {
eprintln!("{} != {} || {} != {}", cuid, ceuid, cgid, cegid);
eprintln!("ERROR: Refusing to run - uid and euid OR gid and egid must be consistent.");
std::process::exit(1);
}
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
// Read cli args, determine if we should backup/restore
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
let opt = KanidmdOpt::from_args();
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
let mut config = Configuration::new();
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
// Check the permissions are sane.
let cfg_meta = read_file_metadata(&(opt.commonopt().config_path));
Fix readonly check (#496)
2021-06-27 03:30:40 +02:00
if !file_permissions_readonly(&cfg_meta) {
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
eprintln!("WARNING: permissions on {} may not be secure. Should be readonly to running uid. This could be a security risk ...",
V large cleanup
2020-08-04 04:58:11 +02:00
opt.commonopt().config_path.to_str().unwrap_or("invalid file path"));
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
}
if cfg_meta.mode() & 0o007 != 0 {
eprintln!("WARNING: {} has 'everyone' permission bits in the mode. This could be a security risk ...",
V large cleanup
2020-08-04 04:58:11 +02:00
opt.commonopt().config_path.to_str().unwrap_or("invalid file path")
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
);
}
if cfg_meta.uid() == cuid || cfg_meta.uid() == ceuid {
eprintln!("WARNING: {} owned by the current uid, which may allow file permission changes. This could be a security risk ...",
V large cleanup
2020-08-04 04:58:11 +02:00
opt.commonopt().config_path.to_str().unwrap_or("invalid file path")
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
);
}
// Read our config
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
let sconfig = match ServerConfig::new(&(opt.commonopt().config_path)) {
Ok(c) => c,
Err(e) => {
eprintln!("Config Parse failure {:?}", e);
std::process::exit(1);
}
};
// Apply the file requirements
let ll = sconfig
.log_level
.map(|ll| match LogLevel::from_str(ll.as_str()) {
Ok(v) => v as u32,
Err(e) => {
eprintln!("{:?}", e);
std::process::exit(1);
}
});
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
// Check the permissions of the files from the configuration.
let db_path = PathBuf::from(sconfig.db_path.as_str());
fixing restores on #456 (#519)
2021-07-08 02:09:15 +02:00
// We can't check the db_path permissions because it may not exist yet!
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
if let Some(db_parent_path) = db_path.parent() {
if !db_parent_path.exists() {
eprintln!(
"DB folder {} may not exist, server startup may FAIL!",
V large cleanup
2020-08-04 04:58:11 +02:00
db_parent_path.to_str().unwrap_or("invalid file path")
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
);
}
let db_par_path_buf = db_parent_path.to_path_buf();
let i_meta = read_file_metadata(&db_par_path_buf);
if !i_meta.is_dir() {
eprintln!(
"ERROR: Refusing to run - DB folder {} may not be a directory",
V large cleanup
2020-08-04 04:58:11 +02:00
db_par_path_buf.to_str().unwrap_or("invalid file path")
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
);
std::process::exit(1);
}
Fix readonly check (#496)
2021-06-27 03:30:40 +02:00
if !file_permissions_readonly(&i_meta) {
V large cleanup
2020-08-04 04:58:11 +02:00
eprintln!("WARNING: DB folder permissions on {} indicate it may not be RW. This could cause the server start up to fail!", db_par_path_buf.to_str().unwrap_or("invalid file path"));
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
}
if i_meta.mode() & 0o007 != 0 {
V large cleanup
2020-08-04 04:58:11 +02:00
eprintln!("WARNING: DB folder {} has 'everyone' permission bits in the mode. This could be a security risk ...", db_par_path_buf.to_str().unwrap_or("invalid file path"));
Improve server hardening This adds a number of warnings to the server to help administrators make better informed decisions about the security of their environment.
2020-07-28 08:55:58 +02:00
}
}
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
config.update_log_level(ll);
config.update_db_path(&sconfig.db_path.as_str());
Support zfs page size
2020-08-04 08:52:57 +02:00
config.update_db_fs_type(&sconfig.db_fs_type);
13 135 webauthn support (#332) Fixes #13 and Fixes #135 - webauthn and webauthn with cli. This is the core of webauthn, but only as a single factor. Some changes are still needed for webauthn as MFA and as a verified single factor. This will be made in a subsequent PR.
2020-12-02 02:12:07 +01:00
config.update_origin(&sconfig.origin.as_str());
Idlset2, query cache, acp resolve cache (#409)
2021-04-14 01:56:40 +02:00
config.update_db_arc_size(sconfig.db_arc_size);
Add ability to pick a server role (#432)
2021-05-06 12:58:22 +02:00
config.update_role(sconfig.role);
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
// Apply any cli overrides, normally debug level.
181 pam nsswitch name spn (#270) This allows configuration of which attribute is presented during gid/uid resolution, adds home directory prefixing, and home directory name attribute selection.
2020-06-21 13:57:48 +02:00
if let Some(dll) = opt.commonopt().debug.as_ref() {
config.update_log_level(Some(dll.clone() as u32));
}
Base web UI (#391) Initial web ui (not-functional yet)
2021-03-26 02:22:00 +01:00
// ::std::env::set_var("RUST_LOG", "tide=info,kanidm=info,webauthn=debug");
20211216 tracing cleanup (#627)
2021-12-17 04:54:13 +01:00
// env_logger::builder()
// .format_timestamp(None)
// .format_level(false)
// .init();
20190607 authentication (#55) Implement #2 anonymous authentication. This also puts into place the majority of the authentication framework, and starts to build the IDM layers ontop of the DB engine.
2019-07-12 07:28:46 +02:00
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
match opt {
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
KanidmdOpt::Server(_sopt) => {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
eprintln!("Running in server mode ...");
Fixing #520, moving cert loading into server mode (#522)
2021-07-09 01:49:26 +02:00
// configuration options that only relate to server mode
config.update_tls(&sconfig.tls_chain, &sconfig.tls_key);
config.update_bind(&sconfig.bindaddress);
config.update_ldapbind(&sconfig.ldapbindaddress);
Implement Online Backups (#25) (#536)
2021-07-31 09:13:46 +02:00
config.update_online_backup(&sconfig.online_backup);
Fixing #520, moving cert loading into server mode (#522)
2021-07-09 01:49:26 +02:00
if let Some(i_str) = &(sconfig.tls_chain) {
let i_path = PathBuf::from(i_str.as_str());
let i_meta = read_file_metadata(&i_path);
if !file_permissions_readonly(&i_meta) {
eprintln!("WARNING: permissions on {} may not be secure. Should be readonly to running uid. This could be a security risk ...", i_str);
}
}
if let Some(i_str) = &(sconfig.tls_key) {
let i_path = PathBuf::from(i_str.as_str());
let i_meta = read_file_metadata(&i_path);
if !file_permissions_readonly(&i_meta) {
eprintln!("WARNING: permissions on {} may not be secure. Should be readonly to running uid. This could be a security risk ...", i_str);
}
if i_meta.mode() & 0o007 != 0 {
eprintln!("WARNING: {} has 'everyone' permission bits in the mode. This could be a security risk ...", i_str);
}
}
199 ldap gateway (#246) adds an LDAP gateway to the server. It supports TLS if configured for the webserver, using the same parameters. It is a read only interface, only supporting bind via the configured posix password.
2020-06-10 04:07:43 +02:00
let sctx = create_server_core(config).await;
Improve errors, tagging, logging and more across the codebase. (#243)
2020-06-05 06:01:20 +02:00
match sctx {
314 improve async (#316) this completely removes actix and actix-web from the codebase, replacing it with tokio and http-rs/tide. Due to a current temporary limit in tokio parts with openssl/libressl, rustls is used for the webserver, but I'll change this back once that issue is resolved. For now there are likely some other clippy issues, but the next step now is that I can finally run cargo outdated and update this and the other kanidm/* deps to be up to date due to no longer being held back on versions by actix. So following this, I need to finish clippy warnings, and run cargo outdated and cargo audit.
2020-09-06 00:44:35 +02:00
Ok(_sctx) => match tokio::signal::ctrl_c().await {
V large cleanup
2020-08-04 04:58:11 +02:00
Ok(_) => {
eprintln!("Ctrl-C received, shutting down");
}
Err(_) => {
eprintln!("Invalid signal received, shutting down as a precaution ...");
}
},
Improve errors, tagging, logging and more across the codebase. (#243)
2020-06-05 06:01:20 +02:00
Err(_) => {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
eprintln!("Failed to start server core!");
Improve errors, tagging, logging and more across the codebase. (#243)
2020-06-05 06:01:20 +02:00
return;
}
}
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
}
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
KanidmdOpt::Backup(bopt) => {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
eprintln!("Running in backup mode ...");
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
let p = match bopt.path.to_str() {
Some(p) => p,
None => {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
eprintln!("Invalid backup path");
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
std::process::exit(1);
}
};
V large cleanup
2020-08-04 04:58:11 +02:00
backup_server_core(&config, p);
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
}
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
KanidmdOpt::Restore(ropt) => {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
eprintln!("Running in restore mode ...");
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
let p = match ropt.path.to_str() {
Some(p) => p,
None => {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
eprintln!("Invalid restore path");
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
std::process::exit(1);
}
};
V large cleanup
2020-08-04 04:58:11 +02:00
restore_server_core(&config, p);
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
}
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
KanidmdOpt::Verify(_vopt) => {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
eprintln!("Running in db verification mode ...");
V large cleanup
2020-08-04 04:58:11 +02:00
verify_server_core(&config);
Clean all codebase warnings
2019-07-29 09:09:09 +02:00
}
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
KanidmdOpt::RecoverAccount(raopt) => {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
eprintln!("Running account recovery ...");
64 120 session claims (#462)
2021-06-02 01:30:37 +02:00
recover_account_core(&config, &raopt.name);
3 authentication (#79) This adds support for authentication and credential storage to the server. It also adds account recovery and options for integration test fixtures, refactors to make the client library easier to manage, and support clean seperation of the proto vs lib.
2019-09-04 03:06:37 +02:00
}
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
KanidmdOpt::Reindex(_copt) => {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
eprintln!("Running in reindex mode ...");
V large cleanup
2020-08-04 04:58:11 +02:00
reindex_server_core(&config);
Add docs for backup, restore, reindex and verify (#148) Implements #136 document backup and restore. This adds documentation into getting started on these actions, as well as reindex and verify .
2019-11-17 03:36:32 +01:00
}
vacuum (#365) Fixes #362 moves vacuum to a dedicated task. This is needed as previous vacuuming on startup on large databases could cause the server to fail to start. By making this a task it avoids this error case, and makes the vacuum more predictable, and only run when required.
2021-02-21 06:04:58 +01:00
KanidmdOpt::Vacuum(_copt) => {
eprintln!("Running in vacuum mode ...");
vacuum_server_core(&config);
}
306 command complete (#354) Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
2021-02-13 04:46:22 +01:00
KanidmdOpt::DomainChange(dopt) => {
195 rel cleanup (#268) Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
2020-06-18 02:30:42 +02:00
eprintln!("Running in domain name change mode ... this may take a long time ...");
V large cleanup
2020-08-04 04:58:11 +02:00
domain_rename_core(&config, &dopt.new_domain_name);
127 domain info type (#150) Implements #127 and #125. This adds domain_info support, and spn types and generation. It also correctly handles domain renaming, and has tooling to support this. It "should" work on an upgrade, due to the correct bump of index version, but I plan to test this from a backup of my production instance soon.
2019-11-29 01:48:22 +01:00
}
511 upgrade failure - add debuging tools and improve debugging of the issue. (#512)
2021-07-01 06:51:25 +02:00
KanidmdOpt::DbScan(DbScanOpt::ListIndexes(_)) => {
eprintln!("👀 db scan - list indexes");
dbscan_list_indexes_core(&config);
}
KanidmdOpt::DbScan(DbScanOpt::ListId2Entry(_)) => {
eprintln!("👀 db scan - list id2entry");
dbscan_list_id2entry_core(&config);
}
KanidmdOpt::DbScan(DbScanOpt::ListIndexAnalysis(_)) => {
eprintln!("👀 db scan - list index analysis");
dbscan_list_index_analysis_core(&config);
}
KanidmdOpt::DbScan(DbScanOpt::ListIndex(dopt)) => {
eprintln!("👀 db scan - list index content - {}", dopt.index_name);
dbscan_list_index_core(&config, dopt.index_name.as_str());
}
KanidmdOpt::DbScan(DbScanOpt::GetId2Entry(dopt)) => {
eprintln!("👀 db scan - get id2 entry - {}", dopt.id);
dbscan_get_id2entry_core(&config, dopt.id);
}
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are *not* part of this yet. This also adds a few missing files from a previous commit mistake. Opps!
2019-07-15 01:15:25 +02:00
}
initial
2018-09-29 09:54:16 +02:00
}
Reference in a new issue Copy permalink