kanidm/kanidmd/src/server/main.rs

#![deny(warnings)]

extern crate actix;
extern crate env_logger;
extern crate rpassword;

extern crate kanidm;
extern crate structopt;
#[macro_use]
extern crate log;

use kanidm::config::Configuration;
use kanidm::core::{
    backup_server_core, create_server_core, recover_account_core, reset_sid_core,
    restore_server_core, verify_server_core,
};

use std::path::PathBuf;
use structopt::StructOpt;

#[derive(Debug, StructOpt)]
struct CommonOpt {
    #[structopt(short = "d", long = "debug")]
    debug: bool,
    #[structopt(parse(from_os_str), short = "D", long = "db_path")]
    db_path: PathBuf,
}

#[derive(Debug, StructOpt)]
struct ServerOpt {
    #[structopt(parse(from_os_str), short = "C", long = "ca")]
    ca_path: Option<PathBuf>,
    #[structopt(parse(from_os_str), short = "c", long = "cert")]
    cert_path: Option<PathBuf>,
    #[structopt(parse(from_os_str), short = "k", long = "key")]
    key_path: Option<PathBuf>,
    #[structopt(short = "r", long = "domain")]
    domain: String,
    #[structopt(short = "b", long = "bindaddr")]
    bind: Option<String>,
    #[structopt(flatten)]
    commonopts: CommonOpt,
}

#[derive(Debug, StructOpt)]
struct BackupOpt {
    #[structopt(parse(from_os_str))]
    path: PathBuf,
    #[structopt(flatten)]
    commonopts: CommonOpt,
}

#[derive(Debug, StructOpt)]
struct RestoreOpt {
    #[structopt(parse(from_os_str))]
    path: PathBuf,
    #[structopt(flatten)]
    commonopts: CommonOpt,
}

#[derive(Debug, StructOpt)]
struct RecoverAccountOpt {
    #[structopt(short)]
    name: String,
    #[structopt(flatten)]
    commonopts: CommonOpt,
}

#[derive(Debug, StructOpt)]
enum Opt {
    #[structopt(name = "server")]
    Server(ServerOpt),
    #[structopt(name = "backup")]
    Backup(BackupOpt),
    #[structopt(name = "restore")]
    Restore(RestoreOpt),
    #[structopt(name = "verify")]
    Verify(CommonOpt),
    #[structopt(name = "recover_account")]
    RecoverAccount(RecoverAccountOpt),
    #[structopt(name = "reset_server_id")]
    ResetServerId(CommonOpt),
}

impl Opt {
    fn debug(&self) -> bool {
        match self {
            Opt::Server(sopt) => sopt.commonopts.debug,
            Opt::Verify(sopt) | Opt::ResetServerId(sopt) => sopt.debug,
            Opt::Backup(bopt) => bopt.commonopts.debug,
            Opt::Restore(ropt) => ropt.commonopts.debug,
            Opt::RecoverAccount(ropt) => ropt.commonopts.debug,
        }
    }
}

fn main() {
    // Read cli args, determine if we should backup/restore
    let opt = Opt::from_args();

    // Read our config (if any)
    let mut config = Configuration::new();
    // Apply any cli overrides?

    // Configure the server logger. This could be adjusted based on what config
    // says.
    if opt.debug() {
        ::std::env::set_var("RUST_LOG", "actix_web=info,kanidm=debug");
    } else {
        ::std::env::set_var("RUST_LOG", "actix_web=info,kanidm=info");
    }
    env_logger::init();

    match opt {
        Opt::Server(sopt) => {
            info!("Running in server mode ...");

            config.update_db_path(&sopt.commonopts.db_path);
            config.update_tls(&sopt.ca_path, &sopt.cert_path, &sopt.key_path);
            config.update_bind(&sopt.bind);
            config.domain = sopt.domain.clone();

            let sys = actix::System::new("kanidm-server");
            create_server_core(config);
            let _ = sys.run();
        }
        Opt::Backup(bopt) => {
            info!("Running in backup mode ...");

            config.update_db_path(&bopt.commonopts.db_path);

            let p = match bopt.path.to_str() {
                Some(p) => p,
                None => {
                    error!("Invalid backup path");
                    std::process::exit(1);
                }
            };
            backup_server_core(config, p);
        }
        Opt::Restore(ropt) => {
            info!("Running in restore mode ...");

            config.update_db_path(&ropt.commonopts.db_path);

            let p = match ropt.path.to_str() {
                Some(p) => p,
                None => {
                    error!("Invalid restore path");
                    std::process::exit(1);
                }
            };
            restore_server_core(config, p);
        }
        Opt::Verify(vopt) => {
            info!("Running in restore mode ...");

            config.update_db_path(&vopt.db_path);
            verify_server_core(config);
        }
        Opt::RecoverAccount(raopt) => {
            info!("Running account recovery ...");

            let password = rpassword::prompt_password_stderr("new password: ").unwrap();
            config.update_db_path(&raopt.commonopts.db_path);

            recover_account_core(config, raopt.name, password);
        }
        Opt::ResetServerId(vopt) => {
            info!("Resetting server id. THIS MAY BREAK REPLICATION");

            config.update_db_path(&vopt.db_path);
            reset_sid_core(config);
        }
    }
}
Clean all codebase warnings 2019-07-29 09:09:09 +02:00			`#![deny(warnings)]`

initial 2018-09-29 09:54:16 +02:00			`extern crate actix;`
20190607 authentication (#55) Implement #2 anonymous authentication. This also puts into place the majority of the authentication framework, and starts to build the IDM layers ontop of the DB engine. 2019-07-12 07:28:46 +02:00			`extern crate env_logger;`
3 authentication (#79) This adds support for authentication and credential storage to the server. It also adds account recovery and options for integration test fixtures, refactors to make the client library easier to manage, and support clean seperation of the proto vs lib. 2019-09-04 03:06:37 +02:00			`extern crate rpassword;`
initial 2018-09-29 09:54:16 +02:00
Complete the rename of the project from rsidm to kanidm 2019-09-14 15:44:08 +02:00			`extern crate kanidm;`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`extern crate structopt;`
			`#[macro_use]`
			`extern crate log;`
Implement memberof with direct/indirect tracking and testcases. (#48) * Implement memberof with direct/indirect tracking and testcases. 2019-05-08 02:39:46 +02:00
Complete the rename of the project from rsidm to kanidm 2019-09-14 15:44:08 +02:00			`use kanidm::config::Configuration;`
			`use kanidm::core::{`
65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`backup_server_core, create_server_core, recover_account_core, reset_sid_core,`
			`restore_server_core, verify_server_core,`
cargo fmt 2019-07-29 09:09:18 +02:00			`};`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00
			`use std::path::PathBuf;`
			`use structopt::StructOpt;`

			`#[derive(Debug, StructOpt)]`
65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`struct CommonOpt {`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`#[structopt(short = "d", long = "debug")]`
			`debug: bool,`
			`#[structopt(parse(from_os_str), short = "D", long = "db_path")]`
			`db_path: PathBuf,`
			`}`

65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`#[derive(Debug, StructOpt)]`
			`struct ServerOpt {`
			`#[structopt(parse(from_os_str), short = "C", long = "ca")]`
			`ca_path: Option<PathBuf>,`
			`#[structopt(parse(from_os_str), short = "c", long = "cert")]`
			`cert_path: Option<PathBuf>,`
			`#[structopt(parse(from_os_str), short = "k", long = "key")]`
			`key_path: Option<PathBuf>,`
			`#[structopt(short = "r", long = "domain")]`
			`domain: String,`
			`#[structopt(short = "b", long = "bindaddr")]`
			`bind: Option<String>,`
			`#[structopt(flatten)]`
			`commonopts: CommonOpt,`
			`}`

Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`#[derive(Debug, StructOpt)]`
			`struct BackupOpt {`
			`#[structopt(parse(from_os_str))]`
			`path: PathBuf,`
			`#[structopt(flatten)]`
65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`commonopts: CommonOpt,`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`}`

			`#[derive(Debug, StructOpt)]`
			`struct RestoreOpt {`
			`#[structopt(parse(from_os_str))]`
			`path: PathBuf,`
			`#[structopt(flatten)]`
65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`commonopts: CommonOpt,`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`}`

3 authentication (#79) This adds support for authentication and credential storage to the server. It also adds account recovery and options for integration test fixtures, refactors to make the client library easier to manage, and support clean seperation of the proto vs lib. 2019-09-04 03:06:37 +02:00			`#[derive(Debug, StructOpt)]`
			`struct RecoverAccountOpt {`
			`#[structopt(short)]`
			`name: String,`
			`#[structopt(flatten)]`
65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`commonopts: CommonOpt,`
3 authentication (#79) This adds support for authentication and credential storage to the server. It also adds account recovery and options for integration test fixtures, refactors to make the client library easier to manage, and support clean seperation of the proto vs lib. 2019-09-04 03:06:37 +02:00			`}`

Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`#[derive(Debug, StructOpt)]`
			`enum Opt {`
			`#[structopt(name = "server")]`
			`Server(ServerOpt),`
			`#[structopt(name = "backup")]`
			`Backup(BackupOpt),`
			`#[structopt(name = "restore")]`
			`Restore(RestoreOpt),`
Clean all codebase warnings 2019-07-29 09:09:09 +02:00			`#[structopt(name = "verify")]`
65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`Verify(CommonOpt),`
3 authentication (#79) This adds support for authentication and credential storage to the server. It also adds account recovery and options for integration test fixtures, refactors to make the client library easier to manage, and support clean seperation of the proto vs lib. 2019-09-04 03:06:37 +02:00			`#[structopt(name = "recover_account")]`
			`RecoverAccount(RecoverAccountOpt),`
65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`#[structopt(name = "reset_server_id")]`
			`ResetServerId(CommonOpt),`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`}`
Rework of auditing 2018-11-11 22:59:09 +01:00
Docker improvements (#81) Update the dockerfile to work correctly with the newer server options and runtime. 2019-09-06 05:05:27 +02:00			`impl Opt {`
			`fn debug(&self) -> bool {`
			`match self {`
65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`Opt::Server(sopt) => sopt.commonopts.debug,`
			`Opt::Verify(sopt) \| Opt::ResetServerId(sopt) => sopt.debug,`
			`Opt::Backup(bopt) => bopt.commonopts.debug,`
			`Opt::Restore(ropt) => ropt.commonopts.debug,`
			`Opt::RecoverAccount(ropt) => ropt.commonopts.debug,`
Docker improvements (#81) Update the dockerfile to work correctly with the newer server options and runtime. 2019-09-06 05:05:27 +02:00			`}`
			`}`
			`}`

initial 2018-09-29 09:54:16 +02:00			`fn main() {`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`// Read cli args, determine if we should backup/restore`
			`let opt = Opt::from_args();`

20190607 authentication (#55) Implement #2 anonymous authentication. This also puts into place the majority of the authentication framework, and starts to build the IDM layers ontop of the DB engine. 2019-07-12 07:28:46 +02:00			`// Read our config (if any)`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`let mut config = Configuration::new();`
			`// Apply any cli overrides?`
20190607 authentication (#55) Implement #2 anonymous authentication. This also puts into place the majority of the authentication framework, and starts to build the IDM layers ontop of the DB engine. 2019-07-12 07:28:46 +02:00
			`// Configure the server logger. This could be adjusted based on what config`
			`// says.`
Docker improvements (#81) Update the dockerfile to work correctly with the newer server options and runtime. 2019-09-06 05:05:27 +02:00			`if opt.debug() {`
Complete the rename of the project from rsidm to kanidm 2019-09-14 15:44:08 +02:00			`::std::env::set_var("RUST_LOG", "actix_web=info,kanidm=debug");`
Docker improvements (#81) Update the dockerfile to work correctly with the newer server options and runtime. 2019-09-06 05:05:27 +02:00			`} else {`
Complete the rename of the project from rsidm to kanidm 2019-09-14 15:44:08 +02:00			`::std::env::set_var("RUST_LOG", "actix_web=info,kanidm=info");`
Docker improvements (#81) Update the dockerfile to work correctly with the newer server options and runtime. 2019-09-06 05:05:27 +02:00			`}`
20190607 authentication (#55) Implement #2 anonymous authentication. This also puts into place the majority of the authentication framework, and starts to build the IDM layers ontop of the DB engine. 2019-07-12 07:28:46 +02:00			`env_logger::init();`

Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`match opt {`
			`Opt::Server(sopt) => {`
			`info!("Running in server mode ...");`

65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`config.update_db_path(&sopt.commonopts.db_path);`
			`config.update_tls(&sopt.ca_path, &sopt.cert_path, &sopt.key_path);`
			`config.update_bind(&sopt.bind);`
			`config.domain = sopt.domain.clone();`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00
Complete the rename of the project from rsidm to kanidm 2019-09-14 15:44:08 +02:00			`let sys = actix::System::new("kanidm-server");`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`create_server_core(config);`
			`let _ = sys.run();`
			`}`
			`Opt::Backup(bopt) => {`
			`info!("Running in backup mode ...");`

65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`config.update_db_path(&bopt.commonopts.db_path);`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00
			`let p = match bopt.path.to_str() {`
			`Some(p) => p,`
			`None => {`
			`error!("Invalid backup path");`
			`std::process::exit(1);`
			`}`
			`};`
			`backup_server_core(config, p);`
			`}`
			`Opt::Restore(ropt) => {`
			`info!("Running in restore mode ...");`

65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`config.update_db_path(&ropt.commonopts.db_path);`
initial 2018-09-29 09:54:16 +02:00
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`let p = match ropt.path.to_str() {`
			`Some(p) => p,`
			`None => {`
			`error!("Invalid restore path");`
			`std::process::exit(1);`
			`}`
			`};`
			`restore_server_core(config, p);`
			`}`
Clean all codebase warnings 2019-07-29 09:09:09 +02:00			`Opt::Verify(vopt) => {`
			`info!("Running in restore mode ...");`

			`config.update_db_path(&vopt.db_path);`
			`verify_server_core(config);`
			`}`
3 authentication (#79) This adds support for authentication and credential storage to the server. It also adds account recovery and options for integration test fixtures, refactors to make the client library easier to manage, and support clean seperation of the proto vs lib. 2019-09-04 03:06:37 +02:00			`Opt::RecoverAccount(raopt) => {`
			`info!("Running account recovery ...");`

			`let password = rpassword::prompt_password_stderr("new password: ").unwrap();`
65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`config.update_db_path(&raopt.commonopts.db_path);`
3 authentication (#79) This adds support for authentication and credential storage to the server. It also adds account recovery and options for integration test fixtures, refactors to make the client library easier to manage, and support clean seperation of the proto vs lib. 2019-09-04 03:06:37 +02:00
			`recover_account_core(config, raopt.name, password);`
			`}`
65 cli options (#85) Add support for command line options to the server. This supports server sid regeneration, persistence, address binding, tls configuration and more. This also improves TLS support in the client tools for CA cert addition to queries. 2019-09-14 10:21:41 +02:00			`Opt::ResetServerId(vopt) => {`
			`info!("Resetting server id. THIS MAY BREAK REPLICATION");`

			`config.update_db_path(&vopt.db_path);`
			`reset_sid_core(config);`
			`}`
Implement backup, restore and server modes This allows backup and restore of the server backend data from the command line. Backups can be taken while the server is running. Automated backups are not part of this yet. This also adds a few missing files from a previous commit mistake. Opps! 2019-07-15 01:15:25 +02:00			`}`
initial 2018-09-29 09:54:16 +02:00			`}`