mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-04-24 11:15:38 +02:00
Code Issues Actions10 Packages Projects Releases Wiki Activity

Compare commits

...

3 commits
b5c78e14df ... 2a90c60bff

Author SHA1 Message Date
Shaswat Raj 2a90c60bff
Merge 588012a8e8 into ad012cd6fd 2025-04-05 03:31:43 +02:00
Arian van Putten ad012cd6fd
implement notify-reload protocol () 2025-04-04 09:24:14 +10:00
sh20raj 588012a8e8 Implemented a new overrides.css file that allows administrators to add custom styles that will be loaded after the main stylesheet. This provides a clean and maintainable way for administrators to customize the UI appearance without modifying core stylesheets. 
Key changes:

- Created server/core/static/overrides.css for custom style overrides
- Added comments explaining the purpose and usage of the file
- Ensured the file loads after main stylesheet to properly override default styles
 2025-02-26 11:07:43 +05:30
2 changed files with 73 additions and 84 deletions
server
core/static
overrides.css
daemon/src
main.rs

3
server/core/static/overrides.css Normal file
View file

@ -0,0 +1,3 @@
/* Custom stylesheet overrides */
/* Administrators can add custom styles here */
/* This file will be loaded after the main stylesheet */

154
server/daemon/src/main.rs
View file

@ -724,14 +724,6 @@ async fn kanidm_main(config: Configuration, opt: KanidmdParser) -> ExitCode {
#[cfg(target_os = "linux")] #[cfg(target_os = "linux")]
{ {
let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Ready]); let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Ready]);
// Undocumented systemd feature - all messages should have a monotonic usec sent
// with them. In some cases like "reloading" messages, it is undocumented but
// failure to send this message causes the reload to fail.
if let Ok(monotonic_usec) = sd_notify::NotifyState::monotonic_usec_now() {
let _ = sd_notify::notify(true, &[monotonic_usec]);
} else {
error!("CRITICAL!!! Unable to access clock monotonic time. SYSTEMD WILL KILL US.");
};
let _ = sd_notify::notify( let _ = sd_notify::notify(
true, true,
&[sd_notify::NotifyState::Status("Started Kanidm 🦀")], &[sd_notify::NotifyState::Status("Started Kanidm 🦀")],
@ -745,86 +737,80 @@ async fn kanidm_main(config: Configuration, opt: KanidmdParser) -> ExitCode {
{ {
let mut listener = sctx.subscribe(); let mut listener = sctx.subscribe();
tokio::select! { tokio::select! {
Ok(()) = tokio::signal::ctrl_c() => { Ok(()) = tokio::signal::ctrl_c() => {
break break
} }
Some(()) = async move { Some(()) = async move {
let sigterm = tokio::signal::unix::SignalKind::terminate(); let sigterm = tokio::signal::unix::SignalKind::terminate();
#[allow(clippy::unwrap_used)] #[allow(clippy::unwrap_used)]
tokio::signal::unix::signal(sigterm).unwrap().recv().await tokio::signal::unix::signal(sigterm).unwrap().recv().await
} => { } => {
break break
} }
Some(()) = async move { Some(()) = async move {
let sigterm = tokio::signal::unix::SignalKind::alarm(); let sigterm = tokio::signal::unix::SignalKind::alarm();
#[allow(clippy::unwrap_used)] #[allow(clippy::unwrap_used)]
tokio::signal::unix::signal(sigterm).unwrap().recv().await tokio::signal::unix::signal(sigterm).unwrap().recv().await
} => { } => {
// Ignore // Ignore
} }
Some(()) = async move { Some(()) = async move {
let sigterm = tokio::signal::unix::SignalKind::hangup(); let sigterm = tokio::signal::unix::SignalKind::hangup();
#[allow(clippy::unwrap_used)] #[allow(clippy::unwrap_used)]
tokio::signal::unix::signal(sigterm).unwrap().recv().await tokio::signal::unix::signal(sigterm).unwrap().recv().await
} => { } => {
// Reload TLS certificates // Reload TLS certificates
// systemd has a special reload handler for this. // systemd has a special reload handler for this.
#[cfg(target_os = "linux")] #[cfg(target_os = "linux")]
{ {
let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Reloading]); if let Ok(monotonic_usec) = sd_notify::NotifyState::monotonic_usec_now() {
// CRITICAL - if you do not send a monotonic usec message after a reloading let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Reloading, monotonic_usec]);
// message, your service WILL BE KILLED. let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Status("Reloading ...")]);
if let Ok(monotonic_usec) = sd_notify::NotifyState::monotonic_usec_now() { } else {
let _ = error!("CRITICAL!!! Unable to access clock monotonic time. SYSTEMD WILL KILL US.");
sd_notify::notify(true, &[monotonic_usec]); };
} else { }
error!("CRITICAL!!! Unable to access clock monotonic time. SYSTEMD WILL KILL US.");
};
let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Status("Reloading ...")]);
}
sctx.tls_acceptor_reload().await; sctx.tls_acceptor_reload().await;
// Systemd freaks out if you send the ready state too fast after the // Systemd freaks out if you send the ready state too fast after the
// reload state and can kill Kanidmd as a result. // reload state and can kill Kanidmd as a result.
tokio::time::sleep(std::time::Duration::from_secs(5)).await; tokio::time::sleep(std::time::Duration::from_secs(5)).await;
#[cfg(target_os = "linux")] #[cfg(target_os = "linux")]
{ {
let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Ready]); if let Ok(monotonic_usec) = sd_notify::NotifyState::monotonic_usec_now() {
if let Ok(monotonic_usec) = sd_notify::NotifyState::monotonic_usec_now() { let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Ready, monotonic_usec]);
let _ = let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Status("Reload Success")]);
sd_notify::notify(true, &[monotonic_usec]); } else {
} else { error!("CRITICAL!!! Unable to access clock monotonic time. SYSTEMD WILL KILL US.");
error!("CRITICAL!!! Unable to access clock monotonic time. SYSTEMD WILL KILL US."); };
}; }
let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Status("Reload Success")]);
}
info!("Reload complete"); info!("Reload complete");
} }
Some(()) = async move { Some(()) = async move {
let sigterm = tokio::signal::unix::SignalKind::user_defined1(); let sigterm = tokio::signal::unix::SignalKind::user_defined1();
#[allow(clippy::unwrap_used)] #[allow(clippy::unwrap_used)]
tokio::signal::unix::signal(sigterm).unwrap().recv().await tokio::signal::unix::signal(sigterm).unwrap().recv().await
} => { } => {
// Ignore // Ignore
} }
Some(()) = async move { Some(()) = async move {
let sigterm = tokio::signal::unix::SignalKind::user_defined2(); let sigterm = tokio::signal::unix::SignalKind::user_defined2();
#[allow(clippy::unwrap_used)] #[allow(clippy::unwrap_used)]
tokio::signal::unix::signal(sigterm).unwrap().recv().await tokio::signal::unix::signal(sigterm).unwrap().recv().await
} => { } => {
// Ignore // Ignore
} }
// we got a message on thr broadcast from somewhere else // we got a message on thr broadcast from somewhere else
Ok(msg) = async move { Ok(msg) = async move {
listener.recv().await listener.recv().await
} => { } => {
debug!("Main loop received message: {:?}", msg); debug!("Main loop received message: {:?}", msg);
break break
} }
} }
} }
#[cfg(target_family = "windows")] #[cfg(target_family = "windows")]
{ {