Rebrand idm service

2025-12-16 17:45:39 -06:00 · 2025-01-16 17:01:51 +01:00
parent 61b48a2580
commit 1480126127
8 changed files with 14 additions and 14 deletions
--- a/services/idm/README.md
+++ b/services/idm/README.md
@@ -1,9 +1,9 @@
 # IDM

-The IDM service provides a minimal LDAP Service, based on [Libregraph idm](https://github.com/libregraph/idm), for oCIS. It is started as part of the default configuration and serves as a central place for storing user and group information.
+The IDM service provides a minimal LDAP Service, based on [Libregraph idm](https://github.com/libregraph/idm), for OpenCloud. It is started as part of the default configuration and serves as a central place for storing user and group information.

-It is mainly targeted at small oCIS installations. For larger setups it is recommended to replace IDM with a “real” LDAP server or to switch to an external identity management solution.
+It is mainly targeted at small OpenCloud installations. For larger setups it is recommended to replace IDM with a “real” LDAP server or to switch to an external identity management solution.

-IDM listens on port 9235 by default. In the default configuration it only accepts TLS-protected connections (LDAPS). The BaseDN of the LDAP tree is `o=libregraph-idm`. IDM gives LDAP write permissions to a single user (DN: `uid=libregraph,ou=sysusers,o=libregraph-idm`). Any other authenticated user has read-only access. IDM stores its data in a boltdb file `idm/ocis.boltdb` inside the oCIS base data directory.
+IDM listens on port 9235 by default. In the default configuration it only accepts TLS-protected connections (LDAPS). The BaseDN of the LDAP tree is `o=libregraph-idm`. IDM gives LDAP write permissions to a single user (DN: `uid=libregraph,ou=sysusers,o=libregraph-idm`). Any other authenticated user has read-only access. IDM stores its data in a boltdb file `idm/idm.boltdb` inside the OpenCloud base data directory.

 Note: IDM is limited in its functionality. It only supports a subset of the LDAP operations (namely `BIND`, `SEARCH`, `ADD`, `MODIFY`, `DELETE`). Also, IDM currently does not do any schema verification (like. structural vs. auxiliary object classes, require and option attributes, syntax checks, …). Therefore it is not meant as a general purpose LDAP server.
--- a/services/idm/ldif/base.ldif.tmpl
+++ b/services/idm/ldif/base.ldif.tmpl
@@ -28,7 +28,7 @@ givenName: Admin
 sn: Admin
 cn: admin
 displayName: Admin
-description: An admin for this oCIS instance.
+description: An admin for this OpenCloud instance.
 mail: admin@example.org
 ownCloudUUID: {{ .ID }}
 oCExternalIdentity:  $ {{ .Issuer }} $ {{ .ID }}
--- a/services/idm/pkg/command/resetpw.go
+++ b/services/idm/pkg/command/resetpw.go
@@ -76,7 +76,7 @@ func resetPassword(_ context.Context, logger log.Logger, cfg *config.Config, use
 		Timeout: 1 * time.Millisecond,
 	}
 	if err := bdb.Configure(servercfg.Logger, servercfg.LDAPBaseDN, servercfg.BoltDBFile, &opts); err != nil {
-		fmt.Fprintf(os.Stderr, "Failed to open database: '%s'. Please stop any running ocis/idm instance, as this tool requires exclusive access to the database.\n", err)
+		fmt.Fprintf(os.Stderr, "Failed to open database: '%s'. Please stop any running OpenCloud idm instance, as this tool requires exclusive access to the database.\n", err)
 		return err
 	}
 	defer bdb.Close()
--- a/services/idm/pkg/command/root.go
+++ b/services/idm/pkg/command/root.go
@@ -23,11 +23,11 @@ func GetCommands(cfg *config.Config) cli.Commands {
 	}
 }

-// Execute is the entry point for the ocis-idm command.
+// Execute is the entry point for the opencloud idm command.
 func Execute(cfg *config.Config) error {
 	app := clihelper.DefaultApp(&cli.App{
 		Name:     "idm",
-		Usage:    "Embedded LDAP service for oCIS",
+		Usage:    "Embedded LDAP service for OpenCloud",
 		Commands: GetCommands(cfg),
 	})

--- a/services/idm/pkg/command/server.go
+++ b/services/idm/pkg/command/server.go
@@ -153,7 +153,7 @@ func bootstrap(logger log.Logger, cfg *config.Config, srvcfg server.Config) erro
 	if cfg.AdminUserID != "" {
 		serviceUsers = append(serviceUsers, svcUser{
 			Name:     "admin",
-			Password: cfg.ServiceUserPasswords.OcisAdmin,
+			Password: cfg.ServiceUserPasswords.OCAdmin,
 			ID:       cfg.AdminUserID,
 			Issuer:   cfg.DemoUsersIssuerUrl,
 		})
--- a/services/idm/pkg/config/config.go
+++ b/services/idm/pkg/config/config.go
@@ -34,8 +34,8 @@ type Settings struct {
 }

 type ServiceUserPasswords struct {
-	OcisAdmin string `yaml:"admin_password" env:"IDM_ADMIN_PASSWORD" desc:"Password to set for the oCIS 'admin' user. Either cleartext or an argon2id hash." introductionVersion:"pre5.0"`
-	Idm       string `yaml:"idm_password" env:"IDM_SVC_PASSWORD" desc:"Password to set for the 'idm' service user. Either cleartext or an argon2id hash." introductionVersion:"pre5.0"`
-	Reva      string `yaml:"reva_password" env:"IDM_REVASVC_PASSWORD" desc:"Password to set for the 'reva' service user. Either cleartext or an argon2id hash." introductionVersion:"pre5.0"`
-	Idp       string `yaml:"idp_password" env:"IDM_IDPSVC_PASSWORD" desc:"Password to set for the 'idp' service user. Either cleartext or an argon2id hash." introductionVersion:"pre5.0"`
+	OCAdmin string `yaml:"admin_password" env:"IDM_ADMIN_PASSWORD" desc:"Password to set for the OpenCloud 'admin' user. Either cleartext or an argon2id hash." introductionVersion:"pre5.0"`
+	Idm     string `yaml:"idm_password" env:"IDM_SVC_PASSWORD" desc:"Password to set for the 'idm' service user. Either cleartext or an argon2id hash." introductionVersion:"pre5.0"`
+	Reva    string `yaml:"reva_password" env:"IDM_REVASVC_PASSWORD" desc:"Password to set for the 'reva' service user. Either cleartext or an argon2id hash." introductionVersion:"pre5.0"`
+	Idp     string `yaml:"idp_password" env:"IDM_IDPSVC_PASSWORD" desc:"Password to set for the 'idp' service user. Either cleartext or an argon2id hash." introductionVersion:"pre5.0"`
 }
--- a/services/idm/pkg/config/defaults/defaultconfig.go
+++ b/services/idm/pkg/config/defaults/defaultconfig.go
@@ -33,7 +33,7 @@ func DefaultConfig() *config.Config {
 			LDAPSAddr:    "127.0.0.1:9235",
 			Cert:         path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"),
 			Key:          path.Join(defaults.BaseDataPath(), "idm", "ldap.key"),
-			DatabasePath: path.Join(defaults.BaseDataPath(), "idm", "ocis.boltdb"),
+			DatabasePath: path.Join(defaults.BaseDataPath(), "idm", "idm.boltdb"),
 		},
 	}
 }
--- a/services/idm/pkg/config/parser/parse.go
+++ b/services/idm/pkg/config/parser/parse.go
@@ -41,7 +41,7 @@ func Validate(cfg *config.Config) error {
 		return shared.MissingServiceUserPassword(cfg.Service.Name, "IDM")
 	}

-	if cfg.AdminUserID != "" && cfg.ServiceUserPasswords.OcisAdmin == "" {
+	if cfg.AdminUserID != "" && cfg.ServiceUserPasswords.OCAdmin == "" {
 		return shared.MissingServiceUserPassword(cfg.Service.Name, "admin")
 	}