From c9c329b139004399d4dc3aaf5a6a137051d57722 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Thu, 14 Apr 2022 15:40:09 +0200 Subject: [PATCH 01/99] initial skel for subcommand Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 63 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 ocis/pkg/command/init.go diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go new file mode 100644 index 0000000000..2f15dcf4dc --- /dev/null +++ b/ocis/pkg/command/init.go @@ -0,0 +1,63 @@ +package command + +import ( + "bufio" + "fmt" + "os" + "strings" + + "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis/pkg/register" + cli "github.com/urfave/cli/v2" +) + +func InitCommand(cfg *config.Config) *cli.Command { + return &cli.Command{ + Name: "init", + Usage: "initialise an ocis config", + Flags: []cli.Flag{ + &cli.StringFlag{ + Name: "insecure", + EnvVars: []string{"OCIS_INSECURE"}, + Value: "ask", + }, + }, + Action: func(c *cli.Context) error { + // TODO: discuss if we want overwrite protection for existing configs + insecureFlag := c.String("insecure") + if insecureFlag == "ask" { + answer := strings.ToLower(StringPrompt("Insecure Backends? [Yes|No]")) + if answer == "yes" || answer == "y" { + cfg.Proxy.InsecureBackends = true + } else { + cfg.Proxy.InsecureBackends = false + } + } else { + if insecureFlag == "true" { + cfg.Proxy.InsecureBackends = true + } else { + cfg.Proxy.InsecureBackends = false + } + } + fmt.Println(cfg.Proxy.InsecureBackends) + return nil + }, + } +} + +func StringPrompt(label string) string { + var s string + r := bufio.NewReader(os.Stdin) + for { + fmt.Fprint(os.Stderr, label+" ") + s, _ = r.ReadString('\n') + if s != "" { + break + } + } + return strings.TrimSpace(s) +} + +func init() { + register.AddCommand(InitCommand) +} From 8d81e39bd63274843b12e842cd5740d970b5b49f Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Tue, 19 Apr 2022 15:13:09 +0200 Subject: [PATCH 02/99] refactor yaml labels, add overwrite protection Signed-off-by: Christian Richter --- extensions/accounts/pkg/config/config.go | 22 +-- extensions/audit/pkg/config/config.go | 8 +- extensions/glauth/pkg/config/config.go | 16 +-- .../graph-explorer/pkg/config/config.go | 10 +- extensions/graph/pkg/config/config.go | 16 +-- extensions/idm/pkg/config/config.go | 10 +- extensions/idp/pkg/config/config.go | 14 +- extensions/nats/pkg/config/config.go | 14 +- extensions/notifications/pkg/config/config.go | 6 +- extensions/ocs/pkg/config/config.go | 20 +-- extensions/proxy/pkg/config/config.go | 36 ++--- extensions/settings/pkg/config/config.go | 20 +-- extensions/storage/pkg/config/config.go | 16 +-- extensions/thumbnails/pkg/config/config.go | 12 +- extensions/web/pkg/config/config.go | 14 +- extensions/webdav/pkg/config/config.go | 16 +-- go.mod | 2 +- ocis-pkg/config/config.go | 52 +++---- ocis/pkg/command/init.go | 134 +++++++++++++++--- 19 files changed, 270 insertions(+), 168 deletions(-) diff --git a/extensions/accounts/pkg/config/config.go b/extensions/accounts/pkg/config/config.go index 9b46d2dbf1..59068470c5 100644 --- a/extensions/accounts/pkg/config/config.go +++ b/extensions/accounts/pkg/config/config.go @@ -12,21 +12,21 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` - GRPC GRPC `yaml:"grpc"` + HTTP HTTP `yaml:"http,omitempty"` + GRPC GRPC `yaml:"grpc,omitempty"` TokenManager TokenManager `yaml:"token_manager"` - Asset Asset `yaml:"asset"` - Repo Repo `yaml:"repo"` - Index Index `yaml:"index"` - ServiceUser ServiceUser `yaml:"service_user"` - HashDifficulty int `yaml:"hash_difficulty" env:"ACCOUNTS_HASH_DIFFICULTY" desc:"The hash difficulty makes sure that validating a password takes at least a certain amount of time."` - DemoUsersAndGroups bool `yaml:"demo_users_and_groups" env:"ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"If this flag is set the service will setup the demo users and groups."` + Asset Asset `yaml:"asset,omitempty"` + Repo Repo `yaml:"repo,omitempty"` + Index Index `yaml:"index,omitempty"` + ServiceUser ServiceUser `yaml:"service_user,omitempty"` + HashDifficulty int `yaml:"hash_difficulty,omitempty" env:"ACCOUNTS_HASH_DIFFICULTY" desc:"The hash difficulty makes sure that validating a password takes at least a certain amount of time."` + DemoUsersAndGroups bool `yaml:"demo_users_and_groups,omitempty" env:"ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"If this flag is set the service will setup the demo users and groups."` Context context.Context `yaml:"-"` } diff --git a/extensions/audit/pkg/config/config.go b/extensions/audit/pkg/config/config.go index b14a78a752..3b753f1a11 100644 --- a/extensions/audit/pkg/config/config.go +++ b/extensions/audit/pkg/config/config.go @@ -12,11 +12,11 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - Events Events `yaml:"events"` - Auditlog Auditlog `yaml:"auditlog"` + Events Events `yaml:"events,omitempty"` + Auditlog Auditlog `yaml:"auditlog,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/glauth/pkg/config/config.go b/extensions/glauth/pkg/config/config.go index aa8479989a..d9fcf5d6b1 100644 --- a/extensions/glauth/pkg/config/config.go +++ b/extensions/glauth/pkg/config/config.go @@ -12,17 +12,17 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - Ldap Ldap `yaml:"ldap"` - Ldaps Ldaps `yaml:"ldaps"` + Ldap Ldap `yaml:"ldap,omitempty"` + Ldaps Ldaps `yaml:"ldaps,omitempty"` - Backend Backend `yaml:"backend"` - Fallback FallbackBackend `yaml:"fallback"` + Backend Backend `yaml:"backend,omitempty"` + Fallback FallbackBackend `yaml:"fallback,omitempty"` - RoleBundleUUID string `yaml:"role_bundle_uuid" env:"GLAUTH_ROLE_BUNDLE_ID"` + RoleBundleUUID string `yaml:"role_bundle_uuid,omitempty" env:"GLAUTH_ROLE_BUNDLE_ID"` Context context.Context `yaml:"-"` } diff --git a/extensions/graph-explorer/pkg/config/config.go b/extensions/graph-explorer/pkg/config/config.go index 2bd5bd5a62..4fa0474036 100644 --- a/extensions/graph-explorer/pkg/config/config.go +++ b/extensions/graph-explorer/pkg/config/config.go @@ -12,13 +12,13 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - GraphExplorer GraphExplorer `yaml:"graph_explorer"` + GraphExplorer GraphExplorer `yaml:"graph_explorer,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 4d11d73f93..0ff49f31ad 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -12,18 +12,18 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva"` + Reva Reva `yaml:"reva,omitempty"` TokenManager TokenManager `yaml:"token_manager"` - Spaces Spaces `yaml:"spaces"` - Identity Identity `yaml:"identity"` - Events Events `yaml:"events"` + Spaces Spaces `yaml:"spaces,omitempty"` + Identity Identity `yaml:"identity,omitempty"` + Events Events `yaml:"events,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/idm/pkg/config/config.go b/extensions/idm/pkg/config/config.go index 2706fe673f..8f47d43a72 100644 --- a/extensions/idm/pkg/config/config.go +++ b/extensions/idm/pkg/config/config.go @@ -12,12 +12,12 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - IDM Settings `yaml:"idm"` - CreateDemoUsers bool `yaml:"create_demo_users" env:"IDM_CREATE_DEMO_USERS;ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"Flag to enabe/disable the creation of the demo users"` + IDM Settings `yaml:"idm,omitempty"` + CreateDemoUsers bool `yaml:"create_demo_users,omitempty" env:"IDM_CREATE_DEMO_USERS;ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"Flag to enabe/disable the creation of the demo users"` ServiceUserPasswords ServiceUserPasswords `yaml:"service_user_passwords"` diff --git a/extensions/idp/pkg/config/config.go b/extensions/idp/pkg/config/config.go index 83bd84554d..8b479bba53 100644 --- a/extensions/idp/pkg/config/config.go +++ b/extensions/idp/pkg/config/config.go @@ -12,15 +12,15 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - Asset Asset `yaml:"asset"` - IDP Settings `yaml:"idp"` - Ldap Ldap `yaml:"ldap"` + Asset Asset `yaml:"asset,omitempty"` + IDP Settings `yaml:"idp,omitempty"` + Ldap Ldap `yaml:"ldap,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/nats/pkg/config/config.go b/extensions/nats/pkg/config/config.go index 3d1c279443..9dfed67b29 100644 --- a/extensions/nats/pkg/config/config.go +++ b/extensions/nats/pkg/config/config.go @@ -12,18 +12,18 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - Nats Nats `ociConfig:"nats"` + Nats Nats `ociConfig:"nats,omitempty"` Context context.Context `yaml:"-"` } // Nats is the nats config type Nats struct { - Host string `yaml:"host" env:"NATS_NATS_HOST"` - Port int `yaml:"port" env:"NATS_NATS_PORT"` - ClusterID string `yaml:"clusterid" env:"NATS_NATS_CLUSTER_ID"` - StoreDir string `yaml:"store_dir" env:"NATS_NATS_STORE_DIR"` + Host string `yaml:"host,omitempty" env:"NATS_NATS_HOST"` + Port int `yaml:"port,omitempty" env:"NATS_NATS_PORT"` + ClusterID string `yaml:"clusterid,omitempty" env:"NATS_NATS_CLUSTER_ID"` + StoreDir string `yaml:"store_dir,omitempty" env:"NATS_NATS_STORE_DIR"` } diff --git a/extensions/notifications/pkg/config/config.go b/extensions/notifications/pkg/config/config.go index 7cc1838523..2e6fddc48d 100644 --- a/extensions/notifications/pkg/config/config.go +++ b/extensions/notifications/pkg/config/config.go @@ -12,10 +12,10 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - Notifications Notifications `yaml:"notifications"` + Notifications Notifications `yaml:"notifications,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index 52d7e95424..dbdaa21507 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -12,20 +12,20 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - TokenManager TokenManager `yaml:"token_manager"` - Reva Reva `yaml:"reva"` + TokenManager TokenManager `yaml:"token_manager,omitempty"` + Reva Reva `yaml:"reva,omitempty"` - IdentityManagement IdentityManagement `yaml:"identity_management"` + IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` - AccountBackend string `yaml:"account_backend" env:"OCS_ACCOUNT_BACKEND_TYPE"` - StorageUsersDriver string `yaml:"storage_users_driver" env:"STORAGE_USERS_DRIVER;OCS_STORAGE_USERS_DRIVER"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY"` + AccountBackend string `yaml:"account_backend,omitempty" env:"OCS_ACCOUNT_BACKEND_TYPE"` + StorageUsersDriver string `yaml:"storage_users_driver,omitempty" env:"STORAGE_USERS_DRIVER;OCS_STORAGE_USERS_DRIVER"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY"` Context context.Context `yaml:"-"` } diff --git a/extensions/proxy/pkg/config/config.go b/extensions/proxy/pkg/config/config.go index 7beb4d9c4c..8cf6f18e85 100644 --- a/extensions/proxy/pkg/config/config.go +++ b/extensions/proxy/pkg/config/config.go @@ -12,27 +12,27 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva"` + Reva Reva `yaml:"reva,omitempty"` - Policies []Policy `yaml:"policies"` - OIDC OIDC `yaml:"oidc"` - TokenManager TokenManager `yaml:"token_manager"` - PolicySelector *PolicySelector `yaml:"policy_selector"` - PreSignedURL PreSignedURL `yaml:"pre_signed_url"` - AccountBackend string `yaml:"account_backend" env:"PROXY_ACCOUNT_BACKEND_TYPE"` - UserOIDCClaim string `yaml:"user_oidc_claim" env:"PROXY_USER_OIDC_CLAIM"` - UserCS3Claim string `yaml:"user_cs3_claim" env:"PROXY_USER_CS3_CLAIM"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY"` - AutoprovisionAccounts bool `yaml:"auto_provision_accounts" env:"PROXY_AUTOPROVISION_ACCOUNTS"` - EnableBasicAuth bool `yaml:"enable_basic_auth" env:"PROXY_ENABLE_BASIC_AUTH"` - InsecureBackends bool `yaml:"insecure_backends" env:"PROXY_INSECURE_BACKENDS"` - AuthMiddleware AuthMiddleware `yaml:"auth_middleware"` + Policies []Policy `yaml:"policies,omitempty"` + OIDC OIDC `yaml:"oidc,omitempty"` + TokenManager TokenManager `yaml:"token_manager,omitempty"` + PolicySelector *PolicySelector `yaml:"policy_selector,omitempty"` + PreSignedURL PreSignedURL `yaml:"pre_signed_url,omitempty"` + AccountBackend string `yaml:"account_backend,omitempty" env:"PROXY_ACCOUNT_BACKEND_TYPE"` + UserOIDCClaim string `yaml:"user_oidc_claim,omitempty" env:"PROXY_USER_OIDC_CLAIM"` + UserCS3Claim string `yaml:"user_cs3_claim,omitempty" env:"PROXY_USER_CS3_CLAIM"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY"` + AutoprovisionAccounts bool `yaml:"auto_provision_accounts,omitempty" env:"PROXY_AUTOPROVISION_ACCOUNTS"` + EnableBasicAuth bool `yaml:"enable_basic_auth,omitempty" env:"PROXY_ENABLE_BASIC_AUTH"` + InsecureBackends bool `yaml:"insecure_backends,omitempty" env:"PROXY_INSECURE_BACKENDS"` + AuthMiddleware AuthMiddleware `yaml:"auth_middleware,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index a60b2df1f3..5fc79dcd31 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -12,19 +12,19 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` - GRPC GRPC `yaml:"grpc"` + HTTP HTTP `yaml:"http,omitempty"` + GRPC GRPC `yaml:"grpc,omitempty"` - StoreType string `yaml:"store_type" env:"SETTINGS_STORE_TYPE"` - DataPath string `yaml:"data_path" env:"SETTINGS_DATA_PATH"` - Metadata Metadata `yaml:"metadata_config"` + StoreType string `yaml:"store_type,omitempty" env:"SETTINGS_STORE_TYPE"` + DataPath string `yaml:"data_path,omitempty" env:"SETTINGS_DATA_PATH"` + Metadata Metadata `yaml:"metadata_config,omitempty"` - Asset Asset `yaml:"asset"` - TokenManager TokenManager `yaml:"token_manager"` + Asset Asset `yaml:"asset,omitempty"` + TokenManager TokenManager `yaml:"token_manager,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/storage/pkg/config/config.go b/extensions/storage/pkg/config/config.go index cfd35175e7..695759d9f7 100644 --- a/extensions/storage/pkg/config/config.go +++ b/extensions/storage/pkg/config/config.go @@ -522,15 +522,15 @@ type Asset struct { // Config combines all available configuration parts. type Config struct { - *shared.Commons + *shared.Commons `yaml:",omitempty"` - File string `yaml:"file"` - Log *shared.Log `yaml:"log"` - Debug Debug `yaml:"debug"` - OCDav OCDav `yaml:"ocdav"` - Reva Reva `yaml:"reva"` - Tracing Tracing `yaml:"tracing"` - Asset Asset `yaml:"asset"` + File string `yaml:"file,omitempty"` + Log *shared.Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + OCDav OCDav `yaml:"ocdav,omitempty"` + Reva Reva `yaml:"reva,omitempty"` + Tracing Tracing `yaml:"tracing,omitempty"` + Asset Asset `yaml:"asset,omitempty"` } // New initializes a new configuration with or without defaults. diff --git a/extensions/thumbnails/pkg/config/config.go b/extensions/thumbnails/pkg/config/config.go index 0afad535c6..2b64782868 100644 --- a/extensions/thumbnails/pkg/config/config.go +++ b/extensions/thumbnails/pkg/config/config.go @@ -12,14 +12,14 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - GRPC GRPC `yaml:"grpc"` - HTTP HTTP `yaml:"http"` + GRPC GRPC `yaml:"grpc,omitempty"` + HTTP HTTP `yaml:"http,omitempty"` - Thumbnail Thumbnail `yaml:"thumbnail"` + Thumbnail Thumbnail `yaml:"thumbnail,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/web/pkg/config/config.go b/extensions/web/pkg/config/config.go index dbc7feee05..1fb079da64 100644 --- a/extensions/web/pkg/config/config.go +++ b/extensions/web/pkg/config/config.go @@ -12,15 +12,15 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - Asset Asset `yaml:"asset"` - File string `yaml:"file" env:"WEB_UI_CONFIG"` // TODO: rename this to a more self explaining string - Web Web `yaml:"web"` + Asset Asset `yaml:"asset,omitempty"` + File string `yaml:"file,omitempty" env:"WEB_UI_CONFIG"` // TODO: rename this to a more self explaining string + Web Web `yaml:"web,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/webdav/pkg/config/config.go b/extensions/webdav/pkg/config/config.go index 4efe95ebdf..322a8f9661 100644 --- a/extensions/webdav/pkg/config/config.go +++ b/extensions/webdav/pkg/config/config.go @@ -12,15 +12,15 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - OcisPublicURL string `yaml:"ocis_public_url" env:"OCIS_URL;OCIS_PUBLIC_URL"` - WebdavNamespace string `yaml:"webdav_namespace" env:"STORAGE_WEBDAV_NAMESPACE"` //TODO: prevent this cross config - RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY"` + OcisPublicURL string `yaml:"ocis_public_url,omitempty" env:"OCIS_URL;OCIS_PUBLIC_URL"` + WebdavNamespace string `yaml:"webdav_namespace,omitempty" env:"STORAGE_WEBDAV_NAMESPACE"` //TODO: prevent this cross config + RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY"` - Context context.Context `yaml:"-"` + Context context.Context `yaml:"-,omitempty"` } diff --git a/go.mod b/go.mod index 96bb7680bb..d155878487 100644 --- a/go.mod +++ b/go.mod @@ -79,6 +79,7 @@ require ( google.golang.org/grpc v1.45.0 google.golang.org/protobuf v1.28.0 gopkg.in/yaml.v2 v2.4.0 + gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b gotest.tools/v3 v3.1.0 stash.kopano.io/kgol/rndm v1.1.1 ) @@ -265,7 +266,6 @@ require ( gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect - gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect stash.kopano.io/kgol/kcc-go/v5 v5.0.1 // indirect stash.kopano.io/kgol/oidc-go v0.3.2 // indirect ) diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index f7c71952ec..1d35aa4932 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -46,34 +46,34 @@ type Runtime struct { // Config combines all available configuration parts. type Config struct { - *shared.Commons `yaml:"shared"` + *shared.Commons `yaml:"shared,omitempty"` - Tracing shared.Tracing `yaml:"tracing"` - Log *shared.Log `yaml:"log"` + Tracing shared.Tracing `yaml:"tracing,omitempty"` + Log *shared.Log `yaml:"log,omitempty"` - Mode Mode // DEPRECATED - File string - OcisURL string `yaml:"ocis_url"` + Mode Mode `yaml:",omitempty"` // DEPRECATED + File string `yaml:",omitempty"` + OcisURL string `yaml:"ocis_url,omitempty"` - Registry string `yaml:"registry"` - TokenManager TokenManager `yaml:"token_manager"` - Runtime Runtime `yaml:"runtime"` + Registry string `yaml:"registry,omitempty"` + TokenManager TokenManager `yaml:"token_manager,omitempty"` + Runtime Runtime `yaml:"runtime,omitempty"` - Audit *audit.Config `yaml:"audit"` - Accounts *accounts.Config `yaml:"accounts"` - GLAuth *glauth.Config `yaml:"glauth"` - Graph *graph.Config `yaml:"graph"` - GraphExplorer *graphExplorer.Config `yaml:"graph_explorer"` - IDP *idp.Config `yaml:"idp"` - IDM *idm.Config `yaml:"idm"` - Nats *nats.Config `yaml:"nats"` - Notifications *notifications.Config `yaml:"notifications"` - OCS *ocs.Config `yaml:"ocs"` - Web *web.Config `yaml:"web"` - Proxy *proxy.Config `yaml:"proxy"` - Settings *settings.Config `yaml:"settings"` - Storage *storage.Config `yaml:"storage"` - Store *store.Config `yaml:"store"` - Thumbnails *thumbnails.Config `yaml:"thumbnails"` - WebDAV *webdav.Config `yaml:"webdav"` + Audit *audit.Config `yaml:"audit,omitempty"` + Accounts *accounts.Config `yaml:"accounts,omitempty"` + GLAuth *glauth.Config `yaml:"glauth,omitempty"` + Graph *graph.Config `yaml:"graph,omitempty"` + GraphExplorer *graphExplorer.Config `yaml:"graph_explorer,omitempty"` + IDP *idp.Config `yaml:"idp,omitempty"` + IDM *idm.Config `yaml:"idm,omitempty"` + Nats *nats.Config `yaml:"nats,omitempty"` + Notifications *notifications.Config `yaml:"notifications,omitempty"` + OCS *ocs.Config `yaml:"ocs,omitempty"` + Web *web.Config `yaml:"web,omitempty"` + Proxy *proxy.Config `yaml:"proxy,omitempty"` + Settings *settings.Config `yaml:"settings,omitempty"` + Storage *storage.Config `yaml:"storage,omitempty"` + Store *store.Config `yaml:"store,omitempty"` + Thumbnails *thumbnails.Config `yaml:"thumbnails,omitempty"` + WebDAV *webdav.Config `yaml:"webdav,omitempty"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 2f15dcf4dc..205eed9c87 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -2,16 +2,32 @@ package command import ( "bufio" + "errors" "fmt" + "io/ioutil" + "log" "os" + "path" "strings" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" + "gopkg.in/yaml.v3" + + accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config" + graph "github.com/owncloud/ocis/extensions/graph/pkg/config" + idm "github.com/owncloud/ocis/extensions/idm/pkg/config" ) +const configFilename string = "ocis.yml" + func InitCommand(cfg *config.Config) *cli.Command { + // TODO: remove homedir get + homeDir, err := os.UserHomeDir() + if err != nil { + log.Fatalf("could not get homedir") + } return &cli.Command{ Name: "init", Usage: "initialise an ocis config", @@ -21,12 +37,24 @@ func InitCommand(cfg *config.Config) *cli.Command { EnvVars: []string{"OCIS_INSECURE"}, Value: "ask", }, + &cli.BoolFlag{ + Name: "force-overwrite", + Aliases: []string{"f"}, + EnvVars: []string{"OCIS_FORCE_CONFIG_OVERWRITE"}, + Value: false, + }, + &cli.StringFlag{ + Name: "config-path", + //Value: cfg.ConfigPath, // TODO: as soon as PR 3480 is merged, remove quotes + Value: path.Join(homeDir, ".ocis"), // TODO: this is temporary for experimenting, line above is relevant + Usage: "config path for the ocis runtime", + // Destination: &cfg.ConfigFile, // TODO: same as above + }, }, Action: func(c *cli.Context) error { - // TODO: discuss if we want overwrite protection for existing configs insecureFlag := c.String("insecure") if insecureFlag == "ask" { - answer := strings.ToLower(StringPrompt("Insecure Backends? [Yes|No]")) + answer := strings.ToLower(stringPrompt("Insecure Backends? [Yes|No]")) if answer == "yes" || answer == "y" { cfg.Proxy.InsecureBackends = true } else { @@ -39,25 +67,99 @@ func InitCommand(cfg *config.Config) *cli.Command { cfg.Proxy.InsecureBackends = false } } - fmt.Println(cfg.Proxy.InsecureBackends) + err := createConfig(cfg.Proxy.InsecureBackends, c.Bool("force-overwrite"), c.String("config-path")) + if err != nil { + log.Fatalf("Could not create config: %s", err) + } return nil }, } } -func StringPrompt(label string) string { - var s string - r := bufio.NewReader(os.Stdin) - for { - fmt.Fprint(os.Stderr, label+" ") - s, _ = r.ReadString('\n') - if s != "" { - break - } - } - return strings.TrimSpace(s) -} - func init() { register.AddCommand(InitCommand) } + +func checkConfigPath(configPath string) error { + targetPath := path.Join(configPath, configFilename) + _, err := os.Stat(targetPath) + if err == nil { + return errors.New(fmt.Sprintf("Config in %s already exists", targetPath)) + } + return nil +} + +func createConfig(insecure, forceOverwrite bool, configPath string) error { + err := checkConfigPath(configPath) + if err != nil && forceOverwrite == false { + return err + } + err = os.MkdirAll(configPath, 0700) + if err != nil { + return err + } + cfg := config.Config{ + Accounts: &accounts.Config{}, + //Audit: &audit.Config{}, + //GLAuth: &glauth.Config{}, + //GraphExplorer: &graphExplorer.Config{}, + Graph: &graph.Config{}, + IDM: &idm.Config{}, + //IDP: &idp.Config{}, + //Nats: &nats.Config{}, + //Notifications: ¬ifications.Config{}, + //OCS: &ocs.Config{}, + //Proxy: &proxy.Config{}, + //Settings: &settings.Config{}, + //Storage: &storage.Config{}, + //Thumbnails: &thumbnails.Config{}, + //Web: &web.Config{}, + //WebDAV: &webdav.Config{}, + } + + idmServicePassword := "randomizeme" + idpServicePassword := "randomizeme" + ocisAdminServicePassword := "randomizeme" + revaServicePassword := "randomizeme" + tokenManagerJwtSecret := "randomizeme" + + // TODO: generate outputs for all occurences above + cfg.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword + cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword + cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword + cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword + yamlOutput, err := yaml.Marshal(cfg) + if err != nil { + return err + } + targetPath := path.Join(configPath, configFilename) + err = ioutil.WriteFile(targetPath, yamlOutput, 0600) + if err != nil { + return err + } + fmt.Printf( + "======================================\n"+ + " generated OCIS Config\n"+ + "======================================\n"+ + " configpath : %s\n"+ + " user : admin\n"+ + " password : %s\n", + targetPath, ocisAdminServicePassword) + return nil +} + +func stringPrompt(label string) string { + input := "" + reader := bufio.NewReader(os.Stdin) + for { + fmt.Fprint(os.Stderr, label+" ") + input, _ = reader.ReadString('\n') + if input != "" { + break + } + } + return strings.TrimSpace(input) +} From 3956108e17dca0d113c97972155c7a76062d5440 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 20 Apr 2022 11:12:55 +0200 Subject: [PATCH 03/99] add password generator Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 44 ++++++++++++++++++++++++++++++++++------ 1 file changed, 38 insertions(+), 6 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 205eed9c87..4c4cbd3fb0 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -2,10 +2,12 @@ package command import ( "bufio" + "crypto/rand" "errors" "fmt" "io/ioutil" "log" + "math/big" "os" "path" "strings" @@ -21,6 +23,7 @@ import ( ) const configFilename string = "ocis.yml" +const passwordLength int = 32 func InitCommand(cfg *config.Config) *cli.Command { // TODO: remove homedir get @@ -117,11 +120,26 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //WebDAV: &webdav.Config{}, } - idmServicePassword := "randomizeme" - idpServicePassword := "randomizeme" - ocisAdminServicePassword := "randomizeme" - revaServicePassword := "randomizeme" - tokenManagerJwtSecret := "randomizeme" + idmServicePassword, err := generateRandomPassword(passwordLength) + if err != nil { + return errors.New(fmt.Sprintf("Could not generate random password for idm: %s", err)) + } + idpServicePassword, err := generateRandomPassword(passwordLength) + if err != nil { + return errors.New(fmt.Sprintf("Could not generate random password for idp: %s", err)) + } + ocisAdminServicePassword, err := generateRandomPassword(passwordLength) + if err != nil { + return errors.New(fmt.Sprintf("Could not generate random password for ocis admin: %s", err)) + } + revaServicePassword, err := generateRandomPassword(passwordLength) + if err != nil { + return errors.New(fmt.Sprintf("Could not generate random password for reva: %s", err)) + } + tokenManagerJwtSecret, err := generateRandomPassword(passwordLength) + if err != nil { + return errors.New(fmt.Sprintf("Could not generate random password for tokenmanager: %s", err)) + } // TODO: generate outputs for all occurences above cfg.TokenManager.JWTSecret = tokenManagerJwtSecret @@ -133,7 +151,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword yamlOutput, err := yaml.Marshal(cfg) if err != nil { - return err + return errors.New(fmt.Sprintf("Could not marshall config into yaml: %s", err)) } targetPath := path.Join(configPath, configFilename) err = ioutil.WriteFile(targetPath, yamlOutput, 0600) @@ -163,3 +181,17 @@ func stringPrompt(label string) string { } return strings.TrimSpace(input) } + +func generateRandomPassword(length int) (string, error) { + const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-=+!@#$%^&*." + ret := make([]byte, length) + for i := 0; i < length; i++ { + num, err := rand.Int(rand.Reader, big.NewInt(int64(len(chars)))) + if err != nil { + return "", err + } + ret[i] = chars[num.Int64()] + } + + return string(ret), nil +} From 88cf3eec89cd4cabcea5a759c2137f3866b1b32b Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 20 Apr 2022 11:22:34 +0200 Subject: [PATCH 04/99] handle insecure flag Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 43 ++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 22 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 4c4cbd3fb0..c2c61b41bb 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -3,7 +3,6 @@ package command import ( "bufio" "crypto/rand" - "errors" "fmt" "io/ioutil" "log" @@ -20,11 +19,13 @@ import ( accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config" graph "github.com/owncloud/ocis/extensions/graph/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" + proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" ) const configFilename string = "ocis.yml" const passwordLength int = 32 +// InitCommand is the entrypoint for the init command func InitCommand(cfg *config.Config) *cli.Command { // TODO: remove homedir get homeDir, err := os.UserHomeDir() @@ -56,21 +57,16 @@ func InitCommand(cfg *config.Config) *cli.Command { }, Action: func(c *cli.Context) error { insecureFlag := c.String("insecure") + insecure := false if insecureFlag == "ask" { answer := strings.ToLower(stringPrompt("Insecure Backends? [Yes|No]")) if answer == "yes" || answer == "y" { - cfg.Proxy.InsecureBackends = true - } else { - cfg.Proxy.InsecureBackends = false - } - } else { - if insecureFlag == "true" { - cfg.Proxy.InsecureBackends = true - } else { - cfg.Proxy.InsecureBackends = false + insecure = true } + } else if insecureFlag == "true" { + insecure = true } - err := createConfig(cfg.Proxy.InsecureBackends, c.Bool("force-overwrite"), c.String("config-path")) + err := createConfig(insecure, c.Bool("force-overwrite"), c.String("config-path")) if err != nil { log.Fatalf("Could not create config: %s", err) } @@ -85,16 +81,15 @@ func init() { func checkConfigPath(configPath string) error { targetPath := path.Join(configPath, configFilename) - _, err := os.Stat(targetPath) - if err == nil { - return errors.New(fmt.Sprintf("Config in %s already exists", targetPath)) + if _, err := os.Stat(targetPath); err == nil { + return fmt.Errorf("Config in %s already exists", targetPath) } return nil } func createConfig(insecure, forceOverwrite bool, configPath string) error { err := checkConfigPath(configPath) - if err != nil && forceOverwrite == false { + if err != nil && !forceOverwrite { return err } err = os.MkdirAll(configPath, 0700) @@ -112,7 +107,6 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //Nats: &nats.Config{}, //Notifications: ¬ifications.Config{}, //OCS: &ocs.Config{}, - //Proxy: &proxy.Config{}, //Settings: &settings.Config{}, //Storage: &storage.Config{}, //Thumbnails: &thumbnails.Config{}, @@ -120,25 +114,30 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //WebDAV: &webdav.Config{}, } + if insecure { + cfg.Proxy = &proxy.Config{} + cfg.Proxy.InsecureBackends = insecure + } + idmServicePassword, err := generateRandomPassword(passwordLength) if err != nil { - return errors.New(fmt.Sprintf("Could not generate random password for idm: %s", err)) + return fmt.Errorf("Could not generate random password for idm: %s", err) } idpServicePassword, err := generateRandomPassword(passwordLength) if err != nil { - return errors.New(fmt.Sprintf("Could not generate random password for idp: %s", err)) + return fmt.Errorf("Could not generate random password for idp: %s", err) } ocisAdminServicePassword, err := generateRandomPassword(passwordLength) if err != nil { - return errors.New(fmt.Sprintf("Could not generate random password for ocis admin: %s", err)) + return fmt.Errorf("Could not generate random password for ocis admin: %s", err) } revaServicePassword, err := generateRandomPassword(passwordLength) if err != nil { - return errors.New(fmt.Sprintf("Could not generate random password for reva: %s", err)) + return fmt.Errorf("Could not generate random password for reva: %s", err) } tokenManagerJwtSecret, err := generateRandomPassword(passwordLength) if err != nil { - return errors.New(fmt.Sprintf("Could not generate random password for tokenmanager: %s", err)) + return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) } // TODO: generate outputs for all occurences above @@ -151,7 +150,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword yamlOutput, err := yaml.Marshal(cfg) if err != nil { - return errors.New(fmt.Sprintf("Could not marshall config into yaml: %s", err)) + return fmt.Errorf("Could not marshall config into yaml: %s", err) } targetPath := path.Join(configPath, configFilename) err = ioutil.WriteFile(targetPath, yamlOutput, 0600) From f7a84491ef023ce2e96a741e23f2ce7ae77683ce Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 20 Apr 2022 12:20:37 +0200 Subject: [PATCH 05/99] add missing extensions Signed-off-by: Christian Richter --- extensions/notifications/pkg/config/config.go | 6 ++-- extensions/settings/pkg/config/config.go | 10 +++---- extensions/thumbnails/pkg/config/config.go | 16 +++++----- ocis/pkg/command/init.go | 30 +++++++++++++++---- 4 files changed, 40 insertions(+), 22 deletions(-) diff --git a/extensions/notifications/pkg/config/config.go b/extensions/notifications/pkg/config/config.go index 2e6fddc48d..d20818252e 100644 --- a/extensions/notifications/pkg/config/config.go +++ b/extensions/notifications/pkg/config/config.go @@ -22,9 +22,9 @@ type Config struct { // Notifications definces the config options for the notifications service. type Notifications struct { - SMTP SMTP `yaml:"SMTP"` - Events Events `yaml:"events"` - RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY"` + SMTP SMTP `yaml:"SMTP,omitempty"` + Events Events `yaml:"events,omitempty"` + RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY"` MachineAuthSecret string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY"` } diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index 5fc79dcd31..d41a18fe13 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -36,10 +36,10 @@ type Asset struct { // Metadata configures the metadata store to use type Metadata struct { - GatewayAddress string `yaml:"gateway_addr" env:"STORAGE_GATEWAY_GRPC_ADDR"` - StorageAddress string `yaml:"storage_addr" env:"STORAGE_GRPC_ADDR"` + GatewayAddress string `yaml:"gateway_addr,omitempty" env:"STORAGE_GATEWAY_GRPC_ADDR"` + StorageAddress string `yaml:"storage_addr,omitempty" env:"STORAGE_GRPC_ADDR"` - ServiceUserID string `yaml:"service_user_id" env:"METADATA_SERVICE_USER_UUID"` - ServiceUserIDP string `yaml:"service_user_idp" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` + ServiceUserID string `yaml:"service_user_id,omitempty" env:"METADATA_SERVICE_USER_UUID"` + ServiceUserIDP string `yaml:"service_user_idp,omitempty" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY"` } diff --git a/extensions/thumbnails/pkg/config/config.go b/extensions/thumbnails/pkg/config/config.go index 2b64782868..52f72bc4e1 100644 --- a/extensions/thumbnails/pkg/config/config.go +++ b/extensions/thumbnails/pkg/config/config.go @@ -36,12 +36,12 @@ type FileSystemSource struct { // Thumbnail defines the available thumbnail related configuration. type Thumbnail struct { - Resolutions []string `yaml:"resolutions"` - FileSystemStorage FileSystemStorage `yaml:"filesystem_storage"` - WebdavAllowInsecure bool `yaml:"webdav_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE"` - CS3AllowInsecure bool `yaml:"cs3_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` - RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY"` //TODO: use REVA config - FontMapFile string `yaml:"font_map_file" env:"THUMBNAILS_TXT_FONTMAP_FILE"` - TransferTokenSecret string `yaml:"transfer_token" env:"THUMBNAILS_TRANSFER_TOKEN"` - DataEndpoint string `yaml:"data_endpoint" env:"THUMBNAILS_DATA_ENDPOINT"` + Resolutions []string `yaml:"resolutions,omitempty"` + FileSystemStorage FileSystemStorage `yaml:"filesystem_storage,omitempty"` + WebdavAllowInsecure bool `yaml:"webdav_allow_insecure,omitempty" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE"` + CS3AllowInsecure bool `yaml:"cs3_allow_insecure,omitempty" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` + RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY"` //TODO: use REVA config + FontMapFile string `yaml:"font_map_file,omitempty" env:"THUMBNAILS_TXT_FONTMAP_FILE"` + TransferTokenSecret string `yaml:"transfer_token,omitempty" env:"THUMBNAILS_TRANSFER_TOKEN"` + DataEndpoint string `yaml:"data_endpoint,omitempty" env:"THUMBNAILS_DATA_ENDPOINT"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index c2c61b41bb..cfbe6b15cc 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -19,7 +19,11 @@ import ( accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config" graph "github.com/owncloud/ocis/extensions/graph/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" + notifications "github.com/owncloud/ocis/extensions/notifications/pkg/config" + ocs "github.com/owncloud/ocis/extensions/ocs/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" + settings "github.com/owncloud/ocis/extensions/settings/pkg/config" + thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) const configFilename string = "ocis.yml" @@ -105,17 +109,17 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { IDM: &idm.Config{}, //IDP: &idp.Config{}, //Nats: &nats.Config{}, - //Notifications: ¬ifications.Config{}, - //OCS: &ocs.Config{}, - //Settings: &settings.Config{}, + Notifications: ¬ifications.Config{}, + Proxy: &proxy.Config{}, + OCS: &ocs.Config{}, + Settings: &settings.Config{}, //Storage: &storage.Config{}, - //Thumbnails: &thumbnails.Config{}, + Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, } if insecure { - cfg.Proxy = &proxy.Config{} cfg.Proxy.InsecureBackends = insecure } @@ -139,8 +143,15 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) } + machineAuthSecret, err := generateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) + } + thumbnailTransferTokenSecret, err := generateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) + } - // TODO: generate outputs for all occurences above cfg.TokenManager.JWTSecret = tokenManagerJwtSecret cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret @@ -148,6 +159,13 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword + cfg.Notifications.Notifications.MachineAuthSecret = machineAuthSecret + cfg.OCS.MachineAuthAPIKey = machineAuthSecret + cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Proxy.MachineAuthAPIKey = machineAuthSecret + cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret + cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Thumbnails.Thumbnail.TransferTokenSecret = thumbnailTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { return fmt.Errorf("Could not marshall config into yaml: %s", err) From acf75afebc8b4cf507ce0f1f67d0c0493e0e8296 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 22 Apr 2022 14:32:41 +0200 Subject: [PATCH 06/99] Move Tokenmanager to shared.Commons Signed-off-by: Christian Richter --- extensions/accounts/pkg/config/config.go | 7 +- .../pkg/config/defaults/defaultconfig.go | 14 +- extensions/graph/pkg/config/config.go | 4 +- .../pkg/config/defaults/defaultconfig.go | 12 +- extensions/graph/pkg/config/reva.go | 5 - extensions/ocs/pkg/config/config.go | 4 +- .../ocs/pkg/config/defaults/defaultconfig.go | 11 +- extensions/ocs/pkg/config/reva.go | 5 - extensions/ocs/pkg/server/http/svc_test.go | 3 +- extensions/proxy/pkg/command/server.go | 4 +- extensions/proxy/pkg/config/config.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 10 +- extensions/settings/pkg/config/config.go | 4 +- .../pkg/config/defaults/defaultconfig.go | 12 +- extensions/storage/pkg/config/config.go | 522 +++++++++--------- ocis-pkg/config/config.go | 14 +- ocis-pkg/config/defaultconfig.go | 3 +- ocis-pkg/config/helpers.go | 2 +- ocis-pkg/config/parser/parse.go | 39 +- ocis-pkg/shared/shared_types.go | 12 +- ocis/pkg/command/init.go | 77 +-- ocis/pkg/command/server.go | 4 +- 22 files changed, 408 insertions(+), 362 deletions(-) diff --git a/extensions/accounts/pkg/config/config.go b/extensions/accounts/pkg/config/config.go index 59068470c5..7d05d2edcc 100644 --- a/extensions/accounts/pkg/config/config.go +++ b/extensions/accounts/pkg/config/config.go @@ -19,7 +19,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` GRPC GRPC `yaml:"grpc,omitempty"` - TokenManager TokenManager `yaml:"token_manager"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` Asset Asset `yaml:"asset,omitempty"` Repo Repo `yaml:"repo,omitempty"` @@ -36,11 +36,6 @@ type Asset struct { Path string `yaml:"path" env:"ACCOUNTS_ASSET_PATH" desc:"The path to the ui assets."` } -// TokenManager is the config for using the reva token manager -type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;ACCOUNTS_JWT_SECRET" desc:"The secret to mint jwt tokens."` -} - // Repo defines which storage implementation is to be used. type Repo struct { Backend string `yaml:"backend" env:"ACCOUNTS_STORAGE_BACKEND" desc:"Defines which storage implementation is to be used"` diff --git a/extensions/accounts/pkg/config/defaults/defaultconfig.go b/extensions/accounts/pkg/config/defaults/defaultconfig.go index d44ca4aafb..376695633b 100644 --- a/extensions/accounts/pkg/config/defaults/defaultconfig.go +++ b/extensions/accounts/pkg/config/defaults/defaultconfig.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/accounts/pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -44,10 +45,7 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "accounts", }, - Asset: config.Asset{}, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, + Asset: config.Asset{}, HashDifficulty: 11, DemoUsersAndGroups: false, Repo: config.Repo{ @@ -101,6 +99,14 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 0ff49f31ad..8f27986840 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -18,8 +18,8 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva,omitempty"` - TokenManager TokenManager `yaml:"token_manager"` + Reva Reva `yaml:"reva,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` Spaces Spaces `yaml:"spaces,omitempty"` Identity Identity `yaml:"identity,omitempty"` diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index 49cd9916b5..d3b7e00541 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -4,6 +4,7 @@ import ( "strings" "github.com/owncloud/ocis/extensions/graph/pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func DefaultConfig() *config.Config { @@ -23,9 +24,6 @@ func DefaultConfig() *config.Config { Reva: config.Reva{ Address: "127.0.0.1:9142", }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, Spaces: config.Spaces{ WebDavBase: "https://localhost:9200", WebDavPath: "/dav/spaces/", @@ -89,6 +87,14 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/graph/pkg/config/reva.go b/extensions/graph/pkg/config/reva.go index dbfc359a8b..2d3966303d 100644 --- a/extensions/graph/pkg/config/reva.go +++ b/extensions/graph/pkg/config/reva.go @@ -4,8 +4,3 @@ package config type Reva struct { Address string `yaml:"address" env:"REVA_GATEWAY"` } - -// TokenManager is the config for using the reva token manager -type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GRAPH_JWT_SECRET"` -} diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index dbdaa21507..3905b91f5e 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -18,8 +18,8 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Reva Reva `yaml:"reva,omitempty"` IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 90edea71eb..bcbd7dce10 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -4,6 +4,7 @@ import ( "strings" "github.com/owncloud/ocis/extensions/ocs/pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -38,9 +39,6 @@ func DefaultConfig() *config.Config { Name: "ocs", }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, AccountBackend: "accounts", Reva: config.Reva{ Address: "127.0.0.1:9142", @@ -77,6 +75,13 @@ func EnsureDefaults(cfg *config.Config) { cfg.Tracing = &config.Tracing{} } + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/ocs/pkg/config/reva.go b/extensions/ocs/pkg/config/reva.go index b8d2779170..2d3966303d 100644 --- a/extensions/ocs/pkg/config/reva.go +++ b/extensions/ocs/pkg/config/reva.go @@ -4,8 +4,3 @@ package config type Reva struct { Address string `yaml:"address" env:"REVA_GATEWAY"` } - -// TokenManager is the config for using the reva token manager -type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` -} diff --git a/extensions/ocs/pkg/server/http/svc_test.go b/extensions/ocs/pkg/server/http/svc_test.go index 3c30212a83..f4bc9b52f6 100644 --- a/extensions/ocs/pkg/server/http/svc_test.go +++ b/extensions/ocs/pkg/server/http/svc_test.go @@ -28,6 +28,7 @@ import ( ssvc "github.com/owncloud/ocis/extensions/settings/pkg/service/v0" ocisLog "github.com/owncloud/ocis/ocis-pkg/log" "github.com/owncloud/ocis/ocis-pkg/service/grpc" + "github.com/owncloud/ocis/ocis-pkg/shared" accountsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/accounts/v0" settingsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/settings/v0" accountssvc "github.com/owncloud/ocis/protogen/gen/ocis/services/accounts/v0" @@ -723,7 +724,7 @@ func getService() svc.Service { Root: "/", Addr: "localhost:9110", }, - TokenManager: config.TokenManager{ + TokenManager: &shared.TokenManager{ JWTSecret: jwtSecret, }, Log: &config.Log{ diff --git a/extensions/proxy/pkg/command/server.go b/extensions/proxy/pkg/command/server.go index 8332246399..7afc358729 100644 --- a/extensions/proxy/pkg/command/server.go +++ b/extensions/proxy/pkg/command/server.go @@ -212,7 +212,7 @@ func loadMiddlewares(ctx context.Context, logger log.Logger, cfg *config.Config) middleware.AccountResolver( middleware.Logger(logger), middleware.UserProvider(userProvider), - middleware.TokenManagerConfig(cfg.TokenManager), + middleware.TokenManagerConfig(*cfg.TokenManager), middleware.UserOIDCClaim(cfg.UserOIDCClaim), middleware.UserCS3Claim(cfg.UserCS3Claim), middleware.AutoprovisionAccounts(cfg.AutoprovisionAccounts), @@ -227,7 +227,7 @@ func loadMiddlewares(ctx context.Context, logger log.Logger, cfg *config.Config) // finally, trigger home creation when a user logs in middleware.CreateHome( middleware.Logger(logger), - middleware.TokenManagerConfig(cfg.TokenManager), + middleware.TokenManagerConfig(*cfg.TokenManager), middleware.RevaGatewayClient(revaClient), ), middleware.PublicShareAuth( diff --git a/extensions/proxy/pkg/config/config.go b/extensions/proxy/pkg/config/config.go index 8cf6f18e85..69b2d99a92 100644 --- a/extensions/proxy/pkg/config/config.go +++ b/extensions/proxy/pkg/config/config.go @@ -22,7 +22,7 @@ type Config struct { Policies []Policy `yaml:"policies,omitempty"` OIDC OIDC `yaml:"oidc,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` PolicySelector *PolicySelector `yaml:"policy_selector,omitempty"` PreSignedURL PreSignedURL `yaml:"pre_signed_url,omitempty"` AccountBackend string `yaml:"account_backend,omitempty" env:"PROXY_ACCOUNT_BACKEND_TYPE"` diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 487f9f09ab..893b2ca2f8 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -34,9 +34,6 @@ func DefaultConfig() *config.Config { TTL: 10, }, }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, PolicySelector: nil, Reva: config.Reva{ Address: "127.0.0.1:9142", @@ -181,6 +178,13 @@ func EnsureDefaults(cfg *config.Config) { cfg.Tracing = &config.Tracing{} } + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index d41a18fe13..7c521cc381 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -23,8 +23,8 @@ type Config struct { DataPath string `yaml:"data_path,omitempty" env:"SETTINGS_DATA_PATH"` Metadata Metadata `yaml:"metadata_config,omitempty"` - Asset Asset `yaml:"asset,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` + Asset Asset `yaml:"asset,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index 4a3a4cd318..2437810da6 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/settings/pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -50,9 +51,6 @@ func DefaultConfig() *config.Config { Asset: config.Asset{ Path: "", }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, Metadata: config.Metadata{ GatewayAddress: "127.0.0.1:9142", @@ -87,6 +85,14 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage/pkg/config/config.go b/extensions/storage/pkg/config/config.go index 695759d9f7..841d36797c 100644 --- a/extensions/storage/pkg/config/config.go +++ b/extensions/storage/pkg/config/config.go @@ -8,123 +8,123 @@ import ( // Log defines the available logging configuration. type Log struct { - Level string `yaml:"level"` - Pretty bool `yaml:"pretty"` - Color bool `yaml:"color"` - File string `yaml:"file"` + Level string `yaml:"level,omitempty"` + Pretty bool `yaml:"pretty,omitempty"` + Color bool `yaml:"color,omitempty"` + File string `yaml:"file,omitempty"` } // Debug defines the available debug configuration. type Debug struct { - Addr string `yaml:"addr"` - Token string `yaml:"token"` - Pprof bool `yaml:"pprof"` - Zpages bool `yaml:"zpages"` + Addr string `yaml:"addr,omitempty"` + Token string `yaml:"token,omitempty"` + Pprof bool `yaml:"pprof,omitempty"` + Zpages bool `yaml:"zpages,omitempty"` } // Gateway defines the available gateway configuration. type Gateway struct { Port - CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant"` - CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref"` - DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login"` - ShareFolder string `yaml:"share_folder"` - LinkGrants string `yaml:"link_grants"` - HomeMapping string `yaml:"home_mapping"` - EtagCacheTTL int `yaml:"etag_cache_ttl"` + CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` + CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` + DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login,omitempty"` + ShareFolder string `yaml:"share_folder,omitempty"` + LinkGrants string `yaml:"link_grants,omitempty"` + HomeMapping string `yaml:"home_mapping,omitempty"` + EtagCacheTTL int `yaml:"etag_cache_ttl,omitempty"` } // StorageRegistry defines the available storage registry configuration type StorageRegistry struct { - Driver string `yaml:"driver"` + Driver string `yaml:"driver,omitempty"` // HomeProvider is the path in the global namespace that the static storage registry uses to determine the home storage - HomeProvider string `yaml:"home_provider"` - Rules []string `yaml:"rules"` - JSON string `yaml:"json"` + HomeProvider string `yaml:"home_provider,omitempty"` + Rules []string `yaml:"rules,omitempty"` + JSON string `yaml:"json,omitempty"` } // AppRegistry defines the available app registry configuration type AppRegistry struct { - Driver string `yaml:"driver"` - MimetypesJSON string `yaml:"mime_types_json"` + Driver string `yaml:"driver,omitempty"` + MimetypesJSON string `yaml:"mime_types_json,omitempty"` } // AppProvider defines the available app provider configuration type AppProvider struct { Port - ExternalAddr string `yaml:"external_addr"` - Driver string `yaml:"driver"` - WopiDriver WopiDriver `yaml:"wopi_driver"` - AppsURL string `yaml:"apps_url"` - OpenURL string `yaml:"open_url"` - NewURL string `yaml:"new_url"` + ExternalAddr string `yaml:"external_addr,omitempty"` + Driver string `yaml:"driver,omitempty"` + WopiDriver WopiDriver `yaml:"wopi_driver,omitempty"` + AppsURL string `yaml:"apps_url,omitempty"` + OpenURL string `yaml:"open_url,omitempty"` + NewURL string `yaml:"new_url,omitempty"` } type WopiDriver struct { - AppAPIKey string `yaml:"app_api_key"` - AppDesktopOnly bool `yaml:"app_desktop_only"` - AppIconURI string `yaml:"app_icon_uri"` - AppInternalURL string `yaml:"app_internal_url"` - AppName string `yaml:"app_name"` - AppURL string `yaml:"app_url"` - Insecure bool `yaml:"insecure"` - IopSecret string `yaml:"ipo_secret"` - JWTSecret string `yaml:"jwt_secret"` - WopiURL string `yaml:"wopi_url"` + AppAPIKey string `yaml:"app_api_key,omitempty"` + AppDesktopOnly bool `yaml:"app_desktop_only,omitempty"` + AppIconURI string `yaml:"app_icon_uri,omitempty"` + AppInternalURL string `yaml:"app_internal_url,omitempty"` + AppName string `yaml:"app_name,omitempty"` + AppURL string `yaml:"app_url,omitempty"` + Insecure bool `yaml:"insecure,omitempty"` + IopSecret string `yaml:"ipo_secret,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + WopiURL string `yaml:"wopi_url,omitempty"` } // Sharing defines the available sharing configuration. type Sharing struct { Port - UserDriver string `yaml:"user_driver"` - UserJSONFile string `yaml:"user_json_file"` - CS3ProviderAddr string `yaml:"provider_addr"` - CS3ServiceUser string `yaml:"service_user_id"` - CS3ServiceUserIdp string `yaml:"service_user_idp"` - UserSQLUsername string `yaml:"user_sql_username"` - UserSQLPassword string `yaml:"user_sql_password"` - UserSQLHost string `yaml:"user_sql_host"` - UserSQLPort int `yaml:"user_sql_port"` - UserSQLName string `yaml:"user_sql_name"` - PublicDriver string `yaml:"public_driver"` - PublicJSONFile string `yaml:"public_json_file"` - PublicPasswordHashCost int `yaml:"public_password_hash_cost"` - PublicEnableExpiredSharesCleanup bool `yaml:"public_enable_expired_shares_cleanup"` - PublicJanitorRunInterval int `yaml:"public_janitor_run_interval"` - UserStorageMountID string `yaml:"user_storage_mount_id"` - Events Events `yaml:"events"` + UserDriver string `yaml:"user_driver,omitempty"` + UserJSONFile string `yaml:"user_json_file,omitempty"` + CS3ProviderAddr string `yaml:"provider_addr,omitempty"` + CS3ServiceUser string `yaml:"service_user_id,omitempty"` + CS3ServiceUserIdp string `yaml:"service_user_idp,omitempty"` + UserSQLUsername string `yaml:"user_sql_username,omitempty"` + UserSQLPassword string `yaml:"user_sql_password,omitempty"` + UserSQLHost string `yaml:"user_sql_host,omitempty"` + UserSQLPort int `yaml:"user_sql_port,omitempty"` + UserSQLName string `yaml:"user_sql_name,omitempty"` + PublicDriver string `yaml:"public_driver,omitempty"` + PublicJSONFile string `yaml:"public_json_file,omitempty"` + PublicPasswordHashCost int `yaml:"public_password_hash_cost,omitempty"` + PublicEnableExpiredSharesCleanup bool `yaml:"public_enable_expired_shares_cleanup,omitempty"` + PublicJanitorRunInterval int `yaml:"public_janitor_run_interval,omitempty"` + UserStorageMountID string `yaml:"user_storage_mount_id,omitempty"` + Events Events `yaml:"events,omitempty"` } type Events struct { - Address string `yaml:"address"` - ClusterID string `yaml:"cluster_id"` + Address string `yaml:"address,omitempty"` + ClusterID string `yaml:"cluster_id,omitempty"` } // Port defines the available port configuration. type Port struct { // MaxCPUs can be a number or a percentage - MaxCPUs string `yaml:"max_cpus"` - LogLevel string `yaml:"log_level"` + MaxCPUs string `yaml:"max_cpus,omitempty"` + LogLevel string `yaml:"log_level,omitempty"` // GRPCNetwork can be tcp, udp or unix - GRPCNetwork string `yaml:"grpc_network"` + GRPCNetwork string `yaml:"grpc_network,omitempty"` // GRPCAddr to listen on, hostname:port (0.0.0.0:9999 for all interfaces) or socket (/var/run/reva/sock) - GRPCAddr string `yaml:"grpc_addr"` + GRPCAddr string `yaml:"grpc_addr,omitempty"` // Protocol can be grpc or http // HTTPNetwork can be tcp, udp or unix - HTTPNetwork string `yaml:"http_network"` + HTTPNetwork string `yaml:"http_network,omitempty"` // HTTPAddr to listen on, hostname:port (0.0.0.0:9100 for all interfaces) or socket (/var/run/reva/sock) - HTTPAddr string `yaml:"http_addr"` + HTTPAddr string `yaml:"http_addr,omitempty"` // Protocol can be grpc or http - Protocol string `yaml:"protocol"` + Protocol string `yaml:"protocol,omitempty"` // Endpoint is used by the gateway and registries (eg localhost:9100 or cloud.example.com) - Endpoint string `yaml:"endpoint"` + Endpoint string `yaml:"endpoint,omitempty"` // DebugAddr for the debug endpoint to bind to - DebugAddr string `yaml:"debug_addr"` + DebugAddr string `yaml:"debug_addr,omitempty"` // Services can be used to give a list of services that should be started on this port - Services []string `yaml:"services"` + Services []string `yaml:"services,omitempty"` // Config can be used to configure the reva instance. // Services and Protocol will be ignored if this is used - Config map[string]interface{} `yaml:"config"` + Config map[string]interface{} `yaml:"config,omitempty"` // Context allows for context cancellation and propagation Context context.Context @@ -136,118 +136,118 @@ type Port struct { // Users defines the available users configuration. type Users struct { Port - Driver string `yaml:"driver"` - JSON string `yaml:"json"` - UserGroupsCacheExpiration int `yaml:"user_groups_cache_expiration"` + Driver string `yaml:"driver,omitempty"` + JSON string `yaml:"json,omitempty"` + UserGroupsCacheExpiration int `yaml:"user_groups_cache_expiration,omitempty"` } // AuthMachineConfig defines the available configuration for the machine auth driver. type AuthMachineConfig struct { - MachineAuthAPIKey string `yaml:"machine_auth_api_key"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty"` } // Groups defines the available groups configuration. type Groups struct { Port - Driver string `yaml:"driver"` - JSON string `yaml:"json"` - GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration"` + Driver string `yaml:"driver,omitempty"` + JSON string `yaml:"json,omitempty"` + GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` } // FrontendPort defines the available frontend configuration. type FrontendPort struct { Port - AppProviderInsecure bool `yaml:"app_provider_insecure"` - AppProviderPrefix string `yaml:"app_provider_prefix"` - ArchiverInsecure bool `yaml:"archiver_insecure"` - ArchiverPrefix string `yaml:"archiver_prefix"` - DatagatewayPrefix string `yaml:"data_gateway_prefix"` - Favorites bool `yaml:"favorites"` - ProjectSpaces bool `yaml:"project_spaces"` - OCSPrefix string `yaml:"ocs_prefix"` - OCSSharePrefix string `yaml:"ocs_share_prefix"` - OCSHomeNamespace string `yaml:"ocs_home_namespace"` - PublicURL string `yaml:"public_url"` - OCSCacheWarmupDriver string `yaml:"ocs_cache_warmup_driver"` - OCSAdditionalInfoAttribute string `yaml:"ocs_additional_info_attribute"` - OCSResourceInfoCacheTTL int `yaml:"ocs_resource_info_cache_ttl"` - Middleware Middleware `yaml:"middleware"` + AppProviderInsecure bool `yaml:"app_provider_insecure,omitempty"` + AppProviderPrefix string `yaml:"app_provider_prefix,omitempty"` + ArchiverInsecure bool `yaml:"archiver_insecure,omitempty"` + ArchiverPrefix string `yaml:"archiver_prefix,omitempty"` + DatagatewayPrefix string `yaml:"data_gateway_prefix,omitempty"` + Favorites bool `yaml:"favorites,omitempty"` + ProjectSpaces bool `yaml:"project_spaces,omitempty"` + OCSPrefix string `yaml:"ocs_prefix,omitempty"` + OCSSharePrefix string `yaml:"ocs_share_prefix,omitempty"` + OCSHomeNamespace string `yaml:"ocs_home_namespace,omitempty"` + PublicURL string `yaml:"public_url,omitempty"` + OCSCacheWarmupDriver string `yaml:"ocs_cache_warmup_driver,omitempty"` + OCSAdditionalInfoAttribute string `yaml:"ocs_additional_info_attribute,omitempty"` + OCSResourceInfoCacheTTL int `yaml:"ocs_resource_info_cache_ttl,omitempty"` + Middleware Middleware `yaml:"middleware,omitempty"` } // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth"` + Auth Auth `yaml:"auth,omitempty"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr,omitempty"` } // DataGatewayPort has a public url type DataGatewayPort struct { Port - PublicURL string `yaml:""` + PublicURL string `yaml:",omitempty"` } type DataProvider struct { - Insecure bool `yaml:"insecure"` + Insecure bool `yaml:"insecure,omitempty"` } // StoragePort defines the available storage configuration. type StoragePort struct { Port - Driver string `yaml:"driver"` - MountID string `yaml:"mount_id"` - AlternativeID string `yaml:"alternative_id"` - ExposeDataServer bool `yaml:"expose_data_server"` + Driver string `yaml:"driver,omitempty"` + MountID string `yaml:"mount_id,omitempty"` + AlternativeID string `yaml:"alternative_id,omitempty"` + ExposeDataServer bool `yaml:"expose_data_server,omitempty"` // url the data gateway will use to route requests - DataServerURL string `yaml:"data_server_url"` + DataServerURL string `yaml:"data_server_url,omitempty"` // for HTTP ports with only one http service - HTTPPrefix string `yaml:"http_prefix"` - TempFolder string `yaml:"temp_folder"` - ReadOnly bool `yaml:"read_only"` - DataProvider DataProvider `yaml:"data_provider"` - GatewayEndpoint string `yaml:"gateway_endpoint"` + HTTPPrefix string `yaml:"http_prefix,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + ReadOnly bool `yaml:"read_only,omitempty"` + DataProvider DataProvider `yaml:"data_provider,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` } // PublicStorage configures a public storage provider type PublicStorage struct { StoragePort - PublicShareProviderAddr string `yaml:"public_share_provider_addr"` - UserProviderAddr string `yaml:"user_provider_addr"` + PublicShareProviderAddr string `yaml:"public_share_provider_addr,omitempty"` + UserProviderAddr string `yaml:"user_provider_addr,omitempty"` } // StorageConfig combines all available storage driver configuration parts. type StorageConfig struct { - EOS DriverEOS `yaml:"eos"` - Local DriverCommon `yaml:"local"` - OwnCloudSQL DriverOwnCloudSQL `yaml:"owncloud_sql"` - S3 DriverS3 `yaml:"s3"` - S3NG DriverS3NG `yaml:"s3ng"` - OCIS DriverOCIS `yaml:"ocis"` + EOS DriverEOS `yaml:"eos,omitempty"` + Local DriverCommon `yaml:"local,omitempty"` + OwnCloudSQL DriverOwnCloudSQL `yaml:"owncloud_sql,omitempty"` + S3 DriverS3 `yaml:"s3,omitempty"` + S3NG DriverS3NG `yaml:"s3ng,omitempty"` + OCIS DriverOCIS `yaml:"ocis,omitempty"` } // DriverCommon defines common driver configuration options. type DriverCommon struct { // Root is the absolute path to the location of the data - Root string `yaml:"root"` + Root string `yaml:"root,omitempty"` //ShareFolder defines the name of the folder jailing all shares - ShareFolder string `yaml:"share_folder"` + ShareFolder string `yaml:"share_folder,omitempty"` // UserLayout contains the template used to construct // the internal path, eg: `{{substr 0 1 .Username}}/{{.Username}}` - UserLayout string `yaml:"user_layout"` + UserLayout string `yaml:"user_layout,omitempty"` // EnableHome enables the creation of home directories. - EnableHome bool `yaml:"enable_home"` + EnableHome bool `yaml:"enable_home,omitempty"` // PersonalSpaceAliasTemplate contains the template used to construct - // the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}}"` - PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template"` + // the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}},omitempty"` + PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template,omitempty"` // GeneralSpaceAliasTemplate contains the template used to construct // the general space alias, eg: `{{.SpaceType}}/{{.SpaceName | replace " " "-" | lower}}` - GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template"` + GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template,omitempty"` } // DriverEOS defines the available EOS driver configuration. @@ -255,60 +255,60 @@ type DriverEOS struct { DriverCommon // ShadowNamespace for storing shadow data - ShadowNamespace string `yaml:"shadow_namespace"` + ShadowNamespace string `yaml:"shadow_namespace,omitempty"` // UploadsNamespace for storing upload data - UploadsNamespace string `yaml:"uploads_namespace"` + UploadsNamespace string `yaml:"uploads_namespace,omitempty"` // Location of the eos binary. // Default is /usr/bin/eos. - EosBinary string `yaml:"eos_binary"` + EosBinary string `yaml:"eos_binary,omitempty"` // Location of the xrdcopy binary. // Default is /usr/bin/xrdcopy. - XrdcopyBinary string `yaml:"xrd_copy_binary"` + XrdcopyBinary string `yaml:"xrd_copy_binary,omitempty"` // URL of the Master EOS MGM. // Default is root://eos-example.org - MasterURL string `yaml:"master_url"` + MasterURL string `yaml:"master_url,omitempty"` // URI of the EOS MGM grpc server // Default is empty - GrpcURI string `yaml:"grpc_uri"` + GrpcURI string `yaml:"grpc_uri,omitempty"` // URL of the Slave EOS MGM. // Default is root://eos-example.org - SlaveURL string `yaml:"slave_url"` + SlaveURL string `yaml:"slave_url,omitempty"` // Location on the local fs where to store reads. // Defaults to os.TempDir() - CacheDirectory string `yaml:"cache_directory"` + CacheDirectory string `yaml:"cache_directory,omitempty"` // Enables logging of the commands executed // Defaults to false - EnableLogging bool `yaml:"enable_logging"` + EnableLogging bool `yaml:"enable_logging,omitempty"` // ShowHiddenSysFiles shows internal EOS files like // .sys.v# and .sys.a# files. - ShowHiddenSysFiles bool `yaml:"shadow_hidden_files"` + ShowHiddenSysFiles bool `yaml:"shadow_hidden_files,omitempty"` // ForceSingleUserMode will force connections to EOS to use SingleUsername - ForceSingleUserMode bool `yaml:"force_single_user_mode"` + ForceSingleUserMode bool `yaml:"force_single_user_mode,omitempty"` // UseKeyTabAuth changes will authenticate requests by using an EOS keytab. - UseKeytab bool `yaml:"user_keytab"` + UseKeytab bool `yaml:"user_keytab,omitempty"` // SecProtocol specifies the xrootd security protocol to use between the server and EOS. - SecProtocol string `yaml:"sec_protocol"` + SecProtocol string `yaml:"sec_protocol,omitempty"` // Keytab specifies the location of the keytab to use to authenticate to EOS. - Keytab string `yaml:"keytab"` + Keytab string `yaml:"keytab,omitempty"` // SingleUsername is the username to use when SingleUserMode is enabled - SingleUsername string `yaml:"single_username"` + SingleUsername string `yaml:"single_username,omitempty"` // gateway service to use for uid lookups - GatewaySVC string `yaml:"gateway_svc"` + GatewaySVC string `yaml:"gateway_svc,omitempty"` } // DriverOCIS defines the available oCIS storage driver configuration. @@ -320,204 +320,204 @@ type DriverOCIS struct { type DriverOwnCloudSQL struct { DriverCommon - UploadInfoDir string `yaml:"upload_info_dir"` - DBUsername string `yaml:"db_username"` - DBPassword string `yaml:"db_password"` - DBHost string `yaml:"db_host"` - DBPort int `yaml:"db_port"` - DBName string `yaml:"db_name"` + UploadInfoDir string `yaml:"upload_info_dir,omitempty"` + DBUsername string `yaml:"db_username,omitempty"` + DBPassword string `yaml:"db_password,omitempty"` + DBHost string `yaml:"db_host,omitempty"` + DBPort int `yaml:"db_port,omitempty"` + DBName string `yaml:"db_name,omitempty"` } // DriverS3 defines the available S3 storage driver configuration. type DriverS3 struct { DriverCommon - Region string `yaml:"region"` - AccessKey string `yaml:"access_key"` - SecretKey string `yaml:"secret_key"` - Endpoint string `yaml:"endpoint"` - Bucket string `yaml:"bucket"` + Region string `yaml:"region,omitempty"` + AccessKey string `yaml:"access_key,omitempty"` + SecretKey string `yaml:"secret_key,omitempty"` + Endpoint string `yaml:"endpoint,omitempty"` + Bucket string `yaml:"bucket,omitempty"` } // DriverS3NG defines the available s3ng storage driver configuration. type DriverS3NG struct { DriverCommon - Region string `yaml:"region"` - AccessKey string `yaml:"access_key"` - SecretKey string `yaml:"secret_key"` - Endpoint string `yaml:"endpoint"` - Bucket string `yaml:"bucket"` + Region string `yaml:"region,omitempty"` + AccessKey string `yaml:"access_key,omitempty"` + SecretKey string `yaml:"secret_key,omitempty"` + Endpoint string `yaml:"endpoint,omitempty"` + Bucket string `yaml:"bucket,omitempty"` } // OIDC defines the available OpenID Connect configuration. type OIDC struct { - Issuer string `yaml:"issuer"` - Insecure bool `yaml:"insecure"` - IDClaim string `yaml:"id_claim"` - UIDClaim string `yaml:"uid_claim"` - GIDClaim string `yaml:"gid_claim"` + Issuer string `yaml:"issuer,omitempty"` + Insecure bool `yaml:"insecure,omitempty"` + IDClaim string `yaml:"id_claim,omitempty"` + UIDClaim string `yaml:"uid_claim,omitempty"` + GIDClaim string `yaml:"gid_claim,omitempty"` } // LDAP defines the available ldap configuration. type LDAP struct { - URI string `yaml:"uri"` - CACert string `yaml:"ca_cert"` - Insecure bool `yaml:"insecure"` - UserBaseDN string `yaml:"user_base_dn"` - GroupBaseDN string `yaml:"group_base_dn"` - UserScope string `yaml:"user_scope"` - GroupScope string `yaml:"group_scope"` - UserObjectClass string `yaml:"user_objectclass"` - GroupObjectClass string `yaml:"group_objectclass"` - UserFilter string `yaml:"user_filter"` - GroupFilter string `yaml:"group_filter"` - LoginAttributes []string `yaml:"login_attributes"` - BindDN string `yaml:"bind_dn"` - BindPassword string `yaml:"bind_password"` - IDP string `yaml:"idp"` - UserSchema LDAPUserSchema `yaml:"user_schema"` - GroupSchema LDAPGroupSchema `yaml:"group_schema"` + URI string `yaml:"uri,omitempty"` + CACert string `yaml:"ca_cert,omitempty"` + Insecure bool `yaml:"insecure,omitempty"` + UserBaseDN string `yaml:"user_base_dn,omitempty"` + GroupBaseDN string `yaml:"group_base_dn,omitempty"` + UserScope string `yaml:"user_scope,omitempty"` + GroupScope string `yaml:"group_scope,omitempty"` + UserObjectClass string `yaml:"user_objectclass,omitempty"` + GroupObjectClass string `yaml:"group_objectclass,omitempty"` + UserFilter string `yaml:"user_filter,omitempty"` + GroupFilter string `yaml:"group_filter,omitempty"` + LoginAttributes []string `yaml:"login_attributes,omitempty"` + BindDN string `yaml:"bind_dn,omitempty"` + BindPassword string `yaml:"bind_password,omitempty"` + IDP string `yaml:"idp,omitempty"` + UserSchema LDAPUserSchema `yaml:"user_schema,omitempty"` + GroupSchema LDAPGroupSchema `yaml:"group_schema,omitempty"` } // UserGroupRest defines the REST driver specification for user and group resolution. type UserGroupRest struct { - ClientID string `yaml:"client_id"` - ClientSecret string `yaml:"client_secret"` - RedisAddress string `yaml:"redis_address"` - RedisUsername string `yaml:"redis_username"` - RedisPassword string `yaml:"redis_password"` - IDProvider string `yaml:"idp_provider"` - APIBaseURL string `yaml:"api_base_url"` - OIDCTokenEndpoint string `yaml:"oidc_token_endpoint"` - TargetAPI string `yaml:"target_api"` + ClientID string `yaml:"client_id,omitempty"` + ClientSecret string `yaml:"client_secret,omitempty"` + RedisAddress string `yaml:"redis_address,omitempty"` + RedisUsername string `yaml:"redis_username,omitempty"` + RedisPassword string `yaml:"redis_password,omitempty"` + IDProvider string `yaml:"idp_provider,omitempty"` + APIBaseURL string `yaml:"api_base_url,omitempty"` + OIDCTokenEndpoint string `yaml:"oidc_token_endpoint,omitempty"` + TargetAPI string `yaml:"target_api,omitempty"` } // UserOwnCloudSQL defines the available ownCloudSQL user provider configuration. type UserOwnCloudSQL struct { - DBUsername string `yaml:"db_username"` - DBPassword string `yaml:"db_password"` - DBHost string `yaml:"db_host"` - DBPort int `yaml:"db_port"` - DBName string `yaml:"db_name"` - Idp string `yaml:"idp"` - Nobody int64 `yaml:"nobody"` - JoinUsername bool `yaml:"join_username"` - JoinOwnCloudUUID bool `yaml:"join_owncloud_uuid"` - EnableMedialSearch bool `yaml:"enable_medial_search"` + DBUsername string `yaml:"db_username,omitempty"` + DBPassword string `yaml:"db_password,omitempty"` + DBHost string `yaml:"db_host,omitempty"` + DBPort int `yaml:"db_port,omitempty"` + DBName string `yaml:"db_name,omitempty"` + Idp string `yaml:"idp,omitempty"` + Nobody int64 `yaml:"nobody,omitempty"` + JoinUsername bool `yaml:"join_username,omitempty"` + JoinOwnCloudUUID bool `yaml:"join_owncloud_uuid,omitempty"` + EnableMedialSearch bool `yaml:"enable_medial_search,omitempty"` } // LDAPUserSchema defines the available ldap user schema configuration. type LDAPUserSchema struct { - ID string `yaml:"id"` - IDIsOctetString bool `yaml:"id_is_octet_string"` - Mail string `yaml:"mail"` - DisplayName string `yaml:"display_name"` - Username string `yaml:"user_name"` - UIDNumber string `yaml:"uid_number"` - GIDNumber string `yaml:"gid_number"` + ID string `yaml:"id,omitempty"` + IDIsOctetString bool `yaml:"id_is_octet_string,omitempty"` + Mail string `yaml:"mail,omitempty"` + DisplayName string `yaml:"display_name,omitempty"` + Username string `yaml:"user_name,omitempty"` + UIDNumber string `yaml:"uid_number,omitempty"` + GIDNumber string `yaml:"gid_number,omitempty"` } // LDAPGroupSchema defines the available ldap group schema configuration. type LDAPGroupSchema struct { - ID string `yaml:"id"` - IDIsOctetString bool `yaml:"id_is_octet_string"` - Mail string `yaml:"mail"` - DisplayName string `yaml:"display_name"` - Groupname string `yaml:"group_name"` - Member string `yaml:"member"` - GIDNumber string `yaml:"gid_number"` + ID string `yaml:"id,omitempty"` + IDIsOctetString bool `yaml:"id_is_octet_string,omitempty"` + Mail string `yaml:"mail,omitempty"` + DisplayName string `yaml:"display_name,omitempty"` + Groupname string `yaml:"group_name,omitempty"` + Member string `yaml:"member,omitempty"` + GIDNumber string `yaml:"gid_number,omitempty"` } // OCDav defines the available ocdav configuration. type OCDav struct { // Addr to listen to with the http server for the ocdav service - Addr string `yaml:"addr"` - Prefix string `yaml:"prefix"` - WebdavNamespace string `yaml:"webdav_namespace"` - FilesNamespace string `yaml:"files_namespace"` - SharesNamespace string `yaml:"shares_namespace"` + Addr string `yaml:"addr,omitempty"` + Prefix string `yaml:"prefix,omitempty"` + WebdavNamespace string `yaml:"webdav_namespace,omitempty"` + FilesNamespace string `yaml:"files_namespace,omitempty"` + SharesNamespace string `yaml:"shares_namespace,omitempty"` // PublicURL used to redirect /s/{token} URLs to - PublicURL string `yaml:"public_url"` + PublicURL string `yaml:"public_url,omitempty"` // Addr to listen to with the debug http server - DebugAddr string `yaml:"debug_addr"` + DebugAddr string `yaml:"debug_addr,omitempty"` // GatewaySVC to forward CS3 requests to TODO use registry - GatewaySVC string `yaml:"gateway_svc"` + GatewaySVC string `yaml:"gateway_svc,omitempty"` // JWTSecret used to verify reva access token - JWTSecret string `yaml:"jwt_secret"` + JWTSecret string `yaml:"jwt_secret,omitempty"` // Insecure certificates allowed when making requests to the gateway - Insecure bool `yaml:"insecure"` + Insecure bool `yaml:"insecure,omitempty"` // Timeout in seconds when making requests to the gateway - Timeout int64 `yaml:"timeout"` + Timeout int64 `yaml:"timeout,omitempty"` } // Archiver defines the available archiver configuration. type Archiver struct { - MaxNumFiles int64 `yaml:"max_num_files"` - MaxSize int64 `yaml:"max_size"` - ArchiverURL string `yaml:"archiver_url"` + MaxNumFiles int64 `yaml:"max_num_files,omitempty"` + MaxSize int64 `yaml:"max_size,omitempty"` + ArchiverURL string `yaml:"archiver_url,omitempty"` } // Reva defines the available reva configuration. type Reva struct { // JWTSecret used to sign jwt tokens between services - JWTSecret string `yaml:"jwt_secret"` - SkipUserGroupsInToken bool `yaml:"skip_user_grooups_in_token"` - TransferSecret string `yaml:"transfer_secret"` - TransferExpires int `yaml:"transfer_expires"` - OIDC OIDC `yaml:"oidc"` - LDAP LDAP `yaml:"ldap"` - UserGroupRest UserGroupRest `yaml:"user_group_rest"` - UserOwnCloudSQL UserOwnCloudSQL `yaml:"user_owncloud_sql"` - Archiver Archiver `yaml:"archiver"` - UserStorage StorageConfig `yaml:"user_storage"` - MetadataStorage StorageConfig `yaml:"metadata_storage"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_grooups_in_token,omitempty"` + TransferSecret string `yaml:"transfer_secret,omitempty"` + TransferExpires int `yaml:"transfer_expires,omitempty"` + OIDC OIDC `yaml:"oidc,omitempty"` + LDAP LDAP `yaml:"ldap,omitempty"` + UserGroupRest UserGroupRest `yaml:"user_group_rest,omitempty"` + UserOwnCloudSQL UserOwnCloudSQL `yaml:"user_owncloud_sql,omitempty"` + Archiver Archiver `yaml:"archiver,omitempty"` + UserStorage StorageConfig `yaml:"user_storage,omitempty"` + MetadataStorage StorageConfig `yaml:"metadata_storage,omitempty"` // Ports are used to configure which services to start on which port - Frontend FrontendPort `yaml:"frontend"` - DataGateway DataGatewayPort `yaml:"data_gateway"` - Gateway Gateway `yaml:"gateway"` - StorageRegistry StorageRegistry `yaml:"storage_registry"` - AppRegistry AppRegistry `yaml:"app_registry"` - Users Users `yaml:"users"` - Groups Groups `yaml:"groups"` - AuthProvider Users `yaml:"auth_provider"` - AuthBasic Port `yaml:"auth_basic"` - AuthBearer Port `yaml:"auth_bearer"` - AuthMachine Port `yaml:"auth_machine"` - AuthMachineConfig AuthMachineConfig `yaml:"auth_machine_config"` - Sharing Sharing `yaml:"sharing"` - StorageShares StoragePort `yaml:"storage_shares"` - StorageUsers StoragePort `yaml:"storage_users"` - StoragePublicLink PublicStorage `yaml:"storage_public_link"` - StorageMetadata StoragePort `yaml:"storage_metadata"` - AppProvider AppProvider `yaml:"app_provider"` - Permissions Port `yaml:"permissions"` + Frontend FrontendPort `yaml:"frontend,omitempty"` + DataGateway DataGatewayPort `yaml:"data_gateway,omitempty"` + Gateway Gateway `yaml:"gateway,omitempty"` + StorageRegistry StorageRegistry `yaml:"storage_registry,omitempty"` + AppRegistry AppRegistry `yaml:"app_registry,omitempty"` + Users Users `yaml:"users,omitempty"` + Groups Groups `yaml:"groups,omitempty"` + AuthProvider Users `yaml:"auth_provider,omitempty"` + AuthBasic Port `yaml:"auth_basic,omitempty"` + AuthBearer Port `yaml:"auth_bearer,omitempty"` + AuthMachine Port `yaml:"auth_machine,omitempty"` + AuthMachineConfig AuthMachineConfig `yaml:"auth_machine_config,omitempty"` + Sharing Sharing `yaml:"sharing,omitempty"` + StorageShares StoragePort `yaml:"storage_shares,omitempty"` + StorageUsers StoragePort `yaml:"storage_users,omitempty"` + StoragePublicLink PublicStorage `yaml:"storage_public_link,omitempty"` + StorageMetadata StoragePort `yaml:"storage_metadata,omitempty"` + AppProvider AppProvider `yaml:"app_provider,omitempty"` + Permissions Port `yaml:"permissions,omitempty"` // Configs can be used to configure the reva instance. // Services and Ports will be ignored if this is used - Configs map[string]interface{} `yaml:"configs"` + Configs map[string]interface{} `yaml:"configs,omitempty"` // chunking and resumable upload config (TUS) - UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` - UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` + UploadMaxChunkSize int `yaml:"upload_max_chunk_size,omitempty"` + UploadHTTPMethodOverride string `yaml:"upload_http_method_override,omitempty"` // checksumming capabilities - ChecksumSupportedTypes []string `yaml:"checksum_supported_types"` - ChecksumPreferredUploadType string `yaml:"checksum_preferred_upload_type"` - DefaultUploadProtocol string `yaml:"default_upload_protocol"` + ChecksumSupportedTypes []string `yaml:"checksum_supported_types,omitempty"` + ChecksumPreferredUploadType string `yaml:"checksum_preferred_upload_type,omitempty"` + DefaultUploadProtocol string `yaml:"default_upload_protocol,omitempty"` } // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled"` - Type string `yaml:"type"` - Endpoint string `yaml:"endpoint"` - Collector string `yaml:"collector"` - Service string `yaml:"service"` + Enabled bool `yaml:"enabled,omitempty"` + Type string `yaml:"type,omitempty"` + Endpoint string `yaml:"endpoint,omitempty"` + Collector string `yaml:"collector,omitempty"` + Service string `yaml:"service,omitempty"` } // Asset defines the available asset configuration. type Asset struct { - Path string `yaml:"path"` + Path string `yaml:"path,omitempty"` } // Config combines all available configuration parts. diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 1d35aa4932..befc2d2574 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -23,9 +23,9 @@ import ( ) // TokenManager is the config for using the reva token manager -type TokenManager struct { +/*type TokenManager struct { JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET"` -} +}*/ const ( // SUPERVISED sets the runtime mode as supervised threads. @@ -48,16 +48,16 @@ type Runtime struct { type Config struct { *shared.Commons `yaml:"shared,omitempty"` - Tracing shared.Tracing `yaml:"tracing,omitempty"` - Log *shared.Log `yaml:"log,omitempty"` + Tracing *shared.Tracing `yaml:"tracing,omitempty"` + Log *shared.Log `yaml:"log,omitempty"` Mode Mode `yaml:",omitempty"` // DEPRECATED File string `yaml:",omitempty"` OcisURL string `yaml:"ocis_url,omitempty"` - Registry string `yaml:"registry,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` - Runtime Runtime `yaml:"runtime,omitempty"` + Registry string `yaml:"registry,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Runtime Runtime `yaml:"runtime,omitempty"` Audit *audit.Config `yaml:"audit,omitempty"` Accounts *accounts.Config `yaml:"accounts,omitempty"` diff --git a/ocis-pkg/config/defaultconfig.go b/ocis-pkg/config/defaultconfig.go index bc94a224ce..c8110902f2 100644 --- a/ocis-pkg/config/defaultconfig.go +++ b/ocis-pkg/config/defaultconfig.go @@ -18,11 +18,12 @@ import ( thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config/defaults" web "github.com/owncloud/ocis/extensions/web/pkg/config/defaults" webdav "github.com/owncloud/ocis/extensions/webdav/pkg/config/defaults" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func DefaultConfig() *Config { return &Config{ - TokenManager: TokenManager{ + TokenManager: &shared.TokenManager{ JWTSecret: "Pive-Fumkiu4", }, Runtime: Runtime{ diff --git a/ocis-pkg/config/helpers.go b/ocis-pkg/config/helpers.go index 6eac898475..c77a0f1a7f 100644 --- a/ocis-pkg/config/helpers.go +++ b/ocis-pkg/config/helpers.go @@ -33,7 +33,7 @@ func DefaultConfigSources(filename string, drivers []string) []string { locations := []string{} if v := os.Getenv("OCIS_CONFIG_DIR"); v != "" { - locations = append(locations, v) + locations = append(locations, v) // only use the configured config dir locations = append(locations, os.Getenv("OCIS_CONFIG_DIR")) } else { diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index ba75a411c0..09bb76dfb4 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -15,18 +15,41 @@ func ParseConfig(cfg *config.Config) error { return err } - // provide with defaults for shared logging, since we need a valid destination address for BindEnv. - if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil { - cfg.Log = &shared.Log{ - Level: cfg.Commons.Log.Level, - Pretty: cfg.Commons.Log.Pretty, - Color: cfg.Commons.Log.Color, - File: cfg.Commons.Log.File, + if cfg.Commons == nil { + cfg.Commons = &shared.Commons{} + } + + if cfg.Log != nil { + cfg.Commons.Log = &shared.Log{ + Level: cfg.Log.Level, + Pretty: cfg.Log.Pretty, + Color: cfg.Log.Color, + File: cfg.File, } - } else if cfg.Log == nil { + } else { + cfg.Commons.Log = &shared.Log{} cfg.Log = &shared.Log{} } + if cfg.Tracing != nil { + cfg.Commons.Tracing = &shared.Tracing{ + Enabled: cfg.Tracing.Enabled, + Type: cfg.Tracing.Type, + Endpoint: cfg.Tracing.Endpoint, + Collector: cfg.Tracing.Collector, + } + } else { + cfg.Commons.Tracing = &shared.Tracing{} + cfg.Tracing = &shared.Tracing{} + } + + if cfg.TokenManager != nil { + cfg.Commons.TokenManager = cfg.TokenManager + } else { + cfg.Commons.TokenManager = &shared.TokenManager{} + cfg.TokenManager = cfg.Commons.TokenManager + } + // load all env variables relevant to the config in the current context. if err := envdecode.Decode(cfg); err != nil { // no environment variable set for this config is an expected "error" diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index 2201bac98d..9439bfcce0 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -24,10 +24,16 @@ type Tracing struct { Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR"` } +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET" desc:"The secret to mint jwt tokens."` +} + // Commons holds configuration that are common to all extensions. Each extension can then decide whether // to overwrite its values. type Commons struct { - Log *Log `yaml:"log"` - Tracing *Tracing `yaml:"tracing"` - OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` + Log *Log `yaml:"log"` + Tracing *Tracing `yaml:"tracing"` + OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` + TokenManager *TokenManager `yaml:"token_manager"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index cfbe6b15cc..4f991fbd9a 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -2,31 +2,30 @@ package command import ( "bufio" - "crypto/rand" "fmt" "io/ioutil" "log" - "math/big" "os" "path" "strings" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/generators" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" - accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config" - graph "github.com/owncloud/ocis/extensions/graph/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" notifications "github.com/owncloud/ocis/extensions/notifications/pkg/config" ocs "github.com/owncloud/ocis/extensions/ocs/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" settings "github.com/owncloud/ocis/extensions/settings/pkg/config" + storage "github.com/owncloud/ocis/extensions/storage/pkg/config" thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) -const configFilename string = "ocis.yml" +const configFilename string = "ocis.yaml" const passwordLength int = 32 // InitCommand is the entrypoint for the init command @@ -54,7 +53,7 @@ func InitCommand(cfg *config.Config) *cli.Command { &cli.StringFlag{ Name: "config-path", //Value: cfg.ConfigPath, // TODO: as soon as PR 3480 is merged, remove quotes - Value: path.Join(homeDir, ".ocis"), // TODO: this is temporary for experimenting, line above is relevant + Value: path.Join(homeDir, ".ocis/config"), // TODO: this is temporary for experimenting, line above is relevant Usage: "config path for the ocis runtime", // Destination: &cfg.ConfigFile, // TODO: same as above }, @@ -101,70 +100,86 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { return err } cfg := config.Config{ - Accounts: &accounts.Config{}, + TokenManager: &shared.TokenManager{}, + //Accounts: &accounts.Config{}, //Audit: &audit.Config{}, //GLAuth: &glauth.Config{}, //GraphExplorer: &graphExplorer.Config{}, - Graph: &graph.Config{}, - IDM: &idm.Config{}, + //Graph: &graph.Config{}, + IDM: &idm.Config{}, //IDP: &idp.Config{}, //Nats: &nats.Config{}, Notifications: ¬ifications.Config{}, - Proxy: &proxy.Config{}, - OCS: &ocs.Config{}, - Settings: &settings.Config{}, - //Storage: &storage.Config{}, + //Proxy: &proxy.Config{}, + OCS: &ocs.Config{}, + Settings: &settings.Config{}, + Storage: &storage.Config{}, Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, } if insecure { + cfg.Proxy = &proxy.Config{} cfg.Proxy.InsecureBackends = insecure } - idmServicePassword, err := generateRandomPassword(passwordLength) + idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for idm: %s", err) } - idpServicePassword, err := generateRandomPassword(passwordLength) + idpServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for idp: %s", err) } - ocisAdminServicePassword, err := generateRandomPassword(passwordLength) + ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for ocis admin: %s", err) } - revaServicePassword, err := generateRandomPassword(passwordLength) + revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for reva: %s", err) } - tokenManagerJwtSecret, err := generateRandomPassword(passwordLength) + tokenManagerJwtSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) } - machineAuthSecret, err := generateRandomPassword(passwordLength) + machineAuthSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } - thumbnailTransferTokenSecret, err := generateRandomPassword(passwordLength) + thumbnailTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } + // TODO: IDP config is missing (LDAP + GROUP provider) + // TODO: REVA config is missing (LDAP + GROUP provider) + // TODO: graph needs IDM password configured + // TODO: add missing insecure occurences + // TODO: search for missing transfer secrets + // TODO: move TokenManager for all extensions to shared + // TODO: move machineauthsecret for all extensions to shared + // TODO: move transfersecret for all extensions to shared + cfg.TokenManager.JWTSecret = tokenManagerJwtSecret - cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret - cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret + //fmt.Printf("%v\n", cfg.Graph.TokenManager) cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword cfg.Notifications.Notifications.MachineAuthSecret = machineAuthSecret cfg.OCS.MachineAuthAPIKey = machineAuthSecret - cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret + //fmt.Printf("%v\n", cfg.Proxy.TokenManager) cfg.Proxy.MachineAuthAPIKey = machineAuthSecret cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret - cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Storage.Reva.JWTSecret = tokenManagerJwtSecret + cfg.Storage.OCDav.JWTSecret = tokenManagerJwtSecret cfg.Thumbnails.Thumbnail.TransferTokenSecret = thumbnailTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { @@ -198,17 +213,3 @@ func stringPrompt(label string) string { } return strings.TrimSpace(input) } - -func generateRandomPassword(length int) (string, error) { - const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-=+!@#$%^&*." - ret := make([]byte, length) - for i := 0; i < length; i++ { - num, err := rand.Int(rand.Reader, big.NewInt(int64(len(chars)))) - if err != nil { - return "", err - } - ret[i] = chars[num.Int64()] - } - - return string(ret), nil -} diff --git a/ocis/pkg/command/server.go b/ocis/pkg/command/server.go index 00b9c89da3..7bc6d65306 100644 --- a/ocis/pkg/command/server.go +++ b/ocis/pkg/command/server.go @@ -21,7 +21,9 @@ func Server(cfg *config.Config) *cli.Command { Action: func(c *cli.Context) error { cfg.Commons = &shared.Commons{ - Log: cfg.Log, + Log: cfg.Log, + Tracing: cfg.Tracing, + TokenManager: cfg.TokenManager, } r := runtime.New(cfg) From a4d7696232b3f050076a801e47b1fe3d3c660b73 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Tue, 26 Apr 2022 10:18:12 +0200 Subject: [PATCH 07/99] Move machine-auth-api-key to shared.Commons Signed-off-by: Christian Richter --- .../notifications/pkg/channels/channels.go | 2 +- extensions/notifications/pkg/command/root.go | 2 +- extensions/notifications/pkg/config/config.go | 3 ++- .../pkg/config/defaults/defaultconfig.go | 15 ++++++++++--- .../ocs/pkg/config/defaults/defaultconfig.go | 8 ++++++- .../pkg/config/defaults/defaultconfig.go | 8 ++++++- .../pkg/config/defaults/defaultconfig.go | 16 +++++++++----- .../pkg/config/defaults/defaultconfig.go | 4 +--- ocis-pkg/config/config.go | 7 +++--- ocis-pkg/config/parser/parse.go | 7 ++++++ ocis-pkg/shared/shared_types.go | 9 ++++---- ocis/pkg/command/init.go | 22 ++++++++----------- ocis/pkg/command/server.go | 7 ------ 13 files changed, 67 insertions(+), 43 deletions(-) diff --git a/extensions/notifications/pkg/channels/channels.go b/extensions/notifications/pkg/channels/channels.go index 2d6d9203ec..956ee692df 100644 --- a/extensions/notifications/pkg/channels/channels.go +++ b/extensions/notifications/pkg/channels/channels.go @@ -86,7 +86,7 @@ func (m Mail) getReceiverAddresses(receivers []string) ([]string, error) { res, err := m.gatewayClient.Authenticate(context.Background(), &gateway.AuthenticateRequest{ Type: "machine", ClientId: "userid:" + id, - ClientSecret: m.conf.Notifications.MachineAuthSecret, + ClientSecret: m.conf.Notifications.MachineAuthAPIKey, }) if err != nil { return nil, err diff --git a/extensions/notifications/pkg/command/root.go b/extensions/notifications/pkg/command/root.go index 7a38a24d4f..e2534e15a6 100644 --- a/extensions/notifications/pkg/command/root.go +++ b/extensions/notifications/pkg/command/root.go @@ -48,7 +48,7 @@ type SutureService struct { // NewSutureService creates a new notifications.SutureService func NewSutureService(cfg *ociscfg.Config) suture.Service { - cfg.Settings.Commons = cfg.Commons + cfg.Notifications.Commons = cfg.Commons return SutureService{ cfg: cfg.Notifications, } diff --git a/extensions/notifications/pkg/config/config.go b/extensions/notifications/pkg/config/config.go index d20818252e..103d5acdc1 100644 --- a/extensions/notifications/pkg/config/config.go +++ b/extensions/notifications/pkg/config/config.go @@ -22,10 +22,11 @@ type Config struct { // Notifications definces the config options for the notifications service. type Notifications struct { + *shared.Commons `yaml:"-"` SMTP SMTP `yaml:"SMTP,omitempty"` Events Events `yaml:"events,omitempty"` RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY"` - MachineAuthSecret string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY"` } // SMTP combines the smtp configuration options. diff --git a/extensions/notifications/pkg/config/defaults/defaultconfig.go b/extensions/notifications/pkg/config/defaults/defaultconfig.go index 19c3cc2df8..835612a921 100644 --- a/extensions/notifications/pkg/config/defaults/defaultconfig.go +++ b/extensions/notifications/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,10 @@ package defaults -import "github.com/owncloud/ocis/extensions/notifications/pkg/config" +import ( + "log" + + "github.com/owncloud/ocis/extensions/notifications/pkg/config" +) func FullDefaultConfig() *config.Config { cfg := DefaultConfig() @@ -31,8 +35,7 @@ func DefaultConfig() *config.Config { Cluster: "ocis-cluster", ConsumerGroup: "notifications", }, - RevaGateway: "127.0.0.1:9142", - MachineAuthSecret: "change-me-please", + RevaGateway: "127.0.0.1:9142", }, } } @@ -49,6 +52,12 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Log == nil { cfg.Log = &config.Log{} } + + if cfg.Notifications.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.Notifications.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else { + log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index bcbd7dce10..74c76d3933 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "strings" "github.com/owncloud/ocis/extensions/ocs/pkg/config" @@ -44,7 +45,6 @@ func DefaultConfig() *config.Config { Address: "127.0.0.1:9142", }, StorageUsersDriver: "ocis", - MachineAuthAPIKey: "change-me-please", IdentityManagement: config.IdentityManagement{ Address: "https://localhost:9200", }, @@ -82,6 +82,12 @@ func EnsureDefaults(cfg *config.Config) { } else { cfg.TokenManager = &shared.TokenManager{} } + + if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else { + log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 893b2ca2f8..6144197c6b 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "path" "strings" @@ -45,7 +46,6 @@ func DefaultConfig() *config.Config { AccountBackend: "accounts", UserOIDCClaim: "email", UserCS3Claim: "mail", - MachineAuthAPIKey: "change-me-please", AutoprovisionAccounts: false, EnableBasicAuth: false, InsecureBackends: false, @@ -185,6 +185,12 @@ func EnsureDefaults(cfg *config.Config) { } else { cfg.TokenManager = &config.TokenManager{} } + + if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else { + log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index 2437810da6..bc4faba048 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "path" "strings" @@ -53,11 +54,10 @@ func DefaultConfig() *config.Config { }, Metadata: config.Metadata{ - GatewayAddress: "127.0.0.1:9142", - StorageAddress: "127.0.0.1:9215", - ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", - ServiceUserIDP: "https://localhost:9200", - MachineAuthAPIKey: "change-me-please", + GatewayAddress: "127.0.0.1:9142", + StorageAddress: "127.0.0.1:9215", + ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", + ServiceUserIDP: "https://localhost:9200", }, } } @@ -93,6 +93,12 @@ func EnsureDefaults(cfg *config.Config) { } else { cfg.TokenManager = &shared.TokenManager{} } + + if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else { + log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index 95cc5c6cd2..d922393eac 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -328,9 +328,7 @@ func DefaultConfig() *config.Config { Services: []string{"authprovider"}, Endpoint: "localhost:9166", }, - AuthMachineConfig: config.AuthMachineConfig{ - MachineAuthAPIKey: "change-me-please", - }, + AuthMachineConfig: config.AuthMachineConfig{}, Sharing: config.Sharing{ Port: config.Port{ Endpoint: "localhost:9150", diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index befc2d2574..57a2448e17 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -55,9 +55,10 @@ type Config struct { File string `yaml:",omitempty"` OcisURL string `yaml:"ocis_url,omitempty"` - Registry string `yaml:"registry,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` - Runtime Runtime `yaml:"runtime,omitempty"` + Registry string `yaml:"registry,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + MachineAuthAPIKey string + Runtime Runtime `yaml:"runtime,omitempty"` Audit *audit.Config `yaml:"audit,omitempty"` Accounts *accounts.Config `yaml:"accounts,omitempty"` diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index 09bb76dfb4..e77f7986b6 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "log" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" @@ -50,6 +51,12 @@ func ParseConfig(cfg *config.Config) error { cfg.TokenManager = cfg.Commons.TokenManager } + if cfg.MachineAuthAPIKey != "" { + cfg.Commons.MachineAuthAPIKey = cfg.MachineAuthAPIKey + } else { + log.Fatalf("machine auth api key is not set up properly, bailing out (ocis)") + } + // load all env variables relevant to the config in the current context. if err := envdecode.Decode(cfg); err != nil { // no environment variable set for this config is an expected "error" diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index 9439bfcce0..437e6d0d34 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -32,8 +32,9 @@ type TokenManager struct { // Commons holds configuration that are common to all extensions. Each extension can then decide whether // to overwrite its values. type Commons struct { - Log *Log `yaml:"log"` - Tracing *Tracing `yaml:"tracing"` - OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` - TokenManager *TokenManager `yaml:"token_manager"` + Log *Log `yaml:"log"` + Tracing *Tracing `yaml:"tracing"` + OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` + TokenManager *TokenManager `yaml:"token_manager"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 4f991fbd9a..efd1d67de6 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -17,10 +17,7 @@ import ( "gopkg.in/yaml.v3" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" - notifications "github.com/owncloud/ocis/extensions/notifications/pkg/config" - ocs "github.com/owncloud/ocis/extensions/ocs/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" - settings "github.com/owncloud/ocis/extensions/settings/pkg/config" storage "github.com/owncloud/ocis/extensions/storage/pkg/config" thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) @@ -109,10 +106,10 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { IDM: &idm.Config{}, //IDP: &idp.Config{}, //Nats: &nats.Config{}, - Notifications: ¬ifications.Config{}, + //Notifications: ¬ifications.Config{}, //Proxy: &proxy.Config{}, - OCS: &ocs.Config{}, - Settings: &settings.Config{}, + //OCS: &ocs.Config{}, + //Settings: &settings.Config{}, Storage: &storage.Config{}, Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, @@ -144,7 +141,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) } - machineAuthSecret, err := generators.GenerateRandomPassword(passwordLength) + machineAuthApiKey, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } @@ -158,10 +155,9 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { // TODO: graph needs IDM password configured // TODO: add missing insecure occurences // TODO: search for missing transfer secrets - // TODO: move TokenManager for all extensions to shared - // TODO: move machineauthsecret for all extensions to shared // TODO: move transfersecret for all extensions to shared + cfg.MachineAuthAPIKey = machineAuthApiKey cfg.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret @@ -171,12 +167,12 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword - cfg.Notifications.Notifications.MachineAuthSecret = machineAuthSecret - cfg.OCS.MachineAuthAPIKey = machineAuthSecret + //cfg.Notifications.Notifications.MachineAuthAPIKey = machineAuthSecret + //cfg.OCS.MachineAuthAPIKey = machineAuthSecret //cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret //fmt.Printf("%v\n", cfg.Proxy.TokenManager) - cfg.Proxy.MachineAuthAPIKey = machineAuthSecret - cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret + //cfg.Proxy.MachineAuthAPIKey = machineAuthSecret + //cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret cfg.Storage.Reva.JWTSecret = tokenManagerJwtSecret cfg.Storage.OCDav.JWTSecret = tokenManagerJwtSecret diff --git a/ocis/pkg/command/server.go b/ocis/pkg/command/server.go index 7bc6d65306..f623a2497f 100644 --- a/ocis/pkg/command/server.go +++ b/ocis/pkg/command/server.go @@ -3,7 +3,6 @@ package command import ( "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" - "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/owncloud/ocis/ocis/pkg/runtime" "github.com/urfave/cli/v2" @@ -20,12 +19,6 @@ func Server(cfg *config.Config) *cli.Command { }, Action: func(c *cli.Context) error { - cfg.Commons = &shared.Commons{ - Log: cfg.Log, - Tracing: cfg.Tracing, - TokenManager: cfg.TokenManager, - } - r := runtime.New(cfg) return r.Start() }, From 58a24e620eb86b97299841a18c7bef7eddae0328 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Tue, 26 Apr 2022 14:09:29 +0200 Subject: [PATCH 08/99] Move reva transfer secret to shared.Commons Signed-off-by: Christian Richter --- .../storage/pkg/config/defaults/defaultconfig.go | 8 ++++++-- extensions/thumbnails/pkg/config/config.go | 2 +- .../thumbnails/pkg/config/defaults/defaultconfig.go | 8 +++++++- extensions/thumbnails/pkg/service/grpc/v0/service.go | 2 +- extensions/thumbnails/pkg/service/http/v0/service.go | 2 +- ocis-pkg/config/config.go | 5 +++-- ocis-pkg/config/parser/parse.go | 6 ++++++ ocis-pkg/shared/shared_types.go | 1 + ocis/pkg/command/init.go | 12 +++++------- 9 files changed, 31 insertions(+), 15 deletions(-) diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index d922393eac..10de4b2652 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "os" "path" @@ -36,7 +37,6 @@ func DefaultConfig() *config.Config { Reva: config.Reva{ JWTSecret: "Pive-Fumkiu4", SkipUserGroupsInToken: false, - TransferSecret: "replace-me-with-a-transfer-secret", TransferExpires: 24 * 60 * 60, OIDC: config.OIDC{ Issuer: defaultPublicURL, @@ -460,7 +460,11 @@ func DefaultConfig() *config.Config { } func EnsureDefaults(cfg *config.Config) { - // TODO: IMPLEMENT ME! + if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { + cfg.TransferSecret = cfg.Commons.TransferSecret + } else { + log.Fatal("reva transfer secret is not set up properly, bailing out (storage)") + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/thumbnails/pkg/config/config.go b/extensions/thumbnails/pkg/config/config.go index 52f72bc4e1..9f18231956 100644 --- a/extensions/thumbnails/pkg/config/config.go +++ b/extensions/thumbnails/pkg/config/config.go @@ -42,6 +42,6 @@ type Thumbnail struct { CS3AllowInsecure bool `yaml:"cs3_allow_insecure,omitempty" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY"` //TODO: use REVA config FontMapFile string `yaml:"font_map_file,omitempty" env:"THUMBNAILS_TXT_FONTMAP_FILE"` - TransferTokenSecret string `yaml:"transfer_token,omitempty" env:"THUMBNAILS_TRANSFER_TOKEN"` + TransferSecret string `yaml:"transfer_secret,omitempty" env:"THUMBNAILS_TRANSFER_TOKEN"` DataEndpoint string `yaml:"data_endpoint,omitempty" env:"THUMBNAILS_DATA_ENDPOINT"` } diff --git a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go index c74b85065b..75a71ae43c 100644 --- a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go +++ b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "path" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" @@ -44,7 +45,6 @@ func DefaultConfig() *config.Config { WebdavAllowInsecure: false, RevaGateway: "127.0.0.1:9142", CS3AllowInsecure: false, - TransferTokenSecret: "changemeplease", DataEndpoint: "http://127.0.0.1:9186/thumbnails/data", }, } @@ -73,6 +73,12 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Thumbnail.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { + cfg.Thumbnail.TransferSecret = cfg.Commons.TransferSecret + } else { + log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/thumbnails/pkg/service/grpc/v0/service.go b/extensions/thumbnails/pkg/service/grpc/v0/service.go index b5f34f32fd..89eb703d7d 100644 --- a/extensions/thumbnails/pkg/service/grpc/v0/service.go +++ b/extensions/thumbnails/pkg/service/grpc/v0/service.go @@ -49,7 +49,7 @@ func NewService(opts ...Option) decorators.DecoratedService { TxtFontFileMap: options.Config.Thumbnail.FontMapFile, }, dataEndpoint: options.Config.Thumbnail.DataEndpoint, - transferTokenSecret: options.Config.Thumbnail.TransferTokenSecret, + transferTokenSecret: options.Config.Thumbnail.TransferSecret, } return svc diff --git a/extensions/thumbnails/pkg/service/http/v0/service.go b/extensions/thumbnails/pkg/service/http/v0/service.go index 864dca0ae8..944020cb5a 100644 --- a/extensions/thumbnails/pkg/service/http/v0/service.go +++ b/extensions/thumbnails/pkg/service/http/v0/service.go @@ -102,7 +102,7 @@ func (s Thumbnails) TransferTokenValidator(next http.Handler) http.Handler { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) } - return []byte(s.config.Thumbnail.TransferTokenSecret), nil + return []byte(s.config.Thumbnail.TransferSecret), nil }) if err != nil { s.logger.Error(). diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 57a2448e17..91951fa89d 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -57,8 +57,9 @@ type Config struct { Registry string `yaml:"registry,omitempty"` TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` - MachineAuthAPIKey string - Runtime Runtime `yaml:"runtime,omitempty"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` + TransferSecret string `yaml:"transfer_secret,omitempty"` + Runtime Runtime `yaml:"runtime,omitempty"` Audit *audit.Config `yaml:"audit,omitempty"` Accounts *accounts.Config `yaml:"accounts,omitempty"` diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index e77f7986b6..a28c457df1 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -57,6 +57,12 @@ func ParseConfig(cfg *config.Config) error { log.Fatalf("machine auth api key is not set up properly, bailing out (ocis)") } + if cfg.TransferSecret != "" { + cfg.Commons.TransferSecret = cfg.TransferSecret + } else { + log.Fatalf("reva transfer secret not properly set, bailing out (ocis)") + } + // load all env variables relevant to the config in the current context. if err := envdecode.Decode(cfg); err != nil { // no environment variable set for this config is an expected "error" diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index 437e6d0d34..fa3f98094b 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -37,4 +37,5 @@ type Commons struct { OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` TokenManager *TokenManager `yaml:"token_manager"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` + TransferSecret string `yaml:"transfer_secret,omitempty" env:"REVA_TRANSFER_SECRET"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index efd1d67de6..d92c038bd3 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -19,7 +19,6 @@ import ( idm "github.com/owncloud/ocis/extensions/idm/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" storage "github.com/owncloud/ocis/extensions/storage/pkg/config" - thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) const configFilename string = "ocis.yaml" @@ -110,8 +109,8 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //Proxy: &proxy.Config{}, //OCS: &ocs.Config{}, //Settings: &settings.Config{}, - Storage: &storage.Config{}, - Thumbnails: &thumbnails.Config{}, + Storage: &storage.Config{}, + //Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, } @@ -145,7 +144,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } - thumbnailTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) + revaTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } @@ -154,10 +153,9 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { // TODO: REVA config is missing (LDAP + GROUP provider) // TODO: graph needs IDM password configured // TODO: add missing insecure occurences - // TODO: search for missing transfer secrets - // TODO: move transfersecret for all extensions to shared cfg.MachineAuthAPIKey = machineAuthApiKey + cfg.TransferSecret = revaTransferTokenSecret cfg.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret @@ -176,7 +174,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret cfg.Storage.Reva.JWTSecret = tokenManagerJwtSecret cfg.Storage.OCDav.JWTSecret = tokenManagerJwtSecret - cfg.Thumbnails.Thumbnail.TransferTokenSecret = thumbnailTransferTokenSecret + //cfg.Thumbnails.Thumbnail.TransferSecret = revaTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { return fmt.Errorf("Could not marshall config into yaml: %s", err) From d106c87c518190edcae3c13d48158d2b2b99c6a7 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 27 Apr 2022 10:37:40 +0200 Subject: [PATCH 09/99] [WIP] adapt storage changes Signed-off-by: Christian Richter --- extensions/appprovider/pkg/config/config.go | 22 +++---- extensions/auth-basic/pkg/config/config.go | 20 +++---- extensions/auth-bearer/pkg/config/config.go | 20 +++---- extensions/auth-machine/pkg/config/config.go | 20 +++---- extensions/gateway/pkg/config/config.go | 60 +++++++++---------- extensions/group/pkg/config/config.go | 22 +++---- extensions/ocdav/pkg/config/config.go | 32 +++++----- extensions/sharing/pkg/config/config.go | 26 ++++---- .../storage-metadata/pkg/config/config.go | 30 +++++----- .../storage-publiclink/pkg/config/config.go | 22 +++---- .../storage-shares/pkg/config/config.go | 24 ++++---- extensions/storage-users/pkg/config/config.go | 38 ++++++------ extensions/user/pkg/config/config.go | 22 +++---- ocis/pkg/command/init.go | 49 +++++++++++++-- 14 files changed, 224 insertions(+), 183 deletions(-) diff --git a/extensions/appprovider/pkg/config/config.go b/extensions/appprovider/pkg/config/config.go index 72645eee81..42efec470e 100644 --- a/extensions/appprovider/pkg/config/config.go +++ b/extensions/appprovider/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - ExternalAddr string - Driver string - Drivers Drivers + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + ExternalAddr string `yaml:"external_addr,omitempty"` + Driver string `yaml:"driver,omitempty"` + Drivers Drivers `yaml:"drivers,omitempty"` } type Tracing struct { diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 8557e3e7f1..04eb2649af 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -5,18 +5,18 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - AuthProvider string `yaml:"auth_provider" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/auth-bearer/pkg/config/config.go b/extensions/auth-bearer/pkg/config/config.go index 0bc26ab120..b7c8fad6e7 100644 --- a/extensions/auth-bearer/pkg/config/config.go +++ b/extensions/auth-bearer/pkg/config/config.go @@ -5,18 +5,18 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - AuthProvider string `yaml:"auth_provider" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/auth-machine/pkg/config/config.go b/extensions/auth-machine/pkg/config/config.go index 50a2db2c15..0e530daf1d 100644 --- a/extensions/auth-machine/pkg/config/config.go +++ b/extensions/auth-machine/pkg/config/config.go @@ -5,18 +5,18 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - AuthProvider string `yaml:"auth_provider" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_entpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index 740fa151f6..bf16e5f3db 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -5,41 +5,41 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:",omitempty"` + SkipUserGroupsInToken bool `yaml:",omitempty"` - CommitShareToStorageGrant bool - CommitShareToStorageRef bool - ShareFolder string - DisableHomeCreationOnLogin bool - TransferSecret string `env:"STORAGE_TRANSFER_SECRET"` - TransferExpires int - HomeMapping string - EtagCacheTTL int + CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` + CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` + ShareFolder string `yaml:"share_folder,omitempty"` + DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login,omitempty"` + TransferSecret string `yaml:"transfer_secret,omitempty" env:"STORAGE_TRANSFER_SECRET"` + TransferExpires int `yaml:"transfer_expires,omitempty"` + HomeMapping string `yaml:"home_mapping,omitempty"` + EtagCacheTTL int `yaml:"etag_cache_ttl,omitempty"` - UsersEndpoint string - GroupsEndpoint string - PermissionsEndpoint string - SharingEndpoint string - DataGatewayPublicURL string - FrontendPublicURL string `env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"` - AuthBasicEndpoint string - AuthBearerEndpoint string - AuthMachineEndpoint string - StoragePublicLinkEndpoint string - StorageUsersEndpoint string - StorageSharesEndpoint string + UsersEndpoint string `yaml:"users_endpoint,omitempty"` + GroupsEndpoint string `yaml:"groups_endpoint,omitempty"` + PermissionsEndpoint string `yaml:"permissions_endpoint,omitempty"` + SharingEndpoint string `yaml:"sharing_endpoint,omitempty"` + DataGatewayPublicURL string `yaml:"data_gateway_public_url,omitempty"` + FrontendPublicURL string `yaml:"frontend_public_url,omitempty" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"` + AuthBasicEndpoint string `yaml:"auth_basic_endpoint,omitempty"` + AuthBearerEndpoint string `yaml:"auth_bearer_endpoint,omitempty"` + AuthMachineEndpoint string `yaml:"auth_machine_endpoint,omitempty"` + StoragePublicLinkEndpoint string `yaml:"storage_public_link_endpoint,omitempty"` + StorageUsersEndpoint string `yaml:"storage_users_endpoint,omitempty"` + StorageSharesEndpoint string `yaml:"storage_shares_endpoint,omitempty"` - StorageRegistry StorageRegistry - AppRegistry AppRegistry + StorageRegistry StorageRegistry `yaml:"storage_registry,omitempty"` + AppRegistry AppRegistry `yaml:"app_registry,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GATEWAY_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index 9940bd7f26..1b8e0d6323 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - GroupMembersCacheExpiration int - Driver string - Drivers Drivers + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` + Driver string `yaml:"driver,omitempty"` + Drivers Drivers `yaml:"drivers,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/ocdav/pkg/config/config.go b/extensions/ocdav/pkg/config/config.go index e81e6b6288..efc048c861 100644 --- a/extensions/ocdav/pkg/config/config.go +++ b/extensions/ocdav/pkg/config/config.go @@ -5,29 +5,29 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - HTTP HTTPConfig `yaml:"http"` + HTTP HTTPConfig `yaml:"http,omitempty"` // JWTSecret used to verify reva access token JWTSecret string `yaml:"jwt_secret"` - GatewayEndpoint string - SkipUserGroupsInToken bool + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - WebdavNamespace string `yaml:"webdav_namespace"` - FilesNamespace string `yaml:"files_namespace"` - SharesNamespace string `yaml:"shares_namespace"` + WebdavNamespace string `yaml:"webdav_namespace,omitempty"` + FilesNamespace string `yaml:"files_namespace,omitempty"` + SharesNamespace string `yaml:"shares_namespace,omitempty"` // PublicURL used to redirect /s/{token} URLs to - PublicURL string `yaml:"public_url" env:"OCIS_URL;OCDAV_PUBLIC_URL"` + PublicURL string `yaml:"public_url,omitempty" env:"OCIS_URL;OCDAV_PUBLIC_URL"` // Insecure certificates allowed when making requests to the gateway - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;OCDAV_INSECURE"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;OCDAV_INSECURE"` // Timeout in seconds when making requests to the gateway - Timeout int64 `yaml:"timeout"` - Middleware Middleware + Timeout int64 `yaml:"timeout,omitempty"` + Middleware Middleware `yaml:"middleware,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED" desc:"Activates tracing."` @@ -62,10 +62,10 @@ type HTTPConfig struct { // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth"` + Auth Auth `yaml:"auth,omitempty"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr,omitempty"` } diff --git a/extensions/sharing/pkg/config/config.go b/extensions/sharing/pkg/config/config.go index 5302b788b7..13e07c705c 100644 --- a/extensions/sharing/pkg/config/config.go +++ b/extensions/sharing/pkg/config/config.go @@ -5,21 +5,21 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - UserSharingDriver string - UserSharingDrivers UserSharingDrivers - PublicSharingDriver string - PublicSharingDrivers PublicSharingDrivers - Events Events + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + UserSharingDriver string `yaml:"user_sharing_driver,omitempty"` + UserSharingDrivers UserSharingDrivers `yaml:"user_sharin_drivers,omitempty"` + PublicSharingDriver string `yaml:"public_sharing_driver,omitempty"` + PublicSharingDrivers PublicSharingDrivers `yaml:"public_sharing_drivers,omitempty"` + Events Events `yaml:"events,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;SHARING_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index 526a4eabc0..b9ea13eafd 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -9,23 +9,23 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` - HTTP HTTPConfig `yaml:"http"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` + HTTP HTTPConfig `yaml:"http,omitempty"` - Context context.Context - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - Driver string `yaml:"driver" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` - Drivers Drivers `yaml:"drivers"` - DataServerURL string - TempFolder string - DataProviderInsecure bool `env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` + Context context.Context `yaml:"context,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + Driver string `yaml:"driver,omitempty" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` + Drivers Drivers `yaml:"drivers,omitempty"` + DataServerURL string `yaml:"data_server_url,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + DataProviderInsecure bool `yaml:"data_providcer_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-publiclink/pkg/config/config.go b/extensions/storage-publiclink/pkg/config/config.go index 3766e35ead..aa19b583f5 100644 --- a/extensions/storage-publiclink/pkg/config/config.go +++ b/extensions/storage-publiclink/pkg/config/config.go @@ -9,19 +9,19 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - Context context.Context - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - AuthProvider AuthProvider - StorageProvider StorageProvider + Context context.Context `yaml:"context,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + AuthProvider AuthProvider `yaml:"auth_provider,omitempty"` + StorageProvider StorageProvider `yaml:"storage_provider,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-shares/pkg/config/config.go b/extensions/storage-shares/pkg/config/config.go index 8c13456013..18c094c9f7 100644 --- a/extensions/storage-shares/pkg/config/config.go +++ b/extensions/storage-shares/pkg/config/config.go @@ -9,20 +9,20 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` - HTTP HTTPConfig `yaml:"http"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` + HTTP HTTPConfig `yaml:"http,omitempty"` - Context context.Context - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - ReadOnly bool - SharesProviderEndpoint string + Context context.Context `yaml:"context,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + ReadOnly bool `yaml:"readonly,omitempty"` + SharesProviderEndpoint string `yaml:"shares_provider_endpoint,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-users/pkg/config/config.go b/extensions/storage-users/pkg/config/config.go index 1cbe616344..bc8cc30e4c 100644 --- a/extensions/storage-users/pkg/config/config.go +++ b/extensions/storage-users/pkg/config/config.go @@ -9,27 +9,27 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` - HTTP HTTPConfig `yaml:"http"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` + HTTP HTTPConfig `yaml:"http,omitempty"` - Context context.Context - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - Driver string `yaml:"driver" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` - Drivers Drivers `yaml:"drivers"` - DataServerURL string - TempFolder string - DataProviderInsecure bool `env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` - Events Events - MountID string - ExposeDataServer bool - ReadOnly bool + Context context.Context `yaml:"context,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + Driver string `yaml:"driver,omitempty" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` + Drivers Drivers `yaml:"drivers,omitempty"` + DataServerURL string `yaml:"data_server_url,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + DataProviderInsecure bool `yaml:"data_provider_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` + Events Events `yaml:"events,omitempty"` + MountID string `yaml:"mount_id,omitempty"` + ExposeDataServer bool `yaml:"expose_data_server,omitempty"` + ReadOnly bool `yaml:"readonly,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index efdcd54430..4c000da6c5 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - UsersCacheExpiration int - Driver string - Drivers Drivers + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + UsersCacheExpiration int `yaml:"users_cache_expiration,omitempty"` + Driver string `yaml:"driver,omitempty"` + Drivers Drivers `yaml:"drivers,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index d92c038bd3..e70129ca97 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -16,9 +16,21 @@ import ( cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" + appprovider "github.com/owncloud/ocis/extensions/appprovider/pkg/config" + authbasic "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" + authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" + authmachine "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" + gateway "github.com/owncloud/ocis/extensions/gateway/pkg/config" + group "github.com/owncloud/ocis/extensions/group/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" + ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" - storage "github.com/owncloud/ocis/extensions/storage/pkg/config" + sharing "github.com/owncloud/ocis/extensions/sharing/pkg/config" + storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" + storagepublic "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config" + storageshares "github.com/owncloud/ocis/extensions/storage-shares/pkg/config" + storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config" + user "github.com/owncloud/ocis/extensions/user/pkg/config" ) const configFilename string = "ocis.yaml" @@ -109,7 +121,20 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //Proxy: &proxy.Config{}, //OCS: &ocs.Config{}, //Settings: &settings.Config{}, - Storage: &storage.Config{}, + // TODO: fix storage + AuthBasic: &authbasic.Config{}, + AuthBearer: &authbearer.Config{}, + AppProvider: &appprovider.Config{}, + AuthMachine: &authmachine.Config{}, + Gateway: &gateway.Config{}, + Group: &group.Config{}, + Sharing: &sharing.Config{}, + StorageMetadata: &storagemetadata.Config{}, + StorageUsers: &storageusers.Config{}, + StorageShares: &storageshares.Config{}, + StoragePublicLink: &storagepublic.Config{}, + User: &user.Config{}, + OCDav: &ocdav.Config{}, //Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, @@ -172,8 +197,24 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //cfg.Proxy.MachineAuthAPIKey = machineAuthSecret //cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret - cfg.Storage.Reva.JWTSecret = tokenManagerJwtSecret - cfg.Storage.OCDav.JWTSecret = tokenManagerJwtSecret + + //TODO: move all jwt secrets to shared.common + cfg.AppProvider.JWTSecret = tokenManagerJwtSecret + cfg.AuthBasic.JWTSecret = tokenManagerJwtSecret + cfg.AuthBearer.JWTSecret = tokenManagerJwtSecret + cfg.AuthMachine.JWTSecret = tokenManagerJwtSecret + cfg.Gateway.JWTSecret = tokenManagerJwtSecret + //TODO: following line is defunc, figure out why + //cfg.Gateway.MachineAuthAPIKey = machineAuthApiKey + cfg.Group.JWTSecret = tokenManagerJwtSecret + cfg.Sharing.JWTSecret = tokenManagerJwtSecret + cfg.StorageMetadata.JWTSecret = tokenManagerJwtSecret + cfg.StoragePublicLink.JWTSecret = tokenManagerJwtSecret + cfg.StorageShares.JWTSecret = tokenManagerJwtSecret + cfg.StorageUsers.JWTSecret = tokenManagerJwtSecret + cfg.User.JWTSecret = tokenManagerJwtSecret + cfg.OCDav.JWTSecret = tokenManagerJwtSecret + //cfg.Thumbnails.Thumbnail.TransferSecret = revaTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { From c5d0791f53feb638599c07b46b26f16da9aaa61d Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 27 Apr 2022 10:58:27 +0200 Subject: [PATCH 10/99] add password generator Signed-off-by: Christian Richter --- ocis-pkg/generators/generators_suite_test.go | 13 +++++++++++++ ocis-pkg/generators/generators_test.go | 13 +++++++++++++ ocis-pkg/generators/password.go | 20 ++++++++++++++++++++ 3 files changed, 46 insertions(+) create mode 100644 ocis-pkg/generators/generators_suite_test.go create mode 100644 ocis-pkg/generators/generators_test.go create mode 100644 ocis-pkg/generators/password.go diff --git a/ocis-pkg/generators/generators_suite_test.go b/ocis-pkg/generators/generators_suite_test.go new file mode 100644 index 0000000000..ef690d5930 --- /dev/null +++ b/ocis-pkg/generators/generators_suite_test.go @@ -0,0 +1,13 @@ +package generators_test + +import ( + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +func TestGenerators(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "Generators Suite") +} diff --git a/ocis-pkg/generators/generators_test.go b/ocis-pkg/generators/generators_test.go new file mode 100644 index 0000000000..4d89d59434 --- /dev/null +++ b/ocis-pkg/generators/generators_test.go @@ -0,0 +1,13 @@ +package generators_test + +import ( + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + . "github.com/owncloud/ocis/ocis-pkg/generators" +) + +var _ = Describe("Generators", func() { + It("Returns an error ", func() {}) + PIt("Returns expected passwords", func() {}) +}) diff --git a/ocis-pkg/generators/password.go b/ocis-pkg/generators/password.go new file mode 100644 index 0000000000..3c2d571fa5 --- /dev/null +++ b/ocis-pkg/generators/password.go @@ -0,0 +1,20 @@ +package generators + +import ( + "crypto/rand" + "math/big" +) + +func GenerateRandomPassword(length int) (string, error) { + const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-=+!@#$%^&*." + ret := make([]byte, length) + for i := 0; i < length; i++ { + num, err := rand.Int(rand.Reader, big.NewInt(int64(len(chars)))) + if err != nil { + return "", err + } + ret[i] = chars[num.Int64()] + } + + return string(ret), nil +} From 48a6978e247bda547bd2323f3a7dc69d7ef557ee Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 11:04:18 +0200 Subject: [PATCH 11/99] move TokenManager back to extension config --- extensions/accounts/pkg/config/config.go | 2 +- extensions/accounts/pkg/config/defaults/defaultconfig.go | 5 ++--- extensions/accounts/pkg/config/reva.go | 6 ++++++ extensions/frontend/pkg/config/config.go | 9 ++++++--- extensions/graph/pkg/config/config.go | 4 ++-- extensions/graph/pkg/config/defaults/defaultconfig.go | 5 ++--- extensions/graph/pkg/config/reva.go | 5 +++++ extensions/ocs/pkg/config/config.go | 4 ++-- extensions/ocs/pkg/config/defaults/defaultconfig.go | 5 ++--- extensions/ocs/pkg/config/reva.go | 5 +++++ extensions/ocs/pkg/server/http/svc_test.go | 3 +-- extensions/settings/pkg/config/config.go | 4 ++-- extensions/settings/pkg/config/defaults/defaultconfig.go | 5 ++--- ocis-pkg/generators/generators_test.go | 6 +++--- 14 files changed, 41 insertions(+), 27 deletions(-) create mode 100644 extensions/accounts/pkg/config/reva.go diff --git a/extensions/accounts/pkg/config/config.go b/extensions/accounts/pkg/config/config.go index 7d05d2edcc..0d38512da7 100644 --- a/extensions/accounts/pkg/config/config.go +++ b/extensions/accounts/pkg/config/config.go @@ -19,7 +19,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` GRPC GRPC `yaml:"grpc,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` Asset Asset `yaml:"asset,omitempty"` Repo Repo `yaml:"repo,omitempty"` diff --git a/extensions/accounts/pkg/config/defaults/defaultconfig.go b/extensions/accounts/pkg/config/defaults/defaultconfig.go index 376695633b..8724bd096b 100644 --- a/extensions/accounts/pkg/config/defaults/defaultconfig.go +++ b/extensions/accounts/pkg/config/defaults/defaultconfig.go @@ -6,7 +6,6 @@ import ( "github.com/owncloud/ocis/extensions/accounts/pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" - "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -101,11 +100,11 @@ func EnsureDefaults(cfg *config.Config) { } if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { - cfg.TokenManager = &shared.TokenManager{ + cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } } else { - cfg.TokenManager = &shared.TokenManager{} + cfg.TokenManager = &config.TokenManager{} } } diff --git a/extensions/accounts/pkg/config/reva.go b/extensions/accounts/pkg/config/reva.go new file mode 100644 index 0000000000..172786f6f1 --- /dev/null +++ b/extensions/accounts/pkg/config/reva.go @@ -0,0 +1,6 @@ +package config + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;ACCOUNTS_JWT_SECRET"` +} diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index fd9d1c99a8..0adda7543b 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -13,7 +13,10 @@ type Config struct { HTTP HTTPConfig `yaml:"http"` // JWTSecret used to verify reva access token - JWTSecret string `yaml:"jwt_secret"` + + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` + + JWTSecret string `yaml:"jwt_secret"` GatewayEndpoint string SkipUserGroupsInToken bool @@ -22,8 +25,8 @@ type Config struct { UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` DefaultUploadProtocol string `yaml:"default_upload_protocol"` - TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` - PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` + + PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` Archiver Archiver AppProvider AppProvider diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 8f27986840..b346bc15bd 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -18,8 +18,8 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Reva Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` Spaces Spaces `yaml:"spaces,omitempty"` Identity Identity `yaml:"identity,omitempty"` diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index d3b7e00541..6c315a4775 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -4,7 +4,6 @@ import ( "strings" "github.com/owncloud/ocis/extensions/graph/pkg/config" - "github.com/owncloud/ocis/ocis-pkg/shared" ) func DefaultConfig() *config.Config { @@ -89,11 +88,11 @@ func EnsureDefaults(cfg *config.Config) { } if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { - cfg.TokenManager = &shared.TokenManager{ + cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } } else { - cfg.TokenManager = &shared.TokenManager{} + cfg.TokenManager = &config.TokenManager{} } } diff --git a/extensions/graph/pkg/config/reva.go b/extensions/graph/pkg/config/reva.go index 2d3966303d..dbfc359a8b 100644 --- a/extensions/graph/pkg/config/reva.go +++ b/extensions/graph/pkg/config/reva.go @@ -4,3 +4,8 @@ package config type Reva struct { Address string `yaml:"address" env:"REVA_GATEWAY"` } + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GRAPH_JWT_SECRET"` +} diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index 3905b91f5e..9e332ca7de 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -18,8 +18,8 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva Reva `yaml:"reva,omitempty"` IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 74c76d3933..74a1b493d4 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -5,7 +5,6 @@ import ( "strings" "github.com/owncloud/ocis/extensions/ocs/pkg/config" - "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -76,11 +75,11 @@ func EnsureDefaults(cfg *config.Config) { } if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { - cfg.TokenManager = &shared.TokenManager{ + cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } } else { - cfg.TokenManager = &shared.TokenManager{} + cfg.TokenManager = &config.TokenManager{} } if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { diff --git a/extensions/ocs/pkg/config/reva.go b/extensions/ocs/pkg/config/reva.go index 2d3966303d..b8d2779170 100644 --- a/extensions/ocs/pkg/config/reva.go +++ b/extensions/ocs/pkg/config/reva.go @@ -4,3 +4,8 @@ package config type Reva struct { Address string `yaml:"address" env:"REVA_GATEWAY"` } + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/ocs/pkg/server/http/svc_test.go b/extensions/ocs/pkg/server/http/svc_test.go index f4bc9b52f6..7bdddbf28b 100644 --- a/extensions/ocs/pkg/server/http/svc_test.go +++ b/extensions/ocs/pkg/server/http/svc_test.go @@ -28,7 +28,6 @@ import ( ssvc "github.com/owncloud/ocis/extensions/settings/pkg/service/v0" ocisLog "github.com/owncloud/ocis/ocis-pkg/log" "github.com/owncloud/ocis/ocis-pkg/service/grpc" - "github.com/owncloud/ocis/ocis-pkg/shared" accountsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/accounts/v0" settingsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/settings/v0" accountssvc "github.com/owncloud/ocis/protogen/gen/ocis/services/accounts/v0" @@ -724,7 +723,7 @@ func getService() svc.Service { Root: "/", Addr: "localhost:9110", }, - TokenManager: &shared.TokenManager{ + TokenManager: &config.TokenManager{ JWTSecret: jwtSecret, }, Log: &config.Log{ diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index 7c521cc381..ea74b42ed1 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -23,8 +23,8 @@ type Config struct { DataPath string `yaml:"data_path,omitempty" env:"SETTINGS_DATA_PATH"` Metadata Metadata `yaml:"metadata_config,omitempty"` - Asset Asset `yaml:"asset,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Asset Asset `yaml:"asset,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index bc4faba048..f056a6a9d8 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -7,7 +7,6 @@ import ( "github.com/owncloud/ocis/extensions/settings/pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" - "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -87,11 +86,11 @@ func EnsureDefaults(cfg *config.Config) { } if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { - cfg.TokenManager = &shared.TokenManager{ + cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } } else { - cfg.TokenManager = &shared.TokenManager{} + cfg.TokenManager = &config.TokenManager{} } if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { diff --git a/ocis-pkg/generators/generators_test.go b/ocis-pkg/generators/generators_test.go index 4d89d59434..8c1984dee0 100644 --- a/ocis-pkg/generators/generators_test.go +++ b/ocis-pkg/generators/generators_test.go @@ -1,10 +1,10 @@ package generators_test import ( - . "github.com/onsi/ginkgo/v2" - . "github.com/onsi/gomega" + _ "github.com/onsi/ginkgo/v2" + _ "github.com/onsi/gomega" - . "github.com/owncloud/ocis/ocis-pkg/generators" + _ "github.com/owncloud/ocis/ocis-pkg/generators" ) var _ = Describe("Generators", func() { From 9095b11d6c01125afe723f5abe0cab43ea962195 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 13:58:59 +0200 Subject: [PATCH 12/99] load reva gateway and token manager from common config --- .vscode/launch.json | 8 +- .../pkg/config/defaults/defaultconfig.go | 2 +- extensions/appprovider/pkg/command/command.go | 10 +- extensions/appprovider/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 23 ++++- .../appprovider/pkg/config/parser/parse.go | 33 +++++++ extensions/appprovider/pkg/config/reva.go | 11 +++ extensions/auth-basic/pkg/command/command.go | 8 +- extensions/auth-basic/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 24 ++++- .../auth-basic/pkg/config/parser/parse.go | 33 +++++++ extensions/auth-basic/pkg/config/reva.go | 11 +++ extensions/auth-bearer/pkg/command/command.go | 8 +- extensions/auth-bearer/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 23 ++++- .../auth-bearer/pkg/config/parser/parse.go | 33 +++++++ extensions/auth-bearer/pkg/config/reva.go | 11 +++ .../auth-machine/pkg/command/command.go | 10 +- extensions/auth-machine/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 23 ++++- .../auth-machine/pkg/config/parser/parse.go | 33 +++++++ extensions/auth-machine/pkg/config/reva.go | 11 +++ extensions/frontend/pkg/command/command.go | 21 ++-- extensions/frontend/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 21 +++- .../frontend/pkg/config/parser/parse.go | 33 +++++++ extensions/frontend/pkg/config/reva.go | 11 +++ extensions/gateway/pkg/command/command.go | 21 ++-- extensions/gateway/pkg/config/config.go | 8 +- .../pkg/config/defaults/defaultconfig.go | 22 ++++- extensions/gateway/pkg/config/parser/parse.go | 33 +++++++ extensions/gateway/pkg/config/reva.go | 11 +++ extensions/graph/pkg/config/config.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 4 +- extensions/graph/pkg/service/v0/service.go | 2 +- extensions/group/pkg/command/command.go | 8 +- extensions/group/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 23 ++++- extensions/group/pkg/config/parser/parse.go | 33 +++++++ extensions/group/pkg/config/reva.go | 11 +++ extensions/ocdav/pkg/command/ocdav.go | 19 ++-- extensions/ocdav/pkg/config/config.go | 8 +- .../pkg/config/defaults/defaultconfig.go | 21 +++- extensions/ocdav/pkg/config/parser/parse.go | 33 +++++++ extensions/ocdav/pkg/config/reva.go | 11 +++ extensions/ocs/pkg/config/config.go | 2 +- .../ocs/pkg/config/defaults/defaultconfig.go | 12 ++- extensions/proxy/pkg/config/config.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 20 +++- .../pkg/config/defaults/defaultconfig.go | 2 +- extensions/sharing/pkg/command/command.go | 12 ++- extensions/sharing/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 21 +++- extensions/sharing/pkg/config/parser/parse.go | 33 +++++++ extensions/sharing/pkg/config/reva.go | 11 +++ .../storage-metadata/pkg/command/command.go | 8 +- .../storage-metadata/pkg/config/config.go | 20 ++-- .../pkg/config/defaults/defaultconfig.go | 27 ++++- .../pkg/config/parser/parse.go | 33 +++++++ .../storage-metadata/pkg/config/reva.go | 11 +++ .../pkg/command/storagepubliclink.go | 8 +- .../storage-publiclink/pkg/config/config.go | 8 +- .../pkg/config/defaults/defaultconfig.go | 21 +++- .../pkg/config/parser/parse.go | 33 +++++++ .../storage-publiclink/pkg/config/reva.go | 11 +++ .../storage-shares/pkg/command/command.go | 8 +- .../storage-shares/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 21 +++- .../storage-shares/pkg/config/parser/parse.go | 33 +++++++ extensions/storage-shares/pkg/config/reva.go | 11 +++ .../storage-users/pkg/command/command.go | 8 +- extensions/storage-users/pkg/config/config.go | 28 +++--- .../pkg/config/defaults/defaultconfig.go | 29 ++++-- .../storage-users/pkg/config/parser/parse.go | 33 +++++++ extensions/storage-users/pkg/config/reva.go | 11 +++ .../pkg/config/defaults/defaultconfig.go | 4 +- extensions/storage/pkg/config/parser/parse.go | 33 +++++++ extensions/user/pkg/command/command.go | 8 +- extensions/user/pkg/config/config.go | 5 +- .../user/pkg/config/defaults/defaultconfig.go | 23 ++++- extensions/user/pkg/config/parser/parse.go | 33 +++++++ extensions/user/pkg/config/reva.go | 11 +++ ocis-pkg/config/defaultconfig.go | 42 ++++---- ocis-pkg/generators/generators_test.go | 8 +- ocis-pkg/shared/shared_types.go | 6 ++ ocis/pkg/command/init.go | 98 ++++++++----------- 86 files changed, 1209 insertions(+), 250 deletions(-) create mode 100644 extensions/appprovider/pkg/config/parser/parse.go create mode 100644 extensions/appprovider/pkg/config/reva.go create mode 100644 extensions/auth-basic/pkg/config/parser/parse.go create mode 100644 extensions/auth-basic/pkg/config/reva.go create mode 100644 extensions/auth-bearer/pkg/config/parser/parse.go create mode 100644 extensions/auth-bearer/pkg/config/reva.go create mode 100644 extensions/auth-machine/pkg/config/parser/parse.go create mode 100644 extensions/auth-machine/pkg/config/reva.go create mode 100644 extensions/frontend/pkg/config/parser/parse.go create mode 100644 extensions/frontend/pkg/config/reva.go create mode 100644 extensions/gateway/pkg/config/parser/parse.go create mode 100644 extensions/gateway/pkg/config/reva.go create mode 100644 extensions/group/pkg/config/parser/parse.go create mode 100644 extensions/group/pkg/config/reva.go create mode 100644 extensions/ocdav/pkg/config/parser/parse.go create mode 100644 extensions/ocdav/pkg/config/reva.go create mode 100644 extensions/sharing/pkg/config/parser/parse.go create mode 100644 extensions/sharing/pkg/config/reva.go create mode 100644 extensions/storage-metadata/pkg/config/parser/parse.go create mode 100644 extensions/storage-metadata/pkg/config/reva.go create mode 100644 extensions/storage-publiclink/pkg/config/parser/parse.go create mode 100644 extensions/storage-publiclink/pkg/config/reva.go create mode 100644 extensions/storage-shares/pkg/config/parser/parse.go create mode 100644 extensions/storage-shares/pkg/config/reva.go create mode 100644 extensions/storage-users/pkg/config/parser/parse.go create mode 100644 extensions/storage-users/pkg/config/reva.go create mode 100644 extensions/storage/pkg/config/parser/parse.go create mode 100644 extensions/user/pkg/config/parser/parse.go create mode 100644 extensions/user/pkg/config/reva.go diff --git a/.vscode/launch.json b/.vscode/launch.json index 4332cf2e1a..52d4b84087 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -12,11 +12,11 @@ ], "env": { // log settings for human developers - "OCIS_LOG_LEVEL": "debug", - "OCIS_LOG_PRETTY": "true", - "OCIS_LOG_COLOR": "true", + //"OCIS_LOG_LEVEL": "debug", + //"OCIS_LOG_PRETTY": "true", + //"OCIS_LOG_COLOR": "true", // enable basic auth for dev setup so that we can use curl for testing - "PROXY_ENABLE_BASIC_AUTH": "true", + //"PROXY_ENABLE_BASIC_AUTH": "true", // set insecure options because we don't have valid certificates in dev environments "OCIS_INSECURE": "true", // demo users diff --git a/extensions/accounts/pkg/config/defaults/defaultconfig.go b/extensions/accounts/pkg/config/defaults/defaultconfig.go index 8724bd096b..af60edfb6e 100644 --- a/extensions/accounts/pkg/config/defaults/defaultconfig.go +++ b/extensions/accounts/pkg/config/defaults/defaultconfig.go @@ -103,7 +103,7 @@ func EnsureDefaults(cfg *config.Config) { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } - } else { + } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } } diff --git a/extensions/appprovider/pkg/command/command.go b/extensions/appprovider/pkg/command/command.go index 2c1399446f..a8425fddf4 100644 --- a/extensions/appprovider/pkg/command/command.go +++ b/extensions/appprovider/pkg/command/command.go @@ -10,6 +10,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/appprovider/pkg/config" + "github.com/owncloud/ocis/extensions/appprovider/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/log" @@ -24,6 +25,9 @@ func AppProvider(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "app-provider", Usage: "start appprovider for providing apps", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -92,8 +96,8 @@ func appProviderConfigFromStruct(c *cli.Context, cfg *config.Config) map[string] "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ @@ -114,7 +118,7 @@ func appProviderConfigFromStruct(c *cli.Context, cfg *config.Config) map[string] "app_url": cfg.Drivers.WOPI.AppURL, "insecure_connections": cfg.Drivers.WOPI.Insecure, "iop_secret": cfg.Drivers.WOPI.IopSecret, - "jwt_secret": cfg.JWTSecret, + "jwt_secret": cfg.TokenManager.JWTSecret, "wopi_url": cfg.Drivers.WOPI.WopiURL, }, }, diff --git a/extensions/appprovider/pkg/config/config.go b/extensions/appprovider/pkg/config/config.go index 42efec470e..c5f1248ee6 100644 --- a/extensions/appprovider/pkg/config/config.go +++ b/extensions/appprovider/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` ExternalAddr string `yaml:"external_addr,omitempty"` Driver string `yaml:"driver,omitempty"` diff --git a/extensions/appprovider/pkg/config/defaults/defaultconfig.go b/extensions/appprovider/pkg/config/defaults/defaultconfig.go index 332ce0dba4..e556735ee7 100644 --- a/extensions/appprovider/pkg/config/defaults/defaultconfig.go +++ b/extensions/appprovider/pkg/config/defaults/defaultconfig.go @@ -27,9 +27,10 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "appprovider", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - Driver: "", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + Driver: "", Drivers: config.Drivers{ WOPI: config.WOPIDriver{}, }, @@ -59,6 +60,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/appprovider/pkg/config/parser/parse.go b/extensions/appprovider/pkg/config/parser/parse.go new file mode 100644 index 0000000000..272df5fde4 --- /dev/null +++ b/extensions/appprovider/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/appprovider/pkg/config" + "github.com/owncloud/ocis/extensions/appprovider/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/appprovider/pkg/config/reva.go b/extensions/appprovider/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/appprovider/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/auth-basic/pkg/command/command.go b/extensions/auth-basic/pkg/command/command.go index 44745e4825..ba5d98b43b 100644 --- a/extensions/auth-basic/pkg/command/command.go +++ b/extensions/auth-basic/pkg/command/command.go @@ -11,6 +11,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" + "github.com/owncloud/ocis/extensions/auth-basic/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/ldap" @@ -26,6 +27,9 @@ func AuthBasic(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "auth-basic", Usage: "start authprovider for basic auth", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -113,8 +117,8 @@ func authBasicConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]in "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 04eb2649af..2b0c56bfc1 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` diff --git a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go index 4d23247193..42caadb53d 100644 --- a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go @@ -30,9 +30,10 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "auth-basic", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - AuthProvider: "ldap", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + AuthProvider: "ldap", AuthProviders: config.AuthProviders{ LDAP: config.LDAPProvider{ URI: "ldaps://localhost:9126", @@ -101,6 +102,23 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } + } func Sanitize(cfg *config.Config) { diff --git a/extensions/auth-basic/pkg/config/parser/parse.go b/extensions/auth-basic/pkg/config/parser/parse.go new file mode 100644 index 0000000000..3a850615ca --- /dev/null +++ b/extensions/auth-basic/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" + "github.com/owncloud/ocis/extensions/auth-basic/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/auth-basic/pkg/config/reva.go b/extensions/auth-basic/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/auth-basic/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/auth-bearer/pkg/command/command.go b/extensions/auth-bearer/pkg/command/command.go index dd27a0b8e4..d896fbb444 100644 --- a/extensions/auth-bearer/pkg/command/command.go +++ b/extensions/auth-bearer/pkg/command/command.go @@ -10,6 +10,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" + "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/log" @@ -24,6 +25,9 @@ func AuthBearer(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "auth-bearer", Usage: "start authprovider for bearer auth", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -94,8 +98,8 @@ func authBearerConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]i "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/auth-bearer/pkg/config/config.go b/extensions/auth-bearer/pkg/config/config.go index b7c8fad6e7..97fcd5ee6c 100644 --- a/extensions/auth-bearer/pkg/config/config.go +++ b/extensions/auth-bearer/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` diff --git a/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go b/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go index 4ca3d0f5ca..93a978a2a3 100644 --- a/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go @@ -27,9 +27,10 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "auth-bearer", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - AuthProvider: "ldap", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + AuthProvider: "ldap", AuthProviders: config.AuthProviders{ OIDC: config.OIDCProvider{ Issuer: "https://localhost:9200", @@ -63,6 +64,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/auth-bearer/pkg/config/parser/parse.go b/extensions/auth-bearer/pkg/config/parser/parse.go new file mode 100644 index 0000000000..6ea2a14847 --- /dev/null +++ b/extensions/auth-bearer/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" + "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/auth-bearer/pkg/config/reva.go b/extensions/auth-bearer/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/auth-bearer/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/auth-machine/pkg/command/command.go b/extensions/auth-machine/pkg/command/command.go index 332c1ed865..41de568723 100644 --- a/extensions/auth-machine/pkg/command/command.go +++ b/extensions/auth-machine/pkg/command/command.go @@ -10,6 +10,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" + "github.com/owncloud/ocis/extensions/auth-machine/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/log" @@ -24,6 +25,9 @@ func AuthMachine(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "auth-machine", Usage: "start authprovider for machine auth", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -94,8 +98,8 @@ func authMachineConfigFromStruct(c *cli.Context, cfg *config.Config) map[string] "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ @@ -108,7 +112,7 @@ func authMachineConfigFromStruct(c *cli.Context, cfg *config.Config) map[string] "auth_managers": map[string]interface{}{ "machine": map[string]interface{}{ "api_key": cfg.AuthProviders.Machine.APIKey, - "gateway_addr": cfg.GatewayEndpoint, + "gateway_addr": cfg.Reva.Address, }, }, }, diff --git a/extensions/auth-machine/pkg/config/config.go b/extensions/auth-machine/pkg/config/config.go index 0e530daf1d..4837e2915b 100644 --- a/extensions/auth-machine/pkg/config/config.go +++ b/extensions/auth-machine/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_entpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` diff --git a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go index 4a442d48b8..4b8e3368e5 100644 --- a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go @@ -27,9 +27,10 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "auth-machine", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - AuthProvider: "ldap", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + AuthProvider: "ldap", AuthProviders: config.AuthProviders{ Machine: config.MachineProvider{ APIKey: "change-me-please", @@ -61,6 +62,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/auth-machine/pkg/config/parser/parse.go b/extensions/auth-machine/pkg/config/parser/parse.go new file mode 100644 index 0000000000..defc64e0c3 --- /dev/null +++ b/extensions/auth-machine/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" + "github.com/owncloud/ocis/extensions/auth-machine/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/auth-machine/pkg/config/reva.go b/extensions/auth-machine/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/auth-machine/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/frontend/pkg/command/command.go b/extensions/frontend/pkg/command/command.go index 98d0c49122..6eadfb2e95 100644 --- a/extensions/frontend/pkg/command/command.go +++ b/extensions/frontend/pkg/command/command.go @@ -13,6 +13,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/frontend/pkg/config" + "github.com/owncloud/ocis/extensions/frontend/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/conversions" @@ -28,11 +29,13 @@ func Frontend(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "frontend", Usage: "start frontend service", - Before: func(c *cli.Context) error { - if err := loadUserAgent(c, cfg); err != nil { - return err - } - return nil + Before: func(ctx *cli.Context) error { + // TODO: what !? + //if err := loadUserAgent(c, cfg); err != nil { + // return err + //} + //return nil + return parser.ParseConfig(cfg) }, Action: func(c *cli.Context) error { logCfg := cfg.Logging @@ -156,8 +159,8 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, // Todo or address? + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, // Todo or address? "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "http": map[string]interface{}{ @@ -194,7 +197,7 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s "insecure": true, }, "ocs": map[string]interface{}{ - "storage_registry_svc": cfg.GatewayEndpoint, + "storage_registry_svc": cfg.Reva.Address, "share_prefix": cfg.OCS.SharePrefix, "home_namespace": cfg.OCS.HomeNamespace, "resource_info_cache_ttl": cfg.OCS.ResourceInfoCacheTTL, @@ -210,7 +213,7 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s "db_port": cfg.OCS.CacheWarmupDrivers.CBOX.DBPort, "db_name": cfg.OCS.CacheWarmupDrivers.CBOX.DBName, "namespace": cfg.OCS.CacheWarmupDrivers.CBOX.Namespace, - "gatewaysvc": cfg.GatewayEndpoint, + "gatewaysvc": cfg.Reva.Address, }, }, "config": map[string]interface{}{ diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index 0adda7543b..5a4ba7354f 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -16,8 +16,9 @@ type Config struct { TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` - JWTSecret string `yaml:"jwt_secret"` - GatewayEndpoint string + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool EnableFavorites bool `yaml:"favorites"` diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 182914b822..54247a580e 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -28,8 +28,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "frontend", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, PublicURL: "https://localhost:9200", EnableFavorites: false, EnableProjectSpaces: true, @@ -96,6 +97,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go new file mode 100644 index 0000000000..7942a1b235 --- /dev/null +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/frontend/pkg/config" + "github.com/owncloud/ocis/extensions/frontend/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/frontend/pkg/config/reva.go b/extensions/frontend/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/frontend/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/gateway/pkg/command/command.go b/extensions/gateway/pkg/command/command.go index 3c8a15941f..c71895ac4b 100644 --- a/extensions/gateway/pkg/command/command.go +++ b/extensions/gateway/pkg/command/command.go @@ -14,6 +14,7 @@ import ( "github.com/mitchellh/mapstructure" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/gateway/pkg/config" + "github.com/owncloud/ocis/extensions/gateway/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" "github.com/owncloud/ocis/extensions/storage/pkg/service/external" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" @@ -30,12 +31,8 @@ func Gateway(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "gateway", Usage: "start gateway", - Before: func(c *cli.Context) error { - if cfg.DataGatewayPublicURL == "" { - cfg.DataGatewayPublicURL = strings.TrimRight(cfg.FrontendPublicURL, "/") + "/data" - } - - return nil + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) }, Action: func(c *cli.Context) error { logCfg := cfg.Logging @@ -124,8 +121,8 @@ func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logg "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ @@ -135,9 +132,9 @@ func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logg "services": map[string]interface{}{ "gateway": map[string]interface{}{ // registries is located on the gateway - "authregistrysvc": cfg.GatewayEndpoint, - "storageregistrysvc": cfg.GatewayEndpoint, - "appregistrysvc": cfg.GatewayEndpoint, + "authregistrysvc": cfg.Reva.Address, + "storageregistrysvc": cfg.Reva.Address, + "appregistrysvc": cfg.Reva.Address, // user metadata is located on the users services "preferencessvc": cfg.UsersEndpoint, "userprovidersvc": cfg.UsersEndpoint, @@ -152,7 +149,7 @@ func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logg "share_folder": cfg.ShareFolder, // ShareFolder is the location where to create shares in the recipient's storage provider. // other "disable_home_creation_on_login": cfg.DisableHomeCreationOnLogin, - "datagateway": cfg.DataGatewayPublicURL, + "datagateway": strings.TrimRight(cfg.FrontendPublicURL, "/") + "/data", "transfer_shared_secret": cfg.TransferSecret, "transfer_expires": cfg.TransferExpires, "home_mapping": cfg.HomeMapping, diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index bf16e5f3db..720083a64b 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -12,9 +12,10 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:",omitempty"` - SkipUserGroupsInToken bool `yaml:",omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + + SkipUserGroupsInToken bool `yaml:",omitempty"` CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` @@ -29,7 +30,6 @@ type Config struct { GroupsEndpoint string `yaml:"groups_endpoint,omitempty"` PermissionsEndpoint string `yaml:"permissions_endpoint,omitempty"` SharingEndpoint string `yaml:"sharing_endpoint,omitempty"` - DataGatewayPublicURL string `yaml:"data_gateway_public_url,omitempty"` FrontendPublicURL string `yaml:"frontend_public_url,omitempty" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"` AuthBasicEndpoint string `yaml:"auth_basic_endpoint,omitempty"` AuthBearerEndpoint string `yaml:"auth_bearer_endpoint,omitempty"` diff --git a/extensions/gateway/pkg/config/defaults/defaultconfig.go b/extensions/gateway/pkg/config/defaults/defaultconfig.go index 44c3dc0df3..1c0013b249 100644 --- a/extensions/gateway/pkg/config/defaults/defaultconfig.go +++ b/extensions/gateway/pkg/config/defaults/defaultconfig.go @@ -27,8 +27,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "gateway", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, CommitShareToStorageGrant: true, CommitShareToStorageRef: true, @@ -43,7 +44,6 @@ func DefaultConfig() *config.Config { GroupsEndpoint: "localhost:9160", PermissionsEndpoint: "localhost:9191", SharingEndpoint: "localhost:9150", - DataGatewayPublicURL: "", FrontendPublicURL: "https://localhost:9200", AuthBasicEndpoint: "localhost:9146", AuthBearerEndpoint: "localhost:9148", @@ -85,6 +85,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/gateway/pkg/config/parser/parse.go b/extensions/gateway/pkg/config/parser/parse.go new file mode 100644 index 0000000000..2ace3feafd --- /dev/null +++ b/extensions/gateway/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/gateway/pkg/config" + "github.com/owncloud/ocis/extensions/gateway/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/gateway/pkg/config/reva.go b/extensions/gateway/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/gateway/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index b346bc15bd..174bcabd62 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -18,7 +18,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` TokenManager *TokenManager `yaml:"token_manager,omitempty"` Spaces Spaces `yaml:"spaces,omitempty"` diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index 6c315a4775..8dff5da202 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -20,7 +20,7 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "graph", }, - Reva: config.Reva{ + Reva: &config.Reva{ Address: "127.0.0.1:9142", }, Spaces: config.Spaces{ @@ -91,7 +91,7 @@ func EnsureDefaults(cfg *config.Config) { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } - } else { + } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } } diff --git a/extensions/graph/pkg/service/v0/service.go b/extensions/graph/pkg/service/v0/service.go index 11fe37c2fe..599a558f3b 100644 --- a/extensions/graph/pkg/service/v0/service.go +++ b/extensions/graph/pkg/service/v0/service.go @@ -59,7 +59,7 @@ func NewService(opts ...Option) Service { switch options.Config.Identity.Backend { case "cs3": backend = &identity.CS3{ - Config: &options.Config.Reva, + Config: options.Config.Reva, Logger: &options.Logger, } case "ldap": diff --git a/extensions/group/pkg/command/command.go b/extensions/group/pkg/command/command.go index ab71caef11..92ef3b75af 100644 --- a/extensions/group/pkg/command/command.go +++ b/extensions/group/pkg/command/command.go @@ -11,6 +11,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/group/pkg/config" + "github.com/owncloud/ocis/extensions/group/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/ldap" @@ -26,6 +27,9 @@ func Groups(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "groups", Usage: "start groups service", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -111,8 +115,8 @@ func groupsConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]inter "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index 1b8e0d6323..c7216b4393 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` Driver string `yaml:"driver,omitempty"` diff --git a/extensions/group/pkg/config/defaults/defaultconfig.go b/extensions/group/pkg/config/defaults/defaultconfig.go index d7b0d988a8..3690a01a6a 100644 --- a/extensions/group/pkg/config/defaults/defaultconfig.go +++ b/extensions/group/pkg/config/defaults/defaultconfig.go @@ -31,9 +31,10 @@ func DefaultConfig() *config.Config { Name: "user", }, GroupMembersCacheExpiration: 5, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - Driver: "ldap", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + Driver: "ldap", Drivers: config.Drivers{ LDAP: config.LDAPDriver{ URI: "ldaps://localhost:9126", @@ -106,6 +107,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/group/pkg/config/parser/parse.go b/extensions/group/pkg/config/parser/parse.go new file mode 100644 index 0000000000..d75882a290 --- /dev/null +++ b/extensions/group/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/group/pkg/config" + "github.com/owncloud/ocis/extensions/group/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/group/pkg/config/reva.go b/extensions/group/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/group/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/ocdav/pkg/command/ocdav.go b/extensions/ocdav/pkg/command/ocdav.go index e73f5d1b1e..30896c2842 100644 --- a/extensions/ocdav/pkg/command/ocdav.go +++ b/extensions/ocdav/pkg/command/ocdav.go @@ -9,6 +9,7 @@ import ( "github.com/cs3org/reva/v2/pkg/micro/ocdav" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/ocdav/pkg/config" + "github.com/owncloud/ocis/extensions/ocdav/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/conversions" @@ -25,11 +26,15 @@ func OCDav(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "ocdav", Usage: "start ocdav service", - Before: func(c *cli.Context) error { - if err := loadUserAgent(c, cfg); err != nil { - return err - } - return nil + // TODO: check + //Before: func(c *cli.Context) error { + // if err := loadUserAgent(c, cfg); err != nil { + // return err + // } + // return nil + //}, + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) }, Action: func(c *cli.Context) error { logCfg := cfg.Logging @@ -59,8 +64,8 @@ func OCDav(cfg *config.Config) *cli.Command { ocdav.Insecure(cfg.Insecure), ocdav.PublicURL(cfg.PublicURL), ocdav.Prefix(cfg.HTTP.Prefix), - ocdav.GatewaySvc(cfg.GatewayEndpoint), - ocdav.JWTSecret(cfg.JWTSecret), + ocdav.GatewaySvc(cfg.Reva.Address), + ocdav.JWTSecret(cfg.TokenManager.JWTSecret), // ocdav.FavoriteManager() // FIXME needs a proper persistence implementation // ocdav.LockSystem(), // will default to the CS3 lock system // ocdav.TLSConfig() // tls config for the http server diff --git a/extensions/ocdav/pkg/config/config.go b/extensions/ocdav/pkg/config/config.go index efc048c861..de3748fcee 100644 --- a/extensions/ocdav/pkg/config/config.go +++ b/extensions/ocdav/pkg/config/config.go @@ -12,10 +12,10 @@ type Config struct { HTTP HTTPConfig `yaml:"http,omitempty"` - // JWTSecret used to verify reva access token - JWTSecret string `yaml:"jwt_secret"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` WebdavNamespace string `yaml:"webdav_namespace,omitempty"` FilesNamespace string `yaml:"files_namespace,omitempty"` diff --git a/extensions/ocdav/pkg/config/defaults/defaultconfig.go b/extensions/ocdav/pkg/config/defaults/defaultconfig.go index eaffe1c8c5..d68a150240 100644 --- a/extensions/ocdav/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocdav/pkg/config/defaults/defaultconfig.go @@ -28,8 +28,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "ocdav", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, WebdavNamespace: "/users/{{.Id.OpaqueId}}", FilesNamespace: "/users/{{.Id.OpaqueId}}", SharesNamespace: "/Shares", @@ -67,6 +68,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/ocdav/pkg/config/parser/parse.go b/extensions/ocdav/pkg/config/parser/parse.go new file mode 100644 index 0000000000..84d3821cf7 --- /dev/null +++ b/extensions/ocdav/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/ocdav/pkg/config" + "github.com/owncloud/ocis/extensions/ocdav/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/ocdav/pkg/config/reva.go b/extensions/ocdav/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/ocdav/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index 9e332ca7de..af57bc07cd 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -19,7 +19,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 74a1b493d4..1037246d4c 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -40,7 +40,7 @@ func DefaultConfig() *config.Config { }, AccountBackend: "accounts", - Reva: config.Reva{ + Reva: &config.Reva{ Address: "127.0.0.1:9142", }, StorageUsersDriver: "ocis", @@ -74,11 +74,19 @@ func EnsureDefaults(cfg *config.Config) { cfg.Tracing = &config.Tracing{} } + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } - } else { + } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } diff --git a/extensions/proxy/pkg/config/config.go b/extensions/proxy/pkg/config/config.go index 69b2d99a92..f9f1a53081 100644 --- a/extensions/proxy/pkg/config/config.go +++ b/extensions/proxy/pkg/config/config.go @@ -18,7 +18,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` Policies []Policy `yaml:"policies,omitempty"` OIDC OIDC `yaml:"oidc,omitempty"` diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 6144197c6b..c312178dd3 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -36,7 +36,7 @@ func DefaultConfig() *config.Config { }, }, PolicySelector: nil, - Reva: config.Reva{ + Reva: &config.Reva{ Address: "127.0.0.1:9142", }, PreSignedURL: config.PreSignedURL{ @@ -182,7 +182,7 @@ func EnsureDefaults(cfg *config.Config) { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } - } else { + } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } @@ -191,6 +191,22 @@ func EnsureDefaults(cfg *config.Config) { } else { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index f056a6a9d8..2b7124e204 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -89,7 +89,7 @@ func EnsureDefaults(cfg *config.Config) { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } - } else { + } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } diff --git a/extensions/sharing/pkg/command/command.go b/extensions/sharing/pkg/command/command.go index 807b24132b..a7376f4ebf 100644 --- a/extensions/sharing/pkg/command/command.go +++ b/extensions/sharing/pkg/command/command.go @@ -15,6 +15,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/sharing/pkg/config" + "github.com/owncloud/ocis/extensions/sharing/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/thejerf/suture/v4" @@ -26,6 +27,9 @@ func Sharing(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "sharing", Usage: "start sharing service", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -109,8 +113,8 @@ func sharingConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]inte "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ @@ -123,7 +127,7 @@ func sharingConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]inte "drivers": map[string]interface{}{ "json": map[string]interface{}{ "file": cfg.UserSharingDrivers.JSON.File, - "gateway_addr": cfg.GatewayEndpoint, + "gateway_addr": cfg.Reva.Address, }, "sql": map[string]interface{}{ // cernbox sql "db_username": cfg.UserSharingDrivers.SQL.DBUsername, @@ -156,7 +160,7 @@ func sharingConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]inte "drivers": map[string]interface{}{ "json": map[string]interface{}{ "file": cfg.PublicSharingDrivers.JSON.File, - "gateway_addr": cfg.GatewayEndpoint, + "gateway_addr": cfg.Reva.Address, }, "sql": map[string]interface{}{ "db_username": cfg.PublicSharingDrivers.SQL.DBUsername, diff --git a/extensions/sharing/pkg/config/config.go b/extensions/sharing/pkg/config/config.go index 13e07c705c..9df6e9bae3 100644 --- a/extensions/sharing/pkg/config/config.go +++ b/extensions/sharing/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` UserSharingDriver string `yaml:"user_sharing_driver,omitempty"` UserSharingDrivers UserSharingDrivers `yaml:"user_sharin_drivers,omitempty"` diff --git a/extensions/sharing/pkg/config/defaults/defaultconfig.go b/extensions/sharing/pkg/config/defaults/defaultconfig.go index b7a7f8d991..8d69e2ca1d 100644 --- a/extensions/sharing/pkg/config/defaults/defaultconfig.go +++ b/extensions/sharing/pkg/config/defaults/defaultconfig.go @@ -30,8 +30,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "sharing", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, UserSharingDriver: "json", UserSharingDrivers: config.UserSharingDrivers{ JSON: config.UserSharingJSONDriver{ @@ -104,6 +105,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go new file mode 100644 index 0000000000..516647c884 --- /dev/null +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/sharing/pkg/config" + "github.com/owncloud/ocis/extensions/sharing/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/sharing/pkg/config/reva.go b/extensions/sharing/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/sharing/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/storage-metadata/pkg/command/command.go b/extensions/storage-metadata/pkg/command/command.go index 06e5c22454..65346a94f1 100644 --- a/extensions/storage-metadata/pkg/command/command.go +++ b/extensions/storage-metadata/pkg/command/command.go @@ -6,6 +6,7 @@ import ( "os" "path" + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/parser" "github.com/owncloud/ocis/ocis-pkg/log" "github.com/owncloud/ocis/ocis-pkg/sync" "github.com/owncloud/ocis/ocis-pkg/tracing" @@ -30,6 +31,9 @@ func StorageMetadata(cfg *config.Config) *cli.Command { Name: "storage-metadata", Usage: "start storage-metadata service", Category: "extensions", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -124,8 +128,8 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index b9ea13eafd..c783f91308 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -17,15 +17,17 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` HTTP HTTPConfig `yaml:"http,omitempty"` - Context context.Context `yaml:"context,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - Driver string `yaml:"driver,omitempty" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` - Drivers Drivers `yaml:"drivers,omitempty"` - DataServerURL string `yaml:"data_server_url,omitempty"` - TempFolder string `yaml:"temp_folder,omitempty"` - DataProviderInsecure bool `yaml:"data_providcer_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` + Context context.Context `yaml:"context,omitempty"` + + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + Driver string `yaml:"driver,omitempty" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` + Drivers Drivers `yaml:"drivers,omitempty"` + DataServerURL string `yaml:"data_server_url,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + DataProviderInsecure bool `yaml:"data_providcer_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go index 298d31eb56..3922b6f569 100644 --- a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go @@ -35,11 +35,12 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "storage-metadata", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "metadata"), - DataServerURL: "http://localhost:9216/data", - Driver: "ocis", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "metadata"), + DataServerURL: "http://localhost:9216/data", + Driver: "ocis", Drivers: config.Drivers{ EOS: config.EOSDriver{ Root: "/eos/dockertest/reva", @@ -105,6 +106,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage-metadata/pkg/config/parser/parse.go b/extensions/storage-metadata/pkg/config/parser/parse.go new file mode 100644 index 0000000000..4faf4527fa --- /dev/null +++ b/extensions/storage-metadata/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/storage-metadata/pkg/config/reva.go b/extensions/storage-metadata/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/storage-metadata/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/storage-publiclink/pkg/command/storagepubliclink.go b/extensions/storage-publiclink/pkg/command/storagepubliclink.go index 5991885449..518003919e 100644 --- a/extensions/storage-publiclink/pkg/command/storagepubliclink.go +++ b/extensions/storage-publiclink/pkg/command/storagepubliclink.go @@ -10,6 +10,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config" + "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/log" @@ -25,6 +26,9 @@ func StoragePublicLink(cfg *config.Config) *cli.Command { Name: "storage-public-link", Usage: "start storage-public-link service", Category: "extensions", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -94,8 +98,8 @@ func storagePublicLinkConfigFromStruct(c *cli.Context, cfg *config.Config) map[s "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/storage-publiclink/pkg/config/config.go b/extensions/storage-publiclink/pkg/config/config.go index aa19b583f5..0fcc80c113 100644 --- a/extensions/storage-publiclink/pkg/config/config.go +++ b/extensions/storage-publiclink/pkg/config/config.go @@ -16,9 +16,11 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - Context context.Context `yaml:"context,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + Context context.Context `yaml:"context,omitempty"` + + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` AuthProvider AuthProvider `yaml:"auth_provider,omitempty"` StorageProvider StorageProvider `yaml:"storage_provider,omitempty"` diff --git a/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go b/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go index bd2a7cc05c..5a0fed3a55 100644 --- a/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go @@ -27,8 +27,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "storage-publiclink", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, AuthProvider: config.AuthProvider{ GatewayEndpoint: "127.0.0.1:9142", }, @@ -62,6 +63,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage-publiclink/pkg/config/parser/parse.go b/extensions/storage-publiclink/pkg/config/parser/parse.go new file mode 100644 index 0000000000..b54c81162e --- /dev/null +++ b/extensions/storage-publiclink/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config" + "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/storage-publiclink/pkg/config/reva.go b/extensions/storage-publiclink/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/storage-publiclink/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/storage-shares/pkg/command/command.go b/extensions/storage-shares/pkg/command/command.go index b6804326f3..c689e704f1 100644 --- a/extensions/storage-shares/pkg/command/command.go +++ b/extensions/storage-shares/pkg/command/command.go @@ -14,6 +14,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/storage-shares/pkg/config" + "github.com/owncloud/ocis/extensions/storage-shares/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/thejerf/suture/v4" @@ -25,6 +26,9 @@ func StorageShares(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "storage-shares", Usage: "start storage-shares service", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -96,8 +100,8 @@ func storageSharesConfigFromStruct(c *cli.Context, cfg *config.Config) map[strin "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/storage-shares/pkg/config/config.go b/extensions/storage-shares/pkg/config/config.go index 18c094c9f7..1ad7fca1d9 100644 --- a/extensions/storage-shares/pkg/config/config.go +++ b/extensions/storage-shares/pkg/config/config.go @@ -17,9 +17,10 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` HTTP HTTPConfig `yaml:"http,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + Context context.Context `yaml:"context,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` ReadOnly bool `yaml:"readonly,omitempty"` SharesProviderEndpoint string `yaml:"shares_provider_endpoint,omitempty"` diff --git a/extensions/storage-shares/pkg/config/defaults/defaultconfig.go b/extensions/storage-shares/pkg/config/defaults/defaultconfig.go index bf56e76cc6..ca46e2ea8e 100644 --- a/extensions/storage-shares/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-shares/pkg/config/defaults/defaultconfig.go @@ -31,8 +31,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "storage-metadata", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, ReadOnly: false, SharesProviderEndpoint: "localhost:9150", } @@ -61,6 +62,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage-shares/pkg/config/parser/parse.go b/extensions/storage-shares/pkg/config/parser/parse.go new file mode 100644 index 0000000000..f840317dc5 --- /dev/null +++ b/extensions/storage-shares/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/storage-shares/pkg/config" + "github.com/owncloud/ocis/extensions/storage-shares/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/storage-shares/pkg/config/reva.go b/extensions/storage-shares/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/storage-shares/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/storage-users/pkg/command/command.go b/extensions/storage-users/pkg/command/command.go index 564dd4e558..01b4fc4c98 100644 --- a/extensions/storage-users/pkg/command/command.go +++ b/extensions/storage-users/pkg/command/command.go @@ -10,6 +10,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/storage-users/pkg/config" + "github.com/owncloud/ocis/extensions/storage-users/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/log" @@ -24,6 +25,9 @@ func StorageUsers(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "storage-users", Usage: "start storage-users service", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -95,8 +99,8 @@ func storageUsersConfigFromStruct(c *cli.Context, cfg *config.Config) map[string "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/storage-users/pkg/config/config.go b/extensions/storage-users/pkg/config/config.go index bc8cc30e4c..fe749a5d0d 100644 --- a/extensions/storage-users/pkg/config/config.go +++ b/extensions/storage-users/pkg/config/config.go @@ -17,19 +17,21 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` HTTP HTTPConfig `yaml:"http,omitempty"` - Context context.Context `yaml:"context,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - Driver string `yaml:"driver,omitempty" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` - Drivers Drivers `yaml:"drivers,omitempty"` - DataServerURL string `yaml:"data_server_url,omitempty"` - TempFolder string `yaml:"temp_folder,omitempty"` - DataProviderInsecure bool `yaml:"data_provider_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` - Events Events `yaml:"events,omitempty"` - MountID string `yaml:"mount_id,omitempty"` - ExposeDataServer bool `yaml:"expose_data_server,omitempty"` - ReadOnly bool `yaml:"readonly,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + + Context context.Context `yaml:"context,omitempty"` + + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + Driver string `yaml:"driver,omitempty" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` + Drivers Drivers `yaml:"drivers,omitempty"` + DataServerURL string `yaml:"data_server_url,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + DataProviderInsecure bool `yaml:"data_provider_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` + Events Events `yaml:"events,omitempty"` + MountID string `yaml:"mount_id,omitempty"` + ExposeDataServer bool `yaml:"expose_data_server,omitempty"` + ReadOnly bool `yaml:"readonly,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-users/pkg/config/defaults/defaultconfig.go b/extensions/storage-users/pkg/config/defaults/defaultconfig.go index 8dc305fced..0c89cc7a2c 100644 --- a/extensions/storage-users/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-users/pkg/config/defaults/defaultconfig.go @@ -36,12 +36,13 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "storage-users", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "users"), - DataServerURL: "http://localhost:9158/data", - MountID: "1284d238-aa92-42ce-bdc4-0b0000009157", - Driver: "ocis", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "users"), + DataServerURL: "http://localhost:9158/data", + MountID: "1284d238-aa92-42ce-bdc4-0b0000009157", + Driver: "ocis", Drivers: config.Drivers{ EOS: config.EOSDriver{ Root: "/eos/dockertest/reva", @@ -124,6 +125,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage-users/pkg/config/parser/parse.go b/extensions/storage-users/pkg/config/parser/parse.go new file mode 100644 index 0000000000..d8d881260c --- /dev/null +++ b/extensions/storage-users/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/storage-users/pkg/config" + "github.com/owncloud/ocis/extensions/storage-users/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/storage-users/pkg/config/reva.go b/extensions/storage-users/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/storage-users/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index 10de4b2652..77784bae85 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -35,7 +35,7 @@ func DefaultConfig() *config.Config { Addr: "127.0.0.1:9109", }, Reva: config.Reva{ - JWTSecret: "Pive-Fumkiu4", + //JWTSecret: "Pive-Fumkiu4", SkipUserGroupsInToken: false, TransferExpires: 24 * 60 * 60, OIDC: config.OIDC{ @@ -449,7 +449,7 @@ func DefaultConfig() *config.Config { GatewaySVC: defaultGatewayAddr, Insecure: false, // true? Timeout: 84300, - JWTSecret: "Pive-Fumkiu4", + //JWTSecret: "Pive-Fumkiu4", }, Tracing: config.Tracing{ Service: "storage", diff --git a/extensions/storage/pkg/config/parser/parse.go b/extensions/storage/pkg/config/parser/parse.go new file mode 100644 index 0000000000..4faf4527fa --- /dev/null +++ b/extensions/storage/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/user/pkg/command/command.go b/extensions/user/pkg/command/command.go index 31035acda1..f12ea5801b 100644 --- a/extensions/user/pkg/command/command.go +++ b/extensions/user/pkg/command/command.go @@ -12,6 +12,7 @@ import ( "github.com/oklog/run" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" "github.com/owncloud/ocis/extensions/user/pkg/config" + "github.com/owncloud/ocis/extensions/user/pkg/config/parser" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/ldap" "github.com/owncloud/ocis/ocis-pkg/log" @@ -26,6 +27,9 @@ func User(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "users", Usage: "start users service", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -116,8 +120,8 @@ func usersConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interf "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index 4c000da6c5..7c270080a0 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` UsersCacheExpiration int `yaml:"users_cache_expiration,omitempty"` Driver string `yaml:"driver,omitempty"` diff --git a/extensions/user/pkg/config/defaults/defaultconfig.go b/extensions/user/pkg/config/defaults/defaultconfig.go index 09f4abe003..35b46e9065 100644 --- a/extensions/user/pkg/config/defaults/defaultconfig.go +++ b/extensions/user/pkg/config/defaults/defaultconfig.go @@ -31,9 +31,10 @@ func DefaultConfig() *config.Config { Name: "user", }, UsersCacheExpiration: 5, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - Driver: "ldap", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + Driver: "ldap", Drivers: config.Drivers{ LDAP: config.LDAPDriver{ URI: "ldaps://localhost:9126", @@ -106,6 +107,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/user/pkg/config/parser/parse.go b/extensions/user/pkg/config/parser/parse.go new file mode 100644 index 0000000000..06145d3ad8 --- /dev/null +++ b/extensions/user/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/user/pkg/config" + "github.com/owncloud/ocis/extensions/user/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/user/pkg/config/reva.go b/extensions/user/pkg/config/reva.go new file mode 100644 index 0000000000..b8d2779170 --- /dev/null +++ b/extensions/user/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/ocis-pkg/config/defaultconfig.go b/ocis-pkg/config/defaultconfig.go index e428bad566..bd48781dda 100644 --- a/ocis-pkg/config/defaultconfig.go +++ b/ocis-pkg/config/defaultconfig.go @@ -31,47 +31,43 @@ import ( user "github.com/owncloud/ocis/extensions/user/pkg/config/defaults" web "github.com/owncloud/ocis/extensions/web/pkg/config/defaults" webdav "github.com/owncloud/ocis/extensions/webdav/pkg/config/defaults" - "github.com/owncloud/ocis/ocis-pkg/shared" ) func DefaultConfig() *Config { return &Config{ - TokenManager: &shared.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, Runtime: Runtime{ Port: "9250", Host: "localhost", }, - Audit: audit.DefaultConfig(), Accounts: accounts.DefaultConfig(), + AppProvider: appprovider.DefaultConfig(), + Audit: audit.DefaultConfig(), + AuthBasic: authbasic.DefaultConfig(), + AuthBearer: authbearer.DefaultConfig(), + AuthMachine: authmachine.DefaultConfig(), + Frontend: frontend.DefaultConfig(), + Gateway: gateway.DefaultConfig(), GLAuth: glauth.DefaultConfig(), Graph: graph.DefaultConfig(), - IDP: idp.DefaultConfig(), + GraphExplorer: graphExplorer.DefaultConfig(), + Group: group.DefaultConfig(), IDM: idm.DefaultConfig(), + IDP: idp.DefaultConfig(), Nats: nats.DefaultConfig(), Notifications: notifications.DefaultConfig(), - Proxy: proxy.DefaultConfig(), - GraphExplorer: graphExplorer.DefaultConfig(), + OCDav: ocdav.DefaultConfig(), OCS: ocs.DefaultConfig(), + Proxy: proxy.DefaultConfig(), Settings: settings.DefaultConfig(), - Web: web.DefaultConfig(), + Sharing: sharing.DefaultConfig(), + StorageMetadata: storagemetadata.DefaultConfig(), + StoragePublicLink: storagepublic.DefaultConfig(), + StorageShares: storageshares.DefaultConfig(), + StorageUsers: storageusers.DefaultConfig(), Store: store.DefaultConfig(), Thumbnails: thumbnails.DefaultConfig(), + User: user.DefaultConfig(), + Web: web.DefaultConfig(), WebDAV: webdav.DefaultConfig(), - Gateway: gateway.FullDefaultConfig(), - AuthBasic: authbasic.FullDefaultConfig(), - AuthBearer: authbearer.FullDefaultConfig(), - AuthMachine: authmachine.FullDefaultConfig(), - User: user.FullDefaultConfig(), - Group: group.FullDefaultConfig(), - Sharing: sharing.FullDefaultConfig(), - StorageMetadata: storagemetadata.FullDefaultConfig(), - StoragePublicLink: storagepublic.FullDefaultConfig(), - StorageUsers: storageusers.FullDefaultConfig(), - StorageShares: storageshares.FullDefaultConfig(), - AppProvider: appprovider.FullDefaultConfig(), - Frontend: frontend.FullDefaultConfig(), - OCDav: ocdav.FullDefaultConfig(), } } diff --git a/ocis-pkg/generators/generators_test.go b/ocis-pkg/generators/generators_test.go index 8c1984dee0..676b9bcaa8 100644 --- a/ocis-pkg/generators/generators_test.go +++ b/ocis-pkg/generators/generators_test.go @@ -7,7 +7,7 @@ import ( _ "github.com/owncloud/ocis/ocis-pkg/generators" ) -var _ = Describe("Generators", func() { - It("Returns an error ", func() {}) - PIt("Returns expected passwords", func() {}) -}) +//var _ = Describe("Generators", func() { +// It("Returns an error ", func() {}) +// PIt("Returns expected passwords", func() {}) +//}) diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index fa3f98094b..f4cf19fc0b 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -29,6 +29,11 @@ type TokenManager struct { JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET" desc:"The secret to mint jwt tokens."` } +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + // Commons holds configuration that are common to all extensions. Each extension can then decide whether // to overwrite its values. type Commons struct { @@ -36,6 +41,7 @@ type Commons struct { Tracing *Tracing `yaml:"tracing"` OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` TransferSecret string `yaml:"transfer_secret,omitempty" env:"REVA_TRANSFER_SECRET"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index e70129ca97..b9f8c83b0d 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -10,39 +10,22 @@ import ( "strings" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/defaults" "github.com/owncloud/ocis/ocis-pkg/generators" "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" - appprovider "github.com/owncloud/ocis/extensions/appprovider/pkg/config" - authbasic "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" - authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" - authmachine "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" - gateway "github.com/owncloud/ocis/extensions/gateway/pkg/config" - group "github.com/owncloud/ocis/extensions/group/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" - ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" - sharing "github.com/owncloud/ocis/extensions/sharing/pkg/config" - storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" - storagepublic "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config" - storageshares "github.com/owncloud/ocis/extensions/storage-shares/pkg/config" - storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config" - user "github.com/owncloud/ocis/extensions/user/pkg/config" ) -const configFilename string = "ocis.yaml" +const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file const passwordLength int = 32 // InitCommand is the entrypoint for the init command func InitCommand(cfg *config.Config) *cli.Command { - // TODO: remove homedir get - homeDir, err := os.UserHomeDir() - if err != nil { - log.Fatalf("could not get homedir") - } return &cli.Command{ Name: "init", Usage: "initialise an ocis config", @@ -59,11 +42,9 @@ func InitCommand(cfg *config.Config) *cli.Command { Value: false, }, &cli.StringFlag{ - Name: "config-path", - //Value: cfg.ConfigPath, // TODO: as soon as PR 3480 is merged, remove quotes - Value: path.Join(homeDir, ".ocis/config"), // TODO: this is temporary for experimenting, line above is relevant + Name: "config-path", + Value: defaults.BaseConfigPath(), Usage: "config path for the ocis runtime", - // Destination: &cfg.ConfigFile, // TODO: same as above }, }, Action: func(c *cli.Context) error { @@ -93,7 +74,7 @@ func init() { func checkConfigPath(configPath string) error { targetPath := path.Join(configPath, configFilename) if _, err := os.Stat(targetPath); err == nil { - return fmt.Errorf("Config in %s already exists", targetPath) + return fmt.Errorf("config in %s already exists", targetPath) } return nil } @@ -122,19 +103,19 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //OCS: &ocs.Config{}, //Settings: &settings.Config{}, // TODO: fix storage - AuthBasic: &authbasic.Config{}, - AuthBearer: &authbearer.Config{}, - AppProvider: &appprovider.Config{}, - AuthMachine: &authmachine.Config{}, - Gateway: &gateway.Config{}, - Group: &group.Config{}, - Sharing: &sharing.Config{}, - StorageMetadata: &storagemetadata.Config{}, - StorageUsers: &storageusers.Config{}, - StorageShares: &storageshares.Config{}, - StoragePublicLink: &storagepublic.Config{}, - User: &user.Config{}, - OCDav: &ocdav.Config{}, + //AuthBasic: &authbasic.Config{}, + //AuthBearer: &authbearer.Config{}, + //AppProvider: &appprovider.Config{}, + //AuthMachine: &authmachine.Config{}, + //Gateway: &gateway.Config{}, + //Group: &group.Config{}, + //Sharing: &sharing.Config{}, + //StorageMetadata: &storagemetadata.Config{}, + //StorageUsers: &storageusers.Config{}, + //StorageShares: &storageshares.Config{}, + //StoragePublicLink: &storagepublic.Config{}, + //User: &user.Config{}, + //OCDav: &ocdav.Config{}, //Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, @@ -147,31 +128,31 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for idm: %s", err) + return fmt.Errorf("could not generate random password for idm: %s", err) } idpServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for idp: %s", err) + return fmt.Errorf("could not generate random password for idp: %s", err) } ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for ocis admin: %s", err) + return fmt.Errorf("could not generate random password for ocis admin: %s", err) } revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for reva: %s", err) + return fmt.Errorf("could not generate random password for reva: %s", err) } tokenManagerJwtSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) + return fmt.Errorf("could not generate random password for tokenmanager: %s", err) } machineAuthApiKey, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) + return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } revaTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) + return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } // TODO: IDP config is missing (LDAP + GROUP provider) @@ -199,26 +180,27 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret //TODO: move all jwt secrets to shared.common - cfg.AppProvider.JWTSecret = tokenManagerJwtSecret - cfg.AuthBasic.JWTSecret = tokenManagerJwtSecret - cfg.AuthBearer.JWTSecret = tokenManagerJwtSecret - cfg.AuthMachine.JWTSecret = tokenManagerJwtSecret - cfg.Gateway.JWTSecret = tokenManagerJwtSecret + //cfg.AppProvider.JWTSecret = tokenManagerJwtSecret + //cfg.AuthBasic.JWTSecret = tokenManagerJwtSecret + //cfg.AuthBearer.JWTSecret = tokenManagerJwtSecret + //cfg.AuthMachine.JWTSecret = tokenManagerJwtSecret + //cfg.Gateway.JWTSecret = tokenManagerJwtSecret + //cfg.Group.JWTSecret = tokenManagerJwtSecret + //cfg.Sharing.JWTSecret = tokenManagerJwtSecret + //cfg.StorageMetadata.JWTSecret = tokenManagerJwtSecret + //cfg.StoragePublicLink.JWTSecret = tokenManagerJwtSecret + //cfg.StorageShares.JWTSecret = tokenManagerJwtSecret + //cfg.StorageUsers.JWTSecret = tokenManagerJwtSecret + //cfg.User.JWTSecret = tokenManagerJwtSecret + //cfg.OCDav.JWTSecret = tokenManagerJwtSecret + //TODO: following line is defunc, figure out why //cfg.Gateway.MachineAuthAPIKey = machineAuthApiKey - cfg.Group.JWTSecret = tokenManagerJwtSecret - cfg.Sharing.JWTSecret = tokenManagerJwtSecret - cfg.StorageMetadata.JWTSecret = tokenManagerJwtSecret - cfg.StoragePublicLink.JWTSecret = tokenManagerJwtSecret - cfg.StorageShares.JWTSecret = tokenManagerJwtSecret - cfg.StorageUsers.JWTSecret = tokenManagerJwtSecret - cfg.User.JWTSecret = tokenManagerJwtSecret - cfg.OCDav.JWTSecret = tokenManagerJwtSecret //cfg.Thumbnails.Thumbnail.TransferSecret = revaTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { - return fmt.Errorf("Could not marshall config into yaml: %s", err) + return fmt.Errorf("could not marshall config into yaml: %s", err) } targetPath := path.Join(configPath, configFilename) err = ioutil.WriteFile(targetPath, yamlOutput, 0600) From b3f55765d817acadfb9fcc035ed124829c3fcb6b Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 14:13:17 +0200 Subject: [PATCH 13/99] use common transfer secrets --- .../pkg/config/defaults/defaultconfig.go | 9 ++++++- .../pkg/config/defaults/defaultconfig.go | 9 ++++++- .../thumbnails/pkg/service/grpc/v0/service.go | 24 +++++++++---------- ocis/pkg/command/init.go | 4 ++-- 4 files changed, 30 insertions(+), 16 deletions(-) diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 54247a580e..65765fa8de 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,8 @@ package defaults import ( + "log" + "github.com/owncloud/ocis/extensions/frontend/pkg/config" ) @@ -37,7 +39,6 @@ func DefaultConfig() *config.Config { UploadMaxChunkSize: 1e+8, UploadHTTPMethodOverride: "", DefaultUploadProtocol: "tus", - TransferSecret: "replace-me-with-a-transfer-secret", Checksums: config.Checksums{ SupportedTypes: []string{"sha1", "md5", "adler32"}, PreferredUploadType: "", @@ -113,6 +114,12 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } + + if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { + cfg.TransferSecret = cfg.Commons.TransferSecret + } else { + log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/gateway/pkg/config/defaults/defaultconfig.go b/extensions/gateway/pkg/config/defaults/defaultconfig.go index 1c0013b249..9554c83598 100644 --- a/extensions/gateway/pkg/config/defaults/defaultconfig.go +++ b/extensions/gateway/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,8 @@ package defaults import ( + "log" + "github.com/owncloud/ocis/extensions/gateway/pkg/config" ) @@ -35,7 +37,6 @@ func DefaultConfig() *config.Config { CommitShareToStorageRef: true, ShareFolder: "Shares", DisableHomeCreationOnLogin: true, - TransferSecret: "replace-me-with-a-transfer-secret", TransferExpires: 24 * 60 * 60, HomeMapping: "", EtagCacheTTL: 0, @@ -101,6 +102,12 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } + + if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { + cfg.TransferSecret = cfg.Commons.TransferSecret + } else { + log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/thumbnails/pkg/service/grpc/v0/service.go b/extensions/thumbnails/pkg/service/grpc/v0/service.go index 89eb703d7d..22a3465c93 100644 --- a/extensions/thumbnails/pkg/service/grpc/v0/service.go +++ b/extensions/thumbnails/pkg/service/grpc/v0/service.go @@ -48,8 +48,8 @@ func NewService(opts ...Option) decorators.DecoratedService { preprocessorOpts: PreprocessorOpts{ TxtFontFileMap: options.Config.Thumbnail.FontMapFile, }, - dataEndpoint: options.Config.Thumbnail.DataEndpoint, - transferTokenSecret: options.Config.Thumbnail.TransferSecret, + dataEndpoint: options.Config.Thumbnail.DataEndpoint, + transferSecret: options.Config.Thumbnail.TransferSecret, } return svc @@ -57,15 +57,15 @@ func NewService(opts ...Option) decorators.DecoratedService { // Thumbnail implements the GRPC handler. type Thumbnail struct { - serviceID string - dataEndpoint string - transferTokenSecret string - manager thumbnail.Manager - webdavSource imgsource.Source - cs3Source imgsource.Source - logger log.Logger - cs3Client gateway.GatewayAPIClient - preprocessorOpts PreprocessorOpts + serviceID string + dataEndpoint string + transferSecret string + manager thumbnail.Manager + webdavSource imgsource.Source + cs3Source imgsource.Source + logger log.Logger + cs3Client gateway.GatewayAPIClient + preprocessorOpts PreprocessorOpts } type PreprocessorOpts struct { @@ -113,7 +113,7 @@ func (g Thumbnail) GetThumbnail(ctx context.Context, req *thumbnailssvc.GetThumb } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) - transferToken, err := token.SignedString([]byte(g.transferTokenSecret)) + transferToken, err := token.SignedString([]byte(g.transferSecret)) if err != nil { g.logger.Error(). Err(err). diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index b9f8c83b0d..127faba5bc 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -150,7 +150,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } - revaTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) + revaTransferSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } @@ -161,7 +161,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { // TODO: add missing insecure occurences cfg.MachineAuthAPIKey = machineAuthApiKey - cfg.TransferSecret = revaTransferTokenSecret + cfg.TransferSecret = revaTransferSecret cfg.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret From f74d1e27c1e0755510b8e4509e07ba0a1a63e988 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 14:40:53 +0200 Subject: [PATCH 14/99] use machine auth secret from common config --- .../frontend/pkg/config/defaults/defaultconfig.go | 2 +- .../gateway/pkg/config/defaults/defaultconfig.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 2 +- .../ocs/pkg/config/defaults/defaultconfig.go | 2 +- .../proxy/pkg/config/defaults/defaultconfig.go | 2 +- .../settings/pkg/config/defaults/defaultconfig.go | 2 +- .../sharing/pkg/config/defaults/defaultconfig.go | 15 ++++++++++++++- .../pkg/config/defaults/defaultconfig.go | 2 +- 8 files changed, 21 insertions(+), 8 deletions(-) diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 65765fa8de..70bd36d54d 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -117,7 +117,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.TransferSecret = cfg.Commons.TransferSecret - } else { + } else if cfg.TransferSecret == "" { log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/gateway/pkg/config/defaults/defaultconfig.go b/extensions/gateway/pkg/config/defaults/defaultconfig.go index 9554c83598..d22b3c95ed 100644 --- a/extensions/gateway/pkg/config/defaults/defaultconfig.go +++ b/extensions/gateway/pkg/config/defaults/defaultconfig.go @@ -105,7 +105,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.TransferSecret = cfg.Commons.TransferSecret - } else { + } else if cfg.TransferSecret == "" { log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/notifications/pkg/config/defaults/defaultconfig.go b/extensions/notifications/pkg/config/defaults/defaultconfig.go index 835612a921..d9622050f9 100644 --- a/extensions/notifications/pkg/config/defaults/defaultconfig.go +++ b/extensions/notifications/pkg/config/defaults/defaultconfig.go @@ -55,7 +55,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Notifications.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.Notifications.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else { + } else if cfg.Notifications.MachineAuthAPIKey == "" { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 1037246d4c..7b5359b5df 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -92,7 +92,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else { + } else if cfg.MachineAuthAPIKey == "" { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index c312178dd3..1cd4294dff 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -188,7 +188,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else { + } else if cfg.MachineAuthAPIKey == "" { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index 2b7124e204..fd04461a2f 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -95,7 +95,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else { + } else if cfg.MachineAuthAPIKey == "" { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/sharing/pkg/config/defaults/defaultconfig.go b/extensions/sharing/pkg/config/defaults/defaultconfig.go index 8d69e2ca1d..71c66ab8dc 100644 --- a/extensions/sharing/pkg/config/defaults/defaultconfig.go +++ b/extensions/sharing/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "path/filepath" "github.com/owncloud/ocis/extensions/sharing/pkg/config" @@ -114,13 +115,25 @@ func EnsureDefaults(cfg *config.Config) { cfg.Reva = &config.Reva{} } - if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } + + if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.UserSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { + log.Fatalf("machine auth api key for the cs3 user sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + } + + if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { + log.Fatalf("machine auth api key for the cs3 public sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go index 75a71ae43c..dd8b57d211 100644 --- a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go +++ b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go @@ -76,7 +76,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Thumbnail.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.Thumbnail.TransferSecret = cfg.Commons.TransferSecret - } else { + } else if cfg.TransferSecret == "" { log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } From a261fc8c883d537806c1c6bed83f0cdc945ee491 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 15:01:31 +0200 Subject: [PATCH 15/99] cleanup --- extensions/gateway/pkg/config/config.go | 11 ++--- ocis/pkg/command/init.go | 59 +------------------------ 2 files changed, 7 insertions(+), 63 deletions(-) diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index 720083a64b..dfc34077fb 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -4,11 +4,12 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` - Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + + Service Service `yaml:"-"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` GRPC GRPCConfig `yaml:"grpc,omitempty"` diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 127faba5bc..f3d9545acd 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -90,35 +90,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { } cfg := config.Config{ TokenManager: &shared.TokenManager{}, - //Accounts: &accounts.Config{}, - //Audit: &audit.Config{}, - //GLAuth: &glauth.Config{}, - //GraphExplorer: &graphExplorer.Config{}, - //Graph: &graph.Config{}, IDM: &idm.Config{}, - //IDP: &idp.Config{}, - //Nats: &nats.Config{}, - //Notifications: ¬ifications.Config{}, - //Proxy: &proxy.Config{}, - //OCS: &ocs.Config{}, - //Settings: &settings.Config{}, - // TODO: fix storage - //AuthBasic: &authbasic.Config{}, - //AuthBearer: &authbearer.Config{}, - //AppProvider: &appprovider.Config{}, - //AuthMachine: &authmachine.Config{}, - //Gateway: &gateway.Config{}, - //Group: &group.Config{}, - //Sharing: &sharing.Config{}, - //StorageMetadata: &storagemetadata.Config{}, - //StorageUsers: &storageusers.Config{}, - //StorageShares: &storageshares.Config{}, - //StoragePublicLink: &storagepublic.Config{}, - //User: &user.Config{}, - //OCDav: &ocdav.Config{}, - //Thumbnails: &thumbnails.Config{}, - //Web: &web.Config{}, - //WebDAV: &webdav.Config{}, } if insecure { @@ -163,41 +135,12 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.MachineAuthAPIKey = machineAuthApiKey cfg.TransferSecret = revaTransferSecret cfg.TokenManager.JWTSecret = tokenManagerJwtSecret - //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret - //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret - //cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret - //fmt.Printf("%v\n", cfg.Graph.TokenManager) + cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword - //cfg.Notifications.Notifications.MachineAuthAPIKey = machineAuthSecret - //cfg.OCS.MachineAuthAPIKey = machineAuthSecret - //cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret - //fmt.Printf("%v\n", cfg.Proxy.TokenManager) - //cfg.Proxy.MachineAuthAPIKey = machineAuthSecret - //cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret - //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret - //TODO: move all jwt secrets to shared.common - //cfg.AppProvider.JWTSecret = tokenManagerJwtSecret - //cfg.AuthBasic.JWTSecret = tokenManagerJwtSecret - //cfg.AuthBearer.JWTSecret = tokenManagerJwtSecret - //cfg.AuthMachine.JWTSecret = tokenManagerJwtSecret - //cfg.Gateway.JWTSecret = tokenManagerJwtSecret - //cfg.Group.JWTSecret = tokenManagerJwtSecret - //cfg.Sharing.JWTSecret = tokenManagerJwtSecret - //cfg.StorageMetadata.JWTSecret = tokenManagerJwtSecret - //cfg.StoragePublicLink.JWTSecret = tokenManagerJwtSecret - //cfg.StorageShares.JWTSecret = tokenManagerJwtSecret - //cfg.StorageUsers.JWTSecret = tokenManagerJwtSecret - //cfg.User.JWTSecret = tokenManagerJwtSecret - //cfg.OCDav.JWTSecret = tokenManagerJwtSecret - - //TODO: following line is defunc, figure out why - //cfg.Gateway.MachineAuthAPIKey = machineAuthApiKey - - //cfg.Thumbnails.Thumbnail.TransferSecret = revaTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { return fmt.Errorf("could not marshall config into yaml: %s", err) From 5b572b38529de047191d27c8389d0f605401d693 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 15:46:17 +0200 Subject: [PATCH 16/99] initialize insecure options --- extensions/auth-bearer/pkg/config/config.go | 24 +++--- extensions/frontend/pkg/config/config.go | 96 ++++++++++----------- extensions/graph/pkg/config/config.go | 10 +-- ocis/pkg/command/init.go | 49 ++++++++++- 4 files changed, 111 insertions(+), 68 deletions(-) diff --git a/extensions/auth-bearer/pkg/config/config.go b/extensions/auth-bearer/pkg/config/config.go index 97fcd5ee6c..644ae43fed 100644 --- a/extensions/auth-bearer/pkg/config/config.go +++ b/extensions/auth-bearer/pkg/config/config.go @@ -38,25 +38,25 @@ type Service struct { } type Debug struct { - Addr string `yaml:"addr" env:"AUTH_BEARER_DEBUG_ADDR"` - Token string `yaml:"token" env:"AUTH_BEARER_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof" env:"AUTH_BEARER_DEBUG_PPROF"` - Zpages bool `yaml:"zpages" env:"AUTH_BEARER_DEBUG_ZPAGES"` + Addr string `yaml:"addr,omitempty" env:"AUTH_BEARER_DEBUG_ADDR"` + Token string `yaml:"token,omitempty" env:"AUTH_BEARER_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof,omitempty" env:"AUTH_BEARER_DEBUG_PPROF"` + Zpages bool `yaml:"zpages,omitempty" env:"AUTH_BEARER_DEBUG_ZPAGES"` } type GRPCConfig struct { - Addr string `yaml:"addr" env:"AUTH_BEARER_GRPC_ADDR" desc:"The address of the grpc service."` - Protocol string `yaml:"protocol" env:"AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` + Addr string `yaml:"addr,omitempty" env:"AUTH_BEARER_GRPC_ADDR" desc:"The address of the grpc service."` + Protocol string `yaml:"protocol,omitempty" env:"AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` } type AuthProviders struct { - OIDC OIDCProvider `yaml:"oidc"` + OIDC OIDCProvider `yaml:"oidc,omitempty"` } type OIDCProvider struct { - Issuer string `yaml:"issuer" env:"OCIS_URL;AUTH_BEARER_OIDC_ISSUER"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE"` - IDClaim string `yaml:"id_claim"` - UIDClaim string `yaml:"uid_claim"` - GIDClaim string `yaml:"gid_claim"` + Issuer string `yaml:"issuer,omitempty" env:"OCIS_URL;AUTH_BEARER_OIDC_ISSUER"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE"` + IDClaim string `yaml:"id_claim,omitempty"` + UIDClaim string `yaml:"uid_claim,omitempty"` + GIDClaim string `yaml:"gid_claim,omitempty"` } diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index 5a4ba7354f..8e183281fc 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -5,51 +5,51 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"-"` - HTTP HTTPConfig `yaml:"http"` + HTTP HTTPConfig `yaml:"http,omitempty"` // JWTSecret used to verify reva access token - TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` + TransferSecret string `yaml:"transfer_secret,omitempty" env:"STORAGE_TRANSFER_SECRET"` TokenManager *TokenManager `yaml:"token_manager,omitempty"` Reva *Reva `yaml:"reva,omitempty"` - SkipUserGroupsInToken bool + SkipUserGroupsInToken bool `yaml:"skip_users_groups_in_token,omitempty"` - EnableFavorites bool `yaml:"favorites"` - EnableProjectSpaces bool - UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` - UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` - DefaultUploadProtocol string `yaml:"default_upload_protocol"` + EnableFavorites bool `yaml:"favorites,omitempty"` + EnableProjectSpaces bool `yaml:"enable_project_spaces,omitempty"` + UploadMaxChunkSize int `yaml:"upload_max_chunk_size,omitempty"` + UploadHTTPMethodOverride string `yaml:"upload_http_method_override,omitempty"` + DefaultUploadProtocol string `yaml:"default_upload_protocol,omitempty"` - PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` + PublicURL string `yaml:"public_url,omitempty" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` - Archiver Archiver - AppProvider AppProvider - DataGateway DataGateway - OCS OCS - AuthMachine AuthMachine - Checksums Checksums + Archiver Archiver `yaml:"archiver,omitempty"` + AppProvider AppProvider `yaml:"app_provider,omitempty"` + DataGateway DataGateway `yaml:"data_gateway,omitempty"` + OCS OCS `yaml:"ocs,omitempty"` + AuthMachine AuthMachine `yaml:"auth_machine,omitempty"` + Checksums Checksums `yaml:"checksums,omitempty"` - Middleware Middleware + Middleware Middleware `yaml:"middleware,omitempty"` } type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing."` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR"` + Enabled bool `yaml:"enabled,omitempty" env:"OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing."` + Type string `yaml:"type,omitempty" env:"OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE"` + Endpoint string `yaml:"endpoint,omitempty" env:"OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` + Collector string `yaml:"collector,omitempty" env:"OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR"` } type Logging struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level."` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output."` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output."` - File string `yaml:"file" env:"OCIS_LOG_FILE;FRONTEND_LOG_FILE" desc:"The target log file."` + Level string `yaml:"level,omitempty" env:"OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level."` + Pretty bool `yaml:"pretty,omitempty" env:"OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output."` + Color bool `yaml:"color,omitempty" env:"OCIS_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output."` + File string `yaml:"file,omitempty" env:"OCIS_LOG_FILE;FRONTEND_LOG_FILE" desc:"The target log file."` } type Service struct { @@ -57,44 +57,44 @@ type Service struct { } type Debug struct { - Addr string `yaml:"addr" env:"FRONTEND_DEBUG_ADDR"` - Token string `yaml:"token" env:"FRONTEND_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof" env:"FRONTEND_DEBUG_PPROF"` - Zpages bool `yaml:"zpages" env:"FRONTEND_DEBUG_ZPAGES"` + Addr string `yaml:"addr,omitempty" env:"FRONTEND_DEBUG_ADDR"` + Token string `yaml:"token,omitempty" env:"FRONTEND_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof,omitempty" env:"FRONTEND_DEBUG_PPROF"` + Zpages bool `yaml:"zpages,omitempty" env:"FRONTEND_DEBUG_ZPAGES"` } type HTTPConfig struct { - Addr string `yaml:"addr" env:"FRONTEND_HTTP_ADDR" desc:"The address of the http service."` - Protocol string `yaml:"protocol" env:"FRONTEND_HTTP_PROTOCOL" desc:"The transport protocol of the http service."` - Prefix string `yaml:"prefix"` + Addr string `yaml:"addr,omitempty" env:"FRONTEND_HTTP_ADDR" desc:"The address of the http service."` + Protocol string `yaml:"protocol,omitempty" env:"FRONTEND_HTTP_PROTOCOL" desc:"The transport protocol of the http service."` + Prefix string `yaml:"prefix,omitempty"` } // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth"` + Auth Auth `yaml:"auth,omitempty"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agent,omitempty"` } type Archiver struct { - MaxNumFiles int64 `yaml:"max_num_files"` - MaxSize int64 `yaml:"max_size"` - Prefix string - Insecure bool `env:"OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE"` + MaxNumFiles int64 `yaml:"max_num_files,omitempty"` + MaxSize int64 `yaml:"max_size,omitempty"` + Prefix string `yaml:"-"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE"` } type AppProvider struct { - ExternalAddr string `yaml:"external_addr"` - Driver string `yaml:"driver"` + ExternalAddr string `yaml:"external_addr,omitempty"` + Driver string `yaml:"driver,omitempty"` // WopiDriver WopiDriver `yaml:"wopi_driver"` - AppsURL string `yaml:"apps_url"` - OpenURL string `yaml:"open_url"` - NewURL string `yaml:"new_url"` - Prefix string - Insecure bool `env:"OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE"` + AppsURL string `yaml:"-"` + OpenURL string `yaml:"-"` + NewURL string `yaml:"-"` + Prefix string `yaml:"-"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE"` } type DataGateway struct { diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 174bcabd62..31133ad5c3 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -29,11 +29,11 @@ type Config struct { } type Spaces struct { - WebDavBase string `yaml:"webdav_base" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE"` - WebDavPath string `yaml:"webdav_path" env:"GRAPH_SPACES_WEBDAV_PATH"` - DefaultQuota string `yaml:"default_quota" env:"GRAPH_SPACES_DEFAULT_QUOTA"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;GRAPH_SPACES_INSECURE"` - ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL"` + WebDavBase string `yaml:"webdav_base,omitempty" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE"` + WebDavPath string `yaml:"webdav_path,omitempty" env:"GRAPH_SPACES_WEBDAV_PATH"` + DefaultQuota string `yaml:"default_quota,omitempty" env:"GRAPH_SPACES_DEFAULT_QUOTA"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;GRAPH_SPACES_INSECURE"` + ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl,omitempty" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL"` } type LDAP struct { diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index f3d9545acd..ba63aac071 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -17,8 +17,15 @@ import ( cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" + authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" + frontend "github.com/owncloud/ocis/extensions/frontend/pkg/config" + graph "github.com/owncloud/ocis/extensions/graph/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" + ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" + storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" + storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config" + thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file @@ -90,12 +97,48 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { } cfg := config.Config{ TokenManager: &shared.TokenManager{}, - IDM: &idm.Config{}, + IDM: &idm.Config{}, } if insecure { - cfg.Proxy = &proxy.Config{} - cfg.Proxy.InsecureBackends = insecure + cfg.Proxy = &proxy.Config{ + InsecureBackends: true, + } + cfg.AuthBearer = &authbearer.Config{ + AuthProviders: authbearer.AuthProviders{ + OIDC: authbearer.OIDCProvider{ + Insecure: true, + }, + }, + } + cfg.Frontend = &frontend.Config{ + AppProvider: frontend.AppProvider{ + Insecure: true, + }, + Archiver: frontend.Archiver{ + Insecure: true, + }, + } + cfg.Graph = &graph.Config{ + Spaces: graph.Spaces{ + Insecure: true, + }, + } + cfg.OCDav = &ocdav.Config{ + Insecure: true, + } + cfg.StorageMetadata = &storagemetadata.Config{ + DataProviderInsecure: true, + } + cfg.StorageUsers = &storageusers.Config{ + DataProviderInsecure: true, + } + cfg.Thumbnails = &thumbnails.Config{ + Thumbnail: thumbnails.Thumbnail{ + WebdavAllowInsecure: true, + CS3AllowInsecure: true, + }, + } } idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) From 4043f181b12946e9a51eeda92ed111304c60df14 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 17:00:31 +0200 Subject: [PATCH 17/99] set generate ldap secrets --- extensions/auth-basic/pkg/config/config.go | 42 ++++++++-------- .../pkg/config/defaults/defaultconfig.go | 2 - .../pkg/config/defaults/defaultconfig.go | 13 +++-- .../pkg/config/defaults/defaultconfig.go | 3 -- extensions/graph/pkg/config/config.go | 48 +++++++++---------- extensions/group/pkg/config/config.go | 44 ++++++++--------- .../pkg/config/defaults/defaultconfig.go | 1 - .../idm/pkg/config/defaults/defaultconfig.go | 6 --- extensions/idp/pkg/config/config.go | 28 +++++------ .../pkg/config/defaults/defaultconfig.go | 2 - extensions/user/pkg/config/config.go | 44 ++++++++--------- .../user/pkg/config/defaults/defaultconfig.go | 1 - ocis/pkg/command/init.go | 38 +++++++++++++-- 13 files changed, 145 insertions(+), 127 deletions(-) diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 5e4ed4943f..079c57dcc5 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -50,9 +50,9 @@ type GRPCConfig struct { } type AuthProviders struct { - JSON JSONProvider `yaml:"json"` - LDAP LDAPProvider `yaml:"ldap"` - OwnCloudSQL OwnCloudSQLProvider `yaml:"owncloud_sql"` + JSON JSONProvider `yaml:"json,omitempty"` + LDAP LDAPProvider `yaml:"ldap,omitempty"` + OwnCloudSQL OwnCloudSQLProvider `yaml:"owncloud_sql,omitempty"` } type JSONProvider struct { @@ -60,24 +60,24 @@ type JSONProvider struct { } type LDAPProvider struct { - URI string `env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` - CACert string `env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` - Insecure bool `env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` - BindDN string `env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` - UserBaseDN string `env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` - GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` - UserScope string `env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` - GroupScope string `env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` - UserFilter string `env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` - GroupFilter string `env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` - UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` - IDP string `env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? - GatewayEndpoint string // TODO do we need this here? - UserSchema LDAPUserSchema - GroupSchema LDAPGroupSchema + URI string `yaml:",omitempty" env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` + CACert string `yaml:",omitempty" env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` + Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` + BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` + BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` + GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` + GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` + UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:",omitempty" env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:",omitempty"` + GroupSchema LDAPGroupSchema `yaml:",omitempty"` } type LDAPUserSchema struct { diff --git a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go index 2b1c25d7d5..3f5f851b9d 100644 --- a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go @@ -49,7 +49,6 @@ func DefaultConfig() *config.Config { UserObjectClass: "inetOrgPerson", GroupObjectClass: "groupOfNames", BindDN: "uid=reva,ou=sysusers,o=libregraph-idm", - BindPassword: "reva", IDP: "https://localhost:9200", UserSchema: config.LDAPUserSchema{ ID: "ownclouduuid", @@ -68,7 +67,6 @@ func DefaultConfig() *config.Config { JSON: config.JSONProvider{}, OwnCloudSQL: config.OwnCloudSQLProvider{ DBUsername: "owncloud", - DBPassword: "secret", DBHost: "mysql", DBPort: 3306, DBName: "owncloud", diff --git a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go index 4b8e3368e5..9f85d6720b 100644 --- a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,8 @@ package defaults import ( + "log" + "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" ) @@ -31,11 +33,6 @@ func DefaultConfig() *config.Config { Address: "127.0.0.1:9142", }, AuthProvider: "ldap", - AuthProviders: config.AuthProviders{ - Machine: config.MachineProvider{ - APIKey: "change-me-please", - }, - }, } } @@ -78,6 +75,12 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } + + if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else if cfg.MachineAuthAPIKey == "" { + log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 70bd36d54d..485b0d2e5c 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -64,9 +64,6 @@ func DefaultConfig() *config.Config { AdditionalInfoAttribute: "{{.Mail}}", ResourceInfoCacheTTL: 0, }, - AuthMachine: config.AuthMachine{ - APIKey: "change-me-please", - }, Middleware: config.Middleware{ Auth: config.Auth{ CredentialsByUserAgent: map[string]string{}, diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 31133ad5c3..16768294fb 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -37,37 +37,37 @@ type Spaces struct { } type LDAP struct { - URI string `yaml:"uri" env:"LDAP_URI;GRAPH_LDAP_URI"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;GRAPH_LDAP_INSECURE"` - BindDN string `yaml:"bind_dn" env:"LDAP_BIND_DN;GRAPH_LDAP_BIND_DN"` - BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD"` - UseServerUUID bool `yaml:"use_server_uuid" env:"GRAPH_LDAP_SERVER_UUID"` - WriteEnabled bool `yaml:"write_enabled" env:"GRAPH_LDAP_SERVER_WRITE_ENABLED"` + URI string `yaml:"uri,omitempty" env:"LDAP_URI;GRAPH_LDAP_URI"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;GRAPH_LDAP_INSECURE"` + BindDN string `yaml:"bind_dn,omitempty" env:"LDAP_BIND_DN;GRAPH_LDAP_BIND_DN"` + BindPassword string `yaml:"bind_password,omitempty" env:"LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD"` + UseServerUUID bool `yaml:"use_server_uuid,omitempty" env:"GRAPH_LDAP_SERVER_UUID"` + WriteEnabled bool `yaml:"write_enabled,omitempty" env:"GRAPH_LDAP_SERVER_WRITE_ENABLED"` - UserBaseDN string `yaml:"user_base_dn" env:"LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN"` - UserSearchScope string `yaml:"user_search_scope" env:"LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE"` - UserFilter string `yaml:"user_filter" env:"LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER"` - UserObjectClass string `yaml:"user_objectclass" env:"LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS"` - UserEmailAttribute string `yaml:"user_mail_attribute" env:"LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE"` - UserDisplayNameAttribute string `yaml:"user_displayname_attribute" env:"LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE"` - UserNameAttribute string `yaml:"user_name_attribute" env:"LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE"` - UserIDAttribute string `yaml:"user_id_attribute" env:"LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE"` + UserBaseDN string `yaml:"user_base_dn,omitempty" env:"LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN"` + UserSearchScope string `yaml:"user_search_scope,omitempty" env:"LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE"` + UserFilter string `yaml:"user_filter,omitempty" env:"LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER"` + UserObjectClass string `yaml:"user_objectclass,omitempty" env:"LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS"` + UserEmailAttribute string `yaml:"user_mail_attribute,omitempty" env:"LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE"` + UserDisplayNameAttribute string `yaml:"user_displayname_attribute,omitempty" env:"LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE"` + UserNameAttribute string `yaml:"user_name_attribute,omitempty" env:"LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE"` + UserIDAttribute string `yaml:"user_id_attribute,omitempty" env:"LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE"` - GroupBaseDN string `yaml:"group_base_dn" env:"LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN"` - GroupSearchScope string `yaml:"group_search_scope" env:"LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE"` - GroupFilter string `yaml:"group_filter" env:"LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER"` - GroupObjectClass string `yaml:"group_objectclass" env:"LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS"` - GroupNameAttribute string `yaml:"group_name_attribute" env:"LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE"` - GroupIDAttribute string `yaml:"group_id_attribute" env:"LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE"` + GroupBaseDN string `yaml:"group_base_dn,omitempty" env:"LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN"` + GroupSearchScope string `yaml:"group_search_scope,omitempty" env:"LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE"` + GroupFilter string `yaml:"group_filter,omitempty" env:"LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER"` + GroupObjectClass string `yaml:"group_objectclass,omitempty" env:"LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS"` + GroupNameAttribute string `yaml:"group_name_attribute,omitempty" env:"LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE"` + GroupIDAttribute string `yaml:"group_id_attribute,omitempty" env:"LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE"` } type Identity struct { - Backend string `yaml:"backend" env:"GRAPH_IDENTITY_BACKEND"` - LDAP LDAP `yaml:"ldap"` + Backend string `yaml:"backend,omitempty" env:"GRAPH_IDENTITY_BACKEND"` + LDAP LDAP `yaml:"ldap,omitempty"` } // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"events_endpoint" env:"GRAPH_EVENTS_ENDPOINT" desc:"the address of the streaming service"` - Cluster string `yaml:"events_cluster" env:"GRAPH_EVENTS_CLUSTER" desc:"the clusterID of the streaming service. Mandatory when using nats"` + Endpoint string `yaml:"events_endpoint,omitempty" env:"GRAPH_EVENTS_ENDPOINT" desc:"the address of the streaming service"` + Cluster string `yaml:"events_cluster,omitempty" env:"GRAPH_EVENTS_CLUSTER" desc:"the clusterID of the streaming service. Mandatory when using nats"` } diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index eb3d6ab8b5..e6c46d54fb 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver - LDAP LDAPDriver - OwnCloudSQL OwnCloudSQLDriver - REST RESTProvider + JSON JSONDriver `yaml:",omitempty"` + LDAP LDAPDriver `yaml:",omitempty"` + OwnCloudSQL OwnCloudSQLDriver `yaml:",omitempty"` + REST RESTProvider `yaml:",omitempty"` } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `env:"LDAP_URI;GROUPS_LDAP_URI"` - CACert string `env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` - Insecure bool `env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` - BindDN string `env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` - UserBaseDN string `env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` - GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` - UserScope string `env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` - GroupScope string `env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` - UserFilter string `env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` - GroupFilter string `env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` - UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string // TODO do we need this here? - UserSchema LDAPUserSchema - GroupSchema LDAPGroupSchema + URI string `yaml:",omitempty" env:"LDAP_URI;GROUPS_LDAP_URI"` + CACert string `yaml:",omitempty" env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` + Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` + BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` + BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` + GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` + GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` + UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:",omitempty" env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:",omitempty"` + GroupSchema LDAPGroupSchema `yaml:",omitempty"` } type LDAPUserSchema struct { diff --git a/extensions/group/pkg/config/defaults/defaultconfig.go b/extensions/group/pkg/config/defaults/defaultconfig.go index 961edc8463..9500016057 100644 --- a/extensions/group/pkg/config/defaults/defaultconfig.go +++ b/extensions/group/pkg/config/defaults/defaultconfig.go @@ -50,7 +50,6 @@ func DefaultConfig() *config.Config { UserObjectClass: "inetOrgPerson", GroupObjectClass: "groupOfNames", BindDN: "uid=reva,ou=sysusers,o=libregraph-idm", - BindPassword: "reva", IDP: "https://localhost:9200", UserSchema: config.LDAPUserSchema{ ID: "ownclouduuid", diff --git a/extensions/idm/pkg/config/defaults/defaultconfig.go b/extensions/idm/pkg/config/defaults/defaultconfig.go index 983db3c071..dada552c04 100644 --- a/extensions/idm/pkg/config/defaults/defaultconfig.go +++ b/extensions/idm/pkg/config/defaults/defaultconfig.go @@ -22,12 +22,6 @@ func DefaultConfig() *config.Config { Name: "idm", }, CreateDemoUsers: false, - ServiceUserPasswords: config.ServiceUserPasswords{ - OcisAdmin: "admin", - Idm: "idm", - Idp: "idp", - Reva: "reva", - }, IDM: config.Settings{ LDAPSAddr: "127.0.0.1:9235", Cert: path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"), diff --git a/extensions/idp/pkg/config/config.go b/extensions/idp/pkg/config/config.go index 41e6cdf8cb..2d697a9c85 100644 --- a/extensions/idp/pkg/config/config.go +++ b/extensions/idp/pkg/config/config.go @@ -27,28 +27,28 @@ type Config struct { // Ldap defines the available LDAP configuration. type Ldap struct { - URI string `yaml:"uri" env:"LDAP_URI;IDP_LDAP_URI"` - TLSCACert string `yaml:"cacert" env:"LDAP_CACERT;IDP_LDAP_TLS_CACERT"` + URI string `yaml:"uri,omitempty" env:"LDAP_URI;IDP_LDAP_URI"` + TLSCACert string `yaml:"cacert,omitempty" env:"LDAP_CACERT;IDP_LDAP_TLS_CACERT"` - BindDN string `yaml:"bind_dn" env:"LDAP_BIND_DN;IDP_LDAP_BIND_DN"` - BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD"` + BindDN string `yaml:"bind_dn,omitempty" env:"LDAP_BIND_DN;IDP_LDAP_BIND_DN"` + BindPassword string `yaml:"bind_password,omitempty" env:"LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD"` - BaseDN string `yaml:"base_dn" env:"LDAP_USER_BASE_DN,IDP_LDAP_BASE_DN"` - Scope string `yaml:"scope" env:"LDAP_USER_SCOPE;IDP_LDAP_SCOPE"` + BaseDN string `yaml:"base_dn,omitempty" env:"LDAP_USER_BASE_DN,IDP_LDAP_BASE_DN"` + Scope string `yaml:"scope,omitempty" env:"LDAP_USER_SCOPE;IDP_LDAP_SCOPE"` - LoginAttribute string `yaml:"login_attribute" env:"IDP_LDAP_LOGIN_ATTRIBUTE"` - EmailAttribute string `yaml:"email_attribute" env:"LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE"` - NameAttribute string `yaml:"name_attribute" env:"LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE"` - UUIDAttribute string `yaml:"uuid_attribute" env:"LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE"` - UUIDAttributeType string `yaml:"uuid_attribute_type" env:"IDP_LDAP_UUID_ATTRIBUTE_TYPE"` + LoginAttribute string `yaml:"login_attribute,omitempty" env:"IDP_LDAP_LOGIN_ATTRIBUTE"` + EmailAttribute string `yaml:"email_attribute,omitempty" env:"LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE"` + NameAttribute string `yaml:"name_attribute,omitempty" env:"LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE"` + UUIDAttribute string `yaml:"uuid_attribute,omitempty" env:"LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE"` + UUIDAttributeType string `yaml:"uuid_attribute_type,omitempty" env:"IDP_LDAP_UUID_ATTRIBUTE_TYPE"` - Filter string `yaml:"filter" env:"LDAP_USER_FILTER;IDP_LDAP_FILTER"` - ObjectClass string `yaml:"objectclass" env:"LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS"` + Filter string `yaml:"filter,omitempty" env:"LDAP_USER_FILTER;IDP_LDAP_FILTER"` + ObjectClass string `yaml:"objectclass,omitempty" env:"LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS"` } // Asset defines the available asset configuration. type Asset struct { - Path string `yaml:"asset" env:"IDP_ASSET_PATH"` + Path string `yaml:"asset,omitempty" env:"IDP_ASSET_PATH"` } type Settings struct { diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index 5ac640a517..dbfb6a2219 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -57,7 +57,6 @@ func DefaultConfig() *config.Config { UserObjectClass: "inetOrgPerson", GroupObjectClass: "groupOfNames", BindDN: "uid=reva,ou=sysusers,o=libregraph-idm", - BindPassword: "reva", IDP: defaultPublicURL, UserSchema: config.LDAPUserSchema{ ID: "ownclouduuid", @@ -81,7 +80,6 @@ func DefaultConfig() *config.Config { }, UserOwnCloudSQL: config.UserOwnCloudSQL{ DBUsername: "owncloud", - DBPassword: "secret", DBHost: "mysql", DBPort: 3306, DBName: "owncloud", diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index 48ee5cdb81..ccd3b21f97 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver - LDAP LDAPDriver - OwnCloudSQL OwnCloudSQLDriver - REST RESTProvider + JSON JSONDriver `yaml:",omitempty"` + LDAP LDAPDriver `yaml:",omitempty"` + OwnCloudSQL OwnCloudSQLDriver `yaml:",omitempty"` + REST RESTProvider `yaml:",omitempty"` } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `env:"LDAP_URI;USERS_LDAP_URI"` - CACert string `env:"LDAP_CACERT;USERS_LDAP_CACERT"` - Insecure bool `env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` - BindDN string `env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` - UserBaseDN string `env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` - GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` - UserScope string `env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` - GroupScope string `env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` - UserFilter string `env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` - GroupFilter string `env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` - UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string // TODO do we need this here? - UserSchema LDAPUserSchema - GroupSchema LDAPGroupSchema + URI string `yaml:",omitempty" env:"LDAP_URI;USERS_LDAP_URI"` + CACert string `yaml:",omitempty" env:"LDAP_CACERT;USERS_LDAP_CACERT"` + Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` + BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` + BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` + GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` + GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` + UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:",omitempty" env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:",omitempty"` + GroupSchema LDAPGroupSchema `yaml:",omitempty"` } type LDAPUserSchema struct { diff --git a/extensions/user/pkg/config/defaults/defaultconfig.go b/extensions/user/pkg/config/defaults/defaultconfig.go index 628948566d..f20c546123 100644 --- a/extensions/user/pkg/config/defaults/defaultconfig.go +++ b/extensions/user/pkg/config/defaults/defaultconfig.go @@ -50,7 +50,6 @@ func DefaultConfig() *config.Config { UserObjectClass: "inetOrgPerson", GroupObjectClass: "groupOfNames", BindDN: "uid=reva,ou=sysusers,o=libregraph-idm", - BindPassword: "reva", IDP: "https://localhost:9200", UserSchema: config.LDAPUserSchema{ ID: "ownclouduuid", diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index ba63aac071..693b49a4b7 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -17,15 +17,19 @@ import ( cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" + authbasic "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" frontend "github.com/owncloud/ocis/extensions/frontend/pkg/config" graph "github.com/owncloud/ocis/extensions/graph/pkg/config" + group "github.com/owncloud/ocis/extensions/group/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" + idp "github.com/owncloud/ocis/extensions/idp/pkg/config" ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config" thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" + user "github.com/owncloud/ocis/extensions/user/pkg/config" ) const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file @@ -98,12 +102,25 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg := config.Config{ TokenManager: &shared.TokenManager{}, IDM: &idm.Config{}, + AuthBasic: &authbasic.Config{ + AuthProviders: authbasic.AuthProviders{ + LDAP: authbasic.LDAPProvider{}, + }, + }, + Group: &group.Config{ + Drivers: group.Drivers{ + LDAP: group.LDAPDriver{}, + }, + }, + User: &user.Config{ + Drivers: user.Drivers{ + LDAP: user.LDAPDriver{}, + }, + }, + IDP: &idp.Config{}, } if insecure { - cfg.Proxy = &proxy.Config{ - InsecureBackends: true, - } cfg.AuthBearer = &authbearer.Config{ AuthProviders: authbearer.AuthProviders{ OIDC: authbearer.OIDCProvider{ @@ -127,6 +144,10 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.OCDav = &ocdav.Config{ Insecure: true, } + cfg.Proxy = &proxy.Config{ + InsecureBackends: true, + } + cfg.StorageMetadata = &storagemetadata.Config{ DataProviderInsecure: true, } @@ -139,6 +160,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { CS3AllowInsecure: true, }, } + } idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) @@ -180,9 +202,17 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.TokenManager.JWTSecret = tokenManagerJwtSecret cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword + cfg.Graph.Identity.LDAP.BindPassword = idmServicePassword + cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword - cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword + cfg.IDP.Ldap.BindPassword = idpServicePassword + cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword + cfg.AuthBasic.AuthProviders.LDAP.BindPassword = revaServicePassword + cfg.Group.Drivers.LDAP.BindPassword = revaServicePassword + cfg.User.Drivers.LDAP.BindPassword = revaServicePassword + + cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword yamlOutput, err := yaml.Marshal(cfg) if err != nil { From 31656e1a97be60aa143b715fcc337af3359a946f Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 08:48:32 +0200 Subject: [PATCH 18/99] remove TODOs --- ocis/pkg/command/init.go | 5 ----- 1 file changed, 5 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 693b49a4b7..21c2f6ab2d 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -192,11 +192,6 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } - // TODO: IDP config is missing (LDAP + GROUP provider) - // TODO: REVA config is missing (LDAP + GROUP provider) - // TODO: graph needs IDM password configured - // TODO: add missing insecure occurences - cfg.MachineAuthAPIKey = machineAuthApiKey cfg.TransferSecret = revaTransferSecret cfg.TokenManager.JWTSecret = tokenManagerJwtSecret From 4a9b31f3b48f1689bb348da494fb8ebfd01c2795 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 08:49:44 +0200 Subject: [PATCH 19/99] fix machineauth to right machine auth api key --- .../auth-machine/pkg/config/defaults/defaultconfig.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go index 9f85d6720b..14be9c67d1 100644 --- a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go @@ -76,9 +76,9 @@ func EnsureDefaults(cfg *config.Config) { cfg.TokenManager = &config.TokenManager{} } - if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { - cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.MachineAuthAPIKey == "" { + if cfg.AuthProviders.Machine.APIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.AuthProviders.Machine.APIKey = cfg.Commons.MachineAuthAPIKey + } else if cfg.AuthProviders.Machine.APIKey == "" { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } From 83f75bf089e72b955a59d58d53d8b776760a3642 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 10:05:51 +0200 Subject: [PATCH 20/99] fix ginko testsuite --- .vscode/launch.json | 8 ++++---- extensions/graph/pkg/config/defaults/defaultconfig.go | 9 +++++++++ extensions/graph/pkg/service/v0/graph_suite_test.go | 2 +- extensions/graph/pkg/service/v0/graph_test.go | 4 ++-- extensions/ocs/pkg/server/http/svc_test.go | 3 +++ ocis-pkg/crypto/crypto_suite_test.go | 2 +- ocis-pkg/crypto/crypto_test.go | 2 +- 7 files changed, 21 insertions(+), 9 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 52d4b84087..4332cf2e1a 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -12,11 +12,11 @@ ], "env": { // log settings for human developers - //"OCIS_LOG_LEVEL": "debug", - //"OCIS_LOG_PRETTY": "true", - //"OCIS_LOG_COLOR": "true", + "OCIS_LOG_LEVEL": "debug", + "OCIS_LOG_PRETTY": "true", + "OCIS_LOG_COLOR": "true", // enable basic auth for dev setup so that we can use curl for testing - //"PROXY_ENABLE_BASIC_AUTH": "true", + "PROXY_ENABLE_BASIC_AUTH": "true", // set insecure options because we don't have valid certificates in dev environments "OCIS_INSECURE": "true", // demo users diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index f36a33d108..509189ccc0 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -6,6 +6,15 @@ import ( "github.com/owncloud/ocis/extensions/graph/pkg/config" ) +func FullDefaultConfig() *config.Config { + cfg := DefaultConfig() + + EnsureDefaults(cfg) + Sanitize(cfg) + + return cfg +} + func DefaultConfig() *config.Config { return &config.Config{ Debug: config.Debug{ diff --git a/extensions/graph/pkg/service/v0/graph_suite_test.go b/extensions/graph/pkg/service/v0/graph_suite_test.go index 1c6cfc6cc9..6b34ae0631 100644 --- a/extensions/graph/pkg/service/v0/graph_suite_test.go +++ b/extensions/graph/pkg/service/v0/graph_suite_test.go @@ -3,7 +3,7 @@ package svc_test import ( "testing" - . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" ) diff --git a/extensions/graph/pkg/service/v0/graph_test.go b/extensions/graph/pkg/service/v0/graph_test.go index fe328d93a6..f01a7b11a7 100644 --- a/extensions/graph/pkg/service/v0/graph_test.go +++ b/extensions/graph/pkg/service/v0/graph_test.go @@ -13,7 +13,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" typesv1beta1 "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/v2/pkg/rgrpc/status" - . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" libregraph "github.com/owncloud/libre-graph-api-go" "github.com/owncloud/ocis/extensions/graph/mocks" @@ -38,7 +38,7 @@ var _ = Describe("Graph", func() { httpClient = &mocks.HTTPClient{} eventsPublisher = mocks.Publisher{} svc = service.NewService( - service.Config(defaults.DefaultConfig()), + service.Config(defaults.FullDefaultConfig()), service.WithGatewayClient(gatewayClient), service.WithHTTPClient(httpClient), service.EventsPublisher(&eventsPublisher), diff --git a/extensions/ocs/pkg/server/http/svc_test.go b/extensions/ocs/pkg/server/http/svc_test.go index 7bdddbf28b..c5a73fcfbc 100644 --- a/extensions/ocs/pkg/server/http/svc_test.go +++ b/extensions/ocs/pkg/server/http/svc_test.go @@ -723,6 +723,9 @@ func getService() svc.Service { Root: "/", Addr: "localhost:9110", }, + Reva: &config.Reva{ + Address: "", + }, TokenManager: &config.TokenManager{ JWTSecret: jwtSecret, }, diff --git a/ocis-pkg/crypto/crypto_suite_test.go b/ocis-pkg/crypto/crypto_suite_test.go index e60462b997..87ac8f6f73 100644 --- a/ocis-pkg/crypto/crypto_suite_test.go +++ b/ocis-pkg/crypto/crypto_suite_test.go @@ -3,7 +3,7 @@ package crypto_test import ( "testing" - . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" ) diff --git a/ocis-pkg/crypto/crypto_test.go b/ocis-pkg/crypto/crypto_test.go index 328607ba9e..0f54796255 100644 --- a/ocis-pkg/crypto/crypto_test.go +++ b/ocis-pkg/crypto/crypto_test.go @@ -8,7 +8,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/crypto" "github.com/owncloud/ocis/ocis-pkg/log" - . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/v2" cfg "github.com/owncloud/ocis/ocis-pkg/config" ) From df53c2a545a6ba9591e4928820ac54dc35c68370 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 10:30:02 +0200 Subject: [PATCH 21/99] fix graph tests --- extensions/graph/pkg/service/v0/graph_test.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/extensions/graph/pkg/service/v0/graph_test.go b/extensions/graph/pkg/service/v0/graph_test.go index f01a7b11a7..0d52357cf8 100644 --- a/extensions/graph/pkg/service/v0/graph_test.go +++ b/extensions/graph/pkg/service/v0/graph_test.go @@ -17,6 +17,7 @@ import ( . "github.com/onsi/gomega" libregraph "github.com/owncloud/libre-graph-api-go" "github.com/owncloud/ocis/extensions/graph/mocks" + "github.com/owncloud/ocis/extensions/graph/pkg/config" "github.com/owncloud/ocis/extensions/graph/pkg/config/defaults" service "github.com/owncloud/ocis/extensions/graph/pkg/service/v0" "github.com/owncloud/ocis/extensions/graph/pkg/service/v0/errorcode" @@ -30,15 +31,19 @@ var _ = Describe("Graph", func() { httpClient *mocks.HTTPClient eventsPublisher mocks.Publisher ctx context.Context + cfg *config.Config ) JustBeforeEach(func() { ctx = context.Background() + cfg = defaults.FullDefaultConfig() + cfg.TokenManager.JWTSecret = "loremipsum" + gatewayClient = &mocks.GatewayClient{} httpClient = &mocks.HTTPClient{} eventsPublisher = mocks.Publisher{} svc = service.NewService( - service.Config(defaults.FullDefaultConfig()), + service.Config(cfg), service.WithGatewayClient(gatewayClient), service.WithHTTPClient(httpClient), service.EventsPublisher(&eventsPublisher), From 3054875a056f8c25871a07a7a509e36e88dbb547 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 11:10:39 +0200 Subject: [PATCH 22/99] move config validation into a separate function --- .bingo/Variables.mk | 2 +- .bingo/variables.env | 2 +- .../accounts/pkg/config/defaults/defaultconfig.go | 2 -- extensions/accounts/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- extensions/appprovider/pkg/config/parser/parse.go | 4 ++++ .../audit/pkg/config/defaults/defaultconfig.go | 2 -- extensions/audit/pkg/config/parser/parse.go | 4 ++++ .../auth-basic/pkg/config/defaults/defaultconfig.go | 3 +-- extensions/auth-basic/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- extensions/auth-bearer/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 7 +------ extensions/auth-machine/pkg/config/parser/parse.go | 8 ++++++++ .../frontend/pkg/config/defaults/defaultconfig.go | 7 +------ extensions/frontend/pkg/config/parser/parse.go | 8 ++++++++ .../gateway/pkg/config/defaults/defaultconfig.go | 7 +------ extensions/gateway/pkg/config/parser/parse.go | 9 +++++++++ .../glauth/pkg/config/defaults/defaultconfig.go | 2 -- extensions/glauth/pkg/config/parser/parse.go | 5 +++++ .../pkg/config/defaults/defaultconfig.go | 2 -- .../graph-explorer/pkg/config/parser/parse.go | 4 ++++ .../graph/pkg/config/defaults/defaultconfig.go | 2 -- extensions/graph/pkg/config/parser/parse.go | 4 ++++ .../group/pkg/config/defaults/defaultconfig.go | 3 +-- extensions/group/pkg/config/parser/parse.go | 4 ++++ extensions/idm/pkg/config/defaults/defaultconfig.go | 2 -- extensions/idm/pkg/config/parser/parse.go | 4 ++++ extensions/idp/pkg/config/defaults/defaultconfig.go | 2 -- extensions/idp/pkg/config/parser/parse.go | 4 ++++ .../nats/pkg/config/defaults/defaultconfig.go | 2 -- extensions/nats/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 6 ------ extensions/notifications/pkg/config/parser/parse.go | 8 ++++++++ .../ocdav/pkg/config/defaults/defaultconfig.go | 3 +-- extensions/ocdav/pkg/config/parser/parse.go | 4 ++++ extensions/ocs/pkg/config/defaults/defaultconfig.go | 5 ----- extensions/ocs/pkg/config/parser/parse.go | 8 ++++++++ .../proxy/pkg/config/defaults/defaultconfig.go | 3 --- extensions/proxy/pkg/config/parser/parse.go | 9 +++++++++ .../settings/pkg/config/defaults/defaultconfig.go | 5 ----- extensions/settings/pkg/config/parser/parse.go | 4 ++++ .../sharing/pkg/config/defaults/defaultconfig.go | 8 +------- extensions/sharing/pkg/config/parser/parse.go | 13 +++++++++++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- .../storage-metadata/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- .../storage-publiclink/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- .../storage-shares/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- extensions/storage-users/pkg/config/parser/parse.go | 4 ++++ .../storage/pkg/config/defaults/defaultconfig.go | 11 +++-------- extensions/storage/pkg/config/parser/parse.go | 8 ++++++++ .../store/pkg/config/defaults/defaultconfig.go | 2 -- extensions/store/pkg/config/parser/parse.go | 5 +++++ .../thumbnails/pkg/config/defaults/defaultconfig.go | 5 ----- extensions/thumbnails/pkg/config/parser/parse.go | 9 +++++++++ .../user/pkg/config/defaults/defaultconfig.go | 3 +-- extensions/user/pkg/config/parser/parse.go | 4 ++++ extensions/web/pkg/config/defaults/defaultconfig.go | 2 -- extensions/web/pkg/config/parser/parse.go | 4 ++++ .../webdav/pkg/config/defaults/defaultconfig.go | 2 -- extensions/webdav/pkg/config/parser/parse.go | 4 ++++ 64 files changed, 189 insertions(+), 101 deletions(-) diff --git a/.bingo/Variables.mk b/.bingo/Variables.mk index c3a6f1db5b..cd90d103da 100644 --- a/.bingo/Variables.mk +++ b/.bingo/Variables.mk @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. BINGO_DIR := $(dir $(lastword $(MAKEFILE_LIST))) GOPATH ?= $(shell go env GOPATH) diff --git a/.bingo/variables.env b/.bingo/variables.env index e19cf5f1db..d64a412b02 100644 --- a/.bingo/variables.env +++ b/.bingo/variables.env @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. # Those variables will work only until 'bingo get' was invoked, or if tools were installed via Makefile's Variables.mk. GOBIN=${GOBIN:=$(go env GOBIN)} diff --git a/extensions/accounts/pkg/config/defaults/defaultconfig.go b/extensions/accounts/pkg/config/defaults/defaultconfig.go index af60edfb6e..6aaea79f33 100644 --- a/extensions/accounts/pkg/config/defaults/defaultconfig.go +++ b/extensions/accounts/pkg/config/defaults/defaultconfig.go @@ -10,10 +10,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/accounts/pkg/config/parser/parse.go b/extensions/accounts/pkg/config/parser/parse.go index 91d47c19d8..514de074f7 100644 --- a/extensions/accounts/pkg/config/parser/parse.go +++ b/extensions/accounts/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/appprovider/pkg/config/defaults/defaultconfig.go b/extensions/appprovider/pkg/config/defaults/defaultconfig.go index e556735ee7..c42cfa27ef 100644 --- a/extensions/appprovider/pkg/config/defaults/defaultconfig.go +++ b/extensions/appprovider/pkg/config/defaults/defaultconfig.go @@ -6,9 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/appprovider/pkg/config/parser/parse.go b/extensions/appprovider/pkg/config/parser/parse.go index 272df5fde4..fa55c4653f 100644 --- a/extensions/appprovider/pkg/config/parser/parse.go +++ b/extensions/appprovider/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/audit/pkg/config/defaults/defaultconfig.go b/extensions/audit/pkg/config/defaults/defaultconfig.go index 27b94a8147..f6ec2fb31e 100644 --- a/extensions/audit/pkg/config/defaults/defaultconfig.go +++ b/extensions/audit/pkg/config/defaults/defaultconfig.go @@ -6,10 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/audit/pkg/config/parser/parse.go b/extensions/audit/pkg/config/parser/parse.go index 7c9179761c..fef33a6b52 100644 --- a/extensions/audit/pkg/config/parser/parse.go +++ b/extensions/audit/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go index 3f5f851b9d..3bfbaf800f 100644 --- a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go @@ -9,9 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/auth-basic/pkg/config/parser/parse.go b/extensions/auth-basic/pkg/config/parser/parse.go index 3a850615ca..f24e99c95b 100644 --- a/extensions/auth-basic/pkg/config/parser/parse.go +++ b/extensions/auth-basic/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go b/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go index 93a978a2a3..59d0acd706 100644 --- a/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go @@ -6,9 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/auth-bearer/pkg/config/parser/parse.go b/extensions/auth-bearer/pkg/config/parser/parse.go index 6ea2a14847..a521c0bfd7 100644 --- a/extensions/auth-bearer/pkg/config/parser/parse.go +++ b/extensions/auth-bearer/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go index 14be9c67d1..47b0f1a16a 100644 --- a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go @@ -1,16 +1,13 @@ package defaults import ( - "log" - "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" ) func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } @@ -78,8 +75,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.AuthProviders.Machine.APIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.AuthProviders.Machine.APIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.AuthProviders.Machine.APIKey == "" { - log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/auth-machine/pkg/config/parser/parse.go b/extensions/auth-machine/pkg/config/parser/parse.go index defc64e0c3..feea7ec411 100644 --- a/extensions/auth-machine/pkg/config/parser/parse.go +++ b/extensions/auth-machine/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" "github.com/owncloud/ocis/extensions/auth-machine/pkg/config/defaults" @@ -29,5 +30,12 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.AuthProviders.Machine.APIKey == "" { + return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } return nil } diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 485b0d2e5c..95256201f2 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -1,16 +1,13 @@ package defaults import ( - "log" - "github.com/owncloud/ocis/extensions/frontend/pkg/config" ) func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } @@ -114,8 +111,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.TransferSecret = cfg.Commons.TransferSecret - } else if cfg.TransferSecret == "" { - log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go index 7942a1b235..d628cfee74 100644 --- a/extensions/frontend/pkg/config/parser/parse.go +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -29,5 +29,13 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.TransferSecret == "" { + return ftm.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } + return nil } diff --git a/extensions/gateway/pkg/config/defaults/defaultconfig.go b/extensions/gateway/pkg/config/defaults/defaultconfig.go index d22b3c95ed..21e3cc1862 100644 --- a/extensions/gateway/pkg/config/defaults/defaultconfig.go +++ b/extensions/gateway/pkg/config/defaults/defaultconfig.go @@ -1,16 +1,13 @@ package defaults import ( - "log" - "github.com/owncloud/ocis/extensions/gateway/pkg/config" ) func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } @@ -105,8 +102,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.TransferSecret = cfg.Commons.TransferSecret - } else if cfg.TransferSecret == "" { - log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/gateway/pkg/config/parser/parse.go b/extensions/gateway/pkg/config/parser/parse.go index 2ace3feafd..2a0a4e069c 100644 --- a/extensions/gateway/pkg/config/parser/parse.go +++ b/extensions/gateway/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/gateway/pkg/config" "github.com/owncloud/ocis/extensions/gateway/pkg/config/defaults" @@ -29,5 +30,13 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.TransferSecret == "" { + return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } + return nil } diff --git a/extensions/glauth/pkg/config/defaults/defaultconfig.go b/extensions/glauth/pkg/config/defaults/defaultconfig.go index 8d0eb366da..d4508ee9d7 100644 --- a/extensions/glauth/pkg/config/defaults/defaultconfig.go +++ b/extensions/glauth/pkg/config/defaults/defaultconfig.go @@ -9,10 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/glauth/pkg/config/parser/parse.go b/extensions/glauth/pkg/config/parser/parse.go index 532fb51495..175673383c 100644 --- a/extensions/glauth/pkg/config/parser/parse.go +++ b/extensions/glauth/pkg/config/parser/parse.go @@ -28,5 +28,10 @@ func ParseConfig(cfg *config.Config) error { // sanitize config defaults.Sanitize(cfg) + + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/graph-explorer/pkg/config/defaults/defaultconfig.go b/extensions/graph-explorer/pkg/config/defaults/defaultconfig.go index a343da50af..27b194940a 100644 --- a/extensions/graph-explorer/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph-explorer/pkg/config/defaults/defaultconfig.go @@ -8,10 +8,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/graph-explorer/pkg/config/parser/parse.go b/extensions/graph-explorer/pkg/config/parser/parse.go index 499fbb8f36..82bc9cc5db 100644 --- a/extensions/graph-explorer/pkg/config/parser/parse.go +++ b/extensions/graph-explorer/pkg/config/parser/parse.go @@ -30,5 +30,9 @@ func ParseConfig(cfg *config.Config) error { // sanitize config defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index 509189ccc0..77fea10502 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -8,10 +8,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/graph/pkg/config/parser/parse.go b/extensions/graph/pkg/config/parser/parse.go index cf4612cc88..7c2505a3f1 100644 --- a/extensions/graph/pkg/config/parser/parse.go +++ b/extensions/graph/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/group/pkg/config/defaults/defaultconfig.go b/extensions/group/pkg/config/defaults/defaultconfig.go index 9500016057..373e118a4b 100644 --- a/extensions/group/pkg/config/defaults/defaultconfig.go +++ b/extensions/group/pkg/config/defaults/defaultconfig.go @@ -9,9 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/group/pkg/config/parser/parse.go b/extensions/group/pkg/config/parser/parse.go index d75882a290..fd858020b8 100644 --- a/extensions/group/pkg/config/parser/parse.go +++ b/extensions/group/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/idm/pkg/config/defaults/defaultconfig.go b/extensions/idm/pkg/config/defaults/defaultconfig.go index dada552c04..25ea4785fe 100644 --- a/extensions/idm/pkg/config/defaults/defaultconfig.go +++ b/extensions/idm/pkg/config/defaults/defaultconfig.go @@ -9,10 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/idm/pkg/config/parser/parse.go b/extensions/idm/pkg/config/parser/parse.go index 0998543ad0..be598790da 100644 --- a/extensions/idm/pkg/config/parser/parse.go +++ b/extensions/idm/pkg/config/parser/parse.go @@ -28,5 +28,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/idp/pkg/config/defaults/defaultconfig.go b/extensions/idp/pkg/config/defaults/defaultconfig.go index d9b68fb506..23c9def14c 100644 --- a/extensions/idp/pkg/config/defaults/defaultconfig.go +++ b/extensions/idp/pkg/config/defaults/defaultconfig.go @@ -10,10 +10,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/idp/pkg/config/parser/parse.go b/extensions/idp/pkg/config/parser/parse.go index 101ea85bdc..e285276791 100644 --- a/extensions/idp/pkg/config/parser/parse.go +++ b/extensions/idp/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/nats/pkg/config/defaults/defaultconfig.go b/extensions/nats/pkg/config/defaults/defaultconfig.go index f9435ff4df..a522ca6785 100644 --- a/extensions/nats/pkg/config/defaults/defaultconfig.go +++ b/extensions/nats/pkg/config/defaults/defaultconfig.go @@ -12,10 +12,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/nats/pkg/config/parser/parse.go b/extensions/nats/pkg/config/parser/parse.go index 2a427a3bd9..4930b1ccfe 100644 --- a/extensions/nats/pkg/config/parser/parse.go +++ b/extensions/nats/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/notifications/pkg/config/defaults/defaultconfig.go b/extensions/notifications/pkg/config/defaults/defaultconfig.go index d9622050f9..09d08d13fb 100644 --- a/extensions/notifications/pkg/config/defaults/defaultconfig.go +++ b/extensions/notifications/pkg/config/defaults/defaultconfig.go @@ -1,17 +1,13 @@ package defaults import ( - "log" - "github.com/owncloud/ocis/extensions/notifications/pkg/config" ) func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } @@ -55,8 +51,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Notifications.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.Notifications.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.Notifications.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/notifications/pkg/config/parser/parse.go b/extensions/notifications/pkg/config/parser/parse.go index 2a4876a33c..fddb96b24b 100644 --- a/extensions/notifications/pkg/config/parser/parse.go +++ b/extensions/notifications/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/notifications/pkg/config" "github.com/owncloud/ocis/extensions/notifications/pkg/config/defaults" @@ -29,5 +30,12 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.Notifications.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } return nil } diff --git a/extensions/ocdav/pkg/config/defaults/defaultconfig.go b/extensions/ocdav/pkg/config/defaults/defaultconfig.go index d68a150240..b55f9e6513 100644 --- a/extensions/ocdav/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocdav/pkg/config/defaults/defaultconfig.go @@ -6,9 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/ocdav/pkg/config/parser/parse.go b/extensions/ocdav/pkg/config/parser/parse.go index 84d3821cf7..028d237a31 100644 --- a/extensions/ocdav/pkg/config/parser/parse.go +++ b/extensions/ocdav/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 8d387072de..20a3e3ca9e 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "strings" "github.com/owncloud/ocis/extensions/ocs/pkg/config" @@ -9,10 +8,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } @@ -91,8 +88,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/ocs/pkg/config/parser/parse.go b/extensions/ocs/pkg/config/parser/parse.go index b9c312ca3d..ce253edd19 100644 --- a/extensions/ocs/pkg/config/parser/parse.go +++ b/extensions/ocs/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/ocs/pkg/config" "github.com/owncloud/ocis/extensions/ocs/pkg/config/defaults" @@ -29,5 +30,12 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } return nil } diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 43b23207db..61c91de93d 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "path" "strings" @@ -188,8 +187,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { diff --git a/extensions/proxy/pkg/config/parser/parse.go b/extensions/proxy/pkg/config/parser/parse.go index 2f29670f65..5f15fb2938 100644 --- a/extensions/proxy/pkg/config/parser/parse.go +++ b/extensions/proxy/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/proxy/pkg/config" "github.com/owncloud/ocis/extensions/proxy/pkg/config/defaults" @@ -28,5 +29,13 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } + return nil } diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index fd04461a2f..a1eeb3c9a9 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "path" "strings" @@ -11,10 +10,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } @@ -95,8 +92,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/settings/pkg/config/parser/parse.go b/extensions/settings/pkg/config/parser/parse.go index 3880a7ebbc..5d8310430c 100644 --- a/extensions/settings/pkg/config/parser/parse.go +++ b/extensions/settings/pkg/config/parser/parse.go @@ -28,5 +28,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/sharing/pkg/config/defaults/defaultconfig.go b/extensions/sharing/pkg/config/defaults/defaultconfig.go index 71c66ab8dc..2c00c4267a 100644 --- a/extensions/sharing/pkg/config/defaults/defaultconfig.go +++ b/extensions/sharing/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "path/filepath" "github.com/owncloud/ocis/extensions/sharing/pkg/config" @@ -10,9 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } @@ -125,14 +123,10 @@ func EnsureDefaults(cfg *config.Config) { if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.UserSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key for the cs3 user sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) } if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key for the cs3 public sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go index 516647c884..84a09cc6d0 100644 --- a/extensions/sharing/pkg/config/parser/parse.go +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/sharing/pkg/config" "github.com/owncloud/ocis/extensions/sharing/pkg/config/defaults" @@ -29,5 +30,17 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key for the cs3 public sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + } + + if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key for the cs3 user sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + } + return nil } diff --git a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go index 3922b6f569..270c468f5b 100644 --- a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go @@ -10,9 +10,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/storage-metadata/pkg/config/parser/parse.go b/extensions/storage-metadata/pkg/config/parser/parse.go index 4faf4527fa..ca0d96dbb3 100644 --- a/extensions/storage-metadata/pkg/config/parser/parse.go +++ b/extensions/storage-metadata/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go b/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go index 5a0fed3a55..47b729c05a 100644 --- a/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go @@ -6,9 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/storage-publiclink/pkg/config/parser/parse.go b/extensions/storage-publiclink/pkg/config/parser/parse.go index b54c81162e..0379145f73 100644 --- a/extensions/storage-publiclink/pkg/config/parser/parse.go +++ b/extensions/storage-publiclink/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/storage-shares/pkg/config/defaults/defaultconfig.go b/extensions/storage-shares/pkg/config/defaults/defaultconfig.go index ca46e2ea8e..75a6127e90 100644 --- a/extensions/storage-shares/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-shares/pkg/config/defaults/defaultconfig.go @@ -6,9 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/storage-shares/pkg/config/parser/parse.go b/extensions/storage-shares/pkg/config/parser/parse.go index f840317dc5..bda808cb63 100644 --- a/extensions/storage-shares/pkg/config/parser/parse.go +++ b/extensions/storage-shares/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/storage-users/pkg/config/defaults/defaultconfig.go b/extensions/storage-users/pkg/config/defaults/defaultconfig.go index 0c89cc7a2c..b29e9daa98 100644 --- a/extensions/storage-users/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-users/pkg/config/defaults/defaultconfig.go @@ -10,9 +10,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/storage-users/pkg/config/parser/parse.go b/extensions/storage-users/pkg/config/parser/parse.go index d8d881260c..55658def29 100644 --- a/extensions/storage-users/pkg/config/parser/parse.go +++ b/extensions/storage-users/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index dbfb6a2219..6b88c6babd 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "os" "path" @@ -21,10 +20,8 @@ const ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } @@ -458,11 +455,9 @@ func DefaultConfig() *config.Config { } func EnsureDefaults(cfg *config.Config) { - if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { - cfg.TransferSecret = cfg.Commons.TransferSecret - } else { - log.Fatal("reva transfer secret is not set up properly, bailing out (storage)") - } + //if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { + // cfg.TransferSecret = cfg.Commons.TransferSecret + //} } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage/pkg/config/parser/parse.go b/extensions/storage/pkg/config/parser/parse.go index 4faf4527fa..bf30c761ff 100644 --- a/extensions/storage/pkg/config/parser/parse.go +++ b/extensions/storage/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" @@ -29,5 +30,12 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.TransferSecret == "" { + return fmt.Errorf("reva transfer secret is not set up properly, bailing out (storage)") + } return nil } diff --git a/extensions/store/pkg/config/defaults/defaultconfig.go b/extensions/store/pkg/config/defaults/defaultconfig.go index 1d84c1c474..8932d4266a 100644 --- a/extensions/store/pkg/config/defaults/defaultconfig.go +++ b/extensions/store/pkg/config/defaults/defaultconfig.go @@ -9,10 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/store/pkg/config/parser/parse.go b/extensions/store/pkg/config/parser/parse.go index 7c9f02bda3..3d3b591ba7 100644 --- a/extensions/store/pkg/config/parser/parse.go +++ b/extensions/store/pkg/config/parser/parse.go @@ -29,5 +29,10 @@ func ParseConfig(cfg *config.Config) error { // sanitize config defaults.Sanitize(cfg) + + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go index dd8b57d211..b24c9e3d11 100644 --- a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go +++ b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "path" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" @@ -10,10 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } @@ -76,8 +73,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Thumbnail.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.Thumbnail.TransferSecret = cfg.Commons.TransferSecret - } else if cfg.TransferSecret == "" { - log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/thumbnails/pkg/config/parser/parse.go b/extensions/thumbnails/pkg/config/parser/parse.go index 4ed7325534..348e87d1a1 100644 --- a/extensions/thumbnails/pkg/config/parser/parse.go +++ b/extensions/thumbnails/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config/defaults" @@ -30,5 +31,13 @@ func ParseConfig(cfg *config.Config) error { // sanitize config defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.TransferSecret == "" { + return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } + return nil } diff --git a/extensions/user/pkg/config/defaults/defaultconfig.go b/extensions/user/pkg/config/defaults/defaultconfig.go index f20c546123..b7212abd0b 100644 --- a/extensions/user/pkg/config/defaults/defaultconfig.go +++ b/extensions/user/pkg/config/defaults/defaultconfig.go @@ -9,9 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/user/pkg/config/parser/parse.go b/extensions/user/pkg/config/parser/parse.go index 06145d3ad8..e2e6ad69ed 100644 --- a/extensions/user/pkg/config/parser/parse.go +++ b/extensions/user/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/web/pkg/config/defaults/defaultconfig.go b/extensions/web/pkg/config/defaults/defaultconfig.go index bbfad9bdfd..023a080da8 100644 --- a/extensions/web/pkg/config/defaults/defaultconfig.go +++ b/extensions/web/pkg/config/defaults/defaultconfig.go @@ -8,10 +8,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/web/pkg/config/parser/parse.go b/extensions/web/pkg/config/parser/parse.go index d850943577..80e64a3b7b 100644 --- a/extensions/web/pkg/config/parser/parse.go +++ b/extensions/web/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/webdav/pkg/config/defaults/defaultconfig.go b/extensions/webdav/pkg/config/defaults/defaultconfig.go index 48e00e17f1..3c975cfa70 100644 --- a/extensions/webdav/pkg/config/defaults/defaultconfig.go +++ b/extensions/webdav/pkg/config/defaults/defaultconfig.go @@ -8,10 +8,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/webdav/pkg/config/parser/parse.go b/extensions/webdav/pkg/config/parser/parse.go index 7597255f9c..9d4d15ca7a 100644 --- a/extensions/webdav/pkg/config/parser/parse.go +++ b/extensions/webdav/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } From fb6a8ffc7b0b18f61eb37d942b98c3e98c181880 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Thu, 28 Apr 2022 11:12:22 +0200 Subject: [PATCH 23/99] add backup of config on force overwrite Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 41 +++++++++++++++++++++++++++++++++++++--- 1 file changed, 38 insertions(+), 3 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 21c2f6ab2d..5c11dc359a 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -3,11 +3,13 @@ package command import ( "bufio" "fmt" + "io" "io/ioutil" "log" "os" "path" "strings" + "time" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" @@ -90,10 +92,38 @@ func checkConfigPath(configPath string) error { return nil } +func backupOcisConfigFile(configPath string) (string, error) { + sourceConfig := path.Join(configPath, configFilename) + targetBackupConfig := path.Join(configPath, configFilename+"."+time.Now().Format("2006-01-02-15-04-05")+".backup") + source, err := os.Open(sourceConfig) + if err != nil { + log.Fatalf("Could not read %s (%s)", sourceConfig, err) + } + defer source.Close() + target, err := os.Create(targetBackupConfig) + if err != nil { + log.Fatalf("Could not generate backup %s (%s)", targetBackupConfig, err) + } + defer target.Close() + _, err = io.Copy(target, source) + if err != nil { + log.Fatalf("Could not write backup %s (%s)", targetBackupConfig, err) + } + return targetBackupConfig, nil +} + func createConfig(insecure, forceOverwrite bool, configPath string) error { err := checkConfigPath(configPath) + targetBackupConfig := "" if err != nil && !forceOverwrite { return err + } else if forceOverwrite { + targetBackupConfig, err = backupOcisConfigFile(configPath) + if err != nil { + return err + } else { + + } } err = os.MkdirAll(configPath, 0700) if err != nil { @@ -219,13 +249,18 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { return err } fmt.Printf( - "======================================\n"+ + "\n\n=========================================\n"+ " generated OCIS Config\n"+ - "======================================\n"+ + "=========================================\n"+ " configpath : %s\n"+ " user : admin\n"+ - " password : %s\n", + " password : %s\n\n", targetPath, ocisAdminServicePassword) + if targetBackupConfig != "" { + fmt.Printf("\n=========================================\n"+ + "An older config file has been backuped to\n %s\n\n", + targetBackupConfig) + } return nil } From aba2ee0c397dc28464c23e4019d30137ebc8fae4 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 11:31:15 +0200 Subject: [PATCH 24/99] fix build --- extensions/frontend/pkg/config/parser/parse.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go index d628cfee74..c71a8e5839 100644 --- a/extensions/frontend/pkg/config/parser/parse.go +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/frontend/pkg/config" "github.com/owncloud/ocis/extensions/frontend/pkg/config/defaults" @@ -34,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.TransferSecret == "" { - return ftm.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } return nil From ab254b05d0bec870d454973c8df3c36a307dbc1d Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 15:08:40 +0200 Subject: [PATCH 25/99] remove all "omitempty" from config structs to bring back full configuration file documentation --- extensions/accounts/pkg/config/config.go | 24 +- extensions/appprovider/pkg/config/config.go | 22 +- extensions/audit/pkg/config/config.go | 8 +- extensions/auth-basic/pkg/config/config.go | 62 +- extensions/auth-bearer/pkg/config/config.go | 44 +- extensions/auth-machine/pkg/config/config.go | 20 +- extensions/frontend/pkg/config/config.go | 88 +-- extensions/gateway/pkg/config/config.go | 58 +- extensions/glauth/pkg/config/config.go | 16 +- .../graph-explorer/pkg/config/config.go | 10 +- extensions/graph/pkg/config/config.go | 76 +-- extensions/group/pkg/config/config.go | 66 +-- extensions/idm/pkg/config/config.go | 10 +- extensions/idp/pkg/config/config.go | 42 +- extensions/nats/pkg/config/config.go | 14 +- extensions/notifications/pkg/config/config.go | 12 +- extensions/ocdav/pkg/config/config.go | 34 +- extensions/ocs/pkg/config/config.go | 20 +- extensions/proxy/pkg/config/config.go | 36 +- extensions/settings/pkg/config/config.go | 30 +- extensions/sharing/pkg/config/config.go | 26 +- .../storage-metadata/pkg/config/config.go | 30 +- .../storage-publiclink/pkg/config/config.go | 22 +- .../storage-shares/pkg/config/config.go | 24 +- extensions/storage-users/pkg/config/config.go | 38 +- extensions/storage/pkg/config/config.go | 538 +++++++++--------- extensions/thumbnails/pkg/config/config.go | 28 +- extensions/user/pkg/config/config.go | 66 +-- extensions/web/pkg/config/config.go | 44 +- extensions/webdav/pkg/config/config.go | 16 +- ocis-pkg/config/config.go | 80 +-- 31 files changed, 802 insertions(+), 802 deletions(-) diff --git a/extensions/accounts/pkg/config/config.go b/extensions/accounts/pkg/config/config.go index 0d38512da7..29c2ce7fe5 100644 --- a/extensions/accounts/pkg/config/config.go +++ b/extensions/accounts/pkg/config/config.go @@ -12,21 +12,21 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` - GRPC GRPC `yaml:"grpc,omitempty"` + HTTP HTTP `yaml:"http"` + GRPC GRPC `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` - Asset Asset `yaml:"asset,omitempty"` - Repo Repo `yaml:"repo,omitempty"` - Index Index `yaml:"index,omitempty"` - ServiceUser ServiceUser `yaml:"service_user,omitempty"` - HashDifficulty int `yaml:"hash_difficulty,omitempty" env:"ACCOUNTS_HASH_DIFFICULTY" desc:"The hash difficulty makes sure that validating a password takes at least a certain amount of time."` - DemoUsersAndGroups bool `yaml:"demo_users_and_groups,omitempty" env:"ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"If this flag is set the service will setup the demo users and groups."` + Asset Asset `yaml:"asset"` + Repo Repo `yaml:"repo"` + Index Index `yaml:"index"` + ServiceUser ServiceUser `yaml:"service_user"` + HashDifficulty int `yaml:"hash_difficulty" env:"ACCOUNTS_HASH_DIFFICULTY" desc:"The hash difficulty makes sure that validating a password takes at least a certain amount of time."` + DemoUsersAndGroups bool `yaml:"demo_users_and_groups" env:"ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"If this flag is set the service will setup the demo users and groups."` Context context.Context `yaml:"-"` } diff --git a/extensions/appprovider/pkg/config/config.go b/extensions/appprovider/pkg/config/config.go index c5f1248ee6..fcc440bce2 100644 --- a/extensions/appprovider/pkg/config/config.go +++ b/extensions/appprovider/pkg/config/config.go @@ -5,20 +5,20 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - ExternalAddr string `yaml:"external_addr,omitempty"` - Driver string `yaml:"driver,omitempty"` - Drivers Drivers `yaml:"drivers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + ExternalAddr string `yaml:"external_addr"` + Driver string `yaml:"driver"` + Drivers Drivers `yaml:"drivers"` } type Tracing struct { diff --git a/extensions/audit/pkg/config/config.go b/extensions/audit/pkg/config/config.go index 3b753f1a11..b14a78a752 100644 --- a/extensions/audit/pkg/config/config.go +++ b/extensions/audit/pkg/config/config.go @@ -12,11 +12,11 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - Events Events `yaml:"events,omitempty"` - Auditlog Auditlog `yaml:"auditlog,omitempty"` + Events Events `yaml:"events"` + Auditlog Auditlog `yaml:"auditlog"` Context context.Context `yaml:"-"` } diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 079c57dcc5..1e9c9c3f2c 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + AuthProvider string `yaml:"auth_provider" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED" desc:"Activates tracing."` @@ -50,9 +50,9 @@ type GRPCConfig struct { } type AuthProviders struct { - JSON JSONProvider `yaml:"json,omitempty"` - LDAP LDAPProvider `yaml:"ldap,omitempty"` - OwnCloudSQL OwnCloudSQLProvider `yaml:"owncloud_sql,omitempty"` + JSON JSONProvider `yaml:"json"` + LDAP LDAPProvider `yaml:"ldap"` + OwnCloudSQL OwnCloudSQLProvider `yaml:"owncloud_sql"` } type JSONProvider struct { @@ -60,24 +60,24 @@ type JSONProvider struct { } type LDAPProvider struct { - URI string `yaml:",omitempty" env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` - CACert string `yaml:",omitempty" env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` - Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` - BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` - BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` - GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` - GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` - UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:",omitempty" env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:",omitempty"` - GroupSchema LDAPGroupSchema `yaml:",omitempty"` + URI string `yaml:"" env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` + CACert string `yaml:"" env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` + Insecure bool `yaml:"" env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` + BindDN string `yaml:"" env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` + BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:"" env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` + GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:"" env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` + GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` + UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:"" env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:""` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:""` + GroupSchema LDAPGroupSchema `yaml:""` } type LDAPUserSchema struct { diff --git a/extensions/auth-bearer/pkg/config/config.go b/extensions/auth-bearer/pkg/config/config.go index 644ae43fed..f1d2b1388a 100644 --- a/extensions/auth-bearer/pkg/config/config.go +++ b/extensions/auth-bearer/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + AuthProvider string `yaml:"auth_provider" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED" desc:"Activates tracing."` @@ -38,25 +38,25 @@ type Service struct { } type Debug struct { - Addr string `yaml:"addr,omitempty" env:"AUTH_BEARER_DEBUG_ADDR"` - Token string `yaml:"token,omitempty" env:"AUTH_BEARER_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof,omitempty" env:"AUTH_BEARER_DEBUG_PPROF"` - Zpages bool `yaml:"zpages,omitempty" env:"AUTH_BEARER_DEBUG_ZPAGES"` + Addr string `yaml:"addr" env:"AUTH_BEARER_DEBUG_ADDR"` + Token string `yaml:"token" env:"AUTH_BEARER_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof" env:"AUTH_BEARER_DEBUG_PPROF"` + Zpages bool `yaml:"zpages" env:"AUTH_BEARER_DEBUG_ZPAGES"` } type GRPCConfig struct { - Addr string `yaml:"addr,omitempty" env:"AUTH_BEARER_GRPC_ADDR" desc:"The address of the grpc service."` - Protocol string `yaml:"protocol,omitempty" env:"AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` + Addr string `yaml:"addr" env:"AUTH_BEARER_GRPC_ADDR" desc:"The address of the grpc service."` + Protocol string `yaml:"protocol" env:"AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` } type AuthProviders struct { - OIDC OIDCProvider `yaml:"oidc,omitempty"` + OIDC OIDCProvider `yaml:"oidc"` } type OIDCProvider struct { - Issuer string `yaml:"issuer,omitempty" env:"OCIS_URL;AUTH_BEARER_OIDC_ISSUER"` - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE"` - IDClaim string `yaml:"id_claim,omitempty"` - UIDClaim string `yaml:"uid_claim,omitempty"` - GIDClaim string `yaml:"gid_claim,omitempty"` + Issuer string `yaml:"issuer" env:"OCIS_URL;AUTH_BEARER_OIDC_ISSUER"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE"` + IDClaim string `yaml:"id_claim"` + UIDClaim string `yaml:"uid_claim"` + GIDClaim string `yaml:"gid_claim"` } diff --git a/extensions/auth-machine/pkg/config/config.go b/extensions/auth-machine/pkg/config/config.go index 4837e2915b..00c796c019 100644 --- a/extensions/auth-machine/pkg/config/config.go +++ b/extensions/auth-machine/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + AuthProvider string `yaml:"auth_provider" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index 8e183281fc..c358cbd781 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -5,51 +5,51 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` Supervised bool `yaml:"-"` - HTTP HTTPConfig `yaml:"http,omitempty"` + HTTP HTTPConfig `yaml:"http"` // JWTSecret used to verify reva access token - TransferSecret string `yaml:"transfer_secret,omitempty" env:"STORAGE_TRANSFER_SECRET"` + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_users_groups_in_token,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_users_groups_in_token"` - EnableFavorites bool `yaml:"favorites,omitempty"` - EnableProjectSpaces bool `yaml:"enable_project_spaces,omitempty"` - UploadMaxChunkSize int `yaml:"upload_max_chunk_size,omitempty"` - UploadHTTPMethodOverride string `yaml:"upload_http_method_override,omitempty"` - DefaultUploadProtocol string `yaml:"default_upload_protocol,omitempty"` + EnableFavorites bool `yaml:"favorites"` + EnableProjectSpaces bool `yaml:"enable_project_spaces"` + UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` + UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` + DefaultUploadProtocol string `yaml:"default_upload_protocol"` - PublicURL string `yaml:"public_url,omitempty" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` + PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` - Archiver Archiver `yaml:"archiver,omitempty"` - AppProvider AppProvider `yaml:"app_provider,omitempty"` - DataGateway DataGateway `yaml:"data_gateway,omitempty"` - OCS OCS `yaml:"ocs,omitempty"` - AuthMachine AuthMachine `yaml:"auth_machine,omitempty"` - Checksums Checksums `yaml:"checksums,omitempty"` + Archiver Archiver `yaml:"archiver"` + AppProvider AppProvider `yaml:"app_provider"` + DataGateway DataGateway `yaml:"data_gateway"` + OCS OCS `yaml:"ocs"` + AuthMachine AuthMachine `yaml:"auth_machine"` + Checksums Checksums `yaml:"checksums"` - Middleware Middleware `yaml:"middleware,omitempty"` + Middleware Middleware `yaml:"middleware"` } type Tracing struct { - Enabled bool `yaml:"enabled,omitempty" env:"OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing."` - Type string `yaml:"type,omitempty" env:"OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE"` - Endpoint string `yaml:"endpoint,omitempty" env:"OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` - Collector string `yaml:"collector,omitempty" env:"OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR"` + Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing."` + Type string `yaml:"type" env:"OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE"` + Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` + Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR"` } type Logging struct { - Level string `yaml:"level,omitempty" env:"OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level."` - Pretty bool `yaml:"pretty,omitempty" env:"OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output."` - Color bool `yaml:"color,omitempty" env:"OCIS_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output."` - File string `yaml:"file,omitempty" env:"OCIS_LOG_FILE;FRONTEND_LOG_FILE" desc:"The target log file."` + Level string `yaml:"level" env:"OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level."` + Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output."` + Color bool `yaml:"color" env:"OCIS_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output."` + File string `yaml:"file" env:"OCIS_LOG_FILE;FRONTEND_LOG_FILE" desc:"The target log file."` } type Service struct { @@ -57,44 +57,44 @@ type Service struct { } type Debug struct { - Addr string `yaml:"addr,omitempty" env:"FRONTEND_DEBUG_ADDR"` - Token string `yaml:"token,omitempty" env:"FRONTEND_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof,omitempty" env:"FRONTEND_DEBUG_PPROF"` - Zpages bool `yaml:"zpages,omitempty" env:"FRONTEND_DEBUG_ZPAGES"` + Addr string `yaml:"addr" env:"FRONTEND_DEBUG_ADDR"` + Token string `yaml:"token" env:"FRONTEND_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof" env:"FRONTEND_DEBUG_PPROF"` + Zpages bool `yaml:"zpages" env:"FRONTEND_DEBUG_ZPAGES"` } type HTTPConfig struct { - Addr string `yaml:"addr,omitempty" env:"FRONTEND_HTTP_ADDR" desc:"The address of the http service."` - Protocol string `yaml:"protocol,omitempty" env:"FRONTEND_HTTP_PROTOCOL" desc:"The transport protocol of the http service."` - Prefix string `yaml:"prefix,omitempty"` + Addr string `yaml:"addr" env:"FRONTEND_HTTP_ADDR" desc:"The address of the http service."` + Protocol string `yaml:"protocol" env:"FRONTEND_HTTP_PROTOCOL" desc:"The transport protocol of the http service."` + Prefix string `yaml:"prefix"` } // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth,omitempty"` + Auth Auth `yaml:"auth"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agent,omitempty"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agent"` } type Archiver struct { - MaxNumFiles int64 `yaml:"max_num_files,omitempty"` - MaxSize int64 `yaml:"max_size,omitempty"` + MaxNumFiles int64 `yaml:"max_num_files"` + MaxSize int64 `yaml:"max_size"` Prefix string `yaml:"-"` - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE"` } type AppProvider struct { - ExternalAddr string `yaml:"external_addr,omitempty"` - Driver string `yaml:"driver,omitempty"` + ExternalAddr string `yaml:"external_addr"` + Driver string `yaml:"driver"` // WopiDriver WopiDriver `yaml:"wopi_driver"` AppsURL string `yaml:"-"` OpenURL string `yaml:"-"` NewURL string `yaml:"-"` Prefix string `yaml:"-"` - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE"` } type DataGateway struct { diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index dfc34077fb..dd9679a255 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -6,41 +6,41 @@ type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:",omitempty"` + SkipUserGroupsInToken bool `yaml:""` - CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` - CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` - ShareFolder string `yaml:"share_folder,omitempty"` - DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login,omitempty"` - TransferSecret string `yaml:"transfer_secret,omitempty" env:"STORAGE_TRANSFER_SECRET"` - TransferExpires int `yaml:"transfer_expires,omitempty"` - HomeMapping string `yaml:"home_mapping,omitempty"` - EtagCacheTTL int `yaml:"etag_cache_ttl,omitempty"` + CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant"` + CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref"` + ShareFolder string `yaml:"share_folder"` + DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login"` + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` + TransferExpires int `yaml:"transfer_expires"` + HomeMapping string `yaml:"home_mapping"` + EtagCacheTTL int `yaml:"etag_cache_ttl"` - UsersEndpoint string `yaml:"users_endpoint,omitempty"` - GroupsEndpoint string `yaml:"groups_endpoint,omitempty"` - PermissionsEndpoint string `yaml:"permissions_endpoint,omitempty"` - SharingEndpoint string `yaml:"sharing_endpoint,omitempty"` - FrontendPublicURL string `yaml:"frontend_public_url,omitempty" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"` - AuthBasicEndpoint string `yaml:"auth_basic_endpoint,omitempty"` - AuthBearerEndpoint string `yaml:"auth_bearer_endpoint,omitempty"` - AuthMachineEndpoint string `yaml:"auth_machine_endpoint,omitempty"` - StoragePublicLinkEndpoint string `yaml:"storage_public_link_endpoint,omitempty"` - StorageUsersEndpoint string `yaml:"storage_users_endpoint,omitempty"` - StorageSharesEndpoint string `yaml:"storage_shares_endpoint,omitempty"` + UsersEndpoint string `yaml:"users_endpoint"` + GroupsEndpoint string `yaml:"groups_endpoint"` + PermissionsEndpoint string `yaml:"permissions_endpoint"` + SharingEndpoint string `yaml:"sharing_endpoint"` + FrontendPublicURL string `yaml:"frontend_public_url" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"` + AuthBasicEndpoint string `yaml:"auth_basic_endpoint"` + AuthBearerEndpoint string `yaml:"auth_bearer_endpoint"` + AuthMachineEndpoint string `yaml:"auth_machine_endpoint"` + StoragePublicLinkEndpoint string `yaml:"storage_public_link_endpoint"` + StorageUsersEndpoint string `yaml:"storage_users_endpoint"` + StorageSharesEndpoint string `yaml:"storage_shares_endpoint"` - StorageRegistry StorageRegistry `yaml:"storage_registry,omitempty"` - AppRegistry AppRegistry `yaml:"app_registry,omitempty"` + StorageRegistry StorageRegistry `yaml:"storage_registry"` + AppRegistry AppRegistry `yaml:"app_registry"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GATEWAY_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/glauth/pkg/config/config.go b/extensions/glauth/pkg/config/config.go index d9fcf5d6b1..aa8479989a 100644 --- a/extensions/glauth/pkg/config/config.go +++ b/extensions/glauth/pkg/config/config.go @@ -12,17 +12,17 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - Ldap Ldap `yaml:"ldap,omitempty"` - Ldaps Ldaps `yaml:"ldaps,omitempty"` + Ldap Ldap `yaml:"ldap"` + Ldaps Ldaps `yaml:"ldaps"` - Backend Backend `yaml:"backend,omitempty"` - Fallback FallbackBackend `yaml:"fallback,omitempty"` + Backend Backend `yaml:"backend"` + Fallback FallbackBackend `yaml:"fallback"` - RoleBundleUUID string `yaml:"role_bundle_uuid,omitempty" env:"GLAUTH_ROLE_BUNDLE_ID"` + RoleBundleUUID string `yaml:"role_bundle_uuid" env:"GLAUTH_ROLE_BUNDLE_ID"` Context context.Context `yaml:"-"` } diff --git a/extensions/graph-explorer/pkg/config/config.go b/extensions/graph-explorer/pkg/config/config.go index 4fa0474036..2bd5bd5a62 100644 --- a/extensions/graph-explorer/pkg/config/config.go +++ b/extensions/graph-explorer/pkg/config/config.go @@ -12,13 +12,13 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - GraphExplorer GraphExplorer `yaml:"graph_explorer,omitempty"` + GraphExplorer GraphExplorer `yaml:"graph_explorer"` Context context.Context `yaml:"-"` } diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 16768294fb..d147eaa30c 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -12,62 +12,62 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - Reva *Reva `yaml:"reva,omitempty"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva"` + TokenManager *TokenManager `yaml:"token_manager"` - Spaces Spaces `yaml:"spaces,omitempty"` - Identity Identity `yaml:"identity,omitempty"` - Events Events `yaml:"events,omitempty"` + Spaces Spaces `yaml:"spaces"` + Identity Identity `yaml:"identity"` + Events Events `yaml:"events"` Context context.Context `yaml:"-"` } type Spaces struct { - WebDavBase string `yaml:"webdav_base,omitempty" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE"` - WebDavPath string `yaml:"webdav_path,omitempty" env:"GRAPH_SPACES_WEBDAV_PATH"` - DefaultQuota string `yaml:"default_quota,omitempty" env:"GRAPH_SPACES_DEFAULT_QUOTA"` - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;GRAPH_SPACES_INSECURE"` - ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl,omitempty" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL"` + WebDavBase string `yaml:"webdav_base" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE"` + WebDavPath string `yaml:"webdav_path" env:"GRAPH_SPACES_WEBDAV_PATH"` + DefaultQuota string `yaml:"default_quota" env:"GRAPH_SPACES_DEFAULT_QUOTA"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;GRAPH_SPACES_INSECURE"` + ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL"` } type LDAP struct { - URI string `yaml:"uri,omitempty" env:"LDAP_URI;GRAPH_LDAP_URI"` - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;GRAPH_LDAP_INSECURE"` - BindDN string `yaml:"bind_dn,omitempty" env:"LDAP_BIND_DN;GRAPH_LDAP_BIND_DN"` - BindPassword string `yaml:"bind_password,omitempty" env:"LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD"` - UseServerUUID bool `yaml:"use_server_uuid,omitempty" env:"GRAPH_LDAP_SERVER_UUID"` - WriteEnabled bool `yaml:"write_enabled,omitempty" env:"GRAPH_LDAP_SERVER_WRITE_ENABLED"` + URI string `yaml:"uri" env:"LDAP_URI;GRAPH_LDAP_URI"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;GRAPH_LDAP_INSECURE"` + BindDN string `yaml:"bind_dn" env:"LDAP_BIND_DN;GRAPH_LDAP_BIND_DN"` + BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD"` + UseServerUUID bool `yaml:"use_server_uuid" env:"GRAPH_LDAP_SERVER_UUID"` + WriteEnabled bool `yaml:"write_enabled" env:"GRAPH_LDAP_SERVER_WRITE_ENABLED"` - UserBaseDN string `yaml:"user_base_dn,omitempty" env:"LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN"` - UserSearchScope string `yaml:"user_search_scope,omitempty" env:"LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE"` - UserFilter string `yaml:"user_filter,omitempty" env:"LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER"` - UserObjectClass string `yaml:"user_objectclass,omitempty" env:"LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS"` - UserEmailAttribute string `yaml:"user_mail_attribute,omitempty" env:"LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE"` - UserDisplayNameAttribute string `yaml:"user_displayname_attribute,omitempty" env:"LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE"` - UserNameAttribute string `yaml:"user_name_attribute,omitempty" env:"LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE"` - UserIDAttribute string `yaml:"user_id_attribute,omitempty" env:"LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE"` + UserBaseDN string `yaml:"user_base_dn" env:"LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN"` + UserSearchScope string `yaml:"user_search_scope" env:"LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE"` + UserFilter string `yaml:"user_filter" env:"LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER"` + UserObjectClass string `yaml:"user_objectclass" env:"LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS"` + UserEmailAttribute string `yaml:"user_mail_attribute" env:"LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE"` + UserDisplayNameAttribute string `yaml:"user_displayname_attribute" env:"LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE"` + UserNameAttribute string `yaml:"user_name_attribute" env:"LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE"` + UserIDAttribute string `yaml:"user_id_attribute" env:"LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE"` - GroupBaseDN string `yaml:"group_base_dn,omitempty" env:"LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN"` - GroupSearchScope string `yaml:"group_search_scope,omitempty" env:"LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE"` - GroupFilter string `yaml:"group_filter,omitempty" env:"LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER"` - GroupObjectClass string `yaml:"group_objectclass,omitempty" env:"LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS"` - GroupNameAttribute string `yaml:"group_name_attribute,omitempty" env:"LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE"` - GroupIDAttribute string `yaml:"group_id_attribute,omitempty" env:"LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE"` + GroupBaseDN string `yaml:"group_base_dn" env:"LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN"` + GroupSearchScope string `yaml:"group_search_scope" env:"LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE"` + GroupFilter string `yaml:"group_filter" env:"LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER"` + GroupObjectClass string `yaml:"group_objectclass" env:"LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS"` + GroupNameAttribute string `yaml:"group_name_attribute" env:"LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE"` + GroupIDAttribute string `yaml:"group_id_attribute" env:"LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE"` } type Identity struct { - Backend string `yaml:"backend,omitempty" env:"GRAPH_IDENTITY_BACKEND"` - LDAP LDAP `yaml:"ldap,omitempty"` + Backend string `yaml:"backend" env:"GRAPH_IDENTITY_BACKEND"` + LDAP LDAP `yaml:"ldap"` } // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"events_endpoint,omitempty" env:"GRAPH_EVENTS_ENDPOINT" desc:"the address of the streaming service"` - Cluster string `yaml:"events_cluster,omitempty" env:"GRAPH_EVENTS_CLUSTER" desc:"the clusterID of the streaming service. Mandatory when using nats"` + Endpoint string `yaml:"events_endpoint" env:"GRAPH_EVENTS_ENDPOINT" desc:"the address of the streaming service"` + Cluster string `yaml:"events_cluster" env:"GRAPH_EVENTS_CLUSTER" desc:"the clusterID of the streaming service. Mandatory when using nats"` } diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index e6c46d54fb..efd0ea1b1e 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -5,20 +5,20 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` - Driver string `yaml:"driver,omitempty"` - Drivers Drivers `yaml:"drivers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration"` + Driver string `yaml:"driver"` + Drivers Drivers `yaml:"drivers"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED" desc:"Activates tracing."` @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver `yaml:",omitempty"` - LDAP LDAPDriver `yaml:",omitempty"` - OwnCloudSQL OwnCloudSQLDriver `yaml:",omitempty"` - REST RESTProvider `yaml:",omitempty"` + JSON JSONDriver `yaml:""` + LDAP LDAPDriver `yaml:""` + OwnCloudSQL OwnCloudSQLDriver `yaml:""` + REST RESTProvider `yaml:""` } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `yaml:",omitempty" env:"LDAP_URI;GROUPS_LDAP_URI"` - CACert string `yaml:",omitempty" env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` - Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` - BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` - BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` - GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` - GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` - UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:",omitempty" env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:",omitempty"` - GroupSchema LDAPGroupSchema `yaml:",omitempty"` + URI string `yaml:"" env:"LDAP_URI;GROUPS_LDAP_URI"` + CACert string `yaml:"" env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` + Insecure bool `yaml:"" env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` + BindDN string `yaml:"" env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` + BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:"" env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` + GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:"" env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` + GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` + UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:"" env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:""` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:""` + GroupSchema LDAPGroupSchema `yaml:""` } type LDAPUserSchema struct { diff --git a/extensions/idm/pkg/config/config.go b/extensions/idm/pkg/config/config.go index 8f47d43a72..2706fe673f 100644 --- a/extensions/idm/pkg/config/config.go +++ b/extensions/idm/pkg/config/config.go @@ -12,12 +12,12 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - IDM Settings `yaml:"idm,omitempty"` - CreateDemoUsers bool `yaml:"create_demo_users,omitempty" env:"IDM_CREATE_DEMO_USERS;ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"Flag to enabe/disable the creation of the demo users"` + IDM Settings `yaml:"idm"` + CreateDemoUsers bool `yaml:"create_demo_users" env:"IDM_CREATE_DEMO_USERS;ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"Flag to enabe/disable the creation of the demo users"` ServiceUserPasswords ServiceUserPasswords `yaml:"service_user_passwords"` diff --git a/extensions/idp/pkg/config/config.go b/extensions/idp/pkg/config/config.go index 2d697a9c85..4979fb0f38 100644 --- a/extensions/idp/pkg/config/config.go +++ b/extensions/idp/pkg/config/config.go @@ -12,43 +12,43 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - Asset Asset `yaml:"asset,omitempty"` - IDP Settings `yaml:"idp,omitempty"` - Ldap Ldap `yaml:"ldap,omitempty"` + Asset Asset `yaml:"asset"` + IDP Settings `yaml:"idp"` + Ldap Ldap `yaml:"ldap"` Context context.Context `yaml:"-"` } // Ldap defines the available LDAP configuration. type Ldap struct { - URI string `yaml:"uri,omitempty" env:"LDAP_URI;IDP_LDAP_URI"` - TLSCACert string `yaml:"cacert,omitempty" env:"LDAP_CACERT;IDP_LDAP_TLS_CACERT"` + URI string `yaml:"uri" env:"LDAP_URI;IDP_LDAP_URI"` + TLSCACert string `yaml:"cacert" env:"LDAP_CACERT;IDP_LDAP_TLS_CACERT"` - BindDN string `yaml:"bind_dn,omitempty" env:"LDAP_BIND_DN;IDP_LDAP_BIND_DN"` - BindPassword string `yaml:"bind_password,omitempty" env:"LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD"` + BindDN string `yaml:"bind_dn" env:"LDAP_BIND_DN;IDP_LDAP_BIND_DN"` + BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD"` - BaseDN string `yaml:"base_dn,omitempty" env:"LDAP_USER_BASE_DN,IDP_LDAP_BASE_DN"` - Scope string `yaml:"scope,omitempty" env:"LDAP_USER_SCOPE;IDP_LDAP_SCOPE"` + BaseDN string `yaml:"base_dn" env:"LDAP_USER_BASE_DN,IDP_LDAP_BASE_DN"` + Scope string `yaml:"scope" env:"LDAP_USER_SCOPE;IDP_LDAP_SCOPE"` - LoginAttribute string `yaml:"login_attribute,omitempty" env:"IDP_LDAP_LOGIN_ATTRIBUTE"` - EmailAttribute string `yaml:"email_attribute,omitempty" env:"LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE"` - NameAttribute string `yaml:"name_attribute,omitempty" env:"LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE"` - UUIDAttribute string `yaml:"uuid_attribute,omitempty" env:"LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE"` - UUIDAttributeType string `yaml:"uuid_attribute_type,omitempty" env:"IDP_LDAP_UUID_ATTRIBUTE_TYPE"` + LoginAttribute string `yaml:"login_attribute" env:"IDP_LDAP_LOGIN_ATTRIBUTE"` + EmailAttribute string `yaml:"email_attribute" env:"LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE"` + NameAttribute string `yaml:"name_attribute" env:"LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE"` + UUIDAttribute string `yaml:"uuid_attribute" env:"LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE"` + UUIDAttributeType string `yaml:"uuid_attribute_type" env:"IDP_LDAP_UUID_ATTRIBUTE_TYPE"` - Filter string `yaml:"filter,omitempty" env:"LDAP_USER_FILTER;IDP_LDAP_FILTER"` - ObjectClass string `yaml:"objectclass,omitempty" env:"LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS"` + Filter string `yaml:"filter" env:"LDAP_USER_FILTER;IDP_LDAP_FILTER"` + ObjectClass string `yaml:"objectclass" env:"LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS"` } // Asset defines the available asset configuration. type Asset struct { - Path string `yaml:"asset,omitempty" env:"IDP_ASSET_PATH"` + Path string `yaml:"asset" env:"IDP_ASSET_PATH"` } type Settings struct { diff --git a/extensions/nats/pkg/config/config.go b/extensions/nats/pkg/config/config.go index 9dfed67b29..3d1c279443 100644 --- a/extensions/nats/pkg/config/config.go +++ b/extensions/nats/pkg/config/config.go @@ -12,18 +12,18 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - Nats Nats `ociConfig:"nats,omitempty"` + Nats Nats `ociConfig:"nats"` Context context.Context `yaml:"-"` } // Nats is the nats config type Nats struct { - Host string `yaml:"host,omitempty" env:"NATS_NATS_HOST"` - Port int `yaml:"port,omitempty" env:"NATS_NATS_PORT"` - ClusterID string `yaml:"clusterid,omitempty" env:"NATS_NATS_CLUSTER_ID"` - StoreDir string `yaml:"store_dir,omitempty" env:"NATS_NATS_STORE_DIR"` + Host string `yaml:"host" env:"NATS_NATS_HOST"` + Port int `yaml:"port" env:"NATS_NATS_PORT"` + ClusterID string `yaml:"clusterid" env:"NATS_NATS_CLUSTER_ID"` + StoreDir string `yaml:"store_dir" env:"NATS_NATS_STORE_DIR"` } diff --git a/extensions/notifications/pkg/config/config.go b/extensions/notifications/pkg/config/config.go index 103d5acdc1..36ff2e6c8c 100644 --- a/extensions/notifications/pkg/config/config.go +++ b/extensions/notifications/pkg/config/config.go @@ -12,10 +12,10 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - Notifications Notifications `yaml:"notifications,omitempty"` + Notifications Notifications `yaml:"notifications"` Context context.Context `yaml:"-"` } @@ -23,9 +23,9 @@ type Config struct { // Notifications definces the config options for the notifications service. type Notifications struct { *shared.Commons `yaml:"-"` - SMTP SMTP `yaml:"SMTP,omitempty"` - Events Events `yaml:"events,omitempty"` - RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY"` + SMTP SMTP `yaml:"SMTP"` + Events Events `yaml:"events"` + RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY"` } diff --git a/extensions/ocdav/pkg/config/config.go b/extensions/ocdav/pkg/config/config.go index de3748fcee..bc13918b5e 100644 --- a/extensions/ocdav/pkg/config/config.go +++ b/extensions/ocdav/pkg/config/config.go @@ -5,29 +5,29 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - HTTP HTTPConfig `yaml:"http,omitempty"` + HTTP HTTPConfig `yaml:"http"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` - WebdavNamespace string `yaml:"webdav_namespace,omitempty"` - FilesNamespace string `yaml:"files_namespace,omitempty"` - SharesNamespace string `yaml:"shares_namespace,omitempty"` + WebdavNamespace string `yaml:"webdav_namespace"` + FilesNamespace string `yaml:"files_namespace"` + SharesNamespace string `yaml:"shares_namespace"` // PublicURL used to redirect /s/{token} URLs to - PublicURL string `yaml:"public_url,omitempty" env:"OCIS_URL;OCDAV_PUBLIC_URL"` + PublicURL string `yaml:"public_url" env:"OCIS_URL;OCDAV_PUBLIC_URL"` // Insecure certificates allowed when making requests to the gateway - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;OCDAV_INSECURE"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;OCDAV_INSECURE"` // Timeout in seconds when making requests to the gateway - Timeout int64 `yaml:"timeout,omitempty"` - Middleware Middleware `yaml:"middleware,omitempty"` + Timeout int64 `yaml:"timeout"` + Middleware Middleware `yaml:"middleware"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED" desc:"Activates tracing."` @@ -62,10 +62,10 @@ type HTTPConfig struct { // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth,omitempty"` + Auth Auth `yaml:"auth"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr,omitempty"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` } diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index af57bc07cd..b5e7fbe859 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -12,20 +12,20 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` + IdentityManagement IdentityManagement `yaml:"identity_management"` - AccountBackend string `yaml:"account_backend,omitempty" env:"OCS_ACCOUNT_BACKEND_TYPE"` - StorageUsersDriver string `yaml:"storage_users_driver,omitempty" env:"STORAGE_USERS_DRIVER;OCS_STORAGE_USERS_DRIVER"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY"` + AccountBackend string `yaml:"account_backend" env:"OCS_ACCOUNT_BACKEND_TYPE"` + StorageUsersDriver string `yaml:"storage_users_driver" env:"STORAGE_USERS_DRIVER;OCS_STORAGE_USERS_DRIVER"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY"` Context context.Context `yaml:"-"` } diff --git a/extensions/proxy/pkg/config/config.go b/extensions/proxy/pkg/config/config.go index f9f1a53081..b1959b9ccd 100644 --- a/extensions/proxy/pkg/config/config.go +++ b/extensions/proxy/pkg/config/config.go @@ -12,27 +12,27 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - Reva *Reva `yaml:"reva,omitempty"` + Reva *Reva `yaml:"reva"` - Policies []Policy `yaml:"policies,omitempty"` - OIDC OIDC `yaml:"oidc,omitempty"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - PolicySelector *PolicySelector `yaml:"policy_selector,omitempty"` - PreSignedURL PreSignedURL `yaml:"pre_signed_url,omitempty"` - AccountBackend string `yaml:"account_backend,omitempty" env:"PROXY_ACCOUNT_BACKEND_TYPE"` - UserOIDCClaim string `yaml:"user_oidc_claim,omitempty" env:"PROXY_USER_OIDC_CLAIM"` - UserCS3Claim string `yaml:"user_cs3_claim,omitempty" env:"PROXY_USER_CS3_CLAIM"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY"` - AutoprovisionAccounts bool `yaml:"auto_provision_accounts,omitempty" env:"PROXY_AUTOPROVISION_ACCOUNTS"` - EnableBasicAuth bool `yaml:"enable_basic_auth,omitempty" env:"PROXY_ENABLE_BASIC_AUTH"` - InsecureBackends bool `yaml:"insecure_backends,omitempty" env:"PROXY_INSECURE_BACKENDS"` - AuthMiddleware AuthMiddleware `yaml:"auth_middleware,omitempty"` + Policies []Policy `yaml:"policies"` + OIDC OIDC `yaml:"oidc"` + TokenManager *TokenManager `yaml:"token_manager"` + PolicySelector *PolicySelector `yaml:"policy_selector"` + PreSignedURL PreSignedURL `yaml:"pre_signed_url"` + AccountBackend string `yaml:"account_backend" env:"PROXY_ACCOUNT_BACKEND_TYPE"` + UserOIDCClaim string `yaml:"user_oidc_claim" env:"PROXY_USER_OIDC_CLAIM"` + UserCS3Claim string `yaml:"user_cs3_claim" env:"PROXY_USER_CS3_CLAIM"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY"` + AutoprovisionAccounts bool `yaml:"auto_provision_accounts" env:"PROXY_AUTOPROVISION_ACCOUNTS"` + EnableBasicAuth bool `yaml:"enable_basic_auth" env:"PROXY_ENABLE_BASIC_AUTH"` + InsecureBackends bool `yaml:"insecure_backends" env:"PROXY_INSECURE_BACKENDS"` + AuthMiddleware AuthMiddleware `yaml:"auth_middleware"` Context context.Context `yaml:"-"` } diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index ea74b42ed1..24de34c3a1 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -12,19 +12,19 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` - GRPC GRPC `yaml:"grpc,omitempty"` + HTTP HTTP `yaml:"http"` + GRPC GRPC `yaml:"grpc"` - StoreType string `yaml:"store_type,omitempty" env:"SETTINGS_STORE_TYPE"` - DataPath string `yaml:"data_path,omitempty" env:"SETTINGS_DATA_PATH"` - Metadata Metadata `yaml:"metadata_config,omitempty"` + StoreType string `yaml:"store_type" env:"SETTINGS_STORE_TYPE"` + DataPath string `yaml:"data_path" env:"SETTINGS_DATA_PATH"` + Metadata Metadata `yaml:"metadata_config"` - Asset Asset `yaml:"asset,omitempty"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Asset Asset `yaml:"asset"` + TokenManager *TokenManager `yaml:"token_manager"` Context context.Context `yaml:"-"` } @@ -36,10 +36,10 @@ type Asset struct { // Metadata configures the metadata store to use type Metadata struct { - GatewayAddress string `yaml:"gateway_addr,omitempty" env:"STORAGE_GATEWAY_GRPC_ADDR"` - StorageAddress string `yaml:"storage_addr,omitempty" env:"STORAGE_GRPC_ADDR"` + GatewayAddress string `yaml:"gateway_addr" env:"STORAGE_GATEWAY_GRPC_ADDR"` + StorageAddress string `yaml:"storage_addr" env:"STORAGE_GRPC_ADDR"` - ServiceUserID string `yaml:"service_user_id,omitempty" env:"METADATA_SERVICE_USER_UUID"` - ServiceUserIDP string `yaml:"service_user_idp,omitempty" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY"` + ServiceUserID string `yaml:"service_user_id" env:"METADATA_SERVICE_USER_UUID"` + ServiceUserIDP string `yaml:"service_user_idp" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` } diff --git a/extensions/sharing/pkg/config/config.go b/extensions/sharing/pkg/config/config.go index 9df6e9bae3..b63417987c 100644 --- a/extensions/sharing/pkg/config/config.go +++ b/extensions/sharing/pkg/config/config.go @@ -5,22 +5,22 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - UserSharingDriver string `yaml:"user_sharing_driver,omitempty"` - UserSharingDrivers UserSharingDrivers `yaml:"user_sharin_drivers,omitempty"` - PublicSharingDriver string `yaml:"public_sharing_driver,omitempty"` - PublicSharingDrivers PublicSharingDrivers `yaml:"public_sharing_drivers,omitempty"` - Events Events `yaml:"events,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + UserSharingDriver string `yaml:"user_sharing_driver"` + UserSharingDrivers UserSharingDrivers `yaml:"user_sharin_drivers"` + PublicSharingDriver string `yaml:"public_sharing_driver"` + PublicSharingDrivers PublicSharingDrivers `yaml:"public_sharing_drivers"` + Events Events `yaml:"events"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;SHARING_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index c783f91308..48d071f836 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -9,25 +9,25 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` - HTTP HTTPConfig `yaml:"http,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` + HTTP HTTPConfig `yaml:"http"` - Context context.Context `yaml:"context,omitempty"` + Context context.Context `yaml:"context"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - Driver string `yaml:"driver,omitempty" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` - Drivers Drivers `yaml:"drivers,omitempty"` - DataServerURL string `yaml:"data_server_url,omitempty"` - TempFolder string `yaml:"temp_folder,omitempty"` - DataProviderInsecure bool `yaml:"data_providcer_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + Driver string `yaml:"driver" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` + Drivers Drivers `yaml:"drivers"` + DataServerURL string `yaml:"data_server_url"` + TempFolder string `yaml:"temp_folder"` + DataProviderInsecure bool `yaml:"data_providcer_insecure" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-publiclink/pkg/config/config.go b/extensions/storage-publiclink/pkg/config/config.go index 0fcc80c113..a261852f46 100644 --- a/extensions/storage-publiclink/pkg/config/config.go +++ b/extensions/storage-publiclink/pkg/config/config.go @@ -9,21 +9,21 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - Context context.Context `yaml:"context,omitempty"` + Context context.Context `yaml:"context"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - AuthProvider AuthProvider `yaml:"auth_provider,omitempty"` - StorageProvider StorageProvider `yaml:"storage_provider,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + AuthProvider AuthProvider `yaml:"auth_provider"` + StorageProvider StorageProvider `yaml:"storage_provider"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-shares/pkg/config/config.go b/extensions/storage-shares/pkg/config/config.go index 1ad7fca1d9..a44f0b8deb 100644 --- a/extensions/storage-shares/pkg/config/config.go +++ b/extensions/storage-shares/pkg/config/config.go @@ -9,21 +9,21 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` - HTTP HTTPConfig `yaml:"http,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` + HTTP HTTPConfig `yaml:"http"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - Context context.Context `yaml:"context,omitempty"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - ReadOnly bool `yaml:"readonly,omitempty"` - SharesProviderEndpoint string `yaml:"shares_provider_endpoint,omitempty"` + Context context.Context `yaml:"context"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + ReadOnly bool `yaml:"readonly"` + SharesProviderEndpoint string `yaml:"shares_provider_endpoint"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-users/pkg/config/config.go b/extensions/storage-users/pkg/config/config.go index fe749a5d0d..4cf505d9c1 100644 --- a/extensions/storage-users/pkg/config/config.go +++ b/extensions/storage-users/pkg/config/config.go @@ -9,29 +9,29 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` - HTTP HTTPConfig `yaml:"http,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` + HTTP HTTPConfig `yaml:"http"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - Context context.Context `yaml:"context,omitempty"` + Context context.Context `yaml:"context"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - Driver string `yaml:"driver,omitempty" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` - Drivers Drivers `yaml:"drivers,omitempty"` - DataServerURL string `yaml:"data_server_url,omitempty"` - TempFolder string `yaml:"temp_folder,omitempty"` - DataProviderInsecure bool `yaml:"data_provider_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` - Events Events `yaml:"events,omitempty"` - MountID string `yaml:"mount_id,omitempty"` - ExposeDataServer bool `yaml:"expose_data_server,omitempty"` - ReadOnly bool `yaml:"readonly,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + Driver string `yaml:"driver" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` + Drivers Drivers `yaml:"drivers"` + DataServerURL string `yaml:"data_server_url"` + TempFolder string `yaml:"temp_folder"` + DataProviderInsecure bool `yaml:"data_provider_insecure" env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` + Events Events `yaml:"events"` + MountID string `yaml:"mount_id"` + ExposeDataServer bool `yaml:"expose_data_server"` + ReadOnly bool `yaml:"readonly"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage/pkg/config/config.go b/extensions/storage/pkg/config/config.go index 841d36797c..1b8daa4f20 100644 --- a/extensions/storage/pkg/config/config.go +++ b/extensions/storage/pkg/config/config.go @@ -8,123 +8,123 @@ import ( // Log defines the available logging configuration. type Log struct { - Level string `yaml:"level,omitempty"` - Pretty bool `yaml:"pretty,omitempty"` - Color bool `yaml:"color,omitempty"` - File string `yaml:"file,omitempty"` + Level string `yaml:"level"` + Pretty bool `yaml:"pretty"` + Color bool `yaml:"color"` + File string `yaml:"file"` } // Debug defines the available debug configuration. type Debug struct { - Addr string `yaml:"addr,omitempty"` - Token string `yaml:"token,omitempty"` - Pprof bool `yaml:"pprof,omitempty"` - Zpages bool `yaml:"zpages,omitempty"` + Addr string `yaml:"addr"` + Token string `yaml:"token"` + Pprof bool `yaml:"pprof"` + Zpages bool `yaml:"zpages"` } // Gateway defines the available gateway configuration. type Gateway struct { Port - CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` - CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` - DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login,omitempty"` - ShareFolder string `yaml:"share_folder,omitempty"` - LinkGrants string `yaml:"link_grants,omitempty"` - HomeMapping string `yaml:"home_mapping,omitempty"` - EtagCacheTTL int `yaml:"etag_cache_ttl,omitempty"` + CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant"` + CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref"` + DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login"` + ShareFolder string `yaml:"share_folder"` + LinkGrants string `yaml:"link_grants"` + HomeMapping string `yaml:"home_mapping"` + EtagCacheTTL int `yaml:"etag_cache_ttl"` } // StorageRegistry defines the available storage registry configuration type StorageRegistry struct { - Driver string `yaml:"driver,omitempty"` + Driver string `yaml:"driver"` // HomeProvider is the path in the global namespace that the static storage registry uses to determine the home storage - HomeProvider string `yaml:"home_provider,omitempty"` - Rules []string `yaml:"rules,omitempty"` - JSON string `yaml:"json,omitempty"` + HomeProvider string `yaml:"home_provider"` + Rules []string `yaml:"rules"` + JSON string `yaml:"json"` } // AppRegistry defines the available app registry configuration type AppRegistry struct { - Driver string `yaml:"driver,omitempty"` - MimetypesJSON string `yaml:"mime_types_json,omitempty"` + Driver string `yaml:"driver"` + MimetypesJSON string `yaml:"mime_types_json"` } // AppProvider defines the available app provider configuration type AppProvider struct { Port - ExternalAddr string `yaml:"external_addr,omitempty"` - Driver string `yaml:"driver,omitempty"` - WopiDriver WopiDriver `yaml:"wopi_driver,omitempty"` - AppsURL string `yaml:"apps_url,omitempty"` - OpenURL string `yaml:"open_url,omitempty"` - NewURL string `yaml:"new_url,omitempty"` + ExternalAddr string `yaml:"external_addr"` + Driver string `yaml:"driver"` + WopiDriver WopiDriver `yaml:"wopi_driver"` + AppsURL string `yaml:"apps_url"` + OpenURL string `yaml:"open_url"` + NewURL string `yaml:"new_url"` } type WopiDriver struct { - AppAPIKey string `yaml:"app_api_key,omitempty"` - AppDesktopOnly bool `yaml:"app_desktop_only,omitempty"` - AppIconURI string `yaml:"app_icon_uri,omitempty"` - AppInternalURL string `yaml:"app_internal_url,omitempty"` - AppName string `yaml:"app_name,omitempty"` - AppURL string `yaml:"app_url,omitempty"` - Insecure bool `yaml:"insecure,omitempty"` - IopSecret string `yaml:"ipo_secret,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - WopiURL string `yaml:"wopi_url,omitempty"` + AppAPIKey string `yaml:"app_api_key"` + AppDesktopOnly bool `yaml:"app_desktop_only"` + AppIconURI string `yaml:"app_icon_uri"` + AppInternalURL string `yaml:"app_internal_url"` + AppName string `yaml:"app_name"` + AppURL string `yaml:"app_url"` + Insecure bool `yaml:"insecure"` + IopSecret string `yaml:"ipo_secret"` + JWTSecret string `yaml:"jwt_secret"` + WopiURL string `yaml:"wopi_url"` } // Sharing defines the available sharing configuration. type Sharing struct { Port - UserDriver string `yaml:"user_driver,omitempty"` - UserJSONFile string `yaml:"user_json_file,omitempty"` - CS3ProviderAddr string `yaml:"provider_addr,omitempty"` - CS3ServiceUser string `yaml:"service_user_id,omitempty"` - CS3ServiceUserIdp string `yaml:"service_user_idp,omitempty"` - UserSQLUsername string `yaml:"user_sql_username,omitempty"` - UserSQLPassword string `yaml:"user_sql_password,omitempty"` - UserSQLHost string `yaml:"user_sql_host,omitempty"` - UserSQLPort int `yaml:"user_sql_port,omitempty"` - UserSQLName string `yaml:"user_sql_name,omitempty"` - PublicDriver string `yaml:"public_driver,omitempty"` - PublicJSONFile string `yaml:"public_json_file,omitempty"` - PublicPasswordHashCost int `yaml:"public_password_hash_cost,omitempty"` - PublicEnableExpiredSharesCleanup bool `yaml:"public_enable_expired_shares_cleanup,omitempty"` - PublicJanitorRunInterval int `yaml:"public_janitor_run_interval,omitempty"` - UserStorageMountID string `yaml:"user_storage_mount_id,omitempty"` - Events Events `yaml:"events,omitempty"` + UserDriver string `yaml:"user_driver"` + UserJSONFile string `yaml:"user_json_file"` + CS3ProviderAddr string `yaml:"provider_addr"` + CS3ServiceUser string `yaml:"service_user_id"` + CS3ServiceUserIdp string `yaml:"service_user_idp"` + UserSQLUsername string `yaml:"user_sql_username"` + UserSQLPassword string `yaml:"user_sql_password"` + UserSQLHost string `yaml:"user_sql_host"` + UserSQLPort int `yaml:"user_sql_port"` + UserSQLName string `yaml:"user_sql_name"` + PublicDriver string `yaml:"public_driver"` + PublicJSONFile string `yaml:"public_json_file"` + PublicPasswordHashCost int `yaml:"public_password_hash_cost"` + PublicEnableExpiredSharesCleanup bool `yaml:"public_enable_expired_shares_cleanup"` + PublicJanitorRunInterval int `yaml:"public_janitor_run_interval"` + UserStorageMountID string `yaml:"user_storage_mount_id"` + Events Events `yaml:"events"` } type Events struct { - Address string `yaml:"address,omitempty"` - ClusterID string `yaml:"cluster_id,omitempty"` + Address string `yaml:"address"` + ClusterID string `yaml:"cluster_id"` } // Port defines the available port configuration. type Port struct { // MaxCPUs can be a number or a percentage - MaxCPUs string `yaml:"max_cpus,omitempty"` - LogLevel string `yaml:"log_level,omitempty"` + MaxCPUs string `yaml:"max_cpus"` + LogLevel string `yaml:"log_level"` // GRPCNetwork can be tcp, udp or unix - GRPCNetwork string `yaml:"grpc_network,omitempty"` + GRPCNetwork string `yaml:"grpc_network"` // GRPCAddr to listen on, hostname:port (0.0.0.0:9999 for all interfaces) or socket (/var/run/reva/sock) - GRPCAddr string `yaml:"grpc_addr,omitempty"` + GRPCAddr string `yaml:"grpc_addr"` // Protocol can be grpc or http // HTTPNetwork can be tcp, udp or unix - HTTPNetwork string `yaml:"http_network,omitempty"` + HTTPNetwork string `yaml:"http_network"` // HTTPAddr to listen on, hostname:port (0.0.0.0:9100 for all interfaces) or socket (/var/run/reva/sock) - HTTPAddr string `yaml:"http_addr,omitempty"` + HTTPAddr string `yaml:"http_addr"` // Protocol can be grpc or http - Protocol string `yaml:"protocol,omitempty"` + Protocol string `yaml:"protocol"` // Endpoint is used by the gateway and registries (eg localhost:9100 or cloud.example.com) - Endpoint string `yaml:"endpoint,omitempty"` + Endpoint string `yaml:"endpoint"` // DebugAddr for the debug endpoint to bind to - DebugAddr string `yaml:"debug_addr,omitempty"` + DebugAddr string `yaml:"debug_addr"` // Services can be used to give a list of services that should be started on this port - Services []string `yaml:"services,omitempty"` + Services []string `yaml:"services"` // Config can be used to configure the reva instance. // Services and Protocol will be ignored if this is used - Config map[string]interface{} `yaml:"config,omitempty"` + Config map[string]interface{} `yaml:"config"` // Context allows for context cancellation and propagation Context context.Context @@ -136,118 +136,118 @@ type Port struct { // Users defines the available users configuration. type Users struct { Port - Driver string `yaml:"driver,omitempty"` - JSON string `yaml:"json,omitempty"` - UserGroupsCacheExpiration int `yaml:"user_groups_cache_expiration,omitempty"` + Driver string `yaml:"driver"` + JSON string `yaml:"json"` + UserGroupsCacheExpiration int `yaml:"user_groups_cache_expiration"` } // AuthMachineConfig defines the available configuration for the machine auth driver. type AuthMachineConfig struct { - MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key"` } // Groups defines the available groups configuration. type Groups struct { Port - Driver string `yaml:"driver,omitempty"` - JSON string `yaml:"json,omitempty"` - GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` + Driver string `yaml:"driver"` + JSON string `yaml:"json"` + GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration"` } // FrontendPort defines the available frontend configuration. type FrontendPort struct { Port - AppProviderInsecure bool `yaml:"app_provider_insecure,omitempty"` - AppProviderPrefix string `yaml:"app_provider_prefix,omitempty"` - ArchiverInsecure bool `yaml:"archiver_insecure,omitempty"` - ArchiverPrefix string `yaml:"archiver_prefix,omitempty"` - DatagatewayPrefix string `yaml:"data_gateway_prefix,omitempty"` - Favorites bool `yaml:"favorites,omitempty"` - ProjectSpaces bool `yaml:"project_spaces,omitempty"` - OCSPrefix string `yaml:"ocs_prefix,omitempty"` - OCSSharePrefix string `yaml:"ocs_share_prefix,omitempty"` - OCSHomeNamespace string `yaml:"ocs_home_namespace,omitempty"` - PublicURL string `yaml:"public_url,omitempty"` - OCSCacheWarmupDriver string `yaml:"ocs_cache_warmup_driver,omitempty"` - OCSAdditionalInfoAttribute string `yaml:"ocs_additional_info_attribute,omitempty"` - OCSResourceInfoCacheTTL int `yaml:"ocs_resource_info_cache_ttl,omitempty"` - Middleware Middleware `yaml:"middleware,omitempty"` + AppProviderInsecure bool `yaml:"app_provider_insecure"` + AppProviderPrefix string `yaml:"app_provider_prefix"` + ArchiverInsecure bool `yaml:"archiver_insecure"` + ArchiverPrefix string `yaml:"archiver_prefix"` + DatagatewayPrefix string `yaml:"data_gateway_prefix"` + Favorites bool `yaml:"favorites"` + ProjectSpaces bool `yaml:"project_spaces"` + OCSPrefix string `yaml:"ocs_prefix"` + OCSSharePrefix string `yaml:"ocs_share_prefix"` + OCSHomeNamespace string `yaml:"ocs_home_namespace"` + PublicURL string `yaml:"public_url"` + OCSCacheWarmupDriver string `yaml:"ocs_cache_warmup_driver"` + OCSAdditionalInfoAttribute string `yaml:"ocs_additional_info_attribute"` + OCSResourceInfoCacheTTL int `yaml:"ocs_resource_info_cache_ttl"` + Middleware Middleware `yaml:"middleware"` } // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth,omitempty"` + Auth Auth `yaml:"auth"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr,omitempty"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` } // DataGatewayPort has a public url type DataGatewayPort struct { Port - PublicURL string `yaml:",omitempty"` + PublicURL string `yaml:""` } type DataProvider struct { - Insecure bool `yaml:"insecure,omitempty"` + Insecure bool `yaml:"insecure"` } // StoragePort defines the available storage configuration. type StoragePort struct { Port - Driver string `yaml:"driver,omitempty"` - MountID string `yaml:"mount_id,omitempty"` - AlternativeID string `yaml:"alternative_id,omitempty"` - ExposeDataServer bool `yaml:"expose_data_server,omitempty"` + Driver string `yaml:"driver"` + MountID string `yaml:"mount_id"` + AlternativeID string `yaml:"alternative_id"` + ExposeDataServer bool `yaml:"expose_data_server"` // url the data gateway will use to route requests - DataServerURL string `yaml:"data_server_url,omitempty"` + DataServerURL string `yaml:"data_server_url"` // for HTTP ports with only one http service - HTTPPrefix string `yaml:"http_prefix,omitempty"` - TempFolder string `yaml:"temp_folder,omitempty"` - ReadOnly bool `yaml:"read_only,omitempty"` - DataProvider DataProvider `yaml:"data_provider,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + HTTPPrefix string `yaml:"http_prefix"` + TempFolder string `yaml:"temp_folder"` + ReadOnly bool `yaml:"read_only"` + DataProvider DataProvider `yaml:"data_provider"` + GatewayEndpoint string `yaml:"gateway_endpoint"` } // PublicStorage configures a public storage provider type PublicStorage struct { StoragePort - PublicShareProviderAddr string `yaml:"public_share_provider_addr,omitempty"` - UserProviderAddr string `yaml:"user_provider_addr,omitempty"` + PublicShareProviderAddr string `yaml:"public_share_provider_addr"` + UserProviderAddr string `yaml:"user_provider_addr"` } // StorageConfig combines all available storage driver configuration parts. type StorageConfig struct { - EOS DriverEOS `yaml:"eos,omitempty"` - Local DriverCommon `yaml:"local,omitempty"` - OwnCloudSQL DriverOwnCloudSQL `yaml:"owncloud_sql,omitempty"` - S3 DriverS3 `yaml:"s3,omitempty"` - S3NG DriverS3NG `yaml:"s3ng,omitempty"` - OCIS DriverOCIS `yaml:"ocis,omitempty"` + EOS DriverEOS `yaml:"eos"` + Local DriverCommon `yaml:"local"` + OwnCloudSQL DriverOwnCloudSQL `yaml:"owncloud_sql"` + S3 DriverS3 `yaml:"s3"` + S3NG DriverS3NG `yaml:"s3ng"` + OCIS DriverOCIS `yaml:"ocis"` } // DriverCommon defines common driver configuration options. type DriverCommon struct { // Root is the absolute path to the location of the data - Root string `yaml:"root,omitempty"` + Root string `yaml:"root"` //ShareFolder defines the name of the folder jailing all shares - ShareFolder string `yaml:"share_folder,omitempty"` + ShareFolder string `yaml:"share_folder"` // UserLayout contains the template used to construct // the internal path, eg: `{{substr 0 1 .Username}}/{{.Username}}` - UserLayout string `yaml:"user_layout,omitempty"` + UserLayout string `yaml:"user_layout"` // EnableHome enables the creation of home directories. - EnableHome bool `yaml:"enable_home,omitempty"` + EnableHome bool `yaml:"enable_home"` // PersonalSpaceAliasTemplate contains the template used to construct - // the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}},omitempty"` - PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template,omitempty"` + // the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}}"` + PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template"` // GeneralSpaceAliasTemplate contains the template used to construct // the general space alias, eg: `{{.SpaceType}}/{{.SpaceName | replace " " "-" | lower}}` - GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template,omitempty"` + GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template"` } // DriverEOS defines the available EOS driver configuration. @@ -255,60 +255,60 @@ type DriverEOS struct { DriverCommon // ShadowNamespace for storing shadow data - ShadowNamespace string `yaml:"shadow_namespace,omitempty"` + ShadowNamespace string `yaml:"shadow_namespace"` // UploadsNamespace for storing upload data - UploadsNamespace string `yaml:"uploads_namespace,omitempty"` + UploadsNamespace string `yaml:"uploads_namespace"` // Location of the eos binary. // Default is /usr/bin/eos. - EosBinary string `yaml:"eos_binary,omitempty"` + EosBinary string `yaml:"eos_binary"` // Location of the xrdcopy binary. // Default is /usr/bin/xrdcopy. - XrdcopyBinary string `yaml:"xrd_copy_binary,omitempty"` + XrdcopyBinary string `yaml:"xrd_copy_binary"` // URL of the Master EOS MGM. // Default is root://eos-example.org - MasterURL string `yaml:"master_url,omitempty"` + MasterURL string `yaml:"master_url"` // URI of the EOS MGM grpc server // Default is empty - GrpcURI string `yaml:"grpc_uri,omitempty"` + GrpcURI string `yaml:"grpc_uri"` // URL of the Slave EOS MGM. // Default is root://eos-example.org - SlaveURL string `yaml:"slave_url,omitempty"` + SlaveURL string `yaml:"slave_url"` // Location on the local fs where to store reads. // Defaults to os.TempDir() - CacheDirectory string `yaml:"cache_directory,omitempty"` + CacheDirectory string `yaml:"cache_directory"` // Enables logging of the commands executed // Defaults to false - EnableLogging bool `yaml:"enable_logging,omitempty"` + EnableLogging bool `yaml:"enable_logging"` // ShowHiddenSysFiles shows internal EOS files like // .sys.v# and .sys.a# files. - ShowHiddenSysFiles bool `yaml:"shadow_hidden_files,omitempty"` + ShowHiddenSysFiles bool `yaml:"shadow_hidden_files"` // ForceSingleUserMode will force connections to EOS to use SingleUsername - ForceSingleUserMode bool `yaml:"force_single_user_mode,omitempty"` + ForceSingleUserMode bool `yaml:"force_single_user_mode"` // UseKeyTabAuth changes will authenticate requests by using an EOS keytab. - UseKeytab bool `yaml:"user_keytab,omitempty"` + UseKeytab bool `yaml:"user_keytab"` // SecProtocol specifies the xrootd security protocol to use between the server and EOS. - SecProtocol string `yaml:"sec_protocol,omitempty"` + SecProtocol string `yaml:"sec_protocol"` // Keytab specifies the location of the keytab to use to authenticate to EOS. - Keytab string `yaml:"keytab,omitempty"` + Keytab string `yaml:"keytab"` // SingleUsername is the username to use when SingleUserMode is enabled - SingleUsername string `yaml:"single_username,omitempty"` + SingleUsername string `yaml:"single_username"` // gateway service to use for uid lookups - GatewaySVC string `yaml:"gateway_svc,omitempty"` + GatewaySVC string `yaml:"gateway_svc"` } // DriverOCIS defines the available oCIS storage driver configuration. @@ -320,217 +320,217 @@ type DriverOCIS struct { type DriverOwnCloudSQL struct { DriverCommon - UploadInfoDir string `yaml:"upload_info_dir,omitempty"` - DBUsername string `yaml:"db_username,omitempty"` - DBPassword string `yaml:"db_password,omitempty"` - DBHost string `yaml:"db_host,omitempty"` - DBPort int `yaml:"db_port,omitempty"` - DBName string `yaml:"db_name,omitempty"` + UploadInfoDir string `yaml:"upload_info_dir"` + DBUsername string `yaml:"db_username"` + DBPassword string `yaml:"db_password"` + DBHost string `yaml:"db_host"` + DBPort int `yaml:"db_port"` + DBName string `yaml:"db_name"` } // DriverS3 defines the available S3 storage driver configuration. type DriverS3 struct { DriverCommon - Region string `yaml:"region,omitempty"` - AccessKey string `yaml:"access_key,omitempty"` - SecretKey string `yaml:"secret_key,omitempty"` - Endpoint string `yaml:"endpoint,omitempty"` - Bucket string `yaml:"bucket,omitempty"` + Region string `yaml:"region"` + AccessKey string `yaml:"access_key"` + SecretKey string `yaml:"secret_key"` + Endpoint string `yaml:"endpoint"` + Bucket string `yaml:"bucket"` } // DriverS3NG defines the available s3ng storage driver configuration. type DriverS3NG struct { DriverCommon - Region string `yaml:"region,omitempty"` - AccessKey string `yaml:"access_key,omitempty"` - SecretKey string `yaml:"secret_key,omitempty"` - Endpoint string `yaml:"endpoint,omitempty"` - Bucket string `yaml:"bucket,omitempty"` + Region string `yaml:"region"` + AccessKey string `yaml:"access_key"` + SecretKey string `yaml:"secret_key"` + Endpoint string `yaml:"endpoint"` + Bucket string `yaml:"bucket"` } // OIDC defines the available OpenID Connect configuration. type OIDC struct { - Issuer string `yaml:"issuer,omitempty"` - Insecure bool `yaml:"insecure,omitempty"` - IDClaim string `yaml:"id_claim,omitempty"` - UIDClaim string `yaml:"uid_claim,omitempty"` - GIDClaim string `yaml:"gid_claim,omitempty"` + Issuer string `yaml:"issuer"` + Insecure bool `yaml:"insecure"` + IDClaim string `yaml:"id_claim"` + UIDClaim string `yaml:"uid_claim"` + GIDClaim string `yaml:"gid_claim"` } // LDAP defines the available ldap configuration. type LDAP struct { - URI string `yaml:"uri,omitempty"` - CACert string `yaml:"ca_cert,omitempty"` - Insecure bool `yaml:"insecure,omitempty"` - UserBaseDN string `yaml:"user_base_dn,omitempty"` - GroupBaseDN string `yaml:"group_base_dn,omitempty"` - UserScope string `yaml:"user_scope,omitempty"` - GroupScope string `yaml:"group_scope,omitempty"` - UserObjectClass string `yaml:"user_objectclass,omitempty"` - GroupObjectClass string `yaml:"group_objectclass,omitempty"` - UserFilter string `yaml:"user_filter,omitempty"` - GroupFilter string `yaml:"group_filter,omitempty"` - LoginAttributes []string `yaml:"login_attributes,omitempty"` - BindDN string `yaml:"bind_dn,omitempty"` - BindPassword string `yaml:"bind_password,omitempty"` - IDP string `yaml:"idp,omitempty"` - UserSchema LDAPUserSchema `yaml:"user_schema,omitempty"` - GroupSchema LDAPGroupSchema `yaml:"group_schema,omitempty"` + URI string `yaml:"uri"` + CACert string `yaml:"ca_cert"` + Insecure bool `yaml:"insecure"` + UserBaseDN string `yaml:"user_base_dn"` + GroupBaseDN string `yaml:"group_base_dn"` + UserScope string `yaml:"user_scope"` + GroupScope string `yaml:"group_scope"` + UserObjectClass string `yaml:"user_objectclass"` + GroupObjectClass string `yaml:"group_objectclass"` + UserFilter string `yaml:"user_filter"` + GroupFilter string `yaml:"group_filter"` + LoginAttributes []string `yaml:"login_attributes"` + BindDN string `yaml:"bind_dn"` + BindPassword string `yaml:"bind_password"` + IDP string `yaml:"idp"` + UserSchema LDAPUserSchema `yaml:"user_schema"` + GroupSchema LDAPGroupSchema `yaml:"group_schema"` } // UserGroupRest defines the REST driver specification for user and group resolution. type UserGroupRest struct { - ClientID string `yaml:"client_id,omitempty"` - ClientSecret string `yaml:"client_secret,omitempty"` - RedisAddress string `yaml:"redis_address,omitempty"` - RedisUsername string `yaml:"redis_username,omitempty"` - RedisPassword string `yaml:"redis_password,omitempty"` - IDProvider string `yaml:"idp_provider,omitempty"` - APIBaseURL string `yaml:"api_base_url,omitempty"` - OIDCTokenEndpoint string `yaml:"oidc_token_endpoint,omitempty"` - TargetAPI string `yaml:"target_api,omitempty"` + ClientID string `yaml:"client_id"` + ClientSecret string `yaml:"client_secret"` + RedisAddress string `yaml:"redis_address"` + RedisUsername string `yaml:"redis_username"` + RedisPassword string `yaml:"redis_password"` + IDProvider string `yaml:"idp_provider"` + APIBaseURL string `yaml:"api_base_url"` + OIDCTokenEndpoint string `yaml:"oidc_token_endpoint"` + TargetAPI string `yaml:"target_api"` } // UserOwnCloudSQL defines the available ownCloudSQL user provider configuration. type UserOwnCloudSQL struct { - DBUsername string `yaml:"db_username,omitempty"` - DBPassword string `yaml:"db_password,omitempty"` - DBHost string `yaml:"db_host,omitempty"` - DBPort int `yaml:"db_port,omitempty"` - DBName string `yaml:"db_name,omitempty"` - Idp string `yaml:"idp,omitempty"` - Nobody int64 `yaml:"nobody,omitempty"` - JoinUsername bool `yaml:"join_username,omitempty"` - JoinOwnCloudUUID bool `yaml:"join_owncloud_uuid,omitempty"` - EnableMedialSearch bool `yaml:"enable_medial_search,omitempty"` + DBUsername string `yaml:"db_username"` + DBPassword string `yaml:"db_password"` + DBHost string `yaml:"db_host"` + DBPort int `yaml:"db_port"` + DBName string `yaml:"db_name"` + Idp string `yaml:"idp"` + Nobody int64 `yaml:"nobody"` + JoinUsername bool `yaml:"join_username"` + JoinOwnCloudUUID bool `yaml:"join_owncloud_uuid"` + EnableMedialSearch bool `yaml:"enable_medial_search"` } // LDAPUserSchema defines the available ldap user schema configuration. type LDAPUserSchema struct { - ID string `yaml:"id,omitempty"` - IDIsOctetString bool `yaml:"id_is_octet_string,omitempty"` - Mail string `yaml:"mail,omitempty"` - DisplayName string `yaml:"display_name,omitempty"` - Username string `yaml:"user_name,omitempty"` - UIDNumber string `yaml:"uid_number,omitempty"` - GIDNumber string `yaml:"gid_number,omitempty"` + ID string `yaml:"id"` + IDIsOctetString bool `yaml:"id_is_octet_string"` + Mail string `yaml:"mail"` + DisplayName string `yaml:"display_name"` + Username string `yaml:"user_name"` + UIDNumber string `yaml:"uid_number"` + GIDNumber string `yaml:"gid_number"` } // LDAPGroupSchema defines the available ldap group schema configuration. type LDAPGroupSchema struct { - ID string `yaml:"id,omitempty"` - IDIsOctetString bool `yaml:"id_is_octet_string,omitempty"` - Mail string `yaml:"mail,omitempty"` - DisplayName string `yaml:"display_name,omitempty"` - Groupname string `yaml:"group_name,omitempty"` - Member string `yaml:"member,omitempty"` - GIDNumber string `yaml:"gid_number,omitempty"` + ID string `yaml:"id"` + IDIsOctetString bool `yaml:"id_is_octet_string"` + Mail string `yaml:"mail"` + DisplayName string `yaml:"display_name"` + Groupname string `yaml:"group_name"` + Member string `yaml:"member"` + GIDNumber string `yaml:"gid_number"` } // OCDav defines the available ocdav configuration. type OCDav struct { // Addr to listen to with the http server for the ocdav service - Addr string `yaml:"addr,omitempty"` - Prefix string `yaml:"prefix,omitempty"` - WebdavNamespace string `yaml:"webdav_namespace,omitempty"` - FilesNamespace string `yaml:"files_namespace,omitempty"` - SharesNamespace string `yaml:"shares_namespace,omitempty"` + Addr string `yaml:"addr"` + Prefix string `yaml:"prefix"` + WebdavNamespace string `yaml:"webdav_namespace"` + FilesNamespace string `yaml:"files_namespace"` + SharesNamespace string `yaml:"shares_namespace"` // PublicURL used to redirect /s/{token} URLs to - PublicURL string `yaml:"public_url,omitempty"` + PublicURL string `yaml:"public_url"` // Addr to listen to with the debug http server - DebugAddr string `yaml:"debug_addr,omitempty"` + DebugAddr string `yaml:"debug_addr"` // GatewaySVC to forward CS3 requests to TODO use registry - GatewaySVC string `yaml:"gateway_svc,omitempty"` + GatewaySVC string `yaml:"gateway_svc"` // JWTSecret used to verify reva access token - JWTSecret string `yaml:"jwt_secret,omitempty"` + JWTSecret string `yaml:"jwt_secret"` // Insecure certificates allowed when making requests to the gateway - Insecure bool `yaml:"insecure,omitempty"` + Insecure bool `yaml:"insecure"` // Timeout in seconds when making requests to the gateway - Timeout int64 `yaml:"timeout,omitempty"` + Timeout int64 `yaml:"timeout"` } // Archiver defines the available archiver configuration. type Archiver struct { - MaxNumFiles int64 `yaml:"max_num_files,omitempty"` - MaxSize int64 `yaml:"max_size,omitempty"` - ArchiverURL string `yaml:"archiver_url,omitempty"` + MaxNumFiles int64 `yaml:"max_num_files"` + MaxSize int64 `yaml:"max_size"` + ArchiverURL string `yaml:"archiver_url"` } // Reva defines the available reva configuration. type Reva struct { // JWTSecret used to sign jwt tokens between services - JWTSecret string `yaml:"jwt_secret,omitempty"` - SkipUserGroupsInToken bool `yaml:"skip_user_grooups_in_token,omitempty"` - TransferSecret string `yaml:"transfer_secret,omitempty"` - TransferExpires int `yaml:"transfer_expires,omitempty"` - OIDC OIDC `yaml:"oidc,omitempty"` - LDAP LDAP `yaml:"ldap,omitempty"` - UserGroupRest UserGroupRest `yaml:"user_group_rest,omitempty"` - UserOwnCloudSQL UserOwnCloudSQL `yaml:"user_owncloud_sql,omitempty"` - Archiver Archiver `yaml:"archiver,omitempty"` - UserStorage StorageConfig `yaml:"user_storage,omitempty"` - MetadataStorage StorageConfig `yaml:"metadata_storage,omitempty"` + JWTSecret string `yaml:"jwt_secret"` + SkipUserGroupsInToken bool `yaml:"skip_user_grooups_in_token"` + TransferSecret string `yaml:"transfer_secret"` + TransferExpires int `yaml:"transfer_expires"` + OIDC OIDC `yaml:"oidc"` + LDAP LDAP `yaml:"ldap"` + UserGroupRest UserGroupRest `yaml:"user_group_rest"` + UserOwnCloudSQL UserOwnCloudSQL `yaml:"user_owncloud_sql"` + Archiver Archiver `yaml:"archiver"` + UserStorage StorageConfig `yaml:"user_storage"` + MetadataStorage StorageConfig `yaml:"metadata_storage"` // Ports are used to configure which services to start on which port - Frontend FrontendPort `yaml:"frontend,omitempty"` - DataGateway DataGatewayPort `yaml:"data_gateway,omitempty"` - Gateway Gateway `yaml:"gateway,omitempty"` - StorageRegistry StorageRegistry `yaml:"storage_registry,omitempty"` - AppRegistry AppRegistry `yaml:"app_registry,omitempty"` - Users Users `yaml:"users,omitempty"` - Groups Groups `yaml:"groups,omitempty"` - AuthProvider Users `yaml:"auth_provider,omitempty"` - AuthBasic Port `yaml:"auth_basic,omitempty"` - AuthBearer Port `yaml:"auth_bearer,omitempty"` - AuthMachine Port `yaml:"auth_machine,omitempty"` - AuthMachineConfig AuthMachineConfig `yaml:"auth_machine_config,omitempty"` - Sharing Sharing `yaml:"sharing,omitempty"` - StorageShares StoragePort `yaml:"storage_shares,omitempty"` - StorageUsers StoragePort `yaml:"storage_users,omitempty"` - StoragePublicLink PublicStorage `yaml:"storage_public_link,omitempty"` - StorageMetadata StoragePort `yaml:"storage_metadata,omitempty"` - AppProvider AppProvider `yaml:"app_provider,omitempty"` - Permissions Port `yaml:"permissions,omitempty"` + Frontend FrontendPort `yaml:"frontend"` + DataGateway DataGatewayPort `yaml:"data_gateway"` + Gateway Gateway `yaml:"gateway"` + StorageRegistry StorageRegistry `yaml:"storage_registry"` + AppRegistry AppRegistry `yaml:"app_registry"` + Users Users `yaml:"users"` + Groups Groups `yaml:"groups"` + AuthProvider Users `yaml:"auth_provider"` + AuthBasic Port `yaml:"auth_basic"` + AuthBearer Port `yaml:"auth_bearer"` + AuthMachine Port `yaml:"auth_machine"` + AuthMachineConfig AuthMachineConfig `yaml:"auth_machine_config"` + Sharing Sharing `yaml:"sharing"` + StorageShares StoragePort `yaml:"storage_shares"` + StorageUsers StoragePort `yaml:"storage_users"` + StoragePublicLink PublicStorage `yaml:"storage_public_link"` + StorageMetadata StoragePort `yaml:"storage_metadata"` + AppProvider AppProvider `yaml:"app_provider"` + Permissions Port `yaml:"permissions"` // Configs can be used to configure the reva instance. // Services and Ports will be ignored if this is used - Configs map[string]interface{} `yaml:"configs,omitempty"` + Configs map[string]interface{} `yaml:"configs"` // chunking and resumable upload config (TUS) - UploadMaxChunkSize int `yaml:"upload_max_chunk_size,omitempty"` - UploadHTTPMethodOverride string `yaml:"upload_http_method_override,omitempty"` + UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` + UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` // checksumming capabilities - ChecksumSupportedTypes []string `yaml:"checksum_supported_types,omitempty"` - ChecksumPreferredUploadType string `yaml:"checksum_preferred_upload_type,omitempty"` - DefaultUploadProtocol string `yaml:"default_upload_protocol,omitempty"` + ChecksumSupportedTypes []string `yaml:"checksum_supported_types"` + ChecksumPreferredUploadType string `yaml:"checksum_preferred_upload_type"` + DefaultUploadProtocol string `yaml:"default_upload_protocol"` } // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled,omitempty"` - Type string `yaml:"type,omitempty"` - Endpoint string `yaml:"endpoint,omitempty"` - Collector string `yaml:"collector,omitempty"` - Service string `yaml:"service,omitempty"` + Enabled bool `yaml:"enabled"` + Type string `yaml:"type"` + Endpoint string `yaml:"endpoint"` + Collector string `yaml:"collector"` + Service string `yaml:"service"` } // Asset defines the available asset configuration. type Asset struct { - Path string `yaml:"path,omitempty"` + Path string `yaml:"path"` } // Config combines all available configuration parts. type Config struct { - *shared.Commons `yaml:",omitempty"` + *shared.Commons `yaml:""` - File string `yaml:"file,omitempty"` - Log *shared.Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - OCDav OCDav `yaml:"ocdav,omitempty"` - Reva Reva `yaml:"reva,omitempty"` - Tracing Tracing `yaml:"tracing,omitempty"` - Asset Asset `yaml:"asset,omitempty"` + File string `yaml:"file"` + Log *shared.Log `yaml:"log"` + Debug Debug `yaml:"debug"` + OCDav OCDav `yaml:"ocdav"` + Reva Reva `yaml:"reva"` + Tracing Tracing `yaml:"tracing"` + Asset Asset `yaml:"asset"` } // New initializes a new configuration with or without defaults. diff --git a/extensions/thumbnails/pkg/config/config.go b/extensions/thumbnails/pkg/config/config.go index 9f18231956..88d785d774 100644 --- a/extensions/thumbnails/pkg/config/config.go +++ b/extensions/thumbnails/pkg/config/config.go @@ -12,14 +12,14 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - GRPC GRPC `yaml:"grpc,omitempty"` - HTTP HTTP `yaml:"http,omitempty"` + GRPC GRPC `yaml:"grpc"` + HTTP HTTP `yaml:"http"` - Thumbnail Thumbnail `yaml:"thumbnail,omitempty"` + Thumbnail Thumbnail `yaml:"thumbnail"` Context context.Context `yaml:"-"` } @@ -36,12 +36,12 @@ type FileSystemSource struct { // Thumbnail defines the available thumbnail related configuration. type Thumbnail struct { - Resolutions []string `yaml:"resolutions,omitempty"` - FileSystemStorage FileSystemStorage `yaml:"filesystem_storage,omitempty"` - WebdavAllowInsecure bool `yaml:"webdav_allow_insecure,omitempty" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE"` - CS3AllowInsecure bool `yaml:"cs3_allow_insecure,omitempty" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` - RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY"` //TODO: use REVA config - FontMapFile string `yaml:"font_map_file,omitempty" env:"THUMBNAILS_TXT_FONTMAP_FILE"` - TransferSecret string `yaml:"transfer_secret,omitempty" env:"THUMBNAILS_TRANSFER_TOKEN"` - DataEndpoint string `yaml:"data_endpoint,omitempty" env:"THUMBNAILS_DATA_ENDPOINT"` + Resolutions []string `yaml:"resolutions"` + FileSystemStorage FileSystemStorage `yaml:"filesystem_storage"` + WebdavAllowInsecure bool `yaml:"webdav_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE"` + CS3AllowInsecure bool `yaml:"cs3_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` + RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY"` //TODO: use REVA config + FontMapFile string `yaml:"font_map_file" env:"THUMBNAILS_TXT_FONTMAP_FILE"` + TransferSecret string `yaml:"transfer_secret" env:"THUMBNAILS_TRANSFER_TOKEN"` + DataEndpoint string `yaml:"data_endpoint" env:"THUMBNAILS_DATA_ENDPOINT"` } diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index ccd3b21f97..4edf15cd77 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -5,20 +5,20 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - UsersCacheExpiration int `yaml:"users_cache_expiration,omitempty"` - Driver string `yaml:"driver,omitempty"` - Drivers Drivers `yaml:"drivers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + UsersCacheExpiration int `yaml:"users_cache_expiration"` + Driver string `yaml:"driver"` + Drivers Drivers `yaml:"drivers"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED" desc:"Activates tracing."` @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver `yaml:",omitempty"` - LDAP LDAPDriver `yaml:",omitempty"` - OwnCloudSQL OwnCloudSQLDriver `yaml:",omitempty"` - REST RESTProvider `yaml:",omitempty"` + JSON JSONDriver `yaml:""` + LDAP LDAPDriver `yaml:""` + OwnCloudSQL OwnCloudSQLDriver `yaml:""` + REST RESTProvider `yaml:""` } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `yaml:",omitempty" env:"LDAP_URI;USERS_LDAP_URI"` - CACert string `yaml:",omitempty" env:"LDAP_CACERT;USERS_LDAP_CACERT"` - Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` - BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` - BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` - GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` - GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` - UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:",omitempty" env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:",omitempty"` - GroupSchema LDAPGroupSchema `yaml:",omitempty"` + URI string `yaml:"" env:"LDAP_URI;USERS_LDAP_URI"` + CACert string `yaml:"" env:"LDAP_CACERT;USERS_LDAP_CACERT"` + Insecure bool `yaml:"" env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` + BindDN string `yaml:"" env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` + BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:"" env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` + GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:"" env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` + GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` + UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:"" env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:""` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:""` + GroupSchema LDAPGroupSchema `yaml:""` } type LDAPUserSchema struct { diff --git a/extensions/web/pkg/config/config.go b/extensions/web/pkg/config/config.go index 1fb079da64..3c403d0bad 100644 --- a/extensions/web/pkg/config/config.go +++ b/extensions/web/pkg/config/config.go @@ -12,15 +12,15 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - Asset Asset `yaml:"asset,omitempty"` - File string `yaml:"file,omitempty" env:"WEB_UI_CONFIG"` // TODO: rename this to a more self explaining string - Web Web `yaml:"web,omitempty"` + Asset Asset `yaml:"asset"` + File string `yaml:"file" env:"WEB_UI_CONFIG"` // TODO: rename this to a more self explaining string + Web Web `yaml:"web"` Context context.Context `yaml:"-"` } @@ -32,22 +32,22 @@ type Asset struct { // WebConfig defines the available web configuration for a dynamically rendered config.json. type WebConfig struct { - Server string `json:"server,omitempty" yaml:"server" env:"OCIS_URL;WEB_UI_CONFIG_SERVER"` - Theme string `json:"theme,omitempty" yaml:"theme" env:""` - Version string `json:"version,omitempty" yaml:"version" env:"WEB_UI_CONFIG_VERSION"` - OpenIDConnect OIDC `json:"openIdConnect,omitempty" yaml:"oids"` + Server string `json:"server" yaml:"server" env:"OCIS_URL;WEB_UI_CONFIG_SERVER"` + Theme string `json:"theme" yaml:"theme" env:""` + Version string `json:"version" yaml:"version" env:"WEB_UI_CONFIG_VERSION"` + OpenIDConnect OIDC `json:"openIdConnect" yaml:"oids"` Apps []string `json:"apps" yaml:"apps"` - ExternalApps []ExternalApp `json:"external_apps,omitempty" yaml:"external_apps"` - Options map[string]interface{} `json:"options,omitempty" yaml:"options"` + ExternalApps []ExternalApp `json:"external_apps" yaml:"external_apps"` + Options map[string]interface{} `json:"options" yaml:"options"` } // OIDC defines the available oidc configuration type OIDC struct { - MetadataURL string `json:"metadata_url,omitempty" yaml:"metadata_url" env:"WEB_OIDC_METADATA_URL"` - Authority string `json:"authority,omitempty" yaml:"authority" env:"OCIS_URL;WEB_OIDC_AUTHORITY"` - ClientID string `json:"client_id,omitempty" yaml:"client_id" env:"WEB_OIDC_CLIENT_ID"` - ResponseType string `json:"response_type,omitempty" yaml:"response_type" env:"WEB_OIDC_RESPONSE_TYPE"` - Scope string `json:"scope,omitempty" yaml:"scope" env:"WEB_OIDC_SCOPE"` + MetadataURL string `json:"metadata_url" yaml:"metadata_url" env:"WEB_OIDC_METADATA_URL"` + Authority string `json:"authority" yaml:"authority" env:"OCIS_URL;WEB_OIDC_AUTHORITY"` + ClientID string `json:"client_id" yaml:"client_id" env:"WEB_OIDC_CLIENT_ID"` + ResponseType string `json:"response_type" yaml:"response_type" env:"WEB_OIDC_RESPONSE_TYPE"` + Scope string `json:"scope" yaml:"scope" env:"WEB_OIDC_SCOPE"` } // ExternalApp defines an external web app. @@ -59,15 +59,15 @@ type OIDC struct { // } // } type ExternalApp struct { - ID string `json:"id,omitempty" yaml:"id"` - Path string `json:"path,omitempty" yaml:"path"` + ID string `json:"id" yaml:"id"` + Path string `json:"path" yaml:"path"` // Config is completely dynamic, because it depends on the extension - Config map[string]interface{} `json:"config,omitempty" yaml:"config"` + Config map[string]interface{} `json:"config" yaml:"config"` } // ExternalAppConfig defines an external web app configuration. type ExternalAppConfig struct { - URL string `json:"url,omitempty" yaml:"url" env:""` + URL string `json:"url" yaml:"url" env:""` } // Web defines the available web configuration. diff --git a/extensions/webdav/pkg/config/config.go b/extensions/webdav/pkg/config/config.go index 322a8f9661..4efe95ebdf 100644 --- a/extensions/webdav/pkg/config/config.go +++ b/extensions/webdav/pkg/config/config.go @@ -12,15 +12,15 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - OcisPublicURL string `yaml:"ocis_public_url,omitempty" env:"OCIS_URL;OCIS_PUBLIC_URL"` - WebdavNamespace string `yaml:"webdav_namespace,omitempty" env:"STORAGE_WEBDAV_NAMESPACE"` //TODO: prevent this cross config - RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY"` + OcisPublicURL string `yaml:"ocis_public_url" env:"OCIS_URL;OCIS_PUBLIC_URL"` + WebdavNamespace string `yaml:"webdav_namespace" env:"STORAGE_WEBDAV_NAMESPACE"` //TODO: prevent this cross config + RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY"` - Context context.Context `yaml:"-,omitempty"` + Context context.Context `yaml:"-"` } diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index df11e9ef38..cac020ad09 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -59,49 +59,49 @@ type Runtime struct { // Config combines all available configuration parts. type Config struct { - *shared.Commons `yaml:"shared,omitempty"` + *shared.Commons `yaml:"shared"` - Tracing *shared.Tracing `yaml:"tracing,omitempty"` - Log *shared.Log `yaml:"log,omitempty"` + Tracing *shared.Tracing `yaml:"tracing"` + Log *shared.Log `yaml:"log"` - Mode Mode `yaml:",omitempty"` // DEPRECATED - File string `yaml:",omitempty"` - OcisURL string `yaml:"ocis_url,omitempty"` + Mode Mode `yaml:""` // DEPRECATED + File string `yaml:""` + OcisURL string `yaml:"ocis_url"` - Registry string `yaml:"registry,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Registry string `yaml:"registry"` + TokenManager *shared.TokenManager `yaml:"token_manager"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` - TransferSecret string `yaml:"transfer_secret,omitempty"` - Runtime Runtime `yaml:"runtime,omitempty"` + TransferSecret string `yaml:"transfer_secret"` + Runtime Runtime `yaml:"runtime"` - Audit *audit.Config `yaml:"audit,omitempty"` - Accounts *accounts.Config `yaml:"accounts,omitempty"` - GLAuth *glauth.Config `yaml:"glauth,omitempty"` - Graph *graph.Config `yaml:"graph,omitempty"` - GraphExplorer *graphExplorer.Config `yaml:"graph_explorer,omitempty"` - IDP *idp.Config `yaml:"idp,omitempty"` - IDM *idm.Config `yaml:"idm,omitempty"` - Nats *nats.Config `yaml:"nats,omitempty"` - Notifications *notifications.Config `yaml:"notifications,omitempty"` - OCS *ocs.Config `yaml:"ocs,omitempty"` - Web *web.Config `yaml:"web,omitempty"` - Proxy *proxy.Config `yaml:"proxy,omitempty"` - Settings *settings.Config `yaml:"settings,omitempty"` - Gateway *gateway.Config `yaml:"gateway,omitempty"` - Frontend *frontend.Config `yaml:"frontend,omitempty"` - AuthBasic *authbasic.Config `yaml:"auth_basic,omitempty"` - AuthBearer *authbearer.Config `yaml:"auth_bearer,omitempty"` - AuthMachine *authmachine.Config `yaml:"auth_machine,omitempty"` - User *user.Config `yaml:"user,omitempty"` - Group *group.Config `yaml:"group,omitempty"` - AppProvider *appprovider.Config `yaml:"app_provider,omitempty"` - Sharing *sharing.Config `yaml:"sharing,omitempty"` - StorageMetadata *storagemetadata.Config `yaml:"storage_metadata,omitempty"` - StoragePublicLink *storagepublic.Config `yaml:"storage_public,omitempty"` - StorageUsers *storageusers.Config `yaml:"storage_users,omitempty"` - StorageShares *storageshares.Config `yaml:"storage_shares,omitempty"` - OCDav *ocdav.Config `yaml:"ocdav,omitempty"` - Store *store.Config `yaml:"store,omitempty"` - Thumbnails *thumbnails.Config `yaml:"thumbnails,omitempty"` - WebDAV *webdav.Config `yaml:"webdav,omitempty"` + Audit *audit.Config `yaml:"audit"` + Accounts *accounts.Config `yaml:"accounts"` + GLAuth *glauth.Config `yaml:"glauth"` + Graph *graph.Config `yaml:"graph"` + GraphExplorer *graphExplorer.Config `yaml:"graph_explorer"` + IDP *idp.Config `yaml:"idp"` + IDM *idm.Config `yaml:"idm"` + Nats *nats.Config `yaml:"nats"` + Notifications *notifications.Config `yaml:"notifications"` + OCS *ocs.Config `yaml:"ocs"` + Web *web.Config `yaml:"web"` + Proxy *proxy.Config `yaml:"proxy"` + Settings *settings.Config `yaml:"settings"` + Gateway *gateway.Config `yaml:"gateway"` + Frontend *frontend.Config `yaml:"frontend"` + AuthBasic *authbasic.Config `yaml:"auth_basic"` + AuthBearer *authbearer.Config `yaml:"auth_bearer"` + AuthMachine *authmachine.Config `yaml:"auth_machine"` + User *user.Config `yaml:"user"` + Group *group.Config `yaml:"group"` + AppProvider *appprovider.Config `yaml:"app_provider"` + Sharing *sharing.Config `yaml:"sharing"` + StorageMetadata *storagemetadata.Config `yaml:"storage_metadata"` + StoragePublicLink *storagepublic.Config `yaml:"storage_public"` + StorageUsers *storageusers.Config `yaml:"storage_users"` + StorageShares *storageshares.Config `yaml:"storage_shares"` + OCDav *ocdav.Config `yaml:"ocdav"` + Store *store.Config `yaml:"store"` + Thumbnails *thumbnails.Config `yaml:"thumbnails"` + WebDAV *webdav.Config `yaml:"webdav"` } From b515d7f83f6876281c94735c0bbf4549415388f6 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 15:13:03 +0200 Subject: [PATCH 26/99] fix typo and hide supervised --- extensions/appprovider/pkg/config/config.go | 2 +- extensions/auth-basic/pkg/config/config.go | 2 +- extensions/auth-bearer/pkg/config/config.go | 2 +- extensions/auth-machine/pkg/config/config.go | 2 +- extensions/gateway/pkg/config/config.go | 2 +- extensions/group/pkg/config/config.go | 2 +- extensions/ocdav/pkg/config/config.go | 2 +- extensions/sharing/pkg/config/config.go | 2 +- extensions/storage-metadata/pkg/config/config.go | 4 ++-- extensions/storage-publiclink/pkg/config/config.go | 2 +- extensions/storage-shares/pkg/config/config.go | 2 +- extensions/storage-users/pkg/config/config.go | 2 +- extensions/user/pkg/config/config.go | 2 +- 13 files changed, 14 insertions(+), 14 deletions(-) diff --git a/extensions/appprovider/pkg/config/config.go b/extensions/appprovider/pkg/config/config.go index fcc440bce2..9f0c0e9c55 100644 --- a/extensions/appprovider/pkg/config/config.go +++ b/extensions/appprovider/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 1e9c9c3f2c..2b9074f02f 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/auth-bearer/pkg/config/config.go b/extensions/auth-bearer/pkg/config/config.go index f1d2b1388a..984ac37984 100644 --- a/extensions/auth-bearer/pkg/config/config.go +++ b/extensions/auth-bearer/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/auth-machine/pkg/config/config.go b/extensions/auth-machine/pkg/config/config.go index 00c796c019..19ff424c9b 100644 --- a/extensions/auth-machine/pkg/config/config.go +++ b/extensions/auth-machine/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index dd9679a255..872ac234a7 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -9,7 +9,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index efd0ea1b1e..2c77850300 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/ocdav/pkg/config/config.go b/extensions/ocdav/pkg/config/config.go index bc13918b5e..da510a3eff 100644 --- a/extensions/ocdav/pkg/config/config.go +++ b/extensions/ocdav/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` HTTP HTTPConfig `yaml:"http"` diff --git a/extensions/sharing/pkg/config/config.go b/extensions/sharing/pkg/config/config.go index b63417987c..f81d37faa1 100644 --- a/extensions/sharing/pkg/config/config.go +++ b/extensions/sharing/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index 48d071f836..97b69e2e93 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -12,7 +12,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` HTTP HTTPConfig `yaml:"http"` @@ -27,7 +27,7 @@ type Config struct { Drivers Drivers `yaml:"drivers"` DataServerURL string `yaml:"data_server_url"` TempFolder string `yaml:"temp_folder"` - DataProviderInsecure bool `yaml:"data_providcer_insecure" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` + DataProviderInsecure bool `yaml:"data_provider_insecure" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-publiclink/pkg/config/config.go b/extensions/storage-publiclink/pkg/config/config.go index a261852f46..2f9da5c66f 100644 --- a/extensions/storage-publiclink/pkg/config/config.go +++ b/extensions/storage-publiclink/pkg/config/config.go @@ -12,7 +12,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/storage-shares/pkg/config/config.go b/extensions/storage-shares/pkg/config/config.go index a44f0b8deb..8f308c7fec 100644 --- a/extensions/storage-shares/pkg/config/config.go +++ b/extensions/storage-shares/pkg/config/config.go @@ -12,7 +12,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` HTTP HTTPConfig `yaml:"http"` diff --git a/extensions/storage-users/pkg/config/config.go b/extensions/storage-users/pkg/config/config.go index 4cf505d9c1..7cb2888148 100644 --- a/extensions/storage-users/pkg/config/config.go +++ b/extensions/storage-users/pkg/config/config.go @@ -12,7 +12,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` HTTP HTTPConfig `yaml:"http"` diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index 4edf15cd77..040c0c5f94 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` From 1b2cc6df3e876651e342d8c11ef5f0c37cec20e2 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 15:14:07 +0200 Subject: [PATCH 27/99] revert empty yaml tags --- extensions/auth-basic/pkg/config/config.go | 36 +++++++++--------- extensions/gateway/pkg/config/config.go | 2 +- extensions/group/pkg/config/config.go | 44 +++++++++++----------- extensions/storage/pkg/config/config.go | 4 +- extensions/user/pkg/config/config.go | 44 +++++++++++----------- ocis-pkg/config/config.go | 4 +- 6 files changed, 67 insertions(+), 67 deletions(-) diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 2b9074f02f..3357d76b51 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -60,24 +60,24 @@ type JSONProvider struct { } type LDAPProvider struct { - URI string `yaml:"" env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` - CACert string `yaml:"" env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` - Insecure bool `yaml:"" env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` - BindDN string `yaml:"" env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` - BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:"" env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` - GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:"" env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` - GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` - UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:"" env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:""` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:""` - GroupSchema LDAPGroupSchema `yaml:""` + URI string `env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` + CACert string `env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` + Insecure bool `env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` + BindDN string `env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` + BindPassword string `env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` + UserBaseDN string `env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` + GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` + UserScope string `env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` + GroupScope string `env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` + UserFilter string `env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` + GroupFilter string `env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` + UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` + IDP string `env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? + GatewayEndpoint string // TODO do we need this here? + UserSchema LDAPUserSchema + GroupSchema LDAPGroupSchema } type LDAPUserSchema struct { diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index 872ac234a7..ca3555e721 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -16,7 +16,7 @@ type Config struct { TokenManager *TokenManager `yaml:"token_manager"` Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:""` + SkipUserGroupsInToken bool CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant"` CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref"` diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index 2c77850300..9588f87672 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver `yaml:""` - LDAP LDAPDriver `yaml:""` - OwnCloudSQL OwnCloudSQLDriver `yaml:""` - REST RESTProvider `yaml:""` + JSON JSONDriver + LDAP LDAPDriver + OwnCloudSQL OwnCloudSQLDriver + REST RESTProvider } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `yaml:"" env:"LDAP_URI;GROUPS_LDAP_URI"` - CACert string `yaml:"" env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` - Insecure bool `yaml:"" env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` - BindDN string `yaml:"" env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` - BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:"" env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` - GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:"" env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` - GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` - UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:"" env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:""` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:""` - GroupSchema LDAPGroupSchema `yaml:""` + URI string `env:"LDAP_URI;GROUPS_LDAP_URI"` + CACert string `env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` + Insecure bool `env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` + BindDN string `env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` + BindPassword string `env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` + UserBaseDN string `env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` + GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` + UserScope string `env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` + GroupScope string `env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` + UserFilter string `env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` + GroupFilter string `env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` + UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string // TODO do we need this here? + UserSchema LDAPUserSchema + GroupSchema LDAPGroupSchema } type LDAPUserSchema struct { diff --git a/extensions/storage/pkg/config/config.go b/extensions/storage/pkg/config/config.go index 1b8daa4f20..c3a626e40f 100644 --- a/extensions/storage/pkg/config/config.go +++ b/extensions/storage/pkg/config/config.go @@ -188,7 +188,7 @@ type Auth struct { // DataGatewayPort has a public url type DataGatewayPort struct { Port - PublicURL string `yaml:""` + PublicURL string } type DataProvider struct { @@ -522,7 +522,7 @@ type Asset struct { // Config combines all available configuration parts. type Config struct { - *shared.Commons `yaml:""` + *shared.Commons File string `yaml:"file"` Log *shared.Log `yaml:"log"` diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index 040c0c5f94..d09b7bb4dc 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver `yaml:""` - LDAP LDAPDriver `yaml:""` - OwnCloudSQL OwnCloudSQLDriver `yaml:""` - REST RESTProvider `yaml:""` + JSON JSONDriver + LDAP LDAPDriver + OwnCloudSQL OwnCloudSQLDriver + REST RESTProvider } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `yaml:"" env:"LDAP_URI;USERS_LDAP_URI"` - CACert string `yaml:"" env:"LDAP_CACERT;USERS_LDAP_CACERT"` - Insecure bool `yaml:"" env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` - BindDN string `yaml:"" env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` - BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:"" env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` - GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:"" env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` - GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` - UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:"" env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:""` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:""` - GroupSchema LDAPGroupSchema `yaml:""` + URI string `env:"LDAP_URI;USERS_LDAP_URI"` + CACert string `env:"LDAP_CACERT;USERS_LDAP_CACERT"` + Insecure bool `env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` + BindDN string `env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` + BindPassword string `env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` + UserBaseDN string `env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` + GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` + UserScope string `env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` + GroupScope string `env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` + UserFilter string `env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` + GroupFilter string `env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` + UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string // TODO do we need this here? + UserSchema LDAPUserSchema + GroupSchema LDAPGroupSchema } type LDAPUserSchema struct { diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index cac020ad09..eddd2bbd2a 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -64,8 +64,8 @@ type Config struct { Tracing *shared.Tracing `yaml:"tracing"` Log *shared.Log `yaml:"log"` - Mode Mode `yaml:""` // DEPRECATED - File string `yaml:""` + Mode Mode // DEPRECATED + File string OcisURL string `yaml:"ocis_url"` Registry string `yaml:"registry"` From 3a9ba10dc453e807bed380d8eb2b5fbfc760d982 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 15:34:31 +0200 Subject: [PATCH 28/99] fix and restructure ocis-pkg config parser --- ocis-pkg/config/parser/parse.go | 51 +++++++++++++++++++++++++-------- 1 file changed, 39 insertions(+), 12 deletions(-) diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index a28c457df1..0f6b6ba198 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -2,24 +2,44 @@ package parser import ( "errors" - "log" + "fmt" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" "github.com/owncloud/ocis/ocis-pkg/shared" ) -// ParseConfig loads ocis configuration. +// ParseConfig loads the ocis configuration and +// copies applicable parts into the commons part, from +// where the extensions can copy it into their own config func ParseConfig(cfg *config.Config) error { _, err := config.BindSourcesToStructs("ocis", cfg) if err != nil { return err } + EnsureDefaultsAndCommons(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + return Validate(cfg) +} + +// EnsureDefaultsAndCommons copies applicable parts of the oCIS config into the commons part +// and also ensure that all pointers in the oCIS config (not the extensions configs) are initialized +func EnsureDefaultsAndCommons(cfg *config.Config) { + // ensure the commons part is initialized if cfg.Commons == nil { cfg.Commons = &shared.Commons{} } + // copy config to the commons part if set if cfg.Log != nil { cfg.Commons.Log = &shared.Log{ Level: cfg.Log.Level, @@ -32,6 +52,7 @@ func ParseConfig(cfg *config.Config) error { cfg.Log = &shared.Log{} } + // copy tracing to the commons part if set if cfg.Tracing != nil { cfg.Commons.Tracing = &shared.Tracing{ Enabled: cfg.Tracing.Enabled, @@ -44,6 +65,7 @@ func ParseConfig(cfg *config.Config) error { cfg.Tracing = &shared.Tracing{} } + // copy token manager to the commons part if set if cfg.TokenManager != nil { cfg.Commons.TokenManager = cfg.TokenManager } else { @@ -51,24 +73,29 @@ func ParseConfig(cfg *config.Config) error { cfg.TokenManager = cfg.Commons.TokenManager } + // copy machine auth api key to the commons part if set if cfg.MachineAuthAPIKey != "" { cfg.Commons.MachineAuthAPIKey = cfg.MachineAuthAPIKey - } else { - log.Fatalf("machine auth api key is not set up properly, bailing out (ocis)") } + // copy transfer secret to the commons part if set if cfg.TransferSecret != "" { cfg.Commons.TransferSecret = cfg.TransferSecret - } else { - log.Fatalf("reva transfer secret not properly set, bailing out (ocis)") } - // load all env variables relevant to the config in the current context. - if err := envdecode.Decode(cfg); err != nil { - // no environment variable set for this config is an expected "error" - if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { - return err - } +} + +func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return fmt.Errorf("jwt secret is not set up properly, bailing out (ocis)") + } + + if cfg.TransferSecret == "" { + return fmt.Errorf("transfer secret is not set up properly, bailing out (ocis)") + } + + if cfg.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key is not set up properly, bailing out (ocis)") } return nil From 5a6c44afa0351d17e9be699b5c79d0917b8f2a9b Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Thu, 28 Apr 2022 15:43:40 +0200 Subject: [PATCH 29/99] move config generator to own structures, to avoid having to fork the yaml package (omitempty issues) Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 265 +++++++++++++++++++++++++-------------- 1 file changed, 172 insertions(+), 93 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 5c11dc359a..af6e44d48e 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -14,29 +14,100 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" "github.com/owncloud/ocis/ocis-pkg/generators" - "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" - - authbasic "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" - authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" - frontend "github.com/owncloud/ocis/extensions/frontend/pkg/config" - graph "github.com/owncloud/ocis/extensions/graph/pkg/config" - group "github.com/owncloud/ocis/extensions/group/pkg/config" - idm "github.com/owncloud/ocis/extensions/idm/pkg/config" - idp "github.com/owncloud/ocis/extensions/idp/pkg/config" - ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config" - proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" - storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" - storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config" - thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" - user "github.com/owncloud/ocis/extensions/user/pkg/config" ) const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file const passwordLength int = 32 +type tokenManager struct { + JWT_Secret string +} + +type insecureExtension struct { + Insecure bool +} + +type insecureProxyExtension struct { + Insecure_backends bool +} + +type dataProviderInsecureSettings struct { + Data_provider_insecure bool +} + +type ldapSettings struct { + Bind_password string +} +type ldapBasedExtension struct { + Ldap ldapSettings +} + +type graphExtension struct { + Spaces insecureExtension + Identity ldapBasedExtension +} + +type serviceUserPasswordsSettings struct { + Admin_password string + Idm_password string + Reva_password string + Idp_password string +} +type idmExtension struct { + Service_user_Passwords serviceUserPasswordsSettings +} + +type frontendExtension struct { + Archiver insecureExtension + App_provider insecureExtension +} + +type authbasicExtension struct { + Auth_providers ldapBasedExtension +} + +type authProviderSettings struct { + Oidc insecureExtension +} +type authbearerExtension struct { + Auth_providers authProviderSettings +} + +type userAndGroupExtension struct { + Drivers ldapBasedExtension +} + +type thumbnailSettings struct { + Webdav_allow_insecure bool + Cs3_allow_insecure bool +} + +type thumbNailExtension struct { + Thumbnail thumbnailSettings +} + +type ocisConfig struct { + Token_manager tokenManager + Machine_auth_api_key string + Transfer_secret string + Graph graphExtension + Idp ldapBasedExtension + Idm idmExtension + Proxy insecureProxyExtension + Frontend frontendExtension + Auth_basic authbasicExtension + Auth_bearer authbearerExtension + User userAndGroupExtension + Group userAndGroupExtension + Storage_metadata dataProviderInsecureSettings + Storage_users dataProviderInsecureSettings + Ocdav insecureExtension + Thumbnails thumbNailExtension +} + // InitCommand is the entrypoint for the init command func InitCommand(cfg *config.Config) *cli.Command { return &cli.Command{ @@ -129,69 +200,6 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return err } - cfg := config.Config{ - TokenManager: &shared.TokenManager{}, - IDM: &idm.Config{}, - AuthBasic: &authbasic.Config{ - AuthProviders: authbasic.AuthProviders{ - LDAP: authbasic.LDAPProvider{}, - }, - }, - Group: &group.Config{ - Drivers: group.Drivers{ - LDAP: group.LDAPDriver{}, - }, - }, - User: &user.Config{ - Drivers: user.Drivers{ - LDAP: user.LDAPDriver{}, - }, - }, - IDP: &idp.Config{}, - } - - if insecure { - cfg.AuthBearer = &authbearer.Config{ - AuthProviders: authbearer.AuthProviders{ - OIDC: authbearer.OIDCProvider{ - Insecure: true, - }, - }, - } - cfg.Frontend = &frontend.Config{ - AppProvider: frontend.AppProvider{ - Insecure: true, - }, - Archiver: frontend.Archiver{ - Insecure: true, - }, - } - cfg.Graph = &graph.Config{ - Spaces: graph.Spaces{ - Insecure: true, - }, - } - cfg.OCDav = &ocdav.Config{ - Insecure: true, - } - cfg.Proxy = &proxy.Config{ - InsecureBackends: true, - } - - cfg.StorageMetadata = &storagemetadata.Config{ - DataProviderInsecure: true, - } - cfg.StorageUsers = &storageusers.Config{ - DataProviderInsecure: true, - } - cfg.Thumbnails = &thumbnails.Config{ - Thumbnail: thumbnails.Thumbnail{ - WebdavAllowInsecure: true, - CS3AllowInsecure: true, - }, - } - - } idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { @@ -222,22 +230,93 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } - cfg.MachineAuthAPIKey = machineAuthApiKey - cfg.TransferSecret = revaTransferSecret - cfg.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg := ocisConfig{ + Token_manager: tokenManager{ + JWT_Secret: tokenManagerJwtSecret, + }, + Machine_auth_api_key: machineAuthApiKey, + Transfer_secret: revaTransferSecret, + Idm: idmExtension{ + Service_user_Passwords: serviceUserPasswordsSettings{ + Admin_password: ocisAdminServicePassword, + Idp_password: idpServicePassword, + Reva_password: revaServicePassword, + Idm_password: idmServicePassword, + }, + }, + Idp: ldapBasedExtension{ + Ldap: ldapSettings{ + Bind_password: idpServicePassword, + }, + }, + Auth_basic: authbasicExtension{ + Auth_providers: ldapBasedExtension{ + Ldap: ldapSettings{ + Bind_password: revaServicePassword, + }, + }, + }, + Group: userAndGroupExtension{ + Drivers: ldapBasedExtension{ + Ldap: ldapSettings{ + Bind_password: revaServicePassword, + }, + }, + }, + User: userAndGroupExtension{ + Drivers: ldapBasedExtension{ + Ldap: ldapSettings{ + Bind_password: revaServicePassword, + }, + }, + }, + Graph: graphExtension{ + Identity: ldapBasedExtension{ + Ldap: ldapSettings{ + Bind_password: idmServicePassword, + }, + }, + }, + } - cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword - cfg.Graph.Identity.LDAP.BindPassword = idmServicePassword - - cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword - cfg.IDP.Ldap.BindPassword = idpServicePassword - - cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword - cfg.AuthBasic.AuthProviders.LDAP.BindPassword = revaServicePassword - cfg.Group.Drivers.LDAP.BindPassword = revaServicePassword - cfg.User.Drivers.LDAP.BindPassword = revaServicePassword - - cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword + if insecure { + cfg.Auth_bearer = authbearerExtension{ + Auth_providers: authProviderSettings{ + Oidc: insecureExtension{ + Insecure: true, + }, + }, + } + cfg.Frontend = frontendExtension{ + App_provider: insecureExtension{ + Insecure: true, + }, + Archiver: insecureExtension{ + Insecure: true, + }, + } + cfg.Graph.Spaces = insecureExtension{ + Insecure: true, + } + cfg.Ocdav = insecureExtension{ + Insecure: true, + } + cfg.Proxy = insecureProxyExtension{ + Insecure_backends: true, + } + cfg.Storage_metadata = dataProviderInsecureSettings{ + Data_provider_insecure: true, + } + cfg.Storage_users = dataProviderInsecureSettings{ + Data_provider_insecure: true, + } + cfg.Thumbnails = thumbNailExtension{ + Thumbnail: thumbnailSettings{ + Webdav_allow_insecure: true, + Cs3_allow_insecure: true, + }, + } + } yamlOutput, err := yaml.Marshal(cfg) if err != nil { From 83b94cf82db270aae1e61e39daffbd4e3bd9fea7 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 15:52:26 +0200 Subject: [PATCH 30/99] log parsing errors to stdout --- extensions/accounts/pkg/command/health.go | 6 +++++- extensions/accounts/pkg/command/server.go | 6 +++++- extensions/appprovider/pkg/command/command.go | 7 ++++++- extensions/audit/pkg/command/server.go | 6 +++++- extensions/auth-basic/pkg/command/command.go | 7 ++++++- extensions/auth-bearer/pkg/command/command.go | 7 ++++++- extensions/auth-machine/pkg/command/command.go | 7 ++++++- extensions/frontend/pkg/command/command.go | 6 +++++- extensions/gateway/pkg/command/command.go | 7 ++++++- extensions/glauth/pkg/command/health.go | 6 +++++- extensions/glauth/pkg/command/server.go | 6 +++++- extensions/graph-explorer/pkg/command/health.go | 6 +++++- extensions/graph-explorer/pkg/command/server.go | 6 +++++- extensions/graph/pkg/command/health.go | 6 +++++- extensions/graph/pkg/command/server.go | 6 +++++- extensions/group/pkg/command/command.go | 7 ++++++- extensions/idm/pkg/command/health.go | 6 +++++- extensions/idm/pkg/command/server.go | 6 +++++- extensions/idp/pkg/command/health.go | 6 +++++- extensions/idp/pkg/command/server.go | 6 +++++- extensions/nats/pkg/command/server.go | 6 +++++- extensions/notifications/pkg/command/server.go | 6 +++++- extensions/ocdav/pkg/command/ocdav.go | 6 +++++- extensions/ocs/pkg/command/health.go | 6 +++++- extensions/ocs/pkg/command/server.go | 6 +++++- extensions/proxy/pkg/command/health.go | 6 +++++- extensions/proxy/pkg/command/server.go | 6 +++++- extensions/settings/pkg/command/health.go | 6 +++++- extensions/settings/pkg/command/server.go | 6 +++++- extensions/sharing/pkg/command/command.go | 7 ++++++- extensions/storage-metadata/pkg/command/command.go | 7 ++++++- .../storage-publiclink/pkg/command/storagepubliclink.go | 7 ++++++- extensions/storage-shares/pkg/command/command.go | 7 ++++++- extensions/storage-users/pkg/command/command.go | 7 ++++++- extensions/store/pkg/command/health.go | 6 +++++- extensions/store/pkg/command/server.go | 6 +++++- extensions/thumbnails/pkg/command/health.go | 6 +++++- extensions/thumbnails/pkg/command/server.go | 6 +++++- extensions/user/pkg/command/command.go | 7 ++++++- extensions/web/pkg/command/health.go | 6 +++++- extensions/web/pkg/command/server.go | 6 +++++- extensions/webdav/pkg/command/health.go | 6 +++++- extensions/webdav/pkg/command/server.go | 6 +++++- ocis/pkg/command/accounts.go | 8 +++++++- ocis/pkg/command/audit.go | 8 +++++++- ocis/pkg/command/glauth.go | 8 +++++++- ocis/pkg/command/graph.go | 8 +++++++- ocis/pkg/command/graphexplorer.go | 8 +++++++- ocis/pkg/command/idm.go | 8 +++++++- ocis/pkg/command/idp.go | 8 +++++++- ocis/pkg/command/natsserver.go | 8 +++++++- ocis/pkg/command/notifications.go | 8 +++++++- ocis/pkg/command/ocs.go | 8 +++++++- ocis/pkg/command/proxy.go | 8 +++++++- ocis/pkg/command/server.go | 9 +++++++-- ocis/pkg/command/settings.go | 8 +++++++- ocis/pkg/command/store.go | 8 +++++++- ocis/pkg/command/thumbnails.go | 8 +++++++- ocis/pkg/command/web.go | 8 +++++++- ocis/pkg/command/webdav.go | 8 +++++++- 60 files changed, 346 insertions(+), 61 deletions(-) diff --git a/extensions/accounts/pkg/command/health.go b/extensions/accounts/pkg/command/health.go index 2879462576..0590938e93 100644 --- a/extensions/accounts/pkg/command/health.go +++ b/extensions/accounts/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/accounts/pkg/command/server.go b/extensions/accounts/pkg/command/server.go index cad2406868..26fb0f1f49 100644 --- a/extensions/accounts/pkg/command/server.go +++ b/extensions/accounts/pkg/command/server.go @@ -25,7 +25,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/appprovider/pkg/command/command.go b/extensions/appprovider/pkg/command/command.go index a8425fddf4..f638e3c98c 100644 --- a/extensions/appprovider/pkg/command/command.go +++ b/extensions/appprovider/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -26,7 +27,11 @@ func AppProvider(cfg *config.Config) *cli.Command { Name: "app-provider", Usage: "start appprovider for providing apps", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/audit/pkg/command/server.go b/extensions/audit/pkg/command/server.go index 2ace55644a..ad4ad4e175 100644 --- a/extensions/audit/pkg/command/server.go +++ b/extensions/audit/pkg/command/server.go @@ -22,7 +22,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/auth-basic/pkg/command/command.go b/extensions/auth-basic/pkg/command/command.go index 24bc0b7177..cd08691a56 100644 --- a/extensions/auth-basic/pkg/command/command.go +++ b/extensions/auth-basic/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" "path/filepath" @@ -28,7 +29,11 @@ func AuthBasic(cfg *config.Config) *cli.Command { Name: "auth-basic", Usage: "start authprovider for basic auth", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/auth-bearer/pkg/command/command.go b/extensions/auth-bearer/pkg/command/command.go index d896fbb444..ea41172d27 100644 --- a/extensions/auth-bearer/pkg/command/command.go +++ b/extensions/auth-bearer/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -26,7 +27,11 @@ func AuthBearer(cfg *config.Config) *cli.Command { Name: "auth-bearer", Usage: "start authprovider for bearer auth", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/auth-machine/pkg/command/command.go b/extensions/auth-machine/pkg/command/command.go index 41de568723..1ab91220af 100644 --- a/extensions/auth-machine/pkg/command/command.go +++ b/extensions/auth-machine/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -26,7 +27,11 @@ func AuthMachine(cfg *config.Config) *cli.Command { Name: "auth-machine", Usage: "start authprovider for machine auth", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/frontend/pkg/command/command.go b/extensions/frontend/pkg/command/command.go index 6eadfb2e95..f3fc88c2c1 100644 --- a/extensions/frontend/pkg/command/command.go +++ b/extensions/frontend/pkg/command/command.go @@ -35,7 +35,11 @@ func Frontend(cfg *config.Config) *cli.Command { // return err //} //return nil - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/gateway/pkg/command/command.go b/extensions/gateway/pkg/command/command.go index c71895ac4b..816cba5d1b 100644 --- a/extensions/gateway/pkg/command/command.go +++ b/extensions/gateway/pkg/command/command.go @@ -4,6 +4,7 @@ import ( "context" "encoding/json" "flag" + "fmt" "io/ioutil" "os" "path" @@ -32,7 +33,11 @@ func Gateway(cfg *config.Config) *cli.Command { Name: "gateway", Usage: "start gateway", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/glauth/pkg/command/health.go b/extensions/glauth/pkg/command/health.go index c6e54893ce..0ec6170921 100644 --- a/extensions/glauth/pkg/command/health.go +++ b/extensions/glauth/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/glauth/pkg/command/server.go b/extensions/glauth/pkg/command/server.go index fda86d30c1..5a674cdc94 100644 --- a/extensions/glauth/pkg/command/server.go +++ b/extensions/glauth/pkg/command/server.go @@ -28,7 +28,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/graph-explorer/pkg/command/health.go b/extensions/graph-explorer/pkg/command/health.go index a6122e5af7..8ee126ebb2 100644 --- a/extensions/graph-explorer/pkg/command/health.go +++ b/extensions/graph-explorer/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/graph-explorer/pkg/command/server.go b/extensions/graph-explorer/pkg/command/server.go index 093cbe60b3..562cfa569c 100644 --- a/extensions/graph-explorer/pkg/command/server.go +++ b/extensions/graph-explorer/pkg/command/server.go @@ -23,7 +23,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/graph/pkg/command/health.go b/extensions/graph/pkg/command/health.go index 0de5812985..befa8a2e5c 100644 --- a/extensions/graph/pkg/command/health.go +++ b/extensions/graph/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/graph/pkg/command/server.go b/extensions/graph/pkg/command/server.go index c7e3e317a3..1a281fc895 100644 --- a/extensions/graph/pkg/command/server.go +++ b/extensions/graph/pkg/command/server.go @@ -23,7 +23,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/group/pkg/command/command.go b/extensions/group/pkg/command/command.go index 0b8564bfef..9f5d45dfe6 100644 --- a/extensions/group/pkg/command/command.go +++ b/extensions/group/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" "path/filepath" @@ -28,7 +29,11 @@ func Groups(cfg *config.Config) *cli.Command { Name: "groups", Usage: "start groups service", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/idm/pkg/command/health.go b/extensions/idm/pkg/command/health.go index cc61b7c1dc..22bae6b94f 100644 --- a/extensions/idm/pkg/command/health.go +++ b/extensions/idm/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/idm/pkg/command/server.go b/extensions/idm/pkg/command/server.go index c63b0f2af7..90f399dfa9 100644 --- a/extensions/idm/pkg/command/server.go +++ b/extensions/idm/pkg/command/server.go @@ -29,7 +29,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/idp/pkg/command/health.go b/extensions/idp/pkg/command/health.go index cd282e8bac..3ff2833bb2 100644 --- a/extensions/idp/pkg/command/health.go +++ b/extensions/idp/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/idp/pkg/command/server.go b/extensions/idp/pkg/command/server.go index c541245d01..8b3f25e300 100644 --- a/extensions/idp/pkg/command/server.go +++ b/extensions/idp/pkg/command/server.go @@ -23,7 +23,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/nats/pkg/command/server.go b/extensions/nats/pkg/command/server.go index 79f3f7f443..14234b4243 100644 --- a/extensions/nats/pkg/command/server.go +++ b/extensions/nats/pkg/command/server.go @@ -20,7 +20,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/notifications/pkg/command/server.go b/extensions/notifications/pkg/command/server.go index 4a887fc4b9..a51fda7010 100644 --- a/extensions/notifications/pkg/command/server.go +++ b/extensions/notifications/pkg/command/server.go @@ -21,7 +21,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/ocdav/pkg/command/ocdav.go b/extensions/ocdav/pkg/command/ocdav.go index 30896c2842..4869b0263d 100644 --- a/extensions/ocdav/pkg/command/ocdav.go +++ b/extensions/ocdav/pkg/command/ocdav.go @@ -34,7 +34,11 @@ func OCDav(cfg *config.Config) *cli.Command { // return nil //}, Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/ocs/pkg/command/health.go b/extensions/ocs/pkg/command/health.go index 515f384080..6e7d9c08b1 100644 --- a/extensions/ocs/pkg/command/health.go +++ b/extensions/ocs/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/ocs/pkg/command/server.go b/extensions/ocs/pkg/command/server.go index 0b88c99728..5df57b6103 100644 --- a/extensions/ocs/pkg/command/server.go +++ b/extensions/ocs/pkg/command/server.go @@ -24,7 +24,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/proxy/pkg/command/health.go b/extensions/proxy/pkg/command/health.go index e3014e5870..a90cb78b41 100644 --- a/extensions/proxy/pkg/command/health.go +++ b/extensions/proxy/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/proxy/pkg/command/server.go b/extensions/proxy/pkg/command/server.go index 7afc358729..ed1752ebb7 100644 --- a/extensions/proxy/pkg/command/server.go +++ b/extensions/proxy/pkg/command/server.go @@ -43,7 +43,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/settings/pkg/command/health.go b/extensions/settings/pkg/command/health.go index 82cc7202f3..620734e00d 100644 --- a/extensions/settings/pkg/command/health.go +++ b/extensions/settings/pkg/command/health.go @@ -16,7 +16,11 @@ func Health(cfg *config.Config) *cli.Command { Name: "health", Usage: "Check health status", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/settings/pkg/command/server.go b/extensions/settings/pkg/command/server.go index 877b48b2fa..407a4f4126 100644 --- a/extensions/settings/pkg/command/server.go +++ b/extensions/settings/pkg/command/server.go @@ -24,7 +24,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/sharing/pkg/command/command.go b/extensions/sharing/pkg/command/command.go index a7376f4ebf..29cde19357 100644 --- a/extensions/sharing/pkg/command/command.go +++ b/extensions/sharing/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" "path/filepath" @@ -28,7 +29,11 @@ func Sharing(cfg *config.Config) *cli.Command { Name: "sharing", Usage: "start sharing service", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/storage-metadata/pkg/command/command.go b/extensions/storage-metadata/pkg/command/command.go index 65346a94f1..6631a4abe1 100644 --- a/extensions/storage-metadata/pkg/command/command.go +++ b/extensions/storage-metadata/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -32,7 +33,11 @@ func StorageMetadata(cfg *config.Config) *cli.Command { Usage: "start storage-metadata service", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/storage-publiclink/pkg/command/storagepubliclink.go b/extensions/storage-publiclink/pkg/command/storagepubliclink.go index 518003919e..06fe7ada8a 100644 --- a/extensions/storage-publiclink/pkg/command/storagepubliclink.go +++ b/extensions/storage-publiclink/pkg/command/storagepubliclink.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -27,7 +28,11 @@ func StoragePublicLink(cfg *config.Config) *cli.Command { Usage: "start storage-public-link service", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/storage-shares/pkg/command/command.go b/extensions/storage-shares/pkg/command/command.go index c689e704f1..6964706456 100644 --- a/extensions/storage-shares/pkg/command/command.go +++ b/extensions/storage-shares/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -27,7 +28,11 @@ func StorageShares(cfg *config.Config) *cli.Command { Name: "storage-shares", Usage: "start storage-shares service", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/storage-users/pkg/command/command.go b/extensions/storage-users/pkg/command/command.go index 01b4fc4c98..5e48a2db03 100644 --- a/extensions/storage-users/pkg/command/command.go +++ b/extensions/storage-users/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -26,7 +27,11 @@ func StorageUsers(cfg *config.Config) *cli.Command { Name: "storage-users", Usage: "start storage-users service", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/store/pkg/command/health.go b/extensions/store/pkg/command/health.go index 7bf3ba8f46..341f59317c 100644 --- a/extensions/store/pkg/command/health.go +++ b/extensions/store/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/store/pkg/command/server.go b/extensions/store/pkg/command/server.go index ac14affd2c..a2995507e7 100644 --- a/extensions/store/pkg/command/server.go +++ b/extensions/store/pkg/command/server.go @@ -24,7 +24,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/thumbnails/pkg/command/health.go b/extensions/thumbnails/pkg/command/health.go index f63d023d55..17e9358771 100644 --- a/extensions/thumbnails/pkg/command/health.go +++ b/extensions/thumbnails/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/thumbnails/pkg/command/server.go b/extensions/thumbnails/pkg/command/server.go index 8bfd35a1bd..7244a7c86c 100644 --- a/extensions/thumbnails/pkg/command/server.go +++ b/extensions/thumbnails/pkg/command/server.go @@ -24,7 +24,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/user/pkg/command/command.go b/extensions/user/pkg/command/command.go index 473c91ff8e..27e7cabfab 100644 --- a/extensions/user/pkg/command/command.go +++ b/extensions/user/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" "path/filepath" @@ -28,7 +29,11 @@ func User(cfg *config.Config) *cli.Command { Name: "users", Usage: "start users service", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/web/pkg/command/health.go b/extensions/web/pkg/command/health.go index 397f14da41..70e33f31e1 100644 --- a/extensions/web/pkg/command/health.go +++ b/extensions/web/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/web/pkg/command/server.go b/extensions/web/pkg/command/server.go index e62494d072..d95587aa25 100644 --- a/extensions/web/pkg/command/server.go +++ b/extensions/web/pkg/command/server.go @@ -24,7 +24,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/webdav/pkg/command/health.go b/extensions/webdav/pkg/command/health.go index d6226f8e8f..9882d035bf 100644 --- a/extensions/webdav/pkg/command/health.go +++ b/extensions/webdav/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/webdav/pkg/command/server.go b/extensions/webdav/pkg/command/server.go index 291276cbbe..b603681a0f 100644 --- a/extensions/webdav/pkg/command/server.go +++ b/extensions/webdav/pkg/command/server.go @@ -23,7 +23,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/ocis/pkg/command/accounts.go b/ocis/pkg/command/accounts.go index f8a56bfcc5..8434e0c2f5 100644 --- a/ocis/pkg/command/accounts.go +++ b/ocis/pkg/command/accounts.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/accounts/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func AccountsCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Accounts.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Accounts), } diff --git a/ocis/pkg/command/audit.go b/ocis/pkg/command/audit.go index 638367a166..884b79fb3e 100644 --- a/ocis/pkg/command/audit.go +++ b/ocis/pkg/command/audit.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/audit/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func AuditCommand(cfg *config.Config) *cli.Command { Usage: "start audit service", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Audit), } diff --git a/ocis/pkg/command/glauth.go b/ocis/pkg/command/glauth.go index ad91954eb0..bbe5af9e7f 100644 --- a/ocis/pkg/command/glauth.go +++ b/ocis/pkg/command/glauth.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/glauth/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func GLAuthCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.GLAuth.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.GLAuth), } diff --git a/ocis/pkg/command/graph.go b/ocis/pkg/command/graph.go index 836ad44465..34158e1cc3 100644 --- a/ocis/pkg/command/graph.go +++ b/ocis/pkg/command/graph.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/graph/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func GraphCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Graph.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Graph), } diff --git a/ocis/pkg/command/graphexplorer.go b/ocis/pkg/command/graphexplorer.go index 95be9e503f..6e1f890fbd 100644 --- a/ocis/pkg/command/graphexplorer.go +++ b/ocis/pkg/command/graphexplorer.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/graph-explorer/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func GraphExplorerCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.GraphExplorer.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.GraphExplorer), } diff --git a/ocis/pkg/command/idm.go b/ocis/pkg/command/idm.go index d768b6dc58..86d3cae777 100644 --- a/ocis/pkg/command/idm.go +++ b/ocis/pkg/command/idm.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/idm/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func IDMCommand(cfg *config.Config) *cli.Command { Usage: "idm extension commands", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.IDM), } diff --git a/ocis/pkg/command/idp.go b/ocis/pkg/command/idp.go index 0c6828c592..0f37a98c05 100644 --- a/ocis/pkg/command/idp.go +++ b/ocis/pkg/command/idp.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/idp/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func IDPCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.IDP.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.IDP), } diff --git a/ocis/pkg/command/natsserver.go b/ocis/pkg/command/natsserver.go index 1e7f343231..6a46a1cc7a 100644 --- a/ocis/pkg/command/natsserver.go +++ b/ocis/pkg/command/natsserver.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/nats/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func NatsServerCommand(cfg *config.Config) *cli.Command { Usage: "start nats server", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Nats), } diff --git a/ocis/pkg/command/notifications.go b/ocis/pkg/command/notifications.go index f4108e299a..a6f1113d74 100644 --- a/ocis/pkg/command/notifications.go +++ b/ocis/pkg/command/notifications.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/notifications/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func NotificationsCommand(cfg *config.Config) *cli.Command { Usage: "start notifications service", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Notifications), } diff --git a/ocis/pkg/command/ocs.go b/ocis/pkg/command/ocs.go index 2fae3beb95..fdd76af613 100644 --- a/ocis/pkg/command/ocs.go +++ b/ocis/pkg/command/ocs.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/ocs/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func OCSCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.OCS.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.OCS), } diff --git a/ocis/pkg/command/proxy.go b/ocis/pkg/command/proxy.go index 429ca83e19..a23eec33cf 100644 --- a/ocis/pkg/command/proxy.go +++ b/ocis/pkg/command/proxy.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/proxy/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func ProxyCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Proxy.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Proxy), } diff --git a/ocis/pkg/command/server.go b/ocis/pkg/command/server.go index f623a2497f..c4bba27eb0 100644 --- a/ocis/pkg/command/server.go +++ b/ocis/pkg/command/server.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" @@ -15,10 +17,13 @@ func Server(cfg *config.Config) *cli.Command { Usage: "start a fullstack server (runtime and all extensions in supervised mode)", Category: "fullstack", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { - r := runtime.New(cfg) return r.Start() }, diff --git a/ocis/pkg/command/settings.go b/ocis/pkg/command/settings.go index 32c8b43e69..33032f30c0 100644 --- a/ocis/pkg/command/settings.go +++ b/ocis/pkg/command/settings.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/settings/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func SettingsCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Settings.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Settings), } diff --git a/ocis/pkg/command/store.go b/ocis/pkg/command/store.go index e37d5ab79f..12bda770f9 100644 --- a/ocis/pkg/command/store.go +++ b/ocis/pkg/command/store.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/store/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -16,7 +18,11 @@ func StoreCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Store.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Store), } diff --git a/ocis/pkg/command/thumbnails.go b/ocis/pkg/command/thumbnails.go index 8409c98dc0..ca6e693a02 100644 --- a/ocis/pkg/command/thumbnails.go +++ b/ocis/pkg/command/thumbnails.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/thumbnails/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func ThumbnailsCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Thumbnails.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Thumbnails), } diff --git a/ocis/pkg/command/web.go b/ocis/pkg/command/web.go index 0b3ec822e2..70499da3fe 100644 --- a/ocis/pkg/command/web.go +++ b/ocis/pkg/command/web.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/web/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func WebCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Web.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Web), } diff --git a/ocis/pkg/command/webdav.go b/ocis/pkg/command/webdav.go index 7add32497f..a87145ab4e 100644 --- a/ocis/pkg/command/webdav.go +++ b/ocis/pkg/command/webdav.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/webdav/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -16,7 +18,11 @@ func WebDAVCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.WebDAV.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.WebDAV), } From 0330b431bb24e0f0ad8a101728531e5fb4364298 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Thu, 28 Apr 2022 15:55:21 +0200 Subject: [PATCH 31/99] unclutter ocis init code Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 286 +------------------------------------- ocis/pkg/init/init.go | 291 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 293 insertions(+), 284 deletions(-) create mode 100644 ocis/pkg/init/init.go diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index af6e44d48e..24d82821ac 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -3,111 +3,17 @@ package command import ( "bufio" "fmt" - "io" - "io/ioutil" "log" "os" - "path" "strings" - "time" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" - "github.com/owncloud/ocis/ocis-pkg/generators" + ocisinit "github.com/owncloud/ocis/ocis/pkg/init" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" - "gopkg.in/yaml.v3" ) -const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file -const passwordLength int = 32 - -type tokenManager struct { - JWT_Secret string -} - -type insecureExtension struct { - Insecure bool -} - -type insecureProxyExtension struct { - Insecure_backends bool -} - -type dataProviderInsecureSettings struct { - Data_provider_insecure bool -} - -type ldapSettings struct { - Bind_password string -} -type ldapBasedExtension struct { - Ldap ldapSettings -} - -type graphExtension struct { - Spaces insecureExtension - Identity ldapBasedExtension -} - -type serviceUserPasswordsSettings struct { - Admin_password string - Idm_password string - Reva_password string - Idp_password string -} -type idmExtension struct { - Service_user_Passwords serviceUserPasswordsSettings -} - -type frontendExtension struct { - Archiver insecureExtension - App_provider insecureExtension -} - -type authbasicExtension struct { - Auth_providers ldapBasedExtension -} - -type authProviderSettings struct { - Oidc insecureExtension -} -type authbearerExtension struct { - Auth_providers authProviderSettings -} - -type userAndGroupExtension struct { - Drivers ldapBasedExtension -} - -type thumbnailSettings struct { - Webdav_allow_insecure bool - Cs3_allow_insecure bool -} - -type thumbNailExtension struct { - Thumbnail thumbnailSettings -} - -type ocisConfig struct { - Token_manager tokenManager - Machine_auth_api_key string - Transfer_secret string - Graph graphExtension - Idp ldapBasedExtension - Idm idmExtension - Proxy insecureProxyExtension - Frontend frontendExtension - Auth_basic authbasicExtension - Auth_bearer authbearerExtension - User userAndGroupExtension - Group userAndGroupExtension - Storage_metadata dataProviderInsecureSettings - Storage_users dataProviderInsecureSettings - Ocdav insecureExtension - Thumbnails thumbNailExtension -} - // InitCommand is the entrypoint for the init command func InitCommand(cfg *config.Config) *cli.Command { return &cli.Command{ @@ -142,7 +48,7 @@ func InitCommand(cfg *config.Config) *cli.Command { } else if insecureFlag == "true" { insecure = true } - err := createConfig(insecure, c.Bool("force-overwrite"), c.String("config-path")) + err := ocisinit.CreateConfig(insecure, c.Bool("force-overwrite"), c.String("config-path")) if err != nil { log.Fatalf("Could not create config: %s", err) } @@ -155,194 +61,6 @@ func init() { register.AddCommand(InitCommand) } -func checkConfigPath(configPath string) error { - targetPath := path.Join(configPath, configFilename) - if _, err := os.Stat(targetPath); err == nil { - return fmt.Errorf("config in %s already exists", targetPath) - } - return nil -} - -func backupOcisConfigFile(configPath string) (string, error) { - sourceConfig := path.Join(configPath, configFilename) - targetBackupConfig := path.Join(configPath, configFilename+"."+time.Now().Format("2006-01-02-15-04-05")+".backup") - source, err := os.Open(sourceConfig) - if err != nil { - log.Fatalf("Could not read %s (%s)", sourceConfig, err) - } - defer source.Close() - target, err := os.Create(targetBackupConfig) - if err != nil { - log.Fatalf("Could not generate backup %s (%s)", targetBackupConfig, err) - } - defer target.Close() - _, err = io.Copy(target, source) - if err != nil { - log.Fatalf("Could not write backup %s (%s)", targetBackupConfig, err) - } - return targetBackupConfig, nil -} - -func createConfig(insecure, forceOverwrite bool, configPath string) error { - err := checkConfigPath(configPath) - targetBackupConfig := "" - if err != nil && !forceOverwrite { - return err - } else if forceOverwrite { - targetBackupConfig, err = backupOcisConfigFile(configPath) - if err != nil { - return err - } else { - - } - } - err = os.MkdirAll(configPath, 0700) - if err != nil { - return err - } - - idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for idm: %s", err) - } - idpServicePassword, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for idp: %s", err) - } - ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for ocis admin: %s", err) - } - revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for reva: %s", err) - } - tokenManagerJwtSecret, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for tokenmanager: %s", err) - } - machineAuthApiKey, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) - } - revaTransferSecret, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) - } - - cfg := ocisConfig{ - Token_manager: tokenManager{ - JWT_Secret: tokenManagerJwtSecret, - }, - Machine_auth_api_key: machineAuthApiKey, - Transfer_secret: revaTransferSecret, - Idm: idmExtension{ - Service_user_Passwords: serviceUserPasswordsSettings{ - Admin_password: ocisAdminServicePassword, - Idp_password: idpServicePassword, - Reva_password: revaServicePassword, - Idm_password: idmServicePassword, - }, - }, - Idp: ldapBasedExtension{ - Ldap: ldapSettings{ - Bind_password: idpServicePassword, - }, - }, - Auth_basic: authbasicExtension{ - Auth_providers: ldapBasedExtension{ - Ldap: ldapSettings{ - Bind_password: revaServicePassword, - }, - }, - }, - Group: userAndGroupExtension{ - Drivers: ldapBasedExtension{ - Ldap: ldapSettings{ - Bind_password: revaServicePassword, - }, - }, - }, - User: userAndGroupExtension{ - Drivers: ldapBasedExtension{ - Ldap: ldapSettings{ - Bind_password: revaServicePassword, - }, - }, - }, - Graph: graphExtension{ - Identity: ldapBasedExtension{ - Ldap: ldapSettings{ - Bind_password: idmServicePassword, - }, - }, - }, - } - - if insecure { - cfg.Auth_bearer = authbearerExtension{ - Auth_providers: authProviderSettings{ - Oidc: insecureExtension{ - Insecure: true, - }, - }, - } - cfg.Frontend = frontendExtension{ - App_provider: insecureExtension{ - Insecure: true, - }, - Archiver: insecureExtension{ - Insecure: true, - }, - } - cfg.Graph.Spaces = insecureExtension{ - Insecure: true, - } - cfg.Ocdav = insecureExtension{ - Insecure: true, - } - cfg.Proxy = insecureProxyExtension{ - Insecure_backends: true, - } - cfg.Storage_metadata = dataProviderInsecureSettings{ - Data_provider_insecure: true, - } - cfg.Storage_users = dataProviderInsecureSettings{ - Data_provider_insecure: true, - } - cfg.Thumbnails = thumbNailExtension{ - Thumbnail: thumbnailSettings{ - Webdav_allow_insecure: true, - Cs3_allow_insecure: true, - }, - } - } - - yamlOutput, err := yaml.Marshal(cfg) - if err != nil { - return fmt.Errorf("could not marshall config into yaml: %s", err) - } - targetPath := path.Join(configPath, configFilename) - err = ioutil.WriteFile(targetPath, yamlOutput, 0600) - if err != nil { - return err - } - fmt.Printf( - "\n\n=========================================\n"+ - " generated OCIS Config\n"+ - "=========================================\n"+ - " configpath : %s\n"+ - " user : admin\n"+ - " password : %s\n\n", - targetPath, ocisAdminServicePassword) - if targetBackupConfig != "" { - fmt.Printf("\n=========================================\n"+ - "An older config file has been backuped to\n %s\n\n", - targetBackupConfig) - } - return nil -} - func stringPrompt(label string) string { input := "" reader := bufio.NewReader(os.Stdin) diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go new file mode 100644 index 0000000000..22a7940061 --- /dev/null +++ b/ocis/pkg/init/init.go @@ -0,0 +1,291 @@ +package init + +import ( + "fmt" + "io" + "io/ioutil" + "log" + "os" + "path" + "time" + + "github.com/owncloud/ocis/ocis-pkg/generators" + "gopkg.in/yaml.v2" +) + +const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file +const passwordLength int = 32 + +type TokenManager struct { + JWT_Secret string +} + +type InsecureExtension struct { + Insecure bool +} + +type InsecureProxyExtension struct { + Insecure_backends bool +} + +type DataProviderInsecureSettings struct { + Data_provider_insecure bool +} + +type LdapSettings struct { + Bindpassword string +} +type LdapBasedExtension struct { + Ldap LdapSettings +} + +type GraphExtension struct { + Spaces InsecureExtension + Identity LdapBasedExtension +} + +type ServiceUserPasswordsSettings struct { + Admin_password string + Idm_password string + Reva_password string + Idp_password string +} +type IdmExtension struct { + Service_user_Passwords ServiceUserPasswordsSettings +} + +type FrontendExtension struct { + Archiver InsecureExtension + App_provider InsecureExtension +} + +type AuthbasicExtension struct { + Auth_providers LdapBasedExtension +} + +type AuthProviderSettings struct { + Oidc InsecureExtension +} +type AuthbearerExtension struct { + Auth_providers AuthProviderSettings +} + +type UserAndGroupExtension struct { + Drivers LdapBasedExtension +} + +type ThumbnailSettings struct { + Webdav_allow_insecure bool + Cs3_allow_insecure bool +} + +type ThumbNailExtension struct { + Thumbnail ThumbnailSettings +} + +type OcisConfig struct { + Token_manager TokenManager + Machine_auth_api_key string + Transfer_secret string + Graph GraphExtension + Idp LdapBasedExtension + Idm IdmExtension + Proxy InsecureProxyExtension + Frontend FrontendExtension + Auth_basic AuthbasicExtension + Auth_bearer AuthbearerExtension + User UserAndGroupExtension + Group UserAndGroupExtension + Storage_metadata DataProviderInsecureSettings + Storage_users DataProviderInsecureSettings + Ocdav InsecureExtension + Thumbnails ThumbNailExtension +} + +func checkConfigPath(configPath string) error { + targetPath := path.Join(configPath, configFilename) + if _, err := os.Stat(targetPath); err == nil { + return fmt.Errorf("config in %s already exists", targetPath) + } + return nil +} + +func backupOcisConfigFile(configPath string) (string, error) { + sourceConfig := path.Join(configPath, configFilename) + targetBackupConfig := path.Join(configPath, configFilename+"."+time.Now().Format("2006-01-02-15-04-05")+".backup") + source, err := os.Open(sourceConfig) + if err != nil { + log.Fatalf("Could not read %s (%s)", sourceConfig, err) + } + defer source.Close() + target, err := os.Create(targetBackupConfig) + if err != nil { + log.Fatalf("Could not generate backup %s (%s)", targetBackupConfig, err) + } + defer target.Close() + _, err = io.Copy(target, source) + if err != nil { + log.Fatalf("Could not write backup %s (%s)", targetBackupConfig, err) + } + return targetBackupConfig, nil +} + +func CreateConfig(insecure, forceOverwrite bool, configPath string) error { + err := checkConfigPath(configPath) + targetBackupConfig := "" + if err != nil && !forceOverwrite { + return err + } else if forceOverwrite { + targetBackupConfig, err = backupOcisConfigFile(configPath) + if err != nil { + return err + } else { + + } + } + err = os.MkdirAll(configPath, 0700) + if err != nil { + return err + } + + idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for idm: %s", err) + } + idpServicePassword, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for idp: %s", err) + } + ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for ocis admin: %s", err) + } + revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for reva: %s", err) + } + tokenManagerJwtSecret, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for tokenmanager: %s", err) + } + machineAuthApiKey, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) + } + revaTransferSecret, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) + } + + cfg := OcisConfig{ + Token_manager: TokenManager{ + JWT_Secret: tokenManagerJwtSecret, + }, + Machine_auth_api_key: machineAuthApiKey, + Transfer_secret: revaTransferSecret, + Idm: IdmExtension{ + Service_user_Passwords: ServiceUserPasswordsSettings{ + Admin_password: ocisAdminServicePassword, + Idp_password: idpServicePassword, + Reva_password: revaServicePassword, + Idm_password: idmServicePassword, + }, + }, + Idp: LdapBasedExtension{ + Ldap: LdapSettings{ + Bindpassword: idpServicePassword, + }, + }, + Auth_basic: AuthbasicExtension{ + Auth_providers: LdapBasedExtension{ + Ldap: LdapSettings{ + Bindpassword: revaServicePassword, + }, + }, + }, + Group: UserAndGroupExtension{ + Drivers: LdapBasedExtension{ + Ldap: LdapSettings{ + Bindpassword: revaServicePassword, + }, + }, + }, + User: UserAndGroupExtension{ + Drivers: LdapBasedExtension{ + Ldap: LdapSettings{ + Bindpassword: revaServicePassword, + }, + }, + }, + Graph: GraphExtension{ + Identity: LdapBasedExtension{ + Ldap: LdapSettings{ + Bindpassword: idmServicePassword, + }, + }, + }, + } + + if insecure { + cfg.Auth_bearer = AuthbearerExtension{ + Auth_providers: AuthProviderSettings{ + Oidc: InsecureExtension{ + Insecure: true, + }, + }, + } + cfg.Frontend = FrontendExtension{ + App_provider: InsecureExtension{ + Insecure: true, + }, + Archiver: InsecureExtension{ + Insecure: true, + }, + } + cfg.Graph.Spaces = InsecureExtension{ + Insecure: true, + } + cfg.Ocdav = InsecureExtension{ + Insecure: true, + } + cfg.Proxy = InsecureProxyExtension{ + Insecure_backends: true, + } + cfg.Storage_metadata = DataProviderInsecureSettings{ + Data_provider_insecure: true, + } + cfg.Storage_users = DataProviderInsecureSettings{ + Data_provider_insecure: true, + } + cfg.Thumbnails = ThumbNailExtension{ + Thumbnail: ThumbnailSettings{ + Webdav_allow_insecure: true, + Cs3_allow_insecure: true, + }, + } + } + + yamlOutput, err := yaml.Marshal(cfg) + if err != nil { + return fmt.Errorf("could not marshall config into yaml: %s", err) + } + targetPath := path.Join(configPath, configFilename) + err = ioutil.WriteFile(targetPath, yamlOutput, 0600) + if err != nil { + return err + } + fmt.Printf( + "\n\n=========================================\n"+ + " generated OCIS Config\n"+ + "=========================================\n"+ + " configpath : %s\n"+ + " user : admin\n"+ + " password : %s\n\n", + targetPath, ocisAdminServicePassword) + if targetBackupConfig != "" { + fmt.Printf("\n=========================================\n"+ + "An older config file has been backuped to\n %s\n\n", + targetBackupConfig) + } + return nil +} From 4e531ca442f3ce40ffe9bee48400d73cf4d895e3 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 16:16:06 +0200 Subject: [PATCH 32/99] fix ocis startup with debugging config / environment variables only --- .vscode/launch.json | 20 ++++++++++++-- extensions/thumbnails/pkg/config/config.go | 2 +- .../thumbnails/pkg/config/parser/parse.go | 2 +- ocis-pkg/config/config.go | 2 +- ocis-pkg/config/parser/parse.go | 26 ++++++++++++++----- 5 files changed, 40 insertions(+), 12 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 4332cf2e1a..aec90a875e 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -19,9 +19,25 @@ "PROXY_ENABLE_BASIC_AUTH": "true", // set insecure options because we don't have valid certificates in dev environments "OCIS_INSECURE": "true", + // set some hardcoded secrets + "OCIS_JWT_SECRET": "some-ocis-jwt-secret", + "STORAGE_TRANSFER_SECRET": "some-ocis-transfer-secret", + "OCIS_MACHINE_AUTH_API_KEY": "some-ocis-machine-auth-api-key", + // idm ldap + "IDM_SVC_PASSWORD": "some-ldap-idm-password", + "GRAPH_LDAP_BIND_PASSWORD": "some-ldap-idm-password", + // reva ldap + "IDM_REVASVC_PASSWORD": "some-ldap-reva-password", + "GROUPS_LDAP_BIND_PASSWORD": "some-ldap-reva-password", + "USERS_LDAP_BIND_PASSWORD": "some-ldap-reva-password", + "AUTH_BASIC_LDAP_BIND_PASSWORD": "some-ldap-reva-password", + // idp ldap + "IDM_IDPSVC_PASSWORD": "some-ldap-idp-password", + "IDP_LDAP_BIND_PASSWORD": "some-ldap-idp-password", + // admin user default password + "IDM_ADMIN_PASSWORD": "admin", // demo users - "ACCOUNTS_DEMO_USERS_AND_GROUPS": "true", - "IDM_CREATE_DEMO_USERS": "true" + "IDM_CREATE_DEMO_USERS": "true", // OCIS_RUN_EXTENSIONS allows to start a subset of extensions even in the supervised mode //"OCIS_RUN_EXTENSIONS": "settings,storage-metadata,glauth,graph,graph-explorer,idp,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,accounts,proxy,ocdav", } diff --git a/extensions/thumbnails/pkg/config/config.go b/extensions/thumbnails/pkg/config/config.go index 88d785d774..4e65f12e82 100644 --- a/extensions/thumbnails/pkg/config/config.go +++ b/extensions/thumbnails/pkg/config/config.go @@ -42,6 +42,6 @@ type Thumbnail struct { CS3AllowInsecure bool `yaml:"cs3_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY"` //TODO: use REVA config FontMapFile string `yaml:"font_map_file" env:"THUMBNAILS_TXT_FONTMAP_FILE"` - TransferSecret string `yaml:"transfer_secret" env:"THUMBNAILS_TRANSFER_TOKEN"` + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_TOKEN;THUMBNAILS_TRANSFER_TOKEN"` DataEndpoint string `yaml:"data_endpoint" env:"THUMBNAILS_DATA_ENDPOINT"` } diff --git a/extensions/thumbnails/pkg/config/parser/parse.go b/extensions/thumbnails/pkg/config/parser/parse.go index 348e87d1a1..625705dd54 100644 --- a/extensions/thumbnails/pkg/config/parser/parse.go +++ b/extensions/thumbnails/pkg/config/parser/parse.go @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { - if cfg.TransferSecret == "" { + if cfg.Thumbnail.TransferSecret == "" { return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index eddd2bbd2a..8840b59c77 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -71,7 +71,7 @@ type Config struct { Registry string `yaml:"registry"` TokenManager *shared.TokenManager `yaml:"token_manager"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` - TransferSecret string `yaml:"transfer_secret"` + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` Runtime Runtime `yaml:"runtime"` Audit *audit.Config `yaml:"audit"` diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index 0f6b6ba198..f9d0a7c7b7 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -18,7 +18,7 @@ func ParseConfig(cfg *config.Config) error { return err } - EnsureDefaultsAndCommons(cfg) + EnsureDefaults(cfg) // load all env variables relevant to the config in the current context. if err := envdecode.Decode(cfg); err != nil { @@ -28,12 +28,27 @@ func ParseConfig(cfg *config.Config) error { } } + EnsureCommons(cfg) + return Validate(cfg) } -// EnsureDefaultsAndCommons copies applicable parts of the oCIS config into the commons part -// and also ensure that all pointers in the oCIS config (not the extensions configs) are initialized -func EnsureDefaultsAndCommons(cfg *config.Config) { +// EnsureDefaults, ensures that all pointers in the +// oCIS config (not the extensions configs) are initialized +func EnsureDefaults(cfg *config.Config) { + if cfg.Tracing == nil { + cfg.Tracing = &shared.Tracing{} + } + if cfg.Log == nil { + cfg.Log = &shared.Log{} + } + if cfg.TokenManager == nil { + cfg.TokenManager = &shared.TokenManager{} + } +} + +// EnsureCommons copies applicable parts of the oCIS config into the commons part +func EnsureCommons(cfg *config.Config) { // ensure the commons part is initialized if cfg.Commons == nil { cfg.Commons = &shared.Commons{} @@ -49,7 +64,6 @@ func EnsureDefaultsAndCommons(cfg *config.Config) { } } else { cfg.Commons.Log = &shared.Log{} - cfg.Log = &shared.Log{} } // copy tracing to the commons part if set @@ -62,7 +76,6 @@ func EnsureDefaultsAndCommons(cfg *config.Config) { } } else { cfg.Commons.Tracing = &shared.Tracing{} - cfg.Tracing = &shared.Tracing{} } // copy token manager to the commons part if set @@ -70,7 +83,6 @@ func EnsureDefaultsAndCommons(cfg *config.Config) { cfg.Commons.TokenManager = cfg.TokenManager } else { cfg.Commons.TokenManager = &shared.TokenManager{} - cfg.TokenManager = cfg.Commons.TokenManager } // copy machine auth api key to the commons part if set From 20f916ca345707b8fc7eaecb2700a9b511cefeac Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 16:31:40 +0200 Subject: [PATCH 33/99] run `ocis init` in CI --- .drone.star | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/.drone.star b/.drone.star index ff5aad4eaa..22f342908d 100644 --- a/.drone.star +++ b/.drone.star @@ -1680,6 +1680,7 @@ def ocisServerWithAccounts(storage, accounts_hash_difficulty = 4, volumes = [], "detach": True, "environment": environment, "commands": [ + "ocis/bin/ocis init --insecure true", "ocis/bin/ocis server", ], "volumes": volumes, @@ -1700,8 +1701,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = user = "0:0" environment = { "OCIS_URL": "https://ocis-server:9200", - "GATEWAY_GRPC_ADDR": "0.0.0.0:9142", - "STORAGE_HOME_DRIVER": "%s" % (storage), + "GATEWAY_GRPC_ADDR": "0.0.0.0:9142", # cs3api-validator needs the cs3api gatway exposed "STORAGE_USERS_DRIVER": "%s" % (storage), "STORAGE_USERS_DRIVER_LOCAL_ROOT": "/srv/app/tmp/ocis/local/root", "STORAGE_USERS_DRIVER_OCIS_ROOT": "/srv/app/tmp/ocis/storage/users", @@ -1712,8 +1712,8 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "IDP_IDENTIFIER_REGISTRATION_CONF": "/drone/src/tests/config/drone/identifier-registration.yml", "OCIS_LOG_LEVEL": "error", "SETTINGS_DATA_PATH": "/srv/app/tmp/ocis/settings", - "OCIS_INSECURE": "true", "IDM_CREATE_DEMO_USERS": True, + "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` } wait_for_ocis = { "name": "wait-for-ocis-server", @@ -1782,24 +1782,16 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "SHARING_USER_SQL_HOST": "oc10-db", "SHARING_USER_SQL_PORT": 3306, "SHARING_USER_SQL_NAME": "owncloud", - # ownCloud storage readonly - # TODO: conflict with OWNCLOUDSQL -> https://github.com/owncloud/ocis/issues/2303 - "OCIS_STORAGE_READ_ONLY": "false", # General oCIS config # OCIS_RUN_EXTENSIONS specifies to start all extensions except glauth, idp and accounts. These are replaced by external services "OCIS_RUN_EXTENSIONS": "settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,nats,ocdav", "OCIS_LOG_LEVEL": "info", "OCIS_URL": OCIS_URL, - "PROXY_TLS": "true", "OCIS_BASE_DATA_PATH": "/mnt/data/ocis", "OCIS_CONFIG_DIR": "/etc/ocis", - # change default secrets - "OCIS_JWT_SECRET": "Pive-Fumkiu4", - "STORAGE_TRANSFER_SECRET": "replace-me-with-a-transfer-secret", - "OCIS_MACHINE_AUTH_API_KEY": "change-me-please", - "OCIS_INSECURE": "true", "PROXY_ENABLE_BASIC_AUTH": "true", "IDM_CREATE_DEMO_USERS": True, + "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` } wait_for_ocis = { "name": "wait-for-ocis-server", @@ -1825,6 +1817,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "environment": environment, "user": user, "commands": [ + "ocis/bin/ocis init --insecure true", "ocis/bin/ocis server", ], "volumes": volumes, From 9860f798bf8c9711dfdbffcdbb9ac58778c6b90d Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 16:40:22 +0200 Subject: [PATCH 34/99] revert go.mod changes --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 43f90296c2..1d2dd308ec 100644 --- a/go.mod +++ b/go.mod @@ -79,7 +79,6 @@ require ( google.golang.org/grpc v1.46.0 google.golang.org/protobuf v1.28.0 gopkg.in/yaml.v2 v2.4.0 - gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b gotest.tools/v3 v3.1.0 stash.kopano.io/kgol/rndm v1.1.1 ) @@ -268,6 +267,7 @@ require ( gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect + gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect stash.kopano.io/kgol/kcc-go/v5 v5.0.1 // indirect stash.kopano.io/kgol/oidc-go v0.3.2 // indirect ) From 9e31bc0c1b62fa8717eceedc4565134b7a0a31e2 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 16:44:22 +0200 Subject: [PATCH 35/99] revert Web json config struct omitempty tags --- extensions/web/pkg/config/config.go | 30 ++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/extensions/web/pkg/config/config.go b/extensions/web/pkg/config/config.go index 3c403d0bad..dbc7feee05 100644 --- a/extensions/web/pkg/config/config.go +++ b/extensions/web/pkg/config/config.go @@ -32,22 +32,22 @@ type Asset struct { // WebConfig defines the available web configuration for a dynamically rendered config.json. type WebConfig struct { - Server string `json:"server" yaml:"server" env:"OCIS_URL;WEB_UI_CONFIG_SERVER"` - Theme string `json:"theme" yaml:"theme" env:""` - Version string `json:"version" yaml:"version" env:"WEB_UI_CONFIG_VERSION"` - OpenIDConnect OIDC `json:"openIdConnect" yaml:"oids"` + Server string `json:"server,omitempty" yaml:"server" env:"OCIS_URL;WEB_UI_CONFIG_SERVER"` + Theme string `json:"theme,omitempty" yaml:"theme" env:""` + Version string `json:"version,omitempty" yaml:"version" env:"WEB_UI_CONFIG_VERSION"` + OpenIDConnect OIDC `json:"openIdConnect,omitempty" yaml:"oids"` Apps []string `json:"apps" yaml:"apps"` - ExternalApps []ExternalApp `json:"external_apps" yaml:"external_apps"` - Options map[string]interface{} `json:"options" yaml:"options"` + ExternalApps []ExternalApp `json:"external_apps,omitempty" yaml:"external_apps"` + Options map[string]interface{} `json:"options,omitempty" yaml:"options"` } // OIDC defines the available oidc configuration type OIDC struct { - MetadataURL string `json:"metadata_url" yaml:"metadata_url" env:"WEB_OIDC_METADATA_URL"` - Authority string `json:"authority" yaml:"authority" env:"OCIS_URL;WEB_OIDC_AUTHORITY"` - ClientID string `json:"client_id" yaml:"client_id" env:"WEB_OIDC_CLIENT_ID"` - ResponseType string `json:"response_type" yaml:"response_type" env:"WEB_OIDC_RESPONSE_TYPE"` - Scope string `json:"scope" yaml:"scope" env:"WEB_OIDC_SCOPE"` + MetadataURL string `json:"metadata_url,omitempty" yaml:"metadata_url" env:"WEB_OIDC_METADATA_URL"` + Authority string `json:"authority,omitempty" yaml:"authority" env:"OCIS_URL;WEB_OIDC_AUTHORITY"` + ClientID string `json:"client_id,omitempty" yaml:"client_id" env:"WEB_OIDC_CLIENT_ID"` + ResponseType string `json:"response_type,omitempty" yaml:"response_type" env:"WEB_OIDC_RESPONSE_TYPE"` + Scope string `json:"scope,omitempty" yaml:"scope" env:"WEB_OIDC_SCOPE"` } // ExternalApp defines an external web app. @@ -59,15 +59,15 @@ type OIDC struct { // } // } type ExternalApp struct { - ID string `json:"id" yaml:"id"` - Path string `json:"path" yaml:"path"` + ID string `json:"id,omitempty" yaml:"id"` + Path string `json:"path,omitempty" yaml:"path"` // Config is completely dynamic, because it depends on the extension - Config map[string]interface{} `json:"config" yaml:"config"` + Config map[string]interface{} `json:"config,omitempty" yaml:"config"` } // ExternalAppConfig defines an external web app configuration. type ExternalAppConfig struct { - URL string `json:"url" yaml:"url" env:""` + URL string `json:"url,omitempty" yaml:"url" env:""` } // Web defines the available web configuration. From 25254140acfcf8cce7713b728a86139e1d1af851 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 16:47:05 +0200 Subject: [PATCH 36/99] fix .drone.star formatting --- .drone.star | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.drone.star b/.drone.star index 22f342908d..d13f9e93d9 100644 --- a/.drone.star +++ b/.drone.star @@ -1701,7 +1701,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = user = "0:0" environment = { "OCIS_URL": "https://ocis-server:9200", - "GATEWAY_GRPC_ADDR": "0.0.0.0:9142", # cs3api-validator needs the cs3api gatway exposed + "GATEWAY_GRPC_ADDR": "0.0.0.0:9142", # cs3api-validator needs the cs3api gatway exposed "STORAGE_USERS_DRIVER": "%s" % (storage), "STORAGE_USERS_DRIVER_LOCAL_ROOT": "/srv/app/tmp/ocis/local/root", "STORAGE_USERS_DRIVER_OCIS_ROOT": "/srv/app/tmp/ocis/storage/users", @@ -1713,7 +1713,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "OCIS_LOG_LEVEL": "error", "SETTINGS_DATA_PATH": "/srv/app/tmp/ocis/settings", "IDM_CREATE_DEMO_USERS": True, - "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` + "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` } wait_for_ocis = { "name": "wait-for-ocis-server", @@ -1791,7 +1791,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "OCIS_CONFIG_DIR": "/etc/ocis", "PROXY_ENABLE_BASIC_AUTH": "true", "IDM_CREATE_DEMO_USERS": True, - "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` + "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` } wait_for_ocis = { "name": "wait-for-ocis-server", From e582b609b5712f5069c0761adfdbd06bbcc84ef5 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 17:20:10 +0200 Subject: [PATCH 37/99] fix startup with `ocis init` --- extensions/auth-basic/pkg/config/config.go | 2 +- extensions/group/pkg/config/config.go | 2 +- extensions/idp/pkg/config/defaults/defaultconfig.go | 2 +- extensions/user/pkg/config/config.go | 2 +- ocis/pkg/init/init.go | 12 ++++++------ 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 3357d76b51..2632ac9b16 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -64,7 +64,7 @@ type LDAPProvider struct { CACert string `env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` Insecure bool `env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` BindDN string `env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` + BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` UserBaseDN string `env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` UserScope string `env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index 9588f87672..415db0255e 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -65,7 +65,7 @@ type LDAPDriver struct { CACert string `env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` Insecure bool `env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` BindDN string `env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` + BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` UserBaseDN string `env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` UserScope string `env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` diff --git a/extensions/idp/pkg/config/defaults/defaultconfig.go b/extensions/idp/pkg/config/defaults/defaultconfig.go index 23c9def14c..8bd508ab1c 100644 --- a/extensions/idp/pkg/config/defaults/defaultconfig.go +++ b/extensions/idp/pkg/config/defaults/defaultconfig.go @@ -69,7 +69,7 @@ func DefaultConfig() *config.Config { URI: "ldaps://localhost:9235", TLSCACert: path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"), BindDN: "uid=idp,ou=sysusers,o=libregraph-idm", - BindPassword: "idp", + BindPassword: "", BaseDN: "ou=users,o=libregraph-idm", Scope: "sub", LoginAttribute: "uid", diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index d09b7bb4dc..41cc0ab6e6 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -65,7 +65,7 @@ type LDAPDriver struct { CACert string `env:"LDAP_CACERT;USERS_LDAP_CACERT"` Insecure bool `env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` BindDN string `env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` + BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` UserBaseDN string `env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` UserScope string `env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index 22a7940061..7aae4e6bd9 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -33,7 +33,7 @@ type DataProviderInsecureSettings struct { } type LdapSettings struct { - Bindpassword string + Bind_password string } type LdapBasedExtension struct { Ldap LdapSettings @@ -193,34 +193,34 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { }, Idp: LdapBasedExtension{ Ldap: LdapSettings{ - Bindpassword: idpServicePassword, + Bind_password: idpServicePassword, }, }, Auth_basic: AuthbasicExtension{ Auth_providers: LdapBasedExtension{ Ldap: LdapSettings{ - Bindpassword: revaServicePassword, + Bind_password: revaServicePassword, }, }, }, Group: UserAndGroupExtension{ Drivers: LdapBasedExtension{ Ldap: LdapSettings{ - Bindpassword: revaServicePassword, + Bind_password: revaServicePassword, }, }, }, User: UserAndGroupExtension{ Drivers: LdapBasedExtension{ Ldap: LdapSettings{ - Bindpassword: revaServicePassword, + Bind_password: revaServicePassword, }, }, }, Graph: GraphExtension{ Identity: LdapBasedExtension{ Ldap: LdapSettings{ - Bindpassword: idmServicePassword, + Bind_password: idmServicePassword, }, }, }, From afa8ca8246229f9b58450bb564b2a9356dcfb78a Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 17:38:07 +0200 Subject: [PATCH 38/99] use FullDefaultConfig in example config generator and remove leftover --- docs/helpers/example-config-generator.go.tmpl | 3 +-- .../accounts/cmd/helper/defaultconfig/main.go | 27 ------------------- .../pkg/config/defaults/defaultconfig.go | 7 +++++ 3 files changed, 8 insertions(+), 29 deletions(-) delete mode 100644 extensions/accounts/cmd/helper/defaultconfig/main.go diff --git a/docs/helpers/example-config-generator.go.tmpl b/docs/helpers/example-config-generator.go.tmpl index 6e40721c1c..1c63e1fd32 100644 --- a/docs/helpers/example-config-generator.go.tmpl +++ b/docs/helpers/example-config-generator.go.tmpl @@ -22,7 +22,7 @@ func main() { {{- range $key, $value := .}} replacer.Replace("{{$value}}"): func() string { fmt.Println("Generating example YAML config for {{ $value -}}") - c := pkg{{$key}}.DefaultConfig() + c := pkg{{$key}}.FullDefaultConfig() pkg{{$key}}.EnsureDefaults(c) pkg{{$key}}.Sanitize(c) yml, err := yaml.Marshal(c) @@ -50,4 +50,3 @@ func main() { } } } - diff --git a/extensions/accounts/cmd/helper/defaultconfig/main.go b/extensions/accounts/cmd/helper/defaultconfig/main.go deleted file mode 100644 index f60d1525d1..0000000000 --- a/extensions/accounts/cmd/helper/defaultconfig/main.go +++ /dev/null @@ -1,27 +0,0 @@ -package main - -import ( - "fmt" - - accountsdefaults "github.com/owncloud/ocis/extensions/accounts/pkg/config/defaults" - idpdefaults "github.com/owncloud/ocis/extensions/idp/pkg/config/defaults" - "gopkg.in/yaml.v2" -) - -func main() { - - fn1 := accountsdefaults.FullDefaultConfig - fn2 := idpdefaults.FullDefaultConfig - - b, err := yaml.Marshal(fn1()) - if err != nil { - return - } - fmt.Println(string(b)) - - b, err = yaml.Marshal(fn2()) - if err != nil { - return - } - fmt.Println(string(b)) -} diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 61c91de93d..e5dadbd579 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -8,6 +8,13 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/defaults" ) +func FullDefaultConfig() *config.Config { + cfg := DefaultConfig() + EnsureDefaults(cfg) + Sanitize(cfg) + return cfg +} + func DefaultConfig() *config.Config { return &config.Config{ Debug: config.Debug{ From 703a333ff0f1319bfcc1e0f3d835fe92a063cc54 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 08:07:52 +0200 Subject: [PATCH 39/99] fix settings machine auth api key --- extensions/settings/pkg/config/defaults/defaultconfig.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index a1eeb3c9a9..c787af7bd3 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -91,7 +91,7 @@ func EnsureDefaults(cfg *config.Config) { } if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { - cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + cfg.Metadata.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey } } From 293dbac7b3e54402dd6f55b3170b23ae6d28b917 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 08:28:04 +0200 Subject: [PATCH 40/99] remove underscores from variable names and use yaml tags instead --- ocis/pkg/init/init.go | 104 +++++++++++++++++++++++------------------- 1 file changed, 58 insertions(+), 46 deletions(-) diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index 7aae4e6bd9..e148fb53bf 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -17,7 +17,7 @@ const configFilename string = "ocis.yaml" // TODO: use also a constant for readi const passwordLength int = 32 type TokenManager struct { - JWT_Secret string + JWTSecret string `yaml:"jwt_secret"` } type InsecureExtension struct { @@ -45,29 +45,29 @@ type GraphExtension struct { } type ServiceUserPasswordsSettings struct { - Admin_password string - Idm_password string - Reva_password string - Idp_password string + AdminPassword string `yaml:"admin_password"` + IdmPassword string `yaml:"idm_password"` + RevaPassword string `yaml:"reva_password"` + IdpPassword string `yaml:"idp_password"` } type IdmExtension struct { - Service_user_Passwords ServiceUserPasswordsSettings + ServiceUserPasswords ServiceUserPasswordsSettings `yaml:"service_user_passwords"` } type FrontendExtension struct { - Archiver InsecureExtension - App_provider InsecureExtension + Archiver InsecureExtension + AppProvider InsecureExtension `yaml:"app_provider"` } type AuthbasicExtension struct { - Auth_providers LdapBasedExtension + AuthProviders LdapBasedExtension `yaml:"auth_providers"` } type AuthProviderSettings struct { Oidc InsecureExtension } type AuthbearerExtension struct { - Auth_providers AuthProviderSettings + AuthProviders AuthProviderSettings `yaml:"auth_providers"` } type UserAndGroupExtension struct { @@ -75,31 +75,43 @@ type UserAndGroupExtension struct { } type ThumbnailSettings struct { - Webdav_allow_insecure bool - Cs3_allow_insecure bool + WebdavAllowInsecure bool `yaml:"webdav_allow_insecure"` + Cs3AllowInsecure bool `yaml:"cs3_allow_insecure"` } type ThumbNailExtension struct { Thumbnail ThumbnailSettings } +// TODO: use the oCIS config struct instead of this custom struct +// We can't use it right now, because it would need "omitempty" on +// all elements, in order to produce a slim config file with `ocis init`. +// We can't just add these "omitempty" tags, since we want to generate +// full example configuration files with that struct, too. +// Proposed solution to get rid of this temporary solution: +// - use the oCIS config struct +// - set the needed values like below +// - marshal it to yaml +// - unmarshal it into yaml.Node +// - recurse through the nodes and delete empty / default ones +// - marshal it to yaml type OcisConfig struct { - Token_manager TokenManager - Machine_auth_api_key string - Transfer_secret string - Graph GraphExtension - Idp LdapBasedExtension - Idm IdmExtension - Proxy InsecureProxyExtension - Frontend FrontendExtension - Auth_basic AuthbasicExtension - Auth_bearer AuthbearerExtension - User UserAndGroupExtension - Group UserAndGroupExtension - Storage_metadata DataProviderInsecureSettings - Storage_users DataProviderInsecureSettings - Ocdav InsecureExtension - Thumbnails ThumbNailExtension + TokenManager TokenManager `yaml:"token_manager"` + MachineAuthApiKey string `yaml:"machine_auth_api_key"` + TransferSecret string `yaml:"transfer_secret"` + Graph GraphExtension + Idp LdapBasedExtension + Idm IdmExtension + Proxy InsecureProxyExtension + Frontend FrontendExtension + AuthBasic AuthbasicExtension `yaml:"auth_basic"` + AuthBearer AuthbearerExtension `yaml:"auth_bearer"` + User UserAndGroupExtension + Group UserAndGroupExtension + StorageMetadata DataProviderInsecureSettings `yaml:"storage_metadata"` + StorageUsers DataProviderInsecureSettings `yaml:"storage_users"` + Ocdav InsecureExtension + Thumbnails ThumbNailExtension } func checkConfigPath(configPath string) error { @@ -178,17 +190,17 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { } cfg := OcisConfig{ - Token_manager: TokenManager{ - JWT_Secret: tokenManagerJwtSecret, + TokenManager: TokenManager{ + JWTSecret: tokenManagerJwtSecret, }, - Machine_auth_api_key: machineAuthApiKey, - Transfer_secret: revaTransferSecret, + MachineAuthApiKey: machineAuthApiKey, + TransferSecret: revaTransferSecret, Idm: IdmExtension{ - Service_user_Passwords: ServiceUserPasswordsSettings{ - Admin_password: ocisAdminServicePassword, - Idp_password: idpServicePassword, - Reva_password: revaServicePassword, - Idm_password: idmServicePassword, + ServiceUserPasswords: ServiceUserPasswordsSettings{ + AdminPassword: ocisAdminServicePassword, + IdpPassword: idpServicePassword, + RevaPassword: revaServicePassword, + IdmPassword: idmServicePassword, }, }, Idp: LdapBasedExtension{ @@ -196,8 +208,8 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { Bind_password: idpServicePassword, }, }, - Auth_basic: AuthbasicExtension{ - Auth_providers: LdapBasedExtension{ + AuthBasic: AuthbasicExtension{ + AuthProviders: LdapBasedExtension{ Ldap: LdapSettings{ Bind_password: revaServicePassword, }, @@ -227,15 +239,15 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { } if insecure { - cfg.Auth_bearer = AuthbearerExtension{ - Auth_providers: AuthProviderSettings{ + cfg.AuthBearer = AuthbearerExtension{ + AuthProviders: AuthProviderSettings{ Oidc: InsecureExtension{ Insecure: true, }, }, } cfg.Frontend = FrontendExtension{ - App_provider: InsecureExtension{ + AppProvider: InsecureExtension{ Insecure: true, }, Archiver: InsecureExtension{ @@ -251,16 +263,16 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { cfg.Proxy = InsecureProxyExtension{ Insecure_backends: true, } - cfg.Storage_metadata = DataProviderInsecureSettings{ + cfg.StorageMetadata = DataProviderInsecureSettings{ Data_provider_insecure: true, } - cfg.Storage_users = DataProviderInsecureSettings{ + cfg.StorageUsers = DataProviderInsecureSettings{ Data_provider_insecure: true, } cfg.Thumbnails = ThumbNailExtension{ Thumbnail: ThumbnailSettings{ - Webdav_allow_insecure: true, - Cs3_allow_insecure: true, + WebdavAllowInsecure: true, + Cs3AllowInsecure: true, }, } } From 1c2a67f9b7ee2abfc56e8b72e2089515cc60eda6 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 09:03:34 +0200 Subject: [PATCH 41/99] fix machine auth api key for frontend --- extensions/frontend/pkg/command/command.go | 2 +- extensions/frontend/pkg/config/config.go | 10 +++------- .../frontend/pkg/config/defaults/defaultconfig.go | 5 +++++ 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/extensions/frontend/pkg/command/command.go b/extensions/frontend/pkg/command/command.go index f3fc88c2c1..7f13a19152 100644 --- a/extensions/frontend/pkg/command/command.go +++ b/extensions/frontend/pkg/command/command.go @@ -207,7 +207,7 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s "resource_info_cache_ttl": cfg.OCS.ResourceInfoCacheTTL, "prefix": cfg.OCS.Prefix, "additional_info_attribute": cfg.OCS.AdditionalInfoAttribute, - "machine_auth_apikey": cfg.AuthMachine.APIKey, + "machine_auth_apikey": cfg.MachineAuthAPIKey, "cache_warmup_driver": cfg.OCS.CacheWarmupDriver, "cache_warmup_drivers": map[string]interface{}{ "cbox": map[string]interface{}{ diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index c358cbd781..7006febe77 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -16,8 +16,9 @@ type Config struct { TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` - TokenManager *TokenManager `yaml:"token_manager"` - Reva *Reva `yaml:"reva"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;FRONTEND_MACHINE_AUTH_API_KEY"` SkipUserGroupsInToken bool `yaml:"skip_users_groups_in_token"` @@ -33,7 +34,6 @@ type Config struct { AppProvider AppProvider `yaml:"app_provider"` DataGateway DataGateway `yaml:"data_gateway"` OCS OCS `yaml:"ocs"` - AuthMachine AuthMachine `yaml:"auth_machine"` Checksums Checksums `yaml:"checksums"` Middleware Middleware `yaml:"middleware"` @@ -124,10 +124,6 @@ type CBOXDriver struct { Namespace string } -type AuthMachine struct { - APIKey string `env:"OCIS_MACHINE_AUTH_API_KEY"` -} - type Checksums struct { SupportedTypes []string `yaml:"supported_types"` PreferredUploadType string `yaml:"preferred_upload_type"` diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 95256201f2..11f7958f1f 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -112,6 +112,11 @@ func EnsureDefaults(cfg *config.Config) { if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.TransferSecret = cfg.Commons.TransferSecret } + + if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } + } func Sanitize(cfg *config.Config) { From 767845d90a5caf6b236c9fdcef76d3f5dcd669fc Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 29 Apr 2022 09:25:46 +0200 Subject: [PATCH 42/99] fix force overwrite bug Signed-off-by: Christian Richter --- ocis/pkg/init/init.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index e148fb53bf..61192a5665 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -143,16 +143,15 @@ func backupOcisConfigFile(configPath string) (string, error) { } func CreateConfig(insecure, forceOverwrite bool, configPath string) error { - err := checkConfigPath(configPath) targetBackupConfig := "" + + err := checkConfigPath(configPath) if err != nil && !forceOverwrite { return err - } else if forceOverwrite { + } else if forceOverwrite && err != nil { targetBackupConfig, err = backupOcisConfigFile(configPath) if err != nil { return err - } else { - } } err = os.MkdirAll(configPath, 0700) From 622218ef497a7483188c8ed32d298754ff5a6e5c Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 09:58:01 +0200 Subject: [PATCH 43/99] add changelog --- .bingo/Variables.mk | 2 +- .bingo/variables.env | 2 +- changelog/unreleased/change-ocis-init.md | 10 ++++++++++ 3 files changed, 12 insertions(+), 2 deletions(-) create mode 100644 changelog/unreleased/change-ocis-init.md diff --git a/.bingo/Variables.mk b/.bingo/Variables.mk index cd90d103da..c3a6f1db5b 100644 --- a/.bingo/Variables.mk +++ b/.bingo/Variables.mk @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. BINGO_DIR := $(dir $(lastword $(MAKEFILE_LIST))) GOPATH ?= $(shell go env GOPATH) diff --git a/.bingo/variables.env b/.bingo/variables.env index d64a412b02..e19cf5f1db 100644 --- a/.bingo/variables.env +++ b/.bingo/variables.env @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. # Those variables will work only until 'bingo get' was invoked, or if tools were installed via Makefile's Variables.mk. GOBIN=${GOBIN:=$(go env GOBIN)} diff --git a/changelog/unreleased/change-ocis-init.md b/changelog/unreleased/change-ocis-init.md new file mode 100644 index 0000000000..a4a81eb385 --- /dev/null +++ b/changelog/unreleased/change-ocis-init.md @@ -0,0 +1,10 @@ +Change: Introduce `ocis init` and remove all default secrets + +We've removed all default secrets. This means you can't start oCIS any longer +without setting these via environment variable or configuration file. + +In order to make this easy for you, we introduced a new command: `ocis init`. +You can run this command before starting oCIS with `ocis server` and it will +bootstrap you a configuration file for a secure oCIS instance. + +https://github.com/owncloud/ocis/pull/3551 From d86a86a8844f7e732e743f1ede3eb12f4d31c28c Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 10:56:48 +0200 Subject: [PATCH 44/99] update documentation --- .bingo/Variables.mk | 2 +- .bingo/variables.env | 2 +- docs/ocis/deployment/basic-remote-setup.md | 2 ++ docs/ocis/getting-started/_index.md | 14 +++++++++----- docs/ocis/getting-started/demo-users.md | 2 +- 5 files changed, 14 insertions(+), 8 deletions(-) diff --git a/.bingo/Variables.mk b/.bingo/Variables.mk index c3a6f1db5b..cd90d103da 100644 --- a/.bingo/Variables.mk +++ b/.bingo/Variables.mk @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. BINGO_DIR := $(dir $(lastword $(MAKEFILE_LIST))) GOPATH ?= $(shell go env GOPATH) diff --git a/.bingo/variables.env b/.bingo/variables.env index e19cf5f1db..d64a412b02 100644 --- a/.bingo/variables.env +++ b/.bingo/variables.env @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. # Those variables will work only until 'bingo get' was invoked, or if tools were installed via Makefile's Variables.mk. GOBIN=${GOBIN:=$(go env GOBIN)} diff --git a/docs/ocis/deployment/basic-remote-setup.md b/docs/ocis/deployment/basic-remote-setup.md index eaa95ac702..5dbf2b222c 100644 --- a/docs/ocis/deployment/basic-remote-setup.md +++ b/docs/ocis/deployment/basic-remote-setup.md @@ -15,6 +15,8 @@ If you need to access oCIS running in a docker container, on a VM or a remote ma ## Start the oCIS fullstack server from binary +Initialize the oCIS configuration by running `./bin/ocis init`. + Upon first start of the oCIS fullstack server with `./bin/ocis server` it will generate a directory tree skeleton in `$HOME/.ocis`. If that is already existing it will not be overwritten as it contains all relevant data for oCIS. In `$HOME/.ocis/idp` is a file `identifier-registration.yaml`. It is used to configure the built-in identity provider and therefore contains the OpenID Connect issuer and also information about relying parties, for example ownCloud Web and our desktop and mobile applications. diff --git a/docs/ocis/getting-started/_index.md b/docs/ocis/getting-started/_index.md index 0838cafdd1..84975ed28f 100644 --- a/docs/ocis/getting-started/_index.md +++ b/docs/ocis/getting-started/_index.md @@ -42,14 +42,17 @@ curl https://download.owncloud.com/ocis/ocis/stable/1.20.0/ocis-1.20.0-linux-amd # make binary executable chmod +x ocis +# initialize a minimal oCIS configuration +./ocis init + # run with demo users -OCIS_INSECURE=true ACCOUNTS_DEMO_USERS_AND_GROUPS=true ./ocis server +IDM_CREATE_DEMO_USERS=true ./ocis server ``` The default primary storage location is `~/.ocis` or `/var/lib/ocis` depending on the packaging format and your operating system user. You can change that value by configuration. {{< hint info >}} -When you're using oCIS with self-signed certificates, you need to set the environment variable `OCIS_INSECURE=true`, in order to make oCIS work. +When you're using oCIS with self-signed certificates, you need to answer the the question for certificate checking with "yes" or set the environment variable `OCIS_INSECURE=true`, in order to make oCIS work. {{< /hint >}} {{< hint warning >}} @@ -64,7 +67,8 @@ The `latest` tag always reflects the current master branch. ```console docker pull owncloud/ocis -docker run --rm -ti -p 9200:9200 -e OCIS_INSECURE=true -e ACCOUNTS_DEMO_USERS_AND_GROUPS=true owncloud/ocis +docker run --rm -it -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis owncloud/ocis init +docker run --rm -p 9200:9200 -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis -e ACCOUNTS_DEMO_USERS_AND_GROUPS=true owncloud/ocis ``` {{< hint info >}} @@ -72,11 +76,11 @@ When you're using oCIS with self-signed certificates, you need to set the enviro {{< /hint >}} {{< hint warming >}} -When you're creating the [demo users]({{< ref "./demo-users" >}}) by setting `ACCOUNTS_DEMO_USERS_AND_GROUPS=true`, you need to be sure that this instance is not used in production because the passwords are public. +When you're creating the [demo users]({{< ref "./demo-users" >}}) by setting `IDM_CREATE_DEMO_USERS=true`, you need to be sure that this instance is not used in production because the passwords are public. {{< /hint >}} {{< hint warning >}} -In order to persist your data, you need to mount a docker volume or create a host bind-mount at `/var/lib/ocis`, for example with: `-v /some/host/dir:/var/lib/ocis` +We are using named volumes for the oCIS configuration and oCIS data in the above example (`-v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis`). You could instead also use host bind-mounts instead, eg. `-v /some/host/dir:/var/lib/ocis`. You cannot use bind mounts on MacOS, since extended attributes are not supported ([owncloud/ocis#182](https://github.com/owncloud/ocis/issues/182), [moby/moby#1070](https://github.com/moby/moby/issues/1070)). {{< /hint >}} diff --git a/docs/ocis/getting-started/demo-users.md b/docs/ocis/getting-started/demo-users.md index 5eba9483f5..15179f98bd 100644 --- a/docs/ocis/getting-started/demo-users.md +++ b/docs/ocis/getting-started/demo-users.md @@ -11,7 +11,7 @@ oCIS has the option to create demo users during the first startup. These enable {{< hint info >}} To create the demo users, run the initial setup step with an additional environment variable. -`ACCOUNTS_DEMO_USERS_AND_GROUPS=true ./bin/ocis server` will generate the demo users listed in the table below. By default, it only generates the admin and one user for IDP and Reva respectively. +`IDM_CREATE_DEMO_USERS=true ./bin/ocis server` will generate the demo users listed in the table below. By default, it only generates the admin and one user for IDP and Reva respectively. {{< /hint >}} Following users are available in the demo set: From 72688b3650479fef1f3e9899a49194c89091108e Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 29 Apr 2022 11:15:13 +0200 Subject: [PATCH 45/99] move generic secret errors to shared, fix edgecase in cli flags Signed-off-by: Christian Richter --- .../auth-machine/pkg/config/parser/parse.go | 4 +-- .../frontend/pkg/config/parser/parse.go | 4 +-- extensions/gateway/pkg/config/parser/parse.go | 4 +-- .../notifications/pkg/config/parser/parse.go | 4 +-- extensions/ocs/pkg/config/parser/parse.go | 5 ++-- extensions/proxy/pkg/config/parser/parse.go | 4 +-- extensions/sharing/pkg/config/parser/parse.go | 6 ++-- extensions/storage/pkg/config/parser/parse.go | 4 +-- .../thumbnails/pkg/config/parser/parse.go | 4 +-- ocis-pkg/config/parser/parse.go | 7 ++--- ocis-pkg/shared/errors.go | 28 +++++++++++++++++++ ocis/pkg/command/init.go | 4 +-- 12 files changed, 53 insertions(+), 25 deletions(-) create mode 100644 ocis-pkg/shared/errors.go diff --git a/extensions/auth-machine/pkg/config/parser/parse.go b/extensions/auth-machine/pkg/config/parser/parse.go index feea7ec411..8b12cb8778 100644 --- a/extensions/auth-machine/pkg/config/parser/parse.go +++ b/extensions/auth-machine/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" "github.com/owncloud/ocis/extensions/auth-machine/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.AuthProviders.Machine.APIKey == "" { - return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } return nil } diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go index c71a8e5839..ffc09565fd 100644 --- a/extensions/frontend/pkg/config/parser/parse.go +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/frontend/pkg/config" "github.com/owncloud/ocis/extensions/frontend/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.TransferSecret == "" { - return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingRevaTransferSecretError(cfg.Service.Name) } return nil diff --git a/extensions/gateway/pkg/config/parser/parse.go b/extensions/gateway/pkg/config/parser/parse.go index 2a0a4e069c..237f3037d6 100644 --- a/extensions/gateway/pkg/config/parser/parse.go +++ b/extensions/gateway/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/gateway/pkg/config" "github.com/owncloud/ocis/extensions/gateway/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.TransferSecret == "" { - return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingRevaTransferSecretError(cfg.Service.Name) } return nil diff --git a/extensions/notifications/pkg/config/parser/parse.go b/extensions/notifications/pkg/config/parser/parse.go index fddb96b24b..aec6971540 100644 --- a/extensions/notifications/pkg/config/parser/parse.go +++ b/extensions/notifications/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/notifications/pkg/config" "github.com/owncloud/ocis/extensions/notifications/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.Notifications.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } return nil } diff --git a/extensions/ocs/pkg/config/parser/parse.go b/extensions/ocs/pkg/config/parser/parse.go index ce253edd19..28074ada3c 100644 --- a/extensions/ocs/pkg/config/parser/parse.go +++ b/extensions/ocs/pkg/config/parser/parse.go @@ -2,11 +2,12 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/ocs/pkg/config" "github.com/owncloud/ocis/extensions/ocs/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +36,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } return nil } diff --git a/extensions/proxy/pkg/config/parser/parse.go b/extensions/proxy/pkg/config/parser/parse.go index 5f15fb2938..22b96257ea 100644 --- a/extensions/proxy/pkg/config/parser/parse.go +++ b/extensions/proxy/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/proxy/pkg/config" "github.com/owncloud/ocis/extensions/proxy/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -34,7 +34,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } return nil diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go index 84a09cc6d0..27ccd4657d 100644 --- a/extensions/sharing/pkg/config/parser/parse.go +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/sharing/pkg/config" "github.com/owncloud/ocis/extensions/sharing/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,11 +35,11 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key for the cs3 public sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key for the cs3 user sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } return nil diff --git a/extensions/storage/pkg/config/parser/parse.go b/extensions/storage/pkg/config/parser/parse.go index bf30c761ff..5cf17d1c40 100644 --- a/extensions/storage/pkg/config/parser/parse.go +++ b/extensions/storage/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.TransferSecret == "" { - return fmt.Errorf("reva transfer secret is not set up properly, bailing out (storage)") + return shared.MissingRevaTransferSecretError(cfg.Service.Name) } return nil } diff --git a/extensions/thumbnails/pkg/config/parser/parse.go b/extensions/thumbnails/pkg/config/parser/parse.go index 625705dd54..fd2079281b 100644 --- a/extensions/thumbnails/pkg/config/parser/parse.go +++ b/extensions/thumbnails/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -36,7 +36,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.Thumbnail.TransferSecret == "" { - return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingRevaTransferSecretError(cfg.Service.Name) } return nil diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index f9d0a7c7b7..3c4939a23a 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -2,7 +2,6 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" @@ -99,15 +98,15 @@ func EnsureCommons(cfg *config.Config) { func Validate(cfg *config.Config) error { if cfg.TokenManager.JWTSecret == "" { - return fmt.Errorf("jwt secret is not set up properly, bailing out (ocis)") + return shared.MissingJWTTokenError("ocis") } if cfg.TransferSecret == "" { - return fmt.Errorf("transfer secret is not set up properly, bailing out (ocis)") + return shared.MissingRevaTransferSecretError("ocis") } if cfg.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key is not set up properly, bailing out (ocis)") + return shared.MissingMachineAuthApiKeyError("ocis") } return nil diff --git a/ocis-pkg/shared/errors.go b/ocis-pkg/shared/errors.go new file mode 100644 index 0000000000..899def9121 --- /dev/null +++ b/ocis-pkg/shared/errors.go @@ -0,0 +1,28 @@ +package shared + +import ( + "fmt" + + "github.com/owncloud/ocis/ocis-pkg/config/defaults" +) + +func MissingMachineAuthApiKeyError(service string) error { + return fmt.Errorf("machine_auth_api_key has not your config for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting OCIS_MACHINE_AUTH_API_KEY).\n", + service, defaults.BaseConfigPath()) +} + +func MissingJWTTokenError(service string) error { + return fmt.Errorf("jwt_secret has not been set properly in your config for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting OCIS_JWT_SECRET).\n", + service, defaults.BaseConfigPath()) +} + +func MissingRevaTransferSecretError(service string) error { + return fmt.Errorf("transfer_secret has not been set properly in your config for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting STORAGE_TRANSFER_SECRET).\n", + service, defaults.BaseConfigPath()) +} diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 24d82821ac..27f50b03a7 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -41,11 +41,11 @@ func InitCommand(cfg *config.Config) *cli.Command { insecureFlag := c.String("insecure") insecure := false if insecureFlag == "ask" { - answer := strings.ToLower(stringPrompt("Insecure Backends? [Yes|No]")) + answer := strings.ToLower(stringPrompt("Do want to configure oCIS with certificate checking disabled?\n This is not recommended for public instances! [yes | no = default]")) if answer == "yes" || answer == "y" { insecure = true } - } else if insecureFlag == "true" { + } else if insecureFlag == strings.ToLower("true") || insecureFlag == strings.ToLower("yes") || insecureFlag == strings.ToLower("y") { insecure = true } err := ocisinit.CreateConfig(insecure, c.Bool("force-overwrite"), c.String("config-path")) From 7b5d705d6486a639459d8354de0f3b2432e3a9f4 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 11:37:11 +0200 Subject: [PATCH 46/99] add more documentation --- docs/extensions/accounts/tests.md | 16 +++++++++------- docs/extensions/idm/setup.md | 2 +- docs/extensions/settings/tests.md | 16 +++++++++------- docs/ocis/deployment/systemd.md | 6 +++--- docs/ocis/development/testing.md | 15 +++++++++------ docs/ocis/getting-started/_index.md | 6 ++++++ docs/ocis/getting-started/demo-users.md | 16 ++++++++-------- docs/ocis/storage-backends/dcfsnfs.md | 5 ++--- 8 files changed, 47 insertions(+), 35 deletions(-) diff --git a/docs/extensions/accounts/tests.md b/docs/extensions/accounts/tests.md index 07de8e5dc3..5fdb2b5496 100644 --- a/docs/extensions/accounts/tests.md +++ b/docs/extensions/accounts/tests.md @@ -19,9 +19,10 @@ Make sure you've cloned the [web frontend repo](https://github.com/owncloud/web/ {{< hint info >}} For now, an IDP configuration file gets generated once and will fail upon changing the oCIS url as done below. To avoid any clashes, remove this file before starting the tests: -``` +```bash rm ~/.ocis/idp/identifier-registration.yaml ``` + {{< /hint >}} ### In the web repo @@ -30,7 +31,7 @@ rm ~/.ocis/idp/identifier-registration.yaml Install dependencies and bundle the frontend with a watcher by running -``` +```bash yarn && yarn build:w ``` @@ -40,7 +41,7 @@ If you skip the step above, the currently bundled frontend from the oCIS binary Start the necessary acceptance test services by using Docker (Compose): -``` +```bash docker compose up selenium middleware-ocis vnc ``` @@ -50,7 +51,7 @@ docker compose up selenium middleware-ocis vnc Navigate into the accounts service via `cd ../accounts/` and install dependencies and build the bundled accounts UI with a watcher by running -``` +```bash yarn && yarn watch ``` @@ -58,13 +59,14 @@ yarn && yarn watch Navigate into the oCIS directory inside the oCIS repository and build the oCIS binary by running -``` +```bash make clean build ``` Then, start oCIS from the binary via -``` +```bash +./bin/ocis init OCIS_URL=https://host.docker.internal:9200 OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true WEB_UI_CONFIG=../../web/dev/docker/ocis.web.config.json ./bin/ocis server ``` @@ -78,6 +80,6 @@ If you want visual feedback on the test run, visit http://host.docker.internal:6 Navigate into the accounts service via `cd ../accounts/` and start the acceptance tests by running -``` +```bash SERVER_HOST=https://host.docker.internal:9200 BACKEND_HOST=https://host.docker.internal:9200 RUN_ON_OCIS=true NODE_TLS_REJECT_UNAUTHORIZED=0 WEB_PATH=../../web WEB_UI_CONFIG=../../web/tests/drone/config-ocis.json MIDDLEWARE_HOST=http://host.docker.internal:3000 ./ui/tests/run-acceptance-test.sh ./ui/tests/acceptance/features/ ``` diff --git a/docs/extensions/idm/setup.md b/docs/extensions/idm/setup.md index 6d434dd605..23a486b7e1 100644 --- a/docs/extensions/idm/setup.md +++ b/docs/extensions/idm/setup.md @@ -45,6 +45,6 @@ export STORAGE_LDAP_BIND_DN="uid=reva,ou=sysusers,o=libregraph-idm" export STORAGE_LDAP_BIND_PASSWORD=reva export OCIS_RUN_EXTENSIONS=settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,idp,nats,idm,ocdav export OCIS_INSECURE=true +ocis init bin/ocis server ``` - diff --git a/docs/extensions/settings/tests.md b/docs/extensions/settings/tests.md index 06a4b3fb5f..b07ae58739 100644 --- a/docs/extensions/settings/tests.md +++ b/docs/extensions/settings/tests.md @@ -19,9 +19,10 @@ Make sure you've cloned the [web frontend repo](https://github.com/owncloud/web/ {{< hint info >}} For now, an IDP configuration file gets generated once and will fail upon changing the oCIS url as done below. To avoid any clashes, remove this file before starting the tests: -``` +```bash rm ~/.ocis/idp/identifier-registration.yaml ``` + {{< /hint >}} ### In the web repo @@ -30,7 +31,7 @@ rm ~/.ocis/idp/identifier-registration.yaml Install dependencies and bundle the frontend with a watcher by running -``` +```bash yarn && yarn build:w ``` @@ -40,7 +41,7 @@ If you skip the step above, the currently bundled frontend from the oCIS binary Start the necessary acceptance test services by using Docker (Compose): -``` +```bash docker compose up selenium middleware-ocis vnc ``` @@ -50,7 +51,7 @@ docker compose up selenium middleware-ocis vnc Navigate into the settings service via `cd ../settings/` and install dependencies and build the bundled settings UI with a watcher by running -``` +```bash yarn && yarn watch ``` @@ -58,13 +59,14 @@ yarn && yarn watch Navigate into the oCIS directory inside the oCIS repository and build the oCIS binary by running -``` +```bash make clean build ``` Then, start oCIS from the binary via -``` +```bash +ocis init OCIS_URL=https://host.docker.internal:9200 OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true WEB_UI_CONFIG=../../web/dev/docker/ocis.web.config.json ./bin/ocis server ``` @@ -78,6 +80,6 @@ If you want visual feedback on the test run, visit http://host.docker.internal:6 Navigate into the settings service via `cd ../settings/` and start the acceptance tests by running -``` +```bash SERVER_HOST=https://host.docker.internal:9200 BACKEND_HOST=https://host.docker.internal:9200 RUN_ON_OCIS=true NODE_TLS_REJECT_UNAUTHORIZED=0 WEB_PATH=../../web WEB_UI_CONFIG=../../web/tests/drone/config-ocis.json MIDDLEWARE_HOST=http://host.docker.internal:3000 ./ui/tests/run-acceptance-test.sh ./ui/tests/acceptance/features/ ``` diff --git a/docs/ocis/deployment/systemd.md b/docs/ocis/deployment/systemd.md index d37d380f40..f475ec2274 100644 --- a/docs/ocis/deployment/systemd.md +++ b/docs/ocis/deployment/systemd.md @@ -39,11 +39,10 @@ WantedBy=multi-user.target For reasons of simplicity we are using the root user and group to run oCIS which is not recommended. Please use a non-root user in production environments and modify the oCIS service definition accordingly. - In the service definition we referenced `/etc/ocis/ocis.env` as our file containing environment variables for the oCIS process. In order to create the file we need first to create the folder `/etc/ocis/` and then we can add the actual `/etc/ocis/ocis.env` with following content: -``` +```bash OCIS_URL=https://some-hostname-or-ip:9200 PROXY_HTTP_ADDR=0.0.0.0:9200 OCIS_INSECURE=false @@ -60,9 +59,10 @@ Please change your `OCIS_URL` in order to reflect your actual deployment. If you oCIS will store all data in `/var/lib/ocis`, because we configured it so by setting `OCIS_BASE_DATA_PATH`. Therefore you need to create that directory and make it accessible to the user, you use to start oCIS. - ## Starting the oCIS service +Initialize the oCIS configuration by running `OCIS_CONFIG_DIR=/etc/ocis ocis init`. + You can enable oCIS now by running `systemctl enable --now ocis`. It will ensure that oCIS also is restarted after a reboot of the host. If you need to restart oCIS because of configuration changes in `/etc/ocis/ocis.env`, run `systemctl restart ocis`. diff --git a/docs/ocis/development/testing.md b/docs/ocis/development/testing.md index 58270b65f1..1439e67c6c 100644 --- a/docs/ocis/development/testing.md +++ b/docs/ocis/development/testing.md @@ -89,7 +89,7 @@ We are using the ownCloud 10 acceptance test suite against oCIS. All you need to do to get the acceptance tests is check out the core repo: -``` +```bash git clone https://github.com/owncloud/core.git ``` @@ -97,7 +97,8 @@ git clone https://github.com/owncloud/core.git To start ocis: -``` +```bash +ocis init OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true bin/ocis server ``` @@ -108,12 +109,13 @@ OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true bin/ocis server First we will need to clone the testing app in owncloud which contains the skeleton files required for running the tests. In the ownCloud 10 core clone the testing app with the following command: -``` +```bash git clone https://github.com/owncloud/testing apps/testing ``` Then run the api acceptance tests with the following command from the root of the ownCloud 10 core repository: -``` + +```bash make test-acceptance-api \ TEST_SERVER_URL=https://localhost:9200 \ TEST_OCIS=true \ @@ -153,7 +155,7 @@ If you want to work on a specific issue E.g.: - ``` + ```bash make test-acceptance-api \ TEST_SERVER_URL=https://localhost:9200 \ TEST_OCIS=true \ @@ -174,7 +176,8 @@ If you want to work on a specific issue Instruction on setup is available [here](https://owncloud.dev/ocis/deployment/oc10_ocis_parallel/#local-setup) Edit the `.env` file and uncomment this line: -``` + +```bash COMPOSE_FILE=docker-compose.yml:testing/docker-compose-additions.yml ``` diff --git a/docs/ocis/getting-started/_index.md b/docs/ocis/getting-started/_index.md index 84975ed28f..288ae771d7 100644 --- a/docs/ocis/getting-started/_index.md +++ b/docs/ocis/getting-started/_index.md @@ -95,6 +95,12 @@ Open [https://localhost:9200](https://localhost:9200) and [login using one of th The oCIS single binary contains multiple extensions and the `ocis` command helps you to manage them. You already used `ocis server` to run all available extensions in the [Run oCIS]({{< ref "#run-ocis" >}}) section. We now will show you some more management commands, which you may also explore by typing `ocis --help` or going to the [docs]({{< ref "../config" >}}). +To initialize the oCIS configuration: + +{{< highlight txt >}} +ocis init +{{< / highlight >}} + To start oCIS server: {{< highlight txt >}} diff --git a/docs/ocis/getting-started/demo-users.md b/docs/ocis/getting-started/demo-users.md index 15179f98bd..470a1ed39d 100644 --- a/docs/ocis/getting-started/demo-users.md +++ b/docs/ocis/getting-started/demo-users.md @@ -16,13 +16,13 @@ To create the demo users, run the initial setup step with an additional environm Following users are available in the demo set: -| username | password | email | role | groups | -| --------- | ------------- | --------------------- | ----------- | ----------------------------------------------------------------------- | -| admin | admin | admin@example.org | admin | users | -| einstein | relativity | einstein@example.org | user | users, philosophy-haters, physics-lovers, sailing-lovers, violin-haters | -| marie | radioactivity | marie@example.org | user | users, physics-lovers, polonium-lovers, radium-lovers | -| moss | vista | moss@example.org | admin | users | -| richard | superfluidity | richard@example.org | user | users, philosophy-haters, physics-lovers, quantum-lovers | -| katherine | gemini | katherine@example.org | space admin | users, sailing-lovers, physics-lovers, quantum-lovers | +| username | password | email | role | groups | +| --------- | ----------------------------------------- | --------------------- | ----------- | ----------------------------------------------------------------------- | +| admin | admin or the one generated by `ocis init` | admin@example.org | admin | users | +| einstein | relativity | einstein@example.org | user | users, philosophy-haters, physics-lovers, sailing-lovers, violin-haters | +| marie | radioactivity | marie@example.org | user | users, physics-lovers, polonium-lovers, radium-lovers | +| moss | vista | moss@example.org | admin | users | +| richard | superfluidity | richard@example.org | user | users, philosophy-haters, physics-lovers, quantum-lovers | +| katherine | gemini | katherine@example.org | space admin | users, sailing-lovers, physics-lovers, quantum-lovers | You may also want to run oCIS with only your custom users by [deleting the demo users]({{< ref "../deployment#delete-demo-users" >}}). diff --git a/docs/ocis/storage-backends/dcfsnfs.md b/docs/ocis/storage-backends/dcfsnfs.md index 07e68fbf43..6ef13be37a 100644 --- a/docs/ocis/storage-backends/dcfsnfs.md +++ b/docs/ocis/storage-backends/dcfsnfs.md @@ -53,12 +53,11 @@ The oCIS server can be instructed to set up the decomposed FS at a certain path The test setup started an oCIS tech preview single binary release using this start command: -``` +```bash +ocis init OCIS_BASE_DATA_PATH=/mnt/ocisdata/ OCIS_LOG_LEVEL=debug OCIS_INSECURE=true PROXY_HTTP_ADDR=0.0.0.0:9200 OCIS_URL=https://hostname:9200 ./ocis-1.18.0-linux-amd64 server ``` This starts oCIS and a decomposed FS skeleton file system structure is set up on the NFS share. The oCIS instance is passing a smoke test. - - From bc6cd9141d767388235c175e34f8baf48408e8b5 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 29 Apr 2022 11:55:56 +0200 Subject: [PATCH 47/99] [WIP] add missing secret checks Signed-off-by: Christian Richter --- extensions/accounts/pkg/config/parser/parse.go | 4 ++++ .../appprovider/pkg/config/defaults/defaultconfig.go | 9 +++++++++ extensions/auth-basic/pkg/config/parser/parse.go | 8 ++++++++ ocis-pkg/shared/errors.go | 7 +++++++ 4 files changed, 28 insertions(+) diff --git a/extensions/accounts/pkg/config/parser/parse.go b/extensions/accounts/pkg/config/parser/parse.go index 514de074f7..69ee34934e 100644 --- a/extensions/accounts/pkg/config/parser/parse.go +++ b/extensions/accounts/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/accounts/pkg/config" defaults "github.com/owncloud/ocis/extensions/accounts/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,8 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } return nil } diff --git a/extensions/appprovider/pkg/config/defaults/defaultconfig.go b/extensions/appprovider/pkg/config/defaults/defaultconfig.go index c42cfa27ef..978c6d2edb 100644 --- a/extensions/appprovider/pkg/config/defaults/defaultconfig.go +++ b/extensions/appprovider/pkg/config/defaults/defaultconfig.go @@ -2,6 +2,7 @@ package defaults import ( "github.com/owncloud/ocis/extensions/appprovider/pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -80,3 +81,11 @@ func EnsureDefaults(cfg *config.Config) { func Sanitize(cfg *config.Config) { // nothing to sanitize here atm } + +func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + return nil +} diff --git a/extensions/auth-basic/pkg/config/parser/parse.go b/extensions/auth-basic/pkg/config/parser/parse.go index f24e99c95b..ed21b39871 100644 --- a/extensions/auth-basic/pkg/config/parser/parse.go +++ b/extensions/auth-basic/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" "github.com/owncloud/ocis/extensions/auth-basic/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,12 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + if cfg.AuthProviders.LDAP.BindPassword == "" && cfg.AuthProvider == "ldap" { + return shared.MissingLDAPBindPassword(cfg.Service.Name) + } return nil } diff --git a/ocis-pkg/shared/errors.go b/ocis-pkg/shared/errors.go index 899def9121..3190edc3ad 100644 --- a/ocis-pkg/shared/errors.go +++ b/ocis-pkg/shared/errors.go @@ -26,3 +26,10 @@ func MissingRevaTransferSecretError(service string) error { "(e.g. by running ocis init or setting STORAGE_TRANSFER_SECRET).\n", service, defaults.BaseConfigPath()) } + +func MissingLDAPBindPassword(service string) error { + return fmt.Errorf("bind_password has not been set properly in your config for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting LDAP_BIND_PASSWORD).\n", + service, defaults.BaseConfigPath()) +} From 4ff313b0a57f8d860f5725bf4cbb3721e18d5c41 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 13:07:25 +0200 Subject: [PATCH 48/99] check for more secrets need to be set --- extensions/auth-basic/pkg/config/parser/parse.go | 1 + .../auth-bearer/pkg/config/parser/parse.go | 5 +++++ .../auth-machine/pkg/config/parser/parse.go | 4 ++++ extensions/frontend/pkg/config/parser/parse.go | 8 ++++++++ extensions/gateway/pkg/config/parser/parse.go | 4 ++++ extensions/graph/pkg/config/parser/parse.go | 5 +++++ extensions/group/pkg/config/parser/parse.go | 9 +++++++++ extensions/idm/pkg/config/parser/parse.go | 16 ++++++++++++++++ extensions/idp/pkg/config/parser/parse.go | 5 +++++ .../notifications/pkg/config/parser/parse.go | 1 + extensions/ocdav/pkg/config/parser/parse.go | 5 +++++ extensions/ocs/pkg/config/parser/parse.go | 5 +++++ extensions/proxy/pkg/config/parser/parse.go | 4 ++++ extensions/settings/pkg/config/parser/parse.go | 9 +++++++++ extensions/sharing/pkg/config/parser/parse.go | 8 ++++++-- .../storage-metadata/pkg/config/parser/parse.go | 5 +++++ .../pkg/config/parser/parse.go | 5 +++++ .../storage-shares/pkg/config/parser/parse.go | 5 +++++ .../storage-users/pkg/config/parser/parse.go | 5 +++++ extensions/user/pkg/config/parser/parse.go | 9 +++++++++ ocis-pkg/shared/errors.go | 15 +++++++++++---- 21 files changed, 127 insertions(+), 6 deletions(-) diff --git a/extensions/auth-basic/pkg/config/parser/parse.go b/extensions/auth-basic/pkg/config/parser/parse.go index ed21b39871..7f216546c0 100644 --- a/extensions/auth-basic/pkg/config/parser/parse.go +++ b/extensions/auth-basic/pkg/config/parser/parse.go @@ -41,5 +41,6 @@ func Validate(cfg *config.Config) error { if cfg.AuthProviders.LDAP.BindPassword == "" && cfg.AuthProvider == "ldap" { return shared.MissingLDAPBindPassword(cfg.Service.Name) } + return nil } diff --git a/extensions/auth-bearer/pkg/config/parser/parse.go b/extensions/auth-bearer/pkg/config/parser/parse.go index a521c0bfd7..b4c0f48077 100644 --- a/extensions/auth-bearer/pkg/config/parser/parse.go +++ b/extensions/auth-bearer/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/auth-machine/pkg/config/parser/parse.go b/extensions/auth-machine/pkg/config/parser/parse.go index 8b12cb8778..49f217ec09 100644 --- a/extensions/auth-machine/pkg/config/parser/parse.go +++ b/extensions/auth-machine/pkg/config/parser/parse.go @@ -34,6 +34,10 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + if cfg.AuthProviders.Machine.APIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go index ffc09565fd..3608f754a0 100644 --- a/extensions/frontend/pkg/config/parser/parse.go +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -34,9 +34,17 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + if cfg.TransferSecret == "" { return shared.MissingRevaTransferSecretError(cfg.Service.Name) } + if cfg.MachineAuthAPIKey == "" { + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) + } + return nil } diff --git a/extensions/gateway/pkg/config/parser/parse.go b/extensions/gateway/pkg/config/parser/parse.go index 237f3037d6..247b554896 100644 --- a/extensions/gateway/pkg/config/parser/parse.go +++ b/extensions/gateway/pkg/config/parser/parse.go @@ -34,6 +34,10 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + if cfg.TransferSecret == "" { return shared.MissingRevaTransferSecretError(cfg.Service.Name) } diff --git a/extensions/graph/pkg/config/parser/parse.go b/extensions/graph/pkg/config/parser/parse.go index 7c2505a3f1..32626ff0fb 100644 --- a/extensions/graph/pkg/config/parser/parse.go +++ b/extensions/graph/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/graph/pkg/config" "github.com/owncloud/ocis/extensions/graph/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/group/pkg/config/parser/parse.go b/extensions/group/pkg/config/parser/parse.go index fd858020b8..7f160b6c7b 100644 --- a/extensions/group/pkg/config/parser/parse.go +++ b/extensions/group/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/group/pkg/config" "github.com/owncloud/ocis/extensions/group/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,13 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + if cfg.Drivers.LDAP.BindPassword == "" && cfg.Driver == "ldap" { + return shared.MissingLDAPBindPassword(cfg.Service.Name) + } + return nil } diff --git a/extensions/idm/pkg/config/parser/parse.go b/extensions/idm/pkg/config/parser/parse.go index be598790da..dc515b5efa 100644 --- a/extensions/idm/pkg/config/parser/parse.go +++ b/extensions/idm/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/idm/pkg/config" "github.com/owncloud/ocis/extensions/idm/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -32,5 +33,20 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.ServiceUserPasswords.Idm == "" { + return shared.MissingServiceUserPassword(cfg.Service.Name, "IDM") + } + + if cfg.ServiceUserPasswords.OcisAdmin == "" { + return shared.MissingServiceUserPassword(cfg.Service.Name, "admin") + } + + if cfg.ServiceUserPasswords.Idp == "" { + return shared.MissingServiceUserPassword(cfg.Service.Name, "IDP") + } + if cfg.ServiceUserPasswords.Reva == "" { + return shared.MissingServiceUserPassword(cfg.Service.Name, "REVA") + } + return nil } diff --git a/extensions/idp/pkg/config/parser/parse.go b/extensions/idp/pkg/config/parser/parse.go index e285276791..f716a9a520 100644 --- a/extensions/idp/pkg/config/parser/parse.go +++ b/extensions/idp/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/idp/pkg/config" "github.com/owncloud/ocis/extensions/idp/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.Ldap.BindPassword == "" { + return shared.MissingLDAPBindPassword(cfg.Service.Name) + } + return nil } diff --git a/extensions/notifications/pkg/config/parser/parse.go b/extensions/notifications/pkg/config/parser/parse.go index aec6971540..f6ef3f71b1 100644 --- a/extensions/notifications/pkg/config/parser/parse.go +++ b/extensions/notifications/pkg/config/parser/parse.go @@ -37,5 +37,6 @@ func Validate(cfg *config.Config) error { if cfg.Notifications.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } + return nil } diff --git a/extensions/ocdav/pkg/config/parser/parse.go b/extensions/ocdav/pkg/config/parser/parse.go index 028d237a31..075f66e1c6 100644 --- a/extensions/ocdav/pkg/config/parser/parse.go +++ b/extensions/ocdav/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/ocdav/pkg/config" "github.com/owncloud/ocis/extensions/ocdav/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/ocs/pkg/config/parser/parse.go b/extensions/ocs/pkg/config/parser/parse.go index 28074ada3c..02bd765b89 100644 --- a/extensions/ocs/pkg/config/parser/parse.go +++ b/extensions/ocs/pkg/config/parser/parse.go @@ -35,8 +35,13 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + if cfg.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } + return nil } diff --git a/extensions/proxy/pkg/config/parser/parse.go b/extensions/proxy/pkg/config/parser/parse.go index 22b96257ea..b82480cbd6 100644 --- a/extensions/proxy/pkg/config/parser/parse.go +++ b/extensions/proxy/pkg/config/parser/parse.go @@ -33,6 +33,10 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + if cfg.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } diff --git a/extensions/settings/pkg/config/parser/parse.go b/extensions/settings/pkg/config/parser/parse.go index 5d8310430c..d10e1bc119 100644 --- a/extensions/settings/pkg/config/parser/parse.go +++ b/extensions/settings/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/settings/pkg/config" "github.com/owncloud/ocis/extensions/settings/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -32,5 +33,13 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + if cfg.Metadata.MachineAuthAPIKey == "" { + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) + } + return nil } diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go index 27ccd4657d..3954a46bea 100644 --- a/extensions/sharing/pkg/config/parser/parse.go +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -34,11 +34,15 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { - if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + if cfg.PublicSharingDriver == "cs3" && cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } - if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { + if cfg.UserSharingDriver == "cs3" && cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } diff --git a/extensions/storage-metadata/pkg/config/parser/parse.go b/extensions/storage-metadata/pkg/config/parser/parse.go index ca0d96dbb3..bc540e2c70 100644 --- a/extensions/storage-metadata/pkg/config/parser/parse.go +++ b/extensions/storage-metadata/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/storage-publiclink/pkg/config/parser/parse.go b/extensions/storage-publiclink/pkg/config/parser/parse.go index 0379145f73..61f8ee0332 100644 --- a/extensions/storage-publiclink/pkg/config/parser/parse.go +++ b/extensions/storage-publiclink/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config" "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/storage-shares/pkg/config/parser/parse.go b/extensions/storage-shares/pkg/config/parser/parse.go index bda808cb63..87aa343854 100644 --- a/extensions/storage-shares/pkg/config/parser/parse.go +++ b/extensions/storage-shares/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/storage-shares/pkg/config" "github.com/owncloud/ocis/extensions/storage-shares/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/storage-users/pkg/config/parser/parse.go b/extensions/storage-users/pkg/config/parser/parse.go index 55658def29..2e034ed070 100644 --- a/extensions/storage-users/pkg/config/parser/parse.go +++ b/extensions/storage-users/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/storage-users/pkg/config" "github.com/owncloud/ocis/extensions/storage-users/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/user/pkg/config/parser/parse.go b/extensions/user/pkg/config/parser/parse.go index e2e6ad69ed..0a13964f92 100644 --- a/extensions/user/pkg/config/parser/parse.go +++ b/extensions/user/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/user/pkg/config" "github.com/owncloud/ocis/extensions/user/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,13 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + if cfg.Driver == "ldap" && cfg.Drivers.LDAP.BindPassword == "" { + return shared.MissingLDAPBindPassword(cfg.Service.Name) + } + return nil } diff --git a/ocis-pkg/shared/errors.go b/ocis-pkg/shared/errors.go index 3190edc3ad..de99c6bfbf 100644 --- a/ocis-pkg/shared/errors.go +++ b/ocis-pkg/shared/errors.go @@ -9,27 +9,34 @@ import ( func MissingMachineAuthApiKeyError(service string) error { return fmt.Errorf("machine_auth_api_key has not your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting OCIS_MACHINE_AUTH_API_KEY).\n", + "(e.g. by running ocis init or setting OCIS_MACHINE_AUTH_API_KEY)", service, defaults.BaseConfigPath()) } func MissingJWTTokenError(service string) error { return fmt.Errorf("jwt_secret has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting OCIS_JWT_SECRET).\n", + "(e.g. by running ocis init or setting OCIS_JWT_SECRET)", service, defaults.BaseConfigPath()) } func MissingRevaTransferSecretError(service string) error { return fmt.Errorf("transfer_secret has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting STORAGE_TRANSFER_SECRET).\n", + "(e.g. by running ocis init or setting STORAGE_TRANSFER_SECRET)", service, defaults.BaseConfigPath()) } func MissingLDAPBindPassword(service string) error { return fmt.Errorf("bind_password has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting LDAP_BIND_PASSWORD).\n", + "(e.g. by running ocis init or setting LDAP_BIND_PASSWORD)", service, defaults.BaseConfigPath()) } + +func MissingServiceUserPassword(service, serviceUser string) error { + return fmt.Errorf("password of service user %s has not been set properly in your config for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting it via environment variable)", + serviceUser, service, defaults.BaseConfigPath()) +} From 1b68e8589c2c6ca9fc0280f58b7d0e9a2e089f2b Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 13:18:49 +0200 Subject: [PATCH 49/99] simplify secure an ocis instance section --- docs/ocis/deployment/_index.md | 37 ++----------------- docs/ocis/deployment/basic-remote-setup.md | 4 -- docs/ocis/deployment/oc10_ocis_parallel.md | 2 - docs/ocis/deployment/ocis_hello.md | 2 - .../deployment/ocis_individual_services.md | 2 - docs/ocis/deployment/ocis_keycloak.md | 2 - docs/ocis/deployment/ocis_ldap.md | 2 - docs/ocis/deployment/ocis_s3.md | 2 - docs/ocis/deployment/ocis_traefik.md | 2 - docs/ocis/deployment/ocis_wopi.md | 2 - 10 files changed, 3 insertions(+), 54 deletions(-) diff --git a/docs/ocis/deployment/_index.md b/docs/ocis/deployment/_index.md index e3fc175fda..7da501f392 100644 --- a/docs/ocis/deployment/_index.md +++ b/docs/ocis/deployment/_index.md @@ -27,38 +27,7 @@ oCIS deployments are super simple, yet there are many configurations possible fo ## Secure an oCIS instance -### Change default secrets -oCIS uses two system users which are needed for being operational: -- Reva Inter Operability Platform (bc596f3c-c955-4328-80a0-60d018b4ad57) -- Kopano IDP (820ba2a1-3f54-4538-80a4-2d73007e30bf) +oCIS no longer has any default secrets in versions later than oCIS 1.20.0. Therefore you're no +longer able to start oCIS without generating / setting all needed secrets. -Both have simple default passwords which need to be changed. Currently, changing a password is only possible on the command line. You need to run `ocis accounts update --password ` for both users. - -The new password for the Reva Inter Operability Platform user must be made available to oCIS by using the environment variable `STORAGE_LDAP_BIND_PASSWORD`. The same applies to the new Kopano IDP user password, which needs to be made available to oCIS in `IDP_LDAP_BIND_PASSWORD`. - -Furthermore, oCIS uses a shared secret to sign JWT tokens for inter service authorization, which also needs to be changed by the user. -You can change it by setting the `OCIS_JWT_SECRET` environment variable for oCIS to a random string. - -Another is used secret for singing JWT tokens for uploads and downloads, which also needs to be changed by the user. -You can change it by setting the `STORAGE_TRANSFER_SECRET` environment variable for oCIS to a random string. - -One more secret is used for machine auth, so that external applications can authenticate with an API key. -You can change it by setting the `OCIS_MACHINE_AUTH_API_KEY` environment variable for oCIS to a random string. - -### Delete demo users - -{{< hint info >}} -Before deleting the demo users mentioned below, you must create a new account for yourself and assign it to the administrator role. - -By default, oCIS doesn't create any demo users. During the first startup, it generates only the admin and one user for IDP and Reva respectively. -{{< /hint >}} - -oCIS ships with a few demo users besides the system users: -- Admin (ddc2004c-0977-11eb-9d3f-a793888cd0f8) -- Albert Einstein (4c510ada-c86b-4815-8820-42cdf82c3d51) -- Richard Feynman (932b4540-8d16-481e-8ef4-588e4b6b151c) -- Maurice Moss (058bff95-6708-4fe5-91e4-9ea3d377588b) -- Marie Curie (f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c) - -You can view them in ownCloud Web if you log in as Admin user or list them by running `ocis accounts list`. -After adding your own user it is safe to delete the demo users in the web UI or with the command `ocis accounts remove `. Please do not delete the system users (see [change default secrets]({{< ref "./#change-default-secrets" >}})) or oCIS will not function properly anymore. +The recommended way is to use `ocis init` for that. It will generate a secure config file for you. diff --git a/docs/ocis/deployment/basic-remote-setup.md b/docs/ocis/deployment/basic-remote-setup.md index 5dbf2b222c..461cb5b4b5 100644 --- a/docs/ocis/deployment/basic-remote-setup.md +++ b/docs/ocis/deployment/basic-remote-setup.md @@ -25,10 +25,6 @@ In `$HOME/.ocis/idp` is a file `identifier-registration.yaml`. It is used to con The `identifier-registration.yaml` file will only be generated if it does not exist yet. If you want to change certain environment variables like `OCIS_URL`, please delete this file first before doing so. Otherwise your changes will not be applied correctly and you will run into errors. {{< /hint >}} -{{< hint warning >}} -oCIS is currently in a Tech Preview state and is shipped with demo users. In order to secure your oCIS instances please follow following guide: [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}) -{{< /hint >}} - For the following examples you need to have the oCIS binary in your current working directory, we assume it is named `ocis` and it needs to be marked as executable. See [Getting Started]({{< ref "../getting-started/#binaries" >}}) for where to get the binary from. ### Using automatically generated certificates diff --git a/docs/ocis/deployment/oc10_ocis_parallel.md b/docs/ocis/deployment/oc10_ocis_parallel.md index d5ff6e72e4..d87f233ae5 100644 --- a/docs/ocis/deployment/oc10_ocis_parallel.md +++ b/docs/ocis/deployment/oc10_ocis_parallel.md @@ -122,8 +122,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oC10 and oCIS frontend in `CLOUD_DOMAIN=`, e.g. `CLOUD_DOMAIN=cloud.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - By default ownCloud 10 will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OC10_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). You can switch the default application of ownCloud 10 by setting`OWNCLOUD_DEFAULT_APP=files` in oder to have the classic UI as frontend, which is also the default. If you prefer ownCloud Web as the default application in ownCloud 10 just set `OWNCLOUD_DEFAULT_APP=web`. diff --git a/docs/ocis/deployment/ocis_hello.md b/docs/ocis/deployment/ocis_hello.md index afc6e441c1..312939a73a 100644 --- a/docs/ocis/deployment/ocis_hello.md +++ b/docs/ocis/deployment/ocis_hello.md @@ -95,8 +95,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - By default the oCIS Hello extension will be started in the `latest` version. If you want to start a specific version of oCIS Hello set the version to `OCIS_HELLO_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis-hello/tags?page=1&ordering=last_updated). Now you have configured everything and can save the file. diff --git a/docs/ocis/deployment/ocis_individual_services.md b/docs/ocis/deployment/ocis_individual_services.md index ab2bebe9b3..718e5291a4 100644 --- a/docs/ocis/deployment/ocis_individual_services.md +++ b/docs/ocis/deployment/ocis_individual_services.md @@ -91,8 +91,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - You also can run more than one instance of the service by setting `OCIS_SCALE` to number greater than one. Now you have configured everything and can save the file. diff --git a/docs/ocis/deployment/ocis_keycloak.md b/docs/ocis/deployment/ocis_keycloak.md index 7495f661f5..5708569e2a 100644 --- a/docs/ocis/deployment/ocis_keycloak.md +++ b/docs/ocis/deployment/ocis_keycloak.md @@ -108,8 +108,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) If you want to change the OIDC client id of th ownCloud Web frontend, you can do this by setting the name to `OCIS_OIDC_CLIENT_ID=`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - Set your domain for the Keycloak administration panel and authentication endpoints to `KEYCLOAK_DOMAIN=` e.g. `KEYCLOAK_DOMAIN=keycloak.owncloud.test`. Changing the used Keycloak realm can be done by setting `KEYCLOAK_REALM=`. This defaults to the oCIS realm `KEYCLOAK_REALM=oCIS`. The oCIS realm will be automatically imported on startup and includes our demo users. diff --git a/docs/ocis/deployment/ocis_ldap.md b/docs/ocis/deployment/ocis_ldap.md index 7b0bea3354..8ec958451a 100644 --- a/docs/ocis/deployment/ocis_ldap.md +++ b/docs/ocis/deployment/ocis_ldap.md @@ -93,8 +93,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=cloud.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - The OpenLDAP server in this example deployment has an admin users, which is also used as bind user in order to keep these examples simple. You can change the default password "admin" to a different one by setting it to `LDAP_ADMIN_PASSWORD=...`. Set your domain for the LDAP manager UI in `LDAP_MANAGER_DOMAIN=`, e.g. `ldap.owncloud.test`. diff --git a/docs/ocis/deployment/ocis_s3.md b/docs/ocis/deployment/ocis_s3.md index d98617aee6..38c2d9ddf2 100644 --- a/docs/ocis/deployment/ocis_s3.md +++ b/docs/ocis/deployment/ocis_s3.md @@ -104,8 +104,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - Set your domain for the MinIO frontend in `MINIO_DOMAIN=`, e.g. `MINIO_DOMAIN=minio.owncloud.test`. If you are using other S3-compatible providers you need to configure the respective endpoint here. If you like you can change the default name of the S3 bucket by setting `MINIO_BUCKET=` to a different value. diff --git a/docs/ocis/deployment/ocis_traefik.md b/docs/ocis/deployment/ocis_traefik.md index a672577e2c..ee6851d108 100644 --- a/docs/ocis/deployment/ocis_traefik.md +++ b/docs/ocis/deployment/ocis_traefik.md @@ -88,8 +88,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - Now you have configured everything and can save the file. * Start the docker stack diff --git a/docs/ocis/deployment/ocis_wopi.md b/docs/ocis/deployment/ocis_wopi.md index 10c5fd04d3..99f9713918 100644 --- a/docs/ocis/deployment/ocis_wopi.md +++ b/docs/ocis/deployment/ocis_wopi.md @@ -130,8 +130,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - By default the CS3Org WOPI server will also be started in the `latest` version. If you want to start a specific version of it, you can set the version to `WOPISERVER_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/cs3org/wopiserver/tags?page=1&ordering=last_updated). Set your domain for the CS3Org WOPI server in `WOPISERVER_DOMAIN=`, where all office suites can download the files via the WOPI protocol. From 59c96413d9ddc6755a2a902d18b9423635a00c3d Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 29 Apr 2022 13:45:12 +0200 Subject: [PATCH 50/99] beautify error messages Signed-off-by: Christian Richter --- ocis-pkg/shared/errors.go | 17 +++++++++++------ ocis/pkg/init/init.go | 2 +- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/ocis-pkg/shared/errors.go b/ocis-pkg/shared/errors.go index de99c6bfbf..bb4b5f4ec7 100644 --- a/ocis-pkg/shared/errors.go +++ b/ocis-pkg/shared/errors.go @@ -7,36 +7,41 @@ import ( ) func MissingMachineAuthApiKeyError(service string) error { - return fmt.Errorf("machine_auth_api_key has not your config for %s. "+ + return fmt.Errorf("The Machineauth API key has not been configured for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting OCIS_MACHINE_AUTH_API_KEY)", + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", service, defaults.BaseConfigPath()) } func MissingJWTTokenError(service string) error { return fmt.Errorf("jwt_secret has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting OCIS_JWT_SECRET)", + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", service, defaults.BaseConfigPath()) } func MissingRevaTransferSecretError(service string) error { return fmt.Errorf("transfer_secret has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting STORAGE_TRANSFER_SECRET)", + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", service, defaults.BaseConfigPath()) } func MissingLDAPBindPassword(service string) error { return fmt.Errorf("bind_password has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting LDAP_BIND_PASSWORD)", + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", service, defaults.BaseConfigPath()) } func MissingServiceUserPassword(service, serviceUser string) error { return fmt.Errorf("password of service user %s has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting it via environment variable)", + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", serviceUser, service, defaults.BaseConfigPath()) } diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index 61192a5665..cd6c968f8e 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -286,7 +286,7 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { return err } fmt.Printf( - "\n\n=========================================\n"+ + "\n=========================================\n"+ " generated OCIS Config\n"+ "=========================================\n"+ " configpath : %s\n"+ From c47e43318a03700370b487ff0893b7aae87cb94e Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 29 Apr 2022 14:15:48 +0200 Subject: [PATCH 51/99] allow override of admin password wit ocis init Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 12 ++++++++++-- ocis/pkg/init/init.go | 12 ++++++++---- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 27f50b03a7..ecbcb27412 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -24,17 +24,25 @@ func InitCommand(cfg *config.Config) *cli.Command { Name: "insecure", EnvVars: []string{"OCIS_INSECURE"}, Value: "ask", + Usage: "Allow insecure oCIS config", }, &cli.BoolFlag{ Name: "force-overwrite", Aliases: []string{"f"}, EnvVars: []string{"OCIS_FORCE_CONFIG_OVERWRITE"}, Value: false, + Usage: "Force overwrite existing config file", }, &cli.StringFlag{ Name: "config-path", Value: defaults.BaseConfigPath(), - Usage: "config path for the ocis runtime", + Usage: "Config path for the ocis runtime", + }, + &cli.StringFlag{ + Name: "admin-password", + Aliases: []string{"ap"}, + EnvVars: []string{"ADMIN_PASSWORD"}, + Usage: "Set admin password instead of using a random gnerated one", }, }, Action: func(c *cli.Context) error { @@ -48,7 +56,7 @@ func InitCommand(cfg *config.Config) *cli.Command { } else if insecureFlag == strings.ToLower("true") || insecureFlag == strings.ToLower("yes") || insecureFlag == strings.ToLower("y") { insecure = true } - err := ocisinit.CreateConfig(insecure, c.Bool("force-overwrite"), c.String("config-path")) + err := ocisinit.CreateConfig(insecure, c.Bool("force-overwrite"), c.String("config-path"), c.String("admin-password")) if err != nil { log.Fatalf("Could not create config: %s", err) } diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index cd6c968f8e..e2d4b0f60c 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -142,7 +142,7 @@ func backupOcisConfigFile(configPath string) (string, error) { return targetBackupConfig, nil } -func CreateConfig(insecure, forceOverwrite bool, configPath string) error { +func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword string) error { targetBackupConfig := "" err := checkConfigPath(configPath) @@ -167,10 +167,14 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return fmt.Errorf("could not generate random password for idp: %s", err) } - ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for ocis admin: %s", err) + ocisAdminServicePassword := adminPassword + if ocisAdminServicePassword == "" { + ocisAdminServicePassword, err = generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for ocis admin: %s", err) + } } + revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("could not generate random password for reva: %s", err) From d0506cf048009d9113053a11d09bbe9e01663c0c Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 14:17:57 +0200 Subject: [PATCH 52/99] fix the traefik deployment example --- deployments/examples/ocis_traefik/.env | 19 ++++----------- .../config/ocis/entrypoint-override.sh | 23 ++----------------- .../examples/ocis_traefik/docker-compose.yml | 12 ++++------ 3 files changed, 12 insertions(+), 42 deletions(-) diff --git a/deployments/examples/ocis_traefik/.env b/deployments/examples/ocis_traefik/.env index f75e2d5fb9..478247e879 100644 --- a/deployments/examples/ocis_traefik/.env +++ b/deployments/examples/ocis_traefik/.env @@ -2,10 +2,6 @@ # It skips certificate validation for various parts of oCIS and is needed if you use self signed certificates. INSECURE=true -# The demo users should not be created on a production instance -# because their passwords are public -DEMO_USERS=true - ### Traefik settings ### # Serve Traefik dashboard. Defaults to "false". TRAEFIK_DASHBOARD= @@ -21,16 +17,11 @@ TRAEFIK_ACME_MAIL= OCIS_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test" OCIS_DOMAIN= -# IDP LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "idp". -IDP_LDAP_BIND_PASSWORD= -# Storage LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "reva". -STORAGE_LDAP_BIND_PASSWORD= -# JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4" -OCIS_JWT_SECRET= -# JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret" -STORAGE_TRANSFER_SECRET= -# Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please" -OCIS_MACHINE_AUTH_API_KEY= +# oCIS admin user password. Defaults to "admin". +ADMIN_PASSWORD= +# The demo users should not be created on a production instance +# because their passwords are public. Defaults to "false". +DEMO_USERS= # If you want to use debugging and tracing with this stack, # you need uncomment following line. Please see documentation at diff --git a/deployments/examples/ocis_traefik/config/ocis/entrypoint-override.sh b/deployments/examples/ocis_traefik/config/ocis/entrypoint-override.sh index c1f96fae4e..b5befa04aa 100644 --- a/deployments/examples/ocis_traefik/config/ocis/entrypoint-override.sh +++ b/deployments/examples/ocis_traefik/config/ocis/entrypoint-override.sh @@ -1,24 +1,5 @@ #!/bin/sh - set -e -ocis server& -sleep 10 - -echo "##################################################" -echo "change default secrets:" - -# IDP -IDP_USER_UUID=$(ocis accounts list | grep "| Kopano IDP " | egrep '[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}' -o) -echo " IDP user UUID: $IDP_USER_UUID" -ocis accounts update --password $IDP_LDAP_BIND_PASSWORD $IDP_USER_UUID - -# REVA -REVA_USER_UUID=$(ocis accounts list | grep " | Reva Inter " | egrep '[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}' -o) -echo " Reva user UUID: $REVA_USER_UUID" -ocis accounts update --password $STORAGE_LDAP_BIND_PASSWORD $REVA_USER_UUID - -echo "default secrets changed" -echo "##################################################" - -wait # wait for oCIS to exit +ocis init || true # will only initialize once +ocis server diff --git a/deployments/examples/ocis_traefik/docker-compose.yml b/deployments/examples/ocis_traefik/docker-compose.yml index 35fc4756cf..fc1133e5dc 100644 --- a/deployments/examples/ocis_traefik/docker-compose.yml +++ b/deployments/examples/ocis_traefik/docker-compose.yml @@ -53,21 +53,17 @@ services: OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-error} # make oCIS less verbose PROXY_TLS: "false" # do not use SSL between Traefik and oCIS - # change default secrets - IDP_LDAP_BIND_PASSWORD: ${IDP_LDAP_BIND_PASSWORD:-idp} - STORAGE_LDAP_BIND_PASSWORD: ${STORAGE_LDAP_BIND_PASSWORD:-reva} - OCIS_JWT_SECRET: ${OCIS_JWT_SECRET:-Pive-Fumkiu4} - STORAGE_TRANSFER_SECRET: ${STORAGE_TRANSFER_SECRET:-replace-me-with-a-transfer-secret} - OCIS_MACHINE_AUTH_API_KEY: ${OCIS_MACHINE_AUTH_API_KEY:-change-me-please} # INSECURE: needed if oCIS / Traefik is using self generated certificates OCIS_INSECURE: "${INSECURE:-false}" # basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect) PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}" + # admin user password + IDM_ADMIN_PASSWORD: "${ADMIN_PASSWORD:-admin}" # this overrides the admin password from the configuration file # demo users - ACCOUNTS_DEMO_USERS_AND_GROUPS: "${DEMO_USERS:-false}" # deprecated, remove after switching to LibreIDM IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}" volumes: - ./config/ocis/entrypoint-override.sh:/entrypoint-override.sh + - ocis-config:/etc/ocis - ocis-data:/var/lib/ocis labels: - "traefik.enable=true" @@ -82,7 +78,9 @@ services: volumes: certs: + ocis-config: ocis-data: + networks: ocis-net: From feda972487e90dab0f0d5b9b31c42dec462449c2 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 14:28:08 +0200 Subject: [PATCH 53/99] add idm admin password variable to init command --- ocis/pkg/command/init.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index ecbcb27412..c858e9f064 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -41,7 +41,7 @@ func InitCommand(cfg *config.Config) *cli.Command { &cli.StringFlag{ Name: "admin-password", Aliases: []string{"ap"}, - EnvVars: []string{"ADMIN_PASSWORD"}, + EnvVars: []string{"ADMIN_PASSWORD", "IDM_ADMIN_PASSWORD"}, Usage: "Set admin password instead of using a random gnerated one", }, }, From 4fdd3170ccf03b41b6b5b59ff94a3eb8acbe3d82 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 14:40:30 +0200 Subject: [PATCH 54/99] only mount config volume for initialization --- docs/ocis/getting-started/_index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/ocis/getting-started/_index.md b/docs/ocis/getting-started/_index.md index 288ae771d7..5a31560b83 100644 --- a/docs/ocis/getting-started/_index.md +++ b/docs/ocis/getting-started/_index.md @@ -67,8 +67,8 @@ The `latest` tag always reflects the current master branch. ```console docker pull owncloud/ocis -docker run --rm -it -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis owncloud/ocis init -docker run --rm -p 9200:9200 -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis -e ACCOUNTS_DEMO_USERS_AND_GROUPS=true owncloud/ocis +docker run --rm -it -v ocis-config:/etc/ocis owncloud/ocis init +docker run --rm -p 9200:9200 -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis -e IDM_CREATE_DEMO_USERS=true owncloud/ocis ``` {{< hint info >}} From 1cdb81bd3e976e992a65e9be945fc697e15b4018 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 16:10:21 +0200 Subject: [PATCH 55/99] add fixes from review --- docs/helpers/example-config-generator.go.tmpl | 2 - docs/ocis/deployment/systemd.md | 2 +- .../appprovider/pkg/config/parser/parse.go | 5 +++ extensions/appprovider/pkg/config/reva.go | 2 +- extensions/auth-basic/pkg/config/reva.go | 2 +- extensions/auth-bearer/pkg/config/reva.go | 2 +- extensions/auth-machine/pkg/config/reva.go | 2 +- extensions/frontend/pkg/command/command.go | 39 ------------------- extensions/frontend/pkg/config/reva.go | 2 +- extensions/gateway/pkg/config/reva.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 1 - extensions/graph/pkg/config/parser/parse.go | 4 ++ extensions/group/pkg/config/reva.go | 2 +- .../idp/pkg/config/defaults/defaultconfig.go | 1 - extensions/ocdav/pkg/command/ocdav.go | 34 ---------------- extensions/ocdav/pkg/config/reva.go | 2 +- extensions/ocs/pkg/server/http/svc_test.go | 4 +- .../pkg/config/defaults/defaultconfig.go | 8 ---- extensions/sharing/pkg/config/reva.go | 2 +- .../storage-metadata/pkg/config/reva.go | 2 +- .../storage-publiclink/pkg/config/reva.go | 2 +- extensions/storage-shares/pkg/config/reva.go | 2 +- extensions/storage-users/pkg/config/reva.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 6 --- extensions/storage/pkg/config/parser/parse.go | 4 -- extensions/user/pkg/config/reva.go | 2 +- ocis-pkg/config/config.go | 5 --- ocis-pkg/generators/generators_suite_test.go | 13 ------- ocis-pkg/generators/generators_test.go | 13 ------- ocis/pkg/command/init.go | 7 ++-- 30 files changed, 29 insertions(+), 147 deletions(-) delete mode 100644 ocis-pkg/generators/generators_suite_test.go delete mode 100644 ocis-pkg/generators/generators_test.go diff --git a/docs/helpers/example-config-generator.go.tmpl b/docs/helpers/example-config-generator.go.tmpl index 1c63e1fd32..277cfdc9dc 100644 --- a/docs/helpers/example-config-generator.go.tmpl +++ b/docs/helpers/example-config-generator.go.tmpl @@ -23,8 +23,6 @@ func main() { replacer.Replace("{{$value}}"): func() string { fmt.Println("Generating example YAML config for {{ $value -}}") c := pkg{{$key}}.FullDefaultConfig() - pkg{{$key}}.EnsureDefaults(c) - pkg{{$key}}.Sanitize(c) yml, err := yaml.Marshal(c) if err != nil { log.Fatalf("Marshalling yaml for pkg0 failed: %s\n", err) diff --git a/docs/ocis/deployment/systemd.md b/docs/ocis/deployment/systemd.md index f475ec2274..55d723e046 100644 --- a/docs/ocis/deployment/systemd.md +++ b/docs/ocis/deployment/systemd.md @@ -61,7 +61,7 @@ oCIS will store all data in `/var/lib/ocis`, because we configured it so by sett ## Starting the oCIS service -Initialize the oCIS configuration by running `OCIS_CONFIG_DIR=/etc/ocis ocis init`. +Initialize the oCIS configuration by running `ocis init --config-path /etc/ocis`. You can enable oCIS now by running `systemctl enable --now ocis`. It will ensure that oCIS also is restarted after a reboot of the host. diff --git a/extensions/appprovider/pkg/config/parser/parse.go b/extensions/appprovider/pkg/config/parser/parse.go index fa55c4653f..e968dbe244 100644 --- a/extensions/appprovider/pkg/config/parser/parse.go +++ b/extensions/appprovider/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/appprovider/pkg/config" "github.com/owncloud/ocis/extensions/appprovider/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/appprovider/pkg/config/reva.go b/extensions/appprovider/pkg/config/reva.go index b8d2779170..aec078b05a 100644 --- a/extensions/appprovider/pkg/config/reva.go +++ b/extensions/appprovider/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;APP_PROVIDER_JWT_SECRET"` } diff --git a/extensions/auth-basic/pkg/config/reva.go b/extensions/auth-basic/pkg/config/reva.go index b8d2779170..e01bce8ed7 100644 --- a/extensions/auth-basic/pkg/config/reva.go +++ b/extensions/auth-basic/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_BASIC_JWT_SECRET"` } diff --git a/extensions/auth-bearer/pkg/config/reva.go b/extensions/auth-bearer/pkg/config/reva.go index b8d2779170..1615b97d00 100644 --- a/extensions/auth-bearer/pkg/config/reva.go +++ b/extensions/auth-bearer/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_BEARER_JWT_SECRET"` } diff --git a/extensions/auth-machine/pkg/config/reva.go b/extensions/auth-machine/pkg/config/reva.go index b8d2779170..e81446d87f 100644 --- a/extensions/auth-machine/pkg/config/reva.go +++ b/extensions/auth-machine/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_MACHINE_JWT_SECRET"` } diff --git a/extensions/frontend/pkg/command/command.go b/extensions/frontend/pkg/command/command.go index 7f13a19152..96fb5e023c 100644 --- a/extensions/frontend/pkg/command/command.go +++ b/extensions/frontend/pkg/command/command.go @@ -7,7 +7,6 @@ import ( "os" "path" "strconv" - "strings" "github.com/cs3org/reva/v2/cmd/revad/runtime" "github.com/gofrs/uuid" @@ -16,7 +15,6 @@ import ( "github.com/owncloud/ocis/extensions/frontend/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" - "github.com/owncloud/ocis/ocis-pkg/conversions" "github.com/owncloud/ocis/ocis-pkg/log" "github.com/owncloud/ocis/ocis-pkg/sync" "github.com/owncloud/ocis/ocis-pkg/tracing" @@ -30,11 +28,6 @@ func Frontend(cfg *config.Config) *cli.Command { Name: "frontend", Usage: "start frontend service", Before: func(ctx *cli.Context) error { - // TODO: what !? - //if err := loadUserAgent(c, cfg); err != nil { - // return err - //} - //return nil err := parser.ParseConfig(cfg) if err != nil { fmt.Printf("%v", err) @@ -60,13 +53,6 @@ func Frontend(cfg *config.Config) *cli.Command { uuid := uuid.Must(uuid.NewV4()) pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+uuid.String()+".pid") - // pregenerate list of valid localhost ports for the desktop redirect_uri - // TODO use custom scheme like "owncloud://localhost/user/callback" tracked in - var desktopRedirectURIs [65535 - 1024]string - for port := 0; port < len(desktopRedirectURIs); port++ { - desktopRedirectURIs[port] = fmt.Sprintf("http://localhost:%d", (port + 1024)) - } - archivers := []map[string]interface{}{ { "enabled": true, @@ -318,31 +304,6 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s } } -// loadUserAgent reads the user-agent-whitelist-lock-in, since it is a string flag, and attempts to construct a map of -// "user-agent":"challenge" locks in for Reva. -// Modifies cfg. Spaces don't need to be trimmed as urfavecli takes care of it. User agents with spaces are valid. i.e: -// Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0 -// This function works by relying in our format of specifying [user-agent:challenge] and the fact that the user agent -// might contain ":" (colon), so the original string is reversed, split in two parts, by the time it is split we -// have the indexes reversed and the tuple is in the format of [challenge:user-agent], then the same process is applied -// in reverse for each individual part -func loadUserAgent(c *cli.Context, cfg *config.Config) error { - cfg.Middleware.Auth.CredentialsByUserAgent = make(map[string]string) - locks := c.StringSlice("user-agent-whitelist-lock-in") - - for _, v := range locks { - vv := conversions.Reverse(v) - parts := strings.SplitN(vv, ":", 2) - if len(parts) != 2 { - return fmt.Errorf("unexpected config value for user-agent lock-in: %v, expected format is user-agent:challenge", v) - } - - cfg.Middleware.Auth.CredentialsByUserAgent[conversions.Reverse(parts[1])] = conversions.Reverse(parts[0]) - } - - return nil -} - // FrontendSutureService allows for the storage-frontend command to be embedded and supervised by a suture supervisor tree. type FrontendSutureService struct { cfg *config.Config diff --git a/extensions/frontend/pkg/config/reva.go b/extensions/frontend/pkg/config/reva.go index b8d2779170..77484698f3 100644 --- a/extensions/frontend/pkg/config/reva.go +++ b/extensions/frontend/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;FRONTEND_JWT_SECRET"` } diff --git a/extensions/gateway/pkg/config/reva.go b/extensions/gateway/pkg/config/reva.go index b8d2779170..2a5534c7e2 100644 --- a/extensions/gateway/pkg/config/reva.go +++ b/extensions/gateway/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GATEWAY_JWT_SECRET"` } diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index 77fea10502..a9a50720df 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -42,7 +42,6 @@ func DefaultConfig() *config.Config { URI: "ldaps://localhost:9235", Insecure: true, BindDN: "uid=libregraph,ou=sysusers,o=libregraph-idm", - BindPassword: "idm", UseServerUUID: false, WriteEnabled: true, UserBaseDN: "ou=users,o=libregraph-idm", diff --git a/extensions/graph/pkg/config/parser/parse.go b/extensions/graph/pkg/config/parser/parse.go index 32626ff0fb..6bc695c159 100644 --- a/extensions/graph/pkg/config/parser/parse.go +++ b/extensions/graph/pkg/config/parser/parse.go @@ -38,5 +38,9 @@ func Validate(cfg *config.Config) error { return shared.MissingJWTTokenError(cfg.Service.Name) } + if cfg.Identity.Backend == "ldap" && cfg.Identity.LDAP.BindPassword == "" { + return shared.MissingLDAPBindPassword(cfg.Service.Name) + } + return nil } diff --git a/extensions/group/pkg/config/reva.go b/extensions/group/pkg/config/reva.go index b8d2779170..e2aae1a7a0 100644 --- a/extensions/group/pkg/config/reva.go +++ b/extensions/group/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GROUPS_JWT_SECRET"` } diff --git a/extensions/idp/pkg/config/defaults/defaultconfig.go b/extensions/idp/pkg/config/defaults/defaultconfig.go index 8bd508ab1c..b3498b9755 100644 --- a/extensions/idp/pkg/config/defaults/defaultconfig.go +++ b/extensions/idp/pkg/config/defaults/defaultconfig.go @@ -69,7 +69,6 @@ func DefaultConfig() *config.Config { URI: "ldaps://localhost:9235", TLSCACert: path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"), BindDN: "uid=idp,ou=sysusers,o=libregraph-idm", - BindPassword: "", BaseDN: "ou=users,o=libregraph-idm", Scope: "sub", LoginAttribute: "uid", diff --git a/extensions/ocdav/pkg/command/ocdav.go b/extensions/ocdav/pkg/command/ocdav.go index 4869b0263d..20bb8a29b6 100644 --- a/extensions/ocdav/pkg/command/ocdav.go +++ b/extensions/ocdav/pkg/command/ocdav.go @@ -4,7 +4,6 @@ import ( "context" "flag" "fmt" - "strings" "github.com/cs3org/reva/v2/pkg/micro/ocdav" "github.com/oklog/run" @@ -12,7 +11,6 @@ import ( "github.com/owncloud/ocis/extensions/ocdav/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" - "github.com/owncloud/ocis/ocis-pkg/conversions" "github.com/owncloud/ocis/ocis-pkg/log" "github.com/owncloud/ocis/ocis-pkg/sync" "github.com/owncloud/ocis/ocis-pkg/tracing" @@ -26,13 +24,6 @@ func OCDav(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "ocdav", Usage: "start ocdav service", - // TODO: check - //Before: func(c *cli.Context) error { - // if err := loadUserAgent(c, cfg); err != nil { - // return err - // } - // return nil - //}, Before: func(ctx *cli.Context) error { err := parser.ParseConfig(cfg) if err != nil { @@ -153,28 +144,3 @@ func (s OCDavSutureService) Serve(ctx context.Context) error { return nil } - -// loadUserAgent reads the user-agent-whitelist-lock-in, since it is a string flag, and attempts to construct a map of -// "user-agent":"challenge" locks in for Reva. -// Modifies cfg. Spaces don't need to be trimmed as urfavecli takes care of it. User agents with spaces are valid. i.e: -// Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0 -// This function works by relying in our format of specifying [user-agent:challenge] and the fact that the user agent -// might contain ":" (colon), so the original string is reversed, split in two parts, by the time it is split we -// have the indexes reversed and the tuple is in the format of [challenge:user-agent], then the same process is applied -// in reverse for each individual part -func loadUserAgent(c *cli.Context, cfg *config.Config) error { - cfg.Middleware.Auth.CredentialsByUserAgent = make(map[string]string) - locks := c.StringSlice("user-agent-whitelist-lock-in") - - for _, v := range locks { - vv := conversions.Reverse(v) - parts := strings.SplitN(vv, ":", 2) - if len(parts) != 2 { - return fmt.Errorf("unexpected config value for user-agent lock-in: %v, expected format is user-agent:challenge", v) - } - - cfg.Middleware.Auth.CredentialsByUserAgent[conversions.Reverse(parts[1])] = conversions.Reverse(parts[0]) - } - - return nil -} diff --git a/extensions/ocdav/pkg/config/reva.go b/extensions/ocdav/pkg/config/reva.go index b8d2779170..4a0f1449be 100644 --- a/extensions/ocdav/pkg/config/reva.go +++ b/extensions/ocdav/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCDAV_JWT_SECRET"` } diff --git a/extensions/ocs/pkg/server/http/svc_test.go b/extensions/ocs/pkg/server/http/svc_test.go index c5a73fcfbc..a6f4051d4e 100644 --- a/extensions/ocs/pkg/server/http/svc_test.go +++ b/extensions/ocs/pkg/server/http/svc_test.go @@ -723,9 +723,7 @@ func getService() svc.Service { Root: "/", Addr: "localhost:9110", }, - Reva: &config.Reva{ - Address: "", - }, + Reva: &config.Reva{}, TokenManager: &config.TokenManager{ JWTSecret: jwtSecret, }, diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index e5dadbd579..1b45e273f8 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -203,14 +203,6 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Reva == nil { cfg.Reva = &config.Reva{} } - - if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { - cfg.TokenManager = &config.TokenManager{ - JWTSecret: cfg.Commons.TokenManager.JWTSecret, - } - } else if cfg.TokenManager == nil { - cfg.TokenManager = &config.TokenManager{} - } } func Sanitize(cfg *config.Config) { diff --git a/extensions/sharing/pkg/config/reva.go b/extensions/sharing/pkg/config/reva.go index b8d2779170..7bb95d858a 100644 --- a/extensions/sharing/pkg/config/reva.go +++ b/extensions/sharing/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;SHARING_JWT_SECRET"` } diff --git a/extensions/storage-metadata/pkg/config/reva.go b/extensions/storage-metadata/pkg/config/reva.go index b8d2779170..3094a80135 100644 --- a/extensions/storage-metadata/pkg/config/reva.go +++ b/extensions/storage-metadata/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_METADATA_JWT_SECRET"` } diff --git a/extensions/storage-publiclink/pkg/config/reva.go b/extensions/storage-publiclink/pkg/config/reva.go index b8d2779170..306ae4f262 100644 --- a/extensions/storage-publiclink/pkg/config/reva.go +++ b/extensions/storage-publiclink/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_PUBLICLINK_JWT_SECRET"` } diff --git a/extensions/storage-shares/pkg/config/reva.go b/extensions/storage-shares/pkg/config/reva.go index b8d2779170..75b30df05a 100644 --- a/extensions/storage-shares/pkg/config/reva.go +++ b/extensions/storage-shares/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_SHARES_JWT_SECRET"` } diff --git a/extensions/storage-users/pkg/config/reva.go b/extensions/storage-users/pkg/config/reva.go index b8d2779170..fd15399fe2 100644 --- a/extensions/storage-users/pkg/config/reva.go +++ b/extensions/storage-users/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_USERS_JWT_SECRET"` } diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index 6b88c6babd..c573bfdccc 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -32,7 +32,6 @@ func DefaultConfig() *config.Config { Addr: "127.0.0.1:9109", }, Reva: config.Reva{ - //JWTSecret: "Pive-Fumkiu4", SkipUserGroupsInToken: false, TransferExpires: 24 * 60 * 60, OIDC: config.OIDC{ @@ -444,7 +443,6 @@ func DefaultConfig() *config.Config { GatewaySVC: defaultGatewayAddr, Insecure: false, // true? Timeout: 84300, - //JWTSecret: "Pive-Fumkiu4", }, Tracing: config.Tracing{ Service: "storage", @@ -455,11 +453,7 @@ func DefaultConfig() *config.Config { } func EnsureDefaults(cfg *config.Config) { - //if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { - // cfg.TransferSecret = cfg.Commons.TransferSecret - //} } func Sanitize(cfg *config.Config) { - // TODO: IMPLEMENT ME! } diff --git a/extensions/storage/pkg/config/parser/parse.go b/extensions/storage/pkg/config/parser/parse.go index 5cf17d1c40..ca0d96dbb3 100644 --- a/extensions/storage/pkg/config/parser/parse.go +++ b/extensions/storage/pkg/config/parser/parse.go @@ -6,7 +6,6 @@ import ( "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" - "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -34,8 +33,5 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { - if cfg.TransferSecret == "" { - return shared.MissingRevaTransferSecretError(cfg.Service.Name) - } return nil } diff --git a/extensions/user/pkg/config/reva.go b/extensions/user/pkg/config/reva.go index b8d2779170..310858a795 100644 --- a/extensions/user/pkg/config/reva.go +++ b/extensions/user/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;USERS_JWT_SECRET"` } diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 8840b59c77..33b9645d2e 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -35,11 +35,6 @@ import ( webdav "github.com/owncloud/ocis/extensions/webdav/pkg/config" ) -// TokenManager is the config for using the reva token manager -/*type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET"` -}*/ - const ( // SUPERVISED sets the runtime mode as supervised threads. SUPERVISED = iota diff --git a/ocis-pkg/generators/generators_suite_test.go b/ocis-pkg/generators/generators_suite_test.go deleted file mode 100644 index ef690d5930..0000000000 --- a/ocis-pkg/generators/generators_suite_test.go +++ /dev/null @@ -1,13 +0,0 @@ -package generators_test - -import ( - "testing" - - . "github.com/onsi/ginkgo/v2" - . "github.com/onsi/gomega" -) - -func TestGenerators(t *testing.T) { - RegisterFailHandler(Fail) - RunSpecs(t, "Generators Suite") -} diff --git a/ocis-pkg/generators/generators_test.go b/ocis-pkg/generators/generators_test.go deleted file mode 100644 index 676b9bcaa8..0000000000 --- a/ocis-pkg/generators/generators_test.go +++ /dev/null @@ -1,13 +0,0 @@ -package generators_test - -import ( - _ "github.com/onsi/ginkgo/v2" - _ "github.com/onsi/gomega" - - _ "github.com/owncloud/ocis/ocis-pkg/generators" -) - -//var _ = Describe("Generators", func() { -// It("Returns an error ", func() {}) -// PIt("Returns expected passwords", func() {}) -//}) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index c858e9f064..856bb31812 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -34,9 +34,10 @@ func InitCommand(cfg *config.Config) *cli.Command { Usage: "Force overwrite existing config file", }, &cli.StringFlag{ - Name: "config-path", - Value: defaults.BaseConfigPath(), - Usage: "Config path for the ocis runtime", + Name: "config-path", + Value: defaults.BaseConfigPath(), + Usage: "Config path for the ocis runtime", + EnvVars: []string{"OCIS_CONFIG_DIR"}, }, &cli.StringFlag{ Name: "admin-password", From 54ad9c3a876d927e443fd69e9a943f8c8b40f78e Mon Sep 17 00:00:00 2001 From: Viktor Scharf Date: Fri, 29 Apr 2022 17:52:42 +0200 Subject: [PATCH 56/99] [full-ci] Switch UI tests to graphApi (#3594) * use ocis server in UI test and use middleware with changings * back to default middleware * Update .drone.star change middleware tag * run tests with my middleware image * use web commitId * change middleware version and web commit * back to webcommitID and add failed test to expected failures --- .drone.star | 5 +++-- tests/acceptance/expected-failures-webUI-on-OCIS-storage.md | 3 +++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.drone.star b/.drone.star index ff5aad4eaa..16542d0f7e 100644 --- a/.drone.star +++ b/.drone.star @@ -18,7 +18,7 @@ OC_CI_NODEJS = "owncloudci/nodejs:%s" OC_CI_PHP = "owncloudci/php:%s" OC_CI_WAIT_FOR = "owncloudci/wait-for:latest" OC_CS3_API_VALIDATOR = "owncloud/cs3api-validator:latest" -OC_OC_TEST_MIDDLEWARE = "owncloud/owncloud-test-middleware:1.5.0" +OC_OC_TEST_MIDDLEWARE = "owncloud/owncloud-test-middleware:1.6.0" OC_SERVER = "owncloud/server:10" OC_UBUNTU = "owncloud/ubuntu:18.04" OSIXIA_OPEN_LDAP = "osixia/openldap:latest" @@ -698,7 +698,7 @@ def uiTestPipeline(ctx, filterTags, early_fail, runPart = 1, numberOfParts = 1, "arch": "amd64", }, "steps": skipIfUnchanged(ctx, "acceptance-tests") + restoreBuildArtifactCache(ctx, "ocis-binary-amd64", "ocis/bin/ocis") + - ocisServerWithAccounts(storage, accounts_hash_difficulty, [stepVolumeOC10Tests]) + waitForSeleniumService() + waitForMiddlewareService() + [ + ocisServer(storage, accounts_hash_difficulty, [stepVolumeOC10Tests]) + waitForSeleniumService() + waitForMiddlewareService() + [ { "name": "webUITests", "image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION, @@ -1845,6 +1845,7 @@ def middlewareService(): "REMOTE_UPLOAD_DIR": "/uploads", "NODE_TLS_REJECT_UNAUTHORIZED": "0", "MIDDLEWARE_HOST": "middleware", + "TEST_WITH_GRAPH_API": "true", }, "volumes": [{ "name": "uploads", diff --git a/tests/acceptance/expected-failures-webUI-on-OCIS-storage.md b/tests/acceptance/expected-failures-webUI-on-OCIS-storage.md index b3a2909b07..e4b315e64d 100644 --- a/tests/acceptance/expected-failures-webUI-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-webUI-on-OCIS-storage.md @@ -472,3 +472,6 @@ Other free text and markdown formatting can be used elsewhere in the document if ### [publicLinkCreate.feature:172 is failing](https://github.com/owncloud/ocis/issues/3581) - [webUISharingPublicBasic/publicLinkCreate.feature:172](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicBasic/publicLinkCreate.feature#172) + +### [Creating group with problematic group name via graph api gives 500 error](https://github.com/owncloud/ocis/issues/3631) +- [webUISharingInternalGroupsEdgeCases/shareWithGroupsEdgeCases.feature:41](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingInternalGroupsEdgeCases/shareWithGroupsEdgeCases.feature:41) From 416c966dbc408e1e93f76b938db69fe5ec5e4bac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Tue, 26 Apr 2022 08:24:27 +0000 Subject: [PATCH 57/99] introduce metadata gateway MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- .../pkg/config/defaults/defaultconfig.go | 4 +- .../storage-metadata/pkg/command/command.go | 75 ++++++++++++++++++- .../storage-metadata/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 24 ++++-- .../pkg/config/defaults/defaultconfig.go | 4 +- 5 files changed, 95 insertions(+), 17 deletions(-) diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index 4a3a4cd318..bfb6d48446 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -55,10 +55,10 @@ func DefaultConfig() *config.Config { }, Metadata: config.Metadata{ - GatewayAddress: "127.0.0.1:9142", + GatewayAddress: "127.0.0.1:9215", StorageAddress: "127.0.0.1:9215", ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", - ServiceUserIDP: "https://localhost:9200", + ServiceUserIDP: "internal", MachineAuthAPIKey: "change-me-please", }, } diff --git a/extensions/storage-metadata/pkg/command/command.go b/extensions/storage-metadata/pkg/command/command.go index 06e5c22454..bd0f0b565c 100644 --- a/extensions/storage-metadata/pkg/command/command.go +++ b/extensions/storage-metadata/pkg/command/command.go @@ -125,16 +125,83 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in }, "shared": map[string]interface{}{ "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "gatewaysvc": cfg.GRPC.Addr, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ "network": cfg.GRPC.Protocol, "address": cfg.GRPC.Addr, - "interceptors": map[string]interface{}{ - "log": map[string]interface{}{}, - }, + //"interceptors": map[string]interface{}{ + // "log": map[string]interface{}{}, + //}, "services": map[string]interface{}{ + "gateway": map[string]interface{}{ + // registries are located on the gateway + "authregistrysvc": cfg.GRPC.Addr, + "storageregistrysvc": cfg.GRPC.Addr, + // user metadata is located on the users services + "userprovidersvc": cfg.GRPC.Addr, + "groupprovidersvc": cfg.GRPC.Addr, + "permissionssvc": cfg.GRPC.Addr, + // other + "disable_home_creation_on_login": true, + //"datagateway": cfg.Reva.StorageMetadata.HTTPAddr, // needs to start with a protocol + "transfer_shared_secret": cfg.TransferSecret, + "transfer_expires": cfg.TransferExpires, + //"home_mapping": cfg.Reva.Gateway.HomeMapping, + //"etag_cache_ttl": cfg.Reva.Gateway.EtagCacheTTL, + }, + "userprovider": map[string]interface{}{ + "driver": "memory", + "drivers": map[string]interface{}{ + "memory": map[string]interface{}{ + "users": map[string]interface{}{ + "serviceuser": map[string]interface{}{ + "id": map[string]interface{}{ + "opaqueId": "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", + "idp": "internal", + "type": 1, // user.UserType_USER_TYPE_PRIMARY + }, + "username": "serviceuser", + // "secret": // TODO should not have a secret + "mail": "admin@example.org", + "display_name": "System User", + }, + }, + }, + }, + }, + "authregistry": map[string]interface{}{ + "driver": "static", + "drivers": map[string]interface{}{ + "static": map[string]interface{}{ + "rules": map[string]interface{}{ + "machine": cfg.GRPC.Addr, + }, + }, + }, + }, + "authprovider": map[string]interface{}{ + "auth_manager": "machine", + "auth_managers": map[string]interface{}{ + "machine": map[string]interface{}{ + "api_key": cfg.MachineAuthAPIKey, + "gateway_addr": cfg.GRPC.Addr, + }, + }, + }, + "storageregistry": map[string]interface{}{ + "driver": "static", + "drivers": map[string]interface{}{ + "static": map[string]interface{}{ + "rules": map[string]interface{}{ + "/": map[string]interface{}{ + "address": cfg.GRPC.Addr, + }, + }, + }, + }, + }, "storageprovider": map[string]interface{}{ "driver": cfg.Driver, "drivers": config.MetadataDrivers(cfg), diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index 526a4eabc0..30608f4211 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -25,7 +25,10 @@ type Config struct { Drivers Drivers `yaml:"drivers"` DataServerURL string TempFolder string - DataProviderInsecure bool `env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_METADATA_TRANSFER_SECRET"` + TransferExpires int `yaml:"transfer_expires" env:"STORAGE_METADATA_TRANSFER_EXPIRES"` + DataProviderInsecure bool `env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;STORAGE_METADATA_MACHINE_AUTH_API_KEY"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go index 298d31eb56..a50d301c7b 100644 --- a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go @@ -24,6 +24,11 @@ func DefaultConfig() *config.Config { Pprof: false, Zpages: false, }, + Logging: &config.Logging{ + Level: "debug", + Pretty: true, + Color: true, + }, GRPC: config.GRPCConfig{ Addr: "127.0.0.1:9215", Protocol: "tcp", @@ -35,11 +40,14 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "storage-metadata", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "metadata"), - DataServerURL: "http://localhost:9216/data", - Driver: "ocis", + GatewayEndpoint: "127.0.0.1:9215", // metadata is a self contained reva instance + JWTSecret: "Pive-Fumkiu4", + TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "metadata"), + DataServerURL: "http://localhost:9216/data", + TransferSecret: "replace-me-with-a-transfer-secret-for-metadata", + TransferExpires: 24 * 60 * 60, + MachineAuthAPIKey: "change-me-please", + Driver: "ocis", Drivers: config.Drivers{ EOS: config.EOSDriver{ Root: "/eos/dockertest/reva", @@ -59,7 +67,7 @@ func DefaultConfig() *config.Config { SecProtocol: "", Keytab: "", SingleUsername: "", - GatewaySVC: "127.0.0.1:9142", + GatewaySVC: "127.0.0.1:9215", }, Local: config.LocalDriver{ Root: filepath.Join(defaults.BaseDataPath(), "storage", "local", "metadata"), @@ -71,12 +79,12 @@ func DefaultConfig() *config.Config { Root: filepath.Join(defaults.BaseDataPath(), "storage", "metadata"), UserLayout: "{{.Id.OpaqueId}}", Region: "default", - PermissionsEndpoint: "127.0.0.1:9191", + PermissionsEndpoint: "127.0.0.1:9191", // fixme }, OCIS: config.OCISDriver{ Root: filepath.Join(defaults.BaseDataPath(), "storage", "metadata"), UserLayout: "{{.Id.OpaqueId}}", - PermissionsEndpoint: "127.0.0.1:9191", + PermissionsEndpoint: "127.0.0.1:9191", // fixme }, }, } diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index c14ac52f0d..499e08873c 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -339,9 +339,9 @@ func DefaultConfig() *config.Config { GRPCAddr: "127.0.0.1:9150", Services: []string{"usershareprovider", "publicshareprovider"}, }, - CS3ProviderAddr: "127.0.0.1:9215", + CS3ProviderAddr: "127.0.0.1:9215", // metadata storage CS3ServiceUser: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", - CS3ServiceUserIdp: "https://localhost:9200", + CS3ServiceUserIdp: "internal", UserDriver: "json", UserJSONFile: path.Join(defaults.BaseDataPath(), "storage", "shares.json"), UserSQLUsername: "", From ec86cd82f71896d54b34565a7ebf2cdc51b555a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Wed, 27 Apr 2022 13:33:56 +0000 Subject: [PATCH 58/99] use demo permissions service for metadata MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- extensions/storage-metadata/pkg/command/command.go | 6 ++++++ extensions/storage-metadata/pkg/config/metadata.go | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/extensions/storage-metadata/pkg/command/command.go b/extensions/storage-metadata/pkg/command/command.go index bd0f0b565c..813f6955bd 100644 --- a/extensions/storage-metadata/pkg/command/command.go +++ b/extensions/storage-metadata/pkg/command/command.go @@ -190,6 +190,12 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in }, }, }, + "permissions": map[string]interface{}{ + "driver": "demo", + "drivers": map[string]interface{}{ + "demo": map[string]interface{}{}, + }, + }, "storageregistry": map[string]interface{}{ "driver": "static", "drivers": map[string]interface{}{ diff --git a/extensions/storage-metadata/pkg/config/metadata.go b/extensions/storage-metadata/pkg/config/metadata.go index e580882378..849883626a 100644 --- a/extensions/storage-metadata/pkg/config/metadata.go +++ b/extensions/storage-metadata/pkg/config/metadata.go @@ -49,7 +49,7 @@ func MetadataDrivers(cfg *Config) map[string]interface{} { "user_layout": cfg.Drivers.OCIS.UserLayout, "treetime_accounting": false, "treesize_accounting": false, - "permissionssvc": cfg.Drivers.OCIS.PermissionsEndpoint, + "permissionssvc": cfg.GRPC.Addr, }, "s3": map[string]interface{}{ "region": cfg.Drivers.S3.Region, From ce16c4f92c0ce51638cea2077aa76613f28ce620 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Wed, 27 Apr 2022 14:12:33 +0000 Subject: [PATCH 59/99] minor config cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- .../storage-metadata/pkg/command/command.go | 17 ++++------------- .../storage-metadata/pkg/config/config.go | 3 --- .../pkg/config/defaults/defaultconfig.go | 12 ++---------- .../storage-metadata/pkg/config/metadata.go | 2 +- 4 files changed, 7 insertions(+), 27 deletions(-) diff --git a/extensions/storage-metadata/pkg/command/command.go b/extensions/storage-metadata/pkg/command/command.go index 813f6955bd..ad77c557ca 100644 --- a/extensions/storage-metadata/pkg/command/command.go +++ b/extensions/storage-metadata/pkg/command/command.go @@ -131,9 +131,6 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in "grpc": map[string]interface{}{ "network": cfg.GRPC.Protocol, "address": cfg.GRPC.Addr, - //"interceptors": map[string]interface{}{ - // "log": map[string]interface{}{}, - //}, "services": map[string]interface{}{ "gateway": map[string]interface{}{ // registries are located on the gateway @@ -144,12 +141,8 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in "groupprovidersvc": cfg.GRPC.Addr, "permissionssvc": cfg.GRPC.Addr, // other - "disable_home_creation_on_login": true, - //"datagateway": cfg.Reva.StorageMetadata.HTTPAddr, // needs to start with a protocol - "transfer_shared_secret": cfg.TransferSecret, - "transfer_expires": cfg.TransferExpires, - //"home_mapping": cfg.Reva.Gateway.HomeMapping, - //"etag_cache_ttl": cfg.Reva.Gateway.EtagCacheTTL, + "disable_home_creation_on_login": true, // metadata manually creates a space + // metadata always uses the simple upload, so no transfer secret or datagateway needed }, "userprovider": map[string]interface{}{ "driver": "memory", @@ -162,9 +155,7 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in "idp": "internal", "type": 1, // user.UserType_USER_TYPE_PRIMARY }, - "username": "serviceuser", - // "secret": // TODO should not have a secret - "mail": "admin@example.org", + "username": "serviceuser", "display_name": "System User", }, }, @@ -219,7 +210,7 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in "http": map[string]interface{}{ "network": cfg.HTTP.Protocol, "address": cfg.HTTP.Addr, - // TODO build services dynamically + // no datagateway needed as the metadata clients directly talk to the dataprovider with the simple protocol "services": map[string]interface{}{ "dataprovider": map[string]interface{}{ "prefix": "data", diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index 30608f4211..41beb6e1c2 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -19,14 +19,11 @@ type Config struct { Context context.Context JWTSecret string - GatewayEndpoint string SkipUserGroupsInToken bool Driver string `yaml:"driver" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` Drivers Drivers `yaml:"drivers"` DataServerURL string TempFolder string - TransferSecret string `yaml:"transfer_secret" env:"STORAGE_METADATA_TRANSFER_SECRET"` - TransferExpires int `yaml:"transfer_expires" env:"STORAGE_METADATA_TRANSFER_EXPIRES"` DataProviderInsecure bool `env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;STORAGE_METADATA_MACHINE_AUTH_API_KEY"` } diff --git a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go index a50d301c7b..3bbf5004c8 100644 --- a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go @@ -24,11 +24,6 @@ func DefaultConfig() *config.Config { Pprof: false, Zpages: false, }, - Logging: &config.Logging{ - Level: "debug", - Pretty: true, - Color: true, - }, GRPC: config.GRPCConfig{ Addr: "127.0.0.1:9215", Protocol: "tcp", @@ -40,12 +35,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "storage-metadata", }, - GatewayEndpoint: "127.0.0.1:9215", // metadata is a self contained reva instance JWTSecret: "Pive-Fumkiu4", TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "metadata"), DataServerURL: "http://localhost:9216/data", - TransferSecret: "replace-me-with-a-transfer-secret-for-metadata", - TransferExpires: 24 * 60 * 60, MachineAuthAPIKey: "change-me-please", Driver: "ocis", Drivers: config.Drivers{ @@ -79,12 +71,12 @@ func DefaultConfig() *config.Config { Root: filepath.Join(defaults.BaseDataPath(), "storage", "metadata"), UserLayout: "{{.Id.OpaqueId}}", Region: "default", - PermissionsEndpoint: "127.0.0.1:9191", // fixme + PermissionsEndpoint: "127.0.0.1:9215", }, OCIS: config.OCISDriver{ Root: filepath.Join(defaults.BaseDataPath(), "storage", "metadata"), UserLayout: "{{.Id.OpaqueId}}", - PermissionsEndpoint: "127.0.0.1:9191", // fixme + PermissionsEndpoint: "127.0.0.1:9215", }, }, } diff --git a/extensions/storage-metadata/pkg/config/metadata.go b/extensions/storage-metadata/pkg/config/metadata.go index 849883626a..e580882378 100644 --- a/extensions/storage-metadata/pkg/config/metadata.go +++ b/extensions/storage-metadata/pkg/config/metadata.go @@ -49,7 +49,7 @@ func MetadataDrivers(cfg *Config) map[string]interface{} { "user_layout": cfg.Drivers.OCIS.UserLayout, "treetime_accounting": false, "treesize_accounting": false, - "permissionssvc": cfg.GRPC.Addr, + "permissionssvc": cfg.Drivers.OCIS.PermissionsEndpoint, }, "s3": map[string]interface{}{ "region": cfg.Drivers.S3.Region, From b553f7a5f3001ae85bff1ce45610df93c22b1649 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Wed, 27 Apr 2022 14:15:13 +0000 Subject: [PATCH 60/99] add changelog MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- changelog/unreleased/metadata-gateway.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 changelog/unreleased/metadata-gateway.md diff --git a/changelog/unreleased/metadata-gateway.md b/changelog/unreleased/metadata-gateway.md new file mode 100644 index 0000000000..3205409fb2 --- /dev/null +++ b/changelog/unreleased/metadata-gateway.md @@ -0,0 +1,5 @@ +Enhancement: wrap metadata storage with dedicated reva gateway + +We wrapped the metadata storage in a minimal reva instance with a dedicated gateway, including static storage registry, static auth registry, in memory userprovider, machine authprovider and demo permissions service. This allows us to preconfigure the service user for the ocis settings service, share and public share providers. + +https://github.com/owncloud/ocis/pull/3602 From 5f7c40373ade7b2e4a1ddc748e35b29790090ccc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Wed, 27 Apr 2022 15:49:04 +0000 Subject: [PATCH 61/99] update reva MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- changelog/unreleased/update-reva.md | 1 + go.sum | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/changelog/unreleased/update-reva.md b/changelog/unreleased/update-reva.md index 0cce56ff61..fb8e40e23e 100644 --- a/changelog/unreleased/update-reva.md +++ b/changelog/unreleased/update-reva.md @@ -7,5 +7,6 @@ Updated reva to version 2.x.x. This update includes: https://github.com/owncloud/ocis/pull/3552 https://github.com/owncloud/ocis/pull/3570 https://github.com/owncloud/ocis/pull/3601 +https://github.com/owncloud/ocis/pull/3602 https://github.com/owncloud/ocis/pull/3605 https://github.com/owncloud/ocis/pull/3611 diff --git a/go.sum b/go.sum index 97e90625a2..1843c2b33a 100644 --- a/go.sum +++ b/go.sum @@ -318,8 +318,6 @@ github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde h1:WrD9O8ZaWvsm0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= github.com/cs3org/reva v1.18.0 h1:MbPS5ZAa8RzKcTxAVeSDdISB3XXqLIxqB03BTN5ReBY= github.com/cs3org/reva v1.18.0/go.mod h1:e5VDUDu4vVWIeVkZcW//n6UZzhGGMa+Tz/whCiX3N6o= -github.com/cs3org/reva/v2 v2.0.0-20220427133111-618964eed515 h1:8pPCLxNXVz/q7PMM6Zq1lff3P8SFAu8/CXwB2eA21xc= -github.com/cs3org/reva/v2 v2.0.0-20220427133111-618964eed515/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cs3org/reva/v2 v2.0.0-20220427203355-0164880ac7d3 h1:6sKjGI0AUW5tBXWBduaBoc+9sNYZWQR894G0oFCbus0= github.com/cs3org/reva/v2 v2.0.0-20220427203355-0164880ac7d3/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI= From c655e6bfe957362d82884b615176e252f106a42f Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Fri, 29 Apr 2022 18:55:00 +0200 Subject: [PATCH 62/99] Increase log level for ci debugging --- .drone.star | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.star b/.drone.star index 16542d0f7e..f8c8c5c089 100644 --- a/.drone.star +++ b/.drone.star @@ -1710,7 +1710,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "PROXY_ENABLE_BASIC_AUTH": True, "WEB_UI_CONFIG": "/drone/src/tests/config/drone/ocis-config.json", "IDP_IDENTIFIER_REGISTRATION_CONF": "/drone/src/tests/config/drone/identifier-registration.yml", - "OCIS_LOG_LEVEL": "error", + "OCIS_LOG_LEVEL": "debug", "SETTINGS_DATA_PATH": "/srv/app/tmp/ocis/settings", "OCIS_INSECURE": "true", "IDM_CREATE_DEMO_USERS": True, From 34554f319a0a5f93ccffcba0fb70e597fe57d50e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Fri, 29 Apr 2022 18:37:10 +0000 Subject: [PATCH 63/99] fix some storage env vars MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- .../storage-metadata/pkg/config/config.go | 4 +-- .../storage-publiclink/pkg/config/config.go | 28 ++++++++-------- .../storage-shares/pkg/config/config.go | 32 +++++++++---------- 3 files changed, 32 insertions(+), 32 deletions(-) diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index 41beb6e1c2..07698478f9 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -58,8 +58,8 @@ type GRPCConfig struct { } type HTTPConfig struct { - Addr string `yaml:"addr" env:"STORAGE_METADATA_GRPC_ADDR" desc:"The address of the grpc service."` - Protocol string `yaml:"protocol" env:"STORAGE_METADATA_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` + Addr string `yaml:"addr" env:"STORAGE_METADATA_HTTP_ADDR" desc:"The address of the http service."` + Protocol string `yaml:"protocol" env:"STORAGE_METADATA_HTTP_PROTOCOL" desc:"The transport protocol of the http service."` } type Drivers struct { diff --git a/extensions/storage-publiclink/pkg/config/config.go b/extensions/storage-publiclink/pkg/config/config.go index 3766e35ead..bc0bee2655 100644 --- a/extensions/storage-publiclink/pkg/config/config.go +++ b/extensions/storage-publiclink/pkg/config/config.go @@ -24,17 +24,17 @@ type Config struct { StorageProvider StorageProvider } type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_METADATA_TRACING_TYPE"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_METADATA_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_METADATA_TRACING_COLLECTOR"` + Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_PUBLICLINK_TRACING_ENABLED" desc:"Activates tracing."` + Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_PUBLICLINK_TRACING_TYPE"` + Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_PUBLICLINK_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` + Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_PUBLICLINK_TRACING_COLLECTOR"` } type Logging struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_METADATA_LOG_LEVEL" desc:"The log level."` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_METADATA_LOG_PRETTY" desc:"Activates pretty log output."` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_METADATA_LOG_COLOR" desc:"Activates colorized log output."` - File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_METADATA_LOG_FILE" desc:"The target log file."` + Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_PUBLICLINK_LOG_LEVEL" desc:"The log level."` + Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_PUBLICLINK_LOG_PRETTY" desc:"Activates pretty log output."` + Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_PUBLICLINK_LOG_COLOR" desc:"Activates colorized log output."` + File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_PUBLICLINK_LOG_FILE" desc:"The target log file."` } type Service struct { @@ -42,15 +42,15 @@ type Service struct { } type Debug struct { - Addr string `yaml:"addr" env:"STORAGE_METADATA_DEBUG_ADDR"` - Token string `yaml:"token" env:"STORAGE_METADATA_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof" env:"STORAGE_METADATA_DEBUG_PPROF"` - Zpages bool `yaml:"zpages" env:"STORAGE_METADATA_DEBUG_ZPAGES"` + Addr string `yaml:"addr" env:"STORAGE_PUBLICLINK_DEBUG_ADDR"` + Token string `yaml:"token" env:"STORAGE_PUBLICLINK_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof" env:"STORAGE_PUBLICLINK_DEBUG_PPROF"` + Zpages bool `yaml:"zpages" env:"STORAGE_PUBLICLINK_DEBUG_ZPAGES"` } type GRPCConfig struct { - Addr string `yaml:"addr" env:"STORAGE_METADATA_GRPC_ADDR" desc:"The address of the grpc service."` - Protocol string `yaml:"protocol" env:"STORAGE_METADATA_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` + Addr string `yaml:"addr" env:"STORAGE_PUBLICLINK_GRPC_ADDR" desc:"The address of the grpc service."` + Protocol string `yaml:"protocol" env:"STORAGE_PUBLICLINK_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` } type AuthProvider struct { diff --git a/extensions/storage-shares/pkg/config/config.go b/extensions/storage-shares/pkg/config/config.go index 8c13456013..8769be8748 100644 --- a/extensions/storage-shares/pkg/config/config.go +++ b/extensions/storage-shares/pkg/config/config.go @@ -25,17 +25,17 @@ type Config struct { SharesProviderEndpoint string } type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_METADATA_TRACING_TYPE"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_METADATA_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_METADATA_TRACING_COLLECTOR"` + Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_SHARES_TRACING_ENABLED" desc:"Activates tracing."` + Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_SHARES_TRACING_TYPE"` + Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_SHARES_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` + Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_SHARES_TRACING_COLLECTOR"` } type Logging struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_METADATA_LOG_LEVEL" desc:"The log level."` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_METADATA_LOG_PRETTY" desc:"Activates pretty log output."` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_METADATA_LOG_COLOR" desc:"Activates colorized log output."` - File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_METADATA_LOG_FILE" desc:"The target log file."` + Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_SHARES_LOG_LEVEL" desc:"The log level."` + Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_SHARES_LOG_PRETTY" desc:"Activates pretty log output."` + Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_SHARES_LOG_COLOR" desc:"Activates colorized log output."` + File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_SHARES_LOG_FILE" desc:"The target log file."` } type Service struct { @@ -43,18 +43,18 @@ type Service struct { } type Debug struct { - Addr string `yaml:"addr" env:"STORAGE_METADATA_DEBUG_ADDR"` - Token string `yaml:"token" env:"STORAGE_METADATA_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof" env:"STORAGE_METADATA_DEBUG_PPROF"` - Zpages bool `yaml:"zpages" env:"STORAGE_METADATA_DEBUG_ZPAGES"` + Addr string `yaml:"addr" env:"STORAGE_SHARES_DEBUG_ADDR"` + Token string `yaml:"token" env:"STORAGE_SHARES_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof" env:"STORAGE_SHARES_DEBUG_PPROF"` + Zpages bool `yaml:"zpages" env:"STORAGE_SHARES_DEBUG_ZPAGES"` } type GRPCConfig struct { - Addr string `yaml:"addr" env:"STORAGE_METADATA_GRPC_ADDR" desc:"The address of the grpc service."` - Protocol string `yaml:"protocol" env:"STORAGE_METADATA_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` + Addr string `yaml:"addr" env:"STORAGE_SHARES_GRPC_ADDR" desc:"The address of the grpc service."` + Protocol string `yaml:"protocol" env:"STORAGE_SHARES_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` } type HTTPConfig struct { - Addr string `yaml:"addr" env:"STORAGE_METADATA_GRPC_ADDR" desc:"The address of the grpc service."` - Protocol string `yaml:"protocol" env:"STORAGE_METADATA_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` + Addr string `yaml:"addr" env:"STORAGE_SHARES_HTTP_ADDR" desc:"The address of the grpc service."` + Protocol string `yaml:"protocol" env:"STORAGE_SHARES_HTTP_PROTOCOL" desc:"The transport protocol of the grpc service."` } From 6474d46252f17263f1f59ccc17d43836ba63ec9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Fri, 29 Apr 2022 19:09:03 +0000 Subject: [PATCH 64/99] nitpicks and typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- ocis/pkg/command/init.go | 2 +- ocis/pkg/init/init.go | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 856bb31812..4c697011cc 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -43,7 +43,7 @@ func InitCommand(cfg *config.Config) *cli.Command { Name: "admin-password", Aliases: []string{"ap"}, EnvVars: []string{"ADMIN_PASSWORD", "IDM_ADMIN_PASSWORD"}, - Usage: "Set admin password instead of using a random gnerated one", + Usage: "Set admin password instead of using a random generated one", }, }, Action: func(c *cli.Context) error { diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index e2d4b0f60c..dcf81a9882 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -142,6 +142,7 @@ func backupOcisConfigFile(configPath string) (string, error) { return targetBackupConfig, nil } +// CreateConfig creates a config file with random passwords at configPath func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword string) error { targetBackupConfig := "" From 89a9a14d248dbf93aac0d1406bddab381f976774 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Fri, 29 Apr 2022 22:04:12 +0200 Subject: [PATCH 65/99] Update extensions/storage-shares/pkg/config/parser/parse.go --- extensions/storage-shares/pkg/config/parser/parse.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/extensions/storage-shares/pkg/config/parser/parse.go b/extensions/storage-shares/pkg/config/parser/parse.go index 87aa343854..e3df4351c3 100644 --- a/extensions/storage-shares/pkg/config/parser/parse.go +++ b/extensions/storage-shares/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads storage-shares configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { From 4c53707920aa9231f823cc33001a5cddb58b6585 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Fri, 29 Apr 2022 20:21:14 +0000 Subject: [PATCH 66/99] omit extension name in ParseConfig doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- extensions/accounts/pkg/config/parser/parse.go | 2 +- extensions/appprovider/pkg/config/parser/parse.go | 2 +- extensions/audit/pkg/config/parser/parse.go | 2 +- extensions/auth-basic/pkg/config/parser/parse.go | 2 +- extensions/auth-bearer/pkg/config/parser/parse.go | 2 +- extensions/auth-machine/pkg/config/parser/parse.go | 2 +- extensions/frontend/pkg/config/parser/parse.go | 2 +- extensions/gateway/pkg/config/parser/parse.go | 2 +- extensions/glauth/pkg/config/parser/parse.go | 2 +- extensions/graph-explorer/pkg/config/parser/parse.go | 2 +- extensions/graph/pkg/config/parser/parse.go | 2 +- extensions/group/pkg/config/parser/parse.go | 2 +- extensions/idm/pkg/config/parser/parse.go | 2 +- extensions/idp/pkg/config/parser/parse.go | 2 +- extensions/nats/pkg/config/parser/parse.go | 2 +- extensions/notifications/pkg/config/parser/parse.go | 2 +- extensions/ocdav/pkg/config/parser/parse.go | 2 +- extensions/ocs/pkg/config/parser/parse.go | 2 +- extensions/proxy/pkg/config/parser/parse.go | 2 +- extensions/settings/pkg/config/parser/parse.go | 2 +- extensions/sharing/pkg/config/parser/parse.go | 2 +- extensions/storage-metadata/pkg/config/parser/parse.go | 2 +- extensions/storage-publiclink/pkg/config/parser/parse.go | 2 +- extensions/storage-shares/pkg/config/parser/parse.go | 2 +- extensions/storage-users/pkg/config/parser/parse.go | 2 +- extensions/storage/pkg/config/parser/parse.go | 2 +- extensions/store/pkg/config/parser/parse.go | 2 +- extensions/thumbnails/pkg/config/parser/parse.go | 2 +- extensions/user/pkg/config/parser/parse.go | 2 +- extensions/web/pkg/config/parser/parse.go | 2 +- extensions/webdav/pkg/config/parser/parse.go | 2 +- 31 files changed, 31 insertions(+), 31 deletions(-) diff --git a/extensions/accounts/pkg/config/parser/parse.go b/extensions/accounts/pkg/config/parser/parse.go index 69ee34934e..b052fd59c3 100644 --- a/extensions/accounts/pkg/config/parser/parse.go +++ b/extensions/accounts/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/appprovider/pkg/config/parser/parse.go b/extensions/appprovider/pkg/config/parser/parse.go index e968dbe244..ff554af475 100644 --- a/extensions/appprovider/pkg/config/parser/parse.go +++ b/extensions/appprovider/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/audit/pkg/config/parser/parse.go b/extensions/audit/pkg/config/parser/parse.go index fef33a6b52..f34652a319 100644 --- a/extensions/audit/pkg/config/parser/parse.go +++ b/extensions/audit/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/auth-basic/pkg/config/parser/parse.go b/extensions/auth-basic/pkg/config/parser/parse.go index 7f216546c0..de3b06d5c5 100644 --- a/extensions/auth-basic/pkg/config/parser/parse.go +++ b/extensions/auth-basic/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/auth-bearer/pkg/config/parser/parse.go b/extensions/auth-bearer/pkg/config/parser/parse.go index b4c0f48077..fc3a1c5020 100644 --- a/extensions/auth-bearer/pkg/config/parser/parse.go +++ b/extensions/auth-bearer/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/auth-machine/pkg/config/parser/parse.go b/extensions/auth-machine/pkg/config/parser/parse.go index 49f217ec09..2eb535806b 100644 --- a/extensions/auth-machine/pkg/config/parser/parse.go +++ b/extensions/auth-machine/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go index 3608f754a0..e2ff551a5c 100644 --- a/extensions/frontend/pkg/config/parser/parse.go +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/gateway/pkg/config/parser/parse.go b/extensions/gateway/pkg/config/parser/parse.go index 247b554896..424efdbfb2 100644 --- a/extensions/gateway/pkg/config/parser/parse.go +++ b/extensions/gateway/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/glauth/pkg/config/parser/parse.go b/extensions/glauth/pkg/config/parser/parse.go index 175673383c..a3598df4bc 100644 --- a/extensions/glauth/pkg/config/parser/parse.go +++ b/extensions/glauth/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/graph-explorer/pkg/config/parser/parse.go b/extensions/graph-explorer/pkg/config/parser/parse.go index 82bc9cc5db..ae369113fc 100644 --- a/extensions/graph-explorer/pkg/config/parser/parse.go +++ b/extensions/graph-explorer/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/graph/pkg/config/parser/parse.go b/extensions/graph/pkg/config/parser/parse.go index 6bc695c159..f554a623d8 100644 --- a/extensions/graph/pkg/config/parser/parse.go +++ b/extensions/graph/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/group/pkg/config/parser/parse.go b/extensions/group/pkg/config/parser/parse.go index 7f160b6c7b..f1e7880c9b 100644 --- a/extensions/group/pkg/config/parser/parse.go +++ b/extensions/group/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/idm/pkg/config/parser/parse.go b/extensions/idm/pkg/config/parser/parse.go index dc515b5efa..7d04c55ad4 100644 --- a/extensions/idm/pkg/config/parser/parse.go +++ b/extensions/idm/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/idp/pkg/config/parser/parse.go b/extensions/idp/pkg/config/parser/parse.go index f716a9a520..b75b10b398 100644 --- a/extensions/idp/pkg/config/parser/parse.go +++ b/extensions/idp/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/nats/pkg/config/parser/parse.go b/extensions/nats/pkg/config/parser/parse.go index 4930b1ccfe..a3a27113e2 100644 --- a/extensions/nats/pkg/config/parser/parse.go +++ b/extensions/nats/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/notifications/pkg/config/parser/parse.go b/extensions/notifications/pkg/config/parser/parse.go index f6ef3f71b1..85ac780a34 100644 --- a/extensions/notifications/pkg/config/parser/parse.go +++ b/extensions/notifications/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/ocdav/pkg/config/parser/parse.go b/extensions/ocdav/pkg/config/parser/parse.go index 075f66e1c6..77766296bf 100644 --- a/extensions/ocdav/pkg/config/parser/parse.go +++ b/extensions/ocdav/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/ocs/pkg/config/parser/parse.go b/extensions/ocs/pkg/config/parser/parse.go index 02bd765b89..536ed52de1 100644 --- a/extensions/ocs/pkg/config/parser/parse.go +++ b/extensions/ocs/pkg/config/parser/parse.go @@ -12,7 +12,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/proxy/pkg/config/parser/parse.go b/extensions/proxy/pkg/config/parser/parse.go index b82480cbd6..f792d79557 100644 --- a/extensions/proxy/pkg/config/parser/parse.go +++ b/extensions/proxy/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/settings/pkg/config/parser/parse.go b/extensions/settings/pkg/config/parser/parse.go index d10e1bc119..b59d8ee9fd 100644 --- a/extensions/settings/pkg/config/parser/parse.go +++ b/extensions/settings/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go index 3954a46bea..a8a7b00e2a 100644 --- a/extensions/sharing/pkg/config/parser/parse.go +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/storage-metadata/pkg/config/parser/parse.go b/extensions/storage-metadata/pkg/config/parser/parse.go index bc540e2c70..ae1ce03306 100644 --- a/extensions/storage-metadata/pkg/config/parser/parse.go +++ b/extensions/storage-metadata/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/storage-publiclink/pkg/config/parser/parse.go b/extensions/storage-publiclink/pkg/config/parser/parse.go index 61f8ee0332..f0e7cda992 100644 --- a/extensions/storage-publiclink/pkg/config/parser/parse.go +++ b/extensions/storage-publiclink/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/storage-shares/pkg/config/parser/parse.go b/extensions/storage-shares/pkg/config/parser/parse.go index e3df4351c3..6b0efc7aef 100644 --- a/extensions/storage-shares/pkg/config/parser/parse.go +++ b/extensions/storage-shares/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads storage-shares configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/storage-users/pkg/config/parser/parse.go b/extensions/storage-users/pkg/config/parser/parse.go index 2e034ed070..b6a55e1aef 100644 --- a/extensions/storage-users/pkg/config/parser/parse.go +++ b/extensions/storage-users/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/storage/pkg/config/parser/parse.go b/extensions/storage/pkg/config/parser/parse.go index ca0d96dbb3..d486f6dad4 100644 --- a/extensions/storage/pkg/config/parser/parse.go +++ b/extensions/storage/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/store/pkg/config/parser/parse.go b/extensions/store/pkg/config/parser/parse.go index 3d3b591ba7..68045ecf75 100644 --- a/extensions/store/pkg/config/parser/parse.go +++ b/extensions/store/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/thumbnails/pkg/config/parser/parse.go b/extensions/thumbnails/pkg/config/parser/parse.go index fd2079281b..4c47c635dd 100644 --- a/extensions/thumbnails/pkg/config/parser/parse.go +++ b/extensions/thumbnails/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/user/pkg/config/parser/parse.go b/extensions/user/pkg/config/parser/parse.go index 0a13964f92..2b5f8030a5 100644 --- a/extensions/user/pkg/config/parser/parse.go +++ b/extensions/user/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/web/pkg/config/parser/parse.go b/extensions/web/pkg/config/parser/parse.go index 80e64a3b7b..c2d8771603 100644 --- a/extensions/web/pkg/config/parser/parse.go +++ b/extensions/web/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/webdav/pkg/config/parser/parse.go b/extensions/webdav/pkg/config/parser/parse.go index 9d4d15ca7a..be9d202072 100644 --- a/extensions/webdav/pkg/config/parser/parse.go +++ b/extensions/webdav/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { From 9d8072cda956069fb7cb3fa68646d45b5815d1ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Fri, 29 Apr 2022 21:11:11 +0000 Subject: [PATCH 67/99] try to make lint happy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- ocis/pkg/init/init.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index dcf81a9882..8b2ca85bf0 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -144,12 +144,12 @@ func backupOcisConfigFile(configPath string) (string, error) { // CreateConfig creates a config file with random passwords at configPath func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword string) error { - targetBackupConfig := "" - err := checkConfigPath(configPath) if err != nil && !forceOverwrite { return err - } else if forceOverwrite && err != nil { + } + targetBackupConfig := "" + if err != nil { targetBackupConfig, err = backupOcisConfigFile(configPath) if err != nil { return err From 927198a9cd2a056565449823fda179df9b1547b9 Mon Sep 17 00:00:00 2001 From: Phil Davis Date: Fri, 29 Apr 2022 21:53:57 +0545 Subject: [PATCH 68/99] Bump core commit id --- .drone.env | 2 +- .../expected-failures-API-on-OCIS-storage.md | 35 ++++++++++++++++--- ...ected-failures-graphAPI-on-OCIS-storage.md | 35 ++++++++++++++++--- 3 files changed, 63 insertions(+), 9 deletions(-) diff --git a/.drone.env b/.drone.env index 80928acefd..6b702be1e1 100644 --- a/.drone.env +++ b/.drone.env @@ -1,5 +1,5 @@ # The test runner source for API tests -CORE_COMMITID=8f4783aa71a2fd6e863b2a4534fc697d5455bc45 +CORE_COMMITID=f73c5f6086921d858d19c1013f1cbf762c8e27dd CORE_BRANCH=master # The test runner source for UI tests diff --git a/tests/acceptance/expected-failures-API-on-OCIS-storage.md b/tests/acceptance/expected-failures-API-on-OCIS-storage.md index 727e90677d..8fd9fa5697 100644 --- a/tests/acceptance/expected-failures-API-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-API-on-OCIS-storage.md @@ -1798,7 +1798,7 @@ Not everything needs to be implemented for ocis. While the oc10 testsuite covers #### [Incorrect response while listing resources of a folder with depth infinity](https://github.com/owncloud/ocis/issues/3073) -- [apiWebdavOperations/listFiles.feature:180](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L180) +- [apiWebdavOperations/listFiles.feature:182](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L182) ### [[spaces webdav] upload to a share that was locked by owner ends with status code 409](https://github.com/owncloud/ocis/issues/3128) @@ -1815,9 +1815,9 @@ Not everything needs to be implemented for ocis. While the oc10 testsuite covers #### [can't access public link resources with spaces webdav API](https://github.com/owncloud/ocis/issues/3085) -- [apiWebdavOperations/listFiles.feature:216](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L216) -- [apiWebdavOperations/listFiles.feature:254](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L254) -- [apiWebdavOperations/listFiles.feature:291](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L291) +- [apiWebdavOperations/listFiles.feature:218](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L218) +- [apiWebdavOperations/listFiles.feature:256](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L256) +- [apiWebdavOperations/listFiles.feature:294](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L294) #### [OCS response is not returned when a disabled user tries to enable himself](https://github.com/owncloud/ocis/issues/3254) @@ -1859,5 +1859,32 @@ Not everything needs to be implemented for ocis. While the oc10 testsuite covers #### [HTTP status code differ while deleting file of another user's trash bin](https://github.com/owncloud/ocis/issues/3544) - [apiTrashbin/trashbinDelete.feature:108](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L108) +#### [Problem accessing trashbin with personal space id](https://github.com/owncloud/ocis/issues/3639) +- [apiTrashbin/trashbinDelete.feature:35](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L35) +- [apiTrashbin/trashbinDelete.feature:36](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L36) +- [apiTrashbin/trashbinDelete.feature:58](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L58) +- [apiTrashbin/trashbinDelete.feature:85](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L85) +- [apiTrashbin/trashbinDelete.feature:130](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L130) +- [apiTrashbin/trashbinDelete.feature:152](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L152) +- [apiTrashbin/trashbinDelete.feature:177](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L177) +- [apiTrashbin/trashbinDelete.feature:202](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L202) +- [apiTrashbin/trashbinDelete.feature:239](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L239) +- [apiTrashbin/trashbinDelete.feature:276](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L276) +- [apiTrashbin/trashbinDelete.feature:324](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L324) +- [apiTrashbin/trashbinFilesFolders.feature:25](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L25) +- [apiTrashbin/trashbinFilesFolders.feature:41](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L41) +- [apiTrashbin/trashbinFilesFolders.feature:59](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L59) +- [apiTrashbin/trashbinFilesFolders.feature:80](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L80) +- [apiTrashbin/trashbinFilesFolders.feature:99](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L99) +- [apiTrashbin/trashbinFilesFolders.feature:135](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L135) +- [apiTrashbin/trashbinFilesFolders.feature:158](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L158) +- [apiTrashbin/trashbinFilesFolders.feature:313](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L313) +- [apiTrashbin/trashbinFilesFolders.feature:314](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L314) +- [apiTrashbin/trashbinFilesFolders.feature:315](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L315) +- [apiTrashbin/trashbinFilesFolders.feature:334](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L334) +- [apiTrashbin/trashbinFilesFolders.feature:354](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L354) +- [apiTrashbin/trashbinFilesFolders.feature:408](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L408) +- [apiTrashbin/trashbinFilesFolders.feature:445](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L445) + Note: always have an empty line at the end of this file. The bash script that processes this file requires that the last line has a newline on the end. diff --git a/tests/acceptance/expected-failures-graphAPI-on-OCIS-storage.md b/tests/acceptance/expected-failures-graphAPI-on-OCIS-storage.md index 6c74246fe0..85c610d51c 100644 --- a/tests/acceptance/expected-failures-graphAPI-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-graphAPI-on-OCIS-storage.md @@ -1579,7 +1579,7 @@ Not everything needs to be implemented for ocis. While the oc10 testsuite covers #### [Incorrect response while listing resources of a folder with depth infinity](https://github.com/owncloud/ocis/issues/3073) -- [apiWebdavOperations/listFiles.feature:180](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L180) +- [apiWebdavOperations/listFiles.feature:182](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L182) ### [[spaces webdav] upload to a share that was locked by owner ends with status code 409](https://github.com/owncloud/ocis/issues/3128) @@ -1596,9 +1596,9 @@ Not everything needs to be implemented for ocis. While the oc10 testsuite covers #### [can't access public link resources with spaces webdav API](https://github.com/owncloud/ocis/issues/3085) -- [apiWebdavOperations/listFiles.feature:216](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L216) -- [apiWebdavOperations/listFiles.feature:254](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L254) -- [apiWebdavOperations/listFiles.feature:291](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L291) +- [apiWebdavOperations/listFiles.feature:218](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L218) +- [apiWebdavOperations/listFiles.feature:256](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L256) +- [apiWebdavOperations/listFiles.feature:294](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/listFiles.feature#L294) #### [Trying to modify a shared file using spaces end-point returns 409 HTTP status code](https://github.com/owncloud/ocis/issues/3241) @@ -1651,5 +1651,32 @@ Not everything needs to be implemented for ocis. While the oc10 testsuite covers #### [HTTP status code differ while deleting file of another user's trash bin](https://github.com/owncloud/ocis/issues/3544) - [apiTrashbin/trashbinDelete.feature:108](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L108) +#### [Problem accessing trashbin with personal space id](https://github.com/owncloud/ocis/issues/3639) +- [apiTrashbin/trashbinDelete.feature:35](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L35) +- [apiTrashbin/trashbinDelete.feature:36](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L36) +- [apiTrashbin/trashbinDelete.feature:58](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L58) +- [apiTrashbin/trashbinDelete.feature:85](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L85) +- [apiTrashbin/trashbinDelete.feature:130](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L130) +- [apiTrashbin/trashbinDelete.feature:152](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L152) +- [apiTrashbin/trashbinDelete.feature:177](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L177) +- [apiTrashbin/trashbinDelete.feature:202](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L202) +- [apiTrashbin/trashbinDelete.feature:239](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L239) +- [apiTrashbin/trashbinDelete.feature:276](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L276) +- [apiTrashbin/trashbinDelete.feature:324](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinDelete.feature#L324) +- [apiTrashbin/trashbinFilesFolders.feature:25](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L25) +- [apiTrashbin/trashbinFilesFolders.feature:41](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L41) +- [apiTrashbin/trashbinFilesFolders.feature:59](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L59) +- [apiTrashbin/trashbinFilesFolders.feature:80](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L80) +- [apiTrashbin/trashbinFilesFolders.feature:99](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L99) +- [apiTrashbin/trashbinFilesFolders.feature:135](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L135) +- [apiTrashbin/trashbinFilesFolders.feature:158](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L158) +- [apiTrashbin/trashbinFilesFolders.feature:313](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L313) +- [apiTrashbin/trashbinFilesFolders.feature:314](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L314) +- [apiTrashbin/trashbinFilesFolders.feature:315](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L315) +- [apiTrashbin/trashbinFilesFolders.feature:334](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L334) +- [apiTrashbin/trashbinFilesFolders.feature:354](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L354) +- [apiTrashbin/trashbinFilesFolders.feature:408](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L408) +- [apiTrashbin/trashbinFilesFolders.feature:445](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L445) + Note: always have an empty line at the end of this file. The bash script that processes this file requires that the last line has a newline on the end. From c878adbd8bf381bcb239e708ff47bbe3ddb5b65b Mon Sep 17 00:00:00 2001 From: Willy Kloucek <34452982+wkloucek@users.noreply.github.com> Date: Mon, 2 May 2022 07:31:40 +0000 Subject: [PATCH 69/99] Automated changelog update [skip ci] --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 897fc4f668..85ed33b38b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ The following sections list the changes for unreleased. * Bugfix - Return proper errors when ocs/cloud/users is using the cs3 backend: [#3483](https://github.com/owncloud/ocis/issues/3483) * Bugfix - URL encode the webdav url in the graph API: [#3597](https://github.com/owncloud/ocis/pull/3597) * Change - Load configuration files just from one directory: [#3587](https://github.com/owncloud/ocis/pull/3587) +* Change - Introduce `ocis init` and remove all default secrets: [#3551](https://github.com/owncloud/ocis/pull/3551) * Change - Switched default configuration to use libregraph/idm: [#3331](https://github.com/owncloud/ocis/pull/3331) * Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787) * Enhancement - Update linkshare capabilities: [#3579](https://github.com/owncloud/ocis/pull/3579) @@ -52,6 +53,17 @@ The following sections list the changes for unreleased. https://github.com/owncloud/ocis/pull/3587 +* Change - Introduce `ocis init` and remove all default secrets: [#3551](https://github.com/owncloud/ocis/pull/3551) + + We've removed all default secrets. This means you can't start oCIS any longer without setting + these via environment variable or configuration file. + + In order to make this easy for you, we introduced a new command: `ocis init`. You can run this + command before starting oCIS with `ocis server` and it will bootstrap you a configuration file + for a secure oCIS instance. + + https://github.com/owncloud/ocis/pull/3551 + * Change - Switched default configuration to use libregraph/idm: [#3331](https://github.com/owncloud/ocis/pull/3331) We switched the default configuration of oCIS to use the "idm" service (based on From 3cb78021d2d1cb6fb04fa42499a216e8fb73d018 Mon Sep 17 00:00:00 2001 From: jkoberg Date: Fri, 29 Apr 2022 10:04:16 +0200 Subject: [PATCH 70/99] bump reva Signed-off-by: jkoberg --- go.mod | 2 +- go.sum | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index abb9d949f2..3f05be5fc4 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/blevesearch/bleve/v2 v2.3.2 github.com/coreos/go-oidc/v3 v3.1.0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde - github.com/cs3org/reva/v2 v2.0.0-20220427203355-0164880ac7d3 + github.com/cs3org/reva/v2 v2.0.0-20220429070444-b061a451e550 github.com/disintegration/imaging v1.6.2 github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733 github.com/go-chi/chi/v5 v5.0.7 diff --git a/go.sum b/go.sum index 97e90625a2..eaf9b305d0 100644 --- a/go.sum +++ b/go.sum @@ -318,10 +318,8 @@ github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde h1:WrD9O8ZaWvsm0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= github.com/cs3org/reva v1.18.0 h1:MbPS5ZAa8RzKcTxAVeSDdISB3XXqLIxqB03BTN5ReBY= github.com/cs3org/reva v1.18.0/go.mod h1:e5VDUDu4vVWIeVkZcW//n6UZzhGGMa+Tz/whCiX3N6o= -github.com/cs3org/reva/v2 v2.0.0-20220427133111-618964eed515 h1:8pPCLxNXVz/q7PMM6Zq1lff3P8SFAu8/CXwB2eA21xc= -github.com/cs3org/reva/v2 v2.0.0-20220427133111-618964eed515/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= -github.com/cs3org/reva/v2 v2.0.0-20220427203355-0164880ac7d3 h1:6sKjGI0AUW5tBXWBduaBoc+9sNYZWQR894G0oFCbus0= -github.com/cs3org/reva/v2 v2.0.0-20220427203355-0164880ac7d3/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= +github.com/cs3org/reva/v2 v2.0.0-20220429070444-b061a451e550 h1:6WV6v7u5pBwvuP+QVZXg2NP8/PHyikqxQGNoqTmFRDE= +github.com/cs3org/reva/v2 v2.0.0-20220429070444-b061a451e550/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= From 23c1f155ab1cd953bf5128a7fb6c2328fbb66b20 Mon Sep 17 00:00:00 2001 From: jkoberg Date: Fri, 29 Apr 2022 10:05:54 +0200 Subject: [PATCH 71/99] use feature core commitid Signed-off-by: jkoberg --- changelog/unreleased/update-reva.md | 1 + 1 file changed, 1 insertion(+) diff --git a/changelog/unreleased/update-reva.md b/changelog/unreleased/update-reva.md index 0cce56ff61..8b4b79c912 100644 --- a/changelog/unreleased/update-reva.md +++ b/changelog/unreleased/update-reva.md @@ -9,3 +9,4 @@ https://github.com/owncloud/ocis/pull/3570 https://github.com/owncloud/ocis/pull/3601 https://github.com/owncloud/ocis/pull/3605 https://github.com/owncloud/ocis/pull/3611 +https://github.com/owncloud/ocis/pull/3621 From c1e7aa38763955ad7f3cfcc13710a3ae9b01e997 Mon Sep 17 00:00:00 2001 From: jkoberg Date: Fri, 29 Apr 2022 15:13:59 +0200 Subject: [PATCH 72/99] next reva version Signed-off-by: jkoberg --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 3f05be5fc4..4b11b0bf35 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/blevesearch/bleve/v2 v2.3.2 github.com/coreos/go-oidc/v3 v3.1.0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde - github.com/cs3org/reva/v2 v2.0.0-20220429070444-b061a451e550 + github.com/cs3org/reva/v2 v2.0.0-20220429121623-54cc99414f5a github.com/disintegration/imaging v1.6.2 github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733 github.com/go-chi/chi/v5 v5.0.7 diff --git a/go.sum b/go.sum index eaf9b305d0..a268317a84 100644 --- a/go.sum +++ b/go.sum @@ -318,8 +318,8 @@ github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde h1:WrD9O8ZaWvsm0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= github.com/cs3org/reva v1.18.0 h1:MbPS5ZAa8RzKcTxAVeSDdISB3XXqLIxqB03BTN5ReBY= github.com/cs3org/reva v1.18.0/go.mod h1:e5VDUDu4vVWIeVkZcW//n6UZzhGGMa+Tz/whCiX3N6o= -github.com/cs3org/reva/v2 v2.0.0-20220429070444-b061a451e550 h1:6WV6v7u5pBwvuP+QVZXg2NP8/PHyikqxQGNoqTmFRDE= -github.com/cs3org/reva/v2 v2.0.0-20220429070444-b061a451e550/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= +github.com/cs3org/reva/v2 v2.0.0-20220429121623-54cc99414f5a h1:vDUZ74Tq2WvSjTb8Jch7rHJU61LPEDGoKapQ+DQ4Oy8= +github.com/cs3org/reva/v2 v2.0.0-20220429121623-54cc99414f5a/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= From dd9acdce7ae9418ca30d3829fb4db6d34d65f378 Mon Sep 17 00:00:00 2001 From: jkoberg Date: Fri, 29 Apr 2022 15:19:13 +0200 Subject: [PATCH 73/99] fix audit service Signed-off-by: jkoberg --- extensions/audit/pkg/service/service_test.go | 26 ++++++++++---------- extensions/audit/pkg/types/conversion.go | 14 +++++------ 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/extensions/audit/pkg/service/service_test.go b/extensions/audit/pkg/service/service_test.go index 6fb5dc1ea0..6d45dfde1a 100644 --- a/extensions/audit/pkg/service/service_test.go +++ b/extensions/audit/pkg/service/service_test.go @@ -297,8 +297,8 @@ var testCases = []struct { }, { Alias: "File created", SystemEvent: events.FileUploaded{ - FileID: reference("sto-123", "iid-123", "./item"), - Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva + Ref: reference("sto-123", "iid-123", "./item"), + Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventFileCreated{} @@ -312,8 +312,8 @@ var testCases = []struct { }, { Alias: "File read", SystemEvent: events.FileDownloaded{ - FileID: reference("sto-123", "iid-123", "./item"), - Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva + Ref: reference("sto-123", "iid-123", "./item"), + Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventFileRead{} @@ -327,8 +327,8 @@ var testCases = []struct { }, { Alias: "File trashed", SystemEvent: events.ItemTrashed{ - FileID: reference("sto-123", "iid-123", "./item"), - Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva + Ref: reference("sto-123", "iid-123", "./item"), + Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventFileDeleted{} @@ -342,7 +342,7 @@ var testCases = []struct { }, { Alias: "File renamed", SystemEvent: events.ItemMoved{ - FileID: reference("sto-123", "iid-123", "./item"), + Ref: reference("sto-123", "iid-123", "./item"), OldReference: reference("sto-123", "iid-123", "./anotheritem"), Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva }, @@ -361,8 +361,8 @@ var testCases = []struct { }, { Alias: "File purged", SystemEvent: events.ItemPurged{ - FileID: reference("sto-123", "iid-123", "./item"), - Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva + Ref: reference("sto-123", "iid-123", "./item"), + Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventFilePurged{} @@ -376,7 +376,7 @@ var testCases = []struct { }, { Alias: "File restored", SystemEvent: events.ItemRestored{ - FileID: reference("sto-123", "iid-123", "./item"), + Ref: reference("sto-123", "iid-123", "./item"), Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva OldReference: reference("sto-123", "sto-123!iid-123/item", "./oldpath"), Key: "", @@ -396,9 +396,9 @@ var testCases = []struct { }, { Alias: "File version restored", SystemEvent: events.FileVersionRestored{ - FileID: reference("sto-123", "iid-123", "./item"), - Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva - Key: "v1", + Ref: reference("sto-123", "iid-123", "./item"), + Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva + Key: "v1", }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventFileVersionRestored{} diff --git a/extensions/audit/pkg/types/conversion.go b/extensions/audit/pkg/types/conversion.go index 5c3f3f1c85..fbb789ea59 100644 --- a/extensions/audit/pkg/types/conversion.go +++ b/extensions/audit/pkg/types/conversion.go @@ -234,7 +234,7 @@ func FilesAuditEvent(base AuditEvent, itemid, owner, path string) AuditEventFile // FileUploaded converts a FileUploaded event to an AuditEventFileCreated func FileUploaded(ev events.FileUploaded) AuditEventFileCreated { - iid, path, uid := extractFileDetails(ev.FileID, ev.Owner) + iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) base := BasicAuditEvent(uid, "", MessageFileCreated(iid), ActionFileCreated) return AuditEventFileCreated{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), @@ -243,7 +243,7 @@ func FileUploaded(ev events.FileUploaded) AuditEventFileCreated { // FileDownloaded converts a FileDownloaded event to an AuditEventFileRead func FileDownloaded(ev events.FileDownloaded) AuditEventFileRead { - iid, path, uid := extractFileDetails(ev.FileID, ev.Owner) + iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) base := BasicAuditEvent(uid, "", MessageFileRead(iid), ActionFileRead) return AuditEventFileRead{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), @@ -252,7 +252,7 @@ func FileDownloaded(ev events.FileDownloaded) AuditEventFileRead { // ItemMoved converts a ItemMoved event to an AuditEventFileRenamed func ItemMoved(ev events.ItemMoved) AuditEventFileRenamed { - iid, path, uid := extractFileDetails(ev.FileID, ev.Owner) + iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) oldpath := "" if ev.OldReference != nil { @@ -268,7 +268,7 @@ func ItemMoved(ev events.ItemMoved) AuditEventFileRenamed { // ItemTrashed converts a ItemTrashed event to an AuditEventFileDeleted func ItemTrashed(ev events.ItemTrashed) AuditEventFileDeleted { - iid, path, uid := extractFileDetails(ev.FileID, ev.Owner) + iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) base := BasicAuditEvent(uid, "", MessageFileTrashed(iid), ActionFileTrashed) return AuditEventFileDeleted{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), @@ -277,7 +277,7 @@ func ItemTrashed(ev events.ItemTrashed) AuditEventFileDeleted { // ItemPurged converts a ItemPurged event to an AuditEventFilePurged func ItemPurged(ev events.ItemPurged) AuditEventFilePurged { - iid, path, uid := extractFileDetails(ev.FileID, ev.Owner) + iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) base := BasicAuditEvent(uid, "", MessageFilePurged(iid), ActionFilePurged) return AuditEventFilePurged{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), @@ -286,7 +286,7 @@ func ItemPurged(ev events.ItemPurged) AuditEventFilePurged { // ItemRestored converts a ItemRestored event to an AuditEventFileRestored func ItemRestored(ev events.ItemRestored) AuditEventFileRestored { - iid, path, uid := extractFileDetails(ev.FileID, ev.Owner) + iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) oldpath := "" if ev.OldReference != nil { @@ -302,7 +302,7 @@ func ItemRestored(ev events.ItemRestored) AuditEventFileRestored { // FileVersionRestored converts a FileVersionRestored event to an AuditEventFileVersionRestored func FileVersionRestored(ev events.FileVersionRestored) AuditEventFileVersionRestored { - iid, path, uid := extractFileDetails(ev.FileID, ev.Owner) + iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) base := BasicAuditEvent(uid, "", MessageFileVersionRestored(iid, ev.Key), ActionFileVersionRestored) return AuditEventFileVersionRestored{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), From 0db6fae3ad4a48cd1ad1e3a68a0119b52d24f152 Mon Sep 17 00:00:00 2001 From: jkoberg Date: Fri, 29 Apr 2022 15:56:43 +0200 Subject: [PATCH 74/99] update expected failures Signed-off-by: jkoberg --- tests/acceptance/expected-failures-API-on-OCIS-storage.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/acceptance/expected-failures-API-on-OCIS-storage.md b/tests/acceptance/expected-failures-API-on-OCIS-storage.md index 8fd9fa5697..87bdf5ad1b 100644 --- a/tests/acceptance/expected-failures-API-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-API-on-OCIS-storage.md @@ -1847,10 +1847,6 @@ Not everything needs to be implemented for ocis. While the oc10 testsuite covers #### [OCS status code zero](https://github.com/owncloud/ocis/issues/3621) - [apiShareManagementToShares/moveReceivedShare.feature:32](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementToShares/moveReceivedShare.feature#L32) -#### [share_with_user_type is not set in response](https://github.com/owncloud/ocis/issues/3622) -- [apiShareManagementBasicToShares/createShareToSharesFolder.feature:37](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/createShareToSharesFolder.feature#L37) -- [apiShareManagementBasicToShares/createShareToSharesFolder.feature:38](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/createShareToSharesFolder.feature#L38) - #### [HTTP status code differ while listing the contents of another user's trash bin](https://github.com/owncloud/ocis/issues/3561) - [apiTrashbin/trashbinFilesFolders.feature:199](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L199) - [apiTrashbin/trashbinFilesFolders.feature:223](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L223) From 622e0774da36a0dab82bed5702dc3d0cb947d92b Mon Sep 17 00:00:00 2001 From: jkoberg Date: Fri, 29 Apr 2022 16:01:54 +0200 Subject: [PATCH 75/99] decode href in xml response Signed-off-by: jkoberg --- tests/acceptance/features/bootstrap/SpacesContext.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/acceptance/features/bootstrap/SpacesContext.php b/tests/acceptance/features/bootstrap/SpacesContext.php index 61d8f20b0d..82304673c4 100644 --- a/tests/acceptance/features/bootstrap/SpacesContext.php +++ b/tests/acceptance/features/bootstrap/SpacesContext.php @@ -1145,7 +1145,7 @@ class SpacesContext implements Context { $results = []; if ($multistatusResults !== null) { foreach ($multistatusResults as $multistatusResult) { - $entryPath = $multistatusResult['value'][0]['value']; + $entryPath = \urldecode($multistatusResult['value'][0]['value']); $entryName = \str_replace($topWebDavPath, "", $entryPath); $entryName = \rawurldecode($entryName); $entryName = \trim($entryName, "/"); From a86cc5ab3a2e1db4913700ff2cd4f6450e58ea33 Mon Sep 17 00:00:00 2001 From: jkoberg Date: Fri, 29 Apr 2022 16:40:44 +0200 Subject: [PATCH 76/99] bump reva again Signed-off-by: jkoberg --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 4b11b0bf35..7392fe8e00 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/blevesearch/bleve/v2 v2.3.2 github.com/coreos/go-oidc/v3 v3.1.0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde - github.com/cs3org/reva/v2 v2.0.0-20220429121623-54cc99414f5a + github.com/cs3org/reva/v2 v2.0.0-20220429143817-1cbc34114b5a github.com/disintegration/imaging v1.6.2 github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733 github.com/go-chi/chi/v5 v5.0.7 diff --git a/go.sum b/go.sum index a268317a84..20bb1f1165 100644 --- a/go.sum +++ b/go.sum @@ -318,8 +318,8 @@ github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde h1:WrD9O8ZaWvsm0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= github.com/cs3org/reva v1.18.0 h1:MbPS5ZAa8RzKcTxAVeSDdISB3XXqLIxqB03BTN5ReBY= github.com/cs3org/reva v1.18.0/go.mod h1:e5VDUDu4vVWIeVkZcW//n6UZzhGGMa+Tz/whCiX3N6o= -github.com/cs3org/reva/v2 v2.0.0-20220429121623-54cc99414f5a h1:vDUZ74Tq2WvSjTb8Jch7rHJU61LPEDGoKapQ+DQ4Oy8= -github.com/cs3org/reva/v2 v2.0.0-20220429121623-54cc99414f5a/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= +github.com/cs3org/reva/v2 v2.0.0-20220429143817-1cbc34114b5a h1:Uq+iVa+re1qyeva3lEDEHwqkXv9ImeXBP30ke6IYf+U= +github.com/cs3org/reva/v2 v2.0.0-20220429143817-1cbc34114b5a/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= From 78a6af3af5c2fe954dac97afa2e2309d690cf225 Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Fri, 29 Apr 2022 21:31:04 +0200 Subject: [PATCH 77/99] handle resource ids better --- extensions/graph/pkg/service/v0/drives.go | 9 ++++++--- go.mod | 1 + 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/extensions/graph/pkg/service/v0/drives.go b/extensions/graph/pkg/service/v0/drives.go index 673f246fa5..e41b425329 100644 --- a/extensions/graph/pkg/service/v0/drives.go +++ b/extensions/graph/pkg/service/v0/drives.go @@ -273,7 +273,8 @@ func (g Graph) UpdateDrive(w http.ResponseWriter, r *http.Request) { identifierParts := strings.Split(driveID, "!") switch len(identifierParts) { case 1: - root.StorageId, root.OpaqueId = identifierParts[0], identifierParts[0] + sID, _ := resourceid.StorageIDUnwrap(identifierParts[0]) + root.StorageId, root.OpaqueId = identifierParts[0], sID case 2: root.StorageId, root.OpaqueId = identifierParts[0], identifierParts[1] default: @@ -492,7 +493,8 @@ func (g Graph) cs3StorageSpaceToDrive(ctx context.Context, baseURL *url.URL, spa } spaceID := space.Root.StorageId - if space.Root.OpaqueId != space.Root.StorageId { + sIDs := resourceid.OwnCloudResourceIDUnwrap(rootID) + if space.Root.OpaqueId != sIDs.OpaqueId { spaceID = rootID } drive := &libregraph.Drive{ @@ -735,9 +737,10 @@ func (g Graph) DeleteDrive(w http.ResponseWriter, r *http.Request) { root := &storageprovider.ResourceId{} identifierParts := strings.Split(driveID, "!") + sID, _ := resourceid.StorageIDUnwrap(identifierParts[0]) switch len(identifierParts) { case 1: - root.StorageId, root.OpaqueId = identifierParts[0], identifierParts[0] + root.StorageId, root.OpaqueId = identifierParts[0], sID case 2: root.StorageId, root.OpaqueId = identifierParts[0], identifierParts[1] default: diff --git a/go.mod b/go.mod index 7392fe8e00..0a040a2031 100644 --- a/go.mod +++ b/go.mod @@ -274,3 +274,4 @@ require ( // we need to use a fork to make the windows build pass replace github.com/pkg/xattr => github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7 +replace github.com/cs3org/reva/v2 => ../reva From ab71b21fc72aad670038c7bb9273b080e95a8cdf Mon Sep 17 00:00:00 2001 From: David Christofas Date: Fri, 29 Apr 2022 12:16:50 +0200 Subject: [PATCH 78/99] reduce drives in listing of graph /me/drives API --- changelog/unreleased/graph-me-drives.md | 6 +++++ extensions/graph/pkg/service/v0/drives.go | 28 ++++++++++++++++++---- extensions/graph/pkg/service/v0/service.go | 2 +- go.mod | 3 +-- go.sum | 6 +++-- 5 files changed, 35 insertions(+), 10 deletions(-) create mode 100644 changelog/unreleased/graph-me-drives.md diff --git a/changelog/unreleased/graph-me-drives.md b/changelog/unreleased/graph-me-drives.md new file mode 100644 index 0000000000..3104450cd9 --- /dev/null +++ b/changelog/unreleased/graph-me-drives.md @@ -0,0 +1,6 @@ +Change: Reduce drives in graph /me/drives API + +Reduced the drives in the graph `/me/drives` API to only the drives the user has access to. +The endpoint `/drives` will list all drives when the user has the permission. + +https://github.com/owncloud/ocis/pull/3629 diff --git a/extensions/graph/pkg/service/v0/drives.go b/extensions/graph/pkg/service/v0/drives.go index e41b425329..17f04e2df7 100644 --- a/extensions/graph/pkg/service/v0/drives.go +++ b/extensions/graph/pkg/service/v0/drives.go @@ -31,8 +31,19 @@ import ( merrors "go-micro.dev/v4/errors" ) -// GetDrives implements the Service interface. +// GetDrives lists all drives the current user has access to func (g Graph) GetDrives(w http.ResponseWriter, r *http.Request) { + g.getDrives(w, r, false) +} + +// GetAllDrives lists all drives, including other user's drives, if the current +// user has the permission. +func (g Graph) GetAllDrives(w http.ResponseWriter, r *http.Request) { + g.getDrives(w, r, true) +} + +// getDrives implements the Service interface. +func (g Graph) getDrives(w http.ResponseWriter, r *http.Request, unrestricted bool) { sanitizedPath := strings.TrimPrefix(r.URL.Path, "/graph/v1.0/") // Parse the request with odata parser odataReq, err := godata.ParseRequest(r.Context(), sanitizedPath, r.URL.Query()) @@ -41,7 +52,10 @@ func (g Graph) GetDrives(w http.ResponseWriter, r *http.Request) { errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, err.Error()) return } - g.logger.Info().Interface("query", r.URL.Query()).Msg("Calling GetDrives") + g.logger.Debug(). + Interface("query", r.URL.Query()). + Bool("unrestricted", unrestricted). + Msg("Calling getDrives") ctx := r.Context() filters, err := generateCs3Filters(odataReq) @@ -50,7 +64,7 @@ func (g Graph) GetDrives(w http.ResponseWriter, r *http.Request) { errorcode.NotSupported.Render(w, r, http.StatusNotImplemented, err.Error()) return } - res, err := g.ListStorageSpacesWithFilters(ctx, filters) + res, err := g.ListStorageSpacesWithFilters(ctx, filters, unrestricted) switch { case err != nil: g.logger.Error().Err(err).Msg(ListStorageSpacesTransportErr) @@ -106,7 +120,7 @@ func (g Graph) GetSingleDrive(w http.ResponseWriter, r *http.Request) { ctx := r.Context() filters := []*storageprovider.ListStorageSpacesRequest_Filter{listStorageSpacesIDFilter(driveID)} - res, err := g.ListStorageSpacesWithFilters(ctx, filters) + res, err := g.ListStorageSpacesWithFilters(ctx, filters, true) switch { case err != nil: g.logger.Error().Err(err).Msg(ListStorageSpacesTransportErr) @@ -399,7 +413,7 @@ func (g Graph) formatDrives(ctx context.Context, baseURL *url.URL, storageSpaces } // ListStorageSpacesWithFilters List Storage Spaces using filters -func (g Graph) ListStorageSpacesWithFilters(ctx context.Context, filters []*storageprovider.ListStorageSpacesRequest_Filter) (*storageprovider.ListStorageSpacesResponse, error) { +func (g Graph) ListStorageSpacesWithFilters(ctx context.Context, filters []*storageprovider.ListStorageSpacesRequest_Filter, unrestricted bool) (*storageprovider.ListStorageSpacesResponse, error) { client := g.GetGatewayClient() permissions := make(map[string]struct{}, 1) @@ -424,6 +438,10 @@ func (g Graph) ListStorageSpacesWithFilters(ctx context.Context, filters []*stor Decoder: "json", Value: value, }, + "unrestricted": { + Decoder: "plain", + Value: []byte(strconv.FormatBool(unrestricted)), + }, }}, Filters: filters, }) diff --git a/extensions/graph/pkg/service/v0/service.go b/extensions/graph/pkg/service/v0/service.go index 599a558f3b..c198834716 100644 --- a/extensions/graph/pkg/service/v0/service.go +++ b/extensions/graph/pkg/service/v0/service.go @@ -173,7 +173,7 @@ func NewService(opts ...Option) Service { account.JWTSecret(options.Config.TokenManager.JWTSecret)), ) r.Route("/drives", func(r chi.Router) { - r.Get("/", svc.GetDrives) + r.Get("/", svc.GetAllDrives) r.Post("/", svc.CreateDrive) r.Route("/{driveID}", func(r chi.Router) { r.Patch("/", svc.UpdateDrive) diff --git a/go.mod b/go.mod index 0a040a2031..9f6f052443 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/blevesearch/bleve/v2 v2.3.2 github.com/coreos/go-oidc/v3 v3.1.0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde - github.com/cs3org/reva/v2 v2.0.0-20220429143817-1cbc34114b5a + github.com/cs3org/reva/v2 v2.0.0-20220429105953-71d0c17a5e8f github.com/disintegration/imaging v1.6.2 github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733 github.com/go-chi/chi/v5 v5.0.7 @@ -274,4 +274,3 @@ require ( // we need to use a fork to make the windows build pass replace github.com/pkg/xattr => github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7 -replace github.com/cs3org/reva/v2 => ../reva diff --git a/go.sum b/go.sum index 20bb1f1165..ddc2ff673b 100644 --- a/go.sum +++ b/go.sum @@ -236,6 +236,8 @@ github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBW github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs= github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/c-bata/go-prompt v0.2.5/go.mod h1:vFnjEGDIIA/Lib7giyE4E9c50Lvl8j0S+7FVlAwDAVw= +github.com/c0rby/reva/v2 v2.0.0-20220429095703-bbac276f2cb4 h1:NAAz/6zTxFa0RBui856DKPIi4cF5jU7FHcbX+n25DM0= +github.com/c0rby/reva/v2 v2.0.0-20220429095703-bbac276f2cb4/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4= github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= @@ -318,8 +320,8 @@ github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde h1:WrD9O8ZaWvsm0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= github.com/cs3org/reva v1.18.0 h1:MbPS5ZAa8RzKcTxAVeSDdISB3XXqLIxqB03BTN5ReBY= github.com/cs3org/reva v1.18.0/go.mod h1:e5VDUDu4vVWIeVkZcW//n6UZzhGGMa+Tz/whCiX3N6o= -github.com/cs3org/reva/v2 v2.0.0-20220429143817-1cbc34114b5a h1:Uq+iVa+re1qyeva3lEDEHwqkXv9ImeXBP30ke6IYf+U= -github.com/cs3org/reva/v2 v2.0.0-20220429143817-1cbc34114b5a/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= +github.com/cs3org/reva/v2 v2.0.0-20220429105953-71d0c17a5e8f h1:UH9T67KTeWfKCmUQcR8jNSPDSoXaEjS6zkFykILO13w= +github.com/cs3org/reva/v2 v2.0.0-20220429105953-71d0c17a5e8f/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= From 5b0988f307fc2fa36de79f835b8ca1a7cc92404c Mon Sep 17 00:00:00 2001 From: David Christofas Date: Fri, 29 Apr 2022 15:35:00 +0200 Subject: [PATCH 79/99] fix local api test URL decode href before comparing with a given string --- tests/acceptance/features/bootstrap/SpacesContext.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/acceptance/features/bootstrap/SpacesContext.php b/tests/acceptance/features/bootstrap/SpacesContext.php index 82304673c4..a31f5666b4 100644 --- a/tests/acceptance/features/bootstrap/SpacesContext.php +++ b/tests/acceptance/features/bootstrap/SpacesContext.php @@ -349,7 +349,7 @@ class SpacesContext implements Context { /** * The method first disables and then deletes spaces * @param string $driveType - * + * * @return void * * @throws Exception From c3511c71ac42dca31cdfab68fd271e4f5c9e2ec2 Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Fri, 29 Apr 2022 22:22:41 +0200 Subject: [PATCH 80/99] adapt spaces context --- .../features/bootstrap/SpacesContext.php | 65 ++++++++++++++++++- 1 file changed, 64 insertions(+), 1 deletion(-) diff --git a/tests/acceptance/features/bootstrap/SpacesContext.php b/tests/acceptance/features/bootstrap/SpacesContext.php index a31f5666b4..5f9c23357d 100644 --- a/tests/acceptance/features/bootstrap/SpacesContext.php +++ b/tests/acceptance/features/bootstrap/SpacesContext.php @@ -220,6 +220,24 @@ class SpacesContext implements Context { return $spaces[$spaceName]; } + /** + * The method finds available spaces to the manager user and returns the space by spaceName + * + * @param string $user + * @param string $spaceName + * + * @return array + */ + public function getSpaceByNameManager(string $user, string $spaceName): array { + $this->theUserListsAllAvailableSpacesUsingTheGraphApi($user); + + $spaces = $this->getAvailableSpaces(); + Assert::assertIsArray($spaces[$spaceName], "Space with name $spaceName for user $user not found"); + Assert::assertNotEmpty($spaces[$spaceName]["root"]["webDavUrl"], "WebDavUrl for space with name $spaceName for user $user not found"); + + return $spaces[$spaceName]; + } + /** * The method finds file by fileName and spaceName and returns data of file wich contains in responseHeader * fileName contains the path, if the file is in the folder @@ -410,6 +428,33 @@ class SpacesContext implements Context { return HttpRequestHelper::get($fullUrl, $xRequestId, $user, $password, $headers, $body); } + /** + * Send Graph List All Spaces Request + * + * @param string $user + * @param string $password + * @param string $urlArguments + * @param string $xRequestId + * @param array $body + * @param array $headers + * + * @return ResponseInterface + * + * @throws GuzzleException + */ + public function listAllSpacesRequest( + string $user, + string $password, + string $urlArguments = '', + string $xRequestId = '', + array $body = [], + array $headers = [] + ): ResponseInterface { + $fullUrl = $this->baseUrl . "/graph/v1.0/drives/" . $urlArguments; + + return HttpRequestHelper::get($fullUrl, $xRequestId, $user, $password, $headers, $body); + } + /** * Send Graph List Single Space Request * @@ -530,6 +575,24 @@ class SpacesContext implements Context { $this->rememberTheAvailableSpaces(); } + /** + * + * @param string $user + * + * @return void + * + * @throws GuzzleException + */ + public function theUserListsAllAvailableSpacesUsingTheGraphApi(string $user): void { + $this->featureContext->setResponse( + $this->listAllSpacesRequest( + $user, + $this->featureContext->getPasswordForUser($user) + ) + ); + $this->rememberTheAvailableSpaces(); + } + /** * @When /^user "([^"]*)" lists all available spaces via the GraphApi with query "([^"]*)"$/ * @@ -1951,7 +2014,7 @@ class SpacesContext implements Context { string $userWithManagerRights = '' ): void { if (!empty($userWithManagerRights)) { - $space = $this->getSpaceByName($userWithManagerRights, $spaceName); + $space = $this->getSpaceByNameManager($userWithManagerRights, $spaceName); } else { $space = $this->getSpaceByName($user, $spaceName); } From 7245c354ca7b299e92155b40a282aefd2902a9da Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Sat, 30 Apr 2022 13:23:21 +0200 Subject: [PATCH 81/99] omit opaque id correctly --- extensions/graph/pkg/service/v0/drives.go | 25 +++++++++++++------ extensions/graph/pkg/service/v0/graph_test.go | 8 +++--- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/extensions/graph/pkg/service/v0/drives.go b/extensions/graph/pkg/service/v0/drives.go index 17f04e2df7..821e664898 100644 --- a/extensions/graph/pkg/service/v0/drives.go +++ b/extensions/graph/pkg/service/v0/drives.go @@ -448,11 +448,25 @@ func (g Graph) ListStorageSpacesWithFilters(ctx context.Context, filters []*stor return res, err } +func generateSpaceId(id *storageprovider.ResourceId) (spaceID string) { + spaceID = id.GetStorageId() + // 2nd ID to compare is the opaque ID of the Space Root + spaceID2 := id.GetOpaqueId() + if strings.Contains(spaceID, "$") { + spaceID2, _ = resourceid.StorageIDUnwrap(spaceID) + } + // Append opaqueID only if it is different from the spaceID2 + if id.OpaqueId != spaceID2 { + spaceID += "!" + id.OpaqueId + } + return spaceID +} + func (g Graph) cs3StorageSpaceToDrive(ctx context.Context, baseURL *url.URL, space *storageprovider.StorageSpace) (*libregraph.Drive, error) { if space.Root == nil { return nil, fmt.Errorf("space has no root") } - rootID := resourceid.OwnCloudResourceIDWrap(space.Root) + spaceID := generateSpaceId(space.Root) var permissions []libregraph.Permission if space.Opaque != nil { @@ -510,19 +524,14 @@ func (g Graph) cs3StorageSpaceToDrive(ctx context.Context, baseURL *url.URL, spa } } - spaceID := space.Root.StorageId - sIDs := resourceid.OwnCloudResourceIDUnwrap(rootID) - if space.Root.OpaqueId != sIDs.OpaqueId { - spaceID = rootID - } drive := &libregraph.Drive{ - Id: &spaceID, + Id: libregraph.PtrString(spaceID), Name: &space.Name, //"createdDateTime": "string (timestamp)", // TODO read from StorageSpace ... needs Opaque for now //"description": "string", // TODO read from StorageSpace ... needs Opaque for now DriveType: &space.SpaceType, Root: &libregraph.DriveItem{ - Id: &rootID, + Id: libregraph.PtrString(resourceid.OwnCloudResourceIDWrap(space.Root)), Permissions: permissions, }, } diff --git a/extensions/graph/pkg/service/v0/graph_test.go b/extensions/graph/pkg/service/v0/graph_test.go index 0d52357cf8..8ad28656ee 100644 --- a/extensions/graph/pkg/service/v0/graph_test.go +++ b/extensions/graph/pkg/service/v0/graph_test.go @@ -201,7 +201,7 @@ var _ = Describe("Graph", func() { Id: &provider.StorageSpaceId{OpaqueId: "aID!differentID"}, SpaceType: "mountpoint", Root: &provider.ResourceId{ - StorageId: "aID", + StorageId: "prID$aID", OpaqueId: "differentID", }, Name: "New Folder", @@ -246,11 +246,11 @@ var _ = Describe("Graph", func() { value := response["value"][0] Expect(*value.DriveAlias).To(Equal("mountpoint/new-folder")) Expect(*value.DriveType).To(Equal("mountpoint")) - Expect(*value.Id).To(Equal("aID!differentID")) + Expect(*value.Id).To(Equal("prID$aID!differentID")) Expect(*value.Name).To(Equal("New Folder")) - Expect(*value.Root.WebDavUrl).To(Equal("https://localhost:9200/dav/spaces/aID!differentID")) + Expect(*value.Root.WebDavUrl).To(Equal("https://localhost:9200/dav/spaces/prID$aID!differentID")) Expect(*value.Root.ETag).To(Equal("101112131415")) - Expect(*value.Root.Id).To(Equal("aID!differentID")) + Expect(*value.Root.Id).To(Equal("prID$aID!differentID")) Expect(*value.Root.RemoteItem.ETag).To(Equal("123456789")) Expect(*value.Root.RemoteItem.Id).To(Equal("ownerStorageID!opaqueID")) Expect(value.Root.RemoteItem.LastModifiedDateTime.UTC()).To(Equal(time.Unix(1648327606, 0).UTC())) From b629aa6b6df835b8473baed070b079185c6da93f Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Sat, 30 Apr 2022 20:45:00 +0200 Subject: [PATCH 82/99] use reva replace --- go.mod | 2 ++ go.sum | 6 ++---- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 9f6f052443..96753255df 100644 --- a/go.mod +++ b/go.mod @@ -274,3 +274,5 @@ require ( // we need to use a fork to make the windows build pass replace github.com/pkg/xattr => github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7 + +replace github.com/cs3org/reva/v2 => github.com/micbar/reva/v2 v2.0.0-20220430184241-9ffcd414f24d diff --git a/go.sum b/go.sum index ddc2ff673b..5f741103a8 100644 --- a/go.sum +++ b/go.sum @@ -236,8 +236,6 @@ github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBW github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs= github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/c-bata/go-prompt v0.2.5/go.mod h1:vFnjEGDIIA/Lib7giyE4E9c50Lvl8j0S+7FVlAwDAVw= -github.com/c0rby/reva/v2 v2.0.0-20220429095703-bbac276f2cb4 h1:NAAz/6zTxFa0RBui856DKPIi4cF5jU7FHcbX+n25DM0= -github.com/c0rby/reva/v2 v2.0.0-20220429095703-bbac276f2cb4/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4= github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= @@ -320,8 +318,6 @@ github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde h1:WrD9O8ZaWvsm0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= github.com/cs3org/reva v1.18.0 h1:MbPS5ZAa8RzKcTxAVeSDdISB3XXqLIxqB03BTN5ReBY= github.com/cs3org/reva v1.18.0/go.mod h1:e5VDUDu4vVWIeVkZcW//n6UZzhGGMa+Tz/whCiX3N6o= -github.com/cs3org/reva/v2 v2.0.0-20220429105953-71d0c17a5e8f h1:UH9T67KTeWfKCmUQcR8jNSPDSoXaEjS6zkFykILO13w= -github.com/cs3org/reva/v2 v2.0.0-20220429105953-71d0c17a5e8f/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= @@ -1018,6 +1014,8 @@ github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103 h1:Z/i1e+gTZrmcGeZy github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103/go.mod h1:o9YPB5aGP8ob35Vy6+vyq3P3bWe7NQWzf+JLiXCiMaE= github.com/mennanov/fieldmask-utils v0.5.0 h1:8em4akN0NM3hmmrg8VbvOPfdS4SSBdbFd53m9VtfOg0= github.com/mennanov/fieldmask-utils v0.5.0/go.mod h1:lah2lHczE2ff+7SqnNKpB+YzaO7M3h5iNO4LgPTJheM= +github.com/micbar/reva/v2 v2.0.0-20220430184241-9ffcd414f24d h1:U707T1GTA0DDhBuqSHXYnI4Lzk823pzkWEycknYSLpo= +github.com/micbar/reva/v2 v2.0.0-20220430184241-9ffcd414f24d/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7 h1:M0R40eUlyqxMuZn3Knx4DJTwHE3TiPFzcWUA/BKtDMM= github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7/go.mod h1:sBD3RAqlr8Q+RC3FutZcikpT8nyDrIEEBw2J744gVWs= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= From 1e1016abea18fa9a004d074204939eba7e7a3edb Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Sat, 30 Apr 2022 23:08:29 +0200 Subject: [PATCH 83/99] adapt expected failures --- .../acceptance/expected-failures-graphAPI-on-OCIS-storage.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/acceptance/expected-failures-graphAPI-on-OCIS-storage.md b/tests/acceptance/expected-failures-graphAPI-on-OCIS-storage.md index 85c610d51c..f513a93f0a 100644 --- a/tests/acceptance/expected-failures-graphAPI-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-graphAPI-on-OCIS-storage.md @@ -1639,10 +1639,6 @@ Not everything needs to be implemented for ocis. While the oc10 testsuite covers #### [OCS status code zero](https://github.com/owncloud/ocis/issues/3621) - [apiShareManagementToShares/moveReceivedShare.feature:32](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementToShares/moveReceivedShare.feature#L32) -#### [share_with_user_type is not set in response](https://github.com/owncloud/ocis/issues/3622) -- [apiShareManagementBasicToShares/createShareToSharesFolder.feature:37](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/createShareToSharesFolder.feature#L37) -- [apiShareManagementBasicToShares/createShareToSharesFolder.feature:38](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/createShareToSharesFolder.feature#L38) - #### [HTTP status code differ while listing the contents of another user's trash bin](https://github.com/owncloud/ocis/issues/3561) - [apiTrashbin/trashbinFilesFolders.feature:199](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L199) - [apiTrashbin/trashbinFilesFolders.feature:223](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiTrashbin/trashbinFilesFolders.feature#L223) From d74e3d168b5d12d622a054d6ba58314a2d4b0b56 Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Sun, 1 May 2022 10:26:47 +0200 Subject: [PATCH 84/99] use reva version with no concurrent share listing --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 96753255df..74d5a16284 100644 --- a/go.mod +++ b/go.mod @@ -275,4 +275,4 @@ require ( // we need to use a fork to make the windows build pass replace github.com/pkg/xattr => github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7 -replace github.com/cs3org/reva/v2 => github.com/micbar/reva/v2 v2.0.0-20220430184241-9ffcd414f24d +replace github.com/cs3org/reva/v2 => github.com/micbar/reva/v2 v2.0.0-20220430214110-c6ef0c907aea diff --git a/go.sum b/go.sum index 5f741103a8..f34b6c4fc0 100644 --- a/go.sum +++ b/go.sum @@ -1014,8 +1014,8 @@ github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103 h1:Z/i1e+gTZrmcGeZy github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103/go.mod h1:o9YPB5aGP8ob35Vy6+vyq3P3bWe7NQWzf+JLiXCiMaE= github.com/mennanov/fieldmask-utils v0.5.0 h1:8em4akN0NM3hmmrg8VbvOPfdS4SSBdbFd53m9VtfOg0= github.com/mennanov/fieldmask-utils v0.5.0/go.mod h1:lah2lHczE2ff+7SqnNKpB+YzaO7M3h5iNO4LgPTJheM= -github.com/micbar/reva/v2 v2.0.0-20220430184241-9ffcd414f24d h1:U707T1GTA0DDhBuqSHXYnI4Lzk823pzkWEycknYSLpo= -github.com/micbar/reva/v2 v2.0.0-20220430184241-9ffcd414f24d/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= +github.com/micbar/reva/v2 v2.0.0-20220430214110-c6ef0c907aea h1:4B/g4AQybc33pRM44R1gdF4Rg8HTsLI1cok7W9+XPTw= +github.com/micbar/reva/v2 v2.0.0-20220430214110-c6ef0c907aea/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7 h1:M0R40eUlyqxMuZn3Knx4DJTwHE3TiPFzcWUA/BKtDMM= github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7/go.mod h1:sBD3RAqlr8Q+RC3FutZcikpT8nyDrIEEBw2J744gVWs= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= From 469fc3d4c5eb738dcbbaff1b519dd4815e62565f Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Mon, 2 May 2022 09:59:29 +0200 Subject: [PATCH 85/99] update reva to latest edge --- go.mod | 4 +--- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 74d5a16284..90185fb87a 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/blevesearch/bleve/v2 v2.3.2 github.com/coreos/go-oidc/v3 v3.1.0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde - github.com/cs3org/reva/v2 v2.0.0-20220429105953-71d0c17a5e8f + github.com/cs3org/reva/v2 v2.0.0-20220502075009-8bcec2e4663e github.com/disintegration/imaging v1.6.2 github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733 github.com/go-chi/chi/v5 v5.0.7 @@ -274,5 +274,3 @@ require ( // we need to use a fork to make the windows build pass replace github.com/pkg/xattr => github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7 - -replace github.com/cs3org/reva/v2 => github.com/micbar/reva/v2 v2.0.0-20220430214110-c6ef0c907aea diff --git a/go.sum b/go.sum index f34b6c4fc0..2ee58f6e4f 100644 --- a/go.sum +++ b/go.sum @@ -318,6 +318,8 @@ github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde h1:WrD9O8ZaWvsm0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= github.com/cs3org/reva v1.18.0 h1:MbPS5ZAa8RzKcTxAVeSDdISB3XXqLIxqB03BTN5ReBY= github.com/cs3org/reva v1.18.0/go.mod h1:e5VDUDu4vVWIeVkZcW//n6UZzhGGMa+Tz/whCiX3N6o= +github.com/cs3org/reva/v2 v2.0.0-20220502075009-8bcec2e4663e h1:ym80MMvfFLHMxt6aiU67kTe/pzRBaSOUNdPkmeKYejk= +github.com/cs3org/reva/v2 v2.0.0-20220502075009-8bcec2e4663e/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= @@ -1014,8 +1016,6 @@ github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103 h1:Z/i1e+gTZrmcGeZy github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103/go.mod h1:o9YPB5aGP8ob35Vy6+vyq3P3bWe7NQWzf+JLiXCiMaE= github.com/mennanov/fieldmask-utils v0.5.0 h1:8em4akN0NM3hmmrg8VbvOPfdS4SSBdbFd53m9VtfOg0= github.com/mennanov/fieldmask-utils v0.5.0/go.mod h1:lah2lHczE2ff+7SqnNKpB+YzaO7M3h5iNO4LgPTJheM= -github.com/micbar/reva/v2 v2.0.0-20220430214110-c6ef0c907aea h1:4B/g4AQybc33pRM44R1gdF4Rg8HTsLI1cok7W9+XPTw= -github.com/micbar/reva/v2 v2.0.0-20220430214110-c6ef0c907aea/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7 h1:M0R40eUlyqxMuZn3Knx4DJTwHE3TiPFzcWUA/BKtDMM= github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7/go.mod h1:sBD3RAqlr8Q+RC3FutZcikpT8nyDrIEEBw2J744gVWs= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= From bf936c8da18559108a2d7b7deca2bc3f9fc0f4e5 Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Mon, 2 May 2022 09:53:42 +0000 Subject: [PATCH 86/99] Automated changelog update [skip ci] --- CHANGELOG.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 85ed33b38b..5a357635e0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ The following sections list the changes for unreleased. * Bugfix - URL encode the webdav url in the graph API: [#3597](https://github.com/owncloud/ocis/pull/3597) * Change - Load configuration files just from one directory: [#3587](https://github.com/owncloud/ocis/pull/3587) * Change - Introduce `ocis init` and remove all default secrets: [#3551](https://github.com/owncloud/ocis/pull/3551) +* Change - Reduce drives in graph /me/drives API: [#3629](https://github.com/owncloud/ocis/pull/3629) * Change - Switched default configuration to use libregraph/idm: [#3331](https://github.com/owncloud/ocis/pull/3331) * Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787) * Enhancement - Update linkshare capabilities: [#3579](https://github.com/owncloud/ocis/pull/3579) @@ -64,6 +65,13 @@ The following sections list the changes for unreleased. https://github.com/owncloud/ocis/pull/3551 +* Change - Reduce drives in graph /me/drives API: [#3629](https://github.com/owncloud/ocis/pull/3629) + + Reduced the drives in the graph `/me/drives` API to only the drives the user has access to. The + endpoint `/drives` will list all drives when the user has the permission. + + https://github.com/owncloud/ocis/pull/3629 + * Change - Switched default configuration to use libregraph/idm: [#3331](https://github.com/owncloud/ocis/pull/3331) We switched the default configuration of oCIS to use the "idm" service (based on @@ -101,6 +109,7 @@ The following sections list the changes for unreleased. https://github.com/owncloud/ocis/pull/3601 https://github.com/owncloud/ocis/pull/3605 https://github.com/owncloud/ocis/pull/3611 + https://github.com/owncloud/ocis/pull/3621 # Changelog for [1.20.0] (2022-04-13) The following sections list the changes for 1.20.0. From 1c5bfacac157f3dbf506c37307b8a1ea6c54ae5b Mon Sep 17 00:00:00 2001 From: Benedikt Kulmann Date: Thu, 28 Apr 2022 22:38:52 +0200 Subject: [PATCH 87/99] Add new capability for announcing share jail --- changelog/unreleased/spaces-capabilities.md | 5 +++++ changelog/unreleased/update-reva.md | 3 ++- extensions/frontend/pkg/command/command.go | 6 ++++-- extensions/frontend/pkg/config/config.go | 3 ++- extensions/frontend/pkg/config/defaults/defaultconfig.go | 1 + 5 files changed, 14 insertions(+), 4 deletions(-) create mode 100644 changelog/unreleased/spaces-capabilities.md diff --git a/changelog/unreleased/spaces-capabilities.md b/changelog/unreleased/spaces-capabilities.md new file mode 100644 index 0000000000..f2a90c4076 --- /dev/null +++ b/changelog/unreleased/spaces-capabilities.md @@ -0,0 +1,5 @@ +Enhancement: Added `share_jail` and `projects` feature flags in spaces capability + +We've added feature flags to the `spaces` capability to indicate to clients which features are supposed to be shown to users. + +https://github.com/owncloud/ocis/pull/3626 diff --git a/changelog/unreleased/update-reva.md b/changelog/unreleased/update-reva.md index 8b4b79c912..06ddac93e1 100644 --- a/changelog/unreleased/update-reva.md +++ b/changelog/unreleased/update-reva.md @@ -9,4 +9,5 @@ https://github.com/owncloud/ocis/pull/3570 https://github.com/owncloud/ocis/pull/3601 https://github.com/owncloud/ocis/pull/3605 https://github.com/owncloud/ocis/pull/3611 -https://github.com/owncloud/ocis/pull/3621 +https://github.com/owncloud/ocis/issues/3621 +https://github.com/owncloud/ocis/pull/3637 diff --git a/extensions/frontend/pkg/command/command.go b/extensions/frontend/pkg/command/command.go index 96fb5e023c..b613e8fc76 100644 --- a/extensions/frontend/pkg/command/command.go +++ b/extensions/frontend/pkg/command/command.go @@ -286,8 +286,10 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s }, }, "spaces": map[string]interface{}{ - "version": "0.0.1", - "enabled": cfg.EnableProjectSpaces, + "version": "0.0.1", + "enabled": cfg.EnableProjectSpaces || cfg.EnableShareJail, + "projects": cfg.EnableProjectSpaces, + "share_jail": cfg.EnableShareJail, }, }, "version": map[string]interface{}{ diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index 7006febe77..a82e1fd42d 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -23,7 +23,8 @@ type Config struct { SkipUserGroupsInToken bool `yaml:"skip_users_groups_in_token"` EnableFavorites bool `yaml:"favorites"` - EnableProjectSpaces bool `yaml:"enable_project_spaces"` + EnableProjectSpaces bool `yaml:"enable_project_spaces" env:"FRONTEND_ENABLE_PROJECT_SPACES" desc:"Indicates to clients that project spaces are supposed to be made available."` + EnableShareJail bool `yaml:"enable_share_jail" env:"FRONTEND_ENABLE_SHARE_JAIL" desc:"Indicates to clients that the share jail is supposed to be used."` UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` DefaultUploadProtocol string `yaml:"default_upload_protocol"` diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 11f7958f1f..a1067f1eb5 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -33,6 +33,7 @@ func DefaultConfig() *config.Config { PublicURL: "https://localhost:9200", EnableFavorites: false, EnableProjectSpaces: true, + EnableShareJail: true, UploadMaxChunkSize: 1e+8, UploadHTTPMethodOverride: "", DefaultUploadProtocol: "tus", From fd292563d88ac1786b25b9d50f01e6f633c0bf13 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Mon, 2 May 2022 10:30:51 +0000 Subject: [PATCH 88/99] do not overwrite metadata IDP with oCIS IDP MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- extensions/settings/pkg/config/config.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index 24de34c3a1..8182911bf5 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -40,6 +40,6 @@ type Metadata struct { StorageAddress string `yaml:"storage_addr" env:"STORAGE_GRPC_ADDR"` ServiceUserID string `yaml:"service_user_id" env:"METADATA_SERVICE_USER_UUID"` - ServiceUserIDP string `yaml:"service_user_idp" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"` + ServiceUserIDP string `yaml:"service_user_idp" env:"METADATA_SERVICE_USER_IDP"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` } From 0642a5e0cabe361949dcc7c66241651ac6ab287a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Mon, 2 May 2022 12:44:21 +0200 Subject: [PATCH 89/99] Align service naming (#3606) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * use configured names as service names in ocis runtime Signed-off-by: Jörn Friedrich Dreyer * add changelog Signed-off-by: Jörn Friedrich Dreyer * correct service names for group and storage-shares Signed-off-by: Jörn Friedrich Dreyer * use correct service names in .drone.star Signed-off-by: Jörn Friedrich Dreyer * align ocis-pkg/config/config.go Signed-off-by: Jörn Friedrich Dreyer --- .drone.star | 4 +- changelog/unreleased/align-service-naming.md | 6 ++ .../pkg/config/defaults/defaultconfig.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 2 +- ocis-pkg/config/config.go | 18 +++--- ocis/pkg/runtime/service/service.go | 58 +++++++++---------- 6 files changed, 48 insertions(+), 42 deletions(-) create mode 100644 changelog/unreleased/align-service-naming.md diff --git a/.drone.star b/.drone.star index 98b27ef535..54021c12d7 100644 --- a/.drone.star +++ b/.drone.star @@ -1654,7 +1654,7 @@ def ocisServerWithAccounts(storage, accounts_hash_difficulty = 4, volumes = [], "IDP_LDAP_LOGIN_ATTRIBUTE": "uid", "PROXY_ACCOUNT_BACKEND_TYPE": "accounts", "OCS_ACCOUNT_BACKEND_TYPE": "accounts", - "OCIS_RUN_EXTENSIONS": "settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,idp,nats,accounts,glauth,ocdav", + "OCIS_RUN_EXTENSIONS": "settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,frontend,gateway,user,group,auth-basic,auth-bearer,auth-machine,storage-users,storage-shares,storage-publiclink,appprovider,sharing,proxy,idp,nats,accounts,glauth,ocdav", "OCIS_INSECURE": "true", "PROXY_ENABLE_BASIC_AUTH": "true", "IDP_INSECURE": "true", @@ -1784,7 +1784,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "SHARING_USER_SQL_NAME": "owncloud", # General oCIS config # OCIS_RUN_EXTENSIONS specifies to start all extensions except glauth, idp and accounts. These are replaced by external services - "OCIS_RUN_EXTENSIONS": "settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,nats,ocdav", + "OCIS_RUN_EXTENSIONS": "settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,frontend,gateway,user,group,auth-basic,auth-bearer,auth-machine,storage-users,storage-shares,storage-publiclink,appprovider,sharing,proxy,nats,ocdav", "OCIS_LOG_LEVEL": "info", "OCIS_URL": OCIS_URL, "OCIS_BASE_DATA_PATH": "/mnt/data/ocis", diff --git a/changelog/unreleased/align-service-naming.md b/changelog/unreleased/align-service-naming.md new file mode 100644 index 0000000000..dfcff86e86 --- /dev/null +++ b/changelog/unreleased/align-service-naming.md @@ -0,0 +1,6 @@ +Enhancement: align service naming + +We now reflect the configured service names when listing them in the ocis runtime + +https://github.com/owncloud/ocis/pull/3606 +https://github.com/owncloud/ocis/issues/3603 \ No newline at end of file diff --git a/extensions/group/pkg/config/defaults/defaultconfig.go b/extensions/group/pkg/config/defaults/defaultconfig.go index 373e118a4b..47c10b9f79 100644 --- a/extensions/group/pkg/config/defaults/defaultconfig.go +++ b/extensions/group/pkg/config/defaults/defaultconfig.go @@ -27,7 +27,7 @@ func DefaultConfig() *config.Config { Protocol: "tcp", }, Service: config.Service{ - Name: "user", + Name: "group", }, GroupMembersCacheExpiration: 5, Reva: &config.Reva{ diff --git a/extensions/storage-shares/pkg/config/defaults/defaultconfig.go b/extensions/storage-shares/pkg/config/defaults/defaultconfig.go index 75a6127e90..40aba54cfd 100644 --- a/extensions/storage-shares/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-shares/pkg/config/defaults/defaultconfig.go @@ -28,7 +28,7 @@ func DefaultConfig() *config.Config { Protocol: "tcp", }, Service: config.Service{ - Name: "storage-metadata", + Name: "storage-shares", }, Reva: &config.Reva{ Address: "127.0.0.1:9142", diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 33b9645d2e..bb61c80cfd 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -73,7 +73,7 @@ type Config struct { Accounts *accounts.Config `yaml:"accounts"` GLAuth *glauth.Config `yaml:"glauth"` Graph *graph.Config `yaml:"graph"` - GraphExplorer *graphExplorer.Config `yaml:"graph_explorer"` + GraphExplorer *graphExplorer.Config `yaml:"graph-explorer"` IDP *idp.Config `yaml:"idp"` IDM *idm.Config `yaml:"idm"` Nats *nats.Config `yaml:"nats"` @@ -84,17 +84,17 @@ type Config struct { Settings *settings.Config `yaml:"settings"` Gateway *gateway.Config `yaml:"gateway"` Frontend *frontend.Config `yaml:"frontend"` - AuthBasic *authbasic.Config `yaml:"auth_basic"` - AuthBearer *authbearer.Config `yaml:"auth_bearer"` - AuthMachine *authmachine.Config `yaml:"auth_machine"` + AuthBasic *authbasic.Config `yaml:"auth-basic"` + AuthBearer *authbearer.Config `yaml:"auth-bearer"` + AuthMachine *authmachine.Config `yaml:"auth-machine"` User *user.Config `yaml:"user"` Group *group.Config `yaml:"group"` - AppProvider *appprovider.Config `yaml:"app_provider"` + AppProvider *appprovider.Config `yaml:"appprovider"` Sharing *sharing.Config `yaml:"sharing"` - StorageMetadata *storagemetadata.Config `yaml:"storage_metadata"` - StoragePublicLink *storagepublic.Config `yaml:"storage_public"` - StorageUsers *storageusers.Config `yaml:"storage_users"` - StorageShares *storageshares.Config `yaml:"storage_shares"` + StorageMetadata *storagemetadata.Config `yaml:"storage-metadata"` + StoragePublicLink *storagepublic.Config `yaml:"storage-public"` + StorageUsers *storageusers.Config `yaml:"storage-users"` + StorageShares *storageshares.Config `yaml:"storage-shares"` OCDav *ocdav.Config `yaml:"ocdav"` Store *store.Config `yaml:"store"` Thumbnails *thumbnails.Config `yaml:"thumbnails"` diff --git a/ocis/pkg/runtime/service/service.go b/ocis/pkg/runtime/service/service.go index cd237edc2e..19a1cf02e5 100644 --- a/ocis/pkg/runtime/service/service.go +++ b/ocis/pkg/runtime/service/service.go @@ -106,37 +106,37 @@ func NewService(options ...Option) (*Service, error) { cfg: opts.Config, } - s.ServicesRegistry["settings"] = settings.NewSutureService - s.ServicesRegistry["nats"] = nats.NewSutureService - s.ServicesRegistry["storage-metadata"] = storagemetadata.NewStorageMetadata - s.ServicesRegistry["glauth"] = glauth.NewSutureService - s.ServicesRegistry["graph"] = graph.NewSutureService - s.ServicesRegistry["graph-explorer"] = graphExplorer.NewSutureService - s.ServicesRegistry["idm"] = idm.NewSutureService - s.ServicesRegistry["ocs"] = ocs.NewSutureService - s.ServicesRegistry["store"] = store.NewSutureService - s.ServicesRegistry["thumbnails"] = thumbnails.NewSutureService - s.ServicesRegistry["web"] = web.NewSutureService - s.ServicesRegistry["webdav"] = webdav.NewSutureService - s.ServicesRegistry["storage-frontend"] = frontend.NewFrontend - s.ServicesRegistry["ocdav"] = ocdav.NewOCDav - s.ServicesRegistry["storage-gateway"] = gateway.NewGateway - s.ServicesRegistry["storage-userprovider"] = user.NewUserProvider - s.ServicesRegistry["storage-groupprovider"] = group.NewGroupProvider - s.ServicesRegistry["storage-authbasic"] = authbasic.NewAuthBasic - s.ServicesRegistry["storage-authbearer"] = authbearer.NewAuthBearer - s.ServicesRegistry["storage-authmachine"] = authmachine.NewAuthMachine - s.ServicesRegistry["storage-users"] = storageusers.NewStorageUsers - s.ServicesRegistry["storage-shares"] = storageshares.NewStorageShares - s.ServicesRegistry["storage-public-link"] = storagepublic.NewStoragePublicLink - s.ServicesRegistry["storage-appprovider"] = appprovider.NewAppProvider - s.ServicesRegistry["notifications"] = notifications.NewSutureService + s.ServicesRegistry[opts.Config.Settings.Service.Name] = settings.NewSutureService + s.ServicesRegistry[opts.Config.Nats.Service.Name] = nats.NewSutureService + s.ServicesRegistry[opts.Config.StorageMetadata.Service.Name] = storagemetadata.NewStorageMetadata + s.ServicesRegistry[opts.Config.GLAuth.Service.Name] = glauth.NewSutureService + s.ServicesRegistry[opts.Config.Graph.Service.Name] = graph.NewSutureService + s.ServicesRegistry[opts.Config.GraphExplorer.Service.Name] = graphExplorer.NewSutureService + s.ServicesRegistry[opts.Config.IDM.Service.Name] = idm.NewSutureService + s.ServicesRegistry[opts.Config.OCS.Service.Name] = ocs.NewSutureService + s.ServicesRegistry[opts.Config.Store.Service.Name] = store.NewSutureService + s.ServicesRegistry[opts.Config.Thumbnails.Service.Name] = thumbnails.NewSutureService + s.ServicesRegistry[opts.Config.Web.Service.Name] = web.NewSutureService + s.ServicesRegistry[opts.Config.WebDAV.Service.Name] = webdav.NewSutureService + s.ServicesRegistry[opts.Config.Frontend.Service.Name] = frontend.NewFrontend + s.ServicesRegistry[opts.Config.OCDav.Service.Name] = ocdav.NewOCDav + s.ServicesRegistry[opts.Config.Gateway.Service.Name] = gateway.NewGateway + s.ServicesRegistry[opts.Config.User.Service.Name] = user.NewUserProvider + s.ServicesRegistry[opts.Config.Group.Service.Name] = group.NewGroupProvider + s.ServicesRegistry[opts.Config.AuthBasic.Service.Name] = authbasic.NewAuthBasic + s.ServicesRegistry[opts.Config.AuthBearer.Service.Name] = authbearer.NewAuthBearer + s.ServicesRegistry[opts.Config.AuthMachine.Service.Name] = authmachine.NewAuthMachine + s.ServicesRegistry[opts.Config.StorageUsers.Service.Name] = storageusers.NewStorageUsers + s.ServicesRegistry[opts.Config.StorageShares.Service.Name] = storageshares.NewStorageShares + s.ServicesRegistry[opts.Config.StoragePublicLink.Service.Name] = storagepublic.NewStoragePublicLink + s.ServicesRegistry[opts.Config.AppProvider.Service.Name] = appprovider.NewAppProvider + s.ServicesRegistry[opts.Config.Notifications.Service.Name] = notifications.NewSutureService // populate delayed services - s.Delayed["storage-sharing"] = sharing.NewSharing - s.Delayed["accounts"] = accounts.NewSutureService - s.Delayed["proxy"] = proxy.NewSutureService - s.Delayed["idp"] = idp.NewSutureService + s.Delayed[opts.Config.Sharing.Service.Name] = sharing.NewSharing + s.Delayed[opts.Config.Accounts.Service.Name] = accounts.NewSutureService + s.Delayed[opts.Config.Proxy.Service.Name] = proxy.NewSutureService + s.Delayed[opts.Config.IDP.Service.Name] = idp.NewSutureService return s, nil } From d8e84db539039de8f1fa5e482b5b0022f49b1e21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Mon, 2 May 2022 10:44:52 +0000 Subject: [PATCH 90/99] Automated changelog update [skip ci] --- CHANGELOG.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5a357635e0..116489dc93 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,7 @@ The following sections list the changes for unreleased. * Change - Introduce `ocis init` and remove all default secrets: [#3551](https://github.com/owncloud/ocis/pull/3551) * Change - Reduce drives in graph /me/drives API: [#3629](https://github.com/owncloud/ocis/pull/3629) * Change - Switched default configuration to use libregraph/idm: [#3331](https://github.com/owncloud/ocis/pull/3331) +* Enhancement - Align service naming: [#3606](https://github.com/owncloud/ocis/pull/3606) * Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787) * Enhancement - Update linkshare capabilities: [#3579](https://github.com/owncloud/ocis/pull/3579) * Enhancement - Update reva to v2.x.x: [#3552](https://github.com/owncloud/ocis/pull/3552) @@ -81,6 +82,13 @@ The following sections list the changes for unreleased. https://github.com/owncloud/ocis/pull/3331 https://github.com/owncloud/ocis/pull/3633 +* Enhancement - Align service naming: [#3606](https://github.com/owncloud/ocis/pull/3606) + + We now reflect the configured service names when listing them in the ocis runtime + + https://github.com/owncloud/ocis/issues/3603 + https://github.com/owncloud/ocis/pull/3606 + * Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787) It is now possible to share a single file by link with edit permissions. Therefore we need a From e5577a1c97bb0f3b765389b6b0f80d7cf9629c38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Mon, 2 May 2022 10:56:41 +0000 Subject: [PATCH 91/99] fix service names in init MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- ocis/pkg/init/init.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index 8b2ca85bf0..c576e62b08 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -104,12 +104,12 @@ type OcisConfig struct { Idm IdmExtension Proxy InsecureProxyExtension Frontend FrontendExtension - AuthBasic AuthbasicExtension `yaml:"auth_basic"` - AuthBearer AuthbearerExtension `yaml:"auth_bearer"` + AuthBasic AuthbasicExtension `yaml:"auth-basic"` + AuthBearer AuthbearerExtension `yaml:"auth-bearer"` User UserAndGroupExtension Group UserAndGroupExtension - StorageMetadata DataProviderInsecureSettings `yaml:"storage_metadata"` - StorageUsers DataProviderInsecureSettings `yaml:"storage_users"` + StorageMetadata DataProviderInsecureSettings `yaml:"storage-metadata"` + StorageUsers DataProviderInsecureSettings `yaml:"storage-users"` Ocdav InsecureExtension Thumbnails ThumbNailExtension } From 73a7a61fb7995a3f8c09a2ebfa167c8f0b13f595 Mon Sep 17 00:00:00 2001 From: Benedikt Kulmann Date: Mon, 2 May 2022 11:00:20 +0000 Subject: [PATCH 92/99] Automated changelog update [skip ci] --- CHANGELOG.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 116489dc93..43c683f896 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ The following sections list the changes for unreleased. * Change - Switched default configuration to use libregraph/idm: [#3331](https://github.com/owncloud/ocis/pull/3331) * Enhancement - Align service naming: [#3606](https://github.com/owncloud/ocis/pull/3606) * Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787) +* Enhancement - Added `share_jail` and `projects` feature flags in spaces capability: [#3626](https://github.com/owncloud/ocis/pull/3626) * Enhancement - Update linkshare capabilities: [#3579](https://github.com/owncloud/ocis/pull/3579) * Enhancement - Update reva to v2.x.x: [#3552](https://github.com/owncloud/ocis/pull/3552) @@ -98,6 +99,13 @@ The following sections list the changes for unreleased. https://github.com/owncloud/web/pull/6787 https://github.com/owncloud/ocis/pull/3538 +* Enhancement - Added `share_jail` and `projects` feature flags in spaces capability: [#3626](https://github.com/owncloud/ocis/pull/3626) + + We've added feature flags to the `spaces` capability to indicate to clients which features are + supposed to be shown to users. + + https://github.com/owncloud/ocis/pull/3626 + * Enhancement - Update linkshare capabilities: [#3579](https://github.com/owncloud/ocis/pull/3579) We have updated the capabilities regarding password enforcement and expiration dates of @@ -112,12 +120,13 @@ The following sections list the changes for unreleased. * TODO + https://github.com/owncloud/ocis/issues/3621 https://github.com/owncloud/ocis/pull/3552 https://github.com/owncloud/ocis/pull/3570 https://github.com/owncloud/ocis/pull/3601 https://github.com/owncloud/ocis/pull/3605 https://github.com/owncloud/ocis/pull/3611 - https://github.com/owncloud/ocis/pull/3621 + https://github.com/owncloud/ocis/pull/3637 # Changelog for [1.20.0] (2022-04-13) The following sections list the changes for 1.20.0. From 18e9661a247a9589dfcc4508d42dfdf060803d74 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Mon, 2 May 2022 12:02:09 +0200 Subject: [PATCH 93/99] fix ocis config parsing for subcommands --- ocis/pkg/command/accounts.go | 9 +++++---- ocis/pkg/command/audit.go | 9 +++++---- ocis/pkg/command/glauth.go | 9 +++++---- ocis/pkg/command/graph.go | 9 +++++---- ocis/pkg/command/graphexplorer.go | 9 +++++---- ocis/pkg/command/idm.go | 9 +++++---- ocis/pkg/command/idp.go | 9 +++++---- ocis/pkg/command/natsserver.go | 9 +++++---- ocis/pkg/command/notifications.go | 9 +++++---- ocis/pkg/command/ocdav.go | 14 +++++++++++--- ocis/pkg/command/ocs.go | 9 +++++---- ocis/pkg/command/proxy.go | 9 +++++---- ocis/pkg/command/settings.go | 9 +++++---- ocis/pkg/command/storageappprovider.go | 11 +++++++++++ ocis/pkg/command/storageauthbasic.go | 11 +++++++++++ ocis/pkg/command/storageauthbearer.go | 11 +++++++++++ ocis/pkg/command/storageauthmachine.go | 11 +++++++++++ ocis/pkg/command/storagefrontend.go | 11 +++++++++++ ocis/pkg/command/storagegateway.go | 15 +++++++++++---- ocis/pkg/command/storagegroupprovider.go | 11 +++++++++++ ocis/pkg/command/storagemetadata.go | 11 +++++++++++ ocis/pkg/command/storagepubliclink.go | 11 +++++++++++ ocis/pkg/command/storageshares.go | 11 +++++++++++ ocis/pkg/command/storagesharing.go | 11 +++++++++++ ocis/pkg/command/storageuserprovider.go | 11 +++++++++++ ocis/pkg/command/store.go | 9 +++++---- ocis/pkg/command/thumbnails.go | 9 +++++---- ocis/pkg/command/web.go | 9 +++++---- ocis/pkg/command/webdav.go | 9 +++++---- 29 files changed, 223 insertions(+), 71 deletions(-) diff --git a/ocis/pkg/command/accounts.go b/ocis/pkg/command/accounts.go index 8434e0c2f5..e9981b9f54 100644 --- a/ocis/pkg/command/accounts.go +++ b/ocis/pkg/command/accounts.go @@ -16,12 +16,13 @@ func AccountsCommand(cfg *config.Config) *cli.Command { Name: cfg.Accounts.Service.Name, Usage: subcommandDescription(cfg.Accounts.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.Accounts.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.Accounts), } diff --git a/ocis/pkg/command/audit.go b/ocis/pkg/command/audit.go index 884b79fb3e..03d390e632 100644 --- a/ocis/pkg/command/audit.go +++ b/ocis/pkg/command/audit.go @@ -16,12 +16,13 @@ func AuditCommand(cfg *config.Config) *cli.Command { Name: "audit", Usage: "start audit service", Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.Audit.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.Audit), } diff --git a/ocis/pkg/command/glauth.go b/ocis/pkg/command/glauth.go index bbe5af9e7f..8a3059efff 100644 --- a/ocis/pkg/command/glauth.go +++ b/ocis/pkg/command/glauth.go @@ -16,12 +16,13 @@ func GLAuthCommand(cfg *config.Config) *cli.Command { Name: cfg.GLAuth.Service.Name, Usage: subcommandDescription(cfg.GLAuth.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.GLAuth.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.GLAuth), } diff --git a/ocis/pkg/command/graph.go b/ocis/pkg/command/graph.go index 34158e1cc3..89dc41f64c 100644 --- a/ocis/pkg/command/graph.go +++ b/ocis/pkg/command/graph.go @@ -16,12 +16,13 @@ func GraphCommand(cfg *config.Config) *cli.Command { Name: cfg.Graph.Service.Name, Usage: subcommandDescription(cfg.Graph.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.Graph.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.Graph), } diff --git a/ocis/pkg/command/graphexplorer.go b/ocis/pkg/command/graphexplorer.go index 6e1f890fbd..ad33cf7b4a 100644 --- a/ocis/pkg/command/graphexplorer.go +++ b/ocis/pkg/command/graphexplorer.go @@ -16,12 +16,13 @@ func GraphExplorerCommand(cfg *config.Config) *cli.Command { Name: cfg.GraphExplorer.Service.Name, Usage: subcommandDescription(cfg.GraphExplorer.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.GraphExplorer.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.GraphExplorer), } diff --git a/ocis/pkg/command/idm.go b/ocis/pkg/command/idm.go index 86d3cae777..9a375c8c68 100644 --- a/ocis/pkg/command/idm.go +++ b/ocis/pkg/command/idm.go @@ -16,12 +16,13 @@ func IDMCommand(cfg *config.Config) *cli.Command { Name: "idm", Usage: "idm extension commands", Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.IDM.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.IDM), } diff --git a/ocis/pkg/command/idp.go b/ocis/pkg/command/idp.go index 0f37a98c05..82909ee9a8 100644 --- a/ocis/pkg/command/idp.go +++ b/ocis/pkg/command/idp.go @@ -16,12 +16,13 @@ func IDPCommand(cfg *config.Config) *cli.Command { Name: cfg.IDP.Service.Name, Usage: subcommandDescription(cfg.IDP.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.IDP.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.IDP), } diff --git a/ocis/pkg/command/natsserver.go b/ocis/pkg/command/natsserver.go index 6a46a1cc7a..48cf8174a8 100644 --- a/ocis/pkg/command/natsserver.go +++ b/ocis/pkg/command/natsserver.go @@ -16,12 +16,13 @@ func NatsServerCommand(cfg *config.Config) *cli.Command { Name: "nats-server", Usage: "start nats server", Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.Nats.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.Nats), } diff --git a/ocis/pkg/command/notifications.go b/ocis/pkg/command/notifications.go index a6f1113d74..ee362dc7ed 100644 --- a/ocis/pkg/command/notifications.go +++ b/ocis/pkg/command/notifications.go @@ -16,12 +16,13 @@ func NotificationsCommand(cfg *config.Config) *cli.Command { Name: "notifications", Usage: "start notifications service", Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.Notifications.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.Notifications), } diff --git a/ocis/pkg/command/ocdav.go b/ocis/pkg/command/ocdav.go index c13e6ee07f..85fdeb4570 100644 --- a/ocis/pkg/command/ocdav.go +++ b/ocis/pkg/command/ocdav.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/ocdav/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,9 +16,14 @@ func OCDavCommand(cfg *config.Config) *cli.Command { Name: "ocdav", Usage: "start ocdav", Category: "extensions", - // Before: func(ctx *cli.Context) error { - // return ParseStorageCommon(ctx, cfg) - // }, + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.OCDav.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.OCDav(cfg.OCDav) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/ocs.go b/ocis/pkg/command/ocs.go index fdd76af613..b2f1b5bd62 100644 --- a/ocis/pkg/command/ocs.go +++ b/ocis/pkg/command/ocs.go @@ -16,12 +16,13 @@ func OCSCommand(cfg *config.Config) *cli.Command { Name: cfg.OCS.Service.Name, Usage: subcommandDescription(cfg.OCS.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.OCS.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.OCS), } diff --git a/ocis/pkg/command/proxy.go b/ocis/pkg/command/proxy.go index a23eec33cf..219a4c06e1 100644 --- a/ocis/pkg/command/proxy.go +++ b/ocis/pkg/command/proxy.go @@ -16,12 +16,13 @@ func ProxyCommand(cfg *config.Config) *cli.Command { Name: cfg.Proxy.Service.Name, Usage: subcommandDescription(cfg.Proxy.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.Proxy.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.Proxy), } diff --git a/ocis/pkg/command/settings.go b/ocis/pkg/command/settings.go index 33032f30c0..1a454bf58c 100644 --- a/ocis/pkg/command/settings.go +++ b/ocis/pkg/command/settings.go @@ -16,12 +16,13 @@ func SettingsCommand(cfg *config.Config) *cli.Command { Name: cfg.Settings.Service.Name, Usage: subcommandDescription(cfg.Settings.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.Settings.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.Settings), } diff --git a/ocis/pkg/command/storageappprovider.go b/ocis/pkg/command/storageappprovider.go index beb494d341..f44aa55fad 100644 --- a/ocis/pkg/command/storageappprovider.go +++ b/ocis/pkg/command/storageappprovider.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/appprovider/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StorageAppProviderCommand(cfg *config.Config) *cli.Command { Name: "storage-app-provider", Usage: "start storage app-provider service", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.AppProvider.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.AppProvider(cfg.AppProvider) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storageauthbasic.go b/ocis/pkg/command/storageauthbasic.go index 26164983f7..4c8dba5cdb 100644 --- a/ocis/pkg/command/storageauthbasic.go +++ b/ocis/pkg/command/storageauthbasic.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/auth-basic/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StorageAuthBasicCommand(cfg *config.Config) *cli.Command { Name: "storage-auth-basic", Usage: "start storage auth-basic service", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.AuthBasic.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.AuthBasic(cfg.AuthBasic) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storageauthbearer.go b/ocis/pkg/command/storageauthbearer.go index c3c9855d84..20b641cda4 100644 --- a/ocis/pkg/command/storageauthbearer.go +++ b/ocis/pkg/command/storageauthbearer.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/auth-bearer/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StorageAuthBearerCommand(cfg *config.Config) *cli.Command { Name: "storage-auth-bearer", Usage: "Start storage auth-bearer service", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.AuthBearer.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.AuthBearer(cfg.AuthBearer) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storageauthmachine.go b/ocis/pkg/command/storageauthmachine.go index bbed4b2c1e..f42ecb4b55 100644 --- a/ocis/pkg/command/storageauthmachine.go +++ b/ocis/pkg/command/storageauthmachine.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/auth-machine/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StorageAuthMachineCommand(cfg *config.Config) *cli.Command { Name: "storage-auth-machine", Usage: "start storage auth-machine service", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.AuthMachine.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.AuthMachine(cfg.AuthMachine) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storagefrontend.go b/ocis/pkg/command/storagefrontend.go index 4d37589fee..05252414a9 100644 --- a/ocis/pkg/command/storagefrontend.go +++ b/ocis/pkg/command/storagefrontend.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/frontend/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StorageFrontendCommand(cfg *config.Config) *cli.Command { Name: "storage-frontend", Usage: "start storage frontend", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.Frontend.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.Frontend(cfg.Frontend) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storagegateway.go b/ocis/pkg/command/storagegateway.go index f69adc3053..17047b6068 100644 --- a/ocis/pkg/command/storagegateway.go +++ b/ocis/pkg/command/storagegateway.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/gateway/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,10 +16,14 @@ func StorageGatewayCommand(cfg *config.Config) *cli.Command { Name: "storage-gateway", Usage: "start storage gateway", Category: "extensions", - //Flags: flagset.GatewayWithConfig(cfg.Storage), - // Before: func(ctx *cli.Context) error { - // return ParseStorageCommon(ctx, cfg) - // }, + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.Gateway.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.Gateway(cfg.Gateway) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storagegroupprovider.go b/ocis/pkg/command/storagegroupprovider.go index 2e39709ee1..c93de96c11 100644 --- a/ocis/pkg/command/storagegroupprovider.go +++ b/ocis/pkg/command/storagegroupprovider.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/group/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StorageGroupProviderCommand(cfg *config.Config) *cli.Command { Name: "storage-groupprovider", Usage: "start storage groupprovider service", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.Group.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.Groups(cfg.Group) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storagemetadata.go b/ocis/pkg/command/storagemetadata.go index 2e87bea4f0..2965c36cfc 100644 --- a/ocis/pkg/command/storagemetadata.go +++ b/ocis/pkg/command/storagemetadata.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StorageMetadataCommand(cfg *config.Config) *cli.Command { Name: "storage-metadata", Usage: "start storage and data service for metadata", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.StorageMetadata.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.StorageMetadata(cfg.StorageMetadata) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storagepubliclink.go b/ocis/pkg/command/storagepubliclink.go index 06a99d0a7a..fe2f8b75e8 100644 --- a/ocis/pkg/command/storagepubliclink.go +++ b/ocis/pkg/command/storagepubliclink.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StoragePublicLinkCommand(cfg *config.Config) *cli.Command { Name: "storage-public-link", Usage: "start storage public link storage", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.StoragePublicLink.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.StoragePublicLink(cfg.StoragePublicLink) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storageshares.go b/ocis/pkg/command/storageshares.go index 04fe859bd0..62f13c38a8 100644 --- a/ocis/pkg/command/storageshares.go +++ b/ocis/pkg/command/storageshares.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/storage-shares/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StorageSharesCommand(cfg *config.Config) *cli.Command { Name: "storage-shares", Usage: "start storage and data provider for shares jail", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.StorageShares.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.StorageShares(cfg.StorageShares) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storagesharing.go b/ocis/pkg/command/storagesharing.go index fe9e3cb796..63c7e2aa06 100644 --- a/ocis/pkg/command/storagesharing.go +++ b/ocis/pkg/command/storagesharing.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/sharing/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StorageSharingCommand(cfg *config.Config) *cli.Command { Name: "storage-sharing", Usage: "start storage sharing service", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.Sharing.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.Sharing(cfg.Sharing) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/storageuserprovider.go b/ocis/pkg/command/storageuserprovider.go index dabef25fb0..5e3af09569 100644 --- a/ocis/pkg/command/storageuserprovider.go +++ b/ocis/pkg/command/storageuserprovider.go @@ -1,8 +1,11 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/user/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" ) @@ -13,6 +16,14 @@ func StorageUserProviderCommand(cfg *config.Config) *cli.Command { Name: "storage-userprovider", Usage: "start storage userprovider service", Category: "extensions", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { + fmt.Printf("%v", err) + return err + } + cfg.StorageUsers.Commons = cfg.Commons + return nil + }, Action: func(c *cli.Context) error { origCmd := command.User(cfg.User) return handleOriginalAction(c, origCmd) diff --git a/ocis/pkg/command/store.go b/ocis/pkg/command/store.go index 12bda770f9..50d1f92cdd 100644 --- a/ocis/pkg/command/store.go +++ b/ocis/pkg/command/store.go @@ -17,12 +17,13 @@ func StoreCommand(cfg *config.Config) *cli.Command { Name: cfg.Store.Service.Name, Usage: subcommandDescription(cfg.Store.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.Store.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.Store), } diff --git a/ocis/pkg/command/thumbnails.go b/ocis/pkg/command/thumbnails.go index ca6e693a02..6b888fb177 100644 --- a/ocis/pkg/command/thumbnails.go +++ b/ocis/pkg/command/thumbnails.go @@ -16,12 +16,13 @@ func ThumbnailsCommand(cfg *config.Config) *cli.Command { Name: cfg.Thumbnails.Service.Name, Usage: subcommandDescription(cfg.Thumbnails.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.Thumbnails.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.Thumbnails), } diff --git a/ocis/pkg/command/web.go b/ocis/pkg/command/web.go index 70499da3fe..d3e93e4b07 100644 --- a/ocis/pkg/command/web.go +++ b/ocis/pkg/command/web.go @@ -16,12 +16,13 @@ func WebCommand(cfg *config.Config) *cli.Command { Name: cfg.Web.Service.Name, Usage: subcommandDescription(cfg.Web.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.Web.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.Web), } diff --git a/ocis/pkg/command/webdav.go b/ocis/pkg/command/webdav.go index a87145ab4e..693f237d8a 100644 --- a/ocis/pkg/command/webdav.go +++ b/ocis/pkg/command/webdav.go @@ -17,12 +17,13 @@ func WebDAVCommand(cfg *config.Config) *cli.Command { Name: cfg.WebDAV.Service.Name, Usage: subcommandDescription(cfg.WebDAV.Service.Name), Category: "extensions", - Before: func(ctx *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg); err != nil { fmt.Printf("%v", err) + return err } - return err + cfg.WebDAV.Commons = cfg.Commons + return nil }, Subcommands: command.GetCommands(cfg.WebDAV), } From 7dd486ba1719a01baf65c0e63b23589b508ebff4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Mon, 2 May 2022 11:17:08 +0000 Subject: [PATCH 94/99] use cs3 user type constant MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- extensions/storage-metadata/pkg/command/command.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/extensions/storage-metadata/pkg/command/command.go b/extensions/storage-metadata/pkg/command/command.go index 674abfa1cc..c9e5e09323 100644 --- a/extensions/storage-metadata/pkg/command/command.go +++ b/extensions/storage-metadata/pkg/command/command.go @@ -7,18 +7,18 @@ import ( "os" "path" - "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/parser" - "github.com/owncloud/ocis/ocis-pkg/log" - "github.com/owncloud/ocis/ocis-pkg/sync" - "github.com/owncloud/ocis/ocis-pkg/tracing" - + userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" "github.com/cs3org/reva/v2/cmd/revad/runtime" "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" "github.com/owncloud/ocis/extensions/storage/pkg/service/external" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/log" + "github.com/owncloud/ocis/ocis-pkg/sync" + "github.com/owncloud/ocis/ocis-pkg/tracing" "github.com/owncloud/ocis/ocis-pkg/version" "github.com/thejerf/suture/v4" "github.com/urfave/cli/v2" @@ -162,7 +162,7 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in "id": map[string]interface{}{ "opaqueId": "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", // FIXME generate service user id "idp": "internal", - "type": 1, // user.UserType_USER_TYPE_PRIMARY + "type": userpb.UserType_USER_TYPE_PRIMARY, }, "username": "serviceuser", "display_name": "System User", From 161c23976f88f3e4c1b058507c132f6ca1a04177 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Mon, 2 May 2022 11:30:36 +0000 Subject: [PATCH 95/99] remove unused system user initialization MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- extensions/idm/ldif/base.ldif.tmpl | 13 ------- .../pkg/config/defaults/defaultconfig.go | 2 +- .../settings/pkg/service/v0/settings.go | 26 ------------- .../settings/pkg/store/defaults/defaults.go | 39 ------------------- .../pkg/store/metadata/assignments.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 8 ++-- 6 files changed, 6 insertions(+), 84 deletions(-) diff --git a/extensions/idm/ldif/base.ldif.tmpl b/extensions/idm/ldif/base.ldif.tmpl index 1cbaaec4c2..e29221c62f 100644 --- a/extensions/idm/ldif/base.ldif.tmpl +++ b/extensions/idm/ldif/base.ldif.tmpl @@ -40,17 +40,4 @@ userPassword:: {{ .Password }} {{ end -}} -## Service user for the settings service -dn: uid=95cb8724-03b2-11eb-a0a6-c33ef8ef53ad,ou=users,o=libregraph-idm -objectClass: inetOrgPerson -objectClass: organizationalPerson -objectClass: ownCloud -objectClass: person -objectClass: top -uid: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad -givenName: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad -sn: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad -cn: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad -displayName: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad -ownCloudUUID: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index 1f5b97c3ce..29cc21d03a 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -50,7 +50,7 @@ func DefaultConfig() *config.Config { }, Metadata: config.Metadata{ - GatewayAddress: "127.0.0.1:9215", + GatewayAddress: "127.0.0.1:9215", // metadata storage StorageAddress: "127.0.0.1:9215", ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", ServiceUserIDP: "internal", diff --git a/extensions/settings/pkg/service/v0/settings.go b/extensions/settings/pkg/service/v0/settings.go index abf541a4a9..404845e51c 100644 --- a/extensions/settings/pkg/service/v0/settings.go +++ b/extensions/settings/pkg/service/v0/settings.go @@ -6,9 +6,6 @@ import ( ) const ( - // BundleUUIDRoleMetadata represents the metadata user role - BundleUUIDRoleMetadata = "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad" - // BundleUUIDRoleAdmin represents the admin role BundleUUIDRoleAdmin = "71881883-1768-46bd-a24d-a356a2afdf7f" @@ -532,34 +529,11 @@ func generatePermissionRequests() []*settingssvc.AddSettingToBundleRequest { }, }, }, - { - BundleId: BundleUUIDRoleMetadata, - Setting: &settingsmsg.Setting{ - Id: CreateSpacePermissionID, - Name: CreateSpacePermissionName, - DisplayName: "Create own Space", - Description: "This permission allows to create a space owned by the current user.", - Resource: &settingsmsg.Resource{ - Type: settingsmsg.Resource_TYPE_SYSTEM, // TODO resource type space? self? me? own? - }, - Value: &settingsmsg.Setting_PermissionValue{ - PermissionValue: &settingsmsg.Permission{ - Operation: settingsmsg.Permission_OPERATION_CREATE, - Constraint: settingsmsg.Permission_CONSTRAINT_OWN, - }, - }, - }, - }, } } func defaultRoleAssignments() []*settingsmsg.UserRoleAssignment { return []*settingsmsg.UserRoleAssignment{ - // accounts service user for the metadata user is allowed to create spaces - { - AccountUuid: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", - RoleId: BundleUUIDRoleAdmin, - }, // default admin users { AccountUuid: "058bff95-6708-4fe5-91e4-9ea3d377588b", diff --git a/extensions/settings/pkg/store/defaults/defaults.go b/extensions/settings/pkg/store/defaults/defaults.go index b20357257b..27f3d43f9f 100644 --- a/extensions/settings/pkg/store/defaults/defaults.go +++ b/extensions/settings/pkg/store/defaults/defaults.go @@ -17,9 +17,6 @@ const ( // BundleUUIDRoleGuest represents the guest role. BundleUUIDRoleGuest = "38071a68-456a-4553-846a-fa67bf5596cc" - // BundleUUIDRoleMetadata represents the metadata user role - BundleUUIDRoleMetadata = "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad" - // RoleManagementPermissionID is the hardcoded setting UUID for the role management permission RoleManagementPermissionID string = "a53e601e-571f-4f86-8fec-d4576ef49c62" // RoleManagementPermissionName is the hardcoded setting name for the role management permission @@ -68,7 +65,6 @@ func GenerateBundlesDefaultRoles() []*settingsmsg.Bundle { generateBundleUserRole(), generateBundleGuestRole(), generateBundleProfileRequest(), - generateBundleMetadataRole(), generateBundleSpaceAdminRole(), } } @@ -434,36 +430,6 @@ func generateBundleProfileRequest() *settingsmsg.Bundle { } } -func generateBundleMetadataRole() *settingsmsg.Bundle { - return &settingsmsg.Bundle{ - Id: BundleUUIDRoleMetadata, - Name: "metadata", - Type: settingsmsg.Bundle_TYPE_ROLE, - Extension: "ocis-roles", - DisplayName: "Metadata", - Resource: &settingsmsg.Resource{ - Type: settingsmsg.Resource_TYPE_SYSTEM, - }, - Settings: []*settingsmsg.Setting{ - { - Id: CreateSpacePermissionID, - Name: CreateSpacePermissionName, - DisplayName: "Create own Space", - Description: "This permission allows to create a space owned by the current user.", - Resource: &settingsmsg.Resource{ - Type: settingsmsg.Resource_TYPE_SYSTEM, // TODO resource type space? self? me? own? - }, - Value: &settingsmsg.Setting_PermissionValue{ - PermissionValue: &settingsmsg.Permission{ - Operation: settingsmsg.Permission_OPERATION_CREATE, - Constraint: settingsmsg.Permission_CONSTRAINT_OWN, - }, - }, - }, - }, - } -} - // TODO: languageSetting needed? var languageSetting = settingsmsg.Setting_SingleChoiceValue{ SingleChoiceValue: &settingsmsg.SingleChoiceList{ @@ -532,11 +498,6 @@ var languageSetting = settingsmsg.Setting_SingleChoiceValue{ // DefaultRoleAssignments returns (as one might guess) the default role assignments func DefaultRoleAssignments() []*settingsmsg.UserRoleAssignment { return []*settingsmsg.UserRoleAssignment{ - // accounts service user for the metadata user is allowed to create spaces - { - AccountUuid: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", - RoleId: BundleUUIDRoleAdmin, - }, // default admin users { AccountUuid: "058bff95-6708-4fe5-91e4-9ea3d377588b", diff --git a/extensions/settings/pkg/store/metadata/assignments.go b/extensions/settings/pkg/store/metadata/assignments.go index 11fafbccb0..88ce7e1c18 100644 --- a/extensions/settings/pkg/store/metadata/assignments.go +++ b/extensions/settings/pkg/store/metadata/assignments.go @@ -13,7 +13,7 @@ import ( // ListRoleAssignments loads and returns all role assignments matching the given assignment identifier. func (s *Store) ListRoleAssignments(accountUUID string) ([]*settingsmsg.UserRoleAssignment, error) { - if s.mdc == nil || accountUUID == "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad" { + if s.mdc == nil { return defaultRoleAssignments(accountUUID), nil } s.Init() diff --git a/extensions/sharing/pkg/config/defaults/defaultconfig.go b/extensions/sharing/pkg/config/defaults/defaultconfig.go index 2c00c4267a..04868d9b6c 100644 --- a/extensions/sharing/pkg/config/defaults/defaultconfig.go +++ b/extensions/sharing/pkg/config/defaults/defaultconfig.go @@ -48,9 +48,9 @@ func DefaultConfig() *config.Config { JanitorRunInterval: 60, }, CS3: config.UserSharingCS3Driver{ - ProviderAddr: "127.0.0.1:9215", + ProviderAddr: "127.0.0.1:9215", // metadata storage ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", - ServiceUserIDP: "https://localhost:9200", + ServiceUserIDP: "internal", }, }, PublicSharingDriver: "json", @@ -69,9 +69,9 @@ func DefaultConfig() *config.Config { JanitorRunInterval: 60, }, CS3: config.PublicSharingCS3Driver{ - ProviderAddr: "127.0.0.1:9215", + ProviderAddr: "127.0.0.1:9215", // metadata storage ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", - ServiceUserIDP: "https://localhost:9200", + ServiceUserIDP: "internal", }, }, Events: config.Events{ From df8fd7626ddf4ad054bceb0cf2f562f57ef1c250 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Mon, 2 May 2022 11:31:22 +0000 Subject: [PATCH 96/99] revert a launch.json change MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- .vscode/launch.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 200611e97a..ddaf13bf75 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -8,7 +8,7 @@ "mode": "debug", "program": "${workspaceFolder}/ocis/cmd/ocis", "args": [ - "storage-metadata" + "server" ], "env": { // log settings for human developers From f88c000bacbd3d31e95c86a577928033b473449c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Mon, 2 May 2022 12:36:30 +0000 Subject: [PATCH 97/99] generate metadata user id MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- .../settings/pkg/config/defaults/defaultconfig.go | 5 ++++- .../sharing/pkg/config/defaults/defaultconfig.go | 10 ++++++++-- extensions/sharing/pkg/config/parser/parse.go | 8 ++++++++ extensions/storage-metadata/pkg/command/command.go | 2 +- extensions/storage-metadata/pkg/config/config.go | 3 ++- .../pkg/config/defaults/defaultconfig.go | 5 +++++ extensions/storage-metadata/pkg/config/parser/parse.go | 4 ++++ ocis-pkg/config/config.go | 1 + ocis-pkg/config/parser/parse.go | 8 ++++++++ ocis-pkg/shared/errors.go | 8 ++++++++ ocis-pkg/shared/shared_types.go | 1 + ocis/pkg/init/init.go | 5 +++++ 12 files changed, 55 insertions(+), 5 deletions(-) diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index 29cc21d03a..5e87d0702b 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -52,7 +52,6 @@ func DefaultConfig() *config.Config { Metadata: config.Metadata{ GatewayAddress: "127.0.0.1:9215", // metadata storage StorageAddress: "127.0.0.1:9215", - ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", ServiceUserIDP: "internal", }, } @@ -93,6 +92,10 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.Metadata.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey } + + if cfg.Metadata.ServiceUserID == "" && cfg.Commons != nil && cfg.Commons.MetadataUserID != "" { + cfg.Metadata.ServiceUserID = cfg.Commons.MetadataUserID + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/sharing/pkg/config/defaults/defaultconfig.go b/extensions/sharing/pkg/config/defaults/defaultconfig.go index 04868d9b6c..924e432288 100644 --- a/extensions/sharing/pkg/config/defaults/defaultconfig.go +++ b/extensions/sharing/pkg/config/defaults/defaultconfig.go @@ -49,7 +49,6 @@ func DefaultConfig() *config.Config { }, CS3: config.UserSharingCS3Driver{ ProviderAddr: "127.0.0.1:9215", // metadata storage - ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", ServiceUserIDP: "internal", }, }, @@ -70,7 +69,6 @@ func DefaultConfig() *config.Config { }, CS3: config.PublicSharingCS3Driver{ ProviderAddr: "127.0.0.1:9215", // metadata storage - ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", ServiceUserIDP: "internal", }, }, @@ -125,9 +123,17 @@ func EnsureDefaults(cfg *config.Config) { cfg.UserSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey } + if cfg.UserSharingDrivers.CS3.ServiceUserID == "" && cfg.Commons != nil && cfg.Commons.MetadataUserID != "" { + cfg.UserSharingDrivers.CS3.ServiceUserID = cfg.Commons.MetadataUserID + } + if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey } + + if cfg.PublicSharingDrivers.CS3.ServiceUserID == "" && cfg.Commons != nil && cfg.Commons.MetadataUserID != "" { + cfg.PublicSharingDrivers.CS3.ServiceUserID = cfg.Commons.MetadataUserID + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go index a8a7b00e2a..afc4d88b8e 100644 --- a/extensions/sharing/pkg/config/parser/parse.go +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -42,9 +42,17 @@ func Validate(cfg *config.Config) error { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } + if cfg.PublicSharingDriver == "cs3" && cfg.PublicSharingDrivers.CS3.ServiceUserID == "" { + return shared.MissingMetadataUserID(cfg.Service.Name) + } + if cfg.UserSharingDriver == "cs3" && cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } + if cfg.UserSharingDriver == "cs3" && cfg.UserSharingDrivers.CS3.ServiceUserID == "" { + return shared.MissingMetadataUserID(cfg.Service.Name) + } + return nil } diff --git a/extensions/storage-metadata/pkg/command/command.go b/extensions/storage-metadata/pkg/command/command.go index c9e5e09323..54eff79d45 100644 --- a/extensions/storage-metadata/pkg/command/command.go +++ b/extensions/storage-metadata/pkg/command/command.go @@ -160,7 +160,7 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in "users": map[string]interface{}{ "serviceuser": map[string]interface{}{ "id": map[string]interface{}{ - "opaqueId": "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", // FIXME generate service user id + "opaqueId": cfg.MetadataUserID, "idp": "internal", "type": userpb.UserType_USER_TYPE_PRIMARY, }, diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index 2d8869eacb..8c4475600f 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -21,7 +21,8 @@ type Config struct { TokenManager *TokenManager `yaml:"token_manager"` Reva *Reva `yaml:"reva"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;STORAGE_METADATA_MACHINE_AUTH_API_KEY"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"STORAGE_METADATA_MACHINE_AUTH_API_KEY"` + MetadataUserID string `yaml:"metadata_user_id"` SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` Driver string `yaml:"driver" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` diff --git a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go index 2b3d84f42a..4f274aa0ca 100644 --- a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go @@ -125,6 +125,11 @@ func EnsureDefaults(cfg *config.Config) { if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey } + + if cfg.MetadataUserID == "" && cfg.Commons != nil && cfg.Commons.MetadataUserID != "" { + cfg.MetadataUserID = cfg.Commons.MetadataUserID + } + } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage-metadata/pkg/config/parser/parse.go b/extensions/storage-metadata/pkg/config/parser/parse.go index 019438ab26..413bbd52c5 100644 --- a/extensions/storage-metadata/pkg/config/parser/parse.go +++ b/extensions/storage-metadata/pkg/config/parser/parse.go @@ -41,5 +41,9 @@ func Validate(cfg *config.Config) error { if cfg.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } + + if cfg.MetadataUserID == "" { + return shared.MissingMetadataUserID(cfg.Service.Name) + } return nil } diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 33b9645d2e..edd2d49772 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -67,6 +67,7 @@ type Config struct { TokenManager *shared.TokenManager `yaml:"token_manager"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` + MetadataUserID string `yaml:"metadata_user_id"` Runtime Runtime `yaml:"runtime"` Audit *audit.Config `yaml:"audit"` diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index 3c4939a23a..cd5f8ab32b 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -94,6 +94,10 @@ func EnsureCommons(cfg *config.Config) { cfg.Commons.TransferSecret = cfg.TransferSecret } + // copy metadata user id to the commons part if set + if cfg.MetadataUserID != "" { + cfg.Commons.MetadataUserID = cfg.MetadataUserID + } } func Validate(cfg *config.Config) error { @@ -109,5 +113,9 @@ func Validate(cfg *config.Config) error { return shared.MissingMachineAuthApiKeyError("ocis") } + if cfg.MetadataUserID == "" { + return shared.MissingMetadataUserID("ocis") + } + return nil } diff --git a/ocis-pkg/shared/errors.go b/ocis-pkg/shared/errors.go index bb4b5f4ec7..de1ed5a825 100644 --- a/ocis-pkg/shared/errors.go +++ b/ocis-pkg/shared/errors.go @@ -45,3 +45,11 @@ func MissingServiceUserPassword(service, serviceUser string) error { "the config/corresponding environment variable).", serviceUser, service, defaults.BaseConfigPath()) } + +func MissingMetadataUserID(service string) error { + return fmt.Errorf("The metadata user ID has not been configured for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", + service, defaults.BaseConfigPath()) +} diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index f4cf19fc0b..3497bed611 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -44,4 +44,5 @@ type Commons struct { Reva *Reva `yaml:"reva"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` TransferSecret string `yaml:"transfer_secret,omitempty" env:"REVA_TRANSFER_SECRET"` + MetadataUserID string `yaml:"metadata_user_id" env:"METADATA_USER_ID"` } diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index 8b2ca85bf0..5cce91746c 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -9,6 +9,7 @@ import ( "path" "time" + "github.com/gofrs/uuid" "github.com/owncloud/ocis/ocis-pkg/generators" "gopkg.in/yaml.v2" ) @@ -99,6 +100,7 @@ type OcisConfig struct { TokenManager TokenManager `yaml:"token_manager"` MachineAuthApiKey string `yaml:"machine_auth_api_key"` TransferSecret string `yaml:"transfer_secret"` + MetadataUserID string `yaml:"metadata_user_id"` Graph GraphExtension Idp LdapBasedExtension Idm IdmExtension @@ -160,6 +162,8 @@ func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword strin return err } + metadataUserID := uuid.Must(uuid.NewV4()).String() + idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("could not generate random password for idm: %s", err) @@ -199,6 +203,7 @@ func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword strin }, MachineAuthApiKey: machineAuthApiKey, TransferSecret: revaTransferSecret, + MetadataUserID: metadataUserID, Idm: IdmExtension{ ServiceUserPasswords: ServiceUserPasswordsSettings{ AdminPassword: ocisAdminServicePassword, From 3074d70cae1329dfa0648f0b0b2844e7c3b18f4e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Mon, 2 May 2022 12:38:58 +0000 Subject: [PATCH 98/99] revert some debug changes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- .drone.star | 2 +- .vscode/launch.json | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/.drone.star b/.drone.star index 84e755fe07..98b27ef535 100644 --- a/.drone.star +++ b/.drone.star @@ -1710,7 +1710,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "PROXY_ENABLE_BASIC_AUTH": True, "WEB_UI_CONFIG": "/drone/src/tests/config/drone/ocis-config.json", "IDP_IDENTIFIER_REGISTRATION_CONF": "/drone/src/tests/config/drone/identifier-registration.yml", - "OCIS_LOG_LEVEL": "debug", + "OCIS_LOG_LEVEL": "error", "SETTINGS_DATA_PATH": "/srv/app/tmp/ocis/settings", "IDM_CREATE_DEMO_USERS": True, "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` diff --git a/.vscode/launch.json b/.vscode/launch.json index ddaf13bf75..aec90a875e 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -17,6 +17,23 @@ "OCIS_LOG_COLOR": "true", // enable basic auth for dev setup so that we can use curl for testing "PROXY_ENABLE_BASIC_AUTH": "true", + // set insecure options because we don't have valid certificates in dev environments + "OCIS_INSECURE": "true", + // set some hardcoded secrets + "OCIS_JWT_SECRET": "some-ocis-jwt-secret", + "STORAGE_TRANSFER_SECRET": "some-ocis-transfer-secret", + "OCIS_MACHINE_AUTH_API_KEY": "some-ocis-machine-auth-api-key", + // idm ldap + "IDM_SVC_PASSWORD": "some-ldap-idm-password", + "GRAPH_LDAP_BIND_PASSWORD": "some-ldap-idm-password", + // reva ldap + "IDM_REVASVC_PASSWORD": "some-ldap-reva-password", + "GROUPS_LDAP_BIND_PASSWORD": "some-ldap-reva-password", + "USERS_LDAP_BIND_PASSWORD": "some-ldap-reva-password", + "AUTH_BASIC_LDAP_BIND_PASSWORD": "some-ldap-reva-password", + // idp ldap + "IDM_IDPSVC_PASSWORD": "some-ldap-idp-password", + "IDP_LDAP_BIND_PASSWORD": "some-ldap-idp-password", // admin user default password "IDM_ADMIN_PASSWORD": "admin", // demo users From af54f4d824fe3098a167cece952e241f49fd2a05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Mon, 2 May 2022 13:16:56 +0000 Subject: [PATCH 99/99] Automated changelog update [skip ci] --- CHANGELOG.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 43c683f896..400ef744bf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ The following sections list the changes for unreleased. * Change - Reduce drives in graph /me/drives API: [#3629](https://github.com/owncloud/ocis/pull/3629) * Change - Switched default configuration to use libregraph/idm: [#3331](https://github.com/owncloud/ocis/pull/3331) * Enhancement - Align service naming: [#3606](https://github.com/owncloud/ocis/pull/3606) +* Enhancement - Wrap metadata storage with dedicated reva gateway: [#3602](https://github.com/owncloud/ocis/pull/3602) * Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787) * Enhancement - Added `share_jail` and `projects` feature flags in spaces capability: [#3626](https://github.com/owncloud/ocis/pull/3626) * Enhancement - Update linkshare capabilities: [#3579](https://github.com/owncloud/ocis/pull/3579) @@ -90,6 +91,15 @@ The following sections list the changes for unreleased. https://github.com/owncloud/ocis/issues/3603 https://github.com/owncloud/ocis/pull/3606 +* Enhancement - Wrap metadata storage with dedicated reva gateway: [#3602](https://github.com/owncloud/ocis/pull/3602) + + We wrapped the metadata storage in a minimal reva instance with a dedicated gateway, including + static storage registry, static auth registry, in memory userprovider, machine + authprovider and demo permissions service. This allows us to preconfigure the service user + for the ocis settings service, share and public share providers. + + https://github.com/owncloud/ocis/pull/3602 + * Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787) It is now possible to share a single file by link with edit permissions. Therefore we need a @@ -124,6 +134,7 @@ The following sections list the changes for unreleased. https://github.com/owncloud/ocis/pull/3552 https://github.com/owncloud/ocis/pull/3570 https://github.com/owncloud/ocis/pull/3601 + https://github.com/owncloud/ocis/pull/3602 https://github.com/owncloud/ocis/pull/3605 https://github.com/owncloud/ocis/pull/3611 https://github.com/owncloud/ocis/pull/3637