Merge branch 'master' into no-additional-init

2026-01-06 04:09:40 -06:00 · 2021-07-02 13:25:30 +02:00
parent 6991dd777d b3bae592d0
commit cb2323e9d6
662 changed files with 43303 additions and 29596 deletions
--- a/settings/pkg/assets/assets.go
+++ b/settings/pkg/assets/assets.go
@@ -15,7 +15,7 @@ import (
 	_ "golang.org/x/net/webdav"
 )

-//go:generate go run github.com/UnnoTed/fileb0x embed.yml
+//go:generate make -C ../.. embed.yml

 // assets gets initialized by New and provides the handler.
 type assets struct {
--- a/settings/pkg/assets/embed.go
+++ b/settings/pkg/assets/embed.go
--- a/settings/pkg/command/root.go
+++ b/settings/pkg/command/root.go
@@ -1,21 +1,24 @@
 package command

 import (
+	"context"
 	"os"
 	"strings"

+	"github.com/owncloud/ocis/ocis-pkg/sync"
+
 	"github.com/micro/cli/v2"
+	ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
 	"github.com/owncloud/ocis/ocis-pkg/log"
 	"github.com/owncloud/ocis/settings/pkg/config"
 	"github.com/owncloud/ocis/settings/pkg/flagset"
 	"github.com/owncloud/ocis/settings/pkg/version"
 	"github.com/spf13/viper"
+	"github.com/thejerf/suture/v4"
 )

 // Execute is the entry point for the ocis-settings command.
-func Execute() error {
-	cfg := config.New()
-
+func Execute(cfg *config.Config) error {
 	app := &cli.App{
 		Name:     "ocis-settings",
 		Version:  version.String,
@@ -63,11 +66,14 @@ func NewLogger(cfg *config.Config) log.Logger {
 		log.Level(cfg.Log.Level),
 		log.Pretty(cfg.Log.Pretty),
 		log.Color(cfg.Log.Color),
+		log.File(cfg.Log.File),
 	)
 }

 // ParseConfig loads settings configuration from Viper known paths.
 func ParseConfig(c *cli.Context, cfg *config.Config) error {
+	sync.ParsingViperConfig.Lock()
+	defer sync.ParsingViperConfig.Unlock()
 	logger := NewLogger(cfg)

 	viper.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
@@ -108,3 +114,28 @@ func ParseConfig(c *cli.Context, cfg *config.Config) error {

 	return nil
 }
+
+// SutureService allows for the settings command to be embedded and supervised by a suture supervisor tree.
+type SutureService struct {
+	cfg *config.Config
+}
+
+// NewSutureService creates a new settings.SutureService
+func NewSutureService(cfg *ociscfg.Config) suture.Service {
+	if cfg.Mode == 0 {
+		cfg.Settings.Supervised = true
+	}
+	cfg.Settings.Log.File = cfg.Log.File
+	return SutureService{
+		cfg: cfg.Settings,
+	}
+}
+
+func (s SutureService) Serve(ctx context.Context) error {
+	s.cfg.Context = ctx
+	if err := Execute(s.cfg); err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/settings/pkg/command/server.go
+++ b/settings/pkg/command/server.go
@@ -2,27 +2,18 @@ package command

 import (
 	"context"
-	"os"
-	"os/signal"
 	"strings"
-	"time"

-	"github.com/owncloud/ocis/settings/pkg/metrics"
-
-	"contrib.go.opencensus.io/exporter/jaeger"
-	"contrib.go.opencensus.io/exporter/ocagent"
-	"contrib.go.opencensus.io/exporter/zipkin"
 	"github.com/micro/cli/v2"
 	"github.com/oklog/run"
-	openzipkin "github.com/openzipkin/zipkin-go"
-	zipkinhttp "github.com/openzipkin/zipkin-go/reporter/http"
+	"github.com/owncloud/ocis/ocis-pkg/sync"
 	"github.com/owncloud/ocis/settings/pkg/config"
 	"github.com/owncloud/ocis/settings/pkg/flagset"
+	"github.com/owncloud/ocis/settings/pkg/metrics"
 	"github.com/owncloud/ocis/settings/pkg/server/debug"
 	"github.com/owncloud/ocis/settings/pkg/server/grpc"
 	"github.com/owncloud/ocis/settings/pkg/server/http"
-	"go.opencensus.io/stats/view"
-	"go.opencensus.io/trace"
+	"github.com/owncloud/ocis/settings/pkg/tracing"
 )

 // Server is the entrypoint for the server command.
@@ -32,202 +23,76 @@ func Server(cfg *config.Config) *cli.Command {
 		Usage: "Start integrated server",
 		Flags: flagset.ServerWithConfig(cfg),
 		Before: func(ctx *cli.Context) error {
+			logger := NewLogger(cfg)
 			if cfg.HTTP.Root != "/" {
 				cfg.HTTP.Root = strings.TrimSuffix(cfg.HTTP.Root, "/")
 			}

 			// When running on single binary mode the before hook from the root command won't get called. We manually
 			// call this before hook from ocis command, so the configuration can be loaded.
-			return ParseConfig(ctx, cfg)
+			if !cfg.Supervised {
+				return ParseConfig(ctx, cfg)
+			}
+			logger.Debug().Str("service", "settings").Msg("ignoring config file parsing when running supervised")
+			return nil
 		},
 		Action: func(c *cli.Context) error {
 			logger := NewLogger(cfg)

-			if cfg.Tracing.Enabled {
-				switch t := cfg.Tracing.Type; t {
-				case "agent":
-					exporter, err := ocagent.NewExporter(
-						ocagent.WithReconnectionPeriod(5*time.Second),
-						ocagent.WithAddress(cfg.Tracing.Endpoint),
-						ocagent.WithServiceName(cfg.Tracing.Service),
-					)
-
-					if err != nil {
-						logger.Error().
-							Err(err).
-							Str("endpoint", cfg.Tracing.Endpoint).
-							Str("collector", cfg.Tracing.Collector).
-							Msg("Failed to create agent tracing")
-
-						return err
-					}
-
-					trace.RegisterExporter(exporter)
-					view.RegisterExporter(exporter)
-
-				case "jaeger":
-					exporter, err := jaeger.NewExporter(
-						jaeger.Options{
-							AgentEndpoint:     cfg.Tracing.Endpoint,
-							CollectorEndpoint: cfg.Tracing.Collector,
-							Process: jaeger.Process{
-								ServiceName: cfg.Tracing.Service,
-							},
-						},
-					)
-
-					if err != nil {
-						logger.Error().
-							Err(err).
-							Str("endpoint", cfg.Tracing.Endpoint).
-							Str("collector", cfg.Tracing.Collector).
-							Msg("Failed to create jaeger tracing")
-
-						return err
-					}
-
-					trace.RegisterExporter(exporter)
-
-				case "zipkin":
-					endpoint, err := openzipkin.NewEndpoint(
-						cfg.Tracing.Service,
-						cfg.Tracing.Endpoint,
-					)
-
-					if err != nil {
-						logger.Error().
-							Err(err).
-							Str("endpoint", cfg.Tracing.Endpoint).
-							Str("collector", cfg.Tracing.Collector).
-							Msg("Failed to create zipkin tracing")
-
-						return err
-					}
-
-					exporter := zipkin.NewExporter(
-						zipkinhttp.NewReporter(
-							cfg.Tracing.Collector,
-						),
-						endpoint,
-					)
-
-					trace.RegisterExporter(exporter)
-
-				default:
-					logger.Warn().
-						Str("type", t).
-						Msg("Unknown tracing backend")
-				}
-
-				trace.ApplyConfig(
-					trace.Config{
-						DefaultSampler: trace.AlwaysSample(),
-					},
-				)
-			} else {
-				logger.Debug().
-					Msg("Tracing is not enabled")
+			err := tracing.Configure(cfg, logger)
+			if err != nil {
+				return err
 			}

-			var (
-				gr          = run.Group{}
-				ctx, cancel = context.WithCancel(context.Background())
-				mtrcs       = metrics.New()
-			)
-
+			servers := run.Group{}
+			ctx, cancel := func() (context.Context, context.CancelFunc) {
+				if cfg.Context == nil {
+					return context.WithCancel(context.Background())
+				}
+				return context.WithCancel(cfg.Context)
+			}()
 			defer cancel()

+			mtrcs := metrics.New()
 			mtrcs.BuildInfo.WithLabelValues(cfg.Service.Version).Set(1)

-			{
-				server := http.Server(
-					http.Name(cfg.Service.Name),
-					http.Logger(logger),
-					http.Context(ctx),
-					http.Config(cfg),
-					http.Metrics(mtrcs),
-					http.Flags(flagset.RootWithConfig(config.New())),
-					http.Flags(flagset.ServerWithConfig(config.New())),
-				)
+			// prepare an HTTP server and add it to the group run.
+			httpServer := http.Server(
+				http.Name(cfg.Service.Name),
+				http.Logger(logger),
+				http.Context(ctx),
+				http.Config(cfg),
+				http.Metrics(mtrcs),
+			)
+			servers.Add(httpServer.Run, func(_ error) {
+				logger.Info().Str("server", "http").Msg("Shutting down server")
+				cancel()
+			})

-				gr.Add(server.Run, func(_ error) {
-					logger.Info().
-						Str("server", "http").
-						Msg("Shutting down server")
+			// prepare a gRPC server and add it to the group run.
+			grpcServer := grpc.Server(grpc.Name(cfg.Service.Name), grpc.Logger(logger), grpc.Context(ctx), grpc.Config(cfg), grpc.Metrics(mtrcs))
+			servers.Add(grpcServer.Run, func(_ error) {
+				logger.Info().Str("server", "grpc").Msg("Shutting down server")
+				cancel()
+			})

-					cancel()
-				})
+			// prepare a debug server and add it to the group run.
+			debugServer, err := debug.Server(debug.Logger(logger), debug.Context(ctx), debug.Config(cfg))
+			if err != nil {
+				logger.Error().Err(err).Str("server", "debug").Msg("Failed to initialize server")
+				return err
 			}

-			{
-				server := grpc.Server(
-					grpc.Name(cfg.Service.Name),
-					grpc.Logger(logger),
-					grpc.Context(ctx),
-					grpc.Config(cfg),
-					grpc.Metrics(mtrcs),
-				)
+			servers.Add(debugServer.ListenAndServe, func(_ error) {
+				_ = debugServer.Shutdown(ctx)
+				cancel()
+			})

-				gr.Add(server.Run, func(_ error) {
-					logger.Info().
-						Str("server", "grpc").
-						Msg("Shutting down server")
-
-					cancel()
-				})
+			if !cfg.Supervised {
+				sync.Trap(&servers, cancel)
 			}

-			{
-				server, err := debug.Server(
-					debug.Logger(logger),
-					debug.Context(ctx),
-					debug.Config(cfg),
-				)
-
-				if err != nil {
-					logger.Error().
-						Err(err).
-						Str("server", "debug").
-						Msg("Failed to initialize server")
-
-					return err
-				}
-
-				gr.Add(server.ListenAndServe, func(_ error) {
-					ctx, timeout := context.WithTimeout(ctx, 5*time.Second)
-
-					defer timeout()
-					defer cancel()
-
-					if err := server.Shutdown(ctx); err != nil {
-						logger.Error().
-							Err(err).
-							Str("server", "debug").
-							Msg("Failed to shutdown server")
-					} else {
-						logger.Info().
-							Str("server", "debug").
-							Msg("Shutting down server")
-					}
-				})
-			}
-
-			{
-				stop := make(chan os.Signal, 1)
-
-				gr.Add(func() error {
-					signal.Notify(stop, os.Interrupt)
-
-					<-stop
-
-					return nil
-				}, func(err error) {
-					close(stop)
-					cancel()
-				})
-			}
-
-			return gr.Run()
+			return servers.Run()
 		},
 	}
 }
--- a/settings/pkg/config/config.go
+++ b/settings/pkg/config/config.go
@@ -1,10 +1,13 @@
 package config

+import "context"
+
 // Log defines the available logging configuration.
 type Log struct {
 	Level  string
 	Pretty bool
 	Color  bool
+	File   string
 }

 // Debug defines the available debug configuration.
@@ -66,6 +69,9 @@ type Config struct {
 	Tracing      Tracing
 	Asset        Asset
 	TokenManager TokenManager
+
+	Context    context.Context
+	Supervised bool
 }

 // New initializes a new configuration with or without defaults.
--- a/settings/pkg/flagset/flagset.go
+++ b/settings/pkg/flagset/flagset.go
@@ -2,6 +2,7 @@ package flagset

 import (
 	"github.com/micro/cli/v2"
+	"github.com/owncloud/ocis/ocis-pkg/flags"
 	"github.com/owncloud/ocis/settings/pkg/config"
 )

@@ -10,23 +11,20 @@ func RootWithConfig(cfg *config.Config) []cli.Flag {
 	return []cli.Flag{
 		&cli.StringFlag{
 			Name:        "log-level",
-			Value:       "info",
 			Usage:       "Set logging level",
-			EnvVars:     []string{"SETTINGS_LOG_LEVEL"},
+			EnvVars:     []string{"SETTINGS_LOG_LEVEL", "OCIS_LOG_LEVEL"},
 			Destination: &cfg.Log.Level,
 		},
 		&cli.BoolFlag{
 			Name:        "log-pretty",
-			Value:       true,
 			Usage:       "Enable pretty logging",
-			EnvVars:     []string{"SETTINGS_LOG_PRETTY"},
+			EnvVars:     []string{"SETTINGS_LOG_PRETTY", "OCIS_LOG_PRETTY"},
 			Destination: &cfg.Log.Pretty,
 		},
 		&cli.BoolFlag{
 			Name:        "log-color",
-			Value:       true,
 			Usage:       "Enable colored logging",
-			EnvVars:     []string{"SETTINGS_LOG_COLOR"},
+			EnvVars:     []string{"SETTINGS_LOG_COLOR", "OCIS_LOG_COLOR"},
 			Destination: &cfg.Log.Color,
 		},
 	}
@@ -37,7 +35,7 @@ func HealthWithConfig(cfg *config.Config) []cli.Flag {
 	return []cli.Flag{
 		&cli.StringFlag{
 			Name:        "debug-addr",
-			Value:       "0.0.0.0:9194",
+			Value:       flags.OverrideDefaultString(cfg.Debug.Addr, "0.0.0.0:9194"),
 			Usage:       "Address to debug endpoint",
 			EnvVars:     []string{"SETTINGS_DEBUG_ADDR"},
 			Destination: &cfg.Debug.Addr,
@@ -63,42 +61,42 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag {
 		},
 		&cli.StringFlag{
 			Name:        "tracing-type",
-			Value:       "jaeger",
+			Value:       flags.OverrideDefaultString(cfg.Tracing.Type, "jaeger"),
 			Usage:       "Tracing backend type",
 			EnvVars:     []string{"SETTINGS_TRACING_TYPE"},
 			Destination: &cfg.Tracing.Type,
 		},
 		&cli.StringFlag{
 			Name:        "tracing-endpoint",
-			Value:       "",
+			Value:       flags.OverrideDefaultString(cfg.Tracing.Endpoint, ""),
 			Usage:       "Endpoint for the agent",
 			EnvVars:     []string{"SETTINGS_TRACING_ENDPOINT"},
 			Destination: &cfg.Tracing.Endpoint,
 		},
 		&cli.StringFlag{
 			Name:        "tracing-collector",
-			Value:       "",
+			Value:       flags.OverrideDefaultString(cfg.Tracing.Collector, ""),
 			Usage:       "Endpoint for the collector",
 			EnvVars:     []string{"SETTINGS_TRACING_COLLECTOR"},
 			Destination: &cfg.Tracing.Collector,
 		},
 		&cli.StringFlag{
 			Name:        "tracing-service",
-			Value:       "settings",
+			Value:       flags.OverrideDefaultString(cfg.Tracing.Service, "settings"),
 			Usage:       "Service name for tracing",
 			EnvVars:     []string{"SETTINGS_TRACING_SERVICE"},
 			Destination: &cfg.Tracing.Service,
 		},
 		&cli.StringFlag{
 			Name:        "debug-addr",
-			Value:       "0.0.0.0:9194",
+			Value:       flags.OverrideDefaultString(cfg.Debug.Addr, "0.0.0.0:9194"),
 			Usage:       "Address to bind debug server",
 			EnvVars:     []string{"SETTINGS_DEBUG_ADDR"},
 			Destination: &cfg.Debug.Addr,
 		},
 		&cli.StringFlag{
 			Name:        "debug-token",
-			Value:       "",
+			Value:       flags.OverrideDefaultString(cfg.Debug.Token, ""),
 			Usage:       "Token to grant metrics access",
 			EnvVars:     []string{"SETTINGS_DEBUG_TOKEN"},
 			Destination: &cfg.Debug.Token,
@@ -117,74 +115,78 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag {
 		},
 		&cli.StringFlag{
 			Name:        "http-addr",
-			Value:       "0.0.0.0:9190",
+			Value:       flags.OverrideDefaultString(cfg.HTTP.Addr, "0.0.0.0:9190"),
 			Usage:       "Address to bind http server",
 			EnvVars:     []string{"SETTINGS_HTTP_ADDR"},
 			Destination: &cfg.HTTP.Addr,
 		},
 		&cli.StringFlag{
 			Name:        "http-namespace",
-			Value:       "com.owncloud.web",
+			Value:       flags.OverrideDefaultString(cfg.HTTP.Namespace, "com.owncloud.web"),
 			Usage:       "Set the base namespace for the http namespace",
 			EnvVars:     []string{"SETTINGS_HTTP_NAMESPACE"},
 			Destination: &cfg.HTTP.Namespace,
 		},
 		&cli.StringFlag{
 			Name:        "http-root",
-			Value:       "/",
+			Value:       flags.OverrideDefaultString(cfg.HTTP.Root, "/"),
 			Usage:       "Root path of http server",
 			EnvVars:     []string{"SETTINGS_HTTP_ROOT"},
 			Destination: &cfg.HTTP.Root,
 		},
 		&cli.IntFlag{
 			Name:        "http-cache-ttl",
-			Value:       604800, // 7 days
+			Value:       flags.OverrideDefaultInt(cfg.HTTP.CacheTTL, 604800), // 10 days
 			Usage:       "Set the static assets caching duration in seconds",
 			EnvVars:     []string{"SETTINGS_CACHE_TTL"},
 			Destination: &cfg.HTTP.CacheTTL,
 		},
 		&cli.StringFlag{
 			Name:        "grpc-addr",
-			Value:       "0.0.0.0:9191",
+			Value:       flags.OverrideDefaultString(cfg.GRPC.Addr, "0.0.0.0:9191"),
 			Usage:       "Address to bind grpc server",
 			EnvVars:     []string{"SETTINGS_GRPC_ADDR"},
 			Destination: &cfg.GRPC.Addr,
 		},
 		&cli.StringFlag{
 			Name:        "asset-path",
-			Value:       "",
+			Value:       flags.OverrideDefaultString(cfg.Asset.Path, ""),
 			Usage:       "Path to custom assets",
 			EnvVars:     []string{"SETTINGS_ASSET_PATH"},
 			Destination: &cfg.Asset.Path,
 		},
 		&cli.StringFlag{
 			Name:        "grpc-namespace",
-			Value:       "com.owncloud.api",
+			Value:       flags.OverrideDefaultString(cfg.GRPC.Namespace, "com.owncloud.api"),
 			Usage:       "Set the base namespace for the grpc namespace",
 			EnvVars:     []string{"SETTINGS_GRPC_NAMESPACE"},
 			Destination: &cfg.GRPC.Namespace,
 		},
 		&cli.StringFlag{
 			Name:        "name",
-			Value:       "settings",
+			Value:       flags.OverrideDefaultString(cfg.Service.Name, "settings"),
 			Usage:       "service name",
 			EnvVars:     []string{"SETTINGS_NAME"},
 			Destination: &cfg.Service.Name,
 		},
 		&cli.StringFlag{
 			Name:        "data-path",
-			Value:       "/var/tmp/ocis/settings",
+			Value:       flags.OverrideDefaultString(cfg.Service.DataPath, "/var/tmp/ocis/settings"),
 			Usage:       "Mount path for the storage",
 			EnvVars:     []string{"SETTINGS_DATA_PATH"},
 			Destination: &cfg.Service.DataPath,
 		},
 		&cli.StringFlag{
 			Name:        "jwt-secret",
-			Value:       "Pive-Fumkiu4",
+			Value:       flags.OverrideDefaultString(cfg.TokenManager.JWTSecret, "Pive-Fumkiu4"),
 			Usage:       "Used to create JWT to talk to reva, should equal reva's jwt-secret",
 			EnvVars:     []string{"SETTINGS_JWT_SECRET", "OCIS_JWT_SECRET"},
 			Destination: &cfg.TokenManager.JWTSecret,
 		},
+		&cli.StringFlag{
+			Name:  "extensions",
+			Usage: "Run specific extensions during supervised mode. This flag is set by the runtime",
+		},
 	}
 }

@@ -193,14 +195,14 @@ func ListSettingsWithConfig(cfg *config.Config) []cli.Flag {
 	return []cli.Flag{
 		&cli.StringFlag{
 			Name:        "grpc-namespace",
-			Value:       "com.owncloud.api",
+			Value:       flags.OverrideDefaultString(cfg.GRPC.Namespace, "com.owncloud.api"),
 			Usage:       "Set the base namespace for the grpc namespace",
 			EnvVars:     []string{"SETTINGS_GRPC_NAMESPACE"},
 			Destination: &cfg.GRPC.Namespace,
 		},
 		&cli.StringFlag{
 			Name:        "name",
-			Value:       "settings",
+			Value:       flags.OverrideDefaultString(cfg.Service.Name, "settings"),
 			Usage:       "service name",
 			EnvVars:     []string{"SETTINGS_NAME"},
 			Destination: &cfg.Service.Name,
--- a/settings/pkg/proto/v0/settings.pb.go
+++ b/settings/pkg/proto/v0/settings.pb.go
--- a/settings/pkg/proto/v0/settings.pb.micro_test.go
+++ b/settings/pkg/proto/v0/settings.pb.micro_test.go
@@ -1005,7 +1005,6 @@ func TestListRolesAfterSavingBundle(t *testing.T) {
 					name:        bundle.Name,
 				})
 			}
-			assert.Equal(t, len(tt.expectedBundles), len(rolesRes.Bundles))
 		})
 	}
 }
@@ -1267,13 +1266,19 @@ func TestListFilteredBundle(t *testing.T) {
 			listRes, err := bundleService.ListBundles(ctx, &proto.ListBundlesRequest{})
 			assert.NoError(t, err)

-			for _, bundle := range listRes.Bundles {
-				assert.Contains(t, tt.expectedBundles, expectedBundle{
-					displayName: bundle.DisplayName,
-					name:        bundle.Name,
+			// we don't want to deep-assert the values returned only add checks on name and displayName
+			// this will suffice.
+			listResAsExpectedBundle := make([]expectedBundle, 0)
+			for i := range listRes.Bundles {
+				listResAsExpectedBundle = append(listResAsExpectedBundle, expectedBundle{
+					displayName: listRes.Bundles[i].DisplayName,
+					name:        listRes.Bundles[i].Name,
 				})
 			}
-			assert.Equal(t, len(tt.expectedBundles), len(listRes.Bundles))
+
+			for _, bundle := range tt.expectedBundles {
+				assert.Contains(t, listResAsExpectedBundle, bundle)
+			}
 		})
 	}
 }
@@ -1568,13 +1573,19 @@ func TestListGetBundleSettingMixedPermission(t *testing.T) {
 			listRes, err := bundleService.ListBundles(ctx, &proto.ListBundlesRequest{})
 			assert.NoError(t, err)

-			for _, setting := range listRes.Bundles[0].Settings {
-				assert.Contains(t, tt.expectedSettings, expectedSetting{
-					displayName: setting.DisplayName,
-					name:        setting.Name,
-				})
+			listedSettings := make([]expectedSetting, 0)
+			for i := range listRes.Bundles {
+				for _, setting := range listRes.Bundles[i].Settings {
+					listedSettings = append(listedSettings, expectedSetting{
+						displayName: setting.DisplayName,
+						name:        setting.Name,
+					})
+				}
+			}
+
+			for i := range tt.expectedSettings {
+				assert.Contains(t, listedSettings, tt.expectedSettings[i])
 			}
-			assert.Equal(t, len(tt.expectedSettings), len(listRes.Bundles[0].Settings))

 			getRes, err := bundleService.GetBundle(ctx, &proto.GetBundleRequest{BundleId: bundle.Id})
 			assert.NoError(t, err)
@@ -1585,59 +1596,6 @@ func TestListGetBundleSettingMixedPermission(t *testing.T) {
 					name:        setting.Name,
 				})
 			}
-			assert.Equal(t, len(tt.expectedSettings), len(getRes.Bundle.Settings))
-		})
-	}
-}
-
-func TestListFilteredBundle_SetPermissionsOnSettingAndBundle(t *testing.T) {
-	tests := []struct {
-		name                     string
-		settingPermission        proto.Permission_Operation
-		bundlePermission         proto.Permission_Operation
-		expectedAmountOfSettings int
-	}{
-		{
-			"setting has read permission bundle not",
-			proto.Permission_OPERATION_READ,
-			proto.Permission_OPERATION_UNKNOWN,
-			1,
-		},
-		{
-			"bundle has read permission setting not",
-			proto.Permission_OPERATION_UNKNOWN,
-			proto.Permission_OPERATION_READ,
-			5,
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			teardown := setup()
-			defer teardown()
-
-			ctx := metadata.Set(context.Background(), middleware.AccountID, testAccountID)
-			ctx = metadata.Set(ctx, middleware.RoleIDs, getRoleIDAsJSON(svc.BundleUUIDRoleAdmin))
-
-			_, err := bundleService.SaveBundle(ctx, &proto.SaveBundleRequest{
-				Bundle: &bundleStub,
-			})
-			assert.NoError(t, err)
-
-			setPermissionOnBundleOrSetting(
-				ctx, t, bundleStub.Id, proto.Resource_TYPE_BUNDLE, tt.bundlePermission, svc.BundleUUIDRoleAdmin,
-			)
-
-			setPermissionOnBundleOrSetting(
-				ctx, t, bundleStub.Settings[0].Id, proto.Resource_TYPE_SETTING,
-				tt.settingPermission, svc.BundleUUIDRoleAdmin,
-			)
-
-			listRes, err := bundleService.ListBundles(ctx, &proto.ListBundlesRequest{})
-			assert.NoError(t, err)
-			assert.Equal(t, 1, len(listRes.Bundles))
-			assert.Equal(t, tt.expectedAmountOfSettings, len(listRes.Bundles[0].Settings))
-			assert.Equal(t, bundleStub.Id, listRes.Bundles[0].Id)
-			assert.Equal(t, bundleStub.Settings[0].Id, listRes.Bundles[0].Settings[0].Id)
 		})
 	}
 }
--- a/settings/pkg/proto/v0/settings.proto
+++ b/settings/pkg/proto/v0/settings.proto
@@ -1,7 +1,8 @@
 syntax = "proto3";

-package proto;
-option go_package = "pkg/proto/v0;proto";
+package com.owncloud.ocis.settings.v0;
+
+option go_package = "github.com/owncloud/ocis/settings/pkg/proto/v0;proto";

 import "google/api/annotations.proto";
 import "google/protobuf/empty.proto";
@@ -9,28 +10,28 @@ import "google/protobuf/empty.proto";
 import "protoc-gen-openapiv2/options/annotations.proto";

 option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = {
-  info: {	
-    title: "ownCloud Infinite Scale settings";	
-    version: "1.0.0";	
-    contact: {	
-      name: "ownCloud GmbH";	
-      url: "https://github.com/owncloud/ocis";	
-      email: "support@owncloud.com";	
-    };	
-    license: {	
-      name: "Apache-2.0";	
-      url: "https://github.com/owncloud/ocis/blob/master/LICENSE";	
-    };	
-  };	
-  schemes: HTTP;	
-  schemes: HTTPS;	
-  consumes: "application/json";	
-  produces: "application/json";	
-  external_docs: {	
-    description: "Developer Manual";	
-    url: "https://owncloud.github.io/extensions/settings/";	
-  };	
-};	
+  info: {
+    title: "ownCloud Infinite Scale settings";
+    version: "1.0.0";
+    contact: {
+      name: "ownCloud GmbH";
+      url: "https://github.com/owncloud/ocis";
+      email: "support@owncloud.com";
+    };
+    license: {
+      name: "Apache-2.0";
+      url: "https://github.com/owncloud/ocis/blob/master/LICENSE";
+    };
+  };
+  schemes: HTTP;
+  schemes: HTTPS;
+  consumes: "application/json";
+  produces: "application/json";
+  external_docs: {
+    description: "Developer Manual";
+    url: "https://owncloud.dev/extensions/settings/";
+  };
+};

 service BundleService {
  rpc SaveBundle(SaveBundleRequest) returns (SaveBundleResponse) {
--- a/settings/pkg/proto/v0/settings.swagger.json
+++ b/settings/pkg/proto/v0/settings.swagger.json
--- a/settings/pkg/service/v0/service.go
+++ b/settings/pkg/service/v0/service.go
@@ -65,6 +65,12 @@ func (g Service) RegisterDefaultRoles() {
 				Msg("failed to register permission")
 		}
 	}
+
+	for _, req := range defaultRoleAssignments() {
+		if _, err := g.manager.WriteRoleAssignment(req.AccountUuid, req.RoleId); err != nil {
+			g.logger.Error().Err(err).Msg("failed to register role assignment")
+		}
+	}
 }

 // TODO: check permissions on every request
--- a/settings/pkg/service/v0/settings.go
+++ b/settings/pkg/service/v0/settings.go
@@ -1,6 +1,8 @@
 package svc

-import settings "github.com/owncloud/ocis/settings/pkg/proto/v0"
+import (
+	settings "github.com/owncloud/ocis/settings/pkg/proto/v0"
+)

 const (
 	// BundleUUIDRoleAdmin represents the admin role
@@ -21,6 +23,21 @@ const (
 	SettingsManagementPermissionID string = "79e13b30-3e22-11eb-bc51-0b9f0bad9a58"
 	// SettingsManagementPermissionName is the hardcoded setting name for the settings management permission
 	SettingsManagementPermissionName string = "settings-management"
+
+	settingUUIDProfileLanguage = "aa8cfbe5-95d4-4f7e-a032-c3c01f5f062f"
+
+	// AccountManagementPermissionID is the hardcoded setting UUID for the account management permission
+	AccountManagementPermissionID string = "8e587774-d929-4215-910b-a317b1e80f73"
+	// AccountManagementPermissionName is the hardcoded setting name for the account management permission
+	AccountManagementPermissionName string = "account-management"
+	// GroupManagementPermissionID is the hardcoded setting UUID for the group management permission
+	GroupManagementPermissionID string = "522adfbe-5908-45b4-b135-41979de73245"
+	// GroupManagementPermissionName is the hardcoded setting name for the group management permission
+	GroupManagementPermissionName string = "group-management"
+	// SelfManagementPermissionID is the hardcoded setting UUID for the self management permission
+	SelfManagementPermissionID string = "e03070e9-4362-4cc6-a872-1c7cb2eb2b8e"
+	// SelfManagementPermissionName is the hardcoded setting name for the self management permission
+	SelfManagementPermissionName string = "self-management"
 )

 // generateBundlesDefaultRoles bootstraps the default roles.
@@ -29,6 +46,7 @@ func generateBundlesDefaultRoles() []*settings.Bundle {
 		generateBundleAdminRole(),
 		generateBundleUserRole(),
 		generateBundleGuestRole(),
+		generateBundleProfileRequest(),
 	}
 }

@@ -74,6 +92,94 @@ func generateBundleGuestRole() *settings.Bundle {
 	}
 }

+var languageSetting = settings.Setting_SingleChoiceValue{
+	SingleChoiceValue: &settings.SingleChoiceList{
+		Options: []*settings.ListOption{
+			{
+				Value: &settings.ListOptionValue{
+					Option: &settings.ListOptionValue_StringValue{
+						StringValue: "cs",
+					},
+				},
+				DisplayValue: "Czech",
+			},
+			{
+				Value: &settings.ListOptionValue{
+					Option: &settings.ListOptionValue_StringValue{
+						StringValue: "de",
+					},
+				},
+				DisplayValue: "Deutsch",
+			},
+			{
+				Value: &settings.ListOptionValue{
+					Option: &settings.ListOptionValue_StringValue{
+						StringValue: "en",
+					},
+				},
+				DisplayValue: "English",
+			},
+			{
+				Value: &settings.ListOptionValue{
+					Option: &settings.ListOptionValue_StringValue{
+						StringValue: "es",
+					},
+				},
+				DisplayValue: "Español",
+			},
+			{
+				Value: &settings.ListOptionValue{
+					Option: &settings.ListOptionValue_StringValue{
+						StringValue: "fr",
+					},
+				},
+				DisplayValue: "Français",
+			},
+			{
+				Value: &settings.ListOptionValue{
+					Option: &settings.ListOptionValue_StringValue{
+						StringValue: "gl",
+					},
+				},
+				DisplayValue: "Galego",
+			},
+			{
+				Value: &settings.ListOptionValue{
+					Option: &settings.ListOptionValue_StringValue{
+						StringValue: "it",
+					},
+				},
+				DisplayValue: "Italiano",
+			},
+		},
+	},
+}
+
+func generateBundleProfileRequest() *settings.Bundle {
+	return &settings.Bundle{
+		Id:        "2a506de7-99bd-4f0d-994e-c38e72c28fd9",
+		Name:      "profile",
+		Extension: "ocis-accounts",
+		Type:      settings.Bundle_TYPE_DEFAULT,
+		Resource: &settings.Resource{
+			Type: settings.Resource_TYPE_SYSTEM,
+		},
+		DisplayName: "Profile",
+		Settings: []*settings.Setting{
+			{
+				Id:          settingUUIDProfileLanguage,
+				Name:        "language",
+				DisplayName: "Language",
+				Description: "User language",
+				Resource: &settings.Resource{
+					Type: settings.Resource_TYPE_USER,
+				},
+				Value: &languageSetting,
+			},
+		},
+	}
+}
+
 func generatePermissionRequests() []*settings.AddSettingToBundleRequest {
 	return []*settings.AddSettingToBundleRequest{
 		{
@@ -114,5 +220,146 @@ func generatePermissionRequests() []*settings.AddSettingToBundleRequest {
 				},
 			},
 		},
+		{
+			BundleId: BundleUUIDRoleAdmin,
+			Setting: &settings.Setting{
+				Id:          "7d81f103-0488-4853-bce5-98dcce36d649",
+				Name:        "language-readwrite",
+				DisplayName: "Permission to read and set the language (anyone)",
+				Resource: &settings.Resource{
+					Type: settings.Resource_TYPE_SETTING,
+					Id:   settingUUIDProfileLanguage,
+				},
+				Value: &settings.Setting_PermissionValue{
+					PermissionValue: &settings.Permission{
+						Operation:  settings.Permission_OPERATION_READWRITE,
+						Constraint: settings.Permission_CONSTRAINT_ALL,
+					},
+				},
+			},
+		},
+		{
+			BundleId: BundleUUIDRoleUser,
+			Setting: &settings.Setting{
+				Id:          "640e00d2-4df8-41bd-b1c2-9f30a01e0e99",
+				Name:        "language-readwrite",
+				DisplayName: "Permission to read and set the language (self)",
+				Resource: &settings.Resource{
+					Type: settings.Resource_TYPE_SETTING,
+					Id:   settingUUIDProfileLanguage,
+				},
+				Value: &settings.Setting_PermissionValue{
+					PermissionValue: &settings.Permission{
+						Operation:  settings.Permission_OPERATION_READWRITE,
+						Constraint: settings.Permission_CONSTRAINT_OWN,
+					},
+				},
+			},
+		},
+		{
+			BundleId: BundleUUIDRoleGuest,
+			Setting: &settings.Setting{
+				Id:          "ca878636-8b1a-4fae-8282-8617a4c13597",
+				Name:        "language-readwrite",
+				DisplayName: "Permission to read and set the language (self)",
+				Resource: &settings.Resource{
+					Type: settings.Resource_TYPE_SETTING,
+					Id:   settingUUIDProfileLanguage,
+				},
+				Value: &settings.Setting_PermissionValue{
+					PermissionValue: &settings.Permission{
+						Operation:  settings.Permission_OPERATION_READWRITE,
+						Constraint: settings.Permission_CONSTRAINT_OWN,
+					},
+				},
+			},
+		},
+		{
+			BundleId: BundleUUIDRoleAdmin,
+			Setting: &settings.Setting{
+				Id:          AccountManagementPermissionID,
+				Name:        AccountManagementPermissionName,
+				DisplayName: "Account Management",
+				Description: "This permission gives full access to everything that is related to account management.",
+				Resource: &settings.Resource{
+					Type: settings.Resource_TYPE_USER,
+					Id:   "all",
+				},
+				Value: &settings.Setting_PermissionValue{
+					PermissionValue: &settings.Permission{
+						Operation:  settings.Permission_OPERATION_READWRITE,
+						Constraint: settings.Permission_CONSTRAINT_ALL,
+					},
+				},
+			},
+		},
+		{
+			BundleId: BundleUUIDRoleAdmin,
+			Setting: &settings.Setting{
+				Id:          GroupManagementPermissionID,
+				Name:        GroupManagementPermissionName,
+				DisplayName: "Group Management",
+				Description: "This permission gives full access to everything that is related to group management.",
+				Resource: &settings.Resource{
+					Type: settings.Resource_TYPE_GROUP,
+					Id:   "all",
+				},
+				Value: &settings.Setting_PermissionValue{
+					PermissionValue: &settings.Permission{
+						Operation:  settings.Permission_OPERATION_READWRITE,
+						Constraint: settings.Permission_CONSTRAINT_ALL,
+					},
+				},
+			},
+		},
+		{
+			BundleId: BundleUUIDRoleUser,
+			Setting: &settings.Setting{
+				Id:          SelfManagementPermissionID,
+				Name:        SelfManagementPermissionName,
+				DisplayName: "Self Management",
+				Description: "This permission gives access to self management.",
+				Resource: &settings.Resource{
+					Type: settings.Resource_TYPE_USER,
+					Id:   "me",
+				},
+				Value: &settings.Setting_PermissionValue{
+					PermissionValue: &settings.Permission{
+						Operation:  settings.Permission_OPERATION_READWRITE,
+						Constraint: settings.Permission_CONSTRAINT_OWN,
+					},
+				},
+			},
+		},
+	}
+}
+
+func defaultRoleAssignments() []*settings.UserRoleAssignment {
+	return []*settings.UserRoleAssignment{
+		// default admin users
+		{
+			AccountUuid: "058bff95-6708-4fe5-91e4-9ea3d377588b",
+			RoleId:      BundleUUIDRoleAdmin,
+		}, {
+			AccountUuid: "ddc2004c-0977-11eb-9d3f-a793888cd0f8",
+			RoleId:      BundleUUIDRoleAdmin,
+		}, {
+			AccountUuid: "820ba2a1-3f54-4538-80a4-2d73007e30bf",
+			RoleId:      BundleUUIDRoleAdmin,
+		}, {
+			AccountUuid: "bc596f3c-c955-4328-80a0-60d018b4ad57",
+			RoleId:      BundleUUIDRoleAdmin,
+		},
+		// default users with role "user"
+		{
+			AccountUuid: "4c510ada-c86b-4815-8820-42cdf82c3d51",
+			RoleId:      BundleUUIDRoleUser,
+		}, {
+			AccountUuid: "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c",
+			RoleId:      BundleUUIDRoleUser,
+		}, {
+			AccountUuid: "932b4540-8d16-481e-8ef4-588e4b6b151c",
+			RoleId:      BundleUUIDRoleUser,
+		},
 	}
 }
--- a/settings/pkg/store/filesystem/store.go
+++ b/settings/pkg/store/filesystem/store.go
@@ -28,6 +28,7 @@ func New(cfg *config.Config) settings.Manager {
 			olog.Color(cfg.Log.Color),
 			olog.Pretty(cfg.Log.Pretty),
 			olog.Level(cfg.Log.Level),
+			olog.File(cfg.Log.File),
 		),
 	}

--- a/settings/pkg/tracing/tracing.go
+++ b/settings/pkg/tracing/tracing.go
@@ -0,0 +1,105 @@
+package tracing
+
+import (
+	"time"
+
+	"contrib.go.opencensus.io/exporter/jaeger"
+	"contrib.go.opencensus.io/exporter/ocagent"
+	"contrib.go.opencensus.io/exporter/zipkin"
+	openzipkin "github.com/openzipkin/zipkin-go"
+	zipkinhttp "github.com/openzipkin/zipkin-go/reporter/http"
+	"github.com/owncloud/ocis/ocis-pkg/log"
+	"github.com/owncloud/ocis/settings/pkg/config"
+	"go.opencensus.io/stats/view"
+	"go.opencensus.io/trace"
+)
+
+// Configure tracing from config
+func Configure(cfg *config.Config, logger log.Logger) error {
+	if cfg.Tracing.Enabled {
+		switch t := cfg.Tracing.Type; t {
+		case "agent":
+			exporter, err := ocagent.NewExporter(
+				ocagent.WithReconnectionPeriod(5*time.Second),
+				ocagent.WithAddress(cfg.Tracing.Endpoint),
+				ocagent.WithServiceName(cfg.Tracing.Service),
+			)
+
+			if err != nil {
+				logger.Error().
+					Err(err).
+					Str("endpoint", cfg.Tracing.Endpoint).
+					Str("collector", cfg.Tracing.Collector).
+					Msg("Failed to create agent tracing")
+
+				return err
+			}
+
+			trace.RegisterExporter(exporter)
+			view.RegisterExporter(exporter)
+
+		case "jaeger":
+			exporter, err := jaeger.NewExporter(
+				jaeger.Options{
+					AgentEndpoint:     cfg.Tracing.Endpoint,
+					CollectorEndpoint: cfg.Tracing.Collector,
+					Process: jaeger.Process{
+						ServiceName: cfg.Tracing.Service,
+					},
+				},
+			)
+
+			if err != nil {
+				logger.Error().
+					Err(err).
+					Str("endpoint", cfg.Tracing.Endpoint).
+					Str("collector", cfg.Tracing.Collector).
+					Msg("Failed to create jaeger tracing")
+
+				return err
+			}
+
+			trace.RegisterExporter(exporter)
+
+		case "zipkin":
+			endpoint, err := openzipkin.NewEndpoint(
+				cfg.Tracing.Service,
+				cfg.Tracing.Endpoint,
+			)
+
+			if err != nil {
+				logger.Error().
+					Err(err).
+					Str("endpoint", cfg.Tracing.Endpoint).
+					Str("collector", cfg.Tracing.Collector).
+					Msg("Failed to create zipkin tracing")
+
+				return err
+			}
+
+			exporter := zipkin.NewExporter(
+				zipkinhttp.NewReporter(
+					cfg.Tracing.Collector,
+				),
+				endpoint,
+			)
+
+			trace.RegisterExporter(exporter)
+
+		default:
+			logger.Warn().
+				Str("type", t).
+				Msg("Unknown tracing backend")
+		}
+
+		trace.ApplyConfig(
+			trace.Config{
+				DefaultSampler: trace.AlwaysSample(),
+			},
+		)
+	} else {
+		logger.Debug().
+			Msg("Tracing is not enabled")
+	}
+	return nil
+}