From f77c001ce1bb55530e2e43eae9ab836fb0e59f84 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 22 Apr 2022 14:32:41 +0200 Subject: [PATCH] Move Tokenmanager to shared.Commons Signed-off-by: Christian Richter --- extensions/accounts/pkg/config/config.go | 7 +- .../pkg/config/defaults/defaultconfig.go | 14 +- extensions/graph/pkg/config/config.go | 4 +- .../pkg/config/defaults/defaultconfig.go | 12 +- extensions/graph/pkg/config/reva.go | 5 - extensions/ocs/pkg/config/config.go | 4 +- .../ocs/pkg/config/defaults/defaultconfig.go | 11 +- extensions/ocs/pkg/config/reva.go | 5 - extensions/ocs/pkg/server/http/svc_test.go | 2 +- extensions/proxy/pkg/command/server.go | 4 +- extensions/proxy/pkg/config/config.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 10 +- extensions/settings/pkg/config/config.go | 4 +- .../pkg/config/defaults/defaultconfig.go | 12 +- extensions/storage/pkg/config/config.go | 522 +++++++++--------- ocis-pkg/config/config.go | 14 +- ocis-pkg/config/defaultconfig.go | 3 +- ocis-pkg/config/helpers.go | 2 +- ocis-pkg/config/parser/parse.go | 39 +- ocis-pkg/shared/shared_types.go | 12 +- ocis/pkg/command/init.go | 77 +-- ocis/pkg/command/server.go | 4 +- 22 files changed, 407 insertions(+), 362 deletions(-) diff --git a/extensions/accounts/pkg/config/config.go b/extensions/accounts/pkg/config/config.go index 59068470c50..7d05d2edcc4 100644 --- a/extensions/accounts/pkg/config/config.go +++ b/extensions/accounts/pkg/config/config.go @@ -19,7 +19,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` GRPC GRPC `yaml:"grpc,omitempty"` - TokenManager TokenManager `yaml:"token_manager"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` Asset Asset `yaml:"asset,omitempty"` Repo Repo `yaml:"repo,omitempty"` @@ -36,11 +36,6 @@ type Asset struct { Path string `yaml:"path" env:"ACCOUNTS_ASSET_PATH" desc:"The path to the ui assets."` } -// TokenManager is the config for using the reva token manager -type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;ACCOUNTS_JWT_SECRET" desc:"The secret to mint jwt tokens."` -} - // Repo defines which storage implementation is to be used. type Repo struct { Backend string `yaml:"backend" env:"ACCOUNTS_STORAGE_BACKEND" desc:"Defines which storage implementation is to be used"` diff --git a/extensions/accounts/pkg/config/defaults/defaultconfig.go b/extensions/accounts/pkg/config/defaults/defaultconfig.go index d44ca4aafb3..376695633bc 100644 --- a/extensions/accounts/pkg/config/defaults/defaultconfig.go +++ b/extensions/accounts/pkg/config/defaults/defaultconfig.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/accounts/pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -44,10 +45,7 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "accounts", }, - Asset: config.Asset{}, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, + Asset: config.Asset{}, HashDifficulty: 11, DemoUsersAndGroups: false, Repo: config.Repo{ @@ -101,6 +99,14 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 0ff49f31ad6..8f279868404 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -18,8 +18,8 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva,omitempty"` - TokenManager TokenManager `yaml:"token_manager"` + Reva Reva `yaml:"reva,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` Spaces Spaces `yaml:"spaces,omitempty"` Identity Identity `yaml:"identity,omitempty"` diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index 49cd9916b57..d3b7e005411 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -4,6 +4,7 @@ import ( "strings" "github.com/owncloud/ocis/extensions/graph/pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func DefaultConfig() *config.Config { @@ -23,9 +24,6 @@ func DefaultConfig() *config.Config { Reva: config.Reva{ Address: "127.0.0.1:9142", }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, Spaces: config.Spaces{ WebDavBase: "https://localhost:9200", WebDavPath: "/dav/spaces/", @@ -89,6 +87,14 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/graph/pkg/config/reva.go b/extensions/graph/pkg/config/reva.go index dbfc359a8b8..2d3966303d0 100644 --- a/extensions/graph/pkg/config/reva.go +++ b/extensions/graph/pkg/config/reva.go @@ -4,8 +4,3 @@ package config type Reva struct { Address string `yaml:"address" env:"REVA_GATEWAY"` } - -// TokenManager is the config for using the reva token manager -type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GRAPH_JWT_SECRET"` -} diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index dbdaa215077..3905b91f5e5 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -18,8 +18,8 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Reva Reva `yaml:"reva,omitempty"` IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 90edea71eb4..bcbd7dce10a 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -4,6 +4,7 @@ import ( "strings" "github.com/owncloud/ocis/extensions/ocs/pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -38,9 +39,6 @@ func DefaultConfig() *config.Config { Name: "ocs", }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, AccountBackend: "accounts", Reva: config.Reva{ Address: "127.0.0.1:9142", @@ -77,6 +75,13 @@ func EnsureDefaults(cfg *config.Config) { cfg.Tracing = &config.Tracing{} } + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/ocs/pkg/config/reva.go b/extensions/ocs/pkg/config/reva.go index b8d27791703..2d3966303d0 100644 --- a/extensions/ocs/pkg/config/reva.go +++ b/extensions/ocs/pkg/config/reva.go @@ -4,8 +4,3 @@ package config type Reva struct { Address string `yaml:"address" env:"REVA_GATEWAY"` } - -// TokenManager is the config for using the reva token manager -type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` -} diff --git a/extensions/ocs/pkg/server/http/svc_test.go b/extensions/ocs/pkg/server/http/svc_test.go index 3c30212a837..7bdddbf28bc 100644 --- a/extensions/ocs/pkg/server/http/svc_test.go +++ b/extensions/ocs/pkg/server/http/svc_test.go @@ -723,7 +723,7 @@ func getService() svc.Service { Root: "/", Addr: "localhost:9110", }, - TokenManager: config.TokenManager{ + TokenManager: &config.TokenManager{ JWTSecret: jwtSecret, }, Log: &config.Log{ diff --git a/extensions/proxy/pkg/command/server.go b/extensions/proxy/pkg/command/server.go index 83322463998..7afc358729b 100644 --- a/extensions/proxy/pkg/command/server.go +++ b/extensions/proxy/pkg/command/server.go @@ -212,7 +212,7 @@ func loadMiddlewares(ctx context.Context, logger log.Logger, cfg *config.Config) middleware.AccountResolver( middleware.Logger(logger), middleware.UserProvider(userProvider), - middleware.TokenManagerConfig(cfg.TokenManager), + middleware.TokenManagerConfig(*cfg.TokenManager), middleware.UserOIDCClaim(cfg.UserOIDCClaim), middleware.UserCS3Claim(cfg.UserCS3Claim), middleware.AutoprovisionAccounts(cfg.AutoprovisionAccounts), @@ -227,7 +227,7 @@ func loadMiddlewares(ctx context.Context, logger log.Logger, cfg *config.Config) // finally, trigger home creation when a user logs in middleware.CreateHome( middleware.Logger(logger), - middleware.TokenManagerConfig(cfg.TokenManager), + middleware.TokenManagerConfig(*cfg.TokenManager), middleware.RevaGatewayClient(revaClient), ), middleware.PublicShareAuth( diff --git a/extensions/proxy/pkg/config/config.go b/extensions/proxy/pkg/config/config.go index 8cf6f18e85f..69b2d99a922 100644 --- a/extensions/proxy/pkg/config/config.go +++ b/extensions/proxy/pkg/config/config.go @@ -22,7 +22,7 @@ type Config struct { Policies []Policy `yaml:"policies,omitempty"` OIDC OIDC `yaml:"oidc,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` PolicySelector *PolicySelector `yaml:"policy_selector,omitempty"` PreSignedURL PreSignedURL `yaml:"pre_signed_url,omitempty"` AccountBackend string `yaml:"account_backend,omitempty" env:"PROXY_ACCOUNT_BACKEND_TYPE"` diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 487f9f09ab3..893b2ca2f85 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -34,9 +34,6 @@ func DefaultConfig() *config.Config { TTL: 10, }, }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, PolicySelector: nil, Reva: config.Reva{ Address: "127.0.0.1:9142", @@ -181,6 +178,13 @@ func EnsureDefaults(cfg *config.Config) { cfg.Tracing = &config.Tracing{} } + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index d41a18fe13e..7c521cc3817 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -23,8 +23,8 @@ type Config struct { DataPath string `yaml:"data_path,omitempty" env:"SETTINGS_DATA_PATH"` Metadata Metadata `yaml:"metadata_config,omitempty"` - Asset Asset `yaml:"asset,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` + Asset Asset `yaml:"asset,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index 4a3a4cd3189..2437810da60 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/settings/pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -50,9 +51,6 @@ func DefaultConfig() *config.Config { Asset: config.Asset{ Path: "", }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, Metadata: config.Metadata{ GatewayAddress: "127.0.0.1:9142", @@ -87,6 +85,14 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage/pkg/config/config.go b/extensions/storage/pkg/config/config.go index 695759d9f78..841d36797c5 100644 --- a/extensions/storage/pkg/config/config.go +++ b/extensions/storage/pkg/config/config.go @@ -8,123 +8,123 @@ import ( // Log defines the available logging configuration. type Log struct { - Level string `yaml:"level"` - Pretty bool `yaml:"pretty"` - Color bool `yaml:"color"` - File string `yaml:"file"` + Level string `yaml:"level,omitempty"` + Pretty bool `yaml:"pretty,omitempty"` + Color bool `yaml:"color,omitempty"` + File string `yaml:"file,omitempty"` } // Debug defines the available debug configuration. type Debug struct { - Addr string `yaml:"addr"` - Token string `yaml:"token"` - Pprof bool `yaml:"pprof"` - Zpages bool `yaml:"zpages"` + Addr string `yaml:"addr,omitempty"` + Token string `yaml:"token,omitempty"` + Pprof bool `yaml:"pprof,omitempty"` + Zpages bool `yaml:"zpages,omitempty"` } // Gateway defines the available gateway configuration. type Gateway struct { Port - CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant"` - CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref"` - DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login"` - ShareFolder string `yaml:"share_folder"` - LinkGrants string `yaml:"link_grants"` - HomeMapping string `yaml:"home_mapping"` - EtagCacheTTL int `yaml:"etag_cache_ttl"` + CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` + CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` + DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login,omitempty"` + ShareFolder string `yaml:"share_folder,omitempty"` + LinkGrants string `yaml:"link_grants,omitempty"` + HomeMapping string `yaml:"home_mapping,omitempty"` + EtagCacheTTL int `yaml:"etag_cache_ttl,omitempty"` } // StorageRegistry defines the available storage registry configuration type StorageRegistry struct { - Driver string `yaml:"driver"` + Driver string `yaml:"driver,omitempty"` // HomeProvider is the path in the global namespace that the static storage registry uses to determine the home storage - HomeProvider string `yaml:"home_provider"` - Rules []string `yaml:"rules"` - JSON string `yaml:"json"` + HomeProvider string `yaml:"home_provider,omitempty"` + Rules []string `yaml:"rules,omitempty"` + JSON string `yaml:"json,omitempty"` } // AppRegistry defines the available app registry configuration type AppRegistry struct { - Driver string `yaml:"driver"` - MimetypesJSON string `yaml:"mime_types_json"` + Driver string `yaml:"driver,omitempty"` + MimetypesJSON string `yaml:"mime_types_json,omitempty"` } // AppProvider defines the available app provider configuration type AppProvider struct { Port - ExternalAddr string `yaml:"external_addr"` - Driver string `yaml:"driver"` - WopiDriver WopiDriver `yaml:"wopi_driver"` - AppsURL string `yaml:"apps_url"` - OpenURL string `yaml:"open_url"` - NewURL string `yaml:"new_url"` + ExternalAddr string `yaml:"external_addr,omitempty"` + Driver string `yaml:"driver,omitempty"` + WopiDriver WopiDriver `yaml:"wopi_driver,omitempty"` + AppsURL string `yaml:"apps_url,omitempty"` + OpenURL string `yaml:"open_url,omitempty"` + NewURL string `yaml:"new_url,omitempty"` } type WopiDriver struct { - AppAPIKey string `yaml:"app_api_key"` - AppDesktopOnly bool `yaml:"app_desktop_only"` - AppIconURI string `yaml:"app_icon_uri"` - AppInternalURL string `yaml:"app_internal_url"` - AppName string `yaml:"app_name"` - AppURL string `yaml:"app_url"` - Insecure bool `yaml:"insecure"` - IopSecret string `yaml:"ipo_secret"` - JWTSecret string `yaml:"jwt_secret"` - WopiURL string `yaml:"wopi_url"` + AppAPIKey string `yaml:"app_api_key,omitempty"` + AppDesktopOnly bool `yaml:"app_desktop_only,omitempty"` + AppIconURI string `yaml:"app_icon_uri,omitempty"` + AppInternalURL string `yaml:"app_internal_url,omitempty"` + AppName string `yaml:"app_name,omitempty"` + AppURL string `yaml:"app_url,omitempty"` + Insecure bool `yaml:"insecure,omitempty"` + IopSecret string `yaml:"ipo_secret,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + WopiURL string `yaml:"wopi_url,omitempty"` } // Sharing defines the available sharing configuration. type Sharing struct { Port - UserDriver string `yaml:"user_driver"` - UserJSONFile string `yaml:"user_json_file"` - CS3ProviderAddr string `yaml:"provider_addr"` - CS3ServiceUser string `yaml:"service_user_id"` - CS3ServiceUserIdp string `yaml:"service_user_idp"` - UserSQLUsername string `yaml:"user_sql_username"` - UserSQLPassword string `yaml:"user_sql_password"` - UserSQLHost string `yaml:"user_sql_host"` - UserSQLPort int `yaml:"user_sql_port"` - UserSQLName string `yaml:"user_sql_name"` - PublicDriver string `yaml:"public_driver"` - PublicJSONFile string `yaml:"public_json_file"` - PublicPasswordHashCost int `yaml:"public_password_hash_cost"` - PublicEnableExpiredSharesCleanup bool `yaml:"public_enable_expired_shares_cleanup"` - PublicJanitorRunInterval int `yaml:"public_janitor_run_interval"` - UserStorageMountID string `yaml:"user_storage_mount_id"` - Events Events `yaml:"events"` + UserDriver string `yaml:"user_driver,omitempty"` + UserJSONFile string `yaml:"user_json_file,omitempty"` + CS3ProviderAddr string `yaml:"provider_addr,omitempty"` + CS3ServiceUser string `yaml:"service_user_id,omitempty"` + CS3ServiceUserIdp string `yaml:"service_user_idp,omitempty"` + UserSQLUsername string `yaml:"user_sql_username,omitempty"` + UserSQLPassword string `yaml:"user_sql_password,omitempty"` + UserSQLHost string `yaml:"user_sql_host,omitempty"` + UserSQLPort int `yaml:"user_sql_port,omitempty"` + UserSQLName string `yaml:"user_sql_name,omitempty"` + PublicDriver string `yaml:"public_driver,omitempty"` + PublicJSONFile string `yaml:"public_json_file,omitempty"` + PublicPasswordHashCost int `yaml:"public_password_hash_cost,omitempty"` + PublicEnableExpiredSharesCleanup bool `yaml:"public_enable_expired_shares_cleanup,omitempty"` + PublicJanitorRunInterval int `yaml:"public_janitor_run_interval,omitempty"` + UserStorageMountID string `yaml:"user_storage_mount_id,omitempty"` + Events Events `yaml:"events,omitempty"` } type Events struct { - Address string `yaml:"address"` - ClusterID string `yaml:"cluster_id"` + Address string `yaml:"address,omitempty"` + ClusterID string `yaml:"cluster_id,omitempty"` } // Port defines the available port configuration. type Port struct { // MaxCPUs can be a number or a percentage - MaxCPUs string `yaml:"max_cpus"` - LogLevel string `yaml:"log_level"` + MaxCPUs string `yaml:"max_cpus,omitempty"` + LogLevel string `yaml:"log_level,omitempty"` // GRPCNetwork can be tcp, udp or unix - GRPCNetwork string `yaml:"grpc_network"` + GRPCNetwork string `yaml:"grpc_network,omitempty"` // GRPCAddr to listen on, hostname:port (0.0.0.0:9999 for all interfaces) or socket (/var/run/reva/sock) - GRPCAddr string `yaml:"grpc_addr"` + GRPCAddr string `yaml:"grpc_addr,omitempty"` // Protocol can be grpc or http // HTTPNetwork can be tcp, udp or unix - HTTPNetwork string `yaml:"http_network"` + HTTPNetwork string `yaml:"http_network,omitempty"` // HTTPAddr to listen on, hostname:port (0.0.0.0:9100 for all interfaces) or socket (/var/run/reva/sock) - HTTPAddr string `yaml:"http_addr"` + HTTPAddr string `yaml:"http_addr,omitempty"` // Protocol can be grpc or http - Protocol string `yaml:"protocol"` + Protocol string `yaml:"protocol,omitempty"` // Endpoint is used by the gateway and registries (eg localhost:9100 or cloud.example.com) - Endpoint string `yaml:"endpoint"` + Endpoint string `yaml:"endpoint,omitempty"` // DebugAddr for the debug endpoint to bind to - DebugAddr string `yaml:"debug_addr"` + DebugAddr string `yaml:"debug_addr,omitempty"` // Services can be used to give a list of services that should be started on this port - Services []string `yaml:"services"` + Services []string `yaml:"services,omitempty"` // Config can be used to configure the reva instance. // Services and Protocol will be ignored if this is used - Config map[string]interface{} `yaml:"config"` + Config map[string]interface{} `yaml:"config,omitempty"` // Context allows for context cancellation and propagation Context context.Context @@ -136,118 +136,118 @@ type Port struct { // Users defines the available users configuration. type Users struct { Port - Driver string `yaml:"driver"` - JSON string `yaml:"json"` - UserGroupsCacheExpiration int `yaml:"user_groups_cache_expiration"` + Driver string `yaml:"driver,omitempty"` + JSON string `yaml:"json,omitempty"` + UserGroupsCacheExpiration int `yaml:"user_groups_cache_expiration,omitempty"` } // AuthMachineConfig defines the available configuration for the machine auth driver. type AuthMachineConfig struct { - MachineAuthAPIKey string `yaml:"machine_auth_api_key"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty"` } // Groups defines the available groups configuration. type Groups struct { Port - Driver string `yaml:"driver"` - JSON string `yaml:"json"` - GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration"` + Driver string `yaml:"driver,omitempty"` + JSON string `yaml:"json,omitempty"` + GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` } // FrontendPort defines the available frontend configuration. type FrontendPort struct { Port - AppProviderInsecure bool `yaml:"app_provider_insecure"` - AppProviderPrefix string `yaml:"app_provider_prefix"` - ArchiverInsecure bool `yaml:"archiver_insecure"` - ArchiverPrefix string `yaml:"archiver_prefix"` - DatagatewayPrefix string `yaml:"data_gateway_prefix"` - Favorites bool `yaml:"favorites"` - ProjectSpaces bool `yaml:"project_spaces"` - OCSPrefix string `yaml:"ocs_prefix"` - OCSSharePrefix string `yaml:"ocs_share_prefix"` - OCSHomeNamespace string `yaml:"ocs_home_namespace"` - PublicURL string `yaml:"public_url"` - OCSCacheWarmupDriver string `yaml:"ocs_cache_warmup_driver"` - OCSAdditionalInfoAttribute string `yaml:"ocs_additional_info_attribute"` - OCSResourceInfoCacheTTL int `yaml:"ocs_resource_info_cache_ttl"` - Middleware Middleware `yaml:"middleware"` + AppProviderInsecure bool `yaml:"app_provider_insecure,omitempty"` + AppProviderPrefix string `yaml:"app_provider_prefix,omitempty"` + ArchiverInsecure bool `yaml:"archiver_insecure,omitempty"` + ArchiverPrefix string `yaml:"archiver_prefix,omitempty"` + DatagatewayPrefix string `yaml:"data_gateway_prefix,omitempty"` + Favorites bool `yaml:"favorites,omitempty"` + ProjectSpaces bool `yaml:"project_spaces,omitempty"` + OCSPrefix string `yaml:"ocs_prefix,omitempty"` + OCSSharePrefix string `yaml:"ocs_share_prefix,omitempty"` + OCSHomeNamespace string `yaml:"ocs_home_namespace,omitempty"` + PublicURL string `yaml:"public_url,omitempty"` + OCSCacheWarmupDriver string `yaml:"ocs_cache_warmup_driver,omitempty"` + OCSAdditionalInfoAttribute string `yaml:"ocs_additional_info_attribute,omitempty"` + OCSResourceInfoCacheTTL int `yaml:"ocs_resource_info_cache_ttl,omitempty"` + Middleware Middleware `yaml:"middleware,omitempty"` } // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth"` + Auth Auth `yaml:"auth,omitempty"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr,omitempty"` } // DataGatewayPort has a public url type DataGatewayPort struct { Port - PublicURL string `yaml:""` + PublicURL string `yaml:",omitempty"` } type DataProvider struct { - Insecure bool `yaml:"insecure"` + Insecure bool `yaml:"insecure,omitempty"` } // StoragePort defines the available storage configuration. type StoragePort struct { Port - Driver string `yaml:"driver"` - MountID string `yaml:"mount_id"` - AlternativeID string `yaml:"alternative_id"` - ExposeDataServer bool `yaml:"expose_data_server"` + Driver string `yaml:"driver,omitempty"` + MountID string `yaml:"mount_id,omitempty"` + AlternativeID string `yaml:"alternative_id,omitempty"` + ExposeDataServer bool `yaml:"expose_data_server,omitempty"` // url the data gateway will use to route requests - DataServerURL string `yaml:"data_server_url"` + DataServerURL string `yaml:"data_server_url,omitempty"` // for HTTP ports with only one http service - HTTPPrefix string `yaml:"http_prefix"` - TempFolder string `yaml:"temp_folder"` - ReadOnly bool `yaml:"read_only"` - DataProvider DataProvider `yaml:"data_provider"` - GatewayEndpoint string `yaml:"gateway_endpoint"` + HTTPPrefix string `yaml:"http_prefix,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + ReadOnly bool `yaml:"read_only,omitempty"` + DataProvider DataProvider `yaml:"data_provider,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` } // PublicStorage configures a public storage provider type PublicStorage struct { StoragePort - PublicShareProviderAddr string `yaml:"public_share_provider_addr"` - UserProviderAddr string `yaml:"user_provider_addr"` + PublicShareProviderAddr string `yaml:"public_share_provider_addr,omitempty"` + UserProviderAddr string `yaml:"user_provider_addr,omitempty"` } // StorageConfig combines all available storage driver configuration parts. type StorageConfig struct { - EOS DriverEOS `yaml:"eos"` - Local DriverCommon `yaml:"local"` - OwnCloudSQL DriverOwnCloudSQL `yaml:"owncloud_sql"` - S3 DriverS3 `yaml:"s3"` - S3NG DriverS3NG `yaml:"s3ng"` - OCIS DriverOCIS `yaml:"ocis"` + EOS DriverEOS `yaml:"eos,omitempty"` + Local DriverCommon `yaml:"local,omitempty"` + OwnCloudSQL DriverOwnCloudSQL `yaml:"owncloud_sql,omitempty"` + S3 DriverS3 `yaml:"s3,omitempty"` + S3NG DriverS3NG `yaml:"s3ng,omitempty"` + OCIS DriverOCIS `yaml:"ocis,omitempty"` } // DriverCommon defines common driver configuration options. type DriverCommon struct { // Root is the absolute path to the location of the data - Root string `yaml:"root"` + Root string `yaml:"root,omitempty"` //ShareFolder defines the name of the folder jailing all shares - ShareFolder string `yaml:"share_folder"` + ShareFolder string `yaml:"share_folder,omitempty"` // UserLayout contains the template used to construct // the internal path, eg: `{{substr 0 1 .Username}}/{{.Username}}` - UserLayout string `yaml:"user_layout"` + UserLayout string `yaml:"user_layout,omitempty"` // EnableHome enables the creation of home directories. - EnableHome bool `yaml:"enable_home"` + EnableHome bool `yaml:"enable_home,omitempty"` // PersonalSpaceAliasTemplate contains the template used to construct - // the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}}"` - PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template"` + // the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}},omitempty"` + PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template,omitempty"` // GeneralSpaceAliasTemplate contains the template used to construct // the general space alias, eg: `{{.SpaceType}}/{{.SpaceName | replace " " "-" | lower}}` - GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template"` + GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template,omitempty"` } // DriverEOS defines the available EOS driver configuration. @@ -255,60 +255,60 @@ type DriverEOS struct { DriverCommon // ShadowNamespace for storing shadow data - ShadowNamespace string `yaml:"shadow_namespace"` + ShadowNamespace string `yaml:"shadow_namespace,omitempty"` // UploadsNamespace for storing upload data - UploadsNamespace string `yaml:"uploads_namespace"` + UploadsNamespace string `yaml:"uploads_namespace,omitempty"` // Location of the eos binary. // Default is /usr/bin/eos. - EosBinary string `yaml:"eos_binary"` + EosBinary string `yaml:"eos_binary,omitempty"` // Location of the xrdcopy binary. // Default is /usr/bin/xrdcopy. - XrdcopyBinary string `yaml:"xrd_copy_binary"` + XrdcopyBinary string `yaml:"xrd_copy_binary,omitempty"` // URL of the Master EOS MGM. // Default is root://eos-example.org - MasterURL string `yaml:"master_url"` + MasterURL string `yaml:"master_url,omitempty"` // URI of the EOS MGM grpc server // Default is empty - GrpcURI string `yaml:"grpc_uri"` + GrpcURI string `yaml:"grpc_uri,omitempty"` // URL of the Slave EOS MGM. // Default is root://eos-example.org - SlaveURL string `yaml:"slave_url"` + SlaveURL string `yaml:"slave_url,omitempty"` // Location on the local fs where to store reads. // Defaults to os.TempDir() - CacheDirectory string `yaml:"cache_directory"` + CacheDirectory string `yaml:"cache_directory,omitempty"` // Enables logging of the commands executed // Defaults to false - EnableLogging bool `yaml:"enable_logging"` + EnableLogging bool `yaml:"enable_logging,omitempty"` // ShowHiddenSysFiles shows internal EOS files like // .sys.v# and .sys.a# files. - ShowHiddenSysFiles bool `yaml:"shadow_hidden_files"` + ShowHiddenSysFiles bool `yaml:"shadow_hidden_files,omitempty"` // ForceSingleUserMode will force connections to EOS to use SingleUsername - ForceSingleUserMode bool `yaml:"force_single_user_mode"` + ForceSingleUserMode bool `yaml:"force_single_user_mode,omitempty"` // UseKeyTabAuth changes will authenticate requests by using an EOS keytab. - UseKeytab bool `yaml:"user_keytab"` + UseKeytab bool `yaml:"user_keytab,omitempty"` // SecProtocol specifies the xrootd security protocol to use between the server and EOS. - SecProtocol string `yaml:"sec_protocol"` + SecProtocol string `yaml:"sec_protocol,omitempty"` // Keytab specifies the location of the keytab to use to authenticate to EOS. - Keytab string `yaml:"keytab"` + Keytab string `yaml:"keytab,omitempty"` // SingleUsername is the username to use when SingleUserMode is enabled - SingleUsername string `yaml:"single_username"` + SingleUsername string `yaml:"single_username,omitempty"` // gateway service to use for uid lookups - GatewaySVC string `yaml:"gateway_svc"` + GatewaySVC string `yaml:"gateway_svc,omitempty"` } // DriverOCIS defines the available oCIS storage driver configuration. @@ -320,204 +320,204 @@ type DriverOCIS struct { type DriverOwnCloudSQL struct { DriverCommon - UploadInfoDir string `yaml:"upload_info_dir"` - DBUsername string `yaml:"db_username"` - DBPassword string `yaml:"db_password"` - DBHost string `yaml:"db_host"` - DBPort int `yaml:"db_port"` - DBName string `yaml:"db_name"` + UploadInfoDir string `yaml:"upload_info_dir,omitempty"` + DBUsername string `yaml:"db_username,omitempty"` + DBPassword string `yaml:"db_password,omitempty"` + DBHost string `yaml:"db_host,omitempty"` + DBPort int `yaml:"db_port,omitempty"` + DBName string `yaml:"db_name,omitempty"` } // DriverS3 defines the available S3 storage driver configuration. type DriverS3 struct { DriverCommon - Region string `yaml:"region"` - AccessKey string `yaml:"access_key"` - SecretKey string `yaml:"secret_key"` - Endpoint string `yaml:"endpoint"` - Bucket string `yaml:"bucket"` + Region string `yaml:"region,omitempty"` + AccessKey string `yaml:"access_key,omitempty"` + SecretKey string `yaml:"secret_key,omitempty"` + Endpoint string `yaml:"endpoint,omitempty"` + Bucket string `yaml:"bucket,omitempty"` } // DriverS3NG defines the available s3ng storage driver configuration. type DriverS3NG struct { DriverCommon - Region string `yaml:"region"` - AccessKey string `yaml:"access_key"` - SecretKey string `yaml:"secret_key"` - Endpoint string `yaml:"endpoint"` - Bucket string `yaml:"bucket"` + Region string `yaml:"region,omitempty"` + AccessKey string `yaml:"access_key,omitempty"` + SecretKey string `yaml:"secret_key,omitempty"` + Endpoint string `yaml:"endpoint,omitempty"` + Bucket string `yaml:"bucket,omitempty"` } // OIDC defines the available OpenID Connect configuration. type OIDC struct { - Issuer string `yaml:"issuer"` - Insecure bool `yaml:"insecure"` - IDClaim string `yaml:"id_claim"` - UIDClaim string `yaml:"uid_claim"` - GIDClaim string `yaml:"gid_claim"` + Issuer string `yaml:"issuer,omitempty"` + Insecure bool `yaml:"insecure,omitempty"` + IDClaim string `yaml:"id_claim,omitempty"` + UIDClaim string `yaml:"uid_claim,omitempty"` + GIDClaim string `yaml:"gid_claim,omitempty"` } // LDAP defines the available ldap configuration. type LDAP struct { - URI string `yaml:"uri"` - CACert string `yaml:"ca_cert"` - Insecure bool `yaml:"insecure"` - UserBaseDN string `yaml:"user_base_dn"` - GroupBaseDN string `yaml:"group_base_dn"` - UserScope string `yaml:"user_scope"` - GroupScope string `yaml:"group_scope"` - UserObjectClass string `yaml:"user_objectclass"` - GroupObjectClass string `yaml:"group_objectclass"` - UserFilter string `yaml:"user_filter"` - GroupFilter string `yaml:"group_filter"` - LoginAttributes []string `yaml:"login_attributes"` - BindDN string `yaml:"bind_dn"` - BindPassword string `yaml:"bind_password"` - IDP string `yaml:"idp"` - UserSchema LDAPUserSchema `yaml:"user_schema"` - GroupSchema LDAPGroupSchema `yaml:"group_schema"` + URI string `yaml:"uri,omitempty"` + CACert string `yaml:"ca_cert,omitempty"` + Insecure bool `yaml:"insecure,omitempty"` + UserBaseDN string `yaml:"user_base_dn,omitempty"` + GroupBaseDN string `yaml:"group_base_dn,omitempty"` + UserScope string `yaml:"user_scope,omitempty"` + GroupScope string `yaml:"group_scope,omitempty"` + UserObjectClass string `yaml:"user_objectclass,omitempty"` + GroupObjectClass string `yaml:"group_objectclass,omitempty"` + UserFilter string `yaml:"user_filter,omitempty"` + GroupFilter string `yaml:"group_filter,omitempty"` + LoginAttributes []string `yaml:"login_attributes,omitempty"` + BindDN string `yaml:"bind_dn,omitempty"` + BindPassword string `yaml:"bind_password,omitempty"` + IDP string `yaml:"idp,omitempty"` + UserSchema LDAPUserSchema `yaml:"user_schema,omitempty"` + GroupSchema LDAPGroupSchema `yaml:"group_schema,omitempty"` } // UserGroupRest defines the REST driver specification for user and group resolution. type UserGroupRest struct { - ClientID string `yaml:"client_id"` - ClientSecret string `yaml:"client_secret"` - RedisAddress string `yaml:"redis_address"` - RedisUsername string `yaml:"redis_username"` - RedisPassword string `yaml:"redis_password"` - IDProvider string `yaml:"idp_provider"` - APIBaseURL string `yaml:"api_base_url"` - OIDCTokenEndpoint string `yaml:"oidc_token_endpoint"` - TargetAPI string `yaml:"target_api"` + ClientID string `yaml:"client_id,omitempty"` + ClientSecret string `yaml:"client_secret,omitempty"` + RedisAddress string `yaml:"redis_address,omitempty"` + RedisUsername string `yaml:"redis_username,omitempty"` + RedisPassword string `yaml:"redis_password,omitempty"` + IDProvider string `yaml:"idp_provider,omitempty"` + APIBaseURL string `yaml:"api_base_url,omitempty"` + OIDCTokenEndpoint string `yaml:"oidc_token_endpoint,omitempty"` + TargetAPI string `yaml:"target_api,omitempty"` } // UserOwnCloudSQL defines the available ownCloudSQL user provider configuration. type UserOwnCloudSQL struct { - DBUsername string `yaml:"db_username"` - DBPassword string `yaml:"db_password"` - DBHost string `yaml:"db_host"` - DBPort int `yaml:"db_port"` - DBName string `yaml:"db_name"` - Idp string `yaml:"idp"` - Nobody int64 `yaml:"nobody"` - JoinUsername bool `yaml:"join_username"` - JoinOwnCloudUUID bool `yaml:"join_owncloud_uuid"` - EnableMedialSearch bool `yaml:"enable_medial_search"` + DBUsername string `yaml:"db_username,omitempty"` + DBPassword string `yaml:"db_password,omitempty"` + DBHost string `yaml:"db_host,omitempty"` + DBPort int `yaml:"db_port,omitempty"` + DBName string `yaml:"db_name,omitempty"` + Idp string `yaml:"idp,omitempty"` + Nobody int64 `yaml:"nobody,omitempty"` + JoinUsername bool `yaml:"join_username,omitempty"` + JoinOwnCloudUUID bool `yaml:"join_owncloud_uuid,omitempty"` + EnableMedialSearch bool `yaml:"enable_medial_search,omitempty"` } // LDAPUserSchema defines the available ldap user schema configuration. type LDAPUserSchema struct { - ID string `yaml:"id"` - IDIsOctetString bool `yaml:"id_is_octet_string"` - Mail string `yaml:"mail"` - DisplayName string `yaml:"display_name"` - Username string `yaml:"user_name"` - UIDNumber string `yaml:"uid_number"` - GIDNumber string `yaml:"gid_number"` + ID string `yaml:"id,omitempty"` + IDIsOctetString bool `yaml:"id_is_octet_string,omitempty"` + Mail string `yaml:"mail,omitempty"` + DisplayName string `yaml:"display_name,omitempty"` + Username string `yaml:"user_name,omitempty"` + UIDNumber string `yaml:"uid_number,omitempty"` + GIDNumber string `yaml:"gid_number,omitempty"` } // LDAPGroupSchema defines the available ldap group schema configuration. type LDAPGroupSchema struct { - ID string `yaml:"id"` - IDIsOctetString bool `yaml:"id_is_octet_string"` - Mail string `yaml:"mail"` - DisplayName string `yaml:"display_name"` - Groupname string `yaml:"group_name"` - Member string `yaml:"member"` - GIDNumber string `yaml:"gid_number"` + ID string `yaml:"id,omitempty"` + IDIsOctetString bool `yaml:"id_is_octet_string,omitempty"` + Mail string `yaml:"mail,omitempty"` + DisplayName string `yaml:"display_name,omitempty"` + Groupname string `yaml:"group_name,omitempty"` + Member string `yaml:"member,omitempty"` + GIDNumber string `yaml:"gid_number,omitempty"` } // OCDav defines the available ocdav configuration. type OCDav struct { // Addr to listen to with the http server for the ocdav service - Addr string `yaml:"addr"` - Prefix string `yaml:"prefix"` - WebdavNamespace string `yaml:"webdav_namespace"` - FilesNamespace string `yaml:"files_namespace"` - SharesNamespace string `yaml:"shares_namespace"` + Addr string `yaml:"addr,omitempty"` + Prefix string `yaml:"prefix,omitempty"` + WebdavNamespace string `yaml:"webdav_namespace,omitempty"` + FilesNamespace string `yaml:"files_namespace,omitempty"` + SharesNamespace string `yaml:"shares_namespace,omitempty"` // PublicURL used to redirect /s/{token} URLs to - PublicURL string `yaml:"public_url"` + PublicURL string `yaml:"public_url,omitempty"` // Addr to listen to with the debug http server - DebugAddr string `yaml:"debug_addr"` + DebugAddr string `yaml:"debug_addr,omitempty"` // GatewaySVC to forward CS3 requests to TODO use registry - GatewaySVC string `yaml:"gateway_svc"` + GatewaySVC string `yaml:"gateway_svc,omitempty"` // JWTSecret used to verify reva access token - JWTSecret string `yaml:"jwt_secret"` + JWTSecret string `yaml:"jwt_secret,omitempty"` // Insecure certificates allowed when making requests to the gateway - Insecure bool `yaml:"insecure"` + Insecure bool `yaml:"insecure,omitempty"` // Timeout in seconds when making requests to the gateway - Timeout int64 `yaml:"timeout"` + Timeout int64 `yaml:"timeout,omitempty"` } // Archiver defines the available archiver configuration. type Archiver struct { - MaxNumFiles int64 `yaml:"max_num_files"` - MaxSize int64 `yaml:"max_size"` - ArchiverURL string `yaml:"archiver_url"` + MaxNumFiles int64 `yaml:"max_num_files,omitempty"` + MaxSize int64 `yaml:"max_size,omitempty"` + ArchiverURL string `yaml:"archiver_url,omitempty"` } // Reva defines the available reva configuration. type Reva struct { // JWTSecret used to sign jwt tokens between services - JWTSecret string `yaml:"jwt_secret"` - SkipUserGroupsInToken bool `yaml:"skip_user_grooups_in_token"` - TransferSecret string `yaml:"transfer_secret"` - TransferExpires int `yaml:"transfer_expires"` - OIDC OIDC `yaml:"oidc"` - LDAP LDAP `yaml:"ldap"` - UserGroupRest UserGroupRest `yaml:"user_group_rest"` - UserOwnCloudSQL UserOwnCloudSQL `yaml:"user_owncloud_sql"` - Archiver Archiver `yaml:"archiver"` - UserStorage StorageConfig `yaml:"user_storage"` - MetadataStorage StorageConfig `yaml:"metadata_storage"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_grooups_in_token,omitempty"` + TransferSecret string `yaml:"transfer_secret,omitempty"` + TransferExpires int `yaml:"transfer_expires,omitempty"` + OIDC OIDC `yaml:"oidc,omitempty"` + LDAP LDAP `yaml:"ldap,omitempty"` + UserGroupRest UserGroupRest `yaml:"user_group_rest,omitempty"` + UserOwnCloudSQL UserOwnCloudSQL `yaml:"user_owncloud_sql,omitempty"` + Archiver Archiver `yaml:"archiver,omitempty"` + UserStorage StorageConfig `yaml:"user_storage,omitempty"` + MetadataStorage StorageConfig `yaml:"metadata_storage,omitempty"` // Ports are used to configure which services to start on which port - Frontend FrontendPort `yaml:"frontend"` - DataGateway DataGatewayPort `yaml:"data_gateway"` - Gateway Gateway `yaml:"gateway"` - StorageRegistry StorageRegistry `yaml:"storage_registry"` - AppRegistry AppRegistry `yaml:"app_registry"` - Users Users `yaml:"users"` - Groups Groups `yaml:"groups"` - AuthProvider Users `yaml:"auth_provider"` - AuthBasic Port `yaml:"auth_basic"` - AuthBearer Port `yaml:"auth_bearer"` - AuthMachine Port `yaml:"auth_machine"` - AuthMachineConfig AuthMachineConfig `yaml:"auth_machine_config"` - Sharing Sharing `yaml:"sharing"` - StorageShares StoragePort `yaml:"storage_shares"` - StorageUsers StoragePort `yaml:"storage_users"` - StoragePublicLink PublicStorage `yaml:"storage_public_link"` - StorageMetadata StoragePort `yaml:"storage_metadata"` - AppProvider AppProvider `yaml:"app_provider"` - Permissions Port `yaml:"permissions"` + Frontend FrontendPort `yaml:"frontend,omitempty"` + DataGateway DataGatewayPort `yaml:"data_gateway,omitempty"` + Gateway Gateway `yaml:"gateway,omitempty"` + StorageRegistry StorageRegistry `yaml:"storage_registry,omitempty"` + AppRegistry AppRegistry `yaml:"app_registry,omitempty"` + Users Users `yaml:"users,omitempty"` + Groups Groups `yaml:"groups,omitempty"` + AuthProvider Users `yaml:"auth_provider,omitempty"` + AuthBasic Port `yaml:"auth_basic,omitempty"` + AuthBearer Port `yaml:"auth_bearer,omitempty"` + AuthMachine Port `yaml:"auth_machine,omitempty"` + AuthMachineConfig AuthMachineConfig `yaml:"auth_machine_config,omitempty"` + Sharing Sharing `yaml:"sharing,omitempty"` + StorageShares StoragePort `yaml:"storage_shares,omitempty"` + StorageUsers StoragePort `yaml:"storage_users,omitempty"` + StoragePublicLink PublicStorage `yaml:"storage_public_link,omitempty"` + StorageMetadata StoragePort `yaml:"storage_metadata,omitempty"` + AppProvider AppProvider `yaml:"app_provider,omitempty"` + Permissions Port `yaml:"permissions,omitempty"` // Configs can be used to configure the reva instance. // Services and Ports will be ignored if this is used - Configs map[string]interface{} `yaml:"configs"` + Configs map[string]interface{} `yaml:"configs,omitempty"` // chunking and resumable upload config (TUS) - UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` - UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` + UploadMaxChunkSize int `yaml:"upload_max_chunk_size,omitempty"` + UploadHTTPMethodOverride string `yaml:"upload_http_method_override,omitempty"` // checksumming capabilities - ChecksumSupportedTypes []string `yaml:"checksum_supported_types"` - ChecksumPreferredUploadType string `yaml:"checksum_preferred_upload_type"` - DefaultUploadProtocol string `yaml:"default_upload_protocol"` + ChecksumSupportedTypes []string `yaml:"checksum_supported_types,omitempty"` + ChecksumPreferredUploadType string `yaml:"checksum_preferred_upload_type,omitempty"` + DefaultUploadProtocol string `yaml:"default_upload_protocol,omitempty"` } // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled"` - Type string `yaml:"type"` - Endpoint string `yaml:"endpoint"` - Collector string `yaml:"collector"` - Service string `yaml:"service"` + Enabled bool `yaml:"enabled,omitempty"` + Type string `yaml:"type,omitempty"` + Endpoint string `yaml:"endpoint,omitempty"` + Collector string `yaml:"collector,omitempty"` + Service string `yaml:"service,omitempty"` } // Asset defines the available asset configuration. type Asset struct { - Path string `yaml:"path"` + Path string `yaml:"path,omitempty"` } // Config combines all available configuration parts. diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 1d35aa49326..befc2d25740 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -23,9 +23,9 @@ import ( ) // TokenManager is the config for using the reva token manager -type TokenManager struct { +/*type TokenManager struct { JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET"` -} +}*/ const ( // SUPERVISED sets the runtime mode as supervised threads. @@ -48,16 +48,16 @@ type Runtime struct { type Config struct { *shared.Commons `yaml:"shared,omitempty"` - Tracing shared.Tracing `yaml:"tracing,omitempty"` - Log *shared.Log `yaml:"log,omitempty"` + Tracing *shared.Tracing `yaml:"tracing,omitempty"` + Log *shared.Log `yaml:"log,omitempty"` Mode Mode `yaml:",omitempty"` // DEPRECATED File string `yaml:",omitempty"` OcisURL string `yaml:"ocis_url,omitempty"` - Registry string `yaml:"registry,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` - Runtime Runtime `yaml:"runtime,omitempty"` + Registry string `yaml:"registry,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Runtime Runtime `yaml:"runtime,omitempty"` Audit *audit.Config `yaml:"audit,omitempty"` Accounts *accounts.Config `yaml:"accounts,omitempty"` diff --git a/ocis-pkg/config/defaultconfig.go b/ocis-pkg/config/defaultconfig.go index bc94a224ce8..c8110902f2e 100644 --- a/ocis-pkg/config/defaultconfig.go +++ b/ocis-pkg/config/defaultconfig.go @@ -18,11 +18,12 @@ import ( thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config/defaults" web "github.com/owncloud/ocis/extensions/web/pkg/config/defaults" webdav "github.com/owncloud/ocis/extensions/webdav/pkg/config/defaults" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func DefaultConfig() *Config { return &Config{ - TokenManager: TokenManager{ + TokenManager: &shared.TokenManager{ JWTSecret: "Pive-Fumkiu4", }, Runtime: Runtime{ diff --git a/ocis-pkg/config/helpers.go b/ocis-pkg/config/helpers.go index 6eac8984757..c77a0f1a7f6 100644 --- a/ocis-pkg/config/helpers.go +++ b/ocis-pkg/config/helpers.go @@ -33,7 +33,7 @@ func DefaultConfigSources(filename string, drivers []string) []string { locations := []string{} if v := os.Getenv("OCIS_CONFIG_DIR"); v != "" { - locations = append(locations, v) + locations = append(locations, v) // only use the configured config dir locations = append(locations, os.Getenv("OCIS_CONFIG_DIR")) } else { diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index ba75a411c0d..09bb76dfb41 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -15,18 +15,41 @@ func ParseConfig(cfg *config.Config) error { return err } - // provide with defaults for shared logging, since we need a valid destination address for BindEnv. - if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil { - cfg.Log = &shared.Log{ - Level: cfg.Commons.Log.Level, - Pretty: cfg.Commons.Log.Pretty, - Color: cfg.Commons.Log.Color, - File: cfg.Commons.Log.File, + if cfg.Commons == nil { + cfg.Commons = &shared.Commons{} + } + + if cfg.Log != nil { + cfg.Commons.Log = &shared.Log{ + Level: cfg.Log.Level, + Pretty: cfg.Log.Pretty, + Color: cfg.Log.Color, + File: cfg.File, } - } else if cfg.Log == nil { + } else { + cfg.Commons.Log = &shared.Log{} cfg.Log = &shared.Log{} } + if cfg.Tracing != nil { + cfg.Commons.Tracing = &shared.Tracing{ + Enabled: cfg.Tracing.Enabled, + Type: cfg.Tracing.Type, + Endpoint: cfg.Tracing.Endpoint, + Collector: cfg.Tracing.Collector, + } + } else { + cfg.Commons.Tracing = &shared.Tracing{} + cfg.Tracing = &shared.Tracing{} + } + + if cfg.TokenManager != nil { + cfg.Commons.TokenManager = cfg.TokenManager + } else { + cfg.Commons.TokenManager = &shared.TokenManager{} + cfg.TokenManager = cfg.Commons.TokenManager + } + // load all env variables relevant to the config in the current context. if err := envdecode.Decode(cfg); err != nil { // no environment variable set for this config is an expected "error" diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index 2201bac98d7..9439bfcce0c 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -24,10 +24,16 @@ type Tracing struct { Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR"` } +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET" desc:"The secret to mint jwt tokens."` +} + // Commons holds configuration that are common to all extensions. Each extension can then decide whether // to overwrite its values. type Commons struct { - Log *Log `yaml:"log"` - Tracing *Tracing `yaml:"tracing"` - OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` + Log *Log `yaml:"log"` + Tracing *Tracing `yaml:"tracing"` + OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` + TokenManager *TokenManager `yaml:"token_manager"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index cfbe6b15cc0..4f991fbd9a9 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -2,31 +2,30 @@ package command import ( "bufio" - "crypto/rand" "fmt" "io/ioutil" "log" - "math/big" "os" "path" "strings" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/generators" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" - accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config" - graph "github.com/owncloud/ocis/extensions/graph/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" notifications "github.com/owncloud/ocis/extensions/notifications/pkg/config" ocs "github.com/owncloud/ocis/extensions/ocs/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" settings "github.com/owncloud/ocis/extensions/settings/pkg/config" + storage "github.com/owncloud/ocis/extensions/storage/pkg/config" thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) -const configFilename string = "ocis.yml" +const configFilename string = "ocis.yaml" const passwordLength int = 32 // InitCommand is the entrypoint for the init command @@ -54,7 +53,7 @@ func InitCommand(cfg *config.Config) *cli.Command { &cli.StringFlag{ Name: "config-path", //Value: cfg.ConfigPath, // TODO: as soon as PR 3480 is merged, remove quotes - Value: path.Join(homeDir, ".ocis"), // TODO: this is temporary for experimenting, line above is relevant + Value: path.Join(homeDir, ".ocis/config"), // TODO: this is temporary for experimenting, line above is relevant Usage: "config path for the ocis runtime", // Destination: &cfg.ConfigFile, // TODO: same as above }, @@ -101,70 +100,86 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { return err } cfg := config.Config{ - Accounts: &accounts.Config{}, + TokenManager: &shared.TokenManager{}, + //Accounts: &accounts.Config{}, //Audit: &audit.Config{}, //GLAuth: &glauth.Config{}, //GraphExplorer: &graphExplorer.Config{}, - Graph: &graph.Config{}, - IDM: &idm.Config{}, + //Graph: &graph.Config{}, + IDM: &idm.Config{}, //IDP: &idp.Config{}, //Nats: &nats.Config{}, Notifications: ¬ifications.Config{}, - Proxy: &proxy.Config{}, - OCS: &ocs.Config{}, - Settings: &settings.Config{}, - //Storage: &storage.Config{}, + //Proxy: &proxy.Config{}, + OCS: &ocs.Config{}, + Settings: &settings.Config{}, + Storage: &storage.Config{}, Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, } if insecure { + cfg.Proxy = &proxy.Config{} cfg.Proxy.InsecureBackends = insecure } - idmServicePassword, err := generateRandomPassword(passwordLength) + idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for idm: %s", err) } - idpServicePassword, err := generateRandomPassword(passwordLength) + idpServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for idp: %s", err) } - ocisAdminServicePassword, err := generateRandomPassword(passwordLength) + ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for ocis admin: %s", err) } - revaServicePassword, err := generateRandomPassword(passwordLength) + revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for reva: %s", err) } - tokenManagerJwtSecret, err := generateRandomPassword(passwordLength) + tokenManagerJwtSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) } - machineAuthSecret, err := generateRandomPassword(passwordLength) + machineAuthSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } - thumbnailTransferTokenSecret, err := generateRandomPassword(passwordLength) + thumbnailTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } + // TODO: IDP config is missing (LDAP + GROUP provider) + // TODO: REVA config is missing (LDAP + GROUP provider) + // TODO: graph needs IDM password configured + // TODO: add missing insecure occurences + // TODO: search for missing transfer secrets + // TODO: move TokenManager for all extensions to shared + // TODO: move machineauthsecret for all extensions to shared + // TODO: move transfersecret for all extensions to shared + cfg.TokenManager.JWTSecret = tokenManagerJwtSecret - cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret - cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret + //fmt.Printf("%v\n", cfg.Graph.TokenManager) cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword cfg.Notifications.Notifications.MachineAuthSecret = machineAuthSecret cfg.OCS.MachineAuthAPIKey = machineAuthSecret - cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret + //fmt.Printf("%v\n", cfg.Proxy.TokenManager) cfg.Proxy.MachineAuthAPIKey = machineAuthSecret cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret - cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Storage.Reva.JWTSecret = tokenManagerJwtSecret + cfg.Storage.OCDav.JWTSecret = tokenManagerJwtSecret cfg.Thumbnails.Thumbnail.TransferTokenSecret = thumbnailTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { @@ -198,17 +213,3 @@ func stringPrompt(label string) string { } return strings.TrimSpace(input) } - -func generateRandomPassword(length int) (string, error) { - const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-=+!@#$%^&*." - ret := make([]byte, length) - for i := 0; i < length; i++ { - num, err := rand.Int(rand.Reader, big.NewInt(int64(len(chars)))) - if err != nil { - return "", err - } - ret[i] = chars[num.Int64()] - } - - return string(ret), nil -} diff --git a/ocis/pkg/command/server.go b/ocis/pkg/command/server.go index 00b9c89da31..7bc6d653065 100644 --- a/ocis/pkg/command/server.go +++ b/ocis/pkg/command/server.go @@ -21,7 +21,9 @@ func Server(cfg *config.Config) *cli.Command { Action: func(c *cli.Context) error { cfg.Commons = &shared.Commons{ - Log: cfg.Log, + Log: cfg.Log, + Tracing: cfg.Tracing, + TokenManager: cfg.TokenManager, } r := runtime.New(cfg)