From c9c329b139004399d4dc3aaf5a6a137051d57722 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Thu, 14 Apr 2022 15:40:09 +0200 Subject: [PATCH 01/59] initial skel for subcommand Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 63 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 ocis/pkg/command/init.go diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go new file mode 100644 index 00000000000..2f15dcf4dc4 --- /dev/null +++ b/ocis/pkg/command/init.go @@ -0,0 +1,63 @@ +package command + +import ( + "bufio" + "fmt" + "os" + "strings" + + "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis/pkg/register" + cli "github.com/urfave/cli/v2" +) + +func InitCommand(cfg *config.Config) *cli.Command { + return &cli.Command{ + Name: "init", + Usage: "initialise an ocis config", + Flags: []cli.Flag{ + &cli.StringFlag{ + Name: "insecure", + EnvVars: []string{"OCIS_INSECURE"}, + Value: "ask", + }, + }, + Action: func(c *cli.Context) error { + // TODO: discuss if we want overwrite protection for existing configs + insecureFlag := c.String("insecure") + if insecureFlag == "ask" { + answer := strings.ToLower(StringPrompt("Insecure Backends? [Yes|No]")) + if answer == "yes" || answer == "y" { + cfg.Proxy.InsecureBackends = true + } else { + cfg.Proxy.InsecureBackends = false + } + } else { + if insecureFlag == "true" { + cfg.Proxy.InsecureBackends = true + } else { + cfg.Proxy.InsecureBackends = false + } + } + fmt.Println(cfg.Proxy.InsecureBackends) + return nil + }, + } +} + +func StringPrompt(label string) string { + var s string + r := bufio.NewReader(os.Stdin) + for { + fmt.Fprint(os.Stderr, label+" ") + s, _ = r.ReadString('\n') + if s != "" { + break + } + } + return strings.TrimSpace(s) +} + +func init() { + register.AddCommand(InitCommand) +} From 8d81e39bd63274843b12e842cd5740d970b5b49f Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Tue, 19 Apr 2022 15:13:09 +0200 Subject: [PATCH 02/59] refactor yaml labels, add overwrite protection Signed-off-by: Christian Richter --- extensions/accounts/pkg/config/config.go | 22 +-- extensions/audit/pkg/config/config.go | 8 +- extensions/glauth/pkg/config/config.go | 16 +-- .../graph-explorer/pkg/config/config.go | 10 +- extensions/graph/pkg/config/config.go | 16 +-- extensions/idm/pkg/config/config.go | 10 +- extensions/idp/pkg/config/config.go | 14 +- extensions/nats/pkg/config/config.go | 14 +- extensions/notifications/pkg/config/config.go | 6 +- extensions/ocs/pkg/config/config.go | 20 +-- extensions/proxy/pkg/config/config.go | 42 +++--- extensions/settings/pkg/config/config.go | 20 +-- extensions/storage/pkg/config/config.go | 18 +-- extensions/thumbnails/pkg/config/config.go | 12 +- extensions/web/pkg/config/config.go | 14 +- extensions/webdav/pkg/config/config.go | 16 +-- go.mod | 2 +- ocis-pkg/config/config.go | 52 +++---- ocis/pkg/command/init.go | 128 ++++++++++++++++-- 19 files changed, 271 insertions(+), 169 deletions(-) diff --git a/extensions/accounts/pkg/config/config.go b/extensions/accounts/pkg/config/config.go index 9b46d2dbf17..59068470c50 100644 --- a/extensions/accounts/pkg/config/config.go +++ b/extensions/accounts/pkg/config/config.go @@ -12,21 +12,21 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` - GRPC GRPC `yaml:"grpc"` + HTTP HTTP `yaml:"http,omitempty"` + GRPC GRPC `yaml:"grpc,omitempty"` TokenManager TokenManager `yaml:"token_manager"` - Asset Asset `yaml:"asset"` - Repo Repo `yaml:"repo"` - Index Index `yaml:"index"` - ServiceUser ServiceUser `yaml:"service_user"` - HashDifficulty int `yaml:"hash_difficulty" env:"ACCOUNTS_HASH_DIFFICULTY" desc:"The hash difficulty makes sure that validating a password takes at least a certain amount of time."` - DemoUsersAndGroups bool `yaml:"demo_users_and_groups" env:"ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"If this flag is set the service will setup the demo users and groups."` + Asset Asset `yaml:"asset,omitempty"` + Repo Repo `yaml:"repo,omitempty"` + Index Index `yaml:"index,omitempty"` + ServiceUser ServiceUser `yaml:"service_user,omitempty"` + HashDifficulty int `yaml:"hash_difficulty,omitempty" env:"ACCOUNTS_HASH_DIFFICULTY" desc:"The hash difficulty makes sure that validating a password takes at least a certain amount of time."` + DemoUsersAndGroups bool `yaml:"demo_users_and_groups,omitempty" env:"ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"If this flag is set the service will setup the demo users and groups."` Context context.Context `yaml:"-"` } diff --git a/extensions/audit/pkg/config/config.go b/extensions/audit/pkg/config/config.go index b14a78a752a..3b753f1a114 100644 --- a/extensions/audit/pkg/config/config.go +++ b/extensions/audit/pkg/config/config.go @@ -12,11 +12,11 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - Events Events `yaml:"events"` - Auditlog Auditlog `yaml:"auditlog"` + Events Events `yaml:"events,omitempty"` + Auditlog Auditlog `yaml:"auditlog,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/glauth/pkg/config/config.go b/extensions/glauth/pkg/config/config.go index aa8479989a3..d9fcf5d6b10 100644 --- a/extensions/glauth/pkg/config/config.go +++ b/extensions/glauth/pkg/config/config.go @@ -12,17 +12,17 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - Ldap Ldap `yaml:"ldap"` - Ldaps Ldaps `yaml:"ldaps"` + Ldap Ldap `yaml:"ldap,omitempty"` + Ldaps Ldaps `yaml:"ldaps,omitempty"` - Backend Backend `yaml:"backend"` - Fallback FallbackBackend `yaml:"fallback"` + Backend Backend `yaml:"backend,omitempty"` + Fallback FallbackBackend `yaml:"fallback,omitempty"` - RoleBundleUUID string `yaml:"role_bundle_uuid" env:"GLAUTH_ROLE_BUNDLE_ID"` + RoleBundleUUID string `yaml:"role_bundle_uuid,omitempty" env:"GLAUTH_ROLE_BUNDLE_ID"` Context context.Context `yaml:"-"` } diff --git a/extensions/graph-explorer/pkg/config/config.go b/extensions/graph-explorer/pkg/config/config.go index 2bd5bd5a62b..4fa04740366 100644 --- a/extensions/graph-explorer/pkg/config/config.go +++ b/extensions/graph-explorer/pkg/config/config.go @@ -12,13 +12,13 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - GraphExplorer GraphExplorer `yaml:"graph_explorer"` + GraphExplorer GraphExplorer `yaml:"graph_explorer,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 4d11d73f93e..0ff49f31ad6 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -12,18 +12,18 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva"` + Reva Reva `yaml:"reva,omitempty"` TokenManager TokenManager `yaml:"token_manager"` - Spaces Spaces `yaml:"spaces"` - Identity Identity `yaml:"identity"` - Events Events `yaml:"events"` + Spaces Spaces `yaml:"spaces,omitempty"` + Identity Identity `yaml:"identity,omitempty"` + Events Events `yaml:"events,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/idm/pkg/config/config.go b/extensions/idm/pkg/config/config.go index 2706fe673fd..8f47d43a721 100644 --- a/extensions/idm/pkg/config/config.go +++ b/extensions/idm/pkg/config/config.go @@ -12,12 +12,12 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - IDM Settings `yaml:"idm"` - CreateDemoUsers bool `yaml:"create_demo_users" env:"IDM_CREATE_DEMO_USERS;ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"Flag to enabe/disable the creation of the demo users"` + IDM Settings `yaml:"idm,omitempty"` + CreateDemoUsers bool `yaml:"create_demo_users,omitempty" env:"IDM_CREATE_DEMO_USERS;ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"Flag to enabe/disable the creation of the demo users"` ServiceUserPasswords ServiceUserPasswords `yaml:"service_user_passwords"` diff --git a/extensions/idp/pkg/config/config.go b/extensions/idp/pkg/config/config.go index 83bd84554d0..8b479bba53e 100644 --- a/extensions/idp/pkg/config/config.go +++ b/extensions/idp/pkg/config/config.go @@ -12,15 +12,15 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - Asset Asset `yaml:"asset"` - IDP Settings `yaml:"idp"` - Ldap Ldap `yaml:"ldap"` + Asset Asset `yaml:"asset,omitempty"` + IDP Settings `yaml:"idp,omitempty"` + Ldap Ldap `yaml:"ldap,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/nats/pkg/config/config.go b/extensions/nats/pkg/config/config.go index 3d1c279443b..9dfed67b293 100644 --- a/extensions/nats/pkg/config/config.go +++ b/extensions/nats/pkg/config/config.go @@ -12,18 +12,18 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - Nats Nats `ociConfig:"nats"` + Nats Nats `ociConfig:"nats,omitempty"` Context context.Context `yaml:"-"` } // Nats is the nats config type Nats struct { - Host string `yaml:"host" env:"NATS_NATS_HOST"` - Port int `yaml:"port" env:"NATS_NATS_PORT"` - ClusterID string `yaml:"clusterid" env:"NATS_NATS_CLUSTER_ID"` - StoreDir string `yaml:"store_dir" env:"NATS_NATS_STORE_DIR"` + Host string `yaml:"host,omitempty" env:"NATS_NATS_HOST"` + Port int `yaml:"port,omitempty" env:"NATS_NATS_PORT"` + ClusterID string `yaml:"clusterid,omitempty" env:"NATS_NATS_CLUSTER_ID"` + StoreDir string `yaml:"store_dir,omitempty" env:"NATS_NATS_STORE_DIR"` } diff --git a/extensions/notifications/pkg/config/config.go b/extensions/notifications/pkg/config/config.go index 7cc1838523a..2e6fddc48d9 100644 --- a/extensions/notifications/pkg/config/config.go +++ b/extensions/notifications/pkg/config/config.go @@ -12,10 +12,10 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - Notifications Notifications `yaml:"notifications"` + Notifications Notifications `yaml:"notifications,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index 52d7e954248..dbdaa215077 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -12,20 +12,20 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - TokenManager TokenManager `yaml:"token_manager"` - Reva Reva `yaml:"reva"` + TokenManager TokenManager `yaml:"token_manager,omitempty"` + Reva Reva `yaml:"reva,omitempty"` - IdentityManagement IdentityManagement `yaml:"identity_management"` + IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` - AccountBackend string `yaml:"account_backend" env:"OCS_ACCOUNT_BACKEND_TYPE"` - StorageUsersDriver string `yaml:"storage_users_driver" env:"STORAGE_USERS_DRIVER;OCS_STORAGE_USERS_DRIVER"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY"` + AccountBackend string `yaml:"account_backend,omitempty" env:"OCS_ACCOUNT_BACKEND_TYPE"` + StorageUsersDriver string `yaml:"storage_users_driver,omitempty" env:"STORAGE_USERS_DRIVER;OCS_STORAGE_USERS_DRIVER"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY"` Context context.Context `yaml:"-"` } diff --git a/extensions/proxy/pkg/config/config.go b/extensions/proxy/pkg/config/config.go index 7beb4d9c4cd..8cf6f18e85f 100644 --- a/extensions/proxy/pkg/config/config.go +++ b/extensions/proxy/pkg/config/config.go @@ -12,27 +12,27 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` - - HTTP HTTP `yaml:"http"` - - Reva Reva `yaml:"reva"` - - Policies []Policy `yaml:"policies"` - OIDC OIDC `yaml:"oidc"` - TokenManager TokenManager `yaml:"token_manager"` - PolicySelector *PolicySelector `yaml:"policy_selector"` - PreSignedURL PreSignedURL `yaml:"pre_signed_url"` - AccountBackend string `yaml:"account_backend" env:"PROXY_ACCOUNT_BACKEND_TYPE"` - UserOIDCClaim string `yaml:"user_oidc_claim" env:"PROXY_USER_OIDC_CLAIM"` - UserCS3Claim string `yaml:"user_cs3_claim" env:"PROXY_USER_CS3_CLAIM"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY"` - AutoprovisionAccounts bool `yaml:"auto_provision_accounts" env:"PROXY_AUTOPROVISION_ACCOUNTS"` - EnableBasicAuth bool `yaml:"enable_basic_auth" env:"PROXY_ENABLE_BASIC_AUTH"` - InsecureBackends bool `yaml:"insecure_backends" env:"PROXY_INSECURE_BACKENDS"` - AuthMiddleware AuthMiddleware `yaml:"auth_middleware"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + + HTTP HTTP `yaml:"http,omitempty"` + + Reva Reva `yaml:"reva,omitempty"` + + Policies []Policy `yaml:"policies,omitempty"` + OIDC OIDC `yaml:"oidc,omitempty"` + TokenManager TokenManager `yaml:"token_manager,omitempty"` + PolicySelector *PolicySelector `yaml:"policy_selector,omitempty"` + PreSignedURL PreSignedURL `yaml:"pre_signed_url,omitempty"` + AccountBackend string `yaml:"account_backend,omitempty" env:"PROXY_ACCOUNT_BACKEND_TYPE"` + UserOIDCClaim string `yaml:"user_oidc_claim,omitempty" env:"PROXY_USER_OIDC_CLAIM"` + UserCS3Claim string `yaml:"user_cs3_claim,omitempty" env:"PROXY_USER_CS3_CLAIM"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY"` + AutoprovisionAccounts bool `yaml:"auto_provision_accounts,omitempty" env:"PROXY_AUTOPROVISION_ACCOUNTS"` + EnableBasicAuth bool `yaml:"enable_basic_auth,omitempty" env:"PROXY_ENABLE_BASIC_AUTH"` + InsecureBackends bool `yaml:"insecure_backends,omitempty" env:"PROXY_INSECURE_BACKENDS"` + AuthMiddleware AuthMiddleware `yaml:"auth_middleware,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index a60b2df1f3f..5fc79dcd314 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -12,19 +12,19 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` - GRPC GRPC `yaml:"grpc"` + HTTP HTTP `yaml:"http,omitempty"` + GRPC GRPC `yaml:"grpc,omitempty"` - StoreType string `yaml:"store_type" env:"SETTINGS_STORE_TYPE"` - DataPath string `yaml:"data_path" env:"SETTINGS_DATA_PATH"` - Metadata Metadata `yaml:"metadata_config"` + StoreType string `yaml:"store_type,omitempty" env:"SETTINGS_STORE_TYPE"` + DataPath string `yaml:"data_path,omitempty" env:"SETTINGS_DATA_PATH"` + Metadata Metadata `yaml:"metadata_config,omitempty"` - Asset Asset `yaml:"asset"` - TokenManager TokenManager `yaml:"token_manager"` + Asset Asset `yaml:"asset,omitempty"` + TokenManager TokenManager `yaml:"token_manager,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/storage/pkg/config/config.go b/extensions/storage/pkg/config/config.go index cfd35175e71..695759d9f78 100644 --- a/extensions/storage/pkg/config/config.go +++ b/extensions/storage/pkg/config/config.go @@ -522,15 +522,15 @@ type Asset struct { // Config combines all available configuration parts. type Config struct { - *shared.Commons - - File string `yaml:"file"` - Log *shared.Log `yaml:"log"` - Debug Debug `yaml:"debug"` - OCDav OCDav `yaml:"ocdav"` - Reva Reva `yaml:"reva"` - Tracing Tracing `yaml:"tracing"` - Asset Asset `yaml:"asset"` + *shared.Commons `yaml:",omitempty"` + + File string `yaml:"file,omitempty"` + Log *shared.Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + OCDav OCDav `yaml:"ocdav,omitempty"` + Reva Reva `yaml:"reva,omitempty"` + Tracing Tracing `yaml:"tracing,omitempty"` + Asset Asset `yaml:"asset,omitempty"` } // New initializes a new configuration with or without defaults. diff --git a/extensions/thumbnails/pkg/config/config.go b/extensions/thumbnails/pkg/config/config.go index 0afad535c69..2b647828687 100644 --- a/extensions/thumbnails/pkg/config/config.go +++ b/extensions/thumbnails/pkg/config/config.go @@ -12,14 +12,14 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - GRPC GRPC `yaml:"grpc"` - HTTP HTTP `yaml:"http"` + GRPC GRPC `yaml:"grpc,omitempty"` + HTTP HTTP `yaml:"http,omitempty"` - Thumbnail Thumbnail `yaml:"thumbnail"` + Thumbnail Thumbnail `yaml:"thumbnail,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/web/pkg/config/config.go b/extensions/web/pkg/config/config.go index dbc7feee051..1fb079da640 100644 --- a/extensions/web/pkg/config/config.go +++ b/extensions/web/pkg/config/config.go @@ -12,15 +12,15 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - Asset Asset `yaml:"asset"` - File string `yaml:"file" env:"WEB_UI_CONFIG"` // TODO: rename this to a more self explaining string - Web Web `yaml:"web"` + Asset Asset `yaml:"asset,omitempty"` + File string `yaml:"file,omitempty" env:"WEB_UI_CONFIG"` // TODO: rename this to a more self explaining string + Web Web `yaml:"web,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/webdav/pkg/config/config.go b/extensions/webdav/pkg/config/config.go index 4efe95ebdfe..322a8f9661b 100644 --- a/extensions/webdav/pkg/config/config.go +++ b/extensions/webdav/pkg/config/config.go @@ -12,15 +12,15 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Log *Log `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` - HTTP HTTP `yaml:"http"` + HTTP HTTP `yaml:"http,omitempty"` - OcisPublicURL string `yaml:"ocis_public_url" env:"OCIS_URL;OCIS_PUBLIC_URL"` - WebdavNamespace string `yaml:"webdav_namespace" env:"STORAGE_WEBDAV_NAMESPACE"` //TODO: prevent this cross config - RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY"` + OcisPublicURL string `yaml:"ocis_public_url,omitempty" env:"OCIS_URL;OCIS_PUBLIC_URL"` + WebdavNamespace string `yaml:"webdav_namespace,omitempty" env:"STORAGE_WEBDAV_NAMESPACE"` //TODO: prevent this cross config + RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY"` - Context context.Context `yaml:"-"` + Context context.Context `yaml:"-,omitempty"` } diff --git a/go.mod b/go.mod index 96bb7680bb7..d155878487e 100644 --- a/go.mod +++ b/go.mod @@ -79,6 +79,7 @@ require ( google.golang.org/grpc v1.45.0 google.golang.org/protobuf v1.28.0 gopkg.in/yaml.v2 v2.4.0 + gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b gotest.tools/v3 v3.1.0 stash.kopano.io/kgol/rndm v1.1.1 ) @@ -265,7 +266,6 @@ require ( gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect - gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect stash.kopano.io/kgol/kcc-go/v5 v5.0.1 // indirect stash.kopano.io/kgol/oidc-go v0.3.2 // indirect ) diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index f7c71952ecb..1d35aa49326 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -46,34 +46,34 @@ type Runtime struct { // Config combines all available configuration parts. type Config struct { - *shared.Commons `yaml:"shared"` + *shared.Commons `yaml:"shared,omitempty"` - Tracing shared.Tracing `yaml:"tracing"` - Log *shared.Log `yaml:"log"` + Tracing shared.Tracing `yaml:"tracing,omitempty"` + Log *shared.Log `yaml:"log,omitempty"` - Mode Mode // DEPRECATED - File string - OcisURL string `yaml:"ocis_url"` + Mode Mode `yaml:",omitempty"` // DEPRECATED + File string `yaml:",omitempty"` + OcisURL string `yaml:"ocis_url,omitempty"` - Registry string `yaml:"registry"` - TokenManager TokenManager `yaml:"token_manager"` - Runtime Runtime `yaml:"runtime"` + Registry string `yaml:"registry,omitempty"` + TokenManager TokenManager `yaml:"token_manager,omitempty"` + Runtime Runtime `yaml:"runtime,omitempty"` - Audit *audit.Config `yaml:"audit"` - Accounts *accounts.Config `yaml:"accounts"` - GLAuth *glauth.Config `yaml:"glauth"` - Graph *graph.Config `yaml:"graph"` - GraphExplorer *graphExplorer.Config `yaml:"graph_explorer"` - IDP *idp.Config `yaml:"idp"` - IDM *idm.Config `yaml:"idm"` - Nats *nats.Config `yaml:"nats"` - Notifications *notifications.Config `yaml:"notifications"` - OCS *ocs.Config `yaml:"ocs"` - Web *web.Config `yaml:"web"` - Proxy *proxy.Config `yaml:"proxy"` - Settings *settings.Config `yaml:"settings"` - Storage *storage.Config `yaml:"storage"` - Store *store.Config `yaml:"store"` - Thumbnails *thumbnails.Config `yaml:"thumbnails"` - WebDAV *webdav.Config `yaml:"webdav"` + Audit *audit.Config `yaml:"audit,omitempty"` + Accounts *accounts.Config `yaml:"accounts,omitempty"` + GLAuth *glauth.Config `yaml:"glauth,omitempty"` + Graph *graph.Config `yaml:"graph,omitempty"` + GraphExplorer *graphExplorer.Config `yaml:"graph_explorer,omitempty"` + IDP *idp.Config `yaml:"idp,omitempty"` + IDM *idm.Config `yaml:"idm,omitempty"` + Nats *nats.Config `yaml:"nats,omitempty"` + Notifications *notifications.Config `yaml:"notifications,omitempty"` + OCS *ocs.Config `yaml:"ocs,omitempty"` + Web *web.Config `yaml:"web,omitempty"` + Proxy *proxy.Config `yaml:"proxy,omitempty"` + Settings *settings.Config `yaml:"settings,omitempty"` + Storage *storage.Config `yaml:"storage,omitempty"` + Store *store.Config `yaml:"store,omitempty"` + Thumbnails *thumbnails.Config `yaml:"thumbnails,omitempty"` + WebDAV *webdav.Config `yaml:"webdav,omitempty"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 2f15dcf4dc4..205eed9c87d 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -2,16 +2,32 @@ package command import ( "bufio" + "errors" "fmt" + "io/ioutil" + "log" "os" + "path" "strings" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" + "gopkg.in/yaml.v3" + + accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config" + graph "github.com/owncloud/ocis/extensions/graph/pkg/config" + idm "github.com/owncloud/ocis/extensions/idm/pkg/config" ) +const configFilename string = "ocis.yml" + func InitCommand(cfg *config.Config) *cli.Command { + // TODO: remove homedir get + homeDir, err := os.UserHomeDir() + if err != nil { + log.Fatalf("could not get homedir") + } return &cli.Command{ Name: "init", Usage: "initialise an ocis config", @@ -21,12 +37,24 @@ func InitCommand(cfg *config.Config) *cli.Command { EnvVars: []string{"OCIS_INSECURE"}, Value: "ask", }, + &cli.BoolFlag{ + Name: "force-overwrite", + Aliases: []string{"f"}, + EnvVars: []string{"OCIS_FORCE_CONFIG_OVERWRITE"}, + Value: false, + }, + &cli.StringFlag{ + Name: "config-path", + //Value: cfg.ConfigPath, // TODO: as soon as PR 3480 is merged, remove quotes + Value: path.Join(homeDir, ".ocis"), // TODO: this is temporary for experimenting, line above is relevant + Usage: "config path for the ocis runtime", + // Destination: &cfg.ConfigFile, // TODO: same as above + }, }, Action: func(c *cli.Context) error { - // TODO: discuss if we want overwrite protection for existing configs insecureFlag := c.String("insecure") if insecureFlag == "ask" { - answer := strings.ToLower(StringPrompt("Insecure Backends? [Yes|No]")) + answer := strings.ToLower(stringPrompt("Insecure Backends? [Yes|No]")) if answer == "yes" || answer == "y" { cfg.Proxy.InsecureBackends = true } else { @@ -39,25 +67,99 @@ func InitCommand(cfg *config.Config) *cli.Command { cfg.Proxy.InsecureBackends = false } } - fmt.Println(cfg.Proxy.InsecureBackends) + err := createConfig(cfg.Proxy.InsecureBackends, c.Bool("force-overwrite"), c.String("config-path")) + if err != nil { + log.Fatalf("Could not create config: %s", err) + } return nil }, } } -func StringPrompt(label string) string { - var s string - r := bufio.NewReader(os.Stdin) +func init() { + register.AddCommand(InitCommand) +} + +func checkConfigPath(configPath string) error { + targetPath := path.Join(configPath, configFilename) + _, err := os.Stat(targetPath) + if err == nil { + return errors.New(fmt.Sprintf("Config in %s already exists", targetPath)) + } + return nil +} + +func createConfig(insecure, forceOverwrite bool, configPath string) error { + err := checkConfigPath(configPath) + if err != nil && forceOverwrite == false { + return err + } + err = os.MkdirAll(configPath, 0700) + if err != nil { + return err + } + cfg := config.Config{ + Accounts: &accounts.Config{}, + //Audit: &audit.Config{}, + //GLAuth: &glauth.Config{}, + //GraphExplorer: &graphExplorer.Config{}, + Graph: &graph.Config{}, + IDM: &idm.Config{}, + //IDP: &idp.Config{}, + //Nats: &nats.Config{}, + //Notifications: ¬ifications.Config{}, + //OCS: &ocs.Config{}, + //Proxy: &proxy.Config{}, + //Settings: &settings.Config{}, + //Storage: &storage.Config{}, + //Thumbnails: &thumbnails.Config{}, + //Web: &web.Config{}, + //WebDAV: &webdav.Config{}, + } + + idmServicePassword := "randomizeme" + idpServicePassword := "randomizeme" + ocisAdminServicePassword := "randomizeme" + revaServicePassword := "randomizeme" + tokenManagerJwtSecret := "randomizeme" + + // TODO: generate outputs for all occurences above + cfg.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword + cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword + cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword + cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword + yamlOutput, err := yaml.Marshal(cfg) + if err != nil { + return err + } + targetPath := path.Join(configPath, configFilename) + err = ioutil.WriteFile(targetPath, yamlOutput, 0600) + if err != nil { + return err + } + fmt.Printf( + "======================================\n"+ + " generated OCIS Config\n"+ + "======================================\n"+ + " configpath : %s\n"+ + " user : admin\n"+ + " password : %s\n", + targetPath, ocisAdminServicePassword) + return nil +} + +func stringPrompt(label string) string { + input := "" + reader := bufio.NewReader(os.Stdin) for { fmt.Fprint(os.Stderr, label+" ") - s, _ = r.ReadString('\n') - if s != "" { + input, _ = reader.ReadString('\n') + if input != "" { break } } - return strings.TrimSpace(s) -} - -func init() { - register.AddCommand(InitCommand) + return strings.TrimSpace(input) } From 3956108e17dca0d113c97972155c7a76062d5440 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 20 Apr 2022 11:12:55 +0200 Subject: [PATCH 03/59] add password generator Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 44 ++++++++++++++++++++++++++++++++++------ 1 file changed, 38 insertions(+), 6 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 205eed9c87d..4c4cbd3fb0c 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -2,10 +2,12 @@ package command import ( "bufio" + "crypto/rand" "errors" "fmt" "io/ioutil" "log" + "math/big" "os" "path" "strings" @@ -21,6 +23,7 @@ import ( ) const configFilename string = "ocis.yml" +const passwordLength int = 32 func InitCommand(cfg *config.Config) *cli.Command { // TODO: remove homedir get @@ -117,11 +120,26 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //WebDAV: &webdav.Config{}, } - idmServicePassword := "randomizeme" - idpServicePassword := "randomizeme" - ocisAdminServicePassword := "randomizeme" - revaServicePassword := "randomizeme" - tokenManagerJwtSecret := "randomizeme" + idmServicePassword, err := generateRandomPassword(passwordLength) + if err != nil { + return errors.New(fmt.Sprintf("Could not generate random password for idm: %s", err)) + } + idpServicePassword, err := generateRandomPassword(passwordLength) + if err != nil { + return errors.New(fmt.Sprintf("Could not generate random password for idp: %s", err)) + } + ocisAdminServicePassword, err := generateRandomPassword(passwordLength) + if err != nil { + return errors.New(fmt.Sprintf("Could not generate random password for ocis admin: %s", err)) + } + revaServicePassword, err := generateRandomPassword(passwordLength) + if err != nil { + return errors.New(fmt.Sprintf("Could not generate random password for reva: %s", err)) + } + tokenManagerJwtSecret, err := generateRandomPassword(passwordLength) + if err != nil { + return errors.New(fmt.Sprintf("Could not generate random password for tokenmanager: %s", err)) + } // TODO: generate outputs for all occurences above cfg.TokenManager.JWTSecret = tokenManagerJwtSecret @@ -133,7 +151,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword yamlOutput, err := yaml.Marshal(cfg) if err != nil { - return err + return errors.New(fmt.Sprintf("Could not marshall config into yaml: %s", err)) } targetPath := path.Join(configPath, configFilename) err = ioutil.WriteFile(targetPath, yamlOutput, 0600) @@ -163,3 +181,17 @@ func stringPrompt(label string) string { } return strings.TrimSpace(input) } + +func generateRandomPassword(length int) (string, error) { + const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-=+!@#$%^&*." + ret := make([]byte, length) + for i := 0; i < length; i++ { + num, err := rand.Int(rand.Reader, big.NewInt(int64(len(chars)))) + if err != nil { + return "", err + } + ret[i] = chars[num.Int64()] + } + + return string(ret), nil +} From 88cf3eec89cd4cabcea5a759c2137f3866b1b32b Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 20 Apr 2022 11:22:34 +0200 Subject: [PATCH 04/59] handle insecure flag Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 43 ++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 22 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 4c4cbd3fb0c..c2c61b41bb9 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -3,7 +3,6 @@ package command import ( "bufio" "crypto/rand" - "errors" "fmt" "io/ioutil" "log" @@ -20,11 +19,13 @@ import ( accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config" graph "github.com/owncloud/ocis/extensions/graph/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" + proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" ) const configFilename string = "ocis.yml" const passwordLength int = 32 +// InitCommand is the entrypoint for the init command func InitCommand(cfg *config.Config) *cli.Command { // TODO: remove homedir get homeDir, err := os.UserHomeDir() @@ -56,21 +57,16 @@ func InitCommand(cfg *config.Config) *cli.Command { }, Action: func(c *cli.Context) error { insecureFlag := c.String("insecure") + insecure := false if insecureFlag == "ask" { answer := strings.ToLower(stringPrompt("Insecure Backends? [Yes|No]")) if answer == "yes" || answer == "y" { - cfg.Proxy.InsecureBackends = true - } else { - cfg.Proxy.InsecureBackends = false - } - } else { - if insecureFlag == "true" { - cfg.Proxy.InsecureBackends = true - } else { - cfg.Proxy.InsecureBackends = false + insecure = true } + } else if insecureFlag == "true" { + insecure = true } - err := createConfig(cfg.Proxy.InsecureBackends, c.Bool("force-overwrite"), c.String("config-path")) + err := createConfig(insecure, c.Bool("force-overwrite"), c.String("config-path")) if err != nil { log.Fatalf("Could not create config: %s", err) } @@ -85,16 +81,15 @@ func init() { func checkConfigPath(configPath string) error { targetPath := path.Join(configPath, configFilename) - _, err := os.Stat(targetPath) - if err == nil { - return errors.New(fmt.Sprintf("Config in %s already exists", targetPath)) + if _, err := os.Stat(targetPath); err == nil { + return fmt.Errorf("Config in %s already exists", targetPath) } return nil } func createConfig(insecure, forceOverwrite bool, configPath string) error { err := checkConfigPath(configPath) - if err != nil && forceOverwrite == false { + if err != nil && !forceOverwrite { return err } err = os.MkdirAll(configPath, 0700) @@ -112,7 +107,6 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //Nats: &nats.Config{}, //Notifications: ¬ifications.Config{}, //OCS: &ocs.Config{}, - //Proxy: &proxy.Config{}, //Settings: &settings.Config{}, //Storage: &storage.Config{}, //Thumbnails: &thumbnails.Config{}, @@ -120,25 +114,30 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //WebDAV: &webdav.Config{}, } + if insecure { + cfg.Proxy = &proxy.Config{} + cfg.Proxy.InsecureBackends = insecure + } + idmServicePassword, err := generateRandomPassword(passwordLength) if err != nil { - return errors.New(fmt.Sprintf("Could not generate random password for idm: %s", err)) + return fmt.Errorf("Could not generate random password for idm: %s", err) } idpServicePassword, err := generateRandomPassword(passwordLength) if err != nil { - return errors.New(fmt.Sprintf("Could not generate random password for idp: %s", err)) + return fmt.Errorf("Could not generate random password for idp: %s", err) } ocisAdminServicePassword, err := generateRandomPassword(passwordLength) if err != nil { - return errors.New(fmt.Sprintf("Could not generate random password for ocis admin: %s", err)) + return fmt.Errorf("Could not generate random password for ocis admin: %s", err) } revaServicePassword, err := generateRandomPassword(passwordLength) if err != nil { - return errors.New(fmt.Sprintf("Could not generate random password for reva: %s", err)) + return fmt.Errorf("Could not generate random password for reva: %s", err) } tokenManagerJwtSecret, err := generateRandomPassword(passwordLength) if err != nil { - return errors.New(fmt.Sprintf("Could not generate random password for tokenmanager: %s", err)) + return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) } // TODO: generate outputs for all occurences above @@ -151,7 +150,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword yamlOutput, err := yaml.Marshal(cfg) if err != nil { - return errors.New(fmt.Sprintf("Could not marshall config into yaml: %s", err)) + return fmt.Errorf("Could not marshall config into yaml: %s", err) } targetPath := path.Join(configPath, configFilename) err = ioutil.WriteFile(targetPath, yamlOutput, 0600) From f7a84491ef023ce2e96a741e23f2ce7ae77683ce Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 20 Apr 2022 12:20:37 +0200 Subject: [PATCH 05/59] add missing extensions Signed-off-by: Christian Richter --- extensions/notifications/pkg/config/config.go | 6 ++-- extensions/settings/pkg/config/config.go | 10 +++---- extensions/thumbnails/pkg/config/config.go | 16 +++++----- ocis/pkg/command/init.go | 30 +++++++++++++++---- 4 files changed, 40 insertions(+), 22 deletions(-) diff --git a/extensions/notifications/pkg/config/config.go b/extensions/notifications/pkg/config/config.go index 2e6fddc48d9..d20818252e0 100644 --- a/extensions/notifications/pkg/config/config.go +++ b/extensions/notifications/pkg/config/config.go @@ -22,9 +22,9 @@ type Config struct { // Notifications definces the config options for the notifications service. type Notifications struct { - SMTP SMTP `yaml:"SMTP"` - Events Events `yaml:"events"` - RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY"` + SMTP SMTP `yaml:"SMTP,omitempty"` + Events Events `yaml:"events,omitempty"` + RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY"` MachineAuthSecret string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY"` } diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index 5fc79dcd314..d41a18fe13e 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -36,10 +36,10 @@ type Asset struct { // Metadata configures the metadata store to use type Metadata struct { - GatewayAddress string `yaml:"gateway_addr" env:"STORAGE_GATEWAY_GRPC_ADDR"` - StorageAddress string `yaml:"storage_addr" env:"STORAGE_GRPC_ADDR"` + GatewayAddress string `yaml:"gateway_addr,omitempty" env:"STORAGE_GATEWAY_GRPC_ADDR"` + StorageAddress string `yaml:"storage_addr,omitempty" env:"STORAGE_GRPC_ADDR"` - ServiceUserID string `yaml:"service_user_id" env:"METADATA_SERVICE_USER_UUID"` - ServiceUserIDP string `yaml:"service_user_idp" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` + ServiceUserID string `yaml:"service_user_id,omitempty" env:"METADATA_SERVICE_USER_UUID"` + ServiceUserIDP string `yaml:"service_user_idp,omitempty" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY"` } diff --git a/extensions/thumbnails/pkg/config/config.go b/extensions/thumbnails/pkg/config/config.go index 2b647828687..52f72bc4e1d 100644 --- a/extensions/thumbnails/pkg/config/config.go +++ b/extensions/thumbnails/pkg/config/config.go @@ -36,12 +36,12 @@ type FileSystemSource struct { // Thumbnail defines the available thumbnail related configuration. type Thumbnail struct { - Resolutions []string `yaml:"resolutions"` - FileSystemStorage FileSystemStorage `yaml:"filesystem_storage"` - WebdavAllowInsecure bool `yaml:"webdav_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE"` - CS3AllowInsecure bool `yaml:"cs3_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` - RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY"` //TODO: use REVA config - FontMapFile string `yaml:"font_map_file" env:"THUMBNAILS_TXT_FONTMAP_FILE"` - TransferTokenSecret string `yaml:"transfer_token" env:"THUMBNAILS_TRANSFER_TOKEN"` - DataEndpoint string `yaml:"data_endpoint" env:"THUMBNAILS_DATA_ENDPOINT"` + Resolutions []string `yaml:"resolutions,omitempty"` + FileSystemStorage FileSystemStorage `yaml:"filesystem_storage,omitempty"` + WebdavAllowInsecure bool `yaml:"webdav_allow_insecure,omitempty" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE"` + CS3AllowInsecure bool `yaml:"cs3_allow_insecure,omitempty" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` + RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY"` //TODO: use REVA config + FontMapFile string `yaml:"font_map_file,omitempty" env:"THUMBNAILS_TXT_FONTMAP_FILE"` + TransferTokenSecret string `yaml:"transfer_token,omitempty" env:"THUMBNAILS_TRANSFER_TOKEN"` + DataEndpoint string `yaml:"data_endpoint,omitempty" env:"THUMBNAILS_DATA_ENDPOINT"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index c2c61b41bb9..cfbe6b15cc0 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -19,7 +19,11 @@ import ( accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config" graph "github.com/owncloud/ocis/extensions/graph/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" + notifications "github.com/owncloud/ocis/extensions/notifications/pkg/config" + ocs "github.com/owncloud/ocis/extensions/ocs/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" + settings "github.com/owncloud/ocis/extensions/settings/pkg/config" + thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) const configFilename string = "ocis.yml" @@ -105,17 +109,17 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { IDM: &idm.Config{}, //IDP: &idp.Config{}, //Nats: &nats.Config{}, - //Notifications: ¬ifications.Config{}, - //OCS: &ocs.Config{}, - //Settings: &settings.Config{}, + Notifications: ¬ifications.Config{}, + Proxy: &proxy.Config{}, + OCS: &ocs.Config{}, + Settings: &settings.Config{}, //Storage: &storage.Config{}, - //Thumbnails: &thumbnails.Config{}, + Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, } if insecure { - cfg.Proxy = &proxy.Config{} cfg.Proxy.InsecureBackends = insecure } @@ -139,8 +143,15 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) } + machineAuthSecret, err := generateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) + } + thumbnailTransferTokenSecret, err := generateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) + } - // TODO: generate outputs for all occurences above cfg.TokenManager.JWTSecret = tokenManagerJwtSecret cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret @@ -148,6 +159,13 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword + cfg.Notifications.Notifications.MachineAuthSecret = machineAuthSecret + cfg.OCS.MachineAuthAPIKey = machineAuthSecret + cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Proxy.MachineAuthAPIKey = machineAuthSecret + cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret + cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Thumbnails.Thumbnail.TransferTokenSecret = thumbnailTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { return fmt.Errorf("Could not marshall config into yaml: %s", err) From acf75afebc8b4cf507ce0f1f67d0c0493e0e8296 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 22 Apr 2022 14:32:41 +0200 Subject: [PATCH 06/59] Move Tokenmanager to shared.Commons Signed-off-by: Christian Richter --- extensions/accounts/pkg/config/config.go | 7 +- .../pkg/config/defaults/defaultconfig.go | 14 +- extensions/graph/pkg/config/config.go | 4 +- .../pkg/config/defaults/defaultconfig.go | 12 +- extensions/graph/pkg/config/reva.go | 5 - extensions/ocs/pkg/config/config.go | 4 +- .../ocs/pkg/config/defaults/defaultconfig.go | 11 +- extensions/ocs/pkg/config/reva.go | 5 - extensions/ocs/pkg/server/http/svc_test.go | 3 +- extensions/proxy/pkg/command/server.go | 4 +- extensions/proxy/pkg/config/config.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 10 +- extensions/settings/pkg/config/config.go | 4 +- .../pkg/config/defaults/defaultconfig.go | 12 +- extensions/storage/pkg/config/config.go | 522 +++++++++--------- ocis-pkg/config/config.go | 14 +- ocis-pkg/config/defaultconfig.go | 3 +- ocis-pkg/config/helpers.go | 2 +- ocis-pkg/config/parser/parse.go | 39 +- ocis-pkg/shared/shared_types.go | 12 +- ocis/pkg/command/init.go | 77 +-- ocis/pkg/command/server.go | 4 +- 22 files changed, 408 insertions(+), 362 deletions(-) diff --git a/extensions/accounts/pkg/config/config.go b/extensions/accounts/pkg/config/config.go index 59068470c50..7d05d2edcc4 100644 --- a/extensions/accounts/pkg/config/config.go +++ b/extensions/accounts/pkg/config/config.go @@ -19,7 +19,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` GRPC GRPC `yaml:"grpc,omitempty"` - TokenManager TokenManager `yaml:"token_manager"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` Asset Asset `yaml:"asset,omitempty"` Repo Repo `yaml:"repo,omitempty"` @@ -36,11 +36,6 @@ type Asset struct { Path string `yaml:"path" env:"ACCOUNTS_ASSET_PATH" desc:"The path to the ui assets."` } -// TokenManager is the config for using the reva token manager -type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;ACCOUNTS_JWT_SECRET" desc:"The secret to mint jwt tokens."` -} - // Repo defines which storage implementation is to be used. type Repo struct { Backend string `yaml:"backend" env:"ACCOUNTS_STORAGE_BACKEND" desc:"Defines which storage implementation is to be used"` diff --git a/extensions/accounts/pkg/config/defaults/defaultconfig.go b/extensions/accounts/pkg/config/defaults/defaultconfig.go index d44ca4aafb3..376695633bc 100644 --- a/extensions/accounts/pkg/config/defaults/defaultconfig.go +++ b/extensions/accounts/pkg/config/defaults/defaultconfig.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/accounts/pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -44,10 +45,7 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "accounts", }, - Asset: config.Asset{}, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, + Asset: config.Asset{}, HashDifficulty: 11, DemoUsersAndGroups: false, Repo: config.Repo{ @@ -101,6 +99,14 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 0ff49f31ad6..8f279868404 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -18,8 +18,8 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva,omitempty"` - TokenManager TokenManager `yaml:"token_manager"` + Reva Reva `yaml:"reva,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` Spaces Spaces `yaml:"spaces,omitempty"` Identity Identity `yaml:"identity,omitempty"` diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index 49cd9916b57..d3b7e005411 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -4,6 +4,7 @@ import ( "strings" "github.com/owncloud/ocis/extensions/graph/pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func DefaultConfig() *config.Config { @@ -23,9 +24,6 @@ func DefaultConfig() *config.Config { Reva: config.Reva{ Address: "127.0.0.1:9142", }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, Spaces: config.Spaces{ WebDavBase: "https://localhost:9200", WebDavPath: "/dav/spaces/", @@ -89,6 +87,14 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/graph/pkg/config/reva.go b/extensions/graph/pkg/config/reva.go index dbfc359a8b8..2d3966303d0 100644 --- a/extensions/graph/pkg/config/reva.go +++ b/extensions/graph/pkg/config/reva.go @@ -4,8 +4,3 @@ package config type Reva struct { Address string `yaml:"address" env:"REVA_GATEWAY"` } - -// TokenManager is the config for using the reva token manager -type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GRAPH_JWT_SECRET"` -} diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index dbdaa215077..3905b91f5e5 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -18,8 +18,8 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Reva Reva `yaml:"reva,omitempty"` IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 90edea71eb4..bcbd7dce10a 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -4,6 +4,7 @@ import ( "strings" "github.com/owncloud/ocis/extensions/ocs/pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -38,9 +39,6 @@ func DefaultConfig() *config.Config { Name: "ocs", }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, AccountBackend: "accounts", Reva: config.Reva{ Address: "127.0.0.1:9142", @@ -77,6 +75,13 @@ func EnsureDefaults(cfg *config.Config) { cfg.Tracing = &config.Tracing{} } + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/ocs/pkg/config/reva.go b/extensions/ocs/pkg/config/reva.go index b8d27791703..2d3966303d0 100644 --- a/extensions/ocs/pkg/config/reva.go +++ b/extensions/ocs/pkg/config/reva.go @@ -4,8 +4,3 @@ package config type Reva struct { Address string `yaml:"address" env:"REVA_GATEWAY"` } - -// TokenManager is the config for using the reva token manager -type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` -} diff --git a/extensions/ocs/pkg/server/http/svc_test.go b/extensions/ocs/pkg/server/http/svc_test.go index 3c30212a837..f4bc9b52f6a 100644 --- a/extensions/ocs/pkg/server/http/svc_test.go +++ b/extensions/ocs/pkg/server/http/svc_test.go @@ -28,6 +28,7 @@ import ( ssvc "github.com/owncloud/ocis/extensions/settings/pkg/service/v0" ocisLog "github.com/owncloud/ocis/ocis-pkg/log" "github.com/owncloud/ocis/ocis-pkg/service/grpc" + "github.com/owncloud/ocis/ocis-pkg/shared" accountsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/accounts/v0" settingsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/settings/v0" accountssvc "github.com/owncloud/ocis/protogen/gen/ocis/services/accounts/v0" @@ -723,7 +724,7 @@ func getService() svc.Service { Root: "/", Addr: "localhost:9110", }, - TokenManager: config.TokenManager{ + TokenManager: &shared.TokenManager{ JWTSecret: jwtSecret, }, Log: &config.Log{ diff --git a/extensions/proxy/pkg/command/server.go b/extensions/proxy/pkg/command/server.go index 83322463998..7afc358729b 100644 --- a/extensions/proxy/pkg/command/server.go +++ b/extensions/proxy/pkg/command/server.go @@ -212,7 +212,7 @@ func loadMiddlewares(ctx context.Context, logger log.Logger, cfg *config.Config) middleware.AccountResolver( middleware.Logger(logger), middleware.UserProvider(userProvider), - middleware.TokenManagerConfig(cfg.TokenManager), + middleware.TokenManagerConfig(*cfg.TokenManager), middleware.UserOIDCClaim(cfg.UserOIDCClaim), middleware.UserCS3Claim(cfg.UserCS3Claim), middleware.AutoprovisionAccounts(cfg.AutoprovisionAccounts), @@ -227,7 +227,7 @@ func loadMiddlewares(ctx context.Context, logger log.Logger, cfg *config.Config) // finally, trigger home creation when a user logs in middleware.CreateHome( middleware.Logger(logger), - middleware.TokenManagerConfig(cfg.TokenManager), + middleware.TokenManagerConfig(*cfg.TokenManager), middleware.RevaGatewayClient(revaClient), ), middleware.PublicShareAuth( diff --git a/extensions/proxy/pkg/config/config.go b/extensions/proxy/pkg/config/config.go index 8cf6f18e85f..69b2d99a922 100644 --- a/extensions/proxy/pkg/config/config.go +++ b/extensions/proxy/pkg/config/config.go @@ -22,7 +22,7 @@ type Config struct { Policies []Policy `yaml:"policies,omitempty"` OIDC OIDC `yaml:"oidc,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` PolicySelector *PolicySelector `yaml:"policy_selector,omitempty"` PreSignedURL PreSignedURL `yaml:"pre_signed_url,omitempty"` AccountBackend string `yaml:"account_backend,omitempty" env:"PROXY_ACCOUNT_BACKEND_TYPE"` diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 487f9f09ab3..893b2ca2f85 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -34,9 +34,6 @@ func DefaultConfig() *config.Config { TTL: 10, }, }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, PolicySelector: nil, Reva: config.Reva{ Address: "127.0.0.1:9142", @@ -181,6 +178,13 @@ func EnsureDefaults(cfg *config.Config) { cfg.Tracing = &config.Tracing{} } + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index d41a18fe13e..7c521cc3817 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -23,8 +23,8 @@ type Config struct { DataPath string `yaml:"data_path,omitempty" env:"SETTINGS_DATA_PATH"` Metadata Metadata `yaml:"metadata_config,omitempty"` - Asset Asset `yaml:"asset,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` + Asset Asset `yaml:"asset,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index 4a3a4cd3189..2437810da60 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/settings/pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -50,9 +51,6 @@ func DefaultConfig() *config.Config { Asset: config.Asset{ Path: "", }, - TokenManager: config.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, Metadata: config.Metadata{ GatewayAddress: "127.0.0.1:9142", @@ -87,6 +85,14 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &shared.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else { + cfg.TokenManager = &shared.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage/pkg/config/config.go b/extensions/storage/pkg/config/config.go index 695759d9f78..841d36797c5 100644 --- a/extensions/storage/pkg/config/config.go +++ b/extensions/storage/pkg/config/config.go @@ -8,123 +8,123 @@ import ( // Log defines the available logging configuration. type Log struct { - Level string `yaml:"level"` - Pretty bool `yaml:"pretty"` - Color bool `yaml:"color"` - File string `yaml:"file"` + Level string `yaml:"level,omitempty"` + Pretty bool `yaml:"pretty,omitempty"` + Color bool `yaml:"color,omitempty"` + File string `yaml:"file,omitempty"` } // Debug defines the available debug configuration. type Debug struct { - Addr string `yaml:"addr"` - Token string `yaml:"token"` - Pprof bool `yaml:"pprof"` - Zpages bool `yaml:"zpages"` + Addr string `yaml:"addr,omitempty"` + Token string `yaml:"token,omitempty"` + Pprof bool `yaml:"pprof,omitempty"` + Zpages bool `yaml:"zpages,omitempty"` } // Gateway defines the available gateway configuration. type Gateway struct { Port - CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant"` - CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref"` - DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login"` - ShareFolder string `yaml:"share_folder"` - LinkGrants string `yaml:"link_grants"` - HomeMapping string `yaml:"home_mapping"` - EtagCacheTTL int `yaml:"etag_cache_ttl"` + CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` + CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` + DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login,omitempty"` + ShareFolder string `yaml:"share_folder,omitempty"` + LinkGrants string `yaml:"link_grants,omitempty"` + HomeMapping string `yaml:"home_mapping,omitempty"` + EtagCacheTTL int `yaml:"etag_cache_ttl,omitempty"` } // StorageRegistry defines the available storage registry configuration type StorageRegistry struct { - Driver string `yaml:"driver"` + Driver string `yaml:"driver,omitempty"` // HomeProvider is the path in the global namespace that the static storage registry uses to determine the home storage - HomeProvider string `yaml:"home_provider"` - Rules []string `yaml:"rules"` - JSON string `yaml:"json"` + HomeProvider string `yaml:"home_provider,omitempty"` + Rules []string `yaml:"rules,omitempty"` + JSON string `yaml:"json,omitempty"` } // AppRegistry defines the available app registry configuration type AppRegistry struct { - Driver string `yaml:"driver"` - MimetypesJSON string `yaml:"mime_types_json"` + Driver string `yaml:"driver,omitempty"` + MimetypesJSON string `yaml:"mime_types_json,omitempty"` } // AppProvider defines the available app provider configuration type AppProvider struct { Port - ExternalAddr string `yaml:"external_addr"` - Driver string `yaml:"driver"` - WopiDriver WopiDriver `yaml:"wopi_driver"` - AppsURL string `yaml:"apps_url"` - OpenURL string `yaml:"open_url"` - NewURL string `yaml:"new_url"` + ExternalAddr string `yaml:"external_addr,omitempty"` + Driver string `yaml:"driver,omitempty"` + WopiDriver WopiDriver `yaml:"wopi_driver,omitempty"` + AppsURL string `yaml:"apps_url,omitempty"` + OpenURL string `yaml:"open_url,omitempty"` + NewURL string `yaml:"new_url,omitempty"` } type WopiDriver struct { - AppAPIKey string `yaml:"app_api_key"` - AppDesktopOnly bool `yaml:"app_desktop_only"` - AppIconURI string `yaml:"app_icon_uri"` - AppInternalURL string `yaml:"app_internal_url"` - AppName string `yaml:"app_name"` - AppURL string `yaml:"app_url"` - Insecure bool `yaml:"insecure"` - IopSecret string `yaml:"ipo_secret"` - JWTSecret string `yaml:"jwt_secret"` - WopiURL string `yaml:"wopi_url"` + AppAPIKey string `yaml:"app_api_key,omitempty"` + AppDesktopOnly bool `yaml:"app_desktop_only,omitempty"` + AppIconURI string `yaml:"app_icon_uri,omitempty"` + AppInternalURL string `yaml:"app_internal_url,omitempty"` + AppName string `yaml:"app_name,omitempty"` + AppURL string `yaml:"app_url,omitempty"` + Insecure bool `yaml:"insecure,omitempty"` + IopSecret string `yaml:"ipo_secret,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + WopiURL string `yaml:"wopi_url,omitempty"` } // Sharing defines the available sharing configuration. type Sharing struct { Port - UserDriver string `yaml:"user_driver"` - UserJSONFile string `yaml:"user_json_file"` - CS3ProviderAddr string `yaml:"provider_addr"` - CS3ServiceUser string `yaml:"service_user_id"` - CS3ServiceUserIdp string `yaml:"service_user_idp"` - UserSQLUsername string `yaml:"user_sql_username"` - UserSQLPassword string `yaml:"user_sql_password"` - UserSQLHost string `yaml:"user_sql_host"` - UserSQLPort int `yaml:"user_sql_port"` - UserSQLName string `yaml:"user_sql_name"` - PublicDriver string `yaml:"public_driver"` - PublicJSONFile string `yaml:"public_json_file"` - PublicPasswordHashCost int `yaml:"public_password_hash_cost"` - PublicEnableExpiredSharesCleanup bool `yaml:"public_enable_expired_shares_cleanup"` - PublicJanitorRunInterval int `yaml:"public_janitor_run_interval"` - UserStorageMountID string `yaml:"user_storage_mount_id"` - Events Events `yaml:"events"` + UserDriver string `yaml:"user_driver,omitempty"` + UserJSONFile string `yaml:"user_json_file,omitempty"` + CS3ProviderAddr string `yaml:"provider_addr,omitempty"` + CS3ServiceUser string `yaml:"service_user_id,omitempty"` + CS3ServiceUserIdp string `yaml:"service_user_idp,omitempty"` + UserSQLUsername string `yaml:"user_sql_username,omitempty"` + UserSQLPassword string `yaml:"user_sql_password,omitempty"` + UserSQLHost string `yaml:"user_sql_host,omitempty"` + UserSQLPort int `yaml:"user_sql_port,omitempty"` + UserSQLName string `yaml:"user_sql_name,omitempty"` + PublicDriver string `yaml:"public_driver,omitempty"` + PublicJSONFile string `yaml:"public_json_file,omitempty"` + PublicPasswordHashCost int `yaml:"public_password_hash_cost,omitempty"` + PublicEnableExpiredSharesCleanup bool `yaml:"public_enable_expired_shares_cleanup,omitempty"` + PublicJanitorRunInterval int `yaml:"public_janitor_run_interval,omitempty"` + UserStorageMountID string `yaml:"user_storage_mount_id,omitempty"` + Events Events `yaml:"events,omitempty"` } type Events struct { - Address string `yaml:"address"` - ClusterID string `yaml:"cluster_id"` + Address string `yaml:"address,omitempty"` + ClusterID string `yaml:"cluster_id,omitempty"` } // Port defines the available port configuration. type Port struct { // MaxCPUs can be a number or a percentage - MaxCPUs string `yaml:"max_cpus"` - LogLevel string `yaml:"log_level"` + MaxCPUs string `yaml:"max_cpus,omitempty"` + LogLevel string `yaml:"log_level,omitempty"` // GRPCNetwork can be tcp, udp or unix - GRPCNetwork string `yaml:"grpc_network"` + GRPCNetwork string `yaml:"grpc_network,omitempty"` // GRPCAddr to listen on, hostname:port (0.0.0.0:9999 for all interfaces) or socket (/var/run/reva/sock) - GRPCAddr string `yaml:"grpc_addr"` + GRPCAddr string `yaml:"grpc_addr,omitempty"` // Protocol can be grpc or http // HTTPNetwork can be tcp, udp or unix - HTTPNetwork string `yaml:"http_network"` + HTTPNetwork string `yaml:"http_network,omitempty"` // HTTPAddr to listen on, hostname:port (0.0.0.0:9100 for all interfaces) or socket (/var/run/reva/sock) - HTTPAddr string `yaml:"http_addr"` + HTTPAddr string `yaml:"http_addr,omitempty"` // Protocol can be grpc or http - Protocol string `yaml:"protocol"` + Protocol string `yaml:"protocol,omitempty"` // Endpoint is used by the gateway and registries (eg localhost:9100 or cloud.example.com) - Endpoint string `yaml:"endpoint"` + Endpoint string `yaml:"endpoint,omitempty"` // DebugAddr for the debug endpoint to bind to - DebugAddr string `yaml:"debug_addr"` + DebugAddr string `yaml:"debug_addr,omitempty"` // Services can be used to give a list of services that should be started on this port - Services []string `yaml:"services"` + Services []string `yaml:"services,omitempty"` // Config can be used to configure the reva instance. // Services and Protocol will be ignored if this is used - Config map[string]interface{} `yaml:"config"` + Config map[string]interface{} `yaml:"config,omitempty"` // Context allows for context cancellation and propagation Context context.Context @@ -136,118 +136,118 @@ type Port struct { // Users defines the available users configuration. type Users struct { Port - Driver string `yaml:"driver"` - JSON string `yaml:"json"` - UserGroupsCacheExpiration int `yaml:"user_groups_cache_expiration"` + Driver string `yaml:"driver,omitempty"` + JSON string `yaml:"json,omitempty"` + UserGroupsCacheExpiration int `yaml:"user_groups_cache_expiration,omitempty"` } // AuthMachineConfig defines the available configuration for the machine auth driver. type AuthMachineConfig struct { - MachineAuthAPIKey string `yaml:"machine_auth_api_key"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty"` } // Groups defines the available groups configuration. type Groups struct { Port - Driver string `yaml:"driver"` - JSON string `yaml:"json"` - GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration"` + Driver string `yaml:"driver,omitempty"` + JSON string `yaml:"json,omitempty"` + GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` } // FrontendPort defines the available frontend configuration. type FrontendPort struct { Port - AppProviderInsecure bool `yaml:"app_provider_insecure"` - AppProviderPrefix string `yaml:"app_provider_prefix"` - ArchiverInsecure bool `yaml:"archiver_insecure"` - ArchiverPrefix string `yaml:"archiver_prefix"` - DatagatewayPrefix string `yaml:"data_gateway_prefix"` - Favorites bool `yaml:"favorites"` - ProjectSpaces bool `yaml:"project_spaces"` - OCSPrefix string `yaml:"ocs_prefix"` - OCSSharePrefix string `yaml:"ocs_share_prefix"` - OCSHomeNamespace string `yaml:"ocs_home_namespace"` - PublicURL string `yaml:"public_url"` - OCSCacheWarmupDriver string `yaml:"ocs_cache_warmup_driver"` - OCSAdditionalInfoAttribute string `yaml:"ocs_additional_info_attribute"` - OCSResourceInfoCacheTTL int `yaml:"ocs_resource_info_cache_ttl"` - Middleware Middleware `yaml:"middleware"` + AppProviderInsecure bool `yaml:"app_provider_insecure,omitempty"` + AppProviderPrefix string `yaml:"app_provider_prefix,omitempty"` + ArchiverInsecure bool `yaml:"archiver_insecure,omitempty"` + ArchiverPrefix string `yaml:"archiver_prefix,omitempty"` + DatagatewayPrefix string `yaml:"data_gateway_prefix,omitempty"` + Favorites bool `yaml:"favorites,omitempty"` + ProjectSpaces bool `yaml:"project_spaces,omitempty"` + OCSPrefix string `yaml:"ocs_prefix,omitempty"` + OCSSharePrefix string `yaml:"ocs_share_prefix,omitempty"` + OCSHomeNamespace string `yaml:"ocs_home_namespace,omitempty"` + PublicURL string `yaml:"public_url,omitempty"` + OCSCacheWarmupDriver string `yaml:"ocs_cache_warmup_driver,omitempty"` + OCSAdditionalInfoAttribute string `yaml:"ocs_additional_info_attribute,omitempty"` + OCSResourceInfoCacheTTL int `yaml:"ocs_resource_info_cache_ttl,omitempty"` + Middleware Middleware `yaml:"middleware,omitempty"` } // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth"` + Auth Auth `yaml:"auth,omitempty"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr,omitempty"` } // DataGatewayPort has a public url type DataGatewayPort struct { Port - PublicURL string `yaml:""` + PublicURL string `yaml:",omitempty"` } type DataProvider struct { - Insecure bool `yaml:"insecure"` + Insecure bool `yaml:"insecure,omitempty"` } // StoragePort defines the available storage configuration. type StoragePort struct { Port - Driver string `yaml:"driver"` - MountID string `yaml:"mount_id"` - AlternativeID string `yaml:"alternative_id"` - ExposeDataServer bool `yaml:"expose_data_server"` + Driver string `yaml:"driver,omitempty"` + MountID string `yaml:"mount_id,omitempty"` + AlternativeID string `yaml:"alternative_id,omitempty"` + ExposeDataServer bool `yaml:"expose_data_server,omitempty"` // url the data gateway will use to route requests - DataServerURL string `yaml:"data_server_url"` + DataServerURL string `yaml:"data_server_url,omitempty"` // for HTTP ports with only one http service - HTTPPrefix string `yaml:"http_prefix"` - TempFolder string `yaml:"temp_folder"` - ReadOnly bool `yaml:"read_only"` - DataProvider DataProvider `yaml:"data_provider"` - GatewayEndpoint string `yaml:"gateway_endpoint"` + HTTPPrefix string `yaml:"http_prefix,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + ReadOnly bool `yaml:"read_only,omitempty"` + DataProvider DataProvider `yaml:"data_provider,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` } // PublicStorage configures a public storage provider type PublicStorage struct { StoragePort - PublicShareProviderAddr string `yaml:"public_share_provider_addr"` - UserProviderAddr string `yaml:"user_provider_addr"` + PublicShareProviderAddr string `yaml:"public_share_provider_addr,omitempty"` + UserProviderAddr string `yaml:"user_provider_addr,omitempty"` } // StorageConfig combines all available storage driver configuration parts. type StorageConfig struct { - EOS DriverEOS `yaml:"eos"` - Local DriverCommon `yaml:"local"` - OwnCloudSQL DriverOwnCloudSQL `yaml:"owncloud_sql"` - S3 DriverS3 `yaml:"s3"` - S3NG DriverS3NG `yaml:"s3ng"` - OCIS DriverOCIS `yaml:"ocis"` + EOS DriverEOS `yaml:"eos,omitempty"` + Local DriverCommon `yaml:"local,omitempty"` + OwnCloudSQL DriverOwnCloudSQL `yaml:"owncloud_sql,omitempty"` + S3 DriverS3 `yaml:"s3,omitempty"` + S3NG DriverS3NG `yaml:"s3ng,omitempty"` + OCIS DriverOCIS `yaml:"ocis,omitempty"` } // DriverCommon defines common driver configuration options. type DriverCommon struct { // Root is the absolute path to the location of the data - Root string `yaml:"root"` + Root string `yaml:"root,omitempty"` //ShareFolder defines the name of the folder jailing all shares - ShareFolder string `yaml:"share_folder"` + ShareFolder string `yaml:"share_folder,omitempty"` // UserLayout contains the template used to construct // the internal path, eg: `{{substr 0 1 .Username}}/{{.Username}}` - UserLayout string `yaml:"user_layout"` + UserLayout string `yaml:"user_layout,omitempty"` // EnableHome enables the creation of home directories. - EnableHome bool `yaml:"enable_home"` + EnableHome bool `yaml:"enable_home,omitempty"` // PersonalSpaceAliasTemplate contains the template used to construct - // the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}}"` - PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template"` + // the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}},omitempty"` + PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template,omitempty"` // GeneralSpaceAliasTemplate contains the template used to construct // the general space alias, eg: `{{.SpaceType}}/{{.SpaceName | replace " " "-" | lower}}` - GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template"` + GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template,omitempty"` } // DriverEOS defines the available EOS driver configuration. @@ -255,60 +255,60 @@ type DriverEOS struct { DriverCommon // ShadowNamespace for storing shadow data - ShadowNamespace string `yaml:"shadow_namespace"` + ShadowNamespace string `yaml:"shadow_namespace,omitempty"` // UploadsNamespace for storing upload data - UploadsNamespace string `yaml:"uploads_namespace"` + UploadsNamespace string `yaml:"uploads_namespace,omitempty"` // Location of the eos binary. // Default is /usr/bin/eos. - EosBinary string `yaml:"eos_binary"` + EosBinary string `yaml:"eos_binary,omitempty"` // Location of the xrdcopy binary. // Default is /usr/bin/xrdcopy. - XrdcopyBinary string `yaml:"xrd_copy_binary"` + XrdcopyBinary string `yaml:"xrd_copy_binary,omitempty"` // URL of the Master EOS MGM. // Default is root://eos-example.org - MasterURL string `yaml:"master_url"` + MasterURL string `yaml:"master_url,omitempty"` // URI of the EOS MGM grpc server // Default is empty - GrpcURI string `yaml:"grpc_uri"` + GrpcURI string `yaml:"grpc_uri,omitempty"` // URL of the Slave EOS MGM. // Default is root://eos-example.org - SlaveURL string `yaml:"slave_url"` + SlaveURL string `yaml:"slave_url,omitempty"` // Location on the local fs where to store reads. // Defaults to os.TempDir() - CacheDirectory string `yaml:"cache_directory"` + CacheDirectory string `yaml:"cache_directory,omitempty"` // Enables logging of the commands executed // Defaults to false - EnableLogging bool `yaml:"enable_logging"` + EnableLogging bool `yaml:"enable_logging,omitempty"` // ShowHiddenSysFiles shows internal EOS files like // .sys.v# and .sys.a# files. - ShowHiddenSysFiles bool `yaml:"shadow_hidden_files"` + ShowHiddenSysFiles bool `yaml:"shadow_hidden_files,omitempty"` // ForceSingleUserMode will force connections to EOS to use SingleUsername - ForceSingleUserMode bool `yaml:"force_single_user_mode"` + ForceSingleUserMode bool `yaml:"force_single_user_mode,omitempty"` // UseKeyTabAuth changes will authenticate requests by using an EOS keytab. - UseKeytab bool `yaml:"user_keytab"` + UseKeytab bool `yaml:"user_keytab,omitempty"` // SecProtocol specifies the xrootd security protocol to use between the server and EOS. - SecProtocol string `yaml:"sec_protocol"` + SecProtocol string `yaml:"sec_protocol,omitempty"` // Keytab specifies the location of the keytab to use to authenticate to EOS. - Keytab string `yaml:"keytab"` + Keytab string `yaml:"keytab,omitempty"` // SingleUsername is the username to use when SingleUserMode is enabled - SingleUsername string `yaml:"single_username"` + SingleUsername string `yaml:"single_username,omitempty"` // gateway service to use for uid lookups - GatewaySVC string `yaml:"gateway_svc"` + GatewaySVC string `yaml:"gateway_svc,omitempty"` } // DriverOCIS defines the available oCIS storage driver configuration. @@ -320,204 +320,204 @@ type DriverOCIS struct { type DriverOwnCloudSQL struct { DriverCommon - UploadInfoDir string `yaml:"upload_info_dir"` - DBUsername string `yaml:"db_username"` - DBPassword string `yaml:"db_password"` - DBHost string `yaml:"db_host"` - DBPort int `yaml:"db_port"` - DBName string `yaml:"db_name"` + UploadInfoDir string `yaml:"upload_info_dir,omitempty"` + DBUsername string `yaml:"db_username,omitempty"` + DBPassword string `yaml:"db_password,omitempty"` + DBHost string `yaml:"db_host,omitempty"` + DBPort int `yaml:"db_port,omitempty"` + DBName string `yaml:"db_name,omitempty"` } // DriverS3 defines the available S3 storage driver configuration. type DriverS3 struct { DriverCommon - Region string `yaml:"region"` - AccessKey string `yaml:"access_key"` - SecretKey string `yaml:"secret_key"` - Endpoint string `yaml:"endpoint"` - Bucket string `yaml:"bucket"` + Region string `yaml:"region,omitempty"` + AccessKey string `yaml:"access_key,omitempty"` + SecretKey string `yaml:"secret_key,omitempty"` + Endpoint string `yaml:"endpoint,omitempty"` + Bucket string `yaml:"bucket,omitempty"` } // DriverS3NG defines the available s3ng storage driver configuration. type DriverS3NG struct { DriverCommon - Region string `yaml:"region"` - AccessKey string `yaml:"access_key"` - SecretKey string `yaml:"secret_key"` - Endpoint string `yaml:"endpoint"` - Bucket string `yaml:"bucket"` + Region string `yaml:"region,omitempty"` + AccessKey string `yaml:"access_key,omitempty"` + SecretKey string `yaml:"secret_key,omitempty"` + Endpoint string `yaml:"endpoint,omitempty"` + Bucket string `yaml:"bucket,omitempty"` } // OIDC defines the available OpenID Connect configuration. type OIDC struct { - Issuer string `yaml:"issuer"` - Insecure bool `yaml:"insecure"` - IDClaim string `yaml:"id_claim"` - UIDClaim string `yaml:"uid_claim"` - GIDClaim string `yaml:"gid_claim"` + Issuer string `yaml:"issuer,omitempty"` + Insecure bool `yaml:"insecure,omitempty"` + IDClaim string `yaml:"id_claim,omitempty"` + UIDClaim string `yaml:"uid_claim,omitempty"` + GIDClaim string `yaml:"gid_claim,omitempty"` } // LDAP defines the available ldap configuration. type LDAP struct { - URI string `yaml:"uri"` - CACert string `yaml:"ca_cert"` - Insecure bool `yaml:"insecure"` - UserBaseDN string `yaml:"user_base_dn"` - GroupBaseDN string `yaml:"group_base_dn"` - UserScope string `yaml:"user_scope"` - GroupScope string `yaml:"group_scope"` - UserObjectClass string `yaml:"user_objectclass"` - GroupObjectClass string `yaml:"group_objectclass"` - UserFilter string `yaml:"user_filter"` - GroupFilter string `yaml:"group_filter"` - LoginAttributes []string `yaml:"login_attributes"` - BindDN string `yaml:"bind_dn"` - BindPassword string `yaml:"bind_password"` - IDP string `yaml:"idp"` - UserSchema LDAPUserSchema `yaml:"user_schema"` - GroupSchema LDAPGroupSchema `yaml:"group_schema"` + URI string `yaml:"uri,omitempty"` + CACert string `yaml:"ca_cert,omitempty"` + Insecure bool `yaml:"insecure,omitempty"` + UserBaseDN string `yaml:"user_base_dn,omitempty"` + GroupBaseDN string `yaml:"group_base_dn,omitempty"` + UserScope string `yaml:"user_scope,omitempty"` + GroupScope string `yaml:"group_scope,omitempty"` + UserObjectClass string `yaml:"user_objectclass,omitempty"` + GroupObjectClass string `yaml:"group_objectclass,omitempty"` + UserFilter string `yaml:"user_filter,omitempty"` + GroupFilter string `yaml:"group_filter,omitempty"` + LoginAttributes []string `yaml:"login_attributes,omitempty"` + BindDN string `yaml:"bind_dn,omitempty"` + BindPassword string `yaml:"bind_password,omitempty"` + IDP string `yaml:"idp,omitempty"` + UserSchema LDAPUserSchema `yaml:"user_schema,omitempty"` + GroupSchema LDAPGroupSchema `yaml:"group_schema,omitempty"` } // UserGroupRest defines the REST driver specification for user and group resolution. type UserGroupRest struct { - ClientID string `yaml:"client_id"` - ClientSecret string `yaml:"client_secret"` - RedisAddress string `yaml:"redis_address"` - RedisUsername string `yaml:"redis_username"` - RedisPassword string `yaml:"redis_password"` - IDProvider string `yaml:"idp_provider"` - APIBaseURL string `yaml:"api_base_url"` - OIDCTokenEndpoint string `yaml:"oidc_token_endpoint"` - TargetAPI string `yaml:"target_api"` + ClientID string `yaml:"client_id,omitempty"` + ClientSecret string `yaml:"client_secret,omitempty"` + RedisAddress string `yaml:"redis_address,omitempty"` + RedisUsername string `yaml:"redis_username,omitempty"` + RedisPassword string `yaml:"redis_password,omitempty"` + IDProvider string `yaml:"idp_provider,omitempty"` + APIBaseURL string `yaml:"api_base_url,omitempty"` + OIDCTokenEndpoint string `yaml:"oidc_token_endpoint,omitempty"` + TargetAPI string `yaml:"target_api,omitempty"` } // UserOwnCloudSQL defines the available ownCloudSQL user provider configuration. type UserOwnCloudSQL struct { - DBUsername string `yaml:"db_username"` - DBPassword string `yaml:"db_password"` - DBHost string `yaml:"db_host"` - DBPort int `yaml:"db_port"` - DBName string `yaml:"db_name"` - Idp string `yaml:"idp"` - Nobody int64 `yaml:"nobody"` - JoinUsername bool `yaml:"join_username"` - JoinOwnCloudUUID bool `yaml:"join_owncloud_uuid"` - EnableMedialSearch bool `yaml:"enable_medial_search"` + DBUsername string `yaml:"db_username,omitempty"` + DBPassword string `yaml:"db_password,omitempty"` + DBHost string `yaml:"db_host,omitempty"` + DBPort int `yaml:"db_port,omitempty"` + DBName string `yaml:"db_name,omitempty"` + Idp string `yaml:"idp,omitempty"` + Nobody int64 `yaml:"nobody,omitempty"` + JoinUsername bool `yaml:"join_username,omitempty"` + JoinOwnCloudUUID bool `yaml:"join_owncloud_uuid,omitempty"` + EnableMedialSearch bool `yaml:"enable_medial_search,omitempty"` } // LDAPUserSchema defines the available ldap user schema configuration. type LDAPUserSchema struct { - ID string `yaml:"id"` - IDIsOctetString bool `yaml:"id_is_octet_string"` - Mail string `yaml:"mail"` - DisplayName string `yaml:"display_name"` - Username string `yaml:"user_name"` - UIDNumber string `yaml:"uid_number"` - GIDNumber string `yaml:"gid_number"` + ID string `yaml:"id,omitempty"` + IDIsOctetString bool `yaml:"id_is_octet_string,omitempty"` + Mail string `yaml:"mail,omitempty"` + DisplayName string `yaml:"display_name,omitempty"` + Username string `yaml:"user_name,omitempty"` + UIDNumber string `yaml:"uid_number,omitempty"` + GIDNumber string `yaml:"gid_number,omitempty"` } // LDAPGroupSchema defines the available ldap group schema configuration. type LDAPGroupSchema struct { - ID string `yaml:"id"` - IDIsOctetString bool `yaml:"id_is_octet_string"` - Mail string `yaml:"mail"` - DisplayName string `yaml:"display_name"` - Groupname string `yaml:"group_name"` - Member string `yaml:"member"` - GIDNumber string `yaml:"gid_number"` + ID string `yaml:"id,omitempty"` + IDIsOctetString bool `yaml:"id_is_octet_string,omitempty"` + Mail string `yaml:"mail,omitempty"` + DisplayName string `yaml:"display_name,omitempty"` + Groupname string `yaml:"group_name,omitempty"` + Member string `yaml:"member,omitempty"` + GIDNumber string `yaml:"gid_number,omitempty"` } // OCDav defines the available ocdav configuration. type OCDav struct { // Addr to listen to with the http server for the ocdav service - Addr string `yaml:"addr"` - Prefix string `yaml:"prefix"` - WebdavNamespace string `yaml:"webdav_namespace"` - FilesNamespace string `yaml:"files_namespace"` - SharesNamespace string `yaml:"shares_namespace"` + Addr string `yaml:"addr,omitempty"` + Prefix string `yaml:"prefix,omitempty"` + WebdavNamespace string `yaml:"webdav_namespace,omitempty"` + FilesNamespace string `yaml:"files_namespace,omitempty"` + SharesNamespace string `yaml:"shares_namespace,omitempty"` // PublicURL used to redirect /s/{token} URLs to - PublicURL string `yaml:"public_url"` + PublicURL string `yaml:"public_url,omitempty"` // Addr to listen to with the debug http server - DebugAddr string `yaml:"debug_addr"` + DebugAddr string `yaml:"debug_addr,omitempty"` // GatewaySVC to forward CS3 requests to TODO use registry - GatewaySVC string `yaml:"gateway_svc"` + GatewaySVC string `yaml:"gateway_svc,omitempty"` // JWTSecret used to verify reva access token - JWTSecret string `yaml:"jwt_secret"` + JWTSecret string `yaml:"jwt_secret,omitempty"` // Insecure certificates allowed when making requests to the gateway - Insecure bool `yaml:"insecure"` + Insecure bool `yaml:"insecure,omitempty"` // Timeout in seconds when making requests to the gateway - Timeout int64 `yaml:"timeout"` + Timeout int64 `yaml:"timeout,omitempty"` } // Archiver defines the available archiver configuration. type Archiver struct { - MaxNumFiles int64 `yaml:"max_num_files"` - MaxSize int64 `yaml:"max_size"` - ArchiverURL string `yaml:"archiver_url"` + MaxNumFiles int64 `yaml:"max_num_files,omitempty"` + MaxSize int64 `yaml:"max_size,omitempty"` + ArchiverURL string `yaml:"archiver_url,omitempty"` } // Reva defines the available reva configuration. type Reva struct { // JWTSecret used to sign jwt tokens between services - JWTSecret string `yaml:"jwt_secret"` - SkipUserGroupsInToken bool `yaml:"skip_user_grooups_in_token"` - TransferSecret string `yaml:"transfer_secret"` - TransferExpires int `yaml:"transfer_expires"` - OIDC OIDC `yaml:"oidc"` - LDAP LDAP `yaml:"ldap"` - UserGroupRest UserGroupRest `yaml:"user_group_rest"` - UserOwnCloudSQL UserOwnCloudSQL `yaml:"user_owncloud_sql"` - Archiver Archiver `yaml:"archiver"` - UserStorage StorageConfig `yaml:"user_storage"` - MetadataStorage StorageConfig `yaml:"metadata_storage"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_grooups_in_token,omitempty"` + TransferSecret string `yaml:"transfer_secret,omitempty"` + TransferExpires int `yaml:"transfer_expires,omitempty"` + OIDC OIDC `yaml:"oidc,omitempty"` + LDAP LDAP `yaml:"ldap,omitempty"` + UserGroupRest UserGroupRest `yaml:"user_group_rest,omitempty"` + UserOwnCloudSQL UserOwnCloudSQL `yaml:"user_owncloud_sql,omitempty"` + Archiver Archiver `yaml:"archiver,omitempty"` + UserStorage StorageConfig `yaml:"user_storage,omitempty"` + MetadataStorage StorageConfig `yaml:"metadata_storage,omitempty"` // Ports are used to configure which services to start on which port - Frontend FrontendPort `yaml:"frontend"` - DataGateway DataGatewayPort `yaml:"data_gateway"` - Gateway Gateway `yaml:"gateway"` - StorageRegistry StorageRegistry `yaml:"storage_registry"` - AppRegistry AppRegistry `yaml:"app_registry"` - Users Users `yaml:"users"` - Groups Groups `yaml:"groups"` - AuthProvider Users `yaml:"auth_provider"` - AuthBasic Port `yaml:"auth_basic"` - AuthBearer Port `yaml:"auth_bearer"` - AuthMachine Port `yaml:"auth_machine"` - AuthMachineConfig AuthMachineConfig `yaml:"auth_machine_config"` - Sharing Sharing `yaml:"sharing"` - StorageShares StoragePort `yaml:"storage_shares"` - StorageUsers StoragePort `yaml:"storage_users"` - StoragePublicLink PublicStorage `yaml:"storage_public_link"` - StorageMetadata StoragePort `yaml:"storage_metadata"` - AppProvider AppProvider `yaml:"app_provider"` - Permissions Port `yaml:"permissions"` + Frontend FrontendPort `yaml:"frontend,omitempty"` + DataGateway DataGatewayPort `yaml:"data_gateway,omitempty"` + Gateway Gateway `yaml:"gateway,omitempty"` + StorageRegistry StorageRegistry `yaml:"storage_registry,omitempty"` + AppRegistry AppRegistry `yaml:"app_registry,omitempty"` + Users Users `yaml:"users,omitempty"` + Groups Groups `yaml:"groups,omitempty"` + AuthProvider Users `yaml:"auth_provider,omitempty"` + AuthBasic Port `yaml:"auth_basic,omitempty"` + AuthBearer Port `yaml:"auth_bearer,omitempty"` + AuthMachine Port `yaml:"auth_machine,omitempty"` + AuthMachineConfig AuthMachineConfig `yaml:"auth_machine_config,omitempty"` + Sharing Sharing `yaml:"sharing,omitempty"` + StorageShares StoragePort `yaml:"storage_shares,omitempty"` + StorageUsers StoragePort `yaml:"storage_users,omitempty"` + StoragePublicLink PublicStorage `yaml:"storage_public_link,omitempty"` + StorageMetadata StoragePort `yaml:"storage_metadata,omitempty"` + AppProvider AppProvider `yaml:"app_provider,omitempty"` + Permissions Port `yaml:"permissions,omitempty"` // Configs can be used to configure the reva instance. // Services and Ports will be ignored if this is used - Configs map[string]interface{} `yaml:"configs"` + Configs map[string]interface{} `yaml:"configs,omitempty"` // chunking and resumable upload config (TUS) - UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` - UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` + UploadMaxChunkSize int `yaml:"upload_max_chunk_size,omitempty"` + UploadHTTPMethodOverride string `yaml:"upload_http_method_override,omitempty"` // checksumming capabilities - ChecksumSupportedTypes []string `yaml:"checksum_supported_types"` - ChecksumPreferredUploadType string `yaml:"checksum_preferred_upload_type"` - DefaultUploadProtocol string `yaml:"default_upload_protocol"` + ChecksumSupportedTypes []string `yaml:"checksum_supported_types,omitempty"` + ChecksumPreferredUploadType string `yaml:"checksum_preferred_upload_type,omitempty"` + DefaultUploadProtocol string `yaml:"default_upload_protocol,omitempty"` } // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled"` - Type string `yaml:"type"` - Endpoint string `yaml:"endpoint"` - Collector string `yaml:"collector"` - Service string `yaml:"service"` + Enabled bool `yaml:"enabled,omitempty"` + Type string `yaml:"type,omitempty"` + Endpoint string `yaml:"endpoint,omitempty"` + Collector string `yaml:"collector,omitempty"` + Service string `yaml:"service,omitempty"` } // Asset defines the available asset configuration. type Asset struct { - Path string `yaml:"path"` + Path string `yaml:"path,omitempty"` } // Config combines all available configuration parts. diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 1d35aa49326..befc2d25740 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -23,9 +23,9 @@ import ( ) // TokenManager is the config for using the reva token manager -type TokenManager struct { +/*type TokenManager struct { JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET"` -} +}*/ const ( // SUPERVISED sets the runtime mode as supervised threads. @@ -48,16 +48,16 @@ type Runtime struct { type Config struct { *shared.Commons `yaml:"shared,omitempty"` - Tracing shared.Tracing `yaml:"tracing,omitempty"` - Log *shared.Log `yaml:"log,omitempty"` + Tracing *shared.Tracing `yaml:"tracing,omitempty"` + Log *shared.Log `yaml:"log,omitempty"` Mode Mode `yaml:",omitempty"` // DEPRECATED File string `yaml:",omitempty"` OcisURL string `yaml:"ocis_url,omitempty"` - Registry string `yaml:"registry,omitempty"` - TokenManager TokenManager `yaml:"token_manager,omitempty"` - Runtime Runtime `yaml:"runtime,omitempty"` + Registry string `yaml:"registry,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Runtime Runtime `yaml:"runtime,omitempty"` Audit *audit.Config `yaml:"audit,omitempty"` Accounts *accounts.Config `yaml:"accounts,omitempty"` diff --git a/ocis-pkg/config/defaultconfig.go b/ocis-pkg/config/defaultconfig.go index bc94a224ce8..c8110902f2e 100644 --- a/ocis-pkg/config/defaultconfig.go +++ b/ocis-pkg/config/defaultconfig.go @@ -18,11 +18,12 @@ import ( thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config/defaults" web "github.com/owncloud/ocis/extensions/web/pkg/config/defaults" webdav "github.com/owncloud/ocis/extensions/webdav/pkg/config/defaults" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func DefaultConfig() *Config { return &Config{ - TokenManager: TokenManager{ + TokenManager: &shared.TokenManager{ JWTSecret: "Pive-Fumkiu4", }, Runtime: Runtime{ diff --git a/ocis-pkg/config/helpers.go b/ocis-pkg/config/helpers.go index 6eac8984757..c77a0f1a7f6 100644 --- a/ocis-pkg/config/helpers.go +++ b/ocis-pkg/config/helpers.go @@ -33,7 +33,7 @@ func DefaultConfigSources(filename string, drivers []string) []string { locations := []string{} if v := os.Getenv("OCIS_CONFIG_DIR"); v != "" { - locations = append(locations, v) + locations = append(locations, v) // only use the configured config dir locations = append(locations, os.Getenv("OCIS_CONFIG_DIR")) } else { diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index ba75a411c0d..09bb76dfb41 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -15,18 +15,41 @@ func ParseConfig(cfg *config.Config) error { return err } - // provide with defaults for shared logging, since we need a valid destination address for BindEnv. - if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil { - cfg.Log = &shared.Log{ - Level: cfg.Commons.Log.Level, - Pretty: cfg.Commons.Log.Pretty, - Color: cfg.Commons.Log.Color, - File: cfg.Commons.Log.File, + if cfg.Commons == nil { + cfg.Commons = &shared.Commons{} + } + + if cfg.Log != nil { + cfg.Commons.Log = &shared.Log{ + Level: cfg.Log.Level, + Pretty: cfg.Log.Pretty, + Color: cfg.Log.Color, + File: cfg.File, } - } else if cfg.Log == nil { + } else { + cfg.Commons.Log = &shared.Log{} cfg.Log = &shared.Log{} } + if cfg.Tracing != nil { + cfg.Commons.Tracing = &shared.Tracing{ + Enabled: cfg.Tracing.Enabled, + Type: cfg.Tracing.Type, + Endpoint: cfg.Tracing.Endpoint, + Collector: cfg.Tracing.Collector, + } + } else { + cfg.Commons.Tracing = &shared.Tracing{} + cfg.Tracing = &shared.Tracing{} + } + + if cfg.TokenManager != nil { + cfg.Commons.TokenManager = cfg.TokenManager + } else { + cfg.Commons.TokenManager = &shared.TokenManager{} + cfg.TokenManager = cfg.Commons.TokenManager + } + // load all env variables relevant to the config in the current context. if err := envdecode.Decode(cfg); err != nil { // no environment variable set for this config is an expected "error" diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index 2201bac98d7..9439bfcce0c 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -24,10 +24,16 @@ type Tracing struct { Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR"` } +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET" desc:"The secret to mint jwt tokens."` +} + // Commons holds configuration that are common to all extensions. Each extension can then decide whether // to overwrite its values. type Commons struct { - Log *Log `yaml:"log"` - Tracing *Tracing `yaml:"tracing"` - OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` + Log *Log `yaml:"log"` + Tracing *Tracing `yaml:"tracing"` + OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` + TokenManager *TokenManager `yaml:"token_manager"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index cfbe6b15cc0..4f991fbd9a9 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -2,31 +2,30 @@ package command import ( "bufio" - "crypto/rand" "fmt" "io/ioutil" "log" - "math/big" "os" "path" "strings" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/generators" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" - accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config" - graph "github.com/owncloud/ocis/extensions/graph/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" notifications "github.com/owncloud/ocis/extensions/notifications/pkg/config" ocs "github.com/owncloud/ocis/extensions/ocs/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" settings "github.com/owncloud/ocis/extensions/settings/pkg/config" + storage "github.com/owncloud/ocis/extensions/storage/pkg/config" thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) -const configFilename string = "ocis.yml" +const configFilename string = "ocis.yaml" const passwordLength int = 32 // InitCommand is the entrypoint for the init command @@ -54,7 +53,7 @@ func InitCommand(cfg *config.Config) *cli.Command { &cli.StringFlag{ Name: "config-path", //Value: cfg.ConfigPath, // TODO: as soon as PR 3480 is merged, remove quotes - Value: path.Join(homeDir, ".ocis"), // TODO: this is temporary for experimenting, line above is relevant + Value: path.Join(homeDir, ".ocis/config"), // TODO: this is temporary for experimenting, line above is relevant Usage: "config path for the ocis runtime", // Destination: &cfg.ConfigFile, // TODO: same as above }, @@ -101,70 +100,86 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { return err } cfg := config.Config{ - Accounts: &accounts.Config{}, + TokenManager: &shared.TokenManager{}, + //Accounts: &accounts.Config{}, //Audit: &audit.Config{}, //GLAuth: &glauth.Config{}, //GraphExplorer: &graphExplorer.Config{}, - Graph: &graph.Config{}, - IDM: &idm.Config{}, + //Graph: &graph.Config{}, + IDM: &idm.Config{}, //IDP: &idp.Config{}, //Nats: &nats.Config{}, Notifications: ¬ifications.Config{}, - Proxy: &proxy.Config{}, - OCS: &ocs.Config{}, - Settings: &settings.Config{}, - //Storage: &storage.Config{}, + //Proxy: &proxy.Config{}, + OCS: &ocs.Config{}, + Settings: &settings.Config{}, + Storage: &storage.Config{}, Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, } if insecure { + cfg.Proxy = &proxy.Config{} cfg.Proxy.InsecureBackends = insecure } - idmServicePassword, err := generateRandomPassword(passwordLength) + idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for idm: %s", err) } - idpServicePassword, err := generateRandomPassword(passwordLength) + idpServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for idp: %s", err) } - ocisAdminServicePassword, err := generateRandomPassword(passwordLength) + ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for ocis admin: %s", err) } - revaServicePassword, err := generateRandomPassword(passwordLength) + revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for reva: %s", err) } - tokenManagerJwtSecret, err := generateRandomPassword(passwordLength) + tokenManagerJwtSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) } - machineAuthSecret, err := generateRandomPassword(passwordLength) + machineAuthSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } - thumbnailTransferTokenSecret, err := generateRandomPassword(passwordLength) + thumbnailTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } + // TODO: IDP config is missing (LDAP + GROUP provider) + // TODO: REVA config is missing (LDAP + GROUP provider) + // TODO: graph needs IDM password configured + // TODO: add missing insecure occurences + // TODO: search for missing transfer secrets + // TODO: move TokenManager for all extensions to shared + // TODO: move machineauthsecret for all extensions to shared + // TODO: move transfersecret for all extensions to shared + cfg.TokenManager.JWTSecret = tokenManagerJwtSecret - cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret - cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret + //fmt.Printf("%v\n", cfg.Graph.TokenManager) cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword cfg.Notifications.Notifications.MachineAuthSecret = machineAuthSecret cfg.OCS.MachineAuthAPIKey = machineAuthSecret - cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret + //fmt.Printf("%v\n", cfg.Proxy.TokenManager) cfg.Proxy.MachineAuthAPIKey = machineAuthSecret cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret - cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret + //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret + cfg.Storage.Reva.JWTSecret = tokenManagerJwtSecret + cfg.Storage.OCDav.JWTSecret = tokenManagerJwtSecret cfg.Thumbnails.Thumbnail.TransferTokenSecret = thumbnailTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { @@ -198,17 +213,3 @@ func stringPrompt(label string) string { } return strings.TrimSpace(input) } - -func generateRandomPassword(length int) (string, error) { - const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-=+!@#$%^&*." - ret := make([]byte, length) - for i := 0; i < length; i++ { - num, err := rand.Int(rand.Reader, big.NewInt(int64(len(chars)))) - if err != nil { - return "", err - } - ret[i] = chars[num.Int64()] - } - - return string(ret), nil -} diff --git a/ocis/pkg/command/server.go b/ocis/pkg/command/server.go index 00b9c89da31..7bc6d653065 100644 --- a/ocis/pkg/command/server.go +++ b/ocis/pkg/command/server.go @@ -21,7 +21,9 @@ func Server(cfg *config.Config) *cli.Command { Action: func(c *cli.Context) error { cfg.Commons = &shared.Commons{ - Log: cfg.Log, + Log: cfg.Log, + Tracing: cfg.Tracing, + TokenManager: cfg.TokenManager, } r := runtime.New(cfg) From a4d7696232b3f050076a801e47b1fe3d3c660b73 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Tue, 26 Apr 2022 10:18:12 +0200 Subject: [PATCH 07/59] Move machine-auth-api-key to shared.Commons Signed-off-by: Christian Richter --- .../notifications/pkg/channels/channels.go | 2 +- extensions/notifications/pkg/command/root.go | 2 +- extensions/notifications/pkg/config/config.go | 3 ++- .../pkg/config/defaults/defaultconfig.go | 15 ++++++++++--- .../ocs/pkg/config/defaults/defaultconfig.go | 8 ++++++- .../pkg/config/defaults/defaultconfig.go | 8 ++++++- .../pkg/config/defaults/defaultconfig.go | 16 +++++++++----- .../pkg/config/defaults/defaultconfig.go | 4 +--- ocis-pkg/config/config.go | 7 +++--- ocis-pkg/config/parser/parse.go | 7 ++++++ ocis-pkg/shared/shared_types.go | 9 ++++---- ocis/pkg/command/init.go | 22 ++++++++----------- ocis/pkg/command/server.go | 7 ------ 13 files changed, 67 insertions(+), 43 deletions(-) diff --git a/extensions/notifications/pkg/channels/channels.go b/extensions/notifications/pkg/channels/channels.go index 2d6d9203ecd..956ee692dfc 100644 --- a/extensions/notifications/pkg/channels/channels.go +++ b/extensions/notifications/pkg/channels/channels.go @@ -86,7 +86,7 @@ func (m Mail) getReceiverAddresses(receivers []string) ([]string, error) { res, err := m.gatewayClient.Authenticate(context.Background(), &gateway.AuthenticateRequest{ Type: "machine", ClientId: "userid:" + id, - ClientSecret: m.conf.Notifications.MachineAuthSecret, + ClientSecret: m.conf.Notifications.MachineAuthAPIKey, }) if err != nil { return nil, err diff --git a/extensions/notifications/pkg/command/root.go b/extensions/notifications/pkg/command/root.go index 7a38a24d4f0..e2534e15a61 100644 --- a/extensions/notifications/pkg/command/root.go +++ b/extensions/notifications/pkg/command/root.go @@ -48,7 +48,7 @@ type SutureService struct { // NewSutureService creates a new notifications.SutureService func NewSutureService(cfg *ociscfg.Config) suture.Service { - cfg.Settings.Commons = cfg.Commons + cfg.Notifications.Commons = cfg.Commons return SutureService{ cfg: cfg.Notifications, } diff --git a/extensions/notifications/pkg/config/config.go b/extensions/notifications/pkg/config/config.go index d20818252e0..103d5acdc19 100644 --- a/extensions/notifications/pkg/config/config.go +++ b/extensions/notifications/pkg/config/config.go @@ -22,10 +22,11 @@ type Config struct { // Notifications definces the config options for the notifications service. type Notifications struct { + *shared.Commons `yaml:"-"` SMTP SMTP `yaml:"SMTP,omitempty"` Events Events `yaml:"events,omitempty"` RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY"` - MachineAuthSecret string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY"` } // SMTP combines the smtp configuration options. diff --git a/extensions/notifications/pkg/config/defaults/defaultconfig.go b/extensions/notifications/pkg/config/defaults/defaultconfig.go index 19c3cc2df8e..835612a9212 100644 --- a/extensions/notifications/pkg/config/defaults/defaultconfig.go +++ b/extensions/notifications/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,10 @@ package defaults -import "github.com/owncloud/ocis/extensions/notifications/pkg/config" +import ( + "log" + + "github.com/owncloud/ocis/extensions/notifications/pkg/config" +) func FullDefaultConfig() *config.Config { cfg := DefaultConfig() @@ -31,8 +35,7 @@ func DefaultConfig() *config.Config { Cluster: "ocis-cluster", ConsumerGroup: "notifications", }, - RevaGateway: "127.0.0.1:9142", - MachineAuthSecret: "change-me-please", + RevaGateway: "127.0.0.1:9142", }, } } @@ -49,6 +52,12 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Log == nil { cfg.Log = &config.Log{} } + + if cfg.Notifications.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.Notifications.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else { + log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index bcbd7dce10a..74c76d39335 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "strings" "github.com/owncloud/ocis/extensions/ocs/pkg/config" @@ -44,7 +45,6 @@ func DefaultConfig() *config.Config { Address: "127.0.0.1:9142", }, StorageUsersDriver: "ocis", - MachineAuthAPIKey: "change-me-please", IdentityManagement: config.IdentityManagement{ Address: "https://localhost:9200", }, @@ -82,6 +82,12 @@ func EnsureDefaults(cfg *config.Config) { } else { cfg.TokenManager = &shared.TokenManager{} } + + if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else { + log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 893b2ca2f85..6144197c6be 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "path" "strings" @@ -45,7 +46,6 @@ func DefaultConfig() *config.Config { AccountBackend: "accounts", UserOIDCClaim: "email", UserCS3Claim: "mail", - MachineAuthAPIKey: "change-me-please", AutoprovisionAccounts: false, EnableBasicAuth: false, InsecureBackends: false, @@ -185,6 +185,12 @@ func EnsureDefaults(cfg *config.Config) { } else { cfg.TokenManager = &config.TokenManager{} } + + if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else { + log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index 2437810da60..bc4faba048f 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "path" "strings" @@ -53,11 +54,10 @@ func DefaultConfig() *config.Config { }, Metadata: config.Metadata{ - GatewayAddress: "127.0.0.1:9142", - StorageAddress: "127.0.0.1:9215", - ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", - ServiceUserIDP: "https://localhost:9200", - MachineAuthAPIKey: "change-me-please", + GatewayAddress: "127.0.0.1:9142", + StorageAddress: "127.0.0.1:9215", + ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", + ServiceUserIDP: "https://localhost:9200", }, } } @@ -93,6 +93,12 @@ func EnsureDefaults(cfg *config.Config) { } else { cfg.TokenManager = &shared.TokenManager{} } + + if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else { + log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index 95cc5c6cd2f..d922393eac0 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -328,9 +328,7 @@ func DefaultConfig() *config.Config { Services: []string{"authprovider"}, Endpoint: "localhost:9166", }, - AuthMachineConfig: config.AuthMachineConfig{ - MachineAuthAPIKey: "change-me-please", - }, + AuthMachineConfig: config.AuthMachineConfig{}, Sharing: config.Sharing{ Port: config.Port{ Endpoint: "localhost:9150", diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index befc2d25740..57a2448e179 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -55,9 +55,10 @@ type Config struct { File string `yaml:",omitempty"` OcisURL string `yaml:"ocis_url,omitempty"` - Registry string `yaml:"registry,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` - Runtime Runtime `yaml:"runtime,omitempty"` + Registry string `yaml:"registry,omitempty"` + TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + MachineAuthAPIKey string + Runtime Runtime `yaml:"runtime,omitempty"` Audit *audit.Config `yaml:"audit,omitempty"` Accounts *accounts.Config `yaml:"accounts,omitempty"` diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index 09bb76dfb41..e77f7986b69 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "log" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" @@ -50,6 +51,12 @@ func ParseConfig(cfg *config.Config) error { cfg.TokenManager = cfg.Commons.TokenManager } + if cfg.MachineAuthAPIKey != "" { + cfg.Commons.MachineAuthAPIKey = cfg.MachineAuthAPIKey + } else { + log.Fatalf("machine auth api key is not set up properly, bailing out (ocis)") + } + // load all env variables relevant to the config in the current context. if err := envdecode.Decode(cfg); err != nil { // no environment variable set for this config is an expected "error" diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index 9439bfcce0c..437e6d0d342 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -32,8 +32,9 @@ type TokenManager struct { // Commons holds configuration that are common to all extensions. Each extension can then decide whether // to overwrite its values. type Commons struct { - Log *Log `yaml:"log"` - Tracing *Tracing `yaml:"tracing"` - OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` - TokenManager *TokenManager `yaml:"token_manager"` + Log *Log `yaml:"log"` + Tracing *Tracing `yaml:"tracing"` + OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` + TokenManager *TokenManager `yaml:"token_manager"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 4f991fbd9a9..efd1d67de6a 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -17,10 +17,7 @@ import ( "gopkg.in/yaml.v3" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" - notifications "github.com/owncloud/ocis/extensions/notifications/pkg/config" - ocs "github.com/owncloud/ocis/extensions/ocs/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" - settings "github.com/owncloud/ocis/extensions/settings/pkg/config" storage "github.com/owncloud/ocis/extensions/storage/pkg/config" thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) @@ -109,10 +106,10 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { IDM: &idm.Config{}, //IDP: &idp.Config{}, //Nats: &nats.Config{}, - Notifications: ¬ifications.Config{}, + //Notifications: ¬ifications.Config{}, //Proxy: &proxy.Config{}, - OCS: &ocs.Config{}, - Settings: &settings.Config{}, + //OCS: &ocs.Config{}, + //Settings: &settings.Config{}, Storage: &storage.Config{}, Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, @@ -144,7 +141,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) } - machineAuthSecret, err := generators.GenerateRandomPassword(passwordLength) + machineAuthApiKey, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } @@ -158,10 +155,9 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { // TODO: graph needs IDM password configured // TODO: add missing insecure occurences // TODO: search for missing transfer secrets - // TODO: move TokenManager for all extensions to shared - // TODO: move machineauthsecret for all extensions to shared // TODO: move transfersecret for all extensions to shared + cfg.MachineAuthAPIKey = machineAuthApiKey cfg.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret @@ -171,12 +167,12 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword - cfg.Notifications.Notifications.MachineAuthSecret = machineAuthSecret - cfg.OCS.MachineAuthAPIKey = machineAuthSecret + //cfg.Notifications.Notifications.MachineAuthAPIKey = machineAuthSecret + //cfg.OCS.MachineAuthAPIKey = machineAuthSecret //cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret //fmt.Printf("%v\n", cfg.Proxy.TokenManager) - cfg.Proxy.MachineAuthAPIKey = machineAuthSecret - cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret + //cfg.Proxy.MachineAuthAPIKey = machineAuthSecret + //cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret cfg.Storage.Reva.JWTSecret = tokenManagerJwtSecret cfg.Storage.OCDav.JWTSecret = tokenManagerJwtSecret diff --git a/ocis/pkg/command/server.go b/ocis/pkg/command/server.go index 7bc6d653065..f623a2497f4 100644 --- a/ocis/pkg/command/server.go +++ b/ocis/pkg/command/server.go @@ -3,7 +3,6 @@ package command import ( "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" - "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/owncloud/ocis/ocis/pkg/runtime" "github.com/urfave/cli/v2" @@ -20,12 +19,6 @@ func Server(cfg *config.Config) *cli.Command { }, Action: func(c *cli.Context) error { - cfg.Commons = &shared.Commons{ - Log: cfg.Log, - Tracing: cfg.Tracing, - TokenManager: cfg.TokenManager, - } - r := runtime.New(cfg) return r.Start() }, From 58a24e620eb86b97299841a18c7bef7eddae0328 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Tue, 26 Apr 2022 14:09:29 +0200 Subject: [PATCH 08/59] Move reva transfer secret to shared.Commons Signed-off-by: Christian Richter --- .../storage/pkg/config/defaults/defaultconfig.go | 8 ++++++-- extensions/thumbnails/pkg/config/config.go | 2 +- .../thumbnails/pkg/config/defaults/defaultconfig.go | 8 +++++++- extensions/thumbnails/pkg/service/grpc/v0/service.go | 2 +- extensions/thumbnails/pkg/service/http/v0/service.go | 2 +- ocis-pkg/config/config.go | 5 +++-- ocis-pkg/config/parser/parse.go | 6 ++++++ ocis-pkg/shared/shared_types.go | 1 + ocis/pkg/command/init.go | 12 +++++------- 9 files changed, 31 insertions(+), 15 deletions(-) diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index d922393eac0..10de4b2652f 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "os" "path" @@ -36,7 +37,6 @@ func DefaultConfig() *config.Config { Reva: config.Reva{ JWTSecret: "Pive-Fumkiu4", SkipUserGroupsInToken: false, - TransferSecret: "replace-me-with-a-transfer-secret", TransferExpires: 24 * 60 * 60, OIDC: config.OIDC{ Issuer: defaultPublicURL, @@ -460,7 +460,11 @@ func DefaultConfig() *config.Config { } func EnsureDefaults(cfg *config.Config) { - // TODO: IMPLEMENT ME! + if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { + cfg.TransferSecret = cfg.Commons.TransferSecret + } else { + log.Fatal("reva transfer secret is not set up properly, bailing out (storage)") + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/thumbnails/pkg/config/config.go b/extensions/thumbnails/pkg/config/config.go index 52f72bc4e1d..9f18231956b 100644 --- a/extensions/thumbnails/pkg/config/config.go +++ b/extensions/thumbnails/pkg/config/config.go @@ -42,6 +42,6 @@ type Thumbnail struct { CS3AllowInsecure bool `yaml:"cs3_allow_insecure,omitempty" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY"` //TODO: use REVA config FontMapFile string `yaml:"font_map_file,omitempty" env:"THUMBNAILS_TXT_FONTMAP_FILE"` - TransferTokenSecret string `yaml:"transfer_token,omitempty" env:"THUMBNAILS_TRANSFER_TOKEN"` + TransferSecret string `yaml:"transfer_secret,omitempty" env:"THUMBNAILS_TRANSFER_TOKEN"` DataEndpoint string `yaml:"data_endpoint,omitempty" env:"THUMBNAILS_DATA_ENDPOINT"` } diff --git a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go index c74b85065b1..75a71ae43cf 100644 --- a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go +++ b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "path" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" @@ -44,7 +45,6 @@ func DefaultConfig() *config.Config { WebdavAllowInsecure: false, RevaGateway: "127.0.0.1:9142", CS3AllowInsecure: false, - TransferTokenSecret: "changemeplease", DataEndpoint: "http://127.0.0.1:9186/thumbnails/data", }, } @@ -73,6 +73,12 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Thumbnail.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { + cfg.Thumbnail.TransferSecret = cfg.Commons.TransferSecret + } else { + log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/thumbnails/pkg/service/grpc/v0/service.go b/extensions/thumbnails/pkg/service/grpc/v0/service.go index b5f34f32fd2..89eb703d7d8 100644 --- a/extensions/thumbnails/pkg/service/grpc/v0/service.go +++ b/extensions/thumbnails/pkg/service/grpc/v0/service.go @@ -49,7 +49,7 @@ func NewService(opts ...Option) decorators.DecoratedService { TxtFontFileMap: options.Config.Thumbnail.FontMapFile, }, dataEndpoint: options.Config.Thumbnail.DataEndpoint, - transferTokenSecret: options.Config.Thumbnail.TransferTokenSecret, + transferTokenSecret: options.Config.Thumbnail.TransferSecret, } return svc diff --git a/extensions/thumbnails/pkg/service/http/v0/service.go b/extensions/thumbnails/pkg/service/http/v0/service.go index 864dca0ae81..944020cb5ad 100644 --- a/extensions/thumbnails/pkg/service/http/v0/service.go +++ b/extensions/thumbnails/pkg/service/http/v0/service.go @@ -102,7 +102,7 @@ func (s Thumbnails) TransferTokenValidator(next http.Handler) http.Handler { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) } - return []byte(s.config.Thumbnail.TransferTokenSecret), nil + return []byte(s.config.Thumbnail.TransferSecret), nil }) if err != nil { s.logger.Error(). diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 57a2448e179..91951fa89d2 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -57,8 +57,9 @@ type Config struct { Registry string `yaml:"registry,omitempty"` TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` - MachineAuthAPIKey string - Runtime Runtime `yaml:"runtime,omitempty"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` + TransferSecret string `yaml:"transfer_secret,omitempty"` + Runtime Runtime `yaml:"runtime,omitempty"` Audit *audit.Config `yaml:"audit,omitempty"` Accounts *accounts.Config `yaml:"accounts,omitempty"` diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index e77f7986b69..a28c457df17 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -57,6 +57,12 @@ func ParseConfig(cfg *config.Config) error { log.Fatalf("machine auth api key is not set up properly, bailing out (ocis)") } + if cfg.TransferSecret != "" { + cfg.Commons.TransferSecret = cfg.TransferSecret + } else { + log.Fatalf("reva transfer secret not properly set, bailing out (ocis)") + } + // load all env variables relevant to the config in the current context. if err := envdecode.Decode(cfg); err != nil { // no environment variable set for this config is an expected "error" diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index 437e6d0d342..fa3f98094b9 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -37,4 +37,5 @@ type Commons struct { OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` TokenManager *TokenManager `yaml:"token_manager"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` + TransferSecret string `yaml:"transfer_secret,omitempty" env:"REVA_TRANSFER_SECRET"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index efd1d67de6a..d92c038bd35 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -19,7 +19,6 @@ import ( idm "github.com/owncloud/ocis/extensions/idm/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" storage "github.com/owncloud/ocis/extensions/storage/pkg/config" - thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) const configFilename string = "ocis.yaml" @@ -110,8 +109,8 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //Proxy: &proxy.Config{}, //OCS: &ocs.Config{}, //Settings: &settings.Config{}, - Storage: &storage.Config{}, - Thumbnails: &thumbnails.Config{}, + Storage: &storage.Config{}, + //Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, } @@ -145,7 +144,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } - thumbnailTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) + revaTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) } @@ -154,10 +153,9 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { // TODO: REVA config is missing (LDAP + GROUP provider) // TODO: graph needs IDM password configured // TODO: add missing insecure occurences - // TODO: search for missing transfer secrets - // TODO: move transfersecret for all extensions to shared cfg.MachineAuthAPIKey = machineAuthApiKey + cfg.TransferSecret = revaTransferTokenSecret cfg.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret @@ -176,7 +174,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret cfg.Storage.Reva.JWTSecret = tokenManagerJwtSecret cfg.Storage.OCDav.JWTSecret = tokenManagerJwtSecret - cfg.Thumbnails.Thumbnail.TransferTokenSecret = thumbnailTransferTokenSecret + //cfg.Thumbnails.Thumbnail.TransferSecret = revaTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { return fmt.Errorf("Could not marshall config into yaml: %s", err) From d106c87c518190edcae3c13d48158d2b2b99c6a7 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 27 Apr 2022 10:37:40 +0200 Subject: [PATCH 09/59] [WIP] adapt storage changes Signed-off-by: Christian Richter --- extensions/appprovider/pkg/config/config.go | 22 +++---- extensions/auth-basic/pkg/config/config.go | 20 +++---- extensions/auth-bearer/pkg/config/config.go | 24 ++++---- extensions/auth-machine/pkg/config/config.go | 24 ++++---- extensions/gateway/pkg/config/config.go | 60 +++++++++---------- extensions/group/pkg/config/config.go | 22 +++---- extensions/ocdav/pkg/config/config.go | 32 +++++----- extensions/sharing/pkg/config/config.go | 30 +++++----- .../storage-metadata/pkg/config/config.go | 34 +++++------ .../storage-publiclink/pkg/config/config.go | 26 ++++---- .../storage-shares/pkg/config/config.go | 28 ++++----- extensions/storage-users/pkg/config/config.go | 42 ++++++------- extensions/user/pkg/config/config.go | 22 +++---- ocis/pkg/command/init.go | 49 +++++++++++++-- 14 files changed, 238 insertions(+), 197 deletions(-) diff --git a/extensions/appprovider/pkg/config/config.go b/extensions/appprovider/pkg/config/config.go index 72645eee81c..42efec470ee 100644 --- a/extensions/appprovider/pkg/config/config.go +++ b/extensions/appprovider/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - ExternalAddr string - Driver string - Drivers Drivers + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + ExternalAddr string `yaml:"external_addr,omitempty"` + Driver string `yaml:"driver,omitempty"` + Drivers Drivers `yaml:"drivers,omitempty"` } type Tracing struct { diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 8557e3e7f1d..04eb2649afe 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -5,18 +5,18 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - AuthProvider string `yaml:"auth_provider" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/auth-bearer/pkg/config/config.go b/extensions/auth-bearer/pkg/config/config.go index 0bc26ab120a..b7c8fad6e79 100644 --- a/extensions/auth-bearer/pkg/config/config.go +++ b/extensions/auth-bearer/pkg/config/config.go @@ -5,18 +5,18 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool - - GRPC GRPCConfig `yaml:"grpc"` - - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - AuthProvider string `yaml:"auth_provider" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` + + GRPC GRPCConfig `yaml:"grpc,omitempty"` + + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/auth-machine/pkg/config/config.go b/extensions/auth-machine/pkg/config/config.go index 50a2db2c157..0e530daf1d6 100644 --- a/extensions/auth-machine/pkg/config/config.go +++ b/extensions/auth-machine/pkg/config/config.go @@ -5,18 +5,18 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool - - GRPC GRPCConfig `yaml:"grpc"` - - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - AuthProvider string `yaml:"auth_provider" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` + + GRPC GRPCConfig `yaml:"grpc,omitempty"` + + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_entpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index 740fa151f6a..bf16e5f3db1 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -5,41 +5,41 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:",omitempty"` + SkipUserGroupsInToken bool `yaml:",omitempty"` - CommitShareToStorageGrant bool - CommitShareToStorageRef bool - ShareFolder string - DisableHomeCreationOnLogin bool - TransferSecret string `env:"STORAGE_TRANSFER_SECRET"` - TransferExpires int - HomeMapping string - EtagCacheTTL int + CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` + CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` + ShareFolder string `yaml:"share_folder,omitempty"` + DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login,omitempty"` + TransferSecret string `yaml:"transfer_secret,omitempty" env:"STORAGE_TRANSFER_SECRET"` + TransferExpires int `yaml:"transfer_expires,omitempty"` + HomeMapping string `yaml:"home_mapping,omitempty"` + EtagCacheTTL int `yaml:"etag_cache_ttl,omitempty"` - UsersEndpoint string - GroupsEndpoint string - PermissionsEndpoint string - SharingEndpoint string - DataGatewayPublicURL string - FrontendPublicURL string `env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"` - AuthBasicEndpoint string - AuthBearerEndpoint string - AuthMachineEndpoint string - StoragePublicLinkEndpoint string - StorageUsersEndpoint string - StorageSharesEndpoint string + UsersEndpoint string `yaml:"users_endpoint,omitempty"` + GroupsEndpoint string `yaml:"groups_endpoint,omitempty"` + PermissionsEndpoint string `yaml:"permissions_endpoint,omitempty"` + SharingEndpoint string `yaml:"sharing_endpoint,omitempty"` + DataGatewayPublicURL string `yaml:"data_gateway_public_url,omitempty"` + FrontendPublicURL string `yaml:"frontend_public_url,omitempty" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"` + AuthBasicEndpoint string `yaml:"auth_basic_endpoint,omitempty"` + AuthBearerEndpoint string `yaml:"auth_bearer_endpoint,omitempty"` + AuthMachineEndpoint string `yaml:"auth_machine_endpoint,omitempty"` + StoragePublicLinkEndpoint string `yaml:"storage_public_link_endpoint,omitempty"` + StorageUsersEndpoint string `yaml:"storage_users_endpoint,omitempty"` + StorageSharesEndpoint string `yaml:"storage_shares_endpoint,omitempty"` - StorageRegistry StorageRegistry - AppRegistry AppRegistry + StorageRegistry StorageRegistry `yaml:"storage_registry,omitempty"` + AppRegistry AppRegistry `yaml:"app_registry,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GATEWAY_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index 9940bd7f263..1b8e0d63234 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - GroupMembersCacheExpiration int - Driver string - Drivers Drivers + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` + Driver string `yaml:"driver,omitempty"` + Drivers Drivers `yaml:"drivers,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/ocdav/pkg/config/config.go b/extensions/ocdav/pkg/config/config.go index e81e6b6288d..efc048c8617 100644 --- a/extensions/ocdav/pkg/config/config.go +++ b/extensions/ocdav/pkg/config/config.go @@ -5,29 +5,29 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - HTTP HTTPConfig `yaml:"http"` + HTTP HTTPConfig `yaml:"http,omitempty"` // JWTSecret used to verify reva access token JWTSecret string `yaml:"jwt_secret"` - GatewayEndpoint string - SkipUserGroupsInToken bool + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - WebdavNamespace string `yaml:"webdav_namespace"` - FilesNamespace string `yaml:"files_namespace"` - SharesNamespace string `yaml:"shares_namespace"` + WebdavNamespace string `yaml:"webdav_namespace,omitempty"` + FilesNamespace string `yaml:"files_namespace,omitempty"` + SharesNamespace string `yaml:"shares_namespace,omitempty"` // PublicURL used to redirect /s/{token} URLs to - PublicURL string `yaml:"public_url" env:"OCIS_URL;OCDAV_PUBLIC_URL"` + PublicURL string `yaml:"public_url,omitempty" env:"OCIS_URL;OCDAV_PUBLIC_URL"` // Insecure certificates allowed when making requests to the gateway - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;OCDAV_INSECURE"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;OCDAV_INSECURE"` // Timeout in seconds when making requests to the gateway - Timeout int64 `yaml:"timeout"` - Middleware Middleware + Timeout int64 `yaml:"timeout,omitempty"` + Middleware Middleware `yaml:"middleware,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED" desc:"Activates tracing."` @@ -62,10 +62,10 @@ type HTTPConfig struct { // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth"` + Auth Auth `yaml:"auth,omitempty"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr,omitempty"` } diff --git a/extensions/sharing/pkg/config/config.go b/extensions/sharing/pkg/config/config.go index 5302b788b7d..13e07c705c7 100644 --- a/extensions/sharing/pkg/config/config.go +++ b/extensions/sharing/pkg/config/config.go @@ -5,21 +5,21 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool - - GRPC GRPCConfig `yaml:"grpc"` - - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - UserSharingDriver string - UserSharingDrivers UserSharingDrivers - PublicSharingDriver string - PublicSharingDrivers PublicSharingDrivers - Events Events + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` + + GRPC GRPCConfig `yaml:"grpc,omitempty"` + + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + UserSharingDriver string `yaml:"user_sharing_driver,omitempty"` + UserSharingDrivers UserSharingDrivers `yaml:"user_sharin_drivers,omitempty"` + PublicSharingDriver string `yaml:"public_sharing_driver,omitempty"` + PublicSharingDrivers PublicSharingDrivers `yaml:"public_sharing_drivers,omitempty"` + Events Events `yaml:"events,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;SHARING_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index 526a4eabc04..b9ea13eafd6 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -9,23 +9,23 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool - - GRPC GRPCConfig `yaml:"grpc"` - HTTP HTTPConfig `yaml:"http"` - - Context context.Context - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - Driver string `yaml:"driver" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` - Drivers Drivers `yaml:"drivers"` - DataServerURL string - TempFolder string - DataProviderInsecure bool `env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` + + GRPC GRPCConfig `yaml:"grpc,omitempty"` + HTTP HTTPConfig `yaml:"http,omitempty"` + + Context context.Context `yaml:"context,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + Driver string `yaml:"driver,omitempty" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` + Drivers Drivers `yaml:"drivers,omitempty"` + DataServerURL string `yaml:"data_server_url,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + DataProviderInsecure bool `yaml:"data_providcer_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-publiclink/pkg/config/config.go b/extensions/storage-publiclink/pkg/config/config.go index 3766e35ead7..aa19b583f56 100644 --- a/extensions/storage-publiclink/pkg/config/config.go +++ b/extensions/storage-publiclink/pkg/config/config.go @@ -9,19 +9,19 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool - - GRPC GRPCConfig `yaml:"grpc"` - - Context context.Context - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - AuthProvider AuthProvider - StorageProvider StorageProvider + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` + + GRPC GRPCConfig `yaml:"grpc,omitempty"` + + Context context.Context `yaml:"context,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + AuthProvider AuthProvider `yaml:"auth_provider,omitempty"` + StorageProvider StorageProvider `yaml:"storage_provider,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-shares/pkg/config/config.go b/extensions/storage-shares/pkg/config/config.go index 8c134560138..18c094c9f7e 100644 --- a/extensions/storage-shares/pkg/config/config.go +++ b/extensions/storage-shares/pkg/config/config.go @@ -9,20 +9,20 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool - - GRPC GRPCConfig `yaml:"grpc"` - HTTP HTTPConfig `yaml:"http"` - - Context context.Context - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - ReadOnly bool - SharesProviderEndpoint string + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` + + GRPC GRPCConfig `yaml:"grpc,omitempty"` + HTTP HTTPConfig `yaml:"http,omitempty"` + + Context context.Context `yaml:"context,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + ReadOnly bool `yaml:"readonly,omitempty"` + SharesProviderEndpoint string `yaml:"shares_provider_endpoint,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-users/pkg/config/config.go b/extensions/storage-users/pkg/config/config.go index 1cbe6163440..bc8cc30e4c9 100644 --- a/extensions/storage-users/pkg/config/config.go +++ b/extensions/storage-users/pkg/config/config.go @@ -9,27 +9,27 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool - - GRPC GRPCConfig `yaml:"grpc"` - HTTP HTTPConfig `yaml:"http"` - - Context context.Context - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - Driver string `yaml:"driver" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` - Drivers Drivers `yaml:"drivers"` - DataServerURL string - TempFolder string - DataProviderInsecure bool `env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` - Events Events - MountID string - ExposeDataServer bool - ReadOnly bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` + + GRPC GRPCConfig `yaml:"grpc,omitempty"` + HTTP HTTPConfig `yaml:"http,omitempty"` + + Context context.Context `yaml:"context,omitempty"` + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + Driver string `yaml:"driver,omitempty" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` + Drivers Drivers `yaml:"drivers,omitempty"` + DataServerURL string `yaml:"data_server_url,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + DataProviderInsecure bool `yaml:"data_provider_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` + Events Events `yaml:"events,omitempty"` + MountID string `yaml:"mount_id,omitempty"` + ExposeDataServer bool `yaml:"expose_data_server,omitempty"` + ReadOnly bool `yaml:"readonly,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index efdcd54430a..4c000da6c51 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` - GRPC GRPCConfig `yaml:"grpc"` + GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string - GatewayEndpoint string - SkipUserGroupsInToken bool - UsersCacheExpiration int - Driver string - Drivers Drivers + JWTSecret string `yaml:"jwt_secret,omitempty"` + GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + UsersCacheExpiration int `yaml:"users_cache_expiration,omitempty"` + Driver string `yaml:"driver,omitempty"` + Drivers Drivers `yaml:"drivers,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index d92c038bd35..e70129ca975 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -16,9 +16,21 @@ import ( cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" + appprovider "github.com/owncloud/ocis/extensions/appprovider/pkg/config" + authbasic "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" + authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" + authmachine "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" + gateway "github.com/owncloud/ocis/extensions/gateway/pkg/config" + group "github.com/owncloud/ocis/extensions/group/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" + ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" - storage "github.com/owncloud/ocis/extensions/storage/pkg/config" + sharing "github.com/owncloud/ocis/extensions/sharing/pkg/config" + storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" + storagepublic "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config" + storageshares "github.com/owncloud/ocis/extensions/storage-shares/pkg/config" + storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config" + user "github.com/owncloud/ocis/extensions/user/pkg/config" ) const configFilename string = "ocis.yaml" @@ -109,7 +121,20 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //Proxy: &proxy.Config{}, //OCS: &ocs.Config{}, //Settings: &settings.Config{}, - Storage: &storage.Config{}, + // TODO: fix storage + AuthBasic: &authbasic.Config{}, + AuthBearer: &authbearer.Config{}, + AppProvider: &appprovider.Config{}, + AuthMachine: &authmachine.Config{}, + Gateway: &gateway.Config{}, + Group: &group.Config{}, + Sharing: &sharing.Config{}, + StorageMetadata: &storagemetadata.Config{}, + StorageUsers: &storageusers.Config{}, + StorageShares: &storageshares.Config{}, + StoragePublicLink: &storagepublic.Config{}, + User: &user.Config{}, + OCDav: &ocdav.Config{}, //Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, @@ -172,8 +197,24 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //cfg.Proxy.MachineAuthAPIKey = machineAuthSecret //cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret - cfg.Storage.Reva.JWTSecret = tokenManagerJwtSecret - cfg.Storage.OCDav.JWTSecret = tokenManagerJwtSecret + + //TODO: move all jwt secrets to shared.common + cfg.AppProvider.JWTSecret = tokenManagerJwtSecret + cfg.AuthBasic.JWTSecret = tokenManagerJwtSecret + cfg.AuthBearer.JWTSecret = tokenManagerJwtSecret + cfg.AuthMachine.JWTSecret = tokenManagerJwtSecret + cfg.Gateway.JWTSecret = tokenManagerJwtSecret + //TODO: following line is defunc, figure out why + //cfg.Gateway.MachineAuthAPIKey = machineAuthApiKey + cfg.Group.JWTSecret = tokenManagerJwtSecret + cfg.Sharing.JWTSecret = tokenManagerJwtSecret + cfg.StorageMetadata.JWTSecret = tokenManagerJwtSecret + cfg.StoragePublicLink.JWTSecret = tokenManagerJwtSecret + cfg.StorageShares.JWTSecret = tokenManagerJwtSecret + cfg.StorageUsers.JWTSecret = tokenManagerJwtSecret + cfg.User.JWTSecret = tokenManagerJwtSecret + cfg.OCDav.JWTSecret = tokenManagerJwtSecret + //cfg.Thumbnails.Thumbnail.TransferSecret = revaTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { From c5d0791f53feb638599c07b46b26f16da9aaa61d Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 27 Apr 2022 10:58:27 +0200 Subject: [PATCH 10/59] add password generator Signed-off-by: Christian Richter --- ocis-pkg/generators/generators_suite_test.go | 13 +++++++++++++ ocis-pkg/generators/generators_test.go | 13 +++++++++++++ ocis-pkg/generators/password.go | 20 ++++++++++++++++++++ 3 files changed, 46 insertions(+) create mode 100644 ocis-pkg/generators/generators_suite_test.go create mode 100644 ocis-pkg/generators/generators_test.go create mode 100644 ocis-pkg/generators/password.go diff --git a/ocis-pkg/generators/generators_suite_test.go b/ocis-pkg/generators/generators_suite_test.go new file mode 100644 index 00000000000..ef690d5930e --- /dev/null +++ b/ocis-pkg/generators/generators_suite_test.go @@ -0,0 +1,13 @@ +package generators_test + +import ( + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +func TestGenerators(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "Generators Suite") +} diff --git a/ocis-pkg/generators/generators_test.go b/ocis-pkg/generators/generators_test.go new file mode 100644 index 00000000000..4d89d59434c --- /dev/null +++ b/ocis-pkg/generators/generators_test.go @@ -0,0 +1,13 @@ +package generators_test + +import ( + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + . "github.com/owncloud/ocis/ocis-pkg/generators" +) + +var _ = Describe("Generators", func() { + It("Returns an error ", func() {}) + PIt("Returns expected passwords", func() {}) +}) diff --git a/ocis-pkg/generators/password.go b/ocis-pkg/generators/password.go new file mode 100644 index 00000000000..3c2d571fa5d --- /dev/null +++ b/ocis-pkg/generators/password.go @@ -0,0 +1,20 @@ +package generators + +import ( + "crypto/rand" + "math/big" +) + +func GenerateRandomPassword(length int) (string, error) { + const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-=+!@#$%^&*." + ret := make([]byte, length) + for i := 0; i < length; i++ { + num, err := rand.Int(rand.Reader, big.NewInt(int64(len(chars)))) + if err != nil { + return "", err + } + ret[i] = chars[num.Int64()] + } + + return string(ret), nil +} From 48a6978e247bda547bd2323f3a7dc69d7ef557ee Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 11:04:18 +0200 Subject: [PATCH 11/59] move TokenManager back to extension config --- extensions/accounts/pkg/config/config.go | 2 +- extensions/accounts/pkg/config/defaults/defaultconfig.go | 5 ++--- extensions/accounts/pkg/config/reva.go | 6 ++++++ extensions/frontend/pkg/config/config.go | 9 ++++++--- extensions/graph/pkg/config/config.go | 4 ++-- extensions/graph/pkg/config/defaults/defaultconfig.go | 5 ++--- extensions/graph/pkg/config/reva.go | 5 +++++ extensions/ocs/pkg/config/config.go | 4 ++-- extensions/ocs/pkg/config/defaults/defaultconfig.go | 5 ++--- extensions/ocs/pkg/config/reva.go | 5 +++++ extensions/ocs/pkg/server/http/svc_test.go | 3 +-- extensions/settings/pkg/config/config.go | 4 ++-- extensions/settings/pkg/config/defaults/defaultconfig.go | 5 ++--- ocis-pkg/generators/generators_test.go | 6 +++--- 14 files changed, 41 insertions(+), 27 deletions(-) create mode 100644 extensions/accounts/pkg/config/reva.go diff --git a/extensions/accounts/pkg/config/config.go b/extensions/accounts/pkg/config/config.go index 7d05d2edcc4..0d38512da7b 100644 --- a/extensions/accounts/pkg/config/config.go +++ b/extensions/accounts/pkg/config/config.go @@ -19,7 +19,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` GRPC GRPC `yaml:"grpc,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` Asset Asset `yaml:"asset,omitempty"` Repo Repo `yaml:"repo,omitempty"` diff --git a/extensions/accounts/pkg/config/defaults/defaultconfig.go b/extensions/accounts/pkg/config/defaults/defaultconfig.go index 376695633bc..8724bd096b9 100644 --- a/extensions/accounts/pkg/config/defaults/defaultconfig.go +++ b/extensions/accounts/pkg/config/defaults/defaultconfig.go @@ -6,7 +6,6 @@ import ( "github.com/owncloud/ocis/extensions/accounts/pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" - "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -101,11 +100,11 @@ func EnsureDefaults(cfg *config.Config) { } if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { - cfg.TokenManager = &shared.TokenManager{ + cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } } else { - cfg.TokenManager = &shared.TokenManager{} + cfg.TokenManager = &config.TokenManager{} } } diff --git a/extensions/accounts/pkg/config/reva.go b/extensions/accounts/pkg/config/reva.go new file mode 100644 index 00000000000..172786f6f1c --- /dev/null +++ b/extensions/accounts/pkg/config/reva.go @@ -0,0 +1,6 @@ +package config + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;ACCOUNTS_JWT_SECRET"` +} diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index fd9d1c99a88..0adda7543b6 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -13,7 +13,10 @@ type Config struct { HTTP HTTPConfig `yaml:"http"` // JWTSecret used to verify reva access token - JWTSecret string `yaml:"jwt_secret"` + + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` + + JWTSecret string `yaml:"jwt_secret"` GatewayEndpoint string SkipUserGroupsInToken bool @@ -22,8 +25,8 @@ type Config struct { UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` DefaultUploadProtocol string `yaml:"default_upload_protocol"` - TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` - PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` + + PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` Archiver Archiver AppProvider AppProvider diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 8f279868404..b346bc15bd2 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -18,8 +18,8 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Reva Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` Spaces Spaces `yaml:"spaces,omitempty"` Identity Identity `yaml:"identity,omitempty"` diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index d3b7e005411..6c315a47752 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -4,7 +4,6 @@ import ( "strings" "github.com/owncloud/ocis/extensions/graph/pkg/config" - "github.com/owncloud/ocis/ocis-pkg/shared" ) func DefaultConfig() *config.Config { @@ -89,11 +88,11 @@ func EnsureDefaults(cfg *config.Config) { } if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { - cfg.TokenManager = &shared.TokenManager{ + cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } } else { - cfg.TokenManager = &shared.TokenManager{} + cfg.TokenManager = &config.TokenManager{} } } diff --git a/extensions/graph/pkg/config/reva.go b/extensions/graph/pkg/config/reva.go index 2d3966303d0..dbfc359a8b8 100644 --- a/extensions/graph/pkg/config/reva.go +++ b/extensions/graph/pkg/config/reva.go @@ -4,3 +4,8 @@ package config type Reva struct { Address string `yaml:"address" env:"REVA_GATEWAY"` } + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GRAPH_JWT_SECRET"` +} diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index 3905b91f5e5..9e332ca7ded 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -18,8 +18,8 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva Reva `yaml:"reva,omitempty"` IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 74c76d39335..74a1b493d49 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -5,7 +5,6 @@ import ( "strings" "github.com/owncloud/ocis/extensions/ocs/pkg/config" - "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -76,11 +75,11 @@ func EnsureDefaults(cfg *config.Config) { } if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { - cfg.TokenManager = &shared.TokenManager{ + cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } } else { - cfg.TokenManager = &shared.TokenManager{} + cfg.TokenManager = &config.TokenManager{} } if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { diff --git a/extensions/ocs/pkg/config/reva.go b/extensions/ocs/pkg/config/reva.go index 2d3966303d0..b8d27791703 100644 --- a/extensions/ocs/pkg/config/reva.go +++ b/extensions/ocs/pkg/config/reva.go @@ -4,3 +4,8 @@ package config type Reva struct { Address string `yaml:"address" env:"REVA_GATEWAY"` } + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/ocs/pkg/server/http/svc_test.go b/extensions/ocs/pkg/server/http/svc_test.go index f4bc9b52f6a..7bdddbf28bc 100644 --- a/extensions/ocs/pkg/server/http/svc_test.go +++ b/extensions/ocs/pkg/server/http/svc_test.go @@ -28,7 +28,6 @@ import ( ssvc "github.com/owncloud/ocis/extensions/settings/pkg/service/v0" ocisLog "github.com/owncloud/ocis/ocis-pkg/log" "github.com/owncloud/ocis/ocis-pkg/service/grpc" - "github.com/owncloud/ocis/ocis-pkg/shared" accountsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/accounts/v0" settingsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/settings/v0" accountssvc "github.com/owncloud/ocis/protogen/gen/ocis/services/accounts/v0" @@ -724,7 +723,7 @@ func getService() svc.Service { Root: "/", Addr: "localhost:9110", }, - TokenManager: &shared.TokenManager{ + TokenManager: &config.TokenManager{ JWTSecret: jwtSecret, }, Log: &config.Log{ diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index 7c521cc3817..ea74b42ed19 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -23,8 +23,8 @@ type Config struct { DataPath string `yaml:"data_path,omitempty" env:"SETTINGS_DATA_PATH"` Metadata Metadata `yaml:"metadata_config,omitempty"` - Asset Asset `yaml:"asset,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Asset Asset `yaml:"asset,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` Context context.Context `yaml:"-"` } diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index bc4faba048f..f056a6a9d8b 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -7,7 +7,6 @@ import ( "github.com/owncloud/ocis/extensions/settings/pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" - "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -87,11 +86,11 @@ func EnsureDefaults(cfg *config.Config) { } if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { - cfg.TokenManager = &shared.TokenManager{ + cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } } else { - cfg.TokenManager = &shared.TokenManager{} + cfg.TokenManager = &config.TokenManager{} } if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { diff --git a/ocis-pkg/generators/generators_test.go b/ocis-pkg/generators/generators_test.go index 4d89d59434c..8c1984dee01 100644 --- a/ocis-pkg/generators/generators_test.go +++ b/ocis-pkg/generators/generators_test.go @@ -1,10 +1,10 @@ package generators_test import ( - . "github.com/onsi/ginkgo/v2" - . "github.com/onsi/gomega" + _ "github.com/onsi/ginkgo/v2" + _ "github.com/onsi/gomega" - . "github.com/owncloud/ocis/ocis-pkg/generators" + _ "github.com/owncloud/ocis/ocis-pkg/generators" ) var _ = Describe("Generators", func() { From 9095b11d6c01125afe723f5abe0cab43ea962195 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 13:58:59 +0200 Subject: [PATCH 12/59] load reva gateway and token manager from common config --- .vscode/launch.json | 8 +- .../pkg/config/defaults/defaultconfig.go | 2 +- extensions/appprovider/pkg/command/command.go | 10 +- extensions/appprovider/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 23 ++++- .../appprovider/pkg/config/parser/parse.go | 33 +++++++ extensions/appprovider/pkg/config/reva.go | 11 +++ extensions/auth-basic/pkg/command/command.go | 8 +- extensions/auth-basic/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 24 ++++- .../auth-basic/pkg/config/parser/parse.go | 33 +++++++ extensions/auth-basic/pkg/config/reva.go | 11 +++ extensions/auth-bearer/pkg/command/command.go | 8 +- extensions/auth-bearer/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 23 ++++- .../auth-bearer/pkg/config/parser/parse.go | 33 +++++++ extensions/auth-bearer/pkg/config/reva.go | 11 +++ .../auth-machine/pkg/command/command.go | 10 +- extensions/auth-machine/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 23 ++++- .../auth-machine/pkg/config/parser/parse.go | 33 +++++++ extensions/auth-machine/pkg/config/reva.go | 11 +++ extensions/frontend/pkg/command/command.go | 21 ++-- extensions/frontend/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 21 +++- .../frontend/pkg/config/parser/parse.go | 33 +++++++ extensions/frontend/pkg/config/reva.go | 11 +++ extensions/gateway/pkg/command/command.go | 21 ++-- extensions/gateway/pkg/config/config.go | 8 +- .../pkg/config/defaults/defaultconfig.go | 22 ++++- extensions/gateway/pkg/config/parser/parse.go | 33 +++++++ extensions/gateway/pkg/config/reva.go | 11 +++ extensions/graph/pkg/config/config.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 4 +- extensions/graph/pkg/service/v0/service.go | 2 +- extensions/group/pkg/command/command.go | 8 +- extensions/group/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 23 ++++- extensions/group/pkg/config/parser/parse.go | 33 +++++++ extensions/group/pkg/config/reva.go | 11 +++ extensions/ocdav/pkg/command/ocdav.go | 19 ++-- extensions/ocdav/pkg/config/config.go | 8 +- .../pkg/config/defaults/defaultconfig.go | 21 +++- extensions/ocdav/pkg/config/parser/parse.go | 33 +++++++ extensions/ocdav/pkg/config/reva.go | 11 +++ extensions/ocs/pkg/config/config.go | 2 +- .../ocs/pkg/config/defaults/defaultconfig.go | 12 ++- extensions/proxy/pkg/config/config.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 20 +++- .../pkg/config/defaults/defaultconfig.go | 2 +- extensions/sharing/pkg/command/command.go | 12 ++- extensions/sharing/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 21 +++- extensions/sharing/pkg/config/parser/parse.go | 33 +++++++ extensions/sharing/pkg/config/reva.go | 11 +++ .../storage-metadata/pkg/command/command.go | 8 +- .../storage-metadata/pkg/config/config.go | 20 ++-- .../pkg/config/defaults/defaultconfig.go | 27 ++++- .../pkg/config/parser/parse.go | 33 +++++++ .../storage-metadata/pkg/config/reva.go | 11 +++ .../pkg/command/storagepubliclink.go | 8 +- .../storage-publiclink/pkg/config/config.go | 8 +- .../pkg/config/defaults/defaultconfig.go | 21 +++- .../pkg/config/parser/parse.go | 33 +++++++ .../storage-publiclink/pkg/config/reva.go | 11 +++ .../storage-shares/pkg/command/command.go | 8 +- .../storage-shares/pkg/config/config.go | 5 +- .../pkg/config/defaults/defaultconfig.go | 21 +++- .../storage-shares/pkg/config/parser/parse.go | 33 +++++++ extensions/storage-shares/pkg/config/reva.go | 11 +++ .../storage-users/pkg/command/command.go | 8 +- extensions/storage-users/pkg/config/config.go | 28 +++--- .../pkg/config/defaults/defaultconfig.go | 29 ++++-- .../storage-users/pkg/config/parser/parse.go | 33 +++++++ extensions/storage-users/pkg/config/reva.go | 11 +++ .../pkg/config/defaults/defaultconfig.go | 4 +- extensions/storage/pkg/config/parser/parse.go | 33 +++++++ extensions/user/pkg/command/command.go | 8 +- extensions/user/pkg/config/config.go | 5 +- .../user/pkg/config/defaults/defaultconfig.go | 23 ++++- extensions/user/pkg/config/parser/parse.go | 33 +++++++ extensions/user/pkg/config/reva.go | 11 +++ ocis-pkg/config/defaultconfig.go | 42 ++++---- ocis-pkg/generators/generators_test.go | 8 +- ocis-pkg/shared/shared_types.go | 6 ++ ocis/pkg/command/init.go | 98 ++++++++----------- 86 files changed, 1209 insertions(+), 250 deletions(-) create mode 100644 extensions/appprovider/pkg/config/parser/parse.go create mode 100644 extensions/appprovider/pkg/config/reva.go create mode 100644 extensions/auth-basic/pkg/config/parser/parse.go create mode 100644 extensions/auth-basic/pkg/config/reva.go create mode 100644 extensions/auth-bearer/pkg/config/parser/parse.go create mode 100644 extensions/auth-bearer/pkg/config/reva.go create mode 100644 extensions/auth-machine/pkg/config/parser/parse.go create mode 100644 extensions/auth-machine/pkg/config/reva.go create mode 100644 extensions/frontend/pkg/config/parser/parse.go create mode 100644 extensions/frontend/pkg/config/reva.go create mode 100644 extensions/gateway/pkg/config/parser/parse.go create mode 100644 extensions/gateway/pkg/config/reva.go create mode 100644 extensions/group/pkg/config/parser/parse.go create mode 100644 extensions/group/pkg/config/reva.go create mode 100644 extensions/ocdav/pkg/config/parser/parse.go create mode 100644 extensions/ocdav/pkg/config/reva.go create mode 100644 extensions/sharing/pkg/config/parser/parse.go create mode 100644 extensions/sharing/pkg/config/reva.go create mode 100644 extensions/storage-metadata/pkg/config/parser/parse.go create mode 100644 extensions/storage-metadata/pkg/config/reva.go create mode 100644 extensions/storage-publiclink/pkg/config/parser/parse.go create mode 100644 extensions/storage-publiclink/pkg/config/reva.go create mode 100644 extensions/storage-shares/pkg/config/parser/parse.go create mode 100644 extensions/storage-shares/pkg/config/reva.go create mode 100644 extensions/storage-users/pkg/config/parser/parse.go create mode 100644 extensions/storage-users/pkg/config/reva.go create mode 100644 extensions/storage/pkg/config/parser/parse.go create mode 100644 extensions/user/pkg/config/parser/parse.go create mode 100644 extensions/user/pkg/config/reva.go diff --git a/.vscode/launch.json b/.vscode/launch.json index 4332cf2e1ab..52d4b840873 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -12,11 +12,11 @@ ], "env": { // log settings for human developers - "OCIS_LOG_LEVEL": "debug", - "OCIS_LOG_PRETTY": "true", - "OCIS_LOG_COLOR": "true", + //"OCIS_LOG_LEVEL": "debug", + //"OCIS_LOG_PRETTY": "true", + //"OCIS_LOG_COLOR": "true", // enable basic auth for dev setup so that we can use curl for testing - "PROXY_ENABLE_BASIC_AUTH": "true", + //"PROXY_ENABLE_BASIC_AUTH": "true", // set insecure options because we don't have valid certificates in dev environments "OCIS_INSECURE": "true", // demo users diff --git a/extensions/accounts/pkg/config/defaults/defaultconfig.go b/extensions/accounts/pkg/config/defaults/defaultconfig.go index 8724bd096b9..af60edfb6e6 100644 --- a/extensions/accounts/pkg/config/defaults/defaultconfig.go +++ b/extensions/accounts/pkg/config/defaults/defaultconfig.go @@ -103,7 +103,7 @@ func EnsureDefaults(cfg *config.Config) { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } - } else { + } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } } diff --git a/extensions/appprovider/pkg/command/command.go b/extensions/appprovider/pkg/command/command.go index 2c1399446fe..a8425fddf42 100644 --- a/extensions/appprovider/pkg/command/command.go +++ b/extensions/appprovider/pkg/command/command.go @@ -10,6 +10,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/appprovider/pkg/config" + "github.com/owncloud/ocis/extensions/appprovider/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/log" @@ -24,6 +25,9 @@ func AppProvider(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "app-provider", Usage: "start appprovider for providing apps", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -92,8 +96,8 @@ func appProviderConfigFromStruct(c *cli.Context, cfg *config.Config) map[string] "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ @@ -114,7 +118,7 @@ func appProviderConfigFromStruct(c *cli.Context, cfg *config.Config) map[string] "app_url": cfg.Drivers.WOPI.AppURL, "insecure_connections": cfg.Drivers.WOPI.Insecure, "iop_secret": cfg.Drivers.WOPI.IopSecret, - "jwt_secret": cfg.JWTSecret, + "jwt_secret": cfg.TokenManager.JWTSecret, "wopi_url": cfg.Drivers.WOPI.WopiURL, }, }, diff --git a/extensions/appprovider/pkg/config/config.go b/extensions/appprovider/pkg/config/config.go index 42efec470ee..c5f1248ee63 100644 --- a/extensions/appprovider/pkg/config/config.go +++ b/extensions/appprovider/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` ExternalAddr string `yaml:"external_addr,omitempty"` Driver string `yaml:"driver,omitempty"` diff --git a/extensions/appprovider/pkg/config/defaults/defaultconfig.go b/extensions/appprovider/pkg/config/defaults/defaultconfig.go index 332ce0dba47..e556735ee73 100644 --- a/extensions/appprovider/pkg/config/defaults/defaultconfig.go +++ b/extensions/appprovider/pkg/config/defaults/defaultconfig.go @@ -27,9 +27,10 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "appprovider", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - Driver: "", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + Driver: "", Drivers: config.Drivers{ WOPI: config.WOPIDriver{}, }, @@ -59,6 +60,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/appprovider/pkg/config/parser/parse.go b/extensions/appprovider/pkg/config/parser/parse.go new file mode 100644 index 00000000000..272df5fde42 --- /dev/null +++ b/extensions/appprovider/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/appprovider/pkg/config" + "github.com/owncloud/ocis/extensions/appprovider/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/appprovider/pkg/config/reva.go b/extensions/appprovider/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/appprovider/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/auth-basic/pkg/command/command.go b/extensions/auth-basic/pkg/command/command.go index 44745e48251..ba5d98b43b4 100644 --- a/extensions/auth-basic/pkg/command/command.go +++ b/extensions/auth-basic/pkg/command/command.go @@ -11,6 +11,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" + "github.com/owncloud/ocis/extensions/auth-basic/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/ldap" @@ -26,6 +27,9 @@ func AuthBasic(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "auth-basic", Usage: "start authprovider for basic auth", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -113,8 +117,8 @@ func authBasicConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]in "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 04eb2649afe..2b0c56bfc17 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` diff --git a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go index 4d232471934..42caadb53d9 100644 --- a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go @@ -30,9 +30,10 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "auth-basic", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - AuthProvider: "ldap", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + AuthProvider: "ldap", AuthProviders: config.AuthProviders{ LDAP: config.LDAPProvider{ URI: "ldaps://localhost:9126", @@ -101,6 +102,23 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } + } func Sanitize(cfg *config.Config) { diff --git a/extensions/auth-basic/pkg/config/parser/parse.go b/extensions/auth-basic/pkg/config/parser/parse.go new file mode 100644 index 00000000000..3a850615ca4 --- /dev/null +++ b/extensions/auth-basic/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" + "github.com/owncloud/ocis/extensions/auth-basic/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/auth-basic/pkg/config/reva.go b/extensions/auth-basic/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/auth-basic/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/auth-bearer/pkg/command/command.go b/extensions/auth-bearer/pkg/command/command.go index dd27a0b8e48..d896fbb444d 100644 --- a/extensions/auth-bearer/pkg/command/command.go +++ b/extensions/auth-bearer/pkg/command/command.go @@ -10,6 +10,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" + "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/log" @@ -24,6 +25,9 @@ func AuthBearer(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "auth-bearer", Usage: "start authprovider for bearer auth", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -94,8 +98,8 @@ func authBearerConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]i "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/auth-bearer/pkg/config/config.go b/extensions/auth-bearer/pkg/config/config.go index b7c8fad6e79..97fcd5ee6cd 100644 --- a/extensions/auth-bearer/pkg/config/config.go +++ b/extensions/auth-bearer/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` diff --git a/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go b/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go index 4ca3d0f5caf..93a978a2a3e 100644 --- a/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go @@ -27,9 +27,10 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "auth-bearer", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - AuthProvider: "ldap", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + AuthProvider: "ldap", AuthProviders: config.AuthProviders{ OIDC: config.OIDCProvider{ Issuer: "https://localhost:9200", @@ -63,6 +64,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/auth-bearer/pkg/config/parser/parse.go b/extensions/auth-bearer/pkg/config/parser/parse.go new file mode 100644 index 00000000000..6ea2a14847c --- /dev/null +++ b/extensions/auth-bearer/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" + "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/auth-bearer/pkg/config/reva.go b/extensions/auth-bearer/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/auth-bearer/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/auth-machine/pkg/command/command.go b/extensions/auth-machine/pkg/command/command.go index 332c1ed8656..41de568723a 100644 --- a/extensions/auth-machine/pkg/command/command.go +++ b/extensions/auth-machine/pkg/command/command.go @@ -10,6 +10,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" + "github.com/owncloud/ocis/extensions/auth-machine/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/log" @@ -24,6 +25,9 @@ func AuthMachine(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "auth-machine", Usage: "start authprovider for machine auth", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -94,8 +98,8 @@ func authMachineConfigFromStruct(c *cli.Context, cfg *config.Config) map[string] "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ @@ -108,7 +112,7 @@ func authMachineConfigFromStruct(c *cli.Context, cfg *config.Config) map[string] "auth_managers": map[string]interface{}{ "machine": map[string]interface{}{ "api_key": cfg.AuthProviders.Machine.APIKey, - "gateway_addr": cfg.GatewayEndpoint, + "gateway_addr": cfg.Reva.Address, }, }, }, diff --git a/extensions/auth-machine/pkg/config/config.go b/extensions/auth-machine/pkg/config/config.go index 0e530daf1d6..4837e2915bd 100644 --- a/extensions/auth-machine/pkg/config/config.go +++ b/extensions/auth-machine/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_entpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` diff --git a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go index 4a442d48b88..4b8e3368e5b 100644 --- a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go @@ -27,9 +27,10 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "auth-machine", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - AuthProvider: "ldap", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + AuthProvider: "ldap", AuthProviders: config.AuthProviders{ Machine: config.MachineProvider{ APIKey: "change-me-please", @@ -61,6 +62,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/auth-machine/pkg/config/parser/parse.go b/extensions/auth-machine/pkg/config/parser/parse.go new file mode 100644 index 00000000000..defc64e0c3d --- /dev/null +++ b/extensions/auth-machine/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" + "github.com/owncloud/ocis/extensions/auth-machine/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/auth-machine/pkg/config/reva.go b/extensions/auth-machine/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/auth-machine/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/frontend/pkg/command/command.go b/extensions/frontend/pkg/command/command.go index 98d0c49122c..6eadfb2e95f 100644 --- a/extensions/frontend/pkg/command/command.go +++ b/extensions/frontend/pkg/command/command.go @@ -13,6 +13,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/frontend/pkg/config" + "github.com/owncloud/ocis/extensions/frontend/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/conversions" @@ -28,11 +29,13 @@ func Frontend(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "frontend", Usage: "start frontend service", - Before: func(c *cli.Context) error { - if err := loadUserAgent(c, cfg); err != nil { - return err - } - return nil + Before: func(ctx *cli.Context) error { + // TODO: what !? + //if err := loadUserAgent(c, cfg); err != nil { + // return err + //} + //return nil + return parser.ParseConfig(cfg) }, Action: func(c *cli.Context) error { logCfg := cfg.Logging @@ -156,8 +159,8 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, // Todo or address? + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, // Todo or address? "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "http": map[string]interface{}{ @@ -194,7 +197,7 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s "insecure": true, }, "ocs": map[string]interface{}{ - "storage_registry_svc": cfg.GatewayEndpoint, + "storage_registry_svc": cfg.Reva.Address, "share_prefix": cfg.OCS.SharePrefix, "home_namespace": cfg.OCS.HomeNamespace, "resource_info_cache_ttl": cfg.OCS.ResourceInfoCacheTTL, @@ -210,7 +213,7 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s "db_port": cfg.OCS.CacheWarmupDrivers.CBOX.DBPort, "db_name": cfg.OCS.CacheWarmupDrivers.CBOX.DBName, "namespace": cfg.OCS.CacheWarmupDrivers.CBOX.Namespace, - "gatewaysvc": cfg.GatewayEndpoint, + "gatewaysvc": cfg.Reva.Address, }, }, "config": map[string]interface{}{ diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index 0adda7543b6..5a4ba7354fa 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -16,8 +16,9 @@ type Config struct { TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` - JWTSecret string `yaml:"jwt_secret"` - GatewayEndpoint string + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool EnableFavorites bool `yaml:"favorites"` diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 182914b8227..54247a580e9 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -28,8 +28,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "frontend", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, PublicURL: "https://localhost:9200", EnableFavorites: false, EnableProjectSpaces: true, @@ -96,6 +97,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go new file mode 100644 index 00000000000..7942a1b235f --- /dev/null +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/frontend/pkg/config" + "github.com/owncloud/ocis/extensions/frontend/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/frontend/pkg/config/reva.go b/extensions/frontend/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/frontend/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/gateway/pkg/command/command.go b/extensions/gateway/pkg/command/command.go index 3c8a15941fa..c71895ac4b8 100644 --- a/extensions/gateway/pkg/command/command.go +++ b/extensions/gateway/pkg/command/command.go @@ -14,6 +14,7 @@ import ( "github.com/mitchellh/mapstructure" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/gateway/pkg/config" + "github.com/owncloud/ocis/extensions/gateway/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" "github.com/owncloud/ocis/extensions/storage/pkg/service/external" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" @@ -30,12 +31,8 @@ func Gateway(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "gateway", Usage: "start gateway", - Before: func(c *cli.Context) error { - if cfg.DataGatewayPublicURL == "" { - cfg.DataGatewayPublicURL = strings.TrimRight(cfg.FrontendPublicURL, "/") + "/data" - } - - return nil + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) }, Action: func(c *cli.Context) error { logCfg := cfg.Logging @@ -124,8 +121,8 @@ func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logg "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ @@ -135,9 +132,9 @@ func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logg "services": map[string]interface{}{ "gateway": map[string]interface{}{ // registries is located on the gateway - "authregistrysvc": cfg.GatewayEndpoint, - "storageregistrysvc": cfg.GatewayEndpoint, - "appregistrysvc": cfg.GatewayEndpoint, + "authregistrysvc": cfg.Reva.Address, + "storageregistrysvc": cfg.Reva.Address, + "appregistrysvc": cfg.Reva.Address, // user metadata is located on the users services "preferencessvc": cfg.UsersEndpoint, "userprovidersvc": cfg.UsersEndpoint, @@ -152,7 +149,7 @@ func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logg "share_folder": cfg.ShareFolder, // ShareFolder is the location where to create shares in the recipient's storage provider. // other "disable_home_creation_on_login": cfg.DisableHomeCreationOnLogin, - "datagateway": cfg.DataGatewayPublicURL, + "datagateway": strings.TrimRight(cfg.FrontendPublicURL, "/") + "/data", "transfer_shared_secret": cfg.TransferSecret, "transfer_expires": cfg.TransferExpires, "home_mapping": cfg.HomeMapping, diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index bf16e5f3db1..720083a64b1 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -12,9 +12,10 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:",omitempty"` - SkipUserGroupsInToken bool `yaml:",omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + + SkipUserGroupsInToken bool `yaml:",omitempty"` CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` @@ -29,7 +30,6 @@ type Config struct { GroupsEndpoint string `yaml:"groups_endpoint,omitempty"` PermissionsEndpoint string `yaml:"permissions_endpoint,omitempty"` SharingEndpoint string `yaml:"sharing_endpoint,omitempty"` - DataGatewayPublicURL string `yaml:"data_gateway_public_url,omitempty"` FrontendPublicURL string `yaml:"frontend_public_url,omitempty" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"` AuthBasicEndpoint string `yaml:"auth_basic_endpoint,omitempty"` AuthBearerEndpoint string `yaml:"auth_bearer_endpoint,omitempty"` diff --git a/extensions/gateway/pkg/config/defaults/defaultconfig.go b/extensions/gateway/pkg/config/defaults/defaultconfig.go index 44c3dc0df30..1c0013b2498 100644 --- a/extensions/gateway/pkg/config/defaults/defaultconfig.go +++ b/extensions/gateway/pkg/config/defaults/defaultconfig.go @@ -27,8 +27,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "gateway", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, CommitShareToStorageGrant: true, CommitShareToStorageRef: true, @@ -43,7 +44,6 @@ func DefaultConfig() *config.Config { GroupsEndpoint: "localhost:9160", PermissionsEndpoint: "localhost:9191", SharingEndpoint: "localhost:9150", - DataGatewayPublicURL: "", FrontendPublicURL: "https://localhost:9200", AuthBasicEndpoint: "localhost:9146", AuthBearerEndpoint: "localhost:9148", @@ -85,6 +85,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/gateway/pkg/config/parser/parse.go b/extensions/gateway/pkg/config/parser/parse.go new file mode 100644 index 00000000000..2ace3feafdd --- /dev/null +++ b/extensions/gateway/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/gateway/pkg/config" + "github.com/owncloud/ocis/extensions/gateway/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/gateway/pkg/config/reva.go b/extensions/gateway/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/gateway/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index b346bc15bd2..174bcabd629 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -18,7 +18,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` TokenManager *TokenManager `yaml:"token_manager,omitempty"` Spaces Spaces `yaml:"spaces,omitempty"` diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index 6c315a47752..8dff5da2020 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -20,7 +20,7 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "graph", }, - Reva: config.Reva{ + Reva: &config.Reva{ Address: "127.0.0.1:9142", }, Spaces: config.Spaces{ @@ -91,7 +91,7 @@ func EnsureDefaults(cfg *config.Config) { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } - } else { + } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } } diff --git a/extensions/graph/pkg/service/v0/service.go b/extensions/graph/pkg/service/v0/service.go index 11fe37c2fe0..599a558f3b3 100644 --- a/extensions/graph/pkg/service/v0/service.go +++ b/extensions/graph/pkg/service/v0/service.go @@ -59,7 +59,7 @@ func NewService(opts ...Option) Service { switch options.Config.Identity.Backend { case "cs3": backend = &identity.CS3{ - Config: &options.Config.Reva, + Config: options.Config.Reva, Logger: &options.Logger, } case "ldap": diff --git a/extensions/group/pkg/command/command.go b/extensions/group/pkg/command/command.go index ab71caef114..92ef3b75af4 100644 --- a/extensions/group/pkg/command/command.go +++ b/extensions/group/pkg/command/command.go @@ -11,6 +11,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/group/pkg/config" + "github.com/owncloud/ocis/extensions/group/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/ldap" @@ -26,6 +27,9 @@ func Groups(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "groups", Usage: "start groups service", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -111,8 +115,8 @@ func groupsConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]inter "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index 1b8e0d63234..c7216b4393a 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` Driver string `yaml:"driver,omitempty"` diff --git a/extensions/group/pkg/config/defaults/defaultconfig.go b/extensions/group/pkg/config/defaults/defaultconfig.go index d7b0d988a83..3690a01a6a2 100644 --- a/extensions/group/pkg/config/defaults/defaultconfig.go +++ b/extensions/group/pkg/config/defaults/defaultconfig.go @@ -31,9 +31,10 @@ func DefaultConfig() *config.Config { Name: "user", }, GroupMembersCacheExpiration: 5, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - Driver: "ldap", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + Driver: "ldap", Drivers: config.Drivers{ LDAP: config.LDAPDriver{ URI: "ldaps://localhost:9126", @@ -106,6 +107,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/group/pkg/config/parser/parse.go b/extensions/group/pkg/config/parser/parse.go new file mode 100644 index 00000000000..d75882a2901 --- /dev/null +++ b/extensions/group/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/group/pkg/config" + "github.com/owncloud/ocis/extensions/group/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/group/pkg/config/reva.go b/extensions/group/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/group/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/ocdav/pkg/command/ocdav.go b/extensions/ocdav/pkg/command/ocdav.go index e73f5d1b1ee..30896c28424 100644 --- a/extensions/ocdav/pkg/command/ocdav.go +++ b/extensions/ocdav/pkg/command/ocdav.go @@ -9,6 +9,7 @@ import ( "github.com/cs3org/reva/v2/pkg/micro/ocdav" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/ocdav/pkg/config" + "github.com/owncloud/ocis/extensions/ocdav/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/conversions" @@ -25,11 +26,15 @@ func OCDav(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "ocdav", Usage: "start ocdav service", - Before: func(c *cli.Context) error { - if err := loadUserAgent(c, cfg); err != nil { - return err - } - return nil + // TODO: check + //Before: func(c *cli.Context) error { + // if err := loadUserAgent(c, cfg); err != nil { + // return err + // } + // return nil + //}, + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) }, Action: func(c *cli.Context) error { logCfg := cfg.Logging @@ -59,8 +64,8 @@ func OCDav(cfg *config.Config) *cli.Command { ocdav.Insecure(cfg.Insecure), ocdav.PublicURL(cfg.PublicURL), ocdav.Prefix(cfg.HTTP.Prefix), - ocdav.GatewaySvc(cfg.GatewayEndpoint), - ocdav.JWTSecret(cfg.JWTSecret), + ocdav.GatewaySvc(cfg.Reva.Address), + ocdav.JWTSecret(cfg.TokenManager.JWTSecret), // ocdav.FavoriteManager() // FIXME needs a proper persistence implementation // ocdav.LockSystem(), // will default to the CS3 lock system // ocdav.TLSConfig() // tls config for the http server diff --git a/extensions/ocdav/pkg/config/config.go b/extensions/ocdav/pkg/config/config.go index efc048c8617..de3748fceec 100644 --- a/extensions/ocdav/pkg/config/config.go +++ b/extensions/ocdav/pkg/config/config.go @@ -12,10 +12,10 @@ type Config struct { HTTP HTTPConfig `yaml:"http,omitempty"` - // JWTSecret used to verify reva access token - JWTSecret string `yaml:"jwt_secret"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` WebdavNamespace string `yaml:"webdav_namespace,omitempty"` FilesNamespace string `yaml:"files_namespace,omitempty"` diff --git a/extensions/ocdav/pkg/config/defaults/defaultconfig.go b/extensions/ocdav/pkg/config/defaults/defaultconfig.go index eaffe1c8c5f..d68a150240d 100644 --- a/extensions/ocdav/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocdav/pkg/config/defaults/defaultconfig.go @@ -28,8 +28,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "ocdav", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, WebdavNamespace: "/users/{{.Id.OpaqueId}}", FilesNamespace: "/users/{{.Id.OpaqueId}}", SharesNamespace: "/Shares", @@ -67,6 +68,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/ocdav/pkg/config/parser/parse.go b/extensions/ocdav/pkg/config/parser/parse.go new file mode 100644 index 00000000000..84d3821cf72 --- /dev/null +++ b/extensions/ocdav/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/ocdav/pkg/config" + "github.com/owncloud/ocis/extensions/ocdav/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/ocdav/pkg/config/reva.go b/extensions/ocdav/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/ocdav/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index 9e332ca7ded..af57bc07cd3 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -19,7 +19,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 74a1b493d49..1037246d4ca 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -40,7 +40,7 @@ func DefaultConfig() *config.Config { }, AccountBackend: "accounts", - Reva: config.Reva{ + Reva: &config.Reva{ Address: "127.0.0.1:9142", }, StorageUsersDriver: "ocis", @@ -74,11 +74,19 @@ func EnsureDefaults(cfg *config.Config) { cfg.Tracing = &config.Tracing{} } + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } - } else { + } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } diff --git a/extensions/proxy/pkg/config/config.go b/extensions/proxy/pkg/config/config.go index 69b2d99a922..f9f1a530817 100644 --- a/extensions/proxy/pkg/config/config.go +++ b/extensions/proxy/pkg/config/config.go @@ -18,7 +18,7 @@ type Config struct { HTTP HTTP `yaml:"http,omitempty"` - Reva Reva `yaml:"reva,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` Policies []Policy `yaml:"policies,omitempty"` OIDC OIDC `yaml:"oidc,omitempty"` diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 6144197c6be..c312178dd30 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -36,7 +36,7 @@ func DefaultConfig() *config.Config { }, }, PolicySelector: nil, - Reva: config.Reva{ + Reva: &config.Reva{ Address: "127.0.0.1:9142", }, PreSignedURL: config.PreSignedURL{ @@ -182,7 +182,7 @@ func EnsureDefaults(cfg *config.Config) { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } - } else { + } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } @@ -191,6 +191,22 @@ func EnsureDefaults(cfg *config.Config) { } else { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index f056a6a9d8b..2b7124e204f 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -89,7 +89,7 @@ func EnsureDefaults(cfg *config.Config) { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } - } else { + } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } diff --git a/extensions/sharing/pkg/command/command.go b/extensions/sharing/pkg/command/command.go index 807b24132be..a7376f4ebf0 100644 --- a/extensions/sharing/pkg/command/command.go +++ b/extensions/sharing/pkg/command/command.go @@ -15,6 +15,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/sharing/pkg/config" + "github.com/owncloud/ocis/extensions/sharing/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/thejerf/suture/v4" @@ -26,6 +27,9 @@ func Sharing(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "sharing", Usage: "start sharing service", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -109,8 +113,8 @@ func sharingConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]inte "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ @@ -123,7 +127,7 @@ func sharingConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]inte "drivers": map[string]interface{}{ "json": map[string]interface{}{ "file": cfg.UserSharingDrivers.JSON.File, - "gateway_addr": cfg.GatewayEndpoint, + "gateway_addr": cfg.Reva.Address, }, "sql": map[string]interface{}{ // cernbox sql "db_username": cfg.UserSharingDrivers.SQL.DBUsername, @@ -156,7 +160,7 @@ func sharingConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]inte "drivers": map[string]interface{}{ "json": map[string]interface{}{ "file": cfg.PublicSharingDrivers.JSON.File, - "gateway_addr": cfg.GatewayEndpoint, + "gateway_addr": cfg.Reva.Address, }, "sql": map[string]interface{}{ "db_username": cfg.PublicSharingDrivers.SQL.DBUsername, diff --git a/extensions/sharing/pkg/config/config.go b/extensions/sharing/pkg/config/config.go index 13e07c705c7..9df6e9bae3e 100644 --- a/extensions/sharing/pkg/config/config.go +++ b/extensions/sharing/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` UserSharingDriver string `yaml:"user_sharing_driver,omitempty"` UserSharingDrivers UserSharingDrivers `yaml:"user_sharin_drivers,omitempty"` diff --git a/extensions/sharing/pkg/config/defaults/defaultconfig.go b/extensions/sharing/pkg/config/defaults/defaultconfig.go index b7a7f8d9911..8d69e2ca1d1 100644 --- a/extensions/sharing/pkg/config/defaults/defaultconfig.go +++ b/extensions/sharing/pkg/config/defaults/defaultconfig.go @@ -30,8 +30,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "sharing", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, UserSharingDriver: "json", UserSharingDrivers: config.UserSharingDrivers{ JSON: config.UserSharingJSONDriver{ @@ -104,6 +105,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go new file mode 100644 index 00000000000..516647c8841 --- /dev/null +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/sharing/pkg/config" + "github.com/owncloud/ocis/extensions/sharing/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/sharing/pkg/config/reva.go b/extensions/sharing/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/sharing/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/storage-metadata/pkg/command/command.go b/extensions/storage-metadata/pkg/command/command.go index 06e5c224547..65346a94f14 100644 --- a/extensions/storage-metadata/pkg/command/command.go +++ b/extensions/storage-metadata/pkg/command/command.go @@ -6,6 +6,7 @@ import ( "os" "path" + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/parser" "github.com/owncloud/ocis/ocis-pkg/log" "github.com/owncloud/ocis/ocis-pkg/sync" "github.com/owncloud/ocis/ocis-pkg/tracing" @@ -30,6 +31,9 @@ func StorageMetadata(cfg *config.Config) *cli.Command { Name: "storage-metadata", Usage: "start storage-metadata service", Category: "extensions", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -124,8 +128,8 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index b9ea13eafd6..c783f913085 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -17,15 +17,17 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` HTTP HTTPConfig `yaml:"http,omitempty"` - Context context.Context `yaml:"context,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - Driver string `yaml:"driver,omitempty" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` - Drivers Drivers `yaml:"drivers,omitempty"` - DataServerURL string `yaml:"data_server_url,omitempty"` - TempFolder string `yaml:"temp_folder,omitempty"` - DataProviderInsecure bool `yaml:"data_providcer_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` + Context context.Context `yaml:"context,omitempty"` + + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + Driver string `yaml:"driver,omitempty" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` + Drivers Drivers `yaml:"drivers,omitempty"` + DataServerURL string `yaml:"data_server_url,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + DataProviderInsecure bool `yaml:"data_providcer_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go index 298d31eb564..3922b6f569b 100644 --- a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go @@ -35,11 +35,12 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "storage-metadata", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "metadata"), - DataServerURL: "http://localhost:9216/data", - Driver: "ocis", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "metadata"), + DataServerURL: "http://localhost:9216/data", + Driver: "ocis", Drivers: config.Drivers{ EOS: config.EOSDriver{ Root: "/eos/dockertest/reva", @@ -105,6 +106,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage-metadata/pkg/config/parser/parse.go b/extensions/storage-metadata/pkg/config/parser/parse.go new file mode 100644 index 00000000000..4faf4527fab --- /dev/null +++ b/extensions/storage-metadata/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/storage-metadata/pkg/config/reva.go b/extensions/storage-metadata/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/storage-metadata/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/storage-publiclink/pkg/command/storagepubliclink.go b/extensions/storage-publiclink/pkg/command/storagepubliclink.go index 5991885449a..518003919ef 100644 --- a/extensions/storage-publiclink/pkg/command/storagepubliclink.go +++ b/extensions/storage-publiclink/pkg/command/storagepubliclink.go @@ -10,6 +10,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config" + "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/log" @@ -25,6 +26,9 @@ func StoragePublicLink(cfg *config.Config) *cli.Command { Name: "storage-public-link", Usage: "start storage-public-link service", Category: "extensions", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -94,8 +98,8 @@ func storagePublicLinkConfigFromStruct(c *cli.Context, cfg *config.Config) map[s "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/storage-publiclink/pkg/config/config.go b/extensions/storage-publiclink/pkg/config/config.go index aa19b583f56..0fcc80c113e 100644 --- a/extensions/storage-publiclink/pkg/config/config.go +++ b/extensions/storage-publiclink/pkg/config/config.go @@ -16,9 +16,11 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - Context context.Context `yaml:"context,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + Context context.Context `yaml:"context,omitempty"` + + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` AuthProvider AuthProvider `yaml:"auth_provider,omitempty"` StorageProvider StorageProvider `yaml:"storage_provider,omitempty"` diff --git a/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go b/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go index bd2a7cc05c0..5a0fed3a557 100644 --- a/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go @@ -27,8 +27,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "storage-publiclink", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, AuthProvider: config.AuthProvider{ GatewayEndpoint: "127.0.0.1:9142", }, @@ -62,6 +63,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage-publiclink/pkg/config/parser/parse.go b/extensions/storage-publiclink/pkg/config/parser/parse.go new file mode 100644 index 00000000000..b54c81162e1 --- /dev/null +++ b/extensions/storage-publiclink/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config" + "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/storage-publiclink/pkg/config/reva.go b/extensions/storage-publiclink/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/storage-publiclink/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/storage-shares/pkg/command/command.go b/extensions/storage-shares/pkg/command/command.go index b6804326f31..c689e704f19 100644 --- a/extensions/storage-shares/pkg/command/command.go +++ b/extensions/storage-shares/pkg/command/command.go @@ -14,6 +14,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/storage-shares/pkg/config" + "github.com/owncloud/ocis/extensions/storage-shares/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/thejerf/suture/v4" @@ -25,6 +26,9 @@ func StorageShares(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "storage-shares", Usage: "start storage-shares service", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -96,8 +100,8 @@ func storageSharesConfigFromStruct(c *cli.Context, cfg *config.Config) map[strin "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/storage-shares/pkg/config/config.go b/extensions/storage-shares/pkg/config/config.go index 18c094c9f7e..1ad7fca1d94 100644 --- a/extensions/storage-shares/pkg/config/config.go +++ b/extensions/storage-shares/pkg/config/config.go @@ -17,9 +17,10 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` HTTP HTTPConfig `yaml:"http,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + Context context.Context `yaml:"context,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` ReadOnly bool `yaml:"readonly,omitempty"` SharesProviderEndpoint string `yaml:"shares_provider_endpoint,omitempty"` diff --git a/extensions/storage-shares/pkg/config/defaults/defaultconfig.go b/extensions/storage-shares/pkg/config/defaults/defaultconfig.go index bf56e76cc69..ca46e2ea8e6 100644 --- a/extensions/storage-shares/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-shares/pkg/config/defaults/defaultconfig.go @@ -31,8 +31,9 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "storage-metadata", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, ReadOnly: false, SharesProviderEndpoint: "localhost:9150", } @@ -61,6 +62,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage-shares/pkg/config/parser/parse.go b/extensions/storage-shares/pkg/config/parser/parse.go new file mode 100644 index 00000000000..f840317dc56 --- /dev/null +++ b/extensions/storage-shares/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/storage-shares/pkg/config" + "github.com/owncloud/ocis/extensions/storage-shares/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/storage-shares/pkg/config/reva.go b/extensions/storage-shares/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/storage-shares/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/storage-users/pkg/command/command.go b/extensions/storage-users/pkg/command/command.go index 564dd4e558d..01b4fc4c98c 100644 --- a/extensions/storage-users/pkg/command/command.go +++ b/extensions/storage-users/pkg/command/command.go @@ -10,6 +10,7 @@ import ( "github.com/gofrs/uuid" "github.com/oklog/run" "github.com/owncloud/ocis/extensions/storage-users/pkg/config" + "github.com/owncloud/ocis/extensions/storage-users/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/log" @@ -24,6 +25,9 @@ func StorageUsers(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "storage-users", Usage: "start storage-users service", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -95,8 +99,8 @@ func storageUsersConfigFromStruct(c *cli.Context, cfg *config.Config) map[string "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/storage-users/pkg/config/config.go b/extensions/storage-users/pkg/config/config.go index bc8cc30e4c9..fe749a5d0d0 100644 --- a/extensions/storage-users/pkg/config/config.go +++ b/extensions/storage-users/pkg/config/config.go @@ -17,19 +17,21 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` HTTP HTTPConfig `yaml:"http,omitempty"` - Context context.Context `yaml:"context,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - Driver string `yaml:"driver,omitempty" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` - Drivers Drivers `yaml:"drivers,omitempty"` - DataServerURL string `yaml:"data_server_url,omitempty"` - TempFolder string `yaml:"temp_folder,omitempty"` - DataProviderInsecure bool `yaml:"data_provider_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` - Events Events `yaml:"events,omitempty"` - MountID string `yaml:"mount_id,omitempty"` - ExposeDataServer bool `yaml:"expose_data_server,omitempty"` - ReadOnly bool `yaml:"readonly,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + + Context context.Context `yaml:"context,omitempty"` + + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + Driver string `yaml:"driver,omitempty" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` + Drivers Drivers `yaml:"drivers,omitempty"` + DataServerURL string `yaml:"data_server_url,omitempty"` + TempFolder string `yaml:"temp_folder,omitempty"` + DataProviderInsecure bool `yaml:"data_provider_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` + Events Events `yaml:"events,omitempty"` + MountID string `yaml:"mount_id,omitempty"` + ExposeDataServer bool `yaml:"expose_data_server,omitempty"` + ReadOnly bool `yaml:"readonly,omitempty"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-users/pkg/config/defaults/defaultconfig.go b/extensions/storage-users/pkg/config/defaults/defaultconfig.go index 8dc305fced0..0c89cc7a2c3 100644 --- a/extensions/storage-users/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-users/pkg/config/defaults/defaultconfig.go @@ -36,12 +36,13 @@ func DefaultConfig() *config.Config { Service: config.Service{ Name: "storage-users", }, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "users"), - DataServerURL: "http://localhost:9158/data", - MountID: "1284d238-aa92-42ce-bdc4-0b0000009157", - Driver: "ocis", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "users"), + DataServerURL: "http://localhost:9158/data", + MountID: "1284d238-aa92-42ce-bdc4-0b0000009157", + Driver: "ocis", Drivers: config.Drivers{ EOS: config.EOSDriver{ Root: "/eos/dockertest/reva", @@ -124,6 +125,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage-users/pkg/config/parser/parse.go b/extensions/storage-users/pkg/config/parser/parse.go new file mode 100644 index 00000000000..d8d881260c6 --- /dev/null +++ b/extensions/storage-users/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/storage-users/pkg/config" + "github.com/owncloud/ocis/extensions/storage-users/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/storage-users/pkg/config/reva.go b/extensions/storage-users/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/storage-users/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index 10de4b2652f..77784bae85b 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -35,7 +35,7 @@ func DefaultConfig() *config.Config { Addr: "127.0.0.1:9109", }, Reva: config.Reva{ - JWTSecret: "Pive-Fumkiu4", + //JWTSecret: "Pive-Fumkiu4", SkipUserGroupsInToken: false, TransferExpires: 24 * 60 * 60, OIDC: config.OIDC{ @@ -449,7 +449,7 @@ func DefaultConfig() *config.Config { GatewaySVC: defaultGatewayAddr, Insecure: false, // true? Timeout: 84300, - JWTSecret: "Pive-Fumkiu4", + //JWTSecret: "Pive-Fumkiu4", }, Tracing: config.Tracing{ Service: "storage", diff --git a/extensions/storage/pkg/config/parser/parse.go b/extensions/storage/pkg/config/parser/parse.go new file mode 100644 index 00000000000..4faf4527fab --- /dev/null +++ b/extensions/storage/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" + "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/user/pkg/command/command.go b/extensions/user/pkg/command/command.go index 31035acda11..f12ea5801be 100644 --- a/extensions/user/pkg/command/command.go +++ b/extensions/user/pkg/command/command.go @@ -12,6 +12,7 @@ import ( "github.com/oklog/run" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" "github.com/owncloud/ocis/extensions/user/pkg/config" + "github.com/owncloud/ocis/extensions/user/pkg/config/parser" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/ldap" "github.com/owncloud/ocis/ocis-pkg/log" @@ -26,6 +27,9 @@ func User(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "users", Usage: "start users service", + Before: func(ctx *cli.Context) error { + return parser.ParseConfig(cfg) + }, Action: func(c *cli.Context) error { logCfg := cfg.Logging logger := log.NewLogger( @@ -116,8 +120,8 @@ func usersConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interf "tracing_service_name": c.Command.Name, }, "shared": map[string]interface{}{ - "jwt_secret": cfg.JWTSecret, - "gatewaysvc": cfg.GatewayEndpoint, + "jwt_secret": cfg.TokenManager.JWTSecret, + "gatewaysvc": cfg.Reva.Address, "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, }, "grpc": map[string]interface{}{ diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index 4c000da6c51..7c270080a04 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -12,8 +12,9 @@ type Config struct { GRPC GRPCConfig `yaml:"grpc,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` UsersCacheExpiration int `yaml:"users_cache_expiration,omitempty"` Driver string `yaml:"driver,omitempty"` diff --git a/extensions/user/pkg/config/defaults/defaultconfig.go b/extensions/user/pkg/config/defaults/defaultconfig.go index 09f4abe003c..35b46e90655 100644 --- a/extensions/user/pkg/config/defaults/defaultconfig.go +++ b/extensions/user/pkg/config/defaults/defaultconfig.go @@ -31,9 +31,10 @@ func DefaultConfig() *config.Config { Name: "user", }, UsersCacheExpiration: 5, - GatewayEndpoint: "127.0.0.1:9142", - JWTSecret: "Pive-Fumkiu4", - Driver: "ldap", + Reva: &config.Reva{ + Address: "127.0.0.1:9142", + }, + Driver: "ldap", Drivers: config.Drivers{ LDAP: config.LDAPDriver{ URI: "ldaps://localhost:9126", @@ -106,6 +107,22 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Tracing == nil { cfg.Tracing = &config.Tracing{} } + + if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { + cfg.Reva = &config.Reva{ + Address: cfg.Commons.Reva.Address, + } + } else if cfg.Reva == nil { + cfg.Reva = &config.Reva{} + } + + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + cfg.TokenManager = &config.TokenManager{ + JWTSecret: cfg.Commons.TokenManager.JWTSecret, + } + } else if cfg.TokenManager == nil { + cfg.TokenManager = &config.TokenManager{} + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/user/pkg/config/parser/parse.go b/extensions/user/pkg/config/parser/parse.go new file mode 100644 index 00000000000..06145d3ad8e --- /dev/null +++ b/extensions/user/pkg/config/parser/parse.go @@ -0,0 +1,33 @@ +package parser + +import ( + "errors" + + "github.com/owncloud/ocis/extensions/user/pkg/config" + "github.com/owncloud/ocis/extensions/user/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + + "github.com/owncloud/ocis/ocis-pkg/config/envdecode" +) + +// ParseConfig loads accounts configuration from known paths. +func ParseConfig(cfg *config.Config) error { + _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) + if err != nil { + return err + } + + defaults.EnsureDefaults(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + defaults.Sanitize(cfg) + + return nil +} diff --git a/extensions/user/pkg/config/reva.go b/extensions/user/pkg/config/reva.go new file mode 100644 index 00000000000..b8d27791703 --- /dev/null +++ b/extensions/user/pkg/config/reva.go @@ -0,0 +1,11 @@ +package config + +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` +} diff --git a/ocis-pkg/config/defaultconfig.go b/ocis-pkg/config/defaultconfig.go index e428bad5669..bd48781dda2 100644 --- a/ocis-pkg/config/defaultconfig.go +++ b/ocis-pkg/config/defaultconfig.go @@ -31,47 +31,43 @@ import ( user "github.com/owncloud/ocis/extensions/user/pkg/config/defaults" web "github.com/owncloud/ocis/extensions/web/pkg/config/defaults" webdav "github.com/owncloud/ocis/extensions/webdav/pkg/config/defaults" - "github.com/owncloud/ocis/ocis-pkg/shared" ) func DefaultConfig() *Config { return &Config{ - TokenManager: &shared.TokenManager{ - JWTSecret: "Pive-Fumkiu4", - }, Runtime: Runtime{ Port: "9250", Host: "localhost", }, - Audit: audit.DefaultConfig(), Accounts: accounts.DefaultConfig(), + AppProvider: appprovider.DefaultConfig(), + Audit: audit.DefaultConfig(), + AuthBasic: authbasic.DefaultConfig(), + AuthBearer: authbearer.DefaultConfig(), + AuthMachine: authmachine.DefaultConfig(), + Frontend: frontend.DefaultConfig(), + Gateway: gateway.DefaultConfig(), GLAuth: glauth.DefaultConfig(), Graph: graph.DefaultConfig(), - IDP: idp.DefaultConfig(), + GraphExplorer: graphExplorer.DefaultConfig(), + Group: group.DefaultConfig(), IDM: idm.DefaultConfig(), + IDP: idp.DefaultConfig(), Nats: nats.DefaultConfig(), Notifications: notifications.DefaultConfig(), - Proxy: proxy.DefaultConfig(), - GraphExplorer: graphExplorer.DefaultConfig(), + OCDav: ocdav.DefaultConfig(), OCS: ocs.DefaultConfig(), + Proxy: proxy.DefaultConfig(), Settings: settings.DefaultConfig(), - Web: web.DefaultConfig(), + Sharing: sharing.DefaultConfig(), + StorageMetadata: storagemetadata.DefaultConfig(), + StoragePublicLink: storagepublic.DefaultConfig(), + StorageShares: storageshares.DefaultConfig(), + StorageUsers: storageusers.DefaultConfig(), Store: store.DefaultConfig(), Thumbnails: thumbnails.DefaultConfig(), + User: user.DefaultConfig(), + Web: web.DefaultConfig(), WebDAV: webdav.DefaultConfig(), - Gateway: gateway.FullDefaultConfig(), - AuthBasic: authbasic.FullDefaultConfig(), - AuthBearer: authbearer.FullDefaultConfig(), - AuthMachine: authmachine.FullDefaultConfig(), - User: user.FullDefaultConfig(), - Group: group.FullDefaultConfig(), - Sharing: sharing.FullDefaultConfig(), - StorageMetadata: storagemetadata.FullDefaultConfig(), - StoragePublicLink: storagepublic.FullDefaultConfig(), - StorageUsers: storageusers.FullDefaultConfig(), - StorageShares: storageshares.FullDefaultConfig(), - AppProvider: appprovider.FullDefaultConfig(), - Frontend: frontend.FullDefaultConfig(), - OCDav: ocdav.FullDefaultConfig(), } } diff --git a/ocis-pkg/generators/generators_test.go b/ocis-pkg/generators/generators_test.go index 8c1984dee01..676b9bcaa83 100644 --- a/ocis-pkg/generators/generators_test.go +++ b/ocis-pkg/generators/generators_test.go @@ -7,7 +7,7 @@ import ( _ "github.com/owncloud/ocis/ocis-pkg/generators" ) -var _ = Describe("Generators", func() { - It("Returns an error ", func() {}) - PIt("Returns expected passwords", func() {}) -}) +//var _ = Describe("Generators", func() { +// It("Returns an error ", func() {}) +// PIt("Returns expected passwords", func() {}) +//}) diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index fa3f98094b9..f4cf19fc0bf 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -29,6 +29,11 @@ type TokenManager struct { JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET" desc:"The secret to mint jwt tokens."` } +// Reva defines all available REVA configuration. +type Reva struct { + Address string `yaml:"address" env:"REVA_GATEWAY"` +} + // Commons holds configuration that are common to all extensions. Each extension can then decide whether // to overwrite its values. type Commons struct { @@ -36,6 +41,7 @@ type Commons struct { Tracing *Tracing `yaml:"tracing"` OcisURL string `yaml:"ocis_url" env:"OCIS_URL"` TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` TransferSecret string `yaml:"transfer_secret,omitempty" env:"REVA_TRANSFER_SECRET"` } diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index e70129ca975..b9f8c83b0d1 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -10,39 +10,22 @@ import ( "strings" "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/defaults" "github.com/owncloud/ocis/ocis-pkg/generators" "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" - appprovider "github.com/owncloud/ocis/extensions/appprovider/pkg/config" - authbasic "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" - authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" - authmachine "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" - gateway "github.com/owncloud/ocis/extensions/gateway/pkg/config" - group "github.com/owncloud/ocis/extensions/group/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" - ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" - sharing "github.com/owncloud/ocis/extensions/sharing/pkg/config" - storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" - storagepublic "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config" - storageshares "github.com/owncloud/ocis/extensions/storage-shares/pkg/config" - storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config" - user "github.com/owncloud/ocis/extensions/user/pkg/config" ) -const configFilename string = "ocis.yaml" +const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file const passwordLength int = 32 // InitCommand is the entrypoint for the init command func InitCommand(cfg *config.Config) *cli.Command { - // TODO: remove homedir get - homeDir, err := os.UserHomeDir() - if err != nil { - log.Fatalf("could not get homedir") - } return &cli.Command{ Name: "init", Usage: "initialise an ocis config", @@ -59,11 +42,9 @@ func InitCommand(cfg *config.Config) *cli.Command { Value: false, }, &cli.StringFlag{ - Name: "config-path", - //Value: cfg.ConfigPath, // TODO: as soon as PR 3480 is merged, remove quotes - Value: path.Join(homeDir, ".ocis/config"), // TODO: this is temporary for experimenting, line above is relevant + Name: "config-path", + Value: defaults.BaseConfigPath(), Usage: "config path for the ocis runtime", - // Destination: &cfg.ConfigFile, // TODO: same as above }, }, Action: func(c *cli.Context) error { @@ -93,7 +74,7 @@ func init() { func checkConfigPath(configPath string) error { targetPath := path.Join(configPath, configFilename) if _, err := os.Stat(targetPath); err == nil { - return fmt.Errorf("Config in %s already exists", targetPath) + return fmt.Errorf("config in %s already exists", targetPath) } return nil } @@ -122,19 +103,19 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //OCS: &ocs.Config{}, //Settings: &settings.Config{}, // TODO: fix storage - AuthBasic: &authbasic.Config{}, - AuthBearer: &authbearer.Config{}, - AppProvider: &appprovider.Config{}, - AuthMachine: &authmachine.Config{}, - Gateway: &gateway.Config{}, - Group: &group.Config{}, - Sharing: &sharing.Config{}, - StorageMetadata: &storagemetadata.Config{}, - StorageUsers: &storageusers.Config{}, - StorageShares: &storageshares.Config{}, - StoragePublicLink: &storagepublic.Config{}, - User: &user.Config{}, - OCDav: &ocdav.Config{}, + //AuthBasic: &authbasic.Config{}, + //AuthBearer: &authbearer.Config{}, + //AppProvider: &appprovider.Config{}, + //AuthMachine: &authmachine.Config{}, + //Gateway: &gateway.Config{}, + //Group: &group.Config{}, + //Sharing: &sharing.Config{}, + //StorageMetadata: &storagemetadata.Config{}, + //StorageUsers: &storageusers.Config{}, + //StorageShares: &storageshares.Config{}, + //StoragePublicLink: &storagepublic.Config{}, + //User: &user.Config{}, + //OCDav: &ocdav.Config{}, //Thumbnails: &thumbnails.Config{}, //Web: &web.Config{}, //WebDAV: &webdav.Config{}, @@ -147,31 +128,31 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for idm: %s", err) + return fmt.Errorf("could not generate random password for idm: %s", err) } idpServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for idp: %s", err) + return fmt.Errorf("could not generate random password for idp: %s", err) } ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for ocis admin: %s", err) + return fmt.Errorf("could not generate random password for ocis admin: %s", err) } revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for reva: %s", err) + return fmt.Errorf("could not generate random password for reva: %s", err) } tokenManagerJwtSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for tokenmanager: %s", err) + return fmt.Errorf("could not generate random password for tokenmanager: %s", err) } machineAuthApiKey, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) + return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } revaTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { - return fmt.Errorf("Could not generate random password for machineauthsecret: %s", err) + return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } // TODO: IDP config is missing (LDAP + GROUP provider) @@ -199,26 +180,27 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret //TODO: move all jwt secrets to shared.common - cfg.AppProvider.JWTSecret = tokenManagerJwtSecret - cfg.AuthBasic.JWTSecret = tokenManagerJwtSecret - cfg.AuthBearer.JWTSecret = tokenManagerJwtSecret - cfg.AuthMachine.JWTSecret = tokenManagerJwtSecret - cfg.Gateway.JWTSecret = tokenManagerJwtSecret + //cfg.AppProvider.JWTSecret = tokenManagerJwtSecret + //cfg.AuthBasic.JWTSecret = tokenManagerJwtSecret + //cfg.AuthBearer.JWTSecret = tokenManagerJwtSecret + //cfg.AuthMachine.JWTSecret = tokenManagerJwtSecret + //cfg.Gateway.JWTSecret = tokenManagerJwtSecret + //cfg.Group.JWTSecret = tokenManagerJwtSecret + //cfg.Sharing.JWTSecret = tokenManagerJwtSecret + //cfg.StorageMetadata.JWTSecret = tokenManagerJwtSecret + //cfg.StoragePublicLink.JWTSecret = tokenManagerJwtSecret + //cfg.StorageShares.JWTSecret = tokenManagerJwtSecret + //cfg.StorageUsers.JWTSecret = tokenManagerJwtSecret + //cfg.User.JWTSecret = tokenManagerJwtSecret + //cfg.OCDav.JWTSecret = tokenManagerJwtSecret + //TODO: following line is defunc, figure out why //cfg.Gateway.MachineAuthAPIKey = machineAuthApiKey - cfg.Group.JWTSecret = tokenManagerJwtSecret - cfg.Sharing.JWTSecret = tokenManagerJwtSecret - cfg.StorageMetadata.JWTSecret = tokenManagerJwtSecret - cfg.StoragePublicLink.JWTSecret = tokenManagerJwtSecret - cfg.StorageShares.JWTSecret = tokenManagerJwtSecret - cfg.StorageUsers.JWTSecret = tokenManagerJwtSecret - cfg.User.JWTSecret = tokenManagerJwtSecret - cfg.OCDav.JWTSecret = tokenManagerJwtSecret //cfg.Thumbnails.Thumbnail.TransferSecret = revaTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { - return fmt.Errorf("Could not marshall config into yaml: %s", err) + return fmt.Errorf("could not marshall config into yaml: %s", err) } targetPath := path.Join(configPath, configFilename) err = ioutil.WriteFile(targetPath, yamlOutput, 0600) From b3f55765d817acadfb9fcc035ed124829c3fcb6b Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 14:13:17 +0200 Subject: [PATCH 13/59] use common transfer secrets --- .../pkg/config/defaults/defaultconfig.go | 9 ++++++- .../pkg/config/defaults/defaultconfig.go | 9 ++++++- .../thumbnails/pkg/service/grpc/v0/service.go | 24 +++++++++---------- ocis/pkg/command/init.go | 4 ++-- 4 files changed, 30 insertions(+), 16 deletions(-) diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 54247a580e9..65765fa8def 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,8 @@ package defaults import ( + "log" + "github.com/owncloud/ocis/extensions/frontend/pkg/config" ) @@ -37,7 +39,6 @@ func DefaultConfig() *config.Config { UploadMaxChunkSize: 1e+8, UploadHTTPMethodOverride: "", DefaultUploadProtocol: "tus", - TransferSecret: "replace-me-with-a-transfer-secret", Checksums: config.Checksums{ SupportedTypes: []string{"sha1", "md5", "adler32"}, PreferredUploadType: "", @@ -113,6 +114,12 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } + + if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { + cfg.TransferSecret = cfg.Commons.TransferSecret + } else { + log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/gateway/pkg/config/defaults/defaultconfig.go b/extensions/gateway/pkg/config/defaults/defaultconfig.go index 1c0013b2498..9554c835987 100644 --- a/extensions/gateway/pkg/config/defaults/defaultconfig.go +++ b/extensions/gateway/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,8 @@ package defaults import ( + "log" + "github.com/owncloud/ocis/extensions/gateway/pkg/config" ) @@ -35,7 +37,6 @@ func DefaultConfig() *config.Config { CommitShareToStorageRef: true, ShareFolder: "Shares", DisableHomeCreationOnLogin: true, - TransferSecret: "replace-me-with-a-transfer-secret", TransferExpires: 24 * 60 * 60, HomeMapping: "", EtagCacheTTL: 0, @@ -101,6 +102,12 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } + + if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { + cfg.TransferSecret = cfg.Commons.TransferSecret + } else { + log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/thumbnails/pkg/service/grpc/v0/service.go b/extensions/thumbnails/pkg/service/grpc/v0/service.go index 89eb703d7d8..22a3465c937 100644 --- a/extensions/thumbnails/pkg/service/grpc/v0/service.go +++ b/extensions/thumbnails/pkg/service/grpc/v0/service.go @@ -48,8 +48,8 @@ func NewService(opts ...Option) decorators.DecoratedService { preprocessorOpts: PreprocessorOpts{ TxtFontFileMap: options.Config.Thumbnail.FontMapFile, }, - dataEndpoint: options.Config.Thumbnail.DataEndpoint, - transferTokenSecret: options.Config.Thumbnail.TransferSecret, + dataEndpoint: options.Config.Thumbnail.DataEndpoint, + transferSecret: options.Config.Thumbnail.TransferSecret, } return svc @@ -57,15 +57,15 @@ func NewService(opts ...Option) decorators.DecoratedService { // Thumbnail implements the GRPC handler. type Thumbnail struct { - serviceID string - dataEndpoint string - transferTokenSecret string - manager thumbnail.Manager - webdavSource imgsource.Source - cs3Source imgsource.Source - logger log.Logger - cs3Client gateway.GatewayAPIClient - preprocessorOpts PreprocessorOpts + serviceID string + dataEndpoint string + transferSecret string + manager thumbnail.Manager + webdavSource imgsource.Source + cs3Source imgsource.Source + logger log.Logger + cs3Client gateway.GatewayAPIClient + preprocessorOpts PreprocessorOpts } type PreprocessorOpts struct { @@ -113,7 +113,7 @@ func (g Thumbnail) GetThumbnail(ctx context.Context, req *thumbnailssvc.GetThumb } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) - transferToken, err := token.SignedString([]byte(g.transferTokenSecret)) + transferToken, err := token.SignedString([]byte(g.transferSecret)) if err != nil { g.logger.Error(). Err(err). diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index b9f8c83b0d1..127faba5bc3 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -150,7 +150,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } - revaTransferTokenSecret, err := generators.GenerateRandomPassword(passwordLength) + revaTransferSecret, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } @@ -161,7 +161,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { // TODO: add missing insecure occurences cfg.MachineAuthAPIKey = machineAuthApiKey - cfg.TransferSecret = revaTransferTokenSecret + cfg.TransferSecret = revaTransferSecret cfg.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret From f74d1e27c1e0755510b8e4509e07ba0a1a63e988 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 14:40:53 +0200 Subject: [PATCH 14/59] use machine auth secret from common config --- .../frontend/pkg/config/defaults/defaultconfig.go | 2 +- .../gateway/pkg/config/defaults/defaultconfig.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 2 +- .../ocs/pkg/config/defaults/defaultconfig.go | 2 +- .../proxy/pkg/config/defaults/defaultconfig.go | 2 +- .../settings/pkg/config/defaults/defaultconfig.go | 2 +- .../sharing/pkg/config/defaults/defaultconfig.go | 15 ++++++++++++++- .../pkg/config/defaults/defaultconfig.go | 2 +- 8 files changed, 21 insertions(+), 8 deletions(-) diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 65765fa8def..70bd36d54da 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -117,7 +117,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.TransferSecret = cfg.Commons.TransferSecret - } else { + } else if cfg.TransferSecret == "" { log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/gateway/pkg/config/defaults/defaultconfig.go b/extensions/gateway/pkg/config/defaults/defaultconfig.go index 9554c835987..d22b3c95ede 100644 --- a/extensions/gateway/pkg/config/defaults/defaultconfig.go +++ b/extensions/gateway/pkg/config/defaults/defaultconfig.go @@ -105,7 +105,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.TransferSecret = cfg.Commons.TransferSecret - } else { + } else if cfg.TransferSecret == "" { log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/notifications/pkg/config/defaults/defaultconfig.go b/extensions/notifications/pkg/config/defaults/defaultconfig.go index 835612a9212..d9622050f97 100644 --- a/extensions/notifications/pkg/config/defaults/defaultconfig.go +++ b/extensions/notifications/pkg/config/defaults/defaultconfig.go @@ -55,7 +55,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Notifications.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.Notifications.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else { + } else if cfg.Notifications.MachineAuthAPIKey == "" { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 1037246d4ca..7b5359b5df1 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -92,7 +92,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else { + } else if cfg.MachineAuthAPIKey == "" { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index c312178dd30..1cd4294dff7 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -188,7 +188,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else { + } else if cfg.MachineAuthAPIKey == "" { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index 2b7124e204f..fd04461a2fe 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -95,7 +95,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else { + } else if cfg.MachineAuthAPIKey == "" { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/sharing/pkg/config/defaults/defaultconfig.go b/extensions/sharing/pkg/config/defaults/defaultconfig.go index 8d69e2ca1d1..71c66ab8dc7 100644 --- a/extensions/sharing/pkg/config/defaults/defaultconfig.go +++ b/extensions/sharing/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,7 @@ package defaults import ( + "log" "path/filepath" "github.com/owncloud/ocis/extensions/sharing/pkg/config" @@ -114,13 +115,25 @@ func EnsureDefaults(cfg *config.Config) { cfg.Reva = &config.Reva{} } - if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { + if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { cfg.TokenManager = &config.TokenManager{ JWTSecret: cfg.Commons.TokenManager.JWTSecret, } } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } + + if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.UserSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { + log.Fatalf("machine auth api key for the cs3 user sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + } + + if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { + log.Fatalf("machine auth api key for the cs3 public sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go index 75a71ae43cf..dd8b57d2116 100644 --- a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go +++ b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go @@ -76,7 +76,7 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Thumbnail.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.Thumbnail.TransferSecret = cfg.Commons.TransferSecret - } else { + } else if cfg.TransferSecret == "" { log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } From a261fc8c883d537806c1c6bed83f0cdc945ee491 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 15:01:31 +0200 Subject: [PATCH 15/59] cleanup --- extensions/gateway/pkg/config/config.go | 11 ++--- ocis/pkg/command/init.go | 59 +------------------------ 2 files changed, 7 insertions(+), 63 deletions(-) diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index 720083a64b1..dfc34077fb3 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -4,11 +4,12 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` - Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + + Service Service `yaml:"-"` + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"supervised,omitempty"` GRPC GRPCConfig `yaml:"grpc,omitempty"` diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 127faba5bc3..f3d9545acd3 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -90,35 +90,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { } cfg := config.Config{ TokenManager: &shared.TokenManager{}, - //Accounts: &accounts.Config{}, - //Audit: &audit.Config{}, - //GLAuth: &glauth.Config{}, - //GraphExplorer: &graphExplorer.Config{}, - //Graph: &graph.Config{}, IDM: &idm.Config{}, - //IDP: &idp.Config{}, - //Nats: &nats.Config{}, - //Notifications: ¬ifications.Config{}, - //Proxy: &proxy.Config{}, - //OCS: &ocs.Config{}, - //Settings: &settings.Config{}, - // TODO: fix storage - //AuthBasic: &authbasic.Config{}, - //AuthBearer: &authbearer.Config{}, - //AppProvider: &appprovider.Config{}, - //AuthMachine: &authmachine.Config{}, - //Gateway: &gateway.Config{}, - //Group: &group.Config{}, - //Sharing: &sharing.Config{}, - //StorageMetadata: &storagemetadata.Config{}, - //StorageUsers: &storageusers.Config{}, - //StorageShares: &storageshares.Config{}, - //StoragePublicLink: &storagepublic.Config{}, - //User: &user.Config{}, - //OCDav: &ocdav.Config{}, - //Thumbnails: &thumbnails.Config{}, - //Web: &web.Config{}, - //WebDAV: &webdav.Config{}, } if insecure { @@ -163,41 +135,12 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.MachineAuthAPIKey = machineAuthApiKey cfg.TransferSecret = revaTransferSecret cfg.TokenManager.JWTSecret = tokenManagerJwtSecret - //cfg.Commons.TokenManager.JWTSecret = tokenManagerJwtSecret - //cfg.Accounts.TokenManager.JWTSecret = tokenManagerJwtSecret - //cfg.Graph.TokenManager.JWTSecret = tokenManagerJwtSecret - //fmt.Printf("%v\n", cfg.Graph.TokenManager) + cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword - //cfg.Notifications.Notifications.MachineAuthAPIKey = machineAuthSecret - //cfg.OCS.MachineAuthAPIKey = machineAuthSecret - //cfg.Proxy.TokenManager.JWTSecret = tokenManagerJwtSecret - //fmt.Printf("%v\n", cfg.Proxy.TokenManager) - //cfg.Proxy.MachineAuthAPIKey = machineAuthSecret - //cfg.Settings.Metadata.MachineAuthAPIKey = machineAuthSecret - //cfg.Settings.TokenManager.JWTSecret = tokenManagerJwtSecret - - //TODO: move all jwt secrets to shared.common - //cfg.AppProvider.JWTSecret = tokenManagerJwtSecret - //cfg.AuthBasic.JWTSecret = tokenManagerJwtSecret - //cfg.AuthBearer.JWTSecret = tokenManagerJwtSecret - //cfg.AuthMachine.JWTSecret = tokenManagerJwtSecret - //cfg.Gateway.JWTSecret = tokenManagerJwtSecret - //cfg.Group.JWTSecret = tokenManagerJwtSecret - //cfg.Sharing.JWTSecret = tokenManagerJwtSecret - //cfg.StorageMetadata.JWTSecret = tokenManagerJwtSecret - //cfg.StoragePublicLink.JWTSecret = tokenManagerJwtSecret - //cfg.StorageShares.JWTSecret = tokenManagerJwtSecret - //cfg.StorageUsers.JWTSecret = tokenManagerJwtSecret - //cfg.User.JWTSecret = tokenManagerJwtSecret - //cfg.OCDav.JWTSecret = tokenManagerJwtSecret - - //TODO: following line is defunc, figure out why - //cfg.Gateway.MachineAuthAPIKey = machineAuthApiKey - //cfg.Thumbnails.Thumbnail.TransferSecret = revaTransferTokenSecret yamlOutput, err := yaml.Marshal(cfg) if err != nil { return fmt.Errorf("could not marshall config into yaml: %s", err) From 5b572b38529de047191d27c8389d0f605401d693 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 15:46:17 +0200 Subject: [PATCH 16/59] initialize insecure options --- extensions/auth-bearer/pkg/config/config.go | 24 +++--- extensions/frontend/pkg/config/config.go | 96 ++++++++++----------- extensions/graph/pkg/config/config.go | 10 +-- ocis/pkg/command/init.go | 49 ++++++++++- 4 files changed, 111 insertions(+), 68 deletions(-) diff --git a/extensions/auth-bearer/pkg/config/config.go b/extensions/auth-bearer/pkg/config/config.go index 97fcd5ee6cd..644ae43feda 100644 --- a/extensions/auth-bearer/pkg/config/config.go +++ b/extensions/auth-bearer/pkg/config/config.go @@ -38,25 +38,25 @@ type Service struct { } type Debug struct { - Addr string `yaml:"addr" env:"AUTH_BEARER_DEBUG_ADDR"` - Token string `yaml:"token" env:"AUTH_BEARER_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof" env:"AUTH_BEARER_DEBUG_PPROF"` - Zpages bool `yaml:"zpages" env:"AUTH_BEARER_DEBUG_ZPAGES"` + Addr string `yaml:"addr,omitempty" env:"AUTH_BEARER_DEBUG_ADDR"` + Token string `yaml:"token,omitempty" env:"AUTH_BEARER_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof,omitempty" env:"AUTH_BEARER_DEBUG_PPROF"` + Zpages bool `yaml:"zpages,omitempty" env:"AUTH_BEARER_DEBUG_ZPAGES"` } type GRPCConfig struct { - Addr string `yaml:"addr" env:"AUTH_BEARER_GRPC_ADDR" desc:"The address of the grpc service."` - Protocol string `yaml:"protocol" env:"AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` + Addr string `yaml:"addr,omitempty" env:"AUTH_BEARER_GRPC_ADDR" desc:"The address of the grpc service."` + Protocol string `yaml:"protocol,omitempty" env:"AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` } type AuthProviders struct { - OIDC OIDCProvider `yaml:"oidc"` + OIDC OIDCProvider `yaml:"oidc,omitempty"` } type OIDCProvider struct { - Issuer string `yaml:"issuer" env:"OCIS_URL;AUTH_BEARER_OIDC_ISSUER"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE"` - IDClaim string `yaml:"id_claim"` - UIDClaim string `yaml:"uid_claim"` - GIDClaim string `yaml:"gid_claim"` + Issuer string `yaml:"issuer,omitempty" env:"OCIS_URL;AUTH_BEARER_OIDC_ISSUER"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE"` + IDClaim string `yaml:"id_claim,omitempty"` + UIDClaim string `yaml:"uid_claim,omitempty"` + GIDClaim string `yaml:"gid_claim,omitempty"` } diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index 5a4ba7354fa..8e183281fcd 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -5,51 +5,51 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing"` - Logging *Logging `yaml:"log"` - Debug Debug `yaml:"debug"` - Supervised bool + Tracing *Tracing `yaml:"tracing,omitempty"` + Logging *Logging `yaml:"log,omitempty"` + Debug Debug `yaml:"debug,omitempty"` + Supervised bool `yaml:"-"` - HTTP HTTPConfig `yaml:"http"` + HTTP HTTPConfig `yaml:"http,omitempty"` // JWTSecret used to verify reva access token - TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` + TransferSecret string `yaml:"transfer_secret,omitempty" env:"STORAGE_TRANSFER_SECRET"` TokenManager *TokenManager `yaml:"token_manager,omitempty"` Reva *Reva `yaml:"reva,omitempty"` - SkipUserGroupsInToken bool + SkipUserGroupsInToken bool `yaml:"skip_users_groups_in_token,omitempty"` - EnableFavorites bool `yaml:"favorites"` - EnableProjectSpaces bool - UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` - UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` - DefaultUploadProtocol string `yaml:"default_upload_protocol"` + EnableFavorites bool `yaml:"favorites,omitempty"` + EnableProjectSpaces bool `yaml:"enable_project_spaces,omitempty"` + UploadMaxChunkSize int `yaml:"upload_max_chunk_size,omitempty"` + UploadHTTPMethodOverride string `yaml:"upload_http_method_override,omitempty"` + DefaultUploadProtocol string `yaml:"default_upload_protocol,omitempty"` - PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` + PublicURL string `yaml:"public_url,omitempty" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` - Archiver Archiver - AppProvider AppProvider - DataGateway DataGateway - OCS OCS - AuthMachine AuthMachine - Checksums Checksums + Archiver Archiver `yaml:"archiver,omitempty"` + AppProvider AppProvider `yaml:"app_provider,omitempty"` + DataGateway DataGateway `yaml:"data_gateway,omitempty"` + OCS OCS `yaml:"ocs,omitempty"` + AuthMachine AuthMachine `yaml:"auth_machine,omitempty"` + Checksums Checksums `yaml:"checksums,omitempty"` - Middleware Middleware + Middleware Middleware `yaml:"middleware,omitempty"` } type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing."` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR"` + Enabled bool `yaml:"enabled,omitempty" env:"OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing."` + Type string `yaml:"type,omitempty" env:"OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE"` + Endpoint string `yaml:"endpoint,omitempty" env:"OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` + Collector string `yaml:"collector,omitempty" env:"OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR"` } type Logging struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level."` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output."` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output."` - File string `yaml:"file" env:"OCIS_LOG_FILE;FRONTEND_LOG_FILE" desc:"The target log file."` + Level string `yaml:"level,omitempty" env:"OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level."` + Pretty bool `yaml:"pretty,omitempty" env:"OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output."` + Color bool `yaml:"color,omitempty" env:"OCIS_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output."` + File string `yaml:"file,omitempty" env:"OCIS_LOG_FILE;FRONTEND_LOG_FILE" desc:"The target log file."` } type Service struct { @@ -57,44 +57,44 @@ type Service struct { } type Debug struct { - Addr string `yaml:"addr" env:"FRONTEND_DEBUG_ADDR"` - Token string `yaml:"token" env:"FRONTEND_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof" env:"FRONTEND_DEBUG_PPROF"` - Zpages bool `yaml:"zpages" env:"FRONTEND_DEBUG_ZPAGES"` + Addr string `yaml:"addr,omitempty" env:"FRONTEND_DEBUG_ADDR"` + Token string `yaml:"token,omitempty" env:"FRONTEND_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof,omitempty" env:"FRONTEND_DEBUG_PPROF"` + Zpages bool `yaml:"zpages,omitempty" env:"FRONTEND_DEBUG_ZPAGES"` } type HTTPConfig struct { - Addr string `yaml:"addr" env:"FRONTEND_HTTP_ADDR" desc:"The address of the http service."` - Protocol string `yaml:"protocol" env:"FRONTEND_HTTP_PROTOCOL" desc:"The transport protocol of the http service."` - Prefix string `yaml:"prefix"` + Addr string `yaml:"addr,omitempty" env:"FRONTEND_HTTP_ADDR" desc:"The address of the http service."` + Protocol string `yaml:"protocol,omitempty" env:"FRONTEND_HTTP_PROTOCOL" desc:"The transport protocol of the http service."` + Prefix string `yaml:"prefix,omitempty"` } // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth"` + Auth Auth `yaml:"auth,omitempty"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agent,omitempty"` } type Archiver struct { - MaxNumFiles int64 `yaml:"max_num_files"` - MaxSize int64 `yaml:"max_size"` - Prefix string - Insecure bool `env:"OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE"` + MaxNumFiles int64 `yaml:"max_num_files,omitempty"` + MaxSize int64 `yaml:"max_size,omitempty"` + Prefix string `yaml:"-"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE"` } type AppProvider struct { - ExternalAddr string `yaml:"external_addr"` - Driver string `yaml:"driver"` + ExternalAddr string `yaml:"external_addr,omitempty"` + Driver string `yaml:"driver,omitempty"` // WopiDriver WopiDriver `yaml:"wopi_driver"` - AppsURL string `yaml:"apps_url"` - OpenURL string `yaml:"open_url"` - NewURL string `yaml:"new_url"` - Prefix string - Insecure bool `env:"OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE"` + AppsURL string `yaml:"-"` + OpenURL string `yaml:"-"` + NewURL string `yaml:"-"` + Prefix string `yaml:"-"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE"` } type DataGateway struct { diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 174bcabd629..31133ad5c3b 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -29,11 +29,11 @@ type Config struct { } type Spaces struct { - WebDavBase string `yaml:"webdav_base" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE"` - WebDavPath string `yaml:"webdav_path" env:"GRAPH_SPACES_WEBDAV_PATH"` - DefaultQuota string `yaml:"default_quota" env:"GRAPH_SPACES_DEFAULT_QUOTA"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;GRAPH_SPACES_INSECURE"` - ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL"` + WebDavBase string `yaml:"webdav_base,omitempty" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE"` + WebDavPath string `yaml:"webdav_path,omitempty" env:"GRAPH_SPACES_WEBDAV_PATH"` + DefaultQuota string `yaml:"default_quota,omitempty" env:"GRAPH_SPACES_DEFAULT_QUOTA"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;GRAPH_SPACES_INSECURE"` + ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl,omitempty" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL"` } type LDAP struct { diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index f3d9545acd3..ba63aac071b 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -17,8 +17,15 @@ import ( cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" + authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" + frontend "github.com/owncloud/ocis/extensions/frontend/pkg/config" + graph "github.com/owncloud/ocis/extensions/graph/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" + ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" + storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" + storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config" + thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" ) const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file @@ -90,12 +97,48 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { } cfg := config.Config{ TokenManager: &shared.TokenManager{}, - IDM: &idm.Config{}, + IDM: &idm.Config{}, } if insecure { - cfg.Proxy = &proxy.Config{} - cfg.Proxy.InsecureBackends = insecure + cfg.Proxy = &proxy.Config{ + InsecureBackends: true, + } + cfg.AuthBearer = &authbearer.Config{ + AuthProviders: authbearer.AuthProviders{ + OIDC: authbearer.OIDCProvider{ + Insecure: true, + }, + }, + } + cfg.Frontend = &frontend.Config{ + AppProvider: frontend.AppProvider{ + Insecure: true, + }, + Archiver: frontend.Archiver{ + Insecure: true, + }, + } + cfg.Graph = &graph.Config{ + Spaces: graph.Spaces{ + Insecure: true, + }, + } + cfg.OCDav = &ocdav.Config{ + Insecure: true, + } + cfg.StorageMetadata = &storagemetadata.Config{ + DataProviderInsecure: true, + } + cfg.StorageUsers = &storageusers.Config{ + DataProviderInsecure: true, + } + cfg.Thumbnails = &thumbnails.Config{ + Thumbnail: thumbnails.Thumbnail{ + WebdavAllowInsecure: true, + CS3AllowInsecure: true, + }, + } } idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) From 4043f181b12946e9a51eeda92ed111304c60df14 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Wed, 27 Apr 2022 17:00:31 +0200 Subject: [PATCH 17/59] set generate ldap secrets --- extensions/auth-basic/pkg/config/config.go | 42 ++++++++-------- .../pkg/config/defaults/defaultconfig.go | 2 - .../pkg/config/defaults/defaultconfig.go | 13 +++-- .../pkg/config/defaults/defaultconfig.go | 3 -- extensions/graph/pkg/config/config.go | 48 +++++++++---------- extensions/group/pkg/config/config.go | 44 ++++++++--------- .../pkg/config/defaults/defaultconfig.go | 1 - .../idm/pkg/config/defaults/defaultconfig.go | 6 --- extensions/idp/pkg/config/config.go | 28 +++++------ .../pkg/config/defaults/defaultconfig.go | 2 - extensions/user/pkg/config/config.go | 44 ++++++++--------- .../user/pkg/config/defaults/defaultconfig.go | 1 - ocis/pkg/command/init.go | 38 +++++++++++++-- 13 files changed, 145 insertions(+), 127 deletions(-) diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 5e4ed4943fa..079c57dcc50 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -50,9 +50,9 @@ type GRPCConfig struct { } type AuthProviders struct { - JSON JSONProvider `yaml:"json"` - LDAP LDAPProvider `yaml:"ldap"` - OwnCloudSQL OwnCloudSQLProvider `yaml:"owncloud_sql"` + JSON JSONProvider `yaml:"json,omitempty"` + LDAP LDAPProvider `yaml:"ldap,omitempty"` + OwnCloudSQL OwnCloudSQLProvider `yaml:"owncloud_sql,omitempty"` } type JSONProvider struct { @@ -60,24 +60,24 @@ type JSONProvider struct { } type LDAPProvider struct { - URI string `env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` - CACert string `env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` - Insecure bool `env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` - BindDN string `env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` - UserBaseDN string `env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` - GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` - UserScope string `env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` - GroupScope string `env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` - UserFilter string `env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` - GroupFilter string `env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` - UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` - IDP string `env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? - GatewayEndpoint string // TODO do we need this here? - UserSchema LDAPUserSchema - GroupSchema LDAPGroupSchema + URI string `yaml:",omitempty" env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` + CACert string `yaml:",omitempty" env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` + Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` + BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` + BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` + GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` + GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` + UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:",omitempty" env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:",omitempty"` + GroupSchema LDAPGroupSchema `yaml:",omitempty"` } type LDAPUserSchema struct { diff --git a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go index 2b1c25d7d56..3f5f851b9d1 100644 --- a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go @@ -49,7 +49,6 @@ func DefaultConfig() *config.Config { UserObjectClass: "inetOrgPerson", GroupObjectClass: "groupOfNames", BindDN: "uid=reva,ou=sysusers,o=libregraph-idm", - BindPassword: "reva", IDP: "https://localhost:9200", UserSchema: config.LDAPUserSchema{ ID: "ownclouduuid", @@ -68,7 +67,6 @@ func DefaultConfig() *config.Config { JSON: config.JSONProvider{}, OwnCloudSQL: config.OwnCloudSQLProvider{ DBUsername: "owncloud", - DBPassword: "secret", DBHost: "mysql", DBPort: 3306, DBName: "owncloud", diff --git a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go index 4b8e3368e5b..9f85d6720b2 100644 --- a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go @@ -1,6 +1,8 @@ package defaults import ( + "log" + "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" ) @@ -31,11 +33,6 @@ func DefaultConfig() *config.Config { Address: "127.0.0.1:9142", }, AuthProvider: "ldap", - AuthProviders: config.AuthProviders{ - Machine: config.MachineProvider{ - APIKey: "change-me-please", - }, - }, } } @@ -78,6 +75,12 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.TokenManager == nil { cfg.TokenManager = &config.TokenManager{} } + + if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } else if cfg.MachineAuthAPIKey == "" { + log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } } func Sanitize(cfg *config.Config) { diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 70bd36d54da..485b0d2e5c6 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -64,9 +64,6 @@ func DefaultConfig() *config.Config { AdditionalInfoAttribute: "{{.Mail}}", ResourceInfoCacheTTL: 0, }, - AuthMachine: config.AuthMachine{ - APIKey: "change-me-please", - }, Middleware: config.Middleware{ Auth: config.Auth{ CredentialsByUserAgent: map[string]string{}, diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 31133ad5c3b..16768294fb3 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -37,37 +37,37 @@ type Spaces struct { } type LDAP struct { - URI string `yaml:"uri" env:"LDAP_URI;GRAPH_LDAP_URI"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;GRAPH_LDAP_INSECURE"` - BindDN string `yaml:"bind_dn" env:"LDAP_BIND_DN;GRAPH_LDAP_BIND_DN"` - BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD"` - UseServerUUID bool `yaml:"use_server_uuid" env:"GRAPH_LDAP_SERVER_UUID"` - WriteEnabled bool `yaml:"write_enabled" env:"GRAPH_LDAP_SERVER_WRITE_ENABLED"` + URI string `yaml:"uri,omitempty" env:"LDAP_URI;GRAPH_LDAP_URI"` + Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;GRAPH_LDAP_INSECURE"` + BindDN string `yaml:"bind_dn,omitempty" env:"LDAP_BIND_DN;GRAPH_LDAP_BIND_DN"` + BindPassword string `yaml:"bind_password,omitempty" env:"LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD"` + UseServerUUID bool `yaml:"use_server_uuid,omitempty" env:"GRAPH_LDAP_SERVER_UUID"` + WriteEnabled bool `yaml:"write_enabled,omitempty" env:"GRAPH_LDAP_SERVER_WRITE_ENABLED"` - UserBaseDN string `yaml:"user_base_dn" env:"LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN"` - UserSearchScope string `yaml:"user_search_scope" env:"LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE"` - UserFilter string `yaml:"user_filter" env:"LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER"` - UserObjectClass string `yaml:"user_objectclass" env:"LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS"` - UserEmailAttribute string `yaml:"user_mail_attribute" env:"LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE"` - UserDisplayNameAttribute string `yaml:"user_displayname_attribute" env:"LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE"` - UserNameAttribute string `yaml:"user_name_attribute" env:"LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE"` - UserIDAttribute string `yaml:"user_id_attribute" env:"LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE"` + UserBaseDN string `yaml:"user_base_dn,omitempty" env:"LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN"` + UserSearchScope string `yaml:"user_search_scope,omitempty" env:"LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE"` + UserFilter string `yaml:"user_filter,omitempty" env:"LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER"` + UserObjectClass string `yaml:"user_objectclass,omitempty" env:"LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS"` + UserEmailAttribute string `yaml:"user_mail_attribute,omitempty" env:"LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE"` + UserDisplayNameAttribute string `yaml:"user_displayname_attribute,omitempty" env:"LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE"` + UserNameAttribute string `yaml:"user_name_attribute,omitempty" env:"LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE"` + UserIDAttribute string `yaml:"user_id_attribute,omitempty" env:"LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE"` - GroupBaseDN string `yaml:"group_base_dn" env:"LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN"` - GroupSearchScope string `yaml:"group_search_scope" env:"LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE"` - GroupFilter string `yaml:"group_filter" env:"LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER"` - GroupObjectClass string `yaml:"group_objectclass" env:"LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS"` - GroupNameAttribute string `yaml:"group_name_attribute" env:"LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE"` - GroupIDAttribute string `yaml:"group_id_attribute" env:"LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE"` + GroupBaseDN string `yaml:"group_base_dn,omitempty" env:"LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN"` + GroupSearchScope string `yaml:"group_search_scope,omitempty" env:"LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE"` + GroupFilter string `yaml:"group_filter,omitempty" env:"LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER"` + GroupObjectClass string `yaml:"group_objectclass,omitempty" env:"LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS"` + GroupNameAttribute string `yaml:"group_name_attribute,omitempty" env:"LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE"` + GroupIDAttribute string `yaml:"group_id_attribute,omitempty" env:"LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE"` } type Identity struct { - Backend string `yaml:"backend" env:"GRAPH_IDENTITY_BACKEND"` - LDAP LDAP `yaml:"ldap"` + Backend string `yaml:"backend,omitempty" env:"GRAPH_IDENTITY_BACKEND"` + LDAP LDAP `yaml:"ldap,omitempty"` } // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"events_endpoint" env:"GRAPH_EVENTS_ENDPOINT" desc:"the address of the streaming service"` - Cluster string `yaml:"events_cluster" env:"GRAPH_EVENTS_CLUSTER" desc:"the clusterID of the streaming service. Mandatory when using nats"` + Endpoint string `yaml:"events_endpoint,omitempty" env:"GRAPH_EVENTS_ENDPOINT" desc:"the address of the streaming service"` + Cluster string `yaml:"events_cluster,omitempty" env:"GRAPH_EVENTS_CLUSTER" desc:"the clusterID of the streaming service. Mandatory when using nats"` } diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index eb3d6ab8b59..e6c46d54fb7 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver - LDAP LDAPDriver - OwnCloudSQL OwnCloudSQLDriver - REST RESTProvider + JSON JSONDriver `yaml:",omitempty"` + LDAP LDAPDriver `yaml:",omitempty"` + OwnCloudSQL OwnCloudSQLDriver `yaml:",omitempty"` + REST RESTProvider `yaml:",omitempty"` } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `env:"LDAP_URI;GROUPS_LDAP_URI"` - CACert string `env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` - Insecure bool `env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` - BindDN string `env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` - UserBaseDN string `env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` - GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` - UserScope string `env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` - GroupScope string `env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` - UserFilter string `env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` - GroupFilter string `env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` - UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string // TODO do we need this here? - UserSchema LDAPUserSchema - GroupSchema LDAPGroupSchema + URI string `yaml:",omitempty" env:"LDAP_URI;GROUPS_LDAP_URI"` + CACert string `yaml:",omitempty" env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` + Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` + BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` + BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` + GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` + GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` + UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:",omitempty" env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:",omitempty"` + GroupSchema LDAPGroupSchema `yaml:",omitempty"` } type LDAPUserSchema struct { diff --git a/extensions/group/pkg/config/defaults/defaultconfig.go b/extensions/group/pkg/config/defaults/defaultconfig.go index 961edc84632..9500016057b 100644 --- a/extensions/group/pkg/config/defaults/defaultconfig.go +++ b/extensions/group/pkg/config/defaults/defaultconfig.go @@ -50,7 +50,6 @@ func DefaultConfig() *config.Config { UserObjectClass: "inetOrgPerson", GroupObjectClass: "groupOfNames", BindDN: "uid=reva,ou=sysusers,o=libregraph-idm", - BindPassword: "reva", IDP: "https://localhost:9200", UserSchema: config.LDAPUserSchema{ ID: "ownclouduuid", diff --git a/extensions/idm/pkg/config/defaults/defaultconfig.go b/extensions/idm/pkg/config/defaults/defaultconfig.go index 983db3c0718..dada552c043 100644 --- a/extensions/idm/pkg/config/defaults/defaultconfig.go +++ b/extensions/idm/pkg/config/defaults/defaultconfig.go @@ -22,12 +22,6 @@ func DefaultConfig() *config.Config { Name: "idm", }, CreateDemoUsers: false, - ServiceUserPasswords: config.ServiceUserPasswords{ - OcisAdmin: "admin", - Idm: "idm", - Idp: "idp", - Reva: "reva", - }, IDM: config.Settings{ LDAPSAddr: "127.0.0.1:9235", Cert: path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"), diff --git a/extensions/idp/pkg/config/config.go b/extensions/idp/pkg/config/config.go index 41e6cdf8cb6..2d697a9c857 100644 --- a/extensions/idp/pkg/config/config.go +++ b/extensions/idp/pkg/config/config.go @@ -27,28 +27,28 @@ type Config struct { // Ldap defines the available LDAP configuration. type Ldap struct { - URI string `yaml:"uri" env:"LDAP_URI;IDP_LDAP_URI"` - TLSCACert string `yaml:"cacert" env:"LDAP_CACERT;IDP_LDAP_TLS_CACERT"` + URI string `yaml:"uri,omitempty" env:"LDAP_URI;IDP_LDAP_URI"` + TLSCACert string `yaml:"cacert,omitempty" env:"LDAP_CACERT;IDP_LDAP_TLS_CACERT"` - BindDN string `yaml:"bind_dn" env:"LDAP_BIND_DN;IDP_LDAP_BIND_DN"` - BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD"` + BindDN string `yaml:"bind_dn,omitempty" env:"LDAP_BIND_DN;IDP_LDAP_BIND_DN"` + BindPassword string `yaml:"bind_password,omitempty" env:"LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD"` - BaseDN string `yaml:"base_dn" env:"LDAP_USER_BASE_DN,IDP_LDAP_BASE_DN"` - Scope string `yaml:"scope" env:"LDAP_USER_SCOPE;IDP_LDAP_SCOPE"` + BaseDN string `yaml:"base_dn,omitempty" env:"LDAP_USER_BASE_DN,IDP_LDAP_BASE_DN"` + Scope string `yaml:"scope,omitempty" env:"LDAP_USER_SCOPE;IDP_LDAP_SCOPE"` - LoginAttribute string `yaml:"login_attribute" env:"IDP_LDAP_LOGIN_ATTRIBUTE"` - EmailAttribute string `yaml:"email_attribute" env:"LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE"` - NameAttribute string `yaml:"name_attribute" env:"LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE"` - UUIDAttribute string `yaml:"uuid_attribute" env:"LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE"` - UUIDAttributeType string `yaml:"uuid_attribute_type" env:"IDP_LDAP_UUID_ATTRIBUTE_TYPE"` + LoginAttribute string `yaml:"login_attribute,omitempty" env:"IDP_LDAP_LOGIN_ATTRIBUTE"` + EmailAttribute string `yaml:"email_attribute,omitempty" env:"LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE"` + NameAttribute string `yaml:"name_attribute,omitempty" env:"LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE"` + UUIDAttribute string `yaml:"uuid_attribute,omitempty" env:"LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE"` + UUIDAttributeType string `yaml:"uuid_attribute_type,omitempty" env:"IDP_LDAP_UUID_ATTRIBUTE_TYPE"` - Filter string `yaml:"filter" env:"LDAP_USER_FILTER;IDP_LDAP_FILTER"` - ObjectClass string `yaml:"objectclass" env:"LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS"` + Filter string `yaml:"filter,omitempty" env:"LDAP_USER_FILTER;IDP_LDAP_FILTER"` + ObjectClass string `yaml:"objectclass,omitempty" env:"LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS"` } // Asset defines the available asset configuration. type Asset struct { - Path string `yaml:"asset" env:"IDP_ASSET_PATH"` + Path string `yaml:"asset,omitempty" env:"IDP_ASSET_PATH"` } type Settings struct { diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index 5ac640a5172..dbfb6a22192 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -57,7 +57,6 @@ func DefaultConfig() *config.Config { UserObjectClass: "inetOrgPerson", GroupObjectClass: "groupOfNames", BindDN: "uid=reva,ou=sysusers,o=libregraph-idm", - BindPassword: "reva", IDP: defaultPublicURL, UserSchema: config.LDAPUserSchema{ ID: "ownclouduuid", @@ -81,7 +80,6 @@ func DefaultConfig() *config.Config { }, UserOwnCloudSQL: config.UserOwnCloudSQL{ DBUsername: "owncloud", - DBPassword: "secret", DBHost: "mysql", DBPort: 3306, DBName: "owncloud", diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index 48ee5cdb81c..ccd3b21f978 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver - LDAP LDAPDriver - OwnCloudSQL OwnCloudSQLDriver - REST RESTProvider + JSON JSONDriver `yaml:",omitempty"` + LDAP LDAPDriver `yaml:",omitempty"` + OwnCloudSQL OwnCloudSQLDriver `yaml:",omitempty"` + REST RESTProvider `yaml:",omitempty"` } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `env:"LDAP_URI;USERS_LDAP_URI"` - CACert string `env:"LDAP_CACERT;USERS_LDAP_CACERT"` - Insecure bool `env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` - BindDN string `env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` - UserBaseDN string `env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` - GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` - UserScope string `env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` - GroupScope string `env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` - UserFilter string `env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` - GroupFilter string `env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` - UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string // TODO do we need this here? - UserSchema LDAPUserSchema - GroupSchema LDAPGroupSchema + URI string `yaml:",omitempty" env:"LDAP_URI;USERS_LDAP_URI"` + CACert string `yaml:",omitempty" env:"LDAP_CACERT;USERS_LDAP_CACERT"` + Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` + BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` + BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` + GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` + GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` + UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:",omitempty" env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:",omitempty"` + GroupSchema LDAPGroupSchema `yaml:",omitempty"` } type LDAPUserSchema struct { diff --git a/extensions/user/pkg/config/defaults/defaultconfig.go b/extensions/user/pkg/config/defaults/defaultconfig.go index 628948566d7..f20c546123b 100644 --- a/extensions/user/pkg/config/defaults/defaultconfig.go +++ b/extensions/user/pkg/config/defaults/defaultconfig.go @@ -50,7 +50,6 @@ func DefaultConfig() *config.Config { UserObjectClass: "inetOrgPerson", GroupObjectClass: "groupOfNames", BindDN: "uid=reva,ou=sysusers,o=libregraph-idm", - BindPassword: "reva", IDP: "https://localhost:9200", UserSchema: config.LDAPUserSchema{ ID: "ownclouduuid", diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index ba63aac071b..693b49a4b77 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -17,15 +17,19 @@ import ( cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" + authbasic "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" frontend "github.com/owncloud/ocis/extensions/frontend/pkg/config" graph "github.com/owncloud/ocis/extensions/graph/pkg/config" + group "github.com/owncloud/ocis/extensions/group/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" + idp "github.com/owncloud/ocis/extensions/idp/pkg/config" ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config" proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config" thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" + user "github.com/owncloud/ocis/extensions/user/pkg/config" ) const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file @@ -98,12 +102,25 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg := config.Config{ TokenManager: &shared.TokenManager{}, IDM: &idm.Config{}, + AuthBasic: &authbasic.Config{ + AuthProviders: authbasic.AuthProviders{ + LDAP: authbasic.LDAPProvider{}, + }, + }, + Group: &group.Config{ + Drivers: group.Drivers{ + LDAP: group.LDAPDriver{}, + }, + }, + User: &user.Config{ + Drivers: user.Drivers{ + LDAP: user.LDAPDriver{}, + }, + }, + IDP: &idp.Config{}, } if insecure { - cfg.Proxy = &proxy.Config{ - InsecureBackends: true, - } cfg.AuthBearer = &authbearer.Config{ AuthProviders: authbearer.AuthProviders{ OIDC: authbearer.OIDCProvider{ @@ -127,6 +144,10 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.OCDav = &ocdav.Config{ Insecure: true, } + cfg.Proxy = &proxy.Config{ + InsecureBackends: true, + } + cfg.StorageMetadata = &storagemetadata.Config{ DataProviderInsecure: true, } @@ -139,6 +160,7 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { CS3AllowInsecure: true, }, } + } idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) @@ -180,9 +202,17 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { cfg.TokenManager.JWTSecret = tokenManagerJwtSecret cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword + cfg.Graph.Identity.LDAP.BindPassword = idmServicePassword + cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword - cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword + cfg.IDP.Ldap.BindPassword = idpServicePassword + cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword + cfg.AuthBasic.AuthProviders.LDAP.BindPassword = revaServicePassword + cfg.Group.Drivers.LDAP.BindPassword = revaServicePassword + cfg.User.Drivers.LDAP.BindPassword = revaServicePassword + + cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword yamlOutput, err := yaml.Marshal(cfg) if err != nil { From 31656e1a97be60aa143b715fcc337af3359a946f Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 08:48:32 +0200 Subject: [PATCH 18/59] remove TODOs --- ocis/pkg/command/init.go | 5 ----- 1 file changed, 5 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 693b49a4b77..21c2f6ab2d1 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -192,11 +192,6 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } - // TODO: IDP config is missing (LDAP + GROUP provider) - // TODO: REVA config is missing (LDAP + GROUP provider) - // TODO: graph needs IDM password configured - // TODO: add missing insecure occurences - cfg.MachineAuthAPIKey = machineAuthApiKey cfg.TransferSecret = revaTransferSecret cfg.TokenManager.JWTSecret = tokenManagerJwtSecret From 4a9b31f3b48f1689bb348da494fb8ebfd01c2795 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 08:49:44 +0200 Subject: [PATCH 19/59] fix machineauth to right machine auth api key --- .../auth-machine/pkg/config/defaults/defaultconfig.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go index 9f85d6720b2..14be9c67d18 100644 --- a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go @@ -76,9 +76,9 @@ func EnsureDefaults(cfg *config.Config) { cfg.TokenManager = &config.TokenManager{} } - if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { - cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.MachineAuthAPIKey == "" { + if cfg.AuthProviders.Machine.APIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.AuthProviders.Machine.APIKey = cfg.Commons.MachineAuthAPIKey + } else if cfg.AuthProviders.Machine.APIKey == "" { log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } From 83f75bf089e72b955a59d58d53d8b776760a3642 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 10:05:51 +0200 Subject: [PATCH 20/59] fix ginko testsuite --- .vscode/launch.json | 8 ++++---- extensions/graph/pkg/config/defaults/defaultconfig.go | 9 +++++++++ extensions/graph/pkg/service/v0/graph_suite_test.go | 2 +- extensions/graph/pkg/service/v0/graph_test.go | 4 ++-- extensions/ocs/pkg/server/http/svc_test.go | 3 +++ ocis-pkg/crypto/crypto_suite_test.go | 2 +- ocis-pkg/crypto/crypto_test.go | 2 +- 7 files changed, 21 insertions(+), 9 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 52d4b840873..4332cf2e1ab 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -12,11 +12,11 @@ ], "env": { // log settings for human developers - //"OCIS_LOG_LEVEL": "debug", - //"OCIS_LOG_PRETTY": "true", - //"OCIS_LOG_COLOR": "true", + "OCIS_LOG_LEVEL": "debug", + "OCIS_LOG_PRETTY": "true", + "OCIS_LOG_COLOR": "true", // enable basic auth for dev setup so that we can use curl for testing - //"PROXY_ENABLE_BASIC_AUTH": "true", + "PROXY_ENABLE_BASIC_AUTH": "true", // set insecure options because we don't have valid certificates in dev environments "OCIS_INSECURE": "true", // demo users diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index f36a33d108e..509189ccc02 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -6,6 +6,15 @@ import ( "github.com/owncloud/ocis/extensions/graph/pkg/config" ) +func FullDefaultConfig() *config.Config { + cfg := DefaultConfig() + + EnsureDefaults(cfg) + Sanitize(cfg) + + return cfg +} + func DefaultConfig() *config.Config { return &config.Config{ Debug: config.Debug{ diff --git a/extensions/graph/pkg/service/v0/graph_suite_test.go b/extensions/graph/pkg/service/v0/graph_suite_test.go index 1c6cfc6cc95..6b34ae0631b 100644 --- a/extensions/graph/pkg/service/v0/graph_suite_test.go +++ b/extensions/graph/pkg/service/v0/graph_suite_test.go @@ -3,7 +3,7 @@ package svc_test import ( "testing" - . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" ) diff --git a/extensions/graph/pkg/service/v0/graph_test.go b/extensions/graph/pkg/service/v0/graph_test.go index fe328d93a6e..f01a7b11a70 100644 --- a/extensions/graph/pkg/service/v0/graph_test.go +++ b/extensions/graph/pkg/service/v0/graph_test.go @@ -13,7 +13,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" typesv1beta1 "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/v2/pkg/rgrpc/status" - . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" libregraph "github.com/owncloud/libre-graph-api-go" "github.com/owncloud/ocis/extensions/graph/mocks" @@ -38,7 +38,7 @@ var _ = Describe("Graph", func() { httpClient = &mocks.HTTPClient{} eventsPublisher = mocks.Publisher{} svc = service.NewService( - service.Config(defaults.DefaultConfig()), + service.Config(defaults.FullDefaultConfig()), service.WithGatewayClient(gatewayClient), service.WithHTTPClient(httpClient), service.EventsPublisher(&eventsPublisher), diff --git a/extensions/ocs/pkg/server/http/svc_test.go b/extensions/ocs/pkg/server/http/svc_test.go index 7bdddbf28bc..c5a73fcfbc9 100644 --- a/extensions/ocs/pkg/server/http/svc_test.go +++ b/extensions/ocs/pkg/server/http/svc_test.go @@ -723,6 +723,9 @@ func getService() svc.Service { Root: "/", Addr: "localhost:9110", }, + Reva: &config.Reva{ + Address: "", + }, TokenManager: &config.TokenManager{ JWTSecret: jwtSecret, }, diff --git a/ocis-pkg/crypto/crypto_suite_test.go b/ocis-pkg/crypto/crypto_suite_test.go index e60462b997c..87ac8f6f730 100644 --- a/ocis-pkg/crypto/crypto_suite_test.go +++ b/ocis-pkg/crypto/crypto_suite_test.go @@ -3,7 +3,7 @@ package crypto_test import ( "testing" - . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" ) diff --git a/ocis-pkg/crypto/crypto_test.go b/ocis-pkg/crypto/crypto_test.go index 328607ba9e2..0f547962558 100644 --- a/ocis-pkg/crypto/crypto_test.go +++ b/ocis-pkg/crypto/crypto_test.go @@ -8,7 +8,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/crypto" "github.com/owncloud/ocis/ocis-pkg/log" - . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/v2" cfg "github.com/owncloud/ocis/ocis-pkg/config" ) From df53c2a545a6ba9591e4928820ac54dc35c68370 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 10:30:02 +0200 Subject: [PATCH 21/59] fix graph tests --- extensions/graph/pkg/service/v0/graph_test.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/extensions/graph/pkg/service/v0/graph_test.go b/extensions/graph/pkg/service/v0/graph_test.go index f01a7b11a70..0d52357cf8a 100644 --- a/extensions/graph/pkg/service/v0/graph_test.go +++ b/extensions/graph/pkg/service/v0/graph_test.go @@ -17,6 +17,7 @@ import ( . "github.com/onsi/gomega" libregraph "github.com/owncloud/libre-graph-api-go" "github.com/owncloud/ocis/extensions/graph/mocks" + "github.com/owncloud/ocis/extensions/graph/pkg/config" "github.com/owncloud/ocis/extensions/graph/pkg/config/defaults" service "github.com/owncloud/ocis/extensions/graph/pkg/service/v0" "github.com/owncloud/ocis/extensions/graph/pkg/service/v0/errorcode" @@ -30,15 +31,19 @@ var _ = Describe("Graph", func() { httpClient *mocks.HTTPClient eventsPublisher mocks.Publisher ctx context.Context + cfg *config.Config ) JustBeforeEach(func() { ctx = context.Background() + cfg = defaults.FullDefaultConfig() + cfg.TokenManager.JWTSecret = "loremipsum" + gatewayClient = &mocks.GatewayClient{} httpClient = &mocks.HTTPClient{} eventsPublisher = mocks.Publisher{} svc = service.NewService( - service.Config(defaults.FullDefaultConfig()), + service.Config(cfg), service.WithGatewayClient(gatewayClient), service.WithHTTPClient(httpClient), service.EventsPublisher(&eventsPublisher), From 3054875a056f8c25871a07a7a509e36e88dbb547 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 11:10:39 +0200 Subject: [PATCH 22/59] move config validation into a separate function --- .bingo/Variables.mk | 2 +- .bingo/variables.env | 2 +- .../accounts/pkg/config/defaults/defaultconfig.go | 2 -- extensions/accounts/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- extensions/appprovider/pkg/config/parser/parse.go | 4 ++++ .../audit/pkg/config/defaults/defaultconfig.go | 2 -- extensions/audit/pkg/config/parser/parse.go | 4 ++++ .../auth-basic/pkg/config/defaults/defaultconfig.go | 3 +-- extensions/auth-basic/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- extensions/auth-bearer/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 7 +------ extensions/auth-machine/pkg/config/parser/parse.go | 8 ++++++++ .../frontend/pkg/config/defaults/defaultconfig.go | 7 +------ extensions/frontend/pkg/config/parser/parse.go | 8 ++++++++ .../gateway/pkg/config/defaults/defaultconfig.go | 7 +------ extensions/gateway/pkg/config/parser/parse.go | 9 +++++++++ .../glauth/pkg/config/defaults/defaultconfig.go | 2 -- extensions/glauth/pkg/config/parser/parse.go | 5 +++++ .../pkg/config/defaults/defaultconfig.go | 2 -- .../graph-explorer/pkg/config/parser/parse.go | 4 ++++ .../graph/pkg/config/defaults/defaultconfig.go | 2 -- extensions/graph/pkg/config/parser/parse.go | 4 ++++ .../group/pkg/config/defaults/defaultconfig.go | 3 +-- extensions/group/pkg/config/parser/parse.go | 4 ++++ extensions/idm/pkg/config/defaults/defaultconfig.go | 2 -- extensions/idm/pkg/config/parser/parse.go | 4 ++++ extensions/idp/pkg/config/defaults/defaultconfig.go | 2 -- extensions/idp/pkg/config/parser/parse.go | 4 ++++ .../nats/pkg/config/defaults/defaultconfig.go | 2 -- extensions/nats/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 6 ------ extensions/notifications/pkg/config/parser/parse.go | 8 ++++++++ .../ocdav/pkg/config/defaults/defaultconfig.go | 3 +-- extensions/ocdav/pkg/config/parser/parse.go | 4 ++++ extensions/ocs/pkg/config/defaults/defaultconfig.go | 5 ----- extensions/ocs/pkg/config/parser/parse.go | 8 ++++++++ .../proxy/pkg/config/defaults/defaultconfig.go | 3 --- extensions/proxy/pkg/config/parser/parse.go | 9 +++++++++ .../settings/pkg/config/defaults/defaultconfig.go | 5 ----- extensions/settings/pkg/config/parser/parse.go | 4 ++++ .../sharing/pkg/config/defaults/defaultconfig.go | 8 +------- extensions/sharing/pkg/config/parser/parse.go | 13 +++++++++++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- .../storage-metadata/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- .../storage-publiclink/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- .../storage-shares/pkg/config/parser/parse.go | 4 ++++ .../pkg/config/defaults/defaultconfig.go | 3 +-- extensions/storage-users/pkg/config/parser/parse.go | 4 ++++ .../storage/pkg/config/defaults/defaultconfig.go | 11 +++-------- extensions/storage/pkg/config/parser/parse.go | 8 ++++++++ .../store/pkg/config/defaults/defaultconfig.go | 2 -- extensions/store/pkg/config/parser/parse.go | 5 +++++ .../thumbnails/pkg/config/defaults/defaultconfig.go | 5 ----- extensions/thumbnails/pkg/config/parser/parse.go | 9 +++++++++ .../user/pkg/config/defaults/defaultconfig.go | 3 +-- extensions/user/pkg/config/parser/parse.go | 4 ++++ extensions/web/pkg/config/defaults/defaultconfig.go | 2 -- extensions/web/pkg/config/parser/parse.go | 4 ++++ .../webdav/pkg/config/defaults/defaultconfig.go | 2 -- extensions/webdav/pkg/config/parser/parse.go | 4 ++++ 64 files changed, 189 insertions(+), 101 deletions(-) diff --git a/.bingo/Variables.mk b/.bingo/Variables.mk index c3a6f1db5b1..cd90d103da6 100644 --- a/.bingo/Variables.mk +++ b/.bingo/Variables.mk @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. BINGO_DIR := $(dir $(lastword $(MAKEFILE_LIST))) GOPATH ?= $(shell go env GOPATH) diff --git a/.bingo/variables.env b/.bingo/variables.env index e19cf5f1dbb..d64a412b023 100644 --- a/.bingo/variables.env +++ b/.bingo/variables.env @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. # Those variables will work only until 'bingo get' was invoked, or if tools were installed via Makefile's Variables.mk. GOBIN=${GOBIN:=$(go env GOBIN)} diff --git a/extensions/accounts/pkg/config/defaults/defaultconfig.go b/extensions/accounts/pkg/config/defaults/defaultconfig.go index af60edfb6e6..6aaea79f334 100644 --- a/extensions/accounts/pkg/config/defaults/defaultconfig.go +++ b/extensions/accounts/pkg/config/defaults/defaultconfig.go @@ -10,10 +10,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/accounts/pkg/config/parser/parse.go b/extensions/accounts/pkg/config/parser/parse.go index 91d47c19d8a..514de074f70 100644 --- a/extensions/accounts/pkg/config/parser/parse.go +++ b/extensions/accounts/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/appprovider/pkg/config/defaults/defaultconfig.go b/extensions/appprovider/pkg/config/defaults/defaultconfig.go index e556735ee73..c42cfa27efd 100644 --- a/extensions/appprovider/pkg/config/defaults/defaultconfig.go +++ b/extensions/appprovider/pkg/config/defaults/defaultconfig.go @@ -6,9 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/appprovider/pkg/config/parser/parse.go b/extensions/appprovider/pkg/config/parser/parse.go index 272df5fde42..fa55c4653fe 100644 --- a/extensions/appprovider/pkg/config/parser/parse.go +++ b/extensions/appprovider/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/audit/pkg/config/defaults/defaultconfig.go b/extensions/audit/pkg/config/defaults/defaultconfig.go index 27b94a8147d..f6ec2fb31e3 100644 --- a/extensions/audit/pkg/config/defaults/defaultconfig.go +++ b/extensions/audit/pkg/config/defaults/defaultconfig.go @@ -6,10 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/audit/pkg/config/parser/parse.go b/extensions/audit/pkg/config/parser/parse.go index 7c9179761c0..fef33a6b52d 100644 --- a/extensions/audit/pkg/config/parser/parse.go +++ b/extensions/audit/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go index 3f5f851b9d1..3bfbaf800f7 100644 --- a/extensions/auth-basic/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-basic/pkg/config/defaults/defaultconfig.go @@ -9,9 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/auth-basic/pkg/config/parser/parse.go b/extensions/auth-basic/pkg/config/parser/parse.go index 3a850615ca4..f24e99c95bf 100644 --- a/extensions/auth-basic/pkg/config/parser/parse.go +++ b/extensions/auth-basic/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go b/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go index 93a978a2a3e..59d0acd7066 100644 --- a/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-bearer/pkg/config/defaults/defaultconfig.go @@ -6,9 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/auth-bearer/pkg/config/parser/parse.go b/extensions/auth-bearer/pkg/config/parser/parse.go index 6ea2a14847c..a521c0bfd7c 100644 --- a/extensions/auth-bearer/pkg/config/parser/parse.go +++ b/extensions/auth-bearer/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go index 14be9c67d18..47b0f1a16a7 100644 --- a/extensions/auth-machine/pkg/config/defaults/defaultconfig.go +++ b/extensions/auth-machine/pkg/config/defaults/defaultconfig.go @@ -1,16 +1,13 @@ package defaults import ( - "log" - "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" ) func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } @@ -78,8 +75,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.AuthProviders.Machine.APIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.AuthProviders.Machine.APIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.AuthProviders.Machine.APIKey == "" { - log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/auth-machine/pkg/config/parser/parse.go b/extensions/auth-machine/pkg/config/parser/parse.go index defc64e0c3d..feea7ec4111 100644 --- a/extensions/auth-machine/pkg/config/parser/parse.go +++ b/extensions/auth-machine/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" "github.com/owncloud/ocis/extensions/auth-machine/pkg/config/defaults" @@ -29,5 +30,12 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.AuthProviders.Machine.APIKey == "" { + return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } return nil } diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 485b0d2e5c6..95256201f23 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -1,16 +1,13 @@ package defaults import ( - "log" - "github.com/owncloud/ocis/extensions/frontend/pkg/config" ) func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } @@ -114,8 +111,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.TransferSecret = cfg.Commons.TransferSecret - } else if cfg.TransferSecret == "" { - log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go index 7942a1b235f..d628cfee744 100644 --- a/extensions/frontend/pkg/config/parser/parse.go +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -29,5 +29,13 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.TransferSecret == "" { + return ftm.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } + return nil } diff --git a/extensions/gateway/pkg/config/defaults/defaultconfig.go b/extensions/gateway/pkg/config/defaults/defaultconfig.go index d22b3c95ede..21e3cc1862c 100644 --- a/extensions/gateway/pkg/config/defaults/defaultconfig.go +++ b/extensions/gateway/pkg/config/defaults/defaultconfig.go @@ -1,16 +1,13 @@ package defaults import ( - "log" - "github.com/owncloud/ocis/extensions/gateway/pkg/config" ) func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } @@ -105,8 +102,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.TransferSecret = cfg.Commons.TransferSecret - } else if cfg.TransferSecret == "" { - log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/gateway/pkg/config/parser/parse.go b/extensions/gateway/pkg/config/parser/parse.go index 2ace3feafdd..2a0a4e069c4 100644 --- a/extensions/gateway/pkg/config/parser/parse.go +++ b/extensions/gateway/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/gateway/pkg/config" "github.com/owncloud/ocis/extensions/gateway/pkg/config/defaults" @@ -29,5 +30,13 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.TransferSecret == "" { + return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } + return nil } diff --git a/extensions/glauth/pkg/config/defaults/defaultconfig.go b/extensions/glauth/pkg/config/defaults/defaultconfig.go index 8d0eb366daa..d4508ee9d74 100644 --- a/extensions/glauth/pkg/config/defaults/defaultconfig.go +++ b/extensions/glauth/pkg/config/defaults/defaultconfig.go @@ -9,10 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/glauth/pkg/config/parser/parse.go b/extensions/glauth/pkg/config/parser/parse.go index 532fb514953..175673383ce 100644 --- a/extensions/glauth/pkg/config/parser/parse.go +++ b/extensions/glauth/pkg/config/parser/parse.go @@ -28,5 +28,10 @@ func ParseConfig(cfg *config.Config) error { // sanitize config defaults.Sanitize(cfg) + + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/graph-explorer/pkg/config/defaults/defaultconfig.go b/extensions/graph-explorer/pkg/config/defaults/defaultconfig.go index a343da50af6..27b194940a2 100644 --- a/extensions/graph-explorer/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph-explorer/pkg/config/defaults/defaultconfig.go @@ -8,10 +8,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/graph-explorer/pkg/config/parser/parse.go b/extensions/graph-explorer/pkg/config/parser/parse.go index 499fbb8f369..82bc9cc5db7 100644 --- a/extensions/graph-explorer/pkg/config/parser/parse.go +++ b/extensions/graph-explorer/pkg/config/parser/parse.go @@ -30,5 +30,9 @@ func ParseConfig(cfg *config.Config) error { // sanitize config defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index 509189ccc02..77fea105023 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -8,10 +8,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/graph/pkg/config/parser/parse.go b/extensions/graph/pkg/config/parser/parse.go index cf4612cc881..7c2505a3f1e 100644 --- a/extensions/graph/pkg/config/parser/parse.go +++ b/extensions/graph/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/group/pkg/config/defaults/defaultconfig.go b/extensions/group/pkg/config/defaults/defaultconfig.go index 9500016057b..373e118a4be 100644 --- a/extensions/group/pkg/config/defaults/defaultconfig.go +++ b/extensions/group/pkg/config/defaults/defaultconfig.go @@ -9,9 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/group/pkg/config/parser/parse.go b/extensions/group/pkg/config/parser/parse.go index d75882a2901..fd858020b8a 100644 --- a/extensions/group/pkg/config/parser/parse.go +++ b/extensions/group/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/idm/pkg/config/defaults/defaultconfig.go b/extensions/idm/pkg/config/defaults/defaultconfig.go index dada552c043..25ea4785fe3 100644 --- a/extensions/idm/pkg/config/defaults/defaultconfig.go +++ b/extensions/idm/pkg/config/defaults/defaultconfig.go @@ -9,10 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/idm/pkg/config/parser/parse.go b/extensions/idm/pkg/config/parser/parse.go index 0998543ad05..be598790dad 100644 --- a/extensions/idm/pkg/config/parser/parse.go +++ b/extensions/idm/pkg/config/parser/parse.go @@ -28,5 +28,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/idp/pkg/config/defaults/defaultconfig.go b/extensions/idp/pkg/config/defaults/defaultconfig.go index d9b68fb506f..23c9def14c9 100644 --- a/extensions/idp/pkg/config/defaults/defaultconfig.go +++ b/extensions/idp/pkg/config/defaults/defaultconfig.go @@ -10,10 +10,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/idp/pkg/config/parser/parse.go b/extensions/idp/pkg/config/parser/parse.go index 101ea85bdcc..e2852767919 100644 --- a/extensions/idp/pkg/config/parser/parse.go +++ b/extensions/idp/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/nats/pkg/config/defaults/defaultconfig.go b/extensions/nats/pkg/config/defaults/defaultconfig.go index f9435ff4df2..a522ca67857 100644 --- a/extensions/nats/pkg/config/defaults/defaultconfig.go +++ b/extensions/nats/pkg/config/defaults/defaultconfig.go @@ -12,10 +12,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/nats/pkg/config/parser/parse.go b/extensions/nats/pkg/config/parser/parse.go index 2a427a3bd91..4930b1ccfea 100644 --- a/extensions/nats/pkg/config/parser/parse.go +++ b/extensions/nats/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/notifications/pkg/config/defaults/defaultconfig.go b/extensions/notifications/pkg/config/defaults/defaultconfig.go index d9622050f97..09d08d13fbe 100644 --- a/extensions/notifications/pkg/config/defaults/defaultconfig.go +++ b/extensions/notifications/pkg/config/defaults/defaultconfig.go @@ -1,17 +1,13 @@ package defaults import ( - "log" - "github.com/owncloud/ocis/extensions/notifications/pkg/config" ) func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } @@ -55,8 +51,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Notifications.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.Notifications.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.Notifications.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/notifications/pkg/config/parser/parse.go b/extensions/notifications/pkg/config/parser/parse.go index 2a4876a33c5..fddb96b24ba 100644 --- a/extensions/notifications/pkg/config/parser/parse.go +++ b/extensions/notifications/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/notifications/pkg/config" "github.com/owncloud/ocis/extensions/notifications/pkg/config/defaults" @@ -29,5 +30,12 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.Notifications.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } return nil } diff --git a/extensions/ocdav/pkg/config/defaults/defaultconfig.go b/extensions/ocdav/pkg/config/defaults/defaultconfig.go index d68a150240d..b55f9e65134 100644 --- a/extensions/ocdav/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocdav/pkg/config/defaults/defaultconfig.go @@ -6,9 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/ocdav/pkg/config/parser/parse.go b/extensions/ocdav/pkg/config/parser/parse.go index 84d3821cf72..028d237a31c 100644 --- a/extensions/ocdav/pkg/config/parser/parse.go +++ b/extensions/ocdav/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/ocs/pkg/config/defaults/defaultconfig.go b/extensions/ocs/pkg/config/defaults/defaultconfig.go index 8d387072de2..20a3e3ca9ed 100644 --- a/extensions/ocs/pkg/config/defaults/defaultconfig.go +++ b/extensions/ocs/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "strings" "github.com/owncloud/ocis/extensions/ocs/pkg/config" @@ -9,10 +8,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } @@ -91,8 +88,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/ocs/pkg/config/parser/parse.go b/extensions/ocs/pkg/config/parser/parse.go index b9c312ca3d3..ce253edd19d 100644 --- a/extensions/ocs/pkg/config/parser/parse.go +++ b/extensions/ocs/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/ocs/pkg/config" "github.com/owncloud/ocis/extensions/ocs/pkg/config/defaults" @@ -29,5 +30,12 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } return nil } diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 43b23207dbe..61c91de93dd 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "path" "strings" @@ -188,8 +187,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } if cfg.Reva == nil && cfg.Commons != nil && cfg.Commons.Reva != nil { diff --git a/extensions/proxy/pkg/config/parser/parse.go b/extensions/proxy/pkg/config/parser/parse.go index 2f29670f658..5f15fb29389 100644 --- a/extensions/proxy/pkg/config/parser/parse.go +++ b/extensions/proxy/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/proxy/pkg/config" "github.com/owncloud/ocis/extensions/proxy/pkg/config/defaults" @@ -28,5 +29,13 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + } + return nil } diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index fd04461a2fe..a1eeb3c9a93 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "path" "strings" @@ -11,10 +10,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } @@ -95,8 +92,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/settings/pkg/config/parser/parse.go b/extensions/settings/pkg/config/parser/parse.go index 3880a7ebbc4..5d8310430cf 100644 --- a/extensions/settings/pkg/config/parser/parse.go +++ b/extensions/settings/pkg/config/parser/parse.go @@ -28,5 +28,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/sharing/pkg/config/defaults/defaultconfig.go b/extensions/sharing/pkg/config/defaults/defaultconfig.go index 71c66ab8dc7..2c00c4267ae 100644 --- a/extensions/sharing/pkg/config/defaults/defaultconfig.go +++ b/extensions/sharing/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "path/filepath" "github.com/owncloud/ocis/extensions/sharing/pkg/config" @@ -10,9 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } @@ -125,14 +123,10 @@ func EnsureDefaults(cfg *config.Config) { if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.UserSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key for the cs3 user sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) } if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey - } else if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { - log.Fatalf("machine auth api key for the cs3 public sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go index 516647c8841..84a09cc6d0e 100644 --- a/extensions/sharing/pkg/config/parser/parse.go +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/sharing/pkg/config" "github.com/owncloud/ocis/extensions/sharing/pkg/config/defaults" @@ -29,5 +30,17 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key for the cs3 public sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + } + + if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key for the cs3 user sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + } + return nil } diff --git a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go index 3922b6f569b..270c468f5b0 100644 --- a/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-metadata/pkg/config/defaults/defaultconfig.go @@ -10,9 +10,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/storage-metadata/pkg/config/parser/parse.go b/extensions/storage-metadata/pkg/config/parser/parse.go index 4faf4527fab..ca0d96dbb37 100644 --- a/extensions/storage-metadata/pkg/config/parser/parse.go +++ b/extensions/storage-metadata/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go b/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go index 5a0fed3a557..47b729c05a8 100644 --- a/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go @@ -6,9 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/storage-publiclink/pkg/config/parser/parse.go b/extensions/storage-publiclink/pkg/config/parser/parse.go index b54c81162e1..0379145f737 100644 --- a/extensions/storage-publiclink/pkg/config/parser/parse.go +++ b/extensions/storage-publiclink/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/storage-shares/pkg/config/defaults/defaultconfig.go b/extensions/storage-shares/pkg/config/defaults/defaultconfig.go index ca46e2ea8e6..75a6127e90c 100644 --- a/extensions/storage-shares/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-shares/pkg/config/defaults/defaultconfig.go @@ -6,9 +6,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/storage-shares/pkg/config/parser/parse.go b/extensions/storage-shares/pkg/config/parser/parse.go index f840317dc56..bda808cb639 100644 --- a/extensions/storage-shares/pkg/config/parser/parse.go +++ b/extensions/storage-shares/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/storage-users/pkg/config/defaults/defaultconfig.go b/extensions/storage-users/pkg/config/defaults/defaultconfig.go index 0c89cc7a2c3..b29e9daa980 100644 --- a/extensions/storage-users/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage-users/pkg/config/defaults/defaultconfig.go @@ -10,9 +10,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/storage-users/pkg/config/parser/parse.go b/extensions/storage-users/pkg/config/parser/parse.go index d8d881260c6..55658def294 100644 --- a/extensions/storage-users/pkg/config/parser/parse.go +++ b/extensions/storage-users/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index dbfb6a22192..6b88c6babd4 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "os" "path" @@ -21,10 +20,8 @@ const ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } @@ -458,11 +455,9 @@ func DefaultConfig() *config.Config { } func EnsureDefaults(cfg *config.Config) { - if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { - cfg.TransferSecret = cfg.Commons.TransferSecret - } else { - log.Fatal("reva transfer secret is not set up properly, bailing out (storage)") - } + //if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { + // cfg.TransferSecret = cfg.Commons.TransferSecret + //} } func Sanitize(cfg *config.Config) { diff --git a/extensions/storage/pkg/config/parser/parse.go b/extensions/storage/pkg/config/parser/parse.go index 4faf4527fab..bf30c761ff9 100644 --- a/extensions/storage/pkg/config/parser/parse.go +++ b/extensions/storage/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" @@ -29,5 +30,12 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.TransferSecret == "" { + return fmt.Errorf("reva transfer secret is not set up properly, bailing out (storage)") + } return nil } diff --git a/extensions/store/pkg/config/defaults/defaultconfig.go b/extensions/store/pkg/config/defaults/defaultconfig.go index 1d84c1c4746..8932d4266a2 100644 --- a/extensions/store/pkg/config/defaults/defaultconfig.go +++ b/extensions/store/pkg/config/defaults/defaultconfig.go @@ -9,10 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/store/pkg/config/parser/parse.go b/extensions/store/pkg/config/parser/parse.go index 7c9f02bda38..3d3b591ba73 100644 --- a/extensions/store/pkg/config/parser/parse.go +++ b/extensions/store/pkg/config/parser/parse.go @@ -29,5 +29,10 @@ func ParseConfig(cfg *config.Config) error { // sanitize config defaults.Sanitize(cfg) + + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go index dd8b57d2116..b24c9e3d114 100644 --- a/extensions/thumbnails/pkg/config/defaults/defaultconfig.go +++ b/extensions/thumbnails/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "log" "path" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" @@ -10,10 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } @@ -76,8 +73,6 @@ func EnsureDefaults(cfg *config.Config) { if cfg.Thumbnail.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.Thumbnail.TransferSecret = cfg.Commons.TransferSecret - } else if cfg.TransferSecret == "" { - log.Fatalf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } } diff --git a/extensions/thumbnails/pkg/config/parser/parse.go b/extensions/thumbnails/pkg/config/parser/parse.go index 4ed73255342..348e87d1a12 100644 --- a/extensions/thumbnails/pkg/config/parser/parse.go +++ b/extensions/thumbnails/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config/defaults" @@ -30,5 +31,13 @@ func ParseConfig(cfg *config.Config) error { // sanitize config defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { + if cfg.TransferSecret == "" { + return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + } + return nil } diff --git a/extensions/user/pkg/config/defaults/defaultconfig.go b/extensions/user/pkg/config/defaults/defaultconfig.go index f20c546123b..b7212abd0bc 100644 --- a/extensions/user/pkg/config/defaults/defaultconfig.go +++ b/extensions/user/pkg/config/defaults/defaultconfig.go @@ -9,9 +9,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) - + Sanitize(cfg) return cfg } diff --git a/extensions/user/pkg/config/parser/parse.go b/extensions/user/pkg/config/parser/parse.go index 06145d3ad8e..e2e6ad69ed8 100644 --- a/extensions/user/pkg/config/parser/parse.go +++ b/extensions/user/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/web/pkg/config/defaults/defaultconfig.go b/extensions/web/pkg/config/defaults/defaultconfig.go index bbfad9bdfd3..023a080da8d 100644 --- a/extensions/web/pkg/config/defaults/defaultconfig.go +++ b/extensions/web/pkg/config/defaults/defaultconfig.go @@ -8,10 +8,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/web/pkg/config/parser/parse.go b/extensions/web/pkg/config/parser/parse.go index d850943577a..80e64a3b7b6 100644 --- a/extensions/web/pkg/config/parser/parse.go +++ b/extensions/web/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } diff --git a/extensions/webdav/pkg/config/defaults/defaultconfig.go b/extensions/webdav/pkg/config/defaults/defaultconfig.go index 48e00e17f1a..3c975cfa709 100644 --- a/extensions/webdav/pkg/config/defaults/defaultconfig.go +++ b/extensions/webdav/pkg/config/defaults/defaultconfig.go @@ -8,10 +8,8 @@ import ( func FullDefaultConfig() *config.Config { cfg := DefaultConfig() - EnsureDefaults(cfg) Sanitize(cfg) - return cfg } diff --git a/extensions/webdav/pkg/config/parser/parse.go b/extensions/webdav/pkg/config/parser/parse.go index 7597255f9cc..9d4d15ca7aa 100644 --- a/extensions/webdav/pkg/config/parser/parse.go +++ b/extensions/webdav/pkg/config/parser/parse.go @@ -29,5 +29,9 @@ func ParseConfig(cfg *config.Config) error { defaults.Sanitize(cfg) + return Validate(cfg) +} + +func Validate(cfg *config.Config) error { return nil } From fb6a8ffc7b0b18f61eb37d942b98c3e98c181880 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Thu, 28 Apr 2022 11:12:22 +0200 Subject: [PATCH 23/59] add backup of config on force overwrite Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 41 +++++++++++++++++++++++++++++++++++++--- 1 file changed, 38 insertions(+), 3 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 21c2f6ab2d1..5c11dc359a6 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -3,11 +3,13 @@ package command import ( "bufio" "fmt" + "io" "io/ioutil" "log" "os" "path" "strings" + "time" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" @@ -90,10 +92,38 @@ func checkConfigPath(configPath string) error { return nil } +func backupOcisConfigFile(configPath string) (string, error) { + sourceConfig := path.Join(configPath, configFilename) + targetBackupConfig := path.Join(configPath, configFilename+"."+time.Now().Format("2006-01-02-15-04-05")+".backup") + source, err := os.Open(sourceConfig) + if err != nil { + log.Fatalf("Could not read %s (%s)", sourceConfig, err) + } + defer source.Close() + target, err := os.Create(targetBackupConfig) + if err != nil { + log.Fatalf("Could not generate backup %s (%s)", targetBackupConfig, err) + } + defer target.Close() + _, err = io.Copy(target, source) + if err != nil { + log.Fatalf("Could not write backup %s (%s)", targetBackupConfig, err) + } + return targetBackupConfig, nil +} + func createConfig(insecure, forceOverwrite bool, configPath string) error { err := checkConfigPath(configPath) + targetBackupConfig := "" if err != nil && !forceOverwrite { return err + } else if forceOverwrite { + targetBackupConfig, err = backupOcisConfigFile(configPath) + if err != nil { + return err + } else { + + } } err = os.MkdirAll(configPath, 0700) if err != nil { @@ -219,13 +249,18 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { return err } fmt.Printf( - "======================================\n"+ + "\n\n=========================================\n"+ " generated OCIS Config\n"+ - "======================================\n"+ + "=========================================\n"+ " configpath : %s\n"+ " user : admin\n"+ - " password : %s\n", + " password : %s\n\n", targetPath, ocisAdminServicePassword) + if targetBackupConfig != "" { + fmt.Printf("\n=========================================\n"+ + "An older config file has been backuped to\n %s\n\n", + targetBackupConfig) + } return nil } From aba2ee0c397dc28464c23e4019d30137ebc8fae4 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 11:31:15 +0200 Subject: [PATCH 24/59] fix build --- extensions/frontend/pkg/config/parser/parse.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go index d628cfee744..c71a8e58390 100644 --- a/extensions/frontend/pkg/config/parser/parse.go +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -2,6 +2,7 @@ package parser import ( "errors" + "fmt" "github.com/owncloud/ocis/extensions/frontend/pkg/config" "github.com/owncloud/ocis/extensions/frontend/pkg/config/defaults" @@ -34,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.TransferSecret == "" { - return ftm.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } return nil From ab254b05d0bec870d454973c8df3c36a307dbc1d Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 15:08:40 +0200 Subject: [PATCH 25/59] remove all "omitempty" from config structs to bring back full configuration file documentation --- extensions/accounts/pkg/config/config.go | 24 +- extensions/appprovider/pkg/config/config.go | 22 +- extensions/audit/pkg/config/config.go | 8 +- extensions/auth-basic/pkg/config/config.go | 62 +- extensions/auth-bearer/pkg/config/config.go | 44 +- extensions/auth-machine/pkg/config/config.go | 20 +- extensions/frontend/pkg/config/config.go | 88 +-- extensions/gateway/pkg/config/config.go | 58 +- extensions/glauth/pkg/config/config.go | 16 +- .../graph-explorer/pkg/config/config.go | 10 +- extensions/graph/pkg/config/config.go | 76 +-- extensions/group/pkg/config/config.go | 66 +-- extensions/idm/pkg/config/config.go | 10 +- extensions/idp/pkg/config/config.go | 42 +- extensions/nats/pkg/config/config.go | 14 +- extensions/notifications/pkg/config/config.go | 12 +- extensions/ocdav/pkg/config/config.go | 34 +- extensions/ocs/pkg/config/config.go | 20 +- extensions/proxy/pkg/config/config.go | 42 +- extensions/settings/pkg/config/config.go | 30 +- extensions/sharing/pkg/config/config.go | 32 +- .../storage-metadata/pkg/config/config.go | 30 +- .../storage-publiclink/pkg/config/config.go | 22 +- .../storage-shares/pkg/config/config.go | 24 +- extensions/storage-users/pkg/config/config.go | 46 +- extensions/storage/pkg/config/config.go | 540 +++++++++--------- extensions/thumbnails/pkg/config/config.go | 28 +- extensions/user/pkg/config/config.go | 66 +-- extensions/web/pkg/config/config.go | 44 +- extensions/webdav/pkg/config/config.go | 16 +- ocis-pkg/config/config.go | 80 +-- 31 files changed, 813 insertions(+), 813 deletions(-) diff --git a/extensions/accounts/pkg/config/config.go b/extensions/accounts/pkg/config/config.go index 0d38512da7b..29c2ce7fe5e 100644 --- a/extensions/accounts/pkg/config/config.go +++ b/extensions/accounts/pkg/config/config.go @@ -12,21 +12,21 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` - GRPC GRPC `yaml:"grpc,omitempty"` + HTTP HTTP `yaml:"http"` + GRPC GRPC `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` - Asset Asset `yaml:"asset,omitempty"` - Repo Repo `yaml:"repo,omitempty"` - Index Index `yaml:"index,omitempty"` - ServiceUser ServiceUser `yaml:"service_user,omitempty"` - HashDifficulty int `yaml:"hash_difficulty,omitempty" env:"ACCOUNTS_HASH_DIFFICULTY" desc:"The hash difficulty makes sure that validating a password takes at least a certain amount of time."` - DemoUsersAndGroups bool `yaml:"demo_users_and_groups,omitempty" env:"ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"If this flag is set the service will setup the demo users and groups."` + Asset Asset `yaml:"asset"` + Repo Repo `yaml:"repo"` + Index Index `yaml:"index"` + ServiceUser ServiceUser `yaml:"service_user"` + HashDifficulty int `yaml:"hash_difficulty" env:"ACCOUNTS_HASH_DIFFICULTY" desc:"The hash difficulty makes sure that validating a password takes at least a certain amount of time."` + DemoUsersAndGroups bool `yaml:"demo_users_and_groups" env:"ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"If this flag is set the service will setup the demo users and groups."` Context context.Context `yaml:"-"` } diff --git a/extensions/appprovider/pkg/config/config.go b/extensions/appprovider/pkg/config/config.go index c5f1248ee63..fcc440bce24 100644 --- a/extensions/appprovider/pkg/config/config.go +++ b/extensions/appprovider/pkg/config/config.go @@ -5,20 +5,20 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - ExternalAddr string `yaml:"external_addr,omitempty"` - Driver string `yaml:"driver,omitempty"` - Drivers Drivers `yaml:"drivers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + ExternalAddr string `yaml:"external_addr"` + Driver string `yaml:"driver"` + Drivers Drivers `yaml:"drivers"` } type Tracing struct { diff --git a/extensions/audit/pkg/config/config.go b/extensions/audit/pkg/config/config.go index 3b753f1a114..b14a78a752a 100644 --- a/extensions/audit/pkg/config/config.go +++ b/extensions/audit/pkg/config/config.go @@ -12,11 +12,11 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - Events Events `yaml:"events,omitempty"` - Auditlog Auditlog `yaml:"auditlog,omitempty"` + Events Events `yaml:"events"` + Auditlog Auditlog `yaml:"auditlog"` Context context.Context `yaml:"-"` } diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 079c57dcc50..1e9c9c3f2cc 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + AuthProvider string `yaml:"auth_provider" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED" desc:"Activates tracing."` @@ -50,9 +50,9 @@ type GRPCConfig struct { } type AuthProviders struct { - JSON JSONProvider `yaml:"json,omitempty"` - LDAP LDAPProvider `yaml:"ldap,omitempty"` - OwnCloudSQL OwnCloudSQLProvider `yaml:"owncloud_sql,omitempty"` + JSON JSONProvider `yaml:"json"` + LDAP LDAPProvider `yaml:"ldap"` + OwnCloudSQL OwnCloudSQLProvider `yaml:"owncloud_sql"` } type JSONProvider struct { @@ -60,24 +60,24 @@ type JSONProvider struct { } type LDAPProvider struct { - URI string `yaml:",omitempty" env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` - CACert string `yaml:",omitempty" env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` - Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` - BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` - BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` - GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` - GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` - UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:",omitempty" env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:",omitempty"` - GroupSchema LDAPGroupSchema `yaml:",omitempty"` + URI string `yaml:"" env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` + CACert string `yaml:"" env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` + Insecure bool `yaml:"" env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` + BindDN string `yaml:"" env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` + BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:"" env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` + GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:"" env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` + GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` + UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:"" env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:""` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:""` + GroupSchema LDAPGroupSchema `yaml:""` } type LDAPUserSchema struct { diff --git a/extensions/auth-bearer/pkg/config/config.go b/extensions/auth-bearer/pkg/config/config.go index 644ae43feda..f1d2b1388a1 100644 --- a/extensions/auth-bearer/pkg/config/config.go +++ b/extensions/auth-bearer/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + AuthProvider string `yaml:"auth_provider" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED" desc:"Activates tracing."` @@ -38,25 +38,25 @@ type Service struct { } type Debug struct { - Addr string `yaml:"addr,omitempty" env:"AUTH_BEARER_DEBUG_ADDR"` - Token string `yaml:"token,omitempty" env:"AUTH_BEARER_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof,omitempty" env:"AUTH_BEARER_DEBUG_PPROF"` - Zpages bool `yaml:"zpages,omitempty" env:"AUTH_BEARER_DEBUG_ZPAGES"` + Addr string `yaml:"addr" env:"AUTH_BEARER_DEBUG_ADDR"` + Token string `yaml:"token" env:"AUTH_BEARER_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof" env:"AUTH_BEARER_DEBUG_PPROF"` + Zpages bool `yaml:"zpages" env:"AUTH_BEARER_DEBUG_ZPAGES"` } type GRPCConfig struct { - Addr string `yaml:"addr,omitempty" env:"AUTH_BEARER_GRPC_ADDR" desc:"The address of the grpc service."` - Protocol string `yaml:"protocol,omitempty" env:"AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` + Addr string `yaml:"addr" env:"AUTH_BEARER_GRPC_ADDR" desc:"The address of the grpc service."` + Protocol string `yaml:"protocol" env:"AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` } type AuthProviders struct { - OIDC OIDCProvider `yaml:"oidc,omitempty"` + OIDC OIDCProvider `yaml:"oidc"` } type OIDCProvider struct { - Issuer string `yaml:"issuer,omitempty" env:"OCIS_URL;AUTH_BEARER_OIDC_ISSUER"` - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE"` - IDClaim string `yaml:"id_claim,omitempty"` - UIDClaim string `yaml:"uid_claim,omitempty"` - GIDClaim string `yaml:"gid_claim,omitempty"` + Issuer string `yaml:"issuer" env:"OCIS_URL;AUTH_BEARER_OIDC_ISSUER"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE"` + IDClaim string `yaml:"id_claim"` + UIDClaim string `yaml:"uid_claim"` + GIDClaim string `yaml:"gid_claim"` } diff --git a/extensions/auth-machine/pkg/config/config.go b/extensions/auth-machine/pkg/config/config.go index 4837e2915bd..00c796c0199 100644 --- a/extensions/auth-machine/pkg/config/config.go +++ b/extensions/auth-machine/pkg/config/config.go @@ -5,19 +5,19 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - AuthProvider string `yaml:"auth_provider,omitempty" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` - AuthProviders AuthProviders `yaml:"auth_providers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + AuthProvider string `yaml:"auth_provider" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"` + AuthProviders AuthProviders `yaml:"auth_providers"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index 8e183281fcd..c358cbd7816 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -5,51 +5,51 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` Supervised bool `yaml:"-"` - HTTP HTTPConfig `yaml:"http,omitempty"` + HTTP HTTPConfig `yaml:"http"` // JWTSecret used to verify reva access token - TransferSecret string `yaml:"transfer_secret,omitempty" env:"STORAGE_TRANSFER_SECRET"` + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_users_groups_in_token,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_users_groups_in_token"` - EnableFavorites bool `yaml:"favorites,omitempty"` - EnableProjectSpaces bool `yaml:"enable_project_spaces,omitempty"` - UploadMaxChunkSize int `yaml:"upload_max_chunk_size,omitempty"` - UploadHTTPMethodOverride string `yaml:"upload_http_method_override,omitempty"` - DefaultUploadProtocol string `yaml:"default_upload_protocol,omitempty"` + EnableFavorites bool `yaml:"favorites"` + EnableProjectSpaces bool `yaml:"enable_project_spaces"` + UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` + UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` + DefaultUploadProtocol string `yaml:"default_upload_protocol"` - PublicURL string `yaml:"public_url,omitempty" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` + PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL"` - Archiver Archiver `yaml:"archiver,omitempty"` - AppProvider AppProvider `yaml:"app_provider,omitempty"` - DataGateway DataGateway `yaml:"data_gateway,omitempty"` - OCS OCS `yaml:"ocs,omitempty"` - AuthMachine AuthMachine `yaml:"auth_machine,omitempty"` - Checksums Checksums `yaml:"checksums,omitempty"` + Archiver Archiver `yaml:"archiver"` + AppProvider AppProvider `yaml:"app_provider"` + DataGateway DataGateway `yaml:"data_gateway"` + OCS OCS `yaml:"ocs"` + AuthMachine AuthMachine `yaml:"auth_machine"` + Checksums Checksums `yaml:"checksums"` - Middleware Middleware `yaml:"middleware,omitempty"` + Middleware Middleware `yaml:"middleware"` } type Tracing struct { - Enabled bool `yaml:"enabled,omitempty" env:"OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing."` - Type string `yaml:"type,omitempty" env:"OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE"` - Endpoint string `yaml:"endpoint,omitempty" env:"OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` - Collector string `yaml:"collector,omitempty" env:"OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR"` + Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing."` + Type string `yaml:"type" env:"OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE"` + Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` + Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR"` } type Logging struct { - Level string `yaml:"level,omitempty" env:"OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level."` - Pretty bool `yaml:"pretty,omitempty" env:"OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output."` - Color bool `yaml:"color,omitempty" env:"OCIS_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output."` - File string `yaml:"file,omitempty" env:"OCIS_LOG_FILE;FRONTEND_LOG_FILE" desc:"The target log file."` + Level string `yaml:"level" env:"OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level."` + Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output."` + Color bool `yaml:"color" env:"OCIS_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output."` + File string `yaml:"file" env:"OCIS_LOG_FILE;FRONTEND_LOG_FILE" desc:"The target log file."` } type Service struct { @@ -57,44 +57,44 @@ type Service struct { } type Debug struct { - Addr string `yaml:"addr,omitempty" env:"FRONTEND_DEBUG_ADDR"` - Token string `yaml:"token,omitempty" env:"FRONTEND_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof,omitempty" env:"FRONTEND_DEBUG_PPROF"` - Zpages bool `yaml:"zpages,omitempty" env:"FRONTEND_DEBUG_ZPAGES"` + Addr string `yaml:"addr" env:"FRONTEND_DEBUG_ADDR"` + Token string `yaml:"token" env:"FRONTEND_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof" env:"FRONTEND_DEBUG_PPROF"` + Zpages bool `yaml:"zpages" env:"FRONTEND_DEBUG_ZPAGES"` } type HTTPConfig struct { - Addr string `yaml:"addr,omitempty" env:"FRONTEND_HTTP_ADDR" desc:"The address of the http service."` - Protocol string `yaml:"protocol,omitempty" env:"FRONTEND_HTTP_PROTOCOL" desc:"The transport protocol of the http service."` - Prefix string `yaml:"prefix,omitempty"` + Addr string `yaml:"addr" env:"FRONTEND_HTTP_ADDR" desc:"The address of the http service."` + Protocol string `yaml:"protocol" env:"FRONTEND_HTTP_PROTOCOL" desc:"The transport protocol of the http service."` + Prefix string `yaml:"prefix"` } // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth,omitempty"` + Auth Auth `yaml:"auth"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agent,omitempty"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agent"` } type Archiver struct { - MaxNumFiles int64 `yaml:"max_num_files,omitempty"` - MaxSize int64 `yaml:"max_size,omitempty"` + MaxNumFiles int64 `yaml:"max_num_files"` + MaxSize int64 `yaml:"max_size"` Prefix string `yaml:"-"` - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE"` } type AppProvider struct { - ExternalAddr string `yaml:"external_addr,omitempty"` - Driver string `yaml:"driver,omitempty"` + ExternalAddr string `yaml:"external_addr"` + Driver string `yaml:"driver"` // WopiDriver WopiDriver `yaml:"wopi_driver"` AppsURL string `yaml:"-"` OpenURL string `yaml:"-"` NewURL string `yaml:"-"` Prefix string `yaml:"-"` - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE"` } type DataGateway struct { diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index dfc34077fb3..dd9679a2555 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -6,41 +6,41 @@ type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:",omitempty"` + SkipUserGroupsInToken bool `yaml:""` - CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` - CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` - ShareFolder string `yaml:"share_folder,omitempty"` - DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login,omitempty"` - TransferSecret string `yaml:"transfer_secret,omitempty" env:"STORAGE_TRANSFER_SECRET"` - TransferExpires int `yaml:"transfer_expires,omitempty"` - HomeMapping string `yaml:"home_mapping,omitempty"` - EtagCacheTTL int `yaml:"etag_cache_ttl,omitempty"` + CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant"` + CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref"` + ShareFolder string `yaml:"share_folder"` + DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login"` + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` + TransferExpires int `yaml:"transfer_expires"` + HomeMapping string `yaml:"home_mapping"` + EtagCacheTTL int `yaml:"etag_cache_ttl"` - UsersEndpoint string `yaml:"users_endpoint,omitempty"` - GroupsEndpoint string `yaml:"groups_endpoint,omitempty"` - PermissionsEndpoint string `yaml:"permissions_endpoint,omitempty"` - SharingEndpoint string `yaml:"sharing_endpoint,omitempty"` - FrontendPublicURL string `yaml:"frontend_public_url,omitempty" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"` - AuthBasicEndpoint string `yaml:"auth_basic_endpoint,omitempty"` - AuthBearerEndpoint string `yaml:"auth_bearer_endpoint,omitempty"` - AuthMachineEndpoint string `yaml:"auth_machine_endpoint,omitempty"` - StoragePublicLinkEndpoint string `yaml:"storage_public_link_endpoint,omitempty"` - StorageUsersEndpoint string `yaml:"storage_users_endpoint,omitempty"` - StorageSharesEndpoint string `yaml:"storage_shares_endpoint,omitempty"` + UsersEndpoint string `yaml:"users_endpoint"` + GroupsEndpoint string `yaml:"groups_endpoint"` + PermissionsEndpoint string `yaml:"permissions_endpoint"` + SharingEndpoint string `yaml:"sharing_endpoint"` + FrontendPublicURL string `yaml:"frontend_public_url" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"` + AuthBasicEndpoint string `yaml:"auth_basic_endpoint"` + AuthBearerEndpoint string `yaml:"auth_bearer_endpoint"` + AuthMachineEndpoint string `yaml:"auth_machine_endpoint"` + StoragePublicLinkEndpoint string `yaml:"storage_public_link_endpoint"` + StorageUsersEndpoint string `yaml:"storage_users_endpoint"` + StorageSharesEndpoint string `yaml:"storage_shares_endpoint"` - StorageRegistry StorageRegistry `yaml:"storage_registry,omitempty"` - AppRegistry AppRegistry `yaml:"app_registry,omitempty"` + StorageRegistry StorageRegistry `yaml:"storage_registry"` + AppRegistry AppRegistry `yaml:"app_registry"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GATEWAY_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/glauth/pkg/config/config.go b/extensions/glauth/pkg/config/config.go index d9fcf5d6b10..aa8479989a3 100644 --- a/extensions/glauth/pkg/config/config.go +++ b/extensions/glauth/pkg/config/config.go @@ -12,17 +12,17 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - Ldap Ldap `yaml:"ldap,omitempty"` - Ldaps Ldaps `yaml:"ldaps,omitempty"` + Ldap Ldap `yaml:"ldap"` + Ldaps Ldaps `yaml:"ldaps"` - Backend Backend `yaml:"backend,omitempty"` - Fallback FallbackBackend `yaml:"fallback,omitempty"` + Backend Backend `yaml:"backend"` + Fallback FallbackBackend `yaml:"fallback"` - RoleBundleUUID string `yaml:"role_bundle_uuid,omitempty" env:"GLAUTH_ROLE_BUNDLE_ID"` + RoleBundleUUID string `yaml:"role_bundle_uuid" env:"GLAUTH_ROLE_BUNDLE_ID"` Context context.Context `yaml:"-"` } diff --git a/extensions/graph-explorer/pkg/config/config.go b/extensions/graph-explorer/pkg/config/config.go index 4fa04740366..2bd5bd5a62b 100644 --- a/extensions/graph-explorer/pkg/config/config.go +++ b/extensions/graph-explorer/pkg/config/config.go @@ -12,13 +12,13 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - GraphExplorer GraphExplorer `yaml:"graph_explorer,omitempty"` + GraphExplorer GraphExplorer `yaml:"graph_explorer"` Context context.Context `yaml:"-"` } diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 16768294fb3..d147eaa30cd 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -12,62 +12,62 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - Reva *Reva `yaml:"reva,omitempty"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Reva *Reva `yaml:"reva"` + TokenManager *TokenManager `yaml:"token_manager"` - Spaces Spaces `yaml:"spaces,omitempty"` - Identity Identity `yaml:"identity,omitempty"` - Events Events `yaml:"events,omitempty"` + Spaces Spaces `yaml:"spaces"` + Identity Identity `yaml:"identity"` + Events Events `yaml:"events"` Context context.Context `yaml:"-"` } type Spaces struct { - WebDavBase string `yaml:"webdav_base,omitempty" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE"` - WebDavPath string `yaml:"webdav_path,omitempty" env:"GRAPH_SPACES_WEBDAV_PATH"` - DefaultQuota string `yaml:"default_quota,omitempty" env:"GRAPH_SPACES_DEFAULT_QUOTA"` - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;GRAPH_SPACES_INSECURE"` - ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl,omitempty" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL"` + WebDavBase string `yaml:"webdav_base" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE"` + WebDavPath string `yaml:"webdav_path" env:"GRAPH_SPACES_WEBDAV_PATH"` + DefaultQuota string `yaml:"default_quota" env:"GRAPH_SPACES_DEFAULT_QUOTA"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;GRAPH_SPACES_INSECURE"` + ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL"` } type LDAP struct { - URI string `yaml:"uri,omitempty" env:"LDAP_URI;GRAPH_LDAP_URI"` - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;GRAPH_LDAP_INSECURE"` - BindDN string `yaml:"bind_dn,omitempty" env:"LDAP_BIND_DN;GRAPH_LDAP_BIND_DN"` - BindPassword string `yaml:"bind_password,omitempty" env:"LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD"` - UseServerUUID bool `yaml:"use_server_uuid,omitempty" env:"GRAPH_LDAP_SERVER_UUID"` - WriteEnabled bool `yaml:"write_enabled,omitempty" env:"GRAPH_LDAP_SERVER_WRITE_ENABLED"` + URI string `yaml:"uri" env:"LDAP_URI;GRAPH_LDAP_URI"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;GRAPH_LDAP_INSECURE"` + BindDN string `yaml:"bind_dn" env:"LDAP_BIND_DN;GRAPH_LDAP_BIND_DN"` + BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD"` + UseServerUUID bool `yaml:"use_server_uuid" env:"GRAPH_LDAP_SERVER_UUID"` + WriteEnabled bool `yaml:"write_enabled" env:"GRAPH_LDAP_SERVER_WRITE_ENABLED"` - UserBaseDN string `yaml:"user_base_dn,omitempty" env:"LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN"` - UserSearchScope string `yaml:"user_search_scope,omitempty" env:"LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE"` - UserFilter string `yaml:"user_filter,omitempty" env:"LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER"` - UserObjectClass string `yaml:"user_objectclass,omitempty" env:"LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS"` - UserEmailAttribute string `yaml:"user_mail_attribute,omitempty" env:"LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE"` - UserDisplayNameAttribute string `yaml:"user_displayname_attribute,omitempty" env:"LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE"` - UserNameAttribute string `yaml:"user_name_attribute,omitempty" env:"LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE"` - UserIDAttribute string `yaml:"user_id_attribute,omitempty" env:"LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE"` + UserBaseDN string `yaml:"user_base_dn" env:"LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN"` + UserSearchScope string `yaml:"user_search_scope" env:"LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE"` + UserFilter string `yaml:"user_filter" env:"LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER"` + UserObjectClass string `yaml:"user_objectclass" env:"LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS"` + UserEmailAttribute string `yaml:"user_mail_attribute" env:"LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE"` + UserDisplayNameAttribute string `yaml:"user_displayname_attribute" env:"LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE"` + UserNameAttribute string `yaml:"user_name_attribute" env:"LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE"` + UserIDAttribute string `yaml:"user_id_attribute" env:"LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE"` - GroupBaseDN string `yaml:"group_base_dn,omitempty" env:"LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN"` - GroupSearchScope string `yaml:"group_search_scope,omitempty" env:"LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE"` - GroupFilter string `yaml:"group_filter,omitempty" env:"LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER"` - GroupObjectClass string `yaml:"group_objectclass,omitempty" env:"LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS"` - GroupNameAttribute string `yaml:"group_name_attribute,omitempty" env:"LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE"` - GroupIDAttribute string `yaml:"group_id_attribute,omitempty" env:"LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE"` + GroupBaseDN string `yaml:"group_base_dn" env:"LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN"` + GroupSearchScope string `yaml:"group_search_scope" env:"LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE"` + GroupFilter string `yaml:"group_filter" env:"LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER"` + GroupObjectClass string `yaml:"group_objectclass" env:"LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS"` + GroupNameAttribute string `yaml:"group_name_attribute" env:"LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE"` + GroupIDAttribute string `yaml:"group_id_attribute" env:"LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE"` } type Identity struct { - Backend string `yaml:"backend,omitempty" env:"GRAPH_IDENTITY_BACKEND"` - LDAP LDAP `yaml:"ldap,omitempty"` + Backend string `yaml:"backend" env:"GRAPH_IDENTITY_BACKEND"` + LDAP LDAP `yaml:"ldap"` } // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"events_endpoint,omitempty" env:"GRAPH_EVENTS_ENDPOINT" desc:"the address of the streaming service"` - Cluster string `yaml:"events_cluster,omitempty" env:"GRAPH_EVENTS_CLUSTER" desc:"the clusterID of the streaming service. Mandatory when using nats"` + Endpoint string `yaml:"events_endpoint" env:"GRAPH_EVENTS_ENDPOINT" desc:"the address of the streaming service"` + Cluster string `yaml:"events_cluster" env:"GRAPH_EVENTS_CLUSTER" desc:"the clusterID of the streaming service. Mandatory when using nats"` } diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index e6c46d54fb7..efd0ea1b1e8 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -5,20 +5,20 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` - Driver string `yaml:"driver,omitempty"` - Drivers Drivers `yaml:"drivers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration"` + Driver string `yaml:"driver"` + Drivers Drivers `yaml:"drivers"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED" desc:"Activates tracing."` @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver `yaml:",omitempty"` - LDAP LDAPDriver `yaml:",omitempty"` - OwnCloudSQL OwnCloudSQLDriver `yaml:",omitempty"` - REST RESTProvider `yaml:",omitempty"` + JSON JSONDriver `yaml:""` + LDAP LDAPDriver `yaml:""` + OwnCloudSQL OwnCloudSQLDriver `yaml:""` + REST RESTProvider `yaml:""` } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `yaml:",omitempty" env:"LDAP_URI;GROUPS_LDAP_URI"` - CACert string `yaml:",omitempty" env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` - Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` - BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` - BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` - GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` - GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` - UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:",omitempty" env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:",omitempty"` - GroupSchema LDAPGroupSchema `yaml:",omitempty"` + URI string `yaml:"" env:"LDAP_URI;GROUPS_LDAP_URI"` + CACert string `yaml:"" env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` + Insecure bool `yaml:"" env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` + BindDN string `yaml:"" env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` + BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:"" env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` + GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:"" env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` + GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` + UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:"" env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:""` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:""` + GroupSchema LDAPGroupSchema `yaml:""` } type LDAPUserSchema struct { diff --git a/extensions/idm/pkg/config/config.go b/extensions/idm/pkg/config/config.go index 8f47d43a721..2706fe673fd 100644 --- a/extensions/idm/pkg/config/config.go +++ b/extensions/idm/pkg/config/config.go @@ -12,12 +12,12 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - IDM Settings `yaml:"idm,omitempty"` - CreateDemoUsers bool `yaml:"create_demo_users,omitempty" env:"IDM_CREATE_DEMO_USERS;ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"Flag to enabe/disable the creation of the demo users"` + IDM Settings `yaml:"idm"` + CreateDemoUsers bool `yaml:"create_demo_users" env:"IDM_CREATE_DEMO_USERS;ACCOUNTS_DEMO_USERS_AND_GROUPS" desc:"Flag to enabe/disable the creation of the demo users"` ServiceUserPasswords ServiceUserPasswords `yaml:"service_user_passwords"` diff --git a/extensions/idp/pkg/config/config.go b/extensions/idp/pkg/config/config.go index 2d697a9c857..4979fb0f380 100644 --- a/extensions/idp/pkg/config/config.go +++ b/extensions/idp/pkg/config/config.go @@ -12,43 +12,43 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - Asset Asset `yaml:"asset,omitempty"` - IDP Settings `yaml:"idp,omitempty"` - Ldap Ldap `yaml:"ldap,omitempty"` + Asset Asset `yaml:"asset"` + IDP Settings `yaml:"idp"` + Ldap Ldap `yaml:"ldap"` Context context.Context `yaml:"-"` } // Ldap defines the available LDAP configuration. type Ldap struct { - URI string `yaml:"uri,omitempty" env:"LDAP_URI;IDP_LDAP_URI"` - TLSCACert string `yaml:"cacert,omitempty" env:"LDAP_CACERT;IDP_LDAP_TLS_CACERT"` + URI string `yaml:"uri" env:"LDAP_URI;IDP_LDAP_URI"` + TLSCACert string `yaml:"cacert" env:"LDAP_CACERT;IDP_LDAP_TLS_CACERT"` - BindDN string `yaml:"bind_dn,omitempty" env:"LDAP_BIND_DN;IDP_LDAP_BIND_DN"` - BindPassword string `yaml:"bind_password,omitempty" env:"LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD"` + BindDN string `yaml:"bind_dn" env:"LDAP_BIND_DN;IDP_LDAP_BIND_DN"` + BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD"` - BaseDN string `yaml:"base_dn,omitempty" env:"LDAP_USER_BASE_DN,IDP_LDAP_BASE_DN"` - Scope string `yaml:"scope,omitempty" env:"LDAP_USER_SCOPE;IDP_LDAP_SCOPE"` + BaseDN string `yaml:"base_dn" env:"LDAP_USER_BASE_DN,IDP_LDAP_BASE_DN"` + Scope string `yaml:"scope" env:"LDAP_USER_SCOPE;IDP_LDAP_SCOPE"` - LoginAttribute string `yaml:"login_attribute,omitempty" env:"IDP_LDAP_LOGIN_ATTRIBUTE"` - EmailAttribute string `yaml:"email_attribute,omitempty" env:"LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE"` - NameAttribute string `yaml:"name_attribute,omitempty" env:"LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE"` - UUIDAttribute string `yaml:"uuid_attribute,omitempty" env:"LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE"` - UUIDAttributeType string `yaml:"uuid_attribute_type,omitempty" env:"IDP_LDAP_UUID_ATTRIBUTE_TYPE"` + LoginAttribute string `yaml:"login_attribute" env:"IDP_LDAP_LOGIN_ATTRIBUTE"` + EmailAttribute string `yaml:"email_attribute" env:"LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE"` + NameAttribute string `yaml:"name_attribute" env:"LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE"` + UUIDAttribute string `yaml:"uuid_attribute" env:"LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE"` + UUIDAttributeType string `yaml:"uuid_attribute_type" env:"IDP_LDAP_UUID_ATTRIBUTE_TYPE"` - Filter string `yaml:"filter,omitempty" env:"LDAP_USER_FILTER;IDP_LDAP_FILTER"` - ObjectClass string `yaml:"objectclass,omitempty" env:"LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS"` + Filter string `yaml:"filter" env:"LDAP_USER_FILTER;IDP_LDAP_FILTER"` + ObjectClass string `yaml:"objectclass" env:"LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS"` } // Asset defines the available asset configuration. type Asset struct { - Path string `yaml:"asset,omitempty" env:"IDP_ASSET_PATH"` + Path string `yaml:"asset" env:"IDP_ASSET_PATH"` } type Settings struct { diff --git a/extensions/nats/pkg/config/config.go b/extensions/nats/pkg/config/config.go index 9dfed67b293..3d1c279443b 100644 --- a/extensions/nats/pkg/config/config.go +++ b/extensions/nats/pkg/config/config.go @@ -12,18 +12,18 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - Nats Nats `ociConfig:"nats,omitempty"` + Nats Nats `ociConfig:"nats"` Context context.Context `yaml:"-"` } // Nats is the nats config type Nats struct { - Host string `yaml:"host,omitempty" env:"NATS_NATS_HOST"` - Port int `yaml:"port,omitempty" env:"NATS_NATS_PORT"` - ClusterID string `yaml:"clusterid,omitempty" env:"NATS_NATS_CLUSTER_ID"` - StoreDir string `yaml:"store_dir,omitempty" env:"NATS_NATS_STORE_DIR"` + Host string `yaml:"host" env:"NATS_NATS_HOST"` + Port int `yaml:"port" env:"NATS_NATS_PORT"` + ClusterID string `yaml:"clusterid" env:"NATS_NATS_CLUSTER_ID"` + StoreDir string `yaml:"store_dir" env:"NATS_NATS_STORE_DIR"` } diff --git a/extensions/notifications/pkg/config/config.go b/extensions/notifications/pkg/config/config.go index 103d5acdc19..36ff2e6c8c3 100644 --- a/extensions/notifications/pkg/config/config.go +++ b/extensions/notifications/pkg/config/config.go @@ -12,10 +12,10 @@ type Config struct { Service Service `yaml:"-"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - Notifications Notifications `yaml:"notifications,omitempty"` + Notifications Notifications `yaml:"notifications"` Context context.Context `yaml:"-"` } @@ -23,9 +23,9 @@ type Config struct { // Notifications definces the config options for the notifications service. type Notifications struct { *shared.Commons `yaml:"-"` - SMTP SMTP `yaml:"SMTP,omitempty"` - Events Events `yaml:"events,omitempty"` - RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY"` + SMTP SMTP `yaml:"SMTP"` + Events Events `yaml:"events"` + RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY"` } diff --git a/extensions/ocdav/pkg/config/config.go b/extensions/ocdav/pkg/config/config.go index de3748fceec..bc13918b5e1 100644 --- a/extensions/ocdav/pkg/config/config.go +++ b/extensions/ocdav/pkg/config/config.go @@ -5,29 +5,29 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - HTTP HTTPConfig `yaml:"http,omitempty"` + HTTP HTTPConfig `yaml:"http"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` - WebdavNamespace string `yaml:"webdav_namespace,omitempty"` - FilesNamespace string `yaml:"files_namespace,omitempty"` - SharesNamespace string `yaml:"shares_namespace,omitempty"` + WebdavNamespace string `yaml:"webdav_namespace"` + FilesNamespace string `yaml:"files_namespace"` + SharesNamespace string `yaml:"shares_namespace"` // PublicURL used to redirect /s/{token} URLs to - PublicURL string `yaml:"public_url,omitempty" env:"OCIS_URL;OCDAV_PUBLIC_URL"` + PublicURL string `yaml:"public_url" env:"OCIS_URL;OCDAV_PUBLIC_URL"` // Insecure certificates allowed when making requests to the gateway - Insecure bool `yaml:"insecure,omitempty" env:"OCIS_INSECURE;OCDAV_INSECURE"` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;OCDAV_INSECURE"` // Timeout in seconds when making requests to the gateway - Timeout int64 `yaml:"timeout,omitempty"` - Middleware Middleware `yaml:"middleware,omitempty"` + Timeout int64 `yaml:"timeout"` + Middleware Middleware `yaml:"middleware"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED" desc:"Activates tracing."` @@ -62,10 +62,10 @@ type HTTPConfig struct { // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth,omitempty"` + Auth Auth `yaml:"auth"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr,omitempty"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` } diff --git a/extensions/ocs/pkg/config/config.go b/extensions/ocs/pkg/config/config.go index af57bc07cd3..b5e7fbe8594 100644 --- a/extensions/ocs/pkg/config/config.go +++ b/extensions/ocs/pkg/config/config.go @@ -12,20 +12,20 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - IdentityManagement IdentityManagement `yaml:"identity_management,omitempty"` + IdentityManagement IdentityManagement `yaml:"identity_management"` - AccountBackend string `yaml:"account_backend,omitempty" env:"OCS_ACCOUNT_BACKEND_TYPE"` - StorageUsersDriver string `yaml:"storage_users_driver,omitempty" env:"STORAGE_USERS_DRIVER;OCS_STORAGE_USERS_DRIVER"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY"` + AccountBackend string `yaml:"account_backend" env:"OCS_ACCOUNT_BACKEND_TYPE"` + StorageUsersDriver string `yaml:"storage_users_driver" env:"STORAGE_USERS_DRIVER;OCS_STORAGE_USERS_DRIVER"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY"` Context context.Context `yaml:"-"` } diff --git a/extensions/proxy/pkg/config/config.go b/extensions/proxy/pkg/config/config.go index f9f1a530817..b1959b9ccd5 100644 --- a/extensions/proxy/pkg/config/config.go +++ b/extensions/proxy/pkg/config/config.go @@ -12,27 +12,27 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - - HTTP HTTP `yaml:"http,omitempty"` - - Reva *Reva `yaml:"reva,omitempty"` - - Policies []Policy `yaml:"policies,omitempty"` - OIDC OIDC `yaml:"oidc,omitempty"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - PolicySelector *PolicySelector `yaml:"policy_selector,omitempty"` - PreSignedURL PreSignedURL `yaml:"pre_signed_url,omitempty"` - AccountBackend string `yaml:"account_backend,omitempty" env:"PROXY_ACCOUNT_BACKEND_TYPE"` - UserOIDCClaim string `yaml:"user_oidc_claim,omitempty" env:"PROXY_USER_OIDC_CLAIM"` - UserCS3Claim string `yaml:"user_cs3_claim,omitempty" env:"PROXY_USER_CS3_CLAIM"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY"` - AutoprovisionAccounts bool `yaml:"auto_provision_accounts,omitempty" env:"PROXY_AUTOPROVISION_ACCOUNTS"` - EnableBasicAuth bool `yaml:"enable_basic_auth,omitempty" env:"PROXY_ENABLE_BASIC_AUTH"` - InsecureBackends bool `yaml:"insecure_backends,omitempty" env:"PROXY_INSECURE_BACKENDS"` - AuthMiddleware AuthMiddleware `yaml:"auth_middleware,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` + + HTTP HTTP `yaml:"http"` + + Reva *Reva `yaml:"reva"` + + Policies []Policy `yaml:"policies"` + OIDC OIDC `yaml:"oidc"` + TokenManager *TokenManager `yaml:"token_manager"` + PolicySelector *PolicySelector `yaml:"policy_selector"` + PreSignedURL PreSignedURL `yaml:"pre_signed_url"` + AccountBackend string `yaml:"account_backend" env:"PROXY_ACCOUNT_BACKEND_TYPE"` + UserOIDCClaim string `yaml:"user_oidc_claim" env:"PROXY_USER_OIDC_CLAIM"` + UserCS3Claim string `yaml:"user_cs3_claim" env:"PROXY_USER_CS3_CLAIM"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY"` + AutoprovisionAccounts bool `yaml:"auto_provision_accounts" env:"PROXY_AUTOPROVISION_ACCOUNTS"` + EnableBasicAuth bool `yaml:"enable_basic_auth" env:"PROXY_ENABLE_BASIC_AUTH"` + InsecureBackends bool `yaml:"insecure_backends" env:"PROXY_INSECURE_BACKENDS"` + AuthMiddleware AuthMiddleware `yaml:"auth_middleware"` Context context.Context `yaml:"-"` } diff --git a/extensions/settings/pkg/config/config.go b/extensions/settings/pkg/config/config.go index ea74b42ed19..24de34c3a1d 100644 --- a/extensions/settings/pkg/config/config.go +++ b/extensions/settings/pkg/config/config.go @@ -12,19 +12,19 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` - GRPC GRPC `yaml:"grpc,omitempty"` + HTTP HTTP `yaml:"http"` + GRPC GRPC `yaml:"grpc"` - StoreType string `yaml:"store_type,omitempty" env:"SETTINGS_STORE_TYPE"` - DataPath string `yaml:"data_path,omitempty" env:"SETTINGS_DATA_PATH"` - Metadata Metadata `yaml:"metadata_config,omitempty"` + StoreType string `yaml:"store_type" env:"SETTINGS_STORE_TYPE"` + DataPath string `yaml:"data_path" env:"SETTINGS_DATA_PATH"` + Metadata Metadata `yaml:"metadata_config"` - Asset Asset `yaml:"asset,omitempty"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` + Asset Asset `yaml:"asset"` + TokenManager *TokenManager `yaml:"token_manager"` Context context.Context `yaml:"-"` } @@ -36,10 +36,10 @@ type Asset struct { // Metadata configures the metadata store to use type Metadata struct { - GatewayAddress string `yaml:"gateway_addr,omitempty" env:"STORAGE_GATEWAY_GRPC_ADDR"` - StorageAddress string `yaml:"storage_addr,omitempty" env:"STORAGE_GRPC_ADDR"` + GatewayAddress string `yaml:"gateway_addr" env:"STORAGE_GATEWAY_GRPC_ADDR"` + StorageAddress string `yaml:"storage_addr" env:"STORAGE_GRPC_ADDR"` - ServiceUserID string `yaml:"service_user_id,omitempty" env:"METADATA_SERVICE_USER_UUID"` - ServiceUserIDP string `yaml:"service_user_idp,omitempty" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty" env:"OCIS_MACHINE_AUTH_API_KEY"` + ServiceUserID string `yaml:"service_user_id" env:"METADATA_SERVICE_USER_UUID"` + ServiceUserIDP string `yaml:"service_user_idp" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` } diff --git a/extensions/sharing/pkg/config/config.go b/extensions/sharing/pkg/config/config.go index 9df6e9bae3e..b63417987c1 100644 --- a/extensions/sharing/pkg/config/config.go +++ b/extensions/sharing/pkg/config/config.go @@ -5,22 +5,22 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` - - GRPC GRPCConfig `yaml:"grpc,omitempty"` - - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` - - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - UserSharingDriver string `yaml:"user_sharing_driver,omitempty"` - UserSharingDrivers UserSharingDrivers `yaml:"user_sharin_drivers,omitempty"` - PublicSharingDriver string `yaml:"public_sharing_driver,omitempty"` - PublicSharingDrivers PublicSharingDrivers `yaml:"public_sharing_drivers,omitempty"` - Events Events `yaml:"events,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` + + GRPC GRPCConfig `yaml:"grpc"` + + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` + + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + UserSharingDriver string `yaml:"user_sharing_driver"` + UserSharingDrivers UserSharingDrivers `yaml:"user_sharin_drivers"` + PublicSharingDriver string `yaml:"public_sharing_driver"` + PublicSharingDrivers PublicSharingDrivers `yaml:"public_sharing_drivers"` + Events Events `yaml:"events"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;SHARING_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index c783f913085..48d071f8364 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -9,25 +9,25 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` - HTTP HTTPConfig `yaml:"http,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` + HTTP HTTPConfig `yaml:"http"` - Context context.Context `yaml:"context,omitempty"` + Context context.Context `yaml:"context"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - Driver string `yaml:"driver,omitempty" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` - Drivers Drivers `yaml:"drivers,omitempty"` - DataServerURL string `yaml:"data_server_url,omitempty"` - TempFolder string `yaml:"temp_folder,omitempty"` - DataProviderInsecure bool `yaml:"data_providcer_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + Driver string `yaml:"driver" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"` + Drivers Drivers `yaml:"drivers"` + DataServerURL string `yaml:"data_server_url"` + TempFolder string `yaml:"temp_folder"` + DataProviderInsecure bool `yaml:"data_providcer_insecure" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-publiclink/pkg/config/config.go b/extensions/storage-publiclink/pkg/config/config.go index 0fcc80c113e..a261852f46a 100644 --- a/extensions/storage-publiclink/pkg/config/config.go +++ b/extensions/storage-publiclink/pkg/config/config.go @@ -9,21 +9,21 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - Context context.Context `yaml:"context,omitempty"` + Context context.Context `yaml:"context"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - AuthProvider AuthProvider `yaml:"auth_provider,omitempty"` - StorageProvider StorageProvider `yaml:"storage_provider,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + AuthProvider AuthProvider `yaml:"auth_provider"` + StorageProvider StorageProvider `yaml:"storage_provider"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-shares/pkg/config/config.go b/extensions/storage-shares/pkg/config/config.go index 1ad7fca1d94..a44f0b8debd 100644 --- a/extensions/storage-shares/pkg/config/config.go +++ b/extensions/storage-shares/pkg/config/config.go @@ -9,21 +9,21 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` - HTTP HTTPConfig `yaml:"http,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` + HTTP HTTPConfig `yaml:"http"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - Context context.Context `yaml:"context,omitempty"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - ReadOnly bool `yaml:"readonly,omitempty"` - SharesProviderEndpoint string `yaml:"shares_provider_endpoint,omitempty"` + Context context.Context `yaml:"context"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + ReadOnly bool `yaml:"readonly"` + SharesProviderEndpoint string `yaml:"shares_provider_endpoint"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-users/pkg/config/config.go b/extensions/storage-users/pkg/config/config.go index fe749a5d0d0..4cf505d9c12 100644 --- a/extensions/storage-users/pkg/config/config.go +++ b/extensions/storage-users/pkg/config/config.go @@ -9,29 +9,29 @@ import ( type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` - - GRPC GRPCConfig `yaml:"grpc,omitempty"` - HTTP HTTPConfig `yaml:"http,omitempty"` - - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` - - Context context.Context `yaml:"context,omitempty"` - - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - Driver string `yaml:"driver,omitempty" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` - Drivers Drivers `yaml:"drivers,omitempty"` - DataServerURL string `yaml:"data_server_url,omitempty"` - TempFolder string `yaml:"temp_folder,omitempty"` - DataProviderInsecure bool `yaml:"data_provider_insecure,omitempty" env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` - Events Events `yaml:"events,omitempty"` - MountID string `yaml:"mount_id,omitempty"` - ExposeDataServer bool `yaml:"expose_data_server,omitempty"` - ReadOnly bool `yaml:"readonly,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` + + GRPC GRPCConfig `yaml:"grpc"` + HTTP HTTPConfig `yaml:"http"` + + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` + + Context context.Context `yaml:"context"` + + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + Driver string `yaml:"driver" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"` + Drivers Drivers `yaml:"drivers"` + DataServerURL string `yaml:"data_server_url"` + TempFolder string `yaml:"temp_folder"` + DataProviderInsecure bool `yaml:"data_provider_insecure" env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"` + Events Events `yaml:"events"` + MountID string `yaml:"mount_id"` + ExposeDataServer bool `yaml:"expose_data_server"` + ReadOnly bool `yaml:"readonly"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage/pkg/config/config.go b/extensions/storage/pkg/config/config.go index 841d36797c5..1b8daa4f20e 100644 --- a/extensions/storage/pkg/config/config.go +++ b/extensions/storage/pkg/config/config.go @@ -8,123 +8,123 @@ import ( // Log defines the available logging configuration. type Log struct { - Level string `yaml:"level,omitempty"` - Pretty bool `yaml:"pretty,omitempty"` - Color bool `yaml:"color,omitempty"` - File string `yaml:"file,omitempty"` + Level string `yaml:"level"` + Pretty bool `yaml:"pretty"` + Color bool `yaml:"color"` + File string `yaml:"file"` } // Debug defines the available debug configuration. type Debug struct { - Addr string `yaml:"addr,omitempty"` - Token string `yaml:"token,omitempty"` - Pprof bool `yaml:"pprof,omitempty"` - Zpages bool `yaml:"zpages,omitempty"` + Addr string `yaml:"addr"` + Token string `yaml:"token"` + Pprof bool `yaml:"pprof"` + Zpages bool `yaml:"zpages"` } // Gateway defines the available gateway configuration. type Gateway struct { Port - CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant,omitempty"` - CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref,omitempty"` - DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login,omitempty"` - ShareFolder string `yaml:"share_folder,omitempty"` - LinkGrants string `yaml:"link_grants,omitempty"` - HomeMapping string `yaml:"home_mapping,omitempty"` - EtagCacheTTL int `yaml:"etag_cache_ttl,omitempty"` + CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant"` + CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref"` + DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login"` + ShareFolder string `yaml:"share_folder"` + LinkGrants string `yaml:"link_grants"` + HomeMapping string `yaml:"home_mapping"` + EtagCacheTTL int `yaml:"etag_cache_ttl"` } // StorageRegistry defines the available storage registry configuration type StorageRegistry struct { - Driver string `yaml:"driver,omitempty"` + Driver string `yaml:"driver"` // HomeProvider is the path in the global namespace that the static storage registry uses to determine the home storage - HomeProvider string `yaml:"home_provider,omitempty"` - Rules []string `yaml:"rules,omitempty"` - JSON string `yaml:"json,omitempty"` + HomeProvider string `yaml:"home_provider"` + Rules []string `yaml:"rules"` + JSON string `yaml:"json"` } // AppRegistry defines the available app registry configuration type AppRegistry struct { - Driver string `yaml:"driver,omitempty"` - MimetypesJSON string `yaml:"mime_types_json,omitempty"` + Driver string `yaml:"driver"` + MimetypesJSON string `yaml:"mime_types_json"` } // AppProvider defines the available app provider configuration type AppProvider struct { Port - ExternalAddr string `yaml:"external_addr,omitempty"` - Driver string `yaml:"driver,omitempty"` - WopiDriver WopiDriver `yaml:"wopi_driver,omitempty"` - AppsURL string `yaml:"apps_url,omitempty"` - OpenURL string `yaml:"open_url,omitempty"` - NewURL string `yaml:"new_url,omitempty"` + ExternalAddr string `yaml:"external_addr"` + Driver string `yaml:"driver"` + WopiDriver WopiDriver `yaml:"wopi_driver"` + AppsURL string `yaml:"apps_url"` + OpenURL string `yaml:"open_url"` + NewURL string `yaml:"new_url"` } type WopiDriver struct { - AppAPIKey string `yaml:"app_api_key,omitempty"` - AppDesktopOnly bool `yaml:"app_desktop_only,omitempty"` - AppIconURI string `yaml:"app_icon_uri,omitempty"` - AppInternalURL string `yaml:"app_internal_url,omitempty"` - AppName string `yaml:"app_name,omitempty"` - AppURL string `yaml:"app_url,omitempty"` - Insecure bool `yaml:"insecure,omitempty"` - IopSecret string `yaml:"ipo_secret,omitempty"` - JWTSecret string `yaml:"jwt_secret,omitempty"` - WopiURL string `yaml:"wopi_url,omitempty"` + AppAPIKey string `yaml:"app_api_key"` + AppDesktopOnly bool `yaml:"app_desktop_only"` + AppIconURI string `yaml:"app_icon_uri"` + AppInternalURL string `yaml:"app_internal_url"` + AppName string `yaml:"app_name"` + AppURL string `yaml:"app_url"` + Insecure bool `yaml:"insecure"` + IopSecret string `yaml:"ipo_secret"` + JWTSecret string `yaml:"jwt_secret"` + WopiURL string `yaml:"wopi_url"` } // Sharing defines the available sharing configuration. type Sharing struct { Port - UserDriver string `yaml:"user_driver,omitempty"` - UserJSONFile string `yaml:"user_json_file,omitempty"` - CS3ProviderAddr string `yaml:"provider_addr,omitempty"` - CS3ServiceUser string `yaml:"service_user_id,omitempty"` - CS3ServiceUserIdp string `yaml:"service_user_idp,omitempty"` - UserSQLUsername string `yaml:"user_sql_username,omitempty"` - UserSQLPassword string `yaml:"user_sql_password,omitempty"` - UserSQLHost string `yaml:"user_sql_host,omitempty"` - UserSQLPort int `yaml:"user_sql_port,omitempty"` - UserSQLName string `yaml:"user_sql_name,omitempty"` - PublicDriver string `yaml:"public_driver,omitempty"` - PublicJSONFile string `yaml:"public_json_file,omitempty"` - PublicPasswordHashCost int `yaml:"public_password_hash_cost,omitempty"` - PublicEnableExpiredSharesCleanup bool `yaml:"public_enable_expired_shares_cleanup,omitempty"` - PublicJanitorRunInterval int `yaml:"public_janitor_run_interval,omitempty"` - UserStorageMountID string `yaml:"user_storage_mount_id,omitempty"` - Events Events `yaml:"events,omitempty"` + UserDriver string `yaml:"user_driver"` + UserJSONFile string `yaml:"user_json_file"` + CS3ProviderAddr string `yaml:"provider_addr"` + CS3ServiceUser string `yaml:"service_user_id"` + CS3ServiceUserIdp string `yaml:"service_user_idp"` + UserSQLUsername string `yaml:"user_sql_username"` + UserSQLPassword string `yaml:"user_sql_password"` + UserSQLHost string `yaml:"user_sql_host"` + UserSQLPort int `yaml:"user_sql_port"` + UserSQLName string `yaml:"user_sql_name"` + PublicDriver string `yaml:"public_driver"` + PublicJSONFile string `yaml:"public_json_file"` + PublicPasswordHashCost int `yaml:"public_password_hash_cost"` + PublicEnableExpiredSharesCleanup bool `yaml:"public_enable_expired_shares_cleanup"` + PublicJanitorRunInterval int `yaml:"public_janitor_run_interval"` + UserStorageMountID string `yaml:"user_storage_mount_id"` + Events Events `yaml:"events"` } type Events struct { - Address string `yaml:"address,omitempty"` - ClusterID string `yaml:"cluster_id,omitempty"` + Address string `yaml:"address"` + ClusterID string `yaml:"cluster_id"` } // Port defines the available port configuration. type Port struct { // MaxCPUs can be a number or a percentage - MaxCPUs string `yaml:"max_cpus,omitempty"` - LogLevel string `yaml:"log_level,omitempty"` + MaxCPUs string `yaml:"max_cpus"` + LogLevel string `yaml:"log_level"` // GRPCNetwork can be tcp, udp or unix - GRPCNetwork string `yaml:"grpc_network,omitempty"` + GRPCNetwork string `yaml:"grpc_network"` // GRPCAddr to listen on, hostname:port (0.0.0.0:9999 for all interfaces) or socket (/var/run/reva/sock) - GRPCAddr string `yaml:"grpc_addr,omitempty"` + GRPCAddr string `yaml:"grpc_addr"` // Protocol can be grpc or http // HTTPNetwork can be tcp, udp or unix - HTTPNetwork string `yaml:"http_network,omitempty"` + HTTPNetwork string `yaml:"http_network"` // HTTPAddr to listen on, hostname:port (0.0.0.0:9100 for all interfaces) or socket (/var/run/reva/sock) - HTTPAddr string `yaml:"http_addr,omitempty"` + HTTPAddr string `yaml:"http_addr"` // Protocol can be grpc or http - Protocol string `yaml:"protocol,omitempty"` + Protocol string `yaml:"protocol"` // Endpoint is used by the gateway and registries (eg localhost:9100 or cloud.example.com) - Endpoint string `yaml:"endpoint,omitempty"` + Endpoint string `yaml:"endpoint"` // DebugAddr for the debug endpoint to bind to - DebugAddr string `yaml:"debug_addr,omitempty"` + DebugAddr string `yaml:"debug_addr"` // Services can be used to give a list of services that should be started on this port - Services []string `yaml:"services,omitempty"` + Services []string `yaml:"services"` // Config can be used to configure the reva instance. // Services and Protocol will be ignored if this is used - Config map[string]interface{} `yaml:"config,omitempty"` + Config map[string]interface{} `yaml:"config"` // Context allows for context cancellation and propagation Context context.Context @@ -136,118 +136,118 @@ type Port struct { // Users defines the available users configuration. type Users struct { Port - Driver string `yaml:"driver,omitempty"` - JSON string `yaml:"json,omitempty"` - UserGroupsCacheExpiration int `yaml:"user_groups_cache_expiration,omitempty"` + Driver string `yaml:"driver"` + JSON string `yaml:"json"` + UserGroupsCacheExpiration int `yaml:"user_groups_cache_expiration"` } // AuthMachineConfig defines the available configuration for the machine auth driver. type AuthMachineConfig struct { - MachineAuthAPIKey string `yaml:"machine_auth_api_key,omitempty"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key"` } // Groups defines the available groups configuration. type Groups struct { Port - Driver string `yaml:"driver,omitempty"` - JSON string `yaml:"json,omitempty"` - GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration,omitempty"` + Driver string `yaml:"driver"` + JSON string `yaml:"json"` + GroupMembersCacheExpiration int `yaml:"group_members_cache_expiration"` } // FrontendPort defines the available frontend configuration. type FrontendPort struct { Port - AppProviderInsecure bool `yaml:"app_provider_insecure,omitempty"` - AppProviderPrefix string `yaml:"app_provider_prefix,omitempty"` - ArchiverInsecure bool `yaml:"archiver_insecure,omitempty"` - ArchiverPrefix string `yaml:"archiver_prefix,omitempty"` - DatagatewayPrefix string `yaml:"data_gateway_prefix,omitempty"` - Favorites bool `yaml:"favorites,omitempty"` - ProjectSpaces bool `yaml:"project_spaces,omitempty"` - OCSPrefix string `yaml:"ocs_prefix,omitempty"` - OCSSharePrefix string `yaml:"ocs_share_prefix,omitempty"` - OCSHomeNamespace string `yaml:"ocs_home_namespace,omitempty"` - PublicURL string `yaml:"public_url,omitempty"` - OCSCacheWarmupDriver string `yaml:"ocs_cache_warmup_driver,omitempty"` - OCSAdditionalInfoAttribute string `yaml:"ocs_additional_info_attribute,omitempty"` - OCSResourceInfoCacheTTL int `yaml:"ocs_resource_info_cache_ttl,omitempty"` - Middleware Middleware `yaml:"middleware,omitempty"` + AppProviderInsecure bool `yaml:"app_provider_insecure"` + AppProviderPrefix string `yaml:"app_provider_prefix"` + ArchiverInsecure bool `yaml:"archiver_insecure"` + ArchiverPrefix string `yaml:"archiver_prefix"` + DatagatewayPrefix string `yaml:"data_gateway_prefix"` + Favorites bool `yaml:"favorites"` + ProjectSpaces bool `yaml:"project_spaces"` + OCSPrefix string `yaml:"ocs_prefix"` + OCSSharePrefix string `yaml:"ocs_share_prefix"` + OCSHomeNamespace string `yaml:"ocs_home_namespace"` + PublicURL string `yaml:"public_url"` + OCSCacheWarmupDriver string `yaml:"ocs_cache_warmup_driver"` + OCSAdditionalInfoAttribute string `yaml:"ocs_additional_info_attribute"` + OCSResourceInfoCacheTTL int `yaml:"ocs_resource_info_cache_ttl"` + Middleware Middleware `yaml:"middleware"` } // Middleware configures reva middlewares. type Middleware struct { - Auth Auth `yaml:"auth,omitempty"` + Auth Auth `yaml:"auth"` } // Auth configures reva http auth middleware. type Auth struct { - CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr,omitempty"` + CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"` } // DataGatewayPort has a public url type DataGatewayPort struct { Port - PublicURL string `yaml:",omitempty"` + PublicURL string `yaml:""` } type DataProvider struct { - Insecure bool `yaml:"insecure,omitempty"` + Insecure bool `yaml:"insecure"` } // StoragePort defines the available storage configuration. type StoragePort struct { Port - Driver string `yaml:"driver,omitempty"` - MountID string `yaml:"mount_id,omitempty"` - AlternativeID string `yaml:"alternative_id,omitempty"` - ExposeDataServer bool `yaml:"expose_data_server,omitempty"` + Driver string `yaml:"driver"` + MountID string `yaml:"mount_id"` + AlternativeID string `yaml:"alternative_id"` + ExposeDataServer bool `yaml:"expose_data_server"` // url the data gateway will use to route requests - DataServerURL string `yaml:"data_server_url,omitempty"` + DataServerURL string `yaml:"data_server_url"` // for HTTP ports with only one http service - HTTPPrefix string `yaml:"http_prefix,omitempty"` - TempFolder string `yaml:"temp_folder,omitempty"` - ReadOnly bool `yaml:"read_only,omitempty"` - DataProvider DataProvider `yaml:"data_provider,omitempty"` - GatewayEndpoint string `yaml:"gateway_endpoint,omitempty"` + HTTPPrefix string `yaml:"http_prefix"` + TempFolder string `yaml:"temp_folder"` + ReadOnly bool `yaml:"read_only"` + DataProvider DataProvider `yaml:"data_provider"` + GatewayEndpoint string `yaml:"gateway_endpoint"` } // PublicStorage configures a public storage provider type PublicStorage struct { StoragePort - PublicShareProviderAddr string `yaml:"public_share_provider_addr,omitempty"` - UserProviderAddr string `yaml:"user_provider_addr,omitempty"` + PublicShareProviderAddr string `yaml:"public_share_provider_addr"` + UserProviderAddr string `yaml:"user_provider_addr"` } // StorageConfig combines all available storage driver configuration parts. type StorageConfig struct { - EOS DriverEOS `yaml:"eos,omitempty"` - Local DriverCommon `yaml:"local,omitempty"` - OwnCloudSQL DriverOwnCloudSQL `yaml:"owncloud_sql,omitempty"` - S3 DriverS3 `yaml:"s3,omitempty"` - S3NG DriverS3NG `yaml:"s3ng,omitempty"` - OCIS DriverOCIS `yaml:"ocis,omitempty"` + EOS DriverEOS `yaml:"eos"` + Local DriverCommon `yaml:"local"` + OwnCloudSQL DriverOwnCloudSQL `yaml:"owncloud_sql"` + S3 DriverS3 `yaml:"s3"` + S3NG DriverS3NG `yaml:"s3ng"` + OCIS DriverOCIS `yaml:"ocis"` } // DriverCommon defines common driver configuration options. type DriverCommon struct { // Root is the absolute path to the location of the data - Root string `yaml:"root,omitempty"` + Root string `yaml:"root"` //ShareFolder defines the name of the folder jailing all shares - ShareFolder string `yaml:"share_folder,omitempty"` + ShareFolder string `yaml:"share_folder"` // UserLayout contains the template used to construct // the internal path, eg: `{{substr 0 1 .Username}}/{{.Username}}` - UserLayout string `yaml:"user_layout,omitempty"` + UserLayout string `yaml:"user_layout"` // EnableHome enables the creation of home directories. - EnableHome bool `yaml:"enable_home,omitempty"` + EnableHome bool `yaml:"enable_home"` // PersonalSpaceAliasTemplate contains the template used to construct - // the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}},omitempty"` - PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template,omitempty"` + // the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}}"` + PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template"` // GeneralSpaceAliasTemplate contains the template used to construct // the general space alias, eg: `{{.SpaceType}}/{{.SpaceName | replace " " "-" | lower}}` - GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template,omitempty"` + GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template"` } // DriverEOS defines the available EOS driver configuration. @@ -255,60 +255,60 @@ type DriverEOS struct { DriverCommon // ShadowNamespace for storing shadow data - ShadowNamespace string `yaml:"shadow_namespace,omitempty"` + ShadowNamespace string `yaml:"shadow_namespace"` // UploadsNamespace for storing upload data - UploadsNamespace string `yaml:"uploads_namespace,omitempty"` + UploadsNamespace string `yaml:"uploads_namespace"` // Location of the eos binary. // Default is /usr/bin/eos. - EosBinary string `yaml:"eos_binary,omitempty"` + EosBinary string `yaml:"eos_binary"` // Location of the xrdcopy binary. // Default is /usr/bin/xrdcopy. - XrdcopyBinary string `yaml:"xrd_copy_binary,omitempty"` + XrdcopyBinary string `yaml:"xrd_copy_binary"` // URL of the Master EOS MGM. // Default is root://eos-example.org - MasterURL string `yaml:"master_url,omitempty"` + MasterURL string `yaml:"master_url"` // URI of the EOS MGM grpc server // Default is empty - GrpcURI string `yaml:"grpc_uri,omitempty"` + GrpcURI string `yaml:"grpc_uri"` // URL of the Slave EOS MGM. // Default is root://eos-example.org - SlaveURL string `yaml:"slave_url,omitempty"` + SlaveURL string `yaml:"slave_url"` // Location on the local fs where to store reads. // Defaults to os.TempDir() - CacheDirectory string `yaml:"cache_directory,omitempty"` + CacheDirectory string `yaml:"cache_directory"` // Enables logging of the commands executed // Defaults to false - EnableLogging bool `yaml:"enable_logging,omitempty"` + EnableLogging bool `yaml:"enable_logging"` // ShowHiddenSysFiles shows internal EOS files like // .sys.v# and .sys.a# files. - ShowHiddenSysFiles bool `yaml:"shadow_hidden_files,omitempty"` + ShowHiddenSysFiles bool `yaml:"shadow_hidden_files"` // ForceSingleUserMode will force connections to EOS to use SingleUsername - ForceSingleUserMode bool `yaml:"force_single_user_mode,omitempty"` + ForceSingleUserMode bool `yaml:"force_single_user_mode"` // UseKeyTabAuth changes will authenticate requests by using an EOS keytab. - UseKeytab bool `yaml:"user_keytab,omitempty"` + UseKeytab bool `yaml:"user_keytab"` // SecProtocol specifies the xrootd security protocol to use between the server and EOS. - SecProtocol string `yaml:"sec_protocol,omitempty"` + SecProtocol string `yaml:"sec_protocol"` // Keytab specifies the location of the keytab to use to authenticate to EOS. - Keytab string `yaml:"keytab,omitempty"` + Keytab string `yaml:"keytab"` // SingleUsername is the username to use when SingleUserMode is enabled - SingleUsername string `yaml:"single_username,omitempty"` + SingleUsername string `yaml:"single_username"` // gateway service to use for uid lookups - GatewaySVC string `yaml:"gateway_svc,omitempty"` + GatewaySVC string `yaml:"gateway_svc"` } // DriverOCIS defines the available oCIS storage driver configuration. @@ -320,217 +320,217 @@ type DriverOCIS struct { type DriverOwnCloudSQL struct { DriverCommon - UploadInfoDir string `yaml:"upload_info_dir,omitempty"` - DBUsername string `yaml:"db_username,omitempty"` - DBPassword string `yaml:"db_password,omitempty"` - DBHost string `yaml:"db_host,omitempty"` - DBPort int `yaml:"db_port,omitempty"` - DBName string `yaml:"db_name,omitempty"` + UploadInfoDir string `yaml:"upload_info_dir"` + DBUsername string `yaml:"db_username"` + DBPassword string `yaml:"db_password"` + DBHost string `yaml:"db_host"` + DBPort int `yaml:"db_port"` + DBName string `yaml:"db_name"` } // DriverS3 defines the available S3 storage driver configuration. type DriverS3 struct { DriverCommon - Region string `yaml:"region,omitempty"` - AccessKey string `yaml:"access_key,omitempty"` - SecretKey string `yaml:"secret_key,omitempty"` - Endpoint string `yaml:"endpoint,omitempty"` - Bucket string `yaml:"bucket,omitempty"` + Region string `yaml:"region"` + AccessKey string `yaml:"access_key"` + SecretKey string `yaml:"secret_key"` + Endpoint string `yaml:"endpoint"` + Bucket string `yaml:"bucket"` } // DriverS3NG defines the available s3ng storage driver configuration. type DriverS3NG struct { DriverCommon - Region string `yaml:"region,omitempty"` - AccessKey string `yaml:"access_key,omitempty"` - SecretKey string `yaml:"secret_key,omitempty"` - Endpoint string `yaml:"endpoint,omitempty"` - Bucket string `yaml:"bucket,omitempty"` + Region string `yaml:"region"` + AccessKey string `yaml:"access_key"` + SecretKey string `yaml:"secret_key"` + Endpoint string `yaml:"endpoint"` + Bucket string `yaml:"bucket"` } // OIDC defines the available OpenID Connect configuration. type OIDC struct { - Issuer string `yaml:"issuer,omitempty"` - Insecure bool `yaml:"insecure,omitempty"` - IDClaim string `yaml:"id_claim,omitempty"` - UIDClaim string `yaml:"uid_claim,omitempty"` - GIDClaim string `yaml:"gid_claim,omitempty"` + Issuer string `yaml:"issuer"` + Insecure bool `yaml:"insecure"` + IDClaim string `yaml:"id_claim"` + UIDClaim string `yaml:"uid_claim"` + GIDClaim string `yaml:"gid_claim"` } // LDAP defines the available ldap configuration. type LDAP struct { - URI string `yaml:"uri,omitempty"` - CACert string `yaml:"ca_cert,omitempty"` - Insecure bool `yaml:"insecure,omitempty"` - UserBaseDN string `yaml:"user_base_dn,omitempty"` - GroupBaseDN string `yaml:"group_base_dn,omitempty"` - UserScope string `yaml:"user_scope,omitempty"` - GroupScope string `yaml:"group_scope,omitempty"` - UserObjectClass string `yaml:"user_objectclass,omitempty"` - GroupObjectClass string `yaml:"group_objectclass,omitempty"` - UserFilter string `yaml:"user_filter,omitempty"` - GroupFilter string `yaml:"group_filter,omitempty"` - LoginAttributes []string `yaml:"login_attributes,omitempty"` - BindDN string `yaml:"bind_dn,omitempty"` - BindPassword string `yaml:"bind_password,omitempty"` - IDP string `yaml:"idp,omitempty"` - UserSchema LDAPUserSchema `yaml:"user_schema,omitempty"` - GroupSchema LDAPGroupSchema `yaml:"group_schema,omitempty"` + URI string `yaml:"uri"` + CACert string `yaml:"ca_cert"` + Insecure bool `yaml:"insecure"` + UserBaseDN string `yaml:"user_base_dn"` + GroupBaseDN string `yaml:"group_base_dn"` + UserScope string `yaml:"user_scope"` + GroupScope string `yaml:"group_scope"` + UserObjectClass string `yaml:"user_objectclass"` + GroupObjectClass string `yaml:"group_objectclass"` + UserFilter string `yaml:"user_filter"` + GroupFilter string `yaml:"group_filter"` + LoginAttributes []string `yaml:"login_attributes"` + BindDN string `yaml:"bind_dn"` + BindPassword string `yaml:"bind_password"` + IDP string `yaml:"idp"` + UserSchema LDAPUserSchema `yaml:"user_schema"` + GroupSchema LDAPGroupSchema `yaml:"group_schema"` } // UserGroupRest defines the REST driver specification for user and group resolution. type UserGroupRest struct { - ClientID string `yaml:"client_id,omitempty"` - ClientSecret string `yaml:"client_secret,omitempty"` - RedisAddress string `yaml:"redis_address,omitempty"` - RedisUsername string `yaml:"redis_username,omitempty"` - RedisPassword string `yaml:"redis_password,omitempty"` - IDProvider string `yaml:"idp_provider,omitempty"` - APIBaseURL string `yaml:"api_base_url,omitempty"` - OIDCTokenEndpoint string `yaml:"oidc_token_endpoint,omitempty"` - TargetAPI string `yaml:"target_api,omitempty"` + ClientID string `yaml:"client_id"` + ClientSecret string `yaml:"client_secret"` + RedisAddress string `yaml:"redis_address"` + RedisUsername string `yaml:"redis_username"` + RedisPassword string `yaml:"redis_password"` + IDProvider string `yaml:"idp_provider"` + APIBaseURL string `yaml:"api_base_url"` + OIDCTokenEndpoint string `yaml:"oidc_token_endpoint"` + TargetAPI string `yaml:"target_api"` } // UserOwnCloudSQL defines the available ownCloudSQL user provider configuration. type UserOwnCloudSQL struct { - DBUsername string `yaml:"db_username,omitempty"` - DBPassword string `yaml:"db_password,omitempty"` - DBHost string `yaml:"db_host,omitempty"` - DBPort int `yaml:"db_port,omitempty"` - DBName string `yaml:"db_name,omitempty"` - Idp string `yaml:"idp,omitempty"` - Nobody int64 `yaml:"nobody,omitempty"` - JoinUsername bool `yaml:"join_username,omitempty"` - JoinOwnCloudUUID bool `yaml:"join_owncloud_uuid,omitempty"` - EnableMedialSearch bool `yaml:"enable_medial_search,omitempty"` + DBUsername string `yaml:"db_username"` + DBPassword string `yaml:"db_password"` + DBHost string `yaml:"db_host"` + DBPort int `yaml:"db_port"` + DBName string `yaml:"db_name"` + Idp string `yaml:"idp"` + Nobody int64 `yaml:"nobody"` + JoinUsername bool `yaml:"join_username"` + JoinOwnCloudUUID bool `yaml:"join_owncloud_uuid"` + EnableMedialSearch bool `yaml:"enable_medial_search"` } // LDAPUserSchema defines the available ldap user schema configuration. type LDAPUserSchema struct { - ID string `yaml:"id,omitempty"` - IDIsOctetString bool `yaml:"id_is_octet_string,omitempty"` - Mail string `yaml:"mail,omitempty"` - DisplayName string `yaml:"display_name,omitempty"` - Username string `yaml:"user_name,omitempty"` - UIDNumber string `yaml:"uid_number,omitempty"` - GIDNumber string `yaml:"gid_number,omitempty"` + ID string `yaml:"id"` + IDIsOctetString bool `yaml:"id_is_octet_string"` + Mail string `yaml:"mail"` + DisplayName string `yaml:"display_name"` + Username string `yaml:"user_name"` + UIDNumber string `yaml:"uid_number"` + GIDNumber string `yaml:"gid_number"` } // LDAPGroupSchema defines the available ldap group schema configuration. type LDAPGroupSchema struct { - ID string `yaml:"id,omitempty"` - IDIsOctetString bool `yaml:"id_is_octet_string,omitempty"` - Mail string `yaml:"mail,omitempty"` - DisplayName string `yaml:"display_name,omitempty"` - Groupname string `yaml:"group_name,omitempty"` - Member string `yaml:"member,omitempty"` - GIDNumber string `yaml:"gid_number,omitempty"` + ID string `yaml:"id"` + IDIsOctetString bool `yaml:"id_is_octet_string"` + Mail string `yaml:"mail"` + DisplayName string `yaml:"display_name"` + Groupname string `yaml:"group_name"` + Member string `yaml:"member"` + GIDNumber string `yaml:"gid_number"` } // OCDav defines the available ocdav configuration. type OCDav struct { // Addr to listen to with the http server for the ocdav service - Addr string `yaml:"addr,omitempty"` - Prefix string `yaml:"prefix,omitempty"` - WebdavNamespace string `yaml:"webdav_namespace,omitempty"` - FilesNamespace string `yaml:"files_namespace,omitempty"` - SharesNamespace string `yaml:"shares_namespace,omitempty"` + Addr string `yaml:"addr"` + Prefix string `yaml:"prefix"` + WebdavNamespace string `yaml:"webdav_namespace"` + FilesNamespace string `yaml:"files_namespace"` + SharesNamespace string `yaml:"shares_namespace"` // PublicURL used to redirect /s/{token} URLs to - PublicURL string `yaml:"public_url,omitempty"` + PublicURL string `yaml:"public_url"` // Addr to listen to with the debug http server - DebugAddr string `yaml:"debug_addr,omitempty"` + DebugAddr string `yaml:"debug_addr"` // GatewaySVC to forward CS3 requests to TODO use registry - GatewaySVC string `yaml:"gateway_svc,omitempty"` + GatewaySVC string `yaml:"gateway_svc"` // JWTSecret used to verify reva access token - JWTSecret string `yaml:"jwt_secret,omitempty"` + JWTSecret string `yaml:"jwt_secret"` // Insecure certificates allowed when making requests to the gateway - Insecure bool `yaml:"insecure,omitempty"` + Insecure bool `yaml:"insecure"` // Timeout in seconds when making requests to the gateway - Timeout int64 `yaml:"timeout,omitempty"` + Timeout int64 `yaml:"timeout"` } // Archiver defines the available archiver configuration. type Archiver struct { - MaxNumFiles int64 `yaml:"max_num_files,omitempty"` - MaxSize int64 `yaml:"max_size,omitempty"` - ArchiverURL string `yaml:"archiver_url,omitempty"` + MaxNumFiles int64 `yaml:"max_num_files"` + MaxSize int64 `yaml:"max_size"` + ArchiverURL string `yaml:"archiver_url"` } // Reva defines the available reva configuration. type Reva struct { // JWTSecret used to sign jwt tokens between services - JWTSecret string `yaml:"jwt_secret,omitempty"` - SkipUserGroupsInToken bool `yaml:"skip_user_grooups_in_token,omitempty"` - TransferSecret string `yaml:"transfer_secret,omitempty"` - TransferExpires int `yaml:"transfer_expires,omitempty"` - OIDC OIDC `yaml:"oidc,omitempty"` - LDAP LDAP `yaml:"ldap,omitempty"` - UserGroupRest UserGroupRest `yaml:"user_group_rest,omitempty"` - UserOwnCloudSQL UserOwnCloudSQL `yaml:"user_owncloud_sql,omitempty"` - Archiver Archiver `yaml:"archiver,omitempty"` - UserStorage StorageConfig `yaml:"user_storage,omitempty"` - MetadataStorage StorageConfig `yaml:"metadata_storage,omitempty"` + JWTSecret string `yaml:"jwt_secret"` + SkipUserGroupsInToken bool `yaml:"skip_user_grooups_in_token"` + TransferSecret string `yaml:"transfer_secret"` + TransferExpires int `yaml:"transfer_expires"` + OIDC OIDC `yaml:"oidc"` + LDAP LDAP `yaml:"ldap"` + UserGroupRest UserGroupRest `yaml:"user_group_rest"` + UserOwnCloudSQL UserOwnCloudSQL `yaml:"user_owncloud_sql"` + Archiver Archiver `yaml:"archiver"` + UserStorage StorageConfig `yaml:"user_storage"` + MetadataStorage StorageConfig `yaml:"metadata_storage"` // Ports are used to configure which services to start on which port - Frontend FrontendPort `yaml:"frontend,omitempty"` - DataGateway DataGatewayPort `yaml:"data_gateway,omitempty"` - Gateway Gateway `yaml:"gateway,omitempty"` - StorageRegistry StorageRegistry `yaml:"storage_registry,omitempty"` - AppRegistry AppRegistry `yaml:"app_registry,omitempty"` - Users Users `yaml:"users,omitempty"` - Groups Groups `yaml:"groups,omitempty"` - AuthProvider Users `yaml:"auth_provider,omitempty"` - AuthBasic Port `yaml:"auth_basic,omitempty"` - AuthBearer Port `yaml:"auth_bearer,omitempty"` - AuthMachine Port `yaml:"auth_machine,omitempty"` - AuthMachineConfig AuthMachineConfig `yaml:"auth_machine_config,omitempty"` - Sharing Sharing `yaml:"sharing,omitempty"` - StorageShares StoragePort `yaml:"storage_shares,omitempty"` - StorageUsers StoragePort `yaml:"storage_users,omitempty"` - StoragePublicLink PublicStorage `yaml:"storage_public_link,omitempty"` - StorageMetadata StoragePort `yaml:"storage_metadata,omitempty"` - AppProvider AppProvider `yaml:"app_provider,omitempty"` - Permissions Port `yaml:"permissions,omitempty"` + Frontend FrontendPort `yaml:"frontend"` + DataGateway DataGatewayPort `yaml:"data_gateway"` + Gateway Gateway `yaml:"gateway"` + StorageRegistry StorageRegistry `yaml:"storage_registry"` + AppRegistry AppRegistry `yaml:"app_registry"` + Users Users `yaml:"users"` + Groups Groups `yaml:"groups"` + AuthProvider Users `yaml:"auth_provider"` + AuthBasic Port `yaml:"auth_basic"` + AuthBearer Port `yaml:"auth_bearer"` + AuthMachine Port `yaml:"auth_machine"` + AuthMachineConfig AuthMachineConfig `yaml:"auth_machine_config"` + Sharing Sharing `yaml:"sharing"` + StorageShares StoragePort `yaml:"storage_shares"` + StorageUsers StoragePort `yaml:"storage_users"` + StoragePublicLink PublicStorage `yaml:"storage_public_link"` + StorageMetadata StoragePort `yaml:"storage_metadata"` + AppProvider AppProvider `yaml:"app_provider"` + Permissions Port `yaml:"permissions"` // Configs can be used to configure the reva instance. // Services and Ports will be ignored if this is used - Configs map[string]interface{} `yaml:"configs,omitempty"` + Configs map[string]interface{} `yaml:"configs"` // chunking and resumable upload config (TUS) - UploadMaxChunkSize int `yaml:"upload_max_chunk_size,omitempty"` - UploadHTTPMethodOverride string `yaml:"upload_http_method_override,omitempty"` + UploadMaxChunkSize int `yaml:"upload_max_chunk_size"` + UploadHTTPMethodOverride string `yaml:"upload_http_method_override"` // checksumming capabilities - ChecksumSupportedTypes []string `yaml:"checksum_supported_types,omitempty"` - ChecksumPreferredUploadType string `yaml:"checksum_preferred_upload_type,omitempty"` - DefaultUploadProtocol string `yaml:"default_upload_protocol,omitempty"` + ChecksumSupportedTypes []string `yaml:"checksum_supported_types"` + ChecksumPreferredUploadType string `yaml:"checksum_preferred_upload_type"` + DefaultUploadProtocol string `yaml:"default_upload_protocol"` } // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled,omitempty"` - Type string `yaml:"type,omitempty"` - Endpoint string `yaml:"endpoint,omitempty"` - Collector string `yaml:"collector,omitempty"` - Service string `yaml:"service,omitempty"` + Enabled bool `yaml:"enabled"` + Type string `yaml:"type"` + Endpoint string `yaml:"endpoint"` + Collector string `yaml:"collector"` + Service string `yaml:"service"` } // Asset defines the available asset configuration. type Asset struct { - Path string `yaml:"path,omitempty"` + Path string `yaml:"path"` } // Config combines all available configuration parts. type Config struct { - *shared.Commons `yaml:",omitempty"` - - File string `yaml:"file,omitempty"` - Log *shared.Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - OCDav OCDav `yaml:"ocdav,omitempty"` - Reva Reva `yaml:"reva,omitempty"` - Tracing Tracing `yaml:"tracing,omitempty"` - Asset Asset `yaml:"asset,omitempty"` + *shared.Commons `yaml:""` + + File string `yaml:"file"` + Log *shared.Log `yaml:"log"` + Debug Debug `yaml:"debug"` + OCDav OCDav `yaml:"ocdav"` + Reva Reva `yaml:"reva"` + Tracing Tracing `yaml:"tracing"` + Asset Asset `yaml:"asset"` } // New initializes a new configuration with or without defaults. diff --git a/extensions/thumbnails/pkg/config/config.go b/extensions/thumbnails/pkg/config/config.go index 9f18231956b..88d785d774d 100644 --- a/extensions/thumbnails/pkg/config/config.go +++ b/extensions/thumbnails/pkg/config/config.go @@ -12,14 +12,14 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - GRPC GRPC `yaml:"grpc,omitempty"` - HTTP HTTP `yaml:"http,omitempty"` + GRPC GRPC `yaml:"grpc"` + HTTP HTTP `yaml:"http"` - Thumbnail Thumbnail `yaml:"thumbnail,omitempty"` + Thumbnail Thumbnail `yaml:"thumbnail"` Context context.Context `yaml:"-"` } @@ -36,12 +36,12 @@ type FileSystemSource struct { // Thumbnail defines the available thumbnail related configuration. type Thumbnail struct { - Resolutions []string `yaml:"resolutions,omitempty"` - FileSystemStorage FileSystemStorage `yaml:"filesystem_storage,omitempty"` - WebdavAllowInsecure bool `yaml:"webdav_allow_insecure,omitempty" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE"` - CS3AllowInsecure bool `yaml:"cs3_allow_insecure,omitempty" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` - RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY"` //TODO: use REVA config - FontMapFile string `yaml:"font_map_file,omitempty" env:"THUMBNAILS_TXT_FONTMAP_FILE"` - TransferSecret string `yaml:"transfer_secret,omitempty" env:"THUMBNAILS_TRANSFER_TOKEN"` - DataEndpoint string `yaml:"data_endpoint,omitempty" env:"THUMBNAILS_DATA_ENDPOINT"` + Resolutions []string `yaml:"resolutions"` + FileSystemStorage FileSystemStorage `yaml:"filesystem_storage"` + WebdavAllowInsecure bool `yaml:"webdav_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE"` + CS3AllowInsecure bool `yaml:"cs3_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` + RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY"` //TODO: use REVA config + FontMapFile string `yaml:"font_map_file" env:"THUMBNAILS_TXT_FONTMAP_FILE"` + TransferSecret string `yaml:"transfer_secret" env:"THUMBNAILS_TRANSFER_TOKEN"` + DataEndpoint string `yaml:"data_endpoint" env:"THUMBNAILS_DATA_ENDPOINT"` } diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index ccd3b21f978..4edf15cd777 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -5,20 +5,20 @@ import "github.com/owncloud/ocis/ocis-pkg/shared" type Config struct { *shared.Commons `yaml:"-"` Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Logging *Logging `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` - Supervised bool `yaml:"supervised,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool `yaml:"supervised"` - GRPC GRPCConfig `yaml:"grpc,omitempty"` + GRPC GRPCConfig `yaml:"grpc"` - TokenManager *TokenManager `yaml:"token_manager,omitempty"` - Reva *Reva `yaml:"reva,omitempty"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token,omitempty"` - UsersCacheExpiration int `yaml:"users_cache_expiration,omitempty"` - Driver string `yaml:"driver,omitempty"` - Drivers Drivers `yaml:"drivers,omitempty"` + SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"` + UsersCacheExpiration int `yaml:"users_cache_expiration"` + Driver string `yaml:"driver"` + Drivers Drivers `yaml:"drivers"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED" desc:"Activates tracing."` @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver `yaml:",omitempty"` - LDAP LDAPDriver `yaml:",omitempty"` - OwnCloudSQL OwnCloudSQLDriver `yaml:",omitempty"` - REST RESTProvider `yaml:",omitempty"` + JSON JSONDriver `yaml:""` + LDAP LDAPDriver `yaml:""` + OwnCloudSQL OwnCloudSQLDriver `yaml:""` + REST RESTProvider `yaml:""` } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `yaml:",omitempty" env:"LDAP_URI;USERS_LDAP_URI"` - CACert string `yaml:",omitempty" env:"LDAP_CACERT;USERS_LDAP_CACERT"` - Insecure bool `yaml:",omitempty" env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` - BindDN string `yaml:",omitempty" env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` - BindPassword string `yaml:",omitempty" env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:",omitempty" env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:",omitempty" env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:",omitempty" env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` - GroupScope string `yaml:",omitempty" env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:",omitempty" env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` - GroupFilter string `yaml:",omitempty" env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` - UserObjectClass string `yaml:",omitempty" env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:",omitempty" env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:",omitempty" env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:",omitempty" env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:",omitempty"` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:",omitempty"` - GroupSchema LDAPGroupSchema `yaml:",omitempty"` + URI string `yaml:"" env:"LDAP_URI;USERS_LDAP_URI"` + CACert string `yaml:"" env:"LDAP_CACERT;USERS_LDAP_CACERT"` + Insecure bool `yaml:"" env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` + BindDN string `yaml:"" env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` + BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` + UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` + GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` + UserScope string `yaml:"" env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` + GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` + UserFilter string `yaml:"" env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` + GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` + UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `yaml:"" env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string `yaml:""` // TODO do we need this here? + UserSchema LDAPUserSchema `yaml:""` + GroupSchema LDAPGroupSchema `yaml:""` } type LDAPUserSchema struct { diff --git a/extensions/web/pkg/config/config.go b/extensions/web/pkg/config/config.go index 1fb079da640..3c403d0bad1 100644 --- a/extensions/web/pkg/config/config.go +++ b/extensions/web/pkg/config/config.go @@ -12,15 +12,15 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - Asset Asset `yaml:"asset,omitempty"` - File string `yaml:"file,omitempty" env:"WEB_UI_CONFIG"` // TODO: rename this to a more self explaining string - Web Web `yaml:"web,omitempty"` + Asset Asset `yaml:"asset"` + File string `yaml:"file" env:"WEB_UI_CONFIG"` // TODO: rename this to a more self explaining string + Web Web `yaml:"web"` Context context.Context `yaml:"-"` } @@ -32,22 +32,22 @@ type Asset struct { // WebConfig defines the available web configuration for a dynamically rendered config.json. type WebConfig struct { - Server string `json:"server,omitempty" yaml:"server" env:"OCIS_URL;WEB_UI_CONFIG_SERVER"` - Theme string `json:"theme,omitempty" yaml:"theme" env:""` - Version string `json:"version,omitempty" yaml:"version" env:"WEB_UI_CONFIG_VERSION"` - OpenIDConnect OIDC `json:"openIdConnect,omitempty" yaml:"oids"` + Server string `json:"server" yaml:"server" env:"OCIS_URL;WEB_UI_CONFIG_SERVER"` + Theme string `json:"theme" yaml:"theme" env:""` + Version string `json:"version" yaml:"version" env:"WEB_UI_CONFIG_VERSION"` + OpenIDConnect OIDC `json:"openIdConnect" yaml:"oids"` Apps []string `json:"apps" yaml:"apps"` - ExternalApps []ExternalApp `json:"external_apps,omitempty" yaml:"external_apps"` - Options map[string]interface{} `json:"options,omitempty" yaml:"options"` + ExternalApps []ExternalApp `json:"external_apps" yaml:"external_apps"` + Options map[string]interface{} `json:"options" yaml:"options"` } // OIDC defines the available oidc configuration type OIDC struct { - MetadataURL string `json:"metadata_url,omitempty" yaml:"metadata_url" env:"WEB_OIDC_METADATA_URL"` - Authority string `json:"authority,omitempty" yaml:"authority" env:"OCIS_URL;WEB_OIDC_AUTHORITY"` - ClientID string `json:"client_id,omitempty" yaml:"client_id" env:"WEB_OIDC_CLIENT_ID"` - ResponseType string `json:"response_type,omitempty" yaml:"response_type" env:"WEB_OIDC_RESPONSE_TYPE"` - Scope string `json:"scope,omitempty" yaml:"scope" env:"WEB_OIDC_SCOPE"` + MetadataURL string `json:"metadata_url" yaml:"metadata_url" env:"WEB_OIDC_METADATA_URL"` + Authority string `json:"authority" yaml:"authority" env:"OCIS_URL;WEB_OIDC_AUTHORITY"` + ClientID string `json:"client_id" yaml:"client_id" env:"WEB_OIDC_CLIENT_ID"` + ResponseType string `json:"response_type" yaml:"response_type" env:"WEB_OIDC_RESPONSE_TYPE"` + Scope string `json:"scope" yaml:"scope" env:"WEB_OIDC_SCOPE"` } // ExternalApp defines an external web app. @@ -59,15 +59,15 @@ type OIDC struct { // } // } type ExternalApp struct { - ID string `json:"id,omitempty" yaml:"id"` - Path string `json:"path,omitempty" yaml:"path"` + ID string `json:"id" yaml:"id"` + Path string `json:"path" yaml:"path"` // Config is completely dynamic, because it depends on the extension - Config map[string]interface{} `json:"config,omitempty" yaml:"config"` + Config map[string]interface{} `json:"config" yaml:"config"` } // ExternalAppConfig defines an external web app configuration. type ExternalAppConfig struct { - URL string `json:"url,omitempty" yaml:"url" env:""` + URL string `json:"url" yaml:"url" env:""` } // Web defines the available web configuration. diff --git a/extensions/webdav/pkg/config/config.go b/extensions/webdav/pkg/config/config.go index 322a8f9661b..4efe95ebdfe 100644 --- a/extensions/webdav/pkg/config/config.go +++ b/extensions/webdav/pkg/config/config.go @@ -12,15 +12,15 @@ type Config struct { Service Service `yaml:"-"` - Tracing *Tracing `yaml:"tracing,omitempty"` - Log *Log `yaml:"log,omitempty"` - Debug Debug `yaml:"debug,omitempty"` + Tracing *Tracing `yaml:"tracing"` + Log *Log `yaml:"log"` + Debug Debug `yaml:"debug"` - HTTP HTTP `yaml:"http,omitempty"` + HTTP HTTP `yaml:"http"` - OcisPublicURL string `yaml:"ocis_public_url,omitempty" env:"OCIS_URL;OCIS_PUBLIC_URL"` - WebdavNamespace string `yaml:"webdav_namespace,omitempty" env:"STORAGE_WEBDAV_NAMESPACE"` //TODO: prevent this cross config - RevaGateway string `yaml:"reva_gateway,omitempty" env:"REVA_GATEWAY"` + OcisPublicURL string `yaml:"ocis_public_url" env:"OCIS_URL;OCIS_PUBLIC_URL"` + WebdavNamespace string `yaml:"webdav_namespace" env:"STORAGE_WEBDAV_NAMESPACE"` //TODO: prevent this cross config + RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY"` - Context context.Context `yaml:"-,omitempty"` + Context context.Context `yaml:"-"` } diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index df11e9ef38e..cac020ad09f 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -59,49 +59,49 @@ type Runtime struct { // Config combines all available configuration parts. type Config struct { - *shared.Commons `yaml:"shared,omitempty"` + *shared.Commons `yaml:"shared"` - Tracing *shared.Tracing `yaml:"tracing,omitempty"` - Log *shared.Log `yaml:"log,omitempty"` + Tracing *shared.Tracing `yaml:"tracing"` + Log *shared.Log `yaml:"log"` - Mode Mode `yaml:",omitempty"` // DEPRECATED - File string `yaml:",omitempty"` - OcisURL string `yaml:"ocis_url,omitempty"` + Mode Mode `yaml:""` // DEPRECATED + File string `yaml:""` + OcisURL string `yaml:"ocis_url"` - Registry string `yaml:"registry,omitempty"` - TokenManager *shared.TokenManager `yaml:"token_manager,omitempty"` + Registry string `yaml:"registry"` + TokenManager *shared.TokenManager `yaml:"token_manager"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` - TransferSecret string `yaml:"transfer_secret,omitempty"` - Runtime Runtime `yaml:"runtime,omitempty"` + TransferSecret string `yaml:"transfer_secret"` + Runtime Runtime `yaml:"runtime"` - Audit *audit.Config `yaml:"audit,omitempty"` - Accounts *accounts.Config `yaml:"accounts,omitempty"` - GLAuth *glauth.Config `yaml:"glauth,omitempty"` - Graph *graph.Config `yaml:"graph,omitempty"` - GraphExplorer *graphExplorer.Config `yaml:"graph_explorer,omitempty"` - IDP *idp.Config `yaml:"idp,omitempty"` - IDM *idm.Config `yaml:"idm,omitempty"` - Nats *nats.Config `yaml:"nats,omitempty"` - Notifications *notifications.Config `yaml:"notifications,omitempty"` - OCS *ocs.Config `yaml:"ocs,omitempty"` - Web *web.Config `yaml:"web,omitempty"` - Proxy *proxy.Config `yaml:"proxy,omitempty"` - Settings *settings.Config `yaml:"settings,omitempty"` - Gateway *gateway.Config `yaml:"gateway,omitempty"` - Frontend *frontend.Config `yaml:"frontend,omitempty"` - AuthBasic *authbasic.Config `yaml:"auth_basic,omitempty"` - AuthBearer *authbearer.Config `yaml:"auth_bearer,omitempty"` - AuthMachine *authmachine.Config `yaml:"auth_machine,omitempty"` - User *user.Config `yaml:"user,omitempty"` - Group *group.Config `yaml:"group,omitempty"` - AppProvider *appprovider.Config `yaml:"app_provider,omitempty"` - Sharing *sharing.Config `yaml:"sharing,omitempty"` - StorageMetadata *storagemetadata.Config `yaml:"storage_metadata,omitempty"` - StoragePublicLink *storagepublic.Config `yaml:"storage_public,omitempty"` - StorageUsers *storageusers.Config `yaml:"storage_users,omitempty"` - StorageShares *storageshares.Config `yaml:"storage_shares,omitempty"` - OCDav *ocdav.Config `yaml:"ocdav,omitempty"` - Store *store.Config `yaml:"store,omitempty"` - Thumbnails *thumbnails.Config `yaml:"thumbnails,omitempty"` - WebDAV *webdav.Config `yaml:"webdav,omitempty"` + Audit *audit.Config `yaml:"audit"` + Accounts *accounts.Config `yaml:"accounts"` + GLAuth *glauth.Config `yaml:"glauth"` + Graph *graph.Config `yaml:"graph"` + GraphExplorer *graphExplorer.Config `yaml:"graph_explorer"` + IDP *idp.Config `yaml:"idp"` + IDM *idm.Config `yaml:"idm"` + Nats *nats.Config `yaml:"nats"` + Notifications *notifications.Config `yaml:"notifications"` + OCS *ocs.Config `yaml:"ocs"` + Web *web.Config `yaml:"web"` + Proxy *proxy.Config `yaml:"proxy"` + Settings *settings.Config `yaml:"settings"` + Gateway *gateway.Config `yaml:"gateway"` + Frontend *frontend.Config `yaml:"frontend"` + AuthBasic *authbasic.Config `yaml:"auth_basic"` + AuthBearer *authbearer.Config `yaml:"auth_bearer"` + AuthMachine *authmachine.Config `yaml:"auth_machine"` + User *user.Config `yaml:"user"` + Group *group.Config `yaml:"group"` + AppProvider *appprovider.Config `yaml:"app_provider"` + Sharing *sharing.Config `yaml:"sharing"` + StorageMetadata *storagemetadata.Config `yaml:"storage_metadata"` + StoragePublicLink *storagepublic.Config `yaml:"storage_public"` + StorageUsers *storageusers.Config `yaml:"storage_users"` + StorageShares *storageshares.Config `yaml:"storage_shares"` + OCDav *ocdav.Config `yaml:"ocdav"` + Store *store.Config `yaml:"store"` + Thumbnails *thumbnails.Config `yaml:"thumbnails"` + WebDAV *webdav.Config `yaml:"webdav"` } From b515d7f83f6876281c94735c0bbf4549415388f6 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 15:13:03 +0200 Subject: [PATCH 26/59] fix typo and hide supervised --- extensions/appprovider/pkg/config/config.go | 2 +- extensions/auth-basic/pkg/config/config.go | 2 +- extensions/auth-bearer/pkg/config/config.go | 2 +- extensions/auth-machine/pkg/config/config.go | 2 +- extensions/gateway/pkg/config/config.go | 2 +- extensions/group/pkg/config/config.go | 2 +- extensions/ocdav/pkg/config/config.go | 2 +- extensions/sharing/pkg/config/config.go | 2 +- extensions/storage-metadata/pkg/config/config.go | 4 ++-- extensions/storage-publiclink/pkg/config/config.go | 2 +- extensions/storage-shares/pkg/config/config.go | 2 +- extensions/storage-users/pkg/config/config.go | 2 +- extensions/user/pkg/config/config.go | 2 +- 13 files changed, 14 insertions(+), 14 deletions(-) diff --git a/extensions/appprovider/pkg/config/config.go b/extensions/appprovider/pkg/config/config.go index fcc440bce24..9f0c0e9c555 100644 --- a/extensions/appprovider/pkg/config/config.go +++ b/extensions/appprovider/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 1e9c9c3f2cc..2b9074f02f9 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/auth-bearer/pkg/config/config.go b/extensions/auth-bearer/pkg/config/config.go index f1d2b1388a1..984ac379845 100644 --- a/extensions/auth-bearer/pkg/config/config.go +++ b/extensions/auth-bearer/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/auth-machine/pkg/config/config.go b/extensions/auth-machine/pkg/config/config.go index 00c796c0199..19ff424c9bf 100644 --- a/extensions/auth-machine/pkg/config/config.go +++ b/extensions/auth-machine/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index dd9679a2555..872ac234a72 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -9,7 +9,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index efd0ea1b1e8..2c778503008 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/ocdav/pkg/config/config.go b/extensions/ocdav/pkg/config/config.go index bc13918b5e1..da510a3eff6 100644 --- a/extensions/ocdav/pkg/config/config.go +++ b/extensions/ocdav/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` HTTP HTTPConfig `yaml:"http"` diff --git a/extensions/sharing/pkg/config/config.go b/extensions/sharing/pkg/config/config.go index b63417987c1..f81d37faa1c 100644 --- a/extensions/sharing/pkg/config/config.go +++ b/extensions/sharing/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/storage-metadata/pkg/config/config.go b/extensions/storage-metadata/pkg/config/config.go index 48d071f8364..97b69e2e93f 100644 --- a/extensions/storage-metadata/pkg/config/config.go +++ b/extensions/storage-metadata/pkg/config/config.go @@ -12,7 +12,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` HTTP HTTPConfig `yaml:"http"` @@ -27,7 +27,7 @@ type Config struct { Drivers Drivers `yaml:"drivers"` DataServerURL string `yaml:"data_server_url"` TempFolder string `yaml:"temp_folder"` - DataProviderInsecure bool `yaml:"data_providcer_insecure" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` + DataProviderInsecure bool `yaml:"data_provider_insecure" env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"` } type Tracing struct { Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."` diff --git a/extensions/storage-publiclink/pkg/config/config.go b/extensions/storage-publiclink/pkg/config/config.go index a261852f46a..2f9da5c66f1 100644 --- a/extensions/storage-publiclink/pkg/config/config.go +++ b/extensions/storage-publiclink/pkg/config/config.go @@ -12,7 +12,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` diff --git a/extensions/storage-shares/pkg/config/config.go b/extensions/storage-shares/pkg/config/config.go index a44f0b8debd..8f308c7fecd 100644 --- a/extensions/storage-shares/pkg/config/config.go +++ b/extensions/storage-shares/pkg/config/config.go @@ -12,7 +12,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` HTTP HTTPConfig `yaml:"http"` diff --git a/extensions/storage-users/pkg/config/config.go b/extensions/storage-users/pkg/config/config.go index 4cf505d9c12..7cb28881486 100644 --- a/extensions/storage-users/pkg/config/config.go +++ b/extensions/storage-users/pkg/config/config.go @@ -12,7 +12,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` HTTP HTTPConfig `yaml:"http"` diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index 4edf15cd777..040c0c5f94e 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -8,7 +8,7 @@ type Config struct { Tracing *Tracing `yaml:"tracing"` Logging *Logging `yaml:"log"` Debug Debug `yaml:"debug"` - Supervised bool `yaml:"supervised"` + Supervised bool `yaml:"-"` GRPC GRPCConfig `yaml:"grpc"` From 1b2cc6df3e876651e342d8c11ef5f0c37cec20e2 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 15:14:07 +0200 Subject: [PATCH 27/59] revert empty yaml tags --- extensions/auth-basic/pkg/config/config.go | 36 +++++++++--------- extensions/gateway/pkg/config/config.go | 2 +- extensions/group/pkg/config/config.go | 44 +++++++++++----------- extensions/storage/pkg/config/config.go | 4 +- extensions/user/pkg/config/config.go | 44 +++++++++++----------- ocis-pkg/config/config.go | 4 +- 6 files changed, 67 insertions(+), 67 deletions(-) diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 2b9074f02f9..3357d76b51e 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -60,24 +60,24 @@ type JSONProvider struct { } type LDAPProvider struct { - URI string `yaml:"" env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` - CACert string `yaml:"" env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` - Insecure bool `yaml:"" env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` - BindDN string `yaml:"" env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` - BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:"" env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` - GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:"" env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` - GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` - UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:"" env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:""` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:""` - GroupSchema LDAPGroupSchema `yaml:""` + URI string `env:"LDAP_URI;AUTH_BASIC_LDAP_URI"` + CACert string `env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` + Insecure bool `env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` + BindDN string `env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` + BindPassword string `env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` + UserBaseDN string `env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` + GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` + UserScope string `env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` + GroupScope string `env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"` + UserFilter string `env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"` + GroupFilter string `env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"` + UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"` + IDP string `env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for? + GatewayEndpoint string // TODO do we need this here? + UserSchema LDAPUserSchema + GroupSchema LDAPGroupSchema } type LDAPUserSchema struct { diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index 872ac234a72..ca3555e7216 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -16,7 +16,7 @@ type Config struct { TokenManager *TokenManager `yaml:"token_manager"` Reva *Reva `yaml:"reva"` - SkipUserGroupsInToken bool `yaml:""` + SkipUserGroupsInToken bool CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant"` CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref"` diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index 2c778503008..9588f87672a 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver `yaml:""` - LDAP LDAPDriver `yaml:""` - OwnCloudSQL OwnCloudSQLDriver `yaml:""` - REST RESTProvider `yaml:""` + JSON JSONDriver + LDAP LDAPDriver + OwnCloudSQL OwnCloudSQLDriver + REST RESTProvider } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `yaml:"" env:"LDAP_URI;GROUPS_LDAP_URI"` - CACert string `yaml:"" env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` - Insecure bool `yaml:"" env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` - BindDN string `yaml:"" env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` - BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:"" env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` - GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:"" env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` - GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` - UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:"" env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:""` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:""` - GroupSchema LDAPGroupSchema `yaml:""` + URI string `env:"LDAP_URI;GROUPS_LDAP_URI"` + CACert string `env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` + Insecure bool `env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` + BindDN string `env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` + BindPassword string `env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` + UserBaseDN string `env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` + GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` + UserScope string `env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` + GroupScope string `env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"` + UserFilter string `env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"` + GroupFilter string `env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"` + UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string // TODO do we need this here? + UserSchema LDAPUserSchema + GroupSchema LDAPGroupSchema } type LDAPUserSchema struct { diff --git a/extensions/storage/pkg/config/config.go b/extensions/storage/pkg/config/config.go index 1b8daa4f20e..c3a626e40f2 100644 --- a/extensions/storage/pkg/config/config.go +++ b/extensions/storage/pkg/config/config.go @@ -188,7 +188,7 @@ type Auth struct { // DataGatewayPort has a public url type DataGatewayPort struct { Port - PublicURL string `yaml:""` + PublicURL string } type DataProvider struct { @@ -522,7 +522,7 @@ type Asset struct { // Config combines all available configuration parts. type Config struct { - *shared.Commons `yaml:""` + *shared.Commons File string `yaml:"file"` Log *shared.Log `yaml:"log"` diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index 040c0c5f94e..d09b7bb4dcc 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -51,34 +51,34 @@ type GRPCConfig struct { } type Drivers struct { - JSON JSONDriver `yaml:""` - LDAP LDAPDriver `yaml:""` - OwnCloudSQL OwnCloudSQLDriver `yaml:""` - REST RESTProvider `yaml:""` + JSON JSONDriver + LDAP LDAPDriver + OwnCloudSQL OwnCloudSQLDriver + REST RESTProvider } type JSONDriver struct { File string } type LDAPDriver struct { - URI string `yaml:"" env:"LDAP_URI;USERS_LDAP_URI"` - CACert string `yaml:"" env:"LDAP_CACERT;USERS_LDAP_CACERT"` - Insecure bool `yaml:"" env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` - BindDN string `yaml:"" env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` - BindPassword string `yaml:"" env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` - UserBaseDN string `yaml:"" env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` - GroupBaseDN string `yaml:"" env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` - UserScope string `yaml:"" env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` - GroupScope string `yaml:"" env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` - UserFilter string `yaml:"" env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` - GroupFilter string `yaml:"" env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` - UserObjectClass string `yaml:"" env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` - GroupObjectClass string `yaml:"" env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` - LoginAttributes []string `yaml:"" env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` - IDP string `yaml:"" env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? - GatewayEndpoint string `yaml:""` // TODO do we need this here? - UserSchema LDAPUserSchema `yaml:""` - GroupSchema LDAPGroupSchema `yaml:""` + URI string `env:"LDAP_URI;USERS_LDAP_URI"` + CACert string `env:"LDAP_CACERT;USERS_LDAP_CACERT"` + Insecure bool `env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` + BindDN string `env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` + BindPassword string `env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` + UserBaseDN string `env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` + GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` + UserScope string `env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` + GroupScope string `env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"` + UserFilter string `env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"` + GroupFilter string `env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"` + UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"` + GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"` + LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"` + IDP string `env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for? + GatewayEndpoint string // TODO do we need this here? + UserSchema LDAPUserSchema + GroupSchema LDAPGroupSchema } type LDAPUserSchema struct { diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index cac020ad09f..eddd2bbd2a4 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -64,8 +64,8 @@ type Config struct { Tracing *shared.Tracing `yaml:"tracing"` Log *shared.Log `yaml:"log"` - Mode Mode `yaml:""` // DEPRECATED - File string `yaml:""` + Mode Mode // DEPRECATED + File string OcisURL string `yaml:"ocis_url"` Registry string `yaml:"registry"` From 3a9ba10dc453e807bed380d8eb2b5fbfc760d982 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 15:34:31 +0200 Subject: [PATCH 28/59] fix and restructure ocis-pkg config parser --- ocis-pkg/config/parser/parse.go | 51 +++++++++++++++++++++++++-------- 1 file changed, 39 insertions(+), 12 deletions(-) diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index a28c457df17..0f6b6ba198a 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -2,24 +2,44 @@ package parser import ( "errors" - "log" + "fmt" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" "github.com/owncloud/ocis/ocis-pkg/shared" ) -// ParseConfig loads ocis configuration. +// ParseConfig loads the ocis configuration and +// copies applicable parts into the commons part, from +// where the extensions can copy it into their own config func ParseConfig(cfg *config.Config) error { _, err := config.BindSourcesToStructs("ocis", cfg) if err != nil { return err } + EnsureDefaultsAndCommons(cfg) + + // load all env variables relevant to the config in the current context. + if err := envdecode.Decode(cfg); err != nil { + // no environment variable set for this config is an expected "error" + if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { + return err + } + } + + return Validate(cfg) +} + +// EnsureDefaultsAndCommons copies applicable parts of the oCIS config into the commons part +// and also ensure that all pointers in the oCIS config (not the extensions configs) are initialized +func EnsureDefaultsAndCommons(cfg *config.Config) { + // ensure the commons part is initialized if cfg.Commons == nil { cfg.Commons = &shared.Commons{} } + // copy config to the commons part if set if cfg.Log != nil { cfg.Commons.Log = &shared.Log{ Level: cfg.Log.Level, @@ -32,6 +52,7 @@ func ParseConfig(cfg *config.Config) error { cfg.Log = &shared.Log{} } + // copy tracing to the commons part if set if cfg.Tracing != nil { cfg.Commons.Tracing = &shared.Tracing{ Enabled: cfg.Tracing.Enabled, @@ -44,6 +65,7 @@ func ParseConfig(cfg *config.Config) error { cfg.Tracing = &shared.Tracing{} } + // copy token manager to the commons part if set if cfg.TokenManager != nil { cfg.Commons.TokenManager = cfg.TokenManager } else { @@ -51,24 +73,29 @@ func ParseConfig(cfg *config.Config) error { cfg.TokenManager = cfg.Commons.TokenManager } + // copy machine auth api key to the commons part if set if cfg.MachineAuthAPIKey != "" { cfg.Commons.MachineAuthAPIKey = cfg.MachineAuthAPIKey - } else { - log.Fatalf("machine auth api key is not set up properly, bailing out (ocis)") } + // copy transfer secret to the commons part if set if cfg.TransferSecret != "" { cfg.Commons.TransferSecret = cfg.TransferSecret - } else { - log.Fatalf("reva transfer secret not properly set, bailing out (ocis)") } - // load all env variables relevant to the config in the current context. - if err := envdecode.Decode(cfg); err != nil { - // no environment variable set for this config is an expected "error" - if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { - return err - } +} + +func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return fmt.Errorf("jwt secret is not set up properly, bailing out (ocis)") + } + + if cfg.TransferSecret == "" { + return fmt.Errorf("transfer secret is not set up properly, bailing out (ocis)") + } + + if cfg.MachineAuthAPIKey == "" { + return fmt.Errorf("machine auth api key is not set up properly, bailing out (ocis)") } return nil From 5a6c44afa0351d17e9be699b5c79d0917b8f2a9b Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Thu, 28 Apr 2022 15:43:40 +0200 Subject: [PATCH 29/59] move config generator to own structures, to avoid having to fork the yaml package (omitempty issues) Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 265 +++++++++++++++++++++++++-------------- 1 file changed, 172 insertions(+), 93 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 5c11dc359a6..af6e44d48e5 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -14,29 +14,100 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" "github.com/owncloud/ocis/ocis-pkg/generators" - "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" "gopkg.in/yaml.v3" - - authbasic "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" - authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" - frontend "github.com/owncloud/ocis/extensions/frontend/pkg/config" - graph "github.com/owncloud/ocis/extensions/graph/pkg/config" - group "github.com/owncloud/ocis/extensions/group/pkg/config" - idm "github.com/owncloud/ocis/extensions/idm/pkg/config" - idp "github.com/owncloud/ocis/extensions/idp/pkg/config" - ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config" - proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config" - storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" - storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config" - thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" - user "github.com/owncloud/ocis/extensions/user/pkg/config" ) const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file const passwordLength int = 32 +type tokenManager struct { + JWT_Secret string +} + +type insecureExtension struct { + Insecure bool +} + +type insecureProxyExtension struct { + Insecure_backends bool +} + +type dataProviderInsecureSettings struct { + Data_provider_insecure bool +} + +type ldapSettings struct { + Bind_password string +} +type ldapBasedExtension struct { + Ldap ldapSettings +} + +type graphExtension struct { + Spaces insecureExtension + Identity ldapBasedExtension +} + +type serviceUserPasswordsSettings struct { + Admin_password string + Idm_password string + Reva_password string + Idp_password string +} +type idmExtension struct { + Service_user_Passwords serviceUserPasswordsSettings +} + +type frontendExtension struct { + Archiver insecureExtension + App_provider insecureExtension +} + +type authbasicExtension struct { + Auth_providers ldapBasedExtension +} + +type authProviderSettings struct { + Oidc insecureExtension +} +type authbearerExtension struct { + Auth_providers authProviderSettings +} + +type userAndGroupExtension struct { + Drivers ldapBasedExtension +} + +type thumbnailSettings struct { + Webdav_allow_insecure bool + Cs3_allow_insecure bool +} + +type thumbNailExtension struct { + Thumbnail thumbnailSettings +} + +type ocisConfig struct { + Token_manager tokenManager + Machine_auth_api_key string + Transfer_secret string + Graph graphExtension + Idp ldapBasedExtension + Idm idmExtension + Proxy insecureProxyExtension + Frontend frontendExtension + Auth_basic authbasicExtension + Auth_bearer authbearerExtension + User userAndGroupExtension + Group userAndGroupExtension + Storage_metadata dataProviderInsecureSettings + Storage_users dataProviderInsecureSettings + Ocdav insecureExtension + Thumbnails thumbNailExtension +} + // InitCommand is the entrypoint for the init command func InitCommand(cfg *config.Config) *cli.Command { return &cli.Command{ @@ -129,69 +200,6 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return err } - cfg := config.Config{ - TokenManager: &shared.TokenManager{}, - IDM: &idm.Config{}, - AuthBasic: &authbasic.Config{ - AuthProviders: authbasic.AuthProviders{ - LDAP: authbasic.LDAPProvider{}, - }, - }, - Group: &group.Config{ - Drivers: group.Drivers{ - LDAP: group.LDAPDriver{}, - }, - }, - User: &user.Config{ - Drivers: user.Drivers{ - LDAP: user.LDAPDriver{}, - }, - }, - IDP: &idp.Config{}, - } - - if insecure { - cfg.AuthBearer = &authbearer.Config{ - AuthProviders: authbearer.AuthProviders{ - OIDC: authbearer.OIDCProvider{ - Insecure: true, - }, - }, - } - cfg.Frontend = &frontend.Config{ - AppProvider: frontend.AppProvider{ - Insecure: true, - }, - Archiver: frontend.Archiver{ - Insecure: true, - }, - } - cfg.Graph = &graph.Config{ - Spaces: graph.Spaces{ - Insecure: true, - }, - } - cfg.OCDav = &ocdav.Config{ - Insecure: true, - } - cfg.Proxy = &proxy.Config{ - InsecureBackends: true, - } - - cfg.StorageMetadata = &storagemetadata.Config{ - DataProviderInsecure: true, - } - cfg.StorageUsers = &storageusers.Config{ - DataProviderInsecure: true, - } - cfg.Thumbnails = &thumbnails.Config{ - Thumbnail: thumbnails.Thumbnail{ - WebdavAllowInsecure: true, - CS3AllowInsecure: true, - }, - } - - } idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { @@ -222,22 +230,93 @@ func createConfig(insecure, forceOverwrite bool, configPath string) error { return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) } - cfg.MachineAuthAPIKey = machineAuthApiKey - cfg.TransferSecret = revaTransferSecret - cfg.TokenManager.JWTSecret = tokenManagerJwtSecret - - cfg.IDM.ServiceUserPasswords.Idm = idmServicePassword - cfg.Graph.Identity.LDAP.BindPassword = idmServicePassword - - cfg.IDM.ServiceUserPasswords.Idp = idpServicePassword - cfg.IDP.Ldap.BindPassword = idpServicePassword - - cfg.IDM.ServiceUserPasswords.Reva = revaServicePassword - cfg.AuthBasic.AuthProviders.LDAP.BindPassword = revaServicePassword - cfg.Group.Drivers.LDAP.BindPassword = revaServicePassword - cfg.User.Drivers.LDAP.BindPassword = revaServicePassword + cfg := ocisConfig{ + Token_manager: tokenManager{ + JWT_Secret: tokenManagerJwtSecret, + }, + Machine_auth_api_key: machineAuthApiKey, + Transfer_secret: revaTransferSecret, + Idm: idmExtension{ + Service_user_Passwords: serviceUserPasswordsSettings{ + Admin_password: ocisAdminServicePassword, + Idp_password: idpServicePassword, + Reva_password: revaServicePassword, + Idm_password: idmServicePassword, + }, + }, + Idp: ldapBasedExtension{ + Ldap: ldapSettings{ + Bind_password: idpServicePassword, + }, + }, + Auth_basic: authbasicExtension{ + Auth_providers: ldapBasedExtension{ + Ldap: ldapSettings{ + Bind_password: revaServicePassword, + }, + }, + }, + Group: userAndGroupExtension{ + Drivers: ldapBasedExtension{ + Ldap: ldapSettings{ + Bind_password: revaServicePassword, + }, + }, + }, + User: userAndGroupExtension{ + Drivers: ldapBasedExtension{ + Ldap: ldapSettings{ + Bind_password: revaServicePassword, + }, + }, + }, + Graph: graphExtension{ + Identity: ldapBasedExtension{ + Ldap: ldapSettings{ + Bind_password: idmServicePassword, + }, + }, + }, + } - cfg.IDM.ServiceUserPasswords.OcisAdmin = ocisAdminServicePassword + if insecure { + cfg.Auth_bearer = authbearerExtension{ + Auth_providers: authProviderSettings{ + Oidc: insecureExtension{ + Insecure: true, + }, + }, + } + cfg.Frontend = frontendExtension{ + App_provider: insecureExtension{ + Insecure: true, + }, + Archiver: insecureExtension{ + Insecure: true, + }, + } + cfg.Graph.Spaces = insecureExtension{ + Insecure: true, + } + cfg.Ocdav = insecureExtension{ + Insecure: true, + } + cfg.Proxy = insecureProxyExtension{ + Insecure_backends: true, + } + cfg.Storage_metadata = dataProviderInsecureSettings{ + Data_provider_insecure: true, + } + cfg.Storage_users = dataProviderInsecureSettings{ + Data_provider_insecure: true, + } + cfg.Thumbnails = thumbNailExtension{ + Thumbnail: thumbnailSettings{ + Webdav_allow_insecure: true, + Cs3_allow_insecure: true, + }, + } + } yamlOutput, err := yaml.Marshal(cfg) if err != nil { From 83b94cf82db270aae1e61e39daffbd4e3bd9fea7 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 15:52:26 +0200 Subject: [PATCH 30/59] log parsing errors to stdout --- extensions/accounts/pkg/command/health.go | 6 +++++- extensions/accounts/pkg/command/server.go | 6 +++++- extensions/appprovider/pkg/command/command.go | 7 ++++++- extensions/audit/pkg/command/server.go | 6 +++++- extensions/auth-basic/pkg/command/command.go | 7 ++++++- extensions/auth-bearer/pkg/command/command.go | 7 ++++++- extensions/auth-machine/pkg/command/command.go | 7 ++++++- extensions/frontend/pkg/command/command.go | 6 +++++- extensions/gateway/pkg/command/command.go | 7 ++++++- extensions/glauth/pkg/command/health.go | 6 +++++- extensions/glauth/pkg/command/server.go | 6 +++++- extensions/graph-explorer/pkg/command/health.go | 6 +++++- extensions/graph-explorer/pkg/command/server.go | 6 +++++- extensions/graph/pkg/command/health.go | 6 +++++- extensions/graph/pkg/command/server.go | 6 +++++- extensions/group/pkg/command/command.go | 7 ++++++- extensions/idm/pkg/command/health.go | 6 +++++- extensions/idm/pkg/command/server.go | 6 +++++- extensions/idp/pkg/command/health.go | 6 +++++- extensions/idp/pkg/command/server.go | 6 +++++- extensions/nats/pkg/command/server.go | 6 +++++- extensions/notifications/pkg/command/server.go | 6 +++++- extensions/ocdav/pkg/command/ocdav.go | 6 +++++- extensions/ocs/pkg/command/health.go | 6 +++++- extensions/ocs/pkg/command/server.go | 6 +++++- extensions/proxy/pkg/command/health.go | 6 +++++- extensions/proxy/pkg/command/server.go | 6 +++++- extensions/settings/pkg/command/health.go | 6 +++++- extensions/settings/pkg/command/server.go | 6 +++++- extensions/sharing/pkg/command/command.go | 7 ++++++- extensions/storage-metadata/pkg/command/command.go | 7 ++++++- .../storage-publiclink/pkg/command/storagepubliclink.go | 7 ++++++- extensions/storage-shares/pkg/command/command.go | 7 ++++++- extensions/storage-users/pkg/command/command.go | 7 ++++++- extensions/store/pkg/command/health.go | 6 +++++- extensions/store/pkg/command/server.go | 6 +++++- extensions/thumbnails/pkg/command/health.go | 6 +++++- extensions/thumbnails/pkg/command/server.go | 6 +++++- extensions/user/pkg/command/command.go | 7 ++++++- extensions/web/pkg/command/health.go | 6 +++++- extensions/web/pkg/command/server.go | 6 +++++- extensions/webdav/pkg/command/health.go | 6 +++++- extensions/webdav/pkg/command/server.go | 6 +++++- ocis/pkg/command/accounts.go | 8 +++++++- ocis/pkg/command/audit.go | 8 +++++++- ocis/pkg/command/glauth.go | 8 +++++++- ocis/pkg/command/graph.go | 8 +++++++- ocis/pkg/command/graphexplorer.go | 8 +++++++- ocis/pkg/command/idm.go | 8 +++++++- ocis/pkg/command/idp.go | 8 +++++++- ocis/pkg/command/natsserver.go | 8 +++++++- ocis/pkg/command/notifications.go | 8 +++++++- ocis/pkg/command/ocs.go | 8 +++++++- ocis/pkg/command/proxy.go | 8 +++++++- ocis/pkg/command/server.go | 9 +++++++-- ocis/pkg/command/settings.go | 8 +++++++- ocis/pkg/command/store.go | 8 +++++++- ocis/pkg/command/thumbnails.go | 8 +++++++- ocis/pkg/command/web.go | 8 +++++++- ocis/pkg/command/webdav.go | 8 +++++++- 60 files changed, 346 insertions(+), 61 deletions(-) diff --git a/extensions/accounts/pkg/command/health.go b/extensions/accounts/pkg/command/health.go index 28794625760..0590938e938 100644 --- a/extensions/accounts/pkg/command/health.go +++ b/extensions/accounts/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/accounts/pkg/command/server.go b/extensions/accounts/pkg/command/server.go index cad2406868f..26fb0f1f494 100644 --- a/extensions/accounts/pkg/command/server.go +++ b/extensions/accounts/pkg/command/server.go @@ -25,7 +25,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/appprovider/pkg/command/command.go b/extensions/appprovider/pkg/command/command.go index a8425fddf42..f638e3c98cf 100644 --- a/extensions/appprovider/pkg/command/command.go +++ b/extensions/appprovider/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -26,7 +27,11 @@ func AppProvider(cfg *config.Config) *cli.Command { Name: "app-provider", Usage: "start appprovider for providing apps", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/audit/pkg/command/server.go b/extensions/audit/pkg/command/server.go index 2ace55644a0..ad4ad4e1752 100644 --- a/extensions/audit/pkg/command/server.go +++ b/extensions/audit/pkg/command/server.go @@ -22,7 +22,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/auth-basic/pkg/command/command.go b/extensions/auth-basic/pkg/command/command.go index 24bc0b7177d..cd08691a568 100644 --- a/extensions/auth-basic/pkg/command/command.go +++ b/extensions/auth-basic/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" "path/filepath" @@ -28,7 +29,11 @@ func AuthBasic(cfg *config.Config) *cli.Command { Name: "auth-basic", Usage: "start authprovider for basic auth", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/auth-bearer/pkg/command/command.go b/extensions/auth-bearer/pkg/command/command.go index d896fbb444d..ea41172d272 100644 --- a/extensions/auth-bearer/pkg/command/command.go +++ b/extensions/auth-bearer/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -26,7 +27,11 @@ func AuthBearer(cfg *config.Config) *cli.Command { Name: "auth-bearer", Usage: "start authprovider for bearer auth", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/auth-machine/pkg/command/command.go b/extensions/auth-machine/pkg/command/command.go index 41de568723a..1ab91220afb 100644 --- a/extensions/auth-machine/pkg/command/command.go +++ b/extensions/auth-machine/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -26,7 +27,11 @@ func AuthMachine(cfg *config.Config) *cli.Command { Name: "auth-machine", Usage: "start authprovider for machine auth", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/frontend/pkg/command/command.go b/extensions/frontend/pkg/command/command.go index 6eadfb2e95f..f3fc88c2c1a 100644 --- a/extensions/frontend/pkg/command/command.go +++ b/extensions/frontend/pkg/command/command.go @@ -35,7 +35,11 @@ func Frontend(cfg *config.Config) *cli.Command { // return err //} //return nil - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/gateway/pkg/command/command.go b/extensions/gateway/pkg/command/command.go index c71895ac4b8..816cba5d1b8 100644 --- a/extensions/gateway/pkg/command/command.go +++ b/extensions/gateway/pkg/command/command.go @@ -4,6 +4,7 @@ import ( "context" "encoding/json" "flag" + "fmt" "io/ioutil" "os" "path" @@ -32,7 +33,11 @@ func Gateway(cfg *config.Config) *cli.Command { Name: "gateway", Usage: "start gateway", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/glauth/pkg/command/health.go b/extensions/glauth/pkg/command/health.go index c6e54893cea..0ec61709215 100644 --- a/extensions/glauth/pkg/command/health.go +++ b/extensions/glauth/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/glauth/pkg/command/server.go b/extensions/glauth/pkg/command/server.go index fda86d30c18..5a674cdc948 100644 --- a/extensions/glauth/pkg/command/server.go +++ b/extensions/glauth/pkg/command/server.go @@ -28,7 +28,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/graph-explorer/pkg/command/health.go b/extensions/graph-explorer/pkg/command/health.go index a6122e5af73..8ee126ebb2d 100644 --- a/extensions/graph-explorer/pkg/command/health.go +++ b/extensions/graph-explorer/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/graph-explorer/pkg/command/server.go b/extensions/graph-explorer/pkg/command/server.go index 093cbe60b33..562cfa569cc 100644 --- a/extensions/graph-explorer/pkg/command/server.go +++ b/extensions/graph-explorer/pkg/command/server.go @@ -23,7 +23,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/graph/pkg/command/health.go b/extensions/graph/pkg/command/health.go index 0de5812985b..befa8a2e5c7 100644 --- a/extensions/graph/pkg/command/health.go +++ b/extensions/graph/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/graph/pkg/command/server.go b/extensions/graph/pkg/command/server.go index c7e3e317a36..1a281fc895c 100644 --- a/extensions/graph/pkg/command/server.go +++ b/extensions/graph/pkg/command/server.go @@ -23,7 +23,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/group/pkg/command/command.go b/extensions/group/pkg/command/command.go index 0b8564bfefa..9f5d45dfe6f 100644 --- a/extensions/group/pkg/command/command.go +++ b/extensions/group/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" "path/filepath" @@ -28,7 +29,11 @@ func Groups(cfg *config.Config) *cli.Command { Name: "groups", Usage: "start groups service", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/idm/pkg/command/health.go b/extensions/idm/pkg/command/health.go index cc61b7c1dc4..22bae6b94f2 100644 --- a/extensions/idm/pkg/command/health.go +++ b/extensions/idm/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/idm/pkg/command/server.go b/extensions/idm/pkg/command/server.go index c63b0f2af70..90f399dfa93 100644 --- a/extensions/idm/pkg/command/server.go +++ b/extensions/idm/pkg/command/server.go @@ -29,7 +29,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/idp/pkg/command/health.go b/extensions/idp/pkg/command/health.go index cd282e8bac8..3ff2833bb24 100644 --- a/extensions/idp/pkg/command/health.go +++ b/extensions/idp/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/idp/pkg/command/server.go b/extensions/idp/pkg/command/server.go index c541245d014..8b3f25e3008 100644 --- a/extensions/idp/pkg/command/server.go +++ b/extensions/idp/pkg/command/server.go @@ -23,7 +23,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/nats/pkg/command/server.go b/extensions/nats/pkg/command/server.go index 79f3f7f4434..14234b42439 100644 --- a/extensions/nats/pkg/command/server.go +++ b/extensions/nats/pkg/command/server.go @@ -20,7 +20,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/notifications/pkg/command/server.go b/extensions/notifications/pkg/command/server.go index 4a887fc4b93..a51fda70102 100644 --- a/extensions/notifications/pkg/command/server.go +++ b/extensions/notifications/pkg/command/server.go @@ -21,7 +21,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/ocdav/pkg/command/ocdav.go b/extensions/ocdav/pkg/command/ocdav.go index 30896c28424..4869b0263d4 100644 --- a/extensions/ocdav/pkg/command/ocdav.go +++ b/extensions/ocdav/pkg/command/ocdav.go @@ -34,7 +34,11 @@ func OCDav(cfg *config.Config) *cli.Command { // return nil //}, Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/ocs/pkg/command/health.go b/extensions/ocs/pkg/command/health.go index 515f3840801..6e7d9c08b1e 100644 --- a/extensions/ocs/pkg/command/health.go +++ b/extensions/ocs/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/ocs/pkg/command/server.go b/extensions/ocs/pkg/command/server.go index 0b88c99728e..5df57b61038 100644 --- a/extensions/ocs/pkg/command/server.go +++ b/extensions/ocs/pkg/command/server.go @@ -24,7 +24,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/proxy/pkg/command/health.go b/extensions/proxy/pkg/command/health.go index e3014e58708..a90cb78b41b 100644 --- a/extensions/proxy/pkg/command/health.go +++ b/extensions/proxy/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/proxy/pkg/command/server.go b/extensions/proxy/pkg/command/server.go index 7afc358729b..ed1752ebb7e 100644 --- a/extensions/proxy/pkg/command/server.go +++ b/extensions/proxy/pkg/command/server.go @@ -43,7 +43,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/settings/pkg/command/health.go b/extensions/settings/pkg/command/health.go index 82cc7202f35..620734e00dd 100644 --- a/extensions/settings/pkg/command/health.go +++ b/extensions/settings/pkg/command/health.go @@ -16,7 +16,11 @@ func Health(cfg *config.Config) *cli.Command { Name: "health", Usage: "Check health status", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/settings/pkg/command/server.go b/extensions/settings/pkg/command/server.go index 877b48b2fa3..407a4f41268 100644 --- a/extensions/settings/pkg/command/server.go +++ b/extensions/settings/pkg/command/server.go @@ -24,7 +24,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/sharing/pkg/command/command.go b/extensions/sharing/pkg/command/command.go index a7376f4ebf0..29cde193573 100644 --- a/extensions/sharing/pkg/command/command.go +++ b/extensions/sharing/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" "path/filepath" @@ -28,7 +29,11 @@ func Sharing(cfg *config.Config) *cli.Command { Name: "sharing", Usage: "start sharing service", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/storage-metadata/pkg/command/command.go b/extensions/storage-metadata/pkg/command/command.go index 65346a94f14..6631a4abe1d 100644 --- a/extensions/storage-metadata/pkg/command/command.go +++ b/extensions/storage-metadata/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -32,7 +33,11 @@ func StorageMetadata(cfg *config.Config) *cli.Command { Usage: "start storage-metadata service", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/storage-publiclink/pkg/command/storagepubliclink.go b/extensions/storage-publiclink/pkg/command/storagepubliclink.go index 518003919ef..06fe7ada8ae 100644 --- a/extensions/storage-publiclink/pkg/command/storagepubliclink.go +++ b/extensions/storage-publiclink/pkg/command/storagepubliclink.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -27,7 +28,11 @@ func StoragePublicLink(cfg *config.Config) *cli.Command { Usage: "start storage-public-link service", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/storage-shares/pkg/command/command.go b/extensions/storage-shares/pkg/command/command.go index c689e704f19..6964706456e 100644 --- a/extensions/storage-shares/pkg/command/command.go +++ b/extensions/storage-shares/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -27,7 +28,11 @@ func StorageShares(cfg *config.Config) *cli.Command { Name: "storage-shares", Usage: "start storage-shares service", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/storage-users/pkg/command/command.go b/extensions/storage-users/pkg/command/command.go index 01b4fc4c98c..5e48a2db036 100644 --- a/extensions/storage-users/pkg/command/command.go +++ b/extensions/storage-users/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" @@ -26,7 +27,11 @@ func StorageUsers(cfg *config.Config) *cli.Command { Name: "storage-users", Usage: "start storage-users service", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/store/pkg/command/health.go b/extensions/store/pkg/command/health.go index 7bf3ba8f46b..341f59317c6 100644 --- a/extensions/store/pkg/command/health.go +++ b/extensions/store/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/store/pkg/command/server.go b/extensions/store/pkg/command/server.go index ac14affd2cf..a2995507e79 100644 --- a/extensions/store/pkg/command/server.go +++ b/extensions/store/pkg/command/server.go @@ -24,7 +24,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/thumbnails/pkg/command/health.go b/extensions/thumbnails/pkg/command/health.go index f63d023d555..17e93587716 100644 --- a/extensions/thumbnails/pkg/command/health.go +++ b/extensions/thumbnails/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/thumbnails/pkg/command/server.go b/extensions/thumbnails/pkg/command/server.go index 8bfd35a1bdb..7244a7c86c7 100644 --- a/extensions/thumbnails/pkg/command/server.go +++ b/extensions/thumbnails/pkg/command/server.go @@ -24,7 +24,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/user/pkg/command/command.go b/extensions/user/pkg/command/command.go index 473c91ff8e5..27e7cabfab8 100644 --- a/extensions/user/pkg/command/command.go +++ b/extensions/user/pkg/command/command.go @@ -3,6 +3,7 @@ package command import ( "context" "flag" + "fmt" "os" "path" "path/filepath" @@ -28,7 +29,11 @@ func User(cfg *config.Config) *cli.Command { Name: "users", Usage: "start users service", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logCfg := cfg.Logging diff --git a/extensions/web/pkg/command/health.go b/extensions/web/pkg/command/health.go index 397f14da415..70e33f31e1e 100644 --- a/extensions/web/pkg/command/health.go +++ b/extensions/web/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/web/pkg/command/server.go b/extensions/web/pkg/command/server.go index e62494d0729..d95587aa25b 100644 --- a/extensions/web/pkg/command/server.go +++ b/extensions/web/pkg/command/server.go @@ -24,7 +24,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/webdav/pkg/command/health.go b/extensions/webdav/pkg/command/health.go index d6226f8e8fa..9882d035bfe 100644 --- a/extensions/webdav/pkg/command/health.go +++ b/extensions/webdav/pkg/command/health.go @@ -17,7 +17,11 @@ func Health(cfg *config.Config) *cli.Command { Usage: "check health status", Category: "info", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/extensions/webdav/pkg/command/server.go b/extensions/webdav/pkg/command/server.go index 291276cbbe7..b603681a0f6 100644 --- a/extensions/webdav/pkg/command/server.go +++ b/extensions/webdav/pkg/command/server.go @@ -23,7 +23,11 @@ func Server(cfg *config.Config) *cli.Command { Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), Category: "server", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { logger := logging.Configure(cfg.Service.Name, cfg.Log) diff --git a/ocis/pkg/command/accounts.go b/ocis/pkg/command/accounts.go index f8a56bfcc5b..8434e0c2f51 100644 --- a/ocis/pkg/command/accounts.go +++ b/ocis/pkg/command/accounts.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/accounts/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func AccountsCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Accounts.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Accounts), } diff --git a/ocis/pkg/command/audit.go b/ocis/pkg/command/audit.go index 638367a166b..884b79fb3eb 100644 --- a/ocis/pkg/command/audit.go +++ b/ocis/pkg/command/audit.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/audit/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func AuditCommand(cfg *config.Config) *cli.Command { Usage: "start audit service", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Audit), } diff --git a/ocis/pkg/command/glauth.go b/ocis/pkg/command/glauth.go index ad91954eb03..bbe5af9e7fc 100644 --- a/ocis/pkg/command/glauth.go +++ b/ocis/pkg/command/glauth.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/glauth/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func GLAuthCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.GLAuth.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.GLAuth), } diff --git a/ocis/pkg/command/graph.go b/ocis/pkg/command/graph.go index 836ad44465d..34158e1cc31 100644 --- a/ocis/pkg/command/graph.go +++ b/ocis/pkg/command/graph.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/graph/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func GraphCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Graph.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Graph), } diff --git a/ocis/pkg/command/graphexplorer.go b/ocis/pkg/command/graphexplorer.go index 95be9e503ff..6e1f890fbd3 100644 --- a/ocis/pkg/command/graphexplorer.go +++ b/ocis/pkg/command/graphexplorer.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/graph-explorer/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func GraphExplorerCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.GraphExplorer.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.GraphExplorer), } diff --git a/ocis/pkg/command/idm.go b/ocis/pkg/command/idm.go index d768b6dc58b..86d3cae7778 100644 --- a/ocis/pkg/command/idm.go +++ b/ocis/pkg/command/idm.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/idm/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func IDMCommand(cfg *config.Config) *cli.Command { Usage: "idm extension commands", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.IDM), } diff --git a/ocis/pkg/command/idp.go b/ocis/pkg/command/idp.go index 0c6828c5928..0f37a98c059 100644 --- a/ocis/pkg/command/idp.go +++ b/ocis/pkg/command/idp.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/idp/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func IDPCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.IDP.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.IDP), } diff --git a/ocis/pkg/command/natsserver.go b/ocis/pkg/command/natsserver.go index 1e7f3432317..6a46a1cc7a3 100644 --- a/ocis/pkg/command/natsserver.go +++ b/ocis/pkg/command/natsserver.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/nats/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func NatsServerCommand(cfg *config.Config) *cli.Command { Usage: "start nats server", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Nats), } diff --git a/ocis/pkg/command/notifications.go b/ocis/pkg/command/notifications.go index f4108e299af..a6f1113d747 100644 --- a/ocis/pkg/command/notifications.go +++ b/ocis/pkg/command/notifications.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/notifications/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func NotificationsCommand(cfg *config.Config) *cli.Command { Usage: "start notifications service", Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Notifications), } diff --git a/ocis/pkg/command/ocs.go b/ocis/pkg/command/ocs.go index 2fae3beb95d..fdd76af613c 100644 --- a/ocis/pkg/command/ocs.go +++ b/ocis/pkg/command/ocs.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/ocs/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func OCSCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.OCS.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.OCS), } diff --git a/ocis/pkg/command/proxy.go b/ocis/pkg/command/proxy.go index 429ca83e19f..a23eec33cf3 100644 --- a/ocis/pkg/command/proxy.go +++ b/ocis/pkg/command/proxy.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/proxy/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func ProxyCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Proxy.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Proxy), } diff --git a/ocis/pkg/command/server.go b/ocis/pkg/command/server.go index f623a2497f4..c4bba27eb08 100644 --- a/ocis/pkg/command/server.go +++ b/ocis/pkg/command/server.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" "github.com/owncloud/ocis/ocis/pkg/register" @@ -15,10 +17,13 @@ func Server(cfg *config.Config) *cli.Command { Usage: "start a fullstack server (runtime and all extensions in supervised mode)", Category: "fullstack", Before: func(c *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Action: func(c *cli.Context) error { - r := runtime.New(cfg) return r.Start() }, diff --git a/ocis/pkg/command/settings.go b/ocis/pkg/command/settings.go index 32c8b43e690..33032f30c0b 100644 --- a/ocis/pkg/command/settings.go +++ b/ocis/pkg/command/settings.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/settings/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func SettingsCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Settings.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Settings), } diff --git a/ocis/pkg/command/store.go b/ocis/pkg/command/store.go index e37d5ab79f1..12bda770f99 100644 --- a/ocis/pkg/command/store.go +++ b/ocis/pkg/command/store.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/store/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -16,7 +18,11 @@ func StoreCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Store.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Store), } diff --git a/ocis/pkg/command/thumbnails.go b/ocis/pkg/command/thumbnails.go index 8409c98dc07..ca6e693a02d 100644 --- a/ocis/pkg/command/thumbnails.go +++ b/ocis/pkg/command/thumbnails.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/thumbnails/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func ThumbnailsCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Thumbnails.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Thumbnails), } diff --git a/ocis/pkg/command/web.go b/ocis/pkg/command/web.go index 0b3ec822e24..70499da3fe7 100644 --- a/ocis/pkg/command/web.go +++ b/ocis/pkg/command/web.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/web/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -15,7 +17,11 @@ func WebCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.Web.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.Web), } diff --git a/ocis/pkg/command/webdav.go b/ocis/pkg/command/webdav.go index 7add32497fa..a87145ab4e8 100644 --- a/ocis/pkg/command/webdav.go +++ b/ocis/pkg/command/webdav.go @@ -1,6 +1,8 @@ package command import ( + "fmt" + "github.com/owncloud/ocis/extensions/webdav/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/parser" @@ -16,7 +18,11 @@ func WebDAVCommand(cfg *config.Config) *cli.Command { Usage: subcommandDescription(cfg.WebDAV.Service.Name), Category: "extensions", Before: func(ctx *cli.Context) error { - return parser.ParseConfig(cfg) + err := parser.ParseConfig(cfg) + if err != nil { + fmt.Printf("%v", err) + } + return err }, Subcommands: command.GetCommands(cfg.WebDAV), } From 0330b431bb24e0f0ad8a101728531e5fb4364298 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Thu, 28 Apr 2022 15:55:21 +0200 Subject: [PATCH 31/59] unclutter ocis init code Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 286 +------------------------------------- ocis/pkg/init/init.go | 291 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 293 insertions(+), 284 deletions(-) create mode 100644 ocis/pkg/init/init.go diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index af6e44d48e5..24d82821ac9 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -3,111 +3,17 @@ package command import ( "bufio" "fmt" - "io" - "io/ioutil" "log" "os" - "path" "strings" - "time" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/defaults" - "github.com/owncloud/ocis/ocis-pkg/generators" + ocisinit "github.com/owncloud/ocis/ocis/pkg/init" "github.com/owncloud/ocis/ocis/pkg/register" cli "github.com/urfave/cli/v2" - "gopkg.in/yaml.v3" ) -const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file -const passwordLength int = 32 - -type tokenManager struct { - JWT_Secret string -} - -type insecureExtension struct { - Insecure bool -} - -type insecureProxyExtension struct { - Insecure_backends bool -} - -type dataProviderInsecureSettings struct { - Data_provider_insecure bool -} - -type ldapSettings struct { - Bind_password string -} -type ldapBasedExtension struct { - Ldap ldapSettings -} - -type graphExtension struct { - Spaces insecureExtension - Identity ldapBasedExtension -} - -type serviceUserPasswordsSettings struct { - Admin_password string - Idm_password string - Reva_password string - Idp_password string -} -type idmExtension struct { - Service_user_Passwords serviceUserPasswordsSettings -} - -type frontendExtension struct { - Archiver insecureExtension - App_provider insecureExtension -} - -type authbasicExtension struct { - Auth_providers ldapBasedExtension -} - -type authProviderSettings struct { - Oidc insecureExtension -} -type authbearerExtension struct { - Auth_providers authProviderSettings -} - -type userAndGroupExtension struct { - Drivers ldapBasedExtension -} - -type thumbnailSettings struct { - Webdav_allow_insecure bool - Cs3_allow_insecure bool -} - -type thumbNailExtension struct { - Thumbnail thumbnailSettings -} - -type ocisConfig struct { - Token_manager tokenManager - Machine_auth_api_key string - Transfer_secret string - Graph graphExtension - Idp ldapBasedExtension - Idm idmExtension - Proxy insecureProxyExtension - Frontend frontendExtension - Auth_basic authbasicExtension - Auth_bearer authbearerExtension - User userAndGroupExtension - Group userAndGroupExtension - Storage_metadata dataProviderInsecureSettings - Storage_users dataProviderInsecureSettings - Ocdav insecureExtension - Thumbnails thumbNailExtension -} - // InitCommand is the entrypoint for the init command func InitCommand(cfg *config.Config) *cli.Command { return &cli.Command{ @@ -142,7 +48,7 @@ func InitCommand(cfg *config.Config) *cli.Command { } else if insecureFlag == "true" { insecure = true } - err := createConfig(insecure, c.Bool("force-overwrite"), c.String("config-path")) + err := ocisinit.CreateConfig(insecure, c.Bool("force-overwrite"), c.String("config-path")) if err != nil { log.Fatalf("Could not create config: %s", err) } @@ -155,194 +61,6 @@ func init() { register.AddCommand(InitCommand) } -func checkConfigPath(configPath string) error { - targetPath := path.Join(configPath, configFilename) - if _, err := os.Stat(targetPath); err == nil { - return fmt.Errorf("config in %s already exists", targetPath) - } - return nil -} - -func backupOcisConfigFile(configPath string) (string, error) { - sourceConfig := path.Join(configPath, configFilename) - targetBackupConfig := path.Join(configPath, configFilename+"."+time.Now().Format("2006-01-02-15-04-05")+".backup") - source, err := os.Open(sourceConfig) - if err != nil { - log.Fatalf("Could not read %s (%s)", sourceConfig, err) - } - defer source.Close() - target, err := os.Create(targetBackupConfig) - if err != nil { - log.Fatalf("Could not generate backup %s (%s)", targetBackupConfig, err) - } - defer target.Close() - _, err = io.Copy(target, source) - if err != nil { - log.Fatalf("Could not write backup %s (%s)", targetBackupConfig, err) - } - return targetBackupConfig, nil -} - -func createConfig(insecure, forceOverwrite bool, configPath string) error { - err := checkConfigPath(configPath) - targetBackupConfig := "" - if err != nil && !forceOverwrite { - return err - } else if forceOverwrite { - targetBackupConfig, err = backupOcisConfigFile(configPath) - if err != nil { - return err - } else { - - } - } - err = os.MkdirAll(configPath, 0700) - if err != nil { - return err - } - - idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for idm: %s", err) - } - idpServicePassword, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for idp: %s", err) - } - ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for ocis admin: %s", err) - } - revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for reva: %s", err) - } - tokenManagerJwtSecret, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for tokenmanager: %s", err) - } - machineAuthApiKey, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) - } - revaTransferSecret, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) - } - - cfg := ocisConfig{ - Token_manager: tokenManager{ - JWT_Secret: tokenManagerJwtSecret, - }, - Machine_auth_api_key: machineAuthApiKey, - Transfer_secret: revaTransferSecret, - Idm: idmExtension{ - Service_user_Passwords: serviceUserPasswordsSettings{ - Admin_password: ocisAdminServicePassword, - Idp_password: idpServicePassword, - Reva_password: revaServicePassword, - Idm_password: idmServicePassword, - }, - }, - Idp: ldapBasedExtension{ - Ldap: ldapSettings{ - Bind_password: idpServicePassword, - }, - }, - Auth_basic: authbasicExtension{ - Auth_providers: ldapBasedExtension{ - Ldap: ldapSettings{ - Bind_password: revaServicePassword, - }, - }, - }, - Group: userAndGroupExtension{ - Drivers: ldapBasedExtension{ - Ldap: ldapSettings{ - Bind_password: revaServicePassword, - }, - }, - }, - User: userAndGroupExtension{ - Drivers: ldapBasedExtension{ - Ldap: ldapSettings{ - Bind_password: revaServicePassword, - }, - }, - }, - Graph: graphExtension{ - Identity: ldapBasedExtension{ - Ldap: ldapSettings{ - Bind_password: idmServicePassword, - }, - }, - }, - } - - if insecure { - cfg.Auth_bearer = authbearerExtension{ - Auth_providers: authProviderSettings{ - Oidc: insecureExtension{ - Insecure: true, - }, - }, - } - cfg.Frontend = frontendExtension{ - App_provider: insecureExtension{ - Insecure: true, - }, - Archiver: insecureExtension{ - Insecure: true, - }, - } - cfg.Graph.Spaces = insecureExtension{ - Insecure: true, - } - cfg.Ocdav = insecureExtension{ - Insecure: true, - } - cfg.Proxy = insecureProxyExtension{ - Insecure_backends: true, - } - cfg.Storage_metadata = dataProviderInsecureSettings{ - Data_provider_insecure: true, - } - cfg.Storage_users = dataProviderInsecureSettings{ - Data_provider_insecure: true, - } - cfg.Thumbnails = thumbNailExtension{ - Thumbnail: thumbnailSettings{ - Webdav_allow_insecure: true, - Cs3_allow_insecure: true, - }, - } - } - - yamlOutput, err := yaml.Marshal(cfg) - if err != nil { - return fmt.Errorf("could not marshall config into yaml: %s", err) - } - targetPath := path.Join(configPath, configFilename) - err = ioutil.WriteFile(targetPath, yamlOutput, 0600) - if err != nil { - return err - } - fmt.Printf( - "\n\n=========================================\n"+ - " generated OCIS Config\n"+ - "=========================================\n"+ - " configpath : %s\n"+ - " user : admin\n"+ - " password : %s\n\n", - targetPath, ocisAdminServicePassword) - if targetBackupConfig != "" { - fmt.Printf("\n=========================================\n"+ - "An older config file has been backuped to\n %s\n\n", - targetBackupConfig) - } - return nil -} - func stringPrompt(label string) string { input := "" reader := bufio.NewReader(os.Stdin) diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go new file mode 100644 index 00000000000..22a7940061c --- /dev/null +++ b/ocis/pkg/init/init.go @@ -0,0 +1,291 @@ +package init + +import ( + "fmt" + "io" + "io/ioutil" + "log" + "os" + "path" + "time" + + "github.com/owncloud/ocis/ocis-pkg/generators" + "gopkg.in/yaml.v2" +) + +const configFilename string = "ocis.yaml" // TODO: use also a constant for reading this file +const passwordLength int = 32 + +type TokenManager struct { + JWT_Secret string +} + +type InsecureExtension struct { + Insecure bool +} + +type InsecureProxyExtension struct { + Insecure_backends bool +} + +type DataProviderInsecureSettings struct { + Data_provider_insecure bool +} + +type LdapSettings struct { + Bindpassword string +} +type LdapBasedExtension struct { + Ldap LdapSettings +} + +type GraphExtension struct { + Spaces InsecureExtension + Identity LdapBasedExtension +} + +type ServiceUserPasswordsSettings struct { + Admin_password string + Idm_password string + Reva_password string + Idp_password string +} +type IdmExtension struct { + Service_user_Passwords ServiceUserPasswordsSettings +} + +type FrontendExtension struct { + Archiver InsecureExtension + App_provider InsecureExtension +} + +type AuthbasicExtension struct { + Auth_providers LdapBasedExtension +} + +type AuthProviderSettings struct { + Oidc InsecureExtension +} +type AuthbearerExtension struct { + Auth_providers AuthProviderSettings +} + +type UserAndGroupExtension struct { + Drivers LdapBasedExtension +} + +type ThumbnailSettings struct { + Webdav_allow_insecure bool + Cs3_allow_insecure bool +} + +type ThumbNailExtension struct { + Thumbnail ThumbnailSettings +} + +type OcisConfig struct { + Token_manager TokenManager + Machine_auth_api_key string + Transfer_secret string + Graph GraphExtension + Idp LdapBasedExtension + Idm IdmExtension + Proxy InsecureProxyExtension + Frontend FrontendExtension + Auth_basic AuthbasicExtension + Auth_bearer AuthbearerExtension + User UserAndGroupExtension + Group UserAndGroupExtension + Storage_metadata DataProviderInsecureSettings + Storage_users DataProviderInsecureSettings + Ocdav InsecureExtension + Thumbnails ThumbNailExtension +} + +func checkConfigPath(configPath string) error { + targetPath := path.Join(configPath, configFilename) + if _, err := os.Stat(targetPath); err == nil { + return fmt.Errorf("config in %s already exists", targetPath) + } + return nil +} + +func backupOcisConfigFile(configPath string) (string, error) { + sourceConfig := path.Join(configPath, configFilename) + targetBackupConfig := path.Join(configPath, configFilename+"."+time.Now().Format("2006-01-02-15-04-05")+".backup") + source, err := os.Open(sourceConfig) + if err != nil { + log.Fatalf("Could not read %s (%s)", sourceConfig, err) + } + defer source.Close() + target, err := os.Create(targetBackupConfig) + if err != nil { + log.Fatalf("Could not generate backup %s (%s)", targetBackupConfig, err) + } + defer target.Close() + _, err = io.Copy(target, source) + if err != nil { + log.Fatalf("Could not write backup %s (%s)", targetBackupConfig, err) + } + return targetBackupConfig, nil +} + +func CreateConfig(insecure, forceOverwrite bool, configPath string) error { + err := checkConfigPath(configPath) + targetBackupConfig := "" + if err != nil && !forceOverwrite { + return err + } else if forceOverwrite { + targetBackupConfig, err = backupOcisConfigFile(configPath) + if err != nil { + return err + } else { + + } + } + err = os.MkdirAll(configPath, 0700) + if err != nil { + return err + } + + idmServicePassword, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for idm: %s", err) + } + idpServicePassword, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for idp: %s", err) + } + ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for ocis admin: %s", err) + } + revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for reva: %s", err) + } + tokenManagerJwtSecret, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for tokenmanager: %s", err) + } + machineAuthApiKey, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) + } + revaTransferSecret, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) + } + + cfg := OcisConfig{ + Token_manager: TokenManager{ + JWT_Secret: tokenManagerJwtSecret, + }, + Machine_auth_api_key: machineAuthApiKey, + Transfer_secret: revaTransferSecret, + Idm: IdmExtension{ + Service_user_Passwords: ServiceUserPasswordsSettings{ + Admin_password: ocisAdminServicePassword, + Idp_password: idpServicePassword, + Reva_password: revaServicePassword, + Idm_password: idmServicePassword, + }, + }, + Idp: LdapBasedExtension{ + Ldap: LdapSettings{ + Bindpassword: idpServicePassword, + }, + }, + Auth_basic: AuthbasicExtension{ + Auth_providers: LdapBasedExtension{ + Ldap: LdapSettings{ + Bindpassword: revaServicePassword, + }, + }, + }, + Group: UserAndGroupExtension{ + Drivers: LdapBasedExtension{ + Ldap: LdapSettings{ + Bindpassword: revaServicePassword, + }, + }, + }, + User: UserAndGroupExtension{ + Drivers: LdapBasedExtension{ + Ldap: LdapSettings{ + Bindpassword: revaServicePassword, + }, + }, + }, + Graph: GraphExtension{ + Identity: LdapBasedExtension{ + Ldap: LdapSettings{ + Bindpassword: idmServicePassword, + }, + }, + }, + } + + if insecure { + cfg.Auth_bearer = AuthbearerExtension{ + Auth_providers: AuthProviderSettings{ + Oidc: InsecureExtension{ + Insecure: true, + }, + }, + } + cfg.Frontend = FrontendExtension{ + App_provider: InsecureExtension{ + Insecure: true, + }, + Archiver: InsecureExtension{ + Insecure: true, + }, + } + cfg.Graph.Spaces = InsecureExtension{ + Insecure: true, + } + cfg.Ocdav = InsecureExtension{ + Insecure: true, + } + cfg.Proxy = InsecureProxyExtension{ + Insecure_backends: true, + } + cfg.Storage_metadata = DataProviderInsecureSettings{ + Data_provider_insecure: true, + } + cfg.Storage_users = DataProviderInsecureSettings{ + Data_provider_insecure: true, + } + cfg.Thumbnails = ThumbNailExtension{ + Thumbnail: ThumbnailSettings{ + Webdav_allow_insecure: true, + Cs3_allow_insecure: true, + }, + } + } + + yamlOutput, err := yaml.Marshal(cfg) + if err != nil { + return fmt.Errorf("could not marshall config into yaml: %s", err) + } + targetPath := path.Join(configPath, configFilename) + err = ioutil.WriteFile(targetPath, yamlOutput, 0600) + if err != nil { + return err + } + fmt.Printf( + "\n\n=========================================\n"+ + " generated OCIS Config\n"+ + "=========================================\n"+ + " configpath : %s\n"+ + " user : admin\n"+ + " password : %s\n\n", + targetPath, ocisAdminServicePassword) + if targetBackupConfig != "" { + fmt.Printf("\n=========================================\n"+ + "An older config file has been backuped to\n %s\n\n", + targetBackupConfig) + } + return nil +} From 4e531ca442f3ce40ffe9bee48400d73cf4d895e3 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 16:16:06 +0200 Subject: [PATCH 32/59] fix ocis startup with debugging config / environment variables only --- .vscode/launch.json | 20 ++++++++++++-- extensions/thumbnails/pkg/config/config.go | 2 +- .../thumbnails/pkg/config/parser/parse.go | 2 +- ocis-pkg/config/config.go | 2 +- ocis-pkg/config/parser/parse.go | 26 ++++++++++++++----- 5 files changed, 40 insertions(+), 12 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 4332cf2e1ab..aec90a875e5 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -19,9 +19,25 @@ "PROXY_ENABLE_BASIC_AUTH": "true", // set insecure options because we don't have valid certificates in dev environments "OCIS_INSECURE": "true", + // set some hardcoded secrets + "OCIS_JWT_SECRET": "some-ocis-jwt-secret", + "STORAGE_TRANSFER_SECRET": "some-ocis-transfer-secret", + "OCIS_MACHINE_AUTH_API_KEY": "some-ocis-machine-auth-api-key", + // idm ldap + "IDM_SVC_PASSWORD": "some-ldap-idm-password", + "GRAPH_LDAP_BIND_PASSWORD": "some-ldap-idm-password", + // reva ldap + "IDM_REVASVC_PASSWORD": "some-ldap-reva-password", + "GROUPS_LDAP_BIND_PASSWORD": "some-ldap-reva-password", + "USERS_LDAP_BIND_PASSWORD": "some-ldap-reva-password", + "AUTH_BASIC_LDAP_BIND_PASSWORD": "some-ldap-reva-password", + // idp ldap + "IDM_IDPSVC_PASSWORD": "some-ldap-idp-password", + "IDP_LDAP_BIND_PASSWORD": "some-ldap-idp-password", + // admin user default password + "IDM_ADMIN_PASSWORD": "admin", // demo users - "ACCOUNTS_DEMO_USERS_AND_GROUPS": "true", - "IDM_CREATE_DEMO_USERS": "true" + "IDM_CREATE_DEMO_USERS": "true", // OCIS_RUN_EXTENSIONS allows to start a subset of extensions even in the supervised mode //"OCIS_RUN_EXTENSIONS": "settings,storage-metadata,glauth,graph,graph-explorer,idp,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,accounts,proxy,ocdav", } diff --git a/extensions/thumbnails/pkg/config/config.go b/extensions/thumbnails/pkg/config/config.go index 88d785d774d..4e65f12e826 100644 --- a/extensions/thumbnails/pkg/config/config.go +++ b/extensions/thumbnails/pkg/config/config.go @@ -42,6 +42,6 @@ type Thumbnail struct { CS3AllowInsecure bool `yaml:"cs3_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE"` RevaGateway string `yaml:"reva_gateway" env:"REVA_GATEWAY"` //TODO: use REVA config FontMapFile string `yaml:"font_map_file" env:"THUMBNAILS_TXT_FONTMAP_FILE"` - TransferSecret string `yaml:"transfer_secret" env:"THUMBNAILS_TRANSFER_TOKEN"` + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_TOKEN;THUMBNAILS_TRANSFER_TOKEN"` DataEndpoint string `yaml:"data_endpoint" env:"THUMBNAILS_DATA_ENDPOINT"` } diff --git a/extensions/thumbnails/pkg/config/parser/parse.go b/extensions/thumbnails/pkg/config/parser/parse.go index 348e87d1a12..625705dd54d 100644 --- a/extensions/thumbnails/pkg/config/parser/parse.go +++ b/extensions/thumbnails/pkg/config/parser/parse.go @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { - if cfg.TransferSecret == "" { + if cfg.Thumbnail.TransferSecret == "" { return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) } diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index eddd2bbd2a4..8840b59c778 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -71,7 +71,7 @@ type Config struct { Registry string `yaml:"registry"` TokenManager *shared.TokenManager `yaml:"token_manager"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` - TransferSecret string `yaml:"transfer_secret"` + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` Runtime Runtime `yaml:"runtime"` Audit *audit.Config `yaml:"audit"` diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index 0f6b6ba198a..f9d0a7c7b71 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -18,7 +18,7 @@ func ParseConfig(cfg *config.Config) error { return err } - EnsureDefaultsAndCommons(cfg) + EnsureDefaults(cfg) // load all env variables relevant to the config in the current context. if err := envdecode.Decode(cfg); err != nil { @@ -28,12 +28,27 @@ func ParseConfig(cfg *config.Config) error { } } + EnsureCommons(cfg) + return Validate(cfg) } -// EnsureDefaultsAndCommons copies applicable parts of the oCIS config into the commons part -// and also ensure that all pointers in the oCIS config (not the extensions configs) are initialized -func EnsureDefaultsAndCommons(cfg *config.Config) { +// EnsureDefaults, ensures that all pointers in the +// oCIS config (not the extensions configs) are initialized +func EnsureDefaults(cfg *config.Config) { + if cfg.Tracing == nil { + cfg.Tracing = &shared.Tracing{} + } + if cfg.Log == nil { + cfg.Log = &shared.Log{} + } + if cfg.TokenManager == nil { + cfg.TokenManager = &shared.TokenManager{} + } +} + +// EnsureCommons copies applicable parts of the oCIS config into the commons part +func EnsureCommons(cfg *config.Config) { // ensure the commons part is initialized if cfg.Commons == nil { cfg.Commons = &shared.Commons{} @@ -49,7 +64,6 @@ func EnsureDefaultsAndCommons(cfg *config.Config) { } } else { cfg.Commons.Log = &shared.Log{} - cfg.Log = &shared.Log{} } // copy tracing to the commons part if set @@ -62,7 +76,6 @@ func EnsureDefaultsAndCommons(cfg *config.Config) { } } else { cfg.Commons.Tracing = &shared.Tracing{} - cfg.Tracing = &shared.Tracing{} } // copy token manager to the commons part if set @@ -70,7 +83,6 @@ func EnsureDefaultsAndCommons(cfg *config.Config) { cfg.Commons.TokenManager = cfg.TokenManager } else { cfg.Commons.TokenManager = &shared.TokenManager{} - cfg.TokenManager = cfg.Commons.TokenManager } // copy machine auth api key to the commons part if set From 20f916ca345707b8fc7eaecb2700a9b511cefeac Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 16:31:40 +0200 Subject: [PATCH 33/59] run `ocis init` in CI --- .drone.star | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/.drone.star b/.drone.star index ff5aad4eaa8..22f342908d5 100644 --- a/.drone.star +++ b/.drone.star @@ -1680,6 +1680,7 @@ def ocisServerWithAccounts(storage, accounts_hash_difficulty = 4, volumes = [], "detach": True, "environment": environment, "commands": [ + "ocis/bin/ocis init --insecure true", "ocis/bin/ocis server", ], "volumes": volumes, @@ -1700,8 +1701,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = user = "0:0" environment = { "OCIS_URL": "https://ocis-server:9200", - "GATEWAY_GRPC_ADDR": "0.0.0.0:9142", - "STORAGE_HOME_DRIVER": "%s" % (storage), + "GATEWAY_GRPC_ADDR": "0.0.0.0:9142", # cs3api-validator needs the cs3api gatway exposed "STORAGE_USERS_DRIVER": "%s" % (storage), "STORAGE_USERS_DRIVER_LOCAL_ROOT": "/srv/app/tmp/ocis/local/root", "STORAGE_USERS_DRIVER_OCIS_ROOT": "/srv/app/tmp/ocis/storage/users", @@ -1712,8 +1712,8 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "IDP_IDENTIFIER_REGISTRATION_CONF": "/drone/src/tests/config/drone/identifier-registration.yml", "OCIS_LOG_LEVEL": "error", "SETTINGS_DATA_PATH": "/srv/app/tmp/ocis/settings", - "OCIS_INSECURE": "true", "IDM_CREATE_DEMO_USERS": True, + "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` } wait_for_ocis = { "name": "wait-for-ocis-server", @@ -1782,24 +1782,16 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "SHARING_USER_SQL_HOST": "oc10-db", "SHARING_USER_SQL_PORT": 3306, "SHARING_USER_SQL_NAME": "owncloud", - # ownCloud storage readonly - # TODO: conflict with OWNCLOUDSQL -> https://github.com/owncloud/ocis/issues/2303 - "OCIS_STORAGE_READ_ONLY": "false", # General oCIS config # OCIS_RUN_EXTENSIONS specifies to start all extensions except glauth, idp and accounts. These are replaced by external services "OCIS_RUN_EXTENSIONS": "settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,nats,ocdav", "OCIS_LOG_LEVEL": "info", "OCIS_URL": OCIS_URL, - "PROXY_TLS": "true", "OCIS_BASE_DATA_PATH": "/mnt/data/ocis", "OCIS_CONFIG_DIR": "/etc/ocis", - # change default secrets - "OCIS_JWT_SECRET": "Pive-Fumkiu4", - "STORAGE_TRANSFER_SECRET": "replace-me-with-a-transfer-secret", - "OCIS_MACHINE_AUTH_API_KEY": "change-me-please", - "OCIS_INSECURE": "true", "PROXY_ENABLE_BASIC_AUTH": "true", "IDM_CREATE_DEMO_USERS": True, + "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` } wait_for_ocis = { "name": "wait-for-ocis-server", @@ -1825,6 +1817,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "environment": environment, "user": user, "commands": [ + "ocis/bin/ocis init --insecure true", "ocis/bin/ocis server", ], "volumes": volumes, From 9860f798bf8c9711dfdbffcdbb9ac58778c6b90d Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 16:40:22 +0200 Subject: [PATCH 34/59] revert go.mod changes --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 43f90296c28..1d2dd308ec7 100644 --- a/go.mod +++ b/go.mod @@ -79,7 +79,6 @@ require ( google.golang.org/grpc v1.46.0 google.golang.org/protobuf v1.28.0 gopkg.in/yaml.v2 v2.4.0 - gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b gotest.tools/v3 v3.1.0 stash.kopano.io/kgol/rndm v1.1.1 ) @@ -268,6 +267,7 @@ require ( gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect + gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect stash.kopano.io/kgol/kcc-go/v5 v5.0.1 // indirect stash.kopano.io/kgol/oidc-go v0.3.2 // indirect ) From 9e31bc0c1b62fa8717eceedc4565134b7a0a31e2 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 16:44:22 +0200 Subject: [PATCH 35/59] revert Web json config struct omitempty tags --- extensions/web/pkg/config/config.go | 30 ++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/extensions/web/pkg/config/config.go b/extensions/web/pkg/config/config.go index 3c403d0bad1..dbc7feee051 100644 --- a/extensions/web/pkg/config/config.go +++ b/extensions/web/pkg/config/config.go @@ -32,22 +32,22 @@ type Asset struct { // WebConfig defines the available web configuration for a dynamically rendered config.json. type WebConfig struct { - Server string `json:"server" yaml:"server" env:"OCIS_URL;WEB_UI_CONFIG_SERVER"` - Theme string `json:"theme" yaml:"theme" env:""` - Version string `json:"version" yaml:"version" env:"WEB_UI_CONFIG_VERSION"` - OpenIDConnect OIDC `json:"openIdConnect" yaml:"oids"` + Server string `json:"server,omitempty" yaml:"server" env:"OCIS_URL;WEB_UI_CONFIG_SERVER"` + Theme string `json:"theme,omitempty" yaml:"theme" env:""` + Version string `json:"version,omitempty" yaml:"version" env:"WEB_UI_CONFIG_VERSION"` + OpenIDConnect OIDC `json:"openIdConnect,omitempty" yaml:"oids"` Apps []string `json:"apps" yaml:"apps"` - ExternalApps []ExternalApp `json:"external_apps" yaml:"external_apps"` - Options map[string]interface{} `json:"options" yaml:"options"` + ExternalApps []ExternalApp `json:"external_apps,omitempty" yaml:"external_apps"` + Options map[string]interface{} `json:"options,omitempty" yaml:"options"` } // OIDC defines the available oidc configuration type OIDC struct { - MetadataURL string `json:"metadata_url" yaml:"metadata_url" env:"WEB_OIDC_METADATA_URL"` - Authority string `json:"authority" yaml:"authority" env:"OCIS_URL;WEB_OIDC_AUTHORITY"` - ClientID string `json:"client_id" yaml:"client_id" env:"WEB_OIDC_CLIENT_ID"` - ResponseType string `json:"response_type" yaml:"response_type" env:"WEB_OIDC_RESPONSE_TYPE"` - Scope string `json:"scope" yaml:"scope" env:"WEB_OIDC_SCOPE"` + MetadataURL string `json:"metadata_url,omitempty" yaml:"metadata_url" env:"WEB_OIDC_METADATA_URL"` + Authority string `json:"authority,omitempty" yaml:"authority" env:"OCIS_URL;WEB_OIDC_AUTHORITY"` + ClientID string `json:"client_id,omitempty" yaml:"client_id" env:"WEB_OIDC_CLIENT_ID"` + ResponseType string `json:"response_type,omitempty" yaml:"response_type" env:"WEB_OIDC_RESPONSE_TYPE"` + Scope string `json:"scope,omitempty" yaml:"scope" env:"WEB_OIDC_SCOPE"` } // ExternalApp defines an external web app. @@ -59,15 +59,15 @@ type OIDC struct { // } // } type ExternalApp struct { - ID string `json:"id" yaml:"id"` - Path string `json:"path" yaml:"path"` + ID string `json:"id,omitempty" yaml:"id"` + Path string `json:"path,omitempty" yaml:"path"` // Config is completely dynamic, because it depends on the extension - Config map[string]interface{} `json:"config" yaml:"config"` + Config map[string]interface{} `json:"config,omitempty" yaml:"config"` } // ExternalAppConfig defines an external web app configuration. type ExternalAppConfig struct { - URL string `json:"url" yaml:"url" env:""` + URL string `json:"url,omitempty" yaml:"url" env:""` } // Web defines the available web configuration. From 25254140acfcf8cce7713b728a86139e1d1af851 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 16:47:05 +0200 Subject: [PATCH 36/59] fix .drone.star formatting --- .drone.star | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.drone.star b/.drone.star index 22f342908d5..d13f9e93d96 100644 --- a/.drone.star +++ b/.drone.star @@ -1701,7 +1701,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = user = "0:0" environment = { "OCIS_URL": "https://ocis-server:9200", - "GATEWAY_GRPC_ADDR": "0.0.0.0:9142", # cs3api-validator needs the cs3api gatway exposed + "GATEWAY_GRPC_ADDR": "0.0.0.0:9142", # cs3api-validator needs the cs3api gatway exposed "STORAGE_USERS_DRIVER": "%s" % (storage), "STORAGE_USERS_DRIVER_LOCAL_ROOT": "/srv/app/tmp/ocis/local/root", "STORAGE_USERS_DRIVER_OCIS_ROOT": "/srv/app/tmp/ocis/storage/users", @@ -1713,7 +1713,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "OCIS_LOG_LEVEL": "error", "SETTINGS_DATA_PATH": "/srv/app/tmp/ocis/settings", "IDM_CREATE_DEMO_USERS": True, - "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` + "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` } wait_for_ocis = { "name": "wait-for-ocis-server", @@ -1791,7 +1791,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "OCIS_CONFIG_DIR": "/etc/ocis", "PROXY_ENABLE_BASIC_AUTH": "true", "IDM_CREATE_DEMO_USERS": True, - "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` + "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` } wait_for_ocis = { "name": "wait-for-ocis-server", From e582b609b5712f5069c0761adfdbd06bbcc84ef5 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 17:20:10 +0200 Subject: [PATCH 37/59] fix startup with `ocis init` --- extensions/auth-basic/pkg/config/config.go | 2 +- extensions/group/pkg/config/config.go | 2 +- extensions/idp/pkg/config/defaults/defaultconfig.go | 2 +- extensions/user/pkg/config/config.go | 2 +- ocis/pkg/init/init.go | 12 ++++++------ 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/extensions/auth-basic/pkg/config/config.go b/extensions/auth-basic/pkg/config/config.go index 3357d76b51e..2632ac9b166 100644 --- a/extensions/auth-basic/pkg/config/config.go +++ b/extensions/auth-basic/pkg/config/config.go @@ -64,7 +64,7 @@ type LDAPProvider struct { CACert string `env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"` Insecure bool `env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"` BindDN string `env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` + BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"` UserBaseDN string `env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"` GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"` UserScope string `env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"` diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go index 9588f87672a..415db0255ec 100644 --- a/extensions/group/pkg/config/config.go +++ b/extensions/group/pkg/config/config.go @@ -65,7 +65,7 @@ type LDAPDriver struct { CACert string `env:"LDAP_CACERT;GROUPS_LDAP_CACERT"` Insecure bool `env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"` BindDN string `env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` + BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"` UserBaseDN string `env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"` GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"` UserScope string `env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"` diff --git a/extensions/idp/pkg/config/defaults/defaultconfig.go b/extensions/idp/pkg/config/defaults/defaultconfig.go index 23c9def14c9..8bd508ab1c0 100644 --- a/extensions/idp/pkg/config/defaults/defaultconfig.go +++ b/extensions/idp/pkg/config/defaults/defaultconfig.go @@ -69,7 +69,7 @@ func DefaultConfig() *config.Config { URI: "ldaps://localhost:9235", TLSCACert: path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"), BindDN: "uid=idp,ou=sysusers,o=libregraph-idm", - BindPassword: "idp", + BindPassword: "", BaseDN: "ou=users,o=libregraph-idm", Scope: "sub", LoginAttribute: "uid", diff --git a/extensions/user/pkg/config/config.go b/extensions/user/pkg/config/config.go index d09b7bb4dcc..41cc0ab6e60 100644 --- a/extensions/user/pkg/config/config.go +++ b/extensions/user/pkg/config/config.go @@ -65,7 +65,7 @@ type LDAPDriver struct { CACert string `env:"LDAP_CACERT;USERS_LDAP_CACERT"` Insecure bool `env:"LDAP_INSECURE;USERS_LDAP_INSECURE"` BindDN string `env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"` - BindPassword string `env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` + BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"` UserBaseDN string `env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"` GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"` UserScope string `env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"` diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index 22a7940061c..7aae4e6bd9a 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -33,7 +33,7 @@ type DataProviderInsecureSettings struct { } type LdapSettings struct { - Bindpassword string + Bind_password string } type LdapBasedExtension struct { Ldap LdapSettings @@ -193,34 +193,34 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { }, Idp: LdapBasedExtension{ Ldap: LdapSettings{ - Bindpassword: idpServicePassword, + Bind_password: idpServicePassword, }, }, Auth_basic: AuthbasicExtension{ Auth_providers: LdapBasedExtension{ Ldap: LdapSettings{ - Bindpassword: revaServicePassword, + Bind_password: revaServicePassword, }, }, }, Group: UserAndGroupExtension{ Drivers: LdapBasedExtension{ Ldap: LdapSettings{ - Bindpassword: revaServicePassword, + Bind_password: revaServicePassword, }, }, }, User: UserAndGroupExtension{ Drivers: LdapBasedExtension{ Ldap: LdapSettings{ - Bindpassword: revaServicePassword, + Bind_password: revaServicePassword, }, }, }, Graph: GraphExtension{ Identity: LdapBasedExtension{ Ldap: LdapSettings{ - Bindpassword: idmServicePassword, + Bind_password: idmServicePassword, }, }, }, From afa8ca8246229f9b58450bb564b2a9356dcfb78a Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Thu, 28 Apr 2022 17:38:07 +0200 Subject: [PATCH 38/59] use FullDefaultConfig in example config generator and remove leftover --- docs/helpers/example-config-generator.go.tmpl | 3 +-- .../accounts/cmd/helper/defaultconfig/main.go | 27 ------------------- .../pkg/config/defaults/defaultconfig.go | 7 +++++ 3 files changed, 8 insertions(+), 29 deletions(-) delete mode 100644 extensions/accounts/cmd/helper/defaultconfig/main.go diff --git a/docs/helpers/example-config-generator.go.tmpl b/docs/helpers/example-config-generator.go.tmpl index 6e40721c1ca..1c63e1fd323 100644 --- a/docs/helpers/example-config-generator.go.tmpl +++ b/docs/helpers/example-config-generator.go.tmpl @@ -22,7 +22,7 @@ func main() { {{- range $key, $value := .}} replacer.Replace("{{$value}}"): func() string { fmt.Println("Generating example YAML config for {{ $value -}}") - c := pkg{{$key}}.DefaultConfig() + c := pkg{{$key}}.FullDefaultConfig() pkg{{$key}}.EnsureDefaults(c) pkg{{$key}}.Sanitize(c) yml, err := yaml.Marshal(c) @@ -50,4 +50,3 @@ func main() { } } } - diff --git a/extensions/accounts/cmd/helper/defaultconfig/main.go b/extensions/accounts/cmd/helper/defaultconfig/main.go deleted file mode 100644 index f60d1525d17..00000000000 --- a/extensions/accounts/cmd/helper/defaultconfig/main.go +++ /dev/null @@ -1,27 +0,0 @@ -package main - -import ( - "fmt" - - accountsdefaults "github.com/owncloud/ocis/extensions/accounts/pkg/config/defaults" - idpdefaults "github.com/owncloud/ocis/extensions/idp/pkg/config/defaults" - "gopkg.in/yaml.v2" -) - -func main() { - - fn1 := accountsdefaults.FullDefaultConfig - fn2 := idpdefaults.FullDefaultConfig - - b, err := yaml.Marshal(fn1()) - if err != nil { - return - } - fmt.Println(string(b)) - - b, err = yaml.Marshal(fn2()) - if err != nil { - return - } - fmt.Println(string(b)) -} diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index 61c91de93dd..e5dadbd579a 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -8,6 +8,13 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/defaults" ) +func FullDefaultConfig() *config.Config { + cfg := DefaultConfig() + EnsureDefaults(cfg) + Sanitize(cfg) + return cfg +} + func DefaultConfig() *config.Config { return &config.Config{ Debug: config.Debug{ From 703a333ff0f1319bfcc1e0f3d835fe92a063cc54 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 08:07:52 +0200 Subject: [PATCH 39/59] fix settings machine auth api key --- extensions/settings/pkg/config/defaults/defaultconfig.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/extensions/settings/pkg/config/defaults/defaultconfig.go b/extensions/settings/pkg/config/defaults/defaultconfig.go index a1eeb3c9a93..c787af7bd36 100644 --- a/extensions/settings/pkg/config/defaults/defaultconfig.go +++ b/extensions/settings/pkg/config/defaults/defaultconfig.go @@ -91,7 +91,7 @@ func EnsureDefaults(cfg *config.Config) { } if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { - cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + cfg.Metadata.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey } } From 293dbac7b3e54402dd6f55b3170b23ae6d28b917 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 08:28:04 +0200 Subject: [PATCH 40/59] remove underscores from variable names and use yaml tags instead --- ocis/pkg/init/init.go | 104 +++++++++++++++++++++++------------------- 1 file changed, 58 insertions(+), 46 deletions(-) diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index 7aae4e6bd9a..e148fb53bf8 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -17,7 +17,7 @@ const configFilename string = "ocis.yaml" // TODO: use also a constant for readi const passwordLength int = 32 type TokenManager struct { - JWT_Secret string + JWTSecret string `yaml:"jwt_secret"` } type InsecureExtension struct { @@ -45,29 +45,29 @@ type GraphExtension struct { } type ServiceUserPasswordsSettings struct { - Admin_password string - Idm_password string - Reva_password string - Idp_password string + AdminPassword string `yaml:"admin_password"` + IdmPassword string `yaml:"idm_password"` + RevaPassword string `yaml:"reva_password"` + IdpPassword string `yaml:"idp_password"` } type IdmExtension struct { - Service_user_Passwords ServiceUserPasswordsSettings + ServiceUserPasswords ServiceUserPasswordsSettings `yaml:"service_user_passwords"` } type FrontendExtension struct { - Archiver InsecureExtension - App_provider InsecureExtension + Archiver InsecureExtension + AppProvider InsecureExtension `yaml:"app_provider"` } type AuthbasicExtension struct { - Auth_providers LdapBasedExtension + AuthProviders LdapBasedExtension `yaml:"auth_providers"` } type AuthProviderSettings struct { Oidc InsecureExtension } type AuthbearerExtension struct { - Auth_providers AuthProviderSettings + AuthProviders AuthProviderSettings `yaml:"auth_providers"` } type UserAndGroupExtension struct { @@ -75,31 +75,43 @@ type UserAndGroupExtension struct { } type ThumbnailSettings struct { - Webdav_allow_insecure bool - Cs3_allow_insecure bool + WebdavAllowInsecure bool `yaml:"webdav_allow_insecure"` + Cs3AllowInsecure bool `yaml:"cs3_allow_insecure"` } type ThumbNailExtension struct { Thumbnail ThumbnailSettings } +// TODO: use the oCIS config struct instead of this custom struct +// We can't use it right now, because it would need "omitempty" on +// all elements, in order to produce a slim config file with `ocis init`. +// We can't just add these "omitempty" tags, since we want to generate +// full example configuration files with that struct, too. +// Proposed solution to get rid of this temporary solution: +// - use the oCIS config struct +// - set the needed values like below +// - marshal it to yaml +// - unmarshal it into yaml.Node +// - recurse through the nodes and delete empty / default ones +// - marshal it to yaml type OcisConfig struct { - Token_manager TokenManager - Machine_auth_api_key string - Transfer_secret string - Graph GraphExtension - Idp LdapBasedExtension - Idm IdmExtension - Proxy InsecureProxyExtension - Frontend FrontendExtension - Auth_basic AuthbasicExtension - Auth_bearer AuthbearerExtension - User UserAndGroupExtension - Group UserAndGroupExtension - Storage_metadata DataProviderInsecureSettings - Storage_users DataProviderInsecureSettings - Ocdav InsecureExtension - Thumbnails ThumbNailExtension + TokenManager TokenManager `yaml:"token_manager"` + MachineAuthApiKey string `yaml:"machine_auth_api_key"` + TransferSecret string `yaml:"transfer_secret"` + Graph GraphExtension + Idp LdapBasedExtension + Idm IdmExtension + Proxy InsecureProxyExtension + Frontend FrontendExtension + AuthBasic AuthbasicExtension `yaml:"auth_basic"` + AuthBearer AuthbearerExtension `yaml:"auth_bearer"` + User UserAndGroupExtension + Group UserAndGroupExtension + StorageMetadata DataProviderInsecureSettings `yaml:"storage_metadata"` + StorageUsers DataProviderInsecureSettings `yaml:"storage_users"` + Ocdav InsecureExtension + Thumbnails ThumbNailExtension } func checkConfigPath(configPath string) error { @@ -178,17 +190,17 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { } cfg := OcisConfig{ - Token_manager: TokenManager{ - JWT_Secret: tokenManagerJwtSecret, + TokenManager: TokenManager{ + JWTSecret: tokenManagerJwtSecret, }, - Machine_auth_api_key: machineAuthApiKey, - Transfer_secret: revaTransferSecret, + MachineAuthApiKey: machineAuthApiKey, + TransferSecret: revaTransferSecret, Idm: IdmExtension{ - Service_user_Passwords: ServiceUserPasswordsSettings{ - Admin_password: ocisAdminServicePassword, - Idp_password: idpServicePassword, - Reva_password: revaServicePassword, - Idm_password: idmServicePassword, + ServiceUserPasswords: ServiceUserPasswordsSettings{ + AdminPassword: ocisAdminServicePassword, + IdpPassword: idpServicePassword, + RevaPassword: revaServicePassword, + IdmPassword: idmServicePassword, }, }, Idp: LdapBasedExtension{ @@ -196,8 +208,8 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { Bind_password: idpServicePassword, }, }, - Auth_basic: AuthbasicExtension{ - Auth_providers: LdapBasedExtension{ + AuthBasic: AuthbasicExtension{ + AuthProviders: LdapBasedExtension{ Ldap: LdapSettings{ Bind_password: revaServicePassword, }, @@ -227,15 +239,15 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { } if insecure { - cfg.Auth_bearer = AuthbearerExtension{ - Auth_providers: AuthProviderSettings{ + cfg.AuthBearer = AuthbearerExtension{ + AuthProviders: AuthProviderSettings{ Oidc: InsecureExtension{ Insecure: true, }, }, } cfg.Frontend = FrontendExtension{ - App_provider: InsecureExtension{ + AppProvider: InsecureExtension{ Insecure: true, }, Archiver: InsecureExtension{ @@ -251,16 +263,16 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { cfg.Proxy = InsecureProxyExtension{ Insecure_backends: true, } - cfg.Storage_metadata = DataProviderInsecureSettings{ + cfg.StorageMetadata = DataProviderInsecureSettings{ Data_provider_insecure: true, } - cfg.Storage_users = DataProviderInsecureSettings{ + cfg.StorageUsers = DataProviderInsecureSettings{ Data_provider_insecure: true, } cfg.Thumbnails = ThumbNailExtension{ Thumbnail: ThumbnailSettings{ - Webdav_allow_insecure: true, - Cs3_allow_insecure: true, + WebdavAllowInsecure: true, + Cs3AllowInsecure: true, }, } } From 1c2a67f9b7ee2abfc56e8b72e2089515cc60eda6 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 09:03:34 +0200 Subject: [PATCH 41/59] fix machine auth api key for frontend --- extensions/frontend/pkg/command/command.go | 2 +- extensions/frontend/pkg/config/config.go | 10 +++------- .../frontend/pkg/config/defaults/defaultconfig.go | 5 +++++ 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/extensions/frontend/pkg/command/command.go b/extensions/frontend/pkg/command/command.go index f3fc88c2c1a..7f13a191529 100644 --- a/extensions/frontend/pkg/command/command.go +++ b/extensions/frontend/pkg/command/command.go @@ -207,7 +207,7 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s "resource_info_cache_ttl": cfg.OCS.ResourceInfoCacheTTL, "prefix": cfg.OCS.Prefix, "additional_info_attribute": cfg.OCS.AdditionalInfoAttribute, - "machine_auth_apikey": cfg.AuthMachine.APIKey, + "machine_auth_apikey": cfg.MachineAuthAPIKey, "cache_warmup_driver": cfg.OCS.CacheWarmupDriver, "cache_warmup_drivers": map[string]interface{}{ "cbox": map[string]interface{}{ diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index c358cbd7816..7006febe774 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -16,8 +16,9 @@ type Config struct { TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` - TokenManager *TokenManager `yaml:"token_manager"` - Reva *Reva `yaml:"reva"` + TokenManager *TokenManager `yaml:"token_manager"` + Reva *Reva `yaml:"reva"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;FRONTEND_MACHINE_AUTH_API_KEY"` SkipUserGroupsInToken bool `yaml:"skip_users_groups_in_token"` @@ -33,7 +34,6 @@ type Config struct { AppProvider AppProvider `yaml:"app_provider"` DataGateway DataGateway `yaml:"data_gateway"` OCS OCS `yaml:"ocs"` - AuthMachine AuthMachine `yaml:"auth_machine"` Checksums Checksums `yaml:"checksums"` Middleware Middleware `yaml:"middleware"` @@ -124,10 +124,6 @@ type CBOXDriver struct { Namespace string } -type AuthMachine struct { - APIKey string `env:"OCIS_MACHINE_AUTH_API_KEY"` -} - type Checksums struct { SupportedTypes []string `yaml:"supported_types"` PreferredUploadType string `yaml:"preferred_upload_type"` diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 95256201f23..11f7958f1f3 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -112,6 +112,11 @@ func EnsureDefaults(cfg *config.Config) { if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { cfg.TransferSecret = cfg.Commons.TransferSecret } + + if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" { + cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey + } + } func Sanitize(cfg *config.Config) { From 767845d90a5caf6b236c9fdcef76d3f5dcd669fc Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 29 Apr 2022 09:25:46 +0200 Subject: [PATCH 42/59] fix force overwrite bug Signed-off-by: Christian Richter --- ocis/pkg/init/init.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index e148fb53bf8..61192a56654 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -143,16 +143,15 @@ func backupOcisConfigFile(configPath string) (string, error) { } func CreateConfig(insecure, forceOverwrite bool, configPath string) error { - err := checkConfigPath(configPath) targetBackupConfig := "" + + err := checkConfigPath(configPath) if err != nil && !forceOverwrite { return err - } else if forceOverwrite { + } else if forceOverwrite && err != nil { targetBackupConfig, err = backupOcisConfigFile(configPath) if err != nil { return err - } else { - } } err = os.MkdirAll(configPath, 0700) From 622218ef497a7483188c8ed32d298754ff5a6e5c Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 09:58:01 +0200 Subject: [PATCH 43/59] add changelog --- .bingo/Variables.mk | 2 +- .bingo/variables.env | 2 +- changelog/unreleased/change-ocis-init.md | 10 ++++++++++ 3 files changed, 12 insertions(+), 2 deletions(-) create mode 100644 changelog/unreleased/change-ocis-init.md diff --git a/.bingo/Variables.mk b/.bingo/Variables.mk index cd90d103da6..c3a6f1db5b1 100644 --- a/.bingo/Variables.mk +++ b/.bingo/Variables.mk @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. BINGO_DIR := $(dir $(lastword $(MAKEFILE_LIST))) GOPATH ?= $(shell go env GOPATH) diff --git a/.bingo/variables.env b/.bingo/variables.env index d64a412b023..e19cf5f1dbb 100644 --- a/.bingo/variables.env +++ b/.bingo/variables.env @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. # Those variables will work only until 'bingo get' was invoked, or if tools were installed via Makefile's Variables.mk. GOBIN=${GOBIN:=$(go env GOBIN)} diff --git a/changelog/unreleased/change-ocis-init.md b/changelog/unreleased/change-ocis-init.md new file mode 100644 index 00000000000..a4a81eb3854 --- /dev/null +++ b/changelog/unreleased/change-ocis-init.md @@ -0,0 +1,10 @@ +Change: Introduce `ocis init` and remove all default secrets + +We've removed all default secrets. This means you can't start oCIS any longer +without setting these via environment variable or configuration file. + +In order to make this easy for you, we introduced a new command: `ocis init`. +You can run this command before starting oCIS with `ocis server` and it will +bootstrap you a configuration file for a secure oCIS instance. + +https://github.com/owncloud/ocis/pull/3551 From d86a86a8844f7e732e743f1ede3eb12f4d31c28c Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 10:56:48 +0200 Subject: [PATCH 44/59] update documentation --- .bingo/Variables.mk | 2 +- .bingo/variables.env | 2 +- docs/ocis/deployment/basic-remote-setup.md | 2 ++ docs/ocis/getting-started/_index.md | 14 +++++++++----- docs/ocis/getting-started/demo-users.md | 2 +- 5 files changed, 14 insertions(+), 8 deletions(-) diff --git a/.bingo/Variables.mk b/.bingo/Variables.mk index c3a6f1db5b1..cd90d103da6 100644 --- a/.bingo/Variables.mk +++ b/.bingo/Variables.mk @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. BINGO_DIR := $(dir $(lastword $(MAKEFILE_LIST))) GOPATH ?= $(shell go env GOPATH) diff --git a/.bingo/variables.env b/.bingo/variables.env index e19cf5f1dbb..d64a412b023 100644 --- a/.bingo/variables.env +++ b/.bingo/variables.env @@ -1,4 +1,4 @@ -# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.2. DO NOT EDIT. +# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT. # All tools are designed to be build inside $GOBIN. # Those variables will work only until 'bingo get' was invoked, or if tools were installed via Makefile's Variables.mk. GOBIN=${GOBIN:=$(go env GOBIN)} diff --git a/docs/ocis/deployment/basic-remote-setup.md b/docs/ocis/deployment/basic-remote-setup.md index eaa95ac7025..5dbf2b222c1 100644 --- a/docs/ocis/deployment/basic-remote-setup.md +++ b/docs/ocis/deployment/basic-remote-setup.md @@ -15,6 +15,8 @@ If you need to access oCIS running in a docker container, on a VM or a remote ma ## Start the oCIS fullstack server from binary +Initialize the oCIS configuration by running `./bin/ocis init`. + Upon first start of the oCIS fullstack server with `./bin/ocis server` it will generate a directory tree skeleton in `$HOME/.ocis`. If that is already existing it will not be overwritten as it contains all relevant data for oCIS. In `$HOME/.ocis/idp` is a file `identifier-registration.yaml`. It is used to configure the built-in identity provider and therefore contains the OpenID Connect issuer and also information about relying parties, for example ownCloud Web and our desktop and mobile applications. diff --git a/docs/ocis/getting-started/_index.md b/docs/ocis/getting-started/_index.md index 0838cafdd12..84975ed28f9 100644 --- a/docs/ocis/getting-started/_index.md +++ b/docs/ocis/getting-started/_index.md @@ -42,14 +42,17 @@ curl https://download.owncloud.com/ocis/ocis/stable/1.20.0/ocis-1.20.0-linux-amd # make binary executable chmod +x ocis +# initialize a minimal oCIS configuration +./ocis init + # run with demo users -OCIS_INSECURE=true ACCOUNTS_DEMO_USERS_AND_GROUPS=true ./ocis server +IDM_CREATE_DEMO_USERS=true ./ocis server ``` The default primary storage location is `~/.ocis` or `/var/lib/ocis` depending on the packaging format and your operating system user. You can change that value by configuration. {{< hint info >}} -When you're using oCIS with self-signed certificates, you need to set the environment variable `OCIS_INSECURE=true`, in order to make oCIS work. +When you're using oCIS with self-signed certificates, you need to answer the the question for certificate checking with "yes" or set the environment variable `OCIS_INSECURE=true`, in order to make oCIS work. {{< /hint >}} {{< hint warning >}} @@ -64,7 +67,8 @@ The `latest` tag always reflects the current master branch. ```console docker pull owncloud/ocis -docker run --rm -ti -p 9200:9200 -e OCIS_INSECURE=true -e ACCOUNTS_DEMO_USERS_AND_GROUPS=true owncloud/ocis +docker run --rm -it -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis owncloud/ocis init +docker run --rm -p 9200:9200 -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis -e ACCOUNTS_DEMO_USERS_AND_GROUPS=true owncloud/ocis ``` {{< hint info >}} @@ -72,11 +76,11 @@ When you're using oCIS with self-signed certificates, you need to set the enviro {{< /hint >}} {{< hint warming >}} -When you're creating the [demo users]({{< ref "./demo-users" >}}) by setting `ACCOUNTS_DEMO_USERS_AND_GROUPS=true`, you need to be sure that this instance is not used in production because the passwords are public. +When you're creating the [demo users]({{< ref "./demo-users" >}}) by setting `IDM_CREATE_DEMO_USERS=true`, you need to be sure that this instance is not used in production because the passwords are public. {{< /hint >}} {{< hint warning >}} -In order to persist your data, you need to mount a docker volume or create a host bind-mount at `/var/lib/ocis`, for example with: `-v /some/host/dir:/var/lib/ocis` +We are using named volumes for the oCIS configuration and oCIS data in the above example (`-v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis`). You could instead also use host bind-mounts instead, eg. `-v /some/host/dir:/var/lib/ocis`. You cannot use bind mounts on MacOS, since extended attributes are not supported ([owncloud/ocis#182](https://github.com/owncloud/ocis/issues/182), [moby/moby#1070](https://github.com/moby/moby/issues/1070)). {{< /hint >}} diff --git a/docs/ocis/getting-started/demo-users.md b/docs/ocis/getting-started/demo-users.md index 5eba9483f56..15179f98bd4 100644 --- a/docs/ocis/getting-started/demo-users.md +++ b/docs/ocis/getting-started/demo-users.md @@ -11,7 +11,7 @@ oCIS has the option to create demo users during the first startup. These enable {{< hint info >}} To create the demo users, run the initial setup step with an additional environment variable. -`ACCOUNTS_DEMO_USERS_AND_GROUPS=true ./bin/ocis server` will generate the demo users listed in the table below. By default, it only generates the admin and one user for IDP and Reva respectively. +`IDM_CREATE_DEMO_USERS=true ./bin/ocis server` will generate the demo users listed in the table below. By default, it only generates the admin and one user for IDP and Reva respectively. {{< /hint >}} Following users are available in the demo set: From 72688b3650479fef1f3e9899a49194c89091108e Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 29 Apr 2022 11:15:13 +0200 Subject: [PATCH 45/59] move generic secret errors to shared, fix edgecase in cli flags Signed-off-by: Christian Richter --- .../auth-machine/pkg/config/parser/parse.go | 4 +-- .../frontend/pkg/config/parser/parse.go | 4 +-- extensions/gateway/pkg/config/parser/parse.go | 4 +-- .../notifications/pkg/config/parser/parse.go | 4 +-- extensions/ocs/pkg/config/parser/parse.go | 5 ++-- extensions/proxy/pkg/config/parser/parse.go | 4 +-- extensions/sharing/pkg/config/parser/parse.go | 6 ++-- extensions/storage/pkg/config/parser/parse.go | 4 +-- .../thumbnails/pkg/config/parser/parse.go | 4 +-- ocis-pkg/config/parser/parse.go | 7 ++--- ocis-pkg/shared/errors.go | 28 +++++++++++++++++++ ocis/pkg/command/init.go | 4 +-- 12 files changed, 53 insertions(+), 25 deletions(-) create mode 100644 ocis-pkg/shared/errors.go diff --git a/extensions/auth-machine/pkg/config/parser/parse.go b/extensions/auth-machine/pkg/config/parser/parse.go index feea7ec4111..8b12cb8778f 100644 --- a/extensions/auth-machine/pkg/config/parser/parse.go +++ b/extensions/auth-machine/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/auth-machine/pkg/config" "github.com/owncloud/ocis/extensions/auth-machine/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.AuthProviders.Machine.APIKey == "" { - return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } return nil } diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go index c71a8e58390..ffc09565fdd 100644 --- a/extensions/frontend/pkg/config/parser/parse.go +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/frontend/pkg/config" "github.com/owncloud/ocis/extensions/frontend/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.TransferSecret == "" { - return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingRevaTransferSecretError(cfg.Service.Name) } return nil diff --git a/extensions/gateway/pkg/config/parser/parse.go b/extensions/gateway/pkg/config/parser/parse.go index 2a0a4e069c4..237f3037d62 100644 --- a/extensions/gateway/pkg/config/parser/parse.go +++ b/extensions/gateway/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/gateway/pkg/config" "github.com/owncloud/ocis/extensions/gateway/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.TransferSecret == "" { - return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingRevaTransferSecretError(cfg.Service.Name) } return nil diff --git a/extensions/notifications/pkg/config/parser/parse.go b/extensions/notifications/pkg/config/parser/parse.go index fddb96b24ba..aec69715406 100644 --- a/extensions/notifications/pkg/config/parser/parse.go +++ b/extensions/notifications/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/notifications/pkg/config" "github.com/owncloud/ocis/extensions/notifications/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.Notifications.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } return nil } diff --git a/extensions/ocs/pkg/config/parser/parse.go b/extensions/ocs/pkg/config/parser/parse.go index ce253edd19d..28074ada3c6 100644 --- a/extensions/ocs/pkg/config/parser/parse.go +++ b/extensions/ocs/pkg/config/parser/parse.go @@ -2,11 +2,12 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/ocs/pkg/config" "github.com/owncloud/ocis/extensions/ocs/pkg/config/defaults" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +36,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } return nil } diff --git a/extensions/proxy/pkg/config/parser/parse.go b/extensions/proxy/pkg/config/parser/parse.go index 5f15fb29389..22b96257eac 100644 --- a/extensions/proxy/pkg/config/parser/parse.go +++ b/extensions/proxy/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/proxy/pkg/config" "github.com/owncloud/ocis/extensions/proxy/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -34,7 +34,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } return nil diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go index 84a09cc6d0e..27ccd4657d5 100644 --- a/extensions/sharing/pkg/config/parser/parse.go +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/sharing/pkg/config" "github.com/owncloud/ocis/extensions/sharing/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,11 +35,11 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key for the cs3 public sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key for the cs3 user sharing driver is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } return nil diff --git a/extensions/storage/pkg/config/parser/parse.go b/extensions/storage/pkg/config/parser/parse.go index bf30c761ff9..5cf17d1c402 100644 --- a/extensions/storage/pkg/config/parser/parse.go +++ b/extensions/storage/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -35,7 +35,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.TransferSecret == "" { - return fmt.Errorf("reva transfer secret is not set up properly, bailing out (storage)") + return shared.MissingRevaTransferSecretError(cfg.Service.Name) } return nil } diff --git a/extensions/thumbnails/pkg/config/parser/parse.go b/extensions/thumbnails/pkg/config/parser/parse.go index 625705dd54d..fd2079281be 100644 --- a/extensions/thumbnails/pkg/config/parser/parse.go +++ b/extensions/thumbnails/pkg/config/parser/parse.go @@ -2,11 +2,11 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config" "github.com/owncloud/ocis/extensions/thumbnails/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -36,7 +36,7 @@ func ParseConfig(cfg *config.Config) error { func Validate(cfg *config.Config) error { if cfg.Thumbnail.TransferSecret == "" { - return fmt.Errorf("reva transfer secret is not set up properly, bailing out (%s)", cfg.Service.Name) + return shared.MissingRevaTransferSecretError(cfg.Service.Name) } return nil diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index f9d0a7c7b71..3c4939a23a3 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -2,7 +2,6 @@ package parser import ( "errors" - "fmt" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" @@ -99,15 +98,15 @@ func EnsureCommons(cfg *config.Config) { func Validate(cfg *config.Config) error { if cfg.TokenManager.JWTSecret == "" { - return fmt.Errorf("jwt secret is not set up properly, bailing out (ocis)") + return shared.MissingJWTTokenError("ocis") } if cfg.TransferSecret == "" { - return fmt.Errorf("transfer secret is not set up properly, bailing out (ocis)") + return shared.MissingRevaTransferSecretError("ocis") } if cfg.MachineAuthAPIKey == "" { - return fmt.Errorf("machine auth api key is not set up properly, bailing out (ocis)") + return shared.MissingMachineAuthApiKeyError("ocis") } return nil diff --git a/ocis-pkg/shared/errors.go b/ocis-pkg/shared/errors.go new file mode 100644 index 00000000000..899def9121e --- /dev/null +++ b/ocis-pkg/shared/errors.go @@ -0,0 +1,28 @@ +package shared + +import ( + "fmt" + + "github.com/owncloud/ocis/ocis-pkg/config/defaults" +) + +func MissingMachineAuthApiKeyError(service string) error { + return fmt.Errorf("machine_auth_api_key has not your config for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting OCIS_MACHINE_AUTH_API_KEY).\n", + service, defaults.BaseConfigPath()) +} + +func MissingJWTTokenError(service string) error { + return fmt.Errorf("jwt_secret has not been set properly in your config for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting OCIS_JWT_SECRET).\n", + service, defaults.BaseConfigPath()) +} + +func MissingRevaTransferSecretError(service string) error { + return fmt.Errorf("transfer_secret has not been set properly in your config for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting STORAGE_TRANSFER_SECRET).\n", + service, defaults.BaseConfigPath()) +} diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 24d82821ac9..27f50b03a73 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -41,11 +41,11 @@ func InitCommand(cfg *config.Config) *cli.Command { insecureFlag := c.String("insecure") insecure := false if insecureFlag == "ask" { - answer := strings.ToLower(stringPrompt("Insecure Backends? [Yes|No]")) + answer := strings.ToLower(stringPrompt("Do want to configure oCIS with certificate checking disabled?\n This is not recommended for public instances! [yes | no = default]")) if answer == "yes" || answer == "y" { insecure = true } - } else if insecureFlag == "true" { + } else if insecureFlag == strings.ToLower("true") || insecureFlag == strings.ToLower("yes") || insecureFlag == strings.ToLower("y") { insecure = true } err := ocisinit.CreateConfig(insecure, c.Bool("force-overwrite"), c.String("config-path")) From 7b5d705d6486a639459d8354de0f3b2432e3a9f4 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 11:37:11 +0200 Subject: [PATCH 46/59] add more documentation --- docs/extensions/accounts/tests.md | 16 +++++++++------- docs/extensions/idm/setup.md | 2 +- docs/extensions/settings/tests.md | 16 +++++++++------- docs/ocis/deployment/systemd.md | 6 +++--- docs/ocis/development/testing.md | 15 +++++++++------ docs/ocis/getting-started/_index.md | 6 ++++++ docs/ocis/getting-started/demo-users.md | 16 ++++++++-------- docs/ocis/storage-backends/dcfsnfs.md | 5 ++--- 8 files changed, 47 insertions(+), 35 deletions(-) diff --git a/docs/extensions/accounts/tests.md b/docs/extensions/accounts/tests.md index 07de8e5dc37..5fdb2b54968 100644 --- a/docs/extensions/accounts/tests.md +++ b/docs/extensions/accounts/tests.md @@ -19,9 +19,10 @@ Make sure you've cloned the [web frontend repo](https://github.com/owncloud/web/ {{< hint info >}} For now, an IDP configuration file gets generated once and will fail upon changing the oCIS url as done below. To avoid any clashes, remove this file before starting the tests: -``` +```bash rm ~/.ocis/idp/identifier-registration.yaml ``` + {{< /hint >}} ### In the web repo @@ -30,7 +31,7 @@ rm ~/.ocis/idp/identifier-registration.yaml Install dependencies and bundle the frontend with a watcher by running -``` +```bash yarn && yarn build:w ``` @@ -40,7 +41,7 @@ If you skip the step above, the currently bundled frontend from the oCIS binary Start the necessary acceptance test services by using Docker (Compose): -``` +```bash docker compose up selenium middleware-ocis vnc ``` @@ -50,7 +51,7 @@ docker compose up selenium middleware-ocis vnc Navigate into the accounts service via `cd ../accounts/` and install dependencies and build the bundled accounts UI with a watcher by running -``` +```bash yarn && yarn watch ``` @@ -58,13 +59,14 @@ yarn && yarn watch Navigate into the oCIS directory inside the oCIS repository and build the oCIS binary by running -``` +```bash make clean build ``` Then, start oCIS from the binary via -``` +```bash +./bin/ocis init OCIS_URL=https://host.docker.internal:9200 OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true WEB_UI_CONFIG=../../web/dev/docker/ocis.web.config.json ./bin/ocis server ``` @@ -78,6 +80,6 @@ If you want visual feedback on the test run, visit http://host.docker.internal:6 Navigate into the accounts service via `cd ../accounts/` and start the acceptance tests by running -``` +```bash SERVER_HOST=https://host.docker.internal:9200 BACKEND_HOST=https://host.docker.internal:9200 RUN_ON_OCIS=true NODE_TLS_REJECT_UNAUTHORIZED=0 WEB_PATH=../../web WEB_UI_CONFIG=../../web/tests/drone/config-ocis.json MIDDLEWARE_HOST=http://host.docker.internal:3000 ./ui/tests/run-acceptance-test.sh ./ui/tests/acceptance/features/ ``` diff --git a/docs/extensions/idm/setup.md b/docs/extensions/idm/setup.md index 6d434dd605b..23a486b7e19 100644 --- a/docs/extensions/idm/setup.md +++ b/docs/extensions/idm/setup.md @@ -45,6 +45,6 @@ export STORAGE_LDAP_BIND_DN="uid=reva,ou=sysusers,o=libregraph-idm" export STORAGE_LDAP_BIND_PASSWORD=reva export OCIS_RUN_EXTENSIONS=settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,idp,nats,idm,ocdav export OCIS_INSECURE=true +ocis init bin/ocis server ``` - diff --git a/docs/extensions/settings/tests.md b/docs/extensions/settings/tests.md index 06a4b3fb5f5..b07ae587392 100644 --- a/docs/extensions/settings/tests.md +++ b/docs/extensions/settings/tests.md @@ -19,9 +19,10 @@ Make sure you've cloned the [web frontend repo](https://github.com/owncloud/web/ {{< hint info >}} For now, an IDP configuration file gets generated once and will fail upon changing the oCIS url as done below. To avoid any clashes, remove this file before starting the tests: -``` +```bash rm ~/.ocis/idp/identifier-registration.yaml ``` + {{< /hint >}} ### In the web repo @@ -30,7 +31,7 @@ rm ~/.ocis/idp/identifier-registration.yaml Install dependencies and bundle the frontend with a watcher by running -``` +```bash yarn && yarn build:w ``` @@ -40,7 +41,7 @@ If you skip the step above, the currently bundled frontend from the oCIS binary Start the necessary acceptance test services by using Docker (Compose): -``` +```bash docker compose up selenium middleware-ocis vnc ``` @@ -50,7 +51,7 @@ docker compose up selenium middleware-ocis vnc Navigate into the settings service via `cd ../settings/` and install dependencies and build the bundled settings UI with a watcher by running -``` +```bash yarn && yarn watch ``` @@ -58,13 +59,14 @@ yarn && yarn watch Navigate into the oCIS directory inside the oCIS repository and build the oCIS binary by running -``` +```bash make clean build ``` Then, start oCIS from the binary via -``` +```bash +ocis init OCIS_URL=https://host.docker.internal:9200 OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true WEB_UI_CONFIG=../../web/dev/docker/ocis.web.config.json ./bin/ocis server ``` @@ -78,6 +80,6 @@ If you want visual feedback on the test run, visit http://host.docker.internal:6 Navigate into the settings service via `cd ../settings/` and start the acceptance tests by running -``` +```bash SERVER_HOST=https://host.docker.internal:9200 BACKEND_HOST=https://host.docker.internal:9200 RUN_ON_OCIS=true NODE_TLS_REJECT_UNAUTHORIZED=0 WEB_PATH=../../web WEB_UI_CONFIG=../../web/tests/drone/config-ocis.json MIDDLEWARE_HOST=http://host.docker.internal:3000 ./ui/tests/run-acceptance-test.sh ./ui/tests/acceptance/features/ ``` diff --git a/docs/ocis/deployment/systemd.md b/docs/ocis/deployment/systemd.md index d37d380f404..f475ec22746 100644 --- a/docs/ocis/deployment/systemd.md +++ b/docs/ocis/deployment/systemd.md @@ -39,11 +39,10 @@ WantedBy=multi-user.target For reasons of simplicity we are using the root user and group to run oCIS which is not recommended. Please use a non-root user in production environments and modify the oCIS service definition accordingly. - In the service definition we referenced `/etc/ocis/ocis.env` as our file containing environment variables for the oCIS process. In order to create the file we need first to create the folder `/etc/ocis/` and then we can add the actual `/etc/ocis/ocis.env` with following content: -``` +```bash OCIS_URL=https://some-hostname-or-ip:9200 PROXY_HTTP_ADDR=0.0.0.0:9200 OCIS_INSECURE=false @@ -60,9 +59,10 @@ Please change your `OCIS_URL` in order to reflect your actual deployment. If you oCIS will store all data in `/var/lib/ocis`, because we configured it so by setting `OCIS_BASE_DATA_PATH`. Therefore you need to create that directory and make it accessible to the user, you use to start oCIS. - ## Starting the oCIS service +Initialize the oCIS configuration by running `OCIS_CONFIG_DIR=/etc/ocis ocis init`. + You can enable oCIS now by running `systemctl enable --now ocis`. It will ensure that oCIS also is restarted after a reboot of the host. If you need to restart oCIS because of configuration changes in `/etc/ocis/ocis.env`, run `systemctl restart ocis`. diff --git a/docs/ocis/development/testing.md b/docs/ocis/development/testing.md index 58270b65f1b..1439e67c6c7 100644 --- a/docs/ocis/development/testing.md +++ b/docs/ocis/development/testing.md @@ -89,7 +89,7 @@ We are using the ownCloud 10 acceptance test suite against oCIS. All you need to do to get the acceptance tests is check out the core repo: -``` +```bash git clone https://github.com/owncloud/core.git ``` @@ -97,7 +97,8 @@ git clone https://github.com/owncloud/core.git To start ocis: -``` +```bash +ocis init OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true bin/ocis server ``` @@ -108,12 +109,13 @@ OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true bin/ocis server First we will need to clone the testing app in owncloud which contains the skeleton files required for running the tests. In the ownCloud 10 core clone the testing app with the following command: -``` +```bash git clone https://github.com/owncloud/testing apps/testing ``` Then run the api acceptance tests with the following command from the root of the ownCloud 10 core repository: -``` + +```bash make test-acceptance-api \ TEST_SERVER_URL=https://localhost:9200 \ TEST_OCIS=true \ @@ -153,7 +155,7 @@ If you want to work on a specific issue E.g.: - ``` + ```bash make test-acceptance-api \ TEST_SERVER_URL=https://localhost:9200 \ TEST_OCIS=true \ @@ -174,7 +176,8 @@ If you want to work on a specific issue Instruction on setup is available [here](https://owncloud.dev/ocis/deployment/oc10_ocis_parallel/#local-setup) Edit the `.env` file and uncomment this line: -``` + +```bash COMPOSE_FILE=docker-compose.yml:testing/docker-compose-additions.yml ``` diff --git a/docs/ocis/getting-started/_index.md b/docs/ocis/getting-started/_index.md index 84975ed28f9..288ae771d7f 100644 --- a/docs/ocis/getting-started/_index.md +++ b/docs/ocis/getting-started/_index.md @@ -95,6 +95,12 @@ Open [https://localhost:9200](https://localhost:9200) and [login using one of th The oCIS single binary contains multiple extensions and the `ocis` command helps you to manage them. You already used `ocis server` to run all available extensions in the [Run oCIS]({{< ref "#run-ocis" >}}) section. We now will show you some more management commands, which you may also explore by typing `ocis --help` or going to the [docs]({{< ref "../config" >}}). +To initialize the oCIS configuration: + +{{< highlight txt >}} +ocis init +{{< / highlight >}} + To start oCIS server: {{< highlight txt >}} diff --git a/docs/ocis/getting-started/demo-users.md b/docs/ocis/getting-started/demo-users.md index 15179f98bd4..470a1ed39df 100644 --- a/docs/ocis/getting-started/demo-users.md +++ b/docs/ocis/getting-started/demo-users.md @@ -16,13 +16,13 @@ To create the demo users, run the initial setup step with an additional environm Following users are available in the demo set: -| username | password | email | role | groups | -| --------- | ------------- | --------------------- | ----------- | ----------------------------------------------------------------------- | -| admin | admin | admin@example.org | admin | users | -| einstein | relativity | einstein@example.org | user | users, philosophy-haters, physics-lovers, sailing-lovers, violin-haters | -| marie | radioactivity | marie@example.org | user | users, physics-lovers, polonium-lovers, radium-lovers | -| moss | vista | moss@example.org | admin | users | -| richard | superfluidity | richard@example.org | user | users, philosophy-haters, physics-lovers, quantum-lovers | -| katherine | gemini | katherine@example.org | space admin | users, sailing-lovers, physics-lovers, quantum-lovers | +| username | password | email | role | groups | +| --------- | ----------------------------------------- | --------------------- | ----------- | ----------------------------------------------------------------------- | +| admin | admin or the one generated by `ocis init` | admin@example.org | admin | users | +| einstein | relativity | einstein@example.org | user | users, philosophy-haters, physics-lovers, sailing-lovers, violin-haters | +| marie | radioactivity | marie@example.org | user | users, physics-lovers, polonium-lovers, radium-lovers | +| moss | vista | moss@example.org | admin | users | +| richard | superfluidity | richard@example.org | user | users, philosophy-haters, physics-lovers, quantum-lovers | +| katherine | gemini | katherine@example.org | space admin | users, sailing-lovers, physics-lovers, quantum-lovers | You may also want to run oCIS with only your custom users by [deleting the demo users]({{< ref "../deployment#delete-demo-users" >}}). diff --git a/docs/ocis/storage-backends/dcfsnfs.md b/docs/ocis/storage-backends/dcfsnfs.md index 07e68fbf435..6ef13be37aa 100644 --- a/docs/ocis/storage-backends/dcfsnfs.md +++ b/docs/ocis/storage-backends/dcfsnfs.md @@ -53,12 +53,11 @@ The oCIS server can be instructed to set up the decomposed FS at a certain path The test setup started an oCIS tech preview single binary release using this start command: -``` +```bash +ocis init OCIS_BASE_DATA_PATH=/mnt/ocisdata/ OCIS_LOG_LEVEL=debug OCIS_INSECURE=true PROXY_HTTP_ADDR=0.0.0.0:9200 OCIS_URL=https://hostname:9200 ./ocis-1.18.0-linux-amd64 server ``` This starts oCIS and a decomposed FS skeleton file system structure is set up on the NFS share. The oCIS instance is passing a smoke test. - - From bc6cd9141d767388235c175e34f8baf48408e8b5 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 29 Apr 2022 11:55:56 +0200 Subject: [PATCH 47/59] [WIP] add missing secret checks Signed-off-by: Christian Richter --- extensions/accounts/pkg/config/parser/parse.go | 4 ++++ .../appprovider/pkg/config/defaults/defaultconfig.go | 9 +++++++++ extensions/auth-basic/pkg/config/parser/parse.go | 8 ++++++++ ocis-pkg/shared/errors.go | 7 +++++++ 4 files changed, 28 insertions(+) diff --git a/extensions/accounts/pkg/config/parser/parse.go b/extensions/accounts/pkg/config/parser/parse.go index 514de074f70..69ee34934e7 100644 --- a/extensions/accounts/pkg/config/parser/parse.go +++ b/extensions/accounts/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/accounts/pkg/config" defaults "github.com/owncloud/ocis/extensions/accounts/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,8 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } return nil } diff --git a/extensions/appprovider/pkg/config/defaults/defaultconfig.go b/extensions/appprovider/pkg/config/defaults/defaultconfig.go index c42cfa27efd..978c6d2edb6 100644 --- a/extensions/appprovider/pkg/config/defaults/defaultconfig.go +++ b/extensions/appprovider/pkg/config/defaults/defaultconfig.go @@ -2,6 +2,7 @@ package defaults import ( "github.com/owncloud/ocis/extensions/appprovider/pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" ) func FullDefaultConfig() *config.Config { @@ -80,3 +81,11 @@ func EnsureDefaults(cfg *config.Config) { func Sanitize(cfg *config.Config) { // nothing to sanitize here atm } + +func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + return nil +} diff --git a/extensions/auth-basic/pkg/config/parser/parse.go b/extensions/auth-basic/pkg/config/parser/parse.go index f24e99c95bf..ed21b398710 100644 --- a/extensions/auth-basic/pkg/config/parser/parse.go +++ b/extensions/auth-basic/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/auth-basic/pkg/config" "github.com/owncloud/ocis/extensions/auth-basic/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,12 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + if cfg.AuthProviders.LDAP.BindPassword == "" && cfg.AuthProvider == "ldap" { + return shared.MissingLDAPBindPassword(cfg.Service.Name) + } return nil } diff --git a/ocis-pkg/shared/errors.go b/ocis-pkg/shared/errors.go index 899def9121e..3190edc3ad2 100644 --- a/ocis-pkg/shared/errors.go +++ b/ocis-pkg/shared/errors.go @@ -26,3 +26,10 @@ func MissingRevaTransferSecretError(service string) error { "(e.g. by running ocis init or setting STORAGE_TRANSFER_SECRET).\n", service, defaults.BaseConfigPath()) } + +func MissingLDAPBindPassword(service string) error { + return fmt.Errorf("bind_password has not been set properly in your config for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting LDAP_BIND_PASSWORD).\n", + service, defaults.BaseConfigPath()) +} From 4ff313b0a57f8d860f5725bf4cbb3721e18d5c41 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 13:07:25 +0200 Subject: [PATCH 48/59] check for more secrets need to be set --- extensions/auth-basic/pkg/config/parser/parse.go | 1 + .../auth-bearer/pkg/config/parser/parse.go | 5 +++++ .../auth-machine/pkg/config/parser/parse.go | 4 ++++ extensions/frontend/pkg/config/parser/parse.go | 8 ++++++++ extensions/gateway/pkg/config/parser/parse.go | 4 ++++ extensions/graph/pkg/config/parser/parse.go | 5 +++++ extensions/group/pkg/config/parser/parse.go | 9 +++++++++ extensions/idm/pkg/config/parser/parse.go | 16 ++++++++++++++++ extensions/idp/pkg/config/parser/parse.go | 5 +++++ .../notifications/pkg/config/parser/parse.go | 1 + extensions/ocdav/pkg/config/parser/parse.go | 5 +++++ extensions/ocs/pkg/config/parser/parse.go | 5 +++++ extensions/proxy/pkg/config/parser/parse.go | 4 ++++ extensions/settings/pkg/config/parser/parse.go | 9 +++++++++ extensions/sharing/pkg/config/parser/parse.go | 8 ++++++-- .../storage-metadata/pkg/config/parser/parse.go | 5 +++++ .../pkg/config/parser/parse.go | 5 +++++ .../storage-shares/pkg/config/parser/parse.go | 5 +++++ .../storage-users/pkg/config/parser/parse.go | 5 +++++ extensions/user/pkg/config/parser/parse.go | 9 +++++++++ ocis-pkg/shared/errors.go | 15 +++++++++++---- 21 files changed, 127 insertions(+), 6 deletions(-) diff --git a/extensions/auth-basic/pkg/config/parser/parse.go b/extensions/auth-basic/pkg/config/parser/parse.go index ed21b398710..7f216546c0a 100644 --- a/extensions/auth-basic/pkg/config/parser/parse.go +++ b/extensions/auth-basic/pkg/config/parser/parse.go @@ -41,5 +41,6 @@ func Validate(cfg *config.Config) error { if cfg.AuthProviders.LDAP.BindPassword == "" && cfg.AuthProvider == "ldap" { return shared.MissingLDAPBindPassword(cfg.Service.Name) } + return nil } diff --git a/extensions/auth-bearer/pkg/config/parser/parse.go b/extensions/auth-bearer/pkg/config/parser/parse.go index a521c0bfd7c..b4c0f48077e 100644 --- a/extensions/auth-bearer/pkg/config/parser/parse.go +++ b/extensions/auth-bearer/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config" "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/auth-machine/pkg/config/parser/parse.go b/extensions/auth-machine/pkg/config/parser/parse.go index 8b12cb8778f..49f217ec099 100644 --- a/extensions/auth-machine/pkg/config/parser/parse.go +++ b/extensions/auth-machine/pkg/config/parser/parse.go @@ -34,6 +34,10 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + if cfg.AuthProviders.Machine.APIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go index ffc09565fdd..3608f754a01 100644 --- a/extensions/frontend/pkg/config/parser/parse.go +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -34,9 +34,17 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + if cfg.TransferSecret == "" { return shared.MissingRevaTransferSecretError(cfg.Service.Name) } + if cfg.MachineAuthAPIKey == "" { + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) + } + return nil } diff --git a/extensions/gateway/pkg/config/parser/parse.go b/extensions/gateway/pkg/config/parser/parse.go index 237f3037d62..247b5548966 100644 --- a/extensions/gateway/pkg/config/parser/parse.go +++ b/extensions/gateway/pkg/config/parser/parse.go @@ -34,6 +34,10 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + if cfg.TransferSecret == "" { return shared.MissingRevaTransferSecretError(cfg.Service.Name) } diff --git a/extensions/graph/pkg/config/parser/parse.go b/extensions/graph/pkg/config/parser/parse.go index 7c2505a3f1e..32626ff0fbb 100644 --- a/extensions/graph/pkg/config/parser/parse.go +++ b/extensions/graph/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/graph/pkg/config" "github.com/owncloud/ocis/extensions/graph/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/group/pkg/config/parser/parse.go b/extensions/group/pkg/config/parser/parse.go index fd858020b8a..7f160b6c7b8 100644 --- a/extensions/group/pkg/config/parser/parse.go +++ b/extensions/group/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/group/pkg/config" "github.com/owncloud/ocis/extensions/group/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,13 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + if cfg.Drivers.LDAP.BindPassword == "" && cfg.Driver == "ldap" { + return shared.MissingLDAPBindPassword(cfg.Service.Name) + } + return nil } diff --git a/extensions/idm/pkg/config/parser/parse.go b/extensions/idm/pkg/config/parser/parse.go index be598790dad..dc515b5efa3 100644 --- a/extensions/idm/pkg/config/parser/parse.go +++ b/extensions/idm/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/idm/pkg/config" "github.com/owncloud/ocis/extensions/idm/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -32,5 +33,20 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.ServiceUserPasswords.Idm == "" { + return shared.MissingServiceUserPassword(cfg.Service.Name, "IDM") + } + + if cfg.ServiceUserPasswords.OcisAdmin == "" { + return shared.MissingServiceUserPassword(cfg.Service.Name, "admin") + } + + if cfg.ServiceUserPasswords.Idp == "" { + return shared.MissingServiceUserPassword(cfg.Service.Name, "IDP") + } + if cfg.ServiceUserPasswords.Reva == "" { + return shared.MissingServiceUserPassword(cfg.Service.Name, "REVA") + } + return nil } diff --git a/extensions/idp/pkg/config/parser/parse.go b/extensions/idp/pkg/config/parser/parse.go index e2852767919..f716a9a520e 100644 --- a/extensions/idp/pkg/config/parser/parse.go +++ b/extensions/idp/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/idp/pkg/config" "github.com/owncloud/ocis/extensions/idp/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.Ldap.BindPassword == "" { + return shared.MissingLDAPBindPassword(cfg.Service.Name) + } + return nil } diff --git a/extensions/notifications/pkg/config/parser/parse.go b/extensions/notifications/pkg/config/parser/parse.go index aec69715406..f6ef3f71b1e 100644 --- a/extensions/notifications/pkg/config/parser/parse.go +++ b/extensions/notifications/pkg/config/parser/parse.go @@ -37,5 +37,6 @@ func Validate(cfg *config.Config) error { if cfg.Notifications.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } + return nil } diff --git a/extensions/ocdav/pkg/config/parser/parse.go b/extensions/ocdav/pkg/config/parser/parse.go index 028d237a31c..075f66e1c6c 100644 --- a/extensions/ocdav/pkg/config/parser/parse.go +++ b/extensions/ocdav/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/ocdav/pkg/config" "github.com/owncloud/ocis/extensions/ocdav/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/ocs/pkg/config/parser/parse.go b/extensions/ocs/pkg/config/parser/parse.go index 28074ada3c6..02bd765b89f 100644 --- a/extensions/ocs/pkg/config/parser/parse.go +++ b/extensions/ocs/pkg/config/parser/parse.go @@ -35,8 +35,13 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + if cfg.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } + return nil } diff --git a/extensions/proxy/pkg/config/parser/parse.go b/extensions/proxy/pkg/config/parser/parse.go index 22b96257eac..b82480cbd6c 100644 --- a/extensions/proxy/pkg/config/parser/parse.go +++ b/extensions/proxy/pkg/config/parser/parse.go @@ -33,6 +33,10 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + if cfg.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } diff --git a/extensions/settings/pkg/config/parser/parse.go b/extensions/settings/pkg/config/parser/parse.go index 5d8310430cf..d10e1bc119e 100644 --- a/extensions/settings/pkg/config/parser/parse.go +++ b/extensions/settings/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/settings/pkg/config" "github.com/owncloud/ocis/extensions/settings/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -32,5 +33,13 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + if cfg.Metadata.MachineAuthAPIKey == "" { + return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) + } + return nil } diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go index 27ccd4657d5..3954a46bead 100644 --- a/extensions/sharing/pkg/config/parser/parse.go +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -34,11 +34,15 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { - if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + if cfg.PublicSharingDriver == "cs3" && cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } - if cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { + if cfg.UserSharingDriver == "cs3" && cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" { return shared.MissingMachineAuthApiKeyError(cfg.Service.Name) } diff --git a/extensions/storage-metadata/pkg/config/parser/parse.go b/extensions/storage-metadata/pkg/config/parser/parse.go index ca0d96dbb37..bc540e2c706 100644 --- a/extensions/storage-metadata/pkg/config/parser/parse.go +++ b/extensions/storage-metadata/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/storage-publiclink/pkg/config/parser/parse.go b/extensions/storage-publiclink/pkg/config/parser/parse.go index 0379145f737..61f8ee0332e 100644 --- a/extensions/storage-publiclink/pkg/config/parser/parse.go +++ b/extensions/storage-publiclink/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config" "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/storage-shares/pkg/config/parser/parse.go b/extensions/storage-shares/pkg/config/parser/parse.go index bda808cb639..87aa3438545 100644 --- a/extensions/storage-shares/pkg/config/parser/parse.go +++ b/extensions/storage-shares/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/storage-shares/pkg/config" "github.com/owncloud/ocis/extensions/storage-shares/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/storage-users/pkg/config/parser/parse.go b/extensions/storage-users/pkg/config/parser/parse.go index 55658def294..2e034ed070d 100644 --- a/extensions/storage-users/pkg/config/parser/parse.go +++ b/extensions/storage-users/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/storage-users/pkg/config" "github.com/owncloud/ocis/extensions/storage-users/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/user/pkg/config/parser/parse.go b/extensions/user/pkg/config/parser/parse.go index e2e6ad69ed8..0a13964f92e 100644 --- a/extensions/user/pkg/config/parser/parse.go +++ b/extensions/user/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/user/pkg/config" "github.com/owncloud/ocis/extensions/user/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,13 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + + if cfg.Driver == "ldap" && cfg.Drivers.LDAP.BindPassword == "" { + return shared.MissingLDAPBindPassword(cfg.Service.Name) + } + return nil } diff --git a/ocis-pkg/shared/errors.go b/ocis-pkg/shared/errors.go index 3190edc3ad2..de99c6bfbf7 100644 --- a/ocis-pkg/shared/errors.go +++ b/ocis-pkg/shared/errors.go @@ -9,27 +9,34 @@ import ( func MissingMachineAuthApiKeyError(service string) error { return fmt.Errorf("machine_auth_api_key has not your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting OCIS_MACHINE_AUTH_API_KEY).\n", + "(e.g. by running ocis init or setting OCIS_MACHINE_AUTH_API_KEY)", service, defaults.BaseConfigPath()) } func MissingJWTTokenError(service string) error { return fmt.Errorf("jwt_secret has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting OCIS_JWT_SECRET).\n", + "(e.g. by running ocis init or setting OCIS_JWT_SECRET)", service, defaults.BaseConfigPath()) } func MissingRevaTransferSecretError(service string) error { return fmt.Errorf("transfer_secret has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting STORAGE_TRANSFER_SECRET).\n", + "(e.g. by running ocis init or setting STORAGE_TRANSFER_SECRET)", service, defaults.BaseConfigPath()) } func MissingLDAPBindPassword(service string) error { return fmt.Errorf("bind_password has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting LDAP_BIND_PASSWORD).\n", + "(e.g. by running ocis init or setting LDAP_BIND_PASSWORD)", service, defaults.BaseConfigPath()) } + +func MissingServiceUserPassword(service, serviceUser string) error { + return fmt.Errorf("password of service user %s has not been set properly in your config for %s. "+ + "Make sure your %s config contains the proper values "+ + "(e.g. by running ocis init or setting it via environment variable)", + serviceUser, service, defaults.BaseConfigPath()) +} From 1b68e8589c2c6ca9fc0280f58b7d0e9a2e089f2b Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 13:18:49 +0200 Subject: [PATCH 49/59] simplify secure an ocis instance section --- docs/ocis/deployment/_index.md | 37 ++----------------- docs/ocis/deployment/basic-remote-setup.md | 4 -- docs/ocis/deployment/oc10_ocis_parallel.md | 2 - docs/ocis/deployment/ocis_hello.md | 2 - .../deployment/ocis_individual_services.md | 2 - docs/ocis/deployment/ocis_keycloak.md | 2 - docs/ocis/deployment/ocis_ldap.md | 2 - docs/ocis/deployment/ocis_s3.md | 2 - docs/ocis/deployment/ocis_traefik.md | 2 - docs/ocis/deployment/ocis_wopi.md | 2 - 10 files changed, 3 insertions(+), 54 deletions(-) diff --git a/docs/ocis/deployment/_index.md b/docs/ocis/deployment/_index.md index e3fc175fda4..7da501f392b 100644 --- a/docs/ocis/deployment/_index.md +++ b/docs/ocis/deployment/_index.md @@ -27,38 +27,7 @@ oCIS deployments are super simple, yet there are many configurations possible fo ## Secure an oCIS instance -### Change default secrets -oCIS uses two system users which are needed for being operational: -- Reva Inter Operability Platform (bc596f3c-c955-4328-80a0-60d018b4ad57) -- Kopano IDP (820ba2a1-3f54-4538-80a4-2d73007e30bf) +oCIS no longer has any default secrets in versions later than oCIS 1.20.0. Therefore you're no +longer able to start oCIS without generating / setting all needed secrets. -Both have simple default passwords which need to be changed. Currently, changing a password is only possible on the command line. You need to run `ocis accounts update --password ` for both users. - -The new password for the Reva Inter Operability Platform user must be made available to oCIS by using the environment variable `STORAGE_LDAP_BIND_PASSWORD`. The same applies to the new Kopano IDP user password, which needs to be made available to oCIS in `IDP_LDAP_BIND_PASSWORD`. - -Furthermore, oCIS uses a shared secret to sign JWT tokens for inter service authorization, which also needs to be changed by the user. -You can change it by setting the `OCIS_JWT_SECRET` environment variable for oCIS to a random string. - -Another is used secret for singing JWT tokens for uploads and downloads, which also needs to be changed by the user. -You can change it by setting the `STORAGE_TRANSFER_SECRET` environment variable for oCIS to a random string. - -One more secret is used for machine auth, so that external applications can authenticate with an API key. -You can change it by setting the `OCIS_MACHINE_AUTH_API_KEY` environment variable for oCIS to a random string. - -### Delete demo users - -{{< hint info >}} -Before deleting the demo users mentioned below, you must create a new account for yourself and assign it to the administrator role. - -By default, oCIS doesn't create any demo users. During the first startup, it generates only the admin and one user for IDP and Reva respectively. -{{< /hint >}} - -oCIS ships with a few demo users besides the system users: -- Admin (ddc2004c-0977-11eb-9d3f-a793888cd0f8) -- Albert Einstein (4c510ada-c86b-4815-8820-42cdf82c3d51) -- Richard Feynman (932b4540-8d16-481e-8ef4-588e4b6b151c) -- Maurice Moss (058bff95-6708-4fe5-91e4-9ea3d377588b) -- Marie Curie (f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c) - -You can view them in ownCloud Web if you log in as Admin user or list them by running `ocis accounts list`. -After adding your own user it is safe to delete the demo users in the web UI or with the command `ocis accounts remove `. Please do not delete the system users (see [change default secrets]({{< ref "./#change-default-secrets" >}})) or oCIS will not function properly anymore. +The recommended way is to use `ocis init` for that. It will generate a secure config file for you. diff --git a/docs/ocis/deployment/basic-remote-setup.md b/docs/ocis/deployment/basic-remote-setup.md index 5dbf2b222c1..461cb5b4b5a 100644 --- a/docs/ocis/deployment/basic-remote-setup.md +++ b/docs/ocis/deployment/basic-remote-setup.md @@ -25,10 +25,6 @@ In `$HOME/.ocis/idp` is a file `identifier-registration.yaml`. It is used to con The `identifier-registration.yaml` file will only be generated if it does not exist yet. If you want to change certain environment variables like `OCIS_URL`, please delete this file first before doing so. Otherwise your changes will not be applied correctly and you will run into errors. {{< /hint >}} -{{< hint warning >}} -oCIS is currently in a Tech Preview state and is shipped with demo users. In order to secure your oCIS instances please follow following guide: [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}) -{{< /hint >}} - For the following examples you need to have the oCIS binary in your current working directory, we assume it is named `ocis` and it needs to be marked as executable. See [Getting Started]({{< ref "../getting-started/#binaries" >}}) for where to get the binary from. ### Using automatically generated certificates diff --git a/docs/ocis/deployment/oc10_ocis_parallel.md b/docs/ocis/deployment/oc10_ocis_parallel.md index d5ff6e72e4b..d87f233ae57 100644 --- a/docs/ocis/deployment/oc10_ocis_parallel.md +++ b/docs/ocis/deployment/oc10_ocis_parallel.md @@ -122,8 +122,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oC10 and oCIS frontend in `CLOUD_DOMAIN=`, e.g. `CLOUD_DOMAIN=cloud.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - By default ownCloud 10 will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OC10_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). You can switch the default application of ownCloud 10 by setting`OWNCLOUD_DEFAULT_APP=files` in oder to have the classic UI as frontend, which is also the default. If you prefer ownCloud Web as the default application in ownCloud 10 just set `OWNCLOUD_DEFAULT_APP=web`. diff --git a/docs/ocis/deployment/ocis_hello.md b/docs/ocis/deployment/ocis_hello.md index afc6e441c11..312939a73a2 100644 --- a/docs/ocis/deployment/ocis_hello.md +++ b/docs/ocis/deployment/ocis_hello.md @@ -95,8 +95,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - By default the oCIS Hello extension will be started in the `latest` version. If you want to start a specific version of oCIS Hello set the version to `OCIS_HELLO_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis-hello/tags?page=1&ordering=last_updated). Now you have configured everything and can save the file. diff --git a/docs/ocis/deployment/ocis_individual_services.md b/docs/ocis/deployment/ocis_individual_services.md index ab2bebe9b34..718e5291a42 100644 --- a/docs/ocis/deployment/ocis_individual_services.md +++ b/docs/ocis/deployment/ocis_individual_services.md @@ -91,8 +91,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - You also can run more than one instance of the service by setting `OCIS_SCALE` to number greater than one. Now you have configured everything and can save the file. diff --git a/docs/ocis/deployment/ocis_keycloak.md b/docs/ocis/deployment/ocis_keycloak.md index 7495f661f5a..5708569e2a3 100644 --- a/docs/ocis/deployment/ocis_keycloak.md +++ b/docs/ocis/deployment/ocis_keycloak.md @@ -108,8 +108,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) If you want to change the OIDC client id of th ownCloud Web frontend, you can do this by setting the name to `OCIS_OIDC_CLIENT_ID=`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - Set your domain for the Keycloak administration panel and authentication endpoints to `KEYCLOAK_DOMAIN=` e.g. `KEYCLOAK_DOMAIN=keycloak.owncloud.test`. Changing the used Keycloak realm can be done by setting `KEYCLOAK_REALM=`. This defaults to the oCIS realm `KEYCLOAK_REALM=oCIS`. The oCIS realm will be automatically imported on startup and includes our demo users. diff --git a/docs/ocis/deployment/ocis_ldap.md b/docs/ocis/deployment/ocis_ldap.md index 7b0bea33546..8ec958451aa 100644 --- a/docs/ocis/deployment/ocis_ldap.md +++ b/docs/ocis/deployment/ocis_ldap.md @@ -93,8 +93,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=cloud.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - The OpenLDAP server in this example deployment has an admin users, which is also used as bind user in order to keep these examples simple. You can change the default password "admin" to a different one by setting it to `LDAP_ADMIN_PASSWORD=...`. Set your domain for the LDAP manager UI in `LDAP_MANAGER_DOMAIN=`, e.g. `ldap.owncloud.test`. diff --git a/docs/ocis/deployment/ocis_s3.md b/docs/ocis/deployment/ocis_s3.md index d98617aee62..38c2d9ddf2d 100644 --- a/docs/ocis/deployment/ocis_s3.md +++ b/docs/ocis/deployment/ocis_s3.md @@ -104,8 +104,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - Set your domain for the MinIO frontend in `MINIO_DOMAIN=`, e.g. `MINIO_DOMAIN=minio.owncloud.test`. If you are using other S3-compatible providers you need to configure the respective endpoint here. If you like you can change the default name of the S3 bucket by setting `MINIO_BUCKET=` to a different value. diff --git a/docs/ocis/deployment/ocis_traefik.md b/docs/ocis/deployment/ocis_traefik.md index a672577e2c4..ee6851d108c 100644 --- a/docs/ocis/deployment/ocis_traefik.md +++ b/docs/ocis/deployment/ocis_traefik.md @@ -88,8 +88,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - Now you have configured everything and can save the file. * Start the docker stack diff --git a/docs/ocis/deployment/ocis_wopi.md b/docs/ocis/deployment/ocis_wopi.md index 10c5fd04d3c..99f9713918e 100644 --- a/docs/ocis/deployment/ocis_wopi.md +++ b/docs/ocis/deployment/ocis_wopi.md @@ -130,8 +130,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - By default the CS3Org WOPI server will also be started in the `latest` version. If you want to start a specific version of it, you can set the version to `WOPISERVER_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/cs3org/wopiserver/tags?page=1&ordering=last_updated). Set your domain for the CS3Org WOPI server in `WOPISERVER_DOMAIN=`, where all office suites can download the files via the WOPI protocol. From 59c96413d9ddc6755a2a902d18b9423635a00c3d Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 29 Apr 2022 13:45:12 +0200 Subject: [PATCH 50/59] beautify error messages Signed-off-by: Christian Richter --- ocis-pkg/shared/errors.go | 17 +++++++++++------ ocis/pkg/init/init.go | 2 +- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/ocis-pkg/shared/errors.go b/ocis-pkg/shared/errors.go index de99c6bfbf7..bb4b5f4ec79 100644 --- a/ocis-pkg/shared/errors.go +++ b/ocis-pkg/shared/errors.go @@ -7,36 +7,41 @@ import ( ) func MissingMachineAuthApiKeyError(service string) error { - return fmt.Errorf("machine_auth_api_key has not your config for %s. "+ + return fmt.Errorf("The Machineauth API key has not been configured for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting OCIS_MACHINE_AUTH_API_KEY)", + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", service, defaults.BaseConfigPath()) } func MissingJWTTokenError(service string) error { return fmt.Errorf("jwt_secret has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting OCIS_JWT_SECRET)", + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", service, defaults.BaseConfigPath()) } func MissingRevaTransferSecretError(service string) error { return fmt.Errorf("transfer_secret has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting STORAGE_TRANSFER_SECRET)", + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", service, defaults.BaseConfigPath()) } func MissingLDAPBindPassword(service string) error { return fmt.Errorf("bind_password has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting LDAP_BIND_PASSWORD)", + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", service, defaults.BaseConfigPath()) } func MissingServiceUserPassword(service, serviceUser string) error { return fmt.Errorf("password of service user %s has not been set properly in your config for %s. "+ "Make sure your %s config contains the proper values "+ - "(e.g. by running ocis init or setting it via environment variable)", + "(e.g. by running ocis init or setting it manually in "+ + "the config/corresponding environment variable).", serviceUser, service, defaults.BaseConfigPath()) } diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index 61192a56654..cd6c968f8e6 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -286,7 +286,7 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { return err } fmt.Printf( - "\n\n=========================================\n"+ + "\n=========================================\n"+ " generated OCIS Config\n"+ "=========================================\n"+ " configpath : %s\n"+ From c47e43318a03700370b487ff0893b7aae87cb94e Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Fri, 29 Apr 2022 14:15:48 +0200 Subject: [PATCH 51/59] allow override of admin password wit ocis init Signed-off-by: Christian Richter --- ocis/pkg/command/init.go | 12 ++++++++++-- ocis/pkg/init/init.go | 12 ++++++++---- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 27f50b03a73..ecbcb27412b 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -24,17 +24,25 @@ func InitCommand(cfg *config.Config) *cli.Command { Name: "insecure", EnvVars: []string{"OCIS_INSECURE"}, Value: "ask", + Usage: "Allow insecure oCIS config", }, &cli.BoolFlag{ Name: "force-overwrite", Aliases: []string{"f"}, EnvVars: []string{"OCIS_FORCE_CONFIG_OVERWRITE"}, Value: false, + Usage: "Force overwrite existing config file", }, &cli.StringFlag{ Name: "config-path", Value: defaults.BaseConfigPath(), - Usage: "config path for the ocis runtime", + Usage: "Config path for the ocis runtime", + }, + &cli.StringFlag{ + Name: "admin-password", + Aliases: []string{"ap"}, + EnvVars: []string{"ADMIN_PASSWORD"}, + Usage: "Set admin password instead of using a random gnerated one", }, }, Action: func(c *cli.Context) error { @@ -48,7 +56,7 @@ func InitCommand(cfg *config.Config) *cli.Command { } else if insecureFlag == strings.ToLower("true") || insecureFlag == strings.ToLower("yes") || insecureFlag == strings.ToLower("y") { insecure = true } - err := ocisinit.CreateConfig(insecure, c.Bool("force-overwrite"), c.String("config-path")) + err := ocisinit.CreateConfig(insecure, c.Bool("force-overwrite"), c.String("config-path"), c.String("admin-password")) if err != nil { log.Fatalf("Could not create config: %s", err) } diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index cd6c968f8e6..e2d4b0f60c2 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -142,7 +142,7 @@ func backupOcisConfigFile(configPath string) (string, error) { return targetBackupConfig, nil } -func CreateConfig(insecure, forceOverwrite bool, configPath string) error { +func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword string) error { targetBackupConfig := "" err := checkConfigPath(configPath) @@ -167,10 +167,14 @@ func CreateConfig(insecure, forceOverwrite bool, configPath string) error { if err != nil { return fmt.Errorf("could not generate random password for idp: %s", err) } - ocisAdminServicePassword, err := generators.GenerateRandomPassword(passwordLength) - if err != nil { - return fmt.Errorf("could not generate random password for ocis admin: %s", err) + ocisAdminServicePassword := adminPassword + if ocisAdminServicePassword == "" { + ocisAdminServicePassword, err = generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for ocis admin: %s", err) + } } + revaServicePassword, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("could not generate random password for reva: %s", err) From d0506cf048009d9113053a11d09bbe9e01663c0c Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 14:17:57 +0200 Subject: [PATCH 52/59] fix the traefik deployment example --- deployments/examples/ocis_traefik/.env | 19 ++++----------- .../config/ocis/entrypoint-override.sh | 23 ++----------------- .../examples/ocis_traefik/docker-compose.yml | 12 ++++------ 3 files changed, 12 insertions(+), 42 deletions(-) diff --git a/deployments/examples/ocis_traefik/.env b/deployments/examples/ocis_traefik/.env index f75e2d5fb90..478247e879c 100644 --- a/deployments/examples/ocis_traefik/.env +++ b/deployments/examples/ocis_traefik/.env @@ -2,10 +2,6 @@ # It skips certificate validation for various parts of oCIS and is needed if you use self signed certificates. INSECURE=true -# The demo users should not be created on a production instance -# because their passwords are public -DEMO_USERS=true - ### Traefik settings ### # Serve Traefik dashboard. Defaults to "false". TRAEFIK_DASHBOARD= @@ -21,16 +17,11 @@ TRAEFIK_ACME_MAIL= OCIS_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test" OCIS_DOMAIN= -# IDP LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "idp". -IDP_LDAP_BIND_PASSWORD= -# Storage LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "reva". -STORAGE_LDAP_BIND_PASSWORD= -# JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4" -OCIS_JWT_SECRET= -# JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret" -STORAGE_TRANSFER_SECRET= -# Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please" -OCIS_MACHINE_AUTH_API_KEY= +# oCIS admin user password. Defaults to "admin". +ADMIN_PASSWORD= +# The demo users should not be created on a production instance +# because their passwords are public. Defaults to "false". +DEMO_USERS= # If you want to use debugging and tracing with this stack, # you need uncomment following line. Please see documentation at diff --git a/deployments/examples/ocis_traefik/config/ocis/entrypoint-override.sh b/deployments/examples/ocis_traefik/config/ocis/entrypoint-override.sh index c1f96fae4ef..b5befa04aab 100644 --- a/deployments/examples/ocis_traefik/config/ocis/entrypoint-override.sh +++ b/deployments/examples/ocis_traefik/config/ocis/entrypoint-override.sh @@ -1,24 +1,5 @@ #!/bin/sh - set -e -ocis server& -sleep 10 - -echo "##################################################" -echo "change default secrets:" - -# IDP -IDP_USER_UUID=$(ocis accounts list | grep "| Kopano IDP " | egrep '[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}' -o) -echo " IDP user UUID: $IDP_USER_UUID" -ocis accounts update --password $IDP_LDAP_BIND_PASSWORD $IDP_USER_UUID - -# REVA -REVA_USER_UUID=$(ocis accounts list | grep " | Reva Inter " | egrep '[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}' -o) -echo " Reva user UUID: $REVA_USER_UUID" -ocis accounts update --password $STORAGE_LDAP_BIND_PASSWORD $REVA_USER_UUID - -echo "default secrets changed" -echo "##################################################" - -wait # wait for oCIS to exit +ocis init || true # will only initialize once +ocis server diff --git a/deployments/examples/ocis_traefik/docker-compose.yml b/deployments/examples/ocis_traefik/docker-compose.yml index 35fc4756cf2..fc1133e5dcc 100644 --- a/deployments/examples/ocis_traefik/docker-compose.yml +++ b/deployments/examples/ocis_traefik/docker-compose.yml @@ -53,21 +53,17 @@ services: OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-error} # make oCIS less verbose PROXY_TLS: "false" # do not use SSL between Traefik and oCIS - # change default secrets - IDP_LDAP_BIND_PASSWORD: ${IDP_LDAP_BIND_PASSWORD:-idp} - STORAGE_LDAP_BIND_PASSWORD: ${STORAGE_LDAP_BIND_PASSWORD:-reva} - OCIS_JWT_SECRET: ${OCIS_JWT_SECRET:-Pive-Fumkiu4} - STORAGE_TRANSFER_SECRET: ${STORAGE_TRANSFER_SECRET:-replace-me-with-a-transfer-secret} - OCIS_MACHINE_AUTH_API_KEY: ${OCIS_MACHINE_AUTH_API_KEY:-change-me-please} # INSECURE: needed if oCIS / Traefik is using self generated certificates OCIS_INSECURE: "${INSECURE:-false}" # basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect) PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}" + # admin user password + IDM_ADMIN_PASSWORD: "${ADMIN_PASSWORD:-admin}" # this overrides the admin password from the configuration file # demo users - ACCOUNTS_DEMO_USERS_AND_GROUPS: "${DEMO_USERS:-false}" # deprecated, remove after switching to LibreIDM IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}" volumes: - ./config/ocis/entrypoint-override.sh:/entrypoint-override.sh + - ocis-config:/etc/ocis - ocis-data:/var/lib/ocis labels: - "traefik.enable=true" @@ -82,7 +78,9 @@ services: volumes: certs: + ocis-config: ocis-data: + networks: ocis-net: From feda972487e90dab0f0d5b9b31c42dec462449c2 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 14:28:08 +0200 Subject: [PATCH 53/59] add idm admin password variable to init command --- ocis/pkg/command/init.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index ecbcb27412b..c858e9f064c 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -41,7 +41,7 @@ func InitCommand(cfg *config.Config) *cli.Command { &cli.StringFlag{ Name: "admin-password", Aliases: []string{"ap"}, - EnvVars: []string{"ADMIN_PASSWORD"}, + EnvVars: []string{"ADMIN_PASSWORD", "IDM_ADMIN_PASSWORD"}, Usage: "Set admin password instead of using a random gnerated one", }, }, From 4fdd3170ccf03b41b6b5b59ff94a3eb8acbe3d82 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 14:40:30 +0200 Subject: [PATCH 54/59] only mount config volume for initialization --- docs/ocis/getting-started/_index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/ocis/getting-started/_index.md b/docs/ocis/getting-started/_index.md index 288ae771d7f..5a31560b831 100644 --- a/docs/ocis/getting-started/_index.md +++ b/docs/ocis/getting-started/_index.md @@ -67,8 +67,8 @@ The `latest` tag always reflects the current master branch. ```console docker pull owncloud/ocis -docker run --rm -it -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis owncloud/ocis init -docker run --rm -p 9200:9200 -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis -e ACCOUNTS_DEMO_USERS_AND_GROUPS=true owncloud/ocis +docker run --rm -it -v ocis-config:/etc/ocis owncloud/ocis init +docker run --rm -p 9200:9200 -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis -e IDM_CREATE_DEMO_USERS=true owncloud/ocis ``` {{< hint info >}} From 1cdb81bd3e976e992a65e9be945fc697e15b4018 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 29 Apr 2022 16:10:21 +0200 Subject: [PATCH 55/59] add fixes from review --- docs/helpers/example-config-generator.go.tmpl | 2 - docs/ocis/deployment/systemd.md | 2 +- .../appprovider/pkg/config/parser/parse.go | 5 +++ extensions/appprovider/pkg/config/reva.go | 2 +- extensions/auth-basic/pkg/config/reva.go | 2 +- extensions/auth-bearer/pkg/config/reva.go | 2 +- extensions/auth-machine/pkg/config/reva.go | 2 +- extensions/frontend/pkg/command/command.go | 39 ------------------- extensions/frontend/pkg/config/reva.go | 2 +- extensions/gateway/pkg/config/reva.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 1 - extensions/graph/pkg/config/parser/parse.go | 4 ++ extensions/group/pkg/config/reva.go | 2 +- .../idp/pkg/config/defaults/defaultconfig.go | 1 - extensions/ocdav/pkg/command/ocdav.go | 34 ---------------- extensions/ocdav/pkg/config/reva.go | 2 +- extensions/ocs/pkg/server/http/svc_test.go | 4 +- .../pkg/config/defaults/defaultconfig.go | 8 ---- extensions/sharing/pkg/config/reva.go | 2 +- .../storage-metadata/pkg/config/reva.go | 2 +- .../storage-publiclink/pkg/config/reva.go | 2 +- extensions/storage-shares/pkg/config/reva.go | 2 +- extensions/storage-users/pkg/config/reva.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 6 --- extensions/storage/pkg/config/parser/parse.go | 4 -- extensions/user/pkg/config/reva.go | 2 +- ocis-pkg/config/config.go | 5 --- ocis-pkg/generators/generators_suite_test.go | 13 ------- ocis-pkg/generators/generators_test.go | 13 ------- ocis/pkg/command/init.go | 7 ++-- 30 files changed, 29 insertions(+), 147 deletions(-) delete mode 100644 ocis-pkg/generators/generators_suite_test.go delete mode 100644 ocis-pkg/generators/generators_test.go diff --git a/docs/helpers/example-config-generator.go.tmpl b/docs/helpers/example-config-generator.go.tmpl index 1c63e1fd323..277cfdc9dc2 100644 --- a/docs/helpers/example-config-generator.go.tmpl +++ b/docs/helpers/example-config-generator.go.tmpl @@ -23,8 +23,6 @@ func main() { replacer.Replace("{{$value}}"): func() string { fmt.Println("Generating example YAML config for {{ $value -}}") c := pkg{{$key}}.FullDefaultConfig() - pkg{{$key}}.EnsureDefaults(c) - pkg{{$key}}.Sanitize(c) yml, err := yaml.Marshal(c) if err != nil { log.Fatalf("Marshalling yaml for pkg0 failed: %s\n", err) diff --git a/docs/ocis/deployment/systemd.md b/docs/ocis/deployment/systemd.md index f475ec22746..55d723e0462 100644 --- a/docs/ocis/deployment/systemd.md +++ b/docs/ocis/deployment/systemd.md @@ -61,7 +61,7 @@ oCIS will store all data in `/var/lib/ocis`, because we configured it so by sett ## Starting the oCIS service -Initialize the oCIS configuration by running `OCIS_CONFIG_DIR=/etc/ocis ocis init`. +Initialize the oCIS configuration by running `ocis init --config-path /etc/ocis`. You can enable oCIS now by running `systemctl enable --now ocis`. It will ensure that oCIS also is restarted after a reboot of the host. diff --git a/extensions/appprovider/pkg/config/parser/parse.go b/extensions/appprovider/pkg/config/parser/parse.go index fa55c4653fe..e968dbe244d 100644 --- a/extensions/appprovider/pkg/config/parser/parse.go +++ b/extensions/appprovider/pkg/config/parser/parse.go @@ -6,6 +6,7 @@ import ( "github.com/owncloud/ocis/extensions/appprovider/pkg/config" "github.com/owncloud/ocis/extensions/appprovider/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -33,5 +34,9 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { + if cfg.TokenManager.JWTSecret == "" { + return shared.MissingJWTTokenError(cfg.Service.Name) + } + return nil } diff --git a/extensions/appprovider/pkg/config/reva.go b/extensions/appprovider/pkg/config/reva.go index b8d27791703..aec078b05a4 100644 --- a/extensions/appprovider/pkg/config/reva.go +++ b/extensions/appprovider/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;APP_PROVIDER_JWT_SECRET"` } diff --git a/extensions/auth-basic/pkg/config/reva.go b/extensions/auth-basic/pkg/config/reva.go index b8d27791703..e01bce8ed76 100644 --- a/extensions/auth-basic/pkg/config/reva.go +++ b/extensions/auth-basic/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_BASIC_JWT_SECRET"` } diff --git a/extensions/auth-bearer/pkg/config/reva.go b/extensions/auth-bearer/pkg/config/reva.go index b8d27791703..1615b97d006 100644 --- a/extensions/auth-bearer/pkg/config/reva.go +++ b/extensions/auth-bearer/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_BEARER_JWT_SECRET"` } diff --git a/extensions/auth-machine/pkg/config/reva.go b/extensions/auth-machine/pkg/config/reva.go index b8d27791703..e81446d87f3 100644 --- a/extensions/auth-machine/pkg/config/reva.go +++ b/extensions/auth-machine/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_MACHINE_JWT_SECRET"` } diff --git a/extensions/frontend/pkg/command/command.go b/extensions/frontend/pkg/command/command.go index 7f13a191529..96fb5e023c8 100644 --- a/extensions/frontend/pkg/command/command.go +++ b/extensions/frontend/pkg/command/command.go @@ -7,7 +7,6 @@ import ( "os" "path" "strconv" - "strings" "github.com/cs3org/reva/v2/cmd/revad/runtime" "github.com/gofrs/uuid" @@ -16,7 +15,6 @@ import ( "github.com/owncloud/ocis/extensions/frontend/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" - "github.com/owncloud/ocis/ocis-pkg/conversions" "github.com/owncloud/ocis/ocis-pkg/log" "github.com/owncloud/ocis/ocis-pkg/sync" "github.com/owncloud/ocis/ocis-pkg/tracing" @@ -30,11 +28,6 @@ func Frontend(cfg *config.Config) *cli.Command { Name: "frontend", Usage: "start frontend service", Before: func(ctx *cli.Context) error { - // TODO: what !? - //if err := loadUserAgent(c, cfg); err != nil { - // return err - //} - //return nil err := parser.ParseConfig(cfg) if err != nil { fmt.Printf("%v", err) @@ -60,13 +53,6 @@ func Frontend(cfg *config.Config) *cli.Command { uuid := uuid.Must(uuid.NewV4()) pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+uuid.String()+".pid") - // pregenerate list of valid localhost ports for the desktop redirect_uri - // TODO use custom scheme like "owncloud://localhost/user/callback" tracked in - var desktopRedirectURIs [65535 - 1024]string - for port := 0; port < len(desktopRedirectURIs); port++ { - desktopRedirectURIs[port] = fmt.Sprintf("http://localhost:%d", (port + 1024)) - } - archivers := []map[string]interface{}{ { "enabled": true, @@ -318,31 +304,6 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s } } -// loadUserAgent reads the user-agent-whitelist-lock-in, since it is a string flag, and attempts to construct a map of -// "user-agent":"challenge" locks in for Reva. -// Modifies cfg. Spaces don't need to be trimmed as urfavecli takes care of it. User agents with spaces are valid. i.e: -// Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0 -// This function works by relying in our format of specifying [user-agent:challenge] and the fact that the user agent -// might contain ":" (colon), so the original string is reversed, split in two parts, by the time it is split we -// have the indexes reversed and the tuple is in the format of [challenge:user-agent], then the same process is applied -// in reverse for each individual part -func loadUserAgent(c *cli.Context, cfg *config.Config) error { - cfg.Middleware.Auth.CredentialsByUserAgent = make(map[string]string) - locks := c.StringSlice("user-agent-whitelist-lock-in") - - for _, v := range locks { - vv := conversions.Reverse(v) - parts := strings.SplitN(vv, ":", 2) - if len(parts) != 2 { - return fmt.Errorf("unexpected config value for user-agent lock-in: %v, expected format is user-agent:challenge", v) - } - - cfg.Middleware.Auth.CredentialsByUserAgent[conversions.Reverse(parts[1])] = conversions.Reverse(parts[0]) - } - - return nil -} - // FrontendSutureService allows for the storage-frontend command to be embedded and supervised by a suture supervisor tree. type FrontendSutureService struct { cfg *config.Config diff --git a/extensions/frontend/pkg/config/reva.go b/extensions/frontend/pkg/config/reva.go index b8d27791703..77484698f31 100644 --- a/extensions/frontend/pkg/config/reva.go +++ b/extensions/frontend/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;FRONTEND_JWT_SECRET"` } diff --git a/extensions/gateway/pkg/config/reva.go b/extensions/gateway/pkg/config/reva.go index b8d27791703..2a5534c7e26 100644 --- a/extensions/gateway/pkg/config/reva.go +++ b/extensions/gateway/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GATEWAY_JWT_SECRET"` } diff --git a/extensions/graph/pkg/config/defaults/defaultconfig.go b/extensions/graph/pkg/config/defaults/defaultconfig.go index 77fea105023..a9a50720df9 100644 --- a/extensions/graph/pkg/config/defaults/defaultconfig.go +++ b/extensions/graph/pkg/config/defaults/defaultconfig.go @@ -42,7 +42,6 @@ func DefaultConfig() *config.Config { URI: "ldaps://localhost:9235", Insecure: true, BindDN: "uid=libregraph,ou=sysusers,o=libregraph-idm", - BindPassword: "idm", UseServerUUID: false, WriteEnabled: true, UserBaseDN: "ou=users,o=libregraph-idm", diff --git a/extensions/graph/pkg/config/parser/parse.go b/extensions/graph/pkg/config/parser/parse.go index 32626ff0fbb..6bc695c1597 100644 --- a/extensions/graph/pkg/config/parser/parse.go +++ b/extensions/graph/pkg/config/parser/parse.go @@ -38,5 +38,9 @@ func Validate(cfg *config.Config) error { return shared.MissingJWTTokenError(cfg.Service.Name) } + if cfg.Identity.Backend == "ldap" && cfg.Identity.LDAP.BindPassword == "" { + return shared.MissingLDAPBindPassword(cfg.Service.Name) + } + return nil } diff --git a/extensions/group/pkg/config/reva.go b/extensions/group/pkg/config/reva.go index b8d27791703..e2aae1a7a09 100644 --- a/extensions/group/pkg/config/reva.go +++ b/extensions/group/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GROUPS_JWT_SECRET"` } diff --git a/extensions/idp/pkg/config/defaults/defaultconfig.go b/extensions/idp/pkg/config/defaults/defaultconfig.go index 8bd508ab1c0..b3498b97551 100644 --- a/extensions/idp/pkg/config/defaults/defaultconfig.go +++ b/extensions/idp/pkg/config/defaults/defaultconfig.go @@ -69,7 +69,6 @@ func DefaultConfig() *config.Config { URI: "ldaps://localhost:9235", TLSCACert: path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"), BindDN: "uid=idp,ou=sysusers,o=libregraph-idm", - BindPassword: "", BaseDN: "ou=users,o=libregraph-idm", Scope: "sub", LoginAttribute: "uid", diff --git a/extensions/ocdav/pkg/command/ocdav.go b/extensions/ocdav/pkg/command/ocdav.go index 4869b0263d4..20bb8a29b67 100644 --- a/extensions/ocdav/pkg/command/ocdav.go +++ b/extensions/ocdav/pkg/command/ocdav.go @@ -4,7 +4,6 @@ import ( "context" "flag" "fmt" - "strings" "github.com/cs3org/reva/v2/pkg/micro/ocdav" "github.com/oklog/run" @@ -12,7 +11,6 @@ import ( "github.com/owncloud/ocis/extensions/ocdav/pkg/config/parser" "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" - "github.com/owncloud/ocis/ocis-pkg/conversions" "github.com/owncloud/ocis/ocis-pkg/log" "github.com/owncloud/ocis/ocis-pkg/sync" "github.com/owncloud/ocis/ocis-pkg/tracing" @@ -26,13 +24,6 @@ func OCDav(cfg *config.Config) *cli.Command { return &cli.Command{ Name: "ocdav", Usage: "start ocdav service", - // TODO: check - //Before: func(c *cli.Context) error { - // if err := loadUserAgent(c, cfg); err != nil { - // return err - // } - // return nil - //}, Before: func(ctx *cli.Context) error { err := parser.ParseConfig(cfg) if err != nil { @@ -153,28 +144,3 @@ func (s OCDavSutureService) Serve(ctx context.Context) error { return nil } - -// loadUserAgent reads the user-agent-whitelist-lock-in, since it is a string flag, and attempts to construct a map of -// "user-agent":"challenge" locks in for Reva. -// Modifies cfg. Spaces don't need to be trimmed as urfavecli takes care of it. User agents with spaces are valid. i.e: -// Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0 -// This function works by relying in our format of specifying [user-agent:challenge] and the fact that the user agent -// might contain ":" (colon), so the original string is reversed, split in two parts, by the time it is split we -// have the indexes reversed and the tuple is in the format of [challenge:user-agent], then the same process is applied -// in reverse for each individual part -func loadUserAgent(c *cli.Context, cfg *config.Config) error { - cfg.Middleware.Auth.CredentialsByUserAgent = make(map[string]string) - locks := c.StringSlice("user-agent-whitelist-lock-in") - - for _, v := range locks { - vv := conversions.Reverse(v) - parts := strings.SplitN(vv, ":", 2) - if len(parts) != 2 { - return fmt.Errorf("unexpected config value for user-agent lock-in: %v, expected format is user-agent:challenge", v) - } - - cfg.Middleware.Auth.CredentialsByUserAgent[conversions.Reverse(parts[1])] = conversions.Reverse(parts[0]) - } - - return nil -} diff --git a/extensions/ocdav/pkg/config/reva.go b/extensions/ocdav/pkg/config/reva.go index b8d27791703..4a0f1449beb 100644 --- a/extensions/ocdav/pkg/config/reva.go +++ b/extensions/ocdav/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCDAV_JWT_SECRET"` } diff --git a/extensions/ocs/pkg/server/http/svc_test.go b/extensions/ocs/pkg/server/http/svc_test.go index c5a73fcfbc9..a6f4051d4ee 100644 --- a/extensions/ocs/pkg/server/http/svc_test.go +++ b/extensions/ocs/pkg/server/http/svc_test.go @@ -723,9 +723,7 @@ func getService() svc.Service { Root: "/", Addr: "localhost:9110", }, - Reva: &config.Reva{ - Address: "", - }, + Reva: &config.Reva{}, TokenManager: &config.TokenManager{ JWTSecret: jwtSecret, }, diff --git a/extensions/proxy/pkg/config/defaults/defaultconfig.go b/extensions/proxy/pkg/config/defaults/defaultconfig.go index e5dadbd579a..1b45e273f84 100644 --- a/extensions/proxy/pkg/config/defaults/defaultconfig.go +++ b/extensions/proxy/pkg/config/defaults/defaultconfig.go @@ -203,14 +203,6 @@ func EnsureDefaults(cfg *config.Config) { } else if cfg.Reva == nil { cfg.Reva = &config.Reva{} } - - if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil { - cfg.TokenManager = &config.TokenManager{ - JWTSecret: cfg.Commons.TokenManager.JWTSecret, - } - } else if cfg.TokenManager == nil { - cfg.TokenManager = &config.TokenManager{} - } } func Sanitize(cfg *config.Config) { diff --git a/extensions/sharing/pkg/config/reva.go b/extensions/sharing/pkg/config/reva.go index b8d27791703..7bb95d858a3 100644 --- a/extensions/sharing/pkg/config/reva.go +++ b/extensions/sharing/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;SHARING_JWT_SECRET"` } diff --git a/extensions/storage-metadata/pkg/config/reva.go b/extensions/storage-metadata/pkg/config/reva.go index b8d27791703..3094a801354 100644 --- a/extensions/storage-metadata/pkg/config/reva.go +++ b/extensions/storage-metadata/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_METADATA_JWT_SECRET"` } diff --git a/extensions/storage-publiclink/pkg/config/reva.go b/extensions/storage-publiclink/pkg/config/reva.go index b8d27791703..306ae4f2621 100644 --- a/extensions/storage-publiclink/pkg/config/reva.go +++ b/extensions/storage-publiclink/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_PUBLICLINK_JWT_SECRET"` } diff --git a/extensions/storage-shares/pkg/config/reva.go b/extensions/storage-shares/pkg/config/reva.go index b8d27791703..75b30df05a8 100644 --- a/extensions/storage-shares/pkg/config/reva.go +++ b/extensions/storage-shares/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_SHARES_JWT_SECRET"` } diff --git a/extensions/storage-users/pkg/config/reva.go b/extensions/storage-users/pkg/config/reva.go index b8d27791703..fd15399fe20 100644 --- a/extensions/storage-users/pkg/config/reva.go +++ b/extensions/storage-users/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_USERS_JWT_SECRET"` } diff --git a/extensions/storage/pkg/config/defaults/defaultconfig.go b/extensions/storage/pkg/config/defaults/defaultconfig.go index 6b88c6babd4..c573bfdccc1 100644 --- a/extensions/storage/pkg/config/defaults/defaultconfig.go +++ b/extensions/storage/pkg/config/defaults/defaultconfig.go @@ -32,7 +32,6 @@ func DefaultConfig() *config.Config { Addr: "127.0.0.1:9109", }, Reva: config.Reva{ - //JWTSecret: "Pive-Fumkiu4", SkipUserGroupsInToken: false, TransferExpires: 24 * 60 * 60, OIDC: config.OIDC{ @@ -444,7 +443,6 @@ func DefaultConfig() *config.Config { GatewaySVC: defaultGatewayAddr, Insecure: false, // true? Timeout: 84300, - //JWTSecret: "Pive-Fumkiu4", }, Tracing: config.Tracing{ Service: "storage", @@ -455,11 +453,7 @@ func DefaultConfig() *config.Config { } func EnsureDefaults(cfg *config.Config) { - //if cfg.TransferSecret == "" && cfg.Commons != nil && cfg.Commons.TransferSecret != "" { - // cfg.TransferSecret = cfg.Commons.TransferSecret - //} } func Sanitize(cfg *config.Config) { - // TODO: IMPLEMENT ME! } diff --git a/extensions/storage/pkg/config/parser/parse.go b/extensions/storage/pkg/config/parser/parse.go index 5cf17d1c402..ca0d96dbb37 100644 --- a/extensions/storage/pkg/config/parser/parse.go +++ b/extensions/storage/pkg/config/parser/parse.go @@ -6,7 +6,6 @@ import ( "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config" "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults" ociscfg "github.com/owncloud/ocis/ocis-pkg/config" - "github.com/owncloud/ocis/ocis-pkg/shared" "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) @@ -34,8 +33,5 @@ func ParseConfig(cfg *config.Config) error { } func Validate(cfg *config.Config) error { - if cfg.TransferSecret == "" { - return shared.MissingRevaTransferSecretError(cfg.Service.Name) - } return nil } diff --git a/extensions/user/pkg/config/reva.go b/extensions/user/pkg/config/reva.go index b8d27791703..310858a7952 100644 --- a/extensions/user/pkg/config/reva.go +++ b/extensions/user/pkg/config/reva.go @@ -7,5 +7,5 @@ type Reva struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET"` + JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;USERS_JWT_SECRET"` } diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 8840b59c778..33b9645d2ea 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -35,11 +35,6 @@ import ( webdav "github.com/owncloud/ocis/extensions/webdav/pkg/config" ) -// TokenManager is the config for using the reva token manager -/*type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET"` -}*/ - const ( // SUPERVISED sets the runtime mode as supervised threads. SUPERVISED = iota diff --git a/ocis-pkg/generators/generators_suite_test.go b/ocis-pkg/generators/generators_suite_test.go deleted file mode 100644 index ef690d5930e..00000000000 --- a/ocis-pkg/generators/generators_suite_test.go +++ /dev/null @@ -1,13 +0,0 @@ -package generators_test - -import ( - "testing" - - . "github.com/onsi/ginkgo/v2" - . "github.com/onsi/gomega" -) - -func TestGenerators(t *testing.T) { - RegisterFailHandler(Fail) - RunSpecs(t, "Generators Suite") -} diff --git a/ocis-pkg/generators/generators_test.go b/ocis-pkg/generators/generators_test.go deleted file mode 100644 index 676b9bcaa83..00000000000 --- a/ocis-pkg/generators/generators_test.go +++ /dev/null @@ -1,13 +0,0 @@ -package generators_test - -import ( - _ "github.com/onsi/ginkgo/v2" - _ "github.com/onsi/gomega" - - _ "github.com/owncloud/ocis/ocis-pkg/generators" -) - -//var _ = Describe("Generators", func() { -// It("Returns an error ", func() {}) -// PIt("Returns expected passwords", func() {}) -//}) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index c858e9f064c..856bb31812e 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -34,9 +34,10 @@ func InitCommand(cfg *config.Config) *cli.Command { Usage: "Force overwrite existing config file", }, &cli.StringFlag{ - Name: "config-path", - Value: defaults.BaseConfigPath(), - Usage: "Config path for the ocis runtime", + Name: "config-path", + Value: defaults.BaseConfigPath(), + Usage: "Config path for the ocis runtime", + EnvVars: []string{"OCIS_CONFIG_DIR"}, }, &cli.StringFlag{ Name: "admin-password", From 6474d46252f17263f1f59ccc17d43836ba63ec9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Fri, 29 Apr 2022 19:09:03 +0000 Subject: [PATCH 56/59] nitpicks and typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- ocis/pkg/command/init.go | 2 +- ocis/pkg/init/init.go | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ocis/pkg/command/init.go b/ocis/pkg/command/init.go index 856bb31812e..4c697011ccc 100644 --- a/ocis/pkg/command/init.go +++ b/ocis/pkg/command/init.go @@ -43,7 +43,7 @@ func InitCommand(cfg *config.Config) *cli.Command { Name: "admin-password", Aliases: []string{"ap"}, EnvVars: []string{"ADMIN_PASSWORD", "IDM_ADMIN_PASSWORD"}, - Usage: "Set admin password instead of using a random gnerated one", + Usage: "Set admin password instead of using a random generated one", }, }, Action: func(c *cli.Context) error { diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index e2d4b0f60c2..dcf81a98827 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -142,6 +142,7 @@ func backupOcisConfigFile(configPath string) (string, error) { return targetBackupConfig, nil } +// CreateConfig creates a config file with random passwords at configPath func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword string) error { targetBackupConfig := "" From 89a9a14d248dbf93aac0d1406bddab381f976774 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Fri, 29 Apr 2022 22:04:12 +0200 Subject: [PATCH 57/59] Update extensions/storage-shares/pkg/config/parser/parse.go --- extensions/storage-shares/pkg/config/parser/parse.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/extensions/storage-shares/pkg/config/parser/parse.go b/extensions/storage-shares/pkg/config/parser/parse.go index 87aa3438545..e3df4351c33 100644 --- a/extensions/storage-shares/pkg/config/parser/parse.go +++ b/extensions/storage-shares/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads storage-shares configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { From 4c53707920aa9231f823cc33001a5cddb58b6585 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Fri, 29 Apr 2022 20:21:14 +0000 Subject: [PATCH 58/59] omit extension name in ParseConfig doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- extensions/accounts/pkg/config/parser/parse.go | 2 +- extensions/appprovider/pkg/config/parser/parse.go | 2 +- extensions/audit/pkg/config/parser/parse.go | 2 +- extensions/auth-basic/pkg/config/parser/parse.go | 2 +- extensions/auth-bearer/pkg/config/parser/parse.go | 2 +- extensions/auth-machine/pkg/config/parser/parse.go | 2 +- extensions/frontend/pkg/config/parser/parse.go | 2 +- extensions/gateway/pkg/config/parser/parse.go | 2 +- extensions/glauth/pkg/config/parser/parse.go | 2 +- extensions/graph-explorer/pkg/config/parser/parse.go | 2 +- extensions/graph/pkg/config/parser/parse.go | 2 +- extensions/group/pkg/config/parser/parse.go | 2 +- extensions/idm/pkg/config/parser/parse.go | 2 +- extensions/idp/pkg/config/parser/parse.go | 2 +- extensions/nats/pkg/config/parser/parse.go | 2 +- extensions/notifications/pkg/config/parser/parse.go | 2 +- extensions/ocdav/pkg/config/parser/parse.go | 2 +- extensions/ocs/pkg/config/parser/parse.go | 2 +- extensions/proxy/pkg/config/parser/parse.go | 2 +- extensions/settings/pkg/config/parser/parse.go | 2 +- extensions/sharing/pkg/config/parser/parse.go | 2 +- extensions/storage-metadata/pkg/config/parser/parse.go | 2 +- extensions/storage-publiclink/pkg/config/parser/parse.go | 2 +- extensions/storage-shares/pkg/config/parser/parse.go | 2 +- extensions/storage-users/pkg/config/parser/parse.go | 2 +- extensions/storage/pkg/config/parser/parse.go | 2 +- extensions/store/pkg/config/parser/parse.go | 2 +- extensions/thumbnails/pkg/config/parser/parse.go | 2 +- extensions/user/pkg/config/parser/parse.go | 2 +- extensions/web/pkg/config/parser/parse.go | 2 +- extensions/webdav/pkg/config/parser/parse.go | 2 +- 31 files changed, 31 insertions(+), 31 deletions(-) diff --git a/extensions/accounts/pkg/config/parser/parse.go b/extensions/accounts/pkg/config/parser/parse.go index 69ee34934e7..b052fd59c33 100644 --- a/extensions/accounts/pkg/config/parser/parse.go +++ b/extensions/accounts/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/appprovider/pkg/config/parser/parse.go b/extensions/appprovider/pkg/config/parser/parse.go index e968dbe244d..ff554af4759 100644 --- a/extensions/appprovider/pkg/config/parser/parse.go +++ b/extensions/appprovider/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/audit/pkg/config/parser/parse.go b/extensions/audit/pkg/config/parser/parse.go index fef33a6b52d..f34652a3193 100644 --- a/extensions/audit/pkg/config/parser/parse.go +++ b/extensions/audit/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/auth-basic/pkg/config/parser/parse.go b/extensions/auth-basic/pkg/config/parser/parse.go index 7f216546c0a..de3b06d5c54 100644 --- a/extensions/auth-basic/pkg/config/parser/parse.go +++ b/extensions/auth-basic/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/auth-bearer/pkg/config/parser/parse.go b/extensions/auth-bearer/pkg/config/parser/parse.go index b4c0f48077e..fc3a1c50206 100644 --- a/extensions/auth-bearer/pkg/config/parser/parse.go +++ b/extensions/auth-bearer/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/auth-machine/pkg/config/parser/parse.go b/extensions/auth-machine/pkg/config/parser/parse.go index 49f217ec099..2eb535806ba 100644 --- a/extensions/auth-machine/pkg/config/parser/parse.go +++ b/extensions/auth-machine/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/frontend/pkg/config/parser/parse.go b/extensions/frontend/pkg/config/parser/parse.go index 3608f754a01..e2ff551a5c4 100644 --- a/extensions/frontend/pkg/config/parser/parse.go +++ b/extensions/frontend/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/gateway/pkg/config/parser/parse.go b/extensions/gateway/pkg/config/parser/parse.go index 247b5548966..424efdbfb21 100644 --- a/extensions/gateway/pkg/config/parser/parse.go +++ b/extensions/gateway/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/glauth/pkg/config/parser/parse.go b/extensions/glauth/pkg/config/parser/parse.go index 175673383ce..a3598df4bc0 100644 --- a/extensions/glauth/pkg/config/parser/parse.go +++ b/extensions/glauth/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/graph-explorer/pkg/config/parser/parse.go b/extensions/graph-explorer/pkg/config/parser/parse.go index 82bc9cc5db7..ae369113fc8 100644 --- a/extensions/graph-explorer/pkg/config/parser/parse.go +++ b/extensions/graph-explorer/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/graph/pkg/config/parser/parse.go b/extensions/graph/pkg/config/parser/parse.go index 6bc695c1597..f554a623d8e 100644 --- a/extensions/graph/pkg/config/parser/parse.go +++ b/extensions/graph/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/group/pkg/config/parser/parse.go b/extensions/group/pkg/config/parser/parse.go index 7f160b6c7b8..f1e7880c9be 100644 --- a/extensions/group/pkg/config/parser/parse.go +++ b/extensions/group/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/idm/pkg/config/parser/parse.go b/extensions/idm/pkg/config/parser/parse.go index dc515b5efa3..7d04c55ad4d 100644 --- a/extensions/idm/pkg/config/parser/parse.go +++ b/extensions/idm/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/idp/pkg/config/parser/parse.go b/extensions/idp/pkg/config/parser/parse.go index f716a9a520e..b75b10b398e 100644 --- a/extensions/idp/pkg/config/parser/parse.go +++ b/extensions/idp/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/nats/pkg/config/parser/parse.go b/extensions/nats/pkg/config/parser/parse.go index 4930b1ccfea..a3a27113e2d 100644 --- a/extensions/nats/pkg/config/parser/parse.go +++ b/extensions/nats/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/notifications/pkg/config/parser/parse.go b/extensions/notifications/pkg/config/parser/parse.go index f6ef3f71b1e..85ac780a342 100644 --- a/extensions/notifications/pkg/config/parser/parse.go +++ b/extensions/notifications/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/ocdav/pkg/config/parser/parse.go b/extensions/ocdav/pkg/config/parser/parse.go index 075f66e1c6c..77766296bfd 100644 --- a/extensions/ocdav/pkg/config/parser/parse.go +++ b/extensions/ocdav/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/ocs/pkg/config/parser/parse.go b/extensions/ocs/pkg/config/parser/parse.go index 02bd765b89f..536ed52de18 100644 --- a/extensions/ocs/pkg/config/parser/parse.go +++ b/extensions/ocs/pkg/config/parser/parse.go @@ -12,7 +12,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/proxy/pkg/config/parser/parse.go b/extensions/proxy/pkg/config/parser/parse.go index b82480cbd6c..f792d79557e 100644 --- a/extensions/proxy/pkg/config/parser/parse.go +++ b/extensions/proxy/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/settings/pkg/config/parser/parse.go b/extensions/settings/pkg/config/parser/parse.go index d10e1bc119e..b59d8ee9fd1 100644 --- a/extensions/settings/pkg/config/parser/parse.go +++ b/extensions/settings/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/sharing/pkg/config/parser/parse.go b/extensions/sharing/pkg/config/parser/parse.go index 3954a46bead..a8a7b00e2a9 100644 --- a/extensions/sharing/pkg/config/parser/parse.go +++ b/extensions/sharing/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/storage-metadata/pkg/config/parser/parse.go b/extensions/storage-metadata/pkg/config/parser/parse.go index bc540e2c706..ae1ce03306d 100644 --- a/extensions/storage-metadata/pkg/config/parser/parse.go +++ b/extensions/storage-metadata/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/storage-publiclink/pkg/config/parser/parse.go b/extensions/storage-publiclink/pkg/config/parser/parse.go index 61f8ee0332e..f0e7cda9922 100644 --- a/extensions/storage-publiclink/pkg/config/parser/parse.go +++ b/extensions/storage-publiclink/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/storage-shares/pkg/config/parser/parse.go b/extensions/storage-shares/pkg/config/parser/parse.go index e3df4351c33..6b0efc7aef7 100644 --- a/extensions/storage-shares/pkg/config/parser/parse.go +++ b/extensions/storage-shares/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads storage-shares configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/storage-users/pkg/config/parser/parse.go b/extensions/storage-users/pkg/config/parser/parse.go index 2e034ed070d..b6a55e1aef6 100644 --- a/extensions/storage-users/pkg/config/parser/parse.go +++ b/extensions/storage-users/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/storage/pkg/config/parser/parse.go b/extensions/storage/pkg/config/parser/parse.go index ca0d96dbb37..d486f6dad4b 100644 --- a/extensions/storage/pkg/config/parser/parse.go +++ b/extensions/storage/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/store/pkg/config/parser/parse.go b/extensions/store/pkg/config/parser/parse.go index 3d3b591ba73..68045ecf751 100644 --- a/extensions/store/pkg/config/parser/parse.go +++ b/extensions/store/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/thumbnails/pkg/config/parser/parse.go b/extensions/thumbnails/pkg/config/parser/parse.go index fd2079281be..4c47c635ddd 100644 --- a/extensions/thumbnails/pkg/config/parser/parse.go +++ b/extensions/thumbnails/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/user/pkg/config/parser/parse.go b/extensions/user/pkg/config/parser/parse.go index 0a13964f92e..2b5f8030a50 100644 --- a/extensions/user/pkg/config/parser/parse.go +++ b/extensions/user/pkg/config/parser/parse.go @@ -11,7 +11,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/web/pkg/config/parser/parse.go b/extensions/web/pkg/config/parser/parse.go index 80e64a3b7b6..c2d87716033 100644 --- a/extensions/web/pkg/config/parser/parse.go +++ b/extensions/web/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { diff --git a/extensions/webdav/pkg/config/parser/parse.go b/extensions/webdav/pkg/config/parser/parse.go index 9d4d15ca7aa..be9d202072b 100644 --- a/extensions/webdav/pkg/config/parser/parse.go +++ b/extensions/webdav/pkg/config/parser/parse.go @@ -10,7 +10,7 @@ import ( "github.com/owncloud/ocis/ocis-pkg/config/envdecode" ) -// ParseConfig loads accounts configuration from known paths. +// ParseConfig loads configuration from known paths. func ParseConfig(cfg *config.Config) error { _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) if err != nil { From 9d8072cda956069fb7cb3fa68646d45b5815d1ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Fri, 29 Apr 2022 21:11:11 +0000 Subject: [PATCH 59/59] try to make lint happy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- ocis/pkg/init/init.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index dcf81a98827..8b2ca85bf05 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -144,12 +144,12 @@ func backupOcisConfigFile(configPath string) (string, error) { // CreateConfig creates a config file with random passwords at configPath func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword string) error { - targetBackupConfig := "" - err := checkConfigPath(configPath) if err != nil && !forceOverwrite { return err - } else if forceOverwrite && err != nil { + } + targetBackupConfig := "" + if err != nil { targetBackupConfig, err = backupOcisConfigFile(configPath) if err != nil { return err