mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-04-12 11:28:20 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/master' into search

Browse Source
This commit is contained in:
André Duffeck
2022-04-29 13:00:01 +02:00
parent 18d0fa2416 5597f5f5d5
commit 08df2e32d9
130 changed files with 5205 additions and 2152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.bingo/Variables.mk
View File

@@ -17,11 +17,11 @@ GO ?= $(shell which go)
# @echo "Running bingo"
# @$(BINGO) <flags/args..>
#
BINGO := $(GOBIN)/bingo-v0.5.2
BINGO := $(GOBIN)/bingo-v0.6.0
$(BINGO): $(BINGO_DIR)/bingo.mod
@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
@echo "(re)installing $(GOBIN)/bingo-v0.5.2"
@cd $(BINGO_DIR) && $(GO) build -mod=mod -modfile=bingo.mod -o=$(GOBIN)/bingo-v0.5.2 "github.com/bwplotka/bingo"
@echo "(re)installing $(GOBIN)/bingo-v0.6.0"
@cd $(BINGO_DIR) && $(GO) build -mod=mod -modfile=bingo.mod -o=$(GOBIN)/bingo-v0.6.0 "github.com/bwplotka/bingo"
BUF := $(GOBIN)/buf-v1.3.1
$(BUF): $(BINGO_DIR)/buf.mod

2
.bingo/bingo.mod
View File

@@ -2,4 +2,4 @@ module _ // Auto generated by https://github.com/bwplotka/bingo. DO NOT EDIT
go 1.17
require github.com/bwplotka/bingo v0.5.2
require github.com/bwplotka/bingo v0.6.0

31
.bingo/bingo.sum
View File

@@ -2,23 +2,37 @@ github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3Q
github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y=
github.com/bwplotka/bingo v0.5.2 h1:iNCW7magHQK/ozLxoBVEhzhuFiftNQeFsfR9TuIEFxE=
github.com/bwplotka/bingo v0.5.2/go.mod h1:CNMrHaFo3AhgU86psqpMQ8BOac2SZMhYfd0On/Ubt64=
github.com/bwplotka/bingo v0.6.0 h1:AlRrI9J/GVjOUSZbsYQ5WS8X8FnLpTbEAhUVW5iOQ7M=
github.com/bwplotka/bingo v0.6.0/go.mod h1:/qx0tLceUEeAs1R8QnIF+n9+Q0xUe7hmdQTB2w0eDYk=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/creack/pty v1.1.15/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/efficientgo/tools/core v0.0.0-20210201220623-8118984754c2 h1:GD19G/vhEa8amDJDBYcTaFXZjxKed67Ev0ZFPHdd/LQ=
github.com/efficientgo/tools/core v0.0.0-20210201220623-8118984754c2/go.mod h1:cFZoHUhKg31xkPnPjhPKFtevnx0Xcg67ptBRxbpaxtk=
github.com/efficientgo/tools/core v0.0.0-20220225185207-fe763185946b h1:ZHiD4/yE4idlbqvAO6iYCOYRzOMRpxkW+FKasRA3tsQ=
github.com/efficientgo/tools/core v0.0.0-20220225185207-fe763185946b/go.mod h1:OmVcnJopJL8d3X3sSXTiypGoUSgFq1aDGmlrdi9dn/M=
github.com/frankban/quicktest v1.13.1/go.mod h1:NeW+ay9A/U67EYXNFA1nPE8e/tnQv/09mUdL/ijj8og=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
github.com/google/renameio v1.0.1/go.mod h1:t/HQoYBZSsWSNK35C6CO/TpPLDVWvxOHboWUAweKUpk=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA=
github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU=
github.com/pkg/diff v0.0.0-20200914180035-5b29258ca4f7/go.mod h1:zO8QMzTeZd5cpnIkz/Gn6iK0jDfGicM1nynOkkPIl28=
github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
github.com/rogpeppe/go-internal v1.6.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
github.com/rogpeppe/go-internal v1.8.1-0.20210923151022-86f73c517451/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
@@ -29,19 +43,30 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.5.1 h1:OJxoQ/rynoF0dcCdI7cLPktw/hR2cueqYfjm43oqK38=
golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 h1:SQFwaSi55rU7vdNs9Yr0Z324VNlrF+0wMqRXT4St8ck=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201029080932-201ba4db2418 h1:HlFl4V6pEMziuLXyRkm5BIYq1y1GAbb02pRlWvI54OM=
golang.org/x/sys v0.0.0-20201029080932-201ba4db2418/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210925032602-92d5a993a665/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f h1:rlezHXNlxYWvBCzNses9Dlc7nGFaNMJeqLolcmQSSZY=
golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20191110171634-ad39bd3f0407 h1:5zh5atpUEdIc478E/ebrIaHLKcfVvG6dL/fGv7BcMoM=
golang.org/x/term v0.0.0-20191110171634-ad39bd3f0407/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20210916214954-140adaaadfaf/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
@@ -49,11 +74,17 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898 h1:/atklqdjdhuosWIl6AIbOeHJjicWYPqR9bpxqxYG2pA=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
mvdan.cc/editorconfig v0.1.1-0.20200121172147-e40951bde157/go.mod h1:Ge4atmRUYqueGppvJ7JNrtqpqokoJEFxYbP0Z+WeKS8=
mvdan.cc/editorconfig v0.2.0/go.mod h1:lvnnD3BNdBYkhq+B4uBuFFKatfp02eB6HixDvEz91C0=
mvdan.cc/sh/v3 v3.2.4 h1:+fZaWcXWRjYAvqzEKoDhDM3DkxdDUykU2iw0VMKFe9s=
mvdan.cc/sh/v3 v3.2.4/go.mod h1:fPQmabBpREM/XQ9YXSU5ZFZ/Sm+PmKP9/vkFHgYKJEI=
mvdan.cc/sh/v3 v3.4.3 h1:zbuKH7YH9cqU6PGajhFFXZY7dhPXcDr55iN/cUAqpuw=
mvdan.cc/sh/v3 v3.4.3/go.mod h1:p/tqPPI4Epfk2rICAe2RoaNd8HBSJ8t9Y2DA9yQlbzY=

2
.bingo/variables.env
View File

@@ -8,7 +8,7 @@ if [ -z "$GOBIN" ]; then
fi
BINGO="${GOBIN}/bingo-v0.5.2"
BINGO="${GOBIN}/bingo-v0.6.0"
BUF="${GOBIN}/buf-v1.3.1"

2
.drone.env
View File

@@ -1,5 +1,5 @@
# The test runner source for API tests
CORE_COMMITID=f5e36e21b45c96ba90ff6e47787effebad96d0eb
CORE_COMMITID=8f4783aa71a2fd6e863b2a4534fc697d5455bc45
CORE_BRANCH=master
# The test runner source for UI tests

172
.drone.star
View File

@@ -18,7 +18,7 @@ OC_CI_NODEJS = "owncloudci/nodejs:%s"
OC_CI_PHP = "owncloudci/php:%s"
OC_CI_WAIT_FOR = "owncloudci/wait-for:latest"
OC_CS3_API_VALIDATOR = "owncloud/cs3api-validator:latest"
OC_OC_TEST_MIDDLEWARE = "owncloud/owncloud-test-middleware:1.4.1"
OC_OC_TEST_MIDDLEWARE = "owncloud/owncloud-test-middleware:1.5.0"
OC_SERVER = "owncloud/server:10"
OC_UBUNTU = "owncloud/ubuntu:18.04"
OSIXIA_OPEN_LDAP = "osixia/openldap:latest"
@@ -81,11 +81,11 @@ config = {
"earlyFail": True,
},
"accountsUITests": {
"skip": False,
"skip": True,
"earlyFail": True,
},
"settingsUITests": {
"skip": False,
"skip": True,
"earlyFail": True,
},
"parallelApiTests": {
@@ -93,7 +93,9 @@ config = {
"suites": [
"apiShareManagement",
],
"skip": False,
# The tests fail after the storage config changes
# They will be fixed later.
"skip": True,
"earlyFail": True,
"cron": "nightly",
},
@@ -101,13 +103,15 @@ config = {
"suites": [
"apiWebdavOperations",
],
"skip": False,
# The tests fail after the storage config changes
# They will be fixed later.
"skip": True,
"earlyFail": True,
"cron": "nightly",
},
},
"graphApiTests": {
"skip": False,
"skip": True,
"earlyFali": False,
"numberOfParts": 10,
"skipExceptParts": [],
@@ -501,6 +505,9 @@ def localApiTests(ctx, storage, suite, accounts_hash_difficulty = 4):
"name": "localApiTests-%s-%s" % (suite, storage),
"image": OC_CI_PHP % DEFAULT_PHP_VERSION,
"environment": {
"TEST_WITH_GRAPH_API": "true",
"PATH_TO_OCIS": "/drone/src",
"PATH_TO_CORE": "/srv/app/testrunner",
"TEST_SERVER_URL": "https://ocis-server:9200",
"OCIS_REVA_DATA_ROOT": "%s" % ("/srv/app/tmp/ocis/owncloud/data/" if storage == "owncloud" else ""),
"SKELETON_DIR": "/srv/app/tmp/testing/data/apiSkeleton",
@@ -509,8 +516,7 @@ def localApiTests(ctx, storage, suite, accounts_hash_difficulty = 4):
"SEND_SCENARIO_LINE_REFERENCES": "true",
"STORAGE_DRIVER": storage,
"BEHAT_SUITE": suite,
"BEHAT_FILTER_TAGS": "~@skip&&~@skipOnOcis-%s-Storage" % ("OC" if storage == "owncloud" else "OCIS"),
"PATH_TO_CORE": "/srv/app/testrunner",
"BEHAT_FILTER_TAGS": "~@skip&&~@skipOnGraph&&~@skipOnOcis-%s-Storage" % ("OC" if storage == "owncloud" else "OCIS"),
"EXPECTED_FAILURES_FILE": "/drone/src/tests/acceptance/expected-failures-localAPI-on-%s-storage.md" % (storage.upper()),
"UPLOAD_DELETE_WAIT_TIME": "1" if storage == "owncloud" else 0,
},
@@ -566,6 +572,8 @@ def cs3ApiTests(ctx, storage, accounts_hash_difficulty = 4):
def coreApiTests(ctx, part_number = 1, number_of_parts = 1, storage = "ocis", accounts_hash_difficulty = 4):
early_fail = config["apiTests"]["earlyFail"] if "earlyFail" in config["apiTests"] else False
filterTags = "~@skipOnGraph&&~@skipOnOcis&&~@notToImplementOnOCIS&&~@toImplementOnOCIS&&~comments-app-required&&~@federation-app-required&&~@notifications-app-required&&~systemtags-app-required&&~@local_storage&&~@skipOnOcis-%s-Storage&&~@issue-ocis-3023" % ("OC" if storage == "owncloud" else "OCIS")
expectedFailuresFile = "/drone/src/tests/acceptance/expected-failures-graphAPI-on-%s-storage.md" % (storage.upper())
return {
"kind": "pipeline",
@@ -582,6 +590,9 @@ def coreApiTests(ctx, part_number = 1, number_of_parts = 1, storage = "ocis", ac
"name": "oC10ApiTests-%s-storage-%s" % (storage, part_number),
"image": OC_CI_PHP % DEFAULT_PHP_VERSION,
"environment": {
"TEST_WITH_GRAPH_API": "true",
"PATH_TO_OCIS": "/drone/src",
"PATH_TO_CORE": "/srv/app/testrunner",
"TEST_SERVER_URL": "https://ocis-server:9200",
"OCIS_REVA_DATA_ROOT": "%s" % ("/srv/app/tmp/ocis/owncloud/data/" if storage == "owncloud" else ""),
"SKELETON_DIR": "/srv/app/tmp/testing/data/apiSkeleton",
@@ -589,10 +600,10 @@ def coreApiTests(ctx, part_number = 1, number_of_parts = 1, storage = "ocis", ac
"TEST_OCIS": "true",
"SEND_SCENARIO_LINE_REFERENCES": "true",
"STORAGE_DRIVER": storage,
"BEHAT_FILTER_TAGS": "~@skipOnOcis&&~@notToImplementOnOCIS&&~@toImplementOnOCIS&&~comments-app-required&&~@federation-app-required&&~@notifications-app-required&&~systemtags-app-required&&~@local_storage&&~@skipOnOcis-%s-Storage&&~@issue-ocis-3023" % ("OC" if storage == "owncloud" else "OCIS"),
"BEHAT_FILTER_TAGS": filterTags,
"DIVIDE_INTO_NUM_PARTS": number_of_parts,
"RUN_PART": part_number,
"EXPECTED_FAILURES_FILE": "/drone/src/tests/acceptance/expected-failures-API-on-%s-storage.md" % (storage.upper()),
"EXPECTED_FAILURES_FILE": expectedFailuresFile,
"UPLOAD_DELETE_WAIT_TIME": "1" if storage == "owncloud" else 0,
},
"commands": [
@@ -687,7 +698,7 @@ def uiTestPipeline(ctx, filterTags, early_fail, runPart = 1, numberOfParts = 1,
"arch": "amd64",
},
"steps": skipIfUnchanged(ctx, "acceptance-tests") + restoreBuildArtifactCache(ctx, "ocis-binary-amd64", "ocis/bin/ocis") +
ocisServer(storage, accounts_hash_difficulty, [stepVolumeOC10Tests]) + waitForSeleniumService() + waitForMiddlewareService() + [
ocisServerWithAccounts(storage, accounts_hash_difficulty, [stepVolumeOC10Tests]) + waitForSeleniumService() + waitForMiddlewareService() + [
{
"name": "webUITests",
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
@@ -1618,40 +1629,50 @@ def notify(ctx):
},
}
def ocisServerWithIdp():
def ocisServerWithAccounts(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = []):
environment = {
"GRAPH_IDENTITY_BACKEND": "ldap",
"GRAPH_LDAP_SERVER_WRITE_ENABLED": "true",
"LDAP_URI": "ldaps://0.0.0.0:9235",
"GRAPH_IDENTITY_BACKEND": "cs3",
"GRAPH_LDAP_SERVER_WRITE_ENABLED": "false",
"LDAP_URI": "ldaps://0.0.0.0:9126",
"LDAP_INSECURE": "true",
"LDAP_BIND_DN": "uid=libregraph,ou=sysusers,o=libregraph-idm",
"LDAP_BIND_PASSWORD": "idm",
"LDAP_USER_BASE_DN": "ou=users,o=libregraph-idm",
"LDAP_BIND_DN": "cn=admin,dc=ocis,dc=test",
"LDAP_BIND_PASSWORD": "admin",
"LDAP_USER_BASE_DN": "dc=ocis,dc=test",
"LDAP_USER_SCHEMA_ID": "ownclouduuid",
"LDAP_USER_SCHEMA_MAIL": "mail",
"LDAP_USER_SCHEMA_USERNAME": "uid",
"LDAP_USER_OBJECTCLASS": "inetOrgPerson",
"LDAP_GROUP_BASE_DN": "ou=groups,o=libregraph-idm",
"LDAP_GROUP_SCHEMA_ID": "ownclouduuid",
"LDAP_USER_SCHEMA_USERNAME": "cn",
"LDAP_USER_OBJECTCLASS": "posixAccount",
"LDAP_GROUP_BASE_DN": "dc=ocis,dc=test",
"LDAP_GROUP_SCHEMA_ID": "cn",
"LDAP_GROUP_SCHEMA_MAIL": "mail",
"LDAP_GROUP_SCHEMA_GROUPNAME": "cn",
"LDAP_GROUP_SCHEMA_MEMBER": "member",
"LDAP_GROUP_OBJECTCLASS": "groupOfNames",
"IDP_INSECURE": "true",
"IDP_LDAP_BIND_DN": "uid=idp,ou=sysusers,o=libregraph-idm",
"IDP_LDAP_BIND_PASSWORD": "idp",
"IDP_LDAP_BASE_DN": "ou=users,o=libregraph-idm",
"LDAP_GROUP_SCHEMA_MEMBER": "cn",
"LDAP_GROUP_OBJECTCLASS": "posixGroup",
"IDP_LDAP_BIND_DN": "cn=admin,dc=ocis,dc=test",
"LDAP_CACERT": "/root/.ocis/ldap/ldap.crt",
"IDP_LDAP_BIND_PASSWORD": "admin",
"IDP_LDAP_LOGIN_ATTRIBUTE": "uid",
"PROXY_ACCOUNT_BACKEND_TYPE": "cs3",
"PROXY_ENABLE_BASIC_AUTH": "true",
"STORAGE_LDAP_BIND_DN": "uid=reva,ou=sysusers,o=libregraph-idm",
"STORAGE_LDAP_BIND_PASSWORD": "reva",
"OCS_ACCOUNT_BACKEND_TYPE": "cs3",
"OCIS_RUN_EXTENSIONS": "settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,idp,nats,idm,ocdav",
"OCIS_LOG_LEVEL": "error",
"PROXY_ACCOUNT_BACKEND_TYPE": "accounts",
"OCS_ACCOUNT_BACKEND_TYPE": "accounts",
"OCIS_RUN_EXTENSIONS": "settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,idp,nats,accounts,glauth,ocdav",
"OCIS_INSECURE": "true",
"PROXY_ENABLE_BASIC_AUTH": "true",
"IDP_INSECURE": "true",
"OCIS_LOG_LEVEL": "error",
"OCIS_URL": "https://ocis-server:9200",
"ACCOUNTS_DEMO_USERS_AND_GROUPS": True,
"STORAGE_HOME_DRIVER": "%s" % (storage),
"STORAGE_USERS_DRIVER": "%s" % (storage),
"WEB_UI_CONFIG": "/drone/src/tests/config/drone/ocis-config.json",
}
# Pass in "default" accounts_hash_difficulty to not set this environment variable.
# That will allow OCIS to use whatever its built-in default is.
# Otherwise pass in a value from 4 to about 11 or 12 (default 4, for making regular tests fast)
# The high values cause lots of CPU to be used when hashing passwords, and really slow down the tests.
if (accounts_hash_difficulty != "default"):
environment["ACCOUNTS_HASH_DIFFICULTY"] = accounts_hash_difficulty
return [
{
"name": "ocis-server",
@@ -1661,16 +1682,16 @@ def ocisServerWithIdp():
"commands": [
"ocis/bin/ocis server",
],
"volumes": [stepVolumeOC10Tests],
"depends_on": [],
"volumes": volumes,
"depends_on": depends_on,
},
{
"name": "wait-for-ocis-server",
"image": OC_CI_WAIT_FOR,
"image": OC_CI_ALPINE,
"commands": [
"wait-for -it ocis-server:9200 -t 300",
"curl -k -u admin:admin --fail --retry-connrefused --retry 10 --retry-all-errors 'https://ocis-server:9200/graph/v1.0/users/ddc2004c-0977-11eb-9d3f-a793888cd0f8'",
],
"depends_on": [],
"depends_on": depends_on,
},
]
@@ -1679,20 +1700,19 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on =
user = "0:0"
environment = {
"OCIS_URL": "https://ocis-server:9200",
"STORAGE_GATEWAY_GRPC_ADDR": "0.0.0.0:9142",
"GATEWAY_GRPC_ADDR": "0.0.0.0:9142",
"STORAGE_HOME_DRIVER": "%s" % (storage),
"STORAGE_USERS_DRIVER": "%s" % (storage),
"STORAGE_USERS_DRIVER_LOCAL_ROOT": "/srv/app/tmp/ocis/local/root",
"STORAGE_USERS_DRIVER_OCIS_ROOT": "/srv/app/tmp/ocis/storage/users",
"STORAGE_METADATA_DRIVER_OCIS_ROOT": "/srv/app/tmp/ocis/storage/metadata",
"STORAGE_SHARING_USER_JSON_FILE": "/srv/app/tmp/ocis/shares.json",
"SHARING_USER_JSON_FILE": "/srv/app/tmp/ocis/shares.json",
"PROXY_ENABLE_BASIC_AUTH": True,
"WEB_UI_CONFIG": "/drone/src/tests/config/drone/ocis-config.json",
"IDP_IDENTIFIER_REGISTRATION_CONF": "/drone/src/tests/config/drone/identifier-registration.yml",
"OCIS_LOG_LEVEL": "error",
"SETTINGS_DATA_PATH": "/srv/app/tmp/ocis/settings",
"OCIS_INSECURE": "true",
"ACCOUNTS_DEMO_USERS_AND_GROUPS": True, # deprecated, remove after switching to LibreIDM
"IDM_CREATE_DEMO_USERS": True,
}
wait_for_ocis = {
@@ -1706,44 +1726,42 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on =
else:
user = "33:33"
environment = {
"GRAPH_IDENTITY_BACKEND": "cs3",
"GRAPH_LDAP_SERVER_WRITE_ENABLED": "false",
# Keycloak IDP specific configuration
"PROXY_OIDC_ISSUER": "https://keycloak/auth/realms/owncloud",
"LDAP_IDP": "https://keycloak/auth/realms/owncloud",
"WEB_OIDC_AUTHORITY": "https://keycloak/auth/realms/owncloud",
"WEB_OIDC_CLIENT_ID": "ocis-web",
"WEB_OIDC_METADATA_URL": "https://keycloak/auth/realms/owncloud/.well-known/openid-configuration",
"STORAGE_OIDC_ISSUER": "https://keycloak",
"STORAGE_LDAP_IDP": "https://keycloak/auth/realms/owncloud",
"AUTH_BEARER_OIDC_ISSUER": "https://keycloak",
"WEB_OIDC_SCOPE": "openid profile email owncloud",
# LDAP bind
"STORAGE_LDAP_URI": "ldaps://openldap",
"STORAGE_LDAP_INSECURE": "true",
"STORAGE_LDAP_BIND_DN": "cn=admin,dc=owncloud,dc=com",
"STORAGE_LDAP_BIND_PASSWORD": "admin",
"LDAP_URI": "ldaps://openldap",
"LDAP_INSECURE": "true",
"LDAP_BIND_DN": "cn=admin,dc=owncloud,dc=com",
"LDAP_BIND_PASSWORD": "admin",
# LDAP user settings
"PROXY_AUTOPROVISION_ACCOUNTS": "true", # automatically create users when they login
"PROXY_ACCOUNT_BACKEND_TYPE": "cs3", # proxy should get users from CS3APIS (which gets it from LDAP)
"PROXY_USER_OIDC_CLAIM": "ocis.user.uuid", # claim was added in Keycloak
"PROXY_USER_CS3_CLAIM": "userid", # equals STORAGE_LDAP_USER_SCHEMA_UID
"STORAGE_LDAP_GROUP_BASE_DN": "ou=testgroups,dc=owncloud,dc=com",
"STORAGE_LDAP_GROUP_OBJECTCLASS": "groupOfUniqueNames",
"STORAGE_LDAP_GROUPFILTER": "(objectclass=owncloud)",
"STORAGE_LDAP_GROUP_SCHEMA_DISPLAYNAME": "cn",
"STORAGE_LDAP_GROUP_SCHEMA_GID_NUMBER": "gidnumber",
"STORAGE_LDAP_GROUP_SCHEMA_ID": "cn",
"STORAGE_LDAP_GROUP_SCHEMA_MAIL": "mail",
"STORAGE_LDAP_GROUP_SCHEMA_MEMBER": "cn",
"STORAGE_LDAP_USER_BASE_DN": "ou=testusers,dc=owncloud,dc=com",
"STORAGE_LDAP_USER_OBJECTCLASS": "posixAccount",
"STORAGE_LDAP_USERFILTER": "(objectclass=owncloud)",
"STORAGE_LDAP_USER_SCHEMA_USERNAME": "cn",
"STORAGE_LDAP_USER_SCHEMA_DISPLAYNAME": "displayname",
"STORAGE_LDAP_USER_SCHEMA_GID_NUMBER": "gidnumber",
"STORAGE_LDAP_USER_SCHEMA_MAIL": "mail",
"STORAGE_LDAP_USER_SCHEMA_UID_NUMBER": "uidnumber",
"STORAGE_LDAP_USER_SCHEMA_ID": "ownclouduuid",
"STORAGE_LDAP_LOGIN_ATTRIBUTES": "uid,mail",
"LDAP_GROUP_BASE_DN": "ou=testgroups,dc=owncloud,dc=com",
"LDAP_GROUP_OBJECTCLASS": "groupOfUniqueNames",
"LDAP_GROUPFILTER": "(objectclass=owncloud)",
"LDAP_GROUP_SCHEMA_DISPLAYNAME": "cn",
"LDAP_GROUP_SCHEMA_ID": "cn",
"LDAP_GROUP_SCHEMA_MAIL": "mail",
"LDAP_GROUP_SCHEMA_MEMBER": "cn",
"LDAP_USER_BASE_DN": "ou=testusers,dc=owncloud,dc=com",
"LDAP_USER_OBJECTCLASS": "posixAccount",
"LDAP_USERFILTER": "(objectclass=owncloud)",
"LDAP_USER_SCHEMA_USERNAME": "cn",
"LDAP_USER_SCHEMA_DISPLAYNAME": "displayname",
"LDAP_USER_SCHEMA_MAIL": "mail",
"LDAP_USER_SCHEMA_ID": "ownclouduuid",
"LDAP_LOGIN_ATTRIBUTES": "uid,mail",
# ownCloudSQL storage driver
"STORAGE_HOME_DRIVER": "owncloudsql",
"STORAGE_USERS_DRIVER": "owncloudsql",
"STORAGE_METADATA_DRIVER": "ocis",
"STORAGE_USERS_DRIVER_OWNCLOUDSQL_DATADIR": "/mnt/data/files",
@@ -1758,29 +1776,29 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on =
# TODO: redis is not yet supported
"STORAGE_USERS_DRIVER_OWNCLOUDSQL_REDIS_ADDR": "redis:6379",
# ownCloudSQL sharing driver
"STORAGE_SHARING_USER_DRIVER": "owncloudsql",
"STORAGE_SHARING_USER_SQL_USERNAME": "owncloud",
"STORAGE_SHARING_USER_SQL_PASSWORD": "owncloud",
"STORAGE_SHARING_USER_SQL_HOST": "oc10-db",
"STORAGE_SHARING_USER_SQL_PORT": 3306,
"STORAGE_SHARING_USER_SQL_NAME": "owncloud",
"SHARING_USER_DRIVER": "owncloudsql",
"SHARING_USER_SQL_USERNAME": "owncloud",
"SHARING_USER_SQL_PASSWORD": "owncloud",
"SHARING_USER_SQL_HOST": "oc10-db",
"SHARING_USER_SQL_PORT": 3306,
"SHARING_USER_SQL_NAME": "owncloud",
# ownCloud storage readonly
# TODO: conflict with OWNCLOUDSQL -> https://github.com/owncloud/ocis/issues/2303
"OCIS_STORAGE_READ_ONLY": "false",
# General oCIS config
# OCIS_RUN_EXTENSIONS specifies to start all extensions except glauth, idp and accounts. These are replaced by external services
"OCIS_RUN_EXTENSIONS": "settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,nats,ocdav",
"OCIS_LOG_LEVEL": "error",
"OCIS_LOG_LEVEL": "info",
"OCIS_URL": OCIS_URL,
"PROXY_TLS": "true",
"OCIS_BASE_DATA_PATH": "/mnt/data/ocis",
"OCIS_CONFIG_DIR": "/etc/ocis",
# change default secrets
"OCIS_JWT_SECRET": "Pive-Fumkiu4",
"STORAGE_TRANSFER_SECRET": "replace-me-with-a-transfer-secret",
"OCIS_MACHINE_AUTH_API_KEY": "change-me-please",
"OCIS_INSECURE": "true",
"PROXY_ENABLE_BASIC_AUTH": "true",
"ACCOUNTS_DEMO_USERS_AND_GROUPS": True, # deprecated, remove after switching to LibreIDM
"IDM_CREATE_DEMO_USERS": True,
}
wait_for_ocis = {
@@ -2509,7 +2527,7 @@ def graphApiTests(ctx, part_number = 1, number_of_parts = 1):
},
"steps": skipIfUnchanged(ctx, "acceptance-tests") +
restoreBuildArtifactCache(ctx, "ocis-binary-amd64", "ocis/bin/ocis") +
ocisServerWithIdp() +
ocisServer() +
cloneCoreRepos() + [
{
"name": "Graph-oC10ApiTests-%s-storage-%s" % (storage, part_number),

27
.gitignore vendored
View File

@@ -1,31 +1,32 @@
# coverage reports
*/coverage.out
extensions/*/coverage.out
# unit test reports
*/checkstyle.xml
extensions/*/checkstyle.xml
*/package-lock.json
ocis/config/identifier-registration.yaml
# nodejs / yarn
*/package-lock.json
node_modules/
yarn-error.log
yarn.lock
# build artifacts
*/bin
extensions/*/bin
dist/
/hugo
*.key
*crt
node_modules/
*/assets
extensions/*/assets
ocis/ocis
ocis/cmd/ocis/__debug_bin
ocis/cmd/ocis/config/
# docs
/hugo
# IDEs
.idea
yarn-error.log
yarn.lock
# Konnectd
idp/assets/identifier
# Composer - used for API acceptance tests
composer.lock
vendor

1
.make/release.mk
View File

@@ -11,6 +11,7 @@ release-dirs:
# docker specific packaging flags
DOCKER_LDFLAGS += -X "$(OCIS_REPO)/ocis-pkg/config/defaults.BaseDataPathType=path" -X "$(OCIS_REPO)/ocis-pkg/config/defaults.BaseDataPathValue=/var/lib/ocis"
DOCKER_LDFLAGS += -X "$(OCIS_REPO)/ocis-pkg/config/defaults.BaseConfigPathType=path" -X "$(OCIS_REPO)/ocis-pkg/config/defaults.BaseConfigPathValue=/etc/ocis"
release-linux-docker-amd64: release-dirs
GOOS=linux \

82
CHANGELOG.md
View File

@@ -7,7 +7,11 @@ The following sections list the changes for unreleased.
## Summary
* Bugfix - Return proper errors when ocs/cloud/users is using the cs3 backend: [#3483](https://github.com/owncloud/ocis/issues/3483)
* Bugfix - URL encode the webdav url in the graph API: [#3597](https://github.com/owncloud/ocis/pull/3597)
* Change - Load configuration files just from one directory: [#3587](https://github.com/owncloud/ocis/pull/3587)
* Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787)
* Enhancement - Update linkshare capabilities: [#3579](https://github.com/owncloud/ocis/pull/3579)
* Enhancement - Update reva to v2.x.x: [#3552](https://github.com/owncloud/ocis/pull/3552)
## Details
@@ -18,6 +22,26 @@ The following sections list the changes for unreleased.
https://github.com/owncloud/ocis/issues/3483
* Bugfix - URL encode the webdav url in the graph API: [#3597](https://github.com/owncloud/ocis/pull/3597)
Fixed the webdav URL in the drives responses. Without encoding the URL could be broken by files
with spaces in the file name.
https://github.com/owncloud/ocis/issues/3538
https://github.com/owncloud/ocis/pull/3597
* Change - Load configuration files just from one directory: [#3587](https://github.com/owncloud/ocis/pull/3587)
We've changed the configuration file loading behavior and are now only loading configuration
files from ONE single directory. This directory can be set on compile time or via an environment
variable on startup (`OCIS_CONFIG_DIR`).
We are using following configuration default paths:
- Docker images: `/etc/ocis/` - Binary releases: `$HOME/.ocis/config/`
https://github.com/owncloud/ocis/pull/3587
* Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787)
It is now possible to share a single file by link with edit permissions. Therefore we need a
@@ -26,11 +50,31 @@ The following sections list the changes for unreleased.
https://github.com/owncloud/web/pull/6787
https://github.com/owncloud/ocis/pull/3538
* Enhancement - Update linkshare capabilities: [#3579](https://github.com/owncloud/ocis/pull/3579)
We have updated the capabilities regarding password enforcement and expiration dates of
public links. They were previously hardcoded in a way that didn't reflect the actual backend
functionality anymore.
https://github.com/owncloud/ocis/pull/3579
* Enhancement - Update reva to v2.x.x: [#3552](https://github.com/owncloud/ocis/pull/3552)
Updated reva to version 2.x.x. This update includes:
* TODO
https://github.com/owncloud/ocis/pull/3552
https://github.com/owncloud/ocis/pull/3570
https://github.com/owncloud/ocis/pull/3601
https://github.com/owncloud/ocis/pull/3605
https://github.com/owncloud/ocis/pull/3611
# Changelog for [1.20.0] (2022-04-13)
The following sections list the changes for 1.20.0.
[1.20.0]: https://github.com/owncloud/ocis/compare/v1.19.1...v1.20.0
[1.20.0]: https://github.com/owncloud/ocis/compare/v1.19.0...v1.20.0
## Summary
@@ -198,28 +242,11 @@ The following sections list the changes for 1.20.0.
Group member remove
https://github.com/owncloud/ocis/pull/3467
# Changelog for [1.19.1] (2022-03-29)
The following sections list the changes for 1.19.1.
[1.19.1]: https://github.com/owncloud/ocis/compare/v1.19.0...v1.19.1
## Summary
* Bugfix - Return correct special item urls: [#3419](https://github.com/owncloud/ocis/pull/3419)
## Details
* Bugfix - Return correct special item urls: [#3419](https://github.com/owncloud/ocis/pull/3419)
URLs for Special items (space image, readme) were broken.
https://github.com/owncloud/ocis/pull/3419
# Changelog for [1.19.0] (2022-03-29)
The following sections list the changes for 1.19.0.
[1.19.0]: https://github.com/owncloud/ocis/compare/v1.18.0...v1.19.0
[1.19.0]: https://github.com/owncloud/ocis/compare/v1.19.1...v1.19.0
## Summary
@@ -388,6 +415,23 @@ The following sections list the changes for 1.19.0.
https://github.com/owncloud/ocis/pull/3291
https://github.com/owncloud/ocis/pull/3375
https://github.com/owncloud/web/releases/tag/v5.3.0
# Changelog for [1.19.1] (2022-03-29)
The following sections list the changes for 1.19.1.
[1.19.1]: https://github.com/owncloud/ocis/compare/v1.18.0...v1.19.1
## Summary
* Bugfix - Return correct special item urls: [#3419](https://github.com/owncloud/ocis/pull/3419)
## Details
* Bugfix - Return correct special item urls: [#3419](https://github.com/owncloud/ocis/pull/3419)
URLs for Special items (space image, readme) were broken.
https://github.com/owncloud/ocis/pull/3419
# Changelog for [1.18.0] (2022-03-03)
The following sections list the changes for 1.18.0.

12
changelog/unreleased/change-load-config-from-only-one-dir.md Normal file
View File

@@ -0,0 +1,12 @@
Change: Load configuration files just from one directory
We've changed the configuration file loading behavior and are now only loading
configuration files from ONE single directory. This directory can be set on
compile time or via an environment variable on startup (`OCIS_CONFIG_DIR`).
We are using following configuration default paths:
- Docker images: `/etc/ocis/`
- Binary releases: `$HOME/.ocis/config/`
https://github.com/owncloud/ocis/pull/3587

5
changelog/unreleased/update-linkshare-capabilities.md Normal file
View File

@@ -0,0 +1,5 @@
Enhancement: Update linkshare capabilities
We have updated the capabilities regarding password enforcement and expiration dates of public links. They were previously hardcoded in a way that didn't reflect the actual backend functionality anymore.
https://github.com/owncloud/ocis/pull/3579

11
changelog/unreleased/update-reva.md Normal file
View File

@@ -0,0 +1,11 @@
Enhancement: update reva to v2.x.x
Updated reva to version 2.x.x. This update includes:
* TODO
https://github.com/owncloud/ocis/pull/3552
https://github.com/owncloud/ocis/pull/3570
https://github.com/owncloud/ocis/pull/3601
https://github.com/owncloud/ocis/pull/3605
https://github.com/owncloud/ocis/pull/3611

6
changelog/unreleased/urlencoding-graph-api.md Normal file
View File

@@ -0,0 +1,6 @@
Bugfix: URL encode the webdav url in the graph API
Fixed the webdav URL in the drives responses. Without encoding the URL could be broken by files with spaces in the file name.
https://github.com/owncloud/ocis/pull/3597
https://github.com/owncloud/ocis/issues/3538

7
deployments/examples/ocis_wopi/config/wopiserver/entrypoint-override.sh
View File

@@ -1,4 +1,4 @@
#/bin/sh!
#!/bin/bash
set -e
echo "${WOPISECRET}" > /etc/wopi/wopisecret
@@ -11,6 +11,11 @@ sed -i 's/ocis.owncloud.test/'${OCIS_DOMAIN}'/g' /etc/wopi/wopiserver.conf
sed -i 's/collabora.owncloud.test/'${COLLABORA_DOMAIN}'/g' /etc/wopi/wopiserver.conf
sed -i 's/wopiserver.owncloud.test/'${WOPISERVER_DOMAIN}'/g' /etc/wopi/wopiserver.conf
if [ "$WOPISERVER_INSECURE" == "true" ]; then
sed -i 's/sslverify\s=\sTrue/sslverify = False/g' /etc/wopi/wopiserver.conf
fi
touch /var/log/wopi/wopiserver.log
/app/wopiserver.py &

94
deployments/examples/ocis_wopi/config/wopiserver/wopiserver.conf.dist
View File

@@ -1,27 +1,23 @@
#
# This config is based on https://github.com/cs3org/wopiserver/blob/master/wopiserver.conf
#
# wopiserver.conf
#
# Default configuration file for the WOPI server for CERNBox
# Default configuration file for the WOPI server for oCIS
#
##############################################################
[general]
# Storage access layer to be loaded in order to operate this WOPI server
# Supported values: local, xroot, cs3.
# only "cs3" is supported with oCIS
storagetype = cs3
# Port where to listen for WOPI requests
port = 8880
# URL of your Microsoft Office Online service
#oosurl = https://officeonline.owncloud.test
# URL of your Collabora Online service
#codeurl = https://collabora.owncloud.test
# URL of your CodiMD service
codimdurl = https://codimd.owncloud.test
codimdinturl = http://codimd:3000
# Logging level. Debug enables the Flask debug mode as well.
# Valid values are: Debug, Info, Warning, Error.
loglevel = Error
# URL of your WOPI server or your HA proxy in front of it
wopiurl = https://wopiserver.owncloud.test
@@ -30,40 +26,56 @@ wopiurl = https://wopiserver.owncloud.test
# to clients will include the access_token argument
downloadurl = https://wopiserver.owncloud.test/wopi/cbox/download
# Optional URL prefix for WebDAV access to the files. This enables the
# 'Edit in Desktop client' action on Windows-based clients
webdavurl = https://ocis.owncloud.test/webdav
# The internal server engine to use (defaults to flask).
# Set to waitress for production installations.
internalserver = waitress
# List of file extensions deemed incompatible with LibreOffice:
# interoperable locking will be disabled for such files
nonofficetypes = .md .zmd .txt .epd
# List of file extensions to be supported by Collabora
# List of file extensions to be supported by Collabora (deprecated)
codeofficetypes = .odt .ott .ods .ots .odp .otp .odg .otg .doc .dot .xls .xlt .xlm .ppt .pot .pps .vsd .dxf .wmf .cdr .pages .number .key
# WOPI access token expiration time [seconds]
tokenvalidity = 86400
# WOPI lock expiration time [seconds]
wopilockexpiration = 7200
wopilockexpiration = 3600
# WOPI lock strict check: if True, WOPI locks will be compared according to specs,
# that is their representation must match. False (default) allows for a more relaxed
# comparison, which compensates incorrect lock requests from Microsoft Office Online
# on-premise setups.
#wopilockstrictcheck = False
wopilockstrictcheck = False
# Logging level. Debug enables the Flask debug mode as well.
# Valid values are: Debug, Info, Warning, Error.
loglevel = Info
# Enable support of rename operations from WOPI apps. This is currently
# disabled by default as it has been observed that both MS Office and Collabora
# Online do not play well with this feature.
# Not supported with oCIS, must always be set to "False"
enablerename = False
# Location of the lock files. Currently, two modes are supported:
# if a path is provided, all locks will be stored there with a hashed name,
# otherwise the lock is stored on the same path as the original file.
# This latter mode will eventually be dropped once the system is deemed
# stable enough and lock files are hidden away.
#lockpath = /your_storage/wopilocks
# Detection of external Microsoft Office or LibreOffice locks. By default, lock files
# compatible with Office for Desktop applications are detected, assuming that the
# underlying storage can be mounted as a remote filesystem: in this case, WOPI GetLock
# and SetLock operations return such locks and prevent online apps from entering edit mode.
# This feature can be disabled in order to operate a pure WOPI server for online apps.
# Not supported with oCIS, must always be set to "False"
detectexternallocks = False
# Location of the webconflict files. By default, such files are stored in the same path
# as the original file. If that fails (e.g. because of missing permissions),
# an attempt is made to store such files in this path if specified, otherwise
# the system falls back to the recovery space (cf. io|recoverypath).
# The keywords <user_initial> and <username> are replaced with the actual username's
# initial letter and the actual username, respectively, so you can use e.g.
# /your_storage/home/user_initial/username
#conflictpath = /
# ownCloud's WOPI proxy configuration. Disabled by default.
#wopiproxy = https://external-wopi-proxy.com
#wopiproxysecretfile = /path/to/your/shared-key-file
#proxiedappname = Name of your proxied app
[security]
# Location of the secret files. Requires a restart of the
@@ -82,7 +94,7 @@ wopikey = /etc/grid-security/host.key
[bridge]
# SSL certificate check for the connected apps
sslverify = False
sslverify = True
# Minimal time interval between two consecutive save operations [seconds]
#saveinterval = 200
@@ -90,39 +102,25 @@ sslverify = False
# Minimal time interval before a closed file is WOPI-unlocked [seconds]
#unlockinterval = 90
# CodiMD: disable creating zipped bundles when files contain pictures
#disablezip = False
[io]
# Size used for buffered reads [bytes]
chunksize = 4194304
[xroot]
# URL of the default remote xroot storage server. This can be overridden
# if the end-point is passed on the /wopi/cbox/open call
#storageserver = root://your-xrootd-server.org
# Optional EOS top-level path that will be prepended to all user paths. Useful
# to map the CERNBox-exposed files in a subfolder of the EOS storage. By default,
# this is not used and storagehomepath is empty.
#storagehomepath = /your/top/storage/path
[local]
# Location of the folder or mount point used as local storage
#storagehomepath = /mnt/your_local_storage
# Path to a recovery space in case of I/O errors when reaching to the remote storage.
# This is expected to be a local path, and it is provided in order to ease user support.
# Defaults to the indicated spool folder.
#recoverypath = /var/spool/wopirecovery
[cs3]
# Host and port of the Reva(-like) CS3-compliant GRPC gateway endpoint
revagateway = ocis:9142
# HTTP (WebDAV) endpoint for uploading files
#datagateway = https://your-reva-server.org:port/data
# Reva/gRPC authentication token expiration time [seconds]
# The default value matches Reva's default
authtokenvalidity = 3600
# SSL certificate check for Reva
# oCIS uses self signed certificate in this example
sslverify = false
sslverify = True

3
deployments/examples/ocis_wopi/docker-compose.yml
View File

@@ -173,9 +173,10 @@ services:
networks:
ocis-net:
entrypoint:
- /bin/sh
- /bin/bash
- /entrypoint-override.sh
environment:
WOPISERVER_INSECURE: "${INSECURE:-false}"
WOPISECRET: ${WOPI_JWT_SECRET:-LoremIpsum567}
IOPSECRET: ${WOPI_IOP_SECRET:-LoremIpsum123}
CODIMDSECRET: ${CODIMD_SECRET:-LoremIpsum456}

4
docs/helpers/configenvextractor.go
View File

@@ -56,7 +56,9 @@ func GenerateIntermediateCode(templatePath string, intermediateCodePath string,
func RunIntermediateCode(intermediateCodePath string) {
fmt.Println("Running intermediate go code for " + intermediateCodePath)
os.Setenv("OCIS_BASE_DATA_PATH", "~/.ocis")
defaultPath := "~/.ocis"
os.Setenv("OCIS_BASE_DATA_PATH", defaultPath)
os.Setenv("OCIS_CONFIG_DIR", path.Join(defaultPath, "config"))
out, err := exec.Command("go", "run", intermediateCodePath).Output()
if err != nil {
log.Fatal(err)

13
docs/ocis/config.md
View File

@@ -39,15 +39,16 @@ Let's explore the various flows with examples and workflows.
Let's explore with examples this approach.
#### Expected loading locations:
#### Expected loading locations
- `$HOME/.ocis/config/`
- `/etc/ocis/`
- `.config/`
- docker images: `/etc/ocis/`
- binary releases: `$HOME/.ocis/config/`
followed by the extension name. When configuring the proxy, a valid full path that will get loaded is `$HOME/.ocis/config/proxy.yaml`.
followed by the `<extension name>.yaml`, eg `proxy.yaml` for the extension configuration. You also can put an `ocis.yaml` config file to the expected loading location to use a single config file.
#### Only config files
You can set another directory as config path in the environment variable `OCIS_CONFIG_DIR`. It will then pick the same file names, but from the folder you configured.
#### Only config files
The following config files are present in the default loading locations:

2
docs/ocis/deployment/oc10_ocis_parallel.md
View File

@@ -154,7 +154,7 @@ For a more simple local ocis setup see [Getting started]({{< ref "../getting-sta
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
On Linux and macOS you can add them to your `/etc/hosts` file and on Windows to `C:\Windows\System32\Drivers\etc\hosts` file like this:
```
127.0.0.1 cloud.owncloud.test

2
docs/ocis/deployment/ocis_hello.md
View File

@@ -113,7 +113,7 @@ For a more simple local ocis setup see [Getting started]({{< ref "../getting-sta
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
On Linux and macOS you can add them to your `/etc/hosts` file and on Windows to `C:\Windows\System32\Drivers\etc\hosts` file like this:
```
127.0.0.1 ocis.owncloud.test

3
docs/ocis/deployment/ocis_individual_services.md
View File

@@ -108,7 +108,8 @@ For a more simple local ocis setup see [Getting started]({{< ref "../getting-sta
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
On Linux and macOS you can add them to your `/etc/hosts` file and on Windows to `C:\Windows\System32\Drivers\etc\hosts` file like this:
```
127.0.0.1 ocis.owncloud.test
127.0.0.1 traefik.owncloud.test

3
docs/ocis/deployment/ocis_keycloak.md
View File

@@ -129,7 +129,8 @@ For a more simple local ocis setup see [Getting started]({{< ref "../getting-sta
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
On Linux and macOS you can add them to your `/etc/hosts` file and on Windows to `C:\Windows\System32\Drivers\etc\hosts` file like this:
```
127.0.0.1 ocis.owncloud.test
127.0.0.1 traefik.owncloud.test

2
docs/ocis/deployment/ocis_ldap.md
View File

@@ -113,7 +113,7 @@ For a more simple local ocis setup see [Getting started]({{< ref "../getting-sta
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
On Linux and macOS you can add them to your `/etc/hosts` file and on Windows to `C:\Windows\System32\Drivers\etc\hosts` file like this:
```
127.0.0.1 cloud.owncloud.test

3
docs/ocis/deployment/ocis_s3.md
View File

@@ -125,7 +125,8 @@ For a more simple local ocis setup see [Getting started]({{< ref "../getting-sta
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
On Linux and macOS you can add them to your `/etc/hosts` file and on Windows to `C:\Windows\System32\Drivers\etc\hosts` file like this:
```
127.0.0.1 ocis.owncloud.test
127.0.0.1 traefik.owncloud.test

3
docs/ocis/deployment/ocis_traefik.md
View File

@@ -103,7 +103,8 @@ For a more simple local ocis setup see [Getting started]({{< ref "../getting-sta
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` on Windows to `C:\Windows\System32\Drivers\etc\hosts` file like this:
On Linux and macOS you can add them to your `/etc/hosts` file and on Windows to `C:\Windows\System32\Drivers\etc\hosts` file like this:
```
127.0.0.1 ocis.owncloud.test
127.0.0.1 traefik.owncloud.test

3
docs/ocis/deployment/ocis_wopi.md
View File

@@ -159,7 +159,8 @@ For a more simple local ocis setup see [Getting started]({{< ref "../getting-sta
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
On Linux and macOS you can add them to your `/etc/hosts` file and on Windows to `C:\Windows\System32\Drivers\etc\hosts` file like this:
```
127.0.0.1 ocis.owncloud.test
127.0.0.1 traefik.owncloud.test

17
docs/ocis/deployment/systemd.md
View File

@@ -10,17 +10,18 @@ geekdocFilePath: systemd.md
{{< toc >}}
## Install the oCIS binary
Download the oCIS binary of your preferred version and for your CPU architecture and operating system from [download.owncloud.com](https://download.owncloud.com/ocis/ocis).
Rename the downloaded binary to `ocis` and move it to `/usr/bin/`. As a next step, you need to mark it as executable with `chmod +x /usr/bin/ocis`.
When you now run `ocis help` on your command line, you should see the available options for the oCIS command.
## Systemd service definition
Create the Systemd service definition for oCIS in the file `/etc/systemd/system/ocis.service` with following content:
```
```systemd
[Unit]
Description=OCIS server
@@ -49,16 +50,16 @@ OCIS_INSECURE=false
OCIS_LOG_LEVEL=error
GLAUTH_LDAPS_CERT=/etc/ocis/ldap/ldaps.crt
GLAUTH_LDAPS_KEY=/etc/ocis/ldap/ldaps.key
IDP_TRANSPORT_TLS_CERT=/etc/ocis/idp/server.crt
IDP_TRANSPORT_TLS_KEY=/etc/ocis/idp/server.key
PROXY_TRANSPORT_TLS_CERT=/etc/ocis/proxy/server.crt
PROXY_TRANSPORT_TLS_KEY=/etc/ocis/proxy/server.key
OCIS_CONFIG_DIR=/etc/ocis
OCIS_BASE_DATA_PATH=/var/lib/ocis
```
Since we set `OCIS_CONFIG_DIR` to `/etc/ocis` you can also place configuration files in this directory.
Please change your `OCIS_URL` in order to reflect your actual deployment. If you are using self-signed certificates you need to set `OCIS_INSECURE=true` in `/etc/ocis/ocis.env`.
oCIS will store all data in `/var/lib/ocis`, because we configured it so by setting `OCIS_BASE_DATA_PATH`. Therefore you need to create that directory and make it accessible to the user, you use to start oCIS.
## Starting the oCIS service

2
extensions/accounts/l10n/translations.json
View File

File diff suppressed because one or more lines are too long

76
extensions/storage/pkg/command/appprovider.go → extensions/appprovider/pkg/command/command.go
View File

@@ -9,11 +9,12 @@ import (
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/appprovider/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
@@ -23,12 +24,15 @@ func AppProvider(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "app-provider",
Usage: "start appprovider for providing apps",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-app-provider")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
@@ -51,10 +55,12 @@ func AppProvider(cfg *config.Config) *cli.Command {
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.AppProvider.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -66,7 +72,7 @@ func AppProvider(cfg *config.Config) *cli.Command {
cancel()
})
if !cfg.Reva.AppProvider.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -80,38 +86,36 @@ func appProviderConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.AppProvider.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.AppProvider.GRPCNetwork,
"address": cfg.Reva.AppProvider.GRPCAddr,
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"appprovider": map[string]interface{}{
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"app_provider_url": cfg.Reva.AppProvider.ExternalAddr,
"driver": cfg.Reva.AppProvider.Driver,
"app_provider_url": cfg.ExternalAddr,
"driver": cfg.Driver,
"drivers": map[string]interface{}{
"wopi": map[string]interface{}{
"app_api_key": cfg.Reva.AppProvider.WopiDriver.AppAPIKey,
"app_desktop_only": cfg.Reva.AppProvider.WopiDriver.AppDesktopOnly,
"app_icon_uri": cfg.Reva.AppProvider.WopiDriver.AppIconURI,
"app_int_url": cfg.Reva.AppProvider.WopiDriver.AppInternalURL,
"app_name": cfg.Reva.AppProvider.WopiDriver.AppName,
"app_url": cfg.Reva.AppProvider.WopiDriver.AppURL,
"insecure_connections": cfg.Reva.AppProvider.WopiDriver.Insecure,
"iop_secret": cfg.Reva.AppProvider.WopiDriver.IopSecret,
"jwt_secret": cfg.Reva.AppProvider.WopiDriver.JWTSecret,
"wopi_url": cfg.Reva.AppProvider.WopiDriver.WopiURL,
"app_api_key": cfg.Drivers.WOPI.AppAPIKey,
"app_desktop_only": cfg.Drivers.WOPI.AppDesktopOnly,
"app_icon_uri": cfg.Drivers.WOPI.AppIconURI,
"app_int_url": cfg.Drivers.WOPI.AppInternalURL,
"app_name": cfg.Drivers.WOPI.AppName,
"app_url": cfg.Drivers.WOPI.AppURL,
"insecure_connections": cfg.Drivers.WOPI.Insecure,
"iop_secret": cfg.Drivers.WOPI.IopSecret,
"jwt_secret": cfg.JWTSecret,
"wopi_url": cfg.Drivers.WOPI.WopiURL,
},
},
},
@@ -128,28 +132,28 @@ type AppProviderSutureService struct {
// NewAppProvider creates a new store.AppProviderSutureService
func NewAppProvider(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.AppProvider.Commons = cfg.Commons
return AppProviderSutureService{
cfg: cfg.Storage,
cfg: cfg.AppProvider,
}
}
func (s AppProviderSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.AppProvider.Context = ctx
cmd := AppProvider(s.cfg)
f := &flag.FlagSet{}
cmdFlags := AppProvider(s.cfg).Flags
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if AppProvider(s.cfg).Before != nil {
if err := AppProvider(s.cfg).Before(cliCtx); err != nil {
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := AppProvider(s.cfg).Action(cliCtx); err != nil {
if err := cmd.Action(cliCtx); err != nil {
return err
}

67
extensions/appprovider/pkg/config/config.go Normal file
View File

@@ -0,0 +1,67 @@
package config
import "github.com/owncloud/ocis/ocis-pkg/shared"
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
ExternalAddr string
Driver string
Drivers Drivers
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;APP_PROVIDER_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;APP_PROVIDER_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;APP_PROVIDER_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;APP_PROVIDER_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;APP_PROVIDER_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;APP_PROVIDER_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;APP_PROVIDER_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"APP_PROVIDER_DEBUG_ADDR"`
Token string `yaml:"token" env:"APP_PROVIDER_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"APP_PROVIDER_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"APP_PROVIDER_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"APP_PROVIDER_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"APP_PROVIDER_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type Drivers struct {
WOPI WOPIDriver
}
type WOPIDriver struct {
AppAPIKey string `yaml:"app_api_key"`
AppDesktopOnly bool `yaml:"app_desktop_only"`
AppIconURI string `yaml:"app_icon_uri"`
AppInternalURL string `yaml:"app_internal_url"`
AppName string `yaml:"app_name"`
AppURL string `yaml:"app_url"`
Insecure bool `yaml:"insecure"`
IopSecret string `yaml:"ipo_secret"`
WopiURL string `yaml:"wopi_url"`
}

66
extensions/appprovider/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,66 @@
package defaults
import (
"github.com/owncloud/ocis/extensions/appprovider/pkg/config"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9165",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9164",
Protocol: "tcp",
},
Service: config.Service{
Name: "appprovider",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
Driver: "",
Drivers: config.Drivers{
WOPI: config.WOPIDriver{},
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

114
extensions/storage/pkg/command/authbasic.go → extensions/auth-basic/pkg/command/command.go
View File

@@ -10,38 +10,44 @@ import (
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/auth-basic/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/ldap"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
// AuthBasic is the entrypoint for the auth-basic command.
// Command is the entrypoint for the auth-basic command.
func AuthBasic(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "auth-basic",
Usage: "start authprovider for basic auth",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-auth-basic")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
// pre-create folders
if cfg.Reva.AuthProvider.Driver == "json" && cfg.Reva.AuthProvider.JSON != "" {
if err := os.MkdirAll(filepath.Dir(cfg.Reva.AuthProvider.JSON), os.FileMode(0700)); err != nil {
if cfg.AuthProvider == "json" && cfg.AuthProviders.JSON.File != "" {
if err := os.MkdirAll(filepath.Dir(cfg.AuthProviders.JSON.File), os.FileMode(0700)); err != nil {
return err
}
}
uuid := uuid.Must(uuid.NewV4())
pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+uuid.String()+".pid")
rcfg := authBasicConfigFromStruct(c, cfg)
@@ -50,8 +56,9 @@ func AuthBasic(cfg *config.Config) *cli.Command {
Interface("reva-config", rcfg).
Msg("config")
if cfg.Reva.AuthProvider.Driver == "ldap" {
if err := waitForLDAPCA(logger, &cfg.Reva.LDAP); err != nil {
if cfg.AuthProvider == "ldap" {
ldapCfg := cfg.AuthProviders.LDAP
if err := ldap.WaitForCA(logger, ldapCfg.Insecure, ldapCfg.CACert); err != nil {
logger.Error().Err(err).Msg("The configured LDAP CA cert does not exist")
return err
}
@@ -70,10 +77,12 @@ func AuthBasic(cfg *config.Config) *cli.Command {
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.AuthBasic.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -85,7 +94,7 @@ func AuthBasic(cfg *config.Config) *cli.Command {
cancel()
})
if !cfg.Reva.AuthBasic.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -98,39 +107,38 @@ func AuthBasic(cfg *config.Config) *cli.Command {
func authBasicConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.AuthBasic.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.AuthBasic.GRPCNetwork,
"address": cfg.Reva.AuthBasic.GRPCAddr,
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"authprovider": map[string]interface{}{
"auth_manager": cfg.Reva.AuthProvider.Driver,
"auth_manager": cfg.AuthProvider,
"auth_managers": map[string]interface{}{
"json": map[string]interface{}{
"users": cfg.Reva.AuthProvider.JSON,
"users": cfg.AuthProviders.JSON.File,
},
"ldap": ldapConfigFromString(cfg),
"ldap": ldapConfigFromString(cfg.AuthProviders.LDAP),
"owncloudsql": map[string]interface{}{
"dbusername": cfg.Reva.UserOwnCloudSQL.DBUsername,
"dbpassword": cfg.Reva.UserOwnCloudSQL.DBPassword,
"dbhost": cfg.Reva.UserOwnCloudSQL.DBHost,
"dbport": cfg.Reva.UserOwnCloudSQL.DBPort,
"dbname": cfg.Reva.UserOwnCloudSQL.DBName,
"idp": cfg.Reva.UserOwnCloudSQL.Idp,
"nobody": cfg.Reva.UserOwnCloudSQL.Nobody,
"join_username": cfg.Reva.UserOwnCloudSQL.JoinUsername,
"join_ownclouduuid": cfg.Reva.UserOwnCloudSQL.JoinOwnCloudUUID,
"dbusername": cfg.AuthProviders.OwnCloudSQL.DBUsername,
"dbpassword": cfg.AuthProviders.OwnCloudSQL.DBPassword,
"dbhost": cfg.AuthProviders.OwnCloudSQL.DBHost,
"dbport": cfg.AuthProviders.OwnCloudSQL.DBPort,
"dbname": cfg.AuthProviders.OwnCloudSQL.DBName,
"idp": cfg.AuthProviders.OwnCloudSQL.IDP,
"nobody": cfg.AuthProviders.OwnCloudSQL.Nobody,
"join_username": cfg.AuthProviders.OwnCloudSQL.JoinUsername,
"join_ownclouduuid": cfg.AuthProviders.OwnCloudSQL.JoinOwnCloudUUID,
},
},
},
@@ -147,14 +155,13 @@ type AuthBasicSutureService struct {
// NewAuthBasicSutureService creates a new store.AuthBasicSutureService
func NewAuthBasic(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.AuthBasic.Commons = cfg.Commons
return AuthBasicSutureService{
cfg: cfg.Storage,
cfg: cfg.AuthBasic,
}
}
func (s AuthBasicSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.AuthBasic.Context = ctx
f := &flag.FlagSet{}
cmdFlags := AuthBasic(s.cfg).Flags
for k := range cmdFlags {
@@ -174,3 +181,38 @@ func (s AuthBasicSutureService) Serve(ctx context.Context) error {
return nil
}
func ldapConfigFromString(cfg config.LDAPProvider) map[string]interface{} {
return map[string]interface{}{
"uri": cfg.URI,
"cacert": cfg.CACert,
"insecure": cfg.Insecure,
"bind_username": cfg.BindDN,
"bind_password": cfg.BindPassword,
"user_base_dn": cfg.UserBaseDN,
"group_base_dn": cfg.GroupBaseDN,
"user_filter": cfg.UserFilter,
"group_filter": cfg.GroupFilter,
"user_scope": cfg.UserScope,
"group_scope": cfg.GroupScope,
"user_objectclass": cfg.UserObjectClass,
"group_objectclass": cfg.GroupObjectClass,
"login_attributes": cfg.LoginAttributes,
"idp": cfg.IDP,
"user_schema": map[string]interface{}{
"id": cfg.UserSchema.ID,
"idIsOctetString": cfg.UserSchema.IDIsOctetString,
"mail": cfg.UserSchema.Mail,
"displayName": cfg.UserSchema.DisplayName,
"userName": cfg.UserSchema.Username,
},
"group_schema": map[string]interface{}{
"id": cfg.GroupSchema.ID,
"idIsOctetString": cfg.GroupSchema.IDIsOctetString,
"mail": cfg.GroupSchema.Mail,
"displayName": cfg.GroupSchema.DisplayName,
"groupName": cfg.GroupSchema.Groupname,
"member": cfg.GroupSchema.Member,
},
}
}

109
extensions/auth-basic/pkg/config/config.go Normal file
View File

@@ -0,0 +1,109 @@
package config
import "github.com/owncloud/ocis/ocis-pkg/shared"
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
AuthProvider string `yaml:"auth_provider" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"`
AuthProviders AuthProviders `yaml:"auth_providers"`
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;AUTH_BASIC_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;AUTH_BASIC_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;AUTH_BASIC_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;AUTH_BASIC_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;AUTH_BASIC_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;AUTH_BASIC_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;AUTH_BASIC_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"AUTH_BASIC_DEBUG_ADDR"`
Token string `yaml:"token" env:"AUTH_BASIC_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"AUTH_BASIC_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"AUTH_BASIC_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"AUTH_BASIC_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"AUTH_BASIC_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type AuthProviders struct {
JSON JSONProvider `yaml:"json"`
LDAP LDAPProvider `yaml:"ldap"`
OwnCloudSQL OwnCloudSQLProvider `yaml:"owncloud_sql"`
}
type JSONProvider struct {
File string `yaml:"file" env:"AUTH_BASIC_JSON_PROVIDER_FILE" desc:"The file to which the json provider writes the data."`
}
type LDAPProvider struct {
URI string `env:"LDAP_URI;AUTH_BASIC_LDAP_URI"`
CACert string `env:"LDAP_CACERT;AUTH_BASIC_LDAP_CACERT"`
Insecure bool `env:"LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE"`
BindDN string `env:"LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN"`
BindPassword string `env:"LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD"`
UserBaseDN string `env:"LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN"`
GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN"`
UserScope string `env:"LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE"`
GroupScope string `env:"LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE"`
UserFilter string `env:"LDAP_USERFILTER;AUTH_BASIC_LDAP_USERFILTER"`
GroupFilter string `env:"LDAP_GROUPFILTER;AUTH_BASIC_LDAP_USERFILTER"`
UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"`
GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"`
LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"`
IDP string `env:"OCIS_URL;AUTH_BASIC_IDP_URL"` // TODO what is this for?
GatewayEndpoint string // TODO do we need this here?
UserSchema LDAPUserSchema
GroupSchema LDAPGroupSchema
}
type LDAPUserSchema struct {
ID string `env:"LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID"`
IDIsOctetString bool `env:"LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING"`
Mail string `env:"LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL"`
DisplayName string `env:"LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME"`
Username string `env:"LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME"`
}
type LDAPGroupSchema struct {
ID string `env:"LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID"`
IDIsOctetString bool `env:"LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING"`
Mail string `env:"LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL"`
DisplayName string `env:"LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME"`
Groupname string `env:"LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME"`
Member string `env:"LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER"`
}
type OwnCloudSQLProvider struct {
DBUsername string
DBPassword string
DBHost string
DBPort int
DBName string
IDP string // TODO do we need this?
Nobody int64 // TODO what is this?
JoinUsername bool
JoinOwnCloudUUID bool
}

110
extensions/auth-basic/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,110 @@
package defaults
import (
"path/filepath"
"github.com/owncloud/ocis/extensions/auth-basic/pkg/config"
"github.com/owncloud/ocis/ocis-pkg/config/defaults"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9147",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9146",
Protocol: "tcp",
},
Service: config.Service{
Name: "auth-basic",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
AuthProvider: "ldap",
AuthProviders: config.AuthProviders{
LDAP: config.LDAPProvider{
URI: "ldaps://localhost:9235",
CACert: filepath.Join(defaults.BaseDataPath(), "idm", "ldap.crt"),
Insecure: false,
UserBaseDN: "ou=users,o=libregraph-idm",
GroupBaseDN: "ou=groups,o=libregraph-idm",
UserScope: "sub",
GroupScope: "sub",
LoginAttributes: []string{"uid", "mail"},
UserFilter: "",
GroupFilter: "",
UserObjectClass: "inetOrgPerson",
GroupObjectClass: "groupOfNames",
BindDN: "uid=reva,ou=sysusers,o=libregraph-idm",
BindPassword: "reva",
IDP: "https://localhost:9200",
UserSchema: config.LDAPUserSchema{
ID: "ownclouduuid",
Mail: "mail",
DisplayName: "displayname",
Username: "uid",
},
GroupSchema: config.LDAPGroupSchema{
ID: "ownclouduuid",
Mail: "mail",
DisplayName: "cn",
Groupname: "cn",
Member: "member",
},
},
JSON: config.JSONProvider{},
OwnCloudSQL: config.OwnCloudSQLProvider{
DBUsername: "owncloud",
DBPassword: "secret",
DBHost: "mysql",
DBPort: 3306,
DBName: "owncloud",
IDP: "https://localhost:9200",
Nobody: 90,
JoinUsername: false,
JoinOwnCloudUUID: false,
},
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

64
extensions/storage/pkg/command/authbearer.go → extensions/auth-bearer/pkg/command/command.go
View File

@@ -9,11 +9,12 @@ import (
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/auth-bearer/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
@@ -23,12 +24,15 @@ func AuthBearer(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "auth-bearer",
Usage: "start authprovider for bearer auth",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-auth-bearer")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
@@ -54,10 +58,12 @@ func AuthBearer(cfg *config.Config) *cli.Command {
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.AuthBearer.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -69,7 +75,7 @@ func AuthBearer(cfg *config.Config) *cli.Command {
cancel()
})
if !cfg.Reva.AuthBearer.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -82,32 +88,30 @@ func AuthBearer(cfg *config.Config) *cli.Command {
func authBearerConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
return map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.AuthBearer.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.AuthBearer.GRPCNetwork,
"address": cfg.Reva.AuthBearer.GRPCAddr,
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"authprovider": map[string]interface{}{
"auth_manager": "oidc",
"auth_manager": cfg.AuthProvider,
"auth_managers": map[string]interface{}{
"oidc": map[string]interface{}{
"issuer": cfg.Reva.OIDC.Issuer,
"insecure": cfg.Reva.OIDC.Insecure,
"id_claim": cfg.Reva.OIDC.IDClaim,
"uid_claim": cfg.Reva.OIDC.UIDClaim,
"gid_claim": cfg.Reva.OIDC.GIDClaim,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"issuer": cfg.AuthProviders.OIDC.Issuer,
"insecure": cfg.AuthProviders.OIDC.Insecure,
"id_claim": cfg.AuthProviders.OIDC.IDClaim,
"uid_claim": cfg.AuthProviders.OIDC.UIDClaim,
"gid_claim": cfg.AuthProviders.OIDC.GIDClaim,
},
},
},
@@ -123,28 +127,28 @@ type AuthBearerSutureService struct {
// NewAuthBearerSutureService creates a new gateway.AuthBearerSutureService
func NewAuthBearer(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.AuthBearer.Commons = cfg.Commons
return AuthBearerSutureService{
cfg: cfg.Storage,
cfg: cfg.AuthBearer,
}
}
func (s AuthBearerSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.AuthBearer.Context = ctx
cmd := AuthBearer(s.cfg)
f := &flag.FlagSet{}
cmdFlags := AuthBearer(s.cfg).Flags
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if AuthBearer(s.cfg).Before != nil {
if err := AuthBearer(s.cfg).Before(cliCtx); err != nil {
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := AuthBearer(s.cfg).Action(cliCtx); err != nil {
if err := cmd.Action(cliCtx); err != nil {
return err
}

61
extensions/auth-bearer/pkg/config/config.go Normal file
View File

@@ -0,0 +1,61 @@
package config
import "github.com/owncloud/ocis/ocis-pkg/shared"
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
AuthProvider string `yaml:"auth_provider" env:"AUTH_BEARER_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"`
AuthProviders AuthProviders `yaml:"auth_providers"`
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;AUTH_BEARER_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;AUTH_BEARER_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;AUTH_BEARER_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;AUTH_BEARER_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;AUTH_BEARER_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;AUTH_BEARER_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;AUTH_BEARER_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"AUTH_BEARER_DEBUG_ADDR"`
Token string `yaml:"token" env:"AUTH_BEARER_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"AUTH_BEARER_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"AUTH_BEARER_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"AUTH_BEARER_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type AuthProviders struct {
OIDC OIDCProvider `yaml:"oidc"`
}
type OIDCProvider struct {
Issuer string `yaml:"issuer" env:"OCIS_URL;AUTH_BEARER_OIDC_ISSUER"`
Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE"`
IDClaim string `yaml:"id_claim"`
UIDClaim string `yaml:"uid_claim"`
GIDClaim string `yaml:"gid_claim"`
}

70
extensions/auth-bearer/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,70 @@
package defaults
import (
"github.com/owncloud/ocis/extensions/auth-bearer/pkg/config"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9149",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9148",
Protocol: "tcp",
},
Service: config.Service{
Name: "auth-bearer",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
AuthProvider: "ldap",
AuthProviders: config.AuthProviders{
OIDC: config.OIDCProvider{
Issuer: "https://localhost:9200",
Insecure: false,
IDClaim: "preferred_username",
},
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

56
extensions/storage/pkg/command/authmachine.go → extensions/auth-machine/pkg/command/command.go
View File

@@ -9,11 +9,12 @@ import (
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/auth-machine/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
@@ -23,12 +24,15 @@ func AuthMachine(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "auth-machine",
Usage: "start authprovider for machine auth",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-auth-machine")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
@@ -54,10 +58,12 @@ func AuthMachine(cfg *config.Config) *cli.Command {
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.AuthMachine.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -69,7 +75,7 @@ func AuthMachine(cfg *config.Config) *cli.Command {
cancel()
})
if !cfg.Reva.AuthMachine.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -82,28 +88,27 @@ func AuthMachine(cfg *config.Config) *cli.Command {
func authMachineConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
return map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.AuthMachine.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.AuthMachine.GRPCNetwork,
"address": cfg.Reva.AuthMachine.GRPCAddr,
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"authprovider": map[string]interface{}{
"auth_manager": "machine",
"auth_managers": map[string]interface{}{
"machine": map[string]interface{}{
"api_key": cfg.Reva.AuthMachineConfig.MachineAuthAPIKey,
"gateway_addr": cfg.Reva.Gateway.Endpoint,
"api_key": cfg.AuthProviders.Machine.APIKey,
"gateway_addr": cfg.GatewayEndpoint,
},
},
},
@@ -119,28 +124,29 @@ type AuthMachineSutureService struct {
// NewAuthMachineSutureService creates a new gateway.AuthMachineSutureService
func NewAuthMachine(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.AuthMachine.Commons = cfg.Commons
return AuthMachineSutureService{
cfg: cfg.Storage,
cfg: cfg.AuthMachine,
}
}
func (s AuthMachineSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.AuthMachine.Context = ctx
// s.cfg.Reva.AuthMachine.Context = ctx
cmd := AuthMachine(s.cfg)
f := &flag.FlagSet{}
cmdFlags := AuthMachine(s.cfg).Flags
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if AuthMachine(s.cfg).Before != nil {
if err := AuthMachine(s.cfg).Before(cliCtx); err != nil {
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := AuthMachine(s.cfg).Action(cliCtx); err != nil {
if err := cmd.Action(cliCtx); err != nil {
return err
}

57
extensions/auth-machine/pkg/config/config.go Normal file
View File

@@ -0,0 +1,57 @@
package config
import "github.com/owncloud/ocis/ocis-pkg/shared"
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
AuthProvider string `yaml:"auth_provider" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"`
AuthProviders AuthProviders `yaml:"auth_providers"`
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;AUTH_MACHINE_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;AUTH_MACHINE_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;AUTH_MACHINE_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;AUTH_MACHINE_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;AUTH_MACHINE_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;AUTH_MACHINE_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;AUTH_MACHINE_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"AUTH_MACHINE_DEBUG_ADDR"`
Token string `yaml:"token" env:"AUTH_MACHINE_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"AUTH_MACHINE_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"AUTH_MACHINE_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"AUTH_MACHINE_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"AUTH_MACHINE_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type AuthProviders struct {
Machine MachineProvider `yaml:"machine"`
}
type MachineProvider struct {
APIKey string `yaml:"api_key" env:"OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_PROVIDER_API_KEY" desc:"The api key for the machine auth provider."`
}

68
extensions/auth-machine/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,68 @@
package defaults
import (
"github.com/owncloud/ocis/extensions/auth-machine/pkg/config"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9167",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9166",
Protocol: "tcp",
},
Service: config.Service{
Name: "auth-machine",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
AuthProvider: "ldap",
AuthProviders: config.AuthProviders{
Machine: config.MachineProvider{
APIKey: "change-me-please",
},
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

146
extensions/storage/pkg/command/frontend.go → extensions/frontend/pkg/command/command.go
View File

@@ -12,12 +12,13 @@ import (
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/frontend/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/conversions"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
@@ -31,12 +32,17 @@ func Frontend(cfg *config.Config) *cli.Command {
if err := loadUserAgent(c, cfg); err != nil {
return err
}
return ParseConfig(c, cfg, "storage-frontend")
return nil
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
@@ -59,9 +65,9 @@ func Frontend(cfg *config.Config) *cli.Command {
"enabled": true,
"version": "2.0.0",
"formats": []string{"tar", "zip"},
"archiver_url": cfg.Reva.Archiver.ArchiverURL,
"max_num_files": strconv.FormatInt(cfg.Reva.Archiver.MaxNumFiles, 10),
"max_size": strconv.FormatInt(cfg.Reva.Archiver.MaxSize, 10),
"archiver_url": path.Join("/", cfg.Archiver.Prefix),
"max_num_files": strconv.FormatInt(cfg.Archiver.MaxNumFiles, 10),
"max_size": strconv.FormatInt(cfg.Archiver.MaxSize, 10),
},
}
@@ -69,9 +75,9 @@ func Frontend(cfg *config.Config) *cli.Command {
{
"enabled": true,
"version": "1.0.0",
"apps_url": cfg.Reva.AppProvider.AppsURL,
"open_url": cfg.Reva.AppProvider.OpenURL,
"new_url": cfg.Reva.AppProvider.NewURL,
"apps_url": cfg.AppProvider.AppsURL,
"open_url": cfg.AppProvider.OpenURL,
"new_url": cfg.AppProvider.NewURL,
},
}
@@ -83,16 +89,16 @@ func Frontend(cfg *config.Config) *cli.Command {
"versioning": true,
"archivers": archivers,
"app_providers": appProviders,
"favorites": cfg.Reva.Frontend.Favorites,
"favorites": cfg.EnableFavorites,
}
if cfg.Reva.DefaultUploadProtocol == "tus" {
if cfg.DefaultUploadProtocol == "tus" {
filesCfg["tus_support"] = map[string]interface{}{
"version": "1.0.0",
"resumable": "1.0.0",
"extension": "creation,creation-with-upload",
"http_method_override": cfg.Reva.UploadHTTPMethodOverride,
"max_chunk_size": cfg.Reva.UploadMaxChunkSize,
"http_method_override": cfg.UploadHTTPMethodOverride,
"max_chunk_size": cfg.UploadMaxChunkSize,
}
}
@@ -109,10 +115,12 @@ func Frontend(cfg *config.Config) *cli.Command {
{
server, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.Frontend.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -129,7 +137,7 @@ func Frontend(cfg *config.Config) *cli.Command {
})
}
if !cfg.Reva.Frontend.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -142,78 +150,77 @@ func Frontend(cfg *config.Config) *cli.Command {
func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[string]interface{}) map[string]interface{} {
return map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.Users.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint, // Todo or address?
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint, // Todo or address?
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"http": map[string]interface{}{
"network": cfg.Reva.Frontend.HTTPNetwork,
"address": cfg.Reva.Frontend.HTTPAddr,
"network": cfg.HTTP.Protocol,
"address": cfg.HTTP.Addr,
"middlewares": map[string]interface{}{
"cors": map[string]interface{}{
"allow_credentials": true,
},
"auth": map[string]interface{}{
"credentials_by_user_agent": cfg.Reva.Frontend.Middleware.Auth.CredentialsByUserAgent,
"credentials_by_user_agent": cfg.Middleware.Auth.CredentialsByUserAgent,
"credential_chain": []string{"bearer"},
},
},
// TODO build services dynamically
"services": map[string]interface{}{
"appprovider": map[string]interface{}{
"prefix": cfg.Reva.Frontend.AppProviderPrefix,
"transfer_shared_secret": cfg.Reva.TransferSecret,
"prefix": cfg.AppProvider.Prefix,
"transfer_shared_secret": cfg.TransferSecret,
"timeout": 86400,
"insecure": cfg.Reva.Frontend.AppProviderInsecure,
"insecure": cfg.AppProvider.Insecure,
},
"archiver": map[string]interface{}{
"prefix": cfg.Reva.Frontend.ArchiverPrefix,
"prefix": cfg.Archiver.Prefix,
"timeout": 86400,
"insecure": cfg.Reva.Frontend.ArchiverInsecure,
"max_num_files": cfg.Reva.Archiver.MaxNumFiles,
"max_size": cfg.Reva.Archiver.MaxSize,
"insecure": cfg.Archiver.Insecure,
"max_num_files": cfg.Archiver.MaxNumFiles,
"max_size": cfg.Archiver.MaxSize,
},
"datagateway": map[string]interface{}{
"prefix": cfg.Reva.Frontend.DatagatewayPrefix,
"transfer_shared_secret": cfg.Reva.TransferSecret,
"prefix": cfg.DataGateway.Prefix,
"transfer_shared_secret": cfg.TransferSecret,
"timeout": 86400,
"insecure": true,
},
"ocs": map[string]interface{}{
"storage_registry_svc": cfg.Reva.Gateway.Endpoint,
"share_prefix": cfg.Reva.Frontend.OCSSharePrefix,
"home_namespace": cfg.Reva.Frontend.OCSHomeNamespace,
"resource_info_cache_ttl": cfg.Reva.Frontend.OCSResourceInfoCacheTTL,
"prefix": cfg.Reva.Frontend.OCSPrefix,
"additional_info_attribute": cfg.Reva.Frontend.OCSAdditionalInfoAttribute,
"machine_auth_apikey": cfg.Reva.AuthMachineConfig.MachineAuthAPIKey,
"cache_warmup_driver": cfg.Reva.Frontend.OCSCacheWarmupDriver,
"storage_registry_svc": cfg.GatewayEndpoint,
"share_prefix": cfg.OCS.SharePrefix,
"home_namespace": cfg.OCS.HomeNamespace,
"resource_info_cache_ttl": cfg.OCS.ResourceInfoCacheTTL,
"prefix": cfg.OCS.Prefix,
"additional_info_attribute": cfg.OCS.AdditionalInfoAttribute,
"machine_auth_apikey": cfg.AuthMachine.APIKey,
"cache_warmup_driver": cfg.OCS.CacheWarmupDriver,
"cache_warmup_drivers": map[string]interface{}{
"cbox": map[string]interface{}{
"db_username": cfg.Reva.Sharing.UserSQLUsername,
"db_password": cfg.Reva.Sharing.UserSQLPassword,
"db_host": cfg.Reva.Sharing.UserSQLHost,
"db_port": cfg.Reva.Sharing.UserSQLPort,
"db_name": cfg.Reva.Sharing.UserSQLName,
"namespace": cfg.Reva.UserStorage.EOS.Root,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"db_username": cfg.OCS.CacheWarmupDrivers.CBOX.DBUsername,
"db_password": cfg.OCS.CacheWarmupDrivers.CBOX.DBPassword,
"db_host": cfg.OCS.CacheWarmupDrivers.CBOX.DBHost,
"db_port": cfg.OCS.CacheWarmupDrivers.CBOX.DBPort,
"db_name": cfg.OCS.CacheWarmupDrivers.CBOX.DBName,
"namespace": cfg.OCS.CacheWarmupDrivers.CBOX.Namespace,
"gatewaysvc": cfg.GatewayEndpoint,
},
},
"config": map[string]interface{}{
"version": "1.7",
"website": "ownCloud",
"host": cfg.Reva.Frontend.PublicURL,
"host": cfg.PublicURL,
"contact": "",
"ssl": "false",
},
"default_upload_protocol": cfg.Reva.DefaultUploadProtocol,
"default_upload_protocol": cfg.DefaultUploadProtocol,
"capabilities": map[string]interface{}{
"capabilities": map[string]interface{}{
"core": map[string]interface{}{
@@ -232,8 +239,8 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s
"support_url_signing": true,
},
"checksums": map[string]interface{}{
"supported_types": cfg.Reva.ChecksumSupportedTypes,
"preferred_upload_type": cfg.Reva.ChecksumPreferredUploadType,
"supported_types": cfg.Checksums.SupportedTypes,
"preferred_upload_type": cfg.Checksums.PreferredUploadType,
},
"files": filesCfg,
"dav": map[string]interface{}{
@@ -256,15 +263,15 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s
"multiple": true,
"supports_upload_only": true,
"password": map[string]interface{}{
"enforced": true,
"enforced": false,
"enforced_for": map[string]interface{}{
"read_only": true,
"read_write": true,
"upload_only": true,
"read_only": false,
"read_write": false,
"upload_only": false,
},
},
"expire_date": map[string]interface{}{
"enabled": false,
"enabled": true,
},
"can_edit": true,
},
@@ -289,7 +296,7 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s
},
"spaces": map[string]interface{}{
"version": "0.0.1",
"enabled": cfg.Reva.Frontend.ProjectSpaces,
"enabled": cfg.EnableProjectSpaces,
},
},
"version": map[string]interface{}{
@@ -315,7 +322,7 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s
// have the indexes reversed and the tuple is in the format of [challenge:user-agent], then the same process is applied
// in reverse for each individual part
func loadUserAgent(c *cli.Context, cfg *config.Config) error {
cfg.Reva.Frontend.Middleware.Auth.CredentialsByUserAgent = make(map[string]string)
cfg.Middleware.Auth.CredentialsByUserAgent = make(map[string]string)
locks := c.StringSlice("user-agent-whitelist-lock-in")
for _, v := range locks {
@@ -325,7 +332,7 @@ func loadUserAgent(c *cli.Context, cfg *config.Config) error {
return fmt.Errorf("unexpected config value for user-agent lock-in: %v, expected format is user-agent:challenge", v)
}
cfg.Reva.Frontend.Middleware.Auth.CredentialsByUserAgent[conversions.Reverse(parts[1])] = conversions.Reverse(parts[0])
cfg.Middleware.Auth.CredentialsByUserAgent[conversions.Reverse(parts[1])] = conversions.Reverse(parts[0])
}
return nil
@@ -338,28 +345,29 @@ type FrontendSutureService struct {
// NewFrontend creates a new frontend.FrontendSutureService
func NewFrontend(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.Frontend.Commons = cfg.Commons
return FrontendSutureService{
cfg: cfg.Storage,
cfg: cfg.Frontend,
}
}
func (s FrontendSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.Frontend.Context = ctx
// s.cfg.Reva.Frontend.Context = ctx
cmd := Frontend(s.cfg)
f := &flag.FlagSet{}
cmdFlags := Frontend(s.cfg).Flags
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if Frontend(s.cfg).Before != nil {
if err := Frontend(s.cfg).Before(cliCtx); err != nil {
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := Frontend(s.cfg).Action(cliCtx); err != nil {
if err := cmd.Action(cliCtx); err != nil {
return err
}

130
extensions/frontend/pkg/config/config.go Normal file
View File

@@ -0,0 +1,130 @@
package config
import "github.com/owncloud/ocis/ocis-pkg/shared"
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
HTTP HTTPConfig `yaml:"http"`
// JWTSecret used to verify reva access token
JWTSecret string `yaml:"jwt_secret"`
GatewayEndpoint string
SkipUserGroupsInToken bool
EnableFavorites bool `yaml:"favorites"`
EnableProjectSpaces bool
UploadMaxChunkSize int `yaml:"upload_max_chunk_size"`
UploadHTTPMethodOverride string `yaml:"upload_http_method_override"`
DefaultUploadProtocol string `yaml:"default_upload_protocol"`
TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"`
PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL"`
Archiver Archiver
AppProvider AppProvider
DataGateway DataGateway
OCS OCS
AuthMachine AuthMachine
Checksums Checksums
Middleware Middleware
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;FRONTEND_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"FRONTEND_DEBUG_ADDR"`
Token string `yaml:"token" env:"FRONTEND_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"FRONTEND_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"FRONTEND_DEBUG_ZPAGES"`
}
type HTTPConfig struct {
Addr string `yaml:"addr" env:"FRONTEND_HTTP_ADDR" desc:"The address of the http service."`
Protocol string `yaml:"protocol" env:"FRONTEND_HTTP_PROTOCOL" desc:"The transport protocol of the http service."`
Prefix string `yaml:"prefix"`
}
// Middleware configures reva middlewares.
type Middleware struct {
Auth Auth `yaml:"auth"`
}
// Auth configures reva http auth middleware.
type Auth struct {
CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"`
}
type Archiver struct {
MaxNumFiles int64 `yaml:"max_num_files"`
MaxSize int64 `yaml:"max_size"`
Prefix string
Insecure bool `env:"OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE"`
}
type AppProvider struct {
ExternalAddr string `yaml:"external_addr"`
Driver string `yaml:"driver"`
// WopiDriver WopiDriver `yaml:"wopi_driver"`
AppsURL string `yaml:"apps_url"`
OpenURL string `yaml:"open_url"`
NewURL string `yaml:"new_url"`
Prefix string
Insecure bool `env:"OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE"`
}
type DataGateway struct {
Prefix string
}
type OCS struct {
Prefix string `yaml:"prefix"`
SharePrefix string `yaml:"share_prefix"`
HomeNamespace string `yaml:"home_namespace"`
AdditionalInfoAttribute string `yaml:"additional_info_attribute"`
ResourceInfoCacheTTL int `yaml:"resource_info_cache_ttl"`
CacheWarmupDriver string `yaml:"cache_warmup_driver"`
CacheWarmupDrivers CacheWarmupDrivers
}
type CacheWarmupDrivers struct {
CBOX CBOXDriver
}
type CBOXDriver struct {
DBUsername string
DBPassword string
DBHost string
DBPort int
DBName string
Namespace string
}
type AuthMachine struct {
APIKey string `env:"OCIS_MACHINE_AUTH_API_KEY"`
}
type Checksums struct {
SupportedTypes []string `yaml:"supported_types"`
PreferredUploadType string `yaml:"preferred_upload_type"`
}

103
extensions/frontend/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,103 @@
package defaults
import (
"github.com/owncloud/ocis/extensions/frontend/pkg/config"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9141",
Token: "",
Pprof: false,
Zpages: false,
},
HTTP: config.HTTPConfig{
Addr: "127.0.0.1:9140",
Protocol: "tcp",
Prefix: "",
},
Service: config.Service{
Name: "frontend",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
PublicURL: "https://localhost:9200",
EnableFavorites: false,
EnableProjectSpaces: true,
UploadMaxChunkSize: 1e+8,
UploadHTTPMethodOverride: "",
DefaultUploadProtocol: "tus",
TransferSecret: "replace-me-with-a-transfer-secret",
Checksums: config.Checksums{
SupportedTypes: []string{"sha1", "md5", "adler32"},
PreferredUploadType: "",
},
AppProvider: config.AppProvider{
Prefix: "",
Insecure: false,
},
Archiver: config.Archiver{
Insecure: false,
Prefix: "archiver",
MaxNumFiles: 10000,
MaxSize: 1073741824,
},
DataGateway: config.DataGateway{
Prefix: "data",
},
OCS: config.OCS{
Prefix: "ocs",
SharePrefix: "/Shares",
HomeNamespace: "/users/{{.Id.OpaqueId}}",
CacheWarmupDriver: "",
AdditionalInfoAttribute: "{{.Mail}}",
ResourceInfoCacheTTL: 0,
},
AuthMachine: config.AuthMachine{
APIKey: "change-me-please",
},
Middleware: config.Middleware{
Auth: config.Auth{
CredentialsByUserAgent: map[string]string{},
},
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

160
extensions/storage/pkg/command/gateway.go → extensions/gateway/pkg/command/command.go
View File

@@ -10,17 +10,17 @@ import (
"strings"
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/cs3org/reva/v2/pkg/utils"
"github.com/gofrs/uuid"
"github.com/mitchellh/mapstructure"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/gateway/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/service/external"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/shared"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/owncloud/ocis/ocis-pkg/version"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
@@ -32,19 +32,21 @@ func Gateway(cfg *config.Config) *cli.Command {
Name: "gateway",
Usage: "start gateway",
Before: func(c *cli.Context) error {
if err := ParseConfig(c, cfg, "storage-gateway"); err != nil {
return err
}
if cfg.Reva.DataGateway.PublicURL == "" {
cfg.Reva.DataGateway.PublicURL = strings.TrimRight(cfg.Reva.Frontend.PublicURL, "/") + "/data"
if cfg.DataGatewayPublicURL == "" {
cfg.DataGatewayPublicURL = strings.TrimRight(cfg.FrontendPublicURL, "/") + "/data"
}
return nil
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
uuid := uuid.Must(uuid.NewV4())
@@ -62,7 +64,7 @@ func Gateway(cfg *config.Config) *cli.Command {
ctx,
"com.owncloud.storage",
uuid.String(),
cfg.Reva.Gateway.GRPCAddr,
cfg.GRPC.Addr,
version.String,
logger,
)
@@ -87,10 +89,12 @@ func Gateway(cfg *config.Config) *cli.Command {
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.Gateway.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -102,7 +106,7 @@ func Gateway(cfg *config.Config) *cli.Command {
cancel()
})
if !cfg.Reva.Gateway.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -115,56 +119,55 @@ func Gateway(cfg *config.Config) *cli.Command {
func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logger) map[string]interface{} {
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.Users.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.Gateway.GRPCNetwork,
"address": cfg.Reva.Gateway.GRPCAddr,
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"gateway": map[string]interface{}{
// registries is located on the gateway
"authregistrysvc": cfg.Reva.Gateway.Endpoint,
"storageregistrysvc": cfg.Reva.Gateway.Endpoint,
"appregistrysvc": cfg.Reva.Gateway.Endpoint,
"authregistrysvc": cfg.GatewayEndpoint,
"storageregistrysvc": cfg.GatewayEndpoint,
"appregistrysvc": cfg.GatewayEndpoint,
// user metadata is located on the users services
"preferencessvc": cfg.Reva.Users.Endpoint,
"userprovidersvc": cfg.Reva.Users.Endpoint,
"groupprovidersvc": cfg.Reva.Groups.Endpoint,
"permissionssvc": cfg.Reva.Permissions.Endpoint,
"preferencessvc": cfg.UsersEndpoint,
"userprovidersvc": cfg.UsersEndpoint,
"groupprovidersvc": cfg.GroupsEndpoint,
"permissionssvc": cfg.PermissionsEndpoint,
// sharing is located on the sharing service
"usershareprovidersvc": cfg.Reva.Sharing.Endpoint,
"publicshareprovidersvc": cfg.Reva.Sharing.Endpoint,
"ocmshareprovidersvc": cfg.Reva.Sharing.Endpoint,
"commit_share_to_storage_grant": cfg.Reva.Gateway.CommitShareToStorageGrant,
"commit_share_to_storage_ref": cfg.Reva.Gateway.CommitShareToStorageRef,
"share_folder": cfg.Reva.Gateway.ShareFolder, // ShareFolder is the location where to create shares in the recipient's storage provider.
"usershareprovidersvc": cfg.SharingEndpoint,
"publicshareprovidersvc": cfg.SharingEndpoint,
"ocmshareprovidersvc": cfg.SharingEndpoint,
"commit_share_to_storage_grant": cfg.CommitShareToStorageGrant,
"commit_share_to_storage_ref": cfg.CommitShareToStorageRef,
"share_folder": cfg.ShareFolder, // ShareFolder is the location where to create shares in the recipient's storage provider.
// other
"disable_home_creation_on_login": cfg.Reva.Gateway.DisableHomeCreationOnLogin,
"datagateway": cfg.Reva.DataGateway.PublicURL,
"transfer_shared_secret": cfg.Reva.TransferSecret,
"transfer_expires": cfg.Reva.TransferExpires,
"home_mapping": cfg.Reva.Gateway.HomeMapping,
"etag_cache_ttl": cfg.Reva.Gateway.EtagCacheTTL,
"disable_home_creation_on_login": cfg.DisableHomeCreationOnLogin,
"datagateway": cfg.DataGatewayPublicURL,
"transfer_shared_secret": cfg.TransferSecret,
"transfer_expires": cfg.TransferExpires,
"home_mapping": cfg.HomeMapping,
"etag_cache_ttl": cfg.EtagCacheTTL,
},
"authregistry": map[string]interface{}{
"driver": "static",
"drivers": map[string]interface{}{
"static": map[string]interface{}{
"rules": map[string]interface{}{
"basic": cfg.Reva.AuthBasic.Endpoint,
"bearer": cfg.Reva.AuthBearer.Endpoint,
"machine": cfg.Reva.AuthMachine.Endpoint,
"publicshares": cfg.Reva.StoragePublicLink.Endpoint,
"basic": cfg.AuthBasicEndpoint,
"bearer": cfg.AuthBearerEndpoint,
"machine": cfg.AuthMachineEndpoint,
"publicshares": cfg.StoragePublicLinkEndpoint,
},
},
},
@@ -178,7 +181,7 @@ func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logg
},
},
"storageregistry": map[string]interface{}{
"driver": cfg.Reva.StorageRegistry.Driver,
"driver": cfg.StorageRegistry.Driver,
"drivers": map[string]interface{}{
"spaces": map[string]interface{}{
"providers": spacesProviders(cfg, logger),
@@ -194,20 +197,20 @@ func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logg
func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[string]interface{} {
// if a list of rules is given it overrides the generated rules from below
if len(cfg.Reva.StorageRegistry.Rules) > 0 {
if len(cfg.StorageRegistry.Rules) > 0 {
rules := map[string]map[string]interface{}{}
for i := range cfg.Reva.StorageRegistry.Rules {
parts := strings.SplitN(cfg.Reva.StorageRegistry.Rules[i], "=", 2)
for i := range cfg.StorageRegistry.Rules {
parts := strings.SplitN(cfg.StorageRegistry.Rules[i], "=", 2)
rules[parts[0]] = map[string]interface{}{"address": parts[1]}
}
return rules
}
// check if the rules have to be read from a json file
if cfg.Reva.StorageRegistry.JSON != "" {
data, err := ioutil.ReadFile(cfg.Reva.StorageRegistry.JSON)
if cfg.StorageRegistry.JSON != "" {
data, err := ioutil.ReadFile(cfg.StorageRegistry.JSON)
if err != nil {
logger.Error().Err(err).Msg("Failed to read storage registry rules from JSON file: " + cfg.Reva.StorageRegistry.JSON)
logger.Error().Err(err).Msg("Failed to read storage registry rules from JSON file: " + cfg.StorageRegistry.JSON)
return nil
}
var rules map[string]map[string]interface{}
@@ -220,7 +223,8 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
// generate rules based on default config
return map[string]map[string]interface{}{
cfg.Reva.StorageUsers.Endpoint: {
cfg.StorageUsersEndpoint: {
"providerid": "1284d238-aa92-42ce-bdc4-0b0000009157",
"spaces": map[string]interface{}{
"personal": map[string]interface{}{
"mount_point": "/users",
@@ -232,7 +236,8 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
},
},
},
cfg.Reva.StorageShares.Endpoint: {
cfg.StorageSharesEndpoint: {
"providerid": utils.ShareStorageProviderID,
"spaces": map[string]interface{}{
"virtual": map[string]interface{}{
// The root of the share jail is mounted here
@@ -251,7 +256,8 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
},
},
// public link storage returns the mount id of the actual storage
cfg.Reva.StoragePublicLink.Endpoint: {
cfg.StoragePublicLinkEndpoint: {
"providerid": utils.PublicStorageProviderID,
"spaces": map[string]interface{}{
"grant": map[string]interface{}{
"mount_point": ".",
@@ -281,10 +287,10 @@ func mimetypes(cfg *config.Config, logger log.Logger) []map[string]interface{} {
var m []map[string]interface{}
// load default app mimetypes from a json file
if cfg.Reva.AppRegistry.MimetypesJSON != "" {
data, err := ioutil.ReadFile(cfg.Reva.AppRegistry.MimetypesJSON)
if cfg.AppRegistry.MimetypesJSON != "" {
data, err := ioutil.ReadFile(cfg.AppRegistry.MimetypesJSON)
if err != nil {
logger.Error().Err(err).Msg("Failed to read app registry mimetypes from JSON file: " + cfg.Reva.AppRegistry.MimetypesJSON)
logger.Error().Err(err).Msg("Failed to read app registry mimetypes from JSON file: " + cfg.AppRegistry.MimetypesJSON)
return nil
}
if err = json.Unmarshal(data, &mimetypes); err != nil {
@@ -385,56 +391,30 @@ type GatewaySutureService struct {
// NewGatewaySutureService creates a new gateway.GatewaySutureService
func NewGateway(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.Gateway.Commons = cfg.Commons
return GatewaySutureService{
cfg: cfg.Storage,
cfg: cfg.Gateway,
}
}
func (s GatewaySutureService) Serve(ctx context.Context) error {
s.cfg.Reva.Gateway.Context = ctx
cmd := Gateway(s.cfg)
f := &flag.FlagSet{}
cmdFlags := Gateway(s.cfg).Flags
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if Gateway(s.cfg).Before != nil {
if err := Gateway(s.cfg).Before(cliCtx); err != nil {
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := Gateway(s.cfg).Action(cliCtx); err != nil {
if err := cmd.Action(cliCtx); err != nil {
return err
}
return nil
}
// ParseConfig loads accounts configuration from known paths.
func ParseConfig(c *cli.Context, cfg *config.Config, storageExtension string) error {
conf, err := ociscfg.BindSourcesToStructs(storageExtension, cfg)
if err != nil {
return err
}
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Log = &shared.Log{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Log == nil {
cfg.Log = &shared.Log{}
}
// load all env variables relevant to the config in the current context.
conf.LoadOSEnv(config.GetEnv(cfg), false)
bindings := config.StructMappings(cfg)
return ociscfg.BindEnv(conf, bindings)
}

82
extensions/gateway/pkg/config/config.go Normal file
View File

@@ -0,0 +1,82 @@
package config
import "github.com/owncloud/ocis/ocis-pkg/shared"
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
CommitShareToStorageGrant bool
CommitShareToStorageRef bool
ShareFolder string
DisableHomeCreationOnLogin bool
TransferSecret string `env:"STORAGE_TRANSFER_SECRET"`
TransferExpires int
HomeMapping string
EtagCacheTTL int
UsersEndpoint string
GroupsEndpoint string
PermissionsEndpoint string
SharingEndpoint string
DataGatewayPublicURL string
FrontendPublicURL string `env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL"`
AuthBasicEndpoint string
AuthBearerEndpoint string
AuthMachineEndpoint string
StoragePublicLinkEndpoint string
StorageUsersEndpoint string
StorageSharesEndpoint string
StorageRegistry StorageRegistry
AppRegistry AppRegistry
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GATEWAY_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;GATEWAY_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;GATEWAY_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;GATEWAY_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;GATEWAY_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;GATEWAY_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;GATEWAY_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;GATEWAY_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"GATEWAY_DEBUG_ADDR"`
Token string `yaml:"token" env:"GATEWAY_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"GATEWAY_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"GATEWAY_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"GATEWAY_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"GATEWAY_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type StorageRegistry struct {
Driver string
Rules []string
JSON string
}
type AppRegistry struct {
MimetypesJSON string
}

92
extensions/gateway/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,92 @@
package defaults
import (
"github.com/owncloud/ocis/extensions/gateway/pkg/config"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9143",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9142",
Protocol: "tcp",
},
Service: config.Service{
Name: "gateway",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
CommitShareToStorageGrant: true,
CommitShareToStorageRef: true,
ShareFolder: "Shares",
DisableHomeCreationOnLogin: true,
TransferSecret: "replace-me-with-a-transfer-secret",
TransferExpires: 24 * 60 * 60,
HomeMapping: "",
EtagCacheTTL: 0,
UsersEndpoint: "localhost:9144",
GroupsEndpoint: "localhost:9160",
PermissionsEndpoint: "localhost:9191",
SharingEndpoint: "localhost:9150",
DataGatewayPublicURL: "",
FrontendPublicURL: "https://localhost:9200",
AuthBasicEndpoint: "localhost:9146",
AuthBearerEndpoint: "localhost:9148",
AuthMachineEndpoint: "localhost:9166",
StoragePublicLinkEndpoint: "localhost:9178",
StorageUsersEndpoint: "localhost:9157",
StorageSharesEndpoint: "localhost:9154",
StorageRegistry: config.StorageRegistry{
Driver: "spaces",
JSON: "",
},
AppRegistry: config.AppRegistry{
MimetypesJSON: "",
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

2
extensions/glauth/pkg/config/defaults/defaultconfig.go
View File

@@ -86,5 +86,5 @@ func EnsureDefaults(cfg *config.Config) {
}
func Sanitize(cfg *config.Config) {
// nothing to santizie here atm
// nothing to sanitize here atm
}

16
extensions/graph/pkg/config/defaults/defaultconfig.go
View File

@@ -33,15 +33,15 @@ func DefaultConfig() *config.Config {
Insecure: false,
},
Identity: config.Identity{
Backend: "cs3",
Backend: "ldap",
LDAP: config.LDAP{
URI: "ldap://localhost:9125",
Insecure: false,
BindDN: "",
BindPassword: "",
URI: "ldaps://localhost:9235",
Insecure: true,
BindDN: "uid=libregraph,ou=sysusers,o=libregraph-idm",
BindPassword: "idm",
UseServerUUID: false,
WriteEnabled: false,
UserBaseDN: "ou=users,dc=ocis,dc=test",
WriteEnabled: true,
UserBaseDN: "ou=users,o=libregraph-idm",
UserSearchScope: "sub",
UserFilter: "",
UserObjectClass: "inetOrgPerson",
@@ -51,7 +51,7 @@ func DefaultConfig() *config.Config {
// FIXME: switch this to some more widely available attribute by default
// ideally this needs to be constant for the lifetime of a users
UserIDAttribute: "owncloudUUID",
GroupBaseDN: "ou=groups,dc=ocis,dc=test",
GroupBaseDN: "ou=groups,o=libregraph-idm",
GroupSearchScope: "sub",
GroupFilter: "",
GroupObjectClass: "groupOfNames",

34
extensions/graph/pkg/service/v0/driveitems.go
View File

@@ -77,11 +77,11 @@ func (g Graph) GetRootDriveChildren(w http.ResponseWriter, r *http.Request) {
render.JSON(w, r, &listResponse{Value: files})
}
func (g Graph) getDriveItem(ctx context.Context, root *storageprovider.ResourceId) (*libregraph.DriveItem, error) {
func (g Graph) getDriveItem(ctx context.Context, root storageprovider.ResourceId) (*libregraph.DriveItem, error) {
client := g.GetGatewayClient()
ref := &storageprovider.Reference{
ResourceId: root,
ResourceId: &root,
}
res, err := client.Stat(ctx, &storageprovider.StatRequest{Ref: ref})
if err != nil {
@@ -196,18 +196,16 @@ func cs3ResourceToRemoteItem(res *storageprovider.ResourceInfo) (*libregraph.Rem
return remoteItem, nil
}
func (g Graph) getPathForResource(ctx context.Context, ID *storageprovider.ResourceId) (*string, error) {
func (g Graph) getPathForResource(ctx context.Context, id storageprovider.ResourceId) (string, error) {
client := g.GetGatewayClient()
var path *string
res, err := client.GetPath(ctx, &storageprovider.GetPathRequest{ResourceId: ID})
res, err := client.GetPath(ctx, &storageprovider.GetPathRequest{ResourceId: &id})
if err != nil {
return nil, err
return "", err
}
if res.Status.Code != cs3rpc.Code_CODE_OK {
return nil, fmt.Errorf("could not stat %s: %s", ID, res.Status.Message)
return "", fmt.Errorf("could not stat %v: %s", id, res.Status.Message)
}
path = &res.Path
return path, err
return res.Path, err
}
// GetExtendedSpaceProperties reads properties from the opaque and transforms them into driveItems
@@ -221,7 +219,7 @@ func (g Graph) GetExtendedSpaceProperties(ctx context.Context, baseURL *url.URL,
for _, itemName := range names {
if itemID, ok := metadata[itemName]; ok {
spaceItem := g.getSpecialDriveItem(ctx, resourceid.OwnCloudResourceIDUnwrap(string(itemID.Value)), itemName, baseURL, space)
spaceItem := g.getSpecialDriveItem(ctx, *resourceid.OwnCloudResourceIDUnwrap(string(itemID.Value)), itemName, baseURL, space)
if spaceItem != nil {
spaceItems = append(spaceItems, *spaceItem)
}
@@ -230,24 +228,26 @@ func (g Graph) GetExtendedSpaceProperties(ctx context.Context, baseURL *url.URL,
return spaceItems
}
func (g Graph) getSpecialDriveItem(ctx context.Context, ID *storageprovider.ResourceId, itemName string, baseURL *url.URL, space *storageprovider.StorageSpace) *libregraph.DriveItem {
func (g Graph) getSpecialDriveItem(ctx context.Context, id storageprovider.ResourceId, itemName string, baseURL *url.URL, space *storageprovider.StorageSpace) *libregraph.DriveItem {
var spaceItem *libregraph.DriveItem
if ID == nil {
if id.StorageId == "" && id.OpaqueId == "" {
return nil
}
spaceItem, err := g.getDriveItem(ctx, ID)
spaceItem, err := g.getDriveItem(ctx, id)
if err != nil {
g.logger.Error().Err(err).Str("ID", ID.OpaqueId).Msg("Could not get readme Item")
g.logger.Error().Err(err).Str("ID", id.OpaqueId).Msg("Could not get readme Item")
return nil
}
itemPath, err := g.getPathForResource(ctx, ID)
itemPath, err := g.getPathForResource(ctx, id)
if err != nil {
g.logger.Error().Err(err).Str("ID", ID.OpaqueId).Msg("Could not get readme path")
g.logger.Error().Err(err).Str("ID", id.OpaqueId).Msg("Could not get readme path")
return nil
}
spaceItem.SpecialFolder = &libregraph.SpecialFolder{Name: libregraph.PtrString(itemName)}
spaceItem.WebDavUrl = libregraph.PtrString(baseURL.String() + path.Join(space.Id.OpaqueId, *itemPath))
webdavURL := *baseURL
webdavURL.Path = path.Join(webdavURL.Path, space.Id.OpaqueId, itemPath)
spaceItem.WebDavUrl = libregraph.PtrString(webdavURL.String())
return spaceItem
}

2
extensions/graph/pkg/service/v0/drives.go
View File

@@ -94,7 +94,7 @@ func (g Graph) GetDrives(w http.ResponseWriter, r *http.Request) {
// GetSingleDrive does a lookup of a single space by spaceId
func (g Graph) GetSingleDrive(w http.ResponseWriter, r *http.Request) {
driveID := chi.URLParam(r, "driveID")
driveID, _ := url.PathUnescape(chi.URLParam(r, "driveID"))
if driveID == "" {
err := fmt.Errorf("no valid space id retrieved")
g.logger.Err(err)

113
extensions/storage/pkg/command/groups.go → extensions/group/pkg/command/command.go
View File

@@ -10,11 +10,13 @@ import (
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/group/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/ldap"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
@@ -24,19 +26,22 @@ func Groups(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "groups",
Usage: "start groups service",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-groups")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
// pre-create folders
if cfg.Reva.Groups.Driver == "json" && cfg.Reva.Groups.JSON != "" {
if err := os.MkdirAll(filepath.Dir(cfg.Reva.Groups.JSON), os.FileMode(0700)); err != nil {
if cfg.Driver == "json" && cfg.Drivers.JSON.File != "" {
if err := os.MkdirAll(filepath.Dir(cfg.Drivers.JSON.File), os.FileMode(0700)); err != nil {
return err
}
}
@@ -46,8 +51,8 @@ func Groups(cfg *config.Config) *cli.Command {
rcfg := groupsConfigFromStruct(c, cfg)
if cfg.Reva.Groups.Driver == "ldap" {
if err := waitForLDAPCA(logger, &cfg.Reva.LDAP); err != nil {
if cfg.Driver == "ldap" {
if err := ldap.WaitForCA(logger, cfg.Drivers.LDAP.Insecure, cfg.Drivers.LDAP.CACert); err != nil {
logger.Error().Err(err).Msg("The configured LDAP CA cert does not exist")
return err
}
@@ -70,10 +75,12 @@ func Groups(cfg *config.Config) *cli.Command {
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.Groups.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -85,7 +92,7 @@ func Groups(cfg *config.Config) *cli.Command {
cancel()
})
if !cfg.Reva.Groups.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -98,40 +105,39 @@ func Groups(cfg *config.Config) *cli.Command {
func groupsConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
return map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.Groups.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.Groups.GRPCNetwork,
"address": cfg.Reva.Groups.GRPCAddr,
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"groupprovider": map[string]interface{}{
"driver": cfg.Reva.Groups.Driver,
"driver": cfg.Driver,
"drivers": map[string]interface{}{
"json": map[string]interface{}{
"groups": cfg.Reva.Groups.JSON,
"groups": cfg.Drivers.JSON.File,
},
"ldap": ldapConfigFromString(cfg),
"ldap": ldapConfigFromString(cfg.Drivers.LDAP),
"rest": map[string]interface{}{
"client_id": cfg.Reva.UserGroupRest.ClientID,
"client_secret": cfg.Reva.UserGroupRest.ClientSecret,
"redis_address": cfg.Reva.UserGroupRest.RedisAddress,
"redis_username": cfg.Reva.UserGroupRest.RedisUsername,
"redis_password": cfg.Reva.UserGroupRest.RedisPassword,
"group_members_cache_expiration": cfg.Reva.Groups.GroupMembersCacheExpiration,
"id_provider": cfg.Reva.UserGroupRest.IDProvider,
"api_base_url": cfg.Reva.UserGroupRest.APIBaseURL,
"oidc_token_endpoint": cfg.Reva.UserGroupRest.OIDCTokenEndpoint,
"target_api": cfg.Reva.UserGroupRest.TargetAPI,
"client_id": cfg.Drivers.REST.ClientID,
"client_secret": cfg.Drivers.REST.ClientSecret,
"redis_address": cfg.Drivers.REST.RedisAddr,
"redis_username": cfg.Drivers.REST.RedisUsername,
"redis_password": cfg.Drivers.REST.RedisPassword,
"group_members_cache_expiration": cfg.GroupMembersCacheExpiration,
"id_provider": cfg.Drivers.REST.IDProvider,
"api_base_url": cfg.Drivers.REST.APIBaseURL,
"oidc_token_endpoint": cfg.Drivers.REST.OIDCTokenEndpoint,
"target_api": cfg.Drivers.REST.TargetAPI,
},
},
},
@@ -147,14 +153,14 @@ type GroupSutureService struct {
// NewGroupProviderSutureService creates a new storage.GroupProvider
func NewGroupProvider(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.Group.Commons = cfg.Commons
return GroupSutureService{
cfg: cfg.Storage,
cfg: cfg.Group,
}
}
func (s GroupSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.Groups.Context = ctx
// s.cfg.Reva.Groups.Context = ctx
f := &flag.FlagSet{}
cmdFlags := Groups(s.cfg).Flags
for k := range cmdFlags {
@@ -174,3 +180,38 @@ func (s GroupSutureService) Serve(ctx context.Context) error {
return nil
}
func ldapConfigFromString(cfg config.LDAPDriver) map[string]interface{} {
return map[string]interface{}{
"uri": cfg.URI,
"cacert": cfg.CACert,
"insecure": cfg.Insecure,
"bind_username": cfg.BindDN,
"bind_password": cfg.BindPassword,
"user_base_dn": cfg.UserBaseDN,
"group_base_dn": cfg.GroupBaseDN,
"user_scope": cfg.UserScope,
"group_scope": cfg.GroupScope,
"user_filter": cfg.UserFilter,
"group_filter": cfg.GroupFilter,
"user_objectclass": cfg.UserObjectClass,
"group_objectclass": cfg.GroupObjectClass,
"login_attributes": cfg.LoginAttributes,
"idp": cfg.IDP,
"user_schema": map[string]interface{}{
"id": cfg.UserSchema.ID,
"idIsOctetString": cfg.UserSchema.IDIsOctetString,
"mail": cfg.UserSchema.Mail,
"displayName": cfg.UserSchema.DisplayName,
"userName": cfg.UserSchema.Username,
},
"group_schema": map[string]interface{}{
"id": cfg.GroupSchema.ID,
"idIsOctetString": cfg.GroupSchema.IDIsOctetString,
"mail": cfg.GroupSchema.Mail,
"displayName": cfg.GroupSchema.DisplayName,
"groupName": cfg.GroupSchema.Groupname,
"member": cfg.GroupSchema.Member,
},
}
}

123
extensions/group/pkg/config/config.go Normal file
View File

@@ -0,0 +1,123 @@
package config
import "github.com/owncloud/ocis/ocis-pkg/shared"
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
GroupMembersCacheExpiration int
Driver string
Drivers Drivers
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;GROUPS_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;GROUPS_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;GROUPS_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;GROUPS_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;GROUPS_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;GROUPS_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;GROUPS_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"GROUPS_DEBUG_ADDR"`
Token string `yaml:"token" env:"GROUPS_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"GROUPS_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"GROUPS_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"GROUPS_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"GROUPS_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type Drivers struct {
JSON JSONDriver
LDAP LDAPDriver
OwnCloudSQL OwnCloudSQLDriver
REST RESTProvider
}
type JSONDriver struct {
File string
}
type LDAPDriver struct {
URI string `env:"LDAP_URI;GROUPS_LDAP_URI"`
CACert string `env:"LDAP_CACERT;GROUPS_LDAP_CACERT"`
Insecure bool `env:"LDAP_INSECURE;GROUPS_LDAP_INSECURE"`
BindDN string `env:"LDAP_BIND_DN;GROUPS_LDAP_BIND_DN"`
BindPassword string `env:"LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD"`
UserBaseDN string `env:"LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN"`
GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN"`
UserScope string `env:"LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE"`
GroupScope string `env:"LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE"`
UserFilter string `env:"LDAP_USERFILTER;GROUPS_LDAP_USERFILTER"`
GroupFilter string `env:"LDAP_GROUPFILTER;GROUPS_LDAP_USERFILTER"`
UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"`
GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"`
LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"`
IDP string `env:"OCIS_URL;GROUPS_IDP_URL"` // TODO what is this for?
GatewayEndpoint string // TODO do we need this here?
UserSchema LDAPUserSchema
GroupSchema LDAPGroupSchema
}
type LDAPUserSchema struct {
ID string `env:"LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID"`
IDIsOctetString bool `env:"LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING"`
Mail string `env:"LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL"`
DisplayName string `env:"LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME"`
Username string `env:"LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME"`
}
type LDAPGroupSchema struct {
ID string `env:"LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID"`
IDIsOctetString bool `env:"LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING"`
Mail string `env:"LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL"`
DisplayName string `env:"LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME"`
Groupname string `env:"LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME"`
Member string `env:"LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER"`
}
type OwnCloudSQLDriver struct {
DBUsername string
DBPassword string
DBHost string
DBPort int
DBName string
IDP string // TODO do we need this?
Nobody int64 // TODO what is this?
JoinUsername bool
JoinOwnCloudUUID bool
EnableMedialSearch bool
}
type RESTProvider struct {
ClientID string
ClientSecret string
RedisAddr string
RedisUsername string
RedisPassword string
IDProvider string
APIBaseURL string
OIDCTokenEndpoint string
TargetAPI string
}

115
extensions/group/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,115 @@
package defaults
import (
"path/filepath"
"github.com/owncloud/ocis/extensions/group/pkg/config"
"github.com/owncloud/ocis/ocis-pkg/config/defaults"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9161",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9160",
Protocol: "tcp",
},
Service: config.Service{
Name: "user",
},
GroupMembersCacheExpiration: 5,
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
Driver: "ldap",
Drivers: config.Drivers{
LDAP: config.LDAPDriver{
URI: "ldaps://localhost:9235",
CACert: filepath.Join(defaults.BaseDataPath(), "idm", "ldap.crt"),
Insecure: false,
UserBaseDN: "ou=users,o=libregraph-idm",
GroupBaseDN: "ou=groups,o=libregraph-idm",
UserScope: "sub",
GroupScope: "sub",
LoginAttributes: []string{"uid", "mail"},
UserFilter: "",
GroupFilter: "",
UserObjectClass: "inetOrgPerson",
GroupObjectClass: "groupOfNames",
BindDN: "uid=reva,ou=sysusers,o=libregraph-idm",
BindPassword: "reva",
IDP: "https://localhost:9200",
UserSchema: config.LDAPUserSchema{
ID: "ownclouduuid",
Mail: "mail",
DisplayName: "displayname",
Username: "uid",
},
GroupSchema: config.LDAPGroupSchema{
ID: "ownclouduuid",
Mail: "mail",
DisplayName: "cn",
Groupname: "cn",
Member: "member",
},
},
JSON: config.JSONDriver{},
OwnCloudSQL: config.OwnCloudSQLDriver{
DBUsername: "owncloud",
DBPassword: "secret",
DBHost: "mysql",
DBPort: 3306,
DBName: "owncloud",
IDP: "https://localhost:9200",
Nobody: 90,
JoinUsername: false,
JoinOwnCloudUUID: false,
EnableMedialSearch: false,
},
REST: config.RESTProvider{
RedisAddr: "localhost:6379",
},
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

3
extensions/idp/pkg/config/config.go
View File

@@ -27,7 +27,8 @@ type Config struct {
// Ldap defines the available LDAP configuration.
type Ldap struct {
URI string `yaml:"uri" env:"LDAP_URI;IDP_LDAP_URI"`
URI string `yaml:"uri" env:"LDAP_URI;IDP_LDAP_URI"`
TLSCACert string `yaml:"cacert" env:"LDAP_CACERT;IDP_LDAP_TLS_CACERT"`
BindDN string `yaml:"bind_dn" env:"LDAP_BIND_DN;IDP_LDAP_BIND_DN"`
BindPassword string `yaml:"bind_password" env:"LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD"`

11
extensions/idp/pkg/config/defaults/defaultconfig.go
View File

@@ -68,18 +68,19 @@ func DefaultConfig() *config.Config {
DyamicClientSecretDurationSeconds: 0,
},
Ldap: config.Ldap{
URI: "ldap://localhost:9125",
BindDN: "cn=idp,ou=sysusers,dc=ocis,dc=test",
URI: "ldaps://localhost:9235",
TLSCACert: path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"),
BindDN: "uid=idp,ou=sysusers,o=libregraph-idm",
BindPassword: "idp",
BaseDN: "ou=users,dc=ocis,dc=test",
BaseDN: "ou=users,o=libregraph-idm",
Scope: "sub",
LoginAttribute: "cn",
LoginAttribute: "uid",
EmailAttribute: "mail",
NameAttribute: "displayName",
UUIDAttribute: "uid",
UUIDAttributeType: "text",
Filter: "",
ObjectClass: "posixAccount",
ObjectClass: "inetOrgPerson",
},
}
}

4
extensions/idp/pkg/service/v0/service.go
View File

@@ -142,6 +142,10 @@ func initLicoInternalEnvVars(ldap *config.Ldap) error {
"LDAP_FILTER": filter,
}
if ldap.TLSCACert != "" {
defaults["LDAP_TLS_CACERT"] = ldap.TLSCACert
}
for k, v := range defaults {
if err := os.Setenv(k, v); err != nil {
return fmt.Errorf("could not set env var %s=%s", k, v)

171
extensions/ocdav/pkg/command/ocdav.go Normal file
View File

@@ -0,0 +1,171 @@
package command
import (
"context"
"flag"
"fmt"
"strings"
"github.com/cs3org/reva/v2/pkg/micro/ocdav"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/ocdav/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/conversions"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
// OCDav is the entrypoint for the ocdav command.
// TODO move ocdav cmd to a separate service
func OCDav(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "ocdav",
Usage: "start ocdav service",
Before: func(c *cli.Context) error {
if err := loadUserAgent(c, cfg); err != nil {
return err
}
return nil
},
Action: func(c *cli.Context) error {
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
//metrics = metrics.New()
defer cancel()
gr.Add(func() error {
s, err := ocdav.Service(
ocdav.Context(ctx),
ocdav.Logger(logger.Logger),
ocdav.Address(cfg.HTTP.Addr),
ocdav.FilesNamespace(cfg.FilesNamespace),
ocdav.WebdavNamespace(cfg.WebdavNamespace),
ocdav.SharesNamespace(cfg.SharesNamespace),
ocdav.Timeout(cfg.Timeout),
ocdav.Insecure(cfg.Insecure),
ocdav.PublicURL(cfg.PublicURL),
ocdav.Prefix(cfg.HTTP.Prefix),
ocdav.GatewaySvc(cfg.GatewayEndpoint),
ocdav.JWTSecret(cfg.JWTSecret),
// ocdav.FavoriteManager() // FIXME needs a proper persistence implementation
// ocdav.LockSystem(), // will default to the CS3 lock system
// ocdav.TLSConfig() // tls config for the http server
)
if err != nil {
return err
}
return s.Run()
}, func(err error) {
logger.Info().Err(err).Str("server", c.Command.Name).Msg("Shutting down server")
cancel()
})
{
server, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
logger.Info().
Err(err).
Str("server", "debug").
Msg("Failed to initialize server")
return err
}
gr.Add(server.ListenAndServe, func(_ error) {
cancel()
})
}
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
return gr.Run()
},
}
}
// OCDavSutureService allows for the ocdav command to be embedded and supervised by a suture supervisor tree.
type OCDavSutureService struct {
cfg *config.Config
}
// NewOCDav creates a new ocdav.OCDavSutureService
func NewOCDav(cfg *ociscfg.Config) suture.Service {
cfg.OCDav.Commons = cfg.Commons
return OCDavSutureService{
cfg: cfg.OCDav,
}
}
func (s OCDavSutureService) Serve(ctx context.Context) error {
// s.cfg.Reva.Frontend.Context = ctx
cmd := OCDav(s.cfg)
f := &flag.FlagSet{}
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := cmd.Action(cliCtx); err != nil {
return err
}
return nil
}
// loadUserAgent reads the user-agent-whitelist-lock-in, since it is a string flag, and attempts to construct a map of
// "user-agent":"challenge" locks in for Reva.
// Modifies cfg. Spaces don't need to be trimmed as urfavecli takes care of it. User agents with spaces are valid. i.e:
// Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0
// This function works by relying in our format of specifying [user-agent:challenge] and the fact that the user agent
// might contain ":" (colon), so the original string is reversed, split in two parts, by the time it is split we
// have the indexes reversed and the tuple is in the format of [challenge:user-agent], then the same process is applied
// in reverse for each individual part
func loadUserAgent(c *cli.Context, cfg *config.Config) error {
cfg.Middleware.Auth.CredentialsByUserAgent = make(map[string]string)
locks := c.StringSlice("user-agent-whitelist-lock-in")
for _, v := range locks {
vv := conversions.Reverse(v)
parts := strings.SplitN(vv, ":", 2)
if len(parts) != 2 {
return fmt.Errorf("unexpected config value for user-agent lock-in: %v, expected format is user-agent:challenge", v)
}
cfg.Middleware.Auth.CredentialsByUserAgent[conversions.Reverse(parts[1])] = conversions.Reverse(parts[0])
}
return nil
}

71
extensions/ocdav/pkg/config/config.go Normal file
View File

@@ -0,0 +1,71 @@
package config
import "github.com/owncloud/ocis/ocis-pkg/shared"
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
HTTP HTTPConfig `yaml:"http"`
// JWTSecret used to verify reva access token
JWTSecret string `yaml:"jwt_secret"`
GatewayEndpoint string
SkipUserGroupsInToken bool
WebdavNamespace string `yaml:"webdav_namespace"`
FilesNamespace string `yaml:"files_namespace"`
SharesNamespace string `yaml:"shares_namespace"`
// PublicURL used to redirect /s/{token} URLs to
PublicURL string `yaml:"public_url" env:"OCIS_URL;OCDAV_PUBLIC_URL"`
// Insecure certificates allowed when making requests to the gateway
Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;OCDAV_INSECURE"`
// Timeout in seconds when making requests to the gateway
Timeout int64 `yaml:"timeout"`
Middleware Middleware
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;OCDAV_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;OCDAV_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;OCDAV_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;OCDAV_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;OCDAV_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;OCDAV_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;OCDAV_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"OCDAV_DEBUG_ADDR"`
Token string `yaml:"token" env:"OCDAV_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"OCDAV_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"OCDAV_DEBUG_ZPAGES"`
}
type HTTPConfig struct {
Addr string `yaml:"addr" env:"OCDAV_HTTP_ADDR" desc:"The address of the http service."`
Protocol string `yaml:"protocol" env:"OCDAV_HTTP_PROTOCOL" desc:"The transport protocol of the http service."`
Prefix string `yaml:"prefix"`
}
// Middleware configures reva middlewares.
type Middleware struct {
Auth Auth `yaml:"auth"`
}
// Auth configures reva http auth middleware.
type Auth struct {
CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agenr"`
}

74
extensions/ocdav/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,74 @@
package defaults
import (
"github.com/owncloud/ocis/extensions/ocdav/pkg/config"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9163",
Token: "",
Pprof: false,
Zpages: false,
},
HTTP: config.HTTPConfig{
Addr: "127.0.0.1:0", // :0 to pick any free local port
Protocol: "tcp",
Prefix: "",
},
Service: config.Service{
Name: "ocdav",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
WebdavNamespace: "/users/{{.Id.OpaqueId}}",
FilesNamespace: "/users/{{.Id.OpaqueId}}",
SharesNamespace: "/Shares",
PublicURL: "https://localhost:9200",
Insecure: false,
Timeout: 84300,
Middleware: config.Middleware{
Auth: config.Auth{
CredentialsByUserAgent: map[string]string{},
},
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

2
extensions/ocs/pkg/config/defaults/defaultconfig.go
View File

@@ -41,7 +41,7 @@ func DefaultConfig() *config.Config {
TokenManager: config.TokenManager{
JWTSecret: "Pive-Fumkiu4",
},
AccountBackend: "accounts",
AccountBackend: "cs3",
Reva: config.Reva{
Address: "127.0.0.1:9142",
},

2
extensions/proxy/pkg/config/defaults/defaultconfig.go
View File

@@ -45,7 +45,7 @@ func DefaultConfig() *config.Config {
AllowedHTTPMethods: []string{"GET"},
Enabled: true,
},
AccountBackend: "accounts",
AccountBackend: "cs3",
UserOIDCClaim: "email",
UserCS3Claim: "mail",
MachineAuthAPIKey: "change-me-please",

2
extensions/settings/l10n/translations.json
View File

File diff suppressed because one or more lines are too long

2
extensions/settings/package.json
View File

@@ -67,7 +67,7 @@
"nightwatch": "1.7.11",
"nightwatch-api": "3.0.2",
"nightwatch-vrt": "^0.2.10",
"node-fetch": "^2.6.1",
"node-fetch": "^2.6.7",
"qs": "^6.10.3",
"rimraf": "^3.0.0",
"rollup": "^2.70.1",

14
extensions/settings/yarn.lock
View File

@@ -5846,9 +5846,9 @@ mz@^2.7.0:
thenify-all "^1.0.0"
nanoid@^3.1.23:
version "3.1.25"
resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.1.25.tgz#09ca32747c0e543f0e1814b7d3793477f9c8e152"
integrity sha512-rdwtIXaXCLFAQbnfqDRnI6jaRHp9fTcYBjtFKE8eezcZ7LuLjhUaQGNeMXf1HmRoCH32CLz6XwX0TtxEOS/A3Q==
version "3.3.2"
resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.2.tgz#c89622fafb4381cd221421c69ec58547a1eec557"
integrity sha512-CuHBogktKwpm5g2sRgv83jEy2ijFzBwMoYA60orPDR7ynsLijJDqgsi4RDGj3OJpy3Ieb+LYwiRmIOGyytgITA==
native-request@^1.0.5:
version "1.0.9"
@@ -5943,10 +5943,10 @@ node-environment-flags@1.0.5:
object.getownpropertydescriptors "^2.0.3"
semver "^5.7.0"
node-fetch@^2.6.1:
version "2.6.5"
resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.5.tgz#42735537d7f080a7e5f78b6c549b7146be1742fd"
integrity sha512-mmlIVHJEu5rnIxgEgez6b9GgWXbkZj5YZ7fx+2r94a2E+Uirsp6HsPTPlomfdHtpt/B0cdKviwkoaM6pyvUOpQ==
node-fetch@^2.6.7:
version "2.6.7"
resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.7.tgz#24de9fba827e3b4ae44dc8b20256a379160052ad"
integrity sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==
dependencies:
whatwg-url "^5.0.0"

238
extensions/sharing/pkg/command/command.go Normal file
View File

@@ -0,0 +1,238 @@
package command
import (
"context"
"flag"
"os"
"path"
"path/filepath"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/sharing/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
// Sharing is the entrypoint for the sharing command.
func Sharing(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "sharing",
Usage: "start sharing service",
Action: func(c *cli.Context) error {
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
// precreate folders
if cfg.UserSharingDriver == "json" && cfg.UserSharingDrivers.JSON.File != "" {
if err := os.MkdirAll(filepath.Dir(cfg.UserSharingDrivers.JSON.File), os.FileMode(0700)); err != nil {
return err
}
}
if cfg.PublicSharingDriver == "json" && cfg.PublicSharingDrivers.JSON.File != "" {
if err := os.MkdirAll(filepath.Dir(cfg.PublicSharingDrivers.JSON.File), os.FileMode(0700)); err != nil {
return err
}
}
uuid := uuid.Must(uuid.NewV4())
pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+uuid.String()+".pid")
rcfg := sharingConfigFromStruct(c, cfg)
gr.Add(func() error {
runtime.RunWithOptions(
rcfg,
pidFile,
runtime.WithLogger(&logger.Logger),
)
return nil
}, func(_ error) {
logger.Info().
Str("server", c.Command.Name).
Msg("Shutting down server")
cancel()
})
debug, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
logger.Info().Err(err).Str("server", c.Command.Name+"-debug").Msg("Failed to initialize server")
return err
}
gr.Add(debug.ListenAndServe, func(_ error) {
cancel()
})
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
return gr.Run()
},
}
}
// sharingConfigFromStruct will adapt an oCIS config struct into a reva mapstructure to start a reva service.
func sharingConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"usershareprovider": map[string]interface{}{
"driver": cfg.UserSharingDriver,
"drivers": map[string]interface{}{
"json": map[string]interface{}{
"file": cfg.UserSharingDrivers.JSON.File,
"gateway_addr": cfg.GatewayEndpoint,
},
"sql": map[string]interface{}{ // cernbox sql
"db_username": cfg.UserSharingDrivers.SQL.DBUsername,
"db_password": cfg.UserSharingDrivers.SQL.DBPassword,
"db_host": cfg.UserSharingDrivers.SQL.DBHost,
"db_port": cfg.UserSharingDrivers.SQL.DBPort,
"db_name": cfg.UserSharingDrivers.SQL.DBName,
"password_hash_cost": cfg.UserSharingDrivers.SQL.PasswordHashCost,
"enable_expired_shares_cleanup": cfg.UserSharingDrivers.SQL.EnableExpiredSharesCleanup,
"janitor_run_interval": cfg.UserSharingDrivers.SQL.JanitorRunInterval,
},
"oc10-sql": map[string]interface{}{
"storage_mount_id": cfg.UserSharingDrivers.SQL.UserStorageMountID,
"db_username": cfg.UserSharingDrivers.SQL.DBUsername,
"db_password": cfg.UserSharingDrivers.SQL.DBPassword,
"db_host": cfg.UserSharingDrivers.SQL.DBHost,
"db_port": cfg.UserSharingDrivers.SQL.DBPort,
"db_name": cfg.UserSharingDrivers.SQL.DBName,
},
"cs3": map[string]interface{}{
"provider_addr": cfg.UserSharingDrivers.CS3.ProviderAddr,
"service_user_id": cfg.UserSharingDrivers.CS3.ServiceUserID,
"service_user_idp": cfg.UserSharingDrivers.CS3.ServiceUserIDP,
"machine_auth_apikey": cfg.UserSharingDrivers.CS3.MachineAuthAPIKey,
},
},
},
"publicshareprovider": map[string]interface{}{
"driver": cfg.PublicSharingDriver,
"drivers": map[string]interface{}{
"json": map[string]interface{}{
"file": cfg.PublicSharingDrivers.JSON.File,
"gateway_addr": cfg.GatewayEndpoint,
},
"sql": map[string]interface{}{
"db_username": cfg.PublicSharingDrivers.SQL.DBUsername,
"db_password": cfg.PublicSharingDrivers.SQL.DBPassword,
"db_host": cfg.PublicSharingDrivers.SQL.DBHost,
"db_port": cfg.PublicSharingDrivers.SQL.DBPort,
"db_name": cfg.PublicSharingDrivers.SQL.DBName,
"password_hash_cost": cfg.PublicSharingDrivers.SQL.PasswordHashCost,
"enable_expired_shares_cleanup": cfg.PublicSharingDrivers.SQL.EnableExpiredSharesCleanup,
"janitor_run_interval": cfg.PublicSharingDrivers.SQL.JanitorRunInterval,
},
"oc10-sql": map[string]interface{}{
"storage_mount_id": cfg.PublicSharingDrivers.SQL.UserStorageMountID,
"db_username": cfg.PublicSharingDrivers.SQL.DBUsername,
"db_password": cfg.PublicSharingDrivers.SQL.DBPassword,
"db_host": cfg.PublicSharingDrivers.SQL.DBHost,
"db_port": cfg.PublicSharingDrivers.SQL.DBPort,
"db_name": cfg.PublicSharingDrivers.SQL.DBName,
"password_hash_cost": cfg.PublicSharingDrivers.SQL.PasswordHashCost,
"enable_expired_shares_cleanup": cfg.PublicSharingDrivers.SQL.EnableExpiredSharesCleanup,
"janitor_run_interval": cfg.PublicSharingDrivers.SQL.JanitorRunInterval,
},
"cs3": map[string]interface{}{
"provider_addr": cfg.PublicSharingDrivers.CS3.ProviderAddr,
"service_user_id": cfg.PublicSharingDrivers.CS3.ServiceUserID,
"service_user_idp": cfg.PublicSharingDrivers.CS3.ServiceUserIDP,
"machine_auth_apikey": cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey,
},
},
},
},
"interceptors": map[string]interface{}{
"eventsmiddleware": map[string]interface{}{
"group": "sharing",
"type": "nats",
"address": cfg.Events.Addr,
"clusterID": cfg.Events.ClusterID,
},
},
},
}
return rcfg
}
// SharingSutureService allows for the storage-sharing command to be embedded and supervised by a suture supervisor tree.
type SharingSutureService struct {
cfg *config.Config
}
// NewSharingSutureService creates a new store.SharingSutureService
func NewSharing(cfg *ociscfg.Config) suture.Service {
cfg.Sharing.Commons = cfg.Commons
return SharingSutureService{
cfg: cfg.Sharing,
}
}
func (s SharingSutureService) Serve(ctx context.Context) error {
// s.cfg.Reva.Sharing.Context = ctx
cmd := Sharing(s.cfg)
f := &flag.FlagSet{}
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := cmd.Action(cliCtx); err != nil {
return err
}
return nil
}

115
extensions/sharing/pkg/config/config.go Normal file
View File

@@ -0,0 +1,115 @@
package config
import "github.com/owncloud/ocis/ocis-pkg/shared"
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
UserSharingDriver string
UserSharingDrivers UserSharingDrivers
PublicSharingDriver string
PublicSharingDrivers PublicSharingDrivers
Events Events
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;SHARING_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;SHARING_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;SHARING_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;SHARING_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;SHARING_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;SHARING_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;SHARING_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;SHARING_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"SHARING_DEBUG_ADDR"`
Token string `yaml:"token" env:"SHARING_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"SHARING_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"SHARING_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"SHARING_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"SHARING_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type UserSharingDrivers struct {
JSON UserSharingJSONDriver
SQL UserSharingSQLDriver
CS3 UserSharingCS3Driver
}
type UserSharingJSONDriver struct {
File string `env:"SHARING_USER_JSON_FILE"`
}
type UserSharingSQLDriver struct {
DBUsername string `env:"SHARING_USER_SQL_USERNAME"`
DBPassword string `env:"SHARING_USER_SQL_PASSWORD"`
DBHost string `env:"SHARING_USER_SQL_HOST"`
DBPort int `env:"SHARING_USER_SQL_PORT"`
DBName string `env:"SHARING_USER_SQL_NAME"`
PasswordHashCost int
EnableExpiredSharesCleanup bool
JanitorRunInterval int
UserStorageMountID string
}
type UserSharingCS3Driver struct {
ProviderAddr string
ServiceUserID string
ServiceUserIDP string `env:"OCIS_URL;SHARING_CS3_SERVICE_USER_IDP"`
MachineAuthAPIKey string `env:"OCIS_MACHINE_AUTH_API_KEY"`
}
type PublicSharingDrivers struct {
JSON PublicSharingJSONDriver
SQL PublicSharingSQLDriver
CS3 PublicSharingCS3Driver
}
type PublicSharingJSONDriver struct {
File string
}
type PublicSharingSQLDriver struct {
DBUsername string
DBPassword string
DBHost string
DBPort int
DBName string
PasswordHashCost int
EnableExpiredSharesCleanup bool
JanitorRunInterval int
UserStorageMountID string
}
type PublicSharingCS3Driver struct {
ProviderAddr string
ServiceUserID string
ServiceUserIDP string
MachineAuthAPIKey string `env:"OCIS_MACHINE_AUTH_API_KEY"`
}
type Events struct {
Addr string
ClusterID string
}

111
extensions/sharing/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,111 @@
package defaults
import (
"path/filepath"
"github.com/owncloud/ocis/extensions/sharing/pkg/config"
"github.com/owncloud/ocis/ocis-pkg/config/defaults"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9151",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9150",
Protocol: "tcp",
},
Service: config.Service{
Name: "sharing",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
UserSharingDriver: "json",
UserSharingDrivers: config.UserSharingDrivers{
JSON: config.UserSharingJSONDriver{
File: filepath.Join(defaults.BaseDataPath(), "storage", "shares.json"),
},
SQL: config.UserSharingSQLDriver{
DBUsername: "",
DBPassword: "",
DBHost: "",
DBPort: 1433,
DBName: "",
PasswordHashCost: 11,
EnableExpiredSharesCleanup: true,
JanitorRunInterval: 60,
},
CS3: config.UserSharingCS3Driver{
ProviderAddr: "127.0.0.1:9215",
ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
ServiceUserIDP: "https://localhost:9200",
},
},
PublicSharingDriver: "json",
PublicSharingDrivers: config.PublicSharingDrivers{
JSON: config.PublicSharingJSONDriver{
File: filepath.Join(defaults.BaseDataPath(), "storage", "publicshares.json"),
},
SQL: config.PublicSharingSQLDriver{
DBUsername: "",
DBPassword: "",
DBHost: "",
DBPort: 1433,
DBName: "",
PasswordHashCost: 11,
EnableExpiredSharesCleanup: true,
JanitorRunInterval: 60,
},
CS3: config.PublicSharingCS3Driver{
ProviderAddr: "127.0.0.1:9215",
ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
ServiceUserIDP: "https://localhost:9200",
},
},
Events: config.Events{
Addr: "127.0.0.1:9233",
ClusterID: "ocis-cluster",
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

72
extensions/storage/pkg/command/storagemetadata.go → extensions/storage-metadata/pkg/command/command.go
View File

@@ -6,16 +6,16 @@ import (
"os"
"path"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/command/storagedrivers"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/storage-metadata/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/service/external"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/version"
"github.com/thejerf/suture/v4"
@@ -27,22 +27,25 @@ import (
// It provides a ocis-specific storage store metadata (shares,account,settings...)
func StorageMetadata(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "storage-metadata",
Usage: "start storage-metadata service",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-metadata")
},
Name: "storage-metadata",
Usage: "start storage-metadata service",
Category: "extensions",
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := func() (context.Context, context.CancelFunc) {
if cfg.Reva.StorageMetadata.Context == nil {
if cfg.Context == nil {
return context.WithCancel(context.Background())
}
return context.WithCancel(cfg.Reva.StorageMetadata.Context)
return context.WithCancel(cfg.Context)
}()
defer cancel()
@@ -67,10 +70,12 @@ func StorageMetadata(cfg *config.Config) *cli.Command {
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.StorageMetadata.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -89,7 +94,7 @@ func StorageMetadata(cfg *config.Config) *cli.Command {
cancel()
})
if !cfg.Reva.StorageMetadata.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -97,7 +102,7 @@ func StorageMetadata(cfg *config.Config) *cli.Command {
ctx,
"com.owncloud.storage.metadata",
uuid.Must(uuid.NewV4()).String(),
cfg.Reva.StorageMetadata.GRPCAddr,
cfg.GRPC.Addr,
version.String,
logger,
); err != nil {
@@ -113,43 +118,42 @@ func StorageMetadata(cfg *config.Config) *cli.Command {
func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.StorageMetadata.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.StorageMetadata.GRPCNetwork,
"address": cfg.Reva.StorageMetadata.GRPCAddr,
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
"interceptors": map[string]interface{}{
"log": map[string]interface{}{},
},
"services": map[string]interface{}{
"storageprovider": map[string]interface{}{
"driver": cfg.Reva.StorageMetadata.Driver,
"drivers": storagedrivers.MetadataDrivers(cfg),
"data_server_url": cfg.Reva.StorageMetadata.DataServerURL,
"tmp_folder": cfg.Reva.StorageMetadata.TempFolder,
"driver": cfg.Driver,
"drivers": config.MetadataDrivers(cfg),
"data_server_url": cfg.DataServerURL,
"tmp_folder": cfg.TempFolder,
},
},
},
"http": map[string]interface{}{
"network": cfg.Reva.StorageMetadata.HTTPNetwork,
"address": cfg.Reva.StorageMetadata.HTTPAddr,
"network": cfg.HTTP.Protocol,
"address": cfg.HTTP.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"dataprovider": map[string]interface{}{
"prefix": "data",
"driver": cfg.Reva.StorageMetadata.Driver,
"drivers": storagedrivers.MetadataDrivers(cfg),
"driver": cfg.Driver,
"drivers": config.MetadataDrivers(cfg),
"timeout": 86400,
"insecure": cfg.Reva.StorageMetadata.DataProvider.Insecure,
"insecure": cfg.DataProviderInsecure,
"disable_tus": true,
},
},
@@ -165,14 +169,14 @@ type MetadataSutureService struct {
// NewSutureService creates a new storagemetadata.SutureService
func NewStorageMetadata(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.StorageMetadata.Commons = cfg.Commons
return MetadataSutureService{
cfg: cfg.Storage,
cfg: cfg.StorageMetadata,
}
}
func (s MetadataSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.StorageMetadata.Context = ctx
s.cfg.Context = ctx
f := &flag.FlagSet{}
cmdFlags := StorageMetadata(s.cfg).Flags
for k := range cmdFlags {

147
extensions/storage-metadata/pkg/config/config.go Normal file
View File

@@ -0,0 +1,147 @@
package config
import (
"context"
"github.com/owncloud/ocis/ocis-pkg/shared"
)
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
HTTP HTTPConfig `yaml:"http"`
Context context.Context
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
Driver string `yaml:"driver" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"`
Drivers Drivers `yaml:"drivers"`
DataServerURL string
TempFolder string
DataProviderInsecure bool `env:"OCIS_INSECURE;STORAGE_METADATA_DATAPROVIDER_INSECURE"`
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_METADATA_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_METADATA_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_METADATA_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_METADATA_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_METADATA_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_METADATA_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_METADATA_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"STORAGE_METADATA_DEBUG_ADDR"`
Token string `yaml:"token" env:"STORAGE_METADATA_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"STORAGE_METADATA_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"STORAGE_METADATA_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"STORAGE_METADATA_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"STORAGE_METADATA_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type HTTPConfig struct {
Addr string `yaml:"addr" env:"STORAGE_METADATA_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"STORAGE_METADATA_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type Drivers struct {
EOS EOSDriver
Local LocalDriver
OCIS OCISDriver
S3 S3Driver
S3NG S3NGDriver
}
type EOSDriver struct {
// Root is the absolute path to the location of the data
Root string `yaml:"root"`
// ShadowNamespace for storing shadow data
ShadowNamespace string `yaml:"shadow_namespace"`
// UploadsNamespace for storing upload data
UploadsNamespace string `yaml:"uploads_namespace"`
// Location of the eos binary.
// Default is /usr/bin/eos.
EosBinary string `yaml:"eos_binary"`
// Location of the xrdcopy binary.
// Default is /usr/bin/xrdcopy.
XrdcopyBinary string `yaml:"xrd_copy_binary"`
// URL of the Master EOS MGM.
// Default is root://eos-example.org
MasterURL string `yaml:"master_url"`
// URL of the Slave EOS MGM.
// Default is root://eos-example.org
SlaveURL string `yaml:"slave_url"`
// Location on the local fs where to store reads.
// Defaults to os.TempDir()
CacheDirectory string `yaml:"cache_directory"`
// SecProtocol specifies the xrootd security protocol to use between the server and EOS.
SecProtocol string `yaml:"sec_protocol"`
// Keytab specifies the location of the keytab to use to authenticate to EOS.
Keytab string `yaml:"keytab"`
// SingleUsername is the username to use when SingleUserMode is enabled
SingleUsername string `yaml:"single_username"`
// Enables logging of the commands executed
// Defaults to false
EnableLogging bool `yaml:"enable_logging"`
// ShowHiddenSysFiles shows internal EOS files like
// .sys.v# and .sys.a# files.
ShowHiddenSysFiles bool `yaml:"shadow_hidden_files"`
// ForceSingleUserMode will force connections to EOS to use SingleUsername
ForceSingleUserMode bool `yaml:"force_single_user_mode"`
// UseKeyTabAuth changes will authenticate requests by using an EOS keytab.
UseKeytab bool `yaml:"user_keytab"`
// gateway service to use for uid lookups
GatewaySVC string `yaml:"gateway_svc"`
GRPCURI string
UserLayout string
}
type LocalDriver struct {
// Root is the absolute path to the location of the data
Root string `yaml:"root"`
}
type OCISDriver struct {
// Root is the absolute path to the location of the data
Root string `yaml:"root" env:"STORAGE_METADATA_DRIVER_OCIS_ROOT"`
UserLayout string
PermissionsEndpoint string
}
type S3Driver struct {
Region string `yaml:"region"`
AccessKey string `yaml:"access_key"`
SecretKey string `yaml:"secret_key"`
Endpoint string `yaml:"endpoint"`
Bucket string `yaml:"bucket"`
}
type S3NGDriver struct {
// Root is the absolute path to the location of the data
Root string `yaml:"root"`
UserLayout string
PermissionsEndpoint string
Region string `yaml:"region"`
AccessKey string `yaml:"access_key"`
SecretKey string `yaml:"secret_key"`
Endpoint string `yaml:"endpoint"`
Bucket string `yaml:"bucket"`
}

112
extensions/storage-metadata/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,112 @@
package defaults
import (
"os"
"path/filepath"
"github.com/owncloud/ocis/extensions/storage-metadata/pkg/config"
"github.com/owncloud/ocis/ocis-pkg/config/defaults"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9217",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9215",
Protocol: "tcp",
},
HTTP: config.HTTPConfig{
Addr: "127.0.0.1:9216",
Protocol: "tcp",
},
Service: config.Service{
Name: "storage-metadata",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "metadata"),
DataServerURL: "http://localhost:9216/data",
Driver: "ocis",
Drivers: config.Drivers{
EOS: config.EOSDriver{
Root: "/eos/dockertest/reva",
UserLayout: "{{substr 0 1 .Username}}/{{.Username}}",
ShadowNamespace: "",
UploadsNamespace: "",
EosBinary: "/usr/bin/eos",
XrdcopyBinary: "/usr/bin/xrdcopy",
MasterURL: "root://eos-mgm1.eoscluster.cern.ch:1094",
GRPCURI: "",
SlaveURL: "root://eos-mgm1.eoscluster.cern.ch:1094",
CacheDirectory: os.TempDir(),
EnableLogging: false,
ShowHiddenSysFiles: false,
ForceSingleUserMode: false,
UseKeytab: false,
SecProtocol: "",
Keytab: "",
SingleUsername: "",
GatewaySVC: "127.0.0.1:9142",
},
Local: config.LocalDriver{
Root: filepath.Join(defaults.BaseDataPath(), "storage", "local", "metadata"),
},
S3: config.S3Driver{
Region: "default",
},
S3NG: config.S3NGDriver{
Root: filepath.Join(defaults.BaseDataPath(), "storage", "metadata"),
UserLayout: "{{.Id.OpaqueId}}",
Region: "default",
PermissionsEndpoint: "127.0.0.1:9191",
},
OCIS: config.OCISDriver{
Root: filepath.Join(defaults.BaseDataPath(), "storage", "metadata"),
UserLayout: "{{.Id.OpaqueId}}",
PermissionsEndpoint: "127.0.0.1:9191",
},
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

75
extensions/storage-metadata/pkg/config/metadata.go Normal file
View File

@@ -0,0 +1,75 @@
package config
func MetadataDrivers(cfg *Config) map[string]interface{} {
return map[string]interface{}{
"eos": map[string]interface{}{
"namespace": cfg.Drivers.EOS.Root,
"shadow_namespace": cfg.Drivers.EOS.ShadowNamespace,
"uploads_namespace": cfg.Drivers.EOS.UploadsNamespace,
"eos_binary": cfg.Drivers.EOS.EosBinary,
"xrdcopy_binary": cfg.Drivers.EOS.XrdcopyBinary,
"master_url": cfg.Drivers.EOS.MasterURL,
"slave_url": cfg.Drivers.EOS.SlaveURL,
"cache_directory": cfg.Drivers.EOS.CacheDirectory,
"sec_protocol": cfg.Drivers.EOS.SecProtocol,
"keytab": cfg.Drivers.EOS.Keytab,
"single_username": cfg.Drivers.EOS.SingleUsername,
"enable_logging": cfg.Drivers.EOS.EnableLogging,
"show_hidden_sys_files": cfg.Drivers.EOS.ShowHiddenSysFiles,
"force_single_user_mode": cfg.Drivers.EOS.ForceSingleUserMode,
"use_keytab": cfg.Drivers.EOS.UseKeytab,
"gatewaysvc": cfg.Drivers.EOS.GatewaySVC,
"enable_home": false,
},
"eosgrpc": map[string]interface{}{
"namespace": cfg.Drivers.EOS.Root,
"shadow_namespace": cfg.Drivers.EOS.ShadowNamespace,
"eos_binary": cfg.Drivers.EOS.EosBinary,
"xrdcopy_binary": cfg.Drivers.EOS.XrdcopyBinary,
"master_url": cfg.Drivers.EOS.MasterURL,
"master_grpc_uri": cfg.Drivers.EOS.GRPCURI,
"slave_url": cfg.Drivers.EOS.SlaveURL,
"cache_directory": cfg.Drivers.EOS.CacheDirectory,
"sec_protocol": cfg.Drivers.EOS.SecProtocol,
"keytab": cfg.Drivers.EOS.Keytab,
"single_username": cfg.Drivers.EOS.SingleUsername,
"user_layout": cfg.Drivers.EOS.UserLayout,
"enable_logging": cfg.Drivers.EOS.EnableLogging,
"show_hidden_sys_files": cfg.Drivers.EOS.ShowHiddenSysFiles,
"force_single_user_mode": cfg.Drivers.EOS.ForceSingleUserMode,
"use_keytab": cfg.Drivers.EOS.UseKeytab,
"enable_home": false,
"gatewaysvc": cfg.Drivers.EOS.GatewaySVC,
},
"local": map[string]interface{}{
"root": cfg.Drivers.Local.Root,
},
"ocis": map[string]interface{}{
"root": cfg.Drivers.OCIS.Root,
"user_layout": cfg.Drivers.OCIS.UserLayout,
"treetime_accounting": false,
"treesize_accounting": false,
"permissionssvc": cfg.Drivers.OCIS.PermissionsEndpoint,
},
"s3": map[string]interface{}{
"region": cfg.Drivers.S3.Region,
"access_key": cfg.Drivers.S3.AccessKey,
"secret_key": cfg.Drivers.S3.SecretKey,
"endpoint": cfg.Drivers.S3.Endpoint,
"bucket": cfg.Drivers.S3.Bucket,
},
"s3ng": map[string]interface{}{
"root": cfg.Drivers.S3NG.Root,
"enable_home": false,
"user_layout": cfg.Drivers.S3NG.UserLayout,
"treetime_accounting": false,
"treesize_accounting": false,
"permissionssvc": cfg.Drivers.S3NG.PermissionsEndpoint,
"s3.region": cfg.Drivers.S3NG.Region,
"s3.access_key": cfg.Drivers.S3NG.AccessKey,
"s3.secret_key": cfg.Drivers.S3NG.SecretKey,
"s3.endpoint": cfg.Drivers.S3NG.Endpoint,
"s3.bucket": cfg.Drivers.S3NG.Bucket,
},
}
}

62
extensions/storage/pkg/command/storagepubliclink.go → extensions/storage-publiclink/pkg/command/storagepubliclink.go
View File

@@ -9,11 +9,12 @@ import (
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
@@ -21,15 +22,18 @@ import (
// StoragePublicLink is the entrypoint for the reva-storage-public-link command.
func StoragePublicLink(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "storage-public-link",
Usage: "start storage-public-link service",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-public-link")
},
Name: "storage-public-link",
Usage: "start storage-public-link service",
Category: "extensions",
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
@@ -54,10 +58,12 @@ func StoragePublicLink(cfg *config.Config) *cli.Command {
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.StoragePublicLink.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -69,7 +75,7 @@ func StoragePublicLink(cfg *config.Config) *cli.Command {
cancel()
})
if !cfg.Reva.StoragePublicLink.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -82,33 +88,32 @@ func StoragePublicLink(cfg *config.Config) *cli.Command {
func storagePublicLinkConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.StoragePublicLink.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.StoragePublicLink.GRPCNetwork,
"address": cfg.Reva.StoragePublicLink.GRPCAddr,
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
"interceptors": map[string]interface{}{
"log": map[string]interface{}{},
},
"services": map[string]interface{}{
"publicstorageprovider": map[string]interface{}{
"mount_id": cfg.Reva.StoragePublicLink.MountID,
"gateway_addr": cfg.Reva.Gateway.Endpoint,
"mount_id": cfg.StorageProvider.MountID,
"gateway_addr": cfg.StorageProvider.GatewayEndpoint,
},
"authprovider": map[string]interface{}{
"auth_manager": "publicshares",
"auth_managers": map[string]interface{}{
"publicshares": map[string]interface{}{
"gateway_addr": cfg.Reva.Gateway.Endpoint,
"gateway_addr": cfg.AuthProvider.GatewayEndpoint,
},
},
},
@@ -125,28 +130,29 @@ type StoragePublicLinkSutureService struct {
// NewStoragePublicLinkSutureService creates a new storage.StoragePublicLinkSutureService
func NewStoragePublicLink(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.StoragePublicLink.Commons = cfg.Commons
return StoragePublicLinkSutureService{
cfg: cfg.Storage,
cfg: cfg.StoragePublicLink,
}
}
func (s StoragePublicLinkSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.StoragePublicLink.Context = ctx
// s.cfg.Reva.StoragePublicLink.Context = ctx
cmd := StoragePublicLink(s.cfg)
f := &flag.FlagSet{}
cmdFlags := StoragePublicLink(s.cfg).Flags
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if StoragePublicLink(s.cfg).Before != nil {
if err := StoragePublicLink(s.cfg).Before(cliCtx); err != nil {
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := StoragePublicLink(s.cfg).Action(cliCtx); err != nil {
if err := cmd.Action(cliCtx); err != nil {
return err
}

63
extensions/storage-publiclink/pkg/config/config.go Normal file
View File

@@ -0,0 +1,63 @@
package config
import (
"context"
"github.com/owncloud/ocis/ocis-pkg/shared"
)
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
Context context.Context
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
AuthProvider AuthProvider
StorageProvider StorageProvider
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_METADATA_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_METADATA_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_METADATA_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_METADATA_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_METADATA_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_METADATA_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_METADATA_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"STORAGE_METADATA_DEBUG_ADDR"`
Token string `yaml:"token" env:"STORAGE_METADATA_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"STORAGE_METADATA_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"STORAGE_METADATA_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"STORAGE_METADATA_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"STORAGE_METADATA_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type AuthProvider struct {
GatewayEndpoint string
}
type StorageProvider struct {
MountID string
GatewayEndpoint string
}

69
extensions/storage-publiclink/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,69 @@
package defaults
import (
"github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9179",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9178",
Protocol: "tcp",
},
Service: config.Service{
Name: "storage-publiclink",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
AuthProvider: config.AuthProvider{
GatewayEndpoint: "127.0.0.1:9142",
},
StorageProvider: config.StorageProvider{
MountID: "7993447f-687f-490d-875c-ac95e89a62a4",
GatewayEndpoint: "127.0.0.1:9142",
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

59
extensions/storage/pkg/command/storageshares.go → extensions/storage-shares/pkg/command/command.go
View File

@@ -6,14 +6,15 @@ import (
"os"
"path"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/storage-shares/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
@@ -24,14 +25,15 @@ func StorageShares(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "storage-shares",
Usage: "start storage-shares service",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-shares")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
@@ -58,10 +60,12 @@ func StorageShares(cfg *config.Config) *cli.Command {
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.StorageShares.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -73,7 +77,7 @@ func StorageShares(cfg *config.Config) *cli.Command {
cancel()
})
if !cfg.Reva.StorageShares.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -86,29 +90,27 @@ func StorageShares(cfg *config.Config) *cli.Command {
func storageSharesConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.StorageShares.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.StorageShares.GRPCNetwork,
"address": cfg.Reva.StorageShares.GRPCAddr,
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
"services": map[string]interface{}{
"sharesstorageprovider": map[string]interface{}{
"usershareprovidersvc": cfg.Reva.Sharing.Endpoint,
"gateway_addr": cfg.Reva.Gateway.Endpoint,
"usershareprovidersvc": cfg.SharesProviderEndpoint,
},
},
},
}
if cfg.Reva.StorageShares.ReadOnly {
if cfg.ReadOnly {
gcfg := rcfg["grpc"].(map[string]interface{})
gcfg["interceptors"] = map[string]interface{}{
"readonly": map[string]interface{}{},
@@ -124,28 +126,29 @@ type StorageSharesSutureService struct {
// NewStorageShares creates a new storage.StorageSharesSutureService
func NewStorageShares(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.StorageShares.Commons = cfg.Commons
return StorageSharesSutureService{
cfg: cfg.Storage,
cfg: cfg.StorageShares,
}
}
func (s StorageSharesSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.StorageShares.Context = ctx
// s.cfg.Reva.StorageShares.Context = ctx
cmd := StorageShares(s.cfg)
f := &flag.FlagSet{}
cmdFlags := StorageShares(s.cfg).Flags
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if StorageShares(s.cfg).Before != nil {
if err := StorageShares(s.cfg).Before(cliCtx); err != nil {
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := StorageShares(s.cfg).Action(cliCtx); err != nil {
if err := cmd.Action(cliCtx); err != nil {
return err
}

60
extensions/storage-shares/pkg/config/config.go Normal file
View File

@@ -0,0 +1,60 @@
package config
import (
"context"
"github.com/owncloud/ocis/ocis-pkg/shared"
)
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
HTTP HTTPConfig `yaml:"http"`
Context context.Context
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
ReadOnly bool
SharesProviderEndpoint string
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_METADATA_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_METADATA_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_METADATA_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_METADATA_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_METADATA_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_METADATA_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_METADATA_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_METADATA_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"STORAGE_METADATA_DEBUG_ADDR"`
Token string `yaml:"token" env:"STORAGE_METADATA_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"STORAGE_METADATA_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"STORAGE_METADATA_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"STORAGE_METADATA_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"STORAGE_METADATA_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type HTTPConfig struct {
Addr string `yaml:"addr" env:"STORAGE_METADATA_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"STORAGE_METADATA_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}

68
extensions/storage-shares/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,68 @@
package defaults
import (
"github.com/owncloud/ocis/extensions/storage-shares/pkg/config"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9156",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9154",
Protocol: "tcp",
},
HTTP: config.HTTPConfig{
Addr: "127.0.0.1:9155",
Protocol: "tcp",
},
Service: config.Service{
Name: "storage-metadata",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
ReadOnly: false,
SharesProviderEndpoint: "localhost:9150",
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

86
extensions/storage/pkg/command/storageusers.go → extensions/storage-users/pkg/command/command.go
View File

@@ -9,12 +9,12 @@ import (
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/command/storagedrivers"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/storage-users/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
@@ -24,17 +24,17 @@ func StorageUsers(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "storage-users",
Usage: "start storage-users service",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-userprovider")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
uuid := uuid.Must(uuid.NewV4())
@@ -59,10 +59,12 @@ func StorageUsers(cfg *config.Config) *cli.Command {
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.StorageUsers.DebugAddr),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
@@ -74,7 +76,7 @@ func StorageUsers(cfg *config.Config) *cli.Command {
cancel()
})
if !cfg.Reva.StorageUsers.Supervised {
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
@@ -87,57 +89,56 @@ func StorageUsers(cfg *config.Config) *cli.Command {
func storageUsersConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.StorageUsers.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.StorageUsers.GRPCNetwork,
"address": cfg.Reva.StorageUsers.GRPCAddr,
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"storageprovider": map[string]interface{}{
"driver": cfg.Reva.StorageUsers.Driver,
"drivers": storagedrivers.UserDrivers(cfg),
"mount_id": cfg.Reva.StorageUsers.MountID,
"expose_data_server": cfg.Reva.StorageUsers.ExposeDataServer,
"data_server_url": cfg.Reva.StorageUsers.DataServerURL,
"tmp_folder": cfg.Reva.StorageUsers.TempFolder,
"driver": cfg.Driver,
"drivers": config.UserDrivers(cfg),
"mount_id": cfg.MountID,
"expose_data_server": cfg.ExposeDataServer,
"data_server_url": cfg.DataServerURL,
"tmp_folder": cfg.TempFolder,
},
},
"interceptors": map[string]interface{}{
"eventsmiddleware": map[string]interface{}{
"group": "sharing",
"type": "nats",
"address": cfg.Reva.Sharing.Events.Address,
"clusterID": cfg.Reva.Sharing.Events.ClusterID,
"address": cfg.Events.Addr,
"clusterID": cfg.Events.ClusterID,
},
},
},
"http": map[string]interface{}{
"network": cfg.Reva.StorageUsers.HTTPNetwork,
"address": cfg.Reva.StorageUsers.HTTPAddr,
"network": cfg.HTTP.Protocol,
"address": cfg.HTTP.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"dataprovider": map[string]interface{}{
"prefix": cfg.Reva.StorageUsers.HTTPPrefix,
"driver": cfg.Reva.StorageUsers.Driver,
"drivers": storagedrivers.UserDrivers(cfg),
"prefix": cfg.HTTP.Prefix,
"driver": cfg.Driver,
"drivers": config.UserDrivers(cfg),
"timeout": 86400,
"insecure": cfg.Reva.StorageUsers.DataProvider.Insecure,
"insecure": cfg.DataProviderInsecure,
"disable_tus": false,
},
},
},
}
if cfg.Reva.StorageUsers.ReadOnly {
if cfg.ReadOnly {
gcfg := rcfg["grpc"].(map[string]interface{})
gcfg["interceptors"] = map[string]interface{}{
"readonly": map[string]interface{}{},
@@ -153,28 +154,29 @@ type StorageUsersSutureService struct {
// NewStorageUsersSutureService creates a new storage.StorageUsersSutureService
func NewStorageUsers(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
cfg.StorageUsers.Commons = cfg.Commons
return StorageUsersSutureService{
cfg: cfg.Storage,
cfg: cfg.StorageUsers,
}
}
func (s StorageUsersSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.StorageUsers.Context = ctx
// s.cfg.Reva.StorageUsers.Context = ctx
cmd := StorageUsers(s.cfg)
f := &flag.FlagSet{}
cmdFlags := StorageUsers(s.cfg).Flags
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if StorageUsers(s.cfg).Before != nil {
if err := StorageUsers(s.cfg).Before(cliCtx); err != nil {
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := StorageUsers(s.cfg).Action(cliCtx); err != nil {
if err := cmd.Action(cliCtx); err != nil {
return err
}

196
extensions/storage-users/pkg/config/config.go Normal file
View File

@@ -0,0 +1,196 @@
package config
import (
"context"
"github.com/owncloud/ocis/ocis-pkg/shared"
)
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
HTTP HTTPConfig `yaml:"http"`
Context context.Context
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
Driver string `yaml:"driver" env:"STORAGE_USERS_DRIVER" desc:"The storage driver which should be used by the service"`
Drivers Drivers `yaml:"drivers"`
DataServerURL string
TempFolder string
DataProviderInsecure bool `env:"OCIS_INSECURE;STORAGE_USERS_DATAPROVIDER_INSECURE"`
Events Events
MountID string
ExposeDataServer bool
ReadOnly bool
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_USERS_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_USERS_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_USERS_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_USERS_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_USERS_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_USERS_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_USERS_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"STORAGE_USERS_DEBUG_ADDR"`
Token string `yaml:"token" env:"STORAGE_USERS_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"STORAGE_USERS_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"STORAGE_USERS_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"STORAGE_USERS_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"STORAGE_USERS_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type HTTPConfig struct {
Addr string `yaml:"addr" env:"STORAGE_USERS_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"STORAGE_USERS_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
Prefix string
}
type Drivers struct {
EOS EOSDriver
Local LocalDriver
OCIS OCISDriver
S3 S3Driver
S3NG S3NGDriver
OwnCloudSQL OwnCloudSQLDriver
}
type EOSDriver struct {
// Root is the absolute path to the location of the data
Root string `yaml:"root"`
// ShadowNamespace for storing shadow data
ShadowNamespace string `yaml:"shadow_namespace"`
// UploadsNamespace for storing upload data
UploadsNamespace string `yaml:"uploads_namespace"`
// Location of the eos binary.
// Default is /usr/bin/eos.
EosBinary string `yaml:"eos_binary"`
// Location of the xrdcopy binary.
// Default is /usr/bin/xrdcopy.
XrdcopyBinary string `yaml:"xrd_copy_binary"`
// URL of the Master EOS MGM.
// Default is root://eos-example.org
MasterURL string `yaml:"master_url"`
// URL of the Slave EOS MGM.
// Default is root://eos-example.org
SlaveURL string `yaml:"slave_url"`
// Location on the local fs where to store reads.
// Defaults to os.TempDir()
CacheDirectory string `yaml:"cache_directory"`
// SecProtocol specifies the xrootd security protocol to use between the server and EOS.
SecProtocol string `yaml:"sec_protocol"`
// Keytab specifies the location of the keytab to use to authenticate to EOS.
Keytab string `yaml:"keytab"`
// SingleUsername is the username to use when SingleUserMode is enabled
SingleUsername string `yaml:"single_username"`
// Enables logging of the commands executed
// Defaults to false
EnableLogging bool `yaml:"enable_logging"`
// ShowHiddenSysFiles shows internal EOS files like
// .sys.v# and .sys.a# files.
ShowHiddenSysFiles bool `yaml:"shadow_hidden_files"`
// ForceSingleUserMode will force connections to EOS to use SingleUsername
ForceSingleUserMode bool `yaml:"force_single_user_mode"`
// UseKeyTabAuth changes will authenticate requests by using an EOS keytab.
UseKeytab bool `yaml:"user_keytab"`
// gateway service to use for uid lookups
GatewaySVC string `yaml:"gateway_svc"`
//ShareFolder defines the name of the folder jailing all shares
ShareFolder string `yaml:"share_folder"`
GRPCURI string
UserLayout string
}
type LocalDriver struct {
// Root is the absolute path to the location of the data
Root string `yaml:"root" env:"STORAGE_USERS_LOCAL_ROOT"`
//ShareFolder defines the name of the folder jailing all shares
ShareFolder string `yaml:"share_folder"`
UserLayout string
}
type OCISDriver struct {
// Root is the absolute path to the location of the data
Root string `yaml:"root" env:"STORAGE_USERS_OCIS_ROOT"`
UserLayout string
PermissionsEndpoint string
// PersonalSpaceAliasTemplate contains the template used to construct
// the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}}"`
PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template"`
// GeneralSpaceAliasTemplate contains the template used to construct
// the general space alias, eg: `{{.SpaceType}}/{{.SpaceName | replace " " "-" | lower}}`
GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template"`
//ShareFolder defines the name of the folder jailing all shares
ShareFolder string `yaml:"share_folder"`
}
type S3Driver struct {
// Root is the absolute path to the location of the data
Root string `yaml:"root"`
Region string `yaml:"region"`
AccessKey string `yaml:"access_key"`
SecretKey string `yaml:"secret_key"`
Endpoint string `yaml:"endpoint"`
Bucket string `yaml:"bucket"`
}
type S3NGDriver struct {
// Root is the absolute path to the location of the data
Root string `yaml:"root"`
UserLayout string
PermissionsEndpoint string
Region string `yaml:"region"`
AccessKey string `yaml:"access_key"`
SecretKey string `yaml:"secret_key"`
Endpoint string `yaml:"endpoint"`
Bucket string `yaml:"bucket"`
// PersonalSpaceAliasTemplate contains the template used to construct
// the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}}"`
PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template"`
// GeneralSpaceAliasTemplate contains the template used to construct
// the general space alias, eg: `{{.SpaceType}}/{{.SpaceName | replace " " "-" | lower}}`
GeneralSpaceAliasTemplate string `yaml:"generalspacealias_template"`
//ShareFolder defines the name of the folder jailing all shares
ShareFolder string `yaml:"share_folder"`
}
type OwnCloudSQLDriver struct {
// Root is the absolute path to the location of the data
Root string `yaml:"root" env:"STORAGE_USERS_DRIVER_OWNCLOUDSQL_DATADIR"`
//ShareFolder defines the name of the folder jailing all shares
ShareFolder string `yaml:"share_folder" env:"STORAGE_USERS_DRIVER_OWNCLOUDSQL_SHARE_FOLDER"`
UserLayout string `env:"STORAGE_USERS_DRIVER_OWNCLOUDSQL_LAYOUT"`
UploadInfoDir string `yaml:"upload_info_dir" env:"STORAGE_USERS_DRIVER_OWNCLOUDSQL_UPLOADINFO_DIR"`
DBUsername string `yaml:"db_username" env:"STORAGE_USERS_DRIVER_OWNCLOUDSQL_DBUSERNAME"`
DBPassword string `yaml:"db_password" env:"STORAGE_USERS_DRIVER_OWNCLOUDSQL_DBPASSWORD"`
DBHost string `yaml:"db_host" env:"STORAGE_USERS_DRIVER_OWNCLOUDSQL_DBHOST"`
DBPort int `yaml:"db_port" env:"STORAGE_USERS_DRIVER_OWNCLOUDSQL_DBPORT"`
DBName string `yaml:"db_name" env:"STORAGE_USERS_DRIVER_OWNCLOUDSQL_DBNAME"`
UsersProviderEndpoint string
}
type Events struct {
Addr string
ClusterID string
}

131
extensions/storage-users/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,131 @@
package defaults
import (
"os"
"path/filepath"
"github.com/owncloud/ocis/extensions/storage-users/pkg/config"
"github.com/owncloud/ocis/ocis-pkg/config/defaults"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9159",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9157",
Protocol: "tcp",
},
HTTP: config.HTTPConfig{
Addr: "127.0.0.1:9158",
Protocol: "tcp",
Prefix: "data",
},
Service: config.Service{
Name: "storage-users",
},
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
TempFolder: filepath.Join(defaults.BaseDataPath(), "tmp", "users"),
DataServerURL: "http://localhost:9158/data",
MountID: "1284d238-aa92-42ce-bdc4-0b0000009157",
Driver: "ocis",
Drivers: config.Drivers{
EOS: config.EOSDriver{
Root: "/eos/dockertest/reva",
ShareFolder: "/Shares",
UserLayout: "{{substr 0 1 .Username}}/{{.Username}}",
ShadowNamespace: "",
UploadsNamespace: "",
EosBinary: "/usr/bin/eos",
XrdcopyBinary: "/usr/bin/xrdcopy",
MasterURL: "root://eos-mgm1.eoscluster.cern.ch:1094",
GRPCURI: "",
SlaveURL: "root://eos-mgm1.eoscluster.cern.ch:1094",
CacheDirectory: os.TempDir(),
GatewaySVC: "127.0.0.1:9142",
},
Local: config.LocalDriver{
Root: filepath.Join(defaults.BaseDataPath(), "storage", "local", "users"),
ShareFolder: "/Shares",
UserLayout: "{{.Username}}",
},
OwnCloudSQL: config.OwnCloudSQLDriver{
Root: filepath.Join(defaults.BaseDataPath(), "storage", "owncloud"),
ShareFolder: "/Shares",
UserLayout: "{{.Username}}",
UploadInfoDir: filepath.Join(defaults.BaseDataPath(), "storage", "uploadinfo"),
DBUsername: "owncloud",
DBPassword: "owncloud",
DBHost: "",
DBPort: 3306,
DBName: "owncloud",
},
S3: config.S3Driver{
Region: "default",
},
S3NG: config.S3NGDriver{
Root: filepath.Join(defaults.BaseDataPath(), "storage", "users"),
ShareFolder: "/Shares",
UserLayout: "{{.Id.OpaqueId}}",
Region: "default",
PersonalSpaceAliasTemplate: "{{.SpaceType}}/{{.User.Username | lower}}",
GeneralSpaceAliasTemplate: "{{.SpaceType}}/{{.SpaceName | replace \" \" \"-\" | lower}}",
PermissionsEndpoint: "127.0.0.1:9191",
},
OCIS: config.OCISDriver{
Root: filepath.Join(defaults.BaseDataPath(), "storage", "users"),
ShareFolder: "/Shares",
UserLayout: "{{.Id.OpaqueId}}",
PersonalSpaceAliasTemplate: "{{.SpaceType}}/{{.User.Username | lower}}",
GeneralSpaceAliasTemplate: "{{.SpaceType}}/{{.SpaceName | replace \" \" \"-\" | lower}}",
PermissionsEndpoint: "127.0.0.1:9191",
},
},
Events: config.Events{
Addr: "127.0.0.1:9233",
ClusterID: "ocis-cluster",
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

122
extensions/storage-users/pkg/config/user.go Normal file
View File

@@ -0,0 +1,122 @@
package config
func UserDrivers(cfg *Config) map[string]interface{} {
return map[string]interface{}{
"eos": map[string]interface{}{
"namespace": cfg.Drivers.EOS.Root,
"shadow_namespace": cfg.Drivers.EOS.ShadowNamespace,
"uploads_namespace": cfg.Drivers.EOS.UploadsNamespace,
"share_folder": cfg.Drivers.EOS.ShareFolder,
"eos_binary": cfg.Drivers.EOS.EosBinary,
"xrdcopy_binary": cfg.Drivers.EOS.XrdcopyBinary,
"master_url": cfg.Drivers.EOS.MasterURL,
"slave_url": cfg.Drivers.EOS.SlaveURL,
"cache_directory": cfg.Drivers.EOS.CacheDirectory,
"sec_protocol": cfg.Drivers.EOS.SecProtocol,
"keytab": cfg.Drivers.EOS.Keytab,
"single_username": cfg.Drivers.EOS.SingleUsername,
"enable_logging": cfg.Drivers.EOS.EnableLogging,
"show_hidden_sys_files": cfg.Drivers.EOS.ShowHiddenSysFiles,
"force_single_user_mode": cfg.Drivers.EOS.ForceSingleUserMode,
"use_keytab": cfg.Drivers.EOS.UseKeytab,
"gatewaysvc": cfg.Drivers.EOS.GatewaySVC,
},
"eoshome": map[string]interface{}{
"namespace": cfg.Drivers.EOS.Root,
"shadow_namespace": cfg.Drivers.EOS.ShadowNamespace,
"uploads_namespace": cfg.Drivers.EOS.UploadsNamespace,
"share_folder": cfg.Drivers.EOS.ShareFolder,
"eos_binary": cfg.Drivers.EOS.EosBinary,
"xrdcopy_binary": cfg.Drivers.EOS.XrdcopyBinary,
"master_url": cfg.Drivers.EOS.MasterURL,
"slave_url": cfg.Drivers.EOS.SlaveURL,
"cache_directory": cfg.Drivers.EOS.CacheDirectory,
"sec_protocol": cfg.Drivers.EOS.SecProtocol,
"keytab": cfg.Drivers.EOS.Keytab,
"single_username": cfg.Drivers.EOS.SingleUsername,
"user_layout": cfg.Drivers.EOS.UserLayout,
"enable_logging": cfg.Drivers.EOS.EnableLogging,
"show_hidden_sys_files": cfg.Drivers.EOS.ShowHiddenSysFiles,
"force_single_user_mode": cfg.Drivers.EOS.ForceSingleUserMode,
"use_keytab": cfg.Drivers.EOS.UseKeytab,
"gatewaysvc": cfg.Drivers.EOS.GatewaySVC,
},
"eosgrpc": map[string]interface{}{
"namespace": cfg.Drivers.EOS.Root,
"shadow_namespace": cfg.Drivers.EOS.ShadowNamespace,
"share_folder": cfg.Drivers.EOS.ShareFolder,
"eos_binary": cfg.Drivers.EOS.EosBinary,
"xrdcopy_binary": cfg.Drivers.EOS.XrdcopyBinary,
"master_url": cfg.Drivers.EOS.MasterURL,
"master_grpc_uri": cfg.Drivers.EOS.GRPCURI,
"slave_url": cfg.Drivers.EOS.SlaveURL,
"cache_directory": cfg.Drivers.EOS.CacheDirectory,
"sec_protocol": cfg.Drivers.EOS.SecProtocol,
"keytab": cfg.Drivers.EOS.Keytab,
"single_username": cfg.Drivers.EOS.SingleUsername,
"user_layout": cfg.Drivers.EOS.UserLayout,
"enable_logging": cfg.Drivers.EOS.EnableLogging,
"show_hidden_sys_files": cfg.Drivers.EOS.ShowHiddenSysFiles,
"force_single_user_mode": cfg.Drivers.EOS.ForceSingleUserMode,
"use_keytab": cfg.Drivers.EOS.UseKeytab,
"enable_home": false,
"gatewaysvc": cfg.Drivers.EOS.GatewaySVC,
},
"local": map[string]interface{}{
"root": cfg.Drivers.Local.Root,
"share_folder": cfg.Drivers.Local.ShareFolder,
},
"localhome": map[string]interface{}{
"root": cfg.Drivers.Local.Root,
"share_folder": cfg.Drivers.Local.ShareFolder,
"user_layout": cfg.Drivers.Local.UserLayout,
},
"owncloudsql": map[string]interface{}{
"datadirectory": cfg.Drivers.OwnCloudSQL.Root,
"upload_info_dir": cfg.Drivers.OwnCloudSQL.UploadInfoDir,
"share_folder": cfg.Drivers.OwnCloudSQL.ShareFolder,
"user_layout": cfg.Drivers.OwnCloudSQL.UserLayout,
"enable_home": false,
"dbusername": cfg.Drivers.OwnCloudSQL.DBUsername,
"dbpassword": cfg.Drivers.OwnCloudSQL.DBPassword,
"dbhost": cfg.Drivers.OwnCloudSQL.DBHost,
"dbport": cfg.Drivers.OwnCloudSQL.DBPort,
"dbname": cfg.Drivers.OwnCloudSQL.DBName,
"userprovidersvc": cfg.Drivers.OwnCloudSQL.UsersProviderEndpoint,
},
"ocis": map[string]interface{}{
"root": cfg.Drivers.OCIS.Root,
"user_layout": cfg.Drivers.OCIS.UserLayout,
"share_folder": cfg.Drivers.OCIS.ShareFolder,
"personalspacealias_template": cfg.Drivers.OCIS.PersonalSpaceAliasTemplate,
"generalspacealias_template": cfg.Drivers.OCIS.GeneralSpaceAliasTemplate,
"treetime_accounting": true,
"treesize_accounting": true,
"permissionssvc": cfg.Drivers.OCIS.PermissionsEndpoint,
},
"s3": map[string]interface{}{
"enable_home": false,
"region": cfg.Drivers.S3.Region,
"access_key": cfg.Drivers.S3.AccessKey,
"secret_key": cfg.Drivers.S3.SecretKey,
"endpoint": cfg.Drivers.S3.Endpoint,
"bucket": cfg.Drivers.S3.Bucket,
"prefix": cfg.Drivers.S3.Root,
},
"s3ng": map[string]interface{}{
"root": cfg.Drivers.S3NG.Root,
"user_layout": cfg.Drivers.S3NG.UserLayout,
"share_folder": cfg.Drivers.S3NG.ShareFolder,
"personalspacealias_template": cfg.Drivers.S3NG.PersonalSpaceAliasTemplate,
"generalspacealias_template": cfg.Drivers.S3NG.GeneralSpaceAliasTemplate,
"treetime_accounting": true,
"treesize_accounting": true,
"permissionssvc": cfg.Drivers.S3NG.PermissionsEndpoint,
"s3.region": cfg.Drivers.S3NG.Region,
"s3.access_key": cfg.Drivers.S3NG.AccessKey,
"s3.secret_key": cfg.Drivers.S3NG.SecretKey,
"s3.endpoint": cfg.Drivers.S3NG.Endpoint,
"s3.bucket": cfg.Drivers.S3NG.Bucket,
},
}
}

3
extensions/storage/pkg/command/health.go
View File

@@ -14,9 +14,6 @@ func Health(cfg *config.Config) *cli.Command {
Name: "health",
Usage: "check health status",
Category: "info",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)

60
extensions/storage/pkg/command/ldapcfg.go
View File

@@ -1,60 +0,0 @@
package command
import (
"errors"
"os"
"time"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/ocis-pkg/log"
)
const caTimeout = 5
func ldapConfigFromString(cfg *config.Config) map[string]interface{} {
return map[string]interface{}{
"uri": cfg.Reva.LDAP.URI,
"cacert": cfg.Reva.LDAP.CACert,
"insecure": cfg.Reva.LDAP.Insecure,
"bind_username": cfg.Reva.LDAP.BindDN,
"bind_password": cfg.Reva.LDAP.BindPassword,
"user_base_dn": cfg.Reva.LDAP.UserBaseDN,
"group_base_dn": cfg.Reva.LDAP.GroupBaseDN,
"user_filter": cfg.Reva.LDAP.UserFilter,
"group_filter": cfg.Reva.LDAP.GroupFilter,
"user_objectclass": cfg.Reva.LDAP.UserObjectClass,
"group_objectclass": cfg.Reva.LDAP.GroupObjectClass,
"login_attributes": cfg.Reva.LDAP.LoginAttributes,
"idp": cfg.Reva.LDAP.IDP,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"user_schema": map[string]interface{}{
"id": cfg.Reva.LDAP.UserSchema.ID,
"idIsOctetString": cfg.Reva.LDAP.UserSchema.IDIsOctetString,
"mail": cfg.Reva.LDAP.UserSchema.Mail,
"displayName": cfg.Reva.LDAP.UserSchema.DisplayName,
"userName": cfg.Reva.LDAP.UserSchema.Username,
},
"group_schema": map[string]interface{}{
"id": cfg.Reva.LDAP.GroupSchema.ID,
"idIsOctetString": cfg.Reva.LDAP.GroupSchema.IDIsOctetString,
"mail": cfg.Reva.LDAP.GroupSchema.Mail,
"displayName": cfg.Reva.LDAP.GroupSchema.DisplayName,
"groupName": cfg.Reva.LDAP.GroupSchema.Groupname,
"member": cfg.Reva.LDAP.GroupSchema.Member,
},
}
}
func waitForLDAPCA(log log.Logger, cfg *config.LDAP) error {
if !cfg.Insecure && cfg.CACert != "" {
if _, err := os.Stat(cfg.CACert); errors.Is(err, os.ErrNotExist) {
log.Warn().Str("LDAP CACert", cfg.CACert).Msgf("File does not exist. Waiting %d seconds for it to appear.", caTimeout)
time.Sleep(caTimeout * time.Second)
if _, err := os.Stat(cfg.CACert); errors.Is(err, os.ErrNotExist) {
log.Warn().Str("LDAP CACert", cfg.CACert).Msgf("File does still not exist after Timeout")
return err
}
}
}
return nil
}

134
extensions/storage/pkg/command/ocdav.go
View File

@@ -1,134 +0,0 @@
package command
import (
"context"
"flag"
"github.com/cs3org/reva/v2/pkg/micro/ocdav"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
// OCDav is the entrypoint for the ocdav command.
// TODO move ocdav cmd to a separate service
func OCDav(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "ocdav",
Usage: "start ocdav service",
Before: func(c *cli.Context) error {
if err := loadUserAgent(c, cfg); err != nil {
return err
}
return ParseConfig(c, cfg, "ocdav")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
//metrics = metrics.New()
defer cancel()
gr.Add(func() error {
s, err := ocdav.Service(
ocdav.Context(ctx),
ocdav.Logger(logger.Logger),
ocdav.Address(cfg.OCDav.Addr),
ocdav.FilesNamespace(cfg.OCDav.FilesNamespace),
ocdav.WebdavNamespace(cfg.OCDav.WebdavNamespace),
ocdav.SharesNamespace(cfg.OCDav.SharesNamespace),
ocdav.Timeout(cfg.OCDav.Timeout),
ocdav.Insecure(cfg.OCDav.Insecure),
ocdav.PublicURL(cfg.OCDav.PublicURL),
ocdav.Prefix(cfg.OCDav.Prefix),
ocdav.GatewaySvc(cfg.OCDav.GatewaySVC),
ocdav.JWTSecret(cfg.OCDav.JWTSecret),
// ocdav.FavoriteManager() // FIXME needs a proper persistence implementation
// ocdav.LockSystem(), // will default to the CS3 lock system
// ocdav.TLSConfig() // tls config for the http server
)
if err != nil {
return err
}
return s.Run()
}, func(err error) {
logger.Info().Err(err).Str("server", c.Command.Name).Msg("Shutting down server")
cancel()
})
{
server, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.OCDav.DebugAddr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
)
if err != nil {
logger.Info().
Err(err).
Str("server", "debug").
Msg("Failed to initialize server")
return err
}
gr.Add(server.ListenAndServe, func(_ error) {
cancel()
})
}
if !cfg.Reva.Frontend.Supervised {
sync.Trap(&gr, cancel)
}
return gr.Run()
},
}
}
// OCDavSutureService allows for the ocdav command to be embedded and supervised by a suture supervisor tree.
type OCDavSutureService struct {
cfg *config.Config
}
// NewOCDav creates a new ocdav.OCDavSutureService
func NewOCDav(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
return OCDavSutureService{
cfg: cfg.Storage,
}
}
func (s OCDavSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.Frontend.Context = ctx
f := &flag.FlagSet{}
cmdFlags := OCDav(s.cfg).Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if OCDav(s.cfg).Before != nil {
if err := OCDav(s.cfg).Before(cliCtx); err != nil {
return err
}
}
if err := OCDav(s.cfg).Action(cliCtx); err != nil {
return err
}
return nil
}

17
extensions/storage/pkg/command/root.go
View File

@@ -12,19 +12,6 @@ import (
// GetCommands provides all commands for this service
func GetCommands(cfg *config.Config) cli.Commands {
return []*cli.Command{
Frontend(cfg),
Gateway(cfg),
Users(cfg),
Groups(cfg),
AppProvider(cfg),
AuthBasic(cfg),
AuthBearer(cfg),
AuthMachine(cfg),
Sharing(cfg),
StoragePublicLink(cfg),
StorageShares(cfg),
StorageUsers(cfg),
StorageMetadata(cfg),
Health(cfg),
}
}
@@ -35,10 +22,6 @@ func Execute(cfg *config.Config) error {
Name: "storage",
Usage: "Storage service for oCIS",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage")
},
Commands: GetCommands(cfg),
})

240
extensions/storage/pkg/command/sharing.go
View File

@@ -1,240 +0,0 @@
package command
import (
"context"
"flag"
"os"
"path"
"path/filepath"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
// Sharing is the entrypoint for the sharing command.
func Sharing(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "sharing",
Usage: "start sharing service",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-sharing")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
// precreate folders
if cfg.Reva.Sharing.UserDriver == "json" && cfg.Reva.Sharing.UserJSONFile != "" {
if err := os.MkdirAll(filepath.Dir(cfg.Reva.Sharing.UserJSONFile), os.FileMode(0700)); err != nil {
return err
}
}
if cfg.Reva.Sharing.PublicDriver == "json" && cfg.Reva.Sharing.PublicJSONFile != "" {
if err := os.MkdirAll(filepath.Dir(cfg.Reva.Sharing.PublicJSONFile), os.FileMode(0700)); err != nil {
return err
}
}
uuid := uuid.Must(uuid.NewV4())
pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+uuid.String()+".pid")
rcfg := sharingConfigFromStruct(c, cfg)
gr.Add(func() error {
runtime.RunWithOptions(
rcfg,
pidFile,
runtime.WithLogger(&logger.Logger),
)
return nil
}, func(_ error) {
logger.Info().
Str("server", c.Command.Name).
Msg("Shutting down server")
cancel()
})
debug, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.Sharing.DebugAddr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
)
if err != nil {
logger.Info().Err(err).Str("server", c.Command.Name+"-debug").Msg("Failed to initialize server")
return err
}
gr.Add(debug.ListenAndServe, func(_ error) {
cancel()
})
if !cfg.Reva.Sharing.Supervised {
sync.Trap(&gr, cancel)
}
return gr.Run()
},
}
}
// sharingConfigFromStruct will adapt an oCIS config struct into a reva mapstructure to start a reva service.
func sharingConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.Sharing.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.Sharing.GRPCNetwork,
"address": cfg.Reva.Sharing.GRPCAddr,
// TODO build services dynamically
"services": map[string]interface{}{
"usershareprovider": map[string]interface{}{
"driver": cfg.Reva.Sharing.UserDriver,
"drivers": map[string]interface{}{
"json": map[string]interface{}{
"file": cfg.Reva.Sharing.UserJSONFile,
"gateway_addr": cfg.Reva.Gateway.Endpoint,
},
"sql": map[string]interface{}{ // cernbox sql
"db_username": cfg.Reva.Sharing.UserSQLUsername,
"db_password": cfg.Reva.Sharing.UserSQLPassword,
"db_host": cfg.Reva.Sharing.UserSQLHost,
"db_port": cfg.Reva.Sharing.UserSQLPort,
"db_name": cfg.Reva.Sharing.UserSQLName,
"password_hash_cost": cfg.Reva.Sharing.PublicPasswordHashCost,
"enable_expired_shares_cleanup": cfg.Reva.Sharing.PublicEnableExpiredSharesCleanup,
"janitor_run_interval": cfg.Reva.Sharing.PublicJanitorRunInterval,
},
"owncloudsql": map[string]interface{}{
"gateway_addr": cfg.Reva.Gateway.Endpoint,
"storage_mount_id": cfg.Reva.Sharing.UserStorageMountID,
"db_username": cfg.Reva.Sharing.UserSQLUsername,
"db_password": cfg.Reva.Sharing.UserSQLPassword,
"db_host": cfg.Reva.Sharing.UserSQLHost,
"db_port": cfg.Reva.Sharing.UserSQLPort,
"db_name": cfg.Reva.Sharing.UserSQLName,
},
"cs3": map[string]interface{}{
"gateway_addr": cfg.Reva.Gateway.Endpoint,
"provider_addr": cfg.Reva.Sharing.CS3ProviderAddr,
"service_user_id": cfg.Reva.Sharing.CS3ServiceUser,
"service_user_idp": cfg.Reva.Sharing.CS3ServiceUserIdp,
"machine_auth_apikey": cfg.Reva.AuthMachineConfig.MachineAuthAPIKey,
},
},
},
"publicshareprovider": map[string]interface{}{
"driver": cfg.Reva.Sharing.PublicDriver,
"drivers": map[string]interface{}{
"json": map[string]interface{}{
"file": cfg.Reva.Sharing.PublicJSONFile,
"gateway_addr": cfg.Reva.Gateway.Endpoint,
},
"sql": map[string]interface{}{
"db_username": cfg.Reva.Sharing.UserSQLUsername,
"db_password": cfg.Reva.Sharing.UserSQLPassword,
"db_host": cfg.Reva.Sharing.UserSQLHost,
"db_port": cfg.Reva.Sharing.UserSQLPort,
"db_name": cfg.Reva.Sharing.UserSQLName,
"password_hash_cost": cfg.Reva.Sharing.PublicPasswordHashCost,
"enable_expired_shares_cleanup": cfg.Reva.Sharing.PublicEnableExpiredSharesCleanup,
"janitor_run_interval": cfg.Reva.Sharing.PublicJanitorRunInterval,
},
"owncloudsql": map[string]interface{}{
"gateway_addr": cfg.Reva.Gateway.Endpoint,
"storage_mount_id": cfg.Reva.Sharing.UserStorageMountID,
"db_username": cfg.Reva.Sharing.UserSQLUsername,
"db_password": cfg.Reva.Sharing.UserSQLPassword,
"db_host": cfg.Reva.Sharing.UserSQLHost,
"db_port": cfg.Reva.Sharing.UserSQLPort,
"db_name": cfg.Reva.Sharing.UserSQLName,
"password_hash_cost": cfg.Reva.Sharing.PublicPasswordHashCost,
"enable_expired_shares_cleanup": cfg.Reva.Sharing.PublicEnableExpiredSharesCleanup,
"janitor_run_interval": cfg.Reva.Sharing.PublicJanitorRunInterval,
},
"cs3": map[string]interface{}{
"gateway_addr": cfg.Reva.Gateway.Endpoint,
"provider_addr": cfg.Reva.Sharing.CS3ProviderAddr,
"service_user_id": cfg.Reva.Sharing.CS3ServiceUser,
"service_user_idp": cfg.Reva.Sharing.CS3ServiceUserIdp,
"machine_auth_apikey": cfg.Reva.AuthMachineConfig.MachineAuthAPIKey,
},
},
},
},
"interceptors": map[string]interface{}{
"eventsmiddleware": map[string]interface{}{
"group": "sharing",
"type": "nats",
"address": cfg.Reva.Sharing.Events.Address,
"clusterID": cfg.Reva.Sharing.Events.ClusterID,
},
},
},
}
return rcfg
}
// SharingSutureService allows for the storage-sharing command to be embedded and supervised by a suture supervisor tree.
type SharingSutureService struct {
cfg *config.Config
}
// NewSharingSutureService creates a new store.SharingSutureService
func NewSharing(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
return SharingSutureService{
cfg: cfg.Storage,
}
}
func (s SharingSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.Sharing.Context = ctx
f := &flag.FlagSet{}
cmdFlags := Sharing(s.cfg).Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if Sharing(s.cfg).Before != nil {
if err := Sharing(s.cfg).Before(cliCtx); err != nil {
return err
}
}
if err := Sharing(s.cfg).Action(cliCtx); err != nil {
return err
}
return nil
}

79
extensions/storage/pkg/command/storagedrivers/metadata.go
View File

@@ -1,79 +0,0 @@
package storagedrivers
import (
"github.com/owncloud/ocis/extensions/storage/pkg/config"
)
func MetadataDrivers(cfg *config.Config) map[string]interface{} {
return map[string]interface{}{
"eos": map[string]interface{}{
"namespace": cfg.Reva.MetadataStorage.EOS.Root,
"shadow_namespace": cfg.Reva.MetadataStorage.EOS.ShadowNamespace,
"uploads_namespace": cfg.Reva.MetadataStorage.EOS.UploadsNamespace,
"eos_binary": cfg.Reva.MetadataStorage.EOS.EosBinary,
"xrdcopy_binary": cfg.Reva.MetadataStorage.EOS.XrdcopyBinary,
"master_url": cfg.Reva.MetadataStorage.EOS.MasterURL,
"slave_url": cfg.Reva.MetadataStorage.EOS.SlaveURL,
"cache_directory": cfg.Reva.MetadataStorage.EOS.CacheDirectory,
"sec_protocol": cfg.Reva.MetadataStorage.EOS.SecProtocol,
"keytab": cfg.Reva.MetadataStorage.EOS.Keytab,
"single_username": cfg.Reva.MetadataStorage.EOS.SingleUsername,
"enable_logging": cfg.Reva.MetadataStorage.EOS.EnableLogging,
"show_hidden_sys_files": cfg.Reva.MetadataStorage.EOS.ShowHiddenSysFiles,
"force_single_user_mode": cfg.Reva.MetadataStorage.EOS.ForceSingleUserMode,
"use_keytab": cfg.Reva.MetadataStorage.EOS.UseKeytab,
"gatewaysvc": cfg.Reva.MetadataStorage.EOS.GatewaySVC,
"enable_home": false,
},
"eosgrpc": map[string]interface{}{
"namespace": cfg.Reva.MetadataStorage.EOS.Root,
"shadow_namespace": cfg.Reva.MetadataStorage.EOS.ShadowNamespace,
"eos_binary": cfg.Reva.MetadataStorage.EOS.EosBinary,
"xrdcopy_binary": cfg.Reva.MetadataStorage.EOS.XrdcopyBinary,
"master_url": cfg.Reva.MetadataStorage.EOS.MasterURL,
"master_grpc_uri": cfg.Reva.MetadataStorage.EOS.GrpcURI,
"slave_url": cfg.Reva.MetadataStorage.EOS.SlaveURL,
"cache_directory": cfg.Reva.MetadataStorage.EOS.CacheDirectory,
"sec_protocol": cfg.Reva.MetadataStorage.EOS.SecProtocol,
"keytab": cfg.Reva.MetadataStorage.EOS.Keytab,
"single_username": cfg.Reva.MetadataStorage.EOS.SingleUsername,
"user_layout": cfg.Reva.MetadataStorage.EOS.UserLayout,
"enable_logging": cfg.Reva.MetadataStorage.EOS.EnableLogging,
"show_hidden_sys_files": cfg.Reva.MetadataStorage.EOS.ShowHiddenSysFiles,
"force_single_user_mode": cfg.Reva.MetadataStorage.EOS.ForceSingleUserMode,
"use_keytab": cfg.Reva.MetadataStorage.EOS.UseKeytab,
"enable_home": false,
"gatewaysvc": cfg.Reva.MetadataStorage.EOS.GatewaySVC,
},
"local": map[string]interface{}{
"root": cfg.Reva.MetadataStorage.Local.Root,
},
"ocis": map[string]interface{}{
"root": cfg.Reva.MetadataStorage.OCIS.Root,
"user_layout": cfg.Reva.MetadataStorage.OCIS.UserLayout,
"treetime_accounting": false,
"treesize_accounting": false,
"permissionssvc": cfg.Reva.Permissions.Endpoint,
},
"s3": map[string]interface{}{
"region": cfg.Reva.MetadataStorage.S3.Region,
"access_key": cfg.Reva.MetadataStorage.S3.AccessKey,
"secret_key": cfg.Reva.MetadataStorage.S3.SecretKey,
"endpoint": cfg.Reva.MetadataStorage.S3.Endpoint,
"bucket": cfg.Reva.MetadataStorage.S3.Bucket,
},
"s3ng": map[string]interface{}{
"root": cfg.Reva.MetadataStorage.S3NG.Root,
"enable_home": false,
"user_layout": cfg.Reva.MetadataStorage.S3NG.UserLayout,
"treetime_accounting": false,
"treesize_accounting": false,
"permissionssvc": cfg.Reva.Permissions.Endpoint,
"s3.region": cfg.Reva.MetadataStorage.S3NG.Region,
"s3.access_key": cfg.Reva.MetadataStorage.S3NG.AccessKey,
"s3.secret_key": cfg.Reva.MetadataStorage.S3NG.SecretKey,
"s3.endpoint": cfg.Reva.MetadataStorage.S3NG.Endpoint,
"s3.bucket": cfg.Reva.MetadataStorage.S3NG.Bucket,
},
}
}

126
extensions/storage/pkg/command/storagedrivers/user.go
View File

@@ -1,126 +0,0 @@
package storagedrivers
import (
"github.com/owncloud/ocis/extensions/storage/pkg/config"
)
func UserDrivers(cfg *config.Config) map[string]interface{} {
return map[string]interface{}{
"eos": map[string]interface{}{
"namespace": cfg.Reva.UserStorage.EOS.Root,
"shadow_namespace": cfg.Reva.UserStorage.EOS.ShadowNamespace,
"uploads_namespace": cfg.Reva.UserStorage.EOS.UploadsNamespace,
"share_folder": cfg.Reva.UserStorage.EOS.ShareFolder,
"eos_binary": cfg.Reva.UserStorage.EOS.EosBinary,
"xrdcopy_binary": cfg.Reva.UserStorage.EOS.XrdcopyBinary,
"master_url": cfg.Reva.UserStorage.EOS.MasterURL,
"slave_url": cfg.Reva.UserStorage.EOS.SlaveURL,
"cache_directory": cfg.Reva.UserStorage.EOS.CacheDirectory,
"sec_protocol": cfg.Reva.UserStorage.EOS.SecProtocol,
"keytab": cfg.Reva.UserStorage.EOS.Keytab,
"single_username": cfg.Reva.UserStorage.EOS.SingleUsername,
"enable_logging": cfg.Reva.UserStorage.EOS.EnableLogging,
"show_hidden_sys_files": cfg.Reva.UserStorage.EOS.ShowHiddenSysFiles,
"force_single_user_mode": cfg.Reva.UserStorage.EOS.ForceSingleUserMode,
"use_keytab": cfg.Reva.UserStorage.EOS.UseKeytab,
"gatewaysvc": cfg.Reva.UserStorage.EOS.GatewaySVC,
},
"eoshome": map[string]interface{}{
"namespace": cfg.Reva.UserStorage.EOS.Root,
"shadow_namespace": cfg.Reva.UserStorage.EOS.ShadowNamespace,
"uploads_namespace": cfg.Reva.UserStorage.EOS.UploadsNamespace,
"share_folder": cfg.Reva.UserStorage.EOS.ShareFolder,
"eos_binary": cfg.Reva.UserStorage.EOS.EosBinary,
"xrdcopy_binary": cfg.Reva.UserStorage.EOS.XrdcopyBinary,
"master_url": cfg.Reva.UserStorage.EOS.MasterURL,
"slave_url": cfg.Reva.UserStorage.EOS.SlaveURL,
"cache_directory": cfg.Reva.UserStorage.EOS.CacheDirectory,
"sec_protocol": cfg.Reva.UserStorage.EOS.SecProtocol,
"keytab": cfg.Reva.UserStorage.EOS.Keytab,
"single_username": cfg.Reva.UserStorage.EOS.SingleUsername,
"user_layout": cfg.Reva.UserStorage.EOS.UserLayout,
"enable_logging": cfg.Reva.UserStorage.EOS.EnableLogging,
"show_hidden_sys_files": cfg.Reva.UserStorage.EOS.ShowHiddenSysFiles,
"force_single_user_mode": cfg.Reva.UserStorage.EOS.ForceSingleUserMode,
"use_keytab": cfg.Reva.UserStorage.EOS.UseKeytab,
"gatewaysvc": cfg.Reva.UserStorage.EOS.GatewaySVC,
},
"eosgrpc": map[string]interface{}{
"namespace": cfg.Reva.UserStorage.EOS.Root,
"shadow_namespace": cfg.Reva.UserStorage.EOS.ShadowNamespace,
"share_folder": cfg.Reva.UserStorage.EOS.ShareFolder,
"eos_binary": cfg.Reva.UserStorage.EOS.EosBinary,
"xrdcopy_binary": cfg.Reva.UserStorage.EOS.XrdcopyBinary,
"master_url": cfg.Reva.UserStorage.EOS.MasterURL,
"master_grpc_uri": cfg.Reva.UserStorage.EOS.GrpcURI,
"slave_url": cfg.Reva.UserStorage.EOS.SlaveURL,
"cache_directory": cfg.Reva.UserStorage.EOS.CacheDirectory,
"sec_protocol": cfg.Reva.UserStorage.EOS.SecProtocol,
"keytab": cfg.Reva.UserStorage.EOS.Keytab,
"single_username": cfg.Reva.UserStorage.EOS.SingleUsername,
"user_layout": cfg.Reva.UserStorage.EOS.UserLayout,
"enable_logging": cfg.Reva.UserStorage.EOS.EnableLogging,
"show_hidden_sys_files": cfg.Reva.UserStorage.EOS.ShowHiddenSysFiles,
"force_single_user_mode": cfg.Reva.UserStorage.EOS.ForceSingleUserMode,
"use_keytab": cfg.Reva.UserStorage.EOS.UseKeytab,
"enable_home": false,
"gatewaysvc": cfg.Reva.UserStorage.EOS.GatewaySVC,
},
"local": map[string]interface{}{
"root": cfg.Reva.UserStorage.Local.Root,
"share_folder": cfg.Reva.UserStorage.Local.ShareFolder,
},
"localhome": map[string]interface{}{
"root": cfg.Reva.UserStorage.Local.Root,
"share_folder": cfg.Reva.UserStorage.Local.ShareFolder,
"user_layout": cfg.Reva.UserStorage.Local.UserLayout,
},
"owncloudsql": map[string]interface{}{
"datadirectory": cfg.Reva.UserStorage.OwnCloudSQL.Root,
"upload_info_dir": cfg.Reva.UserStorage.OwnCloudSQL.UploadInfoDir,
"share_folder": cfg.Reva.UserStorage.OwnCloudSQL.ShareFolder,
"user_layout": cfg.Reva.UserStorage.OwnCloudSQL.UserLayout,
"enable_home": false,
"dbusername": cfg.Reva.UserStorage.OwnCloudSQL.DBUsername,
"dbpassword": cfg.Reva.UserStorage.OwnCloudSQL.DBPassword,
"dbhost": cfg.Reva.UserStorage.OwnCloudSQL.DBHost,
"dbport": cfg.Reva.UserStorage.OwnCloudSQL.DBPort,
"dbname": cfg.Reva.UserStorage.OwnCloudSQL.DBName,
"userprovidersvc": cfg.Reva.Users.Endpoint,
},
"ocis": map[string]interface{}{
"root": cfg.Reva.UserStorage.OCIS.Root,
"user_layout": cfg.Reva.UserStorage.OCIS.UserLayout,
"share_folder": cfg.Reva.UserStorage.OCIS.ShareFolder,
"personalspacealias_template": cfg.Reva.UserStorage.OCIS.PersonalSpaceAliasTemplate,
"generalspacealias_template": cfg.Reva.UserStorage.OCIS.GeneralSpaceAliasTemplate,
"treetime_accounting": true,
"treesize_accounting": true,
"permissionssvc": cfg.Reva.Permissions.Endpoint,
},
"s3": map[string]interface{}{
"enable_home": false,
"region": cfg.Reva.UserStorage.S3.Region,
"access_key": cfg.Reva.UserStorage.S3.AccessKey,
"secret_key": cfg.Reva.UserStorage.S3.SecretKey,
"endpoint": cfg.Reva.UserStorage.S3.Endpoint,
"bucket": cfg.Reva.UserStorage.S3.Bucket,
"prefix": cfg.Reva.UserStorage.S3.Root,
},
"s3ng": map[string]interface{}{
"root": cfg.Reva.UserStorage.S3NG.Root,
"user_layout": cfg.Reva.UserStorage.S3NG.UserLayout,
"share_folder": cfg.Reva.UserStorage.S3NG.ShareFolder,
"personalspacealias_template": cfg.Reva.UserStorage.S3NG.PersonalSpaceAliasTemplate,
"generalspacealias_template": cfg.Reva.UserStorage.S3NG.GeneralSpaceAliasTemplate,
"treetime_accounting": true,
"treesize_accounting": true,
"permissionssvc": cfg.Reva.Permissions.Endpoint,
"s3.region": cfg.Reva.UserStorage.S3NG.Region,
"s3.access_key": cfg.Reva.UserStorage.S3NG.AccessKey,
"s3.secret_key": cfg.Reva.UserStorage.S3NG.SecretKey,
"s3.endpoint": cfg.Reva.UserStorage.S3NG.Endpoint,
"s3.bucket": cfg.Reva.UserStorage.S3NG.Bucket,
},
}
}

197
extensions/storage/pkg/command/users.go
View File

@@ -1,197 +0,0 @@
package command
import (
"context"
"flag"
"os"
"path"
"path/filepath"
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/config"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
// Users is the entrypoint for the users command.
func Users(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "users",
Usage: "start users service",
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg, "storage-users")
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
tracing.Configure(cfg, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
// precreate folders
if cfg.Reva.Users.Driver == "json" && cfg.Reva.Users.JSON != "" {
if err := os.MkdirAll(filepath.Dir(cfg.Reva.Users.JSON), os.FileMode(0700)); err != nil {
return err
}
}
uuid := uuid.Must(uuid.NewV4())
pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+uuid.String()+".pid")
rcfg := usersConfigFromStruct(c, cfg)
logger.Debug().
Str("server", "users").
Interface("reva-config", rcfg).
Msg("config")
if cfg.Reva.Users.Driver == "ldap" {
if err := waitForLDAPCA(logger, &cfg.Reva.LDAP); err != nil {
logger.Error().Err(err).Msg("The configured LDAP CA cert does not exist")
return err
}
}
gr.Add(func() error {
runtime.RunWithOptions(
rcfg,
pidFile,
runtime.WithLogger(&logger.Logger),
)
return nil
}, func(_ error) {
logger.Info().
Str("server", c.Command.Name).
Msg("Shutting down server")
cancel()
})
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Reva.Users.DebugAddr),
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
)
if err != nil {
logger.Info().Err(err).Str("server", c.Command.Name+"-debug").Msg("Failed to initialize server")
return err
}
gr.Add(debugServer.ListenAndServe, func(_ error) {
cancel()
})
if !cfg.Reva.Users.Supervised {
sync.Trap(&gr, cancel)
}
return gr.Run()
},
}
}
// usersConfigFromStruct will adapt an oCIS config struct into a reva mapstructure to start a reva service.
func usersConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"max_cpus": cfg.Reva.Users.MaxCPUs,
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.Reva.JWTSecret,
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.Reva.Users.GRPCNetwork,
"address": cfg.Reva.Users.GRPCAddr,
// TODO build services dynamically
"services": map[string]interface{}{
"userprovider": map[string]interface{}{
"driver": cfg.Reva.Users.Driver,
"drivers": map[string]interface{}{
"json": map[string]interface{}{
"users": cfg.Reva.Users.JSON,
},
"ldap": ldapConfigFromString(cfg),
"rest": map[string]interface{}{
"client_id": cfg.Reva.UserGroupRest.ClientID,
"client_secret": cfg.Reva.UserGroupRest.ClientSecret,
"redis_address": cfg.Reva.UserGroupRest.RedisAddress,
"redis_username": cfg.Reva.UserGroupRest.RedisUsername,
"redis_password": cfg.Reva.UserGroupRest.RedisPassword,
"user_groups_cache_expiration": cfg.Reva.Users.UserGroupsCacheExpiration,
"id_provider": cfg.Reva.UserGroupRest.IDProvider,
"api_base_url": cfg.Reva.UserGroupRest.APIBaseURL,
"oidc_token_endpoint": cfg.Reva.UserGroupRest.OIDCTokenEndpoint,
"target_api": cfg.Reva.UserGroupRest.TargetAPI,
},
"owncloudsql": map[string]interface{}{
"dbusername": cfg.Reva.UserOwnCloudSQL.DBUsername,
"dbpassword": cfg.Reva.UserOwnCloudSQL.DBPassword,
"dbhost": cfg.Reva.UserOwnCloudSQL.DBHost,
"dbport": cfg.Reva.UserOwnCloudSQL.DBPort,
"dbname": cfg.Reva.UserOwnCloudSQL.DBName,
"idp": cfg.Reva.UserOwnCloudSQL.Idp,
"nobody": cfg.Reva.UserOwnCloudSQL.Nobody,
"join_username": cfg.Reva.UserOwnCloudSQL.JoinUsername,
"join_ownclouduuid": cfg.Reva.UserOwnCloudSQL.JoinOwnCloudUUID,
"enable_medial_search": cfg.Reva.UserOwnCloudSQL.EnableMedialSearch,
},
},
},
},
},
}
return rcfg
}
// UserProviderSutureService allows for the storage-userprovider command to be embedded and supervised by a suture supervisor tree.
type UserProviderSutureService struct {
cfg *config.Config
}
// NewUserProviderSutureService creates a new storage.UserProvider
func NewUserProvider(cfg *ociscfg.Config) suture.Service {
cfg.Storage.Commons = cfg.Commons
return UserProviderSutureService{
cfg: cfg.Storage,
}
}
func (s UserProviderSutureService) Serve(ctx context.Context) error {
s.cfg.Reva.Users.Context = ctx
f := &flag.FlagSet{}
cmdFlags := Users(s.cfg).Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if Users(s.cfg).Before != nil {
if err := Users(s.cfg).Before(cliCtx); err != nil {
return err
}
}
if err := Users(s.cfg).Action(cliCtx); err != nil {
return err
}
return nil
}

22
extensions/storage/pkg/config/defaults/defaultconfig.go
View File

@@ -44,35 +44,35 @@ func DefaultConfig() *config.Config {
IDClaim: "preferred_username",
},
LDAP: config.LDAP{
URI: "ldaps://localhost:9126",
CACert: path.Join(defaults.BaseDataPath(), "ldap", "ldap.crt"),
URI: "ldaps://localhost:9235",
CACert: path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"),
Insecure: false,
UserBaseDN: "dc=ocis,dc=test",
GroupBaseDN: "dc=ocis,dc=test",
UserBaseDN: "ou=users,o=libregraph-idm",
GroupBaseDN: "ou=groups,o=libregraph-idm",
UserScope: "sub",
GroupScope: "sub",
LoginAttributes: []string{"cn", "mail"},
LoginAttributes: []string{"uid", "mail"},
UserFilter: "",
GroupFilter: "",
UserObjectClass: "posixAccount",
GroupObjectClass: "posixGroup",
BindDN: "cn=reva,ou=sysusers,dc=ocis,dc=test",
UserObjectClass: "inetOrgPerson",
GroupObjectClass: "groupOfNames",
BindDN: "uid=reva,ou=sysusers,o=libregraph-idm",
BindPassword: "reva",
IDP: defaultPublicURL,
UserSchema: config.LDAPUserSchema{
ID: "ownclouduuid",
Mail: "mail",
DisplayName: "displayname",
Username: "cn",
Username: "uid",
UIDNumber: "uidnumber",
GIDNumber: "gidnumber",
},
GroupSchema: config.LDAPGroupSchema{
ID: "cn",
ID: "ownclouduuid",
Mail: "mail",
DisplayName: "cn",
Groupname: "cn",
Member: "cn",
Member: "member",
GIDNumber: "gidnumber",
},
},

24
extensions/storage/pkg/server/debug/option.go
View File

@@ -17,6 +17,9 @@ type Options struct {
Logger log.Logger
Context context.Context
Config *config.Config
Pprof bool
Zpages bool
Token string
}
// newOptions initializes the available default options.
@@ -64,3 +67,24 @@ func Config(val *config.Config) Option {
o.Config = val
}
}
// Pprof provides a function to set the pprof option.
func Pprof(val bool) Option {
return func(o *Options) {
o.Pprof = val
}
}
// Zpages provides a function to set the zpages option.
func Zpages(val bool) Option {
return func(o *Options) {
o.Zpages = val
}
}
// Token provides a function to set the token option.
func Token(val string) Option {
return func(o *Options) {
o.Token = val
}
}

6
extensions/storage/pkg/server/debug/server.go
View File

@@ -18,9 +18,9 @@ func Server(opts ...Option) (*http.Server, error) {
debug.Name(options.Name),
debug.Version(version.String),
debug.Address(options.Addr),
debug.Token(options.Config.Debug.Token),
debug.Pprof(options.Config.Debug.Pprof),
debug.Zpages(options.Config.Debug.Zpages),
debug.Token(options.Token),
debug.Pprof(options.Pprof),
debug.Zpages(options.Zpages),
debug.Health(health(options.Config)),
debug.Ready(ready(options.Config)),
), nil

10
extensions/storage/pkg/tracing/tracing.go
View File

@@ -9,25 +9,25 @@ import (
// to Reva services.
func Configure(cfg *config.Config, logger log.Logger) {
if cfg.Tracing.Enabled {
switch t := cfg.Tracing.Type; t {
switch cfg.Tracing.Type {
case "agent":
logger.Error().
Str("type", t).
Str("type", cfg.Tracing.Type).
Msg("Reva only supports the jaeger tracing backend")
case "jaeger":
logger.Info().
Str("type", t).
Str("type", cfg.Tracing.Type).
Msg("configuring storage to use the jaeger tracing backend")
case "zipkin":
logger.Error().
Str("type", t).
Str("type", cfg.Tracing.Type).
Msg("Reva only supports the jaeger tracing backend")
default:
logger.Warn().
Str("type", t).
Str("type", cfg.Tracing.Type).
Msg("Unknown tracing backend")
}

236
extensions/user/pkg/command/command.go Normal file
View File

@@ -0,0 +1,236 @@
package command
import (
"context"
"flag"
"os"
"path"
"path/filepath"
"github.com/cs3org/reva/v2/cmd/revad/runtime"
"github.com/gofrs/uuid"
"github.com/oklog/run"
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
"github.com/owncloud/ocis/extensions/user/pkg/config"
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
"github.com/owncloud/ocis/ocis-pkg/ldap"
"github.com/owncloud/ocis/ocis-pkg/log"
"github.com/owncloud/ocis/ocis-pkg/sync"
"github.com/owncloud/ocis/ocis-pkg/tracing"
"github.com/thejerf/suture/v4"
"github.com/urfave/cli/v2"
)
// User is the entrypoint for the user command.
func User(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "users",
Usage: "start users service",
Action: func(c *cli.Context) error {
logCfg := cfg.Logging
logger := log.NewLogger(
log.Level(logCfg.Level),
log.File(logCfg.File),
log.Pretty(logCfg.Pretty),
log.Color(logCfg.Color),
)
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
gr := run.Group{}
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
// precreate folders
if cfg.Driver == "json" && cfg.Drivers.JSON.File != "" {
if err := os.MkdirAll(filepath.Dir(cfg.Drivers.JSON.File), os.FileMode(0700)); err != nil {
return err
}
}
uuid := uuid.Must(uuid.NewV4())
pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+uuid.String()+".pid")
rcfg := usersConfigFromStruct(c, cfg)
logger.Debug().
Str("server", "users").
Interface("reva-config", rcfg).
Msg("config")
if cfg.Driver == "ldap" {
if err := ldap.WaitForCA(logger, cfg.Drivers.LDAP.Insecure, cfg.Drivers.LDAP.CACert); err != nil {
logger.Error().Err(err).Msg("The configured LDAP CA cert does not exist")
return err
}
}
gr.Add(func() error {
runtime.RunWithOptions(
rcfg,
pidFile,
runtime.WithLogger(&logger.Logger),
)
return nil
}, func(_ error) {
logger.Info().
Str("server", c.Command.Name).
Msg("Shutting down server")
cancel()
})
debugServer, err := debug.Server(
debug.Name(c.Command.Name+"-debug"),
debug.Addr(cfg.Debug.Addr),
debug.Logger(logger),
debug.Context(ctx),
debug.Pprof(cfg.Debug.Pprof),
debug.Zpages(cfg.Debug.Zpages),
debug.Token(cfg.Debug.Token),
)
if err != nil {
logger.Info().Err(err).Str("server", c.Command.Name+"-debug").Msg("Failed to initialize server")
return err
}
gr.Add(debugServer.ListenAndServe, func(_ error) {
cancel()
})
if !cfg.Supervised {
sync.Trap(&gr, cancel)
}
return gr.Run()
},
}
}
// usersConfigFromStruct will adapt an oCIS config struct into a reva mapstructure to start a reva service.
func usersConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
rcfg := map[string]interface{}{
"core": map[string]interface{}{
"tracing_enabled": cfg.Tracing.Enabled,
"tracing_endpoint": cfg.Tracing.Endpoint,
"tracing_collector": cfg.Tracing.Collector,
"tracing_service_name": c.Command.Name,
},
"shared": map[string]interface{}{
"jwt_secret": cfg.JWTSecret,
"gatewaysvc": cfg.GatewayEndpoint,
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
},
"grpc": map[string]interface{}{
"network": cfg.GRPC.Protocol,
"address": cfg.GRPC.Addr,
// TODO build services dynamically
"services": map[string]interface{}{
"userprovider": map[string]interface{}{
"driver": cfg.Driver,
"drivers": map[string]interface{}{
"json": map[string]interface{}{
"users": cfg.Drivers.JSON.File,
},
"ldap": ldapConfigFromString(cfg.Drivers.LDAP),
"rest": map[string]interface{}{
"client_id": cfg.Drivers.REST.ClientID,
"client_secret": cfg.Drivers.REST.ClientSecret,
"redis_address": cfg.Drivers.REST.RedisAddr,
"redis_username": cfg.Drivers.REST.RedisUsername,
"redis_password": cfg.Drivers.REST.RedisPassword,
"user_groups_cache_expiration": cfg.UsersCacheExpiration,
"id_provider": cfg.Drivers.REST.IDProvider,
"api_base_url": cfg.Drivers.REST.APIBaseURL,
"oidc_token_endpoint": cfg.Drivers.REST.OIDCTokenEndpoint,
"target_api": cfg.Drivers.REST.TargetAPI,
},
"owncloudsql": map[string]interface{}{
"dbusername": cfg.Drivers.OwnCloudSQL.DBUsername,
"dbpassword": cfg.Drivers.OwnCloudSQL.DBPassword,
"dbhost": cfg.Drivers.OwnCloudSQL.DBHost,
"dbport": cfg.Drivers.OwnCloudSQL.DBPort,
"dbname": cfg.Drivers.OwnCloudSQL.DBName,
"idp": cfg.Drivers.OwnCloudSQL.IDP,
"nobody": cfg.Drivers.OwnCloudSQL.Nobody,
"join_username": cfg.Drivers.OwnCloudSQL.JoinUsername,
"join_ownclouduuid": cfg.Drivers.OwnCloudSQL.JoinOwnCloudUUID,
"enable_medial_search": cfg.Drivers.OwnCloudSQL.EnableMedialSearch,
},
},
},
},
},
}
return rcfg
}
// UserProviderSutureService allows for the storage-userprovider command to be embedded and supervised by a suture supervisor tree.
type UserProviderSutureService struct {
cfg *config.Config
}
// NewUserProviderSutureService creates a new storage.UserProvider
func NewUserProvider(cfg *ociscfg.Config) suture.Service {
cfg.User.Commons = cfg.Commons
return UserProviderSutureService{
cfg: cfg.User,
}
}
func (s UserProviderSutureService) Serve(ctx context.Context) error {
// s.cfg.Reva.Users.Context = ctx
cmd := User(s.cfg)
f := &flag.FlagSet{}
cmdFlags := cmd.Flags
for k := range cmdFlags {
if err := cmdFlags[k].Apply(f); err != nil {
return err
}
}
cliCtx := cli.NewContext(nil, f, nil)
if cmd.Before != nil {
if err := cmd.Before(cliCtx); err != nil {
return err
}
}
if err := cmd.Action(cliCtx); err != nil {
return err
}
return nil
}
func ldapConfigFromString(cfg config.LDAPDriver) map[string]interface{} {
return map[string]interface{}{
"uri": cfg.URI,
"cacert": cfg.CACert,
"insecure": cfg.Insecure,
"bind_username": cfg.BindDN,
"bind_password": cfg.BindPassword,
"user_base_dn": cfg.UserBaseDN,
"group_base_dn": cfg.GroupBaseDN,
"user_scope": cfg.UserScope,
"group_scope": cfg.GroupScope,
"user_filter": cfg.UserFilter,
"group_filter": cfg.GroupFilter,
"user_objectclass": cfg.UserObjectClass,
"group_objectclass": cfg.GroupObjectClass,
"login_attributes": cfg.LoginAttributes,
"idp": cfg.IDP,
"user_schema": map[string]interface{}{
"id": cfg.UserSchema.ID,
"idIsOctetString": cfg.UserSchema.IDIsOctetString,
"mail": cfg.UserSchema.Mail,
"displayName": cfg.UserSchema.DisplayName,
"userName": cfg.UserSchema.Username,
},
"group_schema": map[string]interface{}{
"id": cfg.GroupSchema.ID,
"idIsOctetString": cfg.GroupSchema.IDIsOctetString,
"mail": cfg.GroupSchema.Mail,
"displayName": cfg.GroupSchema.DisplayName,
"groupName": cfg.GroupSchema.Groupname,
"member": cfg.GroupSchema.Member,
},
}
}

123
extensions/user/pkg/config/config.go Normal file
View File

@@ -0,0 +1,123 @@
package config
import "github.com/owncloud/ocis/ocis-pkg/shared"
type Config struct {
*shared.Commons `yaml:"-"`
Service Service `yaml:"-"`
Tracing *Tracing `yaml:"tracing"`
Logging *Logging `yaml:"log"`
Debug Debug `yaml:"debug"`
Supervised bool
GRPC GRPCConfig `yaml:"grpc"`
JWTSecret string
GatewayEndpoint string
SkipUserGroupsInToken bool
UsersCacheExpiration int
Driver string
Drivers Drivers
}
type Tracing struct {
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED" desc:"Activates tracing."`
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;USERS_TRACING_TYPE"`
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;USERS_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;USERS_TRACING_COLLECTOR"`
}
type Logging struct {
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;USERS_LOG_LEVEL" desc:"The log level."`
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;USERS_LOG_PRETTY" desc:"Activates pretty log output."`
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;USERS_LOG_COLOR" desc:"Activates colorized log output."`
File string `yaml:"file" env:"OCIS_LOG_FILE;USERS_LOG_FILE" desc:"The target log file."`
}
type Service struct {
Name string `yaml:"-"`
}
type Debug struct {
Addr string `yaml:"addr" env:"USERS_DEBUG_ADDR"`
Token string `yaml:"token" env:"USERS_DEBUG_TOKEN"`
Pprof bool `yaml:"pprof" env:"USERS_DEBUG_PPROF"`
Zpages bool `yaml:"zpages" env:"USERS_DEBUG_ZPAGES"`
}
type GRPCConfig struct {
Addr string `yaml:"addr" env:"USERS_GRPC_ADDR" desc:"The address of the grpc service."`
Protocol string `yaml:"protocol" env:"USERS_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
}
type Drivers struct {
JSON JSONDriver
LDAP LDAPDriver
OwnCloudSQL OwnCloudSQLDriver
REST RESTProvider
}
type JSONDriver struct {
File string
}
type LDAPDriver struct {
URI string `env:"LDAP_URI;USERS_LDAP_URI"`
CACert string `env:"LDAP_CACERT;USERS_LDAP_CACERT"`
Insecure bool `env:"LDAP_INSECURE;USERS_LDAP_INSECURE"`
BindDN string `env:"LDAP_BIND_DN;USERS_LDAP_BIND_DN"`
BindPassword string `env:"LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD"`
UserBaseDN string `env:"LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN"`
GroupBaseDN string `env:"LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN"`
UserScope string `env:"LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE"`
GroupScope string `env:"LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE"`
UserFilter string `env:"LDAP_USERFILTER;USERS_LDAP_USERFILTER"`
GroupFilter string `env:"LDAP_GROUPFILTER;USERS_LDAP_USERFILTER"`
UserObjectClass string `env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"`
GroupObjectClass string `env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"`
LoginAttributes []string `env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"`
IDP string `env:"OCIS_URL;USERS_IDP_URL"` // TODO what is this for?
GatewayEndpoint string // TODO do we need this here?
UserSchema LDAPUserSchema
GroupSchema LDAPGroupSchema
}
type LDAPUserSchema struct {
ID string `env:"LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID"`
IDIsOctetString bool `env:"LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING"`
Mail string `env:"LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL"`
DisplayName string `env:"LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME"`
Username string `env:"LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME"`
}
type LDAPGroupSchema struct {
ID string `env:"LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID"`
IDIsOctetString bool `env:"LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING"`
Mail string `env:"LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL"`
DisplayName string `env:"LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME"`
Groupname string `env:"LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME"`
Member string `env:"LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER"`
}
type OwnCloudSQLDriver struct {
DBUsername string
DBPassword string
DBHost string
DBPort int
DBName string
IDP string // TODO do we need this?
Nobody int64 // TODO what is this?
JoinUsername bool
JoinOwnCloudUUID bool
EnableMedialSearch bool
}
type RESTProvider struct {
ClientID string
ClientSecret string
RedisAddr string
RedisUsername string
RedisPassword string
IDProvider string
APIBaseURL string
OIDCTokenEndpoint string
TargetAPI string
}

115
extensions/user/pkg/config/defaults/defaultconfig.go Normal file
View File

@@ -0,0 +1,115 @@
package defaults
import (
"path/filepath"
"github.com/owncloud/ocis/extensions/user/pkg/config"
"github.com/owncloud/ocis/ocis-pkg/config/defaults"
)
func FullDefaultConfig() *config.Config {
cfg := DefaultConfig()
EnsureDefaults(cfg)
return cfg
}
func DefaultConfig() *config.Config {
return &config.Config{
Debug: config.Debug{
Addr: "127.0.0.1:9145",
Token: "",
Pprof: false,
Zpages: false,
},
GRPC: config.GRPCConfig{
Addr: "127.0.0.1:9144",
Protocol: "tcp",
},
Service: config.Service{
Name: "user",
},
UsersCacheExpiration: 5,
GatewayEndpoint: "127.0.0.1:9142",
JWTSecret: "Pive-Fumkiu4",
Driver: "ldap",
Drivers: config.Drivers{
LDAP: config.LDAPDriver{
URI: "ldaps://localhost:9235",
CACert: filepath.Join(defaults.BaseDataPath(), "idm", "ldap.crt"),
Insecure: false,
UserBaseDN: "ou=users,o=libregraph-idm",
GroupBaseDN: "ou=groups,o=libregraph-idm",
UserScope: "sub",
GroupScope: "sub",
LoginAttributes: []string{"uid", "mail"},
UserFilter: "",
GroupFilter: "",
UserObjectClass: "inetOrgPerson",
GroupObjectClass: "groupOfNames",
BindDN: "uid=reva,ou=sysusers,o=libregraph-idm",
BindPassword: "reva",
IDP: "https://localhost:9200",
UserSchema: config.LDAPUserSchema{
ID: "ownclouduuid",
Mail: "mail",
DisplayName: "displayname",
Username: "uid",
},
GroupSchema: config.LDAPGroupSchema{
ID: "ownclouduuid",
Mail: "mail",
DisplayName: "cn",
Groupname: "cn",
Member: "member",
},
},
JSON: config.JSONDriver{},
OwnCloudSQL: config.OwnCloudSQLDriver{
DBUsername: "owncloud",
DBPassword: "secret",
DBHost: "mysql",
DBPort: 3306,
DBName: "owncloud",
IDP: "https://localhost:9200",
Nobody: 90,
JoinUsername: false,
JoinOwnCloudUUID: false,
EnableMedialSearch: false,
},
REST: config.RESTProvider{
RedisAddr: "localhost:6379",
},
},
}
}
func EnsureDefaults(cfg *config.Config) {
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Logging = &config.Logging{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Logging == nil {
cfg.Logging = &config.Logging{}
}
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
cfg.Tracing = &config.Tracing{
Enabled: cfg.Commons.Tracing.Enabled,
Type: cfg.Commons.Tracing.Type,
Endpoint: cfg.Commons.Tracing.Endpoint,
Collector: cfg.Commons.Tracing.Collector,
}
} else if cfg.Tracing == nil {
cfg.Tracing = &config.Tracing{}
}
}
func Sanitize(cfg *config.Config) {
// nothing to sanitize here atm
}

6
go.mod
View File

@@ -10,7 +10,7 @@ require (
github.com/blevesearch/bleve_index_api v1.0.1
github.com/coreos/go-oidc/v3 v3.1.0
github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde
github.com/cs3org/reva/v2 v2.0.0-20220419100641-50aa8636af59
github.com/cs3org/reva/v2 v2.0.0-20220427203355-0164880ac7d3
github.com/disintegration/imaging v1.6.2
github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733
github.com/go-chi/chi/v5 v5.0.7
@@ -64,7 +64,7 @@ require (
github.com/stretchr/testify v1.7.1
github.com/test-go/testify v1.1.4
github.com/thejerf/suture/v4 v4.0.2
github.com/urfave/cli/v2 v2.4.4
github.com/urfave/cli/v2 v2.5.0
go-micro.dev/v4 v4.6.0
go.opencensus.io v0.23.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.31.0
@@ -77,7 +77,7 @@ require (
golang.org/x/net v0.0.0-20220225172249-27dd8689420f
golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a
google.golang.org/genproto v0.0.0-20220324131243-acbaeb5b85eb
google.golang.org/grpc v1.45.0
google.golang.org/grpc v1.46.0
google.golang.org/protobuf v1.28.0
gopkg.in/yaml.v2 v2.4.0
gotest.tools/v3 v3.1.0

13
go.sum
View File

@@ -268,6 +268,7 @@ github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XP
github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1pT8KYB3TCXK/ocprsh7MAkoW8bZVzPdih9snmM=
github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw=
@@ -317,6 +318,10 @@ github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde h1:WrD9O8ZaWvsm0
github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY=
github.com/cs3org/reva v1.18.0 h1:MbPS5ZAa8RzKcTxAVeSDdISB3XXqLIxqB03BTN5ReBY=
github.com/cs3org/reva v1.18.0/go.mod h1:e5VDUDu4vVWIeVkZcW//n6UZzhGGMa+Tz/whCiX3N6o=
github.com/cs3org/reva/v2 v2.0.0-20220427133111-618964eed515 h1:8pPCLxNXVz/q7PMM6Zq1lff3P8SFAu8/CXwB2eA21xc=
github.com/cs3org/reva/v2 v2.0.0-20220427133111-618964eed515/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng=
github.com/cs3org/reva/v2 v2.0.0-20220427203355-0164880ac7d3 h1:6sKjGI0AUW5tBXWBduaBoc+9sNYZWQR894G0oFCbus0=
github.com/cs3org/reva/v2 v2.0.0-20220427203355-0164880ac7d3/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng=
github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI=
github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY=
github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
@@ -363,6 +368,7 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.m
github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/eternnoir/gncp v0.0.0-20170707042257-c70df2d0cd68 h1:DHBMBKJK69xBWnD/jNkTN0sOT7nT7I5If9VMsk9Jj5Y=
github.com/eternnoir/gncp v0.0.0-20170707042257-c70df2d0cd68/go.mod h1:8FuQ7lU9ZvIJGvc04F/qblkjqIfBahAoEFV+XPxByGw=
@@ -1384,8 +1390,8 @@ github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtX
github.com/urfave/cli v1.22.4 h1:u7tSpNPPswAFymm8IehJhy4uJMlUuU/GmqSkvJ1InXA=
github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
github.com/urfave/cli/v2 v2.4.4 h1:IvwT3XfI6RytTmIzC35UAu9oyK+bHgUPXDDZNqribkI=
github.com/urfave/cli/v2 v2.4.4/go.mod h1:oDzoM7pVwz6wHn5ogWgFUU1s4VJayeQS+aEZDqXIEJs=
github.com/urfave/cli/v2 v2.5.0 h1:2sqblaW62ebcTIEvwb8eRvDfNHeBAeKxfhdynaanhug=
github.com/urfave/cli/v2 v2.5.0/go.mod h1:oDzoM7pVwz6wHn5ogWgFUU1s4VJayeQS+aEZDqXIEJs=
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
github.com/valyala/fasttemplate v1.1.0/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
@@ -2072,8 +2078,9 @@ google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnD
google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k=
google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
google.golang.org/grpc v1.45.0 h1:NEpgUqV3Z+ZjkqMsxMg11IaDrXY4RY6CQukSGK0uI1M=
google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ=
google.golang.org/grpc v1.46.0 h1:oCjezcn6g6A75TGoKYBPgKmVBLexhYLM6MebdrPApP8=
google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
google.golang.org/grpc/examples v0.0.0-20211102180624-670c133e568e h1:m7aQHHqd0q89mRwhwS9Bx2rjyl/hsFAeta+uGrHsQaU=
google.golang.org/grpc/examples v0.0.0-20211102180624-670c133e568e/go.mod h1:gID3PKrg7pWKntu9Ss6zTLJ0ttC0X9IHgREOCZwbCVU=

64
ocis-pkg/config/config.go
View File

@@ -4,21 +4,34 @@ import (
"github.com/owncloud/ocis/ocis-pkg/shared"
accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config"
appprovider "github.com/owncloud/ocis/extensions/appprovider/pkg/config"
audit "github.com/owncloud/ocis/extensions/audit/pkg/config"
authbasic "github.com/owncloud/ocis/extensions/auth-basic/pkg/config"
authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config"
authmachine "github.com/owncloud/ocis/extensions/auth-machine/pkg/config"
frontend "github.com/owncloud/ocis/extensions/frontend/pkg/config"
gateway "github.com/owncloud/ocis/extensions/gateway/pkg/config"
glauth "github.com/owncloud/ocis/extensions/glauth/pkg/config"
graphExplorer "github.com/owncloud/ocis/extensions/graph-explorer/pkg/config"
graph "github.com/owncloud/ocis/extensions/graph/pkg/config"
group "github.com/owncloud/ocis/extensions/group/pkg/config"
idm "github.com/owncloud/ocis/extensions/idm/pkg/config"
idp "github.com/owncloud/ocis/extensions/idp/pkg/config"
nats "github.com/owncloud/ocis/extensions/nats/pkg/config"
notifications "github.com/owncloud/ocis/extensions/notifications/pkg/config"
ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config"
ocs "github.com/owncloud/ocis/extensions/ocs/pkg/config"
proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config"
search "github.com/owncloud/ocis/extensions/search/pkg/config"
settings "github.com/owncloud/ocis/extensions/settings/pkg/config"
storage "github.com/owncloud/ocis/extensions/storage/pkg/config"
sharing "github.com/owncloud/ocis/extensions/sharing/pkg/config"
storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config"
storagepublic "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config"
storageshares "github.com/owncloud/ocis/extensions/storage-shares/pkg/config"
storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config"
store "github.com/owncloud/ocis/extensions/store/pkg/config"
thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config"
user "github.com/owncloud/ocis/extensions/user/pkg/config"
web "github.com/owncloud/ocis/extensions/web/pkg/config"
webdav "github.com/owncloud/ocis/extensions/webdav/pkg/config"
)
@@ -60,22 +73,35 @@ type Config struct {
TokenManager TokenManager `yaml:"token_manager"`
Runtime Runtime `yaml:"runtime"`
Audit *audit.Config `yaml:"audit"`
Accounts *accounts.Config `yaml:"accounts"`
GLAuth *glauth.Config `yaml:"glauth"`
Graph *graph.Config `yaml:"graph"`
GraphExplorer *graphExplorer.Config `yaml:"graph_explorer"`
IDP *idp.Config `yaml:"idp"`
IDM *idm.Config `yaml:"idm"`
Nats *nats.Config `yaml:"nats"`
Notifications *notifications.Config `yaml:"notifications"`
OCS *ocs.Config `yaml:"ocs"`
Web *web.Config `yaml:"web"`
Proxy *proxy.Config `yaml:"proxy"`
Search *search.Config `yaml:"search"`
Settings *settings.Config `yaml:"settings"`
Storage *storage.Config `yaml:"storage"`
Store *store.Config `yaml:"store"`
Thumbnails *thumbnails.Config `yaml:"thumbnails"`
WebDAV *webdav.Config `yaml:"webdav"`
Audit *audit.Config `yaml:"audit"`
Accounts *accounts.Config `yaml:"accounts"`
GLAuth *glauth.Config `yaml:"glauth"`
Graph *graph.Config `yaml:"graph"`
GraphExplorer *graphExplorer.Config `yaml:"graph_explorer"`
IDP *idp.Config `yaml:"idp"`
IDM *idm.Config `yaml:"idm"`
Nats *nats.Config `yaml:"nats"`
Notifications *notifications.Config `yaml:"notifications"`
OCS *ocs.Config `yaml:"ocs"`
Web *web.Config `yaml:"web"`
Proxy *proxy.Config `yaml:"proxy"`
Settings *settings.Config `yaml:"settings"`
Gateway *gateway.Config `yaml:"gateway"`
Frontend *frontend.Config `yaml:"frontend"`
AuthBasic *authbasic.Config `yaml:"auth_basic"`
AuthBearer *authbearer.Config `yaml:"auth_bearer"`
AuthMachine *authmachine.Config `yaml:"auth_machine"`
User *user.Config `yaml:"user"`
Group *group.Config `yaml:"group"`
AppProvider *appprovider.Config `yaml:"app_provider"`
Sharing *sharing.Config `yaml:"sharing"`
StorageMetadata *storagemetadata.Config `yaml:"storage_metadata"`
StoragePublicLink *storagepublic.Config `yaml:"storage_public"`
StorageUsers *storageusers.Config `yaml:"storage_users"`
StorageShares *storageshares.Config `yaml:"storage_shares"`
OCDav *ocdav.Config `yaml:"ocdav"`
Store *store.Config `yaml:"store"`
Thumbnails *thumbnails.Config `yaml:"thumbnails"`
WebDAV *webdav.Config `yaml:"webdav"`
Search *search.Config `yaml:"search"`
}

64
ocis-pkg/config/defaultconfig.go
View File

@@ -2,21 +2,34 @@ package config
import (
accounts "github.com/owncloud/ocis/extensions/accounts/pkg/config/defaults"
appprovider "github.com/owncloud/ocis/extensions/appprovider/pkg/config/defaults"
audit "github.com/owncloud/ocis/extensions/audit/pkg/config/defaults"
authbasic "github.com/owncloud/ocis/extensions/auth-basic/pkg/config/defaults"
authbearer "github.com/owncloud/ocis/extensions/auth-bearer/pkg/config/defaults"
authmachine "github.com/owncloud/ocis/extensions/auth-machine/pkg/config/defaults"
frontend "github.com/owncloud/ocis/extensions/frontend/pkg/config/defaults"
gateway "github.com/owncloud/ocis/extensions/gateway/pkg/config/defaults"
glauth "github.com/owncloud/ocis/extensions/glauth/pkg/config/defaults"
graphExplorer "github.com/owncloud/ocis/extensions/graph-explorer/pkg/config/defaults"
graph "github.com/owncloud/ocis/extensions/graph/pkg/config/defaults"
group "github.com/owncloud/ocis/extensions/group/pkg/config/defaults"
idm "github.com/owncloud/ocis/extensions/idm/pkg/config/defaults"
idp "github.com/owncloud/ocis/extensions/idp/pkg/config/defaults"
nats "github.com/owncloud/ocis/extensions/nats/pkg/config/defaults"
notifications "github.com/owncloud/ocis/extensions/notifications/pkg/config/defaults"
ocdav "github.com/owncloud/ocis/extensions/ocdav/pkg/config/defaults"
ocs "github.com/owncloud/ocis/extensions/ocs/pkg/config/defaults"
proxy "github.com/owncloud/ocis/extensions/proxy/pkg/config/defaults"
search "github.com/owncloud/ocis/extensions/search/pkg/config/defaults"
settings "github.com/owncloud/ocis/extensions/settings/pkg/config/defaults"
storage "github.com/owncloud/ocis/extensions/storage/pkg/config/defaults"
sharing "github.com/owncloud/ocis/extensions/sharing/pkg/config/defaults"
storagemetadata "github.com/owncloud/ocis/extensions/storage-metadata/pkg/config/defaults"
storagepublic "github.com/owncloud/ocis/extensions/storage-publiclink/pkg/config/defaults"
storageshares "github.com/owncloud/ocis/extensions/storage-shares/pkg/config/defaults"
storageusers "github.com/owncloud/ocis/extensions/storage-users/pkg/config/defaults"
store "github.com/owncloud/ocis/extensions/store/pkg/config/defaults"
thumbnails "github.com/owncloud/ocis/extensions/thumbnails/pkg/config/defaults"
user "github.com/owncloud/ocis/extensions/user/pkg/config/defaults"
web "github.com/owncloud/ocis/extensions/web/pkg/config/defaults"
webdav "github.com/owncloud/ocis/extensions/webdav/pkg/config/defaults"
)
@@ -30,23 +43,36 @@ func DefaultConfig() *Config {
Port: "9250",
Host: "localhost",
},
Audit: audit.DefaultConfig(),
Accounts: accounts.DefaultConfig(),
GLAuth: glauth.DefaultConfig(),
Graph: graph.DefaultConfig(),
IDP: idp.DefaultConfig(),
IDM: idm.DefaultConfig(),
Nats: nats.DefaultConfig(),
Notifications: notifications.DefaultConfig(),
Proxy: proxy.DefaultConfig(),
GraphExplorer: graphExplorer.DefaultConfig(),
OCS: ocs.DefaultConfig(),
Search: search.DefaultConfig(),
Settings: settings.DefaultConfig(),
Web: web.DefaultConfig(),
Store: store.DefaultConfig(),
Thumbnails: thumbnails.DefaultConfig(),
WebDAV: webdav.DefaultConfig(),
Storage: storage.DefaultConfig(),
Audit: audit.DefaultConfig(),
Accounts: accounts.DefaultConfig(),
GLAuth: glauth.DefaultConfig(),
Graph: graph.DefaultConfig(),
IDP: idp.DefaultConfig(),
IDM: idm.DefaultConfig(),
Nats: nats.DefaultConfig(),
Notifications: notifications.DefaultConfig(),
Proxy: proxy.DefaultConfig(),
GraphExplorer: graphExplorer.DefaultConfig(),
OCS: ocs.DefaultConfig(),
Settings: settings.DefaultConfig(),
Web: web.DefaultConfig(),
Store: store.DefaultConfig(),
Thumbnails: thumbnails.DefaultConfig(),
WebDAV: webdav.DefaultConfig(),
Gateway: gateway.FullDefaultConfig(),
AuthBasic: authbasic.FullDefaultConfig(),
AuthBearer: authbearer.FullDefaultConfig(),
AuthMachine: authmachine.FullDefaultConfig(),
User: user.FullDefaultConfig(),
Group: group.FullDefaultConfig(),
Sharing: sharing.FullDefaultConfig(),
StorageMetadata: storagemetadata.FullDefaultConfig(),
StoragePublicLink: storagepublic.FullDefaultConfig(),
StorageUsers: storageusers.FullDefaultConfig(),
StorageShares: storageshares.FullDefaultConfig(),
AppProvider: appprovider.FullDefaultConfig(),
Frontend: frontend.FullDefaultConfig(),
OCDav: ocdav.FullDefaultConfig(),
Search: search.FullDefaultConfig(),
}
}

Some files were not shown because too many files have changed in this diff Show More