1use kanidm_proto::constants::DEFAULT_CLIENT_CONFIG_PATH;
2pub const DEFAULT_IPA_CONFIG_PATH: &str = "/etc/kanidm/ipa-sync";
34#[derive(Debug, clap::Parser)]
5#[clap(about = "Kanidm FreeIPA Sync Driver")]
6pub struct Opt {
7/// Enable debugging of the sync driver
8#[clap(short, long, env = "KANIDM_DEBUG")]
9pub debug: bool,
10/// Path to the client config file.
11#[clap(value_parser, short, long, default_value_os_t = DEFAULT_CLIENT_CONFIG_PATH.into())]
12pub client_config: PathBuf,
1314/// Path to the ipa-sync config file.
15#[clap(value_parser, short, long, env = "KANIDM_IPA_SYNC_CONFIG", default_value_os_t = DEFAULT_IPA_CONFIG_PATH.into())]
16pub ipa_sync_config: PathBuf,
1718/// Dump the ldap protocol inputs, as well as the scim outputs. This can be used
19 /// to create test cases for testing the parser.
20 ///
21 /// No actions are taken on the kanidm instance, this is purely a dump of the
22 /// state in/out.
23#[clap(short, long, hide = true)]
24pub proto_dump: bool,
2526/// Read entries from ipa, and check the connection to kanidm, but take no actions against
27 /// kanidm that would change state.
28#[clap(short = 'n')]
29pub dry_run: bool,
3031/// Run in scheduled mode, where the sync tool will periodically attempt to sync between
32 /// FreeIPA and Kanidm.
33#[clap(long = "schedule")]
34pub schedule: bool,
3536/// Skip the root user permission check.
37#[clap(short, long, hide = true)]
38pub skip_root_check: bool,
39}