kanidmd/
opt.rs

1#[derive(Debug, Args)]
2struct BackupOpt {
3    #[clap(value_parser)]
4    /// Output path for the backup content.
5    path: PathBuf,
6
7    /// Compression method
8    #[clap(short = 'C', long, env = "KANIDM_BACKUP_COMPRESSION")]
9    compression: Option<String>,
10}
11
12#[derive(Debug, Args)]
13struct RestoreOpt {
14    #[clap(value_parser)]
15    /// Restore from this path. Should be created with "backup".
16    path: PathBuf,
17}
18
19#[derive(Debug, Subcommand)]
20enum DomainSettingsCmds {
21    /// Show the current domain
22    #[clap(name = "show")]
23    Show,
24    /// Change the IDM domain name based on the values in the configuration
25    #[clap(name = "rename")]
26    Change,
27    /// Perform a pre-upgrade-check of this domains content. This will report possible
28    /// incompatibilities that can block a successful upgrade to the next version of
29    /// Kanidm. This is a safe read only operation.
30    #[clap(name = "upgrade-check")]
31    UpgradeCheck,
32    /// ⚠️  Do not use this command unless directed by a project member. ⚠️
33    /// - Raise the functional level of this domain to the maximum available.
34    #[clap(name = "raise")]
35    Raise,
36    /// ⚠️  Do not use this command unless directed by a project member. ⚠️
37    /// - Rerun migrations of this domains database, optionally nominating the level
38    ///   to start from.
39    #[clap(name = "remigrate")]
40    Remigrate { level: Option<u32> },
41}
42
43#[derive(Debug, Subcommand)]
44enum DbCommands {
45    #[clap(name = "vacuum")]
46    /// Vacuum the database to reclaim space or change db_fs_type/page_size (offline)
47    Vacuum,
48    #[clap(name = "backup")]
49    /// Backup the database content (offline)
50    Backup(BackupOpt),
51    #[clap(name = "restore")]
52    /// Restore the database content (offline)
53    Restore(RestoreOpt),
54    #[clap(name = "verify")]
55    /// Verify database and entity consistency.
56    Verify,
57    #[clap(name = "reindex")]
58    /// Reindex the database (offline)
59    Reindex,
60}
61
62#[derive(Debug, Args)]
63struct DbScanListIndex {
64    /// The name of the index to list
65    index_name: String,
66}
67
68#[derive(Debug, Parser)]
69struct HealthCheckArgs {
70    /// Disable TLS verification
71    #[clap(short, long, action)]
72    verify_tls: bool,
73    /// Check the 'origin' URL from the server configuration file, instead of the 'address'
74    #[clap(short = 'O', long, action)]
75    check_origin: bool,
76}
77
78#[derive(Debug, Args)]
79struct DbScanGetId2Entry {
80    /// The id of the entry to display
81    id: u64,
82}
83
84#[derive(Debug, Subcommand)]
85enum DbScanOpt {
86    #[clap(name = "list-all-indexes")]
87    /// List all index tables that exist on the system.
88    ListIndexes,
89    #[clap(name = "list-index")]
90    /// List all content of a named index
91    ListIndex(DbScanListIndex),
92    // #[structopt(name = "get_index")]
93    // /// Display the content of a single index key
94    // GetIndex(DbScanGetIndex),
95    #[clap(name = "list-id2entry")]
96    /// List all id2entry values with reduced entry content
97    ListId2Entry,
98    #[clap(name = "get-id2entry")]
99    /// View the data of a specific entry from id2entry
100    GetId2Entry(DbScanGetId2Entry),
101    #[clap(name = "list-index-analysis")]
102    /// List all content of index analysis
103    ListIndexAnalysis,
104    #[clap(name = "quarantine-id2entry")]
105    /// Given an entry id, quarantine the entry in a hidden db partition
106    QuarantineId2Entry {
107        /// The id of the entry to display
108        id: u64,
109    },
110    #[clap(name = "list-quarantined")]
111    /// List the entries in quarantine
112    ListQuarantined,
113    #[clap(name = "restore-quarantined")]
114    /// Given an entry id, restore the entry from the hidden db partition
115    RestoreQuarantined {
116        /// The id of the entry to display
117        id: u64,
118    },
119}
120
121#[derive(Debug, Parser)]
122#[command(name = "kanidmd")]
123struct KanidmdParser {
124    #[command(subcommand)]
125    commands: KanidmdOpt,
126
127    #[clap(short, long, env = "KANIDM_CONFIG", global = true)]
128    config_path: Option<PathBuf>,
129
130    #[clap(flatten)]
131    kanidmd_options: kanidm_proto::cli::KanidmdCli,
132}
133
134// The main command parser for kanidmd
135#[derive(Debug, Subcommand)]
136enum KanidmdOpt {
137    #[clap(name = "server")]
138    /// Start the IDM Server
139    Server,
140    #[clap(name = "configtest")]
141    /// Test the IDM Server configuration, without starting network listeners.
142    ConfigTest,
143    #[clap(name = "cert-generate")]
144    /// Create a self-signed ca and tls certificate in the locations listed from the
145    /// configuration. These certificates should *not* be used in production, they
146    /// are for testing and evaluation only!
147    CertGenerate,
148    #[clap(name = "recover-account")]
149    /// Recover an account's password
150    RecoverAccount {
151        #[clap(value_parser)]
152        /// The account name to recover credentials for.
153        name: String,
154    },
155    #[clap(name = "disable-account")]
156    /// Disable an account so that it can not be used. This can be reset with `recover-account`.
157    DisableAccount {
158        #[clap(value_parser)]
159        /// The account name to disable.
160        name: String,
161    },
162    /// Display this server's replication certificate
163    ShowReplicationCertificate,
164    /// Renew this server's replication certificate
165    RenewReplicationCertificate,
166    /// Refresh this servers database content with the content from a supplier. This means
167    /// that all local content will be deleted and replaced with the supplier content.
168    RefreshReplicationConsumer {
169        /// Acknowledge that this database content will be refreshed from a supplier.
170        #[clap(long = "i-want-to-refresh-this-servers-database")]
171        proceed: bool,
172    },
173    // #[clap(name = "reset_server_id")]
174    // ResetServerId,
175    #[clap(name = "db-scan")]
176    /// Inspect the internal content of the database datastructures.
177    DbScan {
178        #[clap(subcommand)]
179        commands: DbScanOpt,
180    },
181    /// Database maintenance, backups, restoration etc.
182    #[clap(name = "database")]
183    Database {
184        #[clap(subcommand)]
185        commands: DbCommands,
186    },
187    /// Change domain settings
188    #[clap(name = "domain")]
189    DomainSettings {
190        #[clap(subcommand)]
191        commands: DomainSettingsCmds,
192    },
193
194    /// Load the server config and check services are listening
195    #[clap(name = "healthcheck")]
196    HealthCheck(HealthCheckArgs),
197
198    /// Print the program version and exit
199    #[clap(name = "version")]
200    Version,
201}