kanidmd/
opt.rs

1#[derive(Debug, Args)]
2struct BackupOpt {
3    #[clap(value_parser)]
4    /// Output path for the backup content.
5    path: PathBuf,
6
7    /// Compression method
8    #[clap(short = 'C', long, env = "KANIDM_BACKUP_COMPRESSION")]
9    compression: Option<String>,
10}
11
12#[derive(Debug, Args)]
13struct RestoreOpt {
14    #[clap(value_parser)]
15    /// Restore from this path. Should be created with "backup".
16    path: PathBuf,
17}
18
19#[derive(Debug, Subcommand)]
20enum DomainSettingsCmds {
21    /// Show the current domain
22    #[clap(name = "show")]
23    Show,
24    /// Change the IDM domain name based on the values in the configuration
25    #[clap(name = "rename")]
26    Change,
27    /// Perform a pre-upgrade-check of this domains content. This will report possible
28    /// incompatibilities that can block a successful upgrade to the next version of
29    /// Kanidm. This is a safe read only operation.
30    #[clap(name = "upgrade-check")]
31    UpgradeCheck,
32    /// ⚠️  Do not use this command unless directed by a project member. ⚠️
33    /// - Raise the functional level of this domain to the maximum available.
34    #[clap(name = "raise")]
35    Raise,
36    /// ⚠️  Do not use this command unless directed by a project member. ⚠️
37    /// - Rerun migrations of this domains database, optionally nominating the level
38    ///   to start from.
39    #[clap(name = "remigrate")]
40    Remigrate { level: Option<u32> },
41}
42
43#[derive(Debug, Subcommand)]
44enum DbCommands {
45    #[clap(name = "vacuum")]
46    /// Vacuum the database to reclaim space or change db_fs_type/page_size (offline)
47    Vacuum,
48    #[clap(name = "backup")]
49    /// Backup the database content (offline)
50    Backup(BackupOpt),
51    #[clap(name = "restore")]
52    /// Restore the database content (offline)
53    Restore(RestoreOpt),
54    #[clap(name = "verify")]
55    /// Verify database and entity consistency.
56    Verify,
57    #[clap(name = "reindex")]
58    /// Reindex the database (offline)
59    Reindex,
60}
61
62#[derive(Debug, Args)]
63struct DbScanListIndex {
64    /// The name of the index to list
65    index_name: String,
66}
67
68#[derive(Debug, Parser)]
69struct HealthCheckArgs {
70    /// Disable TLS verification
71    #[clap(short, long, action)]
72    verify_tls: bool,
73    /// Check the 'origin' URL from the server configuration file, instead of the 'address'
74    #[clap(short = 'O', long, action)]
75    check_origin: bool,
76}
77
78#[derive(Debug, Args)]
79struct DbScanGetId2Entry {
80    /// The id of the entry to display
81    id: u64,
82}
83
84#[derive(Debug, Subcommand)]
85enum DbScanOpt {
86    #[clap(name = "list-all-indexes")]
87    /// List all index tables that exist on the system.
88    ListIndexes,
89    #[clap(name = "list-index")]
90    /// List all content of a named index
91    ListIndex(DbScanListIndex),
92    // #[structopt(name = "get_index")]
93    // /// Display the content of a single index key
94    // GetIndex(DbScanGetIndex),
95    #[clap(name = "list-id2entry")]
96    /// List all id2entry values with reduced entry content
97    ListId2Entry,
98    #[clap(name = "get-id2entry")]
99    /// View the data of a specific entry from id2entry
100    GetId2Entry(DbScanGetId2Entry),
101    #[clap(name = "list-index-analysis")]
102    /// List all content of index analysis
103    ListIndexAnalysis,
104    #[clap(name = "quarantine-id2entry")]
105    /// Given an entry id, quarantine the entry in a hidden db partition
106    QuarantineId2Entry {
107        /// The id of the entry to display
108        id: u64,
109    },
110    #[clap(name = "list-quarantined")]
111    /// List the entries in quarantine
112    ListQuarantined,
113    #[clap(name = "restore-quarantined")]
114    /// Given an entry id, restore the entry from the hidden db partition
115    RestoreQuarantined {
116        /// The id of the entry to display
117        id: u64,
118    },
119}
120
121#[derive(Debug, Parser)]
122#[command(name = "kanidmd")]
123struct KanidmdParser {
124    #[command(subcommand)]
125    commands: KanidmdOpt,
126
127    #[clap(short, long, env = "KANIDM_CONFIG", global = true)]
128    config_path: Option<PathBuf>,
129
130    /// Output formatting
131    #[clap(
132        short,
133        long = "output",
134        env = "KANIDM_OUTPUT",
135        default_value = "text",
136        global = true
137    )]
138    output_mode: String,
139}
140
141// The main command parser for kanidmd
142#[derive(Debug, Subcommand)]
143enum KanidmdOpt {
144    #[clap(name = "server")]
145    /// Start the IDM Server
146    Server,
147    #[clap(name = "configtest")]
148    /// Test the IDM Server configuration, without starting network listeners.
149    ConfigTest,
150    #[clap(name = "cert-generate")]
151    /// Create a self-signed ca and tls certificate in the locations listed from the
152    /// configuration. These certificates should *not* be used in production, they
153    /// are for testing and evaluation only!
154    CertGenerate,
155    #[clap(name = "recover-account")]
156    /// Recover an account's password
157    RecoverAccount {
158        #[clap(value_parser)]
159        /// The account name to recover credentials for.
160        name: String,
161    },
162    #[clap(name = "disable-account")]
163    /// Disable an account so that it can not be used. This can be reset with `recover-account`.
164    DisableAccount {
165        #[clap(value_parser)]
166        /// The account name to disable.
167        name: String,
168    },
169    /// Display this server's replication certificate
170    ShowReplicationCertificate,
171    /// Renew this server's replication certificate
172    RenewReplicationCertificate,
173    /// Refresh this servers database content with the content from a supplier. This means
174    /// that all local content will be deleted and replaced with the supplier content.
175    RefreshReplicationConsumer {
176        /// Acknowledge that this database content will be refreshed from a supplier.
177        #[clap(long = "i-want-to-refresh-this-servers-database")]
178        proceed: bool,
179    },
180    // #[clap(name = "reset_server_id")]
181    // ResetServerId,
182    #[clap(name = "db-scan")]
183    /// Inspect the internal content of the database datastructures.
184    DbScan {
185        #[clap(subcommand)]
186        commands: DbScanOpt,
187    },
188    /// Database maintenance, backups, restoration etc.
189    #[clap(name = "database")]
190    Database {
191        #[clap(subcommand)]
192        commands: DbCommands,
193    },
194    /// Change domain settings
195    #[clap(name = "domain")]
196    DomainSettings {
197        #[clap(subcommand)]
198        commands: DomainSettingsCmds,
199    },
200
201    /// Load the server config and check services are listening
202    #[clap(name = "healthcheck")]
203    HealthCheck(HealthCheckArgs),
204
205    /// Print the program version and exit
206    #[clap(name = "version")]
207    Version,
208}