kanidmd/
opt.rs

1#[derive(Debug, Args)]
2struct BackupOpt {
3    #[clap(value_parser)]
4    /// Output path for the backup content.
5    path: PathBuf,
6}
7
8#[derive(Debug, Args)]
9struct RestoreOpt {
10    #[clap(value_parser)]
11    /// Restore from this path. Should be created with "backup".
12    path: PathBuf,
13}
14
15#[derive(Debug, Subcommand)]
16enum DomainSettingsCmds {
17    /// Show the current domain
18    #[clap(name = "show")]
19    Show,
20    /// Change the IDM domain name based on the values in the configuration
21    #[clap(name = "rename")]
22    Change,
23    /// Perform a pre-upgrade-check of this domains content. This will report possible
24    /// incompatibilities that can block a successful upgrade to the next version of
25    /// Kanidm. This is a safe read only operation.
26    #[clap(name = "upgrade-check")]
27    UpgradeCheck,
28    /// ⚠️  Do not use this command unless directed by a project member. ⚠️
29    /// - Raise the functional level of this domain to the maximum available.
30    #[clap(name = "raise")]
31    Raise,
32    /// ⚠️  Do not use this command unless directed by a project member. ⚠️
33    /// - Rerun migrations of this domains database, optionally nominating the level
34    ///   to start from.
35    #[clap(name = "remigrate")]
36    Remigrate { level: Option<u32> },
37}
38
39#[derive(Debug, Subcommand)]
40enum DbCommands {
41    #[clap(name = "vacuum")]
42    /// Vacuum the database to reclaim space or change db_fs_type/page_size (offline)
43    Vacuum,
44    #[clap(name = "backup")]
45    /// Backup the database content (offline)
46    Backup(BackupOpt),
47    #[clap(name = "restore")]
48    /// Restore the database content (offline)
49    Restore(RestoreOpt),
50    #[clap(name = "verify")]
51    /// Verify database and entity consistency.
52    Verify,
53    #[clap(name = "reindex")]
54    /// Reindex the database (offline)
55    Reindex,
56}
57
58#[derive(Debug, Args)]
59struct DbScanListIndex {
60    /// The name of the index to list
61    index_name: String,
62}
63
64#[derive(Debug, Parser)]
65struct HealthCheckArgs {
66    /// Disable TLS verification
67    #[clap(short, long, action)]
68    verify_tls: bool,
69    /// Check the 'origin' URL from the server configuration file, instead of the 'address'
70    #[clap(short = 'O', long, action)]
71    check_origin: bool,
72}
73
74#[derive(Debug, Args)]
75struct DbScanGetId2Entry {
76    /// The id of the entry to display
77    id: u64,
78}
79
80#[derive(Debug, Subcommand)]
81enum DbScanOpt {
82    #[clap(name = "list-all-indexes")]
83    /// List all index tables that exist on the system.
84    ListIndexes,
85    #[clap(name = "list-index")]
86    /// List all content of a named index
87    ListIndex(DbScanListIndex),
88    // #[structopt(name = "get_index")]
89    // /// Display the content of a single index key
90    // GetIndex(DbScanGetIndex),
91    #[clap(name = "list-id2entry")]
92    /// List all id2entry values with reduced entry content
93    ListId2Entry,
94    #[clap(name = "get-id2entry")]
95    /// View the data of a specific entry from id2entry
96    GetId2Entry(DbScanGetId2Entry),
97    #[clap(name = "list-index-analysis")]
98    /// List all content of index analysis
99    ListIndexAnalysis,
100    #[clap(name = "quarantine-id2entry")]
101    /// Given an entry id, quarantine the entry in a hidden db partition
102    QuarantineId2Entry {
103        /// The id of the entry to display
104        id: u64,
105    },
106    #[clap(name = "list-quarantined")]
107    /// List the entries in quarantine
108    ListQuarantined,
109    #[clap(name = "restore-quarantined")]
110    /// Given an entry id, restore the entry from the hidden db partition
111    RestoreQuarantined {
112        /// The id of the entry to display
113        id: u64,
114    },
115}
116
117#[derive(Debug, Parser)]
118#[command(name = "kanidmd")]
119struct KanidmdParser {
120    #[command(subcommand)]
121    commands: KanidmdOpt,
122
123    #[clap(short, long, env = "KANIDM_CONFIG", global = true)]
124    config_path: Option<PathBuf>,
125
126    /// Output formatting
127    #[clap(
128        short,
129        long = "output",
130        env = "KANIDM_OUTPUT",
131        default_value = "text",
132        global = true
133    )]
134    output_mode: String,
135}
136
137// The main command parser for kanidmd
138#[derive(Debug, Subcommand)]
139enum KanidmdOpt {
140    #[clap(name = "server")]
141    /// Start the IDM Server
142    Server,
143    #[clap(name = "configtest")]
144    /// Test the IDM Server configuration, without starting network listeners.
145    ConfigTest,
146    #[clap(name = "cert-generate")]
147    /// Create a self-signed ca and tls certificate in the locations listed from the
148    /// configuration. These certificates should *not* be used in production, they
149    /// are for testing and evaluation only!
150    CertGenerate,
151    #[clap(name = "recover-account")]
152    /// Recover an account's password
153    RecoverAccount {
154        #[clap(value_parser)]
155        /// The account name to recover credentials for.
156        name: String,
157    },
158    #[clap(name = "disable-account")]
159    /// Disable an account so that it can not be used. This can be reset with `recover-account`.
160    DisableAccount {
161        #[clap(value_parser)]
162        /// The account name to disable.
163        name: String,
164    },
165    /// Display this server's replication certificate
166    ShowReplicationCertificate,
167    /// Renew this server's replication certificate
168    RenewReplicationCertificate,
169    /// Refresh this servers database content with the content from a supplier. This means
170    /// that all local content will be deleted and replaced with the supplier content.
171    RefreshReplicationConsumer {
172        /// Acknowledge that this database content will be refreshed from a supplier.
173        #[clap(long = "i-want-to-refresh-this-servers-database")]
174        proceed: bool,
175    },
176    // #[clap(name = "reset_server_id")]
177    // ResetServerId,
178    #[clap(name = "db-scan")]
179    /// Inspect the internal content of the database datastructures.
180    DbScan {
181        #[clap(subcommand)]
182        commands: DbScanOpt,
183    },
184    /// Database maintenance, backups, restoration etc.
185    #[clap(name = "database")]
186    Database {
187        #[clap(subcommand)]
188        commands: DbCommands,
189    },
190    /// Change domain settings
191    #[clap(name = "domain")]
192    DomainSettings {
193        #[clap(subcommand)]
194        commands: DomainSettingsCmds,
195    },
196
197    /// Load the server config and check services are listening
198    #[clap(name = "healthcheck")]
199    HealthCheck(HealthCheckArgs),
200
201    /// Print the program version and exit
202    #[clap(name = "version")]
203    Version,
204}