package cmd import ( "fmt" "os" "strings" "git.jnss.me/joakim/opal/internal/api" "git.jnss.me/joakim/opal/internal/engine" "github.com/spf13/cobra" ) // validateServerConfig checks that all required environment variables are set for server mode func validateServerConfig() error { // Check required OAuth/JWT environment variables required := map[string]string{ "OAUTH_CLIENT_ID": os.Getenv("OAUTH_CLIENT_ID"), "OAUTH_CLIENT_SECRET": os.Getenv("OAUTH_CLIENT_SECRET"), "OAUTH_ISSUER": os.Getenv("OAUTH_ISSUER"), "OAUTH_REDIRECT_URI": os.Getenv("OAUTH_REDIRECT_URI"), "JWT_SECRET": os.Getenv("JWT_SECRET"), } missing := []string{} for key, value := range required { if value == "" { missing = append(missing, key) } } if len(missing) > 0 { return fmt.Errorf("missing required environment variables for server mode:\n %s\n\nPlease set these variables before starting the server.", strings.Join(missing, "\n ")) } // Validate data directory is writable dataDir, err := engine.GetDataDir() if err != nil { return fmt.Errorf("cannot resolve data directory: %w", err) } // Check if directory exists and is writable info, err := os.Stat(dataDir) if err != nil { // Directory doesn't exist yet, check parent parent := dataDir for parent != "/" && parent != "." { parent = strings.TrimSuffix(parent, "/") idx := strings.LastIndex(parent, "/") if idx <= 0 { parent = "/" break } parent = parent[:idx] if parent == "" { parent = "/" } if pInfo, pErr := os.Stat(parent); pErr == nil { if !pInfo.IsDir() { return fmt.Errorf("parent path is not a directory: %s", parent) } // Check write permission by trying to create data dir if err := os.MkdirAll(dataDir, 0755); err != nil { return fmt.Errorf("data directory not writable: %s (error: %v)", dataDir, err) } break } } } else if !info.IsDir() { return fmt.Errorf("data directory path exists but is not a directory: %s", dataDir) } return nil } var serverCmd = &cobra.Command{ Use: "server", Short: "Server management commands", Long: `Commands for running and managing the opal API server`, PersistentPreRun: func(cmd *cobra.Command, args []string) { // Override root's PersistentPreRun - server handles its own initialization // But still apply directory overrides from flags if configDirFlag != "" { engine.SetConfigDirOverride(configDirFlag) } if dataDirFlag != "" { engine.SetDataDirOverride(dataDirFlag) } }, } var serverStartCmd = &cobra.Command{ Use: "start", Short: "Start the opal API server", Long: `Starts the opal-task REST API server for remote access. Examples: opal server start opal server start --addr :8080 opal server start --db /var/lib/opal/opal.db`, Run: func(cmd *cobra.Command, args []string) { addr, _ := cmd.Flags().GetString("addr") dbPath, _ := cmd.Flags().GetString("db") // Override DB path if specified if dbPath != "" { os.Setenv("OPAL_DB_PATH", dbPath) } // Validate server configuration if err := validateServerConfig(); err != nil { fmt.Fprintf(os.Stderr, "Server configuration validation failed:\n%v\n", err) os.Exit(1) } // Initialize database if err := engine.InitDB(); err != nil { fmt.Fprintf(os.Stderr, "Error initializing database: %v\n", err) os.Exit(1) } defer engine.CloseDB() // Create and start server server := api.NewServer(addr) if err := server.Start(); err != nil { fmt.Fprintf(os.Stderr, "Error starting server: %v\n", err) os.Exit(1) } }, } var keygenCmd = &cobra.Command{ Use: "keygen", Short: "Generate API key for server authentication", Long: `Generate a new API key for authenticating with the opal server. This command should be run on the server with direct database access. The generated key will be displayed once and cannot be retrieved again. Examples: opal server keygen --name "My Phone" opal server keygen --name "Laptop" --db /var/lib/opal/opal.db`, Run: func(cmd *cobra.Command, args []string) { name, _ := cmd.Flags().GetString("name") dbPath, _ := cmd.Flags().GetString("db") if name == "" { fmt.Fprintf(os.Stderr, "Error: --name is required\n") os.Exit(1) } // Override DB path if specified if dbPath != "" { os.Setenv("OPAL_DB_PATH", dbPath) } if err := engine.InitDB(); err != nil { fmt.Fprintf(os.Stderr, "Error initializing database: %v\n", err) os.Exit(1) } defer engine.CloseDB() key, err := engine.GenerateAPIKey(name) if err != nil { fmt.Fprintf(os.Stderr, "Error generating API key: %v\n", err) os.Exit(1) } fmt.Println("━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━") fmt.Println("API Key Generated Successfully") fmt.Println("━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━") fmt.Printf("Name: %s\n", name) fmt.Printf("Key: %s\n", key) fmt.Println("━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━") fmt.Println("") fmt.Println("⚠️ IMPORTANT: Save this key securely!") fmt.Println(" It will not be displayed again.") fmt.Println("") fmt.Println("To configure a client:") fmt.Printf(" opal sync init --url https://opal.yourdomain.com --key %s\n", key) }, } func init() { rootCmd.AddCommand(serverCmd) serverCmd.AddCommand(serverStartCmd) serverCmd.AddCommand(keygenCmd) serverStartCmd.Flags().StringP("addr", "a", ":8080", "Server address") serverStartCmd.Flags().StringP("db", "d", "", "Database path (default: config directory)") keygenCmd.Flags().StringP("name", "n", "", "Name for this API key (e.g., device name)") keygenCmd.Flags().StringP("db", "d", "", "Database path (default: config directory)") keygenCmd.MarkFlagRequired("name") }