joakim
5d01c9f564
Separate configuration from data storage and make paths configurable via environment variables and command-line flags. This improves Unix/Linux compliance and supports both development and production deployments. Key changes: - Separate config dir (opal.yml) from data dir (database, logs) - Support XDG Base Directory specification - Add --config-dir and --data-dir flags - Environment variables: OPAL_CONFIG_DIR, OPAL_DATA_DIR, OPAL_DB_PATH - Smart fallback: /etc/opal, /var/lib/opal -> ~/.config/opal, ~/.local/share/opal - Server mode validates required OAuth/JWT environment variables - Update naming from 'jade' to 'opal' throughout - Update systemd service name to 'opal.service' - Add migration guide in README Default paths: - Config: /etc/opal (fallback: ~/.config/opal) - Data: /var/lib/opal (fallback: ~/.local/share/opal) Files modified: - internal/engine/config.go: New directory resolution logic - internal/engine/database.go: Auto-create data directory - cmd/root.go: Add global flags for directory overrides - cmd/server.go: Add configuration validation - cmd/sync.go, internal/sync/*: Use new path helper functions - tests: Update to use directory overrides - docs: Update deployment guide and README
186 lines
5.5 KiB
Go
186 lines
5.5 KiB
Go
package cmd
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
"strings"
|
|
|
|
"git.jnss.me/joakim/opal/internal/api"
|
|
"git.jnss.me/joakim/opal/internal/engine"
|
|
"github.com/spf13/cobra"
|
|
)
|
|
|
|
// validateServerConfig checks that all required environment variables are set for server mode
|
|
func validateServerConfig() error {
|
|
// Check required OAuth/JWT environment variables
|
|
required := map[string]string{
|
|
"OAUTH_CLIENT_ID": os.Getenv("OAUTH_CLIENT_ID"),
|
|
"OAUTH_CLIENT_SECRET": os.Getenv("OAUTH_CLIENT_SECRET"),
|
|
"OAUTH_ISSUER": os.Getenv("OAUTH_ISSUER"),
|
|
"OAUTH_REDIRECT_URI": os.Getenv("OAUTH_REDIRECT_URI"),
|
|
"JWT_SECRET": os.Getenv("JWT_SECRET"),
|
|
}
|
|
|
|
missing := []string{}
|
|
for key, value := range required {
|
|
if value == "" {
|
|
missing = append(missing, key)
|
|
}
|
|
}
|
|
|
|
if len(missing) > 0 {
|
|
return fmt.Errorf("missing required environment variables for server mode:\n %s\n\nPlease set these variables before starting the server.", strings.Join(missing, "\n "))
|
|
}
|
|
|
|
// Validate data directory is writable
|
|
dataDir, err := engine.GetDataDir()
|
|
if err != nil {
|
|
return fmt.Errorf("cannot resolve data directory: %w", err)
|
|
}
|
|
|
|
// Check if directory exists and is writable
|
|
info, err := os.Stat(dataDir)
|
|
if err != nil {
|
|
// Directory doesn't exist yet, check parent
|
|
parent := dataDir
|
|
for parent != "/" && parent != "." {
|
|
parent = strings.TrimSuffix(parent, "/")
|
|
idx := strings.LastIndex(parent, "/")
|
|
if idx <= 0 {
|
|
parent = "/"
|
|
break
|
|
}
|
|
parent = parent[:idx]
|
|
if parent == "" {
|
|
parent = "/"
|
|
}
|
|
|
|
if pInfo, pErr := os.Stat(parent); pErr == nil {
|
|
if !pInfo.IsDir() {
|
|
return fmt.Errorf("parent path is not a directory: %s", parent)
|
|
}
|
|
// Check write permission by trying to create data dir
|
|
if err := os.MkdirAll(dataDir, 0755); err != nil {
|
|
return fmt.Errorf("data directory not writable: %s (error: %v)", dataDir, err)
|
|
}
|
|
break
|
|
}
|
|
}
|
|
} else if !info.IsDir() {
|
|
return fmt.Errorf("data directory path exists but is not a directory: %s", dataDir)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
var serverCmd = &cobra.Command{
|
|
Use: "server",
|
|
Short: "Server management commands",
|
|
Long: `Commands for running and managing the opal API server`,
|
|
}
|
|
|
|
var serverStartCmd = &cobra.Command{
|
|
Use: "start",
|
|
Short: "Start the opal API server",
|
|
Long: `Starts the opal-task REST API server for remote access.
|
|
|
|
Examples:
|
|
opal server start
|
|
opal server start --addr :8080
|
|
opal server start --db /var/lib/opal/opal.db`,
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
addr, _ := cmd.Flags().GetString("addr")
|
|
dbPath, _ := cmd.Flags().GetString("db")
|
|
|
|
// Override DB path if specified
|
|
if dbPath != "" {
|
|
os.Setenv("OPAL_DB_PATH", dbPath)
|
|
}
|
|
|
|
// Validate server configuration
|
|
if err := validateServerConfig(); err != nil {
|
|
fmt.Fprintf(os.Stderr, "Server configuration validation failed:\n%v\n", err)
|
|
os.Exit(1)
|
|
}
|
|
|
|
// Initialize database
|
|
if err := engine.InitDB(); err != nil {
|
|
fmt.Fprintf(os.Stderr, "Error initializing database: %v\n", err)
|
|
os.Exit(1)
|
|
}
|
|
defer engine.CloseDB()
|
|
|
|
// Create and start server
|
|
server := api.NewServer(addr)
|
|
if err := server.Start(); err != nil {
|
|
fmt.Fprintf(os.Stderr, "Error starting server: %v\n", err)
|
|
os.Exit(1)
|
|
}
|
|
},
|
|
}
|
|
|
|
var keygenCmd = &cobra.Command{
|
|
Use: "keygen",
|
|
Short: "Generate API key for server authentication",
|
|
Long: `Generate a new API key for authenticating with the opal server.
|
|
|
|
This command should be run on the server with direct database access.
|
|
The generated key will be displayed once and cannot be retrieved again.
|
|
|
|
Examples:
|
|
opal server keygen --name "My Phone"
|
|
opal server keygen --name "Laptop" --db /var/lib/opal/opal.db`,
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
name, _ := cmd.Flags().GetString("name")
|
|
dbPath, _ := cmd.Flags().GetString("db")
|
|
|
|
if name == "" {
|
|
fmt.Fprintf(os.Stderr, "Error: --name is required\n")
|
|
os.Exit(1)
|
|
}
|
|
|
|
// Override DB path if specified
|
|
if dbPath != "" {
|
|
os.Setenv("OPAL_DB_PATH", dbPath)
|
|
}
|
|
|
|
if err := engine.InitDB(); err != nil {
|
|
fmt.Fprintf(os.Stderr, "Error initializing database: %v\n", err)
|
|
os.Exit(1)
|
|
}
|
|
defer engine.CloseDB()
|
|
|
|
key, err := engine.GenerateAPIKey(name)
|
|
if err != nil {
|
|
fmt.Fprintf(os.Stderr, "Error generating API key: %v\n", err)
|
|
os.Exit(1)
|
|
}
|
|
|
|
fmt.Println("━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━")
|
|
fmt.Println("API Key Generated Successfully")
|
|
fmt.Println("━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━")
|
|
fmt.Printf("Name: %s\n", name)
|
|
fmt.Printf("Key: %s\n", key)
|
|
fmt.Println("━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━")
|
|
fmt.Println("")
|
|
fmt.Println("⚠️ IMPORTANT: Save this key securely!")
|
|
fmt.Println(" It will not be displayed again.")
|
|
fmt.Println("")
|
|
fmt.Println("To configure a client:")
|
|
fmt.Printf(" opal sync init --url https://opal.yourdomain.com --key %s\n", key)
|
|
},
|
|
}
|
|
|
|
func init() {
|
|
rootCmd.AddCommand(serverCmd)
|
|
serverCmd.AddCommand(serverStartCmd)
|
|
serverCmd.AddCommand(keygenCmd)
|
|
|
|
serverStartCmd.Flags().StringP("addr", "a", ":8080", "Server address")
|
|
serverStartCmd.Flags().StringP("db", "d", "", "Database path (default: config directory)")
|
|
|
|
keygenCmd.Flags().StringP("name", "n", "", "Name for this API key (e.g., device name)")
|
|
keygenCmd.Flags().StringP("db", "d", "", "Database path (default: config directory)")
|
|
keygenCmd.MarkFlagRequired("name")
|
|
}
|