Merge branch 'main' into improve-pathbuf

lldap_config.docker_template.toml

@@ -7,9 +7,21 @@
 ## You can set it with the LLDAP_VERBOSE environment variable.
 # verbose=false
 
+## The host address that the LDAP server will be bound to.
+## To enable IPv6 support, simply switch "ldap_host" to "::":
+## To only allow connections from localhost (if you want to restrict to local self-hosted services),
+## change it to "127.0.0.1" ("::1" in case of IPv6)".
+#ldap_host = "0.0.0.0"
+
 ## The port on which to have the LDAP server.
 #ldap_port = 3890
 
+## The host address that the HTTP server will be bound to.
+## To enable IPv6 support, simply switch "http_host" to "::".
+## To only allow connections from localhost (if you want to restrict to local self-hosted services),
+## change it to "127.0.0.1" ("::1" in case of IPv6)".
+#http_host = "0.0.0.0"
+
 ## The port on which to have the HTTP server, for user login and
 ## administration.
 #http_port = 17170

server/src/infra/cli.rs

@@ -54,10 +54,18 @@ pub struct RunOpts {
     #[clap(long, env = "LLDAP_SERVER_KEY_FILE")]
     pub server_key_file: Option<String>,
 
+    /// Change ldap host. Default: "0.0.0.0"
+    #[clap(long, env = "LLDAP_LDAP_HOST")]
+    pub ldap_host: Option<String>,
+
     /// Change ldap port. Default: 3890
     #[clap(long, env = "LLDAP_LDAP_PORT")]
     pub ldap_port: Option<u16>,
 
+    /// Change HTTP API host. Default: "0.0.0.0"
+    #[clap(long, env = "LLDAP_HTTP_HOST")]
+    pub http_host: Option<String>,
+
     /// Change HTTP API port. Default: 17170
     #[clap(long, env = "LLDAP_HTTP_PORT")]
     pub http_port: Option<u16>,

server/src/infra/configuration.rs

@@ -64,8 +64,12 @@ impl std::default::Default for LdapsOptions {
 #[derive(Clone, Debug, Deserialize, Serialize, derive_builder::Builder)]
 #[builder(pattern = "owned", build_fn(name = "private_build"))]
 pub struct Configuration {
+    #[builder(default = r#"String::from("0.0.0.0")"#)]
+    pub ldap_host: String,
     #[builder(default = "3890")]
     pub ldap_port: u16,
+    #[builder(default = r#"String::from("0.0.0.0")"#)]
+    pub http_host: String,
     #[builder(default = "17170")]
     pub http_port: u16,
     #[builder(default = r#"SecUtf8::from("secretjwtsecret")"#)]

server/src/infra/graphql/api.rs

@@ -43,7 +43,7 @@ pub fn export_schema(opts: ExportGraphQLSchemaOpts) -> anyhow::Result<()> {
             use std::path::Path;
             let path = Path::new(&path);
             let mut file =
-                File::create(&path).context(format!("unable to open '{}'", path.display()))?;
+                File::create(path).context(format!("unable to open '{}'", path.display()))?;
             file.write_all(output.as_bytes())
                 .context(format!("unable to write in '{}'", path.display()))?;
         }

server/src/infra/ldap_server.rs

@@ -177,7 +177,7 @@ where
 
     info!("Starting the LDAP server on port {}", config.ldap_port);
     let server_builder = server_builder
-        .bind("ldap", ("0.0.0.0", config.ldap_port), binder)
+        .bind("ldap", (config.ldap_host.clone(), config.ldap_port), binder)
         .with_context(|| format!("while binding to the port {}", config.ldap_port));
     if config.ldaps_options.enabled {
         let tls_context = (
@@ -212,7 +212,11 @@ where
             config.ldaps_options.port
         );
         server_builder.and_then(|s| {
-            s.bind("ldaps", ("0.0.0.0", config.ldaps_options.port), tls_binder)
+            s.bind(
+                "ldaps",
+                (config.ldap_host.clone(), config.ldaps_options.port),
+                tls_binder,
+            )
             .with_context(|| format!("while binding to the port {}", config.ldaps_options.port))
         })
     } else {

server/src/infra/tcp_server.rs

@@ -127,7 +127,10 @@ where
     let mail_options = config.smtp_options.clone();
     info!("Starting the API/web server on port {}", config.http_port);
     server_builder
-        .bind("http", ("0.0.0.0", config.http_port), move || {
+        .bind(
+            "http",
+            (config.http_host.clone(), config.http_port),
+            move || {
                 let backend_handler = backend_handler.clone();
                 let jwt_secret = jwt_secret.clone();
                 let jwt_blacklist = jwt_blacklist.clone();
@@ -150,7 +153,8 @@ where
                         |_| AppConfig::default(),
                     ))
                     .tcp()
-        })
+            },
+        )
         .with_context(|| {
             format!(
                 "While bringing up the TCP server with port {}",

server/src/main.rs

@@ -170,7 +170,7 @@ fn run_healthcheck(opts: RunOpts) -> Result<()> {
             failure = true;
             error!("{:#}", e)
         });
-    std::process::exit(if failure { 1 } else { 0 })
+    std::process::exit(i32::from(failure))
 }
 
 fn main() -> Result<()> {