diff --git a/CHANGELOG.md b/CHANGELOG.md index 9627f4f8b64..5c45d7eaea1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,8 @@ This project adheres to [Semantic Versioning](http://semver.org/). - #3171, #3046, Log schema cache stats to stderr - @steve-chavez - #3210, Dump schema cache through admin API - @taimoorzaeem - #2676, Performance improvement on bulk json inserts, around 10% increase on requests per second by removing `json_typeof` from write queries - @steve-chavez + - #3248, Add config type to ``--example`` in CLI - @taimoorzaeem + + ``--example`` now accepts ``file/env/db`` ### Fixed diff --git a/src/PostgREST/CLI.hs b/src/PostgREST/CLI.hs index 2e9f79be71d..1792d751c7b 100644 --- a/src/PostgREST/CLI.hs +++ b/src/PostgREST/CLI.hs @@ -46,8 +46,9 @@ main CLI{cliCommand, cliPath} = do CmdDumpConfig -> do when configDbConfig $ AppState.reReadConfig True appState (const $ pure ()) putStr . Config.toText =<< AppState.getConfig appState - CmdDumpSchema -> putStrLn =<< dumpSchema appState - CmdRun -> App.run appState (Logger.logObservation loggerState)) + CmdDumpSchemaCache -> putStrLn =<< dumpSchema appState + CmdExample egType -> putStrLn $ exampleConfig egType + CmdRun -> App.run appState (Logger.logObservation loggerState)) -- | Dump SchemaCache schema to JSON dumpSchema :: AppState -> IO LBS.ByteString @@ -64,6 +65,7 @@ dumpSchema appState = do exitFailure Right sCache -> return $ JSON.encode sCache + -- | Command line interface options data CLI = CLI { cliCommand :: Command @@ -73,7 +75,10 @@ data CLI = CLI data Command = CmdRun | CmdDumpConfig - | CmdDumpSchema + | CmdDumpSchemaCache + | CmdExample ExampleType + +data ExampleType = ExampleFile | ExampleDb | ExampleEnv -- | Read command line interface options. Also prints help. readCLIShowHelp :: IO CLI @@ -82,7 +87,8 @@ readCLIShowHelp = where prefs = O.prefs $ O.showHelpOnError <> O.showHelpOnEmpty opts = O.info parser $ O.fullDesc <> progDesc - parser = O.helper <*> versionFlag <*> exampleParser <*> cliParser + -- TODO: use subparser for mulitple commands + parser = O.helper <*> versionFlag <*> cliParser progDesc = O.progDesc $ @@ -96,16 +102,10 @@ readCLIShowHelp = <> O.short 'v' <> O.help "Show the version information" - exampleParser = - O.infoOption exampleConfigFile $ - O.long "example" - <> O.short 'e' - <> O.help "Show an example configuration file" - cliParser :: O.Parser CLI cliParser = CLI - <$> (dumpConfigFlag <|> dumpSchemaFlag) + <$> (dumpExampleConfigFile <|> dumpConfigFlag <|> dumpSchemaCacheFlag) <*> O.optional configFileOption configFileOption = @@ -113,18 +113,35 @@ readCLIShowHelp = O.metavar "FILENAME" <> O.help "Path to configuration file" + parseExampleType :: O.ReadM Command + parseExampleType = O.maybeReader $ readString . map toLower + where + readString "file" = Just $ CmdExample ExampleFile + readString "db" = Just $ CmdExample ExampleDb + readString "env" = Just $ CmdExample ExampleEnv + readString _ = Just $ CmdExample ExampleFile -- default "file" + + + dumpExampleConfigFile = + O.option parseExampleType $ + O.long "example" + <> O.short 'e' + <> O.metavar "EXAMPLETYPE" + <> O.help "Type of config file/db/env" + dumpConfigFlag = O.flag CmdRun CmdDumpConfig $ O.long "dump-config" <> O.help "Dump loaded configuration and exit" - dumpSchemaFlag = - O.flag CmdRun CmdDumpSchema $ - O.long "dump-schema" + dumpSchemaCacheFlag = + O.flag CmdRun CmdDumpSchemaCache $ + O.long "dump-schema-cache" <> O.help "Dump loaded schema as JSON and exit (for debugging, output structure is unstable)" -exampleConfigFile :: [Char] -exampleConfigFile = +-- Shown in CLI "--example file" +exampleConfig :: ExampleType -> [Char] +exampleConfig ExampleFile = [str|## Admin server used for checks. It's disabled by default unless a port is specified. |# admin-server-port = 3001 | @@ -201,6 +218,7 @@ exampleConfigFile = |## Choose a secret, JSON Web Key (or set) to enable JWT auth |## (use "@filename" to load from separate file) |# jwt-secret = "secret_with_at_least_32_characters" + | |jwt-secret-is-base64 = false | |## Enables and set JWT Cache max lifetime, disables caching with 0 @@ -233,3 +251,227 @@ exampleConfigFile = |## When none is provided, 660 is applied by default |# server-unix-socket-mode = "660" |] +exampleConfig ExampleDb = -- Shown in CLI "--example db" + [str|## Admin server used for checks. It's disabled by default unless a port is specified. + |# ALTER ROLE authenticator SET pgrst.admin_server_port = '3001'; + | + |## The database role to use when no client authentication is provided + |# ALTER ROLE authenticator SET pgrst.db_anon_role = 'anon'; + | + |## Notification channel for reloading the schema cache + |ALTER ROLE authenticator SET pgrst.db_channel = 'pgrst'; + | + |## Enable or disable the notification channel + |ALTER ROLE authenticator SET pgrst.db_channel_enabled = 'true'; + | + |## Enable in-database configuration + |ALTER ROLE authenticator SET pgrst.db_config = 'true'; + | + |## Function for in-database configuration + |# ALTER ROLE authenticator SET pgrst.db_pre_config = 'postgrest.pre_config'; + | + |## Extra schemas to add to the search_path of every request + |ALTER ROLE authenticator SET pgrst.db_extra_search_path = 'public'; + | + |## Limit rows in response + |# ALTER ROLE authenticator SET pgrst.db_max_rows = '1000'; + | + |## Allow getting the EXPLAIN plan through the `Accept: application/vnd.pgrst.plan` header + |# ALTER ROLE authenticator SET pgrst.db_plan_enabled = 'false'; + | + |## Number of open connections in the pool + |ALTER ROLE authenticator SET pgrst.db_pool = '10'; + | + |## Time in seconds to wait to acquire a slot from the connection pool + |# ALTER ROLE authenticator SET pgrst.db_pool_acquisition_timeout = '10'; + | + |## Time in seconds after which to recycle pool connections + |# ALTER ROLE authenticator SET pgrst.db_pool_max_lifetime = '1800'; + | + |## Time in seconds after which to recycle unused pool connections + |# ALTER ROLE authenticator SET pgrst.db_pool_max_idletime = '30'; + | + |## Allow automatic database connection retrying + |# ALTER ROLE authenticator SET pgrst.db_pool_automatic_recovery = 'true'; + | + |## Stored proc to exec immediately after auth + |# ALTER ROLE authenticator SET pgrst.db_pre_request = 'stored_proc_name'; + | + |## Enable or disable prepared statements. disabling is only necessary when behind a connection pooler. + |## When disabled, statements will be parametrized but won't be prepared. + |ALTER ROLE authenticator SET pgrst.db_prepared_statements = 'true'; + | + |## The name of which database schema to expose to REST clients + |ALTER ROLE authenticator SET pgrst.db_schemas = 'public'; + | + |## How to terminate database transactions + |## Possible values are: + |## commit (default) + |## Transaction is always committed, this can not be overriden + |## commit-allow-override + |## Transaction is committed, but can be overriden with Prefer tx=rollback header + |## rollback + |## Transaction is always rolled back, this can not be overriden + |## rollback-allow-override + |## Transaction is rolled back, but can be overriden with Prefer tx=commit header + |ALTER ROLE authenticator SET pgrst.db_tx_end = 'commit'; + | + |## The standard connection URI format, documented at + |## https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING + |ALTER ROLE authenticator SET pgrst.db_uri = 'postgresql://'; + | + |# ALTER ROLE authenticator SET pgrst.jwt_aut = 'your_audience_claim'; + | + |## Jspath to the role claim key + |ALTER ROLE authenticator SET pgrst.jwt_role_claim_key = '.role'; + | + |## Choose a secret, JSON Web Key (or set) to enable JWT auth + |## (use "@filename" to load from separate file) + |# ALTER ROLE authenticator SET pgrst.jwt_secret = 'secret_with_at_least_32_characters' + | + |ALTER ROLE authenticator SET pgrst.jwt_secret_is_base64 = 'false'; + | + |## Enables and set JWT Cache max lifetime, disables caching with 0 + |# ALTER ROLE authenticator SET pgrst.jwt_cache_max_lifetime = '0'; + | + |## Logging level, the admitted values are: crit, error, warn and info. + |ALTER ROLE authenticator SET pgrst.log_level = 'error'; + | + |## Determine if the OpenAPI output should follow or ignore role privileges or be disabled entirely. + |## Admitted values: follow-privileges, ignore-privileges, disabled + |ALTER ROLE authenticator SET pgrst.openapi_mode = 'follow-privileges'; + | + |## Base url for the OpenAPI output + |ALTER ROLE authenticator SET pgrst.openapi_server_proxy_uri = ''; + | + |## Configurable CORS origins + |# ALTER ROLE authenticator SET pgrst.server_cors_allowed_origins = ''; + | + |ALTER ROLE authenticator SET pgrst.server_host = '!4'; + | + |ALTER ROLE authenticator SET pgrst.server_port = '3000'; + | + |## Allow getting the request-response timing information through the `Server-Timing` header + |ALTER ROLE authenticator SET pgrst.server_timing_enabled = 'false'; + | + |## Unix socket location + |## if specified it takes precedence over server-port + |# ALTER ROLE authenticator SET pgrst.server_unix_socket = '/tmp/pgrst.sock'; + | + |## Unix socket file mode + |## When none is provided, 660 is applied by default + |# ALTER ROLE authenticator SET pgrst.server_unix_socket_mods = '660'; + |] +exampleConfig ExampleEnv = -- Shown in CLI "--example env" + [str|## Admin server used for checks. It's disabled by default unless a port is specified. + |# export PGRST_ADMIN_SERVER_PORT=3001 + | + |## The database role to use when no client authentication is provided + |# export PGRST_DB_ANON_ROLE=root + | + |## Notification channel for reloading the schema cache + |export PGRST_DB_CHANNEL=postgrest + | + |## Enable or disable the notification channel + |export PGRST_DB_CHANNEL_ENABLED=false + | + |## Enable in-database configuration + |export PGRST_DB_CONFIG=false + | + |## Function for in-database configuration + |# export PGRST_DB_PRE_CONFIG='postgrest.pre_config' + | + |## Extra schemas to add to the search_path of every request + |export PGRST_DB_EXTRA_SEARCH_PATH='public' + | + |## Limit rows in response + |# export PGRST_DB_MAX_ROWS=1000 + | + |## Allow getting the EXPLAIN plan through the `Accept: application/vnd.pgrst.plan` header + |# export PGRST_DB_PLAN_ENABLED=false + | + |## Number of open connections in the pool + |export PGRST_DB_POOL=10 + | + |## Time in seconds to wait to acquire a slot from the connection pool + |# export PGRST_DB_POOL_ACQUISITION_TIMEOUT=10 + | + |## Time in seconds after which to recycle pool connections + |# export PGRST_DB_POOL_MAX_LIFETIME=1800 + | + |## Time in seconds after which to recycle unused pool connections + |# export PGRST_DB_POOL_MAX_IDLETIME=30 + | + |## Allow automatic database connection retrying + |# export PGRST_DB_POOL_AUTOMATIC_RECOVERY=true + | + |## Stored proc to exec immediately after auth + |# export PGRST_DB_PRE_REQUEST='stored_proc_name' + | + |## Enable or disable prepared statements. disabling is only necessary when behind a connection pooler. + |## When disabled, statements will be parametrized but won't be prepared. + |export PGRST_DB_PREPARED_STATEMENTS=true + | + |## The name of which database schema to expose to REST clients + |export PGRST_DB_SCHEMAS='public' + | + |## How to terminate database transactions + |## Possible values are: + |## commit (default) + |## Transaction is always committed, this can not be overriden + |## commit-allow-override + |## Transaction is committed, but can be overriden with Prefer tx=rollback header + |## rollback + |## Transaction is always rolled back, this can not be overriden + |## rollback-allow-override + |## Transaction is rolled back, but can be overriden with Prefer tx=commit header + |export PGRST_DB_TX_END=commit + | + |## The standard connection URI format, documented at + |## https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING + |export PGRST_DB_URI='postgresql://' + | + |# export PGRST_JWT_AUD='your_audience_claim' + | + |## Jspath to the role claim key + |export PGRST_JWT_ROLE_CLAIM_KEY='.role' + | + |## Choose a secret, JSON Web Key (or set) to enable JWT auth + |## (use "@filename" to load from separate file) + |# export PGRST_JWT_SECRET='secret_with_at_least_32_characters' + | + |export PGRST_JWT_SECRET_IS_BASE64=false + | + |## Enables and set JWT Cache max lifetime, disables caching with 0 + |# export PGRST_JWT_CACHE_MAX_LIFETIME=0 + | + |## Logging level, the admitted values are: crit, error, warn and info. + |export PGRST_LOG_LEVEL=error + | + |## Determine if the OpenAPI output should follow or ignore role privileges or be disabled entirely. + |## Admitted values: follow-privileges, ignore-privileges, disabled + |export PGRST_OPENAPI_MODE='follow-privileges' + | + |## Base url for the OpenAPI output + |export PGRST_OPENAPI_SERVER_PROXY_URI='' + | + |## Configurable CORS origins + |# export PGRST_SERVER_CORS_ALLOWED_ORIGINS='' + | + |export PGRST_SERVER_HOST=!4 + | + |export PGRST_SERVER_PORT=3000 + | + |## Allow getting the request-response timing information through the `Server-Timing` header + |export PGRST_SERVER_TIMING_ENABLED=false + | + |export PGRST_SERVER_TRACE_HEADER=X-Request-Id + | + |## Unix socket location + |## if specified it takes precedence over server-port + |# export PGRST_SERVER_UNIX_SOCKET='/tmp/pgrst.sock' + | + |## Unix socket file mode + |## When none is provided, 660 is applied by default + |# export PGRST_SERVER_UNIX_SOCKET_MODE=660 + |]