diff --git a/package.json b/package.json index b447dd4..ecff313 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "community-server-configuration-generator", - "version": "6.0.0", + "version": "7.0.0", "description": "Generates configurations for the Community Solid Server", "author": "Joachim Van Herwegen ", "license": "MIT", diff --git a/src/data/choices/Accounts.ts b/src/data/choices/Accounts.ts new file mode 100644 index 0000000..632529d --- /dev/null +++ b/src/data/choices/Accounts.ts @@ -0,0 +1,21 @@ +import { Choice } from '../Choice'; + +/** + * Allow registration on the server. + */ +export const ACCOUNTS = { + id: 'accounts', + label: 'Accounts', + description: `Everything related to account management. + The two final options still enable account management, but disable certain features for users. +

+ If this is enabled anyone will be able to create new pods on your server.`, + options: [ + { value: 'default', label: 'Enabled'}, + { value: 'disabled', label: 'Disabled'}, + { value: 'no-accounts', label: 'No new accounts'}, + { value: 'no-pods', label: 'No new pods'}, + { value: 'no-accounts-pods', label: 'No new accounts and no new pods for existing accounts'}, + ], + default: 'default', +} as const satisfies Choice<'default' | 'disabled' | 'no-accounts' | 'no-pods' | 'no-accounts-pods'>; diff --git a/src/data/choices/Backend.ts b/src/data/choices/Backend.ts index d3d271c..cafaa09 100644 --- a/src/data/choices/Backend.ts +++ b/src/data/choices/Backend.ts @@ -17,7 +17,7 @@ export const BACKEND = { { value: 'file', label: 'File system' }, { value: 'sparql', label: 'SPARQL endpoint (requires in-memory internal storage)' }, { value: 'pod-quota-file', label: 'File system (with a pod quota)' }, - { value: 'regex', label: 'SPARQL endpoint (using file system for internal data)' } + { value: 'regex', label: 'SPARQL endpoint (using the file system for internal data)' } ], default: 'file', } as const satisfies Choice<'memory' | 'file' | 'sparql' | 'pod-quota-file' | 'regex'>; diff --git a/src/data/choices/InitializeRoot.ts b/src/data/choices/InitializeRoot.ts index 2f93cca..0cbf863 100644 --- a/src/data/choices/InitializeRoot.ts +++ b/src/data/choices/InitializeRoot.ts @@ -1,17 +1,26 @@ -import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../Choice'; +import { Choice } from '../Choice'; /** - * Initialize root as storage and fully accessible (GIVES FULL ACCESS WHICH NEEDS TO BE UPDATED). + * Initialize root as storage and fully accessible (GIVES FULL ACCESS WHICH NEEDS TO BE UPDATED), + * as a pod, as a static page, or as nothing. */ export const INITIALIZE_ROOT = { id: 'initializeRoot', label: 'Initialize root', - description: `Makes the root of the server accessible for reading and writing data. - Enabling this will create the relevant authorization resources in the root that allow this. + description: `Determines what needs to happen with the root of the server.

- These authorization resources provide full access to everyone so make sure to immediately update these. + The "Root pod" option creates a pod in the root with the email and password defined in the configuration. + It is advised to immediately change this password. +

+ The "Accessible root" option writes authorization resources to the root of the server, giving full access to everyone. + It is advised to immediately update these after starting the server to prevent misuse. They will also not disappear after stopping the server and need to be deleted manually afterwards if you use a file system as backend. `, - options: ENABLED_DISABLED, - default: FALSE, -} as const satisfies Choice; + options: [ + { value: 'default', label: 'Inaccessible root' }, + { value: 'static-root', label: 'Static HTML page' }, + { value: 'initialize-root-pod', label: 'Root pod' }, + { value: 'initialize-root', label: 'Accessible root' }, + ], + default: 'static-root', +} as const satisfies Choice<'default' | 'static-root' | 'initialize-root-pod' | 'initialize-root'>; diff --git a/src/data/choices/Internal.ts b/src/data/choices/Internal.ts index 3a08adb..55d6b26 100644 --- a/src/data/choices/Internal.ts +++ b/src/data/choices/Internal.ts @@ -10,7 +10,7 @@ export const INTERNAL = { Data stored in memory will be lost on server restart.`, options: [ { value: 'memory', label: 'In-memory' }, - { value: 'resource-store', label: 'Same as data storage (see next)' }, + { value: 'resource-store', label: 'Same as data storage' }, ], default: 'resource-store', } as const satisfies Choice<'memory' | 'resource-store'>; diff --git a/src/data/choices/Ldp.ts b/src/data/choices/Ldp.ts new file mode 100644 index 0000000..a5f9d00 --- /dev/null +++ b/src/data/choices/Ldp.ts @@ -0,0 +1,13 @@ +import { BooleanOption, Choice, ENABLED_DISABLED, TRUE } from '../Choice'; + +/** + * Enable or disable LDP. + */ +export const LDP = { + id: 'ldp', + label: 'Solid protocol', + description: `Enables support for the core Solid protocol. + This can be disabled if you want a server that only handles OIDC and accounts.`, + options: ENABLED_DISABLED, + default: TRUE, +} as const satisfies Choice; diff --git a/src/data/choices/Notifications.ts b/src/data/choices/Notifications.ts index 364542e..c1cb9f7 100644 --- a/src/data/choices/Notifications.ts +++ b/src/data/choices/Notifications.ts @@ -1,4 +1,4 @@ -import { Choice, FALSE } from '../Choice'; +import { Choice } from '../Choice'; /** * Notification method(s). None if undefined. @@ -18,5 +18,5 @@ export const NOTIFICATIONS = { { value: 'new-old-websockets', label: 'Current & Legacy WebSockets' }, { value: 'disabled', label: 'Disabled' } ], - default: 'websockets', + default: 'all', } as const satisfies Choice<'all' | 'websockets' | 'webhooks' | 'legacy-websockets' | 'new-old-websockets' | 'disabled'>; diff --git a/src/data/choices/Oidc.ts b/src/data/choices/Oidc.ts new file mode 100644 index 0000000..b82f038 --- /dev/null +++ b/src/data/choices/Oidc.ts @@ -0,0 +1,13 @@ +import { BooleanOption, Choice, ENABLED_DISABLED, TRUE } from '../Choice'; + +/** + * Enable or disable OIDC. + */ +export const OIDC = { + id: 'oidc', + label: 'OpenID provider', + description: `Allows the server to generate the necessary tokens and interactions for an OIDC session. + You need this if you want to use the server to log in to Solid applications.`, + options: ENABLED_DISABLED, + default: TRUE, +} as const satisfies Choice; diff --git a/src/data/choices/Registration.ts b/src/data/choices/Registration.ts deleted file mode 100644 index f7bed11..0000000 --- a/src/data/choices/Registration.ts +++ /dev/null @@ -1,12 +0,0 @@ -import { BooleanOption, Choice, ENABLED_DISABLED, TRUE } from '../Choice'; - -/** - * Allow registration on the server. - */ -export const REGISTRATION = { - id: 'registration', - label: 'Registration', - description: `Allow users to register new accounts and pods on the server.`, - options: ENABLED_DISABLED, - default: TRUE, -} as const satisfies Choice; diff --git a/src/data/choices/Setup.ts b/src/data/choices/Setup.ts deleted file mode 100644 index 68ae95a..0000000 --- a/src/data/choices/Setup.ts +++ /dev/null @@ -1,13 +0,0 @@ -import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../Choice'; - -/** - * Require setup to be performed. - */ -export const SETUP = { - id: 'setup', - label: 'Setup', - description: `Requires a setup procedure to occur after starting the server. - This can be used to create a pod immediately on the server.`, - options: ENABLED_DISABLED, - default: FALSE, -} as const satisfies Choice; diff --git a/src/data/choices/overrides/AccountHtmlTemplate.ts b/src/data/choices/overrides/AccountHtmlTemplate.ts new file mode 100644 index 0000000..3031d8b --- /dev/null +++ b/src/data/choices/overrides/AccountHtmlTemplate.ts @@ -0,0 +1,15 @@ +import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../../Choice'; + +/** + * The main template used for all generated HTML responses. + */ +export const ACCOUNT_HTML_TEMPLATE = { + id: 'accountHtmlTemplate', + label: 'Account HTML pages', + description: `The HTML page used when registering an email/password account on the server. + All other account HTML pages can be replaced similarly by looking in the configuration where the template file occurs. + All template files can be found + here.`, + options: ENABLED_DISABLED, + default: FALSE, +} as const satisfies Choice; diff --git a/src/data/choices/ContainerIndex.ts b/src/data/choices/overrides/ContainerIndex.ts similarity index 98% rename from src/data/choices/ContainerIndex.ts rename to src/data/choices/overrides/ContainerIndex.ts index 995e241..6305400 100644 --- a/src/data/choices/ContainerIndex.ts +++ b/src/data/choices/overrides/ContainerIndex.ts @@ -1,4 +1,4 @@ -import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../Choice'; +import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../../Choice'; /** * The folder from where the pod templates will be loaded. diff --git a/src/data/choices/LockExpiration.ts b/src/data/choices/overrides/LockExpiration.ts similarity index 97% rename from src/data/choices/LockExpiration.ts rename to src/data/choices/overrides/LockExpiration.ts index 79db526..3b4c3ab 100644 --- a/src/data/choices/LockExpiration.ts +++ b/src/data/choices/overrides/LockExpiration.ts @@ -1,4 +1,4 @@ -import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../Choice'; +import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../../Choice'; /** * Add template to update the lock expiration. diff --git a/src/data/choices/overrides/MainTemplate.ts b/src/data/choices/overrides/MainTemplate.ts new file mode 100644 index 0000000..eac16c9 --- /dev/null +++ b/src/data/choices/overrides/MainTemplate.ts @@ -0,0 +1,14 @@ +import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../../Choice'; + +/** + * The main template used for all generated HTML responses. + */ +export const MAIN_TEMPLATE = { + id: 'mainTemplate', + label: 'Main HTML template', + description: `The main HTML body that is used for all HTML pages generated by the server. + See the original + version to know what is expected.`, + options: ENABLED_DISABLED, + default: FALSE, +} as const satisfies Choice; diff --git a/src/data/choices/NotificationDuration.ts b/src/data/choices/overrides/NotificationDuration.ts similarity index 98% rename from src/data/choices/NotificationDuration.ts rename to src/data/choices/overrides/NotificationDuration.ts index 531c429..fe06735 100644 --- a/src/data/choices/NotificationDuration.ts +++ b/src/data/choices/overrides/NotificationDuration.ts @@ -1,4 +1,4 @@ -import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../Choice'; +import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../../Choice'; /** * The folder from where the pod templates will be loaded. diff --git a/src/data/choices/OidcConfiguration.ts b/src/data/choices/overrides/OidcConfiguration.ts similarity index 98% rename from src/data/choices/OidcConfiguration.ts rename to src/data/choices/overrides/OidcConfiguration.ts index df72a54..90171e8 100644 --- a/src/data/choices/OidcConfiguration.ts +++ b/src/data/choices/overrides/OidcConfiguration.ts @@ -1,4 +1,4 @@ -import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../Choice'; +import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../../Choice'; /** * Add template to update the OIDC configuration settings. Probably only interested in the timeouts though. diff --git a/src/data/choices/PodTemplate.ts b/src/data/choices/overrides/PodTemplate.ts similarity index 63% rename from src/data/choices/PodTemplate.ts rename to src/data/choices/overrides/PodTemplate.ts index 22cbc89..1461f3a 100644 --- a/src/data/choices/PodTemplate.ts +++ b/src/data/choices/overrides/PodTemplate.ts @@ -1,4 +1,4 @@ -import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../Choice'; +import { BooleanOption, Choice, ENABLED_DISABLED, FALSE } from '../../Choice'; /** * The folder from where the pod templates will be loaded. @@ -7,11 +7,8 @@ export const POD_TEMPLATE = { id: 'podTemplate', label: 'Pod template folder', description: `The path to the folder that contains the templates that are used to instantiate a new pod. - The path is relative to where the Node.js process is executed from, - or, if it starts with @css:, relative to the install location of CSS. HandleBars is used to interpret the templates.

-

The WebID is always expected to be in profile/card#me. - The folder is expected to have separate folders to differentiate between the chosen authorization systems, + The folder at the path location is expected to have separate folders to differentiate between the chosen authorization systems, see the original templates for an example.`, options: ENABLED_DISABLED, default: FALSE, diff --git a/src/data/data.ts b/src/data/data.ts index c06eba1..74fdf51 100644 --- a/src/data/data.ts +++ b/src/data/data.ts @@ -1,16 +1,14 @@ import { Choice } from './Choice'; import { Group } from './Group'; +import { ACCOUNT_MANAGEMENT } from './groups/AccountManagement'; import { ADVANCED } from './groups/Advanced'; import { DATA } from './groups/Data'; import { MISC } from './groups/Misc'; import { PARAMETERS } from './groups/Parameters'; -import { PODS } from './groups/Pods'; -import { SECURITY } from './groups/Security'; export const GROUPS = [ DATA, - SECURITY, - PODS, + ACCOUNT_MANAGEMENT, MISC, ADVANCED, PARAMETERS, diff --git a/src/data/groups/Pods.ts b/src/data/groups/AccountManagement.ts similarity index 55% rename from src/data/groups/Pods.ts rename to src/data/groups/AccountManagement.ts index e4c1d9d..8aea2b9 100644 --- a/src/data/groups/Pods.ts +++ b/src/data/groups/AccountManagement.ts @@ -1,16 +1,18 @@ import { Choice } from '../Choice'; +import { ACCOUNTS } from '../choices/Accounts'; import { EMAIL } from '../choices/Email'; -import { REGISTRATION } from '../choices/Registration'; +import { OIDC } from '../choices/Oidc'; import { SUBDOMAIN } from '../choices/Subdomain'; import { Group } from '../Group'; -export const PODS = { - id: 'pods', - label: 'Pod management', - description: 'Everything related to registering and creating new pods on the server.', +export const ACCOUNT_MANAGEMENT = { + id: 'account-management', + label: 'Account management', + description: 'Everything related to registering and creating new accounts and pods on the server.', entries: [ - REGISTRATION, + ACCOUNTS, EMAIL, SUBDOMAIN, + OIDC, ], } as const satisfies Group; diff --git a/src/data/groups/Data.ts b/src/data/groups/Data.ts index 068dfe6..e197a50 100644 --- a/src/data/groups/Data.ts +++ b/src/data/groups/Data.ts @@ -1,16 +1,20 @@ import { Choice } from '../Choice'; +import { AUTHORIZATION } from '../choices/Authorization'; import { BACKEND } from '../choices/Backend'; import { INTERNAL } from '../choices/Internal'; +import { LDP } from '../choices/Ldp'; import { LOCKING } from '../choices/Locking'; import { Group } from '../Group'; export const DATA = { id: 'data', label: 'Data management', - description: 'All options related to where data is stored.', + description: 'All options related to how data is stored.', entries: [ - INTERNAL, BACKEND, + AUTHORIZATION, + LDP, + INTERNAL, LOCKING, ], } as const satisfies Group; diff --git a/src/data/groups/Misc.ts b/src/data/groups/Misc.ts index aeb724f..7e83bdf 100644 --- a/src/data/groups/Misc.ts +++ b/src/data/groups/Misc.ts @@ -1,7 +1,7 @@ import { Choice } from '../Choice'; +import { HTTPS } from '../choices/Https'; import { INITIALIZE_ROOT } from '../choices/InitializeRoot'; import { NOTIFICATIONS } from '../choices/Notifications'; -import { SETUP } from '../choices/Setup'; import { Group } from '../Group'; export const MISC = { @@ -11,6 +11,6 @@ export const MISC = { entries: [ NOTIFICATIONS, INITIALIZE_ROOT, - SETUP, + HTTPS, ], } as const satisfies Group; diff --git a/src/data/groups/Parameters.ts b/src/data/groups/Parameters.ts index c438865..e892a86 100644 --- a/src/data/groups/Parameters.ts +++ b/src/data/groups/Parameters.ts @@ -1,9 +1,11 @@ import { Choice } from '../Choice'; -import { CONTAINER_INDEX } from '../choices/ContainerIndex'; -import { LOCK_EXPIRATION } from '../choices/LockExpiration'; -import { NOTIFICATION_DURATION } from '../choices/NotificationDuration'; -import { OIDC_CONFIGURATION } from '../choices/OidcConfiguration'; -import { POD_TEMPLATE } from '../choices/PodTemplate'; +import { ACCOUNT_HTML_TEMPLATE } from '../choices/overrides/AccountHtmlTemplate'; +import { CONTAINER_INDEX } from '../choices/overrides/ContainerIndex'; +import { LOCK_EXPIRATION } from '../choices/overrides/LockExpiration'; +import { MAIN_TEMPLATE } from '../choices/overrides/MainTemplate'; +import { NOTIFICATION_DURATION } from '../choices/overrides/NotificationDuration'; +import { OIDC_CONFIGURATION } from '../choices/overrides/OidcConfiguration'; +import { POD_TEMPLATE } from '../choices/overrides/PodTemplate'; import { Group } from '../Group'; export const PARAMETERS = { @@ -14,6 +16,9 @@ export const PARAMETERS = { which you can use to update the necessary values in the overrideParameters block.

These options are only relevant for specific use cases. If you are not sure, you can safely leave them all disabled and the default values will be used.

+

Several of these options allow you to provide a path to a file. + This path is always relative to where the Node.js process is executed from, + or, if it starts with @css:, relative to the install location of CSS.

The options below are just some of the parameters that can be customized, chosen based on what might be useful for people wanting to configure their server. If there is another value that you want to customize, @@ -24,6 +29,8 @@ export const PARAMETERS = { LOCK_EXPIRATION, CONTAINER_INDEX, POD_TEMPLATE, + MAIN_TEMPLATE, + ACCOUNT_HTML_TEMPLATE, OIDC_CONFIGURATION, ], } as const satisfies Group; diff --git a/src/data/groups/Security.ts b/src/data/groups/Security.ts deleted file mode 100644 index 896af41..0000000 --- a/src/data/groups/Security.ts +++ /dev/null @@ -1,14 +0,0 @@ -import { Choice } from '../Choice'; -import { AUTHORIZATION } from '../choices/Authorization'; -import { HTTPS } from '../choices/Https'; -import { Group } from '../Group'; - -export const SECURITY = { - id: 'security', - label: 'Security', - description: 'Features related to the security of the server.', - entries: [ - HTTPS, - AUTHORIZATION, - ], -} as const satisfies Group; diff --git a/src/util/body.ts b/src/util/body.ts index 5ab5d7d..bae4fc6 100644 --- a/src/util/body.ts +++ b/src/util/body.ts @@ -4,13 +4,13 @@ import { Choices, Option } from '../data/data'; interface Override { '@id'?: string, - comment: string; + comment: string | string[]; '@type': 'Override', overrideInstance: { '@id': string }, overrideParameters: Record & { '@type': string }, } -function generateOverride(instance: string, type: string, comment: string, params: Record): Override { +function generateOverride(instance: string, type: string, comment: string | string[], params: Record): Override { return { comment: comment, '@type': 'Override', @@ -86,6 +86,16 @@ export function generateBody(choices: Choices): unknown[] { body.push(generateOverride('urn:solid-server:default:SizeReporter', 'FileSizeReporter', commentReporter, paramsReporter)); } + if (choices.initializeRoot === 'initialize-root-pod') { + const comment = [ 'The login settings of the account of the root pod. ', + 'It is advised to immediately change this password after starting the server.' ]; + const params = { + email: 'test@example.com', + password: 'secret!', + } + body.push(generateOverride('urn:solid-server:default:RootPodInitializer', 'AccountInitializer', comment, params)); + } + if (choices.notificationDuration === TRUE && ([ 'all', 'websockets', 'new-old-websockets' ] satisfies Option[] as string[]).includes(choices.notifications)) { const comment = 'How long WebSocketChannel2023 subscriptions can exist, in minutes.'; const params = { maxDuration: 20160 } @@ -114,9 +124,25 @@ export function generateBody(choices: Choices): unknown[] { } if (choices.podTemplate === TRUE) { - const comment = 'The location of the new pod templates folder.'; - const params = { templateFolder: '@css:templates/pod' } + let comment = 'The location of the new pod templates folder.'; + let params: Record = { templateFolder: '@css:templates/pod' } body.push(generateOverride('urn:solid-server:default:PodResourcesGenerator', 'StaticFolderGenerator', comment, params)); + + comment = 'Where the WebID is located in the generated pod, relative to the root.'; + params = { relativeWebIdPath: 'profile/card#me' } + body.push(generateOverride('urn:solid-server:default:PodCreator', 'BasePodCreator', comment, params)); + } + + if (choices.mainTemplate === TRUE) { + const comment = 'The main HTML template used by all HTML pages.'; + const params = { template: '@css:templates/main.html.ejs' }; + body.push(generateOverride('urn:solid-server:default:MainTemplateEngine', 'StaticTemplateEngine', comment, params)); + } + + if (choices.accountHtmlTemplate === TRUE) { + const comment = 'The email/password registration page.'; + const params = { filePath: '@css:templates/identity/password/register.html.ejs' }; + body.push(generateOverride('urn:solid-server:default:RegisterPasswordAccountHtml', 'HtmlViewEntry', comment, params)); } if (choices.oidcConfiguration === TRUE) { @@ -125,22 +151,30 @@ export function generateBody(choices: Choices): unknown[] { config: { claims: { openid: [ 'azp' ], - webid: [ 'webid' ] + webid: [ 'webid' ], }, clockTolerance: 120, cookies: { long: { signed: true, maxAge: 86400000 }, - short: { signed: true } + short: { signed: true }, + }, + enabledJWA: { + dPoPSigningAlgValues: [ + 'RS256', 'RS384', 'RS512', + 'PS256', 'PS384', 'PS512', + 'ES256', 'ES256K', 'ES384', 'ES512', + 'EdDSA', + ], }, features: { claimsParameter: { enabled: true }, clientCredentials: { enabled: true }, devInteractions: { enabled: false }, - dPoP: { enabled: true, ack: 'draft-03' }, + dPoP: { enabled: true }, introspection: { enabled: true }, registration: { enabled: true }, revocation: { enabled: true }, - userinfo: { enabled: false } + userinfo: { enabled: false }, }, scopes: [ 'openid', 'profile', 'offline_access', 'webid' ], subjectTypes: [ 'public' ], @@ -154,8 +188,8 @@ export function generateBody(choices: Choices): unknown[] { IdToken: 3600, Interaction: 3600, RefreshToken: 86400, - Session: 1209600 - } + Session: 1209600, + }, } } body.push(generateOverride('urn:solid-server:default:IdentityProviderFactory', 'IdentityProviderFactory', comment, params)); diff --git a/src/util/config.ts b/src/util/config.ts index 7b5e77a..64cdb1a 100644 --- a/src/util/config.ts +++ b/src/util/config.ts @@ -4,7 +4,7 @@ import { generateImports, Import } from './imports'; import { validateChoices } from './validation'; // TODO: should somehow update this together with the version number used in build -export const CONTEXT = 'https://linkedsoftwaredependencies.org/bundles/npm/@solid/community-server/^6.0.0/components/context.jsonld'; +export const CONTEXT = 'https://linkedsoftwaredependencies.org/bundles/npm/@solid/community-server/^7.0.0/components/context.jsonld'; export interface Config { '@context': typeof CONTEXT, diff --git a/src/util/imports.ts b/src/util/imports.ts index 307c78e..e180c92 100644 --- a/src/util/imports.ts +++ b/src/util/imports.ts @@ -20,10 +20,8 @@ export const DEFAULT_IMPORTS: readonly Import[] = [ generateImport('http', 'handler', 'default'), generateImport('http', 'middleware', 'default'), generateImport('http', 'static', 'default'), - generateImport('identity', 'handler', 'default'), generateImport('identity', 'pod', 'static'), generateImport('ldp', 'authentication', 'dpop-bearer'), - generateImport('ldp', 'handler', 'default'), generateImport('ldp', 'metadata-parser', 'default'), generateImport('ldp', 'metadata-writer', 'default'), generateImport('ldp', 'modes', 'default'), @@ -55,18 +53,21 @@ function* getAuthorizationImports(authorization: Choices['authorization']): Iter export function generateImports(choices: Choices): Import[] { const imports: Import[] = [ ...DEFAULT_IMPORTS ]; - imports.push(generateImport('app', 'init', choices.initializeRoot === TRUE ? 'initialize-root' : 'default')); - imports.push(generateImport('app', 'setup', choices.setup === TRUE ? 'required' : 'disabled')); + imports.push(generateImport('app', 'init', choices.initializeRoot)); imports.push(generateImport('http', 'notifications', choices.notifications)); imports.push(generateImport('http', 'server-factory', choices.https === TRUE ? 'https' : 'http')); imports.push(generateImport('identity', 'access', choices.restrictAccountApi === TRUE ? 'restricted' : 'public')); imports.push(generateImport('identity', 'email', choices.email === TRUE ? 'example' : 'default')); + imports.push(generateImport('identity', 'handler', choices.accounts)); + imports.push(generateImport('identity', 'oidc', choices.oidc === TRUE ? 'default' : 'disabled')); imports.push(generateImport('identity', 'ownership', choices.ownership === TRUE ? 'token' : 'unsafe-no-check')); - imports.push(generateImport('identity', 'registration', choices.registration === TRUE ? 'enabled' : 'disabled')); + imports.push(generateImport('ldp', 'handler', choices.ldp === TRUE ? 'default' : 'disabled')); // In v6 there are 2 relevant imports for ACP/WAC imports.push(...getAuthorizationImports(choices.authorization)); imports.push(generateImport('storage', 'backend', choices.backend)); imports.push(generateImport('storage', 'key-value', choices.internal)); + const rootStorage = [ 'initialize-root', 'initialize-root-pod' ].includes(choices.initializeRoot) && choices.subdomain === FALSE; + imports.push(generateImport('storage', 'location', rootStorage ? 'root' : 'pod')); imports.push(generateImport('util', 'identifiers', choices.subdomain === TRUE ? 'subdomain' : 'suffix')); imports.push(generateImport('util', 'index', choices.index === TRUE ? 'example' : 'default')); imports.push(generateImport('util', 'resource-locker', choices.locking === FALSE ? 'debug-void' : choices.locking)); diff --git a/src/util/validation.ts b/src/util/validation.ts index efe0705..84ea0ba 100644 --- a/src/util/validation.ts +++ b/src/util/validation.ts @@ -8,13 +8,31 @@ export function validateChoices(choices: Choices): void { if (choices.backend === 'sparql' && choices.internal === 'resource-store') { throw new Error('SPARQL backend can not be chosen if the backend is used for internal storage.'); } + if (choices.backend === 'regex' && choices.internal === 'memory') { throw new Error('Combining the regex backend with in-memory internal storage does not make sense.'); } - if (choices.registration === FALSE && choices.setup === FALSE && choices.initializeRoot === FALSE) { - throw new Error('There would be no way to write data to this server. You need to enable one of registration, setup, or root initialization.'); + + const rootAccessible = [ 'initialize-root', 'initialize-root-pod' ].includes(choices.initializeRoot); + const podCreationEnabled = [ 'default' || 'no-accounts' ].includes(choices.accounts); + + if (choices.subdomain === FALSE && rootAccessible && podCreationEnabled) { + throw new Error('Pod creation needs to be disabled if data will be initialized in the root, unless subdomains are enabled.'); + } + + if (choices.ldp === TRUE && !rootAccessible && !podCreationEnabled) { + throw new Error('If the Solid protocol is enabled, you need to either initialize data in the root or enable pod creation.'); + } + + if (rootAccessible && choices.ldp === FALSE) { + throw new Error('Initializing the root with data is useless if the Solid protocol is disabled.'); } - if (choices.registration === TRUE && choices.initializeRoot === TRUE && choices.subdomain === FALSE) { - throw new Error('Initializing the root and enabling registration is only possible when subdomains are used, as nested storages are not allowed in Solid.'); + + if (podCreationEnabled && choices.ldp === FALSE) { + throw new Error('Pod creation should be disabled if the Solid protocol is disabled as created pods would be inaccessible.'); + } + + if (choices.oidc === FALSE && choices.ldp === FALSE) { + throw new Error('If both OIDC and the Solid protocol are disabled, there is nothing this server will be able to do.'); } }