Skip to content

Commit

Permalink
More changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@blaubaer
blaubaer committed Oct 17, 2024
1 parent 45fe5b8 commit 3588f52
Show file tree
Hide file tree
Showing 20 changed files with 516 additions and 212 deletions.
151 changes: 79 additions & 72 deletions docs/.theme/marcos/main.py
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import html
import json
import os as pos
import os.path as path
Expand All @@ -15,14 +16,17 @@
repo_raw_url = "https://raw.githubusercontent.com/" + repo
repo_container_uri = "ghcr.io/" + repo
raw_version = pos.getenv('VERSION')
release = (("v" if raw_version.__len__() > 0 and raw_version[0].isdigit() else "") + raw_version) if raw_version is not None and raw_version.__len__() > 0 else "latest"
branch = (("v" if raw_version.__len__() > 0 and raw_version[0].isdigit() else "") + raw_version) if raw_version is not None and raw_version.__len__() > 0 else "main"
release = (("v" if raw_version.__len__() > 0 and raw_version[
0].isdigit() else "") + raw_version) if raw_version is not None and raw_version.__len__() > 0 else "latest"
branch = (("v" if raw_version.__len__() > 0 and raw_version[
0].isdigit() else "") + raw_version) if raw_version is not None and raw_version.__len__() > 0 else "main"


class Packaging(str, Enum):
archive = 'archive'
image = 'image'


class Os(str, Enum):
linux = 'linux'
windows = 'windows'
Expand Down Expand Up @@ -227,29 +231,38 @@ class TypeRef:
def __init__(
self,
title: str,
ref: str | None = None,
args: Sequence[TypeRefT] | None = None,
ref: str | None,
*args: TypeRefT | None,
):
def filter_out_nones(candidate: TypeRefT | None) -> bool:
return candidate is not None

self.title = title
self.ref = ref
self.args = args
self.args = list(filter(filter_out_nones, args))

@property
def markdown(self) -> str:
result = self.title
if isinstance(self.ref, str):
result = f"[{result}]({self.ref})"
array = self.title == "Array" and self.ref is None and len(self.args) == 1
if array:
result = '<span data-hint-type="array">[]</span>'
else:
result = self.title
if isinstance(self.ref, str):
result = f"[{result}]({self.ref})"

if isinstance(self.args, Sequence) and len(self.args) > 0:
result += "<"
if len(self.args) > 0:
if not array:
result += "&lt;"
first = True
for arg in self.args:
if first:
first = False
else:
result += ","
result += arg.markdown
result += ">"
if not array:
result += "&gt;"

return result

Expand All @@ -265,6 +278,7 @@ def property_extended(
heading: int = 3,
requirement: bool | str = False,
optional: bool = False,
template_context: TypeRefT | TypeRef | None = None,
):
if id_prefix is None:
id_prefix = ""
Expand All @@ -276,6 +290,13 @@ def property_extended(
result += "/// html | div.property-description\n"
result += "<span class=\"property-assign\"></span>"
result += data_type.markdown

if template_context is not None:
templating: File = env.variables.files.get_file_from_path("reference/templating/index.md")
templating_ref = PurePath(
path.relpath(templating.src_path, path.dirname(env.page.file.src_path))).as_posix()
result += f" [:material-file-replace-outline:{{ title=\"Templated with {template_context.title}\" data-hint-type=\"templated\" }}]({templating_ref}) {template_context.markdown}"

if required:
result += " :material-asterisk-circle-outline:{ title=\"Required\" data-hint-type=\"required\" }"
if optional:
Expand All @@ -287,68 +308,79 @@ def property_extended(

if default is not None:
default_str = json.dumps(default, ensure_ascii=False)
default_str = default_str.replace("`", "\`")
if len(default_str) > 30:
result += f""" = :material-keyboard-return:\n///\n
```{{.json .property-description-default-block linenums=0}}
{default_str}
```
"""
else:
result += f" = `{default_str}`" + "\n///"
result += f" = <code>{html.escape(default_str)}</code>" + "\n///"
else:
result += "\n///"
return result

@env.macro
def ref(
title: str | None = None,
ref: str | None = None,
*args: TypeRef | TypeRefT | None,
) -> TypeRef | TypeRefT | None:
if ref is not None:
if title is None:
if ref == "bool" or ref == "string" and ref == "number" and ref == "uint" and ref == "integer" and ref == "float":
title = ref
else:
file: File = env.variables.files.get_file_from_path(
path.normpath(path.dirname(env.page.file.src_path) + "/" + ref))
if file is None:
title = path.basename(ref)
else:
title = file.page.title

return TypeRef(title, ref, *args)

if title is not None:
return TypeRef(title, None, *args)

return None

@env.macro
def array_ref(
title: str | None = None,
ref_n: str | None = None,
*args: TypeRef | TypeRefT | None,
) -> TypeRef | TypeRefT | None:
return ref("Array", None, ref(title, ref_n, *args))

@env.macro
def property(
name: str,
data_type_title: str,
data_type: str | TypeRef | TypeRefT,
data_type_reference: str | None = None,
default=None,
required: bool = False,
id_prefix: str | None = "",
heading: int = 3,
requirement: bool = False,
optional: bool = False,
template_context_title: str | None = None,
template_context: str | None = None,
):
return property_extended(
name=name,
data_type=TypeRef(data_type_title, data_type_reference),
default=default,
required=required,
id_prefix=id_prefix,
heading=heading,
requirement=requirement,
optional=optional
)
if isinstance(data_type, str):
data_type = TypeRef(data_type, data_type_reference)

@env.macro
def property_with_holder(
name: str,
data_holder_title: str, data_holder_reference: str | None,
data_type_title: str, data_type_reference: str | None = None,
default=None,
required: bool = False,
id_prefix: str = "",
heading: int = 3,
requirement: bool = False,
optional: bool = False,
) -> str:
# noinspection PyTypeChecker
return property_extended(
name=name,
data_type=TypeRef(
data_holder_title, data_holder_reference,
[
TypeRef(data_type_title, data_type_reference)
] if data_type_title is not None and data_type_title != "" else []
),
data_type=data_type,
default=default,
required=required,
id_prefix=id_prefix,
heading=heading,
requirement=requirement,
optional=optional
optional=optional,
template_context=ref(template_context_title, template_context)
)

@env.macro
Expand Down Expand Up @@ -400,44 +432,20 @@ def flag_extended(
@env.macro
def flag(
name: str,
data_type_title: str | None = None,
data_type: str | TypeRef | TypeRefT | None = None,
data_type_reference: str | None = None,
default=None,
required: bool = False,
id_prefix: str | None = "",
heading: int = 3,
aliases: Sequence[str] | None = None
):
return flag_extended(
name=name,
data_type=TypeRef(data_type_title, data_type_reference) if data_type_title is not None else None,
default=default,
required=required,
id_prefix=id_prefix,
heading=heading,
aliases=aliases,
)
if isinstance(data_type, str):
data_type = TypeRef(data_type, data_type_reference)

@env.macro
def flag_with_holder(
name: str,
data_holder_title: str, data_holder_reference: str | None,
data_type_title: str, data_type_reference: str | None = None,
default=None,
required: bool = False,
id_prefix: str = "",
heading: int = 3,
aliases: Sequence[str] | None = None
) -> str:
# noinspection PyTypeChecker
return flag_extended(
name=name,
data_type=TypeRef(
data_holder_title, data_holder_reference,
[
TypeRef(data_type_title, data_type_reference)
] if data_type_title is not None and data_type_title != "" else []
),
data_type=data_type,
default=default,
required=required,
id_prefix=id_prefix,
Expand All @@ -461,7 +469,6 @@ def container_image_uri(
def container_packages_url() -> str:
return f"{repo_http_url}/pkgs/container/bifroest"


@env.macro
def asset_url(file: str, raw: bool = False) -> str:
if raw:
Expand Down
13 changes: 13 additions & 0 deletions docs/assets/extra.css
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,15 @@ p.bifroest-logo .switchable rect {
color: #b69237;
}

.md-typeset [data-hint-type="templated"] {
color: var(--md-typeset-color);
vertical-align: baseline;
font-size: 0.8em;
opacity: 0.6;
margin-left: 0.3em;
margin-right: -0.3em;
}

[data-supported=true] {
color: #309c30;
}
Expand Down Expand Up @@ -133,6 +142,10 @@ html .md-typeset .admonition > :not(.admonition-title):first-child {
margin-bottom: 0;
}

.md-typeset .property-title code {
text-transform: none;
}

.md-typeset .property-title:has(+ .property-description) {
display: inline-block;
margin-top: 0.5em;
Expand Down
26 changes: 26 additions & 0 deletions docs/reference/alternatives.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
---
description: Defines how Bifröst reaches alternatives of itself.
---

# Alternatives

Defines how Bifröst reaches alternatives of itself.

For example if itself runs currently runs on AMD64 architecture, but needs for a target system an ARM64 instance. Or if the host is Windows, but the target is Linux.

Especially if a containerized environment (like [Docker environment](environment/docker.md)) is used, some features requires a supporting process that runs directly inside the container to enable all features. Such as tcp portforward from the context of the container or SSH Agent forward.

## Properties

<<property("downloadUrl", "URL", "data-type.md#url", template_context="context/alternative-binary.md", default="https://github.com/engity-com/bifroest/releases/download/v{{.version}}/bifroest-{{.os}}-{{.arch}}-generic{{.packageExt}}")>>
URL where to download the alternative version of Bifröst. Usually we simply will get this from [the GitHub Releases of Bifröst](https://github.com/engity-com/bifroest/releases).

<<property("location", "File Path", "data-type.md#file-path", template_context="context/alternative-binary.md", default="<os specific>")>>
Location to store the downloaded alternative version of Bifröst at.

A file that already exists, will not be downloaded again.

The default value is different, depending on the platform Bifröst runs on:

* Linux: `/var/lib/engity/bifroest/binaries/{{.version}}/{{.os}}-{{.arch}}{{.ext}}`
* Window: `C:\ProgramData\Engity\Bifroest\binaries\{{.version}}\{{.os}}-{{.arch}}{{.ext}}`
20 changes: 9 additions & 11 deletions docs/reference/authorization/local.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,19 @@ description: How to authorize an user request via the local user database of the

Authorizes a user request via the local user database of the host on which Bifröst is running.

!!! Note
This authorization requires Bifröst to run with root permissions.
!!! note
This authorization requires Bifröst to run with root permissions.

## Properties

<<property("type", "Authorization Type", default="local", required=True)>>
Has to be set to `local` to enable the local authorization.

<<property_with_holder("authorizedKeys", "Array", None, "Authorized Keys", "../data-type.md#authorized-keys", default=["{{.user.homeDir}}/.ssh/authorized_keys"])>>
<<property("authorizedKeys", array_ref("File Path", "../data-type.md#file-path", ref("Authorized Keys", "../data-type.md#authorized-keys")), template_context="../context/core.md", default=["{{.user.homeDir}}/.ssh/authorized_keys"])>>
Contains files with the format of classic [authorized keys](../data-type.md#authorized-keys), in which Bifröst will look for [SSH Public Keys](../data-type.md#ssh-public-key).

The backend type is [Strings Template](../templating/index.md#strings)<[Core](../context/core.md)>.

<<property("password", "Password", "#password")>>
Contains files of with format of classic [authorized keys](../data-type.md#authorized-keys), in which Bifröst will look for [SSH Public Keys](../data-type.md#ssh-public-key).
See [below](#password).

<<property("pamService", "string", default="<os and edition specific>")>>
If set to a non-empty value, this [PAM](https://wiki.archlinux.org/title/PAM) service will be directly used during the authorization process instead of `/etc/passwd` and `/etc/shadow`.
Expand All @@ -37,17 +35,17 @@ The password can either be validated via `/etc/passwd` and `/etc/shadow` (defaul

### Properties {. #password-properties}

<<property_with_holder("allowed", "Bool Template", "../templating/index.md#bool", "Context Password Authorization Request", "../context/authorization-request.md#password", default=True, id_prefix="password-", heading=4)>>
<<property("allowed", "bool", template_context="../context/authorization-request.md#password", template_context_title="Context Password Authorization Request", default=True, id_prefix="password-", heading=4)>>
If `true`, the user is allowed to use passwords via classic password authentication

<<property_with_holder("interactiveAllowed", "Bool Template", "../templating/index.md#bool", "Context Interactive Authorization Request", "../context/authorization-request.md#interactive", default=True, id_prefix="password-", heading=4)>>
<<property("interactiveAllowed", "bool", template_context="../context/authorization-request.md#interactive", template_context_title="Context Interactive Authorization Request", default=True, id_prefix="password-", heading=4)>>
If `true`, the user is allowed to use passwords via interactive authentication.

<<property_with_holder("emptyAllowed", "Bool Template", "../templating/index.md#bool", "Context * Authorization Request", "../context/authorization-request.md", default=False, id_prefix="password-", heading=4)>>
<<property("emptyAllowed", "bool", template_context="../context/authorization-request.md", template_context_title="Context * Authorization Request", default=False, id_prefix="password-", heading=4)>>
If `true`, the user is allowed to use empty passwords.

!!! warning
This is explicitly not recommend.
!!! danger
This is explicitly not recommend.

## Context

Expand Down
8 changes: 4 additions & 4 deletions docs/reference/authorization/oidc.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,21 +21,21 @@ Currently the following flow of OpenID Connect is supported:
<<property("type", "Authorization Type", default="oidc", required=True, id_prefix="device-auth-", heading=4)>>
Has to be set to `oidcDeviceAuth` to enable the OIDC DeviceAuth authorization.

<<property_with_holder("issuer", "URL Template", "../templating/index.md#url", "Core", "../context/core.md", id_prefix="device-auth-", heading=4, required=True)>>
<<property("issuer", "URL", "../data-type.md#url", template_context="../context/core.md", id_prefix="device-auth-", heading=4, required=True)>>
The issuer is the URL identifier for the service which is issued by your identity provider.

##### Examples {: #device-auth-property-issuer-examples }
* `https://login.microsoftonline.com/my-great-tenant-uuid/v2.0`
* `https://accounts.google.com`
* `https://login.salesforce.com`

<<property_with_holder("clientId", "String Template", "../templating/index.md#string", "Core", "../context/core.md", id_prefix="device-auth-", heading=4, required=True)>>
<<property("clientId", "string", template_context="../context/core.md", id_prefix="device-auth-", heading=4, required=True)>>
Client ID issued by your identity provider.

<<property_with_holder("clientSecret", "String Template", "../templating/index.md#string", "Core", "../context/core.md", id_prefix="device-auth-", heading=4, required=True)>>
<<property("clientSecret", "string", template_context="../context/core.md", id_prefix="device-auth-", heading=4, required=True)>>
Secret for the corresponding [Client ID](#device-auth-property-clientId).

<<property_with_holder("scopes", "Strings Template", "../templating/index.md#strings", "Core", "../context/core.md", id_prefix="device-auth-", heading=4, required=True)>>
<<property("scopes", array_ref("string"), template_context="../context/core.md", id_prefix="device-auth-", heading=4, default=["openid","profile","email"])>>
Scopes to request the token from the identity provider for.

##### Examples {: #device-auth-property-scopes-examples }
Expand Down
Loading

0 comments on commit 3588f52

Please sign in to comment.