[PR #1279] [CLOSED] feat: readonly backend #1228

New issue

Closed

opened 2026-02-27 09:11:24 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 09:11:24 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/lldap/lldap/pull/1279
Author: @thielj
Created: 9/5/2025
Status: ❌ Closed

Base: main ← Head: pr-db_options_readonly

📝 Commits (6)

f0151ca DB Connection Pool configuration
f9bdff7 fix cargo fmt issues ; add server shutdown log statement
ebb1fe1 feat: DB_OPTIONS (cont.)
6ac76fa feat: add PasswordService for async cryptographic operations on background thread
bb4083c feat: add readonly mode support to SqlBackendHandler and related components;
b73bddf feat: readonly mode support (cont.)

📊 Changes

15 files changed (+843 additions, -163 deletions)

View changed files

📝 crates/domain-handlers/src/handler.rs (+1 -0)
📝 crates/sql-backend-handler/Cargo.toml (+1 -0)
📝 crates/sql-backend-handler/src/lib.rs (+1 -0)
➕ crates/sql-backend-handler/src/password_service.rs (+428 -0)
📝 crates/sql-backend-handler/src/sql_backend_handler.rs (+13 -5)
📝 crates/sql-backend-handler/src/sql_group_backend_handler.rs (+16 -1)
📝 crates/sql-backend-handler/src/sql_opaque_handler.rs (+43 -63)
📝 crates/sql-backend-handler/src/sql_user_backend_handler.rs (+37 -5)
📝 crates/test-utils/src/lib.rs (+3 -1)
📝 lldap_config.docker_template.toml (+18 -13)
📝 server/src/cli.rs (+35 -0)
📝 server/src/configuration.rs (+65 -4)
📝 server/src/main.rs (+92 -28)
📝 server/src/tcp_server.rs (+57 -43)
➕ test_password_service.rs (+33 -0)

📄 Description

PR 3/3 - this builds on top of PR2 and I had to include PR1 to not cause a merge conflict (two adjacent lines from each PR). PR1 is NOT required though.

Changes:

added readonly configuration option to DbOptions
added parsing etc
added fn is_readonly() to Backend trait
implemented trait where necessary
added readonly flag to SqlBackendHandler
modified write operations to check readonly status
the frontend only exposes /health if the backend is readonly

Motivation:

Deploying 'headless' local LLDAP instances using a read-only replica - or for some use cases, maybe even sync'ed SQLite files. Users are typically directed to a single master instance for all account operations.

Configuration:

Add readonly = true to the [db_options] section to enable readonly mode.

Testing:

All existing functionality preserved
Readonly mode blocks write operations
/health is still available for docker health checks
Readonly mode doesn't try to schemes, users, groups, etc
Readonly mode doesn't run the cron cleanup job

TBD:

Re-enabling the GraphQL endpoint is an option. If tokens are obtained from the master instance, they should be available in the read-only replica. I don't do GraphQL though.
Re-enabling the GUI in strict read-only mode is an option, but I don't think there's a use case for this.
Low level checks might be removed if write functionality is disabled i higher levels

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/lldap/lldap/pull/1279 **Author:** [@thielj](https://github.com/thielj) **Created:** 9/5/2025 **Status:** ❌ Closed **Base:** `main` ← **Head:** `pr-db_options_readonly` --- ### 📝 Commits (6) - [`f0151ca`](https://github.com/lldap/lldap/commit/f0151cad505c7bec5279d8f83472cc48ab3e00d6) DB Connection Pool configuration - [`f9bdff7`](https://github.com/lldap/lldap/commit/f9bdff78150ae9f35664304eb95cd8a0375ca6f7) fix cargo fmt issues ; add server shutdown log statement - [`ebb1fe1`](https://github.com/lldap/lldap/commit/ebb1fe1ceab16879965dca3b88648a364edcd3b4) feat: DB_OPTIONS (cont.) - [`6ac76fa`](https://github.com/lldap/lldap/commit/6ac76faf836ccd9d69504d9dfbcfb3dae85e2e04) feat: add PasswordService for async cryptographic operations on background thread - [`bb4083c`](https://github.com/lldap/lldap/commit/bb4083c12f4c04b68e2e348510352664df196f3f) feat: add readonly mode support to SqlBackendHandler and related components; - [`b73bddf`](https://github.com/lldap/lldap/commit/b73bddf0b80ff0b925ee14a75dc574848ce79b1b) feat: readonly mode support (cont.) ### 📊 Changes **15 files changed** (+843 additions, -163 deletions) <details> <summary>View changed files</summary> 📝 `crates/domain-handlers/src/handler.rs` (+1 -0) 📝 `crates/sql-backend-handler/Cargo.toml` (+1 -0) 📝 `crates/sql-backend-handler/src/lib.rs` (+1 -0) ➕ `crates/sql-backend-handler/src/password_service.rs` (+428 -0) 📝 `crates/sql-backend-handler/src/sql_backend_handler.rs` (+13 -5) 📝 `crates/sql-backend-handler/src/sql_group_backend_handler.rs` (+16 -1) 📝 `crates/sql-backend-handler/src/sql_opaque_handler.rs` (+43 -63) 📝 `crates/sql-backend-handler/src/sql_user_backend_handler.rs` (+37 -5) 📝 `crates/test-utils/src/lib.rs` (+3 -1) 📝 `lldap_config.docker_template.toml` (+18 -13) 📝 `server/src/cli.rs` (+35 -0) 📝 `server/src/configuration.rs` (+65 -4) 📝 `server/src/main.rs` (+92 -28) 📝 `server/src/tcp_server.rs` (+57 -43) ➕ `test_password_service.rs` (+33 -0) </details> ### 📄 Description PR 3/3 - this builds on top of PR2 and I had to include PR1 to not cause a merge conflict (two adjacent lines from each PR). PR1 is *NOT* required though. ### Changes: - added `readonly` configuration option to `DbOptions` - added parsing etc - added `fn is_readonly()` to `Backend` trait - implemented trait where necessary - added `readonly` flag to `SqlBackendHandler` - modified write operations to check readonly status - the frontend only exposes /health if the backend is readonly ### Motivation: Deploying 'headless' local LLDAP instances using a read-only replica - or for some use cases, maybe even sync'ed SQLite files. Users are typically directed to a single master instance for all account operations. ### Configuration: Add `readonly = true` to the `[db_options]` section to enable readonly mode. ### Testing: - All existing functionality preserved - Readonly mode blocks write operations - /health is still available for docker health checks - Readonly mode doesn't try to schemes, users, groups, etc - Readonly mode doesn't run the cron cleanup job ### TBD: - Re-enabling the GraphQL endpoint is an option. If tokens are obtained from the master instance, they should be available in the read-only replica. I don't do GraphQL though. - Re-enabling the GUI in strict read-only mode is an option, but I don't think there's a use case for this. - Low level checks might be removed if write functionality is disabled i higher levels --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>