TheAnachronism/docspell
1
0
Fork 0
mirror of https://github.com/TheAnachronism/docspell.git synced 2025-06-21 01:48:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove fulltext recreate-key config value

Browse Source 
It's now in the admin routes, protected by the
`admin-endpoint.secret`.
This commit is contained in:
Eike Kettner
2021-01-04 15:16:32 +01:00
parent 306f064ad9
commit 2a172ce720
6 changed files with 77 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
website/site/content/docs/api/intro.md
View File

@ -16,11 +16,14 @@ workflow.
The "raw" `openapi.yml` specification file can be found
[here](/openapi/docspell-openapi.yml).
The routes can be divided into protected and unprotected routes. The
unprotected, or open routes are at `/open/*` while the protected
routes are at `/sec/*`. Open routes don't require authenticated access
and can be used by any user. The protected routes require an
authenticated user.
The routes can be divided into protected, unprotected routes and admin
routes. The unprotected, or open routes are at `/open/*` while the
protected routes are at `/sec/*` and admin routes are at `/admin/*`.
Open routes don't require authenticated access and can be used by any
user. The protected routes require an authenticated user. The admin
routes require a special http header with a value from the config
file. They are disabled by default, you need to specify a secret in
order to enable admin routes.
## Authentication
@ -38,6 +41,26 @@ a "normal" http header. If a cookie header is used, the cookie name
must be `docspell_auth` and a custom header must be named
`X-Docspell-Auth`.
## Admin
There are some endpoints available for adminstration tasks, for
example re-creating the complete fulltext index or resetting a
password. These endpoints are not available to normal users, but to
admins only. Docspell has no special admin users, it simply uses a
secret defined in the configuration file. The person who installs
docspell is the admin and knows this secret (and may share it) and
requests must provide it as a http header `Docspell-Admin-Secret`.
Example: re-create the fulltext index (over all collectives):
``` bash
$ curl -XPOST -H "Docspell-Admin-Secret: test123" http://localhost:7880/api/v1/admin/fts/reIndexAll
```
To enable these endpoints, you must provide a secret in the
[configuration](@/docs/configure/_index.md#admin-endpoint).
## Live Api
Besides the statically generated documentation at this site, the rest

44
website/site/content/docs/configure/_index.md
View File

@ -73,6 +73,22 @@ H2
url = "jdbc:h2:///path/to/a/file.db;MODE=PostgreSQL;DATABASE_TO_LOWER=TRUE;AUTO_SERVER=TRUE"
```
## Admin Endpoint
The admin endpoint defines some [routes](@/docs/api/intro.md#admin)
for adminstration tasks. This is disabled by default and can be
enabled by providing a secret:
``` bash
...
admin-endpoint {
secret = "123"
}
```
This secret must be provided to all requests to a `/api/v1/admin/`
endpoint.
## Full-Text Search: SOLR
@ -105,27 +121,21 @@ documentation](https://lucene.apache.org/solr/guide/8_4/installing-solr.html).
That will provide you with the connection url (the last part is the
core name).
While the `full-text-search.solr` options are the same for joex and
the restserver, there are some settings that differ. The restserver
has this additional setting, that may be of interest:
The `full-text-search.solr` options are the same for joex and the
restserver.
There is an [admin route](@/docs/api/intro.md#admin) that allows to
re-create the entire index (for all collectives). This is possible via
a call:
``` bash
full-text-search {
recreate-key = "test123"
}
$ curl -XPOST -H "Docspell-Admin-Secret: test123" http://localhost:7880/api/v1/admin/fts/reIndexAll
```
This key is required if you want docspell to drop and re-create the
entire index. This is possible via a REST call:
``` bash
$ curl -XPOST http://localhost:7880/api/v1/open/fts/reIndexAll/test123
```
Here the `test123` is the key defined with `recreate-key`. If it is
empty (the default), this REST call is disabled. Otherwise, the POST
request will submit a system task that is executed by a joex instance
eventually.
Here the `test123` is the key defined with `admin-endpoint.secret`. If
it is empty (the default), this call is disabled (all admin routes).
Otherwise, the POST request will submit a system task that is executed
by a joex instance eventually.
Using this endpoint, the index will be re-created. This is sometimes
necessary, for example if you upgrade SOLR or delete the core to