From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 3532B1FF187 for ; Mon, 3 Nov 2025 14:11:09 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 045051D257; Mon, 3 Nov 2025 14:11:47 +0100 (CET) Message-ID: <0e2e2745-9a0d-482b-9895-94c6518937b4@proxmox.com> Date: Mon, 3 Nov 2025 14:11:40 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Beta To: Proxmox Datacenter Manager development discussion , Shannon Sterz References: <20251028164435.576642-1-s.sterz@proxmox.com> <20251028164435.576642-5-s.sterz@proxmox.com> Content-Language: en-US From: Dominik Csapak In-Reply-To: <20251028164435.576642-5-s.sterz@proxmox.com> X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1762175484298 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.027 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [main.rs, acl.rs, mod.rs, status.rs] Subject: Re: [pdm-devel] [PATCH datacenter-manager 1/3] api-types/api: add endpoints for querying the node's status X-BeenThere: pdm-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Datacenter Manager development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Datacenter Manager development discussion Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: pdm-devel-bounces@lists.proxmox.com Sender: "pdm-devel" one comment inline On 10/28/25 5:44 PM, Shannon Sterz wrote: > Signed-off-by: Shannon Sterz > --- > Cargo.toml | 2 ++ > lib/pdm-api-types/src/acl.rs | 2 ++ > server/Cargo.toml | 1 + > server/src/api/nodes/mod.rs | 2 ++ > server/src/api/nodes/status.rs | 18 ++++++++++++++++++ > server/src/bin/proxmox-datacenter-api/main.rs | 2 ++ > 6 files changed, 27 insertions(+) > create mode 100644 server/src/api/nodes/status.rs > > diff --git a/Cargo.toml b/Cargo.toml > index 49c7583..3252ccb 100644 > --- a/Cargo.toml > +++ b/Cargo.toml > @@ -78,6 +78,7 @@ proxmox-time-api = "1" > proxmox-network-api = "1" > proxmox-syslog-api = "1" > proxmox-acme-api = "1" > +proxmox-node-status = "1" > > # API types for PVE (and later PMG?) > pve-api-types = "8.0.5" > @@ -163,6 +164,7 @@ zstd = { version = "0.13" } > # proxmox-log = { path = "../proxmox/proxmox-log" } > # proxmox-metrics = { path = "../proxmox/proxmox-metrics" } > # proxmox-network-api = { path = "../proxmox/proxmox-network-api" } > +# proxmox-node-status = { path = "../proxmox/proxmox-node-status" } > # proxmox-notify = { path = "../proxmox/proxmox-notify" } > # proxmox-openid = { path = "../proxmox/proxmox-openid" } > # proxmox-product-config = { path = "../proxmox/proxmox-product-config" } > diff --git a/lib/pdm-api-types/src/acl.rs b/lib/pdm-api-types/src/acl.rs > index 9e69c2f..5592102 100644 > --- a/lib/pdm-api-types/src/acl.rs > +++ b/lib/pdm-api-types/src/acl.rs > @@ -26,6 +26,8 @@ constnamedbitmap! { > PRIV_SYS_MODIFY("System.Modify"); > /// `Sys.Console` allows access to the system's console > PRIV_SYS_CONSOLE("Sys.Console"); > + /// `Sys.PowerManagement` allows powering off or rebooting the system. > + PRIV_SYS_POWER_MANAGEMENT("Sys.PowerManagement"); > > /// `Resource.Audit` allows auditing guests, storages and other resources. > PRIV_RESOURCE_AUDIT("Resource.Audit"); > diff --git a/server/Cargo.toml b/server/Cargo.toml > index 94420b4..88e3802 100644 > --- a/server/Cargo.toml > +++ b/server/Cargo.toml > @@ -72,6 +72,7 @@ proxmox-time-api = { workspace = true, features = [ "impl" ] } > proxmox-network-api = { workspace = true, features = [ "impl" ] } > proxmox-syslog-api = { workspace = true, features = [ "impl" ] } > proxmox-acme-api = { workspace = true, features = [ "impl" ] } > +proxmox-node-status = { workspace = true } > features = [ "api" ] is missing here, otherwise it doesn't compile due to it not finding the api functions > pdm-api-types.workspace = true > pdm-buildcfg.workspace = true > diff --git a/server/src/api/nodes/mod.rs b/server/src/api/nodes/mod.rs > index 6f30ba7..f70fcaf 100644 > --- a/server/src/api/nodes/mod.rs > +++ b/server/src/api/nodes/mod.rs > @@ -10,6 +10,7 @@ pub mod dns; > pub mod journal; > pub mod network; > pub mod rrddata; > +pub mod status; > pub mod syslog; > pub mod tasks; > pub mod termproxy; > @@ -45,6 +46,7 @@ pub const SUBDIRS: SubdirMap = &sorted!([ > ("journal", &journal::ROUTER), > ("network", &network::ROUTER), > ("rrdata", &rrddata::ROUTER), > + ("status", &status::ROUTER), > ("syslog", &syslog::ROUTER), > ("tasks", &tasks::ROUTER), > ("termproxy", &termproxy::ROUTER), > diff --git a/server/src/api/nodes/status.rs b/server/src/api/nodes/status.rs > new file mode 100644 > index 0000000..b3bbed5 > --- /dev/null > +++ b/server/src/api/nodes/status.rs > @@ -0,0 +1,18 @@ > +use pdm_api_types::{PRIV_SYS_AUDIT, PRIV_SYS_POWER_MANAGEMENT}; > +use proxmox_router::{ApiMethod, Permission, Router}; > + > +const API_METHOD_GET_STATUS_WITH_ACCESS: ApiMethod = proxmox_node_status::API_METHOD_GET_STATUS > + .access( > + None, > + &Permission::Privilege(&["system", "status"], PRIV_SYS_AUDIT, false), > + ); > + > +const API_METHOD_REBOOT_OR_SHUTDOWN_WITH_ACCESS: ApiMethod = > + proxmox_node_status::API_METHOD_REBOOT_OR_SHUTDOWN.access( > + None, > + &Permission::Privilege(&["system", "status"], PRIV_SYS_POWER_MANAGEMENT, false), > + ); > + > +pub const ROUTER: Router = Router::new() > + .get(&API_METHOD_GET_STATUS_WITH_ACCESS) > + .post(&API_METHOD_REBOOT_OR_SHUTDOWN_WITH_ACCESS); > diff --git a/server/src/bin/proxmox-datacenter-api/main.rs b/server/src/bin/proxmox-datacenter-api/main.rs > index 420a3b4..860612c 100644 > --- a/server/src/bin/proxmox-datacenter-api/main.rs > +++ b/server/src/bin/proxmox-datacenter-api/main.rs > @@ -391,6 +391,8 @@ fn make_tls_acceptor() -> Result { > let key_path = configdir!("/auth/api.key"); > let cert_path = configdir!("/auth/api.pem"); > > + proxmox_node_status::init_node_status_api(cert_path); > + > proxmox_rest_server::connection::TlsAcceptorBuilder::new() > .certificate_paths_pem(key_path, cert_path) > .build() _______________________________________________ pdm-devel mailing list pdm-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel