From: "Dominic Jäger" <d.jaeger@proxmox.com>
To: Proxmox Backup Server development discussion
<pbs-devel@lists.proxmox.com>,
Wolfgang Bumiller <w.bumiller@proxmox.com>
Subject: Re: [pbs-devel] [RFC backup 00/23] Implements ACME suport for PBS
Date: Tue, 20 Apr 2021 12:27:05 +0200 [thread overview]
Message-ID: <20210420102705.GA501235@mala> (raw)
In-Reply-To: <20210416133517.23349-1-w.bumiller@proxmox.com>
Creating the first account gives missing directory
> TASK ERROR: failed to open "/etc/proxmox-backup/acme/accounts/test" for
> writing: No such file or directory (os error 2)
After manually adding it, the HTTP Challenged worked for me.
In the Window "Add: ACME DNS Plugin" choosing (or writing) something in the
dropdown menu DNS API is not possible with only the PBS repositories
configured. It is necessary to install libproxmox-acme-perl from PVE
repositories in addition.
Deleting a certificate shows a confirmation dialog with a truncated message:
"Are you sure you want to remove the certificate used for"
In the window "Register Account" the textfield "Account Name" has the empty
text "default". As far as I know, we use empty texts for real default values.
So this should be removed and get a validator (already in the GUI) instead.
But the API rejects correctly: "parameter verification errors parameter 'name':
parameter is missing and it is not optional."
Registering accounts for both staging and production works. Ordering
certificates with HTTP challenge generally works for both, too. A few times
the HTTP challenge required a manual retry. Maybe we could do something like
increasing timeouts?
I couldn't set up PowerDNS yet & my domains were not fast enough, so finishing
the DNS challenge testing remains todo.
Tested-by: Dominic Jäger <d.jaeger@proxmox.com>
next prev parent reply other threads:[~2021-04-20 10:27 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-16 13:34 Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 01/23] systemd: add reload_unit Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 02/23] add dns alias schema Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 03/23] tools::fs::scan_subdir: use nix::Error instead of anyhow Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 04/23] tools::http: generic 'fn request' and dedup agent string Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 05/23] config: factor out certificate writing Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 06/23] CertInfo: add not_{after, before}_unix Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 07/23] CertInfo: add is_expired_after_epoch Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 08/23] tools: add ControlFlow type Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 09/23] catalog shell: replace LoopState with ControlFlow Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 10/23] Cargo.toml: depend on proxmox-acme-rs Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 11/23] bump d/control Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 12/23] config::acl: make /system/certificates a valid path Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 13/23] add 'config file format' to tools::config Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 14/23] add node config Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 15/23] add acme config Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 16/23] add async acme client implementation Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 17/23] add config/acme api path Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 18/23] add node/{node}/certificates api call Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 19/23] add node/{node}/config api path Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 20/23] add acme commands to proxmox-backup-manager Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 21/23] implement standalone acme validation Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 22/23] ui: add certificate & acme view Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 23/23] daily-update: check acme certificates Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC widget-toolkit] acme: separate flag to disable the 'domains=' array Wolfgang Bumiller
2021-04-22 17:57 ` [pbs-devel] applied: " Thomas Lamprecht
2021-04-20 10:27 ` Dominic Jäger [this message]
2021-04-20 10:53 [pbs-devel] [RFC backup 00/23] Implements ACME suport for PBS Wolfgang Bumiller
2021-04-21 11:56 ` Dominic Jäger
2021-04-21 12:19 ` Wolfgang Bumiller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210420102705.GA501235@mala \
--to=d.jaeger@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
--cc=w.bumiller@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal