From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id CE7BE1FF17A for ; Tue, 28 Oct 2025 17:44:14 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 94E762027A; Tue, 28 Oct 2025 17:44:43 +0100 (CET) From: Shannon Sterz To: pdm-devel@lists.proxmox.com Date: Tue, 28 Oct 2025 17:44:33 +0100 Message-ID: <20251028164435.576642-5-s.sterz@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20251028164435.576642-1-s.sterz@proxmox.com> References: <20251028164435.576642-1-s.sterz@proxmox.com> MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1761669866429 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.058 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pdm-devel] [PATCH datacenter-manager 1/3] api-types/api: add endpoints for querying the node's status X-BeenThere: pdm-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Datacenter Manager development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Datacenter Manager development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pdm-devel-bounces@lists.proxmox.com Sender: "pdm-devel" Signed-off-by: Shannon Sterz --- Cargo.toml | 2 ++ lib/pdm-api-types/src/acl.rs | 2 ++ server/Cargo.toml | 1 + server/src/api/nodes/mod.rs | 2 ++ server/src/api/nodes/status.rs | 18 ++++++++++++++++++ server/src/bin/proxmox-datacenter-api/main.rs | 2 ++ 6 files changed, 27 insertions(+) create mode 100644 server/src/api/nodes/status.rs diff --git a/Cargo.toml b/Cargo.toml index 49c7583..3252ccb 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -78,6 +78,7 @@ proxmox-time-api = "1" proxmox-network-api = "1" proxmox-syslog-api = "1" proxmox-acme-api = "1" +proxmox-node-status = "1" # API types for PVE (and later PMG?) pve-api-types = "8.0.5" @@ -163,6 +164,7 @@ zstd = { version = "0.13" } # proxmox-log = { path = "../proxmox/proxmox-log" } # proxmox-metrics = { path = "../proxmox/proxmox-metrics" } # proxmox-network-api = { path = "../proxmox/proxmox-network-api" } +# proxmox-node-status = { path = "../proxmox/proxmox-node-status" } # proxmox-notify = { path = "../proxmox/proxmox-notify" } # proxmox-openid = { path = "../proxmox/proxmox-openid" } # proxmox-product-config = { path = "../proxmox/proxmox-product-config" } diff --git a/lib/pdm-api-types/src/acl.rs b/lib/pdm-api-types/src/acl.rs index 9e69c2f..5592102 100644 --- a/lib/pdm-api-types/src/acl.rs +++ b/lib/pdm-api-types/src/acl.rs @@ -26,6 +26,8 @@ constnamedbitmap! { PRIV_SYS_MODIFY("System.Modify"); /// `Sys.Console` allows access to the system's console PRIV_SYS_CONSOLE("Sys.Console"); + /// `Sys.PowerManagement` allows powering off or rebooting the system. + PRIV_SYS_POWER_MANAGEMENT("Sys.PowerManagement"); /// `Resource.Audit` allows auditing guests, storages and other resources. PRIV_RESOURCE_AUDIT("Resource.Audit"); diff --git a/server/Cargo.toml b/server/Cargo.toml index 94420b4..88e3802 100644 --- a/server/Cargo.toml +++ b/server/Cargo.toml @@ -72,6 +72,7 @@ proxmox-time-api = { workspace = true, features = [ "impl" ] } proxmox-network-api = { workspace = true, features = [ "impl" ] } proxmox-syslog-api = { workspace = true, features = [ "impl" ] } proxmox-acme-api = { workspace = true, features = [ "impl" ] } +proxmox-node-status = { workspace = true } pdm-api-types.workspace = true pdm-buildcfg.workspace = true diff --git a/server/src/api/nodes/mod.rs b/server/src/api/nodes/mod.rs index 6f30ba7..f70fcaf 100644 --- a/server/src/api/nodes/mod.rs +++ b/server/src/api/nodes/mod.rs @@ -10,6 +10,7 @@ pub mod dns; pub mod journal; pub mod network; pub mod rrddata; +pub mod status; pub mod syslog; pub mod tasks; pub mod termproxy; @@ -45,6 +46,7 @@ pub const SUBDIRS: SubdirMap = &sorted!([ ("journal", &journal::ROUTER), ("network", &network::ROUTER), ("rrdata", &rrddata::ROUTER), + ("status", &status::ROUTER), ("syslog", &syslog::ROUTER), ("tasks", &tasks::ROUTER), ("termproxy", &termproxy::ROUTER), diff --git a/server/src/api/nodes/status.rs b/server/src/api/nodes/status.rs new file mode 100644 index 0000000..b3bbed5 --- /dev/null +++ b/server/src/api/nodes/status.rs @@ -0,0 +1,18 @@ +use pdm_api_types::{PRIV_SYS_AUDIT, PRIV_SYS_POWER_MANAGEMENT}; +use proxmox_router::{ApiMethod, Permission, Router}; + +const API_METHOD_GET_STATUS_WITH_ACCESS: ApiMethod = proxmox_node_status::API_METHOD_GET_STATUS + .access( + None, + &Permission::Privilege(&["system", "status"], PRIV_SYS_AUDIT, false), + ); + +const API_METHOD_REBOOT_OR_SHUTDOWN_WITH_ACCESS: ApiMethod = + proxmox_node_status::API_METHOD_REBOOT_OR_SHUTDOWN.access( + None, + &Permission::Privilege(&["system", "status"], PRIV_SYS_POWER_MANAGEMENT, false), + ); + +pub const ROUTER: Router = Router::new() + .get(&API_METHOD_GET_STATUS_WITH_ACCESS) + .post(&API_METHOD_REBOOT_OR_SHUTDOWN_WITH_ACCESS); diff --git a/server/src/bin/proxmox-datacenter-api/main.rs b/server/src/bin/proxmox-datacenter-api/main.rs index 420a3b4..860612c 100644 --- a/server/src/bin/proxmox-datacenter-api/main.rs +++ b/server/src/bin/proxmox-datacenter-api/main.rs @@ -391,6 +391,8 @@ fn make_tls_acceptor() -> Result { let key_path = configdir!("/auth/api.key"); let cert_path = configdir!("/auth/api.pem"); + proxmox_node_status::init_node_status_api(cert_path); + proxmox_rest_server::connection::TlsAcceptorBuilder::new() .certificate_paths_pem(key_path, cert_path) .build() -- 2.47.3 _______________________________________________ pdm-devel mailing list pdm-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel