From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 8658E1FF13A for ; Wed, 27 May 2026 15:11:51 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id D54B71CE1F; Wed, 27 May 2026 15:11:50 +0200 (CEST) Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Wed, 27 May 2026 15:11:16 +0200 Message-Id: Subject: Re: [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui From: "Lukas Wagner" To: "Shannon Sterz" , X-Mailer: aerc 0.21.0-0-g5549850facc2-dirty References: <20260527125217.260760-1-s.sterz@proxmox.com> In-Reply-To: <20260527125217.260760-1-s.sterz@proxmox.com> X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1779887450343 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.053 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [mod.rs,lib.rs,certificates.rs] Message-ID-Hash: 6ZT7R3FOQOLY7ETNPBPRP7S6ONGK5OQB X-Message-ID-Hash: 6ZT7R3FOQOLY7ETNPBPRP7S6ONGK5OQB X-MailFrom: l.wagner@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox Datacenter Manager development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Wed May 27, 2026 at 2:52 PM CEST, Shannon Sterz wrote: > the goal of this series is to make the base url and certificate > fingerprint handling a bit more intuitive for the auto installer gui. > the first couple of patches allow the ui to query the host's > certificate fingerprint. this information is then used to first set > the initial values for a new answer and also to format the preparation > command. > > Shannon Sterz (6): > server: api: certificates: allow anybody to query the certificate info > pdm-client: add function to query the PDM hosts certificate info > ui: remotes: auto-installer: set pdm_origin() as placeholder not tip > ui: remotes: auto-installer: use pdm_origin() to set initial pdm url > ui: auto-installer: load fingerprint and use it as initial value > ui: auto-installer: use info from answer to format preparation command > > lib/pdm-client/src/lib.rs | 12 +++++- > server/src/api/nodes/certificates.rs | 2 +- > ui/src/remotes/auto_installer/mod.rs | 8 ++++ > .../prepared_answer_add_wizard.rs | 7 ++-- > .../auto_installer/prepared_answer_form.rs | 31 ++++++++------ > .../auto_installer/prepared_answers_panel.rs | 41 ++++++++++++++++++- > ui/src/remotes/auto_installer/token_panel.rs | 20 +++++++++ > 7 files changed, 101 insertions(+), 20 deletions(-) > > -- > 2.47.3 Tested-by: Lukas Wagner Reviewed-by: Lukas Wagner If exposing the entire certificate info is deemed to dangererous, I suppose we could add a new endpoint which just returns the fingerprint. But to me, after checking the fields of the CertificateInfo type, it seems fine as is.