From: Wolfgang Bumiller <w.bumiller@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [RFC backup 00/23] Implements ACME suport for PBS
Date: Fri, 16 Apr 2021 15:34:53 +0200 [thread overview]
Message-ID: <20210416133517.23349-1-w.bumiller@proxmox.com> (raw)
Reusing the ACME UI elements from the widget toolkit and therefore
providing a compatible API and pretty much the same config file layout.
Contains the async version of the acme client directly in the tree here,
though it may also be an option to move it to proxmox-acme-rs w/ a
feature-gate. (The code is also very similar to the sync version so
there's a possibility that the implementation could be wrapped in a
macro...)
The series starts out with some helpers & refactoring, followed by a
serde-driven config file format read/writer (meant to be (or become)
compatible to what we have in perl via PVE::JSONSchema::parse_config,
but without the json::Value intermediate step), followed by the config,
client & api call implementation.
(Wildcard support like stoiko just added to PMG still needs to be added,
though...)
Wolfgang Bumiller (23):
systemd: add reload_unit
add dns alias schema
tools::fs::scan_subdir: use nix::Error instead of anyhow
tools::http: generic 'fn request' and dedup agent string
config: factor out certificate writing
CertInfo: add not_{after,before}_unix
CertInfo: add is_expired_after_epoch
tools: add ControlFlow type
catalog shell: replace LoopState with ControlFlow
Cargo.toml: depend on proxmox-acme-rs
bump d/control
config::acl: make /system/certificates a valid path
add 'config file format' to tools::config
add node config
add acme config
add async acme client implementation
add config/acme api path
add node/{node}/certificates api call
add node/{node}/config api path
add acme commands to proxmox-backup-manager
implement standalone acme validation
ui: add certificate & acme view
daily-update: check acme certificates
Cargo.toml | 3 +
debian/control | 2 +
src/acme/client.rs | 627 +++++++++++++++++++++
src/acme/mod.rs | 2 +
src/api2/config.rs | 2 +
src/api2/config/acme.rs | 719 +++++++++++++++++++++++++
src/api2/node.rs | 4 +
src/api2/node/certificates.rs | 572 ++++++++++++++++++++
src/api2/node/config.rs | 81 +++
src/api2/types/mod.rs | 10 +
src/backup/catalog_shell.rs | 18 +-
src/bin/proxmox-backup-manager.rs | 1 +
src/bin/proxmox-daily-update.rs | 30 +-
src/bin/proxmox_backup_manager/acme.rs | 414 ++++++++++++++
src/bin/proxmox_backup_manager/mod.rs | 2 +
src/config.rs | 55 +-
src/config/acl.rs | 2 +-
src/config/acme/mod.rs | 198 +++++++
src/config/acme/plugin.rs | 492 +++++++++++++++++
src/config/node.rs | 225 ++++++++
src/lib.rs | 2 +
src/tools.rs | 12 +
src/tools/cert.rs | 41 +-
src/tools/config/de.rs | 656 ++++++++++++++++++++++
src/tools/config/mod.rs | 89 +++
src/tools/config/ser.rs | 642 ++++++++++++++++++++++
src/tools/fs.rs | 2 +-
src/tools/http.rs | 10 +-
src/tools/systemd.rs | 11 +
www/Makefile | 1 +
www/NavigationTree.js | 6 +
www/config/CertificateView.js | 80 +++
32 files changed, 4972 insertions(+), 39 deletions(-)
create mode 100644 src/acme/client.rs
create mode 100644 src/acme/mod.rs
create mode 100644 src/api2/config/acme.rs
create mode 100644 src/api2/node/certificates.rs
create mode 100644 src/api2/node/config.rs
create mode 100644 src/bin/proxmox_backup_manager/acme.rs
create mode 100644 src/config/acme/mod.rs
create mode 100644 src/config/acme/plugin.rs
create mode 100644 src/config/node.rs
create mode 100644 src/tools/config/de.rs
create mode 100644 src/tools/config/mod.rs
create mode 100644 src/tools/config/ser.rs
create mode 100644 www/config/CertificateView.js
--
2.20.1
next reply other threads:[~2021-04-16 13:35 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-16 13:34 Wolfgang Bumiller [this message]
2021-04-16 13:34 ` [pbs-devel] [RFC backup 01/23] systemd: add reload_unit Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 02/23] add dns alias schema Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 03/23] tools::fs::scan_subdir: use nix::Error instead of anyhow Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 04/23] tools::http: generic 'fn request' and dedup agent string Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 05/23] config: factor out certificate writing Wolfgang Bumiller
2021-04-16 13:34 ` [pbs-devel] [RFC backup 06/23] CertInfo: add not_{after, before}_unix Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 07/23] CertInfo: add is_expired_after_epoch Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 08/23] tools: add ControlFlow type Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 09/23] catalog shell: replace LoopState with ControlFlow Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 10/23] Cargo.toml: depend on proxmox-acme-rs Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 11/23] bump d/control Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 12/23] config::acl: make /system/certificates a valid path Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 13/23] add 'config file format' to tools::config Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 14/23] add node config Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 15/23] add acme config Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 16/23] add async acme client implementation Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 17/23] add config/acme api path Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 18/23] add node/{node}/certificates api call Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 19/23] add node/{node}/config api path Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 20/23] add acme commands to proxmox-backup-manager Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 21/23] implement standalone acme validation Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 22/23] ui: add certificate & acme view Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC backup 23/23] daily-update: check acme certificates Wolfgang Bumiller
2021-04-16 13:35 ` [pbs-devel] [RFC widget-toolkit] acme: separate flag to disable the 'domains=' array Wolfgang Bumiller
2021-04-22 17:57 ` [pbs-devel] applied: " Thomas Lamprecht
2021-04-20 10:27 ` [pbs-devel] [RFC backup 00/23] Implements ACME suport for PBS Dominic Jäger
2021-04-20 10:53 Wolfgang Bumiller
2021-04-21 11:56 ` Dominic Jäger
2021-04-21 12:19 ` Wolfgang Bumiller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210416133517.23349-1-w.bumiller@proxmox.com \
--to=w.bumiller@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox