From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 81BBA792D2 for ; Tue, 4 May 2021 09:58:04 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 6F87A246F6 for ; Tue, 4 May 2021 09:57:34 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id D2627246E8 for ; Tue, 4 May 2021 09:57:33 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id A422E429D4 for ; Tue, 4 May 2021 09:57:33 +0200 (CEST) To: Proxmox Backup Server development discussion , Wolfgang Bumiller References: <20210503093959.14855-1-w.bumiller@proxmox.com> From: Dietmar Maurer Message-ID: <918688a1-7e66-0ded-80ea-72f5746cb9bc@proxmox.com> Date: Tue, 4 May 2021 09:57:32 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.0 MIME-Version: 1.0 In-Reply-To: <20210503093959.14855-1-w.bumiller@proxmox.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-SPAM-LEVEL: Spam detection results: 0 AWL 0.278 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [acme.rs, certificates.rs, mod.rs, proxmox-daily-update.rs, client.rs, config.rs, lib.rs, plugin.rs, node.rs, proxmox-backup-manager.rs] Subject: [pbs-devel] applied: [REBASED v2 backup 0/9] rebased and reordered acme implementation X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 May 2021 07:58:04 -0000 applied with minor cleanups On 5/3/21 11:39 AM, Wolfgang Bumiller wrote: > Only minor changes, a split and some merges: > > * moved the validation plugin implementations from config::acme::plugin > to acme::plugin, in order to separate the config again. > * dropped the `read_lock` functions and renamed `write_lock` -> `lock` > * removed some leftover commented out code > * changed lock timeouts to 10s like in most other config parts > * lock file name consistency ('.lock' -> '.lck') > * kept AccountName for now, we still need to discuss how to > approach this definitively > * for less noise I merged the patches at the end of the series into the > earlier ones, since they're mostly fixup commits: > - creating acme directories before placing files in there > - validate config before writing > - pipe plugin output to task log > - make account name optional in api call > Also: standalone validation, since introducing dns validation together > with the plugin config but adding this one later isn't consistent > anyway. > > Wolfgang Bumiller (9): > add acme config > add acme client > add node config > add config/acme api path > add node/{node}/certificates api call > add node/{node}/config api path > add acme commands to proxmox-backup-manager > ui: add certificate & acme view > daily-update: check acme certificates > > src/acme/client.rs | 673 +++++++++++++++++++++++ > src/acme/mod.rs | 5 + > src/acme/plugin.rs | 299 ++++++++++ > src/api2/config.rs | 2 + > src/api2/config/acme.rs | 725 +++++++++++++++++++++++++ > src/api2/node.rs | 4 + > src/api2/node/certificates.rs | 579 ++++++++++++++++++++ > src/api2/node/config.rs | 80 +++ > src/bin/proxmox-backup-manager.rs | 1 + > src/bin/proxmox-daily-update.rs | 30 +- > src/bin/proxmox_backup_manager/acme.rs | 415 ++++++++++++++ > src/bin/proxmox_backup_manager/mod.rs | 2 + > src/config.rs | 20 +- > src/config/acme/mod.rs | 273 ++++++++++ > src/config/acme/plugin.rs | 213 ++++++++ > src/config/node.rs | 202 +++++++ > src/lib.rs | 2 + > www/Makefile | 1 + > www/NavigationTree.js | 6 + > www/config/CertificateView.js | 80 +++ > 20 files changed, 3609 insertions(+), 3 deletions(-) > create mode 100644 src/acme/client.rs > create mode 100644 src/acme/mod.rs > create mode 100644 src/acme/plugin.rs > create mode 100644 src/api2/config/acme.rs > create mode 100644 src/api2/node/certificates.rs > create mode 100644 src/api2/node/config.rs > create mode 100644 src/bin/proxmox_backup_manager/acme.rs > create mode 100644 src/config/acme/mod.rs > create mode 100644 src/config/acme/plugin.rs > create mode 100644 src/config/node.rs > create mode 100644 www/config/CertificateView.js >