* [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui
@ 2026-05-27 12:52 Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 1/6] server: api: certificates: allow anybody to query the certificate info Shannon Sterz
` (7 more replies)
0 siblings, 8 replies; 12+ messages in thread
From: Shannon Sterz @ 2026-05-27 12:52 UTC (permalink / raw)
To: pdm-devel
the goal of this series is to make the base url and certificate
fingerprint handling a bit more intuitive for the auto installer gui.
the first couple of patches allow the ui to query the host's
certificate fingerprint. this information is then used to first set
the initial values for a new answer and also to format the preparation
command.
Shannon Sterz (6):
server: api: certificates: allow anybody to query the certificate info
pdm-client: add function to query the PDM hosts certificate info
ui: remotes: auto-installer: set pdm_origin() as placeholder not tip
ui: remotes: auto-installer: use pdm_origin() to set initial pdm url
ui: auto-installer: load fingerprint and use it as initial value
ui: auto-installer: use info from answer to format preparation command
lib/pdm-client/src/lib.rs | 12 +++++-
server/src/api/nodes/certificates.rs | 2 +-
ui/src/remotes/auto_installer/mod.rs | 8 ++++
.../prepared_answer_add_wizard.rs | 7 ++--
.../auto_installer/prepared_answer_form.rs | 31 ++++++++------
.../auto_installer/prepared_answers_panel.rs | 41 ++++++++++++++++++-
ui/src/remotes/auto_installer/token_panel.rs | 20 +++++++++
7 files changed, 101 insertions(+), 20 deletions(-)
--
2.47.3
^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH datacenter-manager 1/6] server: api: certificates: allow anybody to query the certificate info
2026-05-27 12:52 [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Shannon Sterz
@ 2026-05-27 12:52 ` Shannon Sterz
2026-05-27 14:12 ` Filip Schauer
2026-05-27 12:52 ` [PATCH datacenter-manager 2/6] pdm-client: add function to query the PDM hosts " Shannon Sterz
` (6 subsequent siblings)
7 siblings, 1 reply; 12+ messages in thread
From: Shannon Sterz @ 2026-05-27 12:52 UTC (permalink / raw)
To: pdm-devel
this isn't really secret information as ever TLS connection to the
host will expose the certificate anyway. however, being able to query
this information from the web ui allows some usability improvements.
as it is currently not possible to query the TLS fingerprint of the
pdm host itself otherwise.
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
server/src/api/nodes/certificates.rs | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/server/src/api/nodes/certificates.rs b/server/src/api/nodes/certificates.rs
index fc12e47..61e6bf9 100644
--- a/server/src/api/nodes/certificates.rs
+++ b/server/src/api/nodes/certificates.rs
@@ -60,7 +60,7 @@ fn get_certificate_info() -> Result<CertificateInfo, Error> {
},
},
access: {
- permission: &Permission::Privilege(&["system", "certificates"], PRIV_SYS_AUDIT, false),
+ permission: &Permission::Anybody,
},
returns: {
type: Array,
--
2.47.3
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH datacenter-manager 2/6] pdm-client: add function to query the PDM hosts certificate info
2026-05-27 12:52 [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 1/6] server: api: certificates: allow anybody to query the certificate info Shannon Sterz
@ 2026-05-27 12:52 ` Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 3/6] ui: remotes: auto-installer: set pdm_origin() as placeholder not tip Shannon Sterz
` (5 subsequent siblings)
7 siblings, 0 replies; 12+ messages in thread
From: Shannon Sterz @ 2026-05-27 12:52 UTC (permalink / raw)
To: pdm-devel
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
lib/pdm-client/src/lib.rs | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/lib/pdm-client/src/lib.rs b/lib/pdm-client/src/lib.rs
index 62177d8..e1b9242 100644
--- a/lib/pdm-client/src/lib.rs
+++ b/lib/pdm-client/src/lib.rs
@@ -17,7 +17,7 @@ use pdm_api_types::rrddata::{
QemuDataPoint,
};
use pdm_api_types::sdn::{ListVnet, ListZone};
-use pdm_api_types::BasicRealmInfo;
+use pdm_api_types::{BasicRealmInfo, CertificateInfo};
use pve_api_types::StartQemuMigrationType;
use serde::{Deserialize, Serialize};
use serde_json::{json, Value};
@@ -2199,6 +2199,16 @@ impl<T: HttpApiClient> PdmClient<T> {
.nodata()?;
Ok(())
}
+
+ /// Get the current certificat's information for the PDM host itself.
+ pub async fn certificate_info(&self) -> Result<Vec<CertificateInfo>, Error> {
+ Ok(self
+ .0
+ .get("/api2/extjs/nodes/localhost/certificates/info")
+ .await?
+ .expect_json::<Vec<CertificateInfo>>()?
+ .data)
+ }
}
/// Builder for migration parameters.
--
2.47.3
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH datacenter-manager 3/6] ui: remotes: auto-installer: set pdm_origin() as placeholder not tip
2026-05-27 12:52 [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 1/6] server: api: certificates: allow anybody to query the certificate info Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 2/6] pdm-client: add function to query the PDM hosts " Shannon Sterz
@ 2026-05-27 12:52 ` Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 4/6] ui: remotes: auto-installer: use pdm_origin() to set initial pdm url Shannon Sterz
` (4 subsequent siblings)
7 siblings, 0 replies; 12+ messages in thread
From: Shannon Sterz @ 2026-05-27 12:52 UTC (permalink / raw)
To: pdm-devel
otherwise it overrides the other tip set previously. keeping it as a
placeholder should help users decide what to input here.
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
ui/src/remotes/auto_installer/prepared_answer_form.rs | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ui/src/remotes/auto_installer/prepared_answer_form.rs b/ui/src/remotes/auto_installer/prepared_answer_form.rs
index 477a71f..0e9dc2e 100644
--- a/ui/src/remotes/auto_installer/prepared_answer_form.rs
+++ b/ui/src/remotes/auto_installer/prepared_answer_form.rs
@@ -946,7 +946,7 @@ pub fn render_auth_form(
.tip(tr!(
"Base URL this PDM instance is reachable from the target host"
))
- .tip(pdm_origin())
+ .placeholder(pdm_origin())
.value(config.post_hook_base_url.clone()),
)
.with_large_field(
--
2.47.3
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH datacenter-manager 4/6] ui: remotes: auto-installer: use pdm_origin() to set initial pdm url
2026-05-27 12:52 [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Shannon Sterz
` (2 preceding siblings ...)
2026-05-27 12:52 ` [PATCH datacenter-manager 3/6] ui: remotes: auto-installer: set pdm_origin() as placeholder not tip Shannon Sterz
@ 2026-05-27 12:52 ` Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 5/6] ui: auto-installer: load fingerprint and use it as initial value Shannon Sterz
` (3 subsequent siblings)
7 siblings, 0 replies; 12+ messages in thread
From: Shannon Sterz @ 2026-05-27 12:52 UTC (permalink / raw)
To: pdm-devel
this should be a sensible default for most users. users that have a
proxy between the pdm and the target hosts or similar can still
override this in gui. adapts the node in the gui too to clarify this
fact.
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
ui/src/remotes/auto_installer/mod.rs | 8 ++++++++
.../auto_installer/prepared_answer_add_wizard.rs | 3 ++-
.../remotes/auto_installer/prepared_answer_form.rs | 12 +++---------
3 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/ui/src/remotes/auto_installer/mod.rs b/ui/src/remotes/auto_installer/mod.rs
index 08030e2..7657c2c 100644
--- a/ui/src/remotes/auto_installer/mod.rs
+++ b/ui/src/remotes/auto_installer/mod.rs
@@ -84,3 +84,11 @@ impl Component for AutoInstallerPanelComponent {
.into()
}
}
+
+fn pdm_origin() -> Option<String> {
+ gloo_utils::document()
+ .url()
+ .and_then(|s| web_sys::Url::new(&s))
+ .map(|url| url.origin())
+ .ok()
+}
diff --git a/ui/src/remotes/auto_installer/prepared_answer_add_wizard.rs b/ui/src/remotes/auto_installer/prepared_answer_add_wizard.rs
index d099d5c..e909b6e 100644
--- a/ui/src/remotes/auto_installer/prepared_answer_add_wizard.rs
+++ b/ui/src/remotes/auto_installer/prepared_answer_add_wizard.rs
@@ -21,6 +21,7 @@ use proxmox_yew_comp::{
use pwt::{prelude::*, state::Store, widget::TabBarItem};
use pwt_macros::builder;
+use super::pdm_origin;
use super::prepared_answer_form::*;
use crate::pdm_client;
@@ -78,8 +79,8 @@ impl AddAnswerWizardProperties {
disk_filter: BTreeMap::new(),
disk_filter_match: None,
// post hook
- post_hook_base_url: None,
post_hook_cert_fp: None,
+ post_hook_base_url: pdm_origin(),
// templating
template_counters,
// subscription
diff --git a/ui/src/remotes/auto_installer/prepared_answer_form.rs b/ui/src/remotes/auto_installer/prepared_answer_form.rs
index 0e9dc2e..44cfcc5 100644
--- a/ui/src/remotes/auto_installer/prepared_answer_form.rs
+++ b/ui/src/remotes/auto_installer/prepared_answer_form.rs
@@ -38,6 +38,7 @@ use pwt::{
},
};
+use super::pdm_origin;
use crate::remotes::auto_installer::token_selector::TokenSelector;
pub fn prepare_form_data(mut value: serde_json::Value) -> Result<serde_json::Value> {
@@ -962,7 +963,8 @@ pub fn render_auth_form(
.class("pwt-mt-2 pwt-color-primary")
.with_child(Fa::new("info-circle").class("fa-fw"))
.with_child(tr!(
- "Optional. If provided, status reporting will be enabled."
+ "Optional. If provided, status reporting will be enabled. \
+ Make sure that these values are correct from the perspective of the target host."
)),
)
.into()
@@ -1182,14 +1184,6 @@ fn serde_variant_name<T: Serialize>(ty: T) -> Option<String> {
}
}
-fn pdm_origin() -> Option<String> {
- gloo_utils::document()
- .url()
- .and_then(|s| web_sys::Url::new(&s))
- .map(|url| url.origin())
- .ok()
-}
-
const KEYBOARD_LAYOUTS: &[KeyboardLayout] = {
use KeyboardLayout::*;
&[
--
2.47.3
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH datacenter-manager 5/6] ui: auto-installer: load fingerprint and use it as initial value
2026-05-27 12:52 [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Shannon Sterz
` (3 preceding siblings ...)
2026-05-27 12:52 ` [PATCH datacenter-manager 4/6] ui: remotes: auto-installer: use pdm_origin() to set initial pdm url Shannon Sterz
@ 2026-05-27 12:52 ` Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 6/6] ui: auto-installer: use info from answer to format preparation command Shannon Sterz
` (2 subsequent siblings)
7 siblings, 0 replies; 12+ messages in thread
From: Shannon Sterz @ 2026-05-27 12:52 UTC (permalink / raw)
To: pdm-devel
the answers and token panel now load the fingerprint when initialized
and hand it over to dialogs that they spawn to add the fingerprint to
the command presented to the user.
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
.../prepared_answer_add_wizard.rs | 4 +--
.../auto_installer/prepared_answer_form.rs | 12 ++++++--
.../auto_installer/prepared_answers_panel.rs | 28 +++++++++++++++++--
ui/src/remotes/auto_installer/token_panel.rs | 19 +++++++++++++
4 files changed, 57 insertions(+), 6 deletions(-)
diff --git a/ui/src/remotes/auto_installer/prepared_answer_add_wizard.rs b/ui/src/remotes/auto_installer/prepared_answer_add_wizard.rs
index e909b6e..03d78be 100644
--- a/ui/src/remotes/auto_installer/prepared_answer_add_wizard.rs
+++ b/ui/src/remotes/auto_installer/prepared_answer_add_wizard.rs
@@ -44,7 +44,7 @@ pub struct AddAnswerWizardProperties {
}
impl AddAnswerWizardProperties {
- pub fn new() -> Self {
+ pub fn new(fingerprint: Option<String>) -> Self {
let mut template_counters = BTreeMap::new();
template_counters.insert("installation_nr".to_owned(), 0i32);
@@ -79,8 +79,8 @@ impl AddAnswerWizardProperties {
disk_filter: BTreeMap::new(),
disk_filter_match: None,
// post hook
- post_hook_cert_fp: None,
post_hook_base_url: pdm_origin(),
+ post_hook_cert_fp: fingerprint,
// templating
template_counters,
// subscription
diff --git a/ui/src/remotes/auto_installer/prepared_answer_form.rs b/ui/src/remotes/auto_installer/prepared_answer_form.rs
index 44cfcc5..46867a2 100644
--- a/ui/src/remotes/auto_installer/prepared_answer_form.rs
+++ b/ui/src/remotes/auto_installer/prepared_answer_form.rs
@@ -974,6 +974,7 @@ pub fn render_show_secret_dialog(
config_id: Option<&str>,
token: &AnswerToken,
secret: &str,
+ fingerprint: &Option<String>,
on_close: Callback<()>,
) -> Option<yew::Html> {
let token = format!("{}:{secret}", token.id);
@@ -1009,10 +1010,17 @@ pub fn render_show_secret_dialog(
"{}/api2/json/auto-install/answer",
pdm_origin().unwrap_or_else(|| "https://pdm.example.com:8443".to_owned())
);
- let commandline = format!(
- "proxmox-auto-install-assistant prepare-iso --fetch-from http --url {answer_url} --answer-auth-token {token} INPUT.iso",
+
+ let mut commandline = format!(
+ "proxmox-auto-install-assistant prepare-iso --fetch-from http --url {answer_url} --answer-auth-token {token}",
);
+ if let Some(fingerprint) = fingerprint {
+ commandline = format!("{commandline} --cert-fingerprint {fingerprint}");
+ }
+
+ commandline = format!("{commandline} INPUT.iso");
+
let copy_commandline_view = Container::new()
.class("pwt-form-grid-col4")
.with_child(FieldLabel::new(tr!("Command Line")))
diff --git a/ui/src/remotes/auto_installer/prepared_answers_panel.rs b/ui/src/remotes/auto_installer/prepared_answers_panel.rs
index 0cff7fd..a55c029 100644
--- a/ui/src/remotes/auto_installer/prepared_answers_panel.rs
+++ b/ui/src/remotes/auto_installer/prepared_answers_panel.rs
@@ -66,6 +66,7 @@ enum Message {
token: AnswerToken,
secret: String,
},
+ FingerprintLoaded(Option<String>),
}
struct PreparedAnswersPanelComponent {
@@ -73,6 +74,7 @@ struct PreparedAnswersPanelComponent {
selection: Selection,
store: Store<PreparedInstallationConfig>,
columns: Rc<Vec<DataTableHeader<PreparedInstallationConfig>>>,
+ fingerprint: Option<String>,
}
pwt::impl_deref_mut_property!(
@@ -94,12 +96,24 @@ impl LoadableComponent for PreparedAnswersPanelComponent {
|a: &PreparedInstallationConfig, b: &PreparedInstallationConfig| a.id.cmp(&b.id),
);
+ let link = ctx.link().clone();
+ ctx.link().spawn(async move {
+ link.send_message(Message::FingerprintLoaded(
+ pdm_client()
+ .certificate_info()
+ .await
+ .ok()
+ .and_then(|mut c| c.pop().and_then(|c| c.fingerprint)),
+ ));
+ });
+
Self {
state: LoadableComponentState::new(),
selection: Selection::new()
.on_select(ctx.link().callback(|_| Message::SelectionChange)),
store,
columns: Rc::new(columns()),
+ fingerprint: None,
}
}
@@ -148,6 +162,10 @@ impl LoadableComponent for PreparedAnswersPanelComponent {
}));
false
}
+ Message::FingerprintLoaded(fp) => {
+ self.fingerprint = fp;
+ false
+ }
}
}
@@ -221,7 +239,7 @@ impl LoadableComponent for PreparedAnswersPanelComponent {
match view_state {
Self::ViewState::Create => Some(
- AddAnswerWizardProperties::new()
+ AddAnswerWizardProperties::new(self.fingerprint.clone())
.on_submit_result(on_submit_result)
.on_close(on_close)
.into(),
@@ -259,7 +277,13 @@ impl LoadableComponent for PreparedAnswersPanelComponent {
config_id,
token,
secret,
- } => render_show_secret_dialog(Some(config_id), token, secret, on_close),
+ } => render_show_secret_dialog(
+ Some(config_id),
+ token,
+ secret,
+ &self.fingerprint,
+ on_close,
+ ),
}
}
}
diff --git a/ui/src/remotes/auto_installer/token_panel.rs b/ui/src/remotes/auto_installer/token_panel.rs
index d213f39..d5f1ff7 100644
--- a/ui/src/remotes/auto_installer/token_panel.rs
+++ b/ui/src/remotes/auto_installer/token_panel.rs
@@ -53,6 +53,7 @@ enum Message {
SelectionChange,
RemoveEntry,
RegenerateSecret,
+ FingerprintLoaded(Option<String>),
}
struct AuthTokenPanelComponent {
@@ -60,6 +61,7 @@ struct AuthTokenPanelComponent {
selection: Selection,
store: Store<AnswerToken>,
columns: Rc<Vec<DataTableHeader<AnswerToken>>>,
+ fingerprint: Option<String>,
}
pwt::impl_deref_mut_property!(
@@ -78,12 +80,24 @@ impl LoadableComponent for AuthTokenPanelComponent {
Store::with_extract_key(|record: &AnswerToken| Key::from(record.id.to_string()));
store.set_sorter(|a: &AnswerToken, b: &AnswerToken| a.id.cmp(&b.id));
+ let link = ctx.link().clone();
+ ctx.link().spawn(async move {
+ link.send_message(Message::FingerprintLoaded(
+ pdm_client()
+ .certificate_info()
+ .await
+ .ok()
+ .and_then(|mut c| c.pop().and_then(|c| c.fingerprint)),
+ ));
+ });
+
Self {
state: LoadableComponentState::new(),
selection: Selection::new()
.on_select(ctx.link().callback(|_| Message::SelectionChange)),
store,
columns: Rc::new(columns()),
+ fingerprint: None,
}
}
@@ -142,6 +156,10 @@ impl LoadableComponent for AuthTokenPanelComponent {
}
false
}
+ Message::FingerprintLoaded(fingerprint) => {
+ self.fingerprint = fingerprint;
+ false
+ }
}
}
@@ -209,6 +227,7 @@ impl LoadableComponent for AuthTokenPanelComponent {
None,
token,
secret,
+ &self.fingerprint,
ctx.link().change_view_callback(|_| None),
),
}
--
2.47.3
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH datacenter-manager 6/6] ui: auto-installer: use info from answer to format preparation command
2026-05-27 12:52 [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Shannon Sterz
` (4 preceding siblings ...)
2026-05-27 12:52 ` [PATCH datacenter-manager 5/6] ui: auto-installer: load fingerprint and use it as initial value Shannon Sterz
@ 2026-05-27 12:52 ` Shannon Sterz
2026-05-27 13:11 ` [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Lukas Wagner
2026-05-27 14:02 ` applied: " Thomas Lamprecht
7 siblings, 0 replies; 12+ messages in thread
From: Shannon Sterz @ 2026-05-27 12:52 UTC (permalink / raw)
To: pdm-devel
previously we always used the current origin and the nodes current
certificate to format the command for iso preparation. since users can
override them and we have that info when creating a new answer, use
that instead there.
the preparation command when adding or regenerating tokens is
unaffected.
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
.../auto_installer/prepared_answer_form.rs | 5 ++++-
.../auto_installer/prepared_answers_panel.rs | 15 ++++++++++++++-
ui/src/remotes/auto_installer/token_panel.rs | 1 +
3 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/ui/src/remotes/auto_installer/prepared_answer_form.rs b/ui/src/remotes/auto_installer/prepared_answer_form.rs
index 46867a2..d1b6a62 100644
--- a/ui/src/remotes/auto_installer/prepared_answer_form.rs
+++ b/ui/src/remotes/auto_installer/prepared_answer_form.rs
@@ -972,6 +972,7 @@ pub fn render_auth_form(
pub fn render_show_secret_dialog(
config_id: Option<&str>,
+ answer_base_url: Option<&str>,
token: &AnswerToken,
secret: &str,
fingerprint: &Option<String>,
@@ -1008,7 +1009,9 @@ pub fn render_show_secret_dialog(
let answer_url = format!(
"{}/api2/json/auto-install/answer",
- pdm_origin().unwrap_or_else(|| "https://pdm.example.com:8443".to_owned())
+ answer_base_url
+ .or(pdm_origin().as_deref())
+ .unwrap_or_else(|| "https://pdm.example.com:8443")
);
let mut commandline = format!(
diff --git a/ui/src/remotes/auto_installer/prepared_answers_panel.rs b/ui/src/remotes/auto_installer/prepared_answers_panel.rs
index a55c029..1850bb6 100644
--- a/ui/src/remotes/auto_installer/prepared_answers_panel.rs
+++ b/ui/src/remotes/auto_installer/prepared_answers_panel.rs
@@ -52,6 +52,8 @@ enum ViewState {
Edit,
DisplaySecret {
config_id: String,
+ url: Option<String>,
+ fingerprint: Option<String>,
token: AnswerToken,
secret: String,
},
@@ -63,6 +65,8 @@ enum Message {
RemoveEntry,
DisplaySecret {
config_id: String,
+ url: Option<String>,
+ fingerprint: Option<String>,
token: AnswerToken,
secret: String,
},
@@ -152,11 +156,15 @@ impl LoadableComponent for PreparedAnswersPanelComponent {
}
Message::DisplaySecret {
config_id,
+ url,
+ fingerprint,
token,
secret,
} => {
link.change_view(Some(Self::ViewState::DisplaySecret {
config_id,
+ url,
+ fingerprint,
token,
secret,
}));
@@ -224,6 +232,8 @@ impl LoadableComponent for PreparedAnswersPanelComponent {
if let Some(token) = new_token {
Self::Message::DisplaySecret {
config_id: config.id,
+ url: config.post_hook_base_url,
+ fingerprint: config.post_hook_cert_fp,
token: token.token,
secret: token.secret,
}
@@ -275,13 +285,16 @@ impl LoadableComponent for PreparedAnswersPanelComponent {
}
Self::ViewState::DisplaySecret {
config_id,
+ url,
+ fingerprint,
token,
secret,
} => render_show_secret_dialog(
Some(config_id),
+ url.as_deref(),
token,
secret,
- &self.fingerprint,
+ fingerprint,
on_close,
),
}
diff --git a/ui/src/remotes/auto_installer/token_panel.rs b/ui/src/remotes/auto_installer/token_panel.rs
index d5f1ff7..6744149 100644
--- a/ui/src/remotes/auto_installer/token_panel.rs
+++ b/ui/src/remotes/auto_installer/token_panel.rs
@@ -224,6 +224,7 @@ impl LoadableComponent for AuthTokenPanelComponent {
Self::ViewState::Create => self.create_add_dialog(ctx),
Self::ViewState::Edit => self.create_edit_dialog(ctx),
Self::ViewState::DisplaySecret { token, secret } => render_show_secret_dialog(
+ None,
None,
token,
secret,
--
2.47.3
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui
2026-05-27 12:52 [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Shannon Sterz
` (5 preceding siblings ...)
2026-05-27 12:52 ` [PATCH datacenter-manager 6/6] ui: auto-installer: use info from answer to format preparation command Shannon Sterz
@ 2026-05-27 13:11 ` Lukas Wagner
2026-05-27 14:02 ` applied: " Thomas Lamprecht
7 siblings, 0 replies; 12+ messages in thread
From: Lukas Wagner @ 2026-05-27 13:11 UTC (permalink / raw)
To: Shannon Sterz, pdm-devel
On Wed May 27, 2026 at 2:52 PM CEST, Shannon Sterz wrote:
> the goal of this series is to make the base url and certificate
> fingerprint handling a bit more intuitive for the auto installer gui.
> the first couple of patches allow the ui to query the host's
> certificate fingerprint. this information is then used to first set
> the initial values for a new answer and also to format the preparation
> command.
>
> Shannon Sterz (6):
> server: api: certificates: allow anybody to query the certificate info
> pdm-client: add function to query the PDM hosts certificate info
> ui: remotes: auto-installer: set pdm_origin() as placeholder not tip
> ui: remotes: auto-installer: use pdm_origin() to set initial pdm url
> ui: auto-installer: load fingerprint and use it as initial value
> ui: auto-installer: use info from answer to format preparation command
>
> lib/pdm-client/src/lib.rs | 12 +++++-
> server/src/api/nodes/certificates.rs | 2 +-
> ui/src/remotes/auto_installer/mod.rs | 8 ++++
> .../prepared_answer_add_wizard.rs | 7 ++--
> .../auto_installer/prepared_answer_form.rs | 31 ++++++++------
> .../auto_installer/prepared_answers_panel.rs | 41 ++++++++++++++++++-
> ui/src/remotes/auto_installer/token_panel.rs | 20 +++++++++
> 7 files changed, 101 insertions(+), 20 deletions(-)
>
> --
> 2.47.3
Tested-by: Lukas Wagner <l.wagner@proxmox.com>
Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>
If exposing the entire certificate info is deemed to dangererous, I
suppose we could add a new endpoint which just returns the fingerprint.
But to me, after checking the fields of the CertificateInfo type, it
seems fine as is.
^ permalink raw reply [flat|nested] 12+ messages in thread
* applied: [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui
2026-05-27 12:52 [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Shannon Sterz
` (6 preceding siblings ...)
2026-05-27 13:11 ` [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Lukas Wagner
@ 2026-05-27 14:02 ` Thomas Lamprecht
7 siblings, 0 replies; 12+ messages in thread
From: Thomas Lamprecht @ 2026-05-27 14:02 UTC (permalink / raw)
To: pdm-devel, Shannon Sterz
On Wed, 27 May 2026 14:52:11 +0200, Shannon Sterz wrote:
> the goal of this series is to make the base url and certificate
> fingerprint handling a bit more intuitive for the auto installer gui.
> the first couple of patches allow the ui to query the host's
> certificate fingerprint. this information is then used to first set
> the initial values for a new answer and also to format the preparation
> command.
>
> [...]
Applied, thanks!
[1/6] server: api: certificates: allow anybody to query the certificate info
commit: 18800c151640c231d6af2287df0b33e29c182a4d
[2/6] pdm-client: add function to query the PDM hosts certificate info
commit: 6442d9cbd3ca38854a64b6401e430d02ca589867
[3/6] ui: remotes: auto-installer: set pdm_origin() as placeholder not tip
commit: 5f5e095ce75b5e74a36e28035824a21fa521f359
[4/6] ui: remotes: auto-installer: use pdm_origin() to set initial pdm url
commit: f4397e5d3b8e6807df52296981dffd3f3d1d644b
[5/6] ui: auto-installer: load fingerprint and use it as initial value
commit: 368f41b0f48127a496a3eae6cd09fca2d39adae5
[6/6] ui: auto-installer: use info from answer to format preparation command
commit: 4e84fdd11c7a7642099b66ab122df35a9b714d61
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH datacenter-manager 1/6] server: api: certificates: allow anybody to query the certificate info
2026-05-27 12:52 ` [PATCH datacenter-manager 1/6] server: api: certificates: allow anybody to query the certificate info Shannon Sterz
@ 2026-05-27 14:12 ` Filip Schauer
2026-05-27 14:16 ` Lukas Wagner
0 siblings, 1 reply; 12+ messages in thread
From: Filip Schauer @ 2026-05-27 14:12 UTC (permalink / raw)
To: Shannon Sterz, pdm-devel
On 27/05/2026 14:52, Shannon Sterz wrote:
> diff --git a/server/src/api/nodes/certificates.rs
> b/server/src/api/nodes/certificates.rs
> index fc12e47..61e6bf9 100644
> --- a/server/src/api/nodes/certificates.rs
> +++ b/server/src/api/nodes/certificates.rs
> @@ -60,7 +60,7 @@ fn get_certificate_info() -> Result<CertificateInfo, Error> {
> },
> },
> access: {
> - permission: &Permission::Privilege(&["system", "certificates"],
> PRIV_SYS_AUDIT, false),
> + permission: &Permission::Anybody,
> },
> returns: {
> type: Array,
PRIV_SYS_AUDIT is now unused:
warning: unused import: `PRIV_SYS_AUDIT`
--> server/src/api/nodes/certificates.rs:16:21
|
16 | use pdm_api_types::{PRIV_SYS_AUDIT, PRIV_SYS_MODIFY};
| ^^^^^^^^^^^^^^
|
= note: `#[warn(unused_imports)]` (part of `#[warn(unused)]`) on by
default
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH datacenter-manager 1/6] server: api: certificates: allow anybody to query the certificate info
2026-05-27 14:12 ` Filip Schauer
@ 2026-05-27 14:16 ` Lukas Wagner
2026-05-27 14:17 ` Shannon Sterz
0 siblings, 1 reply; 12+ messages in thread
From: Lukas Wagner @ 2026-05-27 14:16 UTC (permalink / raw)
To: Filip Schauer, Shannon Sterz, pdm-devel
On Wed May 27, 2026 at 4:12 PM CEST, Filip Schauer wrote:
> On 27/05/2026 14:52, Shannon Sterz wrote:
>> diff --git a/server/src/api/nodes/certificates.rs
>> b/server/src/api/nodes/certificates.rs
>> index fc12e47..61e6bf9 100644
>> --- a/server/src/api/nodes/certificates.rs
>> +++ b/server/src/api/nodes/certificates.rs
>> @@ -60,7 +60,7 @@ fn get_certificate_info() -> Result<CertificateInfo, Error> {
>> },
>> },
>> access: {
>> - permission: &Permission::Privilege(&["system", "certificates"],
>> PRIV_SYS_AUDIT, false),
>> + permission: &Permission::Anybody,
>> },
>> returns: {
>> type: Array,
>
> PRIV_SYS_AUDIT is now unused:
>
> warning: unused import: `PRIV_SYS_AUDIT`
> --> server/src/api/nodes/certificates.rs:16:21
> |
> 16 | use pdm_api_types::{PRIV_SYS_AUDIT, PRIV_SYS_MODIFY};
> | ^^^^^^^^^^^^^^
> |
> = note: `#[warn(unused_imports)]` (part of `#[warn(unused)]`) on by
> default
pushed a fixup removing the warning, no need for a patch
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH datacenter-manager 1/6] server: api: certificates: allow anybody to query the certificate info
2026-05-27 14:16 ` Lukas Wagner
@ 2026-05-27 14:17 ` Shannon Sterz
0 siblings, 0 replies; 12+ messages in thread
From: Shannon Sterz @ 2026-05-27 14:17 UTC (permalink / raw)
To: Lukas Wagner, Filip Schauer, pdm-devel
On Wed May 27, 2026 at 4:16 PM CEST, Lukas Wagner wrote:
> On Wed May 27, 2026 at 4:12 PM CEST, Filip Schauer wrote:
>> On 27/05/2026 14:52, Shannon Sterz wrote:
>>> diff --git a/server/src/api/nodes/certificates.rs
>>> b/server/src/api/nodes/certificates.rs
>>> index fc12e47..61e6bf9 100644
>>> --- a/server/src/api/nodes/certificates.rs
>>> +++ b/server/src/api/nodes/certificates.rs
>>> @@ -60,7 +60,7 @@ fn get_certificate_info() -> Result<CertificateInfo, Error> {
>>> },
>>> },
>>> access: {
>>> - permission: &Permission::Privilege(&["system", "certificates"],
>>> PRIV_SYS_AUDIT, false),
>>> + permission: &Permission::Anybody,
>>> },
>>> returns: {
>>> type: Array,
>>
>> PRIV_SYS_AUDIT is now unused:
>>
>> warning: unused import: `PRIV_SYS_AUDIT`
>> --> server/src/api/nodes/certificates.rs:16:21
>> |
>> 16 | use pdm_api_types::{PRIV_SYS_AUDIT, PRIV_SYS_MODIFY};
>> | ^^^^^^^^^^^^^^
>> |
>> = note: `#[warn(unused_imports)]` (part of `#[warn(unused)]`) on by
>> default
>
> pushed a fixup removing the warning, no need for a patch
ah thanks, send one already before i saw your response here.
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2026-05-27 14:18 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-05-27 12:52 [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 1/6] server: api: certificates: allow anybody to query the certificate info Shannon Sterz
2026-05-27 14:12 ` Filip Schauer
2026-05-27 14:16 ` Lukas Wagner
2026-05-27 14:17 ` Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 2/6] pdm-client: add function to query the PDM hosts " Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 3/6] ui: remotes: auto-installer: set pdm_origin() as placeholder not tip Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 4/6] ui: remotes: auto-installer: use pdm_origin() to set initial pdm url Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 5/6] ui: auto-installer: load fingerprint and use it as initial value Shannon Sterz
2026-05-27 12:52 ` [PATCH datacenter-manager 6/6] ui: auto-installer: use info from answer to format preparation command Shannon Sterz
2026-05-27 13:11 ` [PATCH datacenter-manager 0/6] improve handling of base url and certificate fingerprint for auto-installer gui Lukas Wagner
2026-05-27 14:02 ` applied: " Thomas Lamprecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox