From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pdm-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id 792941FF1BD
	for <inbox@lore.proxmox.com>; Fri, 16 May 2025 15:36:20 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 1CDFEDAA0;
	Fri, 16 May 2025 15:36:45 +0200 (CEST)
From: Dominik Csapak <d.csapak@proxmox.com>
To: pdm-devel@lists.proxmox.com
Date: Fri, 16 May 2025 15:35:50 +0200
Message-Id: <20250516133611.3499075-1-d.csapak@proxmox.com>
X-Mailer: git-send-email 2.39.5
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.021 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [mod.rs, remotes.rs, lib.rs, connection.rs]
Subject: [pdm-devel] [PATCH datacenter-manager 00/21] improve remote wizard
X-BeenThere: pdm-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Datacenter Manager development discussion
 <pdm-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pdm-devel>, 
 <mailto:pdm-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pdm-devel/>
List-Post: <mailto:pdm-devel@lists.proxmox.com>
List-Help: <mailto:pdm-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel>, 
 <mailto:pdm-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox Datacenter Manager development discussion
 <pdm-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pdm-devel-bounces@lists.proxmox.com
Sender: "pdm-devel" <pdm-devel-bounces@lists.proxmox.com>

# Summary

This series improves the remote wizard in various points:
* improved wording and texts
* moved seperate buttons on pages into the next button
* probing of entered nodes
* confirmation dialog for missing fingerprints
* better realm selector

# Notes

I'm not super sure about the API call structure. I think two seperate
API calls (one for tls probing, one for scanning) might make more sense.
If that's wanted, I'll do so in a v2 of the series.

## Probing on the server side

I tried to determine if we need a fingerprint for nodes inside the
API call, by probing each node. Since we currently only get the
nodenames and not FQDNs in the nodelist, this will currently not
result in a valid connection in most cases and return the fingerprint.

My plan would be to include FQDNs of the nodes on the PVE side API call,
so we can return here a list of nodename, ip and FQDNs, which the user
then can select from. (which of those I'd probe on first check is yet
to be determined)

## Fingerprint confirmation dialogs

Not sure if we want to be able to let the user confirm the fingerprint
so easily. On one hand it's very convenient, but maybe leads to users
simply clicking yes without understanding what's happening.

If it's deemed too dangerous, I'd rework the series without this.

# Future work

The next step for the wizard is to have some kind of quick copy&paste
info. After discussing off-list with Fabian a bit, I think it would be
best for this to contain the hostname (FQDN?) + fingerprint (if just a
self-signed certificate) + a list of nodes with their respective
nodename + FQDNs (maybe requires api change on PVE side to generate
this). The user would then still have to do most of the steps currently
necessary in the wizard, except the manual copy & pasting of
fingerprints and maybe entering of FQDNs.


Dominik Csapak (21):
  server/ui: pve: change 'realm list' api call to GET
  api types: RemoteType: put default port info to the type
  server: connection: add probe_tls_connection helper
  server/ui: pve api: extend 'scan' so it can probe the tls connection
  pdm-client: add scan_remote and probe_tls methods
  ui: remotes: node url list: add placeholder and clear trigger
  ui: rmeotes: node url list: make column header clearer
  ui: remotes: node url list: handle changing default
  ui: pve wizard: rename 'realm' variable to 'info'
  ui: pve wizard: summary: add default text for fingerprint
  ui: pve wizard: nodes: improve info text
  ui: pve wizard: nodes: probe hosts to verify fingerprint settings
  ui: pve wizard: info: use pdm_client for scanning
  ui: pve wizard: info: detect hostname and fingerprint
  ui: pve wizard: info: remove manual scan button
  ui: widget: add pve realm selector
  ui: pve wizard: info: use pve realm selector
  ui: pve wizard: connect: factor out normalize_hostname
  ui: pve wizard: connect: move connection logic to next button
  ui: pve wizard: connect: use scan api endpoint instead of realms
  ui: pve wizard: connect: add certificate confirmation dialog

 lib/pdm-api-types/Cargo.toml          |   1 +
 lib/pdm-api-types/src/lib.rs          |   2 +
 lib/pdm-api-types/src/remotes.rs      |  16 ++
 lib/pdm-client/src/lib.rs             |  45 ++++
 server/src/api/pve/mod.rs             |  62 ++++--
 server/src/connection.rs              |  87 +++++++-
 ui/Cargo.toml                         |   1 +
 ui/src/remotes/add_wizard.rs          |   8 +-
 ui/src/remotes/node_url_list.rs       |  33 ++-
 ui/src/remotes/wizard_page_connect.rs | 308 ++++++++++++++++----------
 ui/src/remotes/wizard_page_info.rs    | 127 ++++++-----
 ui/src/remotes/wizard_page_nodes.rs   | 241 +++++++++++++++++++-
 ui/src/remotes/wizard_page_summary.rs |   5 +-
 ui/src/widget/mod.rs                  |   3 +
 ui/src/widget/pve_realm_selector.rs   | 125 +++++++++++
 15 files changed, 853 insertions(+), 211 deletions(-)
 create mode 100644 ui/src/widget/pve_realm_selector.rs

-- 
2.39.5



_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel