From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 301F61FF16B for ; Fri, 7 Nov 2025 13:26:31 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 1332C101C3; Fri, 7 Nov 2025 13:27:13 +0100 (CET) Date: Fri, 07 Nov 2025 13:27:08 +0100 Message-Id: From: "Lukas Wagner" To: "Proxmox Datacenter Manager development discussion" Mime-Version: 1.0 X-Mailer: aerc 0.21.0-0-g5549850facc2-dirty References: <20251105163546.450094-1-h.laimer@proxmox.com> <20251105163546.450094-10-h.laimer@proxmox.com> In-Reply-To: <20251105163546.450094-10-h.laimer@proxmox.com> X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1762518408582 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.029 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pdm-devel] [PATCH proxmox-datacenter-manager v2 1/4] pdm-api-types: add firewall status types X-BeenThere: pdm-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Datacenter Manager development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Datacenter Manager development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pdm-devel-bounces@lists.proxmox.com Sender: "pdm-devel" 2 small nits inline, but other than that: Reviewed-by: Lukas Wagner Tested-by: Lukas Wagner On Wed Nov 5, 2025 at 5:35 PM CET, Hannes Laimer wrote: > These types are returned by all the `../firewall/status` endpoints. The > UI also uses them. > > Signed-off-by: Hannes Laimer > --- > lib/pdm-api-types/src/firewall.rs | 171 ++++++++++++++++++++++++++++++ > lib/pdm-api-types/src/lib.rs | 2 + > 2 files changed, 173 insertions(+) > create mode 100644 lib/pdm-api-types/src/firewall.rs > > diff --git a/lib/pdm-api-types/src/firewall.rs b/lib/pdm-api-types/src/firewall.rs > new file mode 100644 > index 0000000..10357ad > --- /dev/null > +++ b/lib/pdm-api-types/src/firewall.rs > @@ -0,0 +1,171 @@ > +use proxmox_schema::{api, Schema}; > +use serde::{Deserialize, Serialize}; > + > +use crate::remotes::REMOTE_ID_SCHEMA; > +use crate::{NODE_SCHEMA, VMID_SCHEMA}; > + > +const FIREWALL_RULES_COUNT: Schema = > + proxmox_schema::IntegerSchema::new("The total amount of rules present") > + .minimum(0) > + .schema(); > + > +const FIREWALL_ACTIVE_RULES_COUNT: Schema = > + proxmox_schema::IntegerSchema::new("The amount of enabled rules") > + .minimum(0) > + .schema(); > + > +#[api( > + properties: { > + all: { > + schema: FIREWALL_RULES_COUNT, > + }, > + active: { > + schema: FIREWALL_ACTIVE_RULES_COUNT, > + } > + } > +)] > +/// Count of all rules present and count of all enabled firewall rules. > +#[derive(Clone, Debug, Serialize, Deserialize, PartialEq)] > +pub struct RuleStat { > + pub all: usize, > + pub active: usize, > +} Could make sense to add 'serde(rename_all = "kebab-case")' even if you don't need it right now, but just to avoid forgetting it in the future when you or somebody else adds new members to the struct. No need to send a new version for this alone though, can happen in a follow-up patch. > + > +#[api( > + properties: { > + enabled: { > + type: bool, > + description: "True if the firewall is enabled", > + }, > + rules: { > + type: RuleStat, > + flatten: true, > + }, > + } > +)] > +/// Firewall status. > +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq)] > +#[serde(rename_all = "kebab-case")] > +pub struct FirewallStatus { > + pub enabled: bool, > + #[serde(flatten)] > + pub rules: RuleStat, > +} > + > +#[api( > + properties: { > + remote: { > + schema: REMOTE_ID_SCHEMA, > + }, > + status: { > + type: FirewallStatus, > + optional: true, > + }, > + nodes: { > + description: "Nodes in the cluster", > + items: { > + type: NodeFirewallStatus > + }, > + type: Array, > + }, > + } > +)] > +/// Firewall status of a PVE remote. > +#[derive(Serialize, Deserialize, Clone, PartialEq)] > +#[serde(rename_all = "kebab-case")] > +pub struct RemoteFirewallStatus { > + pub remote: String, > + pub status: Option, > + pub nodes: Vec, > +} > + > +#[api( > + properties: { > + node: { > + schema: NODE_SCHEMA, > + }, > + status: { > + type: FirewallStatus, > + optional: true, > + }, > + guests: { > + description: "Guests on a node", > + items: { > + type: GuestFirewallStatus > + }, > + type: Array, > + }, > + } > +)] > +/// Firewall status of a node > +#[derive(Clone, Debug, Serialize, Deserialize, PartialEq)] > +pub struct NodeFirewallStatus { > + pub node: String, > + pub status: Option, > + pub guests: Vec, > +} Same here. > + > +#[api] > +#[derive(Clone, Copy, Debug, Deserialize, Serialize, PartialEq)] > +#[serde(rename_all = "lowercase")] > +/// The type of the guest > +pub enum GuestKind { > + /// Guest is a LXC > + Lxc, > + /// Guets is a QEMU > + Qemu, > +} > + > +impl GuestKind { > + pub const fn as_str(&self) -> &'static str { > + match self { > + GuestKind::Lxc => "lxc", > + GuestKind::Qemu => "qemu", > + } > + } > +} > + > +impl AsRef for GuestKind { > + fn as_ref(&self) -> &str { > + self.as_str() > + } > +} > + > +impl From for &'static str { > + fn from(kind: GuestKind) -> Self { > + kind.as_str() > + } > +} > + > +impl From<&GuestKind> for &'static str { > + fn from(kind: &GuestKind) -> Self { > + kind.as_str() > + } > +} > + > +#[api( > + properties: { > + vmid: { > + schema: VMID_SCHEMA, > + }, > + name: { > + type: String, > + description: "Name of the guest.", > + }, > + status: { > + type: FirewallStatus, > + optional: true, > + }, > + kind: { > + type: GuestKind, > + } > + } > +)] > +/// Firewall status of a guest > +#[derive(Clone, Debug, Serialize, Deserialize, PartialEq)] > +pub struct GuestFirewallStatus { > + pub vmid: u32, > + pub name: String, > + pub status: Option, > + pub kind: GuestKind, > +} > diff --git a/lib/pdm-api-types/src/lib.rs b/lib/pdm-api-types/src/lib.rs > index ee4dfb2..78a9fa5 100644 > --- a/lib/pdm-api-types/src/lib.rs > +++ b/lib/pdm-api-types/src/lib.rs > @@ -94,6 +94,8 @@ pub use proxmox_schema::upid::*; > mod openid; > pub use openid::*; > > +pub mod firewall; > + > pub mod remotes; > > pub mod remote_updates; _______________________________________________ pdm-devel mailing list pdm-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel