From: Thomas Lamprecht <t.lamprecht@proxmox.com>
To: Proxmox Datacenter Manager development discussion
<pdm-devel@lists.proxmox.com>,
Stefan Hanreich <s.hanreich@proxmox.com>,
Hannes Laimer <h.laimer@proxmox.com>
Subject: Re: [pdm-devel] [PATCH proxmox-datacenter-manager v3 2/4] api: firewall: add option, rules and status endpoints
Date: Wed, 12 Nov 2025 12:22:17 +0100 [thread overview]
Message-ID: <f9b8ae2c-5017-457b-853a-9542e2d2b33e@proxmox.com> (raw)
In-Reply-To: <f495b809-e538-4d92-8af1-5460aed1b648@proxmox.com>
Am 12.11.25 um 11:52 schrieb Stefan Hanreich:
> some comments inline
>
> On 11/10/25 6:25 PM, Hannes Laimer wrote:
>> This adds the following endpoints
>> * for all PVE remotes:
>> - GET /pve/firewall/status
>>
>> * for PVE remotes
>> - GET pve/remotes/{remote}/firewall/options
>> - PUT pve/remotes/{remote}/firewall/options
>> - GET pve/remotes/{remote}/firewall/rules
>> - GET pve/remotes/{remote}/firewall/status
>>
>> * for PVE node
>> - GET pve/remotes/{remote}/nodes/{node}/firewall/options
>> - PUT pve/remotes/{remote}/nodes/{node}/firewall/options
>> - GET pve/remotes/{remote}/nodes/{node}/firewall/rules
>> - GET pve/remotes/{remote}/nodes/{node}/firewall/status
>>
>> * for guests (both lxc and qemu)
>> - GET pve/remotes/{remote}/[lxc|qemu]/{vmid}/firewall/options
>> - PUT pve/remotes/{remote}/[lxc|qemu]/{vmid}/firewall/options
>> - GET pve/remotes/{remote}/[lxc|qemu]/{vmid}/firewall/rules
>
> Would it potentially make sense to mirror the PVE API here, i.e.
>
> pve/remotes/{remote}/nodes/{node}/[lxc|qemu]/{vmid}/firewall/options
>
> might be annoying to always have to know the node a guest resides on though
That and I'm not sure about what the actual benefit of doing that would
be here? Or just for using the same as in PVE? While I'd not promote
deviating from existing product APIs, especially not just for the sake
of it. OTOH leveraging what PDM can do and also avoiding historic
mistakes that are either not worthwhile or just hard to fix in the
original implementation can both be valid reason to deviate.
_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel
next prev parent reply other threads:[~2025-11-12 11:21 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-10 17:25 [pdm-devel] [PATCH proxmox{, -yew-comp, -datacenter-manager} v3 00/12] add basic integration of PVE firewall Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox v3 1/4] pve-api-types: update pve-api.json Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox v3 2/4] pve-api-types: add get/update firewall options endpoints Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox v3 3/4] pve-api-types: add list firewall rules endpoints Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox v3 4/4] pve-api-types: regenerate Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-yew-comp v3 1/4] form: add helpers for extractig data out of schemas Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-yew-comp v3 2/4] firewall: add FirewallContext Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-yew-comp v3 3/4] firewall: add options edit form Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-yew-comp v3 4/4] firewall: add rules table Hannes Laimer
2025-11-12 13:06 ` Stefan Hanreich
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-datacenter-manager v3 1/4] pdm-api-types: add firewall status types Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-datacenter-manager v3 2/4] api: firewall: add option, rules and status endpoints Hannes Laimer
2025-11-12 10:52 ` Stefan Hanreich
2025-11-12 11:09 ` Hannes Laimer
2025-11-12 11:22 ` Thomas Lamprecht [this message]
2025-11-12 11:27 ` Stefan Hanreich
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-datacenter-manager v3 3/4] pdm-client: add api methods for firewall options, " Hannes Laimer
2025-11-10 17:25 ` [pdm-devel] [PATCH proxmox-datacenter-manager v3 4/4] ui: add firewall status tree Hannes Laimer
2025-11-12 11:21 ` Stefan Hanreich
2025-11-12 14:41 ` Lukas Wagner
2025-11-12 13:07 ` [pdm-devel] [PATCH proxmox{, -yew-comp, -datacenter-manager} v3 00/12] add basic integration of PVE firewall Stefan Hanreich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f9b8ae2c-5017-457b-853a-9542e2d2b33e@proxmox.com \
--to=t.lamprecht@proxmox.com \
--cc=h.laimer@proxmox.com \
--cc=pdm-devel@lists.proxmox.com \
--cc=s.hanreich@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox