From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 95B3963D5C for ; Wed, 28 Oct 2020 19:55:26 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 95FFB22AC7 for ; Wed, 28 Oct 2020 19:54:55 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [212.186.127.180]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 22210229E9 for ; Wed, 28 Oct 2020 19:54:49 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id E491F45F7B for ; Wed, 28 Oct 2020 19:54:48 +0100 (CET) From: Stoiko Ivanov To: pmg-devel@pve.proxmox.com Date: Wed, 28 Oct 2020 19:54:25 +0100 Message-Id: <20201028185432.23067-10-s.ivanov@proxmox.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20201028185432.23067-1-s.ivanov@proxmox.com> References: <20201028185432.23067-1-s.ivanov@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.284 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [backup.pm, mailtracker.pm, nodes.pm, quarantine.pm, config.pm, statistics.pm, postfix.pm, remote.pm] URIBL_SBL 0.644 Contains an URL's NS IP listed in the Spamhaus SBL blocklist [backup.pm] URIBL_SBL_A 0.1 Contains URL's A record listed in the Spamhaus SBL blocklist [backup.pm] Subject: [pmg-devel] [PATCH pmg-api 07/11] Add API2 module for PBS configuration X-BeenThere: pmg-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Mail Gateway development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Oct 2020 18:55:26 -0000 The module provides the API methods for creating/updating/listing/deleting PBS remotes Signed-off-by: Stoiko Ivanov --- src/Makefile | 1 + src/PMG/API2/Config.pm | 7 ++ src/PMG/API2/PBS/Remote.pm | 248 +++++++++++++++++++++++++++++++++++++ 3 files changed, 256 insertions(+) create mode 100644 src/PMG/API2/PBS/Remote.pm diff --git a/src/Makefile b/src/Makefile index daa9d46..5add6af 100644 --- a/src/Makefile +++ b/src/Makefile @@ -137,6 +137,7 @@ LIBSOURCES = \ PMG/API2/Statistics.pm \ PMG/API2/MailTracker.pm \ PMG/API2/Backup.pm \ + PMG/API2/PBS/Remote.pm \ PMG/API2/Nodes.pm \ PMG/API2/Postfix.pm \ PMG/API2/Quarantine.pm \ diff --git a/src/PMG/API2/Config.pm b/src/PMG/API2/Config.pm index d4a9679..e11eb3f 100644 --- a/src/PMG/API2/Config.pm +++ b/src/PMG/API2/Config.pm @@ -25,6 +25,7 @@ use PMG::API2::Fetchmail; use PMG::API2::DestinationTLSPolicy; use PMG::API2::DKIMSign; use PMG::API2::SACustom; +use PMG::API2::PBS::Remote; use base qw(PVE::RESTHandler); @@ -93,6 +94,11 @@ __PACKAGE__->register_method({ path => 'customscores', }); +__PACKAGE__->register_method ({ + subclass => "PMG::API2::PBS::Remote", + path => 'pbs', +}); + __PACKAGE__->register_method ({ name => 'index', path => '', @@ -131,6 +137,7 @@ __PACKAGE__->register_method ({ push @$res, { section => 'regextest' }; push @$res, { section => 'tlspolicy' }; push @$res, { section => 'dkim' }; + push @$res, { section => 'pbs' }; return $res; }}); diff --git a/src/PMG/API2/PBS/Remote.pm b/src/PMG/API2/PBS/Remote.pm new file mode 100644 index 0000000..1c1d93f --- /dev/null +++ b/src/PMG/API2/PBS/Remote.pm @@ -0,0 +1,248 @@ +package PMG::API2::PBS::Remote; + +use strict; +use warnings; + +use PVE::SafeSyslog; +use PVE::Tools qw(extract_param); +use PVE::JSONSchema qw(get_standard_option); +use PVE::RESTHandler; +use PVE::PBSTools; + +use PMG::PBSConfig; + +use base qw(PVE::RESTHandler); + +__PACKAGE__->register_method ({ + name => 'list', + path => '', + method => 'GET', + description => "List all configured Proxmox Backup Server instances.", + permissions => { check => [ 'admin', 'audit' ] }, + proxyto => 'master', + protected => 1, + parameters => { + additionalProperties => 0, + properties => {} + }, + returns => { + type => "array", + items => PMG::PBSConfig->createSchema(1), + links => [ { rel => 'child', href => "{remote}" } ], + }, + code => sub { + my ($param) = @_; + + my $res = []; + + my $conf = PMG::PBSConfig->new(); + + if (defined($conf)) { + foreach my $remote (keys %{$conf->{ids}}) { + my $d = $conf->{ids}->{$remote}; + my $entry = { + remote => $remote, + server => $d->{server}, + datastore => $d->{datastore}, + username => $d->{username}, + disable => $d->{disable}, + 'encryption-key' => $d->{'encryption-key'}, + }; + push @$res, $entry; + } + } + + return $res; + }}); + +__PACKAGE__->register_method ({ + name => 'create', + path => '', + method => 'POST', + description => "Add Proxmox Backup Server instance.", + permissions => { check => [ 'admin' ] }, + proxyto => 'master', + protected => 1, + parameters => PMG::PBSConfig->createSchema(1), + returns => { type => 'null' } , + code => sub { + my ($param) = @_; + + my $code = sub { + + my $conf = PMG::PBSConfig->new(); + $conf->{ids} //= {}; + my $ids = $conf->{ids}; + + my $remote = extract_param($param, 'remote'); + die "PBS remote '$remote' already exists\n" + if $ids->{$remote}; + + my $remotecfg = PMG::PBSConfig->check_config($remote, $param, 1); + + my $password = extract_param($remotecfg, 'password'); + PVE::PBSTools::pbs_set_password($remote, $password) if defined($password); + + if (defined(my $encryption_key = extract_param($remotecfg, 'encryption-key'))) { + if ($encryption_key eq 'autogen') { + PVE::PBSTools::autogen_encryption_key($remote); + } else { + PVE::PBSTools::pbs_set_encryption_key($remote, $encryption_key); + } + $remotecfg->{'encryption-key'} = 1; + } + + $ids->{$remote} = $remotecfg; + $conf->write(); + }; + + PMG::PBSConfig::lock_config($code, "add PBS remote failed"); + + return undef; + }}); + +__PACKAGE__->register_method ({ + name => 'read_config', + path => '{remote}', + method => 'GET', + description => "Get PBS remote configuration.", + proxyto => 'master', + permissions => { check => [ 'admin', 'audit' ] }, + parameters => { + additionalProperties => 1, + properties => { + remote => { + description => "Proxmox Backup Server ID.", + type => 'string', format => 'pve-configid', + }, + }, + }, + returns => {}, + code => sub { + my ($param) = @_; + + my $conf = PMG::PBSConfig->new(); + + my $remote = $param->{remote}; + + my $data = $conf->{ids}->{$remote}; + die "PBS remote '$remote' does not exist\n" if !$data; + + delete $data->{type}; + + $data->{digest} = $conf->{digest}; + $data->{remote} = $remote; + + return $data; + }}); + +__PACKAGE__->register_method ({ + name => 'update_config', + path => '{remote}', + method => 'PUT', + description => "Update PBS remote settings.", + permissions => { check => [ 'admin' ] }, + protected => 1, + proxyto => 'master', + parameters => PMG::PBSConfig->updateSchema(), + returns => { type => 'null' }, + code => sub { + my ($param) = @_; + + my $code = sub { + + my $conf = PMG::PBSConfig->new(); + my $ids = $conf->{ids}; + + my $digest = extract_param($param, 'digest'); + PVE::SectionConfig::assert_if_modified($conf, $digest); + + my $remote = extract_param($param, 'remote'); + + die "PBS remote '$remote' does not exist\n" + if !$ids->{$remote}; + + my $delete_str = extract_param($param, 'delete'); + die "no options specified\n" + if !$delete_str && !scalar(keys %$param); + + foreach my $opt (PVE::Tools::split_list($delete_str)) { + if ($opt eq 'password') { + PVE::PBSTools::pbs_delete_password($remote); + } elsif ($opt eq 'encryption-key') { + PVE::PBSTools::pbs_delete_encryption_key($remote); + } + + delete $ids->{$remote}->{$opt}; + } + + if (defined(my $password = extract_param($param, 'password'))) { + PVE::PBSTools::pbs_set_password($remote, $password); + } + if (defined(my $encryption_key = extract_param($param, 'encryption-key'))) { + if ($encryption_key eq 'autogen') { + PVE::PBSTools::autogen_encryption_key($remote); + } else { + PVE::PBSTools::pbs_set_encryption_key($remote, $encryption_key); + } + $param->{'encryption-key'} = 1; + } + + my $remoteconfig = PMG::PBSConfig->check_config($remote, $param, 0, 1); + + foreach my $p (keys %$remoteconfig) { + $ids->{$remote}->{$p} = $remoteconfig->{$p}; + } + + $conf->write(); + }; + + PMG::PBSConfig::lock_config($code, "update PBS remote failed"); + + return undef; + }}); + +__PACKAGE__->register_method ({ + name => 'delete', + path => '{remote}', + method => 'DELETE', + description => "Delete an PBS remote", + permissions => { check => [ 'admin' ] }, + protected => 1, + proxyto => 'master', + parameters => { + additionalProperties => 0, + properties => { + remote => { + description => "Profile ID.", + type => 'string', format => 'pve-configid', + }, + } + }, + returns => { type => 'null' }, + code => sub { + my ($param) = @_; + + my $code = sub { + + my $conf = PMG::PBSConfig->new(); + my $ids = $conf->{ids}; + + my $remote = $param->{remote}; + + die "PBS remote '$remote' does not exist\n" + if !$ids->{$remote}; + + PVE::PBSTools::pbs_delete_password($remote); + PVE::PBSTools::pbs_delete_encryption_key($remote); + delete $ids->{$remote}; + + $conf->write(); + }; + + PMG::PBSConfig::lock_config($code, "delete PBS remote failed"); + + return undef; + }}); + +1; -- 2.20.1