From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 8302794978 for ; Thu, 22 Feb 2024 15:53:47 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 5D388AF40 for ; Thu, 22 Feb 2024 15:53:17 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Thu, 22 Feb 2024 15:53:16 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 23F5A44B2A for ; Thu, 22 Feb 2024 15:53:16 +0100 (CET) Date: Thu, 22 Feb 2024 15:53:15 +0100 From: Stoiko Ivanov To: Dominik Csapak Cc: pmg-devel@lists.proxmox.com Message-ID: <20240222155315.4b588a0d@rosa.proxmox.com> In-Reply-To: <20240215115859.1878868-2-d.csapak@proxmox.com> References: <20240215115859.1878868-1-d.csapak@proxmox.com> <20240215115859.1878868-2-d.csapak@proxmox.com> X-Mailer: Claws Mail 4.1.1 (GTK 3.24.38; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.083 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: Re: [pmg-devel] [RFC PATCH pmg-api 2/2] api: proxy user bl/wl calls to master X-BeenThere: pmg-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Mail Gateway development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Feb 2024 14:53:47 -0000 Thanks for the patch! did not apply it for now, as the previous patch in this series fixes the introduction of new inconsistencies to the userpref-table (where the user wl/bl are stored) - so I'd like to keep the option for users who run into this to fix it manually on the node for a while) Recorded the patch on our internal docs for breaking changes to not forget it! On Thu, 15 Feb 2024 12:58:59 +0100 Dominik Csapak wrote: > if we don't do that, the non-master nodes would get updated (when logged > in there), but that change would never be synced back to the master. > > So to prevent diverging configs, proxy them all to master. > > The GET calls are also proxied, because if we don't do that, the user > might wonder why his change is not visible on the GUI right away. > > Signed-off-by: Dominik Csapak > --- > Sending only as RFC, because we now loose the ability to see what the > non-master nodes actually have in their db... > > src/PMG/API2/Quarantine.pm | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/src/PMG/API2/Quarantine.pm b/src/PMG/API2/Quarantine.pm > index a100e11..4eec64e 100644 > --- a/src/PMG/API2/Quarantine.pm > +++ b/src/PMG/API2/Quarantine.pm > @@ -229,6 +229,7 @@ __PACKAGE__->register_method ({ > name => 'whitelist', > path => 'whitelist', > method => 'GET', > + proxyto => 'master', > permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, > description => "Show user whitelist.", > parameters => { > @@ -258,6 +259,7 @@ __PACKAGE__->register_method ({ > name => 'whitelist_add', > path => 'whitelist', > method => 'POST', > + proxyto => 'master', > description => "Add user whitelist entries.", > permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, > protected => 1, > @@ -284,6 +286,7 @@ __PACKAGE__->register_method ({ > name => 'whitelist_delete_base', > path => 'whitelist', > method => 'DELETE', > + proxyto => 'master', > description => "Delete user whitelist entries.", > permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, > protected => 1, > @@ -311,6 +314,7 @@ __PACKAGE__->register_method ({ > name => 'blacklist', > path => 'blacklist', > method => 'GET', > + proxyto => 'master', > permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, > description => "Show user blacklist.", > parameters => { > @@ -340,6 +344,7 @@ __PACKAGE__->register_method ({ > name => 'blacklist_add', > path => 'blacklist', > method => 'POST', > + proxyto => 'master', > description => "Add user blacklist entries.", > permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, > protected => 1, > @@ -366,6 +371,7 @@ __PACKAGE__->register_method ({ > name => 'blacklist_delete_base', > path => 'blacklist', > method => 'DELETE', > + proxyto => 'master', > description => "Delete user blacklist entries.", > permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, > protected => 1,