acme-api: use create_secret_dir from product-config

Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
This commit is contained in:
Dietmar Maurer 2024-06-04 12:56:57 +02:00
parent cb971b402f
commit ccbef4be87

View File

@ -2,8 +2,7 @@ use std::path::{Path, PathBuf};
use anyhow::Error; use anyhow::Error;
use proxmox_sys::error::SysError; use proxmox_product_config::create_secret_dir;
use proxmox_sys::fs::CreateOptions;
struct AcmeApiConfig { struct AcmeApiConfig {
acme_config_dir: PathBuf, acme_config_dir: PathBuf,
@ -24,8 +23,8 @@ pub fn init<P: AsRef<Path>>(acme_config_dir: P, create_subdirs: bool) -> Result<
} }
if create_subdirs { if create_subdirs {
create_secret_subdir(self::acme_config_dir())?; create_secret_dir(self::acme_config_dir())?;
create_secret_subdir(acme_account_dir())?; create_secret_dir(acme_account_dir())?;
} }
Ok(()) Ok(())
@ -53,17 +52,4 @@ pub(crate) fn plugin_cfg_filename() -> PathBuf {
pub(crate) fn plugin_cfg_lockfile() -> PathBuf { pub(crate) fn plugin_cfg_lockfile() -> PathBuf {
acme_config_dir().join("plugins.lck") acme_config_dir().join("plugins.lck")
} }
fn create_secret_subdir<P: AsRef<Path>>(dir: P) -> nix::Result<()> {
let root_only = CreateOptions::new()
.owner(nix::unistd::ROOT)
.group(nix::unistd::Gid::from_raw(0))
.perm(nix::sys::stat::Mode::from_bits_truncate(0o700));
match proxmox_sys::fs::create_dir(dir, root_only) {
Ok(()) => Ok(()),
Err(err) if err.already_exists() => Ok(()),
Err(err) => Err(err),
}
}