2992 Commits

Author SHA1 Message Date
Thomas Lamprecht
08cee13c03 rrd: do not log tree info-level messages on applying journal
That's rather excessive and has not much value for users. So degrade
two of the messages to debug-level.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-25 17:43:56 +01:00
Thomas Lamprecht
9f135cf16e time: run cargo fmt
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-25 17:20:01 +01:00
Thomas Lamprecht
cc85a72391 rest-server: bump version to 0.8.4-1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-25 17:16:16 +01:00
Gabriel Goller
34e307461b rest-server: add custom handlebars escape fn
Add a custom handlebars escape function. It's nearly identical to the
default `html_escape` fn [0], but it does not escape the '='. This is
needed to support base64 encoded values.

[0]: https://docs.rs/handlebars/latest/handlebars/fn.html_escape.html

Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
 [ TL: use full width for comment ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-25 16:34:30 +01:00
Wolfgang Bumiller
072ca695f5 README: describe [patch.crates-io] and sysext workflow
For how to work on the crates in this workspace while actually working
on a separate project without having to constantly reinstall `.deb`
files.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-11-19 14:08:34 +01:00
Wolfgang Bumiller
2f25debee6 buildsys: clean old sysext dir before installing
So version bumps don't getted mixed into previous builds.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-11-19 13:58:16 +01:00
Wolfgang Bumiller
96e76d7f72 client: use correct error for protocol errors
The 'Anyhow' error is not useful and meant for throw-away errors which
cannot be dealt with anyway, and we'd like to be able to tell apart
network problems from actual HTTP responses, so that we can
potentially try a different node in a cluster connection.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-11-19 13:41:09 +01:00
Thomas Lamprecht
c01318d966 log: bump version to 0.2.6
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-19 11:33:11 +01:00
Thomas Lamprecht
1e7c0fc3ac rest-server: bump version to 0.8.3-1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-15 11:28:04 +01:00
Thomas Lamprecht
9529f730e0 rest-server: drop log intended for debugging again
I considered keeping it as log::trace level, but IMO that's just not
worth it, as just the peek_len is not giving one much more and can
also be basically also gathered through strace.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-15 10:29:33 +01:00
Thomas Lamprecht
1539bc1ce3 rest-server: bump version to 0.8.2-1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-14 14:39:19 +01:00
Dominik Csapak
dc9531d302 fix #5868: rest-server: handshake detection: avoid infinite loop on connections abort
When a connection is closed by the client before we have enough data
to determine if it contains a TLS Handshake or not, the socket stays
in a readable state.
While we setup a tokio backed timeout of 10s for the connection
build-up here, this timeout does not trigger on said early connection
abort from the client side, causing then the async_io loop to
endlessly loop around peeking into the client, which always returns
the last available bytes before the connection was closed. This in
turn causes 100% CPU usage for one of the PBS threads.
The timeout not triggering is rather odd, and does indicate some
potential for further improvement in tokio itself, but our
questionable use of the WouldBlock error does violate the API
contract, so this is not a clear cut.

Such an early connection abort is often triggered by monitoring
solutions, which use it to relatively cheaply check if TCP on a port
still works as "is service up" heuristic.

To fix this, save the amount of bytes peek returned and if they did
not change between invocations of the callback, we can assume that the
connection was closed and thus exit the connection attempt with an
error.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 [ TL: reword commit message and change error to ConnectionAborted ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-14 14:31:47 +01:00
Thomas Lamprecht
f22fae3852 apt: bump version to 0.11.5-1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-11 21:10:23 +01:00
Thomas Lamprecht
fd48033644 apt: add Ceph Squid to standard repos for PVE
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-11 21:08:10 +01:00
Thomas Lamprecht
2cc7eadb45 notify: bump version to 0.5.0-1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-10 18:58:59 +01:00
Lukas Wagner
64943d0a3c notify: add api for webhook targets
All in all pretty similar to other endpoint APIs.
One thing worth noting is how secrets are handled. We never ever
return the values of previously stored secrets in get_endpoint(s)
calls, but only a list of the names of all secrets. This is needed
to build the UI, where we display all secrets that were set before in
a table.

For update calls, one is supposed to send all secrets that should be
kept and updated. If the value should be updated, the name and value
is expected, and if the current value should preseved, only the name
is sent. If a secret's name is not present in the updater, it will be
dropped. If 'secret' is present in the 'delete' array, all secrets
will be dropped, apart from those which are also set/preserved in the
same update call.

Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-By: Stefan Hanreich <s.hanreich@proxmox.com>
2024-11-10 18:55:11 +01:00
Lukas Wagner
16260195b9 notify: implement webhook targets
This target type allows users to perform HTTP requests to arbitrary
third party (notification) services, for instance
ntfy.sh/Discord/Slack.

The configuration for these endpoints allows one to freely configure
the URL, HTTP Method, headers and body. The URL, header values and
body support handlebars templating to inject notification text,
metadata and secrets. Secrets are stored in the protected
configuration file (e.g. /etc/pve/priv/notification.cfg) as key value
pairs, allowing users to protect sensitive tokens/passwords.
Secrets are accessible in handlebar templating via the secrets.*
namespace, e.g. if there is a secret named 'token', a body
could contain '{{ secrets.token }}' to inject the token into the
payload.

A couple of handlebars helpers are also provided:
  - url-encoding (useful for templating in URLs)
  - escape (escape any control characters in strings)
  - json (print a property as json)

In the configuration, the body, header values and secret values
are stored in base64 encoding so that we can store any string we want.

Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-By: Stefan Hanreich <s.hanreich@proxmox.com>
2024-11-10 18:55:11 +01:00
Lukas Wagner
0517d7b94e notify: renderer: adapt to changes in proxmox-time
A recent commit [1] changed the `Display` implementation of `TimeSpan` such
that minutes are now displayed as `20m` instead  of `20min`.
This commit adapts the tests for the notification template renderer
accordingly.

[1] 19129960 ("time: display minute/month such that it can be parsed again")

Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
2024-11-10 18:55:11 +01:00
Thomas Lamprecht
3817b3ba50 apt: bump version to 0.11.4
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-10 18:53:26 +01:00
Thomas Lamprecht
272953d72d apt: add support for Ceph Squid repositories
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-10 18:48:03 +01:00
Thomas Lamprecht
6158d53697 apt-api-types: bump version to 1.0.2
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-10 18:45:57 +01:00
Thomas Lamprecht
8e74afbca7 apt-api-types: add Ceph Squid as valid Proxmox APT repository handle
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-11-10 18:42:13 +01:00
Wolfgang Bumiller
0ea27021a2 rest-server: bump to 0.8.1-1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-11-08 12:09:53 +01:00
Wolfgang Bumiller
a092b06d9f rest-server: shorten some format strings
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-11-08 12:09:53 +01:00
Gabriel Goller
d8fa495a50 rest-server: check permissions on proxy.key and proxy.pem files
To avoid openssl's unhelpful error messages when the proxy.key or
proxy.pem files have the wrong permissions, we open the files. To load
the private key, we can simply read from the file and pass it to the
`set_private_key` openssl function. Sadly such a function does not exist
for loading certificate chains, so we have to open and close the file
before calling the `set_certificate_chain_file` fn.

Motivation: https://forum.proxmox.com/threads/proxmox-backup-tailscale-proxmox-backup-proxy-service-wont-boot.153204

Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
2024-11-08 12:09:53 +01:00
Wolfgang Bumiller
db69867d4d rest-server: pass cipher suite/list to acceptor
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Reviewed-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2024-11-08 12:09:53 +01:00
Dietmar Maurer
35c60f652b subscription: use correct debian release name
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2024-11-07 13:35:00 +01:00
Dietmar Maurer
996c86bb32 subscription: bump version to 0.5.0-1
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2024-11-07 13:19:13 +01:00
Dominik Csapak
ae55575f2a subscription: move most of the implmentation into impl feature
so we can use the types without having openssl, proxmox-sys, etc. as
dependencies.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2024-11-07 12:43:17 +01:00
Fabian Grünbichler
f96c0e6036 http: update d/control
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2024-10-30 12:20:36 +01:00
Lukas Wagner
e8e5c11c6a fix #5808: http: use native-tls instead of rustls for the sync client
In the reference Bugzilla entry, a certificate with an IP address as a
SAN was used. rustls seems to have problems with that [1].
Also, pretty much all of our code uses native-tls at the moment, so
it makes sense to not pull in a second TLS implementation.

Tested by rebuilding libpve-rs-perl and testing a Gotify notification
target with a self-signed TLS certificate (one that is accepted by
OpenSSL but not by rusttls).

[1] https://github.com/rustls/rustls/issues/184

Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
2024-10-30 12:19:56 +01:00
Fabian Grünbichler
f5e7f4ed7f proxmox-apt-api-types: use workspace excludes
else the `debian` dir is contained in the .crate archive, breaking the build..

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2024-10-23 13:29:22 +02:00
Thomas Lamprecht
ba3ee7a4db api-marcro: throw compiler error if description for enums is empty
A description is required for the API schema types and we fallback to
the rust doc-comment when no explicit one is set.
But a empty string was returned if no doc-comment existed, so check
for the comment to be non-empty and throw a compile-time error
otherwise.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-22 15:14:43 +02:00
Thomas Lamprecht
1c4467841d schema: property description: output indentation where its required
The wrap_text helper accepts and initial indentation, so use that as
central point to add the indentation that glues the list entry
together with its description.

Mostly a small optimization, should not matter in practice, i.e. where
all properties should have a description.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-22 14:51:19 +02:00
Thomas Lamprecht
bd1133fcd2 notify: add missing doc-comment description for api enums
this is used as description in the api schema

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-22 14:49:10 +02:00
Thomas Lamprecht
331fa7a732 apt-api-types: add missing doc-comment description for api enums
this is used as description in the api schema

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-22 14:48:47 +02:00
Gabriel Goller
1b70270b2d log: only print error level to syslog/stderr
We only want to print the error level, and not all the levels below
error to stderr/syslog.

Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
2024-10-18 18:28:37 +02:00
Thomas Lamprecht
21c314b56e schema: property description: switch format strings to inline template variables
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-18 17:37:30 +02:00
Thomas Lamprecht
b809d86d73 cli: format: switch some format strings to inline template variables
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-18 17:29:17 +02:00
Thomas Lamprecht
aa12dcbba0 time: bump version to 2.0.2-1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-17 16:16:56 +02:00
Thomas Lamprecht
44e7ca98cd time: add some simple unit tests for time span conversions
For starters, could definitively be expanded.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-17 14:23:27 +02:00
Thomas Lamprecht
17bf3ec9fe time: add module level docs for time span
There was basically no documentation at all, so try to document the
basic format syntax and where it comes from. The text is partially
adapted from the systemd docs.

Could be still expanded with some example code and the methods might
do good with getting some docs too, but those parts can be relatively
easily be figured out from the code itself, the basic underlying
design and format background is much harder to guess..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-17 14:23:27 +02:00
Thomas Lamprecht
191299605f time: display minute/month such that it can be parsed again
Previously we displayed, e.g., "4m 1h 1min", i.e. using "m" for months
and "min" for minutes but "m"  was not accepted as month when parsing
a timespan string, so a 4 month timespan would be printed "4m" but if
parsed again it would result in a timespan of 4 minutes.

So switch month to an uppercase "M" and minute to the lower case "m",
which makes renderings of common timespans nicer, as in most of our
use cases they are in the range of minutes to hours, sometimes days
but seldom longer than weeks. So using single letters for all but
"min" stuck out quite a bit, e.g.: "1h 5min 2s" looks odd compared to
"1h 5m 1s"

While the duplicate letter is not 100% ideal it's still better than
the status quo, where rendering and parsing would interpret things
differently.
Also, the order still makes it quite clear, e.g.:
"7m 2w 3d 1h 5min 44s" now becomes "7M 2w 3d 1h 5m 44s"

As a side effect this also brings the display format closer to what is
used inside PVE backup job taks logs.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-17 14:22:44 +02:00
Thomas Lamprecht
9ae91303fd time: switch to inline template variables
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-10-17 11:40:21 +02:00
Christian Ebner
67822186a2 time: drop trailing space when not showing seconds at end
Seconds are not displayed when the value is smaller than 0.1s and
they are not at the start of the display output, e.g. `1h 2m`.
Drop the additional whitespace currently appended for this edge case.

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
2024-10-17 10:38:53 +02:00
Wolfgang Bumiller
c76090b907 tfa: clean up unused 'use' statements
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-10-15 15:19:03 +02:00
Wolfgang Bumiller
11930517ef acme: bump to 0.5.3
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-10-03 09:52:46 +02:00
Wolfgang Bumiller
b52b3739be acme: deny(unsafe_code)
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-10-02 12:49:17 +02:00
Wolfgang Bumiller
f298ed6aec acme: detect base64 vs base64url encoded hmac keys
We do this in the PVE code as well.

Link: https://forum.proxmox.com/threads/acme-with-custom-acme-directory-doesnt-work.147058/
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-10-02 12:45:31 +02:00
Wolfgang Bumiller
c30169d08f tfa: bump d/control
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-10-01 12:51:04 +02:00